if(!isset($ADMIN_EMAIL))
{
output_header();
- echo "<h1>Setup not completed</h1>";
- echo "You need to set \$ADMIN_EMAIL in config.php. ".
- "If something goes wrong an email will be send to this address.";
+ echo '<h1>Setup not completed</h1>';
+ echo 'You need to set $ADMIN_EMAIL in config.php. '.
+ 'If something goes wrong an email will be send to this address.';
output_footer();
exit();
}
if(!isset($DB_work))
{
output_header();
- echo "<h1>Setup not completed</h1>";
- echo "You need to set \$DB_work in config.php. ".
- "If this is set to anything else than 0, the game will be suspended and one can work safely on the database. ".
- "A message will be displayed that it will probably take about N minutes, with N being the number \$DB_work is set to. ".
- "The default should be 0 for the game to work.";
+ echo '<h1>Setup not completed</h1>';
+ echo 'You need to set $DB_work in config.php. '.
+ 'If this is set to anything else than 0, the game will be suspended and one can work safely on the database. '.
+ 'A message will be displayed that it will probably take about N minutes, with N being the number $DB_work is set to. '.
+ 'The default should be 0 for the game to work.';
output_footer();
exit();
}
return $token;
}
+function verify_password($email, $password)
+{
+ /* verify password, if old password has length 32 assume it's an old md5, else use new password scheme */
+ /* return 0 if verified, else return error code
+ * 1 can't find email
+ * 2 can't calculate correct hash
+ * 3 misc error
+ */
+
+ /* check user email by getting his id */
+ $userid = DB_get_userid('email',$email);
+ if(!$userid)
+ return 1;
+
+ /* test for temporary passwords, only valid for one date (tested in the DB) */
+ $tmppasswd = md5($password);
+ if(DB_check_recovery_passwords($tmppasswd,$email))
+ return 0;
+
+ /* get saved password */
+ $existingpassword = DB_get_passwd_by_userid($userid);
+
+ if(strlen($existingpassword)==32) /* old password type */
+ {
+ if ($existingpassword == md5($password))
+ {
+ /* update password to new crypt version */
+ // create a password hash using the crypt function, need php 5.3 for this
+ // create and random salt
+ $salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22);
+ // hash incoming password using 12 rounds of blowfish
+ $hash = crypt($password, '$2y$12$' . $salt);
+ if(strlen($hash)>13)
+ DB_query("UPDATE User SET password='$hash' where id='$userid'");
+ else
+ return 2;
+
+ return 0;
+ }
+ }
+ else
+ {
+ if ($existingpassword == crypt($password, $existingpassword))
+ return 0;
+ };
+
+ return 3;
+}
+
+/* language functions */
+function detectlanguage()
+{
+ /* read out browser's prefered language, taken from php-manual*/
+ $langcode = explode(";", $_SERVER['HTTP_ACCEPT_LANGUAGE']);
+ $langcode = explode(",", $langcode['0']);
+ return $langcode['0'];
+}
+
+function set_language($language)
+{
+ switch($language)
+ {
+ case 'de':
+ putenv("LC_ALL=de_DE");
+ setlocale(LC_ALL, "de_DE");
+ // Specify location of translation tables
+ bindtextdomain("edoko", "./locale");
+ // Choose domain
+ textdomain("edoko");
+ break;
+ default:
+ /* do nothing */
+ }
+
+ return;
+}
+
?>