include/user.php

   1 <?php
   2 /* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arun Persaud <arun@nubati.net>
   3  *
   4  *   This file is part of e-DoKo.
   5  *
   6  *   e-DoKo is free software: you can redistribute it and/or modify
   7  *   it under the terms of the GNU General Public License as published by
   8  *   the Free Software Foundation, either version 3 of the License, or
   9  *   (at your option) any later version.
  10  *
  11  *   e-DoKo is distributed in the hope that it will be useful,
  12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *   GNU General Public License for more details.
  15  *
  16  *   You should have received a copy of the GNU General Public License
  17  *   along with e-DoKo.  If not, see <http://www.gnu.org/licenses/>.
  18  *
  19  */
  20
  21 /* make sure that we are not called from outside the scripts,
  22  * use a variable defined in config.php to check this
  23  */
  24 if(!isset($HOST))
  25   exit;
  26
  27 /* test id and password, should really be done in one step */
  28 if(isset($_SESSION['name']))
  29   {
  30     $name = $_SESSION['name'];
  31     $email     = DB_get_email('name',$name);
  32     $password  = DB_get_passwd_by_name($name);
  33   };
  34
  35 global  $ADMIN_NAME;
  36
  37 /* user has forgotten his password */
  38 if(myisset('forgot'))
  39   {
  40     /* check if player is in the database */
  41     $ok = 1;
  42
  43     $myid = DB_get_userid('email',$email);
  44     if(!$myid)
  45       $ok = 0;
  46
  47     if($ok)
  48       {
  49         /* check how many entries in recovery table */
  50         $number = DB_get_number_of_passwords_recovery($myid);
  51
  52         /* if less than N recent ones, add a new one and send out email */
  53         if( $number < 5 )
  54           {
  55             echo _('Ok, I will send you a new password.').' <br />';
  56             if($number >1)
  57               echo "N.B. You tried this already $number times during the last day and it will only work ".
  58                 " 5 times during a day.<br />";
  59             echo _('The new password will be valid for one day, make sure you reset it to something else.').'<br />';
  60             echo "Back to the  <a href=\"$INDEX\">main page</a>.";
  61
  62             /* create temporary password, use the fist 8 letters of a md5 hash */
  63             $TIME  = (string) time(); /* to avoid collisions */
  64             $hash  = md5('Anewpassword'.$email.$TIME);
  65             $newpw = substr($hash,1,8);
  66
  67             $message = "Someone (hopefully you) requested a new password. \n".
  68               "You can use this email and the following password: \n".
  69               "   $newpw    \n".
  70               "to log into the server. The new password is valid for 24h, so make\n".
  71               "sure you reset your password to something new. Your old password will\n".
  72               "also still be valid until you set a new one.\n";
  73             mymail($myid,0, GAME_RECOVERY, $message);
  74
  75             /* we save these in the database */
  76             DB_set_recovery_password($myid,md5($newpw));
  77           }
  78         else
  79           {
  80             /* make it so that people (or a robot) can request thousands of passwords within a short time
  81              * and spam a user this way */
  82             echo _('Sorry you already tried 5 times during the last 24h.<br />'.
  83                    'You need to use one of those passwords or wait to get a new one.').'<br />';
  84             echo "Back to the <a href=\"$INDEX\">main page</a>.";
  85           }
  86       }
  87     else
  88       {/* can't find user id in the database */
  89
  90         /* no email given? */
  91         if($email=="")
  92           echo "You need to give me an email address! <br />".
  93             "Please try <a href=\"$INDEX\">again</a>.";
  94         else /* default error message */
  95           echo "Couldn't find a player with this email! <br />".
  96             "Please contact $ADMIN_NAME, if you think this is a mistake <br />".
  97             "or else try <a href=\"$INDEX\">again</a>.";
  98       }
  99   }
 100 else
 101   { /* normal user page */
 102
 103     /* verify password and email */
 104
 105     $ok  = 1;
 106     $myid = DB_get_userid('email-password',$email,$password);
 107     if(!$myid)
 108       $ok = 0;
 109
 110     if($ok)
 111       {
 112         /* user information is ok */
 113         $myname = DB_get_name('email',$email);
 114         $_SESSION['name'] = $myname;
 115
 116         $PREF = DB_get_PREF($myid);
 117         /* set language chosen in preferences, will become active on the next reload (see index.php)*/
 118         $_SESSION['language'] = $PREF['language'];
 119
 120         DB_update_user_timestamp($myid);
 121
 122         display_user_menu($myid);
 123
 124         /* display all games the user has played */
 125         echo '<div class="user">';
 126
 127         if($myvacation = check_vacation($myid))
 128           {
 129             $vac_start   = $myvacation[0];
 130             $vac_stop    = $myvacation[1];
 131             $vac_comment = $myvacation[2];
 132             echo '<p class="vacation">'._("Enjoy your vacation (don't forgot to change your settings once you're back).").
