<?php
$conn = null;
$token = null;
$issetToken = APIHelpers::issetParam('token');
if ($issetToken) {
$conn = APIHelpers::createConnection($config);
$token = APIHelpers::getParam('token', '');
APISecurity::loadByToken($conn, $token);
}
APIHelpers::showerror(1121, 'Not found parameter "userid"');
}
$userid = APIHelpers::getParam('userid', '');
if (!is_numeric($userid)) {
APIHelpers::showerror(1122, 'userid must be numeric');
}
if ($userid == APISecurity::userid()) {
APIHelpers::showerror(1123, 'Please use another function for change your password');
}
$result = array('result' => 'fail', 'data' => array());
$conn = APIHelpers::createConnection($config);
if (!APIHelpers::issetParam('password')) {
APIHelpers::showerror(1124, 'Not found parameter "password"');
}
// TODO must be get email by iduser!!!!
if (!APIHelpers::issetParam('email')) {
APIHelpers::showerror(1125, 'Not found parameter "email"');
}
$password = APIHelpers::getParam('password', '');
$email = APIHelpers::getParam('email', '');
$password = APISecurity::generatePassword2($email, $password);
$result['data']['password'] = $password;
$result['data']['email'] = $email;
$result['data']['userid'] = $userid;
if (strlen($password) <= 3) {
APIHelpers::showerror(1126, '"password" must be more then 3 characters');
}
try {
$query = 'UPDATE users SET pass = ? WHERE id = ? AND email = ?';
$stmt = $conn->prepare($query);
if ($stmt->execute(array($password, $userid, $email))) {
* API_DESCRIPTION: Method will be returned quest info
* API_ACCESS: authorized users
* API_INPUT: taskid - integer, Identificator of the quest (in future will be questid)
* API_INPUT: token - string, token
*/
$curdir = dirname(__FILE__);
include_once $curdir . "/../api.lib/api.base.php";
include_once $curdir . "/../api.lib/api.game.php";
include_once $curdir . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
$message = '';
if (!APIGame::checkGameDates($message) && !APISecurity::isAdmin()) {
APIHelpers::showerror(1064, $message);
}
if (!APIHelpers::issetParam('taskid')) {
APIHelpers::showerror(1065, 'Not found parameter "taskid"');
}
$questid = APIHelpers::getParam('taskid', 0);
if (!is_numeric($questid)) {
APIHelpers::showerror(1066, 'parameter "taskid" must be numeric');
}
$response['result'] = 'ok';
$conn = APIHelpers::createConnection($config);
$response['userid'] = APISecurity::userid();
$params = array();
$params[] = APISecurity::userid();
$params[] = intval($questid);
$filter_by_state = '';
$filter_by_score = '';
$filter_by_game = '';
*/
$curdir_users_update_role = dirname(__FILE__);
include_once $curdir_users_update_role . "/../api.lib/api.base.php";
include_once $curdir_users_update_role . "/../api.lib/api.types.php";
include_once $curdir_users_update_role . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
if (APIHelpers::issetParam('userid') && !APISecurity::isAdmin()) {
APIHelpers::showerror(1128, 'you what change role for another user, it can do only admin');
}
$userid = APIHelpers::getParam('userid', APISecurity::userid());
// $userid = intval($userid);
if (!is_numeric($userid)) {
APIHelpers::showerror(1129, 'userid must be numeric');
}
if (!APIHelpers::issetParam('role')) {
APIHelpers::showerror(1131, 'Not found parameter "role"');
}
if (APISecurity::isAdmin() && APISecurity::userid() == $userid) {
APIHelpers::showerror(1130, 'you are administrator and you cannot change role for self');
}
$conn = APIHelpers::createConnection($config);
$role = APIHelpers::getParam('role', '');
$response['data']['role'] = $role;
$response['data']['userid'] = $userid;
$response['data']['possible_roles'] = array();
foreach (APITypes::$types['userRoles'] as $key => $value) {
