<?php
-/* Copyright 2006, 2007, 2008, 2009, 2010 Arun Persaud <arun@nubati.net>
+/* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014 Arun Persaud <arun@nubati.net>
*
* This file is part of e-DoKo.
*
function DB_open()
{
- $version_needed = 2;
+ $version_needed = 5;
global $DB,$DB_user,$DB_host,$DB_database,$DB_password;
- $DB = @mysql_connect($DB_host,$DB_user, $DB_password);
- if ( $DB )
+ $DB = new mysqli($DB_host,$DB_user, $DB_password, $DB_database);
+ if ( $DB->connect_errno )
{
- mysql_select_db($DB_database) or die('Error: Could not select database');
- }
- else
- {
- echo mysql_errno() . ": " . mysql_error(). "\n";
+ echo "Failed to connect to Mysql ".$DB->connect_error." (".$DB->connect_errno.")\n";
return -1;
};
function DB_close()
{
global $DB;
- mysql_close($DB);
+ $DB->close();
return;
}
function DB_quote_smart($value)
{
+ global $DB;
/* Stripslashes */
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
/* Quote if not a number or a numeric string */
if (!is_numeric($value)) {
- $value = "'" . mysql_real_escape_string($value) . "'";
+ $value = "'" . $DB->real_escape_string($value) . "'";
+ $value = addcslashes($value, '%_');
}
return $value;
}
/* use Mysql in the background */
function DB_query($query)
{
+ global $DB;
/* debug/optimize the database
$time = microtime();
- $return = mysql_query($query);
- $time = $time - microtime();
+ $return = $DB->query($query);
+ $time = microtime() - $time;
- if($time > 0.05) // this way we can find only the long ones
+ if($time > 0.15) // this way we can find only the long ones
{
- $logfile=fopen('/tmp/DBlog.log','a+');
- fwrite($logfile,"EXPLAIN $query ;\n");
- fwrite($logfile,"time of above query: $time\n");
+ $logfile=fopen('DBlog.log','a+');
+ fwrite($logfile,"time of query: $time\n");
+ fwrite($logfile,wordwrap(" EXPLAIN $query ;\n", 60, "\n "));
+
+ $result = "";
+ $queryresult = mysql_query("EXPLAIN $query ;");
+ if( $queryresult )
+ while($row = DB_fetch_array($queryresult))
+ $result .= " |".implode("|",$row)."|\n";
+
+ fwrite($logfile,"$result \n\n");
fclose($logfile);
};
return $return;
*/
- return mysql_query($query);
+ return $DB->query($query);
}
function DB_fetch_array($result)
{
- return mysql_fetch_array($result,MYSQL_NUM);
+ if($result)
+ return $result->fetch_array(MYSQLI_NUM);
+ else
+ return NULL;
}
function DB_insert_id()
{
- return mysql_insert_id();
-}
-
-function DB_num_rows($result)
-{
- return mysql_num_rows($result);
+ global $DB;
+ return $DB->insert_id;
}
/* end Mysql functions */
return $version[0];
}
-function DB_get_passwd_by_name($name)
-{
- $r = DB_query_array("SELECT password FROM User WHERE fullname=".DB_quote_smart($name)."");
-
- if($r)
- return $r[0];
- else
- return "";
-}
-
function DB_get_passwd_by_userid($id)
{
$r = DB_query_array("SELECT password FROM User WHERE id=".DB_quote_smart($id)."");
if(!$sequence || $sequence==4)
{
- DB_query("INSERT INTO Trick VALUES (NULL,NULL,NULL, ".DB_quote_smart($gameid).",NULL)");
+ DB_query("INSERT INTO Trick VALUES (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,NULL,".DB_quote_smart($gameid).",NULL)");
$trickid = DB_insert_id();
$sequence = 1;
$number++;
function DB_play_card($trickid,$handcardid,$sequence)
{
- DB_query("INSERT INTO Play VALUES(NULL,NULL,NULL,".DB_quote_smart($trickid).
+ DB_query("INSERT INTO Play VALUES(CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,NULL,".DB_quote_smart($trickid).
",".DB_quote_smart($handcardid).",".DB_quote_smart($sequence).")");
$playid = DB_insert_id();
{
$names = array();
- $result = DB_query("SELECT fullname FROM User ORDER BY create_date DESC, id DESC LIMIT $N");
+ $result = DB_query("SELECT fullname FROM User".
+ " WHERE create_date >=(NOW() - interval 45 day)".
