public function CreateTournament($request) { $mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']); if (!valid_id($mundane_id)) { return NoAuthorization(); } logtrace("CreateTournament() :1", $request); $this->Tournament->clear(); $this->Tournament->kingdom_id = $request['KingdomId']; $this->Tournament->park_id = $request['ParkId']; $this->Tournament->event_calendardetail_id = $request['EventCalendarDetailId']; $detail = new yapo($this->db, DB_PREFIX . 'event_calendardetail'); $detail->event_calendardetail_id = $request['EventCalendarDetailId']; if ($detail->find()) { $this->Tournament->event_id = $detail->event_id; } else { if (valid_id($request['EventCalendarDetailId'])) { return InvalidParameter(); } } $this->Tournament->name = $request['Name']; $this->Tournament->description = strip_tags($request['Description'], "<p><br><ul><li><b><i>"); $this->Tournament->date_time = $request['When']; $this->Tournament->save(); return Success($this->Tournament->tournament_id); }
public function CreateEvent($request) { logtrace("CreateEvent()", $request); $log = ''; $mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']); // Common event setup $this->event->clear(); $this->event->kingdom_id = $request['KingdomId']; $this->event->park_id = $request['ParkId']; $this->event->mundane_id = $request['MundaneId']; $this->event->unit_id = $request['UnitId']; $this->event->name = $request['Name']; $this->event->modified = date('Y-m-d H:i:s'); if (valid_id($request['MundaneId']) && !valid_id($request['UnitId'])) { $this->event->kingdom_id = 0; $this->event->park_id = 0; $this->event->unit_id = 0; $this->event->save(); } else { if (valid_id($request['UnitId'])) { $this->event->kingdom_id = 0; $this->event->park_id = 0; $this->event->save(); } else { if (valid_id($request['ParkId']) && valid_id($request['KingdomId']) && valid_id($mundane_id) && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_PARK, $request['ParkId'], AUTH_CREATE)) { $park = new yapo($this->db, DB_PREFIX . 'park'); $park->clear(); $park->park_id = $request['ParkId']; if ($park->find()) { $this->event->mundane_id = 0; $this->event->unit_id = 0; $this->event->save(); } else { return InvalidParameter(NULL, 'Problem processing request.'); } } else { if (valid_id($request['KingdomId']) && valid_id($mundane_id) && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_KINGDOM, $request['KingdomId'], AUTH_CREATE)) { $kingdom = new yapo($this->db, DB_PREFIX . 'kingdom'); $kingdom->clear(); $kingdom->kingdom_id = $request['KingdomId']; if ($kingdom->find()) { $this->event->park_id = 0; $this->event->mundane_id = 0; $this->event->unit_id = 0; $this->event->save(); } else { return InvalidParameter(NULL, 'Problem processing request.'); } } else { // Bailout without committing return NoAuthorization(); } } } } Ork3::$Lib->heraldry->SetEventHeraldry($request); return Success($this->event->event_id); }
public function LookupKingdomAward($request) { if (valid_id($request['KingdomAwardId'])) { $kingdomaward = new yapo($this->db, DB_PREFIX . 'kingdomaward'); $kingdomaward->clear(); $kingdomaward->kingdomaward_id = $request['KingdomAwardId']; $kingdomaward->find(); return array($kingdomaward->award_id, $kingdomaward->kingdom_id); } }
function GetAttributeList($request) { $response = array('Status' => ServiceErrorIds::FunctionUnimplemented, 'Error' => Unimplemented(), 'ComponentAttributeList' => array()); if (!TokenIsSecure($request['SecureToken'])) { $response['Error'] = BadToken(); $response['Status'] = $response['Error']['Code']; return $response; } $m = new yapo_mysql(DB_HOSTNAME, DB_DATABASE, DB_USERNAME, DB_PASSWORD); $y = new yapo($m, DB_PREFIX . 'cattribute'); if ($y->find()) { do { $response['AttributeList'][] = array('AttributeId' => $y->cattribute_id, 'Name' => $y->attribute_name); } while ($y->next()); } return $response; }
public function Park($name, $kingdom_id = null, $limit = null) { $park = new yapo($this->db, DB_PREFIX . 'park'); $park->clear(); $park->name = "%{$name}%"; $park->name_term = 'like'; if (is_numeric($kingdom_id)) { $park->kingdom_id = $kingdom_id; } $i = 0; if ($park->find(array('name'))) { $r = array(); do { $r[$i++] = array('ParkId' => $park->park_id, 'KingdomId' => $park->kingdom_id, 'Name' => $park->name, 'Active' => $park->active); if (is_numeric($limit)) { if ($limit == 0) { break; } $limit--; } } while ($park->next()); return $r; } else { return array(); } }
