Code:
<?php
/*
Script: nextgame.php
Description: Script for using of nextgame applications platform
Version: 1.1
E-mail: support@haysite.am
Site: http://haysite.am
Create by Vardan Karapetyan and Andrey Antipov
*/
include "header.php";
class nextgame extends extensions
{
public static function init($query, $api_local, $uid)
{
global $user;
$settings = array
(
'site_id' => '2712',
'user_id' => $user->user_info['user_id'],
'src' => 'http://api2.nextgame.ru/iframe/js?',
'time' => time(),
'psk' => '2ECE7A8C1D4E9D134B68F69B8D182D9600F6EDD8'
);
unset($user);
if (!$query['api']) $api = $api_local;
else $api = $query['api'];
// work with api
if ($api)
{
if (method_exists(get_class(), $api)) self::$api($query, $settings, $uid);
else if (__DEBUG__) self::debug("no api method exists");
}
// load games by id
else if ( $uid && self::authorized())
{
application::load($uid, $settings);
}
}
}
class kernel
{
const __DEBUG__ = 0;
//
// print XML file
//
public static function reportXML($data, $wrapper)
{
header ("Content-Type:text/xml");
$xml = new SimpleXMLElement('<?xml version="1.0" encoding="UTF-8"?>' . $wrapper['root']);
$data_indexes = array_keys($data);
foreach ($data as $row => $value)
{
$bundle = array_flip($data[$row]);
if ($wrapper['child'] == null)
{
array_walk_recursive($bundle, array ($xml, 'addChild'));
}
else
{
if ($wrapper['in_one_row'])
{
$obj = $xml->addChild($wrapper['child']);
foreach ($data[$row] as $row2)
foreach ($row2 as $row3_name => $row3_value)
$obj->addAttribute($row3_name, $row3_value);
}
else
{
$wrap = $xml->addChild($wrapper['child']);
array_walk_recursive($bundle, array ($wrap, 'addChild'));
}
}
}
print($xml->asXML());
}
//
// verify signature
//
public static function verifySignature($query, $sys)
{
$sig = $query['sig'];
$line = '';
unset($query['sig']);
ksort($query);
foreach ($query as $name => $value)
{
$line .= $name . '=' . $value;
}
$line .= $sys['psk'];
if ($sig != md5($line)) die();
//_temporay debug_
/*
mysql_query(" INSERT INTO `logging` VALUES ('$line2') ");
if ($sig != md5($line)) {mysql_query(" INSERT INTO `logging` VALUES ('signature in-valid') ");}
else mysql_query(" INSERT INTO `logging` VALUES ('signature valid') ");
*/
}
//
// add signature
//
public static function addSignature($sys)
{
$psk = $sys['psk'];
$_sys = $sys;
unset($_sys['src']);
unset($_sys['psk']);
unset($_sys['time']);
ksort($_sys);
foreach ($_sys as $name => $value)
{
$line .= $name . '=' . $value;
}
$line .= $psk;
$url = md5($line);
return $url;
}
//
// application debugger
//
public function debug($msg, $line, $src)
{
//if (__DEBUG__) echo "<script type='text/javascript'> console.log('{$line}.{$src} — {$msg} ') </script>";
}
//
// gather data by request
//
public static function gather($ids, $area, $method, $signature)
{
if ($method != getUserApps) $addr = "http://api2.nextgame.ru/api/?method=apps.{$method}&site_id={$area}&format=xml&app_id={$ids}";
else $addr = "http://api2.nextgame.ru/api/?method=apps.{$method}&site_id={$area}&format=xml&user_id={$ids}&sig={$signature}";
$options = array
(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_AUTOREFERER => true,
CURLOPT_HEADER => false,
CURLOPT_NOBODY => false,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_MAXREDIRS => '2',
CURLOPT_CONNECTTIMEOUT => '60'
);
$query = curl_init($addr);
