2 /* make sure that we are not called from outside the scripts,
3 * use a variable defined in config.php to check this
14 global $DB,$DB_user,$DB_host,$DB_database,$DB_password;
15 $DB = @mysql_connect($DB_host,$DB_user, $DB_password);
18 mysql_select_db($DB_database) or die('Could not select database');
33 function DB_quote_smart($value)
36 if (get_magic_quotes_gpc()) {
37 $value = stripslashes($value);
39 /* Quote if not a number or a numeric string */
40 if (!is_numeric($value)) {
41 $value = "'" . mysql_real_escape_string($value) . "'";
48 $result = DB_query("SELECT * FROM User");
49 while($r = DB_fetch_array($result))
58 /* use Mysql in the background */
59 function DB_query($query)
61 return mysql_query($query);
64 function DB_fetch_array($result)
66 return mysql_fetch_array($result,MYSQL_NUM);
69 function DB_insert_id()
71 return mysql_insert_id();
74 function DB_num_rows($result)
76 return mysql_num_rows($result);
78 /* end Mysql functions */
80 function DB_query_array($query)
82 $result = DB_query($query);
83 $return = DB_fetch_array($result);
88 function DB_get_passwd_by_name($name)
90 $r = DB_query_array("SELECT password FROM User WHERE fullname=".DB_quote_smart($name)."");
98 function DB_check_recovery_passwords($password,$email)
100 $r = DB_query_array("SELECT User.id FROM User".
101 " LEFT JOIN Recovery ON User.id=Recovery.user_id".
102 " WHERE email=".DB_quote_smart($email).
103 " AND Recovery.password=".DB_quote_smart($password).
104 " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= Recovery.create_date");
111 function DB_get_handid($type,$var1='',$var2='')
116 $r = DB_query_array("SELECT id FROM Hand WHERE hash=".DB_quote_smart($var1));
118 case 'gameid-position':
119 $r = DB_query_array("SELECT id FROM Hand WHERE game_id=".
120 DB_quote_smart($var1)." AND position=".
121 DB_quote_smart($var2));
123 case 'gameid-userid':
124 $r = DB_query_array("SELECT id FROM Hand WHERE game_id=".
125 DB_quote_smart($var1)." AND user_id=".
126 DB_quote_smart($var2));
136 function DB_get_pos_by_hash($hash)
138 $r= DB_query_array("SELECT position FROM Hand WHERE hash=".DB_quote_smart($hash));
146 function DB_get_status_by_hash($hash)
148 $r= DB_query_array("SELECT status FROM Hand WHERE hash=".DB_quote_smart($hash));
156 function DB_set_game_status_by_gameid($id,$status)
158 DB_query("UPDATE Game SET status='".$status."' WHERE id=".DB_quote_smart($id));
162 function DB_set_sickness_by_gameid($id,$status)
164 DB_query("UPDATE Game SET sickness='".$status."' WHERE id=".DB_quote_smart($id));
167 function DB_get_sickness_by_gameid($id)
169 $r = DB_query_array("SELECT sickness FROM Game WHERE id=".DB_quote_smart($id));
177 function DB_get_game_status_by_gameid($id)
179 $r = DB_query_array("SELECT status FROM Game WHERE id=".DB_quote_smart($id));
187 function DB_set_hand_status_by_hash($hash,$status)
189 DB_query("UPDATE Hand SET status='".$status."' WHERE hash=".DB_quote_smart($hash));
193 function DB_get_hand_status_by_userid_and_gameid($uid,$gid)
195 $r = DB_query_array("SELECT status FROM Hand WHERE user_id=".DB_quote_smart($uid).
196 " AND game_id=".DB_quote_smart($gid));
203 function DB_get_sickness_by_userid_and_gameid($uid,$gid)
205 $r = DB_query_array("SELECT sickness FROM Hand WHERE user_id=".DB_quote_smart($uid).
