$email = strtolower(mysqli_real_escape_string($con, $_POST["email"])); $cell = mysqli_real_escape_string($con, $_POST["cell"]); $pass = mysqli_real_escape_string($con, $_POST["pass"]); $firstPeriod = mysqli_real_escape_string($con, $_POST["1st"]); $eighthPeriod = mysqli_real_escape_string($con, $_POST["8th"]); $club = mysqli_real_escape_string($con, $_POST["club"]); $zombie = isset($_POST["zombie"]) ? 1 : 0; $share = isset($_POST["share"]) ? 1 : 0; //Make sure email is unused. if (mysqli_num_rows(mysqli_query($con, "select * from users where email='" . $email . "'")) != 0) { die("<script type=\"text/javascript\"> alert(\"This email is already registered.\")</script>"); } //Find an unused ID $id = genId(25); while (mysqli_num_rows(mysqli_query($con, "select * from users where ID='" . $id . "'")) != 0) { $id = genId(25); } //Check file size and errors if ($_FILES["pic"]["size"] > 2000000) { die("<script type=\"text/javascript\"> alert(\"Sorry, your picture is too big. Please select another.\")</script>"); } if ($_FILES["pic"]["error"] > 0) { echo $_FILES["pic"]["error"]; die("<script type=\"text/javascript\"> alert(\"Sorry, there were errors uploading your picture. Please try again.\")</script>"); } if ($_FILES["pic"]["type"] == "applicaton/octet-stream") { die("<script type=\"text/javascript\"> alert(\"Sorry, there were errors uploading your picture. Please try again.\")</script>"); } //Upload picture $exp = explode(".", $_FILES["pic"]["name"]); $ext = end($exp);
function check() { //Do game check //Get globals from calling page global $id, $game, $con, $user; //Check if user id is in game table $res = mysqli_query($con, "select * from _" . $game . " where id='" . $id . "'") or die("There seems to be a problem with the database. Please try again later."); $arr = mysqli_fetch_array($res, MYSQLI_BOTH); $status = $arr[1]; $user['idCard'] = $arr[2]; $user['Kills'] = $arr[3]; $user['Team'] = $arr[4]; //Check if the game has started $res = mysqli_query($con, "select status from schedule where Start='" . substr($game, 0, 4) . "-" . substr($game, 4, 2) . "-" . substr($game, 6, 2) . "'") or die("There seems to be a problem with the database. Please try again later."); $hasStarted = mysqli_fetch_array($res, MYSQLI_BOTH); //Check if user is signed up if ($status == "") { //Check if the game has started if ($hasStarted[0] == 0) { //If it hasn't started, check if they already clicked the button. if (isset($_GET['signup'])) { //Trying to sign up. Check if they're creating or joining if (isset($_GET['create'])) { //They're creating. //parse team and pass $team = mysqli_real_escape_string($con, $_GET['team']); $pass = mysqli_real_escape_string($con, $_GET['pass']); //Find an unused ID $idCard = genId(7); while (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "'")) != 0) { $idCard = genId(7); } //Make sure the name isn't taken if (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where Team='" . $team . "'")) != 0) { die("Sorry, that team name is taken. Please try again. <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>"); } //Add the team name to roster mysqli_query($con, "insert into _" . $game . "_roster values('" . $team . "', 'none')") or die("There seems to be a problem with the database. Pleas try again later. \n\t\t\t\t\t\t<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>"); //Add them to the game table if (mysqli_query($con, "insert into _" . $game . " values('" . $id . "', 1, '" . $idCard . "', 0, '" . $team . "', '" . $pass . "')")) { die("You've been added to the game. Your ID is <y>" . $idCard . "</y>. Write this down on your notecard now. If ressurected, you will receive a new ID. Click <a href='home.php?game=" . $game . "'>here</a> to continue to the game's page."); } else { die("There's something wrong with the database. Please try again later."); } } else { //Joining //Parse team and password $team = mysqli_real_escape_string($con, $_GET['team']); $pass = mysqli_real_escape_string($con, $_GET['pass']); //Check password $realPass = mysqli_fetch_array(mysqli_query($con, "select pass from _" . $game . " where Team='" . $team . "'"), MYSQLI_BOTH); if ($realPass[0] != $pass) { die("Sorry, that password is incorrect. Please try again. <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>"); } //Find an unused ID $idCard = genId(7); while (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "'")) != 0) { $idCard = genId(7); } if (mysqli_query($con, "insert into _" . $game . " values('" . $id . "', 1, '" . $idCard . "', 0, '" . $team . "', '" . $pass . "')")) { die("You've been added to the game. Your ID is <y>" . $idCard . "</y>. Write this down on your notecard now. If you are ressurected, you will receive a new ID. Click <a href='home.php?game=" . $game . "'>here</a> to continue to the game's page."); } else { die("There's something wrong with the database. Please try again later."); } } } else { //Get the different team names $res = mysqli_query($con, "select Team from _" . $game . "_roster"); $teamOptions = ""; while ($team = mysqli_fetch_array($res, MYSQLI_NUM)) { $teamOptions .