new user home page with a bit of jquery thrown in
[e-DoKo.git] / include / user.php
1 <?php
2 /* Copyright 2006, 2007, 2008, 2009, 2010 Arun Persaud <arun@nubati.net>
3  *
4  *   This file is part of e-DoKo.
5  *
6  *   e-DoKo is free software: you can redistribute it and/or modify
7  *   it under the terms of the GNU General Public License as published by
8  *   the Free Software Foundation, either version 3 of the License, or
9  *   (at your option) any later version.
10  *
11  *   e-DoKo is distributed in the hope that it will be useful,
12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *   GNU General Public License for more details.
15  *
16  *   You should have received a copy of the GNU General Public License
17  *   along with e-DoKo.  If not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20
21 /* make sure that we are not called from outside the scripts,
22  * use a variable defined in config.php to check this
23  */
24 if(!isset($HOST))
25   exit;
26
27 /* test id and password, should really be done in one step */
28 if(!isset($_SESSION["name"]))
29   {
30     $email     = $_REQUEST["email"];
31     $password  = $_REQUEST["password"];
32   }
33 else
34   {
35     $name = $_SESSION["name"];
36     $email     = DB_get_email('name',$name);
37     $password  = DB_get_passwd_by_name($name);
38   };
39
40 /* user has forgotten his password */
41 if(myisset("forgot"))
42   {
43     /* check if player is in the database */
44     $ok = 1;
45
46     $myid = DB_get_userid('email',$email);
47     if(!$myid)
48       $ok = 0;
49
50     if($ok)
51       {
52         /* check how many entries in recovery table */
53         $number = DB_get_number_of_passwords_recovery($myid);
54
55         /* if less than N recent ones, add a new one and send out email */
56         if( $number < 5 )
57           {
58             echo "Ok, I send you a new password. <br />";
59             if($number >1)
60               echo "N.B. You tried this already $number times during the last day and it will only work ".
61                 " 5 times during a day.<br />";
62             echo "The new password will be valid for one day, make sure you reset it to something else.<br />";
63             echo "Back to the  <a href=\"$INDEX\">main page</a>.";
64
65             /* create temporary password, use the fist 8 letters of a md5 hash */
66             $TIME  = (string) time(); /* to avoid collisions */
67             $hash  = md5("Anewpassword".$email.$TIME);
68             $newpw = substr($hash,1,8);
69
70             $message = "Someone (hopefully you) requested a new password. \n".
71               "You can use this email and the following password: \n".
72               "   $newpw    \n".
73               "to log into the server. The new password is valid for 24h, so make\n".
74               "sure you reset your password to something new. Your old password will\n".
75               "also still be valid until you set a new one.\n";
76             $subject = 'Recovery';
77             mymail($myid,$subject,$message);
78
79             /* we save these in the database */
80             DB_set_recovery_password($myid,md5($newpw));
81           }
82         else
83           {
84             /* make it so that people (or a robot) can request thousands of passwords within a short time
85              * and spam a user this way */
86             echo "Sorry you already tried 5 times during the last 24h.<br />".
87               "You need to use one of those passwords or wait to get a new one.<br />";
88             echo "Back to the <a href=\"$INDEX\">main page</a>.";
89           }
90       }
91     else
92       {/* can't find user id in the database */
93
94         /* no email given? */
95         if($email=="")
96           echo "You need to give me an email address! <br />".
97             "Please try <a href=\"$INDEX\">again</a>.";
98         else /* default error message */
99           echo "Couldn't find a player with this email! <br />".
100             "Please contact Arun, if you think this is a mistake <br />".
