function checkBlacklist($details) { if ($_GET['scope']) { $dbManager = new DatabaseManager(); $room = $dbManager->getRoom($_GET['scope']); $whitelist = explode("\n", $room->whitelist); $blacklist = explode("\n", $room->blacklist); $artist = strtolower($details["artist"]); $name = strtolower($details["name"]); if (count($details)) { foreach ($whitelist as $term) { if (strlen($term) > 3 && trim($term)) { if (stristr($name, $term) or stristr($artist, $term)) { return true; } } } foreach ($blacklist as $term) { if (strlen($term) > 3 && trim($term)) { if (stristr($name, $term) or stristr($artist, $term)) { return false; } } } } } return true; }
*/ $ERR_INVALID = ['success' => false, 'reason' => 'scope: Room ID, q: backgrounds|blacklist|whitelist|host|admin|mute|ban|queue_ban']; if (!$_GET['q'] || !$_GET['scope']) { json_p($ERR_INVALID); } $scope = $_GET['scope']; $q = $_GET['q']; require_once "../autoload.php"; $dbManager = new DatabaseManager(); if (!$dbManager->validateScope($scope)) { json_p(['success' => false, 'reason' => "Invalid room name."]); } switch ($q) { case "blacklist": case "whitelist": $room = $dbManager->getRoom($scope); json_p(['success' => true, 'data' => $room->{$q}]); break; case "host": json_p($dbManager->getUsersMatchingPermissionLevel($scope, DatabaseManager::PERMISSION_LEVEL_ROOM_HOST)); break; case "admin": json_p($dbManager->getUsersMatchingPermissionLevel($scope, DatabaseManager::PERMISSION_LEVEL_ROOM_ADMIN)); break; case "mute": json_p($dbManager->getUsersMatchingPermissionLevel($scope, DatabaseManager::PERMISSION_LEVEL_ROOM_MUTED)); break; case "ban": json_p($dbManager->getUsersMatchingPermissionLevel($scope, DatabaseManager::PERMISSION_LEVEL_ROOM_BANNED)); break; case "queue_ban":
require_once '../autoload.php'; $user = Auth::user(); if (count($_GET) === 0 or !(isset($_GET['name']) && isset($_GET['description']))) { // header("Location: ".$config['app_link']); } else { $name = $_GET['name']; $description = $_GET['description']; $password = $_GET['password']; if (stristr($description, "<") or stristr($description, "/>")) { fail("< and > are disallowed for security reasons."); } if (stristr($name, "<") or stristr($name, "/>")) { fail("< and > are disallowed for security reasons."); } $clean_name = strtolower(str_replace(" ", "-", preg_replace("/[^0-9a-zA-Z ]/", "", $name))); if (strlen($clean_name) > 30) { fail("Room name is too long."); } if (strlen($clean_name) < 3) { fail("Room name is too short."); } $dbManager = new DatabaseManager(); if ($dbManager->getRoom($clean_name)) { fail("A room by that name already exists."); } if (count($rooms = $dbManager->getRoomsOwnedBy($user->id())) > 0) { fail("There is currently a limit of one room per account. You can see or delete your room <a href=\"javascript:joinRoom('" . $rooms[0]->id . "')\">here</a>."); } $dbManager->makeRoom($clean_name, $name, $description, $user->id(), $password); echo $_GET['callback'] . "(" . json_encode(array('success' => true, 'room_id' => $clean_name)) . ")"; }