//make sure https
if(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off"){
$redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header('HTTP/1.1 301 Moved Permanently');
header('Location: ' . $redirect);
exit();
}
//connect
$con = mysqli_connect('mrclaase.dot5hostingmysql.com', 'dgpt_brackets', 'dgpt_brackets') or die('Could not connect: ' . mysql_error());
mysqli_select_db($con,"dgpt_brackets");
$session = new stdClass();
$session->sid="";
$session->valid=false;
$session->userid="";
$session->email="";
$session->year=2018;
$session->tournament='dgpt_championships';
$session->division='mpo';
if(isset($_GET['division'])){
$session->division=$_GET['division'];
}
if(isset($_POST['division'])){
$session->division=$_POST['division'];
}
$_POST['year']=2018;
//if(isset($_POST['year'])){
//$session->year=$_POST['year'];
//}
setConfig($session->year,$session->division);
$session->picksAllowed=$config->picksAllowed;
$session->secondsToExpiration=strtotime($config->picksExpiration)-time();
if($session->secondsToExpiration<=0){
$session->secondsToExpiration=0;
$session->picksAllowed=0;
}
if(isset($_GET['key'])){
$regCheck=mysqli_query($con,"SELECT userid,email FROM users WHERE reg_key='".mysqli_real_escape_string($con,$_GET['key'])."'");
$regCheckCount=mysqli_num_rows($regCheck);
if($regCheckCount>0){
$regResult=mysqli_fetch_array($regCheck);
newSession($regResult['userid'],$regResult['email']);
$newKey=bin2hex(random_bytes(32));
$updateQuery="UPDATE users set reg_key='".$newKey."' WHERE userid=".$regResult['userid'];
mysqli_query($con,$updateQuery) or die ($response->message=mysqli_error($con));
?>
//$redirect='index.php?sid='.$session->sid.'#passwordReset';
//header('HTTP/1.1 301 Moved Permanently');
//header('Location:'.$redirect);
exit();
}
}
if(isset($_COOKIE['sid'])){
$session->sid=$_COOKIE['sid'];
getSession($session->sid);
//exit;
}
if(isset($_GET['sid'])){
$session->sid=$_GET['sid'];
getSession($session->sid);
//exit;
}
//setcookie("sid",$session->sid, time()+(3600*24));
//if($session->email=="admin") $session->picksAllowed=true;
function getSession($sid){
global $session,$con;
$query=mysqli_query($con,"SELECT * FROM sessions WHERE sid='".$sid."'");
$count=mysqli_num_rows($query);
//echo $count."
";
if($count>0){
$topResult=mysqli_fetch_array($query);
$loadedVars=json_decode($topResult['sessionVars']);
if(strtotime($topResult['age'])>time()-(3600*24*7)){
$updateQuery="UPDATE sessions set age=NOW() WHERE sid='".$sid."'";
mysqli_query($con,$updateQuery) or die ("get session error:".mysqli_error($con));
$session->userid=$loadedVars->userid;
$session->email=$loadedVars->email;
$session->valid=true;
}
}
}
function setConfig($year,$division){
global $config;
$configJson=file_get_contents("includes/".$year."_".$division."_config.json");
$config=json_decode($configJson);
}
function newSession($userid,$email){
global $session,$con;
$newSid=bin2hex(random_bytes(64));
//setcookie("sid",$newSid, time()+(3600*24));
$session->sid=$newSid;
$session->userid=$userid;
$session->email=$email;
$session->valid=true;
$insertQuery="INSERT INTO sessions (sid,sessionVars,age) VALUES ('".$newSid."','".json_encode($session)."',NOW())";
mysqli_query($con,$insertQuery) or die ("new session error:".mysqli_error($con));
}
?>