$reqLevel = $db->escape($_GET['level']);
// Requested level
if (is_numeric($_GET['level'])) {
// Check if the level has an URL mask. If it has an URL mask, it should appear instead of level number
$url_mask = $ts->getURLMask($curLevel);
if ($url_mask) {
header('Location: ' . SITE_URL . 'level/' . $url_mask . '/');
exit;
}
if ($reqLevel == 0 && $curLevel == 0) {
// Only Faceook users will be forced to like pages
if ($_SESSION['oauth_type'] == OAUTH_FACEBOOK) {
require DOCUMENT_ROOT . 'includes/html/event/facebook_likes.php';
exit;
} else {
$ts->upgradeLevel(1);
header('Location: ' . SITE_URL . 'level/' . $curLevel . '/');
exit;
}
} elseif ($reqLevel == 0 && $curLevel != 0) {
header('Location: ' . SITE_URL . 'level/' . $curLevel . '/');
exit;
}
} else {
// URL mask probably
if ($levelID = $ts->getLevel($reqLevel)) {
$reqLevel = $levelID;
} else {
//Random strng
header('Location: ' . SITE_URL . 'level/' . $curLevel . '/');
exit;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['answer']) && isset($_POST['level'])) {
$ts = new Treasherlocked($db);
if ($ts->getEventStatus() == EVENT_NOT_STARTED) {
$response->send404();
exit;
}
$level = $db->escape($_POST['level']);
if ($level == $ts->getCurrentLevel()) {
// Update attempts
$_SESSION['attempts'] = ++$_SESSION['attempts'];
$answer = preg_replace('/[\\s\\.\'\\",]+/i', '', strtolower($_POST['answer']));
$answer = sha1($answer);
if ($answer == $_SESSION['answer']) {
$time = date('Y-m-d H:i:s', time());
if ($db->insert('gameplay', array('user_id' => $_SESSION['user_id'], 'level' => $level, 'clear_time' => $time, 'attempts' => $_SESSION['attempts']))) {
$ts->upgradeLevel(++$_SESSION['level']);
if ($_SESSION['level'] > NO_OF_LEVELS) {
$response->finished();
}
$response->success();
$response->correctAnswer();
} else {
$response->error('ERR_DB_INSRT: Unexpected error!');
}
$response->send();
exit;
} else {
$response->success();
$response->correctAnswer(false);
$response->send();
exit;
