include/user.php

   1 <?php
   2 /* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arun Persaud <arun@nubati.net>
   3  *
   4  *   This file is part of e-DoKo.
   5  *
   6  *   e-DoKo is free software: you can redistribute it and/or modify
   7  *   it under the terms of the GNU General Public License as published by
   8  *   the Free Software Foundation, either version 3 of the License, or
   9  *   (at your option) any later version.
  10  *
  11  *   e-DoKo is distributed in the hope that it will be useful,
  12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *   GNU General Public License for more details.
  15  *
  16  *   You should have received a copy of the GNU General Public License
  17  *   along with e-DoKo.  If not, see <http://www.gnu.org/licenses/>.
  18  *
  19  */
  20
  21 /* make sure that we are not called from outside the scripts,
  22  * use a variable defined in config.php to check this
  23  */
  24 if(!isset($HOST))
  25   exit;
  26
  27 /* test id and password, should really be done in one step */
  28 if(isset($_SESSION['name']))
  29   {
  30     $name = $_SESSION['name'];
  31     $email     = DB_get_email('name',$name);
  32     $password  = DB_get_passwd_by_name($name);
  33   };
  34
  35 global  $ADMIN_NAME;
  36
  37 /* user has forgotten his password */
  38 if(myisset('forgot'))
  39   {
  40     /* check if player is in the database */
  41     $ok = 1;
  42
  43     $myid = DB_get_userid('email',$email);
  44     if(!$myid)
  45       $ok = 0;
  46
  47     if($ok)
  48       {
  49         set_language($myid,'uid');
  50
  51         /* check how many entries in recovery table */
  52         $number = DB_get_number_of_passwords_recovery($myid);
  53
  54         /* if less than N recent ones, add a new one and send out email */
  55         if( $number < 5 )
  56           {
  57             echo _('Ok, I will send you a new password.').' <br />';
  58             if($number >1)
  59               echo sprintf(_("N.B. You tried this already %s times during the last day and it will only work".
  60                              " 5 times during a day."),$number)."<br />\n";
  61             echo _('The new password will be valid for one day, make sure you reset it to something else.').'<br />';
  62             echo sprintf(_('Back to the <a href="%s">main page</a>.'),$INDEX);
  63
  64             /* create temporary password, use the fist 8 letters of a md5 hash */
  65             $TIME  = (string) time(); /* to avoid collisions */
  66             $hash  = md5('Anewpassword'.$email.$TIME);
  67             $newpw = substr($hash,1,8);
  68
  69             $message = sprintf( _("Someone (hopefully you) requested a new password.\n".
  70               "You can use this email and the following password:\n".
  71               "   %s\n".
  72               "to log into the server. The new password is valid for 24h, so make\n".
  73               "sure you reset your password to something new. Your old password will\n".
  74               "also still be valid until you set a new one.\n"), $newpw);
  75             mymail($myid,0, GAME_RECOVERY, $message);
  76
  77             /* we save these in the database */
  78             DB_set_recovery_password($myid,md5($newpw));
  79           }
  80         else
  81           {
  82             /* make it so that people (or a robot) can request thousands of passwords within a short time
  83              * and spam a user this way */
  84             echo _('Sorry you already tried 5 times during the last 24h.<br />'.
  85                    'You need to use one of those passwords or wait to get a new one.').'<br />';
  86             echo sprintf(_('Back to the <a href="%s">main page</a>.'),$INDEX);
  87           }
  88       }
  89     else
  90       {/* can't find user id in the database */
  91
  92         /* no email given? */
  93         if($email=="")
  94           echo _('You need to give me an email address!')." <br />".
  95             sprintf(_('Please try <a href="%s">again</a>.'),$INDEX);
  96         else /* default error message */
  97           echo _("Couldn't find a player with this email!")."<br />".
  98             sprintf(_('Please contact %s, if you think this is a mistake '.
  99                       'or else try <a href="%s">again</a>.'),$ADMIN_NAME, $INDEX );
 100       }
 101   }
 102 else
 103   { /* normal user page */
 104
 105     /* verify password and email */
 106     $ok  = 1;
 107     if(isset($email, $password))
 108       {
 109         $myid = DB_get_userid('email-password',$email,$password);
 110         if(!$myid)
 111           $ok = 0;
 112       }
 113     else
 114       $ok = 0;
 115
 116     if($ok)
 117       {
 118         /* user information is ok */
 119         $myname = DB_get_name('email',$email);
 120         $_SESSION['name'] = $myname;
 121
 122         $PREF = DB_get_PREF($myid);
 123         /* set language chosen in preferences, will become active on the next reload (see index.php)*/
 124         $_SESSION['language'] = $PREF['language'];
 125         set_language($PREF['language']);
 126
 127         DB_update_user_timestamp($myid);
 128
 129         display_user_menu($myid);
 130
 131         /* display all games the user has played */
 132         echo '<div class="user">';
 133
 134         if($myvacation = check_vacation($myid))
 135           {
 136             $vac_start   = $myvacation[0];
 137             $vac_stop    = $myvacation[1];
 138             $vac_comment = $myvacation[2];
 139             echo '<p class="vacation">'._("Enjoy your vacation (don't forgot to change your settings once you're back).")." ".
