2 /* make sure that we are not called from outside the scripts,
3 * use a variable defined in config.php to check this
14 global $DB,$DB_user,$DB_host,$DB_database,$DB_password;
15 $DB = @mysql_connect($DB_host,$DB_user, $DB_password);
18 mysql_select_db($DB_database) or die('Could not select database');
33 function DB_quote_smart($value)
36 if (get_magic_quotes_gpc()) {
37 $value = stripslashes($value);
39 /* Quote if not a number or a numeric string */
40 if (!is_numeric($value)) {
41 $value = "'" . mysql_real_escape_string($value) . "'";
48 $result = DB_query("SELECT * FROM User");
49 while($r = DB_fetch_array($result))
58 /* use Mysql in the background */
59 function DB_query($query)
61 /* debug/optimize the database
62 $logfile=fopen('/tmp/DBlog.log','a+');
63 fwrite($logfile,"EXPLAIN $query ;\n");
66 return mysql_query($query);
69 function DB_fetch_array($result)
71 return mysql_fetch_array($result,MYSQL_NUM);
74 function DB_insert_id()
76 return mysql_insert_id();
79 function DB_num_rows($result)
81 return mysql_num_rows($result);
83 /* end Mysql functions */
85 function DB_query_array($query)
87 $result = DB_query($query);
88 $return = DB_fetch_array($result);
93 function DB_query_array_all($query)
97 $queryresult = DB_query($query);
98 while($row = DB_fetch_array($queryresult))
104 function DB_get_passwd_by_name($name)
106 $r = DB_query_array("SELECT password FROM User WHERE fullname=".DB_quote_smart($name)."");
114 function DB_get_passwd_by_userid($id)
116 $r = DB_query_array("SELECT password FROM User WHERE id=".DB_quote_smart($id)."");
124 function DB_check_recovery_passwords($password,$email)
126 $r = DB_query_array("SELECT User.id FROM User".
127 " LEFT JOIN Recovery ON User.id=Recovery.user_id".
128 " WHERE email=".DB_quote_smart($email).
129 " AND Recovery.password=".DB_quote_smart($password).
130 " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= Recovery.create_date");
137 function DB_get_handid($type,$var1='',$var2='')
142 $r = DB_query_array("SELECT id FROM Hand WHERE hash=".DB_quote_smart($var1));
144 case 'gameid-position':
145 $r = DB_query_array("SELECT id FROM Hand WHERE game_id=".
146 DB_quote_smart($var1)." AND position=".
147 DB_quote_smart($var2));
149 case 'gameid-userid':
150 $r = DB_query_array("SELECT id FROM Hand WHERE game_id=".
151 DB_quote_smart($var1)." AND user_id=".
152 DB_quote_smart($var2));
162 function DB_get_pos_by_hash($hash)
164 $r= DB_query_array("SELECT position FROM Hand WHERE hash=".DB_quote_smart($hash));
172 function DB_get_status_by_hash($hash)
174 $r= DB_query_array("SELECT status FROM Hand WHERE hash=".DB_quote_smart($hash));
182 function DB_set_game_status_by_gameid($id,$status)
184 DB_query("UPDATE Game SET status='".$status."' WHERE id=".DB_quote_smart($id));
188 function DB_set_sickness_by_gameid($id,$status)
190 DB_query("UPDATE Game SET sickness='".$status."' WHERE id=".DB_quote_smart($id));
193 function DB_get_sickness_by_gameid($id)
195 $r = DB_query_array("SELECT sickness FROM Game WHERE id=".DB_quote_smart($id));
203 function DB_get_game_status_by_gameid($id)
205 $r = DB_query_array("SELECT status FROM Game WHERE id=".DB_quote_smart($id));
213 function DB_set_hand_status_by_hash($hash,$status)
215 DB_query("UPDATE Hand SET status='".$status."' WHERE hash=".DB_quote_smart($hash));
219 function DB_get_hand_status_by_userid_and_gameid($uid,$gid)
221 $r = DB_query_array("SELECT status FROM Hand WHERE user_id=".DB_quote_smart($uid).
222 " AND game_id=".DB_quote_smart($gid));
229 function DB_get_sickness_by_userid_and_gameid($uid,$gid)
231 $r = DB_query_array("SELECT sickness FROM Hand WHERE user_id=".DB_quote_smart($uid).
232 " AND game_id=".DB_quote_smart($gid));
239 function DB_get_sickness_by_pos_and_gameid($pos,$gid)
241 $r = DB_query_array("SELECT sickness FROM Hand WHERE position=".DB_quote_smart($pos).
