function Verify_SessionPassword($sid, $pass) { $query = SQL_Query("SELECT * FROM sessions WHERE sid = '{$sid}' AND pass = '******' LIMIT 1"); if ($query && SQL_GetNumRows($query)) { SQL_FreeQueryResult($query); return true; } return false; }
// Initialise variables for the operation. // ================================================== $gid = $stream_values["gid"]; $limit = min($stream_values["limit"], $MAX_RESULTS); // ================================================== // Mark all expired sessions as closed. // ================================================== $query = SQL_Query($mysql_database, "UPDATE matchmaking SET state = {$STATUS_TIMEOUT} WHERE state = {$STATUS_ACTIVE} AND expiry < {$current_time}"); // ================================================== // Find all relevant sessions. // ================================================== $query = SQL_Query($mysql_database, "SELECT sid, ip, title, tslots, uslots, info " . "FROM matchmaking " . "WHERE gid = '{$gid}' " . "AND state = {$STATUS_ACTIVE} " . "AND expiry > {$current_time} " . "LIMIT {$limit}"); if (!$query) { Result_Error($ERROR_QUERY_FAILED); } $num_results = SQL_GetNumRows($query); if (!$num_results) { Result_Error($ERROR_NO_RESULTS); } Result_Success(); Result_Value("results", $num_results); $index = 0; while ($row = SQL_FetchRow($query)) { Result_Value("sid:" . $index, $row['sid']); Result_Value("ip:" . $index, $row['ip']); Result_Value("title:" . $index, $row['title']); Result_Value("tslots:" . $index, $row['tslots']); Result_Value("uslots:" . $index, $row['uslots']); Result_Value("info:" . $index, $row['info']); $index++; }
// ================================================== // Verify all input data. // ================================================== // Verify that the session id is valid. // Verify that the title is valid. // Verify that the slots are valid. // Verify that the info is valid. // ================================================== // Check the credentials of the session. // ================================================== // Check that an active session from this IP does not already exist. $query = SQL_Query($mysql_database, "SELECT * FROM matchmaking WHERE owner = '{$owner}' AND expiry > {$time} AND state = {$STATUS_ACTIVE} LIMIT 1"); if (SQL_GetNumRows($query)) { Result_Error($ERROR_OWNER_EXISTS); } SQL_FreeQueryResult($query); // Check that this session ID does not already exist. $query = SQL_Query($mysql_database, "SELECT * FROM matchmaking WHERE sid = '{$sid}' LIMIT 1"); if (SQL_GetNumRows($query)) { Result_Error($ERROR_SESSION_EXISTS); } SQL_FreeQueryResult($query); // ================================================== // Add the session to the database. // ================================================== $query = SQL_Query($mysql_database, "INSERT INTO matchmaking " . "VALUES " . "(" . "0, " . "'{$gid}', " . "'{$sid}', " . "{$time}, " . "{$expiry}, " . "'{$owner}', " . "'{$pass}', " . "'{$ip}', " . "{$port}, " . "{$state}, " . "'{$title}', " . "{$tslots}, " . "{$uslots}, " . "'{$players}', " . "'{$info}'" . ")"); if (!$query) { Result_Error($ERROR_QUERY_FAILED); } Result_Success(); Result_Value("pass", $pass);