if($note != '')
DB_insert_note($note,$gameid,$myid);
};
-output_user_notes($myid,$gameid,$mystatus);
+
+/* make sure that we don't show the notes to the wrong person
+ * (e.g. other people looking at an old game)
+ */
+if( $mystatus != 'gameover' ||
+ ( $mystatus == 'gameover' &&
+ isset($_SESSION['id']) &&
+ $myid == $_SESSION['id']))
+ output_user_notes($myid,$gameid,$mystatus);
/* handle calls */
if(myisset('call') && $_REQUEST['call'] == '120' && can_call(120,$me))
$message .= "Score Table:\n";
$message .= format_score_table_ascii($score);
- $message .= "Use these links to have a look at game ".DB_format_gameid($gameid).": \n";
+ $message .= "\nUse these links to have a look at game ".DB_format_gameid($gameid).": \n";
/* send out final email */
$all = array();
default:
myerror("error in testing the status");
}
-/* output left menu */
-display_user_menu();
-/* output right menu */
+/* output other games where it is the users turn
+ * make sure that the people looking at old games don't see the wrong games here
+ */
+if( $mystatus != 'gameover' )
+ display_user_menu($myid);
+else if( $mystatus == 'gameover' &&
+ isset($_SESSION['id']) )
+ {
+ display_user_menu($_SESSION['id']);
+ }
+else
+ {
+ echo "<div class=\"usermenu\">\n";
+ echo "It's your turn in these games:<br />\n";
+ echo "Please log in to see this information.\n";
+ echo "</div>\n";
+ }
/* display rule set for this game */
echo "<div class=\"gameinfo\">\n";