2 /* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016 Arun Persaud <arun@nubati.net>
4 * This file is part of e-DoKo.
6 * e-DoKo is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * e-DoKo is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with e-DoKo. If not, see <http://www.gnu.org/licenses/>.
21 /* make sure that we are not called from outside the scripts,
22 * use a variable defined in config.php to check this
27 /* test id and password, should really be done in one step */
28 if(isset($_SESSION['id']))
30 $myid = $_SESSION['id'];
31 $r = DB_query_array("SELECT email,password FROM User WHERE id=".DB_quote_smart($myid)."");
41 /* user has forgotten his password */
44 /* check if player is in the database */
47 $myid = DB_get_userid('email',$email);
53 set_language($myid,'uid');
55 /* check how many entries in recovery table */
56 $number = DB_get_number_of_passwords_recovery($myid);
58 /* if less than N recent ones, add a new one and send out email */
61 echo _('Ok, I will send you a new password.').' <br />';
63 echo sprintf(_("N.B. You tried this already %s times during the last day and it will only work".
64 " 5 times during a day."),$number)."<br />\n";
65 echo _('The new password will be valid for one day, make sure you reset it to something else.').'<br />';
66 echo sprintf(_('Back to the <a href="%s">main page</a>.'),$INDEX);
68 /* create temporary password, use the fist 8 letters of a md5 hash */
69 $TIME = (string) time(); /* to avoid collisions */
70 $rndstring = sha1(rand()); /* add some randomness */
71 $hash = md5('Anewpassword'.$email.$TIME.$rndstring);
72 $newpw = substr($hash,1,8);
74 $message = sprintf( _("Someone (hopefully you) requested a new password.\n".
75 "You can use this email and the following password:\n".
77 "to log into the server. The new password is valid for 24h, so make\n".
78 "sure you reset your password to something new. Your old password will\n".
79 "also still be valid until you set a new one.\n"), $newpw);
80 mymail($myid,0, GAME_RECOVERY, $message);
82 /* we save these in the database */
83 DB_set_recovery_password($myid,md5($newpw));
87 /* make it so that people (or a robot) can request thousands of passwords within a short time
88 * and spam a user this way */
89 echo _('Sorry you already tried 5 times during the last 24h.<br />'.
90 'You need to use one of those passwords or wait to get a new one.').'<br />';
91 echo sprintf(_('Back to the <a href="%s">main page</a>.'),$INDEX);
95 {/* can't find user id in the database */
99 echo _('You need to give me an email address!')." <br />".
100 sprintf(_('Please try <a href="%s">again</a>.'),$INDEX);
101 else /* default error message */
102 echo _("Couldn't find a player with this email!")."<br />".
103 sprintf(_('Please contact %s, if you think this is a mistake '.
104 'or else try <a href="%s">again</a>.'),$ADMIN_NAME, $INDEX );
108 { /* normal user page */
110 /* verify password and email */
112 if(isset($email, $password))
114 $myid = DB_get_userid('email-password',$email,$password);
123 /* user information is ok */
124 $myname = DB_get_name('email',$email);
125 $_SESSION['name'] = $myname;
127 $PREF = DB_get_PREF($myid);
128 /* set language chosen in preferences, will become active on the next reload (see index.php)*/
129 $_SESSION['language'] = $PREF['language'];
130 set_language($PREF['language']);
132 DB_update_user_timestamp($myid);
134 display_user_menu($myid);
136 /* display all games the user has played */
137 echo '<div class="user">';
139 if($myvacation = check_vacation($myid))
141 $vac_start = $myvacation[0];
142 $vac_stop = $myvacation[1];
143 $vac_comment = $myvacation[2];
144 echo '<p class="vacation">'._("Enjoy your vacation (don't forgot to change your settings once you're back).")." ".
145 _("Between $vac_start and $vac_stop other users will see the following message: $vac_comment.")."</p>\n";
148 echo '<h4>'._('These are your games').":</h4>\n";
151 echo ' <span class="gamestatuspre"> </span> '._('pre-game phase');
152 echo ' <span class="gamestatusplay"> </span> '._('game in progess');
153 echo ' <span class="gamestatusover "><a>N</a> </span> '._('game over (N people played this hand)').' <br />';
154 echo ' '._("Reminder: canceling a game can't be reversed!");
159 $result = DB_query("SELECT Hand.hash,Hand.game_id,G.mod_date,G.player,G.status, ".
160 " (SELECT count(H.randomnumbers) FROM Game H WHERE H.randomnumbers=G.randomnumbers) AS count, ".
163 " LEFT JOIN Game G ON G.id=Hand.game_id".
164 " WHERE user_id=".DB_quote_smart($myid).
