Path: blob/main/public/games/files/pacman/data/db-handler.php
1036 views
<?php header('Content-Type: application/json');12/* IMPORTANT:3* change this to the main url of where you host the application, otherwise, every entry will be marked as a cheater4*/5$hostdomain = 'pacman.platzh1rsch.ch';67if (isset($_POST['action'])) {8switch ($_POST['action']) {9case 'get':10if(isset($_POST['page'])) {11echo getHighscore($_POST['page']);12} else {13echo getHighscore();14}15break;16case 'add':17if(isset($_POST['name']) || isset($_POST['score']) || isset($_POST['level']))18echo addHighscore($_POST['name'],$_POST['score'], $_POST['level']);19break;20}21} else if (isset($_GET['action'])) {22if ($_GET['action'] == 'get') {23if(isset($_GET['page'])) {24echo getHighscore($_GET['page']);25} else {26echo getHighscore();27}28} else if ($_GET['action'] == 'version') {29echo getVersionInfo();30}31} else echo "define action to call";323334function getVersionInfo() {35$strJsonFileContents = file_get_contents("../package.json");36// Convert to array37$array = json_decode($strJsonFileContents, true);3839$response["version"] = $array["version"];4041if (!isset($response) || is_null($response)) {42return "[]";43} else {44return json_encode($response);45}46}4748function getHighscore($page = 1) {4950$db = new SQLite3('pacman.db');51createDataBase($db);52$results = $db->query('SELECT name, score FROM highscore WHERE cheater = 0 AND name != "" ORDER BY score DESC LIMIT 10 OFFSET ' . ($page-1)*10);53while ($row = $results->fetchArray()) {54$tmp["name"] = htmlspecialchars($row['name']);55$tmp["score"] = strval($row['score']);56$response[] = $tmp;57}58if (!isset($response) || is_null($response)) {59return "[]";60} else {61return json_encode($response);62}63}6465function addHighscore($name, $score, $level) {6667$db = new SQLite3('pacman.db');68$date = date('Y-m-d h:i:s', time());69createDataBase($db);70$ref = isset($_SERVER[ 'HTTP_REFERER']) ? $_SERVER[ 'HTTP_REFERER'] : "";71$ua = isset($_SERVER[ 'HTTP_USER_AGENT']) ? $_SERVER[ 'HTTP_USER_AGENT'] : "";72$remA = isset($_SERVER[ 'REMOTE_ADDR']) ? $_SERVER[ 'REMOTE_ADDR'] : "";73$remH = isset($_SERVER[ 'REMOTE_HOST']) ? $_SERVER[ 'REMOTE_HOST'] : "";7475// some simple checks to avoid cheaters76$ref_assert = preg_match('/http(s)?:\/\/.*' . $hostdomain . '/', $ref) > 0;77$ua_assert = ($ua != "");78$cheater = 0;79if (!$ref_assert || !$ua_assert) {80$cheater = 1;81}8283$maxlvlpoints_pills = 104 * 10;84$maxlvlpoints_powerpills = 4 * 50;85$maxlvlpoints_ghosts = 4 * 4 * 100;86$maxlvlpoints = $maxlvlpoints_pills + $maxlvlpoints_powerpills + $maxlvlpoints_ghosts;8788// check if score is even possible89if ($level < 1 || $level > 10) {90$cheater = 1;91} else if (($score / $level) > $maxlvlpoints) {92$cheater = 1;93}9495$name_clean = htmlspecialchars($name);96$score_clean = htmlspecialchars($score);9798$db->exec('INSERT INTO highscore (name, score, level, date, log_referer, log_user_agent, log_remote_addr, log_remote_host, cheater) '99. 'VALUES ("'100. $name . '", '101. $score . ', '102. $level . ', "'103. $date . '", "'104. $ref .'", "'105. $ua . '", "'106. $remA .'", "'107. $remH . '", "'108. $cheater109.'")'110);111112$response['status'] = "success";113$response['level'] = $level;114$response['name'] = $name;115$response['score'] = $score;116$response['cheater'] = $cheater;117return json_encode($response);118}119120function createDataBase($db) {121$db->exec('CREATE TABLE IF NOT EXISTS highscore(name VARCHAR(60),score INT, level INT, date DATETIME, log_referer VARCHAR(200), log_user_agent VARCHAR(200), log_remote_addr VARCHAR(200), log_remote_host VARCHAR(200), cheater BOOLEAN)');122}123124?>125126127