summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArun Persaud <arun@nubati.net>2008-01-06 19:27:54 +0100
committerArun Persaud <arun@nubati.net>2008-01-06 19:34:21 +0100
commit1c41d17d61ec513fe71e52e5a631e60b1a890e0e (patch)
tree37949c4f0cb434436c541a60fbe7609680779b54
parent9122cf59b57c7405a14b5a61238667b98dd58150 (diff)
downloade-DoKo-1c41d17d61ec513fe71e52e5a631e60b1a890e0e.tar.gz
e-DoKo-1c41d17d61ec513fe71e52e5a631e60b1a890e0e.tar.bz2
e-DoKo-1c41d17d61ec513fe71e52e5a631e60b1a890e0e.zip
BUGFIX: people can't start new games unless they are part of it
up to now anyone could start a new game, now you need to be logged in and also be a player in the game Signed-off-by: Arun Persaud <arun@nubati.net>
-rw-r--r--index.php255
-rw-r--r--output.php1
2 files changed, 138 insertions, 118 deletions
diff --git a/index.php b/index.php
index 8af8c14..bacb356 100644
--- a/index.php
+++ b/index.php
@@ -49,148 +49,167 @@ else if(myisset("new"))
}
}
/*check if everything is ready to set up a new game */
- else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen","call" ))
+else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen","call" ))
{
- $PlayerA = $_REQUEST["PlayerA"];
- $PlayerB = $_REQUEST["PlayerB"];
- $PlayerC = $_REQUEST["PlayerC"];
- $PlayerD = $_REQUEST["PlayerD"];
-
- $dullen = $_REQUEST["dullen"];
- $schweinchen = $_REQUEST["schweinchen"];
- $call = $_REQUEST["call"];
-
- $EmailA = DB_get_email_by_name($PlayerA);
- $EmailB = DB_get_email_by_name($PlayerB);
- $EmailC = DB_get_email_by_name($PlayerC);
- $EmailD = DB_get_email_by_name($PlayerD);
-
- if($EmailA=="" || $EmailB=="" || $EmailC=="" || $EmailD=="")
+ output_status();
+ if( !isset($_SESSION["name"]) )
{
- echo "couldn't find one of the names, please start a new game";
- output_footer();
- DB_close();
- exit();
+ echo "<div class=\"message\">Please <a href=\"$INDEX\">log in</a>.</div>";
}
-
- $useridA = DB_get_userid_by_name($PlayerA);
- $useridB = DB_get_userid_by_name($PlayerB);
- $useridC = DB_get_userid_by_name($PlayerC);
- $useridD = DB_get_userid_by_name($PlayerD);
-
- /* create random numbers */
- $randomNR = create_array_of_random_numbers($useridA,$useridB,$useridC,$useridD);
- $randomNRstring = join(":",$randomNR);
-
- /* create game */
- $followup = NULL;
- if(myisset("followup") )
+ else
{
- $followup= $_REQUEST["followup"];
- $session = DB_get_session_by_gameid($followup);
- $ruleset = DB_get_ruleset_by_gameid($followup); /* just copy ruleset from old game,
- this way no manipulation is possible */
+ /* get my name */
+ $name = $_SESSION["name"];
+
+ $PlayerA = $_REQUEST["PlayerA"];
+ $PlayerB = $_REQUEST["PlayerB"];
+ $PlayerC = $_REQUEST["PlayerC"];
+ $PlayerD = $_REQUEST["PlayerD"];
- /* check if there is a game in pre or play mode, in that case do nothing */
- if( DB_is_session_active($session) > 0 )
+ /* check if user is in the game */
+ if(!in_array($name,array($PlayerA,$PlayerB,$PlayerC,$PlayerD)))
{
- echo "<p class=\"message\"> There is already a game going on in session $session, you can't start a new one</p>";
+ echo "<div class=\"message\">You need to be one of the players to start a <a href=\"$INDEX?new\">new game</a>.</div>";
output_footer();
DB_close();
exit();
}
- else if ( DB_is_session_active($session) < 0 )
+
+ $dullen = $_REQUEST["dullen"];
+ $schweinchen = $_REQUEST["schweinchen"];
+ $call = $_REQUEST["call"];
+
+ $EmailA = DB_get_email_by_name($PlayerA);
+ $EmailB = DB_get_email_by_name($PlayerB);
+ $EmailC = DB_get_email_by_name($PlayerC);
+ $EmailD = DB_get_email_by_name($PlayerD);
+
+ if($EmailA=="" || $EmailB=="" || $EmailC=="" || $EmailD=="")
{
- echo "<p class=\"message\"> ERROR: status of session $session couldn't be determined.</p>";
+ echo "couldn't find one of the names, please start a new game";
output_footer();
DB_close();
exit();
}
- if($session)
- mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
