|
1 | 1 | <?PHP |
2 | | -header("Content-Type: application/json; charset=UTF-8"); |
3 | | - |
| 2 | +require_once('../other/_functions.php'); |
4 | 3 | require_once('../other/config.php'); |
5 | 4 |
|
6 | | -$dbname = $db['dbname']; |
7 | | -$dbtype = $db['type']; |
8 | | -if($db['type'] != "type") { |
9 | | - $dbserver = $db['type'].':host='.$db['host'].';dbname='.$dbname.';charset=utf8mb4'; |
10 | | - $dboptions = array(); |
11 | | - try { |
12 | | - $mysqlcon = new PDO($dbserver, $db['user'], $db['pass'], $dboptions); |
13 | | - } catch (PDOException $e) { |
14 | | - echo 'Database Connection failed: <b>'.$e->getMessage().'</b>'; |
15 | | - exit; |
16 | | - } |
17 | | -} |
| 5 | +start_session($cfg); |
| 6 | + |
| 7 | +error_reporting(E_ALL); |
| 8 | +ini_set("log_errors", 1); |
| 9 | +set_error_handler("php_error_handling"); |
| 10 | +ini_set("error_log", $cfg['logs_path'].'ranksystem.log'); |
| 11 | + |
| 12 | +header("Content-Type: application/json; charset=UTF-8"); |
18 | 13 |
|
19 | 14 | if (isset($_GET['apikey'])) { |
20 | 15 | $matchkey = 0; |
|
167 | 162 | $dbdata->execute(); |
168 | 163 | $json = $dbdata->fetchAll(PDO::FETCH_ASSOC|PDO::FETCH_UNIQUE); |
169 | 164 | } elseif (isset($_GET['user'])) { |
170 | | - $uuid = $name = '----------_none_selected_----------'; |
171 | | - $filter = ''; |
172 | | - $part = $cldbid = $all = 0; |
| 165 | + $filter = ' WHERE'; |
| 166 | + if(isset($_GET['cldbid'])) { |
| 167 | + $cldbid = htmlspecialchars_decode($_GET['cldbid']); |
| 168 | + if($filter != ' WHERE') $filter .= " AND"; |
| 169 | + $filter .= ' `cldbid` LIKE :cldbid'; |
| 170 | + } |
| 171 | + if(isset($_GET['groupid'])) { |
| 172 | + $groupid = htmlspecialchars_decode($_GET['groupid']); |
| 173 | + if($filter != ' WHERE') $filter .= " AND"; |
| 174 | + $filter .= " (`cldgroup` = :groupid OR `cldgroup` LIKE (:groupid0) OR `cldgroup` LIKE (:groupid1) OR `cldgroup` LIKE (:groupid2))"; |
| 175 | + } |
| 176 | + if(isset($_GET['name'])) { |
| 177 | + $name = htmlspecialchars_decode($_GET['name']); |
| 178 | + if($filter != ' WHERE') $filter .= " AND"; |
| 179 | + $filter .= ' `name` LIKE :name'; |
| 180 | + } |
173 | 181 | if(!isset($_GET['sort'])) $sort = '`rank`'; |
174 | | - if(isset($_GET['all'])) $all = 1; |
175 | | - if(isset($_GET['uuid'])) $uuid = htmlspecialchars_decode($_GET['uuid']); |
176 | | - if(isset($_GET['cldbid'])) $cldbid = htmlspecialchars_decode($_GET['cldbid']); |
177 | | - if(isset($_GET['name'])) $name = htmlspecialchars_decode($_GET['name']); |
178 | | - if(isset($_GET['part'])) $part = (htmlspecialchars_decode($_GET['part']) - 1) * 100; |
179 | | - if(isset($_GET['online']) && $uuid == '----------_none_selected_----------' && $name == '----------_none_selected_----------' && $cldbid == 0) { |
180 | | - $filter = '`online`=1'; |
181 | | - } elseif(isset($_GET['online'])) { |
182 | | - $filter = '(`uuid` LIKE :uuid OR `cldbid` LIKE :cldbid OR `name` LIKE :name) AND `online`=1'; |
183 | | - } elseif($uuid != '----------_none_selected_----------' || $name != '----------_none_selected_----------' || $cldbid != 0) { |
184 | | - $filter = '(`uuid` LIKE :uuid OR `cldbid` LIKE :cldbid OR `name` LIKE :name)'; |
| 182 | + if(isset($_GET['status']) && $_GET['status'] == strtolower('online')) { |
| 183 | + if($filter != ' WHERE') $filter .= " AND"; |
| 184 | + $filter .= " `online`=1"; |
| 185 | + } elseif(isset($_GET['status']) && $_GET['status'] == strtolower('offline')) { |
| 186 | + if($filter != ' WHERE') $filter .= " AND"; |
| 187 | + $filter .= " `online`=0"; |
