Add all vs all mode

Change-Id: I4a379704ab869e5301ae211ae31ee0f8d66620ee
diff --git a/credentials.php b/credentials.php
index 600bfa5..409409f 100644
--- a/credentials.php
+++ b/credentials.php
@@ -28,4 +28,12 @@
 	public static function adminToken() {
 		return getenv('ADMIN_TOKEN');
 	}
+
+	public static function isAllVsAllModeEnabled() {
+		return self::allVsAllMode() == 1 || self::allVsAllMode() == 'true';
+	}
+
+	public static function allVsAllMode() {
+		return getenv('ALL_VS_ALL_MODE');
+	}
 };
diff --git a/main.php b/main.php
index 4c995f1..d5a2729 100644
--- a/main.php
+++ b/main.php
@@ -36,7 +36,6 @@
 
 		<?php
 			$user = get_users($_SESSION["id"]);
-			$victim = get_users($user->quimata);
 			if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
 
 			// @TODO: Reenable photos
@@ -74,57 +73,81 @@
 					</form>
 				</div>
 
-				<p>La teva víctima és:</p>
+				<?php
+				if (!Credentials::isAllVsAllModeEnabled()) {
+					$victim = get_users($user->quimata);
+					?>
+					<p>La teva víctima és:</p>
 
-				<div class="victima">
-					<table>
-						<tr>
-							<?php
-							// @TODO: Reenable photos
-							/*
-							<td class="table_img">
-								<div id="victim_img">
-									<div class="grid-container">
-										  <div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
-										  <div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
-										  <div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>  
-										  <div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
-										  <div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
-										  <div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>  
-										  <div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
-										  <div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
-										  <div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
+					<div class="victima">
+						<table>
+							<tr>
+								<?php
+								// @TODO: Reenable photos
+								/*
+								<td class="table_img">
+									<div id="victim_img">
+										<div class="grid-container">
+												<div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
+												<div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
+												<div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>  
+												<div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
+												<div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
+												<div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>  
+												<div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
+												<div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
+												<div class="grid-item <?=(int)$bits[$bit_counter++] ? 'black' : ''?>"></div>
+										</div>
 									</div>
-								</div>
-							</td>
-							*/
-							?>
-							<td class="table_text">
-								<div id="victim_name"><?=Security::htmlsafe($victim->nomcomplet)?></div>
-								<div id="victim_curs_i_grau">
-									<span id="victim_curs"><?=Security::htmlsafe($victim->nomcurs())?></span>
-									-
-									<span id="victim_grau"><?=Security::htmlsafe($victim->nomgrau())?></span>
-								</div>
-								<div id="butons" class="options">
-									<button id="win" onclick="js: send_request(user, 'REQ KILL');">L'he matat</button>
-								</div>
-							</td>
-						</tr>
-					</table>
-				</div>
-				
-                                <?php
-                                        $query_seen_victim = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . (int)$user->id . " AND `sender_id` = " . (int)$user->quimata . ")";
-                                        $query_seen_killer = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . (int)$user->id . " AND `sender_id` != " . (int)$user->quimata . ")";
-                                ?>
+								</td>
+								*/
+								?>
+								<td class="table_text">
+									<div id="victim_name"><?=Security::htmlsafe($victim->nomcomplet)?></div>
+									<div id="victim_curs_i_grau">
+										<span id="victim_curs"><?=Security::htmlsafe($victim->nomcurs())?></span>
+										-
+										<span id="victim_grau"><?=Security::htmlsafe($victim->nomgrau())?></span>
+									</div>
+									<div id="butons" class="options">
+										<button id="win" onclick="js: send_request(user, 'REQ KILL');">L'he matat</button>
+									</div>
+								</td>
+							</tr>
+						</table>
+					</div>
+					
+																	<?php
+																					$query_seen_victim = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . (int)$user->id . " AND `sender_id` = " . (int)$user->quimata . ")";
+																					$query_seen_killer = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . (int)$user->id . " AND `sender_id` != " . (int)$user->quimata . ")";
+																	?>
 