curl_setopt_array($query, $options);
$content = curl_exec($query);
curl_close($query);
$xml = simplexml_load_string($content);
$properties = self::simplexml2array($xml);
return $properties['data']['item'];
}
//
// validate user authorization by SEngine core
//
public static function authorized()
{
global $user;
if ( $user->user_exists == '1') { unset($user); return true; }
else header("Location: /login.php?message=1");
}
//
// convert simplexml object to array
//
public static function simplexml2array($xml)
{
if (get_class($xml) == 'SimpleXMLElement')
{
$attributes = $xml->attributes();
foreach($attributes as $k=>$v)
{
if ($v) $a[$k] = (string) $v;
}
$x = $xml;
$xml = get_object_vars($xml);
}
if (is_array($xml))
{
if (count($xml) == 0) return (string) $x; // for CDATA
foreach($xml as $key=>$value)
{
$r[$key] = self::simplexml2array($value);
}
if (isset($a)) $r['@'] = $a; // Attributes
return $r;
}
return (string) $xml;
}
}
class extensions extends kernel
{
//
// API Extensions
//
public function getPicture($ext)
{
$id = $ext['appid'];
if($ext['type'] == 'usr')
{
self::debug("not implemented");
}
else if ($ext['type'] == 'app' )
{
$size = $ext['size'];
if($size == "80") $size = "80x80";
else if ($size == "128") $size = "128x128";
else $size = "80x80";
$query = curl_init( "http://api2.nextgame.ru/service/picture/app/?app_id={$id}&size={$size}" );
$options = array
(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_AUTOREFERER => true,
CURLOPT_HEADER => true,
CURLOPT_NOBODY => false,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_MAXREDIRS => '2',
CURLOPT_CONNECTTIMEOUT => '15'
);
curl_setopt_array($query, $options);
$content = curl_exec( $query );
$header = curl_getinfo( $query );
curl_close( $query );
preg_match('/location:(.*?)\n/', $content, $_imgurl);
$image_url = $_imgurl[1];
echo "<img src={$image_url} />";
return $image_url;
}
// return $img;
}
public static function getProfile($ext, $settings)
{
self::verifySignature($ext, $settings);
global $url;
$photo_dir = "uploads_user/";
$data = array();
$request = mysql_query
("
SELECT `user_id`, `profilevalue_user_id`, `user_fname`, `user_lname`, `user_displayname`, `user_photo`, `profilevalue_4`, `profilevalue_5`
FROM `se_users`, `se_profilevalues`
WHERE `user_id` IN ({$ext['uid']})
ORDER BY FIELD (`user_id`, {$ext['uid']})
");
$wrapper = array
(
'root' => '<profiles/>',
'child' => 'user'
);
while ($stack = mysql_fetch_assoc($request))
{
if ( $stack['user_id'] == $stack['profilevalue_user_id'])
{
// picture of user
if ( $stack['user_photo'] == null )
{
$stack['user_photo'] = $url->url_base . "images/nophoto.gif";
}
else
{
$upload_id = $stack['user_id'] + 999 - (($stack['user_id'] - 1) % 1000);
$stack['user_photo'] = $url->url_base . $photo_dir . $upload_id . "/" . $stack['user_id'] . "/" . $stack['user_photo'];
}
// set up person's gender
if( $stack['profilevalue_5'] == 1 ) { $stack['profilevalue_5'] = 'M'; }
else { $stack['profilevalue_5'] = 'F'; }
// else if
$temp = array
(
'uid' => $stack['user_id'],
'first_name' => $stack['user_fname'],
'last_name' => $stack['user_lname'],
'nickname' => $stack['user_displayname'],
'birthday' => $stack['profilevalue_4'],
'sex' => $stack['profilevalue_5'],
'avatar_url' => $stack['user_photo'],
);
$index = array_keys($temp,"");