| 188 | + } |
| 189 | + if(isset($_GET['uuid'])) { |
| 190 | + $uuid = htmlspecialchars_decode($_GET['uuid']); |
| 191 | + if($filter != ' WHERE') $filter .= " AND"; |
| 192 | + $filter .= ' `uuid` LIKE :uuid'; |
185 | 193 | } |
186 | | - |
187 | | - if($uuid == '----------_none_selected_----------' && $name == '----------_none_selected_----------' && $filter == '' && $cldbid == 0 && $all == 0) { |
| 194 | + if($filter == ' WHERE') $filter = ''; |
| 195 | + |
| 196 | + if($filter == '' && !isset($_GET['all']) && !isset($_GET['cldbid']) && !isset($_GET['name']) && !isset($_GET['uuid'])) { |
188 | 197 | $json = array( |
189 | 198 | "usage" => array( |
190 | 199 | "all" => array( |
|
197 | 206 | "usage" => "Use \$_GET parameter 'cldbid' and add as value a single client TS-database ID", |
198 | 207 | "example" => "/api/?user&cldbid=7775" |
199 | 208 | ), |
| 209 | + "groupid" => array( |
| 210 | + "desc" => "Get only user, which are in the given servergroup database ID", |
| 211 | + "usage" => "Use \$_GET parameter 'groupid' and add as value a database ID of a servergroup", |
| 212 | + "example" => "/api/?user&groupid=6" |
| 213 | + ), |
200 | 214 | "limit" => array( |
201 | 215 | "desc" => "Define a number that limits the number of results. Maximum value is 1000. Default is 100.", |
202 | 216 | "usage" => "Use \$_GET parameter 'limit' and add as value a number above 1", |
|
216 | 230 | ) |
217 | 231 | ) |
218 | 232 | ), |
219 | | - "online" => array( |
220 | | - "desc" => "Get the online TeamSpeak user", |
221 | | - "usage" => "Use \$_GET parameter 'online' without any value", |
222 | | - "example" => "/api/?user&online" |
223 | | - ), |
224 | 233 | "order" => array( |
225 | 234 | "desc" => "Define a sorting order.", |
226 | 235 | "usage" => "Use \$_GET parameter 'order' and add as value 'asc' for ascending or 'desc' for descending", |
|
249 | 258 | ) |
250 | 259 | ) |
251 | 260 | ), |
| 261 | + "status" => array( |
| 262 | + "desc" => "List only clients, which status is online or offline.", |
| 263 | + "usage" => "Use \$_GET parameter 'status' and add as value 'online' or 'offline'", |
| 264 | + "example" => "/api/?userstats&status=online" |
| 265 | + ), |
252 | 266 | "uuid" => array( |
253 | 267 | "desc" => "Get details about TeamSpeak user by unique client ID", |
254 | 268 | "usage" => "Use \$_GET parameter 'uuid' and add as value one unique client ID or a part of it", |
|
257 | 271 | ) |
258 | 272 | ); |
259 | 273 | } else { |
260 | | - if ($all == 1) { |
261 | | - $dbdata = $mysqlcon->prepare("SELECT * FROM `$dbname`.`user` ORDER BY {$sort} {$order} LIMIT :start, :limit"); |
262 | | - } else { |
263 | | - $dbdata = $mysqlcon->prepare("SELECT * FROM `$dbname`.`user` WHERE {$filter} ORDER BY {$sort} {$order} LIMIT :start, :limit"); |
264 | | - } |
265 | | - if($filter != '`online`=1' && $all == 0) { |
266 | | - $dbdata->bindValue(':uuid', '%'.$uuid.'%', PDO::PARAM_STR); |
267 | | - $dbdata->bindValue(':cldbid', (int) $cldbid, PDO::PARAM_INT); |
268 | | - $dbdata->bindValue(':name', '%'.$name.'%', PDO::PARAM_STR); |
269 | | - } |
| 274 | + $dbdata = $mysqlcon->prepare("SELECT * FROM `$dbname`.`user` {$filter} ORDER BY {$sort} {$order} LIMIT :start, :limit"); |
| 275 | + if(isset($_GET['cldbid'])) $dbdata->bindValue(':cldbid', (int) $cldbid, PDO::PARAM_INT); |
| 276 | + if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid', $groupid, PDO::PARAM_STR); |
| 277 | + if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid0', $groupid.'%', PDO::PARAM_STR); |
