public static function clearDatabase()
{
apc_clear_cache();
$database = new DatabaseManager();
//$resource = $database->query("SELECT DATABASE()");
//$name = $resource->fetch_row()[0];
//$resource->close();
//make sure we don't accidentally load dummy data on live database
//to do: make sure this actually works
//if(strpos($name, "test" === false)) {
if (!$database->debug()) {
throw new Exception("Database may not be safe to run tests on");
}
//addon_addons, addon_boards, addon_tags, addon_tagmap, group_groups, group_usermap, addon_comments, addon_ratings
if (!$database->query("SET FOREIGN_KEY_CHECKS=0")) {
throw new Exception("Database error: " . $database->error());
}
if (!$database->query("DROP TABLE IF EXISTS addon_tagmap, addon_tags, addon_dependency,\n\t\t\taddon_addons, addon_boards, addon_comments, addon_ratings, addon_stats,\n\t\t\tusers, build_builds, build_dependency, build_stats, tag_stats, group_groups, group_usermap,\n\t\t\tstatistics, screenshots, build_screenshotmap, addon_screenshotmap")) {
throw new Exception("Database error: " . $database->error());
}
if (!$database->query("SET FOREIGN_KEY_CHECKS=1")) {
throw new Exception("Database error: " . $database->error());
}
apc_clear_cache();
}
public function testError()
{
TestManager::clearDatabase();
$database = new DatabaseManager();
$resource = $database->query("SELECT `garbage` FROM `thingthatdoesnotexist`");
$this->assertEquals(false, $resource);
$this->assertNotEquals("", $database->error());
}
public static function getAddons($page, $limit = 10)
{
$start = ($page - 1) * $limit;
$db = new DatabaseManager();
$res = $db->query("SELECT * FROM `rtb_addons` ORDER BY `title` ASC LIMIT {$start}, {$limit}");
echo $db->error();
$ret = array();
while ($obj = $res->fetch_object()) {
$ret[] = $obj;
}
return $ret;
}
public static function getAllBoards()
{
$ret = array();
$db = new DatabaseManager();
$res = $db->query("SELECT `id` FROM `addon_boards`");
if (!$res) {
throw new Exception("Error getting data from database: " . $db->error());
}
while ($obj = $res->fetch_object()) {
$ret[$obj->id] = BoardManager::getFromId($obj->id);
}
//improves performance with simultaneous connections
$res->close();
return $ret;
}
public static function addEntry($blid, $aid, $hash, $version, $beta = false, $date = null)
{
if ($date == null) {
$date = time();
}
$db = new DatabaseManager();
$res = $db->query($sq = "SELECT COUNT(*) FROM `stats_usage` WHERE `blid`='" . $db->sanitize($blid) . "' AND `aid`='" . $db->sanitize($aid) . "' AND `hash`='" . $db->sanitize($hash) . "' ");
$ret = $res->fetch_row();
if (!isset($ret[0]) || $ret[0] == 0) {
$res = $db->query($sq = "INSERT INTO `stats_usage` (`blid`, `aid`, `hash`, `version`, `beta`, `reported`) VALUES (\n '" . $db->sanitize($blid) . "',\n '" . $db->sanitize($aid) . "',\n '" . $db->sanitize($hash) . "',\n '" . $db->sanitize($version) . "',\n '" . ($beta ? 1 : 0) . "',\n '" . $db->sanitize(date("Y-m-d H:i:s", $date)) . "')");
} else {
$db->update("stats_usage", ["blid" => $blid, "aid" => $aid, "hash" => $hash], ["version" => $version, "beta" => $beta ? 1 : 0, "reported" => date("Y-m-d H:i:s")]);
}
if ($error = $db->error()) {
return array("status" => "error", "error" => $error);
} else {
return true;
}
}
$branchId["stable"] = 1;
$branchId["unstable"] = 2;
$branchId["development"] = 3;
$file["stable"] = $res->file_stable;
$versionData = array();
foreach ($file as $branch => $fid) {
if ($fid != 0) {
$version = new stdClass();
$fileRes = $mysql->query("SELECT * FROM `addon_files` WHERE `id`='" . $fid . "'");
