Beispiel #1
0
 public function CreateTournament($request)
 {
     $mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']);
     if (!valid_id($mundane_id)) {
         return NoAuthorization();
     }
     logtrace("CreateTournament() :1", $request);
     $this->Tournament->clear();
     $this->Tournament->kingdom_id = $request['KingdomId'];
     $this->Tournament->park_id = $request['ParkId'];
     $this->Tournament->event_calendardetail_id = $request['EventCalendarDetailId'];
     $detail = new yapo($this->db, DB_PREFIX . 'event_calendardetail');
     $detail->event_calendardetail_id = $request['EventCalendarDetailId'];
     if ($detail->find()) {
         $this->Tournament->event_id = $detail->event_id;
     } else {
         if (valid_id($request['EventCalendarDetailId'])) {
             return InvalidParameter();
         }
     }
     $this->Tournament->name = $request['Name'];
     $this->Tournament->description = strip_tags($request['Description'], "<p><br><ul><li><b><i>");
     $this->Tournament->date_time = $request['When'];
     $this->Tournament->save();
     return Success($this->Tournament->tournament_id);
 }
Beispiel #2
0
 public function CreateEvent($request)
 {
     logtrace("CreateEvent()", $request);
     $log = '';
     $mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']);
     // Common event setup
     $this->event->clear();
     $this->event->kingdom_id = $request['KingdomId'];
     $this->event->park_id = $request['ParkId'];
     $this->event->mundane_id = $request['MundaneId'];
     $this->event->unit_id = $request['UnitId'];
     $this->event->name = $request['Name'];
     $this->event->modified = date('Y-m-d H:i:s');
     if (valid_id($request['MundaneId']) && !valid_id($request['UnitId'])) {
         $this->event->kingdom_id = 0;
         $this->event->park_id = 0;
         $this->event->unit_id = 0;
         $this->event->save();
     } else {
         if (valid_id($request['UnitId'])) {
             $this->event->kingdom_id = 0;
             $this->event->park_id = 0;
             $this->event->save();
         } else {
             if (valid_id($request['ParkId']) && valid_id($request['KingdomId']) && valid_id($mundane_id) && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_PARK, $request['ParkId'], AUTH_CREATE)) {
                 $park = new yapo($this->db, DB_PREFIX . 'park');
                 $park->clear();
                 $park->park_id = $request['ParkId'];
                 if ($park->find()) {
                     $this->event->mundane_id = 0;
                     $this->event->unit_id = 0;
                     $this->event->save();
                 } else {
                     return InvalidParameter(NULL, 'Problem processing request.');
                 }
             } else {
                 if (valid_id($request['KingdomId']) && valid_id($mundane_id) && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_KINGDOM, $request['KingdomId'], AUTH_CREATE)) {
                     $kingdom = new yapo($this->db, DB_PREFIX . 'kingdom');
                     $kingdom->clear();
                     $kingdom->kingdom_id = $request['KingdomId'];
                     if ($kingdom->find()) {
                         $this->event->park_id = 0;
                         $this->event->mundane_id = 0;
                         $this->event->unit_id = 0;
                         $this->event->save();
                     } else {
                         return InvalidParameter(NULL, 'Problem processing request.');
                     }
                 } else {
                     // Bailout without committing
                     return NoAuthorization();
                 }
             }
         }
     }
     Ork3::$Lib->heraldry->SetEventHeraldry($request);
     return Success($this->event->event_id);
 }
Beispiel #3
0
 public function LookupKingdomAward($request)
 {
     if (valid_id($request['KingdomAwardId'])) {
         $kingdomaward = new yapo($this->db, DB_PREFIX . 'kingdomaward');