$response['data']['possible_roles'][] = APITypes::$types['userRoles'][$key]['value'];
}
if (!in_array($role, $response['data']['possible_roles'])) {
APIHelpers::showerror(1132, '"role" must have value from userRoles: "' . implode('", "', $response['data']['possible_roles']) . '"');
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
$conn = APIHelpers::createConnection($config);
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1160, 'access denie. you must be admin.');
}
$columns = array('uuid' => 'generate', 'title' => 'Unknown', 'logo' => '', 'type_game' => 'jeopardy', 'date_start' => '0000-00-00 00:00:00', 'date_stop' => '0000-00-00 00:00:00', 'date_restart' => '0000-00-00 00:00:00', 'description' => '', 'state' => 'Unlicensed copy', 'form' => 'online', 'owner' => APISecurity::userid(), 'organizators' => '');
$param_values = array();
$values_q = array();
$title = '';
foreach ($columns as $k => $v) {
$values_q[] = '?';
if ($k == 'owner') {
$param_values[$k] = $v;
} else {
if (APIHelpers::issetParam($k)) {
$param_values[$k] = APIHelpers::getParam($k, $v);
} else {
APIHelpers::showerror(1161, 'not found parameter "' . $k . '"');
}
}
}
if (!is_numeric($param_values['owner'])) {
APIHelpers::showerror(1162, 'incorrect owner');
}
$param_values['owner'] = intval($param_values['owner']);
$query = 'INSERT INTO games(' . implode(',', array_keys($param_values)) . ', date_change, date_create)
VALUES(' . implode(',', $values_q) . ', NOW(), NOW());';
$values = array_values($param_values);
// $response['param_values'] = $param_values;
// $response['query'] = $query;
* API_OKRESPONSE: { "result":"ok" }
*/
$curdir = dirname(__FILE__);
include_once $curdir . "/../api.lib/api.base.php";
include_once $curdir . "/../api.lib/api.security.php";
include_once $curdir . "/../../config/config.php";
APIHelpers::checkAuth();
$result = array('result' => 'fail', 'data' => array());
$conn = APIHelpers::createConnection($config);
if (!APIHelpers::issetParam('old_password')) {
APIHelpers::showerror(1016, 'Not found parameter "old_password"');
}
if (!APIHelpers::issetParam('new_password')) {
APIHelpers::showerror(1017, 'Not found parameter "new_password"');
}
if (!APIHelpers::issetParam('new_password_confirm')) {
APIHelpers::showerror(1018, 'Not found parameter "new_password_confirm"');
}
$old_password = APIHelpers::getParam('old_password', '');
$new_password = APIHelpers::getParam('new_password', '');
$new_password_confirm = APIHelpers::getParam('new_password_confirm', '');
if (strlen($new_password) <= 3) {
APIHelpers::showerror(1015, '"New password" must be more then 3 characters');
}
$email = APISecurity::email();
$userid = APISecurity::userid();
if (md5($new_password) != md5($new_password_confirm)) {
APIHelpers::showerror(1014, 'New password and New password confirm are not equals');
}
// temporary double passwords
$hash_old_password = APISecurity::generatePassword2($email, $old_password);
$curdir = dirname(__FILE__);
include_once $curdir . "/../api.lib/api.base.php";
include_once $curdir . "/../api.lib/api.game.php";
include_once $curdir . "/../api.lib/api.answerlist.php";
include_once $curdir . "/../api.lib/api.quest.php";
include_once $curdir . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
$message = '';
if (!APIGame::checkGameDates($message)) {
APIHelpers::showerror(1211, $message);
}
if (!APIHelpers::issetParam('questid')) {
APIHelpers::showerror(1212, 'Not found parameter "questid"');
}
if (!APIHelpers::issetParam('answer')) {
APIHelpers::showerror(1213, 'Not found parameter "answer"');
}
$questid = APIHelpers::getParam('questid', 0);
$answer = APIHelpers::getParam('answer', '');
if ($answer == "") {
