1 files changed, 26 insertions, 13 deletions

diff --git a/backend/join.php b/backend/join.php
index 2290f26..4a8c455 100644
--- a/backend/join.php
+++ b/backend/join.php
@@ -8,7 +8,7 @@ try {
 };
 
 $wrkarr = [];
-$ifarr = [ "name", "password" ];
+$ifarr = [ "name", "password", "team" ];
 $postjson = json_decode(file_get_contents('php://input'), true);
 foreach ($ifarr as $i):
 	if (isset($postjson[$i])):
@@ -23,21 +23,34 @@ if (!isset($wrkarr["name"]) || trim($wrkarr["name"]) == ""):
 	die('{ "status": "login (name) was not provided.\ncould not attempt to join." }');
 elseif (!isset($wrkarr["password"]) || trim($wrkarr["password"]) == ""):
 	die('{ "status": "password was not provided.\ncould not attempt to join." }');
+elseif (!isset($wrkarr["team"]) || trim($wrkarr["team"]) == ""):
+	die('{ "status": "team was not provided.\ncould not attempt to join." }');
 else:
 
-	$query = $pdo->prepare("SELECT name, password FROM users WHERE name LIKE ?");
-	$query -> execute([$wrkarr["name"]]);
+	$query = $pdo->prepare("SELECT team, clicks FROM stats WHERE team LIKE ? ORDER BY clicks DESC");
+	$query->execute([$wrkarr["team"]]);
 	$found = $query->fetch(PDO::FETCH_ASSOC);
-	if ($found) {
-		die('{ "status": "name already exists in the database." }');
-	}
-
-	$query = $pdo->prepare("INSERT INTO users (name, password) VALUES (:name, :password)");
-	$query->execute([
-		"name" => filter_var($wrkarr["name"]),
-		"password" => password_hash($wrkarr["password"], PASSWORD_DEFAULT),
-	]);
-	die('{ "status": "success" }');
+	if ($found):
+
+		$query = $pdo->prepare("SELECT name, password FROM users WHERE name LIKE ?");
+		$query -> execute([$wrkarr["name"]]);
+		$found = $query->fetch(PDO::FETCH_ASSOC);
+		if ($found) {
+			die('{ "status": "name already exists in the database." }');
+		}
+
+		$query = $pdo->prepare("INSERT INTO users (name, password, token, team) VALUES (:name, :password, :token, :team)");
+		$query->execute([
+			"name" => filter_var($wrkarr["name"]),
+			"password" => password_hash($wrkarr["password"], PASSWORD_DEFAULT),
+			"token" => bin2hex(random_bytes(64)),
+			"team" => filter_var($wrkarr["team"]),
+		]);
+		die('{ "status": "success" }');
+	
+	else:
+		die('{ "status": "team does not exist." }');
+	endif;
 
 endif;