From 7981dac12aa4f9ae0adc17faae51b612c8d4df65 Mon Sep 17 00:00:00 2001
From: Leander <leander.schmedemann@gmail.com>
Date: Fri, 21 Apr 2017 08:53:17 +0200
Subject: [PATCH] T201704210853

---
 Config.txt   | 1 +
 Database.php | 2 ++
 Question.php | 6 +++++-
 answer.php   | 7 ++++++-
 4 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/Config.txt b/Config.txt
index aad4f37..d8c4d2b 100644
--- a/Config.txt
+++ b/Config.txt
@@ -20,6 +20,7 @@
 13102 - No valid time specified
 13103 - No chosen answer specified
 13104 - No game for specified user
+13105 - Token incorrect or not specified
 
 = rename.php =
 14101 - User name doesn't match rules
diff --git a/Database.php b/Database.php
index 17befad..a2ab755 100644
--- a/Database.php
+++ b/Database.php
@@ -79,6 +79,8 @@ class Database
                 return 'No chosen answer specified. This is an internal error.';
             case 13104:
                 return 'No game for specified user name. This is an internal error.';
+            case 13105:
+                return 'The correct token was not provided. This is an internal error.';
             default:
                 return 'An unknown error occurred.';
         }
diff --git a/Question.php b/Question.php
index 62693e1..8ad3a45 100644
--- a/Question.php
+++ b/Question.php
@@ -15,6 +15,7 @@ class Question
     private $answers;
     private $category_id;
     private $category;
+    private $token;
 
     function __construct($db, $uid, $qid) {
         $question_details = $db->query('SELECT "question", "answer0", "answer1", "answer2", "answer3", "Categories_ID"
@@ -34,6 +35,8 @@ class Question
         $this->category = $c;
         $db->query('UPDATE "Games" SET "current_right_answer" = $1, "current_category" = $2 WHERE "ID" = $3',
             array($ca_position, $cid, $uid));
+        $this->token = md5(uniqid(rand(), true));
+        $db->query('UPDATE "Games" SET "current_token" = $1 WHERE "ID" = $2', array($this->token, $uid));
     }
 
     public static function get_next_question($db, $uid) {
@@ -51,7 +54,8 @@ class Question
             'categoryID' => $this->category_id,
             'categoryName' => $this->category,
             'question' => $this->question,
-            'answers' => $this->answers
+            'answers' => $this->answers,
+            'token' => $this->token
         );
         return $question_object;
     }
diff --git a/answer.php b/answer.php
index 4f22f25..a3dec62 100644
--- a/answer.php
+++ b/answer.php
@@ -12,9 +12,10 @@ $error = 0;
 $uid = isset($_GET['uid']) ? $_GET['uid'] : '';
 $time = isset($_GET['time']) ? $_GET['time'] : '';
 $time = (($time === '0') || ($time && gettype(+$time) == 'integer')) ? +$_GET['time'] : 0;
-$db = new Database();
 $chosen_answer = isset($_GET['answer']) ? $_GET['answer'] : '';
 $chosen_answer = (($chosen_answer === '0') || ($chosen_answer && gettype(+$chosen_answer) == 'integer')) ? +$_GET['answer'] : -1;
+$token = isset($_GET['token']) ? $_GET['token'] : '';
+$db = new Database();
 
 function calculate_points($time) {
     $points = 0;
@@ -33,6 +34,8 @@ function calculate_points($time) {
 
 $correct_answer = $db->query('SELECT "current_right_answer" FROM "Games" WHERE "ID" = $1', array($uid))
     ['data'][0]['current_right_answer'];
+$correct_token = $db->query('SELECT "current_token" FROM "Games" WHERE "ID" = $1', array($uid))
+    ['data'][0]['current_token'];
 $correct = $correct_answer == $chosen_answer ? true : false;
 $score = $correct_answer == $chosen_answer ? calculate_points($time) : 0;
 if($uid == '') {
@@ -44,6 +47,8 @@ if($uid == '') {
 } else if($db->query('SELECT EXISTS (SELECT 1 FROM "Games" WHERE "ID" = $1)', array($uid))
     ['data'][0]['exists'] == 'f') {
     $error = 13104;
+} else if($token != $correct_token) {
+    $error = 13105;
 } else {
     //set time and points
     $old_q_count = $db->query('SELECT "answered_questions" FROM "Games" WHERE "ID" = $1',