Add files via upload

connect.php

@@ -21,11 +21,15 @@
 
 session_start();
 
+// Credenziali database
 $host = 'localhost';
 $user = 'vincenzopadula';
 $database = 'my_vincenzopadula';
 $psw = '';
 
+// Password di amministratore
+define("ADMIN_PW", "abcd");
+
 define("PREFIX", "tombola_k_");
 
 $dbh = mysqli_connect($host, $user, $psw, $database);
@@ -68,4 +72,25 @@ function is_a_username($username = null) {
   if($username == null || $username == "") return false;
   return preg_match("/^[a-zA-Z0-9_.-]{2,20}$/", $username);
 }
+
+function adminLogin($msg = "Password di amministratore") {
+  // La password è stata inserita?
+  if(! isset($_POST['admin_pw'])) {
+    echo "<p style='padding-top:20vh;'>$msg</p>\n".
+        "<form action='".$_SERVER['REQUEST_URI']."' method='post'>\n".
+        "<input type='text' name='admin_pw' placeholder='Inserire la password' /><br>\n".
+        "<button type='submit'>Accedi</button>\n".
+        "<button type='button' onclick='window.location.href=\"./\";'>Home</button>\n".
+        "</form>\n";
+    return false;
+  }
+
+  if($_POST['admin_pw'] != ADMIN_PW) {
+    echo "<p>Password errata.</p>\n".
+        "<button onclick='window.location.href=\"./\";'>Home</button>\n";
+    return false;
+  }
+
+  return true;
+}
 ?>

reset.php

@@ -0,0 +1,40 @@
+<?php
+/*
+Tombola
+Il classico gioco natalizio online.
+
+Copyright (C) 2020  Vincenzo Padula
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+$title = "Reset";
+include("page_header.php");
+
+if(adminLogin("Reset del database")) {
+
+  // Reset delle tabelle
+  $query = "TRUNCATE ".PREFIX."avere; TRUNCATE ".PREFIX."estrarre; TRUNCATE ".PREFIX."server; TRUNCATE ".PREFIX."utente; TRUNCATE ".PREFIX."vincere;";
+  $result = mysqli_multi_query($dbh, $query);
+  if($result) {
+    echo "<p>Il database è ora vuoto.</p>";
+  } else {
+    echo "<p>La query ha restituito un errore.</p>";
+  }
+
+  echo "<button onclick='window.location.href=\"./\";'>Home</button>";
+}
+
+include("page_footer.php");
+?>

stats.php

@@ -0,0 +1,65 @@
+<?php
+/*
+Tombola
+Il classico gioco natalizio online.
+
+Copyright (C) 2020  Vincenzo Padula
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+$title = "Statistiche";
+include("page_header.php");
+
+if(adminLogin("Statistiche di gioco")) {
+
+  // Partite non ancora iniziate
+  $query = "select count(*) n from ".PREFIX."server where accessibile is true";
+  $result = mysqli_query($dbh, $query);
+  if(mysqli_num_rows($result) == 1) {
+    $notYetStarted = (mysqli_fetch_array($result))["n"];
+  } else die("Errore query.");
+
+  // Partite in corso
+  $query = "select count(*) n from ".PREFIX."server where accessibile is false and terminato is null and offlimits is null";
+  $result = mysqli_query($dbh, $query);
+  if(mysqli_num_rows($result) == 1) {
+    $running = (mysqli_fetch_array($result))["n"];
+  } else die("Errore query.");
+
+  // Partite terminate
+  $query = "select count(*) n from ".PREFIX."server where terminato is not null;";
+  $result = mysqli_query($dbh, $query);
+  if(mysqli_num_rows($result) == 1) {
+    $ended = (mysqli_fetch_array($result))["n"];
+  } else die("Errore query.");
+
+  // Partite mai giocate
+  $query = "select count(*) n from ".PREFIX."server where terminato is null and offlimits is not null;";
+  $result = mysqli_query($dbh, $query);
+  if(mysqli_num_rows($result) == 1) {
+    $neverPlayed = (mysqli_fetch_array($result))["n"];
+  } else die("Errore query.");
+
+  echo "<table style='display:inline-block; text-align:left;'>".
+      "<tr><td>Partite non ancora iniziate:</td><td>$notYetStarted</td></tr>".
+      "<tr><td>Partite in corso:</td><td>$running</td></tr>".
+      "<tr><td>Partite terminate:</td><td>$ended</td></tr>".
+      "<tr><td>Partite mai giocate:</td><td>$neverPlayed</td></tr>".
+      "</table><br>".
+      "<button onclick='window.location.href=\"./\";'>Home</button>";
+}
+
+include("page_footer.php");
+?>