static function checkGameDates(&$message) { if (APIHelpers::$FHQSESSION != NULL) { if (!isset(APIHelpers::$FHQSESSION['game'])) { $message = 'Select game please'; return false; } } else { if (!isset($_SESSION['game'])) { $message = 'Select game please'; return false; } } if (APISecurity::isAdmin() || APISecurity::isTester()) { return true; } $date_start = new DateTime(); date_timestamp_set($date_start, strtotime($_SESSION['game']['date_start'])); $date_stop = new DateTime(); date_timestamp_set($date_stop, strtotime($_SESSION['game']['date_stop'])); $date_restart = new DateTime(); date_timestamp_set($date_restart, strtotime($_SESSION['game']['date_restart'])); $date_current = new DateTime(); date_timestamp_set($date_current, time()); $di_start = $date_current->diff($date_start); $di_stop = $date_current->diff($date_stop); $di_restart = $date_current->diff($date_restart); $bWillBeStarted = $di_start->invert == 0; $bWillBeRestarted = $di_stop->invert == 1 && $di_restart->invert == 0; // echo date_diff($date_current, $date_start)."<br>"; if ($bWillBeStarted || $bWillBeRestarted) { $label = $bWillBeStarted ? 'Game will be started after: ' : 'Game will be restarted after: '; $di = $bWillBeStarted ? $di_start : $di_restart; $message = $label . '<br> <div class="fhq_timer" id="days">' . $di->d . '</div> day(s) <div class="fhq_timer" id="hours">' . $di->h . '</div> hour(s) <div class="fhq_timer" id="minutes">' . $di->i . '</div> minute(s) <div class="fhq_timer" id="seconds">' . $di->s . '</div> second(s)<br> <div id="reload_content" onclick="startTimer();"/></div> <br><br> '; return false; } return true; }
* API_INPUT: date_start - datetime, when game will be started * API_INPUT: date_stop - datetime, when game will be stoped * API_INPUT: date_restart - datetime, when game will be restarted * API_INPUT: description - string, some description of the game * API_INPUT: state - string, look types (copy, unlicensed copy and etc.) * API_INPUT: form - string, look types (online or offline) * API_INPUT: organizators - string, who make this game */ $curdir_games_insert = dirname(__FILE__); include_once $curdir_games_insert . "/../api.lib/api.helpers.php"; include_once $curdir_games_insert . "/../../config/config.php"; include_once $curdir_games_insert . "/../api.lib/api.base.php"; $response = APIHelpers::startpage($config); APIHelpers::checkAuth(); $conn = APIHelpers::createConnection($config); if (!APISecurity::isAdmin()) { APIHelpers::showerror(1160, 'access denie. you must be admin.'); } $columns = array('uuid' => 'generate', 'title' => 'Unknown', 'logo' => '', 'type_game' => 'jeopardy', 'date_start' => '0000-00-00 00:00:00', 'date_stop' => '0000-00-00 00:00:00', 'date_restart' => '0000-00-00 00:00:00', 'description' => '', 'state' => 'Unlicensed copy', 'form' => 'online', 'owner' => APISecurity::userid(), 'organizators' => ''); $param_values = array(); $values_q = array(); $title = ''; foreach ($columns as $k => $v) { $values_q[] = '?'; if ($k == 'owner') { $param_values[$k] = $v; } else { if (APIHelpers::issetParam($k)) { $param_values[$k] = APIHelpers::getParam($k, $v); } else { APIHelpers::showerror(1161, 'not found parameter "' . $k . '"');
include_once $curdir_users_update_role . "/../api.lib/api.types.php"; include_once $curdir_users_update_role . "/../../config/config.php"; $response = APIHelpers::startpage($config); APIHelpers::checkAuth(); if (APIHelpers::issetParam('userid') && !APISecurity::isAdmin()) { APIHelpers::showerror(1128, 'you what change role for another user, it can do only admin'); } $userid = APIHelpers::getParam('userid', APISecurity::userid()); // $userid = intval($userid); if (!is_numeric($userid)) { APIHelpers::showerror(1129, 'userid must be numeric'); } if (!APIHelpers::issetParam('role')) { APIHelpers::showerror(1131, 'Not found parameter "role"'); } if (APISecurity::isAdmin() && APISecurity::userid() == $userid) { APIHelpers::showerror(1130, 'you are administrator and you cannot change role for self'); } $conn = APIHelpers::createConnection($config); $role = APIHelpers::getParam('role', ''); $response['data']['role'] = $role; $response['data']['userid'] = $userid; $response['data']['possible_roles'] = array(); foreach (APITypes::$types['userRoles'] as $key => $value) { $response['data']['possible_roles'][] = APITypes::$types['userRoles'][$key]['value']; } if (!in_array($role, $response['data']['possible_roles'])) { APIHelpers::showerror(1132, '"role" must have value from userRoles: "' . implode('", "', $response['data']['possible_roles']) . '"'); } try { $query = 'UPDATE users SET role = ? WHERE id = ?';