public function HasAuthority($mundane_id, $type, $id, $role) { logtrace("HasAuthority", [$mundane_id, $type, $id, $role]); if (valid_id($mundane_id) && (valid_id($id) || $type == AUTH_ADMIN)) { } else { if ($type == AUTH_ADMIN && valid_id($mundane_id)) { } else { return false; } } // Is Admin? $this->auth->clear(); $this->auth->mundane_id = $mundane_id; $this->auth->role = AUTH_ADMIN; if ($this->auth->find() && $this->auth->size() > 0) { return true; } // Playing shenanigans if (0 == $id) { return false; } // Check for bans $this->mundane->clear(); $this->mundane->mundane_id = $mundane_id; if (!$this->mundane->find()) { return false; } else { if ($this->mundane->penalty_box == 1) { return false; } } $this->auth->clear(); $this->auth->mundane_id = $mundane_id; // Basic check -- does the user have direct access? // NOTE: Admin check here does not check for admin privileges per se, but for whether // an Admin Authorization request is avail (Admin == Admin) // For elevated privileges (Admin > Park|Kingdom|Event|Unit), the check is handled below switch ($type) { case AUTH_PARK: $this->auth->park_id = $id; break; case AUTH_KINGDOM: $this->auth->kingdom_id = $id; break; case AUTH_EVENT: $this->auth->event_id = $id; break; case AUTH_UNIT: $this->auth->unit_id = $id; break; case AUTH_ADMIN: $this->auth->role = AUTH_ADMIN; break; default: return false; } if ($this->auth->find() && $id != 0) { $sufficient = false; do { switch ($this->auth->role) { case AUTH_EDIT: $sufficient |= AUTH_EDIT == $role; case AUTH_CREATE: return true; case AUTH_ADMIN: return true; } } while ($this->auth->next()); // Something matched, fly away my pretty! if ($sufficient) { return true; } } if ($type == AUTH_ADMIN) { return false; } // Upper-level authority check, we have to find the parents of // of the subject, and check their auths // !$sufficient is redundant, but I don't trust the next guy to hold the invariant if (!$sufficient && $type != AUTH_KINGDOM) { switch ($type) { case AUTH_PARK: $park = new yapo($this->db, DB_PREFIX . 'park'); $park->clear(); $park->park_id = $id; if ($park->find()) { $id = $park->kingdom_id; if ($this->HasAuthority($mundane_id, AUTH_KINGDOM, $id, $role)) { return true; } } break; case AUTH_EVENT: $event = new yapo($this->db, DB_PREFIX . 'event'); $event->clear(); $event->event_id = $id; if ($event->find()) { if ($this->HasAuthority($mundane_id, AUTH_KINGDOM, $event->kingdom_id, $role) || $this->HasAuthority($mundane_id, AUTH_PARK, $event->park_id, $role) || ($event->mundane_id = $mundane_id)) { return true; } } break; } } return $sufficient; }
public function RemoveAward($request) { logtrace("RemoveAward()", $request); $mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']); $awards = new yapo($this->db, DB_PREFIX . 'awards'); $awards->clear(); $awards->awards_id = $request['AwardsId']; if (valid_id($request['AwardsId']) && $awards->find()) { $mundane = $this->player_info($awards->mundane_id); if (valid_id($mundane_id) && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_PARK, $mundane['ParkId'], AUTH_EDIT)) { $awards->delete(); } else { return NoAuthorization(); } } else { return InvalidParameter(); } }
public function CreateUnit($request) { logtrace("CreateUnit()", $request); if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token'])) > 0) { $this->unit->clear(); $this->unit->name = $request['Name']; $this->unit->type = $request['Type']; $this->unit->description = strip_tags($request['Description'], "<p><br><ul><li><b><i>"); $this->unit->history = strip_tags($request['History'], "<p><br><ul><li><b><i>"); $this->unit->url = $request['Url']; $this->unit->modified = date("Y-m-d H:i:s"); $this->unit->save(); $request['UnitId'] = $this->unit->unit_id; if (strlen($request['Heraldry']) > 0) { logtrace("CreateUnit() :2", $request); Ork3::$Lib->heraldry->SetUnitHeraldry($request); } if ($request['Anonymous'] && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_ADMIN, 0, AUTH_CREATE)) { return Success($request['UnitId']); } if ($this->unit->type == 'Company') { $mundane = new yapo($this->db, DB_PREFIX . 'mundane'); $mundane->mundane_id = $mundane_id; $mundane->find(); $mundane->company_id = $this->unit->unit_id; $mundane->save(); } Ork3::$Lib->authorization->add_auth_h(['MundaneId' => $mundane_id, 'Type' => AUTH_UNIT, 'Id' => $this->unit->unit_id, 'Role' => AUTH_EDIT]); $request['MundaneId'] = $mundane_id; switch ($this->unit->type) { case 'Company': $request['Role'] = 'captain'; break; case 'Household': $request['Role'] = 'lord'; break; case 'Event': $request['Role'] = 'organizer'; break; } $request['Title'] = 'Founder'; $request['Active'] = 1; $this->add_member_h($request); return Success($request['UnitId']); } else { return NoAuthorization(); } }
