-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconnect.game.php
81 lines (81 loc) · 3.41 KB
/
connect.game.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
<?PHP
define('CONFIG',true);
include 'config.php';
header("Content-Type: text/json");
if(!isset($_POST['password'])) $_POST['password']='';
$return = array(
"auth" => array(
"code" => "",
"id" => 0,
"spectate" => 0
),
"haspassword" => false,
"return" => "none"
);
$admin = $my_code;
if(!$admin){
$return = array(
"auth" => array(
"code" => "",
"id" => 0,
"spectate" => 0
),
"haspassword" => false,
"return" => "user"
);
die(json_encode($return));
}
$link->query("UPDATE `totd_names` SET `game` = NULL WHERE `code` = '".$admin."'");
$spectate = false;
if($_POST['spectate']=='1') $spectate = true;
$return['auth']['spectate'] = $spectate?'1':'0';
$return['haspassword'] = strlen($_POST['password'])>0;
if(strlen($_POST['game'])<=40 && !preg_match('/[^a-z_\-0-9]/i',$_POST['game'])){
$player_count = $link->query("SELECT * FROM `totd_auth` WHERE `game` = '".$_POST['game']."' AND `spectate` IS NULL")->num_rows;
$spectator_limit = $link->query("SELECT * FROM `totd_auth` WHERE `game` = '".$_POST['game']."' AND `spectate` = '1'")->num_rows;
if($game = $link->query("SELECT * FROM `totd_games` WHERE `game_id` = '".$_POST['game']."'")){
$game = $game->fetch_array();
$return['auth']['id'] = $game['game_id'];
if($auth = $link->query("SELECT * FROM `totd_auth` WHERE `user` = '".$admin."' && `game` = '".$game['game_id']."'")){
$auth = $auth->fetch_array();
if($auth['id'] && (($auth['spectate'] && !$spectate) || (!$auth['spectate'] && $spectate))){
$link->query("DELETE FROM `totd_auth` WHERE `id` = ".$auth['id']);
$auth['id'] = false;
}
if($auth['id']){
$return = array(
"auth" => array(
"code" => $auth['code'],
"id" => $game['game_id'],
"spectate" => $spectate?'1':'0'
),
"haspassword" => strlen($_POST['password'])>0,
"return" => "success"
);
}
}
if($return['auth']['code']) $return=$return;
else if(!$game['id']) $return['return']='none';
else if($game['ended']) $return['return']='ended';
else if($game['started'] && !$spectate) $return['return']='started';
else if($game['admin']==$admin) $return['return']='success';
else if($game['protected']){
if(strlen($_POST['password'])){
$return['return']=password_verify($_POST['password'],$game['password'])?'success':'password';
}else $return['return']='password';
}
else if($game['player_limit']<=$player_count && !$spectate) $return['return']='full';
else if($game['spectator_limit']<=$spectator_limit && $spectate) $return['return']='full';
else $return['return']='success';
}
if($return['return']=='success' && !$return['auth']['code']){
$link->query("UPDATE `totd_names` SET `game` = '".$game['game_id']."' WHERE `code` = '".$admin."'");
$link->query("INSERT INTO `ids` (`id`) VALUES (NULL)");
$auth_code = randomString(36) . $link->insert_id . randomString(36);
$link->query("INSERT INTO `totd_auth` (`id`,`user`,`game`,`code`,`spectate`,`active`) VALUES (NULL,'".$admin."','".$game['game_id']."','".$auth_code."',".($spectate?'"1"':'NULL').",".time().");");
$return['auth']['code'] = $auth_code;
$return['auth']['id'] = $game['game_id'];
}
}
die(json_encode($return));
?>