public function startNewGame()
{
if (XmlRequestValidator::isValidStartPendingGameRequest($this->requestData)) {
$session = $this->requestData->body->session;
$size = $this->requestData->body->size;
if (safe_input::is_valid_session_hash($session) && safe_input::is_number($size) && $size > 1) {
//chkec if the session hash exists
$session_info = session::get_session_by_hash($session);
if ($session_info != null) {
$res = Execute::newPendingGame($session, $size);
if ($res) {
$this->response = XmlBuilder::startNewPendingGameSuccessfullResponse("plain", $session);
} else {
//faild to add new game
Report::error(__METHOD__ . "," . __LINE__, "failed to add new pending game");
$this->response = XmlBuilder::failed_response("plain", 5, 0, "failed to add new pending game, try again");
}
} else {
//the given hash doesn't exist in the database
Report::warning(__METHOD__ . "," . __LINE__, "start new pending game request contains a session hash that does not exist in the database: hash=" . $session);
$this->response = XmlBuilder::failed_response("plain", 5, 1, "expired session");
}
} else {
//invalid data passed
Report::error(__METHOD__ . "," . __LINE__, "start new pending game request contains an incorrectly formatted session hash or game size, size:" . $size);
$this->response = XmlBuilder::failed_response("plain", 5, 0, "invalid session or gcm id");
}
} else {
//xml request was not formatted correctly
Report::error(__METHOD__ . "," . __LINE__, "invalid new pending game request!");
$this->invalidRequest();
}
}
public function test()
{
$username = "******";
$password = "******";
$email = "*****@*****.**";
$username2 = "bla2";
$password2 = "pass2";
$email2 = "*****@*****.**";
$username3 = "gue";
$password3 = "pass3";
$email3 = "*****@*****.**";
user::create_new_user($username, $password, $email);
$this->assertEquals(1, user::getNumberOfUsers(), "number of users is not correct after adding a new user");
user::create_new_user($username2, $password2, $email2);
$this->assertEquals(2, user::getNumberOfUsers(), "number of users is not correct after adding a new user");
user::create_new_user($username3, $password3, $email3);
$this->assertEquals(3, user::getNumberOfUsers(), "number of users is not correct after adding a new user");
$user1ID = user::getUserByUsername($username)['id'];
$user2ID = user::getUserByUsername($username2)['id'];
$user3ID = user::getUserByUsername($username3)['id'];
$this->assertTrue(safe_input::is_valid_session_hash(md5("\$3dfsd43^^%")), "safe_input::is_valid_session_hash()");
$this->assertFalse(safe_input::is_valid_session_hash("x = 2 "), "safe_input::is_valid_session_hash()");
//get_last_session_for_user_id($user_id)
//add_new_session($user_id,$hash,$encryption_key)
$this->assertFalse(session::add_new_session("hh", md5("bla"), md5("bla2")), "[add_new_session()]");
$this->assertTrue(session::add_new_session($user1ID, md5("bla"), md5("bla2")), "failed to add new session[add_new_session()]");
$s1 = session::$last_inserted_id;
$this->assertFalse(session::is_unique_hash(md5("bla")), "[session::is_unique_hash()]");
$this->assertTrue(session::is_unique_hash(md5("bddla")), "[session::is_unique_hash()]");
//$this->assertNull(session::add_new_session($user2ID,md5("bla"),md5("mmm")),"Hash has to be unique! [add_new_session()]") ;
$this->assertTrue(session::add_new_session($user2ID, md5("hash2"), md5("bla2")), "failed to add new session[add_new_session()]");
$this->assertTrue(session::add_new_session($user1ID, md5("hash2sss"), md5("blssssa2")), "failed to add new session[add_new_session()]");
$s2 = session::$last_inserted_id;
$s_info = session::get_last_session_for_user_id($user1ID);
$this->assertEquals($s_info['encryptionKey'], md5("blssssa2"), "[get_last_session_for_user_id()]");
$this->assertFalse(session::is_unique_hash($s_info['hash']), "[is_unique_hash()]");
$this->assertTrue(session::is_unique_hash(md5("asdfasefds")), "[is_unique_hash()]");
$this->assertTrue(session::does_user_have_session($user2ID), "[does_user_have_session()]");
$this->assertFalse(session::does_user_have_session($user3ID), "[does_user_have_session()]");
//delete_all_sessions_for_user_id($user_id)
$this->assertFalse(session::delete_all_sessions_for_user_id("sadsadsad"), "[delete_all_sessions_for_user_id()]");
$this->assertTrue(session::delete_all_sessions_for_user_id($user2ID), "[delete_all_sessions_for_user_id()]");
$this->assertFalse(session::does_user_have_session($user2ID), "[does_user_have_session()]");
$this->assertTrue(session::does_user_have_session($user1ID), "[does_user_have_session()]");
//session::delete_session_by_id($session_id)
$s_info = session::get_last_session_for_user_id($user1ID);
$this->assertTrue(session::add_new_session($user2ID, md5("hash2"), md5("bla2")), "failed to add new session[add_new_session()]");
$s2_info = session::get_last_session_for_user_id($user2ID);
$this->assertTrue(session::delete_session_by_id($s2_info['id']), "[delete_session_by_id()]");
$this->assertFalse(session::does_user_have_session($user2ID), "[does_user_have_session()]");
$this->assertTrue(session::does_user_have_session($user1ID), "[does_user_have_session()]");
//session::delete_session_by_hash($hash)
$s_info = session::get_last_session_for_user_id($user1ID);
$this->assertTrue(session::add_new_session($user2ID, md5("hash2"), md5("bla2")), "failed to add new session[add_new_session()]");
$s2_info = session::get_last_session_for_user_id($user2ID);
$this->assertTrue(session::delete_session_by_hash($s2_info['hash']), "[delete_session_by_id()]");
$this->assertFalse(session::does_user_have_session($user2ID), "[does_user_have_session()]");
$this->assertTrue(session::does_user_have_session($user1ID), "[does_user_have_session()]");
//session::get_session_by_hash($hash)
$s_infos = session::get_session_by_hash($s_info['hash']);
$this->assertEquals($s_info['id'], $s_infos['id'], "session::get_session_by_hash()");
}
public static function get_session_by_hash($hash)
{
if (safe_input::is_valid_session_hash($hash)) {
$safe_hash = safe_input::sql_inj($hash);
$query = "SELECT * FROM `session` WHERE `hash` = '{$safe_hash}'";
$db = new database();
$db->query($query);
if ($db->number_of_rows() > 0) {
return $db->fetch_row();
} else {
return null;
}
} else {
return null;
//invalid hash
}
}
