<?php
-/* Copyright 2006, 2007, 2008, 2009, 2010 Arun Persaud <arun@nubati.net>
+/* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arun Persaud <arun@nubati.net>
*
* This file is part of e-DoKo.
*
/* check if some variables are set in the config file, else set defaults */
if(!isset($EmailName))
- $EmailName="[DoKo] ";
+ $EmailName='[DoKo] ';
if(isset($EMAIL_REPLY))
{
- ini_set("sendmail_from",$EMAIL_REPLY);
+ ini_set('sendmail_from',$EMAIL_REPLY);
}
if(!isset($ADMIN_NAME))
{
output_header();
- echo "<h1>Setup not completed</h1>";
- echo "You need to set \$ADMIN_NAME in config.php.";
+ echo '<h1>Setup not completed</h1>';
+ echo 'You need to set $ADMIN_NAME in config.php.';
output_footer();
exit();
}
if(!isset($ADMIN_EMAIL))
{
output_header();
- echo "<h1>Setup not completed</h1>";
- echo "You need to set \$ADMIN_EMAIL in config.php. ".
- "If something goes wrong an email will be send to this address.";
+ echo '<h1>Setup not completed</h1>';
+ echo 'You need to set $ADMIN_EMAIL in config.php. '.
+ 'If something goes wrong an email will be send to this address.';
output_footer();
exit();
}
if(!isset($DB_work))
{
output_header();
- echo "<h1>Setup not completed</h1>";
- echo "You need to set \$DB_work in config.php. ".
- "If this is set to 1, the game will be suspended and one can work safely on the database.".
- "The default should be 0 for the game to work.";
+ echo '<h1>Setup not completed</h1>';
+ echo 'You need to set $DB_work in config.php. '.
+ 'If this is set to anything else than 0, the game will be suspended and one can work safely on the database. '.
+ 'A message will be displayed that it will probably take about N minutes, with N being the number $DB_work is set to. '.
+ 'The default should be 0 for the game to work.';
output_footer();
exit();
}
if($DB_work)
{
output_header();
- echo "Working on the database...please check back later.";
+ echo '<div class="WIP">'.
+ _("Working on some aspect of e-DoKo... This will probably take max. $DB_work minutes. It could be over in a few seconds too though ;)").
+ '</div>';
output_footer();
exit();
}
else
{
/* store email in database */
- DB_digest_insert_email($To,$message);
+ DB_digest_insert_email($To,$message,$type,$gameid);
}
}
if($debug)
{
+ /* fix the hands; makes debugging easier; the following hands have lots of sicknesses,
+ * to make testing easier
+ */
$r[ 0]=1; $r[12]=47; $r[24]=13; $r[36]=37;
$r[ 1]=2; $r[13]=23; $r[25]=14; $r[37]=38;
$r[ 2]=3; $r[14]=27; $r[26]=15; $r[38]=39;
else
{
/* check if we can find a game were non of the player was involved and return
- * cards insted
+ * cards instead
*/
$userstr = "'".implode("','",array($useridA,$useridB,$useridC,$useridD))."'";
$randomnumbers = DB_get_unused_randomnumbers($userstr);
echo "<div class=\"table\">\n";
display_single_user($row1);
echo "\n<div class=\"middle\">\n";
- display_single_user($row0);
+ display_single_user($row0,1); /* mark starting player in case re/contra is not set yet */
echo " <img class=\"table\" src=\"pics/table.png\" alt=\"table\" />\n";
display_single_user($row2);
return;
}
-function display_single_user($r)
+function display_single_user($r,$start=0)
{
+ /* start=1, mark starting player, default=0, so the player on the left is not marked */
+
global $gameid, $GT, $debug,$INDEX,$defaulttimezone,$session;
global $RULES,$GAME,$gametype;
echo " <div class=\"table".($pos-1)."\">\n";
+ /* mark starting player */
+ if($start && ! ($party=="re" || $party=="contra"))
+ echo ' <span class="start">'._('Starting Player')."</span> <br />\n";
+
if($debug)
echo " <a href=\"".$INDEX."?action=game&me=".$hash."\">";
if($vacation = check_vacation($user))
}
-function display_user_menu($id)
+function display_user_menu($id, $skiphash=NULL)
{
global $WIKI,$INDEX;
- $result = DB_query("SELECT Hand.hash,Hand.game_id,Game.player from Hand".
- " LEFT JOIN Game On Hand.game_id=Game.id".
- " WHERE Hand.user_id='$id'".
- " AND ( Game.player='$id' OR ISNULL(Game.player) )".
- " AND ( Game.status='pre' OR Game.status='play' )".
- " ORDER BY Game.session" );
+ if($skiphash)
+ $result = DB_query("SELECT Hand.hash,Hand.game_id,Game.player from Hand".
+ " LEFT JOIN Game On Hand.game_id=Game.id".
+ " WHERE Hand.user_id='$id'".
+ " AND Hand.hash!='$skiphash'".
+ " AND ( Game.player='$id' OR ISNULL(Game.player) )".
+ " AND ( Game.status='pre' OR Game.status='play' )".
