Thread: Public PHP Scripts for fetching User Stats through XML

Results 1 to 7 of 7
  1. #1

    Public PHP Scripts for fetching User Stats through XML

    Since I disabled my site http://www.hontracking.com, I thought I make my scripts public.

    I'm a PHP newbie, so don't expect anything big.
    Every code is free to use on one's own responsibility.

    Have fun


    Fetching match information (matches saved in a array)
    PHP Code:
    function get_match_details_array($matches) {

    if (!empty(
    $matches)) {

    $x 0;

    function 
    read_nicks($nicknames) { //need this function later
    $nick_url='';
        for (
    $v 0$v count($nicknames); $v++) {
            
    $nick_url .= "&mid[]=".$nicknames[$v];
        }
        
        if (!empty(
    $nicknames)) {
        
    $xml_get2 simplexml_load_file('http://xml.heroesofnewerth.com/xml_requester.php?f=match_stats&opt=mid'.$nick_url);
            foreach (
    $nicknames as $nick) {
            
                
    $xml_mid $xml_get2->xpath('//match[@mid="'.$nick.'"]');
                
    $xml_team1 $xml_get2->xpath('//match[@mid="'.$nick.'"]/team[@side=1]');
                
    $xml_team2 $xml_get2->xpath('//match[@mid="'.$nick.'"]/team[@side=2]');
                
    $xml_players $xml_get2->xpath('//match[@mid="'.$nick.'"]/match_stats/ms');
                
    $xml_summ $xml_get2->xpath('//match[@mid="'.$nick.'"]/summ');

                        if (!empty(
    $xml_mid[0]['mid'])) {                    
                        
                        for (
    $i 3$i <= 10$i++) {
                        
    $mode_xml[] = $xml_summ[0]->stat[$i];
                        }
                        foreach (
    $mode_xml as $value) {
                        switch(
    $value)
                        {
                          case (
    1):
                          
    $mode $value['name'];
                          break;
                          
                          case (
    0):
                          break;
                        
                          default:
                          echo 
    "?";
                          break;
                          }
                        }
                        
                        if (
    substr($xml_summ[0]->stat[0],0,3) == 'TMM' AND $xml_summ[0]->stat[10] != 1) {
                        
    $type 'ranked';
                        }
                        elseif(
    $xml_summ[0]->stat[10] == AND substr($xml_summ[0]->stat[14],0,3) == 'TMM') {
                        
    $type 'casual';
                        }
                        else {
                        
    $type 'public';
                        }
                        
                        
                        
    mysql_query("INSERT INTO matches_summ (match_id, server, map, time_played, date, url, name, mode,type,nostats) VALUES ({$xml_mid[0]['mid']},'{$xml_summ[0]->stat[14]}','{$xml_summ[0]->stat[16]}',{$xml_summ[0]->stat[18]},
                        '
    {$xml_summ[0]->stat[24]}','{$xml_summ[0]->stat[26]}','{$xml_summ[0]->stat[0]}','{$mode}','{$type}','{$xml_summ[0]->stat[1]}')");
                        
    mysql_error();
                        
                        
                        foreach (
    $xml_players as $value) {
                        if (
    substr($xml_summ[0]->stat[0],0,3) == 'TMM' AND $xml_summ[0]->stat[10] != 1) {
                        
    $rating $value->stat[17];
                        }
                        elseif(
    $xml_summ[0]->stat[10] == AND substr($xml_summ[0]->stat[0],0,3) == 'TMM') {
                        
    $rating $value->stat[17];
                        }
                        else {
                        
    $rating $value->stat[13];
                        }

                        
    mysql_query("INSERT INTO matches_players
                        (player_aid,match_id,team_side,hero_id, rating, kills, deaths, assists, secs_dead, secs, wards, actions, ck, cd, gold, neutral_ck, exp)
                        VALUES
                        (
    {$value['aid']},{$xml_mid[0]['mid']},{$value->stat[4]},{$value->stat[2]},'{$rating}',{$value->stat[20]},{$value->stat[25]},{$value->stat[24]},{$value->stat[27]},{$value->stat[46]},{$value->stat[48]},{$value->stat[45]},{$value->stat[28]},{$value->stat[40]},{$value->stat[42]},{$value->stat[32]},{$value->stat[44]})");
                        
    mysql_error();

                        
    mysql_query("INSERT INTO id2name (nickname,player_aid) VALUES ('{$value->stat[69]}',{$value['aid']})");
                        
    mysql_error();

                        }

                if ((int)
    $xml_team1[0]->stat[0] > (int)$xml_team2[0]->stat[0]) {

                
    mysql_query("REPLACE INTO matches_teams (match_id,winner) VALUES ({$xml_mid[0]['mid']},1)");
                
    mysql_error();
                }
                elseif ((int)
    $xml_team1[0]->stat[0] < (int)$xml_team2[0]->stat[0]) {

                
    mysql_query("REPLACE INTO matches_teams (match_id,winner) VALUES ({$xml_mid[0]['mid']},2)");
                
    mysql_error();
                }
                else {

                }

            
                
    mysql_query("INSERT INTO tracking_matches (match_id, status) VALUES ({$xml_mid[0]['mid']},3)");
                
    mysql_error();        
                    