APIHelpers::showerror(1214, 'Parameter "answer" must be not empty');
}
if (!is_numeric($questid)) {
APIHelpers::showerror(1215, 'Parameter "questid" must be numeric');
}
$questid = intval($questid);
$response['result'] = 'ok';
$conn = APIHelpers::createConnection($config);
$response['gameid'] = APIGame::id();
$response['userid'] = APISecurity::userid();
* API_INPUT: password - string, Password of a user
* API_INPUT: client - string, Indentifier for frontend
* API_OKRESPONSE: { "result":"ok", "token":"76558894-0AA9-11E4-09F0-D353D3CF86D5" }
*/
$curdir = dirname(__FILE__);
include_once $curdir . "/../api.lib/api.base.php";
include_once $curdir . "/../api.lib/api.helpers.php";
include_once $curdir . "/../api.lib/api.security.php";
include_once $curdir . "/../api.lib/api.user.php";
include_once $curdir . "/../../config/config.php";
$result = array('result' => 'fail', 'data' => array());
$token = '';
if (!APIHelpers::issetParam('email')) {
APIHelpers::showerror(1001, 'Parameter email was not found');
}
if (!APIHelpers::issetParam('password')) {
APIHelpers::showerror(1316, 'Parameter password was not found');
}
$email = APIHelpers::getParam('email', '');
$password = APIHelpers::getParam('password', '');
$conn = APIHelpers::createConnection($config);
$hash_password2 = APISecurity::generatePassword2($email, $password);
if (APISecurity::login($conn, $email, $hash_password2)) {
$result['result'] = 'ok';
APIHelpers::$TOKEN = APIHelpers::gen_guid();
$result['data']['token'] = APIHelpers::$TOKEN;
$result['data']['session'] = APIHelpers::$FHQSESSION;
} else {
APIHelpers::showerror(1002, 'email or/and password was not found in system ');
}
if ($result['result'] == 'ok') {
<?php
header("Access-Control-Allow-Origin: *");
header('Content-Type: application/json');
/*
* API_NAME: Logout
* API_DESCRIPTION: Methods for logout from system
* API_ACCESS: authorized users
* API_INPUT: token - string, access token for user
*/
$curdir_logout = dirname(__FILE__);
include_once $curdir_logout . "/../api.lib/api.base.php";
include_once $curdir_logout . "/../api.lib/api.helpers.php";
include_once $curdir_logout . "/../api.lib/api.security.php";
include $curdir_logout . "/../../config/config.php";
$result = array('result' => 'ok', 'data' => array());
if (APIHelpers::issetParam('token')) {
$token = APIHelpers::getParam('token', '');
$conn = APIHelpers::createConnection($config);
APISecurity::removeByToken($conn, $token);
}
APISecurity::logout();
echo json_encode($result);
if (!APIHelpers::issetParam('logo')) {
APIHelpers::showerror(1030, 'Not found parameter logo');
}
if (!APIHelpers::issetParam('email')) {
APIHelpers::showerror(1031, 'Not found parameter email');
}
if (!APIHelpers::issetParam('role')) {
APIHelpers::showerror(1032, 'Not found parameter role');
}
if (!APIHelpers::issetParam('nick')) {
APIHelpers::showerror(1033, 'Not found parameter nick');
}
if (!APIHelpers::issetParam('password')) {
APIHelpers::showerror(1034, 'Not found parameter password');
}
if (!APIHelpers::issetParam('status')) {
APIHelpers::showerror(1035, 'Not found parameter status');
}
$uuid = APIHelpers::getParam('uuid', APIHelpers::gen_guid());
$logo = APIHelpers::getParam('logo', 'files/users/0.png');
$email = APIHelpers::getParam('email', '1');
$role = APIHelpers::getParam('role', 'user');
$nick = APIHelpers::getParam('nick', '1');
$password = APIHelpers::getParam('password', '1');
$status = APIHelpers::getParam('status', 'activated');
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
APIHelpers::showerror(1036, 'Invalid e-mail address.');
}
$stmt = $conn->prepare('select count(*) as cnt from users where email = ?');
$stmt->execute(array($email));
