static function checkGameDates(&$message)
{
if (APIHelpers::$FHQSESSION != NULL) {
if (!isset(APIHelpers::$FHQSESSION['game'])) {
$message = 'Select game please';
return false;
}
} else {
if (!isset($_SESSION['game'])) {
$message = 'Select game please';
return false;
}
}
if (APISecurity::isAdmin() || APISecurity::isTester()) {
return true;
}
$date_start = new DateTime();
date_timestamp_set($date_start, strtotime($_SESSION['game']['date_start']));
$date_stop = new DateTime();
date_timestamp_set($date_stop, strtotime($_SESSION['game']['date_stop']));
$date_restart = new DateTime();
date_timestamp_set($date_restart, strtotime($_SESSION['game']['date_restart']));
$date_current = new DateTime();
date_timestamp_set($date_current, time());
$di_start = $date_current->diff($date_start);
$di_stop = $date_current->diff($date_stop);
$di_restart = $date_current->diff($date_restart);
$bWillBeStarted = $di_start->invert == 0;
$bWillBeRestarted = $di_stop->invert == 1 && $di_restart->invert == 0;
// echo date_diff($date_current, $date_start)."<br>";
if ($bWillBeStarted || $bWillBeRestarted) {
$label = $bWillBeStarted ? 'Game will be started after: ' : 'Game will be restarted after: ';
$di = $bWillBeStarted ? $di_start : $di_restart;
$message = $label . '<br>
<div class="fhq_timer" id="days">' . $di->d . '</div> day(s)
<div class="fhq_timer" id="hours">' . $di->h . '</div> hour(s)
<div class="fhq_timer" id="minutes">' . $di->i . '</div> minute(s)
<div class="fhq_timer" id="seconds">' . $di->s . '</div> second(s)<br>
<div id="reload_content" onclick="startTimer();"/></div> <br><br>
';
return false;
}
return true;
}
* API_INPUT: date_start - datetime, when game will be started
* API_INPUT: date_stop - datetime, when game will be stoped
* API_INPUT: date_restart - datetime, when game will be restarted
* API_INPUT: description - string, some description of the game
* API_INPUT: state - string, look types (copy, unlicensed copy and etc.)
* API_INPUT: form - string, look types (online or offline)
* API_INPUT: organizators - string, who make this game
*/
$curdir_games_insert = dirname(__FILE__);
include_once $curdir_games_insert . "/../api.lib/api.helpers.php";
include_once $curdir_games_insert . "/../../config/config.php";
include_once $curdir_games_insert . "/../api.lib/api.base.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
$conn = APIHelpers::createConnection($config);
if (!APISecurity::isAdmin()) {
APIHelpers::showerror(1160, 'access denie. you must be admin.');
}
$columns = array('uuid' => 'generate', 'title' => 'Unknown', 'logo' => '', 'type_game' => 'jeopardy', 'date_start' => '0000-00-00 00:00:00', 'date_stop' => '0000-00-00 00:00:00', 'date_restart' => '0000-00-00 00:00:00', 'description' => '', 'state' => 'Unlicensed copy', 'form' => 'online', 'owner' => APISecurity::userid(), 'organizators' => '');
$param_values = array();
$values_q = array();
$title = '';
foreach ($columns as $k => $v) {
$values_q[] = '?';
if ($k == 'owner') {
$param_values[$k] = $v;
} else {
if (APIHelpers::issetParam($k)) {
$param_values[$k] = APIHelpers::getParam($k, $v);
} else {
APIHelpers::showerror(1161, 'not found parameter "' . $k . '"');
include_once $curdir_users_update_role . "/../api.lib/api.types.php";
include_once $curdir_users_update_role . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
if (APIHelpers::issetParam('userid') && !APISecurity::isAdmin()) {
APIHelpers::showerror(1128, 'you what change role for another user, it can do only admin');
}
$userid = APIHelpers::getParam('userid', APISecurity::userid());
// $userid = intval($userid);
if (!is_numeric($userid)) {
APIHelpers::showerror(1129, 'userid must be numeric');
}
if (!APIHelpers::issetParam('role')) {
APIHelpers::showerror(1131, 'Not found parameter "role"');
}
if (APISecurity::isAdmin() && APISecurity::userid() == $userid) {
APIHelpers::showerror(1130, 'you are administrator and you cannot change role for self');
}
$conn = APIHelpers::createConnection($config);
$role = APIHelpers::getParam('role', '');
$response['data']['role'] = $role;
$response['data']['userid'] = $userid;
$response['data']['possible_roles'] = array();
foreach (APITypes::$types['userRoles'] as $key => $value) {
$response['data']['possible_roles'][] = APITypes::$types['userRoles'][$key]['value'];
}
if (!in_array($role, $response['data']['possible_roles'])) {
APIHelpers::showerror(1132, '"role" must have value from userRoles: "' . implode('", "', $response['data']['possible_roles']) . '"');
}
try {
