1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
| <?
// Get Configuation file
require("config19.php");
// Connect to your server
$db=mysql_connect($mysql_host,$mysql_user,$mysql_password) or die ;
@mysql_select_db($mysql_database) or die ;
//////////////////////////////////////////////////
// Check for the existing table if its not found create it
// This is really just here to make the life of new users of the script eaiser
// They won't have to go thru the script and create the table
/////////////////////////////////////////////////
if(!mysql_num_rows( mysql_query("SHOW TABLES LIKE '".$tname."'")))
{
$query = "CREATE TABLE `$tname` (`id` int(11) NOT NULL auto_increment,`gameid` varchar(255) NOT NULL,`playername` varchar(255) NOT NULL,`score` int(255) NOT NULL,`scoredate` varchar(255) NOT NULL,`md5` varchar(255) NOT NULL, PRIMARY KEY (`id`)) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;";
$create_table = mysql_query($query)or die ;
// Preload table with 10 scores
$date = date('M d Y');
}
///////////////////////////////////////////////////////
// Status Checker
///////////////////////////////////////////////////////
if ($_GET["status"])
{
echo "online";
exit;
}
////////////////////////////////////////////////////////
// Run some checks on our gameid
////////////////////////////////////////////////////////
$gameid_safe = mysql_real_escape_string($_GET["gameid"]);
// Check the gameid is numeric
// If its not numberic lets exit
if(!is_numeric($gameid_safe))
{
exit;
}
///////////////////////////////////////////////////////
// Upload new score
///////////////////////////////////////////////////////
// Test for the variables submitted by the player
// If they exist upload into the database
if ($_GET["playername"] && $_GET["gameid"] && $_GET["score"])
{
// Strip out | marks submitted in the name or score
$playername_safe = str_replace("|","_",$_GET["playername"]);
$playername_safe = mysql_real_escape_string($playername_safe);
$score_safe = mysql_real_escape_string($_GET["score"]);
$date = date('d - m - Y');
// Check the score sent is is numeric
// If the score is not numberic lets exit
if(!is_numeric($score_safe))
{
exit;
}
// this secret key needs to be the same as the secret key in your game.
$security_md5= md5($_GET["gameid"].$_GET["playername"].$_GET["score"].$secret_key);
// Check for submitted MD5 different then server generated MD5
if ($security_md5 <>$_GET["code"])
{
// Something is wrong -- MD5 security hash is different
// Could be someone trying to insert bogus score data
exit;
}
// Everything is cool -- Insert the data into the database
$query = "insert into $tname(gameid,playername,score,scoredate,md5) values ('$gameid_safe','$playername_safe','$score_safe','$date','$security_md5')";
$insert_the_data = mysql_query($query)or die;
}
///////////////////////////////////////////////////////
// List high score
///////////////////////////////////////////////////////
// Return a list of high scores with "|" as the delimiter
if ($gameid_safe)
{
$query = "select * from $tname where gameid='$gameid_safe' order by score desc limit 10";
$view_data = mysql_query($query)or die;
while($row_data = mysql_fetch_array($view_data))
{
print($row_data["playername"]);
print "|";
print ($row_data["score"]);
print ("|");
print($row_data["scoredate"]);
print("|");
}
// We limit the score database to hold the number defined in the config script
// First check to see how many records we have for this game
$query1 ="select * from $tname where gameid = '$gameid_safe'";
$countresults = mysql_query($query1)or die;
$countofdeletes = mysql_num_rows($countresults);
if (mysql_num_rows($countresults)>$score_number)
{
$query2 ="SELECT * FROM $tname WHERE gameid = '$gameid_safe' ORDER BY score DESC Limit $score_number,$countofdeletes";
$Get_data = mysql_query($query2)or die ;
while($row_data = mysql_fetch_array($Get_data))
{
$id_delete = $row_data["id"];
$query3 = "Delete from $tname where id = $id_delete";
$Delete_data = mysql_query($query3)or die ;
}
}
}
?> |
Mettre à jour une ligne
Répondre avec citation
Partager