From 6986686df6dfc75c0c908a236c99d7d1cc84ed19 Mon Sep 17 00:00:00 2001
From: Yoann <yoann.b87@voila.fr>
Date: Thu, 28 Apr 2011 18:13:57 +0200
Subject: [PATCH 1/2] Ajout d'un test permettant d'utiliser le serveur sans
 passer denom d'utilisateur et de mot de passe lorsque qu'une session valide
 existe.

---
 code/serveur/php/ressources/backend.inc   | 13 ++++++++-----
 code/serveur/php/ressources/createGame.js |  6 +++---
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/code/serveur/php/ressources/backend.inc b/code/serveur/php/ressources/backend.inc
index 4b4ebc7..79e90c7 100644
--- a/code/serveur/php/ressources/backend.inc
+++ b/code/serveur/php/ressources/backend.inc
@@ -38,6 +38,9 @@ require_once("ressources/db.inc");
 * @return boolean : true si OK sinon false.
 */
 function checkLogin($user, $passwd) {
+	if(isset($_SESSION['userId']))
+		return true;
+		
 	$db = getDB();
 	$hashPasswd = md5($passwd);
 	$loginIsOk = ($hashPasswd == $db->querySingle("SELECT hash_passwd FROM user WHERE login='".$user."';"));
@@ -297,7 +300,7 @@ function cgInsert($centerEid, $cloud, $r1, $r2, $totalDifficulty)
 	$db->exec("commit;");
 }
 
-function decodeAndInsertGame($game) {	
+function decodeAndInsertGame($user,$game) {
 	$badWords = Array();	
 	$centerEid = getNodeEid($game['center']);
 	$r1 = $game['relations'][0];
@@ -326,18 +329,18 @@ function decodeAndInsertGame($game) {
 	} else if (count($cloud) < 5) {
 		echo "false";
 	} else {
-		insertCreatedGame($centerEid,$cloud,$r1,$r2,10);
+		insertCreatedGame($centerEid,$cloud,$r1,$r2,10,$user);
 		echo "true";
 	}
 }
 
-function insertCreatedGame($centerEid, $cloud, $r1, $r2, $totalDifficulty)
+function insertCreatedGame($centerEid, $cloud, $r1, $r2, $totalDifficulty,$userName)
 {
 	$db = getDB();
 	// Insère dans la base une partie avec le mot central $centerEid, le nuage $cloud et les relations $r1 et $r2
 	$db->exec("begin transaction;");
-	$db->exec("INSERT INTO game(gid, eid_central_word, relation_1, relation_2, difficulty)
-		   VALUES (null, $centerEid, $r1, $r2, $totalDifficulty);");
+	$db->exec("INSERT INTO game(gid, eid_central_word, relation_1, relation_2, difficulty, author)
+		   VALUES (null, $centerEid, $r1, $r2, $totalDifficulty, $userName);");
 	$gid = $db->lastInsertRowID();
 	
 	$t = time();
diff --git a/code/serveur/php/ressources/createGame.js b/code/serveur/php/ressources/createGame.js
index f3a434d..5dd6b3f 100644
--- a/code/serveur/php/ressources/createGame.js
+++ b/code/serveur/php/ressources/createGame.js
@@ -10,7 +10,7 @@ $.fn.changeId = function(append) {
 };
 
 $(function() {
-	$.getJSON("server.php", {action:"5", user:"foo", passwd:"bar"}, function (data) {
+	$.getJSON("server.php", {action:"5"}, function (data) {
 		var numWord = 1;
 		var user = "foo";
 		var passwd = "bar";
@@ -107,7 +107,7 @@ $(function() {
 				$.ajax({
 					type: "GET",
 					url: "server.php?",
-   					data: "action=4&word="+word+"&user="+user+"&passwd="+passwd,
+   					data: "action=4&word="+word, //+"&user="+user+"&passwd="+passwd,
    					success: function(msg){
 						console.log(msg);
    						input.closest(".wordLine, #center").addClass(msg == "false" ? "invalid" : "valid");
@@ -185,7 +185,7 @@ $(function() {
 				});
    		}
    		
-   		$.get("server.php",{user:"foo",passwd:"bar",action:"6",game:exit},function (data) {
+   		$.get("server.php",{action:"6",game:exit},function (data) {
    			//$(".word").closest(".wordLine, #center").removeClass("valid invalid");
 				if(data == "true") {
 					alert("Partie enregistrée avec succès");