165 " ORDER BY G.session,G.create_date" );
167 /* sort into active and passive sessions */
168 $count = 0; /* count number of games to check for beginner status */
172 $output_inactive = "";
178 /* get next element */
179 $r = DB_fetch_array($result);
185 /* need to run the while loop one more time when we run out of elements in the database */
195 if( $r[6]==$session )
197 /* same session, update information */
201 $gamemoddate = $r[2];
204 $gamefrequence = $r[5];
207 $sessionoutput .= $gameoutput;
208 $gameoutput = " <a class=\"gamestatusover\" href=\"".$INDEX."?action=game&me=".$myhash."\">"
209 .$gamefrequence."</a>\n";
214 /* output old session if available */
217 /* is session active? */
218 if($gamestatus == 'pre' || $gamestatus== 'play' || time()-strtotime($gamemoddate) < 60*60*24*5 )
220 $output_active .= "<li> ";
221 if($gamestatus == 'pre')
222 $class= 'class="gamestatuspre gameid"';
223 else if($gamestatus == 'play')
224 $class= 'class="gamestatusplay gameid"';
226 $class= 'class="gamestatusover gameid"';
227 $output_active .= "<a $class href=\"$INDEX?action=game&me=$myhash\">".
228 DB_format_gameid($gameid).'</a> ';
232 /* who's turn is it? */
233 if( $gamestatus == 'pre' || $gamestatus == 'play')
235 $output_active .= '<span class="turn">';
236 if($userid==$myid || !$userid)
237 $output_active .= ' <strong>'._('your turn')."</strong>\n";
240 $name = DB_get_name('userid',$userid);
242 /* check vacaction status of this user */
243 if($vacation=check_vacation($userid))
245 $stop = substr($vacation[1],0,10);
246 $title = _('begin:').substr($vacation[0],0,10).' '._('end:').$vacation[1].' '.$vacation[2];
247 $output_active .= " <span class=\"vacation\" title=\"$title\">".
248 sprintf(_("%s's turn"),$name).' '._("(on vacation until $stop)")."</span>\n";
251 $output_active .= sprintf(_("%s's turn"),$name)."\n";
253 /* check if we need to send out a reminder */
254 if(DB_get_reminder($userid,$gameid)==0)
255 if(time()-strtotime($gamemoddate) > 60*60*24*7)
256 $output_active .= "<a href=\"$INDEX?action=reminder&me=".$myhash."\">"._('Send a reminder?').'</a> ';
259 $output_active .= '</span>';
261 if(time()-strtotime($gamemoddate) > 60*60*24*30)
262 $output_active .= "<a href=\"$INDEX?action=cancel&me=".$myhash."\">"._('Cancel?').'</a> ';
267 $output_active .= ' <span class="gamesshowsession"><a href="#">'._('show old').'</a></span>'.
268 ' <span class="gameshidesession"><a href="#">'._('hide old').'</a></span><br />'."\n";
269 $output_active .= ' <span class="gamessession">'.$sessionoutput.'</span>';
272 $output_active .= "</li>\n";
277 /* session is not active anymore */
278 $output_inactive .= "<li> $session:" ;
279 $output_inactive .= $sessionoutput.$gameoutput ;
280 $output_inactive .= "</li>\n";
283 /* reset all session variables */
290 /* save game information */
294 $gamemoddate = $r[2];
297 $gamefrequence = $r[5];
301 $sessionoutput .= $gameoutput;
302 $gameoutput = " <span class=\"gamestatusover \"><a href=\"".$INDEX."?action=game&me=".$myhash."\">"
303 .$gamefrequence."</a></span>\n";
309 echo ' <li><span class="gameshowall"><a href="#">'._('show all').'</a></span> <span class="gamehideall"><a href="#">'._('hide all')."</a></span></li>\n";
311 echo ' <li><span class="gamesshowsession"><a href="#">'._('show inactive').'</a></span><span class="gameshidesession"><a href="#">'._('hide inactive').'</a></span><ul class="gamessession">'."$output_inactive </ul></li>";
314 /* give a hint for new players */
316 echo '<p class="newbiehint">'._('You can start new games using the link in the top right corner!')."</p>\n";
318 /* display last 5 users that have signed up to e-DoKo within the 45 days */
319 $names = DB_get_names_of_new_logins(5);
322 echo '<h4>'._('New Player(s)').":</h4>\n<p>\n";
323 echo implode(", ",$names).",...\n";
327 /* display last 5 users that logged on */
328 echo '<h4>'._('Players last logged in').":</h4>\n<p>\n";
330 $names = DB_get_names_of_last_logins(7);
331 $emails = DB_get_emails_of_last_logins(7);
334 echo '<img class="gravatar" title="'.$names[$i].
335 '" src="https://www.gravatar.com/avatar/'.
336 md5(strtolower(trim($emails[$i])))."?d=identicon\" />\n";
344 echo '<div class="message">'."\n";
345 echo sprintf(_("Sorry email and password don't match. Please <a href=\"%s\">try again</a>."),$INDEX);