From e5a243a52b910e35b10b26c06aa8978356b86769 Mon Sep 17 00:00:00 2001
From: Daniel Weipert <code@drogueronin.de>
Date: Sat, 2 Dec 2023 14:14:34 +0100
Subject: login and events

---
 src/Controller/Building.php |  4 +++-
 src/Controller/Event.php    | 27 ++++++++++++++++++-----
 src/Controller/Login.php    | 53 +++++++++++++++++++++++++++++++++++++++++++++
 src/Controller/Unit.php     |  5 +++++
 src/Controller/Village.php  | 20 ++++++++++++++---
 5 files changed, 100 insertions(+), 9 deletions(-)
 create mode 100644 src/Controller/Login.php

(limited to 'src/Controller')

diff --git a/src/Controller/Building.php b/src/Controller/Building.php
index 876f474..e141113 100644
--- a/src/Controller/Building.php
+++ b/src/Controller/Building.php
@@ -28,7 +28,9 @@ class Building
 
     // event
     $event = new Event();
-    $event->time = (new \DateTime())->add(\DateInterval::createFromDateString($building->getBuildTime() . ' seconds'));
+    $event->time = (new \DateTime())->add(\DateInterval::createFromDateString(
+      $building->getBuildTimeForLevel($building->getEffectiveLevel() + 1) . ' seconds'
+    ));
     $event->villageId = $building->villageId;
     $upgradeBuildingEvent = new UpgradeBuilding();
     $upgradeBuildingEvent->event = $event;
diff --git a/src/Controller/Event.php b/src/Controller/Event.php
index 78de9d5..1fd304d 100644
--- a/src/Controller/Event.php
+++ b/src/Controller/Event.php
@@ -31,10 +31,9 @@ class Event
     $event = DB::fetch(Model::class, 'select * from events where id=:id', ['id' => $request->get('id')])[0] ?? null;
     $village = Village::get($event->villageId);
 
-    if ($event->type === 'SendUnits') {
-      /**@var SendUnits $sendUnitsEvent*/
-      $sendUnitsEvent = DB::fetch(SendUnits::class, 'select * from events_send_units where event_id=:id', ['id' => $event->id]);
-
+    /**@var SendUnits $sendUnitsEvent*/
+    $sendUnitsEvent = DB::fetch(SendUnits::class, 'select * from events_send_units where event_id=:id', ['id' => $event->id])[0] ?? null;
+    if (! empty($sendUnitsEvent)) {
       if ($sendUnitsEvent->type === 'SendBack') {
         $cancelTimeDiff = $event->createdAt->diff(new \DateTime());
         $cancelTime = (new \DateTime())->add($cancelTimeDiff);
@@ -44,7 +43,25 @@ class Event
         $sendUnitsEvent->residence = $sendUnitsEvent->source;
 