= "<option value=\"" . $team[0] . "\">" . $team[0] . "</option>"; } die("You aren't signed up for the game scheduled to start on " . convertDate($game) . ". You may either:\n\t\t\t\t\t\t<div>\n\t\t\t\t\t\t\t<div class=\"leftMiddle\">\n\t\t\t\t\t\t\t\t<h2 style=\"font-family: Arial, Helvetica, sans-serif;\">Join a Team</h2>\n\t\t\t\t\t\t\t\t<form method=\"get\">\n\t\t\t\t\t\t\t\t\tTeam: <select name=\"team\">" . $teamOptions . "</select><br>\n\t\t\t\t\t\t\t\t\tPass: <input type=\"password\" name=\"pass\"></input>\n\t\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"signup\" value=\"true\"><br>\n\t\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"game\" value=\"" . $game . "\">\n\t\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"join\" value=\"Join\">\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t<div class=\"rightMiddle\">\n\t\t\t\t\t\t\t\t<h2 style=\"font-family: Arial, Helvetica, sans-serif;\">Create a Team</h2>\n\t\t\t\t\t\t\t\t<form method=\"get\" action=\"home.php\">\n\t\t\t\t\t\t\t\t\tTeam Name: <input type=\"text\" name=\"team\"></input><br>\n\t\t\t\t\t\t\t\t\tPass: <input type=\"text\" name=\"pass\"></input><br>\n\t\t\t\t\t\t\t\t\t(Share this password with your teammates to let them join your team)\n\t\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"signup\" value=\"true\"><br>\n\t\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"game\" value=\"" . $game . "\">\n\t\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"create\" value=\"Create\">\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t</div>\t\n\t\t\t\t\t\n\t\t\t\t\t\t<br>"); } } //If the game has started, tell them the bad news die("Sorry, the game has already started. Please check the <a href='schedule.php'>schedule</a> for the other games."); } //If they are signed up, print their status and, for humans, id cards. $actualStatus; switch ($status) { case -1: $actualStatus = "a dead person. Sorry."; break; case 0: $actualStatus = "rogue agent. Kill freely. ;)"; break; case 1: $actualStatus = "alive. Your id is " . $user['idCard'] . '. Good luck.'; break; default: $actualStatus = "dead person"; } if (!isset($_POST["idCard"])) { echo "This is the game that starts/started on " . convertDate($game) . ".<br> If you have any problems, please contact the <a href='admin.html'>admin</a>. <br><br>You are " . $actualStatus . "<br>"; } if (($status == 1 or $status == 0) and $hasStarted[0] == 1) { //Check if they've already submitted this form. If they have, kill that person. if (isset($_POST['idCard'])) { $idCard = mysqli_real_escape_string($con, $_POST['idCard']); //Make sure that idCard is actually a player $res = mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "' and status=1") or die("There seems to be a problem with the database. Please try again later."); $arr = mysqli_fetch_array($res, MYSQLI_BOTH); if ($arr[0] == "") { die("Sorry, that person is either dead or non-existant. Try re-entering the code? <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>"); } //Find the team of the target $arr = mysqli_fetch_array(mysqli_query($con, "select team from _" . $game . " where idCard='" . $idCard . "'")); $team = $arr[0]; //Find the user's target team $arr = mysqli_fetch_array(mysqli_query($con, "select target from _" . $game . "_roster where Team='" . $user['Team'] . "'")); $target = $arr[0]; //Make sure the target team and the team of the person being killed match if ($target != $team) { die("Sorry, that person is not one of your targets. Try re-entering the code? <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>"); } //Kill the player mysqli_query($con, "update _" . $game . " set status=-1 where idCard='" . $idCard . "'") or die("There seems to be a problem with the database. Please try again later. \n\t\t\t\t<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>"); //Give the user another kill mysqli_query($con, "update _" . $game . " set kills=kills+1 where id='" . $id . "'") or die("We zombified the player, and gave you more days to live, but we couldn't increase your kill count.\n\t\t\t\t Please see the admin to fix this.