101             "or else try <a href=\"$INDEX\">again</a>.";
102       }
103   }
104 else
105   { /* normal user page */
106
107     /* verify password and email */
108     if(strlen($password)!=32)
109       $password = md5($password);
110
111     $ok  = 1;
112     $myid = DB_get_userid('email-password',$email,$password);
113     if(!$myid)
114       $ok = 0;
115
116     if($ok)
117       {
118         /* user information is ok */
119         $myname = DB_get_name('email',$email);
120         $_SESSION["name"] = $myname;
121
122         $PREF = DB_get_PREF($myid);
123
124         DB_update_user_timestamp($myid);
125
126         display_user_menu($myid);
127
128         /* display all games the user has played */
129         echo "<div class=\"user\">";
130
131         if($myvacation = check_vacation($myid))
132           {
133             $vac_start   = $myvacation[0];
134             $vac_stop    = $myvacation[1];
135             $vac_comment = $myvacation[2];
136             echo "<p class=\"vacation\">Enjoy your vacation (don't forgot to change your settings once you're back). Between $vac_start and $vac_stop other users will see the following message: $vac_comment.</p>\n";
137           }
138
139         echo "<h4>These are all your games:</h4>\n";
140         /* output legend */
141         echo "<p>Games: \n";
142         echo "<span class=\"gamestatuspre\"> &nbsp; </span> =  pre-game phase ";
143         echo "<span class=\"gamestatusplay\"> &nbsp; </span> =  game in progess ";
144         echo "<span class=\"gamestatusover \"><a>N</a> </span> =  game over (N people played the same hand) <br />";
145         echo " Reminder: canceling a game can't be reversed!";
146         echo "</p>\n";
147
148         /* get all games */
149         $output = array();
150         $result = DB_query("SELECT Hand.hash,Hand.game_id,G.mod_date,G.player,G.status, ".
151                            " (SELECT count(H.randomnumbers) FROM Game H WHERE H.randomnumbers=G.randomnumbers) AS count, ".
152                            " G.session".
153                            " FROM Hand".
154                            " LEFT JOIN Game G ON G.id=Hand.game_id".
155                            " WHERE user_id='$myid'".
156                            " ORDER BY G.session,G.create_date" );
157
158         /* sort into active and passive sessions */
159         $count   = 0; /* count number of games to check for beginner status */
160         $session = -1;
161         $maxgame =  0;
162         $output_active   = "";
163         $output_inactive = "";
164         $sessionoutput   = "";
165         $gameoutput      = "";
166         $keep_going = 2;
167         while( $keep_going )
168           {
169             /* get next element */
170             $r = DB_fetch_array($result);
171
172             if($r)
173               $count++;
174             else
175               {
176                 /* need to run the while loop one more time when we run out of elements in the database */
177                 $keep_going--;
178                 $r[0] = NULL;
179                 $r[1] = NULL;
180                 $r[2] = NULL;
181                 $r[3] = NULL;
182                 $r[4] = NULL;
183                 $r[5] = NULL;
184                 $r[6] = -2;
185               }
186             if( $r[6]==$session )
187               {
188                 /* same session, update information */
189                 $maxgame++;
190                 $myhash        = $r[0];
191                 $gameid        = $r[1];
192                 $gamemoddate   = $r[2];
193                 $userid        = $r[3];
194                 $gamestatus    = $r[4];
195                 $gamefrequence = $r[5];
196
197                 /* create output */
198                 $sessionoutput .= $gameoutput;
199                 $gameoutput     = "   <span class=\"gamestatusover \"><a href=\"".$INDEX."?action=game&amp;me=".$myhash."\">"
200                   .$gamefrequence."</a></span>\n";
201               }
202             else
203               { /* new session */
204
205                 /* output old session if available */
206                 if($maxgame)
207                   {
208                     /* is session active? */
209                     if($gamestatus == 'pre' || $gamestatus== 'play' || time()-strtotime($gamemoddate) < 60*60*24*5 )
210                       {
211                         $output_active .= "<li> ";
212                         if($gamestatus == 'pre')
213                           $output_active .= '<span class="gamestatuspre gameid">';
214                         else if($gamestatus == 'play')
215                           $output_active .= '<span class="gamestatusplay gameid">';
216                         else
217                           $output_active .= '<span class="gamestatusover gameid">';
218                         $output_active .= "<a href=\"$INDEX?action=game&amp;me=$myhash\">".
