diff options
| -rw-r--r-- | css/standard.css | 6 | ||||
| -rw-r--r-- | db.php | 21 | ||||
| -rw-r--r-- | functions.php | 2 | ||||
| -rw-r--r-- | index.php | 41 |
4 files changed, 64 insertions, 6 deletions
diff --git a/css/standard.css b/css/standard.css index 4e6650a..0289303 100644 --- a/css/standard.css +++ b/css/standard.css @@ -198,6 +198,12 @@ ul.oldtrick li div div.card3 span span{ border-top:0; } +.time,.over { + float:right; + border:2px solid black; + clear:right; + } + .bug { float:left; width:10em; @@ -100,6 +100,16 @@ function DB_get_userid_by_email($email) else return 0; } +function DB_get_userid_by_email_and_password($email,$password) +{ + $result = mysql_query("SELECT id FROM User WHERE email=".DB_quote_smart($email)." AND password=".DB_quote_smart($password)); + $r = mysql_fetch_array($result,MYSQL_NUM); + + if($r) + return $r[0]; + else + return 0; +} function DB_get_handid_by_hash($hash) { @@ -145,6 +155,17 @@ function DB_get_name_by_hash($hash) return ""; } +function DB_get_name_by_userid($id) +{ + $result = mysql_query("SELECT fullname FROM User WHERE id=".DB_quote_smart($id)); + $r = mysql_fetch_array($result,MYSQL_NUM); + + if($r) + return $r[0]; + else + return ""; +} + function DB_get_status_by_hash($hash) { $result = mysql_query("SELECT status FROM Hand WHERE hash=".DB_quote_smart($hash)); diff --git a/functions.php b/functions.php index 390f6c9..6bd50af 100644 --- a/functions.php +++ b/functions.php @@ -404,7 +404,7 @@ function display_news() global $wiki; echo "<div class=\"bug\"> ". "Please hit shift+reload.<br /><hr />". - "Fixed a few bugs, comments might be working again <br /><hr />". + "added local time display, let me know what you think<br /><hr />". "If you find more bugs, please list them in the <a href=\"".$wiki. "\">wiki</a>.</div>\n"; return; @@ -5,7 +5,7 @@ <head> <title>e-Doko</title> <meta content="text/html; charset=ISO-8859-1" http-equiv="content-type" /> - <link rel="stylesheet" type="text/css" href="standard.css" /> + <link rel="stylesheet" type="text/css" href="css/standard.css" /> <script type="text/javascript"> function hl(num) { if(document.getElementById){ @@ -283,6 +283,32 @@ else if(isset($_REQUEST["me"])) display_news(); display_status(); + /* display local time */ + echo "<div class=\"time\">\n Local times:<table>"; + $users = array(); + $users = DB_get_all_userid_by_gameid($gameid); + foreach($users as $user) + { + $offset = DB_get_user_timezone($user); + $zone = return_timezone($offset); + date_default_timezone_set($zone); + $name = DB_get_name_by_userid($user); + + echo "<tr> <td>$name</td> <td>".date("Y-m-d H:i:s")."</td></tr>\n"; + }; + echo "</table>\n</div>\n"; + + /* display links to other games */ + echo "<div class=\"over\">\n"; + $result = mysql_query("SELECT email,password from User WHERE id='$myid'" ); + $r = mysql_fetch_array($result,MYSQL_NUM); + echo "<form action=\"index.php\" method=\"post\">\n"; + echo " <input type=\"hidden\" name=\"email\" value=\"".$r[0]."\" />\n"; + echo " <input type=\"hidden\" name=\"password\" value=\"".$r[1]."\" />\n"; + echo " <input type=\"submit\" value=\"go to my user page\" />\n"; + echo "</form>\n"; + echo "</div>\n"; + $gamestatus = DB_get_game_status_by_gameid($gameid); if($gamestatus == 'pre') { @@ -528,7 +554,7 @@ else if(isset($_REQUEST["me"])) $names = DB_get_all_names_by_gameid($gameid); echo "Do you want to continue playing?(This will start a new game, with the next person as dealer.)\n"; - echo "<form action=\"index.php\" methog=\"post\">\n"; + echo "<form action=\"index.php\" method=\"post\">\n"; echo " <input type=\"hidden\" name=\"PlayerA\" value=\"".($names[1])."\" />\n"; echo " <input type=\"hidden\" name=\"PlayerB\" value=\"".($names[2])."\" />\n"; echo " <input type=\"hidden\" name=\"PlayerC\" value=\"".($names[3])."\" />\n"; @@ -547,12 +573,16 @@ else if(isset($_REQUEST["me"])) else if(isset($_REQUEST["email"]) && isset($_REQUEST["password"])) { /* test id and password, should really be done in one step */ + $email = $_REQUEST["email"]; + $password = $_REQUEST["password"]; + + if(strlen($password)!=32) + $password = md5($password); + $ok=1; - $uid = DB_get_userid_by_email($_REQUEST["email"]); + $uid = DB_get_userid_by_email_and_password($email,$password); if(!$uid) $ok=0; - if(!DB_get_userid_by_passwd(md5($_REQUEST["password"]))) - $ok=0; if($ok) { @@ -591,6 +621,7 @@ else if(isset($_REQUEST["me"])) /* page for registration */ else if(isset($_REQUEST["register"]) ) { + echo "IMPORTANT: passwords are going over the net as clear text, so pick an easy password. No need to pick anything complicated here ;)<br /><br />"; echo "TODO: convert timezone into a menu<br />\n"; echo "TODO: figure out a way to handle passwrods <br />\n"; ?> |