[mirrors/Kyberia-bloodline.git] / wwwroot / inc / eventz / K.inc

<?php
function hasAncestor($ancest, $n_id){
    foreach($ancest as $one){
        if($one['link'] == $n_id){ return true;}
    }
    return false;
}
function getAncestors($node_id){
    global $db;
    $q="select node_vector from nodes where node_id=".$node_id;
    $result=$db->query($q);
    if ($result->next()) {
        $node=$result->getRecord();
        $node['node_vector']=trim($node['node_vector'],"z");
        $ancestors=explode(' ',chunk_split($node['node_vector'],VECTOR_CHARS,' '));
        foreach ($ancestors as $ancestor) {
            $anc[]=array("name"=>"","link"=>ltrim($ancestor,"0"));
        }
        return $anc;
    }else{ return false;}
}
function getCommanders($node_id) {
    global $db;
    $set=$db->query("select node_permission,users.login,users.user_id from node_access left join users on node_access.user_id=users.user_id where node_id='$node_id' and node_permission!='' order by node_permission");
    while ($set->next()) {
        $commanders[$set->getString('node_permission')][]=$set->getString('user_id');
    }
    return $commanders;
}
function isCommander($comms,$user_id){
    foreach($comms['master'] as $one){
        if($one == $user_id){return true;}
    }
    foreach($comms['op'] as $one){
        if($one == $user_id){return true;}
    }
    foreach($comms['execute'] as $one){
        if($one == $user_id){return true;}
    }
    return false;
}
function isSenatOwner($senat_id, $user_id){
    global $db;
    $set=$db->query("select node_creator from nodes where node_id='$senat_id'");
    if ($set->next()) {
        if(($set->getString('user_id')) == $user_id){return true;}
    }
    return false;
}

function K() {
    global $db,$node,$error,$error_messages;
    $user_id=$_SESSION['user_id'];
    $user_name=$_SESSION['user_name'];
    $kset=$db->query("select user_k from users where user_id='$user_id'");
    $kset->next();
    $user_k=$kset->getString('user_k');

    // XXX hard coded
    $senat_id = 876611;
    $K_id     = 1961061;
    $comms    = getCommanders($K_id);
    $isComm   = isCommander($comms,$user_id);
    $isSOwner = isSenatOwner($senat_id, $user_id);

    if (is_array($_POST['node_chosen'])) {
        $k=$_POST['node_chosen'];
    }
    else $k[]=$node['node_id'];
    $db->query("set autocommit=0");

    foreach ($k as $id) {

	// prevent sqli
	$k = intval($k);
	if ($k == 0) {	continue; }
	
	
        if ($user_k) {
            $isSenat = hasAncestor(getAncestors($id), $senat_id);
            if ($isSenat && !($isComm || $isSOwner)){
                $error.="Sorry, ale v senate mozu Kckovat len obcania.";
            }else{
                $userset=$db->query("select node_creator from nodes where node_id='$id'");
                $userset->next();
                $acceptor_id=$userset->getString('node_creator');

                $set=$db->query("select * from node_access where node_id='$id' and user_id='$user_id' and given_k='yes'");
                if ($set->getNumRows()) {
                    $error.=$error_messages['K_GIVEN'];
                }else{
                    --$user_k;
                    $db->query("update users set k_wallet=k_wallet+1 where user_id='$acceptor_id'");

                    $db->query("update nodes set k=k+1 where node_id='$id'");
                    $db->query("insert into I set node_id='$id'");
                    $result=$db->update("update node_access set given_k='yes' where node_id='$id' and user_id='$user_id'");
                    if (!$result) {
                        $db->query("insert into node_access set given_k='yes',node_id='$id',user_id='$user_id',last_visit=NOW()");
                    }
                }
            }
        }

        else {
            $error.=$error_messages['K_SPENT'];
        }
    }

    $db->query("update users set user_k='$user_k' where user_id='$user_id'");
    $db->query("commit");

