<?php
	error_reporting(E_ALL);

	function certain_death($error)
	{
		$output = ob_get_contents()."\n$error\n";
		ob_end_clean();

		$file = fopen("debug.txt", 'w');
		fwrite($file, $output);
		die("");
	}

	function isRowName($key)
	{  
		if($key!="limit")
			return true;
		else
			return false;
	}

	function getDataColumnWise($cols)
	{
		global $_REQUEST;

		foreach($cols as $key)
		{
			if(!isset($_REQUEST[$key]))
				certain_death("error: getting data column wise: column mismatch! (the key '$key' is missing)");

			$data[$key]=explode('|',$_REQUEST[$key]);
			
		}

		$clientid=$_REQUEST["clientid"];
		$rowcount = count($data["name"]);
		for($i=1;$i<$rowcount;$i++)
		{
			array_push($data["clientid"],$clientid);
		}
		return $data;
	}
	function convertData($cols, $data)
	{

		$rowcount=0;
		$cdata=array();
		foreach($cols as $key)
		{
			if(!isset($data[$key]))
				certain_death("error: converting data: column mismatch!");
			$values = $data[$key];
			$row=0;
			foreach($values as $value)
			{
				$cdata[$row][$key]=$value;
				$row ++;
			}
			if($rowcount==0)
			{
				$rowcount=$row;
			}
			elseif($rowcount!=$row)
			{
				certain_death("error: rowcount mismatch!");
			}		
		}
		if ($rowcount ==0)
			certain_death("error: all rows empty!");
		return $cdata;
	}

	function isChecksumValid($checksum_to_check)
	{
		global $_REQUEST;

		$data_for_checksum="";
		
		foreach ($_REQUEST as $key => $value)
		{
			if($key != "checksum")
				$data_for_checksum .= $value;
		}

		$data_for_checksum = eregi_replace("\|","", $data_for_checksum);

		$len = strlen($data_for_checksum);
		for($i=0, $j=0, $checksum=0; $i<$len; $i++)
		{
			$p = ord($data_for_checksum[$i]);
			// if char is alpha or digit
			if (($p >= 48  && $p <= 57) || ($p >= 65 && $p <= 90) || ($p >= 97 && $p <= 122))
			{
				$checksum ^= ($p << (($j%4)*8));
				$j++;
			}
		}
		
		echo "checksum info :: computed: $checksum || submitted: $checksum_to_check\n";
		return $checksum==$checksum_to_check;
	}

	function isDataValid($cols,$data)
	{
		global $_REQUEST;
		if(!isset($data["name"]))
			return false;
		if(!isset($data["score"]))
			return false;
		if(!isset($data["clientid"]))
			return false;
		if(!isset($_REQUEST["clientid"]))
			return false;
		if(!isset($_REQUEST["limit"]))
			return false;
		return true;
	}

	function getColsByLogin($login)
	{
		$query = "SELECT * FROM $login LIMIT 0";
		$result = mysql_query($query) or
			certain_death ("error: gathering column information: ".mysql_error());
		$i = 0;
		$col_count = mysql_num_fields ($result);
		$cols = array();
		while ($i < $col_count)
		{
			$tmp = mysql_fetch_field ($result);
			if($tmp->name!="timestamp")
			{
				array_push($cols,$tmp->name);
			}
			$i++;
		}
		return $cols;
	}

	function getHighscoreForEM($gameidlogin,$cols,$limit)
	{
		$select_string = implode(', ',$cols);
		$query = "SELECT $select_string FROM $gameidlogin ORDER BY score DESC LIMIT $limit";
		$result = mysql_query($query) or
				certain_death ("error: preparing highscore for EM: ".mysql_error());

		$data = array();

		foreach($cols as $column)
			$data[$column]="";

		while($tuple = mysql_fetch_array($result))
		{
			foreach($cols as $column)
			{
				$data[$column] .= '|' . $tuple[$column];
			}
		}
		$r="";
		foreach($data as $key => $data_string)
		{
			$r.='&'.$key.'='.substr($data_string,1);
		}
		return substr($r,1);
	}

	ob_start(); //buffer output

	$primarykeys = array("name","clientid"); //add all primary keys here

	
/*	if (isset($_SERVER["HTTP_USER_AGENT"]))
		if ($_SERVER["HTTP_USER_AGENT"] == "emnet")
			certain_death("error: wrong http user agent");
*/	

	if(isset($_REQUEST["gameidlogin"])) $gameidlogin = $_REQUEST["gameidlogin"]; else certain_death("error: gameidlogin required");

	if(isset($_REQUEST["checksum"])) $checksum = $_REQUEST["checksum"]; else certain_death("error: checksum required");	

	if(isset($_REQUEST["limit"])) $limit = $_REQUEST["limit"]; else $limit=0;


	if(!isChecksumValid($checksum))
		certain_death("error: checksum invalid");

	include("connect.php");

	$cols = getColsByLogin($gameidlogin);

	if(isset($_REQUEST["name"])) //TODO: not the best check... should check wheter all columnnames are present!
	{
		$data = getDataColumnWise($cols);

		//TODO: the whole thing is pretty inefficient...
		if(isDataValid($cols,$data))
		{
			$cdata = convertData($cols,$data);

			print_r($cdata);
	
			foreach($cdata as $entry)
			{
				$and="";
				$comma_all="";
				$comma_secondary="";
				$primary=""; $all=""; $set_secondary=""; $all_values="";
				$score = $entry["score"];
				foreach($entry as $key => $value)
				{
	
					if(in_array($key,$primarykeys))
					{
						$primary .= $and. "$key='$value'";
						$and = " AND ";
					}
					else
					{
						$set_secondary.=$comma_secondary . "$key='$value'";
						$comma_secondary = ', ';
					}
					$all.=$comma_all. $key;
					$all_values.=$comma_all."'$value'";
					$comma_all=', ';
				
				}
	
				$query = "SELECT score FROM $gameidlogin WHERE $primary";
				echo "$query\n";
				$result = mysql_query($query) or
					certain_death ("error: checking wheter highscore entry already inserted: ".mysql_error());
				if (mysql_num_rows($result) > 0)
				{
					$data = mysql_fetch_array($result);
					if ($data["score"] < $score)
					{
						$query="UPDATE $gameidlogin SET $set_secondary WHERE $primary";
						echo "$query\n";
						mysql_query($query) or
							certain_death ("error: updating highscore entry: ".mysql_error());
					}
				}
				else
				{
					$query = "INSERT INTO $gameidlogin ($all) VALUES ($all_values)";
					echo "$query\n";
					mysql_query($query) or
						certain_death ("error: inserting highscore entry: ".mysql_error());
			
				}
	
	
			}
	
		}
		else
			certain_death("error: data invalid!");
	}
	

	array_push($cols,"timestamp"); //add the timestamp to make sure we send it back to the program
	$highscore = getHighscoreForEM($gameidlogin,$cols,$limit);
	$output = ob_get_contents();
	ob_end_clean();
	
	echo $highscore;

//you may remove this two lines if you want to...
	$file = fopen("debug.txt", 'w');
	fwrite($file, $output);
   	

	include("disconnect.php");	
?>