-				<div>
-					<p>Podeu posar aquesta pàgina com a icona apretant el botó de "Add to Home Screen" del vostre navegador.</p>
-					<a href="./ranking.php">Anar al rànquing</a><br />
-                                        <a href="./victim-chat.php">Xatejar amb la teva víctima (<?= query($query_seen_victim)->fetch_row()[0] ?>)</a><br />
-                                        <a href="./killer-chat.php">Xatejar amb el teu assassí (<?= query($query_seen_killer)->fetch_row()[0] ?>)</a>
-				</div>
+					<div>
+						<p>Podeu posar aquesta pàgina com a icona apretant el botó de "Add to Home Screen" del vostre navegador.</p>
+						<a href="./ranking.php">Anar al rànquing</a><br />
+																					<a href="./victim-chat.php">Xatejar amb la teva víctima (<?= query($query_seen_victim)->fetch_row()[0] ?>)</a><br />
+																					<a href="./killer-chat.php">Xatejar amb el teu assassí (<?= query($query_seen_killer)->fetch_row()[0] ?>)</a>
+					</div>
+					<?php
+				} else {
+					?>
+					<p>Tots contra tots! Ara pots matar a qualsevol persona que continuï viva (les de la següent llista).</p>
+					<p>Quan matis alguna persona, selecciona-la i fes clic al botó "L'he assassinat/da".</p>
+					<form action="php/request.php" method="POST" onsubmit="return confirm('Estàs segura que has assassinat aquesta persona? Per agilitzar el procediment l\'altra persona no haurà de confirmar la mort i obtindràs els punts directament.\n\nL\'ús inadecuat comportarà una penalització.');">
+					<?php
+					$users = get_users();
+					foreach ($users as $user) {
+						if ($user->mort) continue;
+						?>
+						<p><input type="radio" name="mort" value="<?=(int)$user->id?>" required<?=$user->id == $_SESSION['id'] ? ' disabled' : ''?>> <?=Security::htmlsafe($user->nomcomplet)?> - <?=Security::htmlsafe($user->nomcurs())?> - <?=Security::htmlsafe($user->nomgrau())?></p>
+						<?php
+					}
+					?>
+					<input type="hidden" name="msg" value="INSTAKILL">
+					<button>L'he assassinat/da</button>
+					<?php
+				}
+				?>
 			</div>
 		</div>
 
@@ -132,6 +155,7 @@
 			$(document).ready(function() {
 				// Set interval of checking
 				update_info(user);
+
 				// Set to hidden or not the password prompt
 				if (<?=$user->md5password=="" ? 1 : 0?>) {
 					$.notify("No tens clau d'accés", "info");
@@ -141,6 +165,7 @@
 				if (getUrlParameter("wrongconfirmation")) read_message("Les contrasenyes no coincideixen", "error");
 				if (getUrlParameter("errordb")) read_message("Hi ha hagut un problema a la base de dades, torna-ho a intentar", "error");
 				if (getUrlParameter("successpassword")) read_message("La teva clau d'accés s'ha guardat", "success");
+				if (getUrlParameter("killsuccess")) read_message("La mort s'ha guardat correctament", "success");
 			});
 		</script>
 	</body>
diff --git a/php/request.php b/php/request.php
index 39f17dd..03cebd8 100644
--- a/php/request.php
+++ b/php/request.php
@@ -1,6 +1,7 @@
 <?php
 	require '../credentials.php';
 	require 'utils.php';
+	require 'security.php';
 
 	$credentials = new Credentials();
 	$usersdb = $credentials->usersdb();
@@ -18,9 +19,18 @@
 					"UPDATE $usersdb SET requested=0, quimata=".(int)$_POST['user_quimata'].", bits=".(int)rand(1,512)." WHERE quimata=".(int)$_POST['user_id'], 	// assign new victim to killer
 					"UPDATE $usersdb SET quimata=0, mort=1 WHERE id=".(int)$_POST['user_id']];		// confirm victim dead/killed										
 	}
-	// Fetch the information of the user
+	if ($_POST['msg'] == "INSTAKILL" && Security::isSignedIn() && Credentials::isAllVsAllModeEnabled()) {
+		$mort = get_users($_POST['mort']);
+		$queries = [
+			"INSERT INTO $mortsdb (id, quimatava, assassi, curs, grau) VALUES (".(int)$_POST['mort'].", ".(int)$mort->quimata.", ".(int)$_SESSION['id'].", ".(int)$mort->curs.", ".(int)$mort->grau.")", 	// add to 'morts'
+			"UPDATE $usersdb SET mort=1 WHERE id = ".(int)$_POST['mort'],	// kill person
+		];
+	}
 	foreach ($queries as $query) {
 		if ($query != "" and $result = query($query)) echo $query;
 		else die("Query failed: " . $query);
 	}
+	if ($_POST['msg'] == "INSTAKILL" && Credentials::isAllVsAllModeEnabled()) {
+		Security::go('/main.php?killsuccess=1');
+	}
 ?>