242 " AND game_id=".DB_quote_smart($gid));
249 function DB_get_gameid_by_hash($hash)
251 $r = DB_query_array("SELECT game_id FROM Hand WHERE hash=".DB_quote_smart($hash));
259 function DB_cancel_game($hash)
261 $gameid = DB_get_gameid_by_hash($hash);
266 /* get the IDs of all players */
267 $result = DB_query("SELECT id FROM Hand WHERE game_id=".DB_quote_smart($gameid));
268 while($r = DB_fetch_array($result))
272 $tmp = DB_query_array("SELECT id FROM Hand_Card WHERE hand_id=".DB_quote_smart($id));
273 DB_query("DELETE FROM Play WHERE hand_card_id=".DB_quote_smart($tmp[0]));
275 DB_query("DELETE FROM Hand_Card WHERE hand_id=".DB_quote_smart($id));
276 DB_query("DELETE FROM Hand WHERE id=".DB_quote_smart($id));
280 DB_query("DELETE FROM User_Game_Prefs WHERE game_id=".DB_quote_smart($gameid));
281 DB_query("DELETE FROM Trick WHERE game_id=".DB_quote_smart($gameid));
282 DB_query("DELETE FROM Game WHERE id=".DB_quote_smart($gameid));
287 function DB_get_hand($me)
291 $handid = DB_get_handid('hash',$me);
293 $result = DB_query("SELECT card_id FROM Hand_Card WHERE hand_id=".DB_quote_smart($handid)." and played='false' ");
294 while($r = DB_fetch_array($result))
300 function DB_get_all_hand($me)
304 $handid = DB_get_handid('hash',$me);
306 $result = DB_query("SELECT card_id FROM Hand_Card WHERE hand_id=".DB_quote_smart($handid));
307 while($r = DB_fetch_array($result))
313 function DB_get_cards_by_trick($id)
318 $result = DB_query("SELECT card_id,position FROM Play LEFT JOIN Hand_Card ON Hand_Card.id=Play.hand_card_id ".
319 "LEFT JOIN Hand ON Hand.id=Hand_Card.hand_id ".
321 DB_quote_smart($id)." ORDER BY sequence ASC");
322 while($r = DB_fetch_array($result))
324 $cards[$i]=array("card"=>$r[0],"pos"=>$r[1]);
332 function DB_set_solo_by_hash($hash,$solo)
334 DB_query("UPDATE Hand SET solo=".DB_quote_smart($solo)." WHERE hash=".DB_quote_smart($hash));
338 function DB_set_solo_by_gameid($id,$solo)
340 DB_query("UPDATE Game SET solo=".DB_quote_smart($solo)." WHERE id=".DB_quote_smart($id));
344 function DB_set_sickness_by_hash($hash,$sickness)
346 DB_query("UPDATE Hand SET sickness=".DB_quote_smart($sickness)." WHERE hash=".DB_quote_smart($hash));
350 function DB_get_current_trickid($gameid)
356 $result = DB_query("SELECT Trick.id,MAX(Play.sequence) FROM Play ".
357 "LEFT JOIN Trick ON Play.trick_id=Trick.id ".
358 "WHERE Trick.game_id=".DB_quote_smart($gameid)." ".
359 "GROUP BY Trick.id");
360 while( $r = DB_fetch_array($result) )
367 if(!$sequence || $sequence==4)
369 DB_query("INSERT INTO Trick VALUES (NULL,NULL,NULL, ".DB_quote_smart($gameid).",NULL)");
370 $trickid = DB_insert_id();
379 return array($trickid,$sequence,$number);
382 function DB_get_max_trickid($gameid)
384 $r = DB_query_array("SELECT MAX(id) FROM Trick WHERE game_id=".DB_quote_smart($gameid));
386 return ($r?$r[0]:NULL);
389 function DB_play_card($trickid,$handcardid,$sequence)
391 DB_query("INSERT INTO Play VALUES(NULL,NULL,NULL,".DB_quote_smart($trickid).
392 ",".DB_quote_smart($handcardid).",".DB_quote_smart($sequence).")");
394 $playid = DB_insert_id();
398 function DB_get_all_names_by_gameid($id)
402 $result = DB_query("SELECT fullname FROM Hand LEFT JOIN User ON Hand.user_id=User.id WHERE game_id=".
