|
147 | 147 | "mode_desc" => $modedesc |
148 | 148 | ); |
149 | 149 | $count = 0; |
150 | | - krsort($sql['rankup_definition']); |
151 | 150 | foreach (explode(',', $sql['rankup_definition']) as $entry) { |
152 | 151 | list($key, $value) = explode('=>', $entry); |
153 | 152 | $addnewvalue1[$count] = array( |
|
170 | 169 | } |
171 | 170 | if(isset($_GET['groupid'])) { |
172 | 171 | $groupid = htmlspecialchars_decode($_GET['groupid']); |
| 172 | + $explode_groupid = explode(',', $groupid); |
173 | 173 | if($filter != ' WHERE') $filter .= " AND"; |
174 | | - $filter .= " (`cldgroup` = :groupid OR `cldgroup` LIKE (:groupid0) OR `cldgroup` LIKE (:groupid1) OR `cldgroup` LIKE (:groupid2))"; |
| 174 | + $filter .= " ("; |
| 175 | + $cnt = 0; |
| 176 | + foreach($explode_groupid as $groupid) { |
| 177 | + if($cnt > 0) $filter .= " OR "; |
| 178 | + $filter .= "`cldgroup` = :groupid".$cnt; $cnt++; |
| 179 | + $filter .= " OR `cldgroup` LIKE (:groupid".$cnt.")"; $cnt++; |
| 180 | + $filter .= " OR `cldgroup` LIKE (:groupid".$cnt.")"; $cnt++; |
| 181 | + $filter .= " OR `cldgroup` LIKE (:groupid".$cnt.")"; $cnt++; |
| 182 | + } |
| 183 | + $filter .= ")"; |
175 | 184 | } |
176 | 185 | if(isset($_GET['name'])) { |
177 | 186 | $name = htmlspecialchars_decode($_GET['name']); |
|
208 | 217 | ), |
209 | 218 | "groupid" => array( |
210 | 219 | "desc" => "Get only user, which are in the given servergroup database ID", |
211 | | - "usage" => "Use \$_GET parameter 'groupid' and add as value a database ID of a servergroup", |
212 | | - "example" => "/api/?user&groupid=6" |
| 220 | + "usage" => "Use \$_GET parameter 'groupid' and add as value a database ID of a servergroup. Multiple servergroups can be specified comma-separated.", |
| 221 | + "example" => array( |
| 222 | + "1" => array( |
| 223 | + "desc" => "Filter by a single servergroup database ID", |
| 224 | + "url" => "/api/?userstats&groupid=6" |
| 225 | + ), |
| 226 | + "2" => array( |
| 227 | + "desc" => "Filter by multiple servergroup database IDs. Only one of the specified groups must apply to get the concerned user.", |
| 228 | + "url" => "/api/?userstats&groupid=6,9,48" |
| 229 | + ) |
| 230 | + ) |
213 | 231 | ), |
214 | 232 | "limit" => array( |
215 | 233 | "desc" => "Define a number that limits the number of results. Maximum value is 1000. Default is 100.", |
|
273 | 291 | } else { |
274 | 292 | $dbdata = $mysqlcon->prepare("SELECT * FROM `$dbname`.`user` {$filter} ORDER BY {$sort} {$order} LIMIT :start, :limit"); |
275 | 293 | if(isset($_GET['cldbid'])) $dbdata->bindValue(':cldbid', (int) $cldbid, PDO::PARAM_INT); |
276 | | - if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid', $groupid, PDO::PARAM_STR); |
277 | | - if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid0', $groupid.'%', PDO::PARAM_STR); |
278 | | - if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid1', '%'.$groupid.'%', PDO::PARAM_STR); |
279 | | - if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid2', '%'.$groupid, PDO::PARAM_STR); |
| 294 | + if(isset($_GET['groupid'])) { |
| 295 | + $groupid = htmlspecialchars_decode($_GET['groupid']); |
| 296 | + $explode_groupid = explode(',', $groupid); |
| 297 | + $cnt = 0; |
| 298 | + foreach($explode_groupid as $groupid) { |
| 299 | + $dbdata->bindValue(':groupid'.$cnt, $groupid, PDO::PARAM_STR); $cnt++; |
| 300 | + $dbdata->bindValue(':groupid'.$cnt, $groupid.',%', PDO::PARAM_STR); $cnt++; |
| 301 | + $dbdata->bindValue(':groupid'.$cnt, '%,'.$groupid.',%', PDO::PARAM_STR); $cnt++; |
| 302 | + $dbdata->bindValue(':groupid'.$cnt, '%,'.$groupid, PDO::PARAM_STR); $cnt++; |
| 303 | + } |
| 304 | + } |
280 | 305 | if(isset($_GET['name'])) $dbdata->bindValue(':name', '%'.$name.'%', PDO::PARAM_STR); |
