function check_ticker_passcode($ticker, $code) { global $con; $codehash = hash_code($code); $sql = "SELECT * FROM tickers WHERE id=? AND code=?"; $stmt = $con->prepare($sql); $stmt->bindParam(1, $ticker); $stmt->bindParam(2, $codehash); $stmt->execute(); while ($row = $stmt->fetch()) { return true; } return false; }
/** * Creates a new liveticker. * @param string team_a The home team's name. * @param string team_b The guest team's name. * @param int duration Each game half's duration in minutes. * @param string name The game's name. * @param string location The game's location. * @param mixed[] players The players of both teams. Structure: {team => true/false, "number", "name"} * @param string code The passcode that can be used to manage this ticker. * @return int The newly created ticker's id, or null if the creation failed. */ function create_ticker($team_a, $team_b, $duration, $name, $location, $players, $code) { global $con; //value validation and sanitizing try { validate_duration($duration); validate_code($code); $players = sanitize_players($players); } catch (Exception $e) { return null; } $codehash = hash_code($code); //create ticker $sql = 'INSERT INTO tickers (`team_a`, `team_b`, `duration`, `name`, `location`, `code`) VALUES (?, ?, ?, ?, ?, ?)'; $stmt = $con->prepare($sql); $stmt->bindParam(1, $team_a); $stmt->bindParam(2, $team_b); $stmt->bindParam(3, $duration); $stmt->bindParam(4, $name); $stmt->bindParam(5, $location); $stmt->bindParam(6, $codehash); $stmt->execute(); $id = $con->lastInsertId(); //add players if (!empty($players)) { $sql = "INSERT INTO players (`ticker`, `team`, `number`, `name`) VALUES "; $all_values = array(); $i = 0; foreach ($players as $player) { $sql .= "(?, ?, ?, ?)"; if ($i < sizeof($players) - 1) { $sql .= ", "; } $i++; $team = false; if ($player["team"] == "b") { $team = true; } $all_values = array_merge($all_values, array($id, $team, $player["number"], $player["name"])); } $stmt = $con->prepare($sql); $stmt->execute($all_values); } return $id; }