<?php
$username="";
$dbpassword="";
$database="";
$server="";
mysql_connect($server,$username,$dbpassword);
@mysql_select_db($database) or die( "The database is currently down.");
$password = '';
$pid = '';
$password=isset($_GET['p'])?$_GET['p']:$_COOKIE['p'];
$pid=isset($_COOKIE['u'])?$_COOKIE['u']:'';
setcookie("u", $pid, time()+(4 * 60 * 60));
setcookie("p", $password, time()+(4 * 60 * 60));
function sql2json($query) {
$data_sql = mysql_query($query) or die("'';//" . mysql_error());
$json_str = "";
if(!$total = mysql_num_rows($data_sql)) return '';
$json_str .= "[\n";
$row_count = 0;
while($data = mysql_fetch_assoc($data_sql)) {
if(count($data) > 1) $json_str .= "{\n";
$count = 0;
foreach($data as $key => $value) {
$key = json_encode($key);
$value = json_encode($value);
if(count($data) > 1) $json_str .= "$key:$value";
else $json_str .= "$value";
$count++;
if($count < count($data)) $json_str .= ",\n";
}
$row_count++;
if(count($data) > 1) $json_str .= "}\n";
if($row_count < $total) $json_str .= ",\n";
}
$json_str .= "]\n";
$json_str = str_replace("\n","", $json_str);
return $json_str;
}
function line2set($line) {
$set = '';
foreach ($line as $key => $value)
$set .= "`$key` = '".addslashes($value)."', ";
return substr($set, 0, -2);
}
function process_input($data, $table) {
session_cache_limiter('nocache');
header('Expires: ' . gmdate('r', 0));
header('Content-type: application/json');
if (isset($data[0]['Lifespan']))
$table = 'ZoneData';
else if (isset($data[0]['Arg1']))
mysql_query("DELETE FROM " . $table . " WHERE ZNUM = '" . (int)$data[0]['ZNUM'] . "'");
else if (isset($data[0]['MNUM'])) {
$zone = (int) substr($data[0]['MNUM'], 0, -2);
mysql_query("DELETE FROM " . $table . " WHERE MNUM >= " . ($zone*100) . " AND MNUM < " . (($zone+1)*100));
}
else if (isset($data[0]['SNUM'])) {
$zone = (int) substr($data[0]['SNUM'], 0, -2);
mysql_query("DELETE FROM " . $table . " WHERE SNUM >= " . ($zone*100) . " AND SNUM < " . (($zone+1)*100));
}
else {
$zone = (int) substr($data[0]['VNUM'], 0, -2);
mysql_query("DELETE FROM " . $table . " WHERE VNUM >= " . ($zone*100) . " AND VNUM < " . (($zone+1)*100));
}
if (!$table) exit;
foreach ($data as $line) {
$result = '';
$line = line2set($line);
$line = "REPLACE INTO " . $table . " SET ". $line;
$result = mysql_query($line);
if (!$result) {
$arr = array('response'=>'Database Error: Save failed. Query was:'. $line);
echo json_encode($arr);
exit;
}
}
$arr = array('response'=>'Success');
echo json_encode($arr);
}
$task = isset($_GET['task'])?$_GET['task']:'';
if (!$pid && !$password) {
if ($task == 'put') {
$arr = array('response'=>'Database Error: Session expired. Please log in again');
echo json_encode($arr);
}
else echo "Authentication Error: Session expired. Please log in again.";
exit;
}
$query = "SELECT PID, Level FROM PlayerData WHERE PID='".$pid."' and Password='".$password."'";
$result = mysql_query($query);
if (!$row = mysql_fetch_row($result)) {
echo "Authentication Error: Access denied. Log in with a valid Bedlam character and password.";
exit;
}
$level = (int)$row[1];
if (!$task) {
echo "Controller Error: Nothing to do.";
exit;
}
switch ($task) {
case 'getareas':
if ($level == 67)
$result = sql2json("SELECT z.*, '1' as CanAccess, '1' as CanEdit, (select count(*) from BEDLAM_PROD.ZoneData where VNUM = z.VNUM) as Published FROM ZoneData z ORDER BY Name");
else
$result = sql2json("SELECT z.*, (select count(*) from BuilderCanAccess where PID = '".$pid."' and ZID=z.VNUM) as CanAccess, (select count(*) from BuilderCanEdit where PID = '".$pid."' and ZID=z.VNUM) as CanEdit FROM ZoneData z ORDER BY Name");
if ($result) echo $result;
else echo("Database Error: This character does not have access to any areas.");
break;
case 'getroom':
$result = sql2json("SELECT * FROM Room" . $_GET['t'] . " WHERE VNUM >= '".((int)$_GET['id'] * 100)."' AND VNUM < '".(((int)$_GET['id']+1) * 100)."'");
if ($result) echo $result;
else echo("Database Alert: No room data found.");
break;
case 'getmob':
if ($_GET['t'] == 'Objects')
$result = sql2json("SELECT * FROM Mob" . $_GET['t'] . " WHERE MNUM >= '".((int)$_GET['id'] * 100)."' AND MNUM < '".(((int)$_GET['id']+1) * 100)."'");
else
$result = sql2json("SELECT * FROM Mob" . $_GET['t'] . " WHERE VNUM >= '".((int)$_GET['id'] * 100)."' AND VNUM < '".(((int)$_GET['id']+1) * 100)."'");
if ($result) echo $result;
else echo("Database Alert: No mob data found.");
break;
case 'getobj':
$result = sql2json("SELECT * FROM Object" . $_GET['t'] . " WHERE VNUM >= '".((int)$_GET['id'] * 100)."' AND VNUM < '".(((int)$_GET['id']+1) * 100)."'");
if ($result) echo $result;
else echo("Database Alert: No obj data found.");
break;
case 'getzone':
$result = sql2json("SELECT * FROM Zone" . $_GET['t'] . " WHERE ZNUM = '". $_GET['id']. "'");
if ($result) echo $result;
else echo("Database Alert: No zone reset data found.");
break;
case 'getshop':
$result = sql2json("SELECT * FROM Shop" . $_GET['t'] . " WHERE SNUM >= '".((int)$_GET['id'] * 100)."' AND SNUM < '".(((int)$_GET['id']+1) * 100)."'");
if ($result) echo $result;
else echo("Database Alert: No shop data found.");
break;
case 'put':
$handle = fopen('php://input','r');
$data = fgets($handle);
process_input(json_decode($data, true), $_GET['t']);
break;
case 'getsettings':
if (!$f) $f = file_get_contents('iconmap.txt');
if ($f) echo $f;
else echo("Database Error: Failed to retrieve icon map.");
break;
case 'getspells':
$result = sql2json("SELECT NUM, Name FROM SpellData WHERE NUM < 117 ORDER BY NUM");
if ($result) echo $result;
else echo("Database Error: Could not read spell data.");
break;
case 'getobjects':
$result = sql2json("SELECT VNUM as 'v', ShortDesc as 'd' FROM ObjectData");
if ($result) echo $result;
else echo("Database Error: Could not read object data.");
break;
case 'publish':
if ($level < 67) exit;
$result = mysql_query("call ZoneToProd('".(int)$_GET['id']."')");
echo $result;
break;
case 'sync':
if ($level < 67) exit;
$result = mysql_query("call ZoneFromProd('".(int)$_GET['id']."')");
echo $result;
break;
default:
echo "Database Error: Nothing to do.";
break;
}
?>
