keii.dev
1<?php
2
3session_start();
4
5require_once 'priv/errorhandler.php';
6require_once 'priv/pdo.php';
7
8if(!isset($_SESSION['qr']['id']))
9{
10 echo json_encode(['error' => 'Din session har gått ut. Vänligen logga in igen.']);
11 die();
12}
13
14$postData = json_decode(file_get_contents('php://input'), true);
15
16if(!isset($postData['secret']))
17{
18 echo json_encode(['error' => 'Ingen kod angiven.']);
19 die();
20}
21
22$secret = $postData['secret'];
23
24$sql = 'SELECT alive FROM qr_players WHERE qr_users_id = ?';
25$alive = DB::prepare($sql)->texecute([$_SESSION['qr']['id']])->fetchColumn();
26
27if($alive != 1)
28{
29 echo json_encode(['error' => 'Du är tyvärr ute ur spelet.']);
30 die();
31}
32
33$sql = '
34SELECT
35 event.id,
36 target.alive,
37 user.name,
38 (
39 target.qr_users_id = (
40 SELECT target
41 FROM qr_players AS hunter
42 WHERE hunter.qr_users_id = ? AND hunter.qr_events_id = event.id
43 )
44 ) AS correct_secret
45FROM qr_players AS target
46JOIN qr_events AS event
47JOIN qr_users AS user
48 ON event.id = target.qr_events_id
49 AND NOW() > event.start_date
50 AND NOW() < event.end_date
51 AND target.qr_users_id = user.id
52WHERE target.secret = ?
53';
54$info = DB::prepare($sql)->texecute([$_SESSION['qr']['id'], $secret])->fetch();
55
56if(!$info || $info['correct_secret'] == 0)
57{
58 echo json_encode(['error' => 'Koden du angav var inte korrekt']);
59 die();
60}
61
62if($info['alive'] == 0)
63{
64 echo json_encode(['error' => 'Denna person är ute ur spelet.']);
65 die();
66}
67
68$sql = 'UPDATE qr_players SET alive = 0 WHERE secret = ?';
69DB::prepare($sql)->texecute([$secret]);
70
71$sql = '
72INSERT INTO qr_kills (target, killer, qr_events_id)
73VALUES ((SELECT qr_users_id FROM qr_players WHERE secret = ?), ?, ?)
74';
75DB::prepare($sql)->texecute([$secret, $_SESSION['qr']['id'], $info['id']]);
76
77$sql = "
78SELECT qr_users_id
79FROM qr_players
80WHERE target IS NULL AND qr_events_id = ?
81ORDER BY created_date ASC LIMIT 1
82";
83$playerWithoutTarget = DB::prepare($sql)->texecute([$info['id']])->fetchColumn();
84
85if($playerWithoutTarget)
86{
87 $sql = '
88 UPDATE qr_players as killer
89 JOIN qr_players AS victim ON victim.secret = ?
90 JOIN qr_players AS new_player ON new_player.qr_users_id = ?
91 SET new_player.target = victim.target, killer.target = new_player.qr_users_id
92 WHERE killer.qr_users_id = ? AND killer.qr_events_id = ?
93 ';
94 DB::prepare($sql)->texecute([$secret, $playerWithoutTarget, $_SESSION['qr']['id'], $info['id']]);
95}
96else
97{
98 $sql = '
99 UPDATE qr_players as killer
100 JOIN (SELECT target FROM qr_players WHERE secret = ?) as victim
101 SET killer.target = victim.target
102 WHERE qr_users_id = ? AND qr_events_id = ?
103 ';
104 DB::prepare($sql)->texecute([$secret, $_SESSION['qr']['id'], $info['id']]);
105}
106
107$sql = 'SELECT COUNT(*) FROM qr_players WHERE alive = 1 AND qr_events_id = ?';
108$playersLeft = DB::prepare($sql)->texecute([$info['id']])->fetchColumn();
109
110$config = (array) json_decode(file_get_contents('priv/config.json'));
111
112if($config != false && isset($config['killfeed_webhook']) && $config['killfeed_webhook'] != '')
113{
114 if($playersLeft == 1)
115 {
116 $message = $_SESSION['qr']['name'] . " taggade " . $info['name'] . " och vann därmed QRTag! Grattis!";
117 }
118 else
119 {
120 $message = $_SESSION['qr']['name'] . " taggade " . $info['name'] . "!\nNu är det $playersLeft spelare kvar.";
121 }
122 $options = array(
123 'http' => array(
124 'header' => "Content-type: application/x-www-form-urlencoded",
125 'method' => 'POST',
126 'content' => http_build_query(array('content' => $message))
127 )
128 );
129 $context = stream_context_create($options);
130 $result = file_get_contents($config['killfeed_webhook'], false, $context);
131}
132
133if($playersLeft == 1)
134{
135 echo json_encode(['success' => 'Du vann! Grattis!']);
136
137}
138else
139{
140 echo json_encode(['success' => 'Du taggade ditt mål! Du kommer nu tilldelas ett nytt. Lycka till!']);
141}