403 DB_quote_smart($id)." ORDER BY position ASC");
404 while($r = DB_fetch_array($result))
410 function DB_get_all_userid_by_gameid($id)
414 $result = DB_query("SELECT user_id FROM Hand WHERE game_id=".
415 DB_quote_smart($id)." ORDER BY position ");
416 while($r = DB_fetch_array($result))
422 function DB_get_hash_from_game_and_pos($id,$pos)
424 $r = DB_query_array("SELECT hash FROM Hand WHERE game_id=".DB_quote_smart($id)." and position=".DB_quote_smart($pos));
432 function DB_get_hash_from_gameid_and_userid($id,$user)
434 $r = DB_query_array("SELECT hash FROM Hand WHERE game_id=".DB_quote_smart($id)." and user_id=".DB_quote_smart($user));
442 function DB_get_all_names()
446 $result = DB_query("SELECT fullname FROM User");
448 while($r = DB_fetch_array($result))
454 function DB_get_all_user_names_open_for_games()
458 DB_query("DROP TEMPORARY TABLE IF EXISTS Usertmp;");
459 DB_query("CREATE TEMPORARY TABLE Usertmp SELECT id,fullname FROM User;");
460 DB_query("DELETE FROM Usertmp WHERE id IN (SELECT user_id FROM User_Prefs WHERE pref_key='open for games' and value='no')");
462 $result = DB_query("SELECT fullname FROM Usertmp");
463 DB_query("DROP TEMPORARY TABLE IF EXISTS Usertmp;");
465 while($r = DB_fetch_array($result))
471 function DB_get_names_of_last_logins($N)
475 $result = DB_query("SELECT fullname FROM User ORDER BY last_login DESC LIMIT $N");
476 while($r = DB_fetch_array($result))
482 function DB_get_names_of_new_logins($N)
486 $result = DB_query("SELECT fullname FROM User ORDER BY create_date DESC, id DESC LIMIT $N");
487 while($r = DB_fetch_array($result))
493 function DB_update_game_timestamp($gameid)
495 DB_query("UPDATE Game SET mod_date = CURRENT_TIMESTAMP WHERE id=".DB_quote_smart($gameid));
500 function DB_update_user_timestamp($userid)
502 DB_query("UPDATE User SET last_login = CURRENT_TIMESTAMP WHERE id=".DB_quote_smart($userid));
506 function DB_get_user_timestamp($userid)
508 $r = DB_query_array("SELECT last_login FROM User WHERE id=".DB_quote_smart($userid));
515 function DB_get_user_timezone($userid)
517 $r = DB_query_array("SELECT timezone FROM User WHERE id=".DB_quote_smart($userid));
522 return "Europe/London";
525 function DB_insert_comment($comment,$playid,$userid)
527 DB_query("INSERT INTO Comment VALUES (NULL,NULL,NULL,$userid,$playid, ".DB_quote_smart($comment).")");
532 function DB_insert_note($comment,$gameid,$userid)
534 DB_query("INSERT INTO Notes VALUES (NULL,NULL,NULL,$userid,$gameid, ".DB_quote_smart($comment).")");
539 function DB_get_notes_by_userid_and_gameid($userid,$gameid)
543 $result = DB_query("SELECT comment FROM Notes WHERE user_id=".DB_quote_smart($userid) .
544 " AND game_id=".DB_quote_smart($gameid));
546 while($r = DB_fetch_array($result))
553 function DB_get_gametype_by_gameid($id)
555 $r = DB_query_array("SELECT type FROM Game WHERE id=".DB_quote_smart($id));
563 function DB_set_gametype_by_gameid($id,$p)
565 DB_query("UPDATE Game SET type='".$p."' WHERE id=".DB_quote_smart($id));
569 function DB_get_solo_by_gameid($id)
571 $r = DB_query_array("SELECT solo FROM Game WHERE id=".DB_quote_smart($id));
580 function DB_get_startplayer_by_gameid($id)
582 $r = DB_query_array("SELECT startplayer FROM Game WHERE id=".DB_quote_smart($id));
590 function DB_set_startplayer_by_gameid($id,$p)
592 DB_query("UPDATE Game SET startplayer='".$p."' WHERE id=".DB_quote_smart($id));
596 function DB_get_player_by_gameid($id)
598 $r = DB_query_array("SELECT player FROM Game WHERE id=".DB_quote_smart($id));
605 function DB_set_player_by_gameid($id,$p)
607 DB_query("UPDATE Game SET player='".DB_quote_smart($p)."' WHERE id=".DB_quote_smart($id));
613 function DB_get_ruleset_by_gameid($id)
615 $r = DB_query_array("SELECT ruleset FROM Game WHERE id=".DB_quote_smart($id));
623 function DB_get_session_by_gameid($id)
625 $r = DB_query_array("SELECT session FROM Game WHERE id=".DB_quote_smart($id));
633 function DB_get_max_session()
635 $r = DB_query_array("SELECT MAX(session) FROM Game");
643 function DB_get_hashes_by_session($session,$user)
647 $result = DB_query("SELECT Hand.hash FROM Hand".
