add/remove scripts behind .env password

3 months ago · c07d9f1c74
parent 829e882270
commit c07d9f1c74
3 changed files with 20 additions and 3 deletions
--- a/.env.example
+++ b/.env.example
@ -3,4 +3,5 @@ MYSQL_USER=
 MYSQL_PASSWORD=
 MYSQL_DATABASE=
 RIOT_API_KEY=
-UPDATE_LIMIT_MINUTES=
+UPDATE_LIMIT_MINUTES=
 ADMIN_KEY=
--- a/public/elotracker/add.php
+++ b/public/elotracker/add.php
@ -6,9 +6,17 @@ if (php_sapi_name() == 'cli') {
 	if (isset($argv[1])) {
 		parse_str($argv[1], $_GET);
 	}
 	if (isset($argv[2])) {
 		parse_str($argv[2], $_POST);
 	}
 }
 if (!isset($_POST["adminKey"]) || $_POST["adminKey"] != $_ENV["ADMIN_KEY"]){
 	echo "Forbidden";
 	die;
 }
 $tracker = new Tracker();
-if (!$tracker->add($_GET["gameName"], $_GET["tagLine"], $message)){
+if (!$tracker->add($_POST["gameName"], $_POST["tagLine"], $message)){
 	echo "Failure: ".$message;
 }
--- a/public/elotracker/remove.php
+++ b/public/elotracker/remove.php
@ -6,9 +6,17 @@ if (php_sapi_name() == 'cli') {
 	if (isset($argv[1])) {
 		parse_str($argv[1], $_GET);
 	}
 	if (isset($argv[2])) {
 		parse_str($argv[2], $_POST);
 	}
 }
 if (!isset($_POST["adminKey"]) || $_POST["adminKey"] != $_ENV["ADMIN_KEY"]){
 	echo "Forbidden";
 	die;
 }
 $tracker = new Tracker();
-if (!$tracker->remove($_GET["gameName"], $_GET["tagLine"], $message)){
+if (!$tracker->remove($_POST["gameName"], $_POST["tagLine"], $message)){
 	echo "Failure: ".$message;
 }