diff options
| author | Patrick Davison <snapwilliam@gmail.com> | 2013-01-25 16:57:18 -0800 |
|---|---|---|
| committer | Patrick Davison <snapwilliam@gmail.com> | 2013-01-25 16:57:18 -0800 |
| commit | f83929347be13726a9e7728868c8120fdc86a188 (patch) | |
| tree | 831c95a98342f0c2ecb315898addc08419d8933c /pages/challenge.php | |
| parent | fed89ebc174dda0963856f992f6f9a26bbe1b182 (diff) | |
| download | pathery-f83929347be13726a9e7728868c8120fdc86a188.tar.xz | |
`challengeMaps` table added; start of the required code changes.
Diffstat (limited to 'pages/challenge.php')
| -rw-r--r-- | pages/challenge.php | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/pages/challenge.php b/pages/challenge.php index ceefebe..4e5c50c 100644 --- a/pages/challenge.php +++ b/pages/challenge.php @@ -80,24 +80,25 @@ if (!$accepted) { // return;
//}
-if(!isset($_GET["mapID"]))
+if(!isset($_GET["challengeMapID"]) OR !is_int($_GET["challengeMapID"] + 0))
{
redirectToChallengeListing();
return;
}
-$mapCode = loadMapCode($_GET["mapID"]);
+$mapCode = loadChallengeMapCode($_GET["challengeMapID"]);
if($mapCode === NULL)
{
redirectToChallengeListing();
return;
}
-// TODO: !! Sanitize mapid
-$mapID = $_GET["mapID"];
+$challengeMapID = $_GET["challengeMapID"] + 0;
+if (!is_int($challengeMapID))
+ return;
-$mapContent = displayMap(GenerateMapByCode($mapCode), $_GET["mapID"]);
-$challengeResultset = loadChallengesForMap($mapID, $userID);
+$mapContent = displayMap(GenerateMapByCode($mapCode), $_GET["challengeMapID"]);
+$challengeResultset = loadChallengesForMap($challengeMapID, $userID);
if($challengeResultset === NULL)
{
redirectToChallengeListing();
@@ -134,13 +135,13 @@ function displayChallenges($challengeResultset) echo '<div id="challenges_listing"><ul class="challenge_ulist">';
while($challenge = mysql_fetch_array($challengeResultset))
{
- $mapID = $_GET["mapID"];
+ $challengeMapID = $_GET["challengeMapID"];
$challengeId = $challenge["challengeID"];
if($challenge["dateSolved"] !== NULL)
$cssClass = "challenge_complete";
else
$cssClass = "challenge_incomplete";
- $loadSolutionString = "<a href='javascript:requestChallengeSolution(\"$mapID\", \"$challengeId\");'> Load this solution</a>";
+ $loadSolutionString = "<a href='javascript:requestChallengeSolution(\"$challengeMapID\", \"$challengeId\");'> Load this solution</a>";
echo "<li class='$cssClass' id='challenge_id_$challengeId'>" . getChallengeDisplayString($challenge) . " $loadSolutionString </li>";
}
echo "</ul></div></div>";
|