281 | 306 | if(isset($_GET['uuid'])) $dbdata->bindValue(':uuid', '%'.$uuid.'%', PDO::PARAM_STR); |
282 | 307 |
|
|
294 | 319 | } |
295 | 320 | if(isset($_GET['groupid'])) { |
296 | 321 | $groupid = htmlspecialchars_decode($_GET['groupid']); |
| 322 | + $explode_groupid = explode(',', $groupid); |
297 | 323 | if($filter != ' WHERE') $filter .= " AND"; |
298 | | - $filter .= " (`user`.`cldgroup` = :groupid OR `user`.`cldgroup` LIKE (:groupid0) OR `user`.`cldgroup` LIKE (:groupid1) OR `user`.`cldgroup` LIKE (:groupid2))"; |
| 324 | + $filter .= " ("; |
| 325 | + $cnt = 0; |
| 326 | + foreach($explode_groupid as $groupid) { |
| 327 | + if($cnt > 0) $filter .= " OR "; |
| 328 | + $filter .= "`user`.`cldgroup` = :groupid".$cnt; $cnt++; |
| 329 | + $filter .= " OR `user`.`cldgroup` LIKE (:groupid".$cnt.")"; $cnt++; |
| 330 | + $filter .= " OR `user`.`cldgroup` LIKE (:groupid".$cnt.")"; $cnt++; |
| 331 | + $filter .= " OR `user`.`cldgroup` LIKE (:groupid".$cnt.")"; $cnt++; |
| 332 | + } |
| 333 | + $filter .= ")"; |
299 | 334 | } |
300 | 335 | if(isset($_GET['name'])) { |
301 | 336 | $name = htmlspecialchars_decode($_GET['name']); |
|
332 | 367 | ), |
333 | 368 | "groupid" => array( |
334 | 369 | "desc" => "Get only user, which are in the given servergroup database ID", |
335 | | - "usage" => "Use \$_GET parameter 'groupid' and add as value a database ID of a servergroup", |
336 | | - "example" => "/api/?userstats&groupid=6" |
| 370 | + "usage" => "Use \$_GET parameter 'groupid' and add as value a database ID of a servergroup. Multiple servergroups can be specified comma-separated.", |
| 371 | + "example" => array( |
| 372 | + "1" => array( |
| 373 | + "desc" => "Filter by a single servergroup database ID", |
| 374 | + "url" => "/api/?userstats&groupid=6" |
| 375 | + ), |
| 376 | + "2" => array( |
| 377 | + "desc" => "Filter by multiple servergroup database IDs. Only one of the specified groups must apply to get the concerned user.", |
| 378 | + "url" => "/api/?userstats&groupid=6,9,48" |
| 379 | + ) |
| 380 | + ) |
337 | 381 | ), |
338 | 382 | "limit" => array( |
339 | 383 | "desc" => "Define a number that limits the number of results. Maximum value is 1000. Default is 100.", |
|
397 | 441 | } else { |
398 | 442 | $dbdata = $mysqlcon->prepare("SELECT * FROM `$dbname`.`stats_user` INNER JOIN `$dbname`.`user` ON `user`.`uuid` = `stats_user`.`uuid` {$filter} ORDER BY {$sort} {$order} LIMIT :start, :limit"); |
399 | 443 | if(isset($_GET['cldbid'])) $dbdata->bindValue(':cldbid', (int) $cldbid, PDO::PARAM_INT); |
400 | | - if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid', $groupid, PDO::PARAM_STR); |
401 | | - if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid0', $groupid.'%', PDO::PARAM_STR); |
402 | | - if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid1', '%'.$groupid.'%', PDO::PARAM_STR); |
403 | | - if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid2', '%'.$groupid, PDO::PARAM_STR); |
| 444 | + if(isset($_GET['groupid'])) { |
| 445 | + $groupid = htmlspecialchars_decode($_GET['groupid']); |
| 446 | + $explode_groupid = explode(',', $groupid); |
| 447 | + $cnt = 0; |
| 448 | + foreach($explode_groupid as $groupid) { |
| 449 | + $dbdata->bindValue(':groupid'.$cnt, $groupid, PDO::PARAM_STR); $cnt++; |
| 450 | + $dbdata->bindValue(':groupid'.$cnt, $groupid.',%', PDO::PARAM_STR); $cnt++; |
| 451 | + $dbdata->bindValue(':groupid'.$cnt, '%,'.$groupid.',%', PDO::PARAM_STR); $cnt++; |
| 452 | + $dbdata->bindValue(':groupid'.$cnt, '%,'.$groupid, PDO::PARAM_STR); $cnt++; |
| 453 | + } |
| 454 | + } |
404 | 455 | if(isset($_GET['name'])) $dbdata->bindValue(':name', '%'.$name.'%', PDO::PARAM_STR); |
405 | 456 | if(isset($_GET['uuid'])) $dbdata->bindValue(':uuid', '%'.$uuid.'%', PDO::PARAM_STR); |
406 | 457 |
|
|
0 commit comments