예제 #1
0
    static function movedToBackup($conn, $questid)
    {
        $query = 'INSERT INTO tryanswer_backup (iduser, idquest, answer_try, answer_real, passed, levenshtein, datetime_try) 
				SELECT iduser, idquest, answer_try, answer_real, passed, levenshtein, datetime_try FROM tryanswer WHERE iduser = ? and idquest = ?';
        $params[] = APISecurity::userid();
        $params[] = intval($questid);
        $stmt = $conn->prepare($query);
        if ($stmt->execute($params)) {
            $query1 = 'DELETE FROM tryanswer WHERE iduser = ? and idquest = ?';
            $stmt1 = $conn->prepare($query1);
            $stmt1->execute($params);
            return true;
        }
        return false;
    }
예제 #2
0
    static function calculateScore($conn)
    {
        // calculate score
        $query = '
			SELECT 
				ifnull(SUM(quest.score),0) as sum_score 
			FROM 
				users_quests
			INNER JOIN 
				quest ON quest.idquest = users_quests.questid AND quest.gameid = ?
			WHERE 
				(users_quests.userid = ?)
		';
        $score = 0;
        $stmt = $conn->prepare($query);
        $stmt->execute(array(APIGame::id(), APISecurity::userid()));
        if ($row = $stmt->fetch()) {
            $score = $row['sum_score'];
        }
        return $score;
    }
예제 #3
0
파일: api.user.php 프로젝트: azizjonm/fhq 
 static function loadUserProfile($conn)
 {
     try {
         $profile = array();
         $inserts = array();
         $defaults = array();
         $defaults['template'] = 'base';
         $defaults['country'] = '?';
         $defaults['city'] = '?';
         $defaults['university'] = '?';
         $defaults['game'] = '0';
         $defaults['lasteventid'] = '0';
         $query = 'SELECT * FROM users_profile WHERE userid = ?';
         $stmt = $conn->prepare($query);
         $stmt->execute(array(APISecurity::userid()));
         while ($row = $stmt->fetch()) {
             $name = $row['name'];
             $value = $row['value'];
             $profile[$name] = $value;
         }
         foreach ($defaults as $k => $v) {
             if (!isset($profile[$k])) {
                 $inserts[$k] = $v;
                 // default value
                 $profile[$k] = $v;
                 // default value
             }
         }
         foreach ($profile as $k => $v) {
             $_SESSION['user']['profile'][$k] = $v;
         }
         $stmt2 = $conn->prepare('INSERT INTO users_profile(userid,name,value,date_change) VALUES(?,?,?,NOW());');
         foreach ($inserts as $k => $v) {
             $stmt2->execute(array(APISecurity::userid(), $k, $v));
         }
     } catch (PDOException $e) {
         APIHelpers::showerror(1195, $e->getMessage());
     }
 }
예제 #4
0
파일: import.php 프로젝트: azizjonm/fhq 
            $values_q[] = '?';
            $values[] = APISecurity::userid();
            $query = 'INSERT INTO games(' . implode(',', $columns) . ', date_create, date_change) VALUES(' . implode(',', $values_q) . ', NOW(), NOW());';
            $stmt1 = $conn->prepare($query);
            $stmt1->execute($values);
            $gameid = $conn->lastInsertId();
            APIEvents::addPublicEvents($conn, 'games', "New game #" . $gameid . ' ' . htmlspecialchars($game['title']));
        } else {
            $values = array();
            $values_q = array();
            foreach ($columns as $k) {
                $values[] = $game[$k];
                $values_q[] = $k . ' = ?';
            }
            $values_q[] = 'owner = ?';
            $values[] = APISecurity::userid();
            $query = 'UPDATE games SET ' . implode(',', $values_q) . ', date_change = NOW() WHERE uuid = ?';
            $stmt2 = $conn->prepare($query);
            $values[] = $game['uuid'];
            $stmt2->execute($values);
            APIEvents::addPublicEvents($conn, 'games', "Updated game #" . $gameid . ' ' . htmlspecialchars($game['title']));
        }
        // logo
        $fp = fopen($curdir_import_game . '/../../files/games/' . $gameid . '.png', 'w');
        fwrite($fp, $pngdata);
        fclose($fp);