648 " LEFT JOIN Game ON Game.id=Hand.game_id ".
649 " WHERE Game.session=".DB_quote_smart($session).
650 " AND Hand.user_id=".DB_quote_smart($user).
651 " ORDER BY Game.create_date ASC");
652 while($t = DB_fetch_array($result))
658 function DB_get_ruleset($dullen,$schweinchen,$call)
662 $result = DB_query("SELECT id FROM Rulesets WHERE".
663 " dullen=".DB_quote_smart($dullen)." AND ".
664 " Rulesets.call=".DB_quote_smart($call)." AND ".
665 " schweinchen=".DB_quote_smart($schweinchen));
667 $r = DB_fetch_array($result);
670 return $r[0]; /* found ruleset */
674 $result = DB_query("INSERT INTO Rulesets VALUES (NULL, NULL, ".
675 DB_quote_smart($dullen).",".
676 DB_quote_smart($schweinchen).",".
677 DB_quote_smart($call).
680 return DB_insert_id();
683 return -1; /* something went wrong */
686 function DB_get_party_by_hash($hash)
688 $r = DB_query_array("SELECT party FROM Hand WHERE hash=".DB_quote_smart($hash));
696 function DB_get_party_by_gameid_and_userid($gameid,$userid)
698 $r = DB_query_array("SELECT party FROM Hand".
699 " WHERE game_id=".DB_quote_smart($gameid).
700 " AND user_id=".DB_quote_smart($userid));
707 function DB_set_party_by_hash($hash,$party)
709 DB_query("UPDATE Hand SET party=".DB_quote_smart($party)." WHERE hash=".DB_quote_smart($hash));
713 function DB_get_PREF($myid)
716 $PREF['cardset'] = 'english';
717 $PREF['email'] = 'emailnonaddict';
718 $PREF['autosetup'] = 'no';
719 $PREF['sorting'] = 'high-low';
720 $PREF['open_for_games'] = 'yes';
721 $PREF['vacation_start'] = NULL;
722 $PREF['vacation_stop'] = NULL;
723 $PREF['vacation_comment'] = '';
725 /* get all preferences */
726 $r = DB_query('SELECT pref_key, value FROM User_Prefs'.
727 " WHERE user_id='$myid' " );
728 while($pref = DB_fetch_array($r) )
733 /* licence only valid until then */
734 if($pref[1]=="altenburg" && (time()-strtotime( "2009-12-31 23:59:59")<0) )
735 $PREF["cardset"]="altenburg";
739 if($pref[1]=="emailaddict")
740 $PREF["email"]="emailaddict";
745 $PREF['autosetup']='yes';
750 $PREF['sorting'] = $pref[1];
753 case 'open for games':
755 $PREF['open_for_games'] = $pref[1];
758 case 'vacation start':
760 $PREF['vacation_start'] = $pref[1];
763 case 'vacation stop':
765 $PREF['vacation_stop'] = $pref[1];
768 case 'vacation comment':
770 $PREF['vacation_comment'] = $pref[1];
777 function DB_get_RULES($gameid)
779 $r = DB_query_array("SELECT * FROM Rulesets".
780 " LEFT JOIN Game ON Game.ruleset=Rulesets.id ".
781 " WHERE Game.id='$gameid'" );
783 $RULES["dullen"] = $r[2];
784 $RULES["schweinchen"] = $r[3];
785 $RULES["call"] = $r[4];
790 function DB_get_email_pref_by_hash($hash)
792 $r = DB_query_array("SELECT value FROM Hand".
793 " LEFT JOIN User_Prefs ON Hand.user_id=User_Prefs.user_id".
794 " WHERE hash='$hash' AND pref_key='email'" );
797 if($r[0]=="emailaddict")
798 return "emailaddict";
800 return "emailnonaddict";
803 return "emailnonaddict";
806 function DB_get_email_pref_by_uid($uid)
808 $r = DB_query_array("SELECT value FROM User_Prefs ".
