public function create($mundane_id) { if (trimlen($this->request->Action) > 0) { $this->request->save('Unit_create', true); if (!isset($this->session->user_id)) { header('Location: ' . UIR . 'Login/login/Unit/create/' . $mundane_id); } else { if ($_FILES['Heraldry']['size'] > 0 && Common::supported_mime_types($_FILES['Heraldry']['type'])) { if (move_uploaded_file($_FILES['Heraldry']['tmp_name'], DIR_TMP . sprintf("um_%05d", $mundane_id))) { $h_im = file_get_contents(DIR_TMP . sprintf("um_%05d", $mundane_id)); $h_imdata = base64_encode($h_im); } else { $Status = ['Status' => 1000, 'Error' => 'File IO Error', 'Detail' => 'File could not be moved to .../tmp']; } } $r = $this->Unit->create_unit(['Heraldry' => $h_imdata, 'HeraldryMimeType' => $_FILES['Heraldry']['type'], 'Name' => $this->request->Unit_create->Name, 'Type' => $this->request->Unit_create->Type, 'Description' => $this->request->Unit_create->Description, 'History' => $this->request->Unit_create->History, 'Url' => $this->request->Unit_create->Url, 'Token' => $this->session->token, 'MundaneId' => $mundane_id]); if ($r['Status'] == 0) { $this->request->clear('Unit_create'); header('Location: ' . UIR . 'Unit/index/' . $r['Detail']); } else { if ($r['Status'] == 5) { header('Location: ' . UIR . 'Login/login/Unit/create/' . $mundane_id); } else { $this->data['Error'] = $r['Error'] . ':<p>' . $r['Detail']; } } } } if ($this->request->exists('Unit_create')) { $this->data['Unit_create'] = $this->request->Unit_create->Request; } $this->data['MundaneId'] = $mundane_id; }
public function Authorize_app($request) { $response = []; if (trimlen($request['Token']) == 0) { if (($app_id = $this->ApplicationIsAuthorized($request)) > 0) { $this->app_auth->clear(); $this->app_auth->application_id = $app_id; $this->app_auth->appauthkey = $request['ApplicationAuthorizationKey']; $this->app_auth->approved = 'approved'; if ($this->app_auth->find()) { $this->mundane->clear(); $this->mundane->mundane_id = $this->app_auth->mundane_id; if ($this->mundane->find()) { if ($this->mundane->penalty_box == 1) { $response['Status'] = NoAuthorization(); } else { $this->app_auth->token = md5($request['Password'] . microtime()); $this->app_auth->token_expires = date('c', time() + LOGIN_TIMEOUT); $this->app_auth->save(); $response['Status'] = Success(); $response['Token'] = $this->app_auth->token; $response['UserId'] = $this->app_auth->mundane_id; $response['Timeout'] = $this->app_auth->token_expires; } } else { $response['Status'] = ProcessingError(); } } else { $response['Status'] = InvalidParameter(); } } else { $response['Status'] = NoAuthorization(); } } else { // find the token & refresh it $this->app_auth->clear(); $this->app_auth->token = $request['Token']; if ($this->app_auth->find()) { $this->mundane->clear(); $this->mundane->mundane_id = $this->app_auth->mundane_id; if ($this->mundane->find()) { if ($this->mundane->penalty_box == 1) { $response['Status'] = NoAuthorization(); } else { if (strtotime($this->mundane->token_expires) > time()) { $this->app_auth->token = md5($request['Password'] . microtime()); $this->app_auth->token_expires = date('c', time() + LOGIN_TIMEOUT); $this->app_auth->save(); $response['Status'] = Success(); $response['Token'] = $this->app_auth->token; $response['UserId'] = $this->app_auth->mundane_id; $response['Timeout'] = $this->app_auth->token_expires; } else { $response['Status'] = InvalidParameter(null, "Token has expired: " . strtotime($this->mundane->token_expires) . ' <= ' . time()); $response['Status']['Detail'] = $request['Token']; } } } else { $response['Status'] = ProcessingError(); } } else { $response['Status'] = InvalidParameter(null, "Token could not be found."); $response['Status']['Detail'] = $request['Token']; } } return $response; }