+ " ORDER BY create_date DESC, id DESC LIMIT $N");
while($r = DB_fetch_array($result))
$names[] = $r[0];
return "Europe/London";
}
-function DB_insert_comment($comment,$playid,$userid)
+function DB_insert_comment($comment,$playid,$gameid,$userid)
{
- DB_query("INSERT INTO Comment VALUES (NULL,NULL,NULL,$userid,$playid, ".DB_quote_smart($comment).")");
+ DB_query("INSERT INTO Comment VALUES (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,NULL,$userid,$playid,$gameid, ".DB_quote_smart($comment).")");
return;
}
+function DB_get_pre_comment($gameid)
+{
+ $r = DB_query_array_all("SELECT comment, User.fullname FROM Comment".
+ " LEFT JOIN User ON User.id=user_id".
+ " WHERE play_id=-1".
+ " AND game_id=$gameid ");
+ return $r;
+}
+
+function DB_get_pre_comment_call($gameid)
+{
+ $r = DB_query_array_all("SELECT comment, User.fullname FROM Comment".
+ " LEFT JOIN User ON User.id=user_id".
+ " WHERE play_id=-2".
+ " AND game_id=$gameid ");
+ return $r;
+}
+
function DB_insert_note($comment,$gameid,$userid)
{
- DB_query("INSERT INTO Notes VALUES (NULL,NULL,NULL,$userid,$gameid, ".DB_quote_smart($comment).")");
+ DB_query("INSERT INTO Notes VALUES (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,NULL,$userid,$gameid, ".DB_quote_smart($comment).")");
return;
}
else
{
/* create new one */
- $result = DB_query("INSERT INTO Rulesets VALUES (NULL, NULL, ".
+ $result = DB_query("INSERT INTO Rulesets VALUES (CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, ".
DB_quote_smart($dullen).",".
DB_quote_smart($schweinchen).",".
DB_quote_smart($lowtrump).",".
return NULL;
}
+function DB_get_party_by_session_and_userid($session,$userid)
+{
+ /* used in score table by index. gameids are sorted by date, so we need to sort here too! */
+ $r = DB_query_array_all("SELECT party FROM Hand".
+ " LEFT JOIN Game ON Game.id = Hand.game_id".
+ " WHERE Game.session=".DB_quote_smart($session).
+ " AND user_id=".DB_quote_smart($userid)."".
+ " AND Game.status='gameover' ".
+ " ORDER BY Game.create_date ASC");
+ return $r;
+}
+
function DB_set_party_by_hash($hash,$party)
{
DB_query("UPDATE Hand SET party=".DB_quote_smart($party)." WHERE hash=".DB_quote_smart($hash));
$PREF['vacation_start'] = NULL;
$PREF['vacation_stop'] = NULL;
$PREF['vacation_comment'] = '';
+ $PREF['language'] = 'en';
/* get all preferences */
$r = DB_query('SELECT pref_key, value FROM User_Prefs'.
- " WHERE user_id='$myid' " );
+ " WHERE user_id=".DB_quote_smart($myid) );
while($pref = DB_fetch_array($r) )
{
switch($pref[0])
{
case 'cardset':
- /* licence only valid until then */
- if($pref[1]=='altenburg' && (time()-strtotime( '2009-12-31 23:59:59')<0) )
- $PREF['cardset']='altenburg';
+ if($pref[1])
+ $PREF['cardset'] = $pref[1];
break;
case 'email':
if($pref[1])
$PREF['vacation_comment'] = $pref[1];
break;
+
+ case 'language':
+ if($pref[1])
+ $PREF['language'] = $pref[1];
+ break;
}
}
+
return $PREF;
}
{
$r = DB_query_array("SELECT * FROM Rulesets".
" LEFT JOIN Game ON Game.ruleset=Rulesets.id ".
- " WHERE Game.id='$gameid'" );
+ " WHERE Game.id=".DB_quote_smart($gameid) );
$RULES['dullen'] = $r[2];
$RULES['schweinchen'] = $r[3];
{
$r = DB_query_array("SELECT value FROM Hand".
" LEFT JOIN User_Prefs ON Hand.user_id=User_Prefs.user_id".
- " WHERE hash='$hash' AND pref_key='email'" );
+ " WHERE hash=".DB_quote_smart($hash)." AND pref_key='email'" );
if($r)
{
if($r[0]=="emailaddict")
function DB_get_email_pref_by_uid($uid)
{
$r = DB_query_array("SELECT value FROM User_Prefs ".