         $kingdomaward->clear();
         $kingdomaward->kingdomaward_id = $request['KingdomAwardId'];
         $kingdomaward->find();
         return array($kingdomaward->award_id, $kingdomaward->kingdom_id);
     }
 }
Beispiel #4
0
function GetAttributeList($request)
{
    $response = array('Status' => ServiceErrorIds::FunctionUnimplemented, 'Error' => Unimplemented(), 'ComponentAttributeList' => array());
    if (!TokenIsSecure($request['SecureToken'])) {
        $response['Error'] = BadToken();
        $response['Status'] = $response['Error']['Code'];
        return $response;
    }
    $m = new yapo_mysql(DB_HOSTNAME, DB_DATABASE, DB_USERNAME, DB_PASSWORD);
    $y = new yapo($m, DB_PREFIX . 'cattribute');
    if ($y->find()) {
        do {
            $response['AttributeList'][] = array('AttributeId' => $y->cattribute_id, 'Name' => $y->attribute_name);
        } while ($y->next());
    }
    return $response;
}
Beispiel #5
0
 public function Park($name, $kingdom_id = null, $limit = null)
 {
     $park = new yapo($this->db, DB_PREFIX . 'park');
     $park->clear();
     $park->name = "%{$name}%";
     $park->name_term = 'like';
     if (is_numeric($kingdom_id)) {
         $park->kingdom_id = $kingdom_id;
     }
     $i = 0;
     if ($park->find(array('name'))) {
         $r = array();
         do {
             $r[$i++] = array('ParkId' => $park->park_id, 'KingdomId' => $park->kingdom_id, 'Name' => $park->name, 'Active' => $park->active);
             if (is_numeric($limit)) {
                 if ($limit == 0) {
                     break;
                 }
                 $limit--;
             }
         } while ($park->next());
         return $r;
     } else {
         return array();
     }
 }
Beispiel #6
0
 public function HasAuthority($mundane_id, $type, $id, $role)
 {
     logtrace("HasAuthority", [$mundane_id, $type, $id, $role]);
     if (valid_id($mundane_id) && (valid_id($id) || $type == AUTH_ADMIN)) {
     } else {
         if ($type == AUTH_ADMIN && valid_id($mundane_id)) {
         } else {
             return false;
         }
     }
     // Is Admin?
     $this->auth->clear();
     $this->auth->mundane_id = $mundane_id;
     $this->auth->role = AUTH_ADMIN;
     if ($this->auth->find() && $this->auth->size() > 0) {
         return true;
     }
     // Playing shenanigans
     if (0 == $id) {
         return false;
     }
     // Check for bans
     $this->mundane->clear();
     $this->mundane->mundane_id = $mundane_id;
     if (!$this->mundane->find()) {
         return false;
     } else {
         if ($this->mundane->penalty_box == 1) {
             return false;
         }
     }
     $this->auth->clear();
     $this->auth->mundane_id = $mundane_id;
     // Basic check -- does the user have direct access?
     // NOTE: Admin check here does not check for admin privileges per se, but for whether
     // 		an Admin Authorization request is avail (Admin == Admin)
     // 		For elevated privileges (Admin > Park|Kingdom|Event|Unit), the check is handled below
     switch ($type) {
         case AUTH_PARK:
             $this->auth->park_id = $id;
             break;
         case AUTH_KINGDOM:
             $this->auth->kingdom_id = $id;
             break;
         case AUTH_EVENT:
             $this->auth->event_id = $id;
             break;
         case AUTH_UNIT:
             $this->auth->unit_id = $id;
             break;
         case AUTH_ADMIN:
             $this->auth->role = AUTH_ADMIN;
             break;
         default:
             return false;
     }
     if ($this->auth->find() && $id != 0) {
         $sufficient = false;
         do {
             switch ($this->auth->role) {
                 case AUTH_EDIT:
                     $sufficient |= AUTH_EDIT == $role;
                 case AUTH_CREATE:
                     return true;
                 case AUTH_ADMIN:
                     return true;
             }
         } while ($this->auth->next());
         // Something matched, fly away my pretty!