 140               _("Between $vac_start and $vac_stop other users will see the following message: $vac_comment.")."</p>\n";
 141           }
 142
 143         echo '<h4>'._('These are your games').":</h4>\n";
 144         /* output legend */
 145         echo "<p>\n";
 146         echo ' <span class="gamestatuspre"> &nbsp; </span> &nbsp;'._('pre-game phase');
 147         echo ' <span class="gamestatusplay"> &nbsp; </span> &nbsp;'._('game in progess');
 148         echo ' <span class="gamestatusover "><a>N</a> </span> &nbsp;'._('game over (N people played this hand)').' <br />';
 149         echo ' '._("Reminder: canceling a game can't be reversed!");
 150         echo "</p>\n";
 151
 152         /* get all games */
 153         $output = array();
 154         $result = DB_query("SELECT Hand.hash,Hand.game_id,G.mod_date,G.player,G.status, ".
 155                            " (SELECT count(H.randomnumbers) FROM Game H WHERE H.randomnumbers=G.randomnumbers) AS count, ".
 156                            " G.session".
 157                            " FROM Hand".
 158                            " LEFT JOIN Game G ON G.id=Hand.game_id".
 159                            " WHERE user_id='$myid'".
 160                            " ORDER BY G.session,G.create_date" );
 161
 162         /* sort into active and passive sessions */
 163         $count   = 0; /* count number of games to check for beginner status */
 164         $session = -1;
 165         $maxgame =  0;
 166         $output_active   = "";
 167         $output_inactive = "";
 168         $sessionoutput   = "";
 169         $gameoutput      = "";
 170         $keep_going = 2;
 171         while( $keep_going )
 172           {
 173             /* get next element */
 174             $r = DB_fetch_array($result);
 175
 176             if($r)
 177               $count++;
 178             else
 179               {
 180                 /* need to run the while loop one more time when we run out of elements in the database */
 181                 $keep_going--;
 182                 $r[0] = NULL;
 183                 $r[1] = NULL;
 184                 $r[2] = NULL;
 185                 $r[3] = NULL;
 186                 $r[4] = NULL;
 187                 $r[5] = NULL;
 188                 $r[6] = -2;
 189               }
 190             if( $r[6]==$session )
 191               {
 192                 /* same session, update information */
 193                 $maxgame++;
 194                 $myhash        = $r[0];
 195                 $gameid        = $r[1];
 196                 $gamemoddate   = $r[2];
 197                 $userid        = $r[3];
 198                 $gamestatus    = $r[4];
 199                 $gamefrequence = $r[5];
 200
 201                 /* create output */
 202                 $sessionoutput .= $gameoutput;
 203                 $gameoutput     = "   <span class=\"gamestatusover \"><a href=\"".$INDEX."?action=game&amp;me=".$myhash."\">"
 204                   .$gamefrequence."</a></span>\n";
 205               }
 206             else
 207               { /* new session */
 208
 209                 /* output old session if available */
 210                 if($maxgame)
 211                   {
 212                     /* is session active? */
 213                     if($gamestatus == 'pre' || $gamestatus== 'play' || time()-strtotime($gamemoddate) < 60*60*24*5 )
 214                       {
 215                         $output_active .= "<li> ";
 216                         if($gamestatus == 'pre')
 217                           $output_active .= '<span class="gamestatuspre gameid">';
 218                         else if($gamestatus == 'play')
 219                           $output_active .= '<span class="gamestatusplay gameid">';
 220                         else
 221                           $output_active .= '<span class="gamestatusover gameid">';
 222                         $output_active .= "<a href=\"$INDEX?action=game&amp;me=$myhash\">".
 223                           DB_format_gameid($gameid).'</a></span>&nbsp;&nbsp;&nbsp;';
 224
 225
 226
 227                         /* who's turn is it? */
 228                         if( $gamestatus == 'pre' || $gamestatus == 'play')
 229                           {
 230                             $output_active .= '<span class="turn">';
 231                             if($userid==$myid || !$userid)
 232                               $output_active .= ' <strong>'._('your turn')."</strong>\n";
 233                             else
 234                               {
 235                                 $name = DB_get_name('userid',$userid);
 236
 237                                 /* check vacaction status of this user */
 238                                 if($vacation=check_vacation($userid))
 239                                   {
 240                                     $stop = substr($vacation[1],0,10);
 241                                     $title = _('begin:').substr($vacation[0],0,10).' '._('end:').$vacation[1].' '.$vacation[2];
 242                                     $output_active .= " <span class=\"vacation\" title=\"$title\">".