219                           DB_format_gameid($gameid).'</a></span>&nbsp;&nbsp;&nbsp;';
220
221
222
223                         /* who's turn is it? */
224                         if( $gamestatus == 'pre' || $gamestatus == 'play')
225                           {
226                             $output_active .= '<span class="turn">';
227                             if($userid==$myid || !$userid)
228                               $output_active .= " <strong>your</strong> turn\n";
229                             else
230                               {
231                                 $name = DB_get_name('userid',$userid);
232
233                                 /* check vacaction status of this user */
234                                 if($vacation=check_vacation($userid))
235                                   {
236                                     $stop = substr($vacation[1],0,10);
237                                     $title = 'begin:'.substr($vacation[0],0,10).' end:'.$vacation[1].' '.$vacation[2];
238                                     $output_active .= " <span class=\"vacation\" title=\"$title\">$name's (on vacation until $stop)</span> turn\n";
239                                   }
240                                 else
241                                   $output_active .= "$name's turn\n";
242
243                                 /* check if we need to send out a reminder */
244                                 if(DB_get_reminder($userid,$gameid)==0)
245                                   if(time()-strtotime($gamemoddate) > 60*60*24*7)
246                                     $output_active .= "<a href=\"$INDEX?action=reminder&amp;me=".$myhash."\">Send a reminder?</a> ";
247
248                               };
249                             $output_active .= '</span>';
250
251                             if(time()-strtotime($gamemoddate) > 60*60*24*30)
252                               $output_active .= "<a href=\"$INDEX?action=cancel&amp;me=".$myhash."\">Cancel?</a> ";
253                           }
254
255                         if($maxgame>1)
256                           {
257                             $output_active .= ' <span class="gameshidesession link">(hide/show) old</span><br />'."\n";
258                             $output_active .= ' <span class="gamessession">'.$sessionoutput.'</span>';
259                           }
260
261                         $output_active .= "</li>\n";
262
263                       }
264                     else
265                       {
266                         /* session is not active anymore */
267                         $output_inactive .= "<li> $session:" ;
268                         $output_inactive .= $sessionoutput.$gameoutput ;
269                         $output_inactive .= "</li>\n";
270                       }
271
272                     /* reset all session variables */
273                     $maxgame =  0;
274                     $sessionoutput = "";
275                     $gameoutput    = "";
276
277                   }
278
279                 /* save game information */
280                 $maxgame++;
281                 $myhash        = $r[0];
282                 $gameid        = $r[1];
283                 $gamemoddate   = $r[2];
284                 $userid        = $r[3];
285                 $gamestatus    = $r[4];
286                 $gamefrequence = $r[5];
287                 $session       = $r[6];
288
289                 /* create output */
290                 $sessionoutput .= $gameoutput;
291                 $gameoutput     = "   <span class=\"gamestatusover \"><a href=\"".$INDEX."?action=game&amp;me=".$myhash."\">"
292                   .$gamefrequence."</a></span>\n";
293
294               }
295           }
296
297         echo "<ul>\n ";
298         echo " <li><span class=\"gameshowall link\">show all</span> <span class=\"gamehideall link\">hide all</span></li>\n";
299         echo $output_active;
300         echo " <li><span class=\"gameshidesession link\">hide/show inactive</span><ul class=\"gamessession\">$output_inactive </ul></li>";
301         echo "</ul>\n";
302
303         /* give a hint for new players */
304         if($count<10)
305           echo "<p class=\"newbiehint\">You can start new games using the link in the top right corner!</p>\n";
306
307         /* display last 5 users that have signed up to e-DoKo */
308         $names = DB_get_names_of_new_logins(5);
309         echo "<h4>New Players:</h4>\n<p>\n";
310         echo implode(", ",$names).",...\n";
311         echo "</p>\n";
312
313         /* display last 5 users that logged on */
314         echo "<h4>Players last logged in:</h4>\n<p>\n";
315
316         $names  = DB_get_names_of_last_logins(7);
317         $emails = DB_get_emails_of_last_logins(7);
318         for($i=0;$i<7;$i++)
319           {
320             echo "<img class=\"gravatar\" title=\"".$names[$i]."\" src=\"http://www.gravatar.com/avatar/".md5(strtolower(trim($emails[$i])))."?d=identicon\" />\n";
321           }
322         echo "</p>\n";
323
324         echo "</div>\n";
325       }
326     else
327       {
328         echo "<div class=\"message\">Sorry email and password don't match. Please <a href=\"$INDEX\">try again</a>. </div>";
329       }
330   };
331 ?>