* ********************************************************************************************************* */ require_once dirname(__FILE__) . "/../../library/checklogin.php"; require_once dirname(__FILE__) . "/../../notifications/processNotificationUserInvoice.php"; require_once dirname(__FILE__) . "/../../library/config_read.php"; isset($_GET['invoice_id']) ? $invoice_id = $_GET['invoice_id'] : ($invoice_id = ""); isset($_GET['destination']) ? $destination = $_GET['destination'] : ($destination = "download"); $login = $_SESSION['login_user']; $username = $login; if (!$username) { return false; } if ($invoice_id != "") { $customerInfo = @getInvoiceDetails($invoice_id, $username); $pdfDocument = @createNotification($customerInfo); if ($destination == "download") { header("Content-type: application/pdf"); header("Content-Disposition: attachment; filename=notification_user_invoice_" . date("Ymd") . ".pdf; size=" . strlen($pdfDocument)); print $pdfDocument; } } function getInvoiceDetails($invoice_id = NULL, $username) { require dirname(__FILE__) . "/../../library/opendb.php"; require_once dirname(__FILE__) . "/../../lang/main.php"; global $configValues; $sql = "SELECT id, contactperson, city, state, username FROM " . $configValues['CONFIG_DB_TBL_DALOUSERBILLINFO'] . " WHERE username = '******'"; $res = $dbSocket->query($sql); $row = $res->fetchRow(DB_FETCHMODE_ASSOC); $user_id = $row['id'];
$count = count($ids); //No orders to create notifications for if ($count == 0) { echo "No notifications created<br><br>"; //Have a little rest } else { if ($count == 1) { createNotification($ids, 0); } else { $uniqueIds = array_unique($ids); print_r($uniqueIds); //One order for multiple items if (count($uniqueIds) == 1) { createNotification($uniqueIds, 1); } else { createNotification($uniqueIds, 2); } } } //Create the appropriate Notification function createNotification($ids, $msgType) { //Set initial vars $conn = $GLOBALS['conn']; $curr = utf8_encode("£"); $path = $_SERVER['HTTP_HOST'] . "/ProjectDing"; $num_orders = count(array_unique($ids)); $order_ids = implode($ids, ","); $orders_total = 0; $other_items_qty = -1; $s = null;
$(document).ready( function( ) { // mailCompose opens in a Shadowbox, so hook into it for dismiss button functionality var s = window.parent.Shadowbox; s.setDimensions( 150, 200, 150, 200, 0, 0, 0, true ); $( "#dismiss" ).button( ); $( "#dismiss" ).click( function( ) { window.parent.Shadowbox.close( ); } ); } ); </script> </head> <body style="background-color:#fff"> <?php $recipientUid = getUserId($recipient); $stmt = $dbh->prepare("INSERT INTO msgs(uidf,uidt,gid,string,rr) VALUES( ?, ?, ?, ?, ? )"); $stmt->bindParam(1, $uuid); $stmt->bindParam(2, $recipientUid); $stmt->bindParam(3, $gameinstance); $stmt->bindParam(4, $message); $stmt->bindValue(5, 0); // read receipt -- not implemented $stmt->execute(); // Notify the recipient $mailNotification = "<a href=\"" . $FCN_ROOT . "mail.php\">" . getUsername($uuid) . " sent you a message.</a>"; createNotification($recipientUid, $E_MESSAGE_RECEIVED, $mailNotification); ?> <h1>Message delivered</h1> <button id="dismiss">Okay</button> </body> </html>
} // FIXME this is nuts -- verbatim repetition of above if ($approved == "0") { $headline = getUsername($destination) . " rejected " . getUsername($origin) . "'s trade proposal"; $stmt = $dbh->prepare("UPDATE events SET type = ?, headline = ? WHERE xref = ? AND type = ?"); $stmt->bindValue(1, $E_TRADE_REJECTED); $stmt->bindValue(2, $headline); $stmt->bindValue(3, $tid); $stmt->bindValue(4, $E_TRADE_PROPOSED); $stmt->execute(); createNotification($origin, $E_TRADE_REJECTED, getUsername($destination) . " rejected your trade proposal."); if ($tradeMessage != "") { $substmt = $dbh->prepare("INSERT INTO msgs(uidf,uidt,gid,string,rr) VALUES( ?, ?, ?, ?, ? )"); $substmt->bindParam(1, $uuid); $substmt->bindParam(2, $origin); $substmt->bindParam(3, $gameinstance); $substmt->bindParam(4, $tradeMessage); $substmt->bindParam(5, $false); $substmt->execute(); $mailNotification = "<a href=\"" . $FCN_ROOT . "mail.php\">" . getUsername($uuid) . " sent you a message about your trade proposal.</a>"; createNotification($origin, $E_MESSAGE_RECEIVED, $mailNotification); } } // Value 2 = trade was cancelled. if ($approved == "2") { createNotification($origin, $E_TRADE_REJECTED, "You have cancelled the trade with " . getUsername($destination) . "."); } ?> <html> </html>
