-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathgetGJLevels19.php
More file actions
159 lines (144 loc) · 3.87 KB
/
getGJLevels19.php
File metadata and controls
159 lines (144 loc) · 3.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
<?php
include "incl/lib/connection.php";
require_once "incl/lib/injectionlibpatch.php";
// check if secret exists (basically finding if they are accessing from gd or url)
if (!isset($_POST["secret"]) || $_POST["secret"] !== "Wmfd2893gb7") {
exit("-1");
}
// post params
$page = injectpatch::number($_POST["page"] ?? 0);
$str = injectpatch::clean($_POST["str"] ?? "");
$type = injectpatch::number($_POST["type"] ?? 0);
$gdDiff = injectpatch::number($_POST["diff"] ?? 0);
// makes the difficulty of gd go to database format
$diff = 0;
switch ($gdDiff) {
case 1:
$diff = 10;
break;
case 2:
$diff = 20;
break;
case 3:
$diff = 30;
break;
case 4:
$diff = 40;
break;
case 5:
$diff = 50;
break;
case 6:
$diff = -1;
break; // demon level
default:
$diff = 0;
break;
}
$wheretype = "";
$order = "";
$params = [];
// star filters
if (!empty($_POST["star"])) {
$wheretype = "WHERE rated > 0";
}
if (!empty($_POST["noStar"])) {
$wheretype = "WHERE rated = 0";
}
switch ($type) {
case 0:
if (empty($str)) {
$order = "ORDER BY levelID DESC";
$wheretype = "";
} elseif (is_numeric($str)) {
$wheretype = "WHERE levelID = :str";
$params[":str"] = $str;
$order = "";
} else {
$wheretype = "WHERE LOWER(levelName) LIKE LOWER(:str)";
$params[":str"] = "%$str%";
$order = "ORDER BY levelID DESC";
}
break;
// downloaded
case 1:
$order = "ORDER BY downloads DESC";
break;
// liked
case 2:
$order = "ORDER BY likes DESC";
break;
// trending (most liked this week)
case 3:
$wheretype = "WHERE uploadDate >= DATE_SUB(NOW(), INTERVAL 7 DAY)";
$order = "ORDER BY likes DESC";
break;
// recent tab
case 4:
$order = "ORDER BY levelID DESC";
break;
// view a users levels
case 5:
$wheretype = "WHERE userID = :userid";
$params[":userid"] = $str;
$order = "ORDER BY levelID DESC";
break;
// featured
case 6:
$wheretype = "WHERE featured != 0";
$order = "ORDER BY levelID DESC";
break;
// magic tab
case 7:
$wheretype = "WHERE length > 3";
break;
}
// difficulty filter
if ($diff >= 10) {
if ($wheretype == "") {
$wheretype = "WHERE difficulty = :diff";
} else {
$wheretype .= " AND difficulty = :diff";
}
$params[":diff"] = $diff;
}
$offset = $page * 10;
$query = $db->prepare(
"SELECT * FROM levels $wheretype $order LIMIT 10 OFFSET $offset"
);
$query->execute($params);
$levels = $query->fetchAll();
$levelObject = "";
$creatorObject = "";
$songString = ""; // empty for nwo
foreach ($levels as $level) {
// level object
$levelObject .=
"1:{$level["levelID"]}:2:{$level["levelName"]}:3:{$level["description"]}" .
":5:{$level["levelVersion"]}:6:{$level["userID"]}:8:10:9:{$level["difficulty"]}" .
":10:{$level["downloads"]}:12:{$level["officialSong"]}:13:{$level["gameVersion"]}" .
":14:{$level["likes"]}:15:{$level["length"]}:17:{$level["demon"]}" .
":18:{$level["rated"]}:19:{$level["featured"]}:25:{$level["auto"]}" .
":26:0:30:0:31:0:35:0:36:|";
// creator object
$creatorObject .= "{$level["userID"]}:{$level["userName"]}:0|";
}
$levelObject = rtrim($levelObject, "|");
$creatorObject = rtrim($creatorObject, "|");
$countQuery = $db->prepare("SELECT COUNT(*) FROM levels $wheretype");
foreach ($params as $key => $value) {
$countQuery->bindValue($key, $value);
}
$countQuery->execute();
$totalLevels = $countQuery->fetchColumn();
echo $levelObject .
"#" .
$creatorObject .
"#" .
$songString .
"#" .
$totalLevels .
":" .
$page * 10 .
":10";
?>