- " WHERE user_id='$uid' AND pref_key='email'" );
+ " WHERE user_id=".DB_quote_smart($uid)." AND pref_key='email'" );
if($r)
{
if($r[0]=="emailaddict")
function DB_get_unused_randomnumbers($userstr)
{
/* optimized version of this query using temporary tables (perhaps we should use a procedure here?).
- First we create a copy of the Game table using just the gameid and the cards.
- Then in a second round we delete all the gameids of games where our players are in.
+ First we create a copy of the Game table using just the cards.
+ Then in a second round we delete all the randomnumbers of games where our players are in.
At the end we return only the first entry in the temporary table.
*/
DB_query("DROP TEMPORARY TABLE IF EXISTS gametmp;");
- DB_query("CREATE TEMPORARY TABLE gametmp SELECT id,randomnumbers FROM Game;");
- DB_query("DELETE FROM gametmp WHERE randomnumbers IN (SELECT randomnumbers FROM Hand LEFT JOIN Game ON Game.id=game_id WHERE user_id IN (".$userstr."));");
+ DB_query("CREATE TEMPORARY TABLE gametmp SELECT DISTINCT randomnumbers FROM Game;");
+ DB_query("DELETE FROM gametmp WHERE randomnumbers IN (SELECT DISTINCT randomnumbers FROM Game WHERE id IN (SELECT DISTINCT game_id FROM Hand WHERE user_id IN (".$userstr.")));");
$r = DB_query_array("SELECT randomnumbers FROM gametmp LIMIT 1;");
DB_query("DROP TEMPORARY TABLE IF EXISTS gametmp;");
function DB_get_number_of_passwords_recovery($user)
{
$r = DB_query_array("SELECT COUNT(*) FROM Recovery ".
- " WHERE user_id=$user ".
+ " WHERE user_id=".DB_quote_smart($user).
" AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= create_date".
" GROUP BY user_id " );
if($r)
function DB_set_recovery_password($user,$newpw)
{
DB_query("INSERT INTO Recovery VALUES(NULL,".DB_quote_smart($user).
- ",".DB_quote_smart($newpw).",NULL)");
+ ",".DB_quote_smart($newpw).",CURRENT_TIMESTAMP)");
+ return;
+}
+
+function DB_delete_recovery_passwords($userid)
+{
+ DB_query("DELETE FROM Recovery WHERE user_id=".DB_quote_smart($userid));
return;
}
if($card==0)
return 'backside';
- $r = DB_query_array("SELECT strength,suite FROM Card WHERE id='$card'");
+ $r = DB_query_array("SELECT strength,suite FROM Card WHERE id=".DB_quote_smart($card));
if($r)
return $r[0]." of ".$r[1];
function DB_get_current_playid($gameid)
{
+ /* return playid or -1 for pre-game phase */
$trick = DB_get_max_trickid($gameid);
- if(!$trick) return NULL;
+ if(!$trick) return -1;
- $r = DB_query_array("SELECT id FROM Play WHERE trick_id='$trick' ORDER BY create_date DESC LIMIT 1");
+ $r = DB_query_array("SELECT id FROM Play WHERE trick_id=".DB_quote_smart($trick)." ORDER BY create_date DESC LIMIT 1");
if($r)
return $r[0];
- return "";
+ return -1;
}
function DB_get_call_by_hash($hash)
{
- $r = DB_query_array("SELECT point_call FROM Hand WHERE hash='$hash'");
+ $r = DB_query_array("SELECT point_call FROM Hand WHERE hash=".DB_quote_smart($hash));
if($r)
return $r[0];
if($partner)
{
- $r = DB_query_array("SELECT point_call FROM Hand WHERE hash='$partner'");
+ $r = DB_query_array("SELECT point_call FROM Hand WHERE hash=".DB_quote_smart($partner));
if($r)
return $r[0];
$gameid = DB_get_gameid_by_hash($hash);
$party = DB_get_party_by_hash($hash);
- $r = DB_query_array("SELECT hash FROM Hand WHERE game_id='$gameid' AND party='$party' AND hash<>'$hash'");
+ $r = DB_query_array("SELECT hash FROM Hand WHERE game_id=".DB_quote_smart($gameid).