From 823050840e2e955d9231dd1e2dbe99e98f204768 Mon Sep 17 00:00:00 2001
From: Yoann <yoann.b87@voila.fr>
Date: Thu, 28 Apr 2011 18:29:58 +0200
Subject: [PATCH 2/2] =?UTF-8?q?Ajout=20de=20l'identifiant=20de=20l'utilisa?=
 =?UTF-8?q?teur=20lorsqu'il=20cr=C3=A9e=20une=20partie.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 code/serveur/dump2sqlite.sh             |  2 +-
 code/serveur/php/ressources/backend.inc |  2 +-
 code/serveur/php/server.php             | 18 +++++++++++++-----
 3 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/code/serveur/dump2sqlite.sh b/code/serveur/dump2sqlite.sh
index cf4c72d..584874e 100755
--- a/code/serveur/dump2sqlite.sh
+++ b/code/serveur/dump2sqlite.sh
@@ -27,7 +27,7 @@ create table relation(rid integer primary key autoincrement, start, end, type, w
 create table type_node(name, num);
 create table type_relation(name, num, extended_name, info);
 create table user(login primary key, mail, hash_passwd, score, ugroup);
-create table game(gid integer primary key autoincrement, eid_central_word, relation_1, relation_2, difficulty);
+create table game(gid integer primary key autoincrement, eid_central_word, relation_1, relation_2, difficulty, author);
 create table game_cloud(gid, num, difficulty, eid_word, totalWeight, probaR1, probaR2, probaR0, probaTrash);
 create table played_game(pgid integer primary key autoincrement, gid, login, timestamp);
 create table played_game_cloud(pgid, gid, type, num, relation, weight, score);
diff --git a/code/serveur/php/ressources/backend.inc b/code/serveur/php/ressources/backend.inc
index 79e90c7..92e42ff 100644
--- a/code/serveur/php/ressources/backend.inc
+++ b/code/serveur/php/ressources/backend.inc
@@ -340,7 +340,7 @@ function insertCreatedGame($centerEid, $cloud, $r1, $r2, $totalDifficulty,$userN
 	// Insère dans la base une partie avec le mot central $centerEid, le nuage $cloud et les relations $r1 et $r2
 	$db->exec("begin transaction;");
 	$db->exec("INSERT INTO game(gid, eid_central_word, relation_1, relation_2, difficulty, author)
-		   VALUES (null, $centerEid, $r1, $r2, $totalDifficulty, $userName);");
+		   VALUES (null, $centerEid, $r1, $r2, $totalDifficulty, '$userName');");
 	$gid = $db->lastInsertRowID();
 	
 	$t = time();
diff --git a/code/serveur/php/server.php b/code/serveur/php/server.php
index 58169fd..e52d29c 100644
--- a/code/serveur/php/server.php
+++ b/code/serveur/php/server.php
@@ -1,4 +1,5 @@
 <?php
+session_start();
 
 require_once("ressources/backend.inc");
 require_once("ressources/db.inc");
@@ -30,14 +31,21 @@ function logError($errNum, $msg, $other="")
 */
 function main()
 {
-	if(!isset($_GET['action']) || !isset($_GET['user']) || !isset($_GET['passwd'])) {
+	if(!isset($_GET['action']))
 		throw new Exception("La requête est incomplète", 2);
+	else if(!isset($_SESSION['userId']) && (!isset($_GET['user']) || !isset($_GET['passwd'])))
+		throw new Exception("La requête est incomplète", 2);
+	else if(isset($_SESSION['userId'])) {
+		$user = $_SESSION['userId'];
+		$loginIsOk = true;
+	}
+	else {
+		$user = SQLite3::escapeString($_GET['user']);
+		$loginIsOk = checkLogin($user, $_GET['passwd']);
 	}
 	
-	// Login
 	$action = $_GET['action'];
-	$user = SQLite3::escapeString($_GET['user']);
-	$loginIsOk = checkLogin($user, $_GET['passwd']);
+	
 	if ($action != 3 && (!$loginIsOk)) {
 		throw new Exception("Utilisateur non enregistré ou mauvais mot de passe", 3);
 	}
@@ -84,7 +92,7 @@ function main()
 		if (!isset($_GET['game']))
 			errRequestIncomplete();
 		
-		decodeAndInsertGame($_GET['game']);
+		decodeAndInsertGame($user,$_GET['game']);
 		
 	} else {
 		throw new Exception("Commande inconnue", 2);