$lotteryID = $_GET['lotteryID']; $leagueID = $_GET['leagueID']; $data = json_decode(file_get_contents('php://input'), true); if (isset($data['bowler_id'])) { $bowlerID = $data['bowler_id']; $price = 10; echo buyLoteryOfLeague($leagueID, $lotteryID, $bowlerID, $price); } else { echo listTicketsJackpot($leagueID, $lotteryID); } } else { json_encode(array("message" => "Incorrect credentials!")); } } if ($condition == 'lottery-draw') { list($flag, $id, $email) = login($auth_code); if ($flag) { $lotteryID = $_GET['lotteryID']; $leagueID = $_GET['leagueID']; $data = json_decode(file_get_contents('php://input'), true); if (isset($data['pin_count'])) { $pin_count = $data['pin_count']; echo recordRoll($leagueID, $lotteryID, $pin_count); //echo buyLoteryOfLeague($leagueID,$lotteryID,$bowlerID,$price); } else { echo drawTicket($leagueID, $lotteryID); } } else { json_encode(array("message" => "Incorrect credentials!")); } }
} if (notempty($_GET['extraParts'])) { $query .= "DHR.extraParts = :extraParts AND "; $antiInject[":extraParts"] = $_GET['extraParts']; } if (notempty($_GET['requestTime'])) { $query .= "DHR.requestTime >= :requestTime AND "; $sqlDate = $_GET['requestTime'] . " 00:00:00"; $antiInject[":requestTime"] = $sqlDate; } if (notempty($_GET['complete'])) { $query .= "DHR.complete = :complete AND "; $antiInject[":complete"] = $_GET['complete']; } $query = $query . " NULL IS NULL ORDER BY complete ASC, requestTime ASC"; /*DEBUG TEXT echo $query . "<br/><br/>"; foreach($antiInject as $thing) { echo $thing; } echo "<br/><br/>"; /*DEBUG TEXT*/ $ret = executeSQL_Safe_Manual($query, $dbConn, $antiInject); //SQLTable($ret, $keys); foreach ($ret as $a) { echo "<div style='display:inline-block'>"; drawTicket($a); echo "</div>"; echo " "; }