<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php\"}, 4000);</script>"); //Check if that entire team is dead if (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where Team='" . $team . "' and Status=1")) == 0) { //The entire team is dead. Get the target team's target $arr = mysqli_fetch_array(mysqli_query($con, "select Target from _" . $game . "_roster where Team='" . $target . "'"), MYSQLI_BOTH); $newTarget = $arr[0]; //Set their new target as the user team's target mysqli_query($con, "update _" . $game . "_roster set Target='" . $newTarget . "' where Team='" . $user['Team'] . "'") or die("There was a problem eliminating your target team. Please notify an admin."); //Delete the eliminated team from the roster mysqli_query($con, "delete from _" . $game . "_roster where Team='" . $team . "'") or die("There was a problem eliminating your target team. Please notify an admin."); //Give all dead players a new ID //Get dead players on user team $res = mysqli_query($con, "select ID from _20130408 where Status=-1 and Team='" . $user['Team'] . "'") or die("There's a problem reviving your team. Please notify an admin."); //Cycle through dead players while ($player = mysqli_fetch_array($res, MYSQLI_BOTH)) { //Find an unused ID $idCard = genId(7); while (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "'")) != 0) { $idCard = genId(7); } //Set that as the player's new ID mysqli_query($con, "update _20130408 set idCard='" . $idCard . "' where ID='" . $player[0] . "'") or die("There's a problem reviving your team. Please notify an admin."); } //Revive user's team mysqli_query($con, "update _" . $game . " set status=1 where Team='" . $user['Team'] . "'") or die("There was a problem eliminating your target team. Please notify an admin."); echo "You have eliminated team " . $team . " completely. Your team will be revived.<br>"; } die("Nice job. Your kill count has been updated. <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script><br>"); } //If the game has started, let people kill target if ($hasStarted) { echo "Was the assassination succesful? Put your target's ID here: <form action='home.php?game=" . $game . "' method='post'><input type='text' name='idCard'/><br><input type='submit'></form><br>"; } } }
function check() { //Do game check global $con, $user, $game, $id; //Check if user id is in game table $res = mysqli_query($con, "select * from _" . $game . " where id='" . $id . "'") or die("There seems to be a problem with the database. Please try again later."); $arr = mysqli_fetch_array($res, MYSQLI_BOTH); $status = $arr[1]; $user['idCard'] = $arr[2]; $user['daysLeft'] = $arr[3]; $user['Kills'] = $arr[4]; //Check if the game has started $res = mysqli_query($con, "select status from schedule where Start='" . substr($game, 0, 4) . "-" . substr($game, 4, 2) . "-" . substr($game, 6, 2) . "'") or die("There seems to be a problem with the database. Please try again later."); $hasStarted = mysqli_fetch_array($res, MYSQLI_BOTH); //Check if user is signed up if ($status == "") { //Check if the game has started if ($hasStarted[0] == 0) { //If it hasn't started, check if they already clicked the button. If they did, add them to the table. if (isset($_GET['signup'])) { //Find an unused ID $idCard = genId(7); while (mysqli_num_rows(mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "'")) != 0) { $idCard = genId(7); } if (mysqli_query($con, "insert into _" . $game . " values ('" . $id . "', 1, '" . $idCard . "', 3, 0)")) { die("You've been added to the game. Your ID is <y>" . $idCard . "</y>. Write this down on your notecard now. Click <a href='home.php?game=" . $game . "'>here</a> to continue to the game's page."); } else { die("There's something wrong with the database. Please try again later."); } } else { die("You aren't signed up for the game scheduled to start on " . convertDate($game) . ". To sign up, click <a href='home.php?game=" . $game . "&signup=true'>here</a>.<br>"); } } //If the game has started, tell them the bad news die("Sorry, the game has already started. Please check the <a href='schedule.php'>schedule</a> for the other games."); } //If they are signed up, print their status and, for zombies, a place to input id cards. $actualStatus; switch ($status) { case -1: $actualStatus = "dead person. Sorry."; break; case 0: $actualStatus = "zombie. You have " . $user["daysLeft"] . " (rounded up) days to live and have made " . $user["Kills"] . " kill(s)."; break; case 1: $actualStatus = "human. Your id is " . $user['idCard'] . '. Good luck.'; break; default: $actualStatus = "dead person"; } if (!isset($_POST["idCard"])) { echo "This is the game that starts/started on " . convertDate($game) . ".