+ if($r)
+ return $r[0];
+ else
+ return 0;
+}
+
+function DB_set_reminder($user,$gameid)
+{
+ mysql_query("INSERT INTO Reminder ".
+ " VALUES(NULL, ".DB_quote_smart($user).", ".DB_quote_smart($gameid).
+ ", NULL) ");
+ return 0;
+}
+
+function DB_is_session_active($session)
+{
+ $queryresult = mysql_query("SELECT COUNT(*) FROM Game ".
+ " WHERE session=$session ".
+ " AND status<>'gameover' ");
+
+ $r = mysql_fetch_array($queryresult,MYSQL_NUM);
+ if($r)
+ return $r[0];
+ else
+ return -1;
+}
+
+function DB_get_score_by_gameid($gameid)
+{
+ /* returns the points of a game from the point of the re parth (<0 if they lost) */
+ $queryresult = mysql_query("SELECT COUNT(*),party FROM Score ".
+ " WHERE game_id=$gameid ".
+ " GROUP BY party ");
+
+ $re = 0;
+ $contra = 0;
+
+ while($r = mysql_fetch_array($queryresult,MYSQL_NUM) )
+ {
+ if($r[1] == "re")
+ $re += $r[0];
+ else if ($r[1] == "contra")
+ $contra += $r[0];
+ };
+
+ return ($re - $contra);
+}
+
+function DB_get_gameids_of_finished_games_by_session($session)
+{
+ $ids = array ();
+
+ $queryresult = mysql_query("SELECT id FROM Game ".
+ " WHERE session=$session ".
+ " AND status='gameover' ".
+ " ORDER BY create_date ASC");
+
+ $i=0;
+ while($r = mysql_fetch_array($queryresult,MYSQL_NUM) )
+ {
+ $ids[$i] = $r[0];
+ $i++;
+ }
+
+ return $ids;
+}
+
+function DB_get_card_value_by_cardid($id)
+{
+ $queryresult = mysql_query("SELECT points FROM Card ".
+ " WHERE id=$id ");
+
+ $r = mysql_fetch_array($queryresult,MYSQL_NUM);
+ if($r)
+ return $r[0];
+ else
+ return NULL;
+}
+
+function DB_get_userid($type,$var1="",$var2="")
+{
+ /* get the userid of a user
+ * this can be done several ways, which are all handled below
+ * if a email/password combination is given and it doesn't work, we also
+ * need to check the recovery table for additional passwords
+ */
+
+ $r = NULL;
+
+ switch($type)
+ {
+ case 'name':
+ $result = mysql_query("SELECT id FROM User WHERE fullname=".DB_quote_smart($var1));
+ break;
+ case 'hash':
+ $result = mysql_query("SELECT user_id FROM Hand WHERE hash=".DB_quote_smart($var1));
+ break;
+ case 'password':
+ $result = mysql_query("SELECT id FROM User WHERE password=".DB_quote_smart($var1));
+ break;
+ case 'email':
+ $result = mysql_query("SELECT id FROM User WHERE email=".DB_quote_smart($var1));
+ break;
+ case 'email-password':
+ $result = mysql_query("SELECT id FROM User WHERE email=".DB_quote_smart($var1)." AND password=".DB_quote_smart($var2));
+ $r = mysql_fetch_array($result,MYSQL_NUM);
+ /* test if a recovery password has been set */
+ if(!$r)
+ {
+ echo "testing alternative password";
+ $result = mysql_query("SELECT User.id FROM User".
+ " LEFT JOIN Recovery ON User.id=Recovery.user_id".
+ " WHERE email=".DB_quote_smart($var1).
+ " AND Recovery.password=".DB_quote_smart($var2).
+ " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= Recovery.create_date");
+ }
+ break;
+ case 'gameid-position':
+ $result = mysql_query("SELECT user_id FROM Hand WHERE game_id=".
+ DB_quote_smart($var1)." AND position=".
+ DB_quote_smart($var2));
+ break;
+ }
+
+ if(!$r)
+ $r = mysql_fetch_array($result,MYSQL_NUM);
+
+ if($r)
+ return $r[0];
+ else
+ return 0;
+}
+
+function DB_get_email($type,$var1='',$var2='')
+{
+ /* return the email of a user
+ * this is used for sending out emails, but also for
+ * testing the login for example
+ */
+ switch($type)
+ {
+ case 'name':
+ $result = mysql_query("SELECT email FROM User WHERE fullname=".DB_quote_smart($var1)."");
+ break;
+ case 'userid':
+ $result = mysql_query("SELECT email FROM User WHERE id=".DB_quote_smart($var1)."");
+ break;
+ case 'hash':
+ $result = mysql_query("SELECT User.email FROM User ".
+ "LEFT JOIN Hand ON Hand.user_id=User.id ".
+ "WHERE Hand.hash=".DB_quote_smart($var1)."");
+ break;
+ case 'position-gameid':
+ $result = mysql_query("SELECT email FROM User ".
+ "LEFT JOIN Hand ON User.id=Hand.user_id ".
+ "LEFT JOIN Game ON Game.id=Hand.game_id ".
+ "WHERE Game.id=".DB_quote_smart($var2)." ".
+ "AND Hand.position=".DB_quote_smart($var1)."");
+ break;
+ }
+
+ $r = mysql_fetch_array($result,MYSQL_NUM);
+
+ if($r)
+ return $r[0];
+ else
+ return "";
+}
+
+function DB_get_name($type,$var1='')
+{
+ /* get the full name of a user
+ * a user can be uniquely identified several ways
+ */
+ switch($type)
+ {
+ case 'hash':
+ $result = mysql_query("SELECT fullname FROM Hand LEFT JOIN User ON Hand.user_id=User.id WHERE hash=".DB_quote_smart($var1));
+ break;
+ case 'email':
+ $result = mysql_query("SELECT fullname FROM User WHERE email=".DB_quote_smart($var1));
+ break;
+ case 'userid':
+ $result = mysql_query("SELECT fullname FROM User WHERE id=".DB_quote_smart($var1));
+ }
+
+ $r = mysql_fetch_array($result,MYSQL_NUM);
+