$hash = $fileRes->fetch_object()->hash;
$oldfile = $dir . $hash . ".zip";
$bid = $branchId[$branch];
echo "Uploading {$oldfile} to AWS as {$res->id}_{$bid}.zip";
//AWSFileManager::upload("addons/{$res->id}_{$bid}", $oldfile);
AWSFileManager::uploadNewAddon($res->id, $bid, $res->filename, $oldfile);
$updateRes = $mysql->query("SELECT *\nFROM `addon_updates`\nWHERE `aid` = '" . $aid . "'\nAND `branch`='" . $bid . "' ORDER BY `time` DESC\nLIMIT 0 , 1");
if ($updateRes->num_rows == 0) {
$version->version = "0.0.0";
$version->restart = "0.0.0";
} else {
$obj = $updateRes->fetch_object();
$version->version = $obj->version;
$version->restart = $obj->version;
//not worth it
}
$versionData[$branch] = $version;
}
}
$db->query($sql = "INSERT INTO `addon_addons` (`id`, `board`, `blid`, `name`, `filename`, `description`, `version`, `authorInfo`, `reviewInfo`, `deleted`, `approved`, `uploadDate`) VALUES " . "('" . $db->sanitize($res->id) . "'," . "NULL," . "'" . $db->sanitize($res->author) . "'," . "'" . $db->sanitize($res->name) . "'," . "'" . $db->sanitize($res->filename) . "'," . "'" . $db->sanitize($res->description) . "'," . "'" . $db->sanitize($versionData['stable']->version) . "'," . "'" . $db->sanitize(json_encode($authorDat)) . "'," . "''," . "'0'," . "'0'," . "CURRENT_TIMESTAMP);");
echo $db->error();
public static function getRecentUpdates($time = null)
{
if ($time == null) {
$time = 60 * 24 * 7;
}
$db = new DatabaseManager();
$res = $db->query("SELECT * FROM `addon_updates` WHERE `submitted` > now() - INTERVAL " . $db->sanitize($time) . " MINUTE AND `approved`=1 ORDER BY `submitted` DESC");
echo $db->error();
$arr = array();
while ($obj = $res->fetch_object()) {
$arr[] = new AddonUpdateObject($obj);
}
return $arr;
}
<table class="commenttable">
<tbody>
<?php
//This page is designed to be requested by ajax
//I also want it to be possible to request this content in-game.
//In the future the file that actually interacts with the database should be in /private/class, while this one processes get requests and formats data
require_once realpath(dirname(__DIR__) . "/private/class/DatabaseManager.php");
$database = new DatabaseManager();
//the "and `verified` = 1 can be deleted if we decide to force blid database entries to be unique
$result = $database->query("SELECT * FROM `addon_comments` WHERE `blid` = '" . $database->sanitize($_GET['blid']) . "' AND `verified` = 1");
if (!$result) {
echo "Database error: " . $database->error();
} else {
if ($result->num_rows == 0) {
echo "<tr style=\"vertical-align:top\">";
echo "<td colspan=\"2\" style=\"text-align: center;\">";
echo "There are no comments here yet.";
echo "</td></tr>";
} else {
require_once realpath(dirname(__DIR__) . "/private/class/UserHandler.php");
while ($row = $result->fetch_object()) {
$user = UserManager::getFromId($row->uid);
echo "<tr style=\"vertical-align:top\">";
echo "<td style=\"width: 150px;\">";
echo "<a href=\"/user/view.php?id=" . $user->getID() . "\">" . utf8_encode($user->getUsername()) . "</a>";
//Not sure where administrator status is stored. My guess is 'groups' but I can't be certain.
//At any rate, we should probably go and rethink the database tables for long term use.
echo "<br /><span style=\"font-size: .8em;\">" . $user->getBLID() . "<br />Administrator?</span>";
echo "</td><td>";
echo utf8_encode($row->comment);
echo "</td></tr>";
public static function register($email, $password1, $password2, $blid)
{
//if(!AccountManager::validUsername($username)) {
// return [
// "message" => "Invalid username provided. You may only use up to 20 characters."
