public function startNewGame()
 {
     if (XmlRequestValidator::isValidStartPendingGameRequest($this->requestData)) {
         $session = $this->requestData->body->session;
         $size = $this->requestData->body->size;
         if (safe_input::is_valid_session_hash($session) && safe_input::is_number($size) && $size > 1) {
             //chkec if the session hash exists
             $session_info = session::get_session_by_hash($session);
             if ($session_info != null) {
                 $res = Execute::newPendingGame($session, $size);
                 if ($res) {
                     $this->response = XmlBuilder::startNewPendingGameSuccessfullResponse("plain", $session);
                 } else {
                     //faild to add new game
                     Report::error(__METHOD__ . "," . __LINE__, "failed to add new pending game");
                     $this->response = XmlBuilder::failed_response("plain", 5, 0, "failed to add new pending game, try again");
                 }
             } else {
                 //the given hash doesn't exist in the database
                 Report::warning(__METHOD__ . "," . __LINE__, "start new pending game request contains a session hash that does not exist in the database: hash=" . $session);
                 $this->response = XmlBuilder::failed_response("plain", 5, 1, "expired session");
             }
         } else {
             //invalid data passed
             Report::error(__METHOD__ . "," . __LINE__, "start new pending game request contains an incorrectly formatted session hash or game size, size:" . $size);
             $this->response = XmlBuilder::failed_response("plain", 5, 0, "invalid session or gcm id");
         }
     } else {
         //xml request was not formatted correctly
         Report::error(__METHOD__ . "," . __LINE__, "invalid new pending game request!");
         $this->invalidRequest();
     }
 }
 public function test()
 {
     $username = "******";
     $password = "******";
     $email = "*****@*****.**";
     $username2 = "bla2";
     $password2 = "pass2";
     $email2 = "*****@*****.**";
     $username3 = "gue";
     $password3 = "pass3";
     $email3 = "*****@*****.**";
     user::create_new_user($username, $password, $email);
     $this->assertEquals(1, user::getNumberOfUsers(), "number of users is not correct after adding a new user");
     user::create_new_user($username2, $password2, $email2);
     $this->assertEquals(2, user::getNumberOfUsers(), "number of users is not correct after adding a new user");
     user::create_new_user($username3, $password3, $email3);
     $this->assertEquals(3, user::getNumberOfUsers(), "number of users is not correct after adding a new user");
     $user1ID = user::getUserByUsername($username)['id'];
     $user2ID = user::getUserByUsername($username2)['id'];
     $user3ID = user::getUserByUsername($username3)['id'];
     $this->assertTrue(safe_input::is_valid_session_hash(md5("\$3dfsd43^^%")), "safe_input::is_valid_session_hash()");
     $this->assertFalse(safe_input::is_valid_session_hash("x = 2 "), "safe_input::is_valid_session_hash()");
     //get_last_session_for_user_id($user_id)
     //add_new_session($user_id,$hash,$encryption_key)
     $this->assertFalse(session::add_new_session("hh", md5("bla"), md5("bla2")), "[add_new_session()]");
     $this->assertTrue(session::add_new_session($user1ID, md5("bla"), md5("bla2")), "failed to add new session[add_new_session()]");
     $s1 = session::$last_inserted_id;
     $this->assertFalse(session::is_unique_hash(md5("bla")), "[session::is_unique_hash()]");
     $this->assertTrue(session::is_unique_hash(md5("bddla")), "[session::is_unique_hash()]");
     //$this->assertNull(session::add_new_session($user2ID,md5("bla"),md5("mmm")),"Hash has to be unique! [add_new_session()]") ;
     $this->assertTrue(session::add_new_session($user2ID, md5("hash2"), md5("bla2")), "failed to add new session[add_new_session()]");
     $this->assertTrue(session::add_new_session($user1ID, md5("hash2sss"), md5("blssssa2")), "failed to add new session[add_new_session()]");
     $s2 = session::$last_inserted_id;
     $s_info = session::get_last_session_for_user_id($user1ID);
     $this->assertEquals($s_info['encryptionKey'], md5("blssssa2"), "[get_last_session_for_user_id()]");
     $this->assertFalse(session::is_unique_hash($s_info['hash']), "[is_unique_hash()]");
     $this->assertTrue(session::is_unique_hash(md5("asdfasefds")), "[is_unique_hash()]");
     $this->assertTrue(session::does_user_have_session($user2ID), "[does_user_have_session()]");
     $this->assertFalse(session::does_user_have_session($user3ID), "[does_user_have_session()]");
     //delete_all_sessions_for_user_id($user_id)
     $this->assertFalse(session::delete_all_sessions_for_user_id("sadsadsad"), "[delete_all_sessions_for_user_id()]");
     $this->assertTrue(session::delete_all_sessions_for_user_id($user2ID), "[delete_all_sessions_for_user_id()]");
     $this->assertFalse(session::does_user_have_session($user2ID), "[does_user_have_session()]");
     $this->assertTrue(session::does_user_have_session($user1ID), "[does_user_have_session()]");
     //session::delete_session_by_id($session_id)
     $s_info = session::get_last_session_for_user_id($user1ID);
     $this->assertTrue(session::add_new_session($user2ID, md5("hash2"), md5("bla2")), "failed to add new session[add_new_session()]");
     $s2_info = session::get_last_session_for_user_id($user2ID);
     $this->assertTrue(session::delete_session_by_id($s2_info['id']), "[delete_session_by_id()]");
     $this->assertFalse(session::does_user_have_session($user2ID), "[does_user_have_session()]");
     $this->assertTrue(session::does_user_have_session($user1ID), "[does_user_have_session()]");
     //session::delete_session_by_hash($hash)
     $s_info = session::get_last_session_for_user_id($user1ID);
     $this->assertTrue(session::add_new_session($user2ID, md5("hash2"), md5("bla2")), "failed to add new session[add_new_session()]");
     $s2_info = session::get_last_session_for_user_id($user2ID);
     $this->assertTrue(session::delete_session_by_hash($s2_info['hash']), "[delete_session_by_id()]");
     $this->assertFalse(session::does_user_have_session($user2ID), "[does_user_have_session()]");
     $this->assertTrue(session::does_user_have_session($user1ID), "[does_user_have_session()]");
     //session::get_session_by_hash($hash)
     $s_infos = session::get_session_by_hash($s_info['hash']);
     $this->assertEquals($s_info['id'], $s_infos['id'], "session::get_session_by_hash()");
 }
Exemple #3
0
 public static function get_session_by_hash($hash)
 {
     if (safe_input::is_valid_session_hash($hash)) {
         $safe_hash = safe_input::sql_inj($hash);
         $query = "SELECT * FROM `session` WHERE `hash` = '{$safe_hash}'";
         $db = new database();
         $db->query($query);
         if ($db->number_of_rows() > 0) {
             return $db->fetch_row();
         } else {
             return null;
         }
     } else {
         return null;
         //invalid hash
     }
 }