$email = strtolower(mysqli_real_escape_string($con, $_POST["email"]));
$cell = mysqli_real_escape_string($con, $_POST["cell"]);
$pass = mysqli_real_escape_string($con, $_POST["pass"]);
$firstPeriod = mysqli_real_escape_string($con, $_POST["1st"]);
$eighthPeriod = mysqli_real_escape_string($con, $_POST["8th"]);
$club = mysqli_real_escape_string($con, $_POST["club"]);
$zombie = isset($_POST["zombie"]) ? 1 : 0;
$share = isset($_POST["share"]) ? 1 : 0;
//Make sure email is unused.
if (mysqli_num_rows(mysqli_query($con, "select * from users where email='" . $email . "'")) != 0) {
die("<script type=\"text/javascript\"> alert(\"This email is already registered.\")</script>");
}
//Find an unused ID
$id = genId(25);
while (mysqli_num_rows(mysqli_query($con, "select * from users where ID='" . $id . "'")) != 0) {
$id = genId(25);
}
//Check file size and errors
if ($_FILES["pic"]["size"] > 2000000) {
die("<script type=\"text/javascript\"> alert(\"Sorry, your picture is too big. Please select another.\")</script>");
}
if ($_FILES["pic"]["error"] > 0) {
echo $_FILES["pic"]["error"];
die("<script type=\"text/javascript\"> alert(\"Sorry, there were errors uploading your picture. Please try again.\")</script>");
}
if ($_FILES["pic"]["type"] == "applicaton/octet-stream") {
die("<script type=\"text/javascript\"> alert(\"Sorry, there were errors uploading your picture. Please try again.\")</script>");
}
//Upload picture
$exp = explode(".", $_FILES["pic"]["name"]);
$ext = end($exp);
function check()
{
//Do game check
//Get globals from calling page
global $id, $game, $con, $user;
//Check if user id is in game table
$res = mysqli_query($con, "select * from _" . $game . " where id='" . $id . "'") or die("There seems to be a problem with the database. Please try again later.");
$arr = mysqli_fetch_array($res, MYSQLI_BOTH);
$status = $arr[1];
$user['idCard'] = $arr[2];
$user['Kills'] = $arr[3];
$user['Team'] = $arr[4];
//Check if the game has started
$res = mysqli_query($con, "select status from schedule where Start='" . substr($game, 0, 4) . "-" . substr($game, 4, 2) . "-" . substr($game, 6, 2) . "'") or die("There seems to be a problem with the database. Please try again later.");
$hasStarted = mysqli_fetch_array($res, MYSQLI_BOTH);
//Check if user is signed up
if ($status == "") {
//Check if the game has started
if ($hasStarted[0] == 0) {
//If it hasn't started, check if they already clicked the button.
if (isset($_GET['signup'])) {
//Trying to sign up. Check if they're creating or joining
if (isset($_GET['create'])) {
//They're creating.
//parse team and pass
$team = mysqli_real_escape_string($con, $_GET['team']);
$pass = mysqli_real_escape_string($con, $_GET['pass']);
//Find an unused ID
$idCard = genId(7);
while (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "'")) != 0) {
$idCard = genId(7);
}
//Make sure the name isn't taken
if (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where Team='" . $team . "'")) != 0) {
die("Sorry, that team name is taken. Please try again. <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>");
}
//Add the team name to roster
mysqli_query($con, "insert into _" . $game . "_roster values('" . $team . "', 'none')") or die("There seems to be a problem with the database. Pleas try again later. \n\t\t\t\t\t\t<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>");
//Add them to the game table
if (mysqli_query($con, "insert into _" . $game . " values('" . $id . "', 1, '" . $idCard . "', 0, '" . $team . "', '" . $pass . "')")) {
die("You've been added to the game. Your ID is <y>" . $idCard . "</y>. Write this down on your notecard now. If ressurected, you will receive a new ID. Click <a href='home.php?game=" . $game . "'>here</a> to continue to the game's page.");
} else {
die("There's something wrong with the database. Please try again later.");
}
} else {
//Joining
//Parse team and password
$team = mysqli_real_escape_string($con, $_GET['team']);
$pass = mysqli_real_escape_string($con, $_GET['pass']);
//Check password
$realPass = mysqli_fetch_array(mysqli_query($con, "select pass from _" . $game . " where Team='" . $team . "'"), MYSQLI_BOTH);
if ($realPass[0] != $pass) {
die("Sorry, that password is incorrect. Please try again. <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>");
}
//Find an unused ID
$idCard = genId(7);
while (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "'")) != 0) {
$idCard = genId(7);
}
if (mysqli_query($con, "insert into _" . $game . " values('" . $id . "', 1, '" . $idCard . "', 0, '" . $team . "', '" . $pass . "')")) {
die("You've been added to the game. Your ID is <y>" . $idCard . "</y>. Write this down on your notecard now. If you are ressurected, you will receive a new ID. Click <a href='home.php?game=" . $game . "'>here</a> to continue to the game's page.");