+ " ORDER BY Game.session" );
+ else
+ $result = DB_query("SELECT Hand.hash,Hand.game_id,Game.player from Hand".
+ " LEFT JOIN Game On Hand.game_id=Game.id".
+ " WHERE Hand.user_id='$id'".
+ " AND ( Game.player='$id' OR ISNULL(Game.player) )".
+ " AND ( Game.status='pre' OR Game.status='play' )".
+ " ORDER BY Game.session" );
$i=0;
while( $r = DB_fetch_array($result))
$i++;
echo " <a href=\"".$INDEX."?action=game&me=".$r[0].
- "\">game ".DB_format_gameid($r[1])." </a>\n";
+ "\"> ".DB_format_gameid($r[1])." </a>\n";
if($i>4)
{
echo ", ...\n";
$score = array();
$i=0;
- /* get all ids */
+ /* get all ids, scores and gametypes */
$gameids = DB_get_gameids_of_finished_games_by_session($session);
if($gameids == NULL)
return $score;
- /* get player id, names... from the first game */
$player = array();
- $result = DB_query("SELECT User.id, User.fullname from Hand".
- " LEFT JOIN User On Hand.user_id=User.id".
- " WHERE Hand.game_id=".$gameids[0]);
+ $player_party = array();
+
+ /* get player id from the first game */
+ $result = DB_query("SELECT user_id from Hand".
+ " WHERE Hand.game_id=".$gameids[0][0]);
while( $r = DB_fetch_array($result))
$player[$r[0]] = 0;
+ /* get party of players for each game in the session */
+ foreach($player as $id=>$points)
+ $player_party[$id]=DB_get_party_by_session_and_userid($session,$id);
+
/* get points and generate table */
foreach($gameids as $gameid)
{
- $re_score = DB_get_score_by_gameid($gameid);
- $gametype = DB_get_gametype_by_gameid($gameid);
+ $re_score = $gameid[1];
+ $gametype = $gameid[2];
foreach($player as $id=>$points)
{
- $party = DB_get_party_by_gameid_and_userid($gameid,$id);
+ $party = $player_party[$id][$i][0];
if($party == "re")
if($gametype=="solo")
$player[$id] += 3*$re_score;
else if ($party == "contra")
$player[$id] -= $re_score;
}
- $score[$i]['gameid'] = $gameid ;
+ $score[$i]['gameid'] = $gameid[0] ;
$score[$i]['players'] = $player;
$score[$i]['points'] = abs($re_score);
$score[$i]['solo'] = ($gametype=="solo");
{
$return = array();
- /* get all ids */
+ /* get all ids, scores and gametypes */
$gameids = DB_get_gameids_of_finished_games_by_session(0);
if($gameids == NULL)
return '';
- /* get player id, names... from the User table */
$player = array();
+ /* get player id, names... from the User table */
$result = DB_query('SELECT User.id, User.fullname FROM User');
/* save information in an array */
/* get points and generate table */
foreach($gameids as $gameid)
{
- $re_score = DB_get_score_by_gameid($gameid);
- $gametype = DB_get_gametype_by_gameid($gameid);
+ $re_score = $gameid[1];
+ $gametype = $gameid[2];
/* get players involved in this game */
- $result = DB_query('SELECT user_id FROM Hand WHERE game_id='.DB_quote_smart($gameid));
+ $result = DB_query('SELECT user_id FROM Hand WHERE game_id='.DB_quote_smart($gameid[0]));
while($r = DB_fetch_array($result))
{
$id = $r[0];
- $party = DB_get_party_by_gameid_and_userid($gameid,$id);
+ $party = DB_get_party_by_gameid_and_userid($gameid[0],$id);
if($party == 're')
if($gametype=='solo')
$player[$id]['points'] += 3*$re_score;
return $token;
}
+function verify_password($email, $password)
+{
+ /* verify password, if old password has length 32 assume it's an old md5, else use new password scheme */
+ /* return 0 if verified, else return error code
+ * 1 can't find email
+ * 2 can't calculate correct hash
+ * 3 misc error
+ */
+
+ /* check user email by getting his id */
+ $userid = DB_get_userid('email',$email);
+ if(!$userid)
+ return 1;
+
+ /* test for temporary passwords, only valid for one date (tested in the DB) */
+ $tmppasswd = md5($password);
+ if(DB_check_recovery_passwords($tmppasswd,$email))
+ return 0;
+
+ /* get saved password */
+ $existingpassword = DB_get_passwd_by_userid($userid);
+
+ if(strlen($existingpassword)==32) /* old password type */
+ {
+ if ($existingpassword == md5($password))
+ {
+ /* update password to new crypt version */
+ // create a password hash using the crypt function, need php 5.3 for this
+ // create and random salt
+ $salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22);
+ // hash incoming password using 12 rounds of blowfish
+ $hash = crypt($password, '$2y$12$' . $salt);
+ if(strlen($hash)>13)
+ DB_query("UPDATE User SET password='$hash' where id='$userid'");
+ else
+ return 2;
+
+ return 0;
+ }
+ }
+ else
+ {
+ if ($existingpassword == crypt($password, $existingpassword))
+ return 0;
+ };
+
+ return 3;
+}
+
?>