protected function GET_download($rsc)
{
global $config;
global $phphw_common_json;
$assignment = $rsc[1];
$guard = new \PHPREST\DB\Guard($config['db']);
if (!isset($_GET['login']) || !isset($_GET['token'])) {
return $phphw_common_json['field_missing'];
}
$login = $_GET['login'];
$token = $_GET['token'];
$user = get_user_by_token($guard, $token, $login);
if (!$user) {
return $phphw_common_json['unauthorized'];
}
$submission = get_submission($guard, $user['id'], $assignment);
if (!$submission) {
return $phphw_common_json['nonexist'];
}
$f = $this->open_file_by_digest($submission['digest']);
if (!is_resource($f)) {
return $phphw_common_json['server_error'];
}
$guard->commit();
return (object) ['filename' => $submission['filename'], 'stream' => $f];
}
protected function GET_status($rsc, $j = NULL)
{
global $config;
global $phphw_common_json;
$assignment = $rsc[1];
$guard = new \PHPREST\DB\Guard($config['db']);
if (!isset($_GET['login']) || !isset($_GET['token'])) {
return $phphw_common_json['field_missing'];
}
$login = $_GET['login'];
$token = $_GET['token'];
$user = get_user_by_token($guard, $token, $login);
if (!$user) {
return $phphw_common_json['unauthorized'];
}
$submission = get_submission($guard, $user['id'], $assignment);
if (!$submission) {
return $phphw_common_json['nonexist'];
}
$guard->commit();
unset($submission['user']);
unset($submission['assignment']);
return ['result' => 'OK', 'status' => '200', 'reason' => 'OK', 'submission' => $submission];
}
protected function DELETE_submissions($rsc, $j)
{
global $config;
global $phphw_common_json;
$assignment = $rsc[1];
$login = $j->login;
$token = $j->token;
$guard = new \PHPREST\DB\Guard($config['db']);
$user = get_user_by_token($guard, $token, $login);
if (!$user) {
return $phphw_common_json['unauthorized'];
}
$submission = get_submission($guard, $user['id'], $assignment, TRUE);
if (!$submission) {
return $phphw_common_json['nonexist'];
}
$sql = <<<EOSQL
UPDATE {$guard->tables->submission}
SET deleted = TRUE
WHERE id = ?
EOSQL;
$stmt = $guard->mysqli->prepare($sql);
$stmt->bind_param('i', $submission['id']);
$stmt->execute();
$stmt->close();
$guard->commit();
return ['result' => 'OK', 'status' => '200', 'reason' => 'Success'];
}
if (mysql_affected_rows() > 0) {
$matchup = $row;
}
}
return $matchup;
}
function get_submission($sub_id)
{
$sql = "SELECT s.*, l.*, l.name as language_name \n FROM submissions s INNER JOIN languages l\n ON l.language_id = s.language_id\n WHERE s.submission_id=" . $sub_id;
$result = mysql_query($sql);
return mysql_fetch_assoc($result);
}
while (True) {
$matchup = get_matchup();
$submission_one = get_submission($matchup['player_one']);
$submission_two = get_submission($matchup['player_two']);
if ($submission_one['latest'] != 1 or $submission_two['latest'] != 1) {
mysql_query("DELETE FROM matchups\n WHERE player_one='" . $matchup['player_one'] . "'\n AND '" . $matchup['player_two'] . "'");
continue;
}
break;
}
$sql = "SELECT * FROM maps WHERE map_id=" . $matchup['map_id'];
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
$map_name = $row['path'];
echo json_encode(array('players' => array($submission_one, $submission_two), 'map' => array('id' => $matchup['map_id'], 'name' => $map_name)));
# update last game timestamp of players
# doing it here as the game is handed out instead of when the game is
# turned in avoids bias against players that take a longer time to play
$sql = "UPDATE submissions set last_game_timestamp = current_timestamp\n WHERE submission_id = '" . $matchup['player_one'] . "'\n OR submission_id = '" . $matchup['player_two'] . "'";
$tpl->page_title = SUBMISSION;
$tpl->page_description = site_seo_description;
$tpl->keywords = site_seo_keywords;
$tpl->page_image = main_url . website_logo;
// Send SEO Data
//--fetch all topics--//
$fetch_all_topics = all_topics($database);
$tpl->all_topics = $fetch_all_topics;
$sumitter_id = $vars[1];
foreach ($vars as $var) {
if (strpos($var, 'p:') === 0) {
$page_no_var = $var;
//get the current Page from URL
}
}
$data = get_submission($database, $sumitter_id);
$tpl->populate_data = $data;
if (isset($_SESSION['user_id'])) {
$user_id = $_SESSION['user_id'];
$errmsg_arr = array();
$errflag = false;
if (isset($_POST) && $_POST) {
try {
NoCSRF::check('csrf_token', $_POST, true, 60 * 10, false);
//pr($_POST);
$title = clean($_POST['data']['poem_title']);
$poem = $_POST['data']['poem'];
$topic = clean($_POST['data']['topic']);
$author = 0;
//Form validate
if (!$_POST['data']['poem_title']) {
