java
/
sector
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3D spaceshooter with online scoreboard, online demos, ship building. Now entirely defunct, but might be resurrected
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
16 MiB
 
 
Tag: Branch: Tree: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
sector/php-server/class.DbUtil.php

390 lines
9.9 KiB
Raw Permalink Blame History

<?php
class DbUtil{
public static function registerNewUser($name, $password, $email = "", $country = ""){
$name = mysql_real_escape_string($name);
$password = mysql_real_escape_string($password);
$country = mysql_real_escape_string($country);
$email = mysql_real_escape_string($email);
$result = self::query("SELECT COUNT(*) FROM `SECTOR_USERS` WHERE `name` = '$name';");
$rows=0;
list($rows) = mysql_fetch_row($result);
if($rows != 0){
XmlGen::error_exit("REGISTRATION_FAILED","Entered name is already taken.");
}
$uid = "";
while(true){
$uid = "U-".Util::uniqueString(12);
$result = self::query("SELECT COUNT(*) FROM `SECTOR_USERS` WHERE `uid` = '$uid' AND `removed` = '0';");
$row = mysql_fetch_row($result);
if($row[0] == 0) break;
}
$time = time();
self::query("
INSERT
INTO `SECTOR_USERS`
(`uid`,`name`,`password`,`email`,`reg_time`,`country`)
VALUES
('$uid','$name','$password','$email','$time','$country');
");
self::refreshLogin($uid);
exit();
}
/*
$_REQUEST["uid"],
$_REQUEST["name"],
$_REQUEST["password"],
$_REQUEST["email"],
$_REQUEST["country"]
*/
public static function deleteProfile($uid){
$u = mysql_real_escape_string($uid);
self::query("UPDATE `SECTOR_USERS` SET `removed`='1' WHERE `uid` = '$u' LIMIT 1;");
self::query("UPDATE `SECTOR_SCORES` SET `removed`='1' WHERE `uid` = '$u';");
// self::query("DELETE FROM `SECTOR_USERS` WHERE `uid` = '$u' LIMIT 1;");
// self::query("DELETE FROM `SECTOR_SCORES` WHERE `uid` = '$u';");
echo XmlGen::deleteMessage();
exit();
}
public static function modifyProfile($uid,$name,$password,$email,$country){
if($name == null && $password == null && $email == null && $country == null){
XmlGen::error_exit("INCOMPLETE_COMMAND","Nothing to change.");
}
$n = mysql_real_escape_string($name);
$u = mysql_real_escape_string($uid);
$result = self::query("SELECT COUNT(*) FROM `SECTOR_USERS` WHERE `name` = '$n' AND `uid` != '$u';");
$rows=0;
list($rows) = mysql_fetch_row($result);
if($rows != 0){
XmlGen::error_exit("NAME_NOT_UNIQUE");
}
$sql = "";
if($name != null){
$sql .= ",`name` = '".mysql_real_escape_string($name)."'";
}
if($password != null){
$sql .= ",`password` = '".mysql_real_escape_string($password)."'";
}
if($email == null) $email = "";
$sql .= ",`email` = '".mysql_real_escape_string($email)."'";
if($country == null) $country = "";
$sql .= ",`country` = '".mysql_real_escape_string($country)."'";
$sql = substr($sql,1);
self::query("
UPDATE `SECTOR_USERS`
SET $sql
WHERE `uid` = '$uid'
LIMIT 1;
");
self::refreshLogin($uid);
exit();
}
public static function logIn($name, $passwordHash){
$name = mysql_real_escape_string(trim($name));
$result = self::query("SELECT `uid`,`password` FROM `SECTOR_USERS` WHERE `name` = '$name' AND `removed` = '0';");
if(mysql_num_rows($result) == 0){
XmlGen::error_exit("LOGIN_FAILED","Bad name or password.");
}
$row = mysql_fetch_assoc($result);
$dbPwd = $row['password'];
$uid = $row['uid'];
// double hash with ugly salt!
