Andreu | 66ad5cf | 2019-09-18 17:15:44 +0200 | [diff] [blame] | 1 | <?php |
Andreu | 2457e40 | 2019-09-22 00:52:41 +0200 | [diff] [blame] | 2 | require '../credentials.php'; |
Andreu | 20cbd1d | 2019-09-22 00:00:57 +0200 | [diff] [blame] | 3 | require 'utils.php'; |
Adrià Vilanova Martínez | c4ced6d | 2022-12-22 19:37:32 +0100 | [diff] [blame] | 4 | require 'security.php'; |
Andreu | 66ad5cf | 2019-09-18 17:15:44 +0200 | [diff] [blame] | 5 | |
Andreu | 20af6c2 | 2019-09-24 18:33:50 +0200 | [diff] [blame] | 6 | $credentials = new Credentials(); |
Adrià Vilanova Martínez | 6052433 | 2022-11-20 02:33:56 +0100 | [diff] [blame] | 7 | $usersdb = $credentials->usersdb(); |
| 8 | $mortsdb = $credentials->mortsdb(); |
Andreu | 20af6c2 | 2019-09-24 18:33:50 +0200 | [diff] [blame] | 9 | |
Andreu | 66ad5cf | 2019-09-18 17:15:44 +0200 | [diff] [blame] | 10 | // Do the query |
Andreu | efe66eb | 2019-09-21 18:41:49 +0200 | [diff] [blame] | 11 | $queries = [""]; |
Andreu | 20af6c2 | 2019-09-24 18:33:50 +0200 | [diff] [blame] | 12 | $victimid = "ANY (SELECT quimata FROM (SELECT * FROM $usersdb) AS victims WHERE id=".(int)$_POST['user_id'].")"; |
Andreu | abbcb7e | 2019-09-21 18:22:14 +0200 | [diff] [blame] | 13 | |
Andreu | 20af6c2 | 2019-09-24 18:33:50 +0200 | [diff] [blame] | 14 | if ($_POST['msg'] == "REQ KILL") $queries = ["UPDATE $usersdb SET requested=1 WHERE id=".$victimid]; // request kill |
| 15 | if ($_POST['msg'] == "REQ DEAD") $queries = ["UPDATE $usersdb SET requested=2 WHERE quimata=".(int)$_POST['user_id']]; // request dead |
| 16 | if ($_POST['msg'] == "DENY REQ") $queries = ["UPDATE $usersdb SET requested=0 WHERE id=".(int)$_POST['user_id']]; // deny request |
Andreu | 09b8b05 | 2019-09-21 21:47:20 +0200 | [diff] [blame] | 17 | if ($_POST['msg'] == "CONF DEAD") { |
Andreu | 20af6c2 | 2019-09-24 18:33:50 +0200 | [diff] [blame] | 18 | $queries = ["INSERT INTO $mortsdb (id, quimatava, assassi, curs, grau) (SELECT id, quimata, (SELECT id FROM $usersdb WHERE quimata=".(int)$_POST['user_id']."), curs, grau FROM $usersdb WHERE id=".(int)$_POST['user_id'].")", // add to 'morts' |
| 19 | "UPDATE $usersdb SET requested=0, quimata=".(int)$_POST['user_quimata'].", bits=".(int)rand(1,512)." WHERE quimata=".(int)$_POST['user_id'], // assign new victim to killer |
| 20 | "UPDATE $usersdb SET quimata=0, mort=1 WHERE id=".(int)$_POST['user_id']]; // confirm victim dead/killed |
Andreu | 885889c | 2019-09-19 00:28:20 +0200 | [diff] [blame] | 21 | } |
Adrià Vilanova Martínez | c4ced6d | 2022-12-22 19:37:32 +0100 | [diff] [blame] | 22 | if ($_POST['msg'] == "INSTAKILL" && Security::isSignedIn() && Credentials::isAllVsAllModeEnabled()) { |
| 23 | $mort = get_users($_POST['mort']); |
| 24 | $queries = [ |
| 25 | "INSERT INTO $mortsdb (id, quimatava, assassi, curs, grau) VALUES (".(int)$_POST['mort'].", ".(int)$mort->quimata.", ".(int)$_SESSION['id'].", ".(int)$mort->curs.", ".(int)$mort->grau.")", // add to 'morts' |
| 26 | "UPDATE $usersdb SET mort=1 WHERE id = ".(int)$_POST['mort'], // kill person |
| 27 | ]; |
| 28 | } |
Andreu | efe66eb | 2019-09-21 18:41:49 +0200 | [diff] [blame] | 29 | foreach ($queries as $query) { |
Andreu | 20cbd1d | 2019-09-22 00:00:57 +0200 | [diff] [blame] | 30 | if ($query != "" and $result = query($query)) echo $query; |
Andreu | 04f79ef | 2019-09-22 18:52:19 +0200 | [diff] [blame] | 31 | else die("Query failed: " . $query); |
Andreu | efe66eb | 2019-09-21 18:41:49 +0200 | [diff] [blame] | 32 | } |
Adrià Vilanova Martínez | c4ced6d | 2022-12-22 19:37:32 +0100 | [diff] [blame] | 33 | if ($_POST['msg'] == "INSTAKILL" && Credentials::isAllVsAllModeEnabled()) { |
| 34 | Security::go('/main.php?killsuccess=1'); |
| 35 | } |
Andreu | 66ad5cf | 2019-09-18 17:15:44 +0200 | [diff] [blame] | 36 | ?> |