PageRenderTime 58ms CodeModel.GetById 32ms RepoModel.GetById 0ms app.codeStats 0ms

/chng_update_teams.php

https://gitlab.com/zanzilan/alp
PHP | 204 lines | 194 code | 1 blank | 9 comment | 103 complexity | 8539be4ce6b3e52c208a913b9156ff9a MD5 | raw file
  1. <?php
  2. require_once 'include/_universal.php';
  3. include_once 'include/tournaments/_tournament_functions.php';
  4. $x = new universal('tournament teams','team',1);
  5. if ($x->is_secure()) {
  6. if (empty($_GET)&&empty($_POST)) {
  7. $x->display_slim('incorrect usage.','disp_teams.php');
  8. } elseif (!empty($_POST) && !empty($_POST['id']) && !empty($_POST['teamid']) && !empty($_POST['userid'])) {
  9. $tournament = $dbc->database_fetch_assoc($dbc->database_query('SELECT * FROM tournaments WHERE tourneyid='.(int)$_POST['id']));
  10. $team = $dbc->database_query('SELECT * FROM tournament_teams WHERE tourneyid='.(int)$tournament['tourneyid'].' AND id='.(int)$_POST['teamid'].' AND captainid='.(int)$_COOKIE['userid']);
  11. $allgood = true;
  12. if (!empty($_POST['act']) && ((!$tournament['lockstart']) || ($tournament['lockstart'] && $_POST['act']=='cpt')) && !$tournament['lockjoin'] && !$tournament['lockteams'] && $dbc->database_num_rows($team)) {
  13. $teaminfo = $dbc->database_fetch_assoc($team);
  14. // act: cpt (allowed after tournament start)
  15. if ($_POST['act'] == 'del') {
  16. // delete a player
  17. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND userid='".$_POST['userid']."'"))) {
  18. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='".$teaminfo['id']."' AND userid='".$_POST['userid']."'"))) {
  19. if (!$dbc->database_query("DELETE FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='".$teaminfo['id']."' AND userid='".$_POST['userid']."'")) {
  20. $allgood = false;
  21. }
  22. } else {
  23. $error = 'user is not on your team.';
  24. }
  25. } else {
  26. $error = 'user is not playing in the tournament.';
  27. }
  28. } elseif ($_POST['act'] == 'cpt') {
  29. // make a new player captain
  30. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND userid='".$_POST['userid']."'"))) {
  31. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='".$teaminfo['id']."' AND userid='".$_POST['userid']."'"))) {
  32. if (!$dbc->database_query("UPDATE tournament_teams SET captainid='".$_POST['userid']."' WHERE tourneyid='".$tournament['tourneyid']."' AND id='".$teaminfo['id']."'")) {
  33. $allgood = false;
  34. }
  35. } else {
  36. $error = 'user is not on your team.';
  37. }
  38. } else {
  39. $error = 'user is not playing in the tournament.';
  40. }
  41. } elseif ($_POST['act'] == 'pug') {
  42. // move a player to pug
  43. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND userid='".$_POST['userid']."'"))) {
  44. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='".$teaminfo['id']."' AND userid='".$_POST['userid']."'"))) {
  45. if (!$dbc->database_query("UPDATE tournament_players SET teamid=0 WHERE tourneyid='".$tournament['tourneyid']."' AND userid='".$_POST['userid']."'")) {
  46. $allgood = false;
  47. }
  48. } else {
  49. $error = 'user is not on your team.';
  50. }
  51. } else {
  52. $error = 'user is not playing in the tournament.';
  53. }
  54. }
  55. } else {
  56. $error = 'incorrect usage.';
  57. }
  58. if (!empty($error)) {
  59. $str = $error;
  60. } else {
  61. if($allgood) {
  62. $str = 'success.';
  63. } else {
  64. $str = 'error!';
  65. }
  66. }
  67. $x->display_slim($str,'disp_teams.php'.(!empty($_POST['id'])?'?id='.$_POST['id']:''),2);
  68. } elseif (!empty($_GET) && !empty($_GET['id'])) {
  69. $tournament = $dbc->database_fetch_assoc($dbc->database_query('SELECT * FROM tournaments WHERE tourneyid='.(int)$_GET['id']));
  70. $allgood = true;