206 " AND game_id=".DB_quote_smart($gid));
213 function DB_get_sickness_by_pos_and_gameid($pos,$gid)
215 $r = DB_query_array("SELECT sickness FROM Hand WHERE position=".DB_quote_smart($pos).
216 " AND game_id=".DB_quote_smart($gid));
223 function DB_get_gameid_by_hash($hash)
225 $r = DB_query_array("SELECT game_id FROM Hand WHERE hash=".DB_quote_smart($hash));
233 function DB_cancel_game($hash)
235 $gameid = DB_get_gameid_by_hash($hash);
240 /* get the IDs of all players */
241 $result = DB_query("SELECT id FROM Hand WHERE game_id=".DB_quote_smart($gameid));
242 while($r = DB_fetch_array($result))
246 $tmp = DB_query_array("SELECT id FROM Hand_Card WHERE hand_id=".DB_quote_smart($id));
247 DB_query("DELETE FROM Play WHERE hand_card_id=".DB_quote_smart($tmp[0]));
249 DB_query("DELETE FROM Hand_Card WHERE hand_id=".DB_quote_smart($id));
250 DB_query("DELETE FROM Hand WHERE id=".DB_quote_smart($id));
254 DB_query("DELETE FROM User_Game_Prefs WHERE game_id=".DB_quote_smart($gameid));
255 DB_query("DELETE FROM Trick WHERE game_id=".DB_quote_smart($gameid));
256 DB_query("DELETE FROM Game WHERE id=".DB_quote_smart($gameid));
261 function DB_get_hand($me)
265 $handid = DB_get_handid('hash',$me);
267 $result = DB_query("SELECT card_id FROM Hand_Card WHERE hand_id=".DB_quote_smart($handid)." and played='false' ");
268 while($r = DB_fetch_array($result))
274 function DB_get_all_hand($me)
278 $handid = DB_get_handid('hash',$me);
280 $result = DB_query("SELECT card_id FROM Hand_Card WHERE hand_id=".DB_quote_smart($handid));
281 while($r = DB_fetch_array($result))
287 function DB_get_cards_by_trick($id)
292 $result = DB_query("SELECT card_id,position FROM Play LEFT JOIN Hand_Card ON Hand_Card.id=Play.hand_card_id ".
293 "LEFT JOIN Hand ON Hand.id=Hand_Card.hand_id ".
295 DB_quote_smart($id)." ORDER BY sequence ASC");
296 while($r = DB_fetch_array($result))
298 $cards[$i]=array("card"=>$r[0],"pos"=>$r[1]);
306 function DB_set_solo_by_hash($hash,$solo)
308 DB_query("UPDATE Hand SET solo=".DB_quote_smart($solo)." WHERE hash=".DB_quote_smart($hash));
312 function DB_set_solo_by_gameid($id,$solo)
314 DB_query("UPDATE Game SET solo=".DB_quote_smart($solo)." WHERE id=".DB_quote_smart($id));
318 function DB_set_sickness_by_hash($hash,$sickness)
320 DB_query("UPDATE Hand SET sickness=".DB_quote_smart($sickness)." WHERE hash=".DB_quote_smart($hash));
324 function DB_get_current_trickid($gameid)
330 $result = DB_query("SELECT Trick.id,MAX(Play.sequence) FROM Play ".
331 "LEFT JOIN Trick ON Play.trick_id=Trick.id ".
332 "WHERE Trick.game_id=".DB_quote_smart($gameid)." ".
333 "GROUP BY Trick.id");
334 while( $r = DB_fetch_array($result) )
341 if(!$sequence || $sequence==4)
343 DB_query("INSERT INTO Trick VALUES (NULL,NULL,NULL, ".DB_quote_smart($gameid).",NULL)");
344 $trickid = DB_insert_id();
353 return array($trickid,$sequence,$number);
356 function DB_get_max_trickid($gameid)
358 $r = DB_query_array("SELECT MAX(id) FROM Trick WHERE game_id=".DB_quote_smart($gameid));
360 return ($r?$r[0]:NULL);
363 function DB_play_card($trickid,$handcardid,$sequence)
365 DB_query("INSERT INTO Play VALUES(NULL,NULL,NULL,".DB_quote_smart($trickid).
366 ",".DB_quote_smart($handcardid).",".DB_quote_smart($sequence).")");
368 $playid = DB_insert_id();
372 function DB_get_all_names_by_gameid($id)
376 $result = DB_query("SELECT fullname FROM Hand LEFT JOIN User ON Hand.user_id=User.id WHERE game_id=".