public function GetActivePlayers($request) { if (strlen($request['MinimumWeeklyAttendance']) == 0) { $request['MinimumWeeklyAttendance'] = 0; } if (strlen($request['MinimumDailyAttendance']) == 0) { $request['MinimumDailyAttendance'] = 6; } if (strlen($request['MonthlyCreditMaximum']) == 0) { $request['MonthlyCreditMaximum'] = 6; } if (strlen($request['MinimumCredits']) == 0) { $request['MinimumCredits'] = 9; } if (strlen($request['PerWeeks']) == 0 && strlen($request['PerMonths']) == 0) { $request['PerMonths'] = 6; } if (strlen($request['ReportFromDate']) == 0) { $request['ReportFromDate'] = 'curdate()'; } if (strlen($request['PerWeeks']) > 0) { $per_period = mysql_real_escape_string($request['PerWeeks']) . ' week'; } else { $per_period = mysql_real_escape_string($request['PerMonths']) . ' month'; } if (valid_id($request['ParkId'])) { $location = " and m.park_id = '" . mysql_real_escape_string($request['ParkId']) . "'"; $duesclause = "a.park_id = '" . mysql_real_escape_string($request['ParkId']) . "'"; if (valid_id($request['ByLocalPark'])) { $park_comparator = " and a.park_id = '" . mysql_real_escape_string($request['ParkId']) . "' "; } } else { if (strlen($request['KingdomId']) > 0 && $request['KingdomId'] > 0) { $location = " and m.kingdom_id = '" . mysql_real_escape_string($request['KingdomId']) . "'"; $duesclause = "a.kingdom_id = '" . mysql_real_escape_string($request['KingdomId']) . "'"; if (valid_id($request['ByKingdom'])) { $park_list = Ork3::$Lib->Kingdom->GetParks($request); $parks = array(); foreach ($park_list['Parks'] as $p => $park) { $parks[] = $p['ParkId']; } $park_comparator = " and a.park_id in (" . implode($parks) . ") "; } } else { $park_comparator = ""; } } if ($request['KingdomId'] > 0 || $request['ParkId'] > 0) { if ($request['DuesPaid']) { $has_dues = "and s.is_dues = 1"; } $duespaid_clause = "\n\t\t\t\t\tleft join \n\t\t\t\t\t\t(select distinct case split_id when null then 0 else 1 end as split_id, src_mundane_id \n\t\t\t\t\t\t\tfrom " . DB_PREFIX . "split s \n\t\t\t\t\t\t\tleft join " . DB_PREFIX . "account a on s.account_id = a.account_id \n\t\t\t\t\t\t\t\tand {$duesclause}\n\t\t\t\t\t\t\t\t{$has_dues}\n\t\t\t\t\t\t\twhere s.dues_through > curdate()) dues on attendance_summary.mundane_id = dues.src_mundane_id\n\t\t\t"; $duespaid_field = ', ifnull(split_id,0) as duespaid'; $duespaid_order = 'duespaid desc, '; } if (trimlen($request['Peerage']) > 0) { $peerage = "\n left join\n (select distinct awards.mundane_id, award.peerage \n from " . DB_PREFIX . "awards awards\n left join " . DB_PREFIX . "kingdomaward ka on ka.kingdomaward_id = awards.kingdomaward_id\n left join " . DB_PREFIX . "award award on ka.award_id = award.award_id\n left join " . DB_PREFIX . "mundane m on awards.mundane_id = m.mundane_id\n where award.peerage = '" . mysql_real_escape_string($request['Peerage']) . "' and awards.mundane_id > 0 {$location}\n group by awards.mundane_id\n ) peers on attendance_summary.mundane_id = peers.mundane_id\n "; $peerage_clause = "and peers.peerage = '" . mysql_real_escape_string($request['Peerage']) . "'"; $peer_field = 'peers.peerage, '; } if ($request['Waivered']) { $waiver_clause = ' and m.waivered = 1'; } else { if ($request['UnWaivered']) { $waiver_clause = ' and m.waivered = 0'; } } $sql = "\n select main_summary.