        // update logo in db
        $stmt = $conn->prepare('UPDATE games SET logo = ? WHERE uuid = ?');
        $stmt->execute(array('files/games/' . $gameid . '.png', $game['uuid']));
    }
}
예제 #5
0
 static function saveByToken()
 {
     try {
         $query = 'INSERT INTO users_tokens (userid, token, status, data, start_date, end_date) VALUES(?, ?, ?, ?, NOW(), NOW() + INTERVAL 1 DAY)';
         $params = array(APISecurity::userid(), APIHelpers::$TOKEN, 'active', json_encode(APIHelpers::$FHQSESSION));
         $stmt = APIHelpers::$CONN->prepare($query);
         $stmt->execute($params);
     } catch (PDOException $e) {
         APIHelpers::showerror(1196, $e->getMessage());
     }
 }
예제 #6
0
파일: get.php 프로젝트: azizjonm/fhq 
include_once $curdir_users_get . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
$response['profile'] = array();
$response['access'] = array();
$conn = APIHelpers::createConnection($config);
/*if (!APIHelpers::issetParam('userid'))
	APIHelpers::showerror(1177, 'Not found parameter userid');*/
$userid = APIHelpers::getParam('userid', APISecurity::userid());
if (!is_numeric($userid)) {
    APIHelpers::showerror(1181, 'Parameter userid must be integer');
}
$userid = intval($userid);
$bAllow = APISecurity::isAdmin() || APISecurity::isTester() || APISecurity::userid() == $userid;
$response['access']['edit'] = $bAllow;
$response['currentUser'] = APISecurity::userid() == $userid;
$columns = array('id', 'email', 'dt_last_login', 'uuid', 'status', 'role', 'nick', 'logo');
$query = '
		SELECT ' . implode(', ', $columns) . ' FROM
			users
		WHERE id = ?
';
$result['userid'] = $userid;
// $result['query'] = $query;
try {
    $stmt = $conn->prepare($query);
    $stmt->execute(array($userid));
    if ($row = $stmt->fetch()) {
        $response['data']['userid'] = $row['id'];
        $response['data']['nick'] = $row['nick'];
        $response['data']['logo'] = $row['logo'];
예제 #7
0
include_once $curdir_users_update_role . "/../api.lib/api.types.php";
include_once $curdir_users_update_role . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
if (APIHelpers::issetParam('userid') && !APISecurity::isAdmin()) {
    APIHelpers::showerror(1128, 'you what change role for another user, it can do only admin');
}
$userid = APIHelpers::getParam('userid', APISecurity::userid());
// $userid = intval($userid);
if (!is_numeric($userid)) {
    APIHelpers::showerror(1129, 'userid must be numeric');
}
if (!APIHelpers::issetParam('role')) {
    APIHelpers::showerror(1131, 'Not found parameter "role"');
}
if (APISecurity::isAdmin() && APISecurity::userid() == $userid) {
    APIHelpers::showerror(1130, 'you are administrator and you cannot change role for self');
}
$conn = APIHelpers::createConnection($config);
$role = APIHelpers::getParam('role', '');
$response['data']['role'] = $role;
$response['data']['userid'] = $userid;
$response['data']['possible_roles'] = array();
foreach (APITypes::$types['userRoles'] as $key => $value) {
    $response['data']['possible_roles'][] = APITypes::$types['userRoles'][$key]['value'];
}
if (!in_array($role, $response['data']['possible_roles'])) {
    APIHelpers::showerror(1132, '"role" must have value from userRoles: "' . implode('", "', $response['data']['possible_roles']) . '"');
}
try {
    $query = 'UPDATE users SET role = ? WHERE id = ?';
예제 #8
0
파일: pass.php 프로젝트: azizjonm/fhq 
     $stmt_users_quests = $conn->prepare("INSERT INTO users_quests(userid, questid, dt_passed) VALUES(?,?,NOW())");
     $stmt_users_quests->execute(array(APISecurity::userid(), $questid));
     $new_user_score = APIHelpers::calculateScore($conn);
     $response['new_user_score'] = intval($new_user_score);
     if (APISecurity::score() != $response['new_user_score']) {
         APISecurity::setUserScore($response['new_user_score']);
         $query2 = 'UPDATE users_games SET date_change = NOW(), score = ? WHERE userid = ? AND gameid = ?;';
         $stmt2 = $conn->prepare($query2);
         $stmt2->execute(array(intval($new_user_score), APISecurity::userid(), APIGame::id()));