- "'$ruleset','$session' ,NULL)");
+ $useridA = DB_get_userid_by_name($PlayerA);
+ $useridB = DB_get_userid_by_name($PlayerB);
+ $useridC = DB_get_userid_by_name($PlayerC);
+ $useridD = DB_get_userid_by_name($PlayerD);
+
+ /* create random numbers */
+ $randomNR = create_array_of_random_numbers($useridA,$useridB,$useridC,$useridD);
+ $randomNRstring = join(":",$randomNR);
+
+ /* create game */
+ $followup = NULL;
+ if(myisset("followup") )
+ {
+ $followup= $_REQUEST["followup"];
+ $session = DB_get_session_by_gameid($followup);
+ $ruleset = DB_get_ruleset_by_gameid($followup); /* just copy ruleset from old game,
+ this way no manipulation is possible */
+
+ /* check if there is a game in pre or play mode, in that case do nothing */
+ if( DB_is_session_active($session) > 0 )
+ {
+ echo "<p class=\"message\"> There is already a game going on in session $session, you can't start a new one</p>";
+ output_footer();
+ DB_close();
+ exit();
+ }
+ else if ( DB_is_session_active($session) < 0 )
+ {
+ echo "<p class=\"message\"> ERROR: status of session $session couldn't be determined.</p>";
+ output_footer();
+ DB_close();
+ exit();
+ }
+
+ if($session)
+ mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+ "'$ruleset','$session' ,NULL)");
+ else
+ {
+ /* get max session */
+ $max = DB_get_max_session();
+ $max++;
+ mysql_query("UPDATE Game SET session='".$max."' WHERE id=".DB_quote_smart($followup));
+ mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+ "'$ruleset','$max' ,NULL)");
+ }
+ }
else
{
+ /* get ruleset information or create new one */
+ $ruleset = DB_get_ruleset($dullen,$schweinchen,$call);
+ if($ruleset <0)
+ {
+ myerror("Error defining ruleset: $ruleset");
+ output_footer();
+ DB_close();
+ exit();
+ };
/* get max session */
$max = DB_get_max_session();
$max++;
- mysql_query("UPDATE Game SET session='".$max."' WHERE id=".DB_quote_smart($followup));
- mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+
+ mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre', ".
"'$ruleset','$max' ,NULL)");
}
+ $game_id = mysql_insert_id();
+
+ /* create hash */
+ $TIME = (string) time(); /* to avoid collisions */
+ $hashA = md5("AGameOfDoko".$game_id.$PlayerA.$EmailA.$TIME);
+ $hashB = md5("AGameOfDoko".$game_id.$PlayerB.$EmailB.$TIME);
+ $hashC = md5("AGameOfDoko".$game_id.$PlayerC.$EmailC.$TIME);
+ $hashD = md5("AGameOfDoko".$game_id.$PlayerD.$EmailD.$TIME);
+
+ /* create hands */
+ mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridA).
+ ", ".DB_quote_smart($hashA).", 'start','1',NULL,NULL,NULL,NULL)");
+ $hand_idA = mysql_insert_id();
+ mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridB).
+ ", ".DB_quote_smart($hashB).", 'start','2',NULL,NULL,NULL,NULL)");
+ $hand_idB = mysql_insert_id();
+ mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridC).
+ ", ".DB_quote_smart($hashC).", 'start','3',NULL,NULL,NULL,NULL)");
+ $hand_idC = mysql_insert_id();
+ mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridD).
+ ", ".DB_quote_smart($hashD).", 'start','4',NULL,NULL,NULL,NULL)");
+ $hand_idD = mysql_insert_id();
+
+ /* save cards */
+ for($i=0;$i<12;$i++)
+ mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idA', '".$randomNR[$i]."', 'false')");
+ for($i=12;$i<24;$i++)
+ mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idB', '".$randomNR[$i]."', 'false')");
+ for($i=24;$i<36;$i++)
+ mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idC', '".$randomNR[$i]."', 'false')");
+ for($i=36;$i<48;$i++)
+ mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idD', '".$randomNR[$i]."', 'false')");
+
+ /* send out email, TODO: check for error with email */
+ $message = "\n".
+ "you are invited to play a game of DoKo (that is to debug the program ;).\n".
+ "Place comments and bug reports here:\n".
+ "http://wiki.nubati.net/index.php?title=EmailDoko\n\n".
+ "The whole round would consist of the following players:\n".
+ "$PlayerA\n".