foreach ($index as $e) unset($temp[$e]);
array_push($data, $temp);
}
}
self::reportXML($data, $wrapper);
}
public static function getFriends($ext, $settings)
{
self::verifySignature($ext, $settings);
$data = array();
$request = mysql_query
("
SELECT `friend_user_id2`
FROM `se_friends`
WHERE `friend_user_id1` IN ({$ext['uid']})
ORDER BY `friend_user_id2`
ASC LIMIT 0, 100
");
$wrapper = array
(
'root' => '<friends/>',
);
while ($stack = mysql_fetch_assoc($request))
{
$temp = array
(
'friend_id' => $stack['friend_user_id2'],
);
array_push($data, $temp);
}
self::reportXML($data, $wrapper);
}
public static function wallPost($ext, $settings)
{
self::verifySignature($ext, $settings);
$time = time();
$uid = explode(',', $ext['uid']);
$total_uids = count($uid);
$message = $ext['message'];
$sql = array();
foreach ($uid as $ident)
{
$sql[] = '('.$ident.', '.$ext['poster_id'].', '.$time.', "'.mysql_real_escape_string($message).'")';
}
mysql_set_charset('utf8');
mysql_query('INSERT INTO `se_profilecomments` (profilecomment_user_id, profilecomment_authoruser_id, profilecomment_date, profilecomment_body) VALUES '.implode(',', $sql));
if (!$request) echo mysql_error();
$wrapper = array
(
'root' => '<posts/>',
'child' => 'post',
'in_one_row' => 'true'
);
$last_inserted_id = mysql_insert_id();
$xoff = $last_inserted_id - $total_uids;
$i = 0;
$post_id = $xoff;
$data = array();
for ($offset = $xoff; $offset<$last_inserted_id; $offset++)
{
$temp = array
(
array
(
'id' => $post_id,
'user_id' => $uid[$i]
)
);
array_push($data, $temp);
++$i;
++$post_id;
}
self::reportXML($data, $wrapper);
}
//
// Partner API
//
public static function app_getInfo($ext, $settings)
{
$obj = self::gather($ext['app_id'], $settings['site_id'], getInfo);
}
public static function app_getAll($ext, $settings)
{
global $smarty;
$obj = self::gather(null, $settings['site_id'], getInfo);
$smarty->assign('data', $obj);
}
public static function app_getRecommend($ext, $settings)
{
global $smarty;
$obj = self::gather($ext['app_id'], $settings['site_id'], getRecommend);
$smarty->assign('data', $obj);
}
public static function app_getNew($ext, $settings)
{
global $smarty;
$obj = self::gather($ext['app_id'], $settings['site_id'], getNew);
$smarty->assign('data', $obj);
}
public static function app_getUserApps($ext, $settings, $id)
{
global $smarty;
if ($id) $settings['user_id'] = $id;
$settings['method'] = "apps.getUserApps";
$settings['format'] = "xml";
$obj = self::gather($settings['user_id'], $settings['site_id'], getUserApps, self::AddSignature($settings));
$dataSize = "";
if (!$obj[0])
{
if (empty($obj[0]['id'])) $dataSize = 1;
$obj[0] = $obj;
}
else if (!empty($obj[0]['id']))
{
$dataSize = count($obj);
}
$smarty->assign('dataSize', $dataSize);
$smarty->assign('data', $obj);
}
}
class application extends nextgame
{
function load($id, $sys)
{
global $smarty;
$sys['app_id'] = $id;
$_sys = $sys;
unset($_sys['src']);
unset($_sys['psk']);
unset($_sys['time']);
$_sys['sig'] = self::addSignature($sys);
$_url = '';
foreach( $_sys as $k => $v ) $_url .= "$k=$v&";
$_url = substr( $_url, 0,-1 );
if (__DEBUG__) self::debug($sys['src'].$_url, __LINE__, __FUNCTION__);
$url = "<script type='text/javascript' src='{$sys['src']}{$_url}'></script>";
$smarty->assign('application', $url);
}
}
if ($_GET) nextgame::init($_GET);
?>