     }
     APIQuest::updateCountUserSolved($conn, $questid);
     APIAnswerList::addTryAnswer($conn, $questid, $answer, $real_answer, $levenshtein, 'Yes');
     APIAnswerList::movedToBackup($conn, $questid);
     // add to public events
     if (!APISecurity::isAdmin()) {
         APIEvents::addPublicEvents($conn, "users", 'User #' . APISecurity::userid() . ' {' . APISecurity::nick() . '} passed quest #' . $questid . ' {' . $questname . '} from game #' . APIGame::id() . ' {' . APIGame::title() . '} (new user score: ' . $new_user_score . ')');
     }
 } else {
     // check already try pass
     $stmt_check_tryanswer = $conn->prepare('select count(*) as cnt from tryanswer where answer_try = ? and iduser = ? and idquest = ?');
     $stmt_check_tryanswer->execute(array($answer, $userid, intval($questid)));
     if ($row_check_tryanswer = $stmt_check_tryanswer->fetch()) {
         $count = intval($row_check_tryanswer['cnt']);
         $response['checkanswer'] = array($answer, $userid, intval($questid));
         if ($count > 0) {
             APIHelpers::showerror(1318, 'Your already try this answer. Levenshtein distance: ' . $levenshtein);
         }
     }
     APIAnswerList::addTryAnswer($conn, $questid, $answer, $real_answer, $levenshtein, 'No');
     APIHelpers::showerror(1216, 'Answer incorrect. Levenshtein distance: ' . $levenshtein);
 }
예제 #9
0
파일: insert.php 프로젝트: azizjonm/fhq 
$params = array('quest_uuid' => '', 'name' => '', 'text' => '', 'score' => '', 'min_score' => '', 'subject' => '', 'idauthor' => '', 'author' => '', 'answer' => '', 'state' => '', 'description_state' => '');
foreach ($params as $key => $val) {
    if (!APIHelpers::issetParam($key)) {
        APIHelpers::showerror(1166, 'Not found parameter "' . $key . '"');
    }
    $params[$key] = APIHelpers::getParam($key, '');
}
$questname = $params['name'];
$params['answer_upper_md5'] = md5(strtoupper($params['answer']));
$params['score'] = intval($params['score']);
$params['min_score'] = intval($params['min_score']);
$params['gameid'] = APIGame::id();
$params['idauthor'] = intval($params['idauthor']);
$params['author'] = $params['author'];
$params['gameid'] = APIGame::id();
$params['userid'] = APISecurity::userid();
$params['count_user_solved'] = 0;
$conn = APIHelpers::createConnection($config);
$values_q = array();
foreach ($params as $k => $v) {
    $values_q[] = '?';
}
$query = 'INSERT INTO quest(' . implode(', ', array_keys($params)) . ', date_change, date_create) 
  VALUES(' . implode(', ', $values_q) . ', NOW(), NOW());';
try {
    $stmt = $conn->prepare($query);
    if ($stmt->execute(array_values($params))) {
        $response['data']['quest']['id'] = $conn->lastInsertId();
        $response['result'] = 'ok';
        APIQuest::updateCountUserSolved($conn, $response['data']['quest']['id']);
        // to public evants
예제 #10
0
파일: get.php 프로젝트: azizjonm/fhq 
$message = '';
if (!APIGame::checkGameDates($message) && !APISecurity::isAdmin()) {
    APIHelpers::showerror(1064, $message);
}
if (!APIHelpers::issetParam('taskid')) {
    APIHelpers::showerror(1065, 'Not found parameter "taskid"');
}
$questid = APIHelpers::getParam('taskid', 0);
if (!is_numeric($questid)) {
    APIHelpers::showerror(1066, 'parameter "taskid" must be numeric');
}
$response['result'] = 'ok';
$conn = APIHelpers::createConnection($config);
$response['userid'] = APISecurity::userid();
$params = array();
$params[] = APISecurity::userid();
$params[] = intval($questid);
$filter_by_state = '';
$filter_by_score = '';
$filter_by_game = '';
if (!APISecurity::isAdmin()) {
    $filter_by_state = ' AND quest.state = ?';
    $params[] = 'open';
    $filter_by_score = ' AND quest.min_score <= ?';
    $params[] = APISecurity::score();
    $filter_by_game = ' AND quest.gameid = ? ';
    $params[] = APIGame::id();
}
$query = '
			SELECT 
				quest.idquest,
예제 #11
0
$curdir = dirname(__FILE__);
include_once $curdir . "/../api.lib/api.base.php";
include_once $curdir . "/../../config/config.php";
APIHelpers::checkAuth();
// TODO only for admins
// really ???