} else {
die("There's something wrong with the database. Please try again later.");
}
}
} else {
//Get the different team names
$res = mysqli_query($con, "select Team from _" . $game . "_roster");
$teamOptions = "";
while ($team = mysqli_fetch_array($res, MYSQLI_NUM)) {
$teamOptions .= "<option value=\"" . $team[0] . "\">" . $team[0] . "</option>";
}
die("You aren't signed up for the game scheduled to start on " . convertDate($game) . ". You may either:\n\t\t\t\t\t\t<div>\n\t\t\t\t\t\t\t<div class=\"leftMiddle\">\n\t\t\t\t\t\t\t\t<h2 style=\"font-family: Arial, Helvetica, sans-serif;\">Join a Team</h2>\n\t\t\t\t\t\t\t\t<form method=\"get\">\n\t\t\t\t\t\t\t\t\tTeam: <select name=\"team\">" . $teamOptions . "</select><br>\n\t\t\t\t\t\t\t\t\tPass: <input type=\"password\" name=\"pass\"></input>\n\t\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"signup\" value=\"true\"><br>\n\t\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"game\" value=\"" . $game . "\">\n\t\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"join\" value=\"Join\">\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t<div class=\"rightMiddle\">\n\t\t\t\t\t\t\t\t<h2 style=\"font-family: Arial, Helvetica, sans-serif;\">Create a Team</h2>\n\t\t\t\t\t\t\t\t<form method=\"get\" action=\"home.php\">\n\t\t\t\t\t\t\t\t\tTeam Name: <input type=\"text\" name=\"team\"></input><br>\n\t\t\t\t\t\t\t\t\tPass: <input type=\"text\" name=\"pass\"></input><br>\n\t\t\t\t\t\t\t\t\t(Share this password with your teammates to let them join your team)\n\t\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"signup\" value=\"true\"><br>\n\t\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"game\" value=\"" . $game . "\">\n\t\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"create\" value=\"Create\">\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t</div>\t\n\t\t\t\t\t\n\t\t\t\t\t\t<br>");
}
}
//If the game has started, tell them the bad news
die("Sorry, the game has already started. Please check the <a href='schedule.php'>schedule</a> for the other games.");
}
//If they are signed up, print their status and, for humans, id cards.
$actualStatus;
switch ($status) {
case -1:
$actualStatus = "a dead person. Sorry.";
break;
case 0:
$actualStatus = "rogue agent. Kill freely. ;)";
break;
case 1:
$actualStatus = "alive. Your id is " . $user['idCard'] . '. Good luck.';
break;
default:
$actualStatus = "dead person";
}
if (!isset($_POST["idCard"])) {
echo "This is the game that starts/started on " . convertDate($game) . ".<br> If you have any problems, please contact the <a href='admin.html'>admin</a>. <br><br>You are " . $actualStatus . "<br>";
}
if (($status == 1 or $status == 0) and $hasStarted[0] == 1) {
//Check if they've already submitted this form. If they have, kill that person.
if (isset($_POST['idCard'])) {
$idCard = mysqli_real_escape_string($con, $_POST['idCard']);
//Make sure that idCard is actually a player
$res = mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "' and status=1") or die("There seems to be a problem with the database. Please try again later.");
$arr = mysqli_fetch_array($res, MYSQLI_BOTH);
if ($arr[0] == "") {
die("Sorry, that person is either dead or non-existant. Try re-entering the code? <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>");
}
//Find the team of the target
$arr = mysqli_fetch_array(mysqli_query($con, "select team from _" . $game . " where idCard='" . $idCard . "'"));
$team = $arr[0];
//Find the user's target team
$arr = mysqli_fetch_array(mysqli_query($con, "select target from _" . $game . "_roster where Team='" . $user['Team'] . "'"));
$target = $arr[0];
//Make sure the target team and the team of the person being killed match
if ($target != $team) {
die("Sorry, that person is not one of your targets. Try re-entering the code? <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>");
}
//Kill the player
mysqli_query($con, "update _" . $game . " set status=-1 where idCard='" . $idCard . "'") or die("There seems to be a problem with the database. Please try again later. \n\t\t\t\t<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>");
//Give the user another kill
mysqli_query($con, "update _" . $game . " set kills=kills+1 where id='" . $id . "'") or die("We zombified the player, and gave you more days to live, but we couldn't increase your kill count.\n\t\t\t\t Please see the admin to fix this.<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php\"}, 4000);</script>");
//Check if that entire team is dead
if (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where Team='" . $team . "' and Status=1")) == 0) {
