-
Notifications
You must be signed in to change notification settings - Fork 0
/
abuse.php
42 lines (33 loc) · 1.07 KB
/
abuse.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
<?php
require('./templates/header.php');
if (isset($_POST['submit']))
{
if (hash_equals($_SESSION['token'], $_POST['token']))
{
$quiz_id = $_POST['id'];
$sql = "UPDATE quizzes SET visibility = 3 WHERE id='$quiz_id'";
if (!mysqli_query($conn, $sql))
{
echo "Error: ".mysqli_error($conn);
}
// change token to avoid reloads or cross site abuse reports
$_SESSION['token'] = bin2hex(random_bytes(32));
}
else
{
// possible csrf or user reloading the page
header("location: 404.php");
}
}
else
{
header("location: 404.php");
}
?>
<div class="container my-5 py-5">
<div class="display-5 py-3 text-primary">Your report has been made note of anonymously</div>
<p class="lead my-5 text-muted">The quiz has been taken down for admin verification</p>
</div>
<?php
require('./templates/footer.php');
?>