$result = array('result' => 'fail', 'data' => array());
$result['result'] = 'ok';
$conn = APIHelpers::createConnection($config);
$country = '';
$city = '';
if (!APIHelpers::issetParam('id')) {
    APIHelpers::showerror(1202, 'Not found parameter "id"');
}
$id = APIHelpers::getParam('id', 0);
if (!is_numeric($id)) {
    APIHelpers::showerror(1203, 'id must be integer');
}
try {
    $_SESSION['user']['profile']['lasteventid'] = $id;
    // todo must be renamed to lasteventid!
    $query = 'UPDATE users_profile SET value = ?, date_change = NOW() WHERE name = ? AND userid = ?';
    $stmt = $conn->prepare($query);
    $stmt->execute(array("" + $id, 'lasteventid', APISecurity::userid()));
    $result['data']['lasteventid'] = $id;
    $result['data']['userid'] = APISecurity::userid();
    $result['result'] = 'ok';
} catch (PDOException $e) {
    APIHelpers::showerror(1204, $e->getMessage());
}
echo json_encode($result);
예제 #12
0
}
$result = array('result' => 'fail', 'data' => array());
$result['result'] = 'ok';
$conn = APIHelpers::createConnection($config);
$version = APIUpdates::getVersion($conn);
$result['version'] = $version;
$updates = array();
$curdir = dirname(__FILE__);
$filename = $curdir . '/updates/' . $version . '.php';
while (file_exists($filename)) {
    include_once $filename;
    $function_update = 'update_' . $version;
    if (!function_exists($function_update)) {
        $result['data'][$version] = 'Not found function ' . $function_update;
        break;
    }
    if ($function_update($conn)) {
        APIUpdates::insertUpdateInfo($conn, $version, $updates[$version]['to_version'], $updates[$version]['name'], $updates[$version]['description'], APISecurity::userid());
        $result['data'][$version] = 'installed';
    } else {
        $result['data'][$version] = 'failed';
    }
    $new_version = APIUpdates::getVersion($conn);
    if ($new_version == $version) {
        break;
    }
    $version = $new_version;
    $result['version'] = $version;
    $filename = $curdir . '/updates/' . $version . '.php';
}
echo json_encode($result);
예제 #13
0
// check access user
if (!APISecurity::isAdmin()) {
    try {
        $stmt = $conn->prepare('SELECT count(*) as cnt FROM feedback WHERE id = ? and userid = ?');
        $stmt->execute(array($feedbackid, APISecurity::userid()));
        if ($row = $stmt->fetch()) {
            if (intval($row['cnt']) != 1) {
                APIHelpers::showerror(1247, " added message can only admin and author of topic.");
            }
        }
    } catch (PDOException $e) {
        APIHelpers::showerror(1252, $e->getMessage());
    }
}
try {
    // TODO send mail
    /*
    	 *           $msg = "
    Answer On Feedback
    Feedback Text: 
      ".$text."