//The entire team is dead. Get the target team's target
$arr = mysqli_fetch_array(mysqli_query($con, "select Target from _" . $game . "_roster where Team='" . $target . "'"), MYSQLI_BOTH);
$newTarget = $arr[0];
//Set their new target as the user team's target
mysqli_query($con, "update _" . $game . "_roster set Target='" . $newTarget . "' where Team='" . $user['Team'] . "'") or die("There was a problem eliminating your target team. Please notify an admin.");
//Delete the eliminated team from the roster
mysqli_query($con, "delete from _" . $game . "_roster where Team='" . $team . "'") or die("There was a problem eliminating your target team. Please notify an admin.");
//Give all dead players a new ID
//Get dead players on user team
$res = mysqli_query($con, "select ID from _20130408 where Status=-1 and Team='" . $user['Team'] . "'") or die("There's a problem reviving your team. Please notify an admin.");
//Cycle through dead players
while ($player = mysqli_fetch_array($res, MYSQLI_BOTH)) {
//Find an unused ID
$idCard = genId(7);
while (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "'")) != 0) {
$idCard = genId(7);
}
//Set that as the player's new ID
mysqli_query($con, "update _20130408 set idCard='" . $idCard . "' where ID='" . $player[0] . "'") or die("There's a problem reviving your team. Please notify an admin.");
}
//Revive user's team
mysqli_query($con, "update _" . $game . " set status=1 where Team='" . $user['Team'] . "'") or die("There was a problem eliminating your target team. Please notify an admin.");
echo "You have eliminated team " . $team . " completely. Your team will be revived.<br>";
}
die("Nice job. Your kill count has been updated. <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script><br>");
}
//If the game has started, let people kill target
if ($hasStarted) {
echo "Was the assassination succesful? Put your target's ID here: <form action='home.php?game=" . $game . "' method='post'><input type='text' name='idCard'/><br><input type='submit'></form><br>";
}
}
}
function check()
{
//Do game check
global $con, $user, $game, $id;
//Check if user id is in game table
$res = mysqli_query($con, "select * from _" . $game . " where id='" . $id . "'") or die("There seems to be a problem with the database. Please try again later.");
$arr = mysqli_fetch_array($res, MYSQLI_BOTH);
$status = $arr[1];
$user['idCard'] = $arr[2];
$user['daysLeft'] = $arr[3];
$user['Kills'] = $arr[4];
//Check if the game has started
$res = mysqli_query($con, "select status from schedule where Start='" . substr($game, 0, 4) . "-" . substr($game, 4, 2) . "-" . substr($game, 6, 2) . "'") or die("There seems to be a problem with the database. Please try again later.");
$hasStarted = mysqli_fetch_array($res, MYSQLI_BOTH);
//Check if user is signed up
if ($status == "") {
//Check if the game has started
if ($hasStarted[0] == 0) {
//If it hasn't started, check if they already clicked the button. If they did, add them to the table.
if (isset($_GET['signup'])) {
//Find an unused ID
$idCard = genId(7);
while (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "'")) != 0) {
$idCard = genId(7);
}
if (mysqli_query($con, "insert into _" . $game . " values ('" . $id . "', 1, '" . $idCard . "', 3, 0)")) {
die("You've been added to the game. Your ID is <y>" . $idCard . "</y>. Write this down on your notecard now. Click <a href='home.php?game=" . $game . "'>here</a> to continue to the game's page.");
} else {
die("There's something wrong with the database. Please try again later.");
}
} else {
die("You aren't signed up for the game scheduled to start on " . convertDate($game) . ". To sign up, click <a href='home.php?game=" . $game . "&signup=true'>here</a>.<br>");
}
}
//If the game has started, tell them the bad news
die("Sorry, the game has already started. Please check the <a href='schedule.php'>schedule</a> for the other games.");
}
//If they are signed up, print their status and, for zombies, a place to input id cards.
$actualStatus;
switch ($status) {
case -1:
$actualStatus = "dead person. Sorry.";
break;
case 0:
$actualStatus = "zombie. You have " . $user["daysLeft"] . " (rounded up) days to live and have made " . $user["Kills"] . " kill(s).";
break;
case 1:
$actualStatus = "human. Your id is " . $user['idCard'] . '. Good luck.';
break;
default:
$actualStatus = "dead person";
}
if (!isset($_POST["idCard"])) {
echo "This is the game that starts/started on " . convertDate($game) . ".<br> If you have any problems, please contact the <a href='admin.html'>admin</a>. <br><br>You are a " . $actualStatus . "<br>";
}
if ($status == 0) {
//Check if they've already submitted this form. If they have, kill that person.
