diff options
| author | Arun Persaud <arun@nubati.net> | 2007-06-17 21:53:29 +0200 |
|---|---|---|
| committer | Arun Persaud <arun@nubati.net> | 2007-06-19 09:55:03 +0200 |
| commit | 4ab5b869e5e30735f150cf9563a8bd951a134ae8 (patch) | |
| tree | 5651ba04c5fb4943de58aa51aa9bd86d91837396 | |
| parent | 7128076b9409b55551f206d875218fc8f70bb273 (diff) | |
| download | e-DoKo-4ab5b869e5e30735f150cf9563a8bd951a134ae8.tar.gz e-DoKo-4ab5b869e5e30735f150cf9563a8bd951a134ae8.tar.bz2 e-DoKo-4ab5b869e5e30735f150cf9563a8bd951a134ae8.zip | |
BUGFIX: CC'ed on final game allowed to view different accounts
When people got CC'ed on the final email, they also got copies of everyones
email and the link to the game in that email. That way they could go to the
user page of a different user.
Removed CC option and will just send out two emails from now on. The first one to
all players (reply all possible) and the second one with the personal link.
| -rw-r--r-- | db.php | 8 | ||||
| -rw-r--r-- | index.php | 42 | ||||
| -rw-r--r-- | output.php | 9 |
3 files changed, 12 insertions, 47 deletions
@@ -753,14 +753,6 @@ function DB_get_PREF($myid) else $PREF["cardset"]="english"; - $result = mysql_query("SELECT value from User_Prefs". - " WHERE user_id='$myid' AND pref_key='ccemail'" ); - $r = mysql_fetch_array($result,MYSQL_NUM); - if($r) - $PREF["ccemail"]=$r[0]; - else - $PREF["ccemail"]="no"; - return; } @@ -1384,26 +1384,23 @@ else if(myisset("me")) while( $r = mysql_fetch_array($result,MYSQL_NUM)) $message .= " ".$r[0]." ".$r[1]."\n"; - /* check who wants to be CC'ed on the email */ - $h = array(); - $header = ""; + /* send out final email */ + $all = array(); + foreach($userids as $user) - { - $result = mysql_query("SELECT value from User_Prefs". - " WHERE user_id='$user' AND pref_key='ccemail'" ); - $r = mysql_fetch_array($result,MYSQL_NUM); - if($r && $r[0]=="yes") - $h[] = DB_get_email_by_userid($user); - } - if(sizeof($h)) - $header = "CC: ".join(",",$h)."\r\n"; - + $all[] = DB_get_email_by_userid($user); + $TO = implode(",",$all); + + $help = "\n\n (you can use reply all on this email to reach all the players.)\n"; + mymail($To,$EmailName."game over (game $gameid) part 1(2)",$message.$help); + foreach($userids as $user) { $To = DB_get_email_by_userid($user); $hash = DB_get_hash_from_gameid_and_userid($gameid,$user); - $mymessage = $message."Use this link to have a look at the game: ".$host."?me=".$hash."\n\n" ; - mymail($To,$EmailName."game over (game $gameid)",$mymessage,$header); + + $link = "Use this link to have a look at game $gameid: ".$host."?me=".$hash."\n\n" ; + mymail($To,$EmailName."game over (game $gameid) part 2(2)",$link); } } @@ -1644,21 +1641,6 @@ else if(myisset("me")) $result = mysql_query("INSERT INTO User_Prefs VALUES(NULL,'$uid','cardset',".DB_quote_smart($setpref).")"); echo "Ok, changed you preferences for the cards.\n"; break; - case "ccemail": - $result = mysql_query("SELECT * from User_Prefs". - " WHERE user_id='$uid' AND pref_key='ccemail'" ); - if( mysql_fetch_array($result,MYSQL_NUM)) - if($PREF["ccemail"]=="yes") - $result = mysql_query("UPDATE User_Prefs SET value=".DB_quote_smart("no"). - " WHERE user_id='$uid' AND pref_key='ccemail'" ); - else - $result = mysql_query("UPDATE User_Prefs SET value=".DB_quote_smart("yes"). - " WHERE user_id='$uid' AND pref_key='ccemail'" ); - else - $result = mysql_query("INSERT INTO User_Prefs VALUES(NULL,'$uid','ccemail',".DB_quote_smart("yes").")"); - echo "Ok, changed you preferences for being CC'ed on emails.\n"; - break; - } } else /* output default user page */ @@ -48,15 +48,6 @@ function output_user_settings($email,$password) echo " <input type=\"hidden\" name=\"setpref\" value=\"germancards\" />\n"; echo " <input type=\"submit\" class=\"submitbutton\" value=\"use german cards\" /> <br />\n"; echo "</form>\n"; - echo "<form action=\"index.php\" method=\"post\">\n"; - echo " <input type=\"hidden\" name=\"email\" value=\"".$email."\" />\n"; - echo " <input type=\"hidden\" name=\"password\" value=\"".$password."\" />\n"; - echo " <input type=\"hidden\" name=\"setpref\" value=\"ccemail\" />\n"; - if($PREF["ccemail"]=="no") - echo " <input type=\"submit\" class=\"submitbutton\" value=\"CC me on final email\" /> <br />\n"; - else - echo " <input type=\"submit\" class=\"submitbutton\" value=\"don't CC me on final email\" /> <br />\n"; - echo "</form>\n"; echo "</div>\n"; return; } |