    Feedback Answer: 
      ".$answer_text."";
    	 * */
    $stmt = $conn->prepare('INSERT INTO feedback_msg(feedbackid, text, userid, dt) VALUES(?,?,?,NOW())');
    $stmt->execute(array($feedbackid, $text, APISecurity::userid()));
    $response['result'] = 'ok';
} catch (PDOException $e) {
    APIHelpers::showerror(1249, $e->getMessage());
}
APIHelpers::endpage($response);
예제 #14
0
header('Content-Type: application/json');
/*
 * API_NAME: Update User Style
 * API_DESCRIPTION: Method for update user status
 * API_ACCESS: authorized user
 * API_INPUT: style - string, new user style
 * API_OKRESPONSE: { "result":"ok" }
 */
$curdir = dirname(__FILE__);
include_once $curdir . "/../api.lib/api.base.php";
include_once $curdir . "/../../config/config.php";
APIHelpers::checkAuth();
$result = array('result' => 'fail', 'data' => array());
$result['result'] = 'ok';
$conn = APIHelpers::createConnection($config);
$country = '';
$city = '';
if (!APIHelpers::issetParam('style')) {
    APIHelpers::showerror(1118, 'Not found parameter "style"');
}
$style = APIHelpers::getParam('style', '');
try {
    $_SESSION['user']['profile']['template'] = $style;
    $query = 'UPDATE users_profile SET value = ?, date_change = NOW() WHERE name = ? AND userid = ?';
    $stmt = $conn->prepare($query);
    $stmt->execute(array($style, 'template', APISecurity::userid()));
    $result['result'] = 'ok';
} catch (PDOException $e) {
    APIHelpers::showerror(1119, $e->getMessage());
}
echo json_encode($result);
예제 #15
0
$result = array('result' => 'fail', 'data' => array());
$result['result'] = 'ok';
$conn = APIHelpers::createConnection($config);
$country = '';
$city = '';
if (!APIHelpers::issetParam('country')) {
    APIHelpers::showerror(1103, 'Not found parameter "country"');
}
if (!APIHelpers::issetParam('city')) {
    APIHelpers::showerror(1104, 'Not found parameter "city"');
}
if (!APIHelpers::issetParam('university')) {
    APIHelpers::showerror(1105, 'Not found parameter "university"');
}
$country = APIHelpers::getParam('country', '');
$city = APIHelpers::getParam('city', '');
$university = APIHelpers::getParam('university', '');
try {
    $_SESSION['user']['profile']['country'] = $country;
    $_SESSION['user']['profile']['city'] = $city;
    $_SESSION['user']['profile']['university'] = $university;
    $query = 'UPDATE users_profile SET value = ?, date_change = NOW() WHERE name = ? AND userid = ?';
    $stmt = $conn->prepare($query);
    $stmt->execute(array(htmlspecialchars($country), 'country', APISecurity::userid()));
    $stmt->execute(array(htmlspecialchars($city), 'city', APISecurity::userid()));
    $stmt->execute(array(htmlspecialchars($university), 'university', APISecurity::userid()));
    $result['result'] = 'ok';
} catch (PDOException $e) {
    APIHelpers::showerror(1106, $e->getMessage());
}
echo json_encode($result);
예제 #16
0
try {
    $score = 0;
    // loading score
    $stmt2 = $conn->prepare('select * from users_games where userid = ? AND gameid = ?');
    $stmt2->execute(array(intval(APISecurity::userid()), intval($gameid)));
    if ($row2 = $stmt2->fetch()) {
        $response['user'] = array();
        $response['user']['score'] = $row2['score'];
    } else {
        $stmt3 = $conn->prepare('INSERT INTO users_games (userid, gameid, score, date_change) VALUES(?,?,0,NOW())');
        $stmt3->execute(array(intval(APISecurity::userid()), intval($gameid)));
        $response['user'] = array();
        $response['user']['score'] = 0;
    }
    $stmt = $conn->prepare($query);
    $stmt->execute(array(intval($gameid), intval(APISecurity::userid())));
    if ($row = $stmt->fetch()) {
        $response['user'] = array();
        $response['user']['score'] = $row['sum_score'];
        $response['result'] = 'ok';
        if ($row['sum_score'] != $score) {
            $stmt = $conn->prepare('UPDATE users_games SET score = ?, date_change = NOW() WHERE gameid = ? AND userid = ?');
            $stmt->execute(array(intval($row['sum_score']), intval($gameid), intval(APISecurity::userid())));