+ " AND party=".DB_quote_smart($party)." AND hash<>".DB_quote_smart($hash));
if($r)
return $r[0];
function DB_format_gameid($gameid)
{
/* get session and create date */
- $r = DB_query_array("SELECT session, create_date FROM Game WHERE id='$gameid' ");
+ $r = DB_query_array("SELECT session, create_date FROM Game WHERE id=".DB_quote_smart($gameid));
$session = $r[0];
$date = $r[1];
/* get number of game */
$r = DB_query_array("SELECT SUM(TIME_TO_SEC(TIMEDIFF(create_date, '$date'))<=0) ".
" FROM Game".
- " WHERE session='$session' ");
+ " WHERE session=".DB_quote_smart($session));
return $session.'.'.$r[0];
}
function DB_get_reminder($user,$gameid)
{
$r = DB_query_array("SELECT COUNT(*) FROM Reminder ".
- " WHERE user_id=$user ".
- " AND game_id=$gameid ".
+ " WHERE user_id=".DB_quote_smart($user).
+ " AND game_id=".DB_quote_smart($gameid).
" AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= create_date".
" GROUP BY user_id " );
if($r)
{
DB_query("INSERT INTO Reminder ".
" VALUES(NULL, ".DB_quote_smart($user).", ".DB_quote_smart($gameid).
- ", NULL) ");
+ ", CURRENT_TIMESTAMP) ");
return 0;
}
return -1;
}
-function DB_get_score_by_gameid($gameid)
-{
- /* returns the points of a game from the point of the re parth (<0 if they lost) */
- $queryresult = DB_query("SELECT COUNT(*),party FROM Score ".
- " WHERE game_id=$gameid ".
- " GROUP BY party ");
- $re = 0;
- $contra = 0;
-
- while($r = DB_fetch_array($queryresult) )
- {
- if($r[1] == "re")
- $re += $r[0];
- else if ($r[1] == "contra")
- $contra += $r[0];
- };
-
- return ($re - $contra);
-}
-
function DB_get_gameids_of_finished_games_by_session($session)
{
$ids = array ();
if($session==0) /* return all games */
- $queryresult = DB_query("SELECT id FROM Game ".
- " WHERE status='gameover' ".
- " ORDER BY create_date ASC");
+ $queryresult = DB_query_array_all("SELECT Game.id,SUM(IF(STRCMP(Score.party,'re'),-1,1)),Game.type FROM Game ".
+ " LEFT JOIN Score on game_id=Game.id".
+ " WHERE status='gameover' ".
+ " GROUP BY Game.id");
else /* return games in a session */
- $queryresult = DB_query("SELECT id FROM Game ".
- " WHERE session=$session ".
- " AND status='gameover' ".
- " ORDER BY create_date ASC");
-
- $i=0;
- while($r = DB_fetch_array($queryresult) )
- {
- $ids[$i] = $r[0];
- $i++;
- }
+ $queryresult = DB_query_array_all("SELECT Game.id,SUM(IF(STRCMP(Score.party,'re'),-1,1)),Game.type FROM Game ".
+ " LEFT JOIN Score on game_id=Game.id".
+ " WHERE session=".DB_quote_smart($session).
+ " AND status='gameover' ".
+ " GROUP BY Game.id".
+ " ORDER BY Game.create_date ASC");
- return $ids;
+ return $queryresult;
}
function DB_get_card_value_by_cardid($id)
{
$r = DB_query_array("SELECT points FROM Card ".
- " WHERE id=$id ");
+ " WHERE id=".DB_quote_smart($id));
if($r)
return $r[0];
return $r[0];
}
-function DB_digest_insert_email($To,$message)
+function DB_digest_insert_email($To,$message,$type,$gameid)
{
- DB_query("INSERT INTO digest_email VALUES (NULL,".DB_quote_smart($To).",NULL,".DB_quote_smart($message).")");
+ if($type == GAME_YOUR_TURN)
+ DB_query("INSERT INTO digest_email VALUES (NULL,".DB_quote_smart($To).",CURRENT_TIMESTAMP,'your_turn',$gameid,".DB_quote_smart($message).")");
+ else
+ DB_query("INSERT INTO digest_email VALUES (NULL,".DB_quote_smart($To).",CURRENT_TIMESTAMP,'misc',NULL,".DB_quote_smart($message).")");
return;
}
{
$messages = array();
- $result = DB_query("SELECT id,content FROM digest_email Where email='$email'");
+ $result = DB_query("SELECT id,content,type,game_id FROM digest_email Where email='$email'");
while($r = DB_fetch_array($result))
$messages[]=$r;