//make sure https
if(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off"){
$redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header('HTTP/1.1 301 Moved Permanently');
header('Location: ' . $redirect);
exit();
}
//connect
$con = mysqli_connect('mrclaase.dot5hostingmysql.com', 'dgpt_brackets', 'dgpt_brackets') or die('Could not connect: ' . mysql_error());
mysqli_select_db($con,"dgpt_brackets");
$session = new stdClass();
$session->sid="";
$session->valid=false;
$session->userid="";
$session->email="";
$session->tournament="nextgen_champs_2018_am1";
$configJson=file_get_contents("includes/".$session->tournament."_config.json");
$config=json_decode($configJson);
$session->picksAllowed=$config->picksAllowed;
$session->secondsToExpiration=strtotime($config->picksExpiration)-time();
if($session->secondsToExpiration<=0){
$session->secondsToExpiration=0;
$session->picksAllowed=0;
}
if(isset($_GET['key'])){
$regCheck=mysqli_query($con,"SELECT userid,email FROM users WHERE reg_key='".mysqli_real_escape_string($con,$_GET['key'])."'");
$regCheckCount=mysqli_num_rows($regCheck);
if($regCheckCount>0){
$regResult=mysqli_fetch_array($regCheck);
newSession($regResult['userid'],$regResult['email']);
$newKey=bin2hex(random_bytes(32));
$updateQuery="UPDATE users set reg_key='".$newKey."' WHERE userid=".$regResult['userid'];
mysqli_query($con,$updateQuery) or die ($response->message=mysqli_error($con));
$redirect='index.php#passwordReset';
header('HTTP/1.1 301 Moved Permanently');
header('Location:'.$redirect);
exit();
}
}
if(isset($_COOKIE['sid'])){
$session->sid=$_COOKIE['sid'];
getSession($session->sid);
//exit;
}
setcookie("sid",$session->sid, time()+(3600*24));
//if($session->email=="admin") $session->picksAllowed=true;
function getSession($sid){
global $session,$con;
$query=mysqli_query($con,"SELECT * FROM sessions WHERE sid='".$sid."'");
$count=mysqli_num_rows($query);
//echo $count."
";
if($count>0){
$topResult=mysqli_fetch_array($query);
$loadedVars=json_decode($topResult['sessionVars']);
if(strtotime($topResult['age'])>time()-(3600*24)){
$updateQuery="UPDATE sessions set age=NOW() WHERE sid='".$sid."'";
mysqli_query($con,$updateQuery) or die ("get session error:".mysqli_error($con));
$session->userid=$loadedVars->userid;
$session->email=$loadedVars->email;
$session->valid=true;
}
}
}
function newSession($userid,$email){
global $session,$con;
$newSid=bin2hex(random_bytes(64));
setcookie("sid",$newSid, time()+(3600*24));
$session->sid=$newSid;
$session->userid=$userid;
$session->email=$email;
$session->valid=true;
$insertQuery="INSERT INTO sessions (sid,sessionVars,age) VALUES ('".$newSid."','".json_encode($session)."',NOW())";
mysqli_query($con,$insertQuery) or die ("new session error:".mysqli_error($con));
}
?>