        }
    } else {
        APIHelpers::showerror(1173, 'Game #' . $gameid . ' does not exists');
    }
} catch (PDOException $e) {
    APIHelpers::showerror(1174, $e->getMessage());
}
APIHelpers::endpage($response);
예제 #17
0
$oldnick = APISecurity::nick();
if ($nick == $oldnick) {
    APIHelpers::showerror(1112, 'New nick equal with old nick');
}
$result['data']['nick'] = htmlspecialchars($nick);
$result['data']['userid'] = $userid;
$result['currentUser'] = $userid == APISecurity::userid();
if (strlen($nick) <= 3) {
    APIHelpers::showerror(1113, '"nick" must be more then 3 characters');
}
try {
    $query = 'UPDATE users SET nick = ? WHERE id = ?';
    $stmt = $conn->prepare($query);
    if ($stmt->execute(array($nick, $userid))) {
        $result['result'] = 'ok';
        if ($userid == APISecurity::userid()) {
            APISecurity::setNick($nick);
        }
        // add to public events
        if ($userid != APISecurity::userid()) {
            APIEvents::addPublicEvents($conn, 'users', 'Admin changed nick for user #' . $userid . ' from {' . htmlspecialchars($oldnick) . '} to {' . $nick . '} ');
        } else {
            APIEvents::addPublicEvents($conn, 'users', 'User #' . $userid . ' changed nick from {' . htmlspecialchars($oldnick) . '} to {' . $nick . '} ');
        }
    } else {
        $result['result'] = 'fail';
    }
} catch (PDOException $e) {
    APIHelpers::showerror(1114, $e->getMessage());
}
echo json_encode($result);
예제 #18
0
파일: insert.php 프로젝트: azizjonm/fhq 
$curdir_feedback_insert = dirname(__FILE__);
include_once $curdir_feedback_insert . "/../api.lib/api.helpers.php";
include_once dirname(__FILE__) . "/../../config/config.php";
include_once $curdir_feedback_insert . "/../api.lib/api.base.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
$conn = APIHelpers::createConnection($config);
if (!APIHelpers::issetParam('type')) {
    APIHelpers::showerror(1237, 'not found parameter type');
}
if (!APIHelpers::issetParam('text')) {
    APIHelpers::showerror(1242, 'not found parameter text');
}
$type = APIHelpers::getParam('type', 'complaint');
$text = APIHelpers::getParam('text', '');
if (strlen($text) <= 3) {
    APIHelpers::showerror(1239, 'text must be informative! (more than 3 character)');
}
try {
    // TODO send mail to admin
    $stmt = $conn->prepare('INSERT INTO feedback(type, text, userid, dt) VALUES(?,?,?,NOW());');
    if ($stmt->execute(array($type, $text, APISecurity::userid()))) {
        $response['data']['feedback']['id'] = $conn->lastInsertId();
        $response['result'] = 'ok';
    } else {
        APIHelpers::showerror(1240, 'Could not insert. PDO: ' . $conn->errorInfo());
    }
} catch (PDOException $e) {
    APIHelpers::showerror(1241, $e->getMessage());
}
APIHelpers::endpage($response);
예제 #19
0
 * API_DESCRIPTION: Method for upload user logo (only POST request with file)
 * API_ACCESS: admin, authorized user
 * API_INPUT: userid - integer, default value: current user
 * API_INPUT: file - file, default value: current user
 * API_OKRESPONSE: { "result":"ok" }
 */
$curdir_upload_logo = dirname(__FILE__);
include_once $curdir_upload_logo . "/../api.lib/api.base.php";
include_once $curdir_upload_logo . "/../../config/config.php";
APIHelpers::checkAuth();
$userid = APIHelpers::getParam('userid', APISecurity::userid());
// $userid = intval($userid);
if (!is_numeric($userid)) {
    APIHelpers::showerror(1044, 'userid must be numeric');
}
if (!APISecurity::isAdmin() && $userid != APISecurity::userid()) {
    APIHelpers::showerror(1045, 'you what change logo for another user, it can do only admin');
}
if (count($_FILES) <= 0) {
    APIHelpers::showerror(1046, 'Not found file');
}
$result = array('result' => 'fail', 'data' => array());
$keys = array_keys($_FILES);
// $prefix = 'quest'.$id.'_';
// $output_dir = 'files/';
for ($i = 0; $i < count($keys); $i++) {
    $filename = $keys[$i];
    if ($_FILES[$filename]['error'] > 0) {
        echo "Error: " . $_FILES[$filename]["error"] . "<br>";
    } else {