                }
                else {
                
    mysql_query("UPDATE tracking_matches set status = 4 WHERE match_id = {$nick}");
                }
                
            } 
    // foreach
        
    // !empty($nicknames)
    // function read_nicks

    function prepare_nicks($startwert,$werte) {
        for (
    $i $startwert$i <= $startwert 50$i++) {
        if (!isset(
    $werte[$i]))
        {
            
    $ruechgabewert false;
            break;
        }
        else
        {    
            
    $player_aids[]=$werte[$i];
            
    $ruechgabewert true;
        }
        }

        
    read_nicks($player_aids);
        return 
    $ruechgabewert;
    }


    while(
    prepare_nicks($x,$matches))
    {
    $x $x 49;
    }

    // empty($matches)
    //function get_match_details_array 
    Update specific matches in the DB (array of matches)

    PHP Code:
    function update_matches ($matches) {

        if (
    count($matches) > 1) {
        
    $d 0;
        foreach (
    $matches as $value) {
        if (
    $d==0)
        {
            
    $query_ids $query_ids "match_id = " $value;
            
    $d++;
        }
        else
        {
            
    $query_ids $query_ids " OR match_id = " $value;    
        }
        }
        
    mysql_query("DELETE FROM tracking_matches
        WHERE 
    {$query_ids}");
        echo 
    $sql;
        
    mysql_query("DELETE FROM matches_teams
        WHERE 
    {$query_ids}");
        
    mysql_query("DELETE FROM matches_summ
        WHERE 
    {$query_ids}");
        
    mysql_query("DELETE FROM matches_players
        WHERE 
    {$query_ids}");
        
        
    get_match_details_array($matches);
        }
        else {
        
    mysql_query("DELETE FROM tracking_matches
        WHERE match_id = '
    {$matches}'");
        
    mysql_query("DELETE FROM matches_teams
        WHERE match_id = '
    {$matches}'");
        
    mysql_query("DELETE FROM matches_summ
        WHERE match_id = '
    {$matches}'");
        
    mysql_query("DELETE FROM matches_players
        WHERE match_id = '
    {$matches}'");
        
        
    get_match_details_array($matches);
        }


    Get all matches of a player (string nickname)

    PHP Code:

    function get_matches ($nickname) {


    $nick_sql mysql_query("SELECT nickname, tracking_players.player_aid, status
    FROM tracking_players
    RIGHT JOIN id2name
    ON tracking_players.player_aid = id2name.player_aid
    WHERE nickname = '
    {$nickname}'");


    $nick mysql_fetch_array($nick_sql);
    if (!empty(
    $nick['player_aid']) AND $nick['status'] == 1) {
            
            
    $xml_matches simplexml_load_file('http://xml.heroesofnewerth.com/xml_requester.php?f=ranked_history&opt=nick&nick[]='.$nickname);
            
    $xml_matches2 simplexml_load_file('http://xml.heroesofnewerth.com/xml_requester.php?f=casual_history&opt=nick&nick[]='.$nickname);
            
    $xml_matches3 simplexml_load_file('http://xml.heroesofnewerth.com/xml_requester.php?f=public_history&opt=nick&nick[]='.$nickname);
            
    $xml_account_details simplexml_load_file('http://xml.heroesofnewerth.com/xml_requester.php?f=player_stats&opt=nick&nick[]='.$nickname);


            if (!empty(
    $xml_matches->ranked_history[0]['aid'])) {
                foreach (
    $xml_matches->ranked_history->match as $value) {
                    
    $games[] = $value->id;
                }
            }
            
            if (!empty(
    $xml_matches2->casual_history[0]['aid'])) {
                foreach (
    $xml_matches2->casual_history->match as $value) {
                    
    $games[] = $value->id;
                }
            }    
            
            if (!empty(
    $xml_matches3->public_history[0]['aid'])) {
                foreach (
    $xml_matches3->public_history->match as $value) {
                    
    $games[] = $value->id;
                }
            }
            
        
            
             
    $d=0;
             foreach (
    $games as $value) {
                 if (
    $d==0)
                 {
                    
    $query_ids $query_ids "match_id = " $value;
                    
    $d++;
                 }
                 else
                 {
                    
    $query_ids $query_ids " OR match_id = " $value;    
                 }
            }
              
    $diff_matches_sql mysql_query("SELECT match_id FROM tracking_matches WHERE {$query_ids}");
              
                while (
    $diff_matches mysql_fetch_array($diff_matches_sql)){
                
    $matches[] = $diff_matches['match_id'];
                }
            
                
            