    if (!$error) return true;
    else return false;
}

?>
Commit	Line	Data
51ff3226	1	<?php
	2	function hasAncestor($ancest, $n_id){
	3	foreach($ancest as $one){
	4	if($one['link'] == $n_id){ return true;}
	5	}
	6	return false;
	7	}
	8	function getAncestors($node_id){
	9	global $db;
	10	$q="select node_vector from nodes where node_id=".$node_id;
	11	$result=$db->query($q);
	12	if ($result->next()) {
	13	$node=$result->getRecord();
	14	$node['node_vector']=trim($node['node_vector'],"z");
	15	$ancestors=explode(' ',chunk_split($node['node_vector'],VECTOR_CHARS,' '));
	16	foreach ($ancestors as $ancestor) {
	17	$anc[]=array("name"=>"","link"=>ltrim($ancestor,"0"));
	18	}
	19	return $anc;
	20	}else{ return false;}
	21	}
	22	function getCommanders($node_id) {
	23	global $db;
	24	$set=$db->query("select node_permission,users.login,users.user_id from node_access left join users on node_access.user_id=users.user_id where node_id='$node_id' and node_permission!='' order by node_permission");
	25	while ($set->next()) {
	26	$commanders[$set->getString('node_permission')][]=$set->getString('user_id');
	27	}
	28	return $commanders;
	29	}
	30	function isCommander($comms,$user_id){
	31	foreach($comms['master'] as $one){
	32	if($one == $user_id){return true;}
	33	}
	34	foreach($comms['op'] as $one){
	35	if($one == $user_id){return true;}
	36	}
	37	foreach($comms['execute'] as $one){
	38	if($one == $user_id){return true;}
	39	}
	40	return false;
	41	}
	42	function isSenatOwner($senat_id, $user_id){
	43	global $db;
	44	$set=$db->query("select node_creator from nodes where node_id='$senat_id'");
	45	if ($set->next()) {
	46	if(($set->getString('user_id')) == $user_id){return true;}
	47	}
	48	return false;
	49	}
	50
	51	function K() {
	52	global $db,$node,$error,$error_messages;
	53	$user_id=$_SESSION['user_id'];
	54	$user_name=$_SESSION['user_name'];
	55	$kset=$db->query("select user_k from users where user_id='$user_id'");
	56	$kset->next();
	57	$user_k=$kset->getString('user_k');
	58
f2e47e33	59	// XXX hard coded
51ff3226	60	$senat_id = 876611;
	61	$K_id = 1961061;
	62	$comms = getCommanders($K_id);
	63	$isComm = isCommander($comms,$user_id);
	64	$isSOwner = isSenatOwner($senat_id, $user_id);
	65
	66	if (is_array($_POST['node_chosen'])) {
	67	$k=$_POST['node_chosen'];
	68	}
	69	else $k[]=$node['node_id'];
	70	$db->query("set autocommit=0");
	71
	72	foreach ($k as $id) {
	73
46c0767c	74	// prevent sqli
	75	$k = intval($k);
	76	if ($k == 0) { continue; }
	77
	78
51ff3226	79	if ($user_k) {
	80	$isSenat = hasAncestor(getAncestors($id), $senat_id);
	81	if ($isSenat && !($isComm \|\| $isSOwner)){
	82	$error.="Sorry, ale v senate mozu Kckovat len obcania.";
	83	}else{
	84	$userset=$db->query("select node_creator from nodes where node_id='$id'");
	85	$userset->next();
	86	$acceptor_id=$userset->getString('node_creator');
	87
	88	$set=$db->query("select * from node_access where node_id='$id' and user_id='$user_id' and given_k='yes'");
	89	if ($set->getNumRows()) {
	90	$error.=$error_messages['K_GIVEN'];
	91	}else{
	92	--$user_k;
	93	$db->query("update users set k_wallet=k_wallet+1 where user_id='$acceptor_id'");
	94
	95	$db->query("update nodes set k=k+1 where node_id='$id'");
	96	$db->query("insert into I set node_id='$id'");
	97	$result=$db->update("update node_access set given_k='yes' where node_id='$id' and user_id='$user_id'");
	98	if (!$result) {
	99	$db->query("insert into node_access set given_k='yes',node_id='$id',user_id='$user_id',last_visit=NOW()");
	100	}
	101	}
	102	}
	103	}
	104
	105	else {
	106	$error.=$error_messages['K_SPENT'];
	107	}
	108	}
	109
	110	$db->query("update users set user_k='$user_k' where user_id='$user_id'");
	111	$db->query("commit");
	112
	113	if (!$error) return true;
	114	else return false;
	115	}
	116
	117	?>
	118
	119