6 || die('bad token'); // Other parameters. $_save = $_GET['save'] ?? ''; $_delete = $_GET['delete'] ?? ''; $_weight = $_GET['weight'] ?? ''; $_email = $_GET['email'] ?? ''; $_oldemail = $_GET['oldemail'] ?? ''; $_stats_apikey = $_GET['stats_apikey'] ?? ''; $_terms = $_GET['terms'] ?? ''; require_once __DIR__ . '/../config.php'; $dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass"); $dbh || die('Error in connection: ' . pg_last_error()); $sql = 'SELECT domain,email,token,tokenexpire,stats_apikey,weight,terms FROM pods WHERE domain = $1'; $result = pg_query_params($dbh, $sql, [$_domain]); $result || die('Error in SQL query: ' . pg_last_error()); while ($row = pg_fetch_array($result)) { $row['token'] === $_token || die('token not a match'); $row['tokenexpire'] >= date('Y-m-d H:i:s', time()) || die('token expired'); //delete pod if ($_delete === $row['token']) { $sql = 'DELETE FROM pods WHERE domain = $1'; $result = pg_query_params($dbh, $sql, [$_domain]); $result || die('Error in SQL query: ' . pg_last_error()); die('pod removed from DB'); } //save and exit if ($_save === $row['token']) { $_weight <= 10 || die('10 is max weight'); $sql = 'UPDATE pods SET email = $1, stats_apikey = $2, weight = $3, terms = $4 WHERE domain = $5'; $result = pg_query_params($dbh, $sql, [$_email, $_stats_apikey, $_weight, $_terms, $_domain]); if (!$result) { die('Error in SQL query: ' . pg_last_error()); } $to = $_email; $subject = 'Edit notice from poduptime '; $message = 'Data for ' . $_domain . " Updated. If it was not you reply and let me know! \n\n"; $headers = "From: " . $adminemail . "\r\nCc:" . $adminemail . "," . $_oldemail . "\r\n"; @mail($to, $subject, $message, $headers); pg_free_result($result); pg_close($dbh); die('Data saved. Will go into effect on next hourly change'); } //form echo 'Authorized to edit ' . $_domain . ' until ' . $row['tokenexpire'] . '
'; echo '

'; echo '

'; }