$query = 'UPDATE users SET role = ? WHERE id = ?';
$stmt->execute($params);
if ($row = $stmt->fetch()) {
$response['data']['found'] = $row['cnt'];
}
} catch (PDOException $e) {
APIHelpers::showerror(1185, $e->getMessage());
}
try {
$query = 'SELECT * FROM public_events';
if (count($where) > 0) {
$query .= ' WHERE ' . implode(' AND ', $where);
}
$query .= ' ORDER BY id DESC LIMIT ' . $start . ',' . $onpage;
$stmt = $conn->prepare($query);
$stmt->execute($params);
$bAdmin = APISecurity::isAdmin();
$response['result'] = 'ok';
$response['access'] = $bAdmin;
$response['data']['maxid'] = -1;
$new_id = $id;
$response['data']['events'] = array();
while ($row = $stmt->fetch()) {
if ($row['id'] > $new_id) {
$new_id = $row['id'];
}
$response['data']['events'][] = array('id' => $row['id'], 'type' => $row['type'], 'message' => $row['message'], 'dt' => $row['dt']);
}
$response['data']['maxid'] = $new_id;
} catch (PDOException $e) {
APIHelpers::showerror(1229, $e->getMessage());
}
$status = '';
if ($row['dt_passed'] == null) {
$status = 'completed';
} else {
$status = 'open';
}
$response['data'] = array('questid' => $row['idquest'], 'score' => $row['score'], 'min_score' => $row['min_score'], 'name' => $row['name'], 'subject' => $row['subject'], 'dt_passed' => $row['dt_passed'], 'state' => $row['state'], 'author' => $row['author'], 'status' => $status);
$response['quest'] = $row['idquest'];
$response['gameid'] = $row['gameid'];
if ($status == 'current' || $status == 'completed') {
$response['data']['text'] = $row['text'];
$response['data']['files'] = array();
$stmt_files = $conn->prepare('select * from quests_files WHERE questid = ?');
$stmt_files->execute(array(intval($questid)));
while ($row_files = $stmt_files->fetch()) {
$response['data']['files'][] = array('filename' => $row_files['filename'], 'filepath' => $row_files['filepath'], 'size' => $row_files['size'], 'id' => $row_files['id']);
}
}
if (isset($_SESSION['game'])) {
$response['data']['game_title'] = $_SESSION['game']['title'];
}
} else {
APIHelpers::showerror(1148, 'Problem... may be incorrect game are selected?');
}
$response['result'] = 'ok';
$response['permissions']['edit'] = APISecurity::isAdmin();
$response['permissions']['delete'] = APISecurity::isAdmin();
} catch (PDOException $e) {
APIHelpers::showerror(1067, $e->getMessage());
}
APIHelpers::endpage($response);
/*
* API_NAME: Get Game Info
* API_DESCRIPTION: Mthod returned information about game
* API_ACCESS: all
* API_INPUT: token - guid, token
* API_INPUT: gameid - integer, Identificator of the game (defualt current id)
*/
$curdir_games_get = dirname(__FILE__);
include_once $curdir_games_get . "/../api.lib/api.base.php";
include_once $curdir_games_get . "/../api.lib/api.game.php";
include_once $curdir_games_get . "/../../config/config.php";
$response = APIHelpers::startpage($config);
$conn = APIHelpers::createConnection($config);
$gameid = APIHelpers::getParam('gameid', 0);
$response['access']['edit'] = APISecurity::isAdmin();
if (!is_numeric($gameid)) {
APIHelpers::showerror(1170, '"gameid" must be numeric');
}
$gameid = intval($gameid);
try {
$query = '
SELECT *
FROM
games
WHERE id = ?';
$columns = array('id', 'type_game', 'state', 'form', 'title', 'date_start', 'date_stop', 'date_restart', 'description', 'logo', 'owner', 'organizators', 'rules', 'maxscore');
$stmt = $conn->prepare($query);
$stmt->execute(array(intval($gameid)));
if ($row = $stmt->fetch()) {
$response['data'] = array();
games.maxscore,
users.nick
FROM
games
INNER JOIN users ON games.owner = users.id
ORDER BY games.date_start
DESC LIMIT 0,10;';
$columns = array('id', 'title', 'state', 'form', 'type_game', 'date_start', 'date_stop', 'date_restart', 'description', 'logo', 'owner', 'nick', 'organizators', 'maxscore');
$stmt = $conn->prepare($query);
$stmt->execute();
$i = 0;
while ($row = $stmt->fetch()) {
$id = $row['uuid'];
$response['data'][$id] = array();
foreach ($columns as $k) {
$response['data'][$id][$k] = $row[$k];
}
$bAllows = APISecurity::isAdmin();
$bChoose = APISecurity::isAdmin() || APISecurity::isUser();
$response['data'][$id]['permissions']['delete'] = $bAllows;
$response['data'][$id]['permissions']['update'] = $bAllows;
$response['data'][$id]['permissions']['export'] = $bAllows;
$response['data'][$id]['permissions']['choose'] = $bChoose;
}
$response['current_game'] = isset($_SESSION['game']) ? $_SESSION['game']['id'] : 0;
$response['permissions']['insert'] = APISecurity::isAdmin();
$response['result'] = 'ok';
} catch (PDOException $e) {
APIHelpers::showerror(1193, $e->getMessage());