        $full_filename = $curdir_upload_logo . '/../../files/users/' . $userid . '_orig.png';
예제 #20
0
    APIHelpers::showerror(1016, 'Not found parameter "old_password"');
}
if (!APIHelpers::issetParam('new_password')) {
    APIHelpers::showerror(1017, 'Not found parameter "new_password"');
}
if (!APIHelpers::issetParam('new_password_confirm')) {
    APIHelpers::showerror(1018, 'Not found parameter "new_password_confirm"');
}
$old_password = APIHelpers::getParam('old_password', '');
$new_password = APIHelpers::getParam('new_password', '');
$new_password_confirm = APIHelpers::getParam('new_password_confirm', '');
if (strlen($new_password) <= 3) {
    APIHelpers::showerror(1015, '"New password" must be more then 3 characters');
}
$email = APISecurity::email();
$userid = APISecurity::userid();
if (md5($new_password) != md5($new_password_confirm)) {
    APIHelpers::showerror(1014, 'New password and New password confirm are not equals');
}
// temporary double passwords
$hash_old_password = APISecurity::generatePassword2($email, $old_password);
$hash_new_password = APISecurity::generatePassword2($email, $new_password);
/*$result['data']['password'] = $password;
$result['data']['email'] = $email;
$result['data']['userid'] = $userid;*/
// check old password
try {
    $query = 'SELECT id FROM users WHERE id = ? AND email = ? AND pass = ?';
    $stmt = $conn->prepare($query);
    $stmt->execute(array($userid, $email, $hash_old_password));
    if (!($row = $stmt->fetch())) {
예제 #21
0
 * API_DESCRIPTION: Method for update user status
 * API_ACCESS: admin only
 * API_INPUT: userid - integer, userid
 * API_INPUT: status - string, new user status ("activated" or "blocked")
 * API_OKRESPONSE: { "result":"ok" }
 */
$curdir_users_update_status = dirname(__FILE__);
include_once $curdir_users_update_status . "/../api.lib/api.base.php";
include_once $curdir_users_update_status . "/../api.lib/api.types.php";
include_once $curdir_users_update_status . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
if (APIHelpers::issetParam('userid') && !APISecurity::isAdmin()) {
    APIHelpers::showerror(1134, 'you want change status for another user, it can do only admin');
}
$userid = APIHelpers::getParam('userid', APISecurity::userid());
// $userid = intval($userid);
if (!is_numeric($userid)) {
    APIHelpers::showerror(1135, 'userid must be numeric');
}
$conn = APIHelpers::createConnection($config);
if (!APIHelpers::issetParam('status')) {
    APIHelpers::showerror(1136, 'Not found parameter "status"');
}
$status = APIHelpers::getParam('status', '');
$response['data']['status'] = $status;
$response['data']['userid'] = $userid;
$response['data']['possible_status'] = array();
foreach (APITypes::$types['userStatuses'] as $key => $value) {
    $response['data']['possible_status'][] = APITypes::$types['userStatuses'][$key]['value'];
}
예제 #22
0
파일: choose.php 프로젝트: azizjonm/fhq 
        // calculate score
        $query2 = '
				SELECT 
					ifnull(SUM(quest.score),0) as sum_score 
				FROM 
					users_quests
				INNER JOIN 
					quest ON quest.idquest = users_quests.questid AND quest.gameid = ?
				WHERE 
					(users_quests.userid = ?);
			';
        $score = 0;
        $stmt4 = $conn->prepare($query2);
        $stmt4->execute(array(intval($game_id), APISecurity::userid()));
        if ($row3 = $stmt4->fetch()) {
            $score = $row3['sum_score'];
        }
        $stmt3 = $conn->prepare('INSERT INTO users_games (userid, gameid, score, date_change) VALUES(?,?,?,NOW())');
        $stmt3->execute(array(intval(APISecurity::userid()), intval($game_id), intval($score)));
        $_SESSION['user']['score'] = $score;
        APIHelpers::$FHQSESSION['user']['score'] = $score;
        $response['user'] = array();
        $response['user']['score'] = $score;
    }
    // } catch(PDOException $e) {
    //		APIHelpers::showerror(1179, $e->getMessage());
    //	}
} else {
    APIHelpers::showerror(1180, 'not found parameter id');
}
APIHelpers::endpage($response);
예제 #23
0
파일: list.php 프로젝트: azizjonm/fhq 
			WHERE
				gameid = ?