         if ($sufficient) {
             return true;
         }
     }
     if ($type == AUTH_ADMIN) {
         return false;
     }
     // Upper-level authority check, we have to find the parents of
     // of the subject, and check their auths
     // !$sufficient is redundant, but I don't trust the next guy to hold the invariant
     if (!$sufficient && $type != AUTH_KINGDOM) {
         switch ($type) {
             case AUTH_PARK:
                 $park = new yapo($this->db, DB_PREFIX . 'park');
                 $park->clear();
                 $park->park_id = $id;
                 if ($park->find()) {
                     $id = $park->kingdom_id;
                     if ($this->HasAuthority($mundane_id, AUTH_KINGDOM, $id, $role)) {
                         return true;
                     }
                 }
                 break;
             case AUTH_EVENT:
                 $event = new yapo($this->db, DB_PREFIX . 'event');
                 $event->clear();
                 $event->event_id = $id;
                 if ($event->find()) {
                     if ($this->HasAuthority($mundane_id, AUTH_KINGDOM, $event->kingdom_id, $role) || $this->HasAuthority($mundane_id, AUTH_PARK, $event->park_id, $role) || ($event->mundane_id = $mundane_id)) {
                         return true;
                     }
                 }
                 break;
         }
     }
     return $sufficient;
 }
Beispiel #7
0
 public function RemoveAward($request)
 {
     logtrace("RemoveAward()", $request);
     $mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']);
     $awards = new yapo($this->db, DB_PREFIX . 'awards');
     $awards->clear();
     $awards->awards_id = $request['AwardsId'];
     if (valid_id($request['AwardsId']) && $awards->find()) {
         $mundane = $this->player_info($awards->mundane_id);
         if (valid_id($mundane_id) && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_PARK, $mundane['ParkId'], AUTH_EDIT)) {
             $awards->delete();
         } else {
             return NoAuthorization();
         }
     } else {
         return InvalidParameter();
     }
 }
Beispiel #8
0
 public function CreateUnit($request)
 {
     logtrace("CreateUnit()", $request);
     if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token'])) > 0) {
         $this->unit->clear();
         $this->unit->name = $request['Name'];
         $this->unit->type = $request['Type'];
         $this->unit->description = strip_tags($request['Description'], "<p><br><ul><li><b><i>");
         $this->unit->history = strip_tags($request['History'], "<p><br><ul><li><b><i>");
         $this->unit->url = $request['Url'];
         $this->unit->modified = date("Y-m-d H:i:s");
         $this->unit->save();
         $request['UnitId'] = $this->unit->unit_id;
         if (strlen($request['Heraldry']) > 0) {
             logtrace("CreateUnit() :2", $request);
             Ork3::$Lib->heraldry->SetUnitHeraldry($request);
         }
         if ($request['Anonymous'] && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_ADMIN, 0, AUTH_CREATE)) {
             return Success($request['UnitId']);
         }
         if ($this->unit->type == 'Company') {
             $mundane = new yapo($this->db, DB_PREFIX . 'mundane');
             $mundane->mundane_id = $mundane_id;
             $mundane->find();
             $mundane->company_id = $this->unit->unit_id;
             $mundane->save();
         }
         Ork3::$Lib->authorization->add_auth_h(['MundaneId' => $mundane_id, 'Type' => AUTH_UNIT, 'Id' => $this->unit->unit_id, 'Role' => AUTH_EDIT]);
         $request['MundaneId'] = $mundane_id;
         switch ($this->unit->type) {
             case 'Company':
                 $request['Role'] = 'captain';
                 break;
             case 'Household':
                 $request['Role'] = 'lord';
                 break;
             case 'Event':
                 $request['Role'] = 'organizer';
                 break;
         }
         $request['Title'] = 'Founder';
         $request['Active'] = 1;
         $this->add_member_h($request);
         return Success($request['UnitId']);
     } else {
         return NoAuthorization();
     }
 }
Beispiel #9
0
 public function fetch_account_pointers($type, $id)
 {
     $config = new yapo($this->db, DB_PREFIX . 'configuration');
     $config->clear();
     $config->type = ucfirst($type);
     $config->id = $id;
     $config->key = 'AccountPointers';
     if ($config->find()) {
         return json_decode($config->value, true);
     } else {
         return false;
     }
 }
Beispiel #10
0
 public static function get_configs($id, $type = CFG_KINGDOM)
 {
     global $DB;
     $config = new yapo($DB, DB_PREFIX . 'configuration');
     $config->clear();
     $config->type = $type;
     $config->id = $id;
     $response = [];
     if ($config->find()) {
         do {
             $response[$config->key] = ['ConfigurationId' => $config->configuration_id, 'Type' => $config->var_type, 'Key' => $config->key, 'Value' => json_decode(stripslashes($config->value)), 'UserSetting' => $config->user_setting, 'AllowedValues' => json_decode(stripslashes($config->allowed_values))];