public function fetch_account_pointers($type, $id) { $config = new yapo($this->db, DB_PREFIX . 'configuration'); $config->clear(); $config->type = ucfirst($type); $config->id = $id; $config->key = 'AccountPointers'; if ($config->find()) { return json_decode($config->value, true); } else { return false; } }
public static function get_configs($id, $type = CFG_KINGDOM) { global $DB; $config = new yapo($DB, DB_PREFIX . 'configuration'); $config->clear(); $config->type = $type; $config->id = $id; $response = []; if ($config->find()) { do { $response[$config->key] = ['ConfigurationId' => $config->configuration_id, 'Type' => $config->var_type, 'Key' => $config->key, 'Value' => json_decode(stripslashes($config->value)), 'UserSetting' => $config->user_setting, 'AllowedValues' => json_decode(stripslashes($config->allowed_values))]; } while ($config->next()); } return $response; }
</style> </head> <?php die; function pre_print_r($array) { echo "<pre>\n\n" . print_r($array, true) . "\n\n</pre>\n"; } include_once '../config.php'; echo "<h1>Configure Import</h1>"; $WL = new yapo_mysql(DB_HOSTNAME, 'orkrecords_wlimport', DB_USERNAME, DB_PASSWORD); $attendance = new yapo($WL, 'attendance'); $awards = new yapo($WL, 'awards'); $awardnames = new yapo($WL, 'awardnames'); $classes = new yapo($WL, 'classes'); $mundanes = new yapo($WL, 'mundanes'); $parks = new yapo($WL, 'parks'); $personas = new yapo($WL, 'personas'); $reconciled = new yapo($WL, 'reconciled'); $clear = array('account', 'application', 'application_auth', 'attendance', 'authorization', 'awardlimit', 'award', 'awards', 'bracket', 'bracket_officiant', 'class', 'class_reconciliation', 'configuration', 'credential', 'event', 'event_calendardetail', 'glicko2', 'kingdom', 'kingdomaward', 'log', 'match', 'mundane', 'officer', 'park', 'parkday', 'parktitle', 'participant', 'participant_mundane', 'seed', 'split', 'team', 'tournament', 'transaction', 'unit', 'unit_mundane'); $Attendance = new APIModel('Attendance'); /**************** First, empty the DB ****************/ echo "<h1>Empty Tables & Prep Admin User</h1>"; foreach ($clear as $dbname) { echo "Empty table {$dbname} ... "; $DB->query('truncate table ' . DB_PREFIX . $dbname);
public function SetKingdomParkTitles($request) { $response = []; if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token'])) > 0 && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_KINGDOM, $request['KingdomId'], AUTH_EDIT)) { $this->log->Write('Kingdom', $mundane_id, LOG_EDIT, $request); if (is_array($request['ParkTitles'])) { $parktitle = new yapo($this->db, DB_PREFIX . 'parktitle'); foreach ($request['ParkTitles'] as $k => $title) { switch ($title['Action']) { case CFG_REMOVE: $parktitle->clear(); $parktitle->parktitle_id = $title['ParkTitleId']; if (valid_id($title['ParkTitleId']) && $parktitle->find()) { if ($parktitle->kingdom_id != $request['KingdomId']) { $response['Status'] = NoAuthorization('You cannot edit the park titles of another kingdom.'); return $response; } $parktitle->delete(); } break; case CFG_EDIT: $parktitle->clear(); $parktitle->parktitle_id = $title['ParkTitleId']; if (valid_id($title['ParkTitleId']) && $parktitle->find()) { if ($parktitle->kingdom_id != $request['KingdomId']) { $response['Status'] = NoAuthorization('You cannot edit the park titles of another kingdom.'); return $response; } $parktitle->title = strlen($title['Title']) ? $title['Title'] : $parktitle->title; $parktitle->class = strlen($title['Class']) ? $title['Class'] : $parktitle->class; $parktitle->minimumattendance = strlen($title['MinimumAttendance']) ? $title['MinimumAttendance'] : $parktitle->minimumattendance; $parktitle->minimumcutoff = strlen($title['MinimumCutoff']) ? $title['MinimumCutoff'] : $parktitle->minimumcutoff; $parktitle->period = strlen($title['Period']) ? $title['Period'] : $parktitle->period; $parktitle->period_length = strlen($title['PeriodLength']) ? $title['PeriodLength'] : $parktitle->period_length; $parktitle->save(); } break; case CFG_ADD: $parktitle->clear(); $parktitle->kingdom_id = $request['KingdomId']; $parktitle->title = $title['Title']; $parktitle->class = $title['Class']; $parktitle->minimumattendance = $title['MinimumAttendance']; $parktitle->minimumcutoff = $title['MinimumCutoff']; $parktitle->period = $title['Period']; $parktitle->period_length = $title['PeriodLength']; $parktitle->save(); break; } } } $response = Success(); } else { $response = NoAuthorization(null, $mundane_id); } return $response; }
