Gitiles
Code Review Sign In
gerrit.avm99963.com / edu / fisi-pastanagapp / 556a05a42cc6c6ce220f58ae14c1230ae2aff71b / . / php / request.php
blob: 03cebd8bade94a14369c8150b34641b47ea7baac [file] [log] [blame]
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]1<?php
Andreu2457e402019-09-22 00:52:41 +0200[diff] [blame]2 require '../credentials.php';
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]3 require 'utils.php';
Adrià Vilanova Martínezc4ced6d2022-12-22 19:37:32 +0100[diff] [blame]4 require 'security.php';
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]5
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]6 $credentials = new Credentials();
Adrià Vilanova Martínez60524332022-11-20 02:33:56 +0100[diff] [blame]7 $usersdb = $credentials->usersdb();
8 $mortsdb = $credentials->mortsdb();
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]9
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]10 // Do the query
Andreuefe66eb2019-09-21 18:41:49 +0200[diff] [blame]11 $queries = [""];
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]12 $victimid = "ANY (SELECT quimata FROM (SELECT * FROM $usersdb) AS victims WHERE id=".(int)$_POST['user_id'].")";
Andreuabbcb7e2019-09-21 18:22:14 +0200[diff] [blame]13
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]14 if ($_POST['msg'] == "REQ KILL") $queries = ["UPDATE $usersdb SET requested=1 WHERE id=".$victimid]; // request kill
15 if ($_POST['msg'] == "REQ DEAD") $queries = ["UPDATE $usersdb SET requested=2 WHERE quimata=".(int)$_POST['user_id']]; // request dead
16 if ($_POST['msg'] == "DENY REQ") $queries = ["UPDATE $usersdb SET requested=0 WHERE id=".(int)$_POST['user_id']]; // deny request
Andreu09b8b052019-09-21 21:47:20 +0200[diff] [blame]17 if ($_POST['msg'] == "CONF DEAD") {
Andreu20af6c22019-09-24 18:33:50 +0200[diff] [blame]18 $queries = ["INSERT INTO $mortsdb (id, quimatava, assassi, curs, grau) (SELECT id, quimata, (SELECT id FROM $usersdb WHERE quimata=".(int)$_POST['user_id']."), curs, grau FROM $usersdb WHERE id=".(int)$_POST['user_id'].")", // add to 'morts'
19 "UPDATE $usersdb SET requested=0, quimata=".(int)$_POST['user_quimata'].", bits=".(int)rand(1,512)." WHERE quimata=".(int)$_POST['user_id'], // assign new victim to killer
20 "UPDATE $usersdb SET quimata=0, mort=1 WHERE id=".(int)$_POST['user_id']]; // confirm victim dead/killed
Andreu885889c2019-09-19 00:28:20 +0200[diff] [blame]21 }
Adrià Vilanova Martínezc4ced6d2022-12-22 19:37:32 +0100[diff] [blame]22 if ($_POST['msg'] == "INSTAKILL" && Security::isSignedIn() && Credentials::isAllVsAllModeEnabled()) {
23 $mort = get_users($_POST['mort']);
24 $queries = [
25 "INSERT INTO $mortsdb (id, quimatava, assassi, curs, grau) VALUES (".(int)$_POST['mort'].", ".(int)$mort->quimata.", ".(int)$_SESSION['id'].", ".(int)$mort->curs.", ".(int)$mort->grau.")", // add to 'morts'
26 "UPDATE $usersdb SET mort=1 WHERE id = ".(int)$_POST['mort'], // kill person
27 ];
28 }
Andreuefe66eb2019-09-21 18:41:49 +0200[diff] [blame]29 foreach ($queries as $query) {
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]30 if ($query != "" and $result = query($query)) echo $query;
Andreu04f79ef2019-09-22 18:52:19 +0200[diff] [blame]31 else die("Query failed: " . $query);
Andreuefe66eb2019-09-21 18:41:49 +0200[diff] [blame]32 }
Adrià Vilanova Martínezc4ced6d2022-12-22 19:37:32 +0100[diff] [blame]33 if ($_POST['msg'] == "INSTAKILL" && Credentials::isAllVsAllModeEnabled()) {
34 Security::go('/main.php?killsuccess=1');
35 }
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]36?>