 243                                       sprintf(_("%s's turn"),$name).' '._("(on vacation until $stop)")."</span>\n";
 244                                   }
 245                                 else
 246                                   $output_active .= sprintf(_("%s's turn"),$name)."\n";
 247
 248                                 /* check if we need to send out a reminder */
 249                                 if(DB_get_reminder($userid,$gameid)==0)
 250                                   if(time()-strtotime($gamemoddate) > 60*60*24*7)
 251                                     $output_active .= "<a href=\"$INDEX?action=reminder&amp;me=".$myhash."\">"._('Send a reminder?').'</a> ';
 252
 253                               };
 254                             $output_active .= '</span>';
 255
 256                             if(time()-strtotime($gamemoddate) > 60*60*24*30)
 257                               $output_active .= "<a href=\"$INDEX?action=cancel&amp;me=".$myhash."\">"._('Cancel?').'</a> ';
 258                           }
 259
 260                         if($maxgame>1)
 261                           {
 262                             $output_active .= ' <span class="gamesshowsession"><a href="#">'._('show old').'</a></span>'.
 263                               '  <span class="gameshidesession"><a href="#">'._('hide old').'</a></span><br />'."\n";
 264                             $output_active .= ' <span class="gamessession">'.$sessionoutput.'</span>';
 265                           }
 266
 267                         $output_active .= "</li>\n";
 268
 269                       }
 270                     else
 271                       {
 272                         /* session is not active anymore */
 273                         $output_inactive .= "<li> $session:" ;
 274                         $output_inactive .= $sessionoutput.$gameoutput ;
 275                         $output_inactive .= "</li>\n";
 276                       }
 277
 278                     /* reset all session variables */
 279                     $maxgame =  0;
 280                     $sessionoutput = "";
 281                     $gameoutput    = "";
 282
 283                   }
 284
 285                 /* save game information */
 286                 $maxgame++;
 287                 $myhash        = $r[0];
 288                 $gameid        = $r[1];
 289                 $gamemoddate   = $r[2];
 290                 $userid        = $r[3];
 291                 $gamestatus    = $r[4];
 292                 $gamefrequence = $r[5];
 293                 $session       = $r[6];
 294
 295                 /* create output */
 296                 $sessionoutput .= $gameoutput;
 297                 $gameoutput     = "   <span class=\"gamestatusover \"><a href=\"".$INDEX."?action=game&amp;me=".$myhash."\">"
 298                   .$gamefrequence."</a></span>\n";
 299
 300               }
 301           }
 302
 303         echo "<ul>\n ";
 304         echo ' <li><span class="gameshowall"><a href="#">'._('show all').'</a></span> <span class="gamehideall"><a href="#">'._('hide all')."</a></span></li>\n";
 305         echo $output_active;
 306         echo ' <li><span class="gamesshowsession"><a href="#">'._('show inactive').'</a></span><span class="gameshidesession"><a href="#">'._('hide inactive').'</a></span><ul class="gamessession">'."$output_inactive </ul></li>";
 307         echo "</ul>\n";
 308
 309         /* give a hint for new players */
 310         if($count<10)
 311           echo '<p class="newbiehint">'._('You can start new games using the link in the top right corner!')."</p>\n";
 312
 313         /* display last 5 users that have signed up to e-DoKo */
 314         $names = DB_get_names_of_new_logins(5);
 315         echo '<h4>'._('New Players').":</h4>\n<p>\n";
 316         echo implode(", ",$names).",...\n";
 317         echo "</p>\n";
 318
 319         /* display last 5 users that logged on */
 320         echo '<h4>'._('Players last logged in').":</h4>\n<p>\n";
 321
 322         $names  = DB_get_names_of_last_logins(7);
 323         $emails = DB_get_emails_of_last_logins(7);
 324         for($i=0;$i<7;$i++)
 325           {
 326             echo '<img class="gravatar" title="'.$names[$i].
 327               '" src="http://www.gravatar.com/avatar/'.
 328               md5(strtolower(trim($emails[$i])))."?d=identicon\" />\n";
 329           }
 330         echo "</p>\n";
 331
 332         echo "</div>\n";
 333       }
 334     else
 335       {
 336         echo '<div class="message">'."\n";
 337         echo  sprintf(_("Sorry email and password don't match. Please <a href=\"%s\">try again</a>."),$INDEX);
 338         echo '</div>'."\n";
 339       }
 340   };
 341 ?>