				' . $filter_by_state . '
				' . $filter_by_score . '
			GROUP BY
				quest.subject
	');
    $stmt->execute(array(APIGame::id()));
    while ($row = $stmt->fetch()) {
        $response['subjects'][$row['subject']] = $row['cnt'];
    }
} catch (PDOException $e) {
    APIHelpers::showerror(1100, $e->getMessage());
}
/*$userid = APIHelpers::getParam('userid', 0);*/
$params = array(APISecurity::userid(), APIGame::id());
// filter by status
$arrWhere_status = array();
if ($response['filter']['open']) {
    $arrWhere_status[] = '(isnull(users_quests.dt_passed))';
}
if ($response['filter']['completed']) {
    $arrWhere_status[] = '(not isnull(users_quests.dt_passed))';
}
$where_status = '';
if (count($arrWhere_status) > 0) {
    $where_status = ' AND (' . implode(' OR ', $arrWhere_status) . ')';
}
// filter by subjects
$filter_subjects = getParam('filter_subjects', '');
$filter_subjects = explode(',', $filter_subjects);
예제 #24
0
파일: insert.php 프로젝트: azizjonm/fhq 
 * API_INPUT: description - string, some description of the game
 * API_INPUT: state - string, look types (copy, unlicensed copy and etc.)
 * API_INPUT: form - string, look types (online or offline)
 * API_INPUT: organizators - string, who make this game
 */
$curdir_games_insert = dirname(__FILE__);
include_once $curdir_games_insert . "/../api.lib/api.helpers.php";
include_once $curdir_games_insert . "/../../config/config.php";
include_once $curdir_games_insert . "/../api.lib/api.base.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
$conn = APIHelpers::createConnection($config);
if (!APISecurity::isAdmin()) {
    APIHelpers::showerror(1160, 'access denie. you must be admin.');
}
$columns = array('uuid' => 'generate', 'title' => 'Unknown', 'logo' => '', 'type_game' => 'jeopardy', 'date_start' => '0000-00-00 00:00:00', 'date_stop' => '0000-00-00 00:00:00', 'date_restart' => '0000-00-00 00:00:00', 'description' => '', 'state' => 'Unlicensed copy', 'form' => 'online', 'owner' => APISecurity::userid(), 'organizators' => '');
$param_values = array();
$values_q = array();
$title = '';
foreach ($columns as $k => $v) {
    $values_q[] = '?';
    if ($k == 'owner') {
        $param_values[$k] = $v;
    } else {
        if (APIHelpers::issetParam($k)) {
            $param_values[$k] = APIHelpers::getParam($k, $v);
        } else {
            APIHelpers::showerror(1161, 'not found parameter "' . $k . '"');
        }
    }
}
예제 #25
0
파일: list.php 프로젝트: azizjonm/fhq 
$page = APIHelpers::getParam('page', 0);
if (!is_numeric($page)) {
    APIHelpers::showerror(1234, 'parameter "page" must be numeric');
}
$response['data']['page'] = intval($page);
// onpage
$onpage = APIHelpers::getParam('onpage', 25);
if (!is_numeric($onpage)) {
    APIHelpers::showerror(1235, 'parameter "onpage" must be numeric');
}
$response['data']['onpage'] = intval($onpage);
$filter_where = array();
$filter_values = array();
if (!APISecurity::isAdmin()) {
    $filter_where[] = 'fb.userid = ?';
    $filter_values[] = APISecurity::userid();
}
$response['access'] = APISecurity::isAdmin();
$where = '';
if (count($filter_where) > 0) {
    $where = ' WHERE ' . implode(' AND ', $filter_where);
}
$conn = APIHelpers::createConnection($config);
$response['result'] = 'ok';
// count feedback
try {
    $stmt = $conn->prepare('
			SELECT
				count(*) as cnt
			FROM 
				feedback fb