         } while ($config->next());
     }
     return $response;
 }
Beispiel #11
0
</style>
</head>

<?php 
die;
function pre_print_r($array)
{
    echo "<pre>\n\n" . print_r($array, true) . "\n\n</pre>\n";
}
include_once '../config.php';
echo "<h1>Configure Import</h1>";
$WL = new yapo_mysql(DB_HOSTNAME, 'orkrecords_wlimport', DB_USERNAME, DB_PASSWORD);
$attendance = new yapo($WL, 'attendance');
$awards = new yapo($WL, 'awards');
$awardnames = new yapo($WL, 'awardnames');
$classes = new yapo($WL, 'classes');
$mundanes = new yapo($WL, 'mundanes');
$parks = new yapo($WL, 'parks');
$personas = new yapo($WL, 'personas');
$reconciled = new yapo($WL, 'reconciled');
$clear = array('account', 'application', 'application_auth', 'attendance', 'authorization', 'awardlimit', 'award', 'awards', 'bracket', 'bracket_officiant', 'class', 'class_reconciliation', 'configuration', 'credential', 'event', 'event_calendardetail', 'glicko2', 'kingdom', 'kingdomaward', 'log', 'match', 'mundane', 'officer', 'park', 'parkday', 'parktitle', 'participant', 'participant_mundane', 'seed', 'split', 'team', 'tournament', 'transaction', 'unit', 'unit_mundane');
$Attendance = new APIModel('Attendance');
/****************

First, empty the DB

****************/
echo "<h1>Empty Tables &amp; Prep Admin User</h1>";
foreach ($clear as $dbname) {
    echo "Empty table {$dbname} ... ";
    $DB->query('truncate table ' . DB_PREFIX . $dbname);
Beispiel #12
0
 public function SetKingdomParkTitles($request)
 {
     $response = [];
     if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token'])) > 0 && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_KINGDOM, $request['KingdomId'], AUTH_EDIT)) {
         $this->log->Write('Kingdom', $mundane_id, LOG_EDIT, $request);
         if (is_array($request['ParkTitles'])) {
             $parktitle = new yapo($this->db, DB_PREFIX . 'parktitle');
             foreach ($request['ParkTitles'] as $k => $title) {
                 switch ($title['Action']) {
                     case CFG_REMOVE:
                         $parktitle->clear();
                         $parktitle->parktitle_id = $title['ParkTitleId'];
                         if (valid_id($title['ParkTitleId']) && $parktitle->find()) {
                             if ($parktitle->kingdom_id != $request['KingdomId']) {
                                 $response['Status'] = NoAuthorization('You cannot edit the park titles of another kingdom.');
                                 return $response;
                             }
                             $parktitle->delete();
                         }
                         break;
                     case CFG_EDIT:
                         $parktitle->clear();
                         $parktitle->parktitle_id = $title['ParkTitleId'];
                         if (valid_id($title['ParkTitleId']) && $parktitle->find()) {
                             if ($parktitle->kingdom_id != $request['KingdomId']) {
                                 $response['Status'] = NoAuthorization('You cannot edit the park titles of another kingdom.');
                                 return $response;
                             }
                             $parktitle->title = strlen($title['Title']) ? $title['Title'] : $parktitle->title;
                             $parktitle->class = strlen($title['Class']) ? $title['Class'] : $parktitle->class;
                             $parktitle->minimumattendance = strlen($title['MinimumAttendance']) ? $title['MinimumAttendance'] : $parktitle->minimumattendance;
                             $parktitle->minimumcutoff = strlen($title['MinimumCutoff']) ? $title['MinimumCutoff'] : $parktitle->minimumcutoff;
                             $parktitle->period = strlen($title['Period']) ? $title['Period'] : $parktitle->period;
                             $parktitle->period_length = strlen($title['PeriodLength']) ? $title['PeriodLength'] : $parktitle->period_length;
                             $parktitle->save();
                         }
                         break;
                     case CFG_ADD:
                         $parktitle->clear();
                         $parktitle->kingdom_id = $request['KingdomId'];
                         $parktitle->title = $title['Title'];
                         $parktitle->class = $title['Class'];
                         $parktitle->minimumattendance = $title['MinimumAttendance'];
                         $parktitle->minimumcutoff = $title['MinimumCutoff'];
                         $parktitle->period = $title['Period'];
                         $parktitle->period_length = $title['PeriodLength'];
                         $parktitle->save();
                         break;
                 }
             }
         }
         $response = Success();
     } else {
         $response = NoAuthorization(null, $mundane_id);
     }
     return $response;
 }
Beispiel #13
0
<?php

