mavant · December 29, 2015 01:28
diff --git a/gistfile1.phtml b/gistfile1.phtml
 <html>
 <head>
  <title>Dice Roller</title>
 </head>
 <body>
 <?php
 
 #first things first - if the user didn't specify a name, die.
 IF ($_POST['name'] != null){
 	#looks like they gave a name!
 	
 	#MySQL information and basic control variables
 	$flood_seconds = 15;
 	$max_rolls = 10;
 	$username="*********";
 	$password="*********";
 	$database="*********";
        $server="*********";
 	
 	#Connect to the database
 	mysql_connect($server,$username,$password);
 	@mysql_select_db($database) or die( "Unable to select database");
 	
 	#Get POSTed variables, plus IP of user and the current date
 	$name = mysql_real_escape_string($_POST['name']);
 	$sides = mysql_real_escape_string($_POST['sides']);
 	$reason = mysql_real_escape_string($_POST['reason']);
 	$link = mysql_real_escape_string($_POST['link']);
 	$times = mysql_real_escape_string($_POST['x']);
 	$userIP = $_SERVER[REMOTE_ADDR]; 
 	$DATE = date('Y-m-d H:i:s');
 	
 	#Make sure it's been at least $flood_seconds since the last recorded roll from this IP.
 	$query="SELECT * FROM rolls WHERE IP='$userIP' and date > CURRENT_TIMESTAMP() - INTERVAL $flood_seconds SECOND ";
 	$return= mysql_query($query) or die (mysql_error());
 
 	if (mysql_num_rows($return) > '0') {
 		#There's been a roll too recently to roll again, so tell the user how much longer they have to wait.
 		$previousdate = mysql_result($return, 0, date);
 		$query="SELECT UNIX_TIMESTAMP('$previousdate')";
 		$return= mysql_query($query) or die (mysql_error());
 		$remainingtime = $flood_seconds -( time() - mysql_result($return, 0));
 		die("Sorry! You can only roll once every $flood_seconds seconds. You have $remainingtime seconds remaining.");
 	}
 	
 	#Reset the database index - this only matters if the database has been manually edited.
 	$query="ALTER TABLE rolls AUTO_INCREMENT = 1";
 	$return = mysql_query($query) or die(mysql_error());
 	
 	#Make sure the rolls requested do not exceed the max, which they shouldn't unless someone has changed the submission page without changing this script, or someone has forged a submission request.
 	if ($times > $max_rolls){
 		$times = $max_rolls;
 		print("<h1>Rolls requested exceeded max allowed - contact an administrator, please; something is broken!</h1><br>");
 	}
 	
 	#Iterate through the roll-submit-print loop once for however many rolls were requested
 	while ($times > 0){
 		#Decrement the remaining dice to roll
 		$times--;
 		
 		#Once upon a time (PHP < 4.2.0), we had to seed the random number generator. Commented out when IX upgraded us to PHP5.
 		#srand((double)microtime()*(double)microtime()*1000000);  
 		
 		#Roll the bones (Well, you can stake that claim; good work is the key to good fortune... Sorry, I really like Rush.)
 		$result = rand(1, $sides);
 		
 		#Send the roll to the server.
 		$query="INSERT INTO `rolls` (`name`, `sides`, `result`, `date`, `link`, `reason`, `IP`) VALUES ('$name', '$sides','$result', '$DATE', '$link', '$reason', '$userIP')";
 		$return = mysql_query($query) or die(mysql_error());
 		
 		#Get the index of the roll just submitted..
 		$query="SELECT `index` FROM rolls WHERE `index`=LAST_INSERT_ID()";
 		$index=mysql_fetch_array(mysql_query($query));
 		$index=$index[0];
 
 		#Print out the roll just made with a link to the reference
 		print("<b>Date:</b> $DATE.<br>");
 		print("<b>Your Name:</b> $name.<br>");
 		print("<b>Your IP:</b> $userIP.<br>");
 		print("<b>Sides Rolled:</b> $sides.<br>");
 		print("<b>Result:</b> $result.<br>"); 
 		print("<b>Reason:</b> $reason.<br>"); 
 		print("<b>Link:</b> $link<br>");
 		print("<b>Index Number:</b> <a href=getRolls2.php?number=$index>$index</a><br>"); 
 		print("<br>");
 		
 	}
 	#Print closing line and clean up shop
 	print("Please hit the back button on your browser to return to the Dice Roller page, or click <a href=http://www.ninja-academy-online.com/dieroller.php>this link</a>.<br> To visit the page containing all the rolls made so far, in order, click <a href=getRolls.php> here</a>.");
 	mysql_close();
 } else {
 	#If we're here, then no name was submitted. Tell the user so.
 	print("Error! No user name was detected. This may be due to a bad link. To visit the Dice Roller page, click <a href=http://www.ninja-academy-online.com/dieroller.php>this link</a>. <br> To visit the page containing all the rolls made so far, in order, click <a href=getRolls.php> here</a>.");
 }
 ?>
 </body>
 </html>
	<html>
	<head>
	<title>Dice Roller</title>
	</head>
	<body>
	<?php

	#first things first - if the user didn't specify a name, die.
	IF ($_POST['name'] != null){
	#looks like they gave a name!

