function Verify_SessionPassword($sid, $pass)
{
$query = SQL_Query("SELECT * FROM sessions WHERE sid = '{$sid}' AND pass = '******' LIMIT 1");
if ($query && SQL_GetNumRows($query)) {
SQL_FreeQueryResult($query);
return true;
}
return false;
}
// Initialise variables for the operation.
// ==================================================
$gid = $stream_values["gid"];
$limit = min($stream_values["limit"], $MAX_RESULTS);
// ==================================================
// Mark all expired sessions as closed.
// ==================================================
$query = SQL_Query($mysql_database, "UPDATE matchmaking SET state = {$STATUS_TIMEOUT} WHERE state = {$STATUS_ACTIVE} AND expiry < {$current_time}");
// ==================================================
// Find all relevant sessions.
// ==================================================
$query = SQL_Query($mysql_database, "SELECT sid, ip, title, tslots, uslots, info " . "FROM matchmaking " . "WHERE gid = '{$gid}' " . "AND state = {$STATUS_ACTIVE} " . "AND expiry > {$current_time} " . "LIMIT {$limit}");
if (!$query) {
Result_Error($ERROR_QUERY_FAILED);
}
$num_results = SQL_GetNumRows($query);
if (!$num_results) {
Result_Error($ERROR_NO_RESULTS);
}
Result_Success();
Result_Value("results", $num_results);
$index = 0;
while ($row = SQL_FetchRow($query)) {
Result_Value("sid:" . $index, $row['sid']);
Result_Value("ip:" . $index, $row['ip']);
Result_Value("title:" . $index, $row['title']);
Result_Value("tslots:" . $index, $row['tslots']);
Result_Value("uslots:" . $index, $row['uslots']);
Result_Value("info:" . $index, $row['info']);
$index++;
}
// ==================================================
// Verify all input data.
// ==================================================
// Verify that the session id is valid.
// Verify that the title is valid.
// Verify that the slots are valid.
// Verify that the info is valid.
// ==================================================
// Check the credentials of the session.
// ==================================================
// Check that an active session from this IP does not already exist.
$query = SQL_Query($mysql_database, "SELECT * FROM matchmaking WHERE owner = '{$owner}' AND expiry > {$time} AND state = {$STATUS_ACTIVE} LIMIT 1");
if (SQL_GetNumRows($query)) {
Result_Error($ERROR_OWNER_EXISTS);
}
SQL_FreeQueryResult($query);
// Check that this session ID does not already exist.
$query = SQL_Query($mysql_database, "SELECT * FROM matchmaking WHERE sid = '{$sid}' LIMIT 1");
if (SQL_GetNumRows($query)) {
Result_Error($ERROR_SESSION_EXISTS);
}
SQL_FreeQueryResult($query);
// ==================================================
// Add the session to the database.
// ==================================================
$query = SQL_Query($mysql_database, "INSERT INTO matchmaking " . "VALUES " . "(" . "0, " . "'{$gid}', " . "'{$sid}', " . "{$time}, " . "{$expiry}, " . "'{$owner}', " . "'{$pass}', " . "'{$ip}', " . "{$port}, " . "{$state}, " . "'{$title}', " . "{$tslots}, " . "{$uslots}, " . "'{$players}', " . "'{$info}'" . ")");
if (!$query) {
Result_Error($ERROR_QUERY_FAILED);
}
Result_Success();
Result_Value("pass", $pass);