if ($row = $stmt->fetch()) {
$curdir_events_update = dirname(__FILE__);
include_once $curdir_events_update . "/../api.lib/api.helpers.php";
include_once $curdir_events_update . "/../../config/config.php";
include_once $curdir_events_update . "/../api.lib/api.base.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1253, 'access denie. you must be admin.');
}
if (!APIHelpers::issetParam('id')) {
APIHelpers::showerror(1254, 'not found parameter id');
}
if (!APIHelpers::issetParam('type')) {
APIHelpers::showerror(1255, 'not found parameter type');
}
if (!APIHelpers::issetParam('message')) {
APIHelpers::showerror(1256, 'not found parameter message');
}
$id = APIHelpers::getParam('id', 0);
$type = APIHelpers::getParam('type', 'info');
$message = APIHelpers::getParam('message', '');
if (!is_numeric($id)) {
APIHelpers::showerror(1257, 'incorrect id');
}
$conn = APIHelpers::createConnection($config);
try {
$stmt = $conn->prepare('UPDATE public_events SET type = ?, message = ? WHERE id = ?');
$stmt->execute(array($type, $message, intval($id)));
$response['result'] = 'ok';
} catch (PDOException $e) {
APIHelpers::showerror(1258, $e->getMessage());
*/
$curdir = dirname(__FILE__);
include_once $curdir . "/../api.lib/api.base.php";
include_once $curdir . "/../../config/config.php";
APIHelpers::checkAuth();
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1139, 'only for admin');
}
$userid = APIHelpers::getParam('userid', APISecurity::userid());
// $userid = intval($userid);
if (!is_numeric($userid)) {
APIHelpers::showerror(1140, 'userid must be numeric');
}
$result = array('result' => 'fail', 'data' => array());
$conn = APIHelpers::createConnection($config);
if (!APIHelpers::issetParam('logo')) {
APIHelpers::showerror(1141, 'Not found parameter "logo"');
}
$logo = APIHelpers::getParam('logo', '');
$result['data']['logo'] = $logo;
$result['data']['userid'] = $userid;
try {
$query = 'UPDATE users SET logo = ? WHERE id = ?';
$stmt = $conn->prepare($query);
if ($stmt->execute(array($logo, $userid))) {
$result['result'] = 'ok';
} else {
$result['result'] = 'fail';
}
} catch (PDOException $e) {
APIHelpers::showerror(1142, $e->getMessage());
if (!is_numeric($userid)) {
APIHelpers::showerror(1117, 'userid must be numeric ' . $userid);
}
$userid = intval($userid);
if (!APISecurity::isAdmin() && $userid != APISecurity::userid()) {
APIHelpers::showerror(1116, 'you what change nick for another user, it can do only admin ' . APISecurity::userid());
}
$result = array('result' => 'fail', 'data' => array());
// todo check if changed is current user
// if (isset($config['profile']) && isset($config['profile']['change_nick']) && $config['profile']['change_nick'] == 'yes') {
/*include dirname(__FILE__)."/../config/config.php";
if (isset($config['profile']) && isset($config['profile']['change_nick']) && $config['profile']['change_nick'] == 'no') {
return;
}*/
$conn = APIHelpers::createConnection($config);
if (!APIHelpers::issetParam('nick')) {
APIHelpers::showerror(1115, 'Not found parameter "nick"');
}
$nick = APIHelpers::getParam('nick', '');
$nick = htmlspecialchars($nick);
$oldnick = APISecurity::nick();
if ($nick == $oldnick) {
APIHelpers::showerror(1112, 'New nick equal with old nick');
}
$result['data']['nick'] = htmlspecialchars($nick);
$result['data']['userid'] = $userid;
$result['currentUser'] = $userid == APISecurity::userid();
if (strlen($nick) <= 3) {
APIHelpers::showerror(1113, '"nick" must be more then 3 characters');
}
try {
header('Content-Type: application/json');
/*
* API_NAME: Delete File
* API_DESCRIPTION: Method for delete file from the quest
* API_ACCESS: admin only
* API_INPUT: fileid - string, Identificator of the file
