"; if($number >1) echo "N.B. You tried this already $number times during the last day and it will only work ". " 5 times during a day.
"; echo "The new password will be valid for one day, make sure you reset it to something else.
"; echo "Back to the main page."; /* create temporary password, use the fist 8 letters of a md5 hash */ $TIME = (string) time(); /* to avoid collisions */ $hash = md5("Anewpassword".$email.$TIME); $newpw = substr($hash,1,8); $message = "Someone (hopefully you) requested a new password. \n". "You can use this email and the following password: \n". " $newpw \n". "to log into the server. The new password is valid for 24h, so make\n". "sure you reset your password to something new. Your old password will\n". " also still be valid until you set a new one\n"; mymail($email,$EmailName."recovery ",$message); /* we save these in the database */ DB_set_recovery_password($myid,md5($newpw)); } else { /* make it so that people (or a robot) can request thousands of passwords within a short time * and spam a user this way */ echo "Sorry you already tried 5 times during the last 24h.
". "You need to use one of those passwords or wait to get a new one.
"; echo "Back to the main page."; } } else {/* can't find user id in the database */ /* no email given? */ if($email=="") echo "You need to give me an email address!
". "Please try again."; else /* default error message */ echo "Couldn't find a player with this email!
". "Please contact Arun, if you think this is a mistake
". "or else try again."; } } else { /* normal user page */ /* verify password and email */ if(strlen($password)!=32) $password = md5($password); $ok = 1; $myid = DB_get_userid('email-password',$email,$password); if(!$myid) $ok = 0; if($ok) { /* user information is ok */ $myname = DB_get_name('email',$email); $_SESSION["name"] = $myname; $PREF = DB_get_PREF($myid); DB_update_user_timestamp($myid); display_user_menu($myid); /* display all games the user has played */ echo "
"; echo "

These are all your games:

\n"; echo "

Session:
\n"; echo " p = pre-game phase "; echo "P = game in progess "; echo "F = game finished "; echo " N = game finished, hand played by others too
"; echo "

\n"; $output = array(); $result = DB_query("SELECT Hand.hash,Hand.game_id,G.mod_date,G.player,G.status, ". " (SELECT count(H.randomnumbers) FROM Game H WHERE H.randomnumbers=G.randomnumbers) AS count ". " FROM Hand". " LEFT JOIN Game G ON G.id=Hand.game_id". " WHERE user_id='$myid'". " ORDER BY G.session,G.create_date" ); $gamenrold = -1; echo "\n \n \n"; else echo "$gamenr:\n"; $gamenrold = $gamenr; echo "\n\n
\n"; while( $r = DB_fetch_array($result)) { $game = DB_format_gameid($r[1]); $gamenr = (int) $game; if($gamenrold < $gamenr) { if($gamenrold!=-1) echo "
$gamenr:\n"; } $Multi = ($r[5]>1) ? "multi" : ""; if($r[4]=='pre') echo " p \n"; else if ($r[4]=='gameover') { echo " "; if($r[5]<2) echo "F "; else echo $r[5]; echo "\n"; } else echo " P \n"; if($r[4] != 'gameover') { echo "\n "; if($r[3]==$myid || !$r[3]) echo "(it's your turn)\n"; else { $name = DB_get_name('userid',$r[3]); $gameid = $r[1]; if(DB_get_reminder($r[3],$gameid)==0) if(time()-strtotime($r[2]) > 60*60*24*7) echo "Send a reminder."; echo "(it's $name's turn)\n"; }; if(time()-strtotime($r[2]) > 60*60*24*30) echo "Cancel?". " (clicking here is final and can't be restored)"; } } echo "
\n"; /* display last 5 users that have signed up to e-DoKo */ $names = DB_get_names_of_new_logins(5); echo "

New Players:

\n

\n"; echo implode(", ",$names).",...\n"; echo "

\n"; /* display last 5 users that logged on */ $names = DB_get_names_of_last_logins(5); echo "

Players last logged in:

\n

\n"; echo implode(", ",$names).",...\n"; echo "

\n"; echo "
\n"; } else { echo "
Sorry email and password don't match. Please try again.
"; } }; ?>