die;
$DONOTWEBSERVICE = true;
include_once 'PlayerService.php';
global $DB;
$p = new yapo($DB, DB_PREFIX . 'mundane');
$p->given_name = 'admin';
if ($p->find()) {
    $p->mundane_id = null;
    $p->other_name = 'admin.p';
    $p->save();
}
Beispiel #14
0
 public function SetParkDetails($request)
 {
     logtrace("SetParkDetails", $request);
     $response = array();
     $this->park->clear();
     if (trimlen($request['Name']) > 0) {
         $this->park->name = trim($request['Name']);
         if ($this->park->find()) {
             if ($this->park->park_id != $request['ParkId']) {
                 return InvalidParameter('This park name already exists.');
             }
         }
     }
     $this->park->clear();
     $this->park->park_id = $request['ParkId'];
     if ($this->park->find()) {
         if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token'])) > 0 && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_PARK, $request['ParkId'], AUTH_EDIT)) {
             $this->log->Write('Park', $mundane_id, LOG_EDIT, $request);
             $this->park->modified = date("Y-m-d H:i:s", time());
             if (Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_KINGDOM, $this->park->kingdom_id, AUTH_EDIT)) {
                 $this->park->name = trimlen($request['Name']) == 0 ? $this->park->name : $request['Name'];
                 $this->park->abbreviation = trimlen($request['Abbreviation']) == 0 ? $this->park->abbreviation : $request['Abbreviation'];
                 $parktitle = new yapo($this->db, DB_PREFIX . 'parktitle');
                 $parktitle->clear();
                 if (isset($request['ParkTitleId']) && $request['ParkTitleId'] != $this->park->parktitle_id) {
                     $parktitle->parktitle_id = $request['ParkTitleId'];
                     if ($parktitle->find()) {
                         $this->park->parktitle_id = $request['ParkTitleId'];
                     }
                 }
                 $this->park->active = trimlen($request['Active']) == 0 ? $this->park->active : $request['Active'];
             }
             $address_change = false;
             if (isset($request['Address']) && ($this->park->address != $request['Address'] || trimlen($this->park->location) == 0)) {
                 $address_change = true;
             }
             $this->park->url = isset($request['Url']) ? $request['Url'] : $this->park->url;
             $this->park->address = isset($request['Address']) ? $request['Address'] : $this->park->address;
             $this->park->city = isset($request['City']) ? $request['City'] : $this->park->city;
             $this->park->province = isset($request['Province']) ? $request['Province'] : $this->park->province;
             $this->park->postal_code = isset($request['PostalCode']) ? $request['PostalCode'] : $this->park->postal_code;
             $this->park->directions = isset($request['Directions']) ? $request['Directions'] : $this->park->directions;
             $this->park->description = isset($request['Description']) ? $request['Description'] : $this->park->description;
             $this->park->map_url = isset($request['MapUrl']) ? $request['MapUrl'] : $this->park->map_url;
             $this->park->save();
             $this->park->clear();
             $this->park->park_id = $request['ParkId'];
             if ($this->park->find()) {
                 if ($address_change) {
                     if (isset($request['GeoCode']) && trimlen($request['GeoCode']) > 0) {
                         $this->park_geocode_h($request['GeoCode']);
                     } else {
                         $this->park_geocode_h();
                     }
                 }
                 $response = Success();
                 if ($request['KingdomId'] > 0 && $this->park->kingdom_id != $request['KingdomId']) {
                     // Seriously? You couldn't work it out somehow?
                     // AKA Blackspire Code, AKA Golden Plains Exception
                     if (Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_ADMIN, $request['KingdomId'], AUTH_ADMIN)) {
                         $this->park->kingdom_id = $request['KingdomId'];
                     } else {
                         $response = Warning('You do not have permissions to move this Park [' . $this->park->park_id . ', ' . $this->park->kingdom_id . '] to another Kingdom [' . $request['KingdomId'] . '].');
                     }
                 }
                 if (strlen($request['Heraldry'])) {
                     Ork3::$Lib->heraldry->SetParkHeraldry($request);
                 }
                 $this->park->save();
                 $response = Success($this->park->park_id);
             } else {
                 $response = InvalidParameter('ParkId could not be found.');
             }
         } else {
             $response = NoAuthorization('You do not have permissions to perform this action: ' . $mundane_id);
         }
     } else {
         $response = InvalidParameter('ParkId could not be found.');
     }
     return $response;
 }