The following files exists in this folder. Click to view.
create_match.php32 lines UTF-8 Unix (LF)
<?php
session_start();
require_once('databaseconnection.php');
include('functions.php');
include('check_login.php');
validateladdertime($_GET['defenderId'], 'yes');
//Tar allt nödvändigt från formuläret
$challengerId = $_GET['challengerId'];
$defenderId = $_GET['defenderId'];
$challengerpoints = (int)$_POST['matchpoints'];
$defenderpoints = (int)$_POST['matchpoints'];
$description = (isset($_POST['description']) && $_POST['description'] !== '') ? $_POST['description'] : NULL;
$description = htmlspecialchars($description, ENT_QUOTES, "UTF-8");
$matchdate = (isset($_POST['matchdate']) && $_POST['matchdate'] !== '' && $_POST['matchdate'] >= date('Y-m-d H:i:s')) ? $_POST['matchdate'] : NULL;
$status = 'request';
//lägger in i databasen
$sql = "INSERT INTO Matches (challengerId, defenderId, challengerpoints, defenderpoints, matchdate, status, description)
VALUES (:challengerId, :defenderId, :challengerpoints, :defenderpoints, :matchdate, :status, :description)";
$stm = $pdo->prepare($sql);
$stm->execute([
':challengerId' => $challengerId,
':defenderId' => $defenderId,
':challengerpoints' => $challengerpoints,
':defenderpoints' => $defenderpoints,
':matchdate' => $matchdate,
':status' => $status,
':description' => $description
]);
header('location: home.php?openladder='.$_GET['ladderId'].'');
exit();
?>