urlmanager
This commit is contained in:
65
www/pages/highscores_update.php
Normal file
65
www/pages/highscores_update.php
Normal file
@@ -0,0 +1,65 @@
|
||||
<?php
|
||||
global $OPTIONS;
|
||||
|
||||
require_once (__DIR__ . '/../internals/base.php');
|
||||
require_once (__DIR__ . '/../internals/database.php');
|
||||
require_once (__DIR__ . '/../internals/highscores.php');
|
||||
|
||||
Database::connect();
|
||||
|
||||
$gameid = $OPTIONS['gameid'];
|
||||
$check = $OPTIONS['check'];
|
||||
$name = $OPTIONS['name'];
|
||||
$nameid = $OPTIONS['nameid'];
|
||||
$rand = $OPTIONS['rand'];
|
||||
$points = $OPTIONS['points'];
|
||||
|
||||
if (! is_numeric($gameid)) httpError(400, 'Invalid Request');
|
||||
if (! is_numeric($nameid)) httpError(400, 'Invalid Request');
|
||||
if (! is_numeric($points)) httpError(400, 'Invalid Request');
|
||||
|
||||
$game = Database::sql_query_single_prep('SELECT * FROM ms4_highscoregames WHERE ID = :id',
|
||||
[
|
||||
[ ':id', $OPTIONS['gameid'], PDO::PARAM_INT ],
|
||||
]);
|
||||
if ($game == NULL) httpError(400, 'Invalid Request');
|
||||
|
||||
$checksum_generated = Highscores::generateChecksum($rand, $name, $nameid, $points, $game['SALT']);
|
||||
if ($checksum_generated != $check) die('Nice try !');
|
||||
|
||||
$old = Database::sql_query_single_prep('SELECT * FROM ms4_highscoreentries WHERE GAME_ID = :gid AND PLAYERID = :pid',
|
||||
[
|
||||
[ ':gid', $OPTIONS['gameid'], PDO::PARAM_INT ],
|
||||
[ ':pid', $OPTIONS['nameid'], PDO::PARAM_INT ],
|
||||
]);
|
||||
|
||||
if ($old == null)
|
||||
{
|
||||
Database::sql_exec_prep('INSERT INTO ms4_highscoreentries (GAME_ID, POINTS, PLAYER, PLAYERID, CHECKSUM, TIMESTAMP, IP) VALUES (:gid, :p, :pn, :pid, :cs, :ts, :ip)',
|
||||
[
|
||||
[':gid', $gameid, PDO::PARAM_INT],
|
||||
[':p', $points, PDO::PARAM_INT],
|
||||
[':pn', $name, PDO::PARAM_STR],
|
||||
[':pid', $nameid, PDO::PARAM_INT],
|
||||
[':cs', $check, PDO::PARAM_STR],
|
||||
[':ts', time(), PDO::PARAM_STR],
|
||||
[':ip', $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR],
|
||||
]);
|
||||
|
||||
echo 'ok.';
|
||||
}
|
||||
else
|
||||
{
|
||||
Database::sql_exec_prep('UPDATE ms4_highscoreentries SET POINTS = :p, PLAYER = :pn, CHECKSUM = :cs, IP = :ip, TIMESTAMP = :ts WHERE GAME_ID = :gid AND PLAYERID = :pid',
|
||||
[
|
||||
[':gid', $gameid, PDO::PARAM_INT],
|
||||
[':p', $points, PDO::PARAM_INT],
|
||||
[':pn', $name, PDO::PARAM_STR],
|
||||
[':pid', $nameid, PDO::PARAM_INT],
|
||||
[':cs', $check], PDO::PARAM_STR,
|
||||
[':ts', time(), PDO::PARAM_STR],
|
||||
[':ip', $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR],
|
||||
]);
|
||||
|
||||
echo 'ok.';
|
||||
}
|
||||
Reference in New Issue
Block a user