protected function GET_download($rsc) { global $config; global $phphw_common_json; $assignment = $rsc[1]; $guard = new \PHPREST\DB\Guard($config['db']); if (!isset($_GET['login']) || !isset($_GET['token'])) { return $phphw_common_json['field_missing']; } $login = $_GET['login']; $token = $_GET['token']; $user = get_user_by_token($guard, $token, $login); if (!$user) { return $phphw_common_json['unauthorized']; } $submission = get_submission($guard, $user['id'], $assignment); if (!$submission) { return $phphw_common_json['nonexist']; } $f = $this->open_file_by_digest($submission['digest']); if (!is_resource($f)) { return $phphw_common_json['server_error']; } $guard->commit(); return (object) ['filename' => $submission['filename'], 'stream' => $f]; }
protected function GET_status($rsc, $j = NULL) { global $config; global $phphw_common_json; $assignment = $rsc[1]; $guard = new \PHPREST\DB\Guard($config['db']); if (!isset($_GET['login']) || !isset($_GET['token'])) { return $phphw_common_json['field_missing']; } $login = $_GET['login']; $token = $_GET['token']; $user = get_user_by_token($guard, $token, $login); if (!$user) { return $phphw_common_json['unauthorized']; } $submission = get_submission($guard, $user['id'], $assignment); if (!$submission) { return $phphw_common_json['nonexist']; } $guard->commit(); unset($submission['user']); unset($submission['assignment']); return ['result' => 'OK', 'status' => '200', 'reason' => 'OK', 'submission' => $submission]; }
protected function DELETE_submissions($rsc, $j) { global $config; global $phphw_common_json; $assignment = $rsc[1]; $login = $j->login; $token = $j->token; $guard = new \PHPREST\DB\Guard($config['db']); $user = get_user_by_token($guard, $token, $login); if (!$user) { return $phphw_common_json['unauthorized']; } $submission = get_submission($guard, $user['id'], $assignment, TRUE); if (!$submission) { return $phphw_common_json['nonexist']; } $sql = <<<EOSQL UPDATE {$guard->tables->submission} SET deleted = TRUE WHERE id = ? EOSQL; $stmt = $guard->mysqli->prepare($sql); $stmt->bind_param('i', $submission['id']); $stmt->execute(); $stmt->close(); $guard->commit(); return ['result' => 'OK', 'status' => '200', 'reason' => 'Success']; }
if (mysql_affected_rows() > 0) { $matchup = $row; } } return $matchup; } function get_submission($sub_id) { $sql = "SELECT s.*, l.*, l.name as language_name \n FROM submissions s INNER JOIN languages l\n ON l.language_id = s.language_id\n WHERE s.submission_id=" . $sub_id; $result = mysql_query($sql); return mysql_fetch_assoc($result); } while (True) { $matchup = get_matchup(); $submission_one = get_submission($matchup['player_one']); $submission_two = get_submission($matchup['player_two']); if ($submission_one['latest'] != 1 or $submission_two['latest'] != 1) { mysql_query("DELETE FROM matchups\n WHERE player_one='" . $matchup['player_one'] . "'\n AND '" . $matchup['player_two'] . "'"); continue; } break; } $sql = "SELECT * FROM maps WHERE map_id=" . $matchup['map_id']; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); $map_name = $row['path']; echo json_encode(array('players' => array($submission_one, $submission_two), 'map' => array('id' => $matchup['map_id'], 'name' => $map_name))); # update last game timestamp of players # doing it here as the game is handed out instead of when the game is # turned in avoids bias against players that take a longer time to play $sql = "UPDATE submissions set last_game_timestamp = current_timestamp\n WHERE submission_id = '" . $matchup['player_one'] . "'\n OR submission_id = '" . $matchup['player_two'] . "'";
$tpl->page_title = SUBMISSION; $tpl->page_description = site_seo_description; $tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data //--fetch all topics--// $fetch_all_topics = all_topics($database); $tpl->all_topics = $fetch_all_topics; $sumitter_id = $vars[1]; foreach ($vars as $var) { if (strpos($var, 'p:') === 0) { $page_no_var = $var; //get the current Page from URL } } $data = get_submission($database, $sumitter_id); $tpl->populate_data = $data; if (isset($_SESSION['user_id'])) { $user_id = $_SESSION['user_id']; $errmsg_arr = array(); $errflag = false; if (isset($_POST) && $_POST) { try { NoCSRF::check('csrf_token', $_POST, true, 60 * 10, false); //pr($_POST); $title = clean($_POST['data']['poem_title']); $poem = $_POST['data']['poem']; $topic = clean($_POST['data']['topic']); $author = 0; //Form validate if (!$_POST['data']['poem_title']) {