  71. if (!empty($_GET['act']) && !$tournament['lockstart'] && !$tournament['lockjoin'] && !$tournament['lockteams']) {
  72. // act: del, add
  73. if ($_GET['act'] == 'add') {
  74. if ($tournament['per_team'] == 1 || $tournament['random']) {
  75. if (is_under_max_teams($tournament['tourneyid'])) {
  76. if (!$dbc->database_num_rows($dbc->database_query('SELECT * FROM tournament_players WHERE tourneyid='.(int)$tournament['tourneyid'].' AND userid='.(int)$_COOKIE['userid']))) {
  77. if (!$dbc->database_query('INSERT INTO tournament_players (tourneyid,userid,teamid) VALUES ('.(int)$tournament['tourneyid'].','.(int)$_COOKIE['userid'].',0)')) {
  78. $allgood = false;
  79. }
  80. } else {
  81. $error = 'you are already playing in the tournament!';
  82. }
  83. } else {
  84. $error = 'maximum '.get_what_teams_called($tournament['tourneyid'],0).' limit reached.';
  85. }
  86. } elseif ($tournament['per_team'] > 1) {
  87. if (!empty($_GET['teamid'])) {
  88. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_teams WHERE id='".$_GET['teamid']."' AND tourneyid='".$tournament['tourneyid']."'"))) {
  89. if (!$dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_teams WHERE tourneyid='".$tournament['tourneyid']."' AND captainid='".$_COOKIE['userid']."'"))) {
  90. if (!$dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='".$_GET['teamid']."' AND userid='".$_COOKIE['userid']."'"))) {
  91. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='".$_GET['teamid']."'"))<$tournament['per_team']) {
  92. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='".$_GET['teamid']."'"))==0) {
  93. if (!$dbc->database_query("UPDATE tournament_teams SET captainid='".$_COOKIE['userid']."' WHERE tourneyid='".$tournament['tourneyid']."' AND id='".$_GET['teamid']."'")) {
  94. $allgood = false;
  95. }
  96. }
  97. if (!$dbc->database_query("DELETE FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND userid='".$_COOKIE['userid']."'")||!$dbc->database_query("INSERT INTO tournament_players (tourneyid,userid,teamid) VALUES ('".$tournament['tourneyid']."','".$_COOKIE['userid']."','".$_GET['teamid']."')")) {
  98. $allgood = false;
  99. }
  100. } else {
  101. $error = 'that team is full.';
  102. }
  103. } else {
  104. $error = 'you are already on this team.';
  105. }
  106. } else {
  107. $error = 'you are a captain on another team in the tournament!';
  108. }
  109. } else {
  110. $error = 'that team does not exist.';
  111. }
  112. } elseif (!empty($_GET['u']) && $_GET['u'] == 1) {
  113. // join a new team
  114. if (!$dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_teams WHERE tourneyid='".$tournament['tourneyid']."' AND captainid='".$_COOKIE['userid']."'"))) {
  115. if (!$dbc->database_query("DELETE FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND userid='".$_COOKIE['userid']."'")||!$dbc->database_query("INSERT INTO tournament_players (tourneyid,userid,teamid) VALUES ('".$tournament['tourneyid']."','".$_COOKIE['userid']."','0')")) {
  116. $allgood = false;
  117. }
  118. } else {
  119. $error = 'you are a captain on another team in the tournament!';
  120. }
  121. } else {
  122. $allgood = false;
  123. }
  124. }
  125. } elseif ($_GET['act'] == 'del') {
  126. // quit the tournament
  127. if ($tournament['per_team'] > 1 && !$tournament['random']) {
  128. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_teams WHERE tourneyid='".$tournament['tourneyid']."' AND captainid='".$_COOKIE['userid']."'"))) {
  129. $team = $dbc->database_fetch_assoc($dbc->database_query("SELECT * FROM tournament_teams WHERE tourneyid='".$tournament['tourneyid']."' AND captainid='".$_COOKIE['userid']."'"));
  130. $next_captain = $dbc->database_fetch_assoc($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='".$team['id']."' AND userid!='".$_COOKIE['userid']."' ORDER BY RAND() LIMIT 1"));