            
    $result array_diff($games$matches);
            
    sort $result );
            
    get_match_details_array($result);



            return 
    true;
    }  
    //!empty($nick['player_aid']) AND $nick['status'] == 1
    else {
        
            
    $xml_matches simplexml_load_file('http://xml.heroesofnewerth.com/xml_requester.php?f=ranked_history&opt=nick&nick[]='.$nickname);
            
    $xml_matches2 simplexml_load_file('http://xml.heroesofnewerth.com/xml_requester.php?f=casual_history&opt=nick&nick[]='.$nickname);
            
    $xml_matches3 simplexml_load_file('http://xml.heroesofnewerth.com/xml_requester.php?f=public_history&opt=nick&nick[]='.$nickname);
            
    $xml_account_details simplexml_load_file('http://xml.heroesofnewerth.com/xml_requester.php?f=player_stats&opt=nick&nick[]='.$nickname);
            
    //include 'vars.php';    

            
    mysql_query("INSERT INTO id2name (nickname, player_aid) VALUES ('{$xml_account_details->stats->player_stats->stat[0]}',{$xml_matches->ranked_history[0]['aid']})");
            
    mysql_error();
            
    mysql_query("INSERT INTO tracking_players (player_aid, status) VALUES ({$xml_matches->ranked_history[0]['aid']},1)");
            
    mysql_error();

            if (!empty(
    $xml_matches->ranked_history[0]['aid'])) {
                foreach (
    $xml_matches->ranked_history->match as $value) {
                    
    mysql_query("INSERT INTO tracking_matches (match_id, status) VALUES ({$value->id},1)");
                    
    $count_ranked[] = $value->id;
                }
            }
            
            if (!empty(
    $xml_matches2->casual_history[0]['aid'])) {
                foreach (
    $xml_matches2->casual_history->match as $value) {
                    
    mysql_query("INSERT INTO tracking_matches (match_id, status) VALUES ({$value->id},1)");
                    
    $count_casual[] = $value->id;
                }
            }    
            
            if (!empty(
    $xml_matches3->public_history[0]['aid'])) {
                foreach (
    $xml_matches3->public_history->match as $value) {
                    
    mysql_query("INSERT INTO tracking_matches (match_id, status) VALUES ({$value->id},1)");
                    
    $count_public[] = $value->id;
                }
            }
            
            echo 
    "<div style='text-align:center;margin-top:10px;'>First request, matches saved in DB with status 1.</div>";
                return 
    false;

    //else
    //function get_matches 
    Fetching Player ID using nickname (array of nicknames)

    PHP Code:
    function get_nick_from_id ($nicks) {
    $x 0;
        function 
    read_ids($nicknames) {
        
    $nick_url='';
            for (
    $v 0$v count($nicknames); $v++) {
                
    $nick_url .= "&aid[]=".$nicknames[$v];
            }
            
            if (!empty(
    $nicknames)) {
            
    $xml_get2 simplexml_load_file('http://xml.heroesofnewerth.com/xml_requester.php?f=player_stats&opt=aid'.$nick_url);
                foreach (
    $nicknames as $nick) {
                
                    
    $xml_mid $xml_get2->xpath('//player_stats[@aid="'.$nick.'"]');


                    if (!empty(
    $xml_mid[0]['aid'])) {
                    echo 
    "Nick: ".$xml_mid[0]->stat[0]."<br>";
                    } 
    // !empty($mid)

                
    // foreach
            
    // !empty($nicknames)
        
    // function read_nicks

        
    function prepare_ids($startwert,$werte) {

            for (
    $i $startwert$i <= $startwert 49$i++) {
                if (!isset(
    $werte[$i]))
                {
                    
    $ruechgabewert false;
                    break;
                }
                else
                {
                    
    $player_aids[]=$werte[$i];
                    
    $ruechgabewert true;
                }
            }

            
    read_ids($player_aids);
            return 
    $ruechgabewert;
        }


        while(
    prepare_ids($x,$nicks))
        {
        
    $x $x 50;
        }

    Some $xml->stat[X] are wrong, because XML has changed again.
    Nevermind, maybe someone can use it.
    www.HoNTracking.com

    - All Matches -
    - Associates -
    - Fight -
    - Tracking List -

  2. #2
    Thanks for sharing.

  3. #3
    Nice XSS and SQL Injection you got there

  4. #4
    Offline
    Account Icon
    Join Date
    Sep 2009
    Location
    Salvador/Brazil
    Posts
    1,209
    Quote Originally Posted by spamilator View Post
    Nice XSS and SQL Injection you got there
    Make a better one.

  5. #5
    Yeah I know, very bad scripts but they worked fine for me
    www.HoNTracking.com

    - All Matches -
    - Associates -
    - Fight -
    - Tracking List -

  6. #6
    You can share the SQL structure?!
    Thanks so much.

  7. #7
    You can share the SQL structure?!
    Thanks so much.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •