initial work on resit app

resit-app/hangman/README.txt

+Live Demo
+---------
+A live deployment of this app can be viewed at:
+http://doc.gold.ac.uk/~sharr003/dnw/lab-exercises/resit-app/hangman/
+
+Configuration
+-------------
+- Clone this repo (or pull latest changes if you already did that at the start of term 1)
+- Create a blank MySQL database (CLUE: see lab 2 in the wiki)
+- Look at the application code to figure out what tables need to be created, and what fields they should have
+- Create the tables and insert some dummy data!
+- Hook the database up to the application code (CLUE: edit includes/db_connect.php)
+
+Other notes
+-----------
+You can only play the game as player 1 because, as yet, no login system has been implemented.
+It is supposed here that a login script would pass player_id to other views as a GET parameter.
+You don't *have* to do it like that...in fact, you're free to edit any of this application code as you see fit!

resit-app/hangman/includes/db_connect.php

+<?php
+
+// define a connection 'handle'
+$link = mysqli_connect(
+    'localhost',
+    'sorrel',
+    'password123',
+	'hangman'
+);
+
+// check connection succeeded
+if (mysqli_connect_errno()) {
+    exit(mysqli_connect_error());
+}
+
+?>

resit-app/hangman/includes/functions.php

+<?php
+
+/* 	Helper functions. 
+	Include once from index.php */
+
+/* define a function to sanitise user input 
+(this would ideally be in includes folder)
+helps protect against XSS */
+function clean_input($data) {
+  $data = trim($data); // strips unnecessary characters from beginning/end
+  $data = stripslashes($data); // remove backslashes
+  $data = htmlspecialchars($data); // replace special characters with HTML entities
+  return $data;
+}
+
+?>

resit-app/hangman/index.php

+<?php
+ini_set('display_errors', 1);
+ini_set('display_startup_errors', 1);
+error_reporting(E_ALL);
+
+// include the HTML for the page header
+include "templates/header.html";
+
+// include the HTML for the navigation bar
+include "templates/nav.html";
+
+// open a new MySQL database connection
+require "includes/db_connect.php";
+
+// require the helper functions script
+require "includes/functions.php";
+
+// check if 'page' parameter is set in query string
+if (isset($_GET['page'])) {
+	$page = $_GET['page']; // if so, set page variable to value of 'page' parameter
+} else {
+	$page = 'home'; // if not, set page variable to home
+}
+
+// define a variable to store content HTML
+$content = "";
+
+// determine which view to serve based on value of $page
+switch ($page) {
+case 'home' :
+	include 'views/home.php';
+	break;
+case 'leaderboard' :
+	include 'views/leaderboard.php';
+	break;
+case 'play' :
+	include 'views/play.php';
+	break;
+case 'add-game' :
+	include 'views/add-game.php';
+	break;
+default :
+	include 'views/404.php';
+}
+
+// close the connection to the database */
+mysqli_close($link);
+
+// output the HTML
+echo $content;
+
+//
+include "templates/footer.html";
+
+?>

resit-app/hangman/templates/footer.html

+</body>
+</html>

resit-app/hangman/templates/hangman.html

+<!-- Source: https://jsfiddle.net/phollott/x29ym2ag/ -->
+<form id="hangman" method="POST" action="index.php?page=add-game">
+	<input type="hidden" id="won" name="won" value="0" />
+	<input type="hidden" id="player_id" name="player_id" value="2" />
+	<input type="hidden" id="guessed_word" name="guessed_word" value="" />
+    <input type="text" maxlength="1" minlength="1" name="letter" id="letter" placeholder="Guess a letter" />
+	<input id="hint" name="hint" type="button" value="Hint" />
+    <input id="guess" name="guess" type="submit" value="Guess" />
+</form>
+<ul id="letters"></ul>
+<p id="man"></p>
+<p id="hintText" class="hint"></p>
+<p id="output" class="output"></p>

resit-app/hangman/templates/header.html

+<!DOCTYPE html>
+<html>
+<head>
+<meta charset='utf-8'/>
+<title>Hang Man Game</title>
+<link href="css/hangman.css" type="text/css" rel="stylesheet">
+<script src="js/hangman.js" type="text/javascript"></script>
+</head>
+<body>

resit-app/hangman/templates/nav.html

+<nav>
+	<ul>
+		<li><a href='index.php?page=home'>Home</a></li>
+		<li><a href='index.php?page=play'>Play Hangman</a></li>
+		<li><a href='index.php?page=leaderboard'>Leaderboard</a></li>
+	</ul>
+</nav>

resit-app/hangman/views/add-game.php

+<?php
+
+// add a new game to database
+
+// define variables and set to empty values
+$player_id = $won = $guessed_word = "";
+
+// check if there was a POST request
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+	// validate the form data
+	$player_id = mysqli_real_escape_string($link, clean_input($_POST["player_id"]));
+	$won =  mysqli_real_escape_string($link, clean_input($_POST["won"]));
+	$guessed_word =  mysqli_real_escape_string($link, clean_input($_POST["guessed_word"]));
+
+	// define a string to tell us if they won/lost
+	if ($won == 1) {
+		$outcome = "win";
+	} else {
+		$outcome = "loss";
+	}
+
+	// define the insertion query
+	$sql = sprintf("INSERT INTO Game (player_id, won, guessed_word)
+		VALUES (%d, %d, '%s')", $player_id, $won, $guessed_word);
+
+	// run the query to insert the data
+	$result = mysqli_query($link, $sql);
+
+	// check if the query went ok
+	if ($result === false) {
+		mysqli_rollback($link); // if query returns false, rollback transaction
+		// output error message
+		echo mysqli_error($link);
+				
+	} else {
+		mysqli_commit($link); // else, commit transaction
+		$content .= "Your $outcome has been recorded!";
+	}
+
+    }
+
+    // ------- END form processing code... -------
+
+?>