 133               " Between $vac_start and $vac_stop other users will see the following message: $vac_comment.</p>\n";
 134           }
 135
 136         echo '<h4>'._('These are your games').":</h4>\n";
 137         /* output legend */
 138         echo "<p>\n";
 139         echo ' <span class="gamestatuspre"> &nbsp; </span> &nbsp;'._('pre-game phase');
 140         echo ' <span class="gamestatusplay"> &nbsp; </span> &nbsp;'._('game in progess');
 141         echo ' <span class="gamestatusover "><a>N</a> </span> &nbsp;'._('game over (N people played this hand)').' <br />';
 142         echo ' '._("Reminder: canceling a game can't be reversed!");
 143         echo "</p>\n";
 144
 145         /* get all games */
 146         $output = array();
 147         $result = DB_query("SELECT Hand.hash,Hand.game_id,G.mod_date,G.player,G.status, ".
 148                            " (SELECT count(H.randomnumbers) FROM Game H WHERE H.randomnumbers=G.randomnumbers) AS count, ".
 149                            " G.session".
 150                            " FROM Hand".
 151                            " LEFT JOIN Game G ON G.id=Hand.game_id".
 152                            " WHERE user_id='$myid'".
 153                            " ORDER BY G.session,G.create_date" );
 154
 155         /* sort into active and passive sessions */
 156         $count   = 0; /* count number of games to check for beginner status */
 157         $session = -1;
 158         $maxgame =  0;
 159         $output_active   = "";
 160         $output_inactive = "";
 161         $sessionoutput   = "";
 162         $gameoutput      = "";
 163         $keep_going = 2;
 164         while( $keep_going )
 165           {
 166             /* get next element */
 167             $r = DB_fetch_array($result);
 168
 169             if($r)
 170               $count++;
 171             else
 172               {
 173                 /* need to run the while loop one more time when we run out of elements in the database */
 174                 $keep_going--;
 175                 $r[0] = NULL;
 176                 $r[1] = NULL;
 177                 $r[2] = NULL;
 178                 $r[3] = NULL;
 179                 $r[4] = NULL;
 180                 $r[5] = NULL;
 181                 $r[6] = -2;
 182               }
 183             if( $r[6]==$session )
 184               {
 185                 /* same session, update information */
 186                 $maxgame++;
 187                 $myhash        = $r[0];
 188                 $gameid        = $r[1];
 189                 $gamemoddate   = $r[2];
 190                 $userid        = $r[3];
 191                 $gamestatus    = $r[4];
 192                 $gamefrequence = $r[5];
 193
 194                 /* create output */
 195                 $sessionoutput .= $gameoutput;
 196                 $gameoutput     = "   <span class=\"gamestatusover \"><a href=\"".$INDEX."?action=game&amp;me=".$myhash."\">"
 197                   .$gamefrequence."</a></span>\n";
 198               }
 199             else
 200               { /* new session */
 201
 202                 /* output old session if available */
 203                 if($maxgame)
 204                   {
 205                     /* is session active? */
 206                     if($gamestatus == 'pre' || $gamestatus== 'play' || time()-strtotime($gamemoddate) < 60*60*24*5 )
 207                       {
 208                         $output_active .= "<li> ";
 209                         if($gamestatus == 'pre')
 210                           $output_active .= '<span class="gamestatuspre gameid">';
 211                         else if($gamestatus == 'play')
 212                           $output_active .= '<span class="gamestatusplay gameid">';
 213                         else
 214                           $output_active .= '<span class="gamestatusover gameid">';
 215                         $output_active .= "<a href=\"$INDEX?action=game&amp;me=$myhash\">".