377 DB_quote_smart($id)." ORDER BY position ASC");
378 while($r = DB_fetch_array($result))
384 function DB_get_all_userid_by_gameid($id)
388 $result = DB_query("SELECT user_id FROM Hand WHERE game_id=".
389 DB_quote_smart($id)." ORDER BY position ");
390 while($r = DB_fetch_array($result))
396 function DB_get_hash_from_game_and_pos($id,$pos)
398 $r = DB_query_array("SELECT hash FROM Hand WHERE game_id=".DB_quote_smart($id)." and position=".DB_quote_smart($pos));
406 function DB_get_hash_from_gameid_and_userid($id,$user)
408 $r = DB_query_array("SELECT hash FROM Hand WHERE game_id=".DB_quote_smart($id)." and user_id=".DB_quote_smart($user));
416 function DB_get_all_names()
420 $result = DB_query("SELECT fullname FROM User");
421 while($r = DB_fetch_array($result))
427 function DB_get_names_of_last_logins($N)
431 $result = DB_query("SELECT fullname FROM User ORDER BY last_login DESC LIMIT $N");
432 while($r = DB_fetch_array($result))
438 function DB_get_names_of_new_logins($N)
442 $result = DB_query("SELECT fullname FROM User ORDER BY create_date DESC, id DESC LIMIT $N");
443 while($r = DB_fetch_array($result))
449 function DB_update_game_timestamp($gameid)
451 DB_query("UPDATE Game SET mod_date = CURRENT_TIMESTAMP WHERE id=".DB_quote_smart($gameid));
456 function DB_update_user_timestamp($userid)
458 DB_query("UPDATE User SET last_login = CURRENT_TIMESTAMP WHERE id=".DB_quote_smart($userid));
462 function DB_get_user_timestamp($userid)
464 $r = DB_query_array("SELECT last_login FROM User WHERE id=".DB_quote_smart($userid));
471 function DB_get_user_timezone($userid)
473 $r = DB_query_array("SELECT timezone FROM User WHERE id=".DB_quote_smart($userid));
478 return "Europe/London";
481 function DB_insert_comment($comment,$playid,$userid)
483 DB_query("INSERT INTO Comment VALUES (NULL,NULL,NULL,$userid,$playid, ".DB_quote_smart($comment).")");
488 function DB_insert_note($comment,$gameid,$userid)
490 DB_query("INSERT INTO Notes VALUES (NULL,NULL,NULL,$userid,$gameid, ".DB_quote_smart($comment).")");
495 function DB_get_notes_by_userid_and_gameid($userid,$gameid)
499 $result = DB_query("SELECT comment FROM Notes WHERE user_id=".DB_quote_smart($userid) .