| 278 | + if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid1', '%'.$groupid.'%', PDO::PARAM_STR); |
| 279 | + if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid2', '%'.$groupid, PDO::PARAM_STR); |
| 280 | + if(isset($_GET['name'])) $dbdata->bindValue(':name', '%'.$name.'%', PDO::PARAM_STR); |
| 281 | + if(isset($_GET['uuid'])) $dbdata->bindValue(':uuid', '%'.$uuid.'%', PDO::PARAM_STR); |
| 282 | + |
270 | 283 | $dbdata->bindValue(':start', (int) $part, PDO::PARAM_INT); |
271 | 284 | $dbdata->bindValue(':limit', (int) $limit, PDO::PARAM_INT); |
272 | 285 | $dbdata->execute(); |
273 | 286 | $json = $dbdata->fetchAll(PDO::FETCH_ASSOC|PDO::FETCH_UNIQUE); |
274 | 287 | } |
275 | 288 | } elseif (isset($_GET['userstats'])) { |
276 | | - $uuid = '----------_none_selected_----------'; |
277 | | - $filter = ''; |
278 | | - $part = $all = 0; |
279 | | - if(isset($_GET['all'])) $all = 1; |
| 289 | + $filter = ' WHERE'; |
| 290 | + if(isset($_GET['cldbid'])) { |
| 291 | + $cldbid = htmlspecialchars_decode($_GET['cldbid']); |
| 292 | + if($filter != ' WHERE') $filter .= " AND"; |
| 293 | + $filter .= ' `cldbid` LIKE :cldbid'; |
| 294 | + } |
| 295 | + if(isset($_GET['groupid'])) { |
| 296 | + $groupid = htmlspecialchars_decode($_GET['groupid']); |
| 297 | + if($filter != ' WHERE') $filter .= " AND"; |
| 298 | + $filter .= " (`user`.`cldgroup` = :groupid OR `user`.`cldgroup` LIKE (:groupid0) OR `user`.`cldgroup` LIKE (:groupid1) OR `user`.`cldgroup` LIKE (:groupid2))"; |
| 299 | + } |
| 300 | + if(isset($_GET['name'])) { |
| 301 | + $name = htmlspecialchars_decode($_GET['name']); |
| 302 | + if($filter != ' WHERE') $filter .= " AND"; |
| 303 | + $filter .= ' `user`.`name` LIKE :name'; |
| 304 | + } |
280 | 305 | if(!isset($_GET['sort'])) $sort = '`count_week`'; |
| 306 | + if(isset($_GET['status']) && $_GET['status'] == strtolower('online')) { |
| 307 | + if($filter != ' WHERE') $filter .= " AND"; |
| 308 | + $filter .= " `user`.`online`=1"; |
| 309 | + } elseif(isset($_GET['status']) && $_GET['status'] == strtolower('offline')) { |
| 310 | + if($filter != ' WHERE') $filter .= " AND"; |
| 311 | + $filter .= " `user`.`online`=0"; |
| 312 | + } |
281 | 313 | if(isset($_GET['uuid'])) { |
282 | 314 | $uuid = htmlspecialchars_decode($_GET['uuid']); |
283 | | - $filter = '`stats_user`.`uuid` LIKE :uuid'; |
| 315 | + if($filter != ' WHERE') $filter .= " AND"; |
| 316 | + $filter .= ' `user`.`uuid` LIKE :uuid'; |
284 | 317 | } |
| 318 | + if($filter == ' WHERE') $filter = ''; |
285 | 319 |
|
286 | | - if($uuid == '----------_none_selected_----------' && $all == 0 && $filter == '') { |
| 320 | + if($filter == '' && !isset($_GET['all']) && !isset($_GET['cldbid']) && !isset($_GET['name']) && !isset($_GET['uuid'])) { |
287 | 321 | $json = array( |
288 | 322 | "usage" => array( |
289 | 323 | "all" => array( |
290 | 324 | "desc" => "Get additional statistics about all TeamSpeak user. Result is limited by 100 entries.", |
291 | 325 | "usage" => "Use \$_GET parameter 'all' without any value", |
292 | 326 | "example" => "/api/?userstats&all" |
293 | 327 | ), |
| 328 | + "cldbid" => array( |
| 329 | + "desc" => "Get details about TeamSpeak user by client TS-database ID", |
| 330 | + "usage" => "Use \$_GET parameter 'cldbid' and add as value a single client TS-database ID", |
| 331 | + "example" => "/api/?userstats&cldbid=7775" |
| 332 | + ), |
| 333 | + "groupid" => array( |
| 334 | + "desc" => "Get only user, which are in the given servergroup database ID", |