+ "$PlayerB\n".
+ "$PlayerC\n".
+ "$PlayerD\n\n".
+ "If you want to join this game, please follow this link:\n\n".
+ "".$HOST.$INDEX."?me=";
+
+ mymail($EmailA,"You are invited to a game of DoKo","Hello $PlayerA,\n".$message.$hashA);
+ mymail($EmailB,"You are invited to a game of DoKo","Hello $PlayerB,\n".$message.$hashB);
+ mymail($EmailC,"You are invited to a game of DoKo","Hello $PlayerC,\n".$message.$hashC);
+ mymail($EmailD,"You are invited to a game of DoKo","Hello $PlayerD,\n".$message.$hashD);
+
+ echo "<div class=\"message\">You started a new game. The emails have been sent out!</div>\n";
}
- else
- {
- /* get ruleset information or create new one */
- $ruleset = DB_get_ruleset($dullen,$schweinchen,$call);
- if($ruleset <0)
- {
- myerror("Error defining ruleset: $ruleset");
- output_footer();
- DB_close();
- exit();
- };
- /* get max session */
- $max = DB_get_max_session();
- $max++;
-
- mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre', ".
- "'$ruleset','$max' ,NULL)");
- }
- $game_id = mysql_insert_id();
-
- /* create hash */
- $TIME = (string) time(); /* to avoid collisions */
- $hashA = md5("AGameOfDoko".$game_id.$PlayerA.$EmailA.$TIME);
- $hashB = md5("AGameOfDoko".$game_id.$PlayerB.$EmailB.$TIME);
- $hashC = md5("AGameOfDoko".$game_id.$PlayerC.$EmailC.$TIME);
- $hashD = md5("AGameOfDoko".$game_id.$PlayerD.$EmailD.$TIME);
-
- /* create hands */
- mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridA).
- ", ".DB_quote_smart($hashA).", 'start','1',NULL,NULL,NULL,NULL)");
- $hand_idA = mysql_insert_id();
- mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridB).
- ", ".DB_quote_smart($hashB).", 'start','2',NULL,NULL,NULL,NULL)");
- $hand_idB = mysql_insert_id();
- mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridC).
- ", ".DB_quote_smart($hashC).", 'start','3',NULL,NULL,NULL,NULL)");
- $hand_idC = mysql_insert_id();
- mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridD).
- ", ".DB_quote_smart($hashD).", 'start','4',NULL,NULL,NULL,NULL)");
- $hand_idD = mysql_insert_id();
-
- /* save cards */
- for($i=0;$i<12;$i++)
- mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idA', '".$randomNR[$i]."', 'false')");
- for($i=12;$i<24;$i++)
- mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idB', '".$randomNR[$i]."', 'false')");
- for($i=24;$i<36;$i++)
- mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idC', '".$randomNR[$i]."', 'false')");
- for($i=36;$i<48;$i++)
- mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idD', '".$randomNR[$i]."', 'false')");
-
- /* send out email, TODO: check for error with email */
- $message = "\n".
- "you are invited to play a game of DoKo (that is to debug the program ;).\n".
- "Place comments and bug reports here:\n".
- "http://wiki.nubati.net/index.php?title=EmailDoko\n\n".
- "The whole round would consist of the following players:\n".
- "$PlayerA\n".
- "$PlayerB\n".
- "$PlayerC\n".
- "$PlayerD\n\n".
- "If you want to join this game, please follow this link:\n\n".
- "".$HOST.$INDEX."?me=";
-
- mymail($EmailA,"You are invited to a game of DoKo","Hello $PlayerA,\n".$message.$hashA);
- mymail($EmailB,"You are invited to a game of DoKo","Hello $PlayerB,\n".$message.$hashB);
- mymail($EmailC,"You are invited to a game of DoKo","Hello $PlayerC,\n".$message.$hashC);
- mymail($EmailD,"You are invited to a game of DoKo","Hello $PlayerD,\n".$message.$hashD);
-
- output_status();
- echo "<div class=\"message\">You started a new game. The emails have been sent out!</div>\n";
} /* end set up a new game */
/* cancel a game, if nothing has happend in the last N minutes */
else if(myisset("cancel","me"))
diff --git a/output.php b/output.php
index 1adc1a7..cf84e8b 100644
--- a/output.php
+++ b/output.php
@@ -50,6 +50,7 @@ function output_form_for_new_game($names)
?>
<h2> Players </h2>
<p>Please select four players (or use the randomly pre-selected names)</p>
+ <p>Remember: you need to be one of the players ;) </p>
<form action="index.php" method="post">
<div class="table">