<br> If you have any problems, please contact the <a href='admin.html'>admin</a>. <br><br>You are a " . $actualStatus . "<br>"; } if ($status == 0) { //Check if they've already submitted this form. If they have, kill that person. if (isset($_POST['idCard'])) { $idCard = mysqli_real_escape_string($con, $_POST['idCard']); //Make sure that idCard is actually a player $res = mysqli_query($con, "select * from _" . $game . " where idCard='" . $idCard . "' and status=1") or die("There seems to be a problem with the database. Please try again later."); $arr = mysqli_fetch_array($res, MYSQLI_BOTH); if ($arr[0] == "") { die("Sorry, that person is either dead or non-existant. Try re-entering the code? <script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>"); } //Kill the player mysqli_query($con, "update _" . $game . " set status=0 where idCard='" . $idCard . "'") or die("There seems to be a problem with the database. Pleas try again later. \n\t\t\t\t<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>"); //Reset the user's days left mysqli_query($con, "update _" . $game . " set daysLeft=3 where id='" . $id . "'") or die("We zombified the player, but we were unable to give you more days to live. Please see the admin to fix this. \n\t\t\t\t<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script>"); //Give the user another kill mysqli_query($con, "update _" . $game . " set kills=kills+1 where id='" . $id . "'") or die("We zombified the player, and gave you more days to live, but we couldn't increase your kill count.\n\t\t\t\t Please see the admin to fix this.<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php\"}, 4000);</script>"); die("Good job! You've eaten enough for another full two days, plus tonight.<script type='text/javascript'>window.setTimeout(function(){document.location.href=\"/home.php?game=" . $game . "\"}, 4000);</script><br>"); } //If the game has started, let zombies kill people if ($hasStarted) { echo "Have you eaten lately? Put your victim's ID here: <form action='home.php?game=" . $game . "' method='post'><input type='text' name='idCard'/><br><input type='submit'></form><br>"; } } function show() { global $con, $user, $game, $id; //Count number of respective types $res = mysqli_query($con, "select count(*) from _" . $game . " where status=1") or die("There seems to be an error in our database. Please try again later."); $arr = mysqli_fetch_array($res, MYSQLI_BOTH); $numHumans = $arr[0]; $res = mysqli_query($con, "select count(*) from _" . $game . " where status=0") or die("There seems to be an error in our database. Please try again later."); $arr = mysqli_fetch_array($res, MYSQLI_BOTH); $numZombies = $arr[0]; $res = mysqli_query($con, "select count(*) from _" . $game . " where status=-1") or die("There seems to be an error in our database. Please try again later."); $arr = mysqli_fetch_array($res, MYSQLI_BOTH); $numDead = $arr[0]; $humans = array(); $zombies = array(); $dead = array(); $res = mysqli_query($con, "select First, Last, Pic, Kills, Thumb from _" . $game . " inner join users on _" . $game . ".id=users.id order by status, First") or die("There seems to be an error in our database. Please try again later."); for ($i = 0; $i < $numDead; $i++) { $dead[$i] = mysqli_fetch_array($res, MYSQLI_BOTH) or die("There seems to be an error in our database. Please try again later."); } $z = $i; for ($i = 0; $i < $numZombies; $i++) { $zombies[$i] = mysqli_fetch_array($res, MYSQLI_BOTH) or die("There seems to be an error in our database. Please try again later."); } $z = $i > $z ? $i : $z; for ($i = 0; $i < $numHumans; $i++) { $humans[$i] = mysqli_fetch_array($res, MYSQLI_BOTH) or die("There seems to be an error in our database. Please try again later."); } $z = $i > $z ? $i : $z; for ($i = 0; $i < $z; $i++) { echo "<tr>"; if (!isset($humans[$i])) { echo "<td></td>"; } else { echo "<td><a href='profile.php?first=" . $humans[$i]['First'] . "&last=" . $humans[$i]['Last'] . "&game=" . $game . "'><img src='Headshots/" . $humans[$i]['Thumb'] . "'/><br>" . $humans[$i]['First'] . " " . $humans[$i]['Last'] . "</a></td>\n"; } if (!isset($zombies[$i])) { echo "<td></td>"; } else { echo "<td><a href='profile.php?first=" . $zombies[$i]['First'] . "&last=" . $zombies[$i]['Last'] . "&game=" . $game . "'><img src='Headshots/" . $zombies[$i]['Thumb'] . "'/><br><r>" . $zombies[$i]['First'] . " " . $zombies[$i]['Last'] . "</r></a></td>\n"; } if (!isset($dead[$i][0])) { echo "<td></td>"; } else { echo "<td><a href='profile.php?first=" . $dead[$i]['First'] . "&last=" . $dead[$i]['Last'] . "&game=" . $game . "'><img src='Headshots/" . $dead[$i]['Thumb'] . "'/></a><br><g>" . $dead[$i]['First'] . " " . $dead[$i]['Last'] . "</g></a></td>\n"; } echo "</tr>"; } } }