<?php

function cleanQuery($string)
{
  if(get_magic_quotes_gpc())  // prevents duplicate backslashes
  {
    $string = stripslashes($string);
  }
  if (phpversion() >= '4.3.0')
  {
    $string = mysql_real_escape_string($string);
  }
  else
  {
    $string = mysql_escape_string($string);
  }
  return $string;
}

$pk = trim($_POST["pk"]);
$userid = $_POST["userid"];
$country = $_POST["country"];
$email = $_POST["email"];
$username = $_POST["username"];
$url = $_POST["url"];
$age = $_POST["age"];
$avatar = $_POST["avatar"];
$demo = $_POST["demo"];
$test = $_POST["test"];
$invite = $_POST["inviteonly"];
$full = $_POST["full"];
$datepurchased = date("Y-m-d");

foreach($_POST as $key => $value) {
    if (strpos($key, 'branchcdkey') === 0) {
        $cdkey = $value;
    }
}

if(strcmp($pk, 'oniken26052012') == 0)
{
	//Conecta
	mysql_connect("localhost", "oniken", "onikendiogoS2cocao") or die(mysql_error());
	mysql_select_db("oniken") or die(mysql_error());
	
	//Verifica se ja tem o key no banco
	$result = mysql_query("SELECT Id,GameScore FROM Players WHERE CdKey = '" . cleanQuery($cdkey) . "'");
	if(mysql_num_rows($result) == 0)
	{
		//Insere o novo usuario no banco de dados
		mysql_query("INSERT INTO Players (CdKey, DatePurchased, Country, Email, DesuraId, DesuraUsername, DesuraUrl, Age, Avatar, isDemoVersion, isTestVersion, isInviteVersion, isFullVersion) VALUES ('" . cleanQuery($cdkey) . "','" . cleanQuery($datepurchased) . "','" . cleanQuery($country) . "','" . cleanQuery($email) . "'," . cleanQuery($userid) . ",'" . cleanQuery($username) . "','" . cleanQuery($url) . "','" . cleanQuery($age) . "','" . cleanQuery($avatar) . "'," . cleanQuery($demo) . "," . cleanQuery($test) . "," . cleanQuery($invite) . "," . cleanQuery($full) . ")") 
					or die(mysql_error());  
	}
	
	require_once "Mail.php";

	$from = "gameoniken@gmail.com";
	$to = $email;
	$subject = "Oniken Serial Number";
	$body = "Thank you for buying Oniken!
	Please, use this serial number in order to submit your score:
	" . $cdkey;

	$host = "ssl://smtp.gmail.com";
	$port = "465";
	$username = "gameoniken@gmail.com";
	$password = "zakuakumajou";

	$headers = array ('From' => $from,
	  'To' => $to,
	  'Subject' => $subject);
	$smtp = Mail::factory('smtp',
	  array ('host' => $host,
		'port' => $port,
		'auth' => true,
		'username' => $username,
		'password' => $password));

	$mail = $smtp->send($to, $headers, $body);

	
	
	echo 'ok';
}
else
{
	echo 'bad request';
}

?>