*, total_monthly_credits, credit_counts.daily_credits, credit_counts.rop_limited_credits\n from\n (select \n \t\t\t\t\t\t{$peer_field} count(week) as weeks_attended, sum(weekly_attendance) as park_days_attended, sum(daily_attendance) as days_attended, sum(credits_earned) total_credits, attendance_summary.mundane_id, \n \t\t\t\t\t\t\tmundane.persona, kingdom.kingdom_id, park.park_id, kingdom.name kingdom_name, kingdom.parent_kingdom_id, park.name park_name, attendance_summary.waivered {$duespaid_field}\n \t\t\t\t\tfrom\n \t\t\t\t\t\t(select \n \t\t\t\t\t\t\t\ta.park_id > 0 as weekly_attendance, count(a.park_id > 0) as daily_attendance, a.mundane_id, \n week(a.date,3) as week, year(a.date) as year, a.kingdom_id, a.park_id, max(credits) as credits_earned, m.waivered \n \t\t\t\t\t\t\tfrom " . DB_PREFIX . "attendance a\n \t\t\t\t\t\t\t\tleft join " . DB_PREFIX . "mundane m on a.mundane_id = m.mundane_id\n \t\t\t\t\t\t\twhere \n date > adddate(curdate(), interval -{$per_period}) {$park_comparator} {$location} {$waiver_clause}\n \t\t\t\t\t\t\tgroup by week(date,3), year(date), mundane_id) attendance_summary \n \t\t\t\t\tleft join " . DB_PREFIX . "mundane mundane on mundane.mundane_id = attendance_summary.mundane_id\n \t\t\t\t\t\tleft join " . DB_PREFIX . "kingdom kingdom on kingdom.kingdom_id = mundane.kingdom_id\n \t\t\t\t\t\tleft join " . DB_PREFIX . "park park on park.park_id = mundane.park_id\n \t\t\t\t\t{$duespaid_clause}\n {$peerage}\n \t\t\t\t\tgroup by mundane_id\n \t\t\t\t\thaving\n \t\t\t\t\t\tweeks_attended >= '" . mysql_real_escape_string($request['MinimumWeeklyAttendance']) . "'\n and days_attended >= '" . mysql_real_escape_string($request['MinimumDailyAttendance']) . "'\n and total_credits >= '" . mysql_real_escape_string($request['MinimumCredits']) . "'\n {$peerage_clause}\n \t\t\t\t\torder by {$duespaid_order} kingdom_name, park_name, persona) main_summary\n left join\n (select mundane_id, sum(monthly_credits) as total_monthly_credits\n from\n (select \n \t\t\t\t\t\t\tleast(sum(credits), " . mysql_real_escape_string($request['MonthlyCreditMaximum']) . ") as monthly_credits, a.mundane_id\n \t\t\t\t\t\t\tfrom ork_attendance a\n \t\t\t\t\t\t\t\tleft join ork_mundane m on a.mundane_id = m.mundane_id\n \t\t\t\t\t\t\twhere \n date > adddate(curdate(), interval -{$per_period}) {$location} {$waiver_clause}\n \t\t\t\t\t\t\tgroup by month(date), year(date), mundane_id) monthly_list\n group by monthly_list.mundane_id) monthly_summary on main_summary.mundane_id = monthly_summary.mundane_id\n left join\n (select mundane_id, sum(daily_credits) as daily_credits, sum(rop_limited_credits) as rop_limited_credits\n from \n (select least(" . mysql_real_escape_string($request['MonthlyCreditMaximum']) . ", sum(daily_credits)) as daily_credits, least(" . mysql_real_escape_string($request['MonthlyCreditMaximum']) . ", sum(rop_credits)) rop_limited_credits, mundane_id\n from\n (select \n \t\t\t\t\t\t\tmax(credits) as daily_credits, 1 as rop_credits, a.mundane_id, a.date\n \t\t\t\t\t\t\tfrom ork_attendance a\n \t\t\t\t\t\t\t\tleft join ork_mundane m on a.mundane_id = m.mundane_id\n \t\t\t\t\t\t\twhere \n date > adddate(curdate(), interval -{$per_period}) {$location} {$waiver_clause}\n \t\t\t\t\t\t\tgroup by dayofyear(date), year(date), mundane_id) credit_list_source\n \t\t\t\t\t group by mundane_id, month(`date`)) credit_list\n group by credit_list.mundane_id) credit_counts on main_summary.mundane_id = credit_counts.mundane_id\n\t\t\t\t\t"; // For last join, need to limit monthly credits to monthly credit maximum per kingdom config logtrace('Report: GetActivePlayers', array($request, $sql)); $r = $this->db->query($sql); $report = array(); if ($r !== false && $r->size() > 0) { do { $report[] = array('KingdomName' => $r->kingdom_name, 'KingdomId' => $r->kingdom_id, 'ParentKingdomId' => $r->parent_kingodm_id, 'ParkName' => $r->park_name, 'ParkId' => $r->park_id, 'Persona' => $r->persona, 'MundaneId' => $r->mundane_id, 'TotalCredits' => $r->total_credits, 'TotalMonthlyCredits' => $r->total_monthly_credits, 'WeeksAttended' => $r->weeks_attended, 'ParkDaysAttended' => $r->park_days_attended, 'DaysAttended' => $r->days_attended, 'DailyCredits' => $r->daily_credits, 'RopLimitedCredits' => $r->rop_limited_credits, 'DuesPaid' => $r->duespaid, 'Waivered' => $r->waivered); } while ($r->next()); } $response = array('Status' => Success(), 'ActivePlayerSummary' => $report); return $response; }