$stmt = $dbh->prepare("UPDATE tombstones SET approved = ? WHERE id = ?"); $stmt->bindParam(1, $approvalAction); $stmt->bindParam(2, $challengeId); $stmt->execute(); if ($action === "approve") { adjustPoints($player, 10); createNotification($player, $E_ACHIEVEMENT, "Your tombstone for " . getTombstone($work, true) . " was approved by the game administrator! You receive " . $CURRENCY_SYMBOL . "10."); } else { createNotification($player, $E_ACHIEVEMENT, "Your tombstone for " . getTombstone($work, true) . " was rejected by the game administrator! You can create a new tombstone to try again."); $stmt = $dbh->prepare("DELETE FROM tombstones WHERE id = ?"); $stmt->bindParam(1, $challengeId); $stmt->execute(); } } else { if ($mode === "d") { $approvalAction = $action === "approve" ? 1 : 0; $stmt = $dbh->prepare("UPDATE work_descriptions SET approved = ? WHERE id = ?"); $stmt->bindParam(1, $approvalAction); $stmt->bindParam(2, $challengeId); $stmt->execute(); if ($action === "approve") { adjustPoints($player, 10); createNotification($player, $E_ACHIEVEMENT, "Your description for " . (workHasTombstone($work) ? getTombstone($work, true) : "a work") . " was approved! You receive " . $CURRENCY_SYMBOL . "10."); } else { createNotification($player, $E_ACHIEVEMENT, "Your description for " . (workHasTombstone($work) ? getTombstone($work, true) : "a work") . " was rejected! You can modify the description and try again."); } } } ?>
/** * createUser: does what it says. Does not, however, actually create their collection table; that happens * when the game supervisor distributes initial collections. * * A (bad) assumption here: input arriving at this function has already been validated elsewhere. Hm. * * @param name The user's name. * @param pw Password, in plaintext glory, but soon to be encrypted by MD5. * @param email The user's email address. * @param ok_to_use_record Boolean value indicating whether the player consented to have his/her gameplay * recorded and used in any research, visualizations, models of this gameplay, etc. */ function createUser($name, $pw, $email, $consent) { global $dbh; $query = $dbh->prepare("INSERT INTO collectors(name,email,password,ok_to_use_record) VALUES(?, ?, MD5(?), ?)"); $query->bindParam(1, $name); $query->bindParam(2, $email); $query->bindParam(3, $pw); $query->bindParam(4, $consent); $query->execute(); // Also need to register their collection. The gameinstance stuff is deprecated but still here... $query = $dbh->prepare("INSERT INTO collections(owner,name,gameinstance) VALUES(?,?,?)"); $ui = getUserId($name); $cg = getCurrentGameInstance(); $query->bindParam(1, $ui); $query->bindParam(2, $name); $query->bindParam(3, $cg); $query->execute(); // Notify all users that this player has joined createNotification(-1, 6, $name . " has joined the game."); }
$approver = $_GET['uuid']; $action = $_GET['action']; $player = $_GET['player']; $work = $_GET['work']; // APPROVED column in these tables: 0 = rejected; 1 = accepted; 2 = pending. // These values really need to be global variables. Magic numbers abound. FIXME $approvalAction = $action === "approve" ? 1 : 0; $stmt = $dbh->prepare("UPDATE tombstones SET approved = ? WHERE id = ?"); $stmt->bindParam(1, $approvalAction); $stmt->bindParam(2, $challengeId); $stmt->execute(); if ($action === "approve") { // Award the player who submitted the tombstone 10 FCGs and notify them. adjustPoints($player, 10); createNotification($player, $E_ACHIEVEMENT, "Your tombstone for " . getTombstone($work, true) . " was approved by " . getUserName($approver) . "! You receive " . $CURRENCY_SYMBOL . "10."); } else { // ...or tell them they got it wrong. createNotification($player, $E_ACHIEVEMENT, "Your tombstone for " . getTombstone($work, true) . " was rejected by " . getUserName($approver) . "! You can create a new tombstone to try again."); // Delete the tombstone attempt. There's a mismatch here between the way we use // approval flags (0/1) and the fact that we just drop rejected attempts from the // table altogether, but fixing the problem will require rewriting some utility // functions in functions.php. $stmt = $dbh->prepare("DELETE FROM tombstones WHERE id = ?"); $stmt->bindParam(1, $challengeId); $stmt->execute(); } // Finally, award the approver 10 points. adjustPoints($approver, 10); ?>
