Handle minimum age rating changes

diff --git a/www/.htaccess b/www/.htaccess
index 2e40d0b1da775eb6442a3f0945a2186faa937b22..8924a84ac24b48a01eefa9618df7e52cc7b9e045 100644 (file)
--- a/www/.htaccess
+++ b/www/.htaccess
@@ -9,6 +9,9 @@ RewriteRule ^api/rest/analytics/game/(.*)/event/(.*)/view.json(.*)$ /api/rest/an
 RewriteRule ^api/rest/connect/stick/stick/(.*)/view.json$ /api/rest/connect.php?hwid=$1 [END]
 RewriteRule ^api/rest/connect/stick/stick/(.*)/view.json;jsessionid=(.*)$ /api/rest/connect.php?hwid=$1&jsessionid=$2 [END]
 
+RewriteRule ^api/rest/parentcontroll/change/agerating/(.*)/(.*)/view.json$ /api/rest/parentcontroll/change/agerating.php?age=$1&pwhash=$2 [END]
+RewriteRule ^api/rest/parentcontroll/change/agerating/(.*)/(.*)/view.json;jsessionid=(.*)$ /api/rest/parentcontroll/change/agerating.php?age=$1&pwhash=$2&jsessionid=$3 [END]
+
 RewriteRule ^api/rest/player/profile/view.json$ /api/rest/player/profile.php [END]
 RewriteRule ^api/rest/player/profile/view.json;jsessionid=(.*)$ /api/rest/player/profile.php?jsessionid=$1 [END]
 

diff --git a/www/api/rest/parentcontroll/change/agerating.php b/www/api/rest/parentcontroll/change/agerating.php
new file mode 100644 (file)
index 0000000..6b9bfce
--- /dev/null
+++ b/www/api/rest/parentcontroll/change/agerating.php
@@ -0,0 +1,76 @@
+<?php
+/**
+ * Change the minimum age in the profile
+ * GET http://l2.gamestickservices.net/api/rest/parentcontroll/change/agerating/17/7694f4a66316e53c8cdd9d9954bd611d/view.json;jsessionid=zz
+ */
+header('HTTP/1.0 500 Internal Server Error');
+
+$rootDir = dirname(__FILE__, 6);
+require_once $rootDir . '/config.php';
+require_once $rootDir . '/src/ProfileDb.php';
+
+if (!isset($_GET['jsessionid'])) {
+    header('HTTP/1.0 400 Bad Request');
+    header('Content-Type: text/plain');
+    echo "Session ID missing\n";
+    exit(1);
+}
+$sessionId = $_GET['jsessionid'];
+
+if (!isset($_GET['age'])) {
+    header('HTTP/1.0 400 Bad Request');
+    header('Content-Type: text/plain');
+    echo "age missing\n";
+    exit(1);
+}
+$age = $_GET['age'];
+if ($age != 3 && $age != 7 && $age != 12 && $age != 17) {
+    header('HTTP/1.0 400 Bad Request');
+    header('Content-Type: text/plain');
+    echo "Invalid age (only 3, 7, 12 and 17 allowed)\n";
+    exit(1);
+}
+
+if (!isset($_GET['pwhash'])) {
+    header('HTTP/1.0 400 Bad Request');
+    header('Content-Type: text/plain');
+    echo "Password hash missing\n";
+    exit(1);
+}
+$passwordHash = $_GET['pwhash'];
+if (strlen($passwordHash) != 32) {
+    header('HTTP/1.0 400 Bad Request');
+    header('Content-Type: text/plain');
+    echo "Password hash must be 32 characters long\n";
+    exit(1);
+}
+
+$profileDb = new ProfileDb();
+$profile = $profileDb->getProfileBySessionId($sessionId);
+if ($profile === null) {
+    header('HTTP/1.0 404 Not Found');
+    header('Content-Type: text/plain');
+    echo "Unknown session ID\n";
+    exit(1);
+}
+
+//we do not verify the actual password
+// the hash is calculated md5($password)
+$profileDb->updateProfile(
+    $profile->hwId,
+    [
+        'minAge' => $age,
+    ]
+);
+
+
+$data = [
+    'body' => [
+        'success' => true,
+    ],
+];
+$json = json_encode($data, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
+
+header('HTTP/1.0 200 OK');
+header('Content-Type: application/json');
+echo $json . "\n";