public static function add_new_pending_game($user_id, $size)
{
if (safe_input::is_number($user_id) && safe_input::is_number($size) && $size > 1) {
$date = microtime(true);
$query = "INSERT INTO `pending_game` (`userID`, `date`, `size`) VALUES ( '{$user_id}', '{$date}', '{$size}');";
$db = new database();
$res = $db->query($query);
pending_game::$last_inserted_id = $db->insert_id();
return $res;
} else {
return false;
}
}
public static function create_new_user($username, $password, $email)
{
$date = time();
$salt = random::salt();
$safe_username = safe_input::all($username);
$md5_password = md5(md5($password) . md5($salt));
$safe_email = safe_input::all($email);
$db = new database();
$query = "INSERT INTO `user` (`username`, `password`, `salt`, `email`, `joinDate`, `lastLoginDate` , `gcmID`) VALUES ( '{$safe_username}', '{$md5_password}', '{$salt}', '{$safe_email}', '{$date}', '{$date}', 'null');";
$res = $db->query($query);
session::$last_inserted_id = $db->insert_id();
return $res;
}
public static function addNewLog($user_id, $ip, $uuid)
{
if (safe_input::is_number($user_id) && safe_input::is_valid_ip($ip) && safe_input::is_valid_uuid($uuid)) {
$date = microtime(true);
$query = "INSERT INTO `log` (`userID`, `date`, `uuid`, `ipAddress`) VALUES ( '{$user_id}', '{$date}', '{$uuid}', '{$ip}');";
$db = new database();
$res = $db->query($query);
log::$last_inserted_id = $db->insert_id();
return $res;
} else {
return false;
//invalid input
}
}
public static function add_new_game($current_turn_player_id, $size, $player1ID, $player2ID)
{
$date = time();
if (safe_input::is_number($current_turn_player_id) && safe_input::is_number($size) && $size > 1 && safe_input::is_number($player1ID) && safe_input::is_number($player2ID) && ($current_turn_player_id == $player1ID || $current_turn_player_id == $player2ID)) {
$db = new database();
$query = "INSERT INTO `game` (`winnerID`, `createDate`, `currentTurnPlayerID`, `size`, `lastActivityDate`, `player1ID` , `player2ID`) VALUES ( null, '{$date}', '{$current_turn_player_id}', '{$size}', null , '{$player1ID}', '{$player2ID}');";
$res = $db->query($query);
game::$last_inserted_id = $db->insert_id();
return $res;
} else {
//echo "table_game::add_new_game: current turn or size or player id is not a number!" ;
return false;
}
}
public static function add_new_message($game_id, $user_id, $message)
{
$safe_message = safe_input::sql_inj($message);
if (safe_input::is_number($game_id) && safe_input::is_number($user_id)) {
$date = microtime(true);
$db = new database();
$query = "INSERT INTO `message` (`gameID`, `userID`, `date`, `message_text`) VALUES ( '{$game_id}', '{$user_id}', '{$date}', '{$safe_message}');";
$res = $db->query($query);
message::$last_inserted_id = $db->insert_id();
return $res;
} else {
return false;
//invalud input
}
}
public static function add_new_session($user_id, $hash, $encryption_key)
{
if (safe_input::is_number($user_id) && safe_input::is_valid_session_hash($hash) && safe_input::is_valid_encryption_key($encryption_key)) {
$date = microtime(true);
$safe_hash = safe_input::sql_inj($hash);
$safe_encryption_key = safe_input::sql_inj($encryption_key);
$query = "INSERT INTO `session` (`userID`, `date`, `hash`, `encryptionKey`) VALUES ( '{$user_id}', '{$date}', '{$safe_hash}', '{$safe_encryption_key}');";
$db = new database();
$res = $db->query($query);
session::$last_inserted_id = $db->insert_id();
return $res;
} else {
return false;
//invalid input
}
}
} else {
header("location:register.php?e=8");
}
include "./Class_Database.php";
$db = new database();
//$db->setup("root", "", "localhost", "jobportaldb");
$query = "Select * from users where name_user='******' or email_user='******'";
if ($res = $db->send_sql($query)) {
if (mysql_num_rows($res) <= 0) {
if (isset($res)) {
unset($res);
}
$random = GetRandomKey();
$query = "Insert Into users(name_user,type_user,password_user,email_user,securityquestion_user, securityanswer_user, key_user, createdon,updatedon)\n\t\tvalues('" . addslashes(strip_tags($uname)) . "','" . addslashes(strip_tags($utype)) . "','" . addslashes(strip_tags($pwd)) . "','" . addslashes(strip_tags($email)) . "','" . addslashes(strip_tags($question)) . "','" . addslashes(strip_tags($answer)) . "', '" . addslashes(strip_tags($random)) . "', Now(),Now())";
if ($res = $db->send_sql($query)) {
$id = $db->insert_id();
if ($utype == "JobSeeker") {
$query = "Insert Into js_personalinfo(id_user,fname,lname,email,createdon) values ('" . addslashes(strip_tags($id)) . "','" . addslashes(strip_tags($fname)) . "','" . addslashes(strip_tags($lname)) . "','" . addslashes(strip_tags($email)) . "',Now())";
} else {
if ($utype == "Employer") {
$query = "Insert Into emp_personalinfo(id_user,contactpersonfirstname,contactpersonlastname,email,createdon) values ('" . addslashes(strip_tags($id)) . "','" . addslashes(strip_tags($fname)) . "','" . addslashes(strip_tags($lname)) . "','" . addslashes(strip_tags($email)) . "',Now())";
}
}
if (isset($res)) {
unset($res);
}
if ($res = $db->send_sql($query)) {
header("location:register.php?s=1");
}
}
} else {
$db = new database();
$results = array();
if (isset($_POST['post']) && isset($_POST['for_name']) && $_POST['post'] != '') {
if (isset($_POST['showName'])) {
$showName = $db->escape($_POST['showName']);
if ($showName === true || $showName === 'true') {
$showName = 1;
} else {
$showName = 0;
}
} else {
$showName = 0;
}
if ($session->checkLoggedIn() === true) {
$db->send_sql("insert into ownage(u_id) values ('{$session->uid}')");
$ownage = $db->insert_id();
date_default_timezone_set('UTC');
$post = $db->escape($_POST['post']);
$for_name = $db->escape($_POST['for_name']);
$query = 'insert into posts(u_id, post, showName, ownage_id, for_name) values (\'' . $session->uid . '\', \'' . $post . '\', \'' . $showName . '\', \'' . $ownage . '\', \'' . $for_name . '\')';
$db->send_sql($query);
array_push($results, "success");
} else {
array_push($results, "Please log in");
}
} else {
if (isset($_POST['delete']) && $_POST['delete'] != '') {
$delete = $db->escape($_POST['delete']);
if ($session->isAdmin()) {
$query = 'update posts set hidden=1 where p_id=\'' . $delete . '\'';
} else {
$settq = $db->query("SELECT * FROM settings");
while ($r = $db->fetch_row($settq)) {
$set[$r['conf_name']] = $r['conf_value'];
}
$db->query("UPDATE users SET attacking=0");
$db->query("UPDATE gangs SET gangCHOURS=gangCHOURS-1 WHERE gangCRIME>0");
$q = $db->query("SELECT g.*,oc.* FROM gangs g LEFT JOIN orgcrimes oc ON g.gangCRIME=oc.ocID WHERE g.gangCRIME > 0 AND g.gangCHOURS = 0");
while ($r = $db->fetch_row($q)) {
$suc = rand(0, 1);
if ($suc) {
$log = $r['ocSTARTTEXT'] . $r['ocSUCCTEXT'];
$muny = (int) rand($r['ocMINMONEY'], $r['ocMAXMONEY']);
$log = str_replace(array("{muny}", "'"), array($muny, "''"), $log);
$db->query("UPDATE gangs SET gangMONEY=gangMONEY+{$muny},gangCRIME=0 WHERE gangID={$r['gangID']}");
$db->query("INSERT INTO oclogs VALUES ('',{$r['ocID']},{$r['gangID']}, '{$log}', 'success', {$muny}, '{$r['ocNAME']}', unix_timestamp())");
$i = $db->insert_id();
$qm = $db->query("SELECT * FROM users WHERE gang={$r['gangID']}");
while ($rm = $db->fetch_row($qm)) {
event_add($rm['userid'], "Your Gang's Organised Crime Succeeded. Go <a href='oclog.php?ID={$i}'>here</a> to view the details.", $c);
}
} else {
$log = $r['ocSTARTTEXT'] . $r['ocFAILTEXT'];
$muny = 0;
$log = str_replace(array("{muny}", "'"), array($muny, "''"), $log);
$db->query("UPDATE gangs SET gangCRIME=0 WHERE gangID={$r['gangID']}");
$db->query("INSERT INTO oclogs VALUES ('',{$r['ocID']},{$r['gangID']}, '{$log}', 'failure', {$muny}, '{$r['ocNAME']}', unix_timestamp())");
$i = $db->insert_id();
$qm = $db->query("SELECT * FROM users WHERE gang={$r['gangID']}");
while ($rm = $db->fetch_row($qm)) {
event_add($rm['userid'], "Your Gang's Organised Crime Failed. Go <a href='oclog.php?ID={$i}'>here</a> to view the details.", $c);
}
public function get_id()
{
return $this->database->insert_id();
}
break;
}
switch ($values[1]) {
case "CMAX":
$type = 2;
break;
case "ITEM":
$type = 1;
break;
case "RACE":
$type = 0;
break;
}
$sql = "\r\n\t\t\tINSERT INTO buildings (name, type, granite, level, class, root, value) \r\n\t\t\tVALUES ('{$values['0']}', '{$type}', '{$values['2']}', '{$values['3']}', '{$class}', '0', '{$value}')\r\n\t\t\t";
$result = $db->query($sql);
$id = $db->insert_id();
$buildings[$values[0]] = $id;
$counter++;
}
$rooted = 0;
// add root
foreach ($lines as $line) {
$values = explode("\t", $line);
foreach ($values as $key => $value) {
$values[$key] = trim($value);
}
if ($values[5] != "") {
$sql = "UPDATE buildings SET root = '" . $buildings[$values[5]] . "' WHERE id = '" . $buildings[$values[0]] . "'";
$result = $db->query($sql);
$rooted++;
}