$stmt = $dbh->prepare("SELECT CURRENT_TIMESTAMP() + INTERVAL " . $endtime . " DAY as t"); $stmt->execute(); while ($row = $stmt->fetch()) { $endstamp = $row['t']; } // Insert auction data into auctions table... $stmt = $dbh->prepare("INSERT INTO auctions(uid,wid,end,initial_bid,reserve,bin) values( ?, ?, ?, ?, ?, ? )"); $stmt->bindParam(1, $uuid); $stmt->bindParam(2, $works); $stmt->bindValue(3, $endstamp); $stmt->bindParam(4, $price); $stmt->bindValue(5, $reserve); $stmt->bindValue(6, $bin); $stmt->execute(); // ...and notify the entire game that a new auction is happening. createNotification(-1, $E_CLASSIFIED_LISTING, "<a href=\"marketplace.php?#auctions\">" . getUsername($uuid) . " is auctioning " . getTombstoneOrNot($works, true) . " (starting bid: " . $CURRENCY_SYMBOL . $price . ").</a>"); // FIgure out the auction ID. I think it's possible to get the primary key of the row // you just inserted in MySQL via some built-in function, but I'm not sure that it's // 100% reliable or failsafe in this scenario. $sta = $dbh->prepare("SELECT id FROM auctions WHERE uid = ? AND end = ?"); $sta->bindParam(1, $uuid); $sta->bindValue(2, $endstamp); $sta->execute(); $aucId = -1; while ($row = $sta->fetch()) { $aucId = $row['id']; } // Using the auction ID we just selected, create the auction end event for this auction. $z = $dbh->prepare("CREATE EVENT auctionEnd" . $aucId . " ON SCHEDULE AT '" . $endstamp . "' DO BEGIN UPDATE auctions SET pending=0,winner=-1,highbid=0,end=NOW() WHERE id=? LIMIT 1; END"); $z->bindParam(1, $aucId); $z->execute();
<?php /** * award.php: do the work that allows the game admin to arbitrarily award (or penalize) players by * adjusting their points. */ ob_start(); require '../functions.php'; require '../db.php'; ob_end_clean(); $player = $_GET['collector']; $message = $_GET['desc']; $points = $_GET['points']; createNotification($player, $E_HAZARD, $message); adjustPoints($player, $points); echo "Divine intervention complete."; ?>
<?php /** * promote.php: Helper that allows game admin to promote individual users to Connoisseur status. */ ob_start(); require '../functions.php'; require '../db.php'; ob_end_clean(); $player = $_GET['collector']; $message = $_GET['desc']; $points = $_GET['points']; createNotification($player, $E_ACHIEVEMENT, $message); $retVal = ""; // FIXME: hard coded levels/magic # if (isConnoisseur($player)) { $retVal = "The player has been demoted."; setLevel($player, 1); } else { $retVal = "Promotion complete!"; setLevel($player, 10); $newsFeedMsg = "<div style=\"display:inline;padding-left:50px;float:left;padding-right:5px;padding-top:5px;padding-bottom:5px;\">" . getUserName($player) . " has earned the Connoisseur badge! As a reward for excellent gameplay, " . getUserName($player) . " can now earn extra " . $CURRENCY_SYMBOL . " by validating other players' tombstone entries.</div>"; $headline = getUserName($player) . " is now a Connoisseur!"; $query = $dbh->prepare("INSERT INTO events( type, target, description, headline ) VALUES( ?, ?, ?, ? )"); $query->bindParam(1, $E_ACHIEVEMENT); $query->bindParam(2, $player); $query->bindParam(3, $newsFeedMsg); $query->bindParam(4, $headline); $query->execute(); } echo $retVal;
$query = $dbh->prepare("SELECT id FROM works WHERE id = ?"); $query->bindValue(1, $work); $query->execute(); while ($row = $query->fetch()) { $tradeDesc .= "<a rel=\"shadowbox;height:80%;width:80%;\" href=\"workview.php?wid=" . $row['id'] . "&gid=" . $gameinstance . "\"><img src=\"img.php?img=" . $row['id'] . "\" style=\"width:200px;padding-right:5px;\"></a>"; echo "<div style=\"float:left;padding:5px;\"><img src=\"img.php?img=" . $row['id'] . "\" style=\"width:200px;vertical-align:top;\"></div>"; } } $tradeDesc .= "</div>"; echo "</div></div>"; echo "<p/><div style=\"float:right;\"><button id=\"goHome\">Ok</button></div>\n"; // Finally, notify the entire game of trade activity by recording it in the events feed. $query = $dbh->prepare("INSERT INTO events( type, target, other_participant, description, works_target, works_other, headline, xref ) VALUES( ?, ?, ?, ?, ?, ?, ?, ? )"); $query->bindValue(1, $E_TRADE_PROPOSED); $query->bindValue(2, $uuid); $query->bindValue(3, $_SESSION['last_trade_with']); $query->bindValue(4, mysql_real_escape_string($tradeDesc)); $query->bindValue(5, $offers); $query->bindValue(6, $requests); $query->bindValue(7, $headline); $query->bindValue(8, $tradeId); $query->execute(); $tradeNotificationString = "<a href=\"" . $FCN_ROOT . "marketplace.php?#trades\">" . getUsername($uuid) . " proposed a trade with you.</a>"; createNotification($_SESSION['last_trade_with'], $E_TRADE_PROPOSED, $tradeNotificationString); ?> </div> </body> </html>