if (isset($_POST['idCard'])) {
$idCard = mysqli_real_escape_string($con, $_POST['idCard']);
//Make sure that idCard is actually a player
$res = mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "' and status=1") or die("There seems to be a problem with the database. Please try again later.");
$arr = mysqli_fetch_array($res, MYSQLI_BOTH);
if ($arr[0] == "") {
die("Sorry, that person is either dead or non-existant. Try re-entering the code? <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>");
}
//Kill the player
mysqli_query($con, "update _" . $game . " set status=0 where idCard='" . $idCard . "'") or die("There seems to be a problem with the database. Pleas try again later. \n\t\t\t\t<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>");
//Reset the user's days left
mysqli_query($con, "update _" . $game . " set daysLeft=3 where id='" . $id . "'") or die("We zombified the player, but we were unable to give you more days to live. Please see the admin to fix this. \n\t\t\t\t<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>");
//Give the user another kill
mysqli_query($con, "update _" . $game . " set kills=kills+1 where id='" . $id . "'") or die("We zombified the player, and gave you more days to live, but we couldn't increase your kill count.\n\t\t\t\t Please see the admin to fix this.<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php\"}, 4000);</script>");
die("Good job! You've eaten enough for another full two days, plus tonight.<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script><br>");
}
//If the game has started, let zombies kill people
if ($hasStarted) {
echo "Have you eaten lately? Put your victim's ID here: <form action='home.php?game=" . $game . "' method='post'><input type='text' name='idCard'/><br><input type='submit'></form><br>";
}
}
function show()
{
global $con, $user, $game, $id;
//Count number of respective types
$res = mysqli_query($con, "select count(*) from _" . $game . " where status=1") or die("There seems to be an error in our database. Please try again later.");
$arr = mysqli_fetch_array($res, MYSQLI_BOTH);
$numHumans = $arr[0];
$res = mysqli_query($con, "select count(*) from _" . $game . " where status=0") or die("There seems to be an error in our database. Please try again later.");
$arr = mysqli_fetch_array($res, MYSQLI_BOTH);
$numZombies = $arr[0];
$res = mysqli_query($con, "select count(*) from _" . $game . " where status=-1") or die("There seems to be an error in our database. Please try again later.");
$arr = mysqli_fetch_array($res, MYSQLI_BOTH);
$numDead = $arr[0];
$humans = array();
$zombies = array();
$dead = array();
$res = mysqli_query($con, "select First, Last, Pic, Kills, Thumb from _" . $game . " inner join users on _" . $game . ".id=users.id order by status, First") or die("There seems to be an error in our database. Please try again later.");
for ($i = 0; $i < $numDead; $i++) {
$dead[$i] = mysqli_fetch_array($res, MYSQLI_BOTH) or die("There seems to be an error in our database. Please try again later.");
}
$z = $i;
for ($i = 0; $i < $numZombies; $i++) {
$zombies[$i] = mysqli_fetch_array($res, MYSQLI_BOTH) or die("There seems to be an error in our database. Please try again later.");
}
$z = $i > $z ? $i : $z;
for ($i = 0; $i < $numHumans; $i++) {
$humans[$i] = mysqli_fetch_array($res, MYSQLI_BOTH) or die("There seems to be an error in our database. Please try again later.");
}
$z = $i > $z ? $i : $z;
for ($i = 0; $i < $z; $i++) {
echo "<tr>";
if (!isset($humans[$i])) {
echo "<td></td>";
} else {
echo "<td><a href='profile.php?first=" . $humans[$i]['First'] . "&last=" . $humans[$i]['Last'] . "&game=" . $game . "'><img src='Headshots/" . $humans[$i]['Thumb'] . "'/><br>" . $humans[$i]['First'] . " " . $humans[$i]['Last'] . "</a></td>\n";
}
if (!isset($zombies[$i])) {
echo "<td></td>";
} else {
echo "<td><a href='profile.php?first=" . $zombies[$i]['First'] . "&last=" . $zombies[$i]['Last'] . "&game=" . $game . "'><img src='Headshots/" . $zombies[$i]['Thumb'] . "'/><br><r>" . $zombies[$i]['First'] . " " . $zombies[$i]['Last'] . "</r></a></td>\n";
}
if (!isset($dead[$i][0])) {
echo "<td></td>";
} else {
echo "<td><a href='profile.php?first=" . $dead[$i]['First'] . "&last=" . $dead[$i]['Last'] . "&game=" . $game . "'><img src='Headshots/" . $dead[$i]['Thumb'] . "'/></a><br><g>" . $dead[$i]['First'] . " " . $dead[$i]['Last'] . "</g></a></td>\n";
}
echo "</tr>";
}
}
}
