From 1c734a28718c2f2f203e8aaeb75cdadfa9454939 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E1=84=8B=E1=85=A2=E1=84=91=E1=85=B3=E1=86=AF=20=E1=84=82?= =?UTF-8?q?=E1=85=A9=E1=84=90=E1=85=B3=E1=84=87=E1=85=AE=E1=86=A8?= Date: Sun, 17 Mar 2019 22:42:08 +0900 Subject: [PATCH] Fix: do not edit player enter code if player name and enter code are same --- src/game/setup/setup.js | 2 +- src/web/server/player/edit_entercode.php | 47 ++++++++++++++++++++++++ 2 files changed, 48 insertions(+), 1 deletion(-) diff --git a/src/game/setup/setup.js b/src/game/setup/setup.js index 45bae86..b3d2d77 100644 --- a/src/game/setup/setup.js +++ b/src/game/setup/setup.js @@ -162,7 +162,7 @@ var Setup = { }).bind(this), (function(jsonData) { // this.loginFailed(jsonData); - this.showInfoText("입장번호 변경에 실패하였습니다.") + this.showInfoText(jsonData["error"]); }).bind(this) ); }, diff --git a/src/web/server/player/edit_entercode.php b/src/web/server/player/edit_entercode.php index 1273e69..d872f88 100644 --- a/src/web/server/player/edit_entercode.php +++ b/src/web/server/player/edit_entercode.php @@ -17,6 +17,15 @@ if(!is_numeric($enterCode)) { } */ +$playerName = get_player_name($maestroID, $playerID); +if($playerName != null && $playerName != "") { + $sameNamePlayerID = get_same_name_player_id($maestroID, $playerName, $enterCode); + if($sameNamePlayerID != null && $sameNamePlayerID != 0) { + set_error_message("입력하신 입장번호를 다른 학생이 사용하고 있습니다.\n다른 입장번호를 입력해주세요."); + send_result_fail(); + exit; + } +} editPlayer($maestroID, $playerID, $enterCode); @@ -25,6 +34,44 @@ send_result_success(); exit; +function get_player_name($maestroID, $playerID) { + global $db_conn; + + $query = " + SELECT Name + FROM player + WHERE MaestroID = ? AND PlayerID = ? + "; + $stmt = $db_conn->prepare($query); + $stmt->bind_param("ii", $maestroID, $playerID); + $stmt->execute(); + $stmt->bind_result($playerName); + // while($stmt->fetch()) + $stmt->fetch(); + $stmt->close(); + + return $playerName; +} + +function get_same_name_player_id($maestroID, $playerName, $enterCode) { + global $db_conn; + + $query = " + SELECT PlayerID + FROM player + WHERE MaestroID = ? AND Name = ? AND EnterCode = ? + "; + $stmt = $db_conn->prepare($query); + $stmt->bind_param("iss", $maestroID, $playerName, $enterCode); + $stmt->execute(); + $stmt->bind_result($playerID); + // while($stmt->fetch()) + $stmt->fetch(); + $stmt->close(); + + return $playerID; +} + function editPlayer($maestroID, $playerID, $enterCode) { global $db_conn;