* * This file is part of e-DoKo. * * e-DoKo is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * e-DoKo is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with e-DoKo. If not, see . * */ /* make sure that we are not called from outside the scripts, * use a variable defined in config.php to check this */ if(!isset($HOST)) exit; /* test id and password, should really be done in one step */ if(!isset($_SESSION["name"])) { $email = $_REQUEST["email"]; $password = $_REQUEST["password"]; } else { $name = $_SESSION["name"]; $email = DB_get_email('name',$name); $password = DB_get_passwd_by_name($name); }; /* user has forgotten his password */ if(myisset("forgot")) { /* check if player is in the database */ $ok = 1; $myid = DB_get_userid('email',$email); if(!$myid) $ok = 0; if($ok) { /* check how many entries in recovery table */ $number = DB_get_number_of_passwords_recovery($myid); /* if less than N recent ones, add a new one and send out email */ if( $number < 5 ) { echo "Ok, I send you a new password.
"; if($number >1) echo "N.B. You tried this already $number times during the last day and it will only work ". " 5 times during a day.
"; echo "The new password will be valid for one day, make sure you reset it to something else.
"; echo "Back to the main page."; /* create temporary password, use the fist 8 letters of a md5 hash */ $TIME = (string) time(); /* to avoid collisions */ $hash = md5("Anewpassword".$email.$TIME); $newpw = substr($hash,1,8); $message = "Someone (hopefully you) requested a new password. \n". "You can use this email and the following password: \n". " $newpw \n". "to log into the server. The new password is valid for 24h, so make\n". "sure you reset your password to something new. Your old password will\n". "also still be valid until you set a new one.\n"; $subject = 'Recovery'; mymail($myid,$subject,$message); /* we save these in the database */ DB_set_recovery_password($myid,md5($newpw)); } else { /* make it so that people (or a robot) can request thousands of passwords within a short time * and spam a user this way */ echo "Sorry you already tried 5 times during the last 24h.
". "You need to use one of those passwords or wait to get a new one.
"; echo "Back to the main page."; } } else {/* can't find user id in the database */ /* no email given? */ if($email=="") echo "You need to give me an email address!
". "Please try again."; else /* default error message */ echo "Couldn't find a player with this email!
". "Please contact Arun, if you think this is a mistake
". "or else try again."; } } else { /* normal user page */ /* verify password and email */ if(strlen($password)!=32) $password = md5($password); $ok = 1; $myid = DB_get_userid('email-password',$email,$password); if(!$myid) $ok = 0; if($ok) { /* user information is ok */ $myname = DB_get_name('email',$email); $_SESSION["name"] = $myname; $PREF = DB_get_PREF($myid); DB_update_user_timestamp($myid); display_user_menu($myid); /* display all games the user has played */ echo "
"; if($myvacation = check_vacation($myid)) { $vac_start = $myvacation[0]; $vac_stop = $myvacation[1]; $vac_comment = $myvacation[2]; echo "

Enjoy your vacation (don't forgot to change your settings once you're back). Between $vac_start and $vac_stop other users will see the following message: $vac_comment.

\n"; } echo "

These are all your games:

\n"; /* output legend */ echo "

Session:
\n"; echo " p = pre-game phase "; echo "P = game in progess "; echo "E = game ended "; echo "N = N games with same hand
"; echo "

\n"; $output = array(); $result = DB_query("SELECT Hand.hash,Hand.game_id,G.mod_date,G.player,G.status, ". " (SELECT count(H.randomnumbers) FROM Game H WHERE H.randomnumbers=G.randomnumbers) AS count ". " FROM Hand". " LEFT JOIN Game G ON G.id=Hand.game_id". " WHERE user_id='$myid'". " ORDER BY G.session,G.create_date" ); $gamenrold = -1; $count = 0; echo "\n \n \n"; else echo "$gamenr:\n"; $gamenrold = $gamenr; echo "\n\n
\n"; while( $r = DB_fetch_array($result)) { $count++; $game = DB_format_gameid($r[1]); $gamenr = (int) $game; if($gamenrold < $gamenr) { if($gamenrold!=-1) echo "
$gamenr:\n"; } $Multi = ($r[5]>1) ? "multi" : ""; if($r[4]=='pre') echo " p \n"; else if (in_array($r[4],array('gameover','cancel-timedout','cancel-nines','cancel-noplay','cancel-trump'))) { echo " "; if($r[5]<2) echo "E "; else echo $r[5]; echo "\n"; } else echo " P \n"; if($r[4] == 'pre' || $r[4] == 'play') { echo "\n "; if($r[3]==$myid || !$r[3]) echo "(it's your turn)\n"; else { $name = DB_get_name('userid',$r[3]); $gameid = $r[1]; /* check if we need to send out a reminder */ if(DB_get_reminder($r[3],$gameid)==0) if(time()-strtotime($r[2]) > 60*60*24*7) echo "Send a reminder."; /* check vacaction status of this user */ if($vacation=check_vacation($r[3])) { $stop = substr($vacation[1],0,10); $title = 'begin:'.substr($vacation[0],0,10).' end:'.$vacation[1].' '.$vacation[2]; echo "(it's $name's (on vacation until $stop) turn)\n"; } else echo "(it's $name's turn)\n"; }; if(time()-strtotime($r[2]) > 60*60*24*30) echo "Cancel? "; } } echo "
\n"; /* give a hint for new players */ if($count<10) echo "

You can start new games using the link in the top right corner!

\n"; /* display last 5 users that have signed up to e-DoKo */ $names = DB_get_names_of_new_logins(5); echo "

New Players:

\n

\n"; echo implode(", ",$names).",...\n"; echo "

\n"; /* display last 5 users that logged on */ echo "

Players last logged in:

\n

\n"; $names = DB_get_names_of_last_logins(7); $emails = DB_get_emails_of_last_logins(7); for($i=0;$i<7;$i++) { echo "\n"; } echo "

\n"; echo "
\n"; } else { echo "
Sorry email and password don't match. Please try again.
"; } }; ?>