500 " AND game_id=".DB_quote_smart($gameid));
502 while($r = DB_fetch_array($result))
509 function DB_get_gametype_by_gameid($id)
511 $r = DB_query_array("SELECT type FROM Game WHERE id=".DB_quote_smart($id));
519 function DB_set_gametype_by_gameid($id,$p)
521 DB_query("UPDATE Game SET type='".$p."' WHERE id=".DB_quote_smart($id));
525 function DB_get_solo_by_gameid($id)
527 $r = DB_query_array("SELECT solo FROM Game WHERE id=".DB_quote_smart($id));
536 function DB_get_startplayer_by_gameid($id)
538 $r = DB_query_array("SELECT startplayer FROM Game WHERE id=".DB_quote_smart($id));
546 function DB_set_startplayer_by_gameid($id,$p)
548 DB_query("UPDATE Game SET startplayer='".$p."' WHERE id=".DB_quote_smart($id));
552 function DB_get_player_by_gameid($id)
554 $r = DB_query_array("SELECT player FROM Game WHERE id=".DB_quote_smart($id));
561 function DB_set_player_by_gameid($id,$p)
563 DB_query("UPDATE Game SET player='".DB_quote_smart($p)."' WHERE id=".DB_quote_smart($id));
569 function DB_get_ruleset_by_gameid($id)
571 $r = DB_query_array("SELECT ruleset FROM Game WHERE id=".DB_quote_smart($id));
579 function DB_get_session_by_gameid($id)
581 $r = DB_query_array("SELECT session FROM Game WHERE id=".DB_quote_smart($id));
589 function DB_get_max_session()
591 $r = DB_query_array("SELECT MAX(session) FROM Game");
599 function DB_get_hashes_by_session($session,$user)
603 $result = DB_query("SELECT Hand.hash FROM Hand".
604 " LEFT JOIN Game ON Game.id=Hand.game_id ".
605 " WHERE Game.session=".DB_quote_smart($session).
606 " AND Hand.user_id=".DB_quote_smart($user).
607 " ORDER BY Game.create_date ASC");
608 while($t = DB_fetch_array($result))
614 function DB_get_ruleset($dullen,$schweinchen,$call)
618 $result = DB_query("SELECT id FROM Rulesets WHERE".
619 " dullen=".DB_quote_smart($dullen)." AND ".
620 " call=".DB_quote_smart($call)." AND ".
621 " schweinchen=".DB_quote_smart($schweinchen));
623 $r = DB_fetch_array($result);
626 return $r[0]; /* found ruleset */
630 $result = DB_query("INSERT INTO Rulesets VALUES (NULL, NULL, ".
631 DB_quote_smart($dullen).",".
632 DB_quote_smart($schweinchen).",".
633 DB_quote_smart($call).
636 return DB_insert_id();
639 return -1; /* something went wrong */
642 function DB_get_party_by_hash($hash)
644 $r = DB_query_array("SELECT party FROM Hand WHERE hash=".DB_quote_smart($hash));
652 function DB_get_party_by_gameid_and_userid($gameid,$userid)
654 $r = DB_query_array("SELECT party FROM Hand".
655 " WHERE game_id=".DB_quote_smart($gameid).
656 " AND user_id=".DB_quote_smart($userid));
663 function DB_set_party_by_hash($hash,$party)
665 DB_query("UPDATE Hand SET party=".DB_quote_smart($party)." WHERE hash=".DB_quote_smart($hash));
669 function DB_get_PREF($myid)
672 $r = DB_query_array("SELECT value from User_Prefs".
673 " WHERE user_id='$myid' AND pref_key='cardset'" );
676 if($r[0]=="germancards" && (time()-strtotime( "2009-12-31 23:59:59")<0) ) /* licence only valid until then */
677 $PREF["cardset"]="altenburg";
679 $PREF["cardset"]="english";
682 $PREF["cardset"]="english";
685 $r = DB_query_array("SELECT value FROM User_Prefs".
686 " WHERE user_id='$myid' AND pref_key='email'" );
689 if($r[0]=="emailaddict")
690 $PREF["email"]="emailaddict";
692 $PREF["email"]="emailnonaddict";
695 $PREF["email"]="emailnonaddict";
700 function DB_get_RULES($gameid)
702 $r = DB_query_array("SELECT * FROM Rulesets".
703 " LEFT JOIN Game ON Game.ruleset=Rulesets.id ".
704 " WHERE Game.id='$gameid'" );
706 $RULES["dullen"] = $r[2];
707 $RULES["schweinchen"] = $r[3];
708 $RULES["call"] = $r[4];
713 function DB_get_email_pref_by_hash($hash)
715 $r = DB_query_array("SELECT value FROM Hand".