* API_INPUT: token - string, token
*/
$curdir_quests_files_remove = dirname(__FILE__);
include_once $curdir_quests_files_remove . "/../api.lib/api.base.php";
include_once $curdir_quests_files_remove . "/../../config/config.php";
APIHelpers::checkAuth();
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1300, 'it can do only admin');
}
if (!APIHelpers::issetParam('fileid')) {
APIHelpers::showerror(1301, 'Parameter fileid did not found');
}
$fileid = APIHelpers::getParam('fileid', 0);
if (!is_numeric($fileid)) {
APIHelpers::showerror(1302, 'Parameter fileid must be numeric');
}
$result = array('result' => 'fail', 'data' => array());
$conn = APIHelpers::createConnection($config);
$filepath = '';
try {
$query = 'SELECT * FROM quests_files WHERE id = ?';
$stmt = $conn->prepare($query);
$stmt->execute(array($fileid));
if ($row = $stmt->fetch()) {
$filepath = $row['filepath'];
$curdir_events_update = dirname(__FILE__);
include_once $curdir_events_update . "/../api.lib/api.helpers.php";
include_once $curdir_events_update . "/../../config/config.php";
include_once $curdir_events_update . "/../api.lib/api.base.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1268, 'access denie. you must be admin.');
}
if (!APIHelpers::issetParam('id')) {
APIHelpers::showerror(1259, 'not found parameter id');
}
if (!APIHelpers::issetParam('type')) {
APIHelpers::showerror(1260, 'not found parameter type');
}
if (!APIHelpers::issetParam('text')) {
APIHelpers::showerror(1262, 'not found parameter text');
}
$id = APIHelpers::getParam('id', 0);
$type = APIHelpers::getParam('type', '');
$text = APIHelpers::getParam('text', '');
if (!is_numeric($id)) {
APIHelpers::showerror(1261, 'Parameter id must be integer');
}
$id = intval($id);
$conn = APIHelpers::createConnection($config);
try {
$stmt = $conn->prepare('UPDATE feedback SET type = ?, text = ? WHERE id = ?');
$stmt->execute(array($type, $text, intval($id)));
$response['result'] = 'ok';
} catch (PDOException $e) {
include_once $curdir_games_update_rules . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1319, 'access denie. you must be admin.');
}
$conn = APIHelpers::createConnection($config);
if (!APIHelpers::issetParam('id')) {
APIHelpers::showerror(1320, 'not found parameter "id"');
}
$gameid = APIHelpers::getParam('id', 0);
if (!is_numeric($gameid)) {
APIHelpers::showerror(1321, '"id" must be numeric');
}
$gameid = intval($gameid);
if (!APIHelpers::issetParam('rules')) {
APIHelpers::showerror(1322, 'not found parameter "rules"');
}
$rules = APIHelpers::getParam('rules', '');
// check game
$title = '';
try {
$stmt = $conn->prepare('SELECT * FROM games WHERE id = ?');
$stmt->execute(array(intval($gameid)));
if ($row = $stmt->fetch()) {
$title = $row['title'];
} else {
APIHelpers::showerror(1326, 'Game #' . $gameid . ' does not exists.');
}
} catch (PDOException $e) {
APIHelpers::showerror(1327, $e->getMessage());
include_once $curdir_quests_insert . "/../api.lib/api.base.php";
include_once $curdir_quests_insert . "/../api.lib/api.game.php";
include_once $curdir_quests_insert . "/../api.lib/api.quest.php";
include_once $curdir_quests_insert . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
$message = '';
if (!APIGame::checkGameDates($message)) {
APIHelpers::showerror(1164, $message);
}
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1165, 'Access denied. You are not admin.');
}
$params = array('quest_uuid' => '', 'name' => '', 'text' => '', 'score' => '', 'min_score' => '', 'subject' => '', 'idauthor' => '', 'author' => '', 'answer' => '', 'state' => '', 'description_state' => '');
foreach ($params as $key => $val) {
if (!APIHelpers::issetParam($key)) {
