<?php isset($_REQUEST['action']) ? $action = $_REQUEST['action'] : printNoResults(); switch ($action) { case "getStat": isset($_REQUEST['id']) ? $statId = $_REQUEST['id'] : printNoResults(); echo json_encode(getStat($statId)); break; case "getStatName": isset($_REQUEST['id']) ? $statId = $_REQUEST['id'] : printNoResults(); echo json_encode(getStatName($statId)); break; case "getAllStats": echo json_encode(getAllStats()); break; } die; function getStat($statId) { $stat = array(); $xdoc = new DOMDocument(); $xdoc->load('Stats.xml'); $xpath = new DOMXPath($xdoc); if (!$xdoc) { die("error"); } $nodeList = $xpath->query('/Stats/Stat[@id="' . $statId . '"]', $xdoc); foreach ($nodeList as $node) { $stat = array('id' => $node->getAttribute('id'), 'name' => $node->getAttribute('Name'), 'default' => $node->childNodes->item(3)->nodeValue, 'fullName' => $node->childNodes->item(1)->nodeValue); } return $stat;
case "searchItems": isset($_REQUEST['query']) ? $queryString = $_REQUEST['query'] : printNoResults(); isset($_REQUEST['limit']) ? $limit = $_REQUEST['limit'] : ($limit = 5); isset($_REQUEST['showNoIconItems']) ? $showNoIconItems = $_REQUEST['showNoIconItems'] : ($showNoIconItems = false); $showNoIconItems == "true" ? $showNoIconItems = true : ($showNoIconItems = false); echo json_encode(searchItems($queryString, $limit, $showNoIconItems)); break; case "spawnItemForUser": //This is not secure at the moment. Might need to consider moving it and other item administrative functions to their own file. isset($_REQUEST['userId']) ? $userId = $_REQUEST['userId'] : $printNoResults(); isset($_REQUEST['itemId']) ? $itemId = $_REQUEST['itemId'] : printNoResults(); isset($_REQUEST['ql']) ? $ql = $_REQUEST['ql'] : $printNoResults(); echo json_encode(spawnItemforUser($userId, $itemId, $ql)); break; case "getUsersInventory": isset($_REQUEST['query']) ? $queryString = $_REQUEST['query'] : printNoResults(); echo json_encode(getUsersInventory($queryString)); break; } die; // `items`.`ContainerType`, `items`.`ContainerInstance`, `items`.`ContainerPlacement`, `items`.`LowId`, `items`.`HighId`, `items`.`Quality`, `items`.`MultipleCount` function getUsersInventory($query) { global $pdo; $sql = "SELECT `items`.`Id`, `items`.`ContainerType`, `items`.`ContainerInstance`, \n\t\t\t\t\t\t\t`items`.`ContainerPlacement`, `items`.`LowId`, \n\t\t\t\t\t\t\t`items`.`HighId`, `items`.`Quality`, `items`.`MultipleCount`,\n\t\t\t\t\t\t\t`itemnames`.`Name`, `itemnames`.`ItemType`, `itemnames`.`Icon`\n\t\t\t\tFROM `items`, `characters`, `itemnames`\n\t\t\t\tWHERE `items`.`ContainerType` = `characters`.`Id`\n\t\t\t\tAND `itemnames`.`Id` = `items`.`HighId`\n\t\t\t\tAND `items`.`ContainerInstance` = 104"; if (is_numeric($query)) { $sql .= " AND `characters`.`Id` = :query"; } else { $sql .= " AND `characters`.`Name` = :query"; } $sth = $pdo->prepare($sql);