public function __call($class, $arguments) { if (count($arguments) == 2) { if (is_callable($arguments[1])) { $this->callback["{$class}/{$arguments['0']}"] = $arguments[1]; $definition = $this->get_default_definition($arguments[1]); $this->{$class}($arguments[0], $definition); } else { if (trimlen($arguments[0]) > 0) { if (!isset($this->definitions[$class])) { $this->definitions[$class] = array(); } $this->definitions[$class][$arguments[0]] = $arguments[1]; } } } }
public function UpdatePlayer($request) { logtrace("UpdatePlayer()", $request); $mundane = $this->player_info($request['MundaneId']); $requester_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']); if (trimlen($request['UserName']) > 0) { $this->mundane->clear(); $this->mundane->username = $request['UserName']; if ($this->mundane->find()) { if ($this->mundane->mundane_id != $request['MundaneId']) { return InvalidParameter('This username is already in use.'); } } } $notices = ''; if (valid_id($requester_id) && Ork3::$Lib->authorization->HasAuthority($requester_id, AUTH_PARK, $mundane['ParkId'], AUTH_CREATE) || $requester_id == $request['MundaneId']) { if (Ork3::$Lib->authorization->HasAuthority($request['MundaneId'], AUTH_ADMIN, 0, AUTH_EDIT) && !Ork3::$Lib->authorization->HasAuthority($requester_id, AUTH_ADMIN, 0, AUTH_EDIT)) { die("You have attempted an illegal operation. Your attempt has been logged."); } $this->mundane->clear(); $this->mundane->mundane_id = $request['MundaneId']; if ($this->mundane->find()) { logtrace('Updating player', $request); $this->mundane->modified = date('Y-m-d H:i:s', time()); $this->mundane->given_name = is_null($request['GivenName']) ? $this->mundane->given_name : $request['GivenName']; $this->mundane->surname = is_null($request['Surname']) ? $this->mundane->surname : $request['Surname']; $this->mundane->other_name = is_null($request['OtherName']) ? $this->mundane->other_name : $request['OtherName']; $this->mundane->username = is_null($request['UserName']) ? $this->mundane->username : $request['UserName']; $this->mundane->persona = is_null($request['Persona']) ? $this->mundane->persona : $request['Persona']; $this->mundane->save(); $this->set_waiver($request); $this->mundane->save(); $this->set_image($request); $this->mundane->save(); logtrace("Mundane DB 1", $this->mundane); $this->mundane->email = is_null($request['Email']) ? $this->mundane->email : $request['Email']; if (trimlen($request['Password']) > 0) { logtrace("Update password", $request['Password']); $this->mundane->password_expires = date("Y-m-d H:i:s", time() + 60 * 60 * 24 * 365 * 2); $salt = md5(rand() . microtime() . $this->mundane->email); $this->mundane->password_salt = $salt; Authorization::SaltPassword($salt, strtoupper(trim($this->mundane->username)) . trim($request['Password']), $this->mundane->password_expires); } else { logtrace("No password update", $request['Password']); } logtrace("Mundane DB 2", $this->mundane); $this->mundane->restricted = is_null($request['Restricted']) ? $this->mundane->restricted : $request['Restricted'] ? 1 : 0; if (Ork3::$Lib->authorization->HasAuthority($requester_id, AUTH_PARK, $mundane['ParkId'], AUTH_CREATE)) { $this->mundane->active = is_null($request['Active']) ? $this->mundane->restricted : $request['Active'] ? 1 : 0; } if (strlen($request['Heraldry'])) { Ork3::$Lib->heraldry->SetPlayerHeraldry($request); } logtrace("Player Updated", array($request, $this->mundane->lastSql())); $this->mundane->save(); return Success($notices); } else { logtrace('No Player found.', null); return InvalidParameter(); } } else { logtrace('No Authorization found.', null); return NoAuthorization(); } }