 216                           DB_format_gameid($gameid).'</a></span>&nbsp;&nbsp;&nbsp;';
 217
 218
 219
 220                         /* who's turn is it? */
 221                         if( $gamestatus == 'pre' || $gamestatus == 'play')
 222                           {
 223                             $output_active .= '<span class="turn">';
 224                             if($userid==$myid || !$userid)
 225                               $output_active .= ' <strong>'._('your turn')."</strong>\n";
 226                             else
 227                               {
 228                                 $name = DB_get_name('userid',$userid);
 229
 230                                 /* check vacaction status of this user */
 231                                 if($vacation=check_vacation($userid))
 232                                   {
 233                                     $stop = substr($vacation[1],0,10);
 234                                     $title = 'begin:'.substr($vacation[0],0,10).' end:'.$vacation[1].' '.$vacation[2];
 235                                     $output_active .= " <span class=\"vacation\" title=\"$title\">$name's (on vacation until $stop)</span> turn\n";
 236                                   }
 237                                 else
 238                                   $output_active .= "$name's turn\n";
 239
 240                                 /* check if we need to send out a reminder */
 241                                 if(DB_get_reminder($userid,$gameid)==0)
 242                                   if(time()-strtotime($gamemoddate) > 60*60*24*7)
 243                                     $output_active .= "<a href=\"$INDEX?action=reminder&amp;me=".$myhash."\">"._('Send a reminder?').'</a> ';
 244
 245                               };
 246                             $output_active .= '</span>';
 247
 248                             if(time()-strtotime($gamemoddate) > 60*60*24*30)
 249                               $output_active .= "<a href=\"$INDEX?action=cancel&amp;me=".$myhash."\">Cancel?</a> ";
 250                           }
 251
 252                         if($maxgame>1)
 253                           {
 254                             $output_active .= ' <span class="gamesshowsession"><a href="#">'._('show old').'</a></span>'.
 255                               '  <span class="gameshidesession"><a href="#">'._('hide old').'</a></span><br />'."\n";
 256                             $output_active .= ' <span class="gamessession">'.$sessionoutput.'</span>';
 257                           }
 258
 259                         $output_active .= "</li>\n";
 260
 261                       }
 262                     else
 263                       {
 264                         /* session is not active anymore */
 265                         $output_inactive .= "<li> $session:" ;
 266                         $output_inactive .= $sessionoutput.$gameoutput ;
 267                         $output_inactive .= "</li>\n";
 268                       }
 269
 270                     /* reset all session variables */
 271                     $maxgame =  0;
 272                     $sessionoutput = "";
 273                     $gameoutput    = "";
 274
 275                   }
 276
 277                 /* save game information */
 278                 $maxgame++;
 279                 $myhash        = $r[0];
 280                 $gameid        = $r[1];
 281                 $gamemoddate   = $r[2];
 282                 $userid        = $r[3];
 283                 $gamestatus    = $r[4];
 284                 $gamefrequence = $r[5];
 285                 $session       = $r[6];
 286
 287                 /* create output */
 288                 $sessionoutput .= $gameoutput;
 289                 $gameoutput     = "   <span class=\"gamestatusover \"><a href=\"".$INDEX."?action=game&amp;me=".$myhash."\">"
 290                   .$gamefrequence."</a></span>\n";
 291
 292               }
 293           }
 294
 295         echo "<ul>\n ";
 296         echo ' <li><span class="gameshowall"><a href="#">'._('show all').'</a></span> <span class="gamehideall"><a href="#">'._('hide all')."</a></span></li>\n";
 297         echo $output_active;
 298         echo ' <li><span class="gamesshowsession"><a href="#">'._('show inactive').'</a></span><span class="gameshidesession"><a href="#">'._('hide inactive').'</a></span><ul class="gamessession">'."$output_inactive </ul></li>";
 299         echo "</ul>\n";
 300
 301         /* give a hint for new players */
 302         if($count<10)
 303           echo '<p class="newbiehint">'._('You can start new games using the link in the top right corner!')."</p>\n";
 304
 305         /* display last 5 users that have signed up to e-DoKo */
 306         $names = DB_get_names_of_new_logins(5);
 307         echo '<h4>'._('New Players').":</h4>\n<p>\n";
 308         echo implode(", ",$names).",...\n";
 309         echo "</p>\n";
 310
 311         /* display last 5 users that logged on */
 312         echo '<h4>'._('Players last logged in').":</h4>\n<p>\n";
 313
 314         $names  = DB_get_names_of_last_logins(7);
 315         $emails = DB_get_emails_of_last_logins(7);
 316         for($i=0;$i<7;$i++)
 317           {
 318             echo "<img class=\"gravatar\" title=\"".$names[$i]."\" src=\"http://www.gravatar.com/avatar/".md5(strtolower(trim($emails[$i])))."?d=identicon\" />\n";
 319           }
 320         echo "</p>\n";
 321
 322         echo "</div>\n";
 323       }
 324     else
 325       {
 326         echo '<div class="message">'."Sorry email and password don't match. Please <a href=\"$INDEX\">try again</a>.".' </div>';
 327       }
 328   };
 329 ?>