From d5a1c77d4f7038dea5996e4ba25adc013ae0463e Mon Sep 17 00:00:00 2001
From: antux18 <antux18@gmail.com>
Date: Thu, 27 Jul 2023 12:47:06 +0200
Subject: [PATCH] Ajout de l'affichage de l'indice si mauvais qr.

---
 answer.php           | 69 +++++++++++++++++++++++++++-----------------
 require/js/answer.js | 13 +++++----
 2 files changed, 50 insertions(+), 32 deletions(-)

diff --git a/answer.php b/answer.php
index 11b931f..bd8b948 100644
--- a/answer.php
+++ b/answer.php
@@ -8,50 +8,67 @@
     $database = new Database();
 
     if (isset($_GET["code"]) && isset($_GET["team"]) && isset($_GET["id"])) {
-        $art_id = htmlspecialchars($_GET["id"]);
         $team_id = htmlspecialchars($_GET["team"]);
 
-        // Recherche de l'énigme avec son code :
-        $stmt = $database->pdo_article->prepare("SELECT * FROM puzzles WHERE (id == :id AND code == :code)");
-        $stmt->bindValue(":id", $art_id);
-        $stmt->bindValue(":code", htmlspecialchars($_GET["code"]));
-        $stmt->execute();
-        $article = $stmt->fetch();
-
         // Recherche du groupe :
         $stmt = $database->pdo_teams->prepare("SELECT * FROM teams WHERE id == :id");
         $stmt->bindValue(":id", $team_id);
         $stmt->execute();
 
-        // Vérification de l'existence du groupe, et de la combinaison ID énigme + code :
-        if (empty($article) || empty($stmt->fetchAll())) {
-            echo 0;
-        }
+        // Vérification de l'existence du groupe :
+        if (!empty($stmt->fetchAll())) {
+            $art_id = htmlspecialchars($_GET["id"]);
 
-        else {
-            // On enregistre la réussite dans la table :
-            // Vérification que ce n'est pas déjà enregistré :
-            $stmt = $database->pdo_teams->prepare("SELECT * FROM solved WHERE (puzzle_id == :puzzle_id AND team_id == :team_id)");
-            $stmt->bindValue(":puzzle_id", $art_id);
-            $stmt->bindValue(":team_id", $team_id);
+            // Recherche de l'énigme avec son code :
+            $stmt = $database->pdo_article->prepare("SELECT * FROM puzzles WHERE (id == :id AND code == :code)");
+            $stmt->bindValue(":id", $art_id);
+            $stmt->bindValue(":code", htmlspecialchars($_GET["code"]));
             $stmt->execute();
+            $article = $stmt->fetch();
 
-            // Si ce n'est pas le cas, on enregistre :
-            if (empty($stmt->fetch())) {
-                $stmt = $database->pdo_teams->prepare("INSERT INTO solved VALUES (:puzzle_id, :team_id)");
+            // Données renvoyées :
+            $data = [
+                "valid_qr" => false,
+                "hint" => ""
+            ];
+
+            // Vérification de la combinaison ID énigme + code :
+            if (empty($article)) {
+                // Si la combinaison ne fonctionne pas, affichage de l'indice :
+                $stmt = $database->pdo_article->prepare("SELECT * FROM puzzles WHERE id == :id");
+                $stmt->bindValue(":id", $art_id);
+                $stmt->execute();
+                $article = $stmt->fetch();
+                $data["hint"] = $article["hint"];
+            }
+
+            else {
+                // On enregistre la réussite dans la table :
+                // Vérification que ce n'est pas déjà enregistré :
+                $stmt = $database->pdo_teams->prepare("SELECT * FROM solved WHERE (puzzle_id == :puzzle_id AND team_id == :team_id)");
                 $stmt->bindValue(":puzzle_id", $art_id);
                 $stmt->bindValue(":team_id", $team_id);
                 $stmt->execute();
-            }
 
-            $data = [
-                "answer" => $article["answer"],
-                "location" => $article["location"]
-            ];
+                // Si ce n'est pas le cas, on enregistre :
+                if (empty($stmt->fetch())) {
+                    $stmt = $database->pdo_teams->prepare("INSERT INTO solved VALUES (:puzzle_id, :team_id)");
+                    $stmt->bindValue(":puzzle_id", $art_id);
+                    $stmt->bindValue(":team_id", $team_id);
+                    $stmt->execute();
+                }
+
+                $data["valid_qr"] = true;
+            }
 
             header("Content-Type: application/json; charset=utf-8");
             echo json_encode($data);
         }
+
+        else {
+            header("Location: index.php");
+            die();
+        }
     }
 
     else {
diff --git a/require/js/answer.js b/require/js/answer.js
index 94e0abf..3d66d6f 100644
--- a/require/js/answer.js
+++ b/require/js/answer.js
@@ -15,22 +15,23 @@ if (lg == null) {
 }
 
 if (lg == "en") {
-    var qr_error = "Sorry, wrong QR code, please try another one !";
+    var qr_error = "Sorry, wrong QR code, please try another one !\n\nHint : ";
 }
 
 if (lg == "fr") {
-    var qr_error = "Désolé, ce n'est pas le bon QR code, veuillez en essayer un autre !";
+    var qr_error = "Désolé, ce n'est pas le bon QR code, veuillez en essayer un autre !\n\nIndice : ";
 }
 
 export async function puzzleSolve(code, team_id, art_id) {
     try {
         const response = await fetch(url.origin + "/answer.php?lg=" + lg + "&team=" + team_id + "&code=" + code + "&id=" + art_id);
-        const data = await response.text();
-        if (data == 0) {
-            alert(qr_error);
+        const data = await response.json();
+        console.log(data["hint"]);
+        if (data["valid_qr"]) {
+            location.reload();
         }
         else {
-            location.reload();
+            alert(qr_error + data["hint"]);
         }
     }
     catch (error) {