APIHelpers::showerror(1166, 'Not found parameter "' . $key . '"');
}
$params[$key] = APIHelpers::getParam($key, '');
}
$questname = $params['name'];
$params['answer_upper_md5'] = md5(strtoupper($params['answer']));
$params['score'] = intval($params['score']);
$params['min_score'] = intval($params['min_score']);
$params['gameid'] = APIGame::id();
$params['idauthor'] = intval($params['idauthor']);
$params['author'] = $params['author'];
$params['gameid'] = APIGame::id();
$params['userid'] = APISecurity::userid();
$params['count_user_solved'] = 0;
$conn = APIHelpers::createConnection($config);
$curdir = dirname(__FILE__);
include_once $curdir . "/../api.lib/api.base.php";
include_once $curdir . "/../../config/config.php";
APIHelpers::checkAuth();
$result = array('result' => 'fail', 'data' => array());
$result['result'] = 'ok';
$conn = APIHelpers::createConnection($config);
$country = '';
$city = '';
if (!APIHelpers::issetParam('country')) {
APIHelpers::showerror(1103, 'Not found parameter "country"');
}
if (!APIHelpers::issetParam('city')) {
APIHelpers::showerror(1104, 'Not found parameter "city"');
}
if (!APIHelpers::issetParam('university')) {
APIHelpers::showerror(1105, 'Not found parameter "university"');
}
$country = APIHelpers::getParam('country', '');
$city = APIHelpers::getParam('city', '');
$university = APIHelpers::getParam('university', '');
try {
$_SESSION['user']['profile']['country'] = $country;
$_SESSION['user']['profile']['city'] = $city;
$_SESSION['user']['profile']['university'] = $university;
$query = 'UPDATE users_profile SET value = ?, date_change = NOW() WHERE name = ? AND userid = ?';
$stmt = $conn->prepare($query);
$stmt->execute(array(htmlspecialchars($country), 'country', APISecurity::userid()));
$stmt->execute(array(htmlspecialchars($city), 'city', APISecurity::userid()));
$stmt->execute(array(htmlspecialchars($university), 'university', APISecurity::userid()));
$result['result'] = 'ok';
* API_ACCESS: admin only
* API_INPUT: questid - string, Identificator of the quest
* API_INPUT: token - string, token
*/
$curdir_quests_delete = dirname(__FILE__);
include_once $curdir_quests_delete . "/../api.lib/api.base.php";
include_once $curdir_quests_delete . "/../api.lib/api.game.php";
include_once $curdir_quests_delete . "/../api.lib/api.quest.php";
include_once $curdir_quests_delete . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
$message = '';
if (!APIGame::checkGameDates($message)) {
APIHelpers::showerror(1059, $message);
}
if (!APIHelpers::issetParam('questid')) {
APIHelpers::showerror(1060, 'Not found parameter "questid"');
}
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1061, 'Access denied. You are not admin.');
}
$questid = APIHelpers::getParam('questid', 0);
if (!is_numeric($questid)) {
APIHelpers::showerror(1062, 'parameter "questid" must be numeric');
}
$conn = APIHelpers::createConnection($config);
$name = '';
$subject = '';
// check quest
try {
$stmt = $conn->prepare('SELECT * FROM quest WHERE idquest = ?');
static function startpage($config)
{
header("Access-Control-Allow-Origin: *");
header('Content-Type: application/json');
APIHelpers::$TIMESTART = microtime(true);
$issetToken = APIHelpers::issetParam('token');
if ($issetToken) {
APIHelpers::$TOKEN = APIHelpers::getParam('token', '');
$conn = APIHelpers::createConnection($config);
try {
$stmt = $conn->prepare('SELECT data FROM users_tokens WHERE token = ? AND status = ? AND end_date > NOW()');
$stmt->execute(array(APIHelpers::$TOKEN, 'active'));
if ($row = $stmt->fetch()) {
APIHelpers::$FHQSESSION = json_decode($row['data'], true);
APIHelpers::$FHQSESSION_ORIG = json_decode($row['data'], true);
