PageRenderTime 52ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/includes/db/db_player.inc.php

https://bitbucket.org/besseym/warship
PHP | 165 lines | 113 code | 52 blank | 0 comment | 4 complexity | 14a5611d075aebbefe5afe5b4327d4a8 MD5 | raw file
  1. <?php
  2. require_once REAL_BASE . "includes/db/db_helper.inc.php";
  3. require_once REAL_BASE . "includes/model/m_player.inc.php";
  4. static $salt = '$2a$07$secretwarshippasswardsalt$';
  5. function insert_player($db_link, $player){
  6. global $salt;
  7. $name = db_string_filter($player->name);
  8. $email = db_string_filter($player->email);
  9. $password = db_string_filter($player->password);
  10. $users_ip = db_string_filter($player->users_ip);
  11. $activation_code = db_string_filter($player->activation_code);
  12. $encrypted_password = crypt($password, $salt);
  13. $insert_sql = "insert into players (name, email, password, created_at, users_ip, activation_code) values ('$name', AES_ENCRYPT('$email', '$salt'), '$encrypted_password', Now(), '$users_ip', '$activation_code')";
  14. mysql_query($insert_sql, $db_link) or die(mysql_error());
  15. $user_id = mysql_insert_id($db_link) or die(mysql_error());
  16. $md5_id = md5($user_id);
  17. $update_sql = "UPDATE players SET md5_id='$md5_id' WHERE id='$user_id'";
  18. return mysql_query($update_sql, $db_link) or die(mysql_error());
  19. }
  20. function get_md5_id($db_link, $player){
  21. $name = db_string_filter($player->name);
  22. $find_sql = "SELECT * FROM players WHERE name='$name'";
  23. $query = mysql_query($find_sql, $db_link) or die(mysql_error());
  24. $result = mysql_fetch_assoc($query);
  25. return $result['md5_id'];
  26. }
  27. function populate_player($result){
  28. $player = new Player;
  29. $player->id = $result['id'];
  30. $player->name = $result['name'];
  31. $player->email = $result['email'];
  32. $player->approved = $result['approved'];
  33. return $player;
  34. }
  35. function select_player($db_link, $id){
  36. $player = NULL;
  37. $select_sql = "select * from players where id = '$id'";
  38. $result_set = mysql_query($select_sql, $db_link) or die(mysql_error());
  39. if(mysql_num_rows($result_set) > 0){
  40. $result = mysql_fetch_assoc($result_set);
  41. $player = populate_player($result);
  42. }
  43. return $player;
  44. }
  45. function select_player_with_match_record($db_link, $id){
  46. $player = NULL;
  47. $select_sql =
  48. "select pv.*, count(m.id) defeats from " .
  49. "(" .
  50. "select p.*, count(m.id) victories " .
  51. "from players p left join matches m on p.id = m.winning_player_id " .
  52. "where p.id = '$id'" .
  53. "group by p.id " .
  54. ") pv " .
  55. "left join matches m " .
  56. "on " .
  57. "(pv.id = m.player1_id or pv.id = m.player2_id) " .
  58. "and pv.id != m.winning_player_id " .
  59. "and m.winning_player_id is not null " .
  60. "group by pv.id;";
  61. $result_set = mysql_query($select_sql, $db_link) or die(mysql_error());
  62. if(mysql_num_rows($result_set) > 0){
  63. $result = mysql_fetch_assoc($result_set);
  64. $player = populate_player($result);
  65. $player->victories = $result['victories'];
  66. $player->defeats = $result['defeats'];
  67. }
  68. return $player;
  69. }
  70. function does_player_email_exist($db_link, $email){
  71. global $salt;
  72. $select_sql = "select id from players where email = AES_ENCRYPT('$email', '$salt')";
  73. $result_set = mysql_query($select_sql, $db_link) or die(mysql_error());
  74. return (mysql_num_rows($result_set) > 0);
  75. }
  76. function does_player_name_exist($db_link, $name){
  77. $select_sql = "select id from players where name='$name'";
  78. $result_set = mysql_query($select_sql, $db_link) or die(mysql_error());
  79. return (mysql_num_rows($result_set) > 0);
  80. }
  81. function authenticate_player($db_link, $email, $password){
  82. global $salt;
  83. $player = NULL;
  84. $encrypted_password = crypt($password, $salt);
  85. $select_sql = "select * from players where email = AES_ENCRYPT('$email', '$salt') and password='$encrypted_password'";
  86. $result_set = mysql_query($select_sql, $db_link) or die(mysql_error());
  87. if(mysql_num_rows($result_set) > 0){
  88. $result = mysql_fetch_assoc($result_set);
  89. $player = populate_player($result);
  90. }
  91. return $player;
  92. }
  93. function update_player($db_link, $player){
  94. global $salt;
  95. $id = $player->id;
  96. $name = db_string_filter($player->name);
  97. $email = db_string_filter($player->email);
  98. $password = db_string_filter($player->getEncryptedPassword());
  99. $update_sql = "update players set name='$name', email = AES_ENCRYPT('$email', '$salt'), password='$password', updated_at=now() where id='$id'";
  100. return mysql_query($update_sql, $db_link) or die(mysql_error());
  101. }
  102. function delete_player($db_link, $player){
  103. $id = $player->id;
  104. $delete_sql = "delete from players where id='$id'";
  105. return mysql_query($delete_sql, $db_link) or die(mysql_error());
  106. }
  107. function get_player_name($db_link, $id){
  108. $select_sql = "SELECT name FROM players WHERE id= '$id'";
  109. $result_set = mysql_query($select_sql, $db_link) or die(mysql_error());
  110. $result = mysql_fetch_assoc($result_set);
  111. return $result['name'];
  112. }
  113. ?>