public function createpark($params = null) { $params = explode('/', $params); if ('submit' == $params[0]) { $post = 'submit'; $this->data['KingdomId'] = $this->session->kingdom_id; } else { if ('park' == $params[0]) { $park_id = $params[1]; $this->data['ParkId'] = $park_id; $this->data['KingdomId'] = $this->session->kingdom_id; } else { if ('kingdom' == $params[0]) { $kingdom_id = $params[1]; $this->data['KingdomId'] = $kingdom_id; } } } logtrace('createpark', $params); if (strlen($post) > 0) { $this->request->save('Admin_createpark', true); if (!isset($this->session->user_id)) { header('Location: ' . UIR . 'Login/login/Admin/createpark' . ($post != null ? '/' . $post : '')); } else { if (trimlen($this->request->Admin_createpark->Name) == 0) { $this->data['Error'] = "Park must have a name."; } else { if (trimlen($this->request->Admin_createpark->Abbreviation) == 0) { $this->data['Error'] = "Park must have an abbreviation."; } else { if (!valid_id($this->request->Admin_createpark->kingdom_id)) { $this->data['Error'] = "Somehow, a Kingdom was not selected. Good luck with that."; } else { if (!valid_id($this->request->Admin_createpark->ParkTitleId)) { $this->data['Error'] = "Parks must have a title."; } else { $r = $this->Park->create_park(['Token' => $this->session->token, 'Name' => $this->request->Admin_createpark->Name, 'Abbreviation' => $this->request->Admin_createpark->Abbreviation, 'KingdomId' => $this->session->kingdom_id, 'ParkTitleId' => $this->request->Admin_createpark->ParkTitleId]); if ($r['Status'] == 0) { $this->request->clear('Admin_createpark'); //header( 'Location: '.UIR.'Park/index/'.$r['Detail'] ); } else { if ($r['Status'] == 5) { header('Location: ' . UIR . 'Login/login/Admin/createpark' . ($post != null ? '/' . $post : '')); } else { $this->data['Error'] = $r['Error'] . ':<p>' . $r['Detail']; } } } } } } } } $this->data['ParkTitleId_options'] = []; $r = $this->Kingdom->get_kingdom_details($this->session->kingdom_id); foreach ($r['ParkTitles'] as $key => $detail) { $this->data['ParkTitleId_options'][$detail['ParkTitleId']] = $detail['Title']; } if ($this->request->exists('Admin_createpark')) { $this->data['Admin_createpark'] = $this->request->Admin_createpark->Request; } }
public function SetEvent($request) { $mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']); if (valid_id($mundane_id) && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_EVENT, $request['EventId'], AUTH_EDIT)) { $this->event->clear(); $this->event->event_id = $request['EventId']; $response = array(); if (valid_id($request['EventId']) && $this->event->find()) { if (is_numeric($request['KingdomId'])) { $this->event->kingdom_id = $request['KingdomId']; } if (is_numeric($request['ParkId'])) { $this->event->park_id = $request['ParkId']; $p = Ork3::$Lib->park->GetParkShortInfo(array('ParkId' => $request['ParkId'])); if ($p['Status']['Status'] != 0) { return $p['Status']; } else { $this->event->kingdom_id = $p['KingdomId']; } } if (is_numeric($request['MundaneId'])) { $this->event->mundane_id = $request['MundaneId']; } if (is_numeric($request['UnitId'])) { $this->event->unit_id = $request['UnitId']; } if (trimlen($request['Name'])) { $this->event->name = $request['Name']; } $this->event->save(); Ork3::$Lib->heraldry->SetEventHeraldry($request); logtrace("SetEvent", array($request, $this->event)); return Success(); } else { return InvalidParameter('Event Id is not a valid id.'); } } else { return NoAuthorization(); } }