}
APIHelpers::endpage($response);
/*
* API_NAME: Update User Status
* API_DESCRIPTION: Method for update user status
* API_ACCESS: admin only
* API_INPUT: userid - integer, userid
* API_INPUT: status - string, new user status ("activated" or "blocked")
* API_OKRESPONSE: { "result":"ok" }
*/
$curdir_users_update_status = dirname(__FILE__);
include_once $curdir_users_update_status . "/../api.lib/api.base.php";
include_once $curdir_users_update_status . "/../api.lib/api.types.php";
include_once $curdir_users_update_status . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
if (APIHelpers::issetParam('userid') && !APISecurity::isAdmin()) {
APIHelpers::showerror(1134, 'you want change status for another user, it can do only admin');
}
$userid = APIHelpers::getParam('userid', APISecurity::userid());
// $userid = intval($userid);
if (!is_numeric($userid)) {
APIHelpers::showerror(1135, 'userid must be numeric');
}
$conn = APIHelpers::createConnection($config);
if (!APIHelpers::issetParam('status')) {
APIHelpers::showerror(1136, 'Not found parameter "status"');
}
$status = APIHelpers::getParam('status', '');
$response['data']['status'] = $status;
$response['data']['userid'] = $userid;
$response['data']['possible_status'] = array();
* API_DESCRIPTION: Method for upload user logo (only POST request with file)
* API_ACCESS: admin, authorized user
* API_INPUT: userid - integer, default value: current user
* API_INPUT: file - file, default value: current user
* API_OKRESPONSE: { "result":"ok" }
*/
$curdir_upload_logo = dirname(__FILE__);
include_once $curdir_upload_logo . "/../api.lib/api.base.php";
include_once $curdir_upload_logo . "/../../config/config.php";
APIHelpers::checkAuth();
$userid = APIHelpers::getParam('userid', APISecurity::userid());
// $userid = intval($userid);
if (!is_numeric($userid)) {
APIHelpers::showerror(1044, 'userid must be numeric');
}
if (!APISecurity::isAdmin() && $userid != APISecurity::userid()) {
APIHelpers::showerror(1045, 'you what change logo for another user, it can do only admin');
}
if (count($_FILES) <= 0) {
APIHelpers::showerror(1046, 'Not found file');
}
$result = array('result' => 'fail', 'data' => array());
$keys = array_keys($_FILES);
// $prefix = 'quest'.$id.'_';
// $output_dir = 'files/';
for ($i = 0; $i < count($keys); $i++) {
$filename = $keys[$i];
if ($_FILES[$filename]['error'] > 0) {
echo "Error: " . $_FILES[$filename]["error"] . "<br>";
} else {
$full_filename = $curdir_upload_logo . '/../../files/users/' . $userid . '_orig.png';
include_once $curdir . "/../../config/config.php";
$response = APIHelpers::startpage($config);
$message = '';
if (!APIHelpers::issetParam('gameid')) {
APIHelpers::showerror(1331, 'Parameter "gameid" does not found');
}
$gameid = APIHelpers::getParam('gameid', 0);
if (!is_numeric($gameid)) {
APIHelpers::showerror(1088, 'Parameter "gameid" must be numeric');
}
$response['result'] = 'ok';
// TODO: must be added filters
$conn = APIHelpers::createConnection($config);
$response['gameid'] = $gameid;
$params[] = $gameid;
$filter_by_role = APISecurity::isAdmin() == false ? ' AND u.role = "user" ' : '';
$query = '
SELECT
u.nick,
u.role,
u.logo,
ug.userid,
ug.score
FROM
users_games ug
LEFT JOIN
users u ON u.id = ug.userid
WHERE
ug.gameid = ?
' . $filter_by_role . '
ORDER BY
include_once $curdir_users_get . "/../api.lib/api.base.php";
include_once $curdir_users_get . "/../api.lib/api.game.php";
include_once $curdir_users_get . "/../../config/config.php";
$response = APIHelpers::startpage($config);
APIHelpers::checkAuth();
$response['profile'] = array();
$response['access'] = array();
$conn = APIHelpers::createConnection($config);
/*if (!APIHelpers::issetParam('userid'))
APIHelpers::showerror(1177, 'Not found parameter userid');*/
$userid = APIHelpers::getParam('userid', APISecurity::userid());
if (!is_numeric($userid)) {
APIHelpers::showerror(1181, 'Parameter userid must be integer');
}
$userid = intval($userid);
$bAllow = APISecurity::isAdmin() || APISecurity::isTester() || APISecurity::userid() == $userid;
$response['access']['edit'] = $bAllow;
$response['currentUser'] = APISecurity::userid() == $userid;
$columns = array('id', 'email', 'dt_last_login', 'uuid', 'status', 'role', 'nick', 'logo');
$query = '
SELECT ' . implode(', ', $columns) . ' FROM
users
WHERE id = ?
';
$result['userid'] = $userid;
// $result['query'] = $query;
try {
$stmt = $conn->prepare($query);
$stmt->execute(array($userid));
if ($row = $stmt->fetch()) {
$response['data']['userid'] = $row['id'];
