Andreu | fd98b5d | 2019-09-22 13:15:10 +0200 | [diff] [blame] | 1 | <?php |
| 2 | require '../credentials.php'; |
| 3 | require '../php/utils.php'; |
Adrià Vilanova Martínez | 3636291 | 2022-11-20 01:30:13 +0100 | [diff] [blame] | 4 | |
| 5 | $credentials = new Credentials(); |
Adrià Vilanova Martínez | 6052433 | 2022-11-20 02:33:56 +0100 | [diff] [blame] | 6 | if ($credentials->adminToken() != ($_POST["token"] ?? "")) { |
Adrià Vilanova Martínez | 3636291 | 2022-11-20 01:30:13 +0100 | [diff] [blame] | 7 | exit(); |
| 8 | } |
| 9 | |
Andreu | 8192d55 | 2019-09-22 16:51:39 +0200 | [diff] [blame] | 10 | $csvname = $_FILES['csvname']['tmp_name']; |
| 11 | $dbname = $_POST['dbname']; |
Andreu | b78c879 | 2019-09-22 14:51:13 +0200 | [diff] [blame] | 12 | |
| 13 | // Read from CSV |
Andreu | 8192d55 | 2019-09-22 16:51:39 +0200 | [diff] [blame] | 14 | $inscrits = array_map('str_getcsv', file($csvname)); |
Andreu | b78c879 | 2019-09-22 14:51:13 +0200 | [diff] [blame] | 15 | array_shift($inscrits); // remove header |
Adrià Vilanova Martínez | 4861da6 | 2022-12-10 21:58:42 +0100 | [diff] [blame^] | 16 | |
| 17 | foreach ($inscrits as $key => &$inscrit) { |
| 18 | $inscrit["key"] = $key; |
| 19 | } |
| 20 | |
Andreu | 20af6c2 | 2019-09-24 18:33:50 +0200 | [diff] [blame] | 21 | shuffle($inscrits); // shuffle randomly |
Adrià Vilanova Martínez | 4861da6 | 2022-12-10 21:58:42 +0100 | [diff] [blame^] | 22 | |
| 23 | $forceposraw = $_POST['forcepos'] ?? "[]"; |
| 24 | $forcepos = json_decode($forceposraw, true); |
| 25 | foreach ($forcepos as $pos) { |
| 26 | if (!isset($pos["id"]) || !isset($pos["pos"])) continue; |
| 27 | |
| 28 | // Switch entry with key |$pos["id"]| to position |$pos["pos"]|. |
| 29 | $key = -1; |
| 30 | foreach ($inscrits as $itKey => &$inscrit) { |
| 31 | if ($inscrit["key"] == $pos["id"]) { |
| 32 | $key = $itKey; |
| 33 | break; |
| 34 | } |
| 35 | } |
| 36 | if ($key === -1) continue; |
| 37 | |
| 38 | // Switch places |
| 39 | $tmp = $inscrits[$pos["pos"]]; |
| 40 | $inscrits[$pos["pos"]] = $inscrits[$key]; |
| 41 | $inscrits[$key] = $tmp; |
| 42 | } |
| 43 | |
Andreu | b78c879 | 2019-09-22 14:51:13 +0200 | [diff] [blame] | 44 | $start = 1; |
Andreu | fd98b5d | 2019-09-22 13:15:10 +0200 | [diff] [blame] | 45 | $i = $start; |
| 46 | foreach ($inscrits as $user) { |
| 47 | $i = ($i + 1) % ($start + count($inscrits)); |
| 48 | if ($i == 0) $i = $i + 1; |
Adrià Vilanova Martínez | 4861da6 | 2022-12-10 21:58:42 +0100 | [diff] [blame^] | 49 | $nom = mysqli_real_escape_string($conn, $user[0]); |
| 50 | $curs = mysqli_real_escape_string($conn, $user[1]); |
| 51 | $grau = mysqli_real_escape_string($conn, $user[2]); |
| 52 | $password = mysqli_real_escape_string($conn, password_hash($user[3], PASSWORD_DEFAULT)); |
Andreu | 20af6c2 | 2019-09-24 18:33:50 +0200 | [diff] [blame] | 53 | // Input values into SQL values |
| 54 | $template = "INSERT INTO `$dbname` (`id`, `nom`, `curs`, `grau`, `quimata`, `requested`, `mort`, `password`, `bits`)" . |
Adrià Vilanova Martínez | 4861da6 | 2022-12-10 21:58:42 +0100 | [diff] [blame^] | 55 | " VALUES (NULL, '$nom', '$curs', '$grau', $i, 0, 0, '$password', ".(int)rand(1,512).")"; |
Andreu | 8192d55 | 2019-09-22 16:51:39 +0200 | [diff] [blame] | 56 | |
Andreu | 20af6c2 | 2019-09-24 18:33:50 +0200 | [diff] [blame] | 57 | if (!query($template)) die("An error ocurred." . $template); |
Andreu | fd98b5d | 2019-09-22 13:15:10 +0200 | [diff] [blame] | 58 | } |
Andreu | 9950105 | 2019-09-22 20:09:08 +0200 | [diff] [blame] | 59 | |
Andreu | 03d030d | 2019-09-25 21:52:01 +0200 | [diff] [blame] | 60 | die("<script>window.location.href = './?successinserting'</script>"); |
Andreu | fd98b5d | 2019-09-22 13:15:10 +0200 | [diff] [blame] | 61 | ?> |