$stmt->execute($params); if ($row = $stmt->fetch()) { $response['data']['found'] = $row['cnt']; } } catch (PDOException $e) { APIHelpers::showerror(1185, $e->getMessage()); } try { $query = 'SELECT * FROM public_events'; if (count($where) > 0) { $query .= ' WHERE ' . implode(' AND ', $where); } $query .= ' ORDER BY id DESC LIMIT ' . $start . ',' . $onpage; $stmt = $conn->prepare($query); $stmt->execute($params); $bAdmin = APISecurity::isAdmin(); $response['result'] = 'ok'; $response['access'] = $bAdmin; $response['data']['maxid'] = -1; $new_id = $id; $response['data']['events'] = array(); while ($row = $stmt->fetch()) { if ($row['id'] > $new_id) { $new_id = $row['id']; } $response['data']['events'][] = array('id' => $row['id'], 'type' => $row['type'], 'message' => $row['message'], 'dt' => $row['dt']); } $response['data']['maxid'] = $new_id; } catch (PDOException $e) { APIHelpers::showerror(1229, $e->getMessage()); }
$status = ''; if ($row['dt_passed'] == null) { $status = 'completed'; } else { $status = 'open'; } $response['data'] = array('questid' => $row['idquest'], 'score' => $row['score'], 'min_score' => $row['min_score'], 'name' => $row['name'], 'subject' => $row['subject'], 'dt_passed' => $row['dt_passed'], 'state' => $row['state'], 'author' => $row['author'], 'status' => $status); $response['quest'] = $row['idquest']; $response['gameid'] = $row['gameid']; if ($status == 'current' || $status == 'completed') { $response['data']['text'] = $row['text']; $response['data']['files'] = array(); $stmt_files = $conn->prepare('select * from quests_files WHERE questid = ?'); $stmt_files->execute(array(intval($questid))); while ($row_files = $stmt_files->fetch()) { $response['data']['files'][] = array('filename' => $row_files['filename'], 'filepath' => $row_files['filepath'], 'size' => $row_files['size'], 'id' => $row_files['id']); } } if (isset($_SESSION['game'])) { $response['data']['game_title'] = $_SESSION['game']['title']; } } else { APIHelpers::showerror(1148, 'Problem... may be incorrect game are selected?'); } $response['result'] = 'ok'; $response['permissions']['edit'] = APISecurity::isAdmin(); $response['permissions']['delete'] = APISecurity::isAdmin(); } catch (PDOException $e) { APIHelpers::showerror(1067, $e->getMessage()); } APIHelpers::endpage($response);
/* * API_NAME: Get Game Info * API_DESCRIPTION: Mthod returned information about game * API_ACCESS: all * API_INPUT: token - guid, token * API_INPUT: gameid - integer, Identificator of the game (defualt current id) */ $curdir_games_get = dirname(__FILE__); include_once $curdir_games_get . "/../api.lib/api.base.php"; include_once $curdir_games_get . "/../api.lib/api.game.php"; include_once $curdir_games_get . "/../../config/config.php"; $response = APIHelpers::startpage($config); $conn = APIHelpers::createConnection($config); $gameid = APIHelpers::getParam('gameid', 0); $response['access']['edit'] = APISecurity::isAdmin(); if (!is_numeric($gameid)) { APIHelpers::showerror(1170, '"gameid" must be numeric'); } $gameid = intval($gameid); try { $query = ' SELECT * FROM games WHERE id = ?'; $columns = array('id', 'type_game', 'state', 'form', 'title', 'date_start', 'date_stop', 'date_restart', 'description', 'logo', 'owner', 'organizators', 'rules', 'maxscore'); $stmt = $conn->prepare($query); $stmt->execute(array(intval($gameid))); if ($row = $stmt->fetch()) { $response['data'] = array();
games.maxscore, users.nick FROM games INNER JOIN users ON games.owner = users.id ORDER BY games.date_start DESC LIMIT 0,10;'; $columns = array('id', 'title', 'state', 'form', 'type_game', 'date_start', 'date_stop', 'date_restart', 'description', 'logo', 'owner', 'nick', 'organizators', 'maxscore'); $stmt = $conn->prepare($query); $stmt->execute(); $i = 0; while ($row = $stmt->fetch()) { $id = $row['uuid']; $response['data'][$id] = array(); foreach ($columns as $k) { $response['data'][$id][$k] = $row[$k]; } $bAllows = APISecurity::isAdmin(); $bChoose = APISecurity::isAdmin() || APISecurity::isUser(); $response['data'][$id]['permissions']['delete'] = $bAllows; $response['data'][$id]['permissions']['update'] = $bAllows; $response['data'][$id]['permissions']['export'] = $bAllows; $response['data'][$id]['permissions']['choose'] = $bChoose; } $response['current_game'] = isset($_SESSION['game']) ? $_SESSION['game']['id'] : 0; $response['permissions']['insert'] = APISecurity::isAdmin(); $response['result'] = 'ok'; } catch (PDOException $e) { APIHelpers::showerror(1193, $e->getMessage()); } APIHelpers::endpage($response);