resit-app/hangman/views/home.php

+<?php
+
+// check if player id is set in query string
+if (!isset($_GET['player_id'])) {
+	
+	// it is not set, so make them player 1 by default
+	$player_id = 1;
+}
+else {
+
+	// set player_id based on GET parameter (imagining it was passed by some login script)
+	$player_id = $_GET['player_id'];
+}
+
+// define the SQL queries to run...
+
+// this query will fetch the details about the player
+$sql = "SELECT username, forename, surname FROM Player WHERE id=$player_id";
+
+// query the database
+$result = mysqli_query($link, $sql);
+
+// get number of rows in result-set
+$row_cnt = mysqli_num_rows($result);
+
+// check if there are rows to display...
+if ($row_cnt == 0) {
+	// if not, output a suitable message
+	$content .= "<p>Sorry, I don't know who you are...</p>";
+} else {
+	// otherwise set a variable with their name
+	while ($row = mysqli_fetch_assoc($result)) {
+		$forename = $row['forename'];
+	}
+
+	// free result set
+	mysqli_free_result($result);
+
+	// update content
+	$content .= "<h1>Welcome to Hang Man $forename!</h1>";
+	$content .= "<p>An exciting word game for 1 player.</p>";
+}
+
+?>

resit-app/hangman/views/leaderboard.php

+<?php
+
+// define query to fetch game stats using nested queries
+// and aggregate function with GROUP BY clause
+// order by ranking (success rate)
+$sql = "SELECT Player.username AS player,
+(SELECT COUNT(*) FROM Game WHERE Game.player_id=Player.id) AS num_plays,
+(SELECT COUNT(*) FROM Game WHERE Game.player_id=Player.id AND Game.won=1) AS num_wins
+FROM Player
+INNER JOIN Game ON Game.player_id=Player.id
+GROUP BY username
+ORDER BY num_wins/num_plays DESC";
+
+// query the database
+$result = mysqli_query($link, $sql);
+
+// update HTML content string with page title
+$content .= "<h1>Leaderboard</h1>";
+
+// get number of rows in result-set
+$row_cnt = mysqli_num_rows($result);
+
+// check if there are rows to display...
+if ($row_cnt == 0) {
+	// if not, output a suitable message
+	$content .= "<p>There are no games in the database!</p>";
+} else {
+	// otherwise, update the HTML in $content
+
+	$content .= "<table cellpadding='4' border='1'>
+					<thead align='left'>
+						<tr>
+							<th>Rank</th>
+							<th>Player</th>
+							<th>Number of plays</th>
+							<th>Number of wins</th>
+							<th>Success rate (%)</th>
+						</tr>
+					</thead>
+					<tbody>";
+    // while there are rows, fetch each row as an associative array
+	$i = 1;
+    while ($row = mysqli_fetch_assoc($result)) {
+		// calculate the success rate as percent
+		$success = round($row['num_wins']/$row['num_plays']*100,0);
+		// append the content with more HTML containing row data
+		$content .= "<tr>
+						<td>".$i."</td>
+						<td>".$row['player']."</td> 
+						<td>".$row['num_wins']."</td> 
+						<td>".$row['num_plays']."</td>
+						<td>".$success."</td>
+					</tr>"; // reference a field value in the array by its key!
+    }
+    // free result set
+    mysqli_free_result($result);
+
+	$content .= "</tbody></table>";
+}
+
+?>

resit-app/hangman/views/play.php

+<?php
+
+// check if player id is set in query string
+if (!isset($_GET['player_id'])) {
+	
+	// it is not set, so make them player 1 by default
+	$player_id = 1;
+}
+else {
+
+	// set a variable to store player_id
+	$player_id = $_GET['player_id'];
+}
+
+// define the SQL queries to run...
+
+// this query will return a random row from the Word table
+$sql = "SELECT letters, hint FROM Word ORDER BY RAND() LIMIT 1";
+
+// query the database
+$result = mysqli_query($link, $sql);
+
+// get number of rows in result-set
+$row_cnt = mysqli_num_rows($result);
+// check if there are rows to display...
+if ($row_cnt == 0) {
+	// if not, output a suitable message
+	$content .= "<p>Sorry, something went wrong...there is no word to guess!</p>";
+} else {
+	// otherwise, play the game
+
+	// include the html for the game
+	include("templates/hangman.html");
+	
+	// fetch each row from result set as an associative array (there should only be one)
+	while ($row = mysqli_fetch_assoc($result)) {
+		$word = $row['letters'];
+		$hint = $row['hint'];
+	}
+
+	// free result set
+	mysqli_free_result($result);
+
+	// call the playGame function
+	$content .= "<script type='text/javascript'>playHangman('$word','$hint', '$player_id');</script>";
+}
+
+?>