  131. if (!$dbc->database_query("UPDATE tournament_teams SET captainid='".$next_captain['userid']."' WHERE tourneyid='".$tournament['tourneyid']."' AND id='".$team['id']."'")) {
  132. $allgood = false;
  133. }
  134. }
  135. }
  136. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND userid='".$_COOKIE['userid']."'"))) {
  137. if (!$dbc->database_query("DELETE FROM tournament_players WHERE tourneyid='".$tournament["tourneyid"]."' AND userid='".$_COOKIE['userid']."'")) {
  138. $allgood = false;
  139. }
  140. if (!$dbc->database_query("DELETE FROM poll_votes_maps WHERE tourneyid='".$tournament['tourneyid']."' AND userid='".$userinfo['userid']."'")) {
  141. $allgood = false;
  142. }
  143. } else {
  144. $error = 'you are not playing in the tournament!';
  145. }
  146. } elseif ($_GET['act'] == 'delt') {
  147. // delete a team
  148. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_teams WHERE tourneyid='".$tournament['tourneyid']."' AND captainid='".$_COOKIE['userid']."'"))) {
  149. $team = $dbc->database_fetch_assoc($dbc->database_query("SELECT * FROM tournament_teams WHERE tourneyid='".$tournament['tourneyid']."' AND captainid='".$_COOKIE['userid']."'"));
  150. if (!$dbc->database_query("DELETE FROM tournament_teams WHERE tourneyid='".$tournament['tourneyid']."' AND id='".$team['id']."'")||!$dbc->database_query("DELETE FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='".$team['id']."'")) {
  151. $allgood = false;
  152. }
  153. if (!$dbc->database_query("DELETE FROM poll_votes_maps WHERE tourneyid='".$tournament['tourneyid']."' AND userid='".$userinfo['userid']."'")) {
  154. $allgood = false;
  155. }
  156. } else {
  157. $error = 'you can\'t delete the team if you\'re not the captain.';
  158. }
  159. } elseif ($_GET['act'] == 'draft') {
  160. // draft a pug
  161. if ($tournament['per_team'] > 1 && !$tournament['random'] && !empty($_GET['uid'])) {
  162. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_teams WHERE tourneyid='".$tournament['tourneyid']."' AND captainid='".$_COOKIE['userid']."'"))) {
  163. $team = $dbc->database_fetch_assoc($dbc->database_query("SELECT * FROM tournament_teams WHERE tourneyid='".$tournament['tourneyid']."' AND captainid='".$_COOKIE['userid']."'"));
  164. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='".$team['id']."'"))<$tournament['per_team']) {
  165. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid>0 AND userid='".$_GET['uid']."'"))) {
  166. $error = 'the player you\'re trying to draft has already been drafted.';
  167. } else {
  168. if ($dbc->database_num_rows($dbc->database_query("SELECT * FROM tournament_players WHERE tourneyid='".$tournament['tourneyid']."' AND teamid='0' AND userid='".$_GET['uid']."'"))) {
  169. if (!$dbc->database_query("UPDATE tournament_players SET teamid='".$team['id']."' WHERE tourneyid='".$tournament['tourneyid']."' AND userid='".$_GET['uid']."'")) {
  170. $allgood = false;
  171. }
  172. } else {
  173. $error = 'the player you\'re trying to draft isn\'t participating any more.';
  174. }
  175. }
  176. } else {
  177. $error = 'your team is already full.';
  178. }
  179. } else {
  180. $error = 'you aren\'t the captain of any team in this tournament.';
  181. }
  182. } else {
  183. $allgood = false;
  184. }
  185. }
  186. } else {
  187. $allgood = false;
  188. }
  189. if (!empty($error)) {
  190. $str = $error;
  191. } else {
  192. if($allgood) {
  193. $str = 'success.';
  194. } else {
  195. $str = 'error!';
  196. }
  197. }
  198. $x->display_slim($str,'disp_teams.php'.(!empty($_GET['id'])?'?id='.$_GET['id']:''),2);
  199. } else {
  200. $x->display_slim('incorrect usage.','disp_teams.php');
  201. }
  202. }
  203. ?>