if( Util::calcSecureHash($name,$dbPwd) != $passwordHash){
XmlGen::error_exit("LOGIN_FAILED","Bad name or password.");
}
self::refreshLogin($uid);
exit();
}
public static function isTokenValid($uid, $token){
$uid = mysql_real_escape_string($uid);
$result = self::query("SELECT `auth_token` FROM `SECTOR_USERS` WHERE `uid` = '$uid' AND `removed` = '0';");
if(mysql_num_rows($result) == 0){
return false; // bad UID
}
$row = mysql_fetch_array($result);
return $row[0] == $token;
}
public static function getInfo(){
$result = self::query("SELECT * FROM `SECTOR_INFO`;");
$entries = array();
while($row = mysql_fetch_row($result)){
$entries[$row[0]] = $row[1];
}
$version = $entries['VERSION_NUMBER']+0;
if($_REQUEST["VERSION"]<=$version){
// only publicly available releases are counted,
// not prepared ones with higher version number
// add to counter.
$midnight = strtotime('midnight');
$result = self::query("SELECT COUNT(*) FROM `SECTOR_COUNTER` WHERE `date` = '$midnight';");
$row = mysql_fetch_array($result);
if($row[0] == 0){
self::query("INSERT INTO `SECTOR_COUNTER`(`date`,`visits`) VALUES ('$midnight','1');");
}else{
self::query("UPDATE `SECTOR_COUNTER` SET `visits`=`visits`+1 WHERE `date` = '$midnight' LIMIT 1;");
}
}
echo XmlGen::infoTable($entries);
exit();
}
public static function getUsers(){
$result = self::query("SELECT `name`,`reg_time`,`country` FROM `SECTOR_USERS` WHERE `removed` = '0';");
$entries = array();
while($row = mysql_fetch_array($result)){
$entries[] = $row;
}
echo XmlGen::userList($entries);
exit();
}
public static function getLevels(){
$result = self::query("SELECT `value` FROM `SECTOR_INFO` WHERE `key` = 'LEVELS_PATH';");
$row = mysql_fetch_array($result);
$path = $row[0];
$result = self::query("SELECT `lid`,`title`,`filename`,`checksum`,`time` FROM `SECTOR_LEVELS` WHERE `removed` = '0';");
$entries = array();
while($row = mysql_fetch_array($result)){
$row[2] = $path.$row[2];
$entries[] = $row;
}
echo XmlGen::levelList($entries);
exit();
}
public static function getLevelScores($lid, $changeFlag = null, $lastRecord = null){
$lid = mysql_real_escape_string($lid);
$result = self::query("SELECT COUNT(*) FROM `SECTOR_LEVELS` WHERE `lid` = '$lid' AND `removed` = '0';");
$row = mysql_fetch_array($result);
$cnt = $row[0];
if($cnt==0) XmlGen::error_exit("NO_SUCH_LEVEL","No level with matching ID was found.");
$result = self::query("
SELECT
`SECTOR_USERS`.`name` AS `username`,
`SECTOR_SCORES`.`uid`,
`SECTOR_SCORES`.`time`,
`SECTOR_SCORES`.`score`
FROM `SECTOR_SCORES` JOIN `SECTOR_USERS`
WHERE
(`SECTOR_SCORES`.`uid` = `SECTOR_USERS`.`uid`)
AND (`lid`='$lid')
AND (`SECTOR_SCORES`.`removed` = '0')
ORDER BY `score` DESC, `time` DESC;
");
// username, uid, time, score
$entries = array();
while($row = mysql_fetch_array($result)){
$entries[] = $row;
}
echo XmlGen::scoreList($lid, $entries, $changeFlag, $lastRecord);
exit();
}
public static function submitScore($uid, $lid, $score){
$lid = mysql_real_escape_string($lid);
$uid = mysql_real_escape_string($uid);
$score = $score+0;
$result = self::query("SELECT COUNT(*) FROM `SECTOR_LEVELS` WHERE `lid` = '$lid' AND `removed` = '0';");
$row = mysql_fetch_array($result);
$cnt = $row[0];