/* * API_NAME: Update User Status * API_DESCRIPTION: Method for update user status * API_ACCESS: admin only * API_INPUT: userid - integer, userid * API_INPUT: status - string, new user status ("activated" or "blocked") * API_OKRESPONSE: { "result":"ok" } */ $curdir_users_update_status = dirname(__FILE__); include_once $curdir_users_update_status . "/../api.lib/api.base.php"; include_once $curdir_users_update_status . "/../api.lib/api.types.php"; include_once $curdir_users_update_status . "/../../config/config.php"; $response = APIHelpers::startpage($config); APIHelpers::checkAuth(); if (APIHelpers::issetParam('userid') && !APISecurity::isAdmin()) { APIHelpers::showerror(1134, 'you want change status for another user, it can do only admin'); } $userid = APIHelpers::getParam('userid', APISecurity::userid()); // $userid = intval($userid); if (!is_numeric($userid)) { APIHelpers::showerror(1135, 'userid must be numeric'); } $conn = APIHelpers::createConnection($config); if (!APIHelpers::issetParam('status')) { APIHelpers::showerror(1136, 'Not found parameter "status"'); } $status = APIHelpers::getParam('status', ''); $response['data']['status'] = $status; $response['data']['userid'] = $userid; $response['data']['possible_status'] = array();
* API_DESCRIPTION: Method for upload user logo (only POST request with file) * API_ACCESS: admin, authorized user * API_INPUT: userid - integer, default value: current user * API_INPUT: file - file, default value: current user * API_OKRESPONSE: { "result":"ok" } */ $curdir_upload_logo = dirname(__FILE__); include_once $curdir_upload_logo . "/../api.lib/api.base.php"; include_once $curdir_upload_logo . "/../../config/config.php"; APIHelpers::checkAuth(); $userid = APIHelpers::getParam('userid', APISecurity::userid()); // $userid = intval($userid); if (!is_numeric($userid)) { APIHelpers::showerror(1044, 'userid must be numeric'); } if (!APISecurity::isAdmin() && $userid != APISecurity::userid()) { APIHelpers::showerror(1045, 'you what change logo for another user, it can do only admin'); } if (count($_FILES) <= 0) { APIHelpers::showerror(1046, 'Not found file'); } $result = array('result' => 'fail', 'data' => array()); $keys = array_keys($_FILES); // $prefix = 'quest'.$id.'_'; // $output_dir = 'files/'; for ($i = 0; $i < count($keys); $i++) { $filename = $keys[$i]; if ($_FILES[$filename]['error'] > 0) { echo "Error: " . $_FILES[$filename]["error"] . "<br>"; } else { $full_filename = $curdir_upload_logo . '/../../files/users/' . $userid . '_orig.png';
include_once $curdir . "/../../config/config.php"; $response = APIHelpers::startpage($config); $message = ''; if (!APIHelpers::issetParam('gameid')) { APIHelpers::showerror(1331, 'Parameter "gameid" does not found'); } $gameid = APIHelpers::getParam('gameid', 0); if (!is_numeric($gameid)) { APIHelpers::showerror(1088, 'Parameter "gameid" must be numeric'); } $response['result'] = 'ok'; // TODO: must be added filters $conn = APIHelpers::createConnection($config); $response['gameid'] = $gameid; $params[] = $gameid; $filter_by_role = APISecurity::isAdmin() == false ? ' AND u.role = "user" ' : ''; $query = ' SELECT u.nick, u.role, u.logo, ug.userid, ug.score FROM users_games ug LEFT JOIN users u ON u.id = ug.userid WHERE ug.gameid = ? ' . $filter_by_role . ' ORDER BY
include_once $curdir_users_get . "/../api.lib/api.base.php"; include_once $curdir_users_get . "/../api.lib/api.game.php"; include_once $curdir_users_get . "/../../config/config.php"; $response = APIHelpers::startpage($config); APIHelpers::checkAuth(); $response['profile'] = array(); $response['access'] = array(); $conn = APIHelpers::createConnection($config); /*if (!APIHelpers::issetParam('userid')) APIHelpers::showerror(1177, 'Not found parameter userid');*/ $userid = APIHelpers::getParam('userid', APISecurity::userid()); if (!is_numeric($userid)) { APIHelpers::showerror(1181, 'Parameter userid must be integer'); } $userid = intval($userid); $bAllow = APISecurity::isAdmin() || APISecurity::isTester() || APISecurity::userid() == $userid; $response['access']['edit'] = $bAllow; $response['currentUser'] = APISecurity::userid() == $userid; $columns = array('id', 'email', 'dt_last_login', 'uuid', 'status', 'role', 'nick', 'logo'); $query = ' SELECT ' . implode(', ', $columns) . ' FROM users WHERE id = ? '; $result['userid'] = $userid; // $result['query'] = $query; try { $stmt = $conn->prepare($query); $stmt->execute(array($userid)); if ($row = $stmt->fetch()) { $response['data']['userid'] = $row['id'];