From 42a4d88d8882254764e7dd16067ee88ef533d190 Mon Sep 17 00:00:00 2001
From: Kayne Ruse <kayneruse@gmail.com>
Date: Sun, 28 Oct 2018 19:15:33 +1100
Subject: [PATCH] These are the tweaks to the PHP legacy code that make the
 bots in the dev branch work correctly.

---
 PHPBotServer/functions.php | 14 ++++++++------
 PHPBotServer/getData.php   |  9 ++++-----
 PHPBotServer/sendData.php  | 39 +++++++++++++++++++-------------------
 3 files changed, 32 insertions(+), 30 deletions(-)

diff --git a/PHPBotServer/functions.php b/PHPBotServer/functions.php
index 3e39464..505d8ca 100644
--- a/PHPBotServer/functions.php
+++ b/PHPBotServer/functions.php
@@ -1,6 +1,8 @@
 <?php
+ini_set('display_errors', 'On');
+
 function privateKey(){
-		return "INSERT PRIVATE KEY";
+		return "<REDACTED>";
 }
 
 function throwError($errorName){
@@ -178,10 +180,10 @@ function addhttp($url) {
 
 
 function mysqlConnect() {
-		$dbhost = 'INSERT DB HOST';
-		$dbusername = 'INSERT DB USERNAME';
-		$dbpassword = 'INSERT DB PASSWORD';
-		$dbtable = 'INSERT DB TABLE';
+		$dbhost = 'localhost';
+		$dbusername = 'root';
+		$dbpassword = '<REDACTED>';
+		$dbtable = 'discordbot';
 
 		$userDB = 'user';
 		$userdataDB = 'userdata';
@@ -189,7 +191,7 @@ function mysqlConnect() {
 		$memberdataDB = 'memberdata';
 
 		$con = mysqli_connect($dbhost,$dbusername,$dbpassword,$dbtable);
-		if (!$con) { die('Could not connect: ' . mysqli_error());}
+		if (!$con) { die('Could not connect: ' . mysqli_error($con));}
 		mysqli_select_db($con, "$dbtable")or die("cannot select DB");
 		return $con;
 }
diff --git a/PHPBotServer/getData.php b/PHPBotServer/getData.php
index 0d9fe31..1597c71 100644
--- a/PHPBotServer/getData.php
+++ b/PHPBotServer/getData.php
@@ -3,7 +3,7 @@
 //header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');
 include_once 'functions.php';
 
-if( isset($_GET['dataToLoad']) ){ $dataToLoad = $_GET['dataToLoad']; } else{ $dataToLoad = ''; };
+if( isset($_GET['dataType']) ){ $dataToLoad = $_GET['dataType']; } else{ $dataToLoad = ''; };
 if( isset($_GET['userid']) ){ $userID = $_GET['userid']; } else{ $userID = ''; };
 if( isset($_GET['pk']) ){ $privateKey = $_GET['pk']; } else{ $privateKey = ''; };
 $sqlterms = '';
@@ -97,7 +97,7 @@ case "lastHostileActive":
 		}
 break;
 case "userStats":
-		$q = "SELECT strength,speed,stamina,health,maxStamina,maxHealth,wallet,xp,lvl,statPoints,chests FROM users WHERE discordUserID = '$userID';";
+		$q = "SELECT strength,speed,stamina,health,maxStamina,maxHealth,wallet,xp,lvl,statPoints FROM users WHERE discordUserID = '$userID';";
 		$r2 = mysqli_query($con,$q);
 		if ( $r2 !== false && mysqli_num_rows($r2) > 0 ) {
 			while ( $a = mysqli_fetch_assoc($r2) ) {
@@ -111,15 +111,14 @@ case "userStats":
 					$xp=stripslashes($a['xp']);
 					$recordedLVL=stripslashes($a['lvl']);
 					$statPoints=stripslashes($a['statPoints']);
-					$chests=stripslashes($a['chests']);
 					$lvlbase = getLevelBase();
 					$lvl = getLevel($xp,$lvlbase);
 					$lvlpercent = getCurrentLevelProgress($xp,$lvl);
 			}
-			echo $strength.",".$speed.",".$stamina.",".$health.",".$maxStamina.",".$maxHealth.",".$wallet.",".$xp.",".$recordedLVL.",".$lvlpercent.",".$statPoints.",".$chests;
+			echo "success,".$strength.",".$speed.",".$stamina.",".$health.",".$maxStamina.",".$maxHealth.",".$wallet.",".$xp.",".$recordedLVL.",".$lvlpercent.",".$statPoints;
 			exit;
 		} else{
-			echo "0";
+			echo "failure";
 		}
 break;
 