<?php die; $DONOTWEBSERVICE = true; include_once 'PlayerService.php'; global $DB; $p = new yapo($DB, DB_PREFIX . 'mundane'); $p->given_name = 'admin'; if ($p->find()) { $p->mundane_id = null; $p->other_name = 'admin.p'; $p->save(); }
public function SetParkDetails($request) { logtrace("SetParkDetails", $request); $response = array(); $this->park->clear(); if (trimlen($request['Name']) > 0) { $this->park->name = trim($request['Name']); if ($this->park->find()) { if ($this->park->park_id != $request['ParkId']) { return InvalidParameter('This park name already exists.'); } } } $this->park->clear(); $this->park->park_id = $request['ParkId']; if ($this->park->find()) { if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token'])) > 0 && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_PARK, $request['ParkId'], AUTH_EDIT)) { $this->log->Write('Park', $mundane_id, LOG_EDIT, $request); $this->park->modified = date("Y-m-d H:i:s", time()); if (Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_KINGDOM, $this->park->kingdom_id, AUTH_EDIT)) { $this->park->name = trimlen($request['Name']) == 0 ? $this->park->name : $request['Name']; $this->park->abbreviation = trimlen($request['Abbreviation']) == 0 ? $this->park->abbreviation : $request['Abbreviation']; $parktitle = new yapo($this->db, DB_PREFIX . 'parktitle'); $parktitle->clear(); if (isset($request['ParkTitleId']) && $request['ParkTitleId'] != $this->park->parktitle_id) { $parktitle->parktitle_id = $request['ParkTitleId']; if ($parktitle->find()) { $this->park->parktitle_id = $request['ParkTitleId']; } } $this->park->active = trimlen($request['Active']) == 0 ? $this->park->active : $request['Active']; } $address_change = false; if (isset($request['Address']) && ($this->park->address != $request['Address'] || trimlen($this->park->location) == 0)) { $address_change = true; } $this->park->url = isset($request['Url']) ? $request['Url'] : $this->park->url; $this->park->address = isset($request['Address']) ? $request['Address'] : $this->park->address; $this->park->city = isset($request['City']) ? $request['City'] : $this->park->city; $this->park->province = isset($request['Province']) ? $request['Province'] : $this->park->province; $this->park->postal_code = isset($request['PostalCode']) ? $request['PostalCode'] : $this->park->postal_code; $this->park->directions = isset($request['Directions']) ? $request['Directions'] : $this->park->directions; $this->park->description = isset($request['Description']) ? $request['Description'] : $this->park->description; $this->park->map_url = isset($request['MapUrl']) ? $request['MapUrl'] : $this->park->map_url; $this->park->save(); $this->park->clear(); $this->park->park_id = $request['ParkId']; if ($this->park->find()) { if ($address_change) { if (isset($request['GeoCode']) && trimlen($request['GeoCode']) > 0) { $this->park_geocode_h($request['GeoCode']); } else { $this->park_geocode_h(); } } $response = Success(); if ($request['KingdomId'] > 0 && $this->park->kingdom_id != $request['KingdomId']) { // Seriously? You couldn't work it out somehow? // AKA Blackspire Code, AKA Golden Plains Exception if (Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_ADMIN, $request['KingdomId'], AUTH_ADMIN)) { $this->park->kingdom_id = $request['KingdomId']; } else { $response = Warning('You do not have permissions to move this Park [' . $this->park->park_id . ', ' . $this->park->kingdom_id . '] to another Kingdom [' . $request['KingdomId'] . '].'); } } if (strlen($request['Heraldry'])) { Ork3::$Lib->heraldry->SetParkHeraldry($request); } $this->park->save(); $response = Success($this->park->park_id); } else { $response = InvalidParameter('ParkId could not be found.'); } } else { $response = NoAuthorization('You do not have permissions to perform this action: ' . $mundane_id); } } else { $response = InvalidParameter('ParkId could not be found.'); } return $response; }