809 " WHERE user_id='$uid' AND pref_key='email'" );
812 if($r[0]=="emailaddict")
813 return "emailaddict";
815 return "emailnonaddict";
818 return "emailnonaddict";
821 function DB_get_unused_randomnumbers($userstr)
823 /* optimized version of this query using temporary tables (perhaps we should use a procedure here?).
824 First we create a copy of the Game table using just the gameid and the cards.
825 Then in a second round we delete all the gameids of games where our players are in.
826 At the end we return only the first entry in the temporary table.
828 DB_query("DROP TEMPORARY TABLE IF EXISTS gametmp;");
829 DB_query("CREATE TEMPORARY TABLE gametmp SELECT id,randomnumbers FROM Game;");
830 DB_query("DELETE FROM gametmp WHERE randomnumbers IN (SELECT randomnumbers FROM Hand LEFT JOIN Game ON Game.id=game_id WHERE user_id IN (".$userstr."));");
832 $r = DB_query_array("SELECT randomnumbers FROM gametmp LIMIT 1;");
833 DB_query("DROP TEMPORARY TABLE IF EXISTS gametmp;");
841 function DB_get_number_of_passwords_recovery($user)
843 $r = DB_query_array("SELECT COUNT(*) FROM Recovery ".
844 " WHERE user_id=$user ".
845 " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= create_date".
846 " GROUP BY user_id " );
853 function DB_set_recovery_password($user,$newpw)
855 DB_query("INSERT INTO Recovery VALUES(NULL,".DB_quote_smart($user).
856 ",".DB_quote_smart($newpw).",NULL)");
860 function DB_get_card_name($card)
865 $r = DB_query_array("SELECT strength,suite FROM Card WHERE id='$card'");
868 return $r[0]." of ".$r[1];
870 return "Error during get_card_name ".$card;
873 function DB_get_current_playid($gameid)
875 $trick = DB_get_max_trickid($gameid);
877 if(!$trick) return NULL;
879 $r = DB_query_array("SELECT id FROM Play WHERE trick_id='$trick' ORDER BY create_date DESC LIMIT 1");
887 function DB_get_call_by_hash($hash)
889 $r = DB_query_array("SELECT point_call FROM Hand WHERE hash='$hash'");
897 function DB_get_partner_call_by_hash($hash)
899 $partner = DB_get_partner_hash_by_hash($hash);
903 $r = DB_query_array("SELECT point_call FROM Hand WHERE hash='$partner'");
912 function DB_get_partner_hash_by_hash($hash)
914 $gameid = DB_get_gameid_by_hash($hash);
915 $party = DB_get_party_by_hash($hash);
917 $r = DB_query_array("SELECT hash FROM Hand WHERE game_id='$gameid' AND party='$party' AND hash<>'$hash'");
925 function DB_format_gameid($gameid)
927 /* get session and create date */
928 $r = DB_query_array("SELECT session, create_date FROM Game WHERE id='$gameid' ");
932 /* get number of game */
933 $r = DB_query_array("SELECT SUM(TIME_TO_SEC(TIMEDIFF(create_date, '$date'))<=0) ".
935 " WHERE session='$session' ");
936 return $session.'.'.$r[0];
939 function DB_get_reminder($user,$gameid)
941 $r = DB_query_array("SELECT COUNT(*) FROM Reminder ".
942 " WHERE user_id=$user ".
943 " AND game_id=$gameid ".
944 " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= create_date".
945 " GROUP BY user_id " );
952 function DB_set_reminder($user,$gameid)
954 DB_query("INSERT INTO Reminder ".
955 " VALUES(NULL, ".DB_quote_smart($user).", ".DB_quote_smart($gameid).
960 function DB_is_session_active($session)
962 $r = DB_query_array("SELECT COUNT(*) FROM Game ".
963 " WHERE session=$session ".
964 " AND status<>'gameover' ");
971 function DB_get_score_by_gameid($gameid)
973 /* returns the points of a game from the point of the re parth (<0 if they lost) */
974 $queryresult = DB_query("SELECT COUNT(*),party FROM Score ".
975 " WHERE game_id=$gameid ".
980 while($r = DB_fetch_array($queryresult) )
984 else if ($r[1] == "contra")
988 return ($re - $contra);
991 function DB_get_gameids_of_finished_games_by_session($session)
995 if($session==0) /* return all games */
996 $queryresult = DB_query("SELECT id FROM Game ".