public function SetParkDetails($request) { logtrace("SetParkDetails", $request); $response = array(); $this->park->clear(); if (trimlen($request['Name']) > 0) { $this->park->name = trim($request['Name']); if ($this->park->find()) { if ($this->park->park_id != $request['ParkId']) { return InvalidParameter('This park name already exists.'); } } } $this->park->clear(); $this->park->park_id = $request['ParkId']; if ($this->park->find()) { if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token'])) > 0 && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_PARK, $request['ParkId'], AUTH_EDIT)) { $this->log->Write('Park', $mundane_id, LOG_EDIT, $request); $this->park->modified = date("Y-m-d H:i:s", time()); if (Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_KINGDOM, $this->park->kingdom_id, AUTH_EDIT)) { $this->park->name = trimlen($request['Name']) == 0 ? $this->park->name : $request['Name']; $this->park->abbreviation = trimlen($request['Abbreviation']) == 0 ? $this->park->abbreviation : $request['Abbreviation']; $parktitle = new yapo($this->db, DB_PREFIX . 'parktitle'); $parktitle->clear(); if (isset($request['ParkTitleId']) && $request['ParkTitleId'] != $this->park->parktitle_id) { $parktitle->parktitle_id = $request['ParkTitleId']; if ($parktitle->find()) { $this->park->parktitle_id = $request['ParkTitleId']; } } $this->park->active = trimlen($request['Active']) == 0 ? $this->park->active : $request['Active']; } $address_change = false; if (isset($request['Address']) && ($this->park->address != $request['Address'] || trimlen($this->park->location) == 0)) { $address_change = true; } $this->park->url = isset($request['Url']) ? $request['Url'] : $this->park->url; $this->park->address = isset($request['Address']) ? $request['Address'] : $this->park->address; $this->park->city = isset($request['City']) ? $request['City'] : $this->park->city; $this->park->province = isset($request['Province']) ? $request['Province'] : $this->park->province; $this->park->postal_code = isset($request['PostalCode']) ? $request['PostalCode'] : $this->park->postal_code; $this->park->directions = isset($request['Directions']) ? $request['Directions'] : $this->park->directions; $this->park->description = isset($request['Description']) ? $request['Description'] : $this->park->description; $this->park->map_url = isset($request['MapUrl']) ? $request['MapUrl'] : $this->park->map_url; $this->park->save(); $this->park->clear(); $this->park->park_id = $request['ParkId']; if ($this->park->find()) { if ($address_change) { if (isset($request['GeoCode']) && trimlen($request['GeoCode']) > 0) { $this->park_geocode_h($request['GeoCode']); } else { $this->park_geocode_h(); } } $response = Success(); if ($request['KingdomId'] > 0 && $this->park->kingdom_id != $request['KingdomId']) { // Seriously? You couldn't work it out somehow? // AKA Blackspire Code, AKA Golden Plains Exception if (Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_ADMIN, $request['KingdomId'], AUTH_ADMIN)) { $this->park->kingdom_id = $request['KingdomId']; } else { $response = Warning('You do not have permissions to move this Park [' . $this->park->park_id . ', ' . $this->park->kingdom_id . '] to another Kingdom [' . $request['KingdomId'] . '].'); } } if (strlen($request['Heraldry'])) { Ork3::$Lib->heraldry->SetParkHeraldry($request); } $this->park->save(); $response = Success($this->park->park_id); } else { $response = InvalidParameter('ParkId could not be found.'); } } else { $response = NoAuthorization('You do not have permissions to perform this action: ' . $mundane_id); } } else { $response = InvalidParameter('ParkId could not be found.'); } return $response; }