diff options
author | Arun Persaud <arun@nubati.net> | 2007-07-18 22:26:29 -0700 |
---|---|---|
committer | Arun Persaud <arun@nubati.net> | 2007-07-18 22:26:29 -0700 |
commit | b5f096688faaebf7846b3e725e1bd2dd9251b203 (patch) | |
tree | c58a2079c2e6f941accb62c8046621ee59cdd0d9 | |
parent | 1332ef44c9587295fe054c73415d405247fb297d (diff) | |
download | e-DoKo-b5f096688faaebf7846b3e725e1bd2dd9251b203.tar.gz e-DoKo-b5f096688faaebf7846b3e725e1bd2dd9251b203.tar.bz2 e-DoKo-b5f096688faaebf7846b3e725e1bd2dd9251b203.zip |
NEW FEATURE: use php session
used php session, so that people can actually log in and out
and linking from one page to another can be done easily without
using form to send the password as a hidden parameter over the
net all the time
-rw-r--r-- | css/standard.css | 11 | ||||
-rw-r--r-- | db.php | 14 | ||||
-rw-r--r-- | functions.php | 3 | ||||
-rw-r--r-- | index.php | 39 | ||||
-rw-r--r-- | output.php | 49 |
5 files changed, 75 insertions, 41 deletions
diff --git a/css/standard.css b/css/standard.css index 3d6fa92..b2157a8 100644 --- a/css/standard.css +++ b/css/standard.css @@ -14,12 +14,19 @@ .footer .right{ float:right; } .footer .left{ float:left; } +.status { + position:absolute; + right:1em; + top:0.1em; + font-size: smaller; + } + .card { position:absolute; z-index:20; top:18em; left:28em; - text-aling:center; + text-align:center; background-color:white; border:2px solid gray; } @@ -296,7 +303,7 @@ ul.tricks li div div span.comment span{ margin-left:0em; padding:0.1em; padding-left:0em; - text-aling:left; + text-align:left; } .cardinput { @@ -61,6 +61,16 @@ function DB_get_email_by_name($name) else return ""; } +function DB_get_passwd_by_name($name) +{ + $result = mysql_query("SELECT password FROM User WHERE fullname=".DB_quote_smart($name).""); + $r = mysql_fetch_array($result,MYSQL_NUM); + + if($r) + return $r[0]; + else + return ""; +} function DB_get_email_by_userid($id) { @@ -760,8 +770,8 @@ function DB_get_PREF($myid) { if($r[0]=="germancards" && (time()-strtotime( "2009-12-31 23:59:59")<0) ) /* licence only valid until then */ $PREF["cardset"]="altenburg"; - else - $PREF["cardset"]="english"; + else + $PREF["cardset"]="english"; } else $PREF["cardset"]="english"; diff --git a/functions.php b/functions.php index 2d2277b..66cc57f 100644 --- a/functions.php +++ b/functions.php @@ -333,9 +333,6 @@ function create_array_of_random_numbers($useridA,$useridB,$useridC,$useridD) return $r; } - - - function display_cards($me,$myturn) { return; @@ -51,11 +51,21 @@ if(DB_open()<0) exit(); } +/* start a session, if it is not already running */ +session_start(); + /* done major error checking, output header of HTML page */ output_header(); /* check if we want to start a new game */ -if(myisset("new")) +if(myisset("logout")) + { + session_unset(); + session_destroy(); + $_SESSION = array(); + echo "you are now logged out!"; + } +else if(myisset("new")) { $names = DB_get_all_names(); output_form_for_new_game($names); @@ -204,7 +214,7 @@ else if(myisset("cancle","me")) /* get some information from the DB */ $gameid = DB_get_gameid_by_hash($me); $myname = DB_get_name_by_hash($me); - + /* check if game really is old enough */ $result = mysql_query("SELECT mod_date from Game WHERE id='$gameid' " ); $r = mysql_fetch_array($result,MYSQL_NUM); @@ -245,6 +255,9 @@ else if(myisset("me")) exit(); } + if(isset($_SESSION["name"])) + output_status($_SESSION["name"]); + /* the user had done something, update the timestamp */ DB_update_user_timestamp($myid); @@ -1702,13 +1715,21 @@ else