| 335 | + "usage" => "Use \$_GET parameter 'groupid' and add as value a database ID of a servergroup", |
| 336 | + "example" => "/api/?userstats&groupid=6" |
| 337 | + ), |
294 | 338 | "limit" => array( |
295 | 339 | "desc" => "Define a number that limits the number of results. Maximum value is 1000. Default is 100.", |
296 | 340 | "usage" => "Use \$_GET parameter 'limit' and add as value a number above 1", |
297 | 341 | "example" => "/api/?userstats&limit=10" |
298 | 342 | ), |
| 343 | + "name" => array( |
| 344 | + "desc" => "Get details about TeamSpeak user by client nickname", |
| 345 | + "usage" => "Use \$_GET parameter 'name' and add as value a name or a part of it", |
| 346 | + "example" => array( |
| 347 | + "1" => array( |
| 348 | + "desc" => "Filter by client nickname", |
| 349 | + "url" => "/api/?userstats&name=Newcomer1989" |
| 350 | + ), |
| 351 | + "2" => array( |
| 352 | + "desc" => "Filter by client nickname with a percent sign as placeholder", |
| 353 | + "url" => "/api/?userstats&name=%user%" |
| 354 | + ) |
| 355 | + ) |
| 356 | + ), |
299 | 357 | "order" => array( |
300 | 358 | "desc" => "Define a sorting order.", |
301 | 359 | "usage" => "Use \$_GET parameter 'order' and add as value 'asc' for ascending or 'desc' for descending", |
|
324 | 382 | ) |
325 | 383 | ) |
326 | 384 | ), |
| 385 | + "status" => array( |
| 386 | + "desc" => "List only clients, which status is online or offline.", |
| 387 | + "usage" => "Use \$_GET parameter 'status' and add as value 'online' or 'offline'", |
| 388 | + "example" => "/api/?userstats&status=online" |
| 389 | + ), |
327 | 390 | "uuid" => array( |
328 | 391 | "desc" => "Get additional statistics about TeamSpeak user by unique client ID", |
329 | 392 | "usage" => "Use \$_GET parameter 'uuid' and add as value one unique client ID or a part of it", |
|
332 | 395 | ) |
333 | 396 | ); |
334 | 397 | } else { |
335 | | - if ($all == 1) { |
336 | | - $dbdata = $mysqlcon->prepare("SELECT * FROM `$dbname`.`stats_user` INNER JOIN `user` ON `user`.`uuid` = `stats_user`.`uuid` ORDER BY {$sort} {$order} LIMIT :start, :limit"); |
337 | | - } else { |
338 | | - $dbdata = $mysqlcon->prepare("SELECT * FROM `$dbname`.`stats_user` INNER JOIN `user` ON `user`.`uuid` = `stats_user`.`uuid` WHERE {$filter} ORDER BY {$sort} {$order} LIMIT :start, :limit"); |
339 | | - $dbdata->bindValue(':uuid', '%'.$uuid.'%', PDO::PARAM_STR); |
340 | | - } |
| 398 | + $dbdata = $mysqlcon->prepare("SELECT * FROM `$dbname`.`stats_user` INNER JOIN `$dbname`.`user` ON `user`.`uuid` = `stats_user`.`uuid` {$filter} ORDER BY {$sort} {$order} LIMIT :start, :limit"); |
| 399 | + if(isset($_GET['cldbid'])) $dbdata->bindValue(':cldbid', (int) $cldbid, PDO::PARAM_INT); |
| 400 | + if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid', $groupid, PDO::PARAM_STR); |
| 401 | + if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid0', $groupid.'%', PDO::PARAM_STR); |
| 402 | + if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid1', '%'.$groupid.'%', PDO::PARAM_STR); |
| 403 | + if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid2', '%'.$groupid, PDO::PARAM_STR); |
| 404 | + if(isset($_GET['name'])) $dbdata->bindValue(':name', '%'.$name.'%', PDO::PARAM_STR); |
| 405 | + if(isset($_GET['uuid'])) $dbdata->bindValue(':uuid', '%'.$uuid.'%', PDO::PARAM_STR); |
| 406 | + |
341 | 407 | $dbdata->bindValue(':start', (int) $part, PDO::PARAM_INT); |
342 | 408 | $dbdata->bindValue(':limit', (int) $limit, PDO::PARAM_INT); |
343 | 409 | $dbdata->execute(); |
|
0 commit comments