	#MySQL information and basic control variables
	$flood_seconds = 15;
	$max_rolls = 10;
	$username="*********";
	$password="*********";
	$database="*********";
	$server="*********";

	#Connect to the database
	mysql_connect($server,$username,$password);
	@mysql_select_db($database) or die( "Unable to select database");

	#Get POSTed variables, plus IP of user and the current date
	$name = mysql_real_escape_string($_POST['name']);
	$sides = mysql_real_escape_string($_POST['sides']);
	$reason = mysql_real_escape_string($_POST['reason']);
	$link = mysql_real_escape_string($_POST['link']);
	$times = mysql_real_escape_string($_POST['x']);
	$userIP = $_SERVER[REMOTE_ADDR];
	$DATE = date('Y-m-d H:i:s');

	#Make sure it's been at least $flood_seconds since the last recorded roll from this IP.
	$query="SELECT * FROM rolls WHERE IP='$userIP' and date > CURRENT_TIMESTAMP() - INTERVAL $flood_seconds SECOND ";
	$return= mysql_query($query) or die (mysql_error());

	if (mysql_num_rows($return) > '0') {
	#There's been a roll too recently to roll again, so tell the user how much longer they have to wait.
	$previousdate = mysql_result($return, 0, date);
	$query="SELECT UNIX_TIMESTAMP('$previousdate')";
	$return= mysql_query($query) or die (mysql_error());
	$remainingtime = $flood_seconds -( time() - mysql_result($return, 0));
	die("Sorry! You can only roll once every $flood_seconds seconds. You have $remainingtime seconds remaining.");
	}

	#Reset the database index - this only matters if the database has been manually edited.
	$query="ALTER TABLE rolls AUTO_INCREMENT = 1";
	$return = mysql_query($query) or die(mysql_error());

	#Make sure the rolls requested do not exceed the max, which they shouldn't unless someone has changed the submission page without changing this script, or someone has forged a submission request.
	if ($times > $max_rolls){
	$times = $max_rolls;
	print("<h1>Rolls requested exceeded max allowed - contact an administrator, please; something is broken!</h1><br>");
	}

	#Iterate through the roll-submit-print loop once for however many rolls were requested
	while ($times > 0){
	#Decrement the remaining dice to roll
	$times--;

	#Once upon a time (PHP < 4.2.0), we had to seed the random number generator. Commented out when IX upgraded us to PHP5.
	#srand((double)microtime()(double)microtime()1000000);

	#Roll the bones (Well, you can stake that claim; good work is the key to good fortune... Sorry, I really like Rush.)
	$result = rand(1, $sides);

	#Send the roll to the server.
	$query="INSERT INTO `rolls` (`name`, `sides`, `result`, `date`, `link`, `reason`, `IP`) VALUES ('$name', '$sides','$result', '$DATE', '$link', '$reason', '$userIP')";
	$return = mysql_query($query) or die(mysql_error());

	#Get the index of the roll just submitted..
	$query="SELECT `index` FROM rolls WHERE `index`=LAST_INSERT_ID()";
	$index=mysql_fetch_array(mysql_query($query));
	$index=$index[0];

	#Print out the roll just made with a link to the reference
	print("<b>Date:</b> $DATE.<br>");
	print("<b>Your Name:</b> $name.<br>");
	print("<b>Your IP:</b> $userIP.<br>");
	print("<b>Sides Rolled:</b> $sides.<br>");
	print("<b>Result:</b> $result.<br>");
	print("<b>Reason:</b> $reason.<br>");
	print("<b>Link:</b> $link<br>");
	print("<b>Index Number:</b> <a href=getRolls2.php?number=$index>$index</a><br>");
	print("<br>");

	}
	#Print closing line and clean up shop
	print("Please hit the back button on your browser to return to the Dice Roller page, or click <a href=http://www.ninja-academy-online.com/dieroller.php>this link</a>.<br> To visit the page containing all the rolls made so far, in order, click <a href=getRolls.php> here</a>.");
	mysql_close();
	} else {
	#If we're here, then no name was submitted. Tell the user so.
	print("Error! No user name was detected. This may be due to a bad link. To visit the Dice Roller page, click <a href=http://www.ninja-academy-online.com/dieroller.php>this link</a>. <br> To visit the page containing all the rolls made so far, in order, click <a href=getRolls.php> here</a>.");
	}
	?>
	</body>
	</html>