         DB::query(
-          'update events set time=:time, where id=:id',
+          'update events set time=:time where id=:id',
+          ['time' => $cancelTime->format('c'), 'id' => $request->get('id')]
+        );
+        DB::query(
+          'update events_send_units set is_canceled=:is_canceled, home=:home, residence=:residence where id=:id',
+          ['is_canceled' => $sendUnitsEvent->isCanceled, 'home' => $sendUnitsEvent->home, 'residence' => $sendUnitsEvent->residence, 'id' => $sendUnitsEvent->id]
+        );
+      }
+
+      else if ($sendUnitsEvent->type === 'Recall') {
+        $cancelTimeDiff = $event->createdAt->diff(new \DateTime());
+        $cancelTime = (new \DateTime())->add($cancelTimeDiff);
+
+        $sendUnitsEvent->isCanceled = true;
+        $sendUnitsEvent->home = $sendUnitsEvent->destination;
+        $sendUnitsEvent->residence = $sendUnitsEvent->source;
+
+        DB::query(
+          'update events set time=:time where id=:id',
           ['time' => $cancelTime->format('c'), 'id' => $request->get('id')]
         );
         DB::query(
diff --git a/src/Controller/Login.php b/src/Controller/Login.php
new file mode 100644
index 0000000..0f360ae
--- /dev/null
+++ b/src/Controller/Login.php
@@ -0,0 +1,53 @@
+<?php
+
+namespace App\Controller;
+
+use App\DB;
+use App\View;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+
+class Login
+{
+  #[Route(path: '/login', methods: ['GET'])]
+  public function form(Request $request): Response
+  {
+    return new Response(View::render('login.twig'));
+  }
+
+  #[Route(path: '/login', methods: ['POST'])]
+  public function login(Request $request): Response
+  {
+    $email = $request->get('email');
+    $user = DB::query('select id,username,password from users where email=:email', ['email' => $email])->fetch();
+
+    if (empty($user)) {
+      $password = password_hash($request->get('password'), PASSWORD_DEFAULT);
+      DB::query('insert into users (username, password, email) values (:username, :password, :email)', ['username' => $email, 'password' => $password, 'email' => $email]);
+    } else {
+      $password = $user['password'];
+    }
+
+    if (password_verify($request->get('password'), $password)) {
+      $_SESSION['user'] = [
+        'id' => $user['id'],
+        'username' => $user['username'],
+      ];
+
+      return new RedirectResponse('/villages');
+    }
+
+    return new RedirectResponse('/login');
+  }
+
+  #[Route(path: '/logout', methods: ['GET'])]
+  public function logout(Request $request): Response
+  {
+    session_unset();
+    session_destroy();
+
+    return new RedirectResponse('/login');
+  }
+}
diff --git a/src/Controller/Unit.php b/src/Controller/Unit.php
index 1774c17..0508249 100644
--- a/src/Controller/Unit.php
+++ b/src/Controller/Unit.php
@@ -208,6 +208,11 @@ class Unit
       );
     }
 
+    DB::query(
+      'insert into village_units (amount, type, home_village_id, residence_village_id, is_traveling) values (:amount, :type, :home, :home, true)',
+      ['amount' => $amount, 'type' => $request->get('unit'), 'home' => $village->id]
+    );
+
     // event
     $event = new Event();
     $event->time = (new \DateTime())->add(
diff --git a/src/Controller/Village.php b/src/Controller/Village.php
index 16a8981..c678779 100644
--- a/src/Controller/Village.php
+++ b/src/Controller/Village.php
@@ -3,6 +3,7 @@
 namespace App\Controller;
 
 use App\DB;
+use App\Guard;
 use App\Model\Event\SendUnits;
 use App\Model\Event\TrainUnits;
 use App\Model\Event\UpgradeBuilding;
@@ -19,7 +20,15 @@ class Village
   #[Route(path: '/villages', methods: ['GET'])]
   public function list(): Response
   {
-    $villages = DB::fetch(Model::class, "select * from villages");
+    $villages = DB::fetch(
+      Model::class,
+      <<<SQL
+      select * from villages
+      join user_villages on villages.id = user_villages.village_id
+      where user_villages.user_id=:id
+      SQL,
+      ['id' => $_SESSION['user']['id']]
+    );
 
     return new Response(View::render('villages.twig', [
       'villages' => $villages,
@@ -30,6 +39,11 @@ class Village
   public function show(Request $request): Response
   {
     $village = Model::getByCoordinates($request->get('x'), $request->get('y'));
+
+    if (! Guard::ownsVillage($village->id)) {
+      return new Response(View::render('error.twig', ['message' => 'Insufficient permission']), 403);
+    }
+
     $events = [];
 
     $eventsBuilding = DB::query(
@@ -41,7 +55,7 @@ class Village
     )->fetchAll();
 
     foreach ($eventsBuilding as $row) {
-      $events['UpgradeBuilding'][] = DB::convertToModel(UpgradeBuilding::class, $row);
+      $events['UpgradeBuilding'][$row['type']][] = DB::convertToModel(UpgradeBuilding::class, $row);
     }
 
     $eventsUnits = DB::query(
@@ -68,7 +82,7 @@ class Village
       <<<SQL
       select * from events_send_units as event
       left join events on event.event_id = events.id
-      where destination=:id and is_canceled=false
+      where (destination=:id or source=:id) and village_id!=:id and is_canceled=false
       SQL, ['id' => $village->id]
     )->fetchAll();
 
-- 
cgit v1.2.3