Fix up tokens.cgi, thanks Pat Avery

This commit is contained in:
Neale Pickett 2015-06-03 15:42:03 -06:00
parent 65c1fa83fd
commit e2d7f5abbe
1 changed files with 5 additions and 5 deletions

View File

@ -8,9 +8,6 @@ local koth = require "koth"
local team = cgi.fields['t'] or "" local team = cgi.fields['t'] or ""
local token = cgi.fields['k'] or "" local token = cgi.fields['k'] or ""
-- Defang category name; prevent directory traversal
category = category:gsub("[^A-Za-z0-9]", "-")
-- Check answer -- Check answer
local needle = token local needle = token
local haystack = koth.path("tokens.txt") local haystack = koth.path("tokens.txt")
@ -20,12 +17,15 @@ if (not found) then
koth.page("Unrecognized token", err) koth.page("Unrecognized token", err)
end end
local category, points = token.match("^(.*):(.*):") local category, points = token:match("^(.*):(.*):")
if ((category == nil) || (points == nil)) then if ((category == nil) or (points == nil)) then
koth.page("Unrecognized token", "Something doesn't look right about that token") koth.page("Unrecognized token", "Something doesn't look right about that token")
end end
points = tonumber(points) points = tonumber(points)
-- Defang category name; prevent directory traversal
category = category:gsub("[^A-Za-z0-9]", "-")
local ok, err = koth.award_points(team, category, points, token) local ok, err = koth.award_points(team, category, points, token)
if (not ok) then if (not ok) then
koth.page("Error awarding points", koth.page("Error awarding points",