if(myisset("me")) exit(); } /* user status page */ - else if(myisset("email","password")) +else if( myisset("email","password") || isset($_SESSION["name"]) ) { /* test id and password, should really be done in one step */ - $email = $_REQUEST["email"]; - $password = $_REQUEST["password"]; + if(!isset($_SESSION["name"])) + { + $email = $_REQUEST["email"]; + $password = $_REQUEST["password"]; + } + else + { + $name = $_SESSION["name"]; + $email = DB_get_email_by_name($name); + $password = DB_get_passwd_by_name($name); + }; - if(myisset("forgot")) { $ok = 1; @@ -1842,6 +1863,12 @@ else if(myisset("me")) $offset = DB_get_user_timezone($uid); $zone = return_timezone($offset); date_default_timezone_set($zone); + + $myname = DB_get_name_by_email($email); + $_SESSION["name"] = $myname; + + if(isset($_SESSION["name"])) + output_status($_SESSION["name"]); /* display links to settings */ output_user_settings($email,$password); @@ -14,14 +14,8 @@ function display_links($email,$password) function output_link_to_user_page($email,$password) { - echo "<div class=\"over\">\n"; - echo "<form action=\"index.php\" method=\"post\">\n"; - echo " <input type=\"hidden\" name=\"email\" value=\"".$email."\" />\n"; - echo " <input type=\"hidden\" name=\"password\" value=\"".$password."\" />\n"; - echo " <input type=\"submit\" class=\"submitbutton\" value=\"go to my user page\" />\n"; - echo "</form>\n"; - echo "</div>\n"; - + echo "<a href=\"index.php\"> go to my user page </a>"; + return; } @@ -31,25 +25,15 @@ function output_user_settings($email,$password) echo "<div class=\"useroptions\">\n"; echo "<h4> Settings </h4>\n"; - echo "<form action=\"index.php\" method=\"post\">\n"; - echo " <input type=\"hidden\" name=\"email\" value=\"".$email."\" />\n"; - echo " <input type=\"hidden\" name=\"password\" value=\"".$password."\" />\n"; - echo " <input type=\"hidden\" name=\"passwd\" value=\"ask\" />\n"; - echo " <input type=\"submit\" class=\"submitbutton\" name=\"pass\" value=\"change password\" /> <br />\n"; - echo "</form>\n"; - echo "<form action=\"index.php\" method=\"post\">\n"; - echo " <input type=\"hidden\" name=\"email\" value=\"".$email."\" />\n"; - echo " <input type=\"hidden\" name=\"password\" value=\"".$password."\" />\n"; - echo " <input type=\"hidden\" name=\"setpref\" value=\"englishcards\" />\n"; - echo " <input type=\"submit\" class=\"submitbutton\" value=\"use english cards\" /> <br />\n"; - echo "</form>\n"; - echo "<form action=\"index.php\" method=\"post\">\n"; - echo " <input type=\"hidden\" name=\"email\" value=\"".$email."\" />\n"; - echo " <input type=\"hidden\" name=\"password\" value=\"".$password."\" />\n"; - echo " <input type=\"hidden\" name=\"setpref\" value=\"germancards\" />\n"; - echo " <input type=\"submit\" class=\"submitbutton\" value=\"use german cards\" /> <br />\n"; - echo "</form>\n"; + echo "<a href=\"index.php?passwd=ask\">change password</a><br /"; + + if( $PREF["cardset"] == "english" ) + echo "<a href=\"index.php?setpref=germancards\">use german cards</a><br />"; + else + echo "<a href=\"index.php?setpref=englishcards\">use english cards</a> <br />"; + echo "</div>\n"; + return; } @@ -374,8 +358,6 @@ function output_header() return; } - - function output_footer() { global $REV,$PREF; @@ -400,6 +382,17 @@ function output_footer() return; } +function output_status($name) +{ + echo "<div class=\"status\">\n"; + echo $name; + echo " <a href=\"index.php?logout=1\">logout</a>\n"; + echo "</div>"; + + return; +} + + function output_password_recovery($email,$password) { ?> |