diff --git a/PHPBotServer/sendData.php b/PHPBotServer/sendData.php
index 06955d4..4493b14 100644
--- a/PHPBotServer/sendData.php
+++ b/PHPBotServer/sendData.php
@@ -28,7 +28,7 @@ switch ($dataType) {
 				$q = "INSERT INTO users (discordUserID,wallet)
 							SELECT * FROM (SELECT '$userID',0) AS tmp
 							WHERE NOT EXISTS (
-							    SELECT discordUserID FROM users WHERE discordUserID = '$userID'
+								SELECT discordUserID FROM users WHERE discordUserID = '$userID'
 							) LIMIT 1;";
 				$r2 = mysqli_query($con,$q);
 				*/
@@ -41,7 +41,7 @@ switch ($dataType) {
 						$q = "INSERT INTO users (discordUserID,wallet)
 									SELECT * FROM (SELECT '$userID',0) AS tmp
 									WHERE NOT EXISTS (
-									    SELECT discordUserID FROM users WHERE discordUserID = '$userID'
+										SELECT discordUserID FROM users WHERE discordUserID = '$userID'
 									) LIMIT 1;";
 						$r2 = mysqli_query($con,$q);
 						echo "createdUser";
@@ -70,7 +70,7 @@ switch ($dataType) {
 							$q = "INSERT INTO userLog (discordUserID, actionType, actionData)
 							VALUES (" . $userID . ", '" . $dataType . "', 'Checked in for $dataToSend crystals.');";
 							$r2 = mysqli_query($con,$q);
-					echo 1;
+					echo "available";
 					exit;
 				}
 		break;
@@ -127,17 +127,22 @@ switch ($dataType) {
 		break;
 
 		case "transfer":
+				$q = "SELECT discordUserID FROM users WHERE discordUserID = '$dataToSend' LIMIT 1";
+				$r2 = mysqli_query($con,$q);
+				if ( $r2 == false || mysqli_num_rows($r2) == 0 ) {
+					return "failure";
+				} else {
 					$q = "UPDATE users SET wallet = wallet - $dataToSend2 WHERE discordUserID = '$userID' LIMIT 1";
 					$r2 = mysqli_query($con,$q);
 					$q = "UPDATE users SET wallet = wallet + $dataToSend2 WHERE discordUserID = '$dataToSend' LIMIT 1";
 					$r2 = mysqli_query($con,$q);
 
-							$q = "INSERT INTO userLog (discordUserID, actionType, actionData)
-							VALUES (" . $userID . ", '" . $dataType . "', '$userID gave $dataToSend2 crystals to $dataToSend.');";
-							$r2 = mysqli_query($con,$q);
-					echo 1;
+					$q = "INSERT INTO userLog (discordUserID, actionType, actionData)
+						VALUES (" . $userID . ", '" . $dataType . "', '$userID gave $dataToSend2 crystals to $dataToSend.');";
+					$r2 = mysqli_query($con,$q);
+					echo "success";
 					exit;
-
+				}
 		break;
 
 		case "attack":
@@ -545,34 +550,30 @@ switch ($dataType) {
 				addXp($userID,$dataToSend);
 		break;
 
-
 		case "getLevelUp":
-				//addXp($userID,$dataToSend);
-				$levelCap = 30;$levelCapXP = 625;
-				$q = "SELECT xp,lvl,statPoints,chests FROM users WHERE discordUserID = '$userID';";
+				$levelCap = 30;
+				$levelCapXP = 625;
+				$q = "SELECT xp,lvl,statPoints FROM users WHERE discordUserID = '$userID';";
 				$r2 = mysqli_query($con,$q);
-				if ( $r2 !== false && mysqli_num_rows($r2) > 0 ) {
+				if ( $r2 && mysqli_num_rows($r2) > 0 ) {
 							while ( $a = mysqli_fetch_assoc($r2) ) {
 									$xp=stripslashes($a['xp']);
 									$lvl=stripslashes($a['lvl']);
 									$statPoints=stripslashes($a['statPoints']);
-									$chests=stripslashes($a['chests']);
 							}
 							$lvlbase = getLevelBase();
 							$currentLVL = floor(getLevel($xp,$lvlbase));
 							if($currentLVL > $lvl){
 									if($currentLVL > $levelCap){
-											$chests += 1;
-											$q = "UPDATE users SET lvl = $levelCap,chests = chests + 1,xp = $levelCapXP WHERE discordUserID = '$userID' LIMIT 1";
+											$q = "UPDATE users SET lvl = $levelCap, xp = $levelCapXP WHERE discordUserID = '$userID' LIMIT 1";
 											$r2 = mysqli_query($con,$q);
 									}else{
 											$statPoints += 1;
 											$q = "UPDATE users SET lvl = lvl + 1,statPoints = statPoints + 1 WHERE discordUserID = '$userID' LIMIT 1";
 											$r2 = mysqli_query($con,$q);
-											$lvl = $lvl + 1;
 									}
-									echo "levelup,".$lvl.",".$statPoints.",".$statPoints;
-							} else{
+									echo "levelup,".$currentLVL.",".$statPoints;
+							} else {
 									echo "xpadded,".$currentLVL.",".$statPoints;
 							}
 				}