}
} catch (PDOException $e) {
APIHelpers::showerror(1188, $e->getMessage());
}
} else {
APIHelpers::$FHQSESSION = $_SESSION;
APIHelpers::$FHQSESSION_ORIG = $_SESSION;
}
$response = array('result' => 'fail', 'lead_time_sec' => 0, 'data' => array());
return $response;
}
header("Access-Control-Allow-Origin: *");
header('Content-Type: application/json');
/*
* API_NAME: Remove dump of users
* API_DESCRIPTION: Method will be remove zip-archive
* API_ACCESS: admin only
* API_INPUT: filename - string, filename for removing
* API_OKRESPONSE: { "result":"ok", "data" : { "filename" : "files/dumps/users_XXXX.zip" } }
*/
$curdir_users_export_remove = dirname(__FILE__);
include_once $curdir_users_export_remove . "/../api.lib/api.base.php";
include_once $curdir_users_export_remove . "/../api.lib/api.game.php";
include_once $curdir_users_export_remove . "/../../config/config.php";
APIHelpers::checkAuth();
$message = '';
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1297, 'This function allowed only for admin');
}
$result = array('result' => 'fail', 'data' => array());
$result['result'] = 'ok';
if (!APIHelpers::issetParam('filename')) {
APIHelpers::showerror(1298, 'Parameter filename did not found');
}
$filename = $curdir_users_export_remove . '/../../files/dumps/' . APIHelpers::getParam('filename', '');
if (!file_exists($filename)) {
APIHelpers::showerror(1299, 'File did not found');
}
unlink($filename);
$result['result'] = 'ok';
$result['data']['filename'] = $filename;
echo json_encode($result);
* API_INPUT: client - string, indentifier of frontend
* API_INPUT: captcha - string, here -> api/captcha.php
*/
$httpname = 'http://' . $_SERVER['HTTP_HOST'] . dirname(dirname(dirname($_SERVER['PHP_SELF']))) . '/';
$curdir_security_registration = dirname(__FILE__);
include_once $curdir_security_registration . "/../api.lib/api.base.php";
include_once $curdir_security_registration . "/../api.lib/api.helpers.php";
include_once $curdir_security_registration . "/../api.lib/api.security.php";
include_once $curdir_security_registration . "/../api.lib/api.user.php";
include_once $curdir_security_registration . "/../../config/config.php";
include_once $curdir_security_registration . "/../api.lib/api.mail.php";
$result = array('result' => 'fail', 'data' => array());
if (!APIHelpers::issetParam('email')) {
APIHelpers::showerror(1013, 'Parameter email was not found');
}
if (!APIHelpers::issetParam('captcha')) {
APIHelpers::showerror(1043, 'Parameter captcha was not found');
}
$email = APIHelpers::getParam('email', '');
$captcha = APIHelpers::getParam('captcha', '');
$orig_captcha = $_SESSION['captcha_reg'];
// cleanup captcha
$_SESSION['captcha_reg'] = md5(rand() . rand());
if (strtoupper($captcha) != strtoupper($orig_captcha)) {
APIHelpers::showerror(1012, '[Registration] Captcha is not correct, please "Refresh captcha" and try again');
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
APIHelpers::showerror(1011, '[Registration] Invalid e-mail address.');
}
$conn = APIHelpers::createConnection($config);
$stmt = $conn->prepare('select count(*) as cnt from users where email = ?');
header("Access-Control-Allow-Origin: *");
header('Content-Type: application/json');
/*
* API_NAME: Upload logo
* API_DESCRIPTION:
* API_ACCESS: admin only
* API_INPUT: gameid - string, Identificator of the game
* API_INPUT: files - POST-FILES, files
* API_INPUT: token - guid, token
*/
$curdir_upload_logo = dirname(__FILE__);
include_once $curdir_upload_logo . "/../api.lib/api.base.php";
include_once $curdir_upload_logo . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
if (!APIHelpers::issetParam('gameid')) {
