<?php
error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING);
if (isset($_GET['viewsource']))
{
echo("<table><tr><td nowrap>");
show_source("loadquests.php");
die("</td></tr></table>");
}
$username = addslashes($_POST['username']);
$password = addslashes($_POST['password']);
$lastmodified = strtotime(addslashes($_POST['lastmodified'])); //Date will be in GMT with the format yyyy-mm-dd hh:mm:ss
//If the user chooses to download quests even if the one on the server is newer, lastmodified will be 1990-1-1
header("Content-Type: text/plain");
// Connection to mysql is done in sql_config.php, which is included before this file
if (defined('MYSQL_CONNECTED'))
{
if ($result = mysql_query("SELECT * FROM QuestTimer_UserQuests WHERE username='$username' AND password='$password'"))
{
if ($data = mysql_fetch_array($result))
{
if($lastmodified < strtotime($data['lastmodified']))
{
$questxml = gzuncompress($data['questxml']) or die('<error reason="Failed to uncompress Quest XML from database" />');
echo($questxml);
echo("<!-- uploadct = $data[uploadct] -->");
}
else echo('<OldFile/>');
}
else echo('<error reason="Username does not exist or username/password mismatch" />');
}
else echo('<error reason="SQL Query error: ' . mysql_error() . '" />');
}
else echo('<error reason="Failed to connect to database" />');
?>
|