16) { echo "

Error: Ban ID cannot be longer than 16 characters

"; $error=true; } if (strlen($banid) < 16) { echo "

Error: Ban ID cannot be shorter than 16 characters

"; $error=true; } if (preg_match("#[^][A-Za-z0-9]#", $banid)) { echo "

Error: Ban ID contains invalid characters

"; $error=true; } if (strlen($banreason) > 100) { echo "

Error: Ban reason cannot be longer than 100 characters

"; $error=true; } if (strlen($whyunban) > 2000) { echo "

Error: Why do you think you should be unbanned cannot be longer than 2000 characters

"; $error=true; } if (!$error) { ini_set('display_errors',1); error_reporting(E_ALL | E_STRICT); // webbanappeal has read-only access to bans table, nothing else. It can only be accessed in localhost. Publishing password to git is fine. $con = mysqli_connect("localhost","webbanappeal","UpUOZhRf5WLAy920wbDqyAKLySHl677juGgL","friends"); if (!$con) { echo "

Failed to connect to database: " . mysqli_connect_error(); echo "

"; $error=true; } else { echo "

SUCCESS

"; } $sanitized_banid = mysqli_real_escape_string($con, $banid); if ($result = mysqli_query($con, "SELECT `banid` FROM `bans` WHERE `banid` = '$sanitized_banid'")) { if (mysqli_num_rows($result) == 0) { echo "

Error: There is no ban with the specified ban ID. Did you enter it correctly?

"; $error=true; } else { // Free result set mysqli_free_result($result); } } mysqli_close($con); } //must not be else if, as error variable may be set above if ($error) { echo "

"; } else { echo "

Opening your ban appeal...

"; $newcontent = file_get_contents("/var/www/html/template/index.html"); $newcontent=str_replace("Replace this line", "

Ban Appeal

Ban ID
$banid

Ban Reason
$banreason

Why do you think you should be unbanned?
$whyunban

Staff Reply

None yet.

", $newcontent); if (!file_exists("/var/www/html/appeal/view/$banid.html")) { $handle = fopen("/var/www/html/appeal/view/$banid.html","w+"); fwrite($handle,$newcontent); fclose($handle); } echo ""; } ?>