if($cnt==0) XmlGen::error_exit("NO_SUCH_LEVEL","No level with matching ID was found.");
$result = self::query("SELECT COUNT(*) FROM `SECTOR_SCORES` WHERE `lid` = '$lid' AND `uid` = '$uid';");
$row = mysql_fetch_array($result);
$cnt = $row[0];
$time = time();
$change = "false";
$lastRecord = "-1";
if($cnt==0){
// INSERT
self::query("INSERT INTO `SECTOR_SCORES`(`uid`,`lid`,`time`,`score`) VALUES ('$uid','$lid','$time','$score');");
$change = "true";
}else{
$result = self::query("SELECT `score` FROM `SECTOR_SCORES` WHERE `lid` = '$lid' AND `uid` = '$uid';");
$row = mysql_fetch_array($result);
$scoreOld = $row[0];
$lastRecord = "$scoreOld";
if($scoreOld > $score){
}else{
// UPDATE
self::query("UPDATE `SECTOR_SCORES` SET `time`='$time', `score`='$score' WHERE `lid` = '$lid' AND `uid` = '$uid' LIMIT 1;");
if($scoreOld != $score) $change = "true";
}
}
self::getLevelScores($lid, $change, $lastRecord);
exit();
}
public static function refreshLogin($uid){
$token = Util::uniqueString(20);
self::query("
UPDATE `SECTOR_USERS`
SET `auth_token` = '$token'
WHERE `uid` = '$uid'
LIMIT 1;
");
$result = self::query("SELECT `name`,`email`,`reg_time`,`country` FROM `SECTOR_USERS` WHERE `uid` = '$uid';");
$row = mysql_fetch_assoc($result);
$name = $row["name"];
$email = $row["email"];
$reg_time = $row["reg_time"];
$country = $row["country"];
echo XmlGen::sessionInfo($uid, $token, $name, $email, $reg_time, $country);
}
public static function addLevel($title, $filename){
$result = self::query("SELECT COUNT(*) FROM `SECTOR_LEVELS` WHERE `filename` = '".mysql_real_escape_string($filename)."';");
$row = mysql_fetch_array($result);
$cnt = $row[0];
if($cnt>0) XmlGen::error_exit("LEVEL_ALREADY_ADDED");
$result = self::query("SELECT COUNT(*) FROM `SECTOR_LEVELS` WHERE `title` = '".mysql_real_escape_string($title)."';");
$row = mysql_fetch_array($result);
$cnt = $row[0];
if($cnt>0) XmlGen::error_exit("LEVEL_NAME_NOT_UNIQUE");
$result = self::query("SELECT `value` FROM `SECTOR_INFO` WHERE `key` = 'LEVELS_PATH_RELATIVE_TO_SERVER';");
$row = mysql_fetch_array($result);
$path = $row[0];
$result = self::query("SELECT `value` FROM `SECTOR_INFO` WHERE `key` = 'LEVELS_PATH';");
$row = mysql_fetch_array($result);
$apath = $row[0];
$fpath = $path.$filename;
if(!file_exists($fpath)){
XmlGen::error_exit("FILE_NOT_FOUND","Level file does not exist: ".$fpath);
}
if(substr($filename,strlen($filename)-4) != ".xml"){
XmlGen::error_exit("BAD_FILE_FORMAT", "Level file must be XML: ".$fpath);
}
// generate a LID
$lid = "";
while(true){
$lid = "L-".Util::uniqueString(9);
$result = self::query("SELECT COUNT(*) FROM `SECTOR_LEVELS` WHERE `lid` = '$lid';");
$row = mysql_fetch_row($result);
if($row[0] == 0) break;
}
$hash = md5_file($fpath);
$title = mysql_real_escape_string($title);
$filename = mysql_real_escape_string($filename);
$time = time();
self::query("
INSERT
INTO `SECTOR_LEVELS`
(`lid`,`title`,`filename`,`checksum`,`time`)
VALUES
('$lid','$title','$filename','$hash','$time');
");
echo XmlGen::levelAddedInfo($lid, $title, $apath.$filename, $hash, $time);
exit();
}
public static function query($q){
$res = mysql_query($q) or die(XmlGen::error("INTERNAL_ERROR", "DbError: ".mysql_error()));
return $res;
}
}