APIHelpers::showerror(1051, 'Not found parameter gameid');
}
$gameid = APIHelpers::getParam('gameid', 0);
// $userid = intval($userid);
if (!is_numeric($gameid)) {
APIHelpers::showerror(1052, 'gameid must be numeric');
}
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1053, 'This method only for admin');
}
if (count($_FILES) <= 0) {
APIHelpers::showerror(1054, 'Not found files ' . count($_FILES));
}
$keys = array_keys($_FILES);
// $prefix = 'quest'.$id.'_';
* API_NAME: Delete user
* API_DESCRIPTION: Method for delete user
* API_ACCESS: admin only
* API_INPUT: userid - integer, user id
* API_OKRESPONSE: { "result":"ok" }
*/
$curdir_users_delete = dirname(__FILE__);
include_once $curdir_users_delete . "/../api.lib/api.base.php";
include_once $curdir_users_delete . "/../../config/config.php";
APIHelpers::checkAuth();
$result = array('result' => 'fail', 'data' => array());
$conn = APIHelpers::createConnection($config);
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1107, 'access only for admin');
}
if (!APIHelpers::issetParam('userid')) {
APIHelpers::showerror(1108, 'Not found parameter "userid"');
}
$userid = APIHelpers::getParam('userid', 0);
if (!is_numeric($userid)) {
APIHelpers::showerror(1109, 'userid must be numeric');
}
$nick = '';
// check user
try {
$stmt = $conn->prepare('SELECT id, nick FROM users WHERE id = ?');
$stmt->execute(array($userid));
if ($row = $stmt->fetch()) {
$nick = $row['nick'];
} else {
APIHelpers::showerror(1111, 'Userid did not found');
header('Content-Type: application/json');
/*
* API_NAME: Calculate events after some id
* API_DESCRIPTION: Method for calculate last events
* API_ACCESS: all
* API_INPUT: id - integer, after this id will be calculate count of events
* API_INPUT: type - string, filter by type
*/
$curdir_events_count = dirname(__FILE__);
include_once $curdir_events_count . "/../api.lib/api.base.php";
include_once $curdir_events_count . "/../api.lib/api.security.php";
include_once $curdir_events_count . "/../api.lib/api.helpers.php";
include_once $curdir_events_count . "/../../config/config.php";
$response = APIHelpers::startpage($config);
$conn = APIHelpers::createConnection($config);
if (!APIHelpers::issetParam('id')) {
APIHelpers::showerror(1225, 'Not found parameter "id"');
}
$type = APIHelpers::getParam('type', '');
$id = APIHelpers::getParam('id', 0);
if (!is_numeric($id)) {
APIHelpers::showerror(1226, 'id must be integer');
}
try {
$params = array();
$params[] = $id;
$query = 'SELECT count(*) as cnt FROM public_events WHERE id > ?';
if ($type != '') {
$query .= ' AND type = ?';
$params[] = $type;
}
header('Content-Type: application/json');
/*
* API_NAME: Update User Style
* API_DESCRIPTION: Method for update user status
* API_ACCESS: authorized user
* API_INPUT: style - string, new user style
* API_OKRESPONSE: { "result":"ok" }
*/
$curdir = dirname(__FILE__);
include_once $curdir . "/../api.lib/api.base.php";
include_once $curdir . "/../../config/config.php";
APIHelpers::checkAuth();
$result = array('result' => 'fail', 'data' => array());
$result['result'] = 'ok';
$conn = APIHelpers::createConnection($config);
$country = '';
$city = '';
if (!APIHelpers::issetParam('style')) {
APIHelpers::showerror(1118, 'Not found parameter "style"');
}
$style = APIHelpers::getParam('style', '');
try {
$_SESSION['user']['profile']['template'] = $style;
$query = 'UPDATE users_profile SET value = ?, date_change = NOW() WHERE name = ? AND userid = ?';
$stmt = $conn->prepare($query);
$stmt->execute(array($style, 'template', APISecurity::userid()));
$result['result'] = 'ok';
} catch (PDOException $e) {
APIHelpers::showerror(1119, $e->getMessage());
}
echo json_encode($result);