716 " LEFT JOIN User_Prefs ON Hand.user_id=User_Prefs.user_id".
717 " WHERE hash='$hash' AND pref_key='email'" );
720 if($r[0]=="emailaddict")
721 return "emailaddict";
723 return "emailnonaddict";
726 return "emailnonaddict";
729 function DB_get_email_pref_by_uid($uid)
731 $r = DB_query_array("SELECT value FROM User_Prefs ".
732 " WHERE user_id='$uid' AND pref_key='email'" );
735 if($r[0]=="emailaddict")
736 return "emailaddict";
738 return "emailnonaddict";
741 return "emailnonaddict";
744 function DB_get_unused_randomnumbers($userstr)
746 $r = DB_query_array(" SELECT randomnumbers FROM Game".
747 " WHERE randomnumbers NOT IN".
748 " (SELECT randomnumbers FROM Game".
749 " LEFT JOIN Hand ON Game.id=Hand.game_id".
750 " WHERE user_id IN (". $userstr .")".
751 " GROUP BY randomnumbers".
759 function DB_get_number_of_passwords_recovery($user)
761 $r = DB_query_array("SELECT COUNT(*) FROM Recovery ".
762 " WHERE user_id=$user ".
763 " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= create_date".
764 " GROUP BY user_id " );
771 function DB_set_recovery_password($user,$newpw)
773 DB_query("INSERT INTO Recovery VALUES(NULL,".DB_quote_smart($user).
774 ",".DB_quote_smart($newpw).",NULL)");
778 function DB_get_card_name($card)
780 $r = DB_query_array("SELECT strength,suite FROM Card WHERE id='$card'");
783 return $r[0]." of ".$r[1];
785 return "Error during get_card_name ".$card;
788 function DB_get_current_playid($gameid)
790 $trick = DB_get_max_trickid($gameid);
792 if(!$trick) return NULL;
794 $r = DB_query_array("SELECT id FROM Play WHERE trick_id='$trick' ORDER BY create_date DESC LIMIT 1");
802 function DB_get_call_by_hash($hash)
804 $r = DB_query_array("SELECT point_call FROM Hand WHERE hash='$hash'");
812 function DB_get_partner_call_by_hash($hash)
814 $partner = DB_get_partner_hash_by_hash($hash);
818 $r = DB_query_array("SELECT point_call FROM Hand WHERE hash='$partner'");
827 function DB_get_partner_hash_by_hash($hash)
829 $gameid = DB_get_gameid_by_hash($hash);
830 $party = DB_get_party_by_hash($hash);
832 $r = DB_query_array("SELECT hash FROM Hand WHERE game_id='$gameid' AND party='$party' AND hash<>'$hash'");
840 function DB_format_gameid($gameid)
842 $session = DB_get_session_by_gameid($gameid);
844 /* get number of game */
845 $r = DB_query_array("SELECT COUNT(*),create_date FROM Game".
846 " WHERE session='$session' ".
847 " AND TIMEDIFF(create_date, (SELECT create_date FROM Game WHERE id='$gameid'))<=0 ".
848 " GROUP by session");
849 return $session.".".$r[0];
852 function DB_get_reminder($user,$gameid)
854 $r = DB_query_array("SELECT COUNT(*) FROM Reminder ".
855 " WHERE user_id=$user ".
856 " AND game_id=$gameid ".
857 " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= create_date".
858 " GROUP BY user_id " );
865 function DB_set_reminder($user,$gameid)
867 DB_query("INSERT INTO Reminder ".
868 " VALUES(NULL, ".DB_quote_smart($user).", ".DB_quote_smart($gameid).
873 function DB_is_session_active($session)
875 $r = DB_query_array("SELECT COUNT(*) FROM Game ".
876 " WHERE session=$session ".
877 " AND status<>'gameover' ");
884 function DB_get_score_by_gameid($gameid)
886 /* returns the points of a game from the point of the re parth (<0 if they lost) */
887 $queryresult = DB_query("SELECT COUNT(*),party FROM Score ".
