$reqLevel = $db->escape($_GET['level']); // Requested level if (is_numeric($_GET['level'])) { // Check if the level has an URL mask. If it has an URL mask, it should appear instead of level number $url_mask = $ts->getURLMask($curLevel); if ($url_mask) { header('Location: ' . SITE_URL . 'level/' . $url_mask . '/'); exit; } if ($reqLevel == 0 && $curLevel == 0) { // Only Faceook users will be forced to like pages if ($_SESSION['oauth_type'] == OAUTH_FACEBOOK) { require DOCUMENT_ROOT . 'includes/html/event/facebook_likes.php'; exit; } else { $ts->upgradeLevel(1); header('Location: ' . SITE_URL . 'level/' . $curLevel . '/'); exit; } } elseif ($reqLevel == 0 && $curLevel != 0) { header('Location: ' . SITE_URL . 'level/' . $curLevel . '/'); exit; } } else { // URL mask probably if ($levelID = $ts->getLevel($reqLevel)) { $reqLevel = $levelID; } else { //Random strng header('Location: ' . SITE_URL . 'level/' . $curLevel . '/'); exit;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['answer']) && isset($_POST['level'])) { $ts = new Treasherlocked($db); if ($ts->getEventStatus() == EVENT_NOT_STARTED) { $response->send404(); exit; } $level = $db->escape($_POST['level']); if ($level == $ts->getCurrentLevel()) { // Update attempts $_SESSION['attempts'] = ++$_SESSION['attempts']; $answer = preg_replace('/[\\s\\.\'\\",]+/i', '', strtolower($_POST['answer'])); $answer = sha1($answer); if ($answer == $_SESSION['answer']) { $time = date('Y-m-d H:i:s', time()); if ($db->insert('gameplay', array('user_id' => $_SESSION['user_id'], 'level' => $level, 'clear_time' => $time, 'attempts' => $_SESSION['attempts']))) { $ts->upgradeLevel(++$_SESSION['level']); if ($_SESSION['level'] > NO_OF_LEVELS) { $response->finished(); } $response->success(); $response->correctAnswer(); } else { $response->error('ERR_DB_INSRT: Unexpected error!'); } $response->send(); exit; } else { $response->success(); $response->correctAnswer(false); $response->send(); exit;