// ];
//}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
return ["message" => "Invalid e-mail address"];
}
if ($password1 !== $password2) {
return ["message" => "Your passwords do not match."];
}
if (strlen($password1) < 4) {
return ["message" => "Your password must be at least 4 characters"];
}
$blid = trim($blid);
if (!is_numeric($blid)) {
return ["message" => "INVALID BL_ID"];
}
$loginDetails1 = AccountManager::getLoginDetailsFromBLID($blid);
$loginDetails2 = AccountManager::getLoginDetailsFromEmail($email);
if ($loginDetails1) {
return ["message" => "That BL_ID is already in use!"];
} else {
if ($loginDetails2) {
return ["message" => "That E-mail address is already in use."];
}
}
$database = new DatabaseManager();
//AccountManager::verifyTable($database);
$intermediateSalt = md5(uniqid(rand(), true));
$salt = substr($intermediateSalt, 0, 6);
$hash = hash("sha256", $password1 . $salt);
//long if statement because oh well
//I am assuming 'groups' is a json array, so by default it is "[]"
if ($database->query("INSERT INTO users (password, salt, blid, email, groups, username) VALUES ('" . $database->sanitize($hash) . "', '" . $database->sanitize($salt) . "', '" . $database->sanitize($blid) . "', '" . $database->sanitize($email) . "', '" . $database->sanitize("[]") . "', '" . $database->sanitize("Blockhead" . $blid) . "')")) {
//$_SESSION['justregistered'] = 1;
//header("Location: " . $redirect);
//I think this is the only way to do a redirect containing post information
//echo("<!doctype html><head><meta charset=\"utf-8\"></head><body>");
//echo("<form class=\"hidden\" action=\"/login.php\" name=\"redirectForm\" method=\"post\">");
//echo("<input type=\"hidden\" name=\"redirect\" value=\"" . htmlspecialchars($redirect) . "\">");
//echo("<input type=\"hidden\" name=\"justregistered\" value=\"1\">");
//echo("<input type=\"submit\" value=\"Click here if your browser does not automatically redirect you\">");
//echo("</form>");
//echo("<script language=\"JavaScript\">document.redirectForm.submit();</script>");
//echo("</body></html>");
//die();
return ["redirect" => "/login.php"];
} else {
throw new Exception("Error adding new user into databse: " . $database->error());
}
}
public static function register($email, $password1, $password2, $blid)
{
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
return ["message" => "Invalid e-mail address"];
}
if ($password1 !== $password2) {
return ["message" => "Your passwords do not match."];
}
if (strlen($password1) < 4) {
return ["message" => "Your password must be at least 4 characters."];
}
$blid = trim($blid);
if (!is_numeric($blid)) {
return ["message" => "INVALID BL_ID"];
}
$loginDetails1 = UserManager::getLoginDetailsFromBLID($blid);
$loginDetails2 = UserManager::getLoginDetailsFromEmail($email);
if ($loginDetails1) {
return ["message" => "That BL_ID is already in use! Contact administration if you believe this is a mistake."];
} else {
if ($loginDetails2) {
return ["message" => "That E-mail address is already in use."];
}
}
$database = new DatabaseManager();
$intermediateSalt = md5(uniqid(rand(), true));
$salt = substr($intermediateSalt, 0, 6);
$hash = hash("sha256", $password1 . $salt);
//long if statement because oh well
//I am assuming 'groups' is a json array, so by default it is "[]"
if ($database->query("INSERT INTO users (password, salt, blid, email, username) VALUES ('" . $database->sanitize($hash) . "', '" . $database->sanitize($salt) . "', '" . $database->sanitize($blid) . "', '" . $database->sanitize($email) . "', '" . $database->sanitize("Blockhead" . $blid) . "')")) {
return ["redirect" => "/login.php"];
} else {
throw new Exception("Error adding new user into database: " . $database->error());
}
}