997 " WHERE status='gameover' ".
998 " ORDER BY create_date ASC");
999 else /* return games in a session */
1000 $queryresult = DB_query("SELECT id FROM Game ".
1001 " WHERE session=$session ".
1002 " AND status='gameover' ".
1003 " ORDER BY create_date ASC");
1006 while($r = DB_fetch_array($queryresult) )
1015 function DB_get_card_value_by_cardid($id)
1017 $r = DB_query_array("SELECT points FROM Card ".
1026 function DB_get_userid($type,$var1="",$var2="")
1028 /* get the userid of a user
1029 * this can be done several ways, which are all handled below
1030 * if a email/password combination is given and it doesn't work, we also
1031 * need to check the recovery table for additional passwords
1039 $result = DB_query("SELECT id FROM User WHERE fullname=".DB_quote_smart($var1));
1042 $result = DB_query("SELECT user_id FROM Hand WHERE hash=".DB_quote_smart($var1));
1045 $result = DB_query("SELECT id FROM User WHERE password=".DB_quote_smart($var1));
1048 $result = DB_query("SELECT id FROM User WHERE email=".DB_quote_smart($var1));
1050 case 'email-password':
1051 $result = DB_query("SELECT id FROM User WHERE email=".DB_quote_smart($var1)." AND password=".DB_quote_smart($var2));
1052 $r = DB_fetch_array($result);
1053 /* test if a recovery password has been set */
1056 echo "testing alternative password";
1057 $result = DB_query("SELECT User.id FROM User".
1058 " LEFT JOIN Recovery ON User.id=Recovery.user_id".
1059 " WHERE email=".DB_quote_smart($var1).
1060 " AND Recovery.password=".DB_quote_smart($var2).
1061 " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= Recovery.create_date");
1064 case 'gameid-position':
1065 $result = DB_query("SELECT user_id FROM Hand WHERE game_id=".
1066 DB_quote_smart($var1)." AND position=".
1067 DB_quote_smart($var2));
1072 $r = DB_fetch_array($result);
1080 function DB_get_email($type,$var1='',$var2='')
1082 /* return the email of a user
1083 * this is used for sending out emails, but also for
1084 * testing the login for example
1089 $result = DB_query("SELECT email FROM User WHERE fullname=".DB_quote_smart($var1)."");
1092 $result = DB_query("SELECT email FROM User WHERE id=".DB_quote_smart($var1)."");
1095 $result = DB_query("SELECT User.email FROM User ".
1096 "LEFT JOIN Hand ON Hand.user_id=User.id ".
1097 "WHERE Hand.hash=".DB_quote_smart($var1)."");
1099 case 'position-gameid':
1100 $result = DB_query("SELECT email FROM User ".
1101 "LEFT JOIN Hand ON User.id=Hand.user_id ".
1102 "LEFT JOIN Game ON Game.id=Hand.game_id ".
1103 "WHERE Game.id=".DB_quote_smart($var2)." ".
1104 "AND Hand.position=".DB_quote_smart($var1)."");
1108 $r = DB_fetch_array($result);
1116 function DB_get_name($type,$var1='')
1118 /* get the full name of a user
1119 * a user can be uniquely identified several ways
1124 $r = DB_query_array("SELECT fullname FROM Hand LEFT JOIN User ON Hand.user_id=User.id WHERE hash=".DB_quote_smart($var1));
1127 $r = DB_query_array("SELECT fullname FROM User WHERE email=".DB_quote_smart($var1));
1130 $r = DB_query_array("SELECT fullname FROM User WHERE id=".DB_quote_smart($var1));
1139 function DB_add_exchanged_card($card,$old_hand_id,$new_hand_id)
1141 DB_query("INSERT INTO Card_Exchange VALUES (NULL,$new_hand_id,$old_hand_id,$card)");
1145 function DB_get_exchanged_cards($hash)
1149 $handid = DB_get_handid('hash',$hash);
1151 $result = DB_query("SELECT card_id FROM Card_Exchange WHERE orig_hand_id=".DB_quote_smart($handid));
1152 while($r = DB_fetch_array($result))
1158 function DB_played_by_others($gameid)
1161 $result = DB_query("SELECT id FROM Game WHERE randomnumbers=(SELECT randomnumbers FROM Game WHERE id=$gameid) AND status='gameover'");
1162 while($r = DB_fetch_array($result))