888 " WHERE game_id=$gameid ".
893 while($r = DB_fetch_array($queryresult) )
897 else if ($r[1] == "contra")
901 return ($re - $contra);
904 function DB_get_gameids_of_finished_games_by_session($session)
908 if($session==0) /* return all games */
909 $queryresult = DB_query("SELECT id FROM Game ".
910 " WHERE status='gameover' ".
911 " ORDER BY create_date ASC");
912 else /* return games in a session */
913 $queryresult = DB_query("SELECT id FROM Game ".
914 " WHERE session=$session ".
915 " AND status='gameover' ".
916 " ORDER BY create_date ASC");
919 while($r = DB_fetch_array($queryresult) )
928 function DB_get_card_value_by_cardid($id)
930 $r = DB_query_array("SELECT points FROM Card ".
939 function DB_get_userid($type,$var1="",$var2="")
941 /* get the userid of a user
942 * this can be done several ways, which are all handled below
943 * if a email/password combination is given and it doesn't work, we also
944 * need to check the recovery table for additional passwords
952 $result = DB_query("SELECT id FROM User WHERE fullname=".DB_quote_smart($var1));
955 $result = DB_query("SELECT user_id FROM Hand WHERE hash=".DB_quote_smart($var1));
958 $result = DB_query("SELECT id FROM User WHERE password=".DB_quote_smart($var1));
961 $result = DB_query("SELECT id FROM User WHERE email=".DB_quote_smart($var1));
963 case 'email-password':
964 $result = DB_query("SELECT id FROM User WHERE email=".DB_quote_smart($var1)." AND password=".DB_quote_smart($var2));
965 $r = DB_fetch_array($result);
966 /* test if a recovery password has been set */
969 echo "testing alternative password";
970 $result = DB_query("SELECT User.id FROM User".
971 " LEFT JOIN Recovery ON User.id=Recovery.user_id".
972 " WHERE email=".DB_quote_smart($var1).
973 " AND Recovery.password=".DB_quote_smart($var2).
974 " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= Recovery.create_date");
977 case 'gameid-position':
978 $result = DB_query("SELECT user_id FROM Hand WHERE game_id=".
979 DB_quote_smart($var1)." AND position=".
980 DB_quote_smart($var2));
985 $r = DB_fetch_array($result);
993 function DB_get_email($type,$var1='',$var2='')
995 /* return the email of a user
996 * this is used for sending out emails, but also for
997 * testing the login for example
1002 $result = DB_query("SELECT email FROM User WHERE fullname=".DB_quote_smart($var1)."");
1005 $result = DB_query("SELECT email FROM User WHERE id=".DB_quote_smart($var1)."");
1008 $result = DB_query("SELECT User.email FROM User ".
1009 "LEFT JOIN Hand ON Hand.user_id=User.id ".
1010 "WHERE Hand.hash=".DB_quote_smart($var1)."");
1012 case 'position-gameid':
1013 $result = DB_query("SELECT email FROM User ".
1014 "LEFT JOIN Hand ON User.id=Hand.user_id ".
1015 "LEFT JOIN Game ON Game.id=Hand.game_id ".
1016 "WHERE Game.id=".DB_quote_smart($var2)." ".
1017 "AND Hand.position=".DB_quote_smart($var1)."");
1021 $r = DB_fetch_array($result);
1029 function DB_get_name($type,$var1='')
1031 /* get the full name of a user
1032 * a user can be uniquely identified several ways
1037 $r = DB_query_array("SELECT fullname FROM Hand LEFT JOIN User ON Hand.user_id=User.id WHERE hash=".DB_quote_smart($var1));
1040 $r = DB_query_array("SELECT fullname FROM User WHERE email=".DB_quote_smart($var1));
1043 $r = DB_query_array("SELECT fullname FROM User WHERE id=".DB_quote_smart($var1));