added a new set of LGPL licensed cards
[e-DoKo.git] / include / preferences.php
index 990626a264172873c7720a57aa92e45c263585e5..a69fd5659177b0780b34c6682ff31076204ac7bb 100644 (file)
@@ -92,11 +92,11 @@ if(myisset('vacation_start','vacation_stop','vacation_comment') &&
     if($_REQUEST['vacation_start'] == $_REQUEST['vacation_stop'])
       {
        $result = DB_query("DELETE FROM User_Prefs".
-                          " WHERE user_id='$myid' AND pref_key='vacation start'" );
+                          " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation start'" );
        $result = DB_query("DELETE FROM User_Prefs".
-                          " WHERE user_id='$myid' AND pref_key='vacation stop'" );
+                          " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation stop'" );
        $result = DB_query("DELETE FROM User_Prefs".
-                          " WHERE user_id='$myid' AND pref_key='vacation comment'" );
+                          " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation comment'" );
        $changed_vacation = 1;
       }
     /* change in database if format is ok */
@@ -106,12 +106,12 @@ if(myisset('vacation_start','vacation_stop','vacation_comment') &&
        if($vacation_start!=$PREF['vacation_start'])
          {
            $result = DB_query("SELECT * from User_Prefs".
-                              " WHERE user_id='$myid' AND pref_key='vacation start'" );
+                              " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation start'" );
            if( DB_fetch_array($result))
              $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_start).
-                                " WHERE user_id='$myid' AND pref_key='vacation start'" );
+                                " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation start'" );
            else
-             $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation start',".
+             $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'vacation start',".
                                 DB_quote_smart($vacation_start).")");
 
            $changed_vacation = 1;
@@ -121,12 +121,12 @@ if(myisset('vacation_start','vacation_stop','vacation_comment') &&
        if($vacation_stop!=$PREF['vacation_stop'])
          {
            $result = DB_query("SELECT * from User_Prefs".
-                              " WHERE user_id='$myid' AND pref_key='vacation stop'" );
+                              " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation stop'" );
            if( DB_fetch_array($result))
              $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_stop).
-                                " WHERE user_id='$myid' AND pref_key='vacation stop'" );
+                                " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation stop'" );
            else
-             $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation stop',".
+             $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'vacation stop',".
                                 DB_quote_smart($vacation_stop).")");
 
            $changed_vacation = 1;
@@ -136,12 +136,12 @@ if(myisset('vacation_start','vacation_stop','vacation_comment') &&
        if($vacation_comment!=$PREF['vacation_comment'])
          {
            $result = DB_query("SELECT * from User_Prefs".
-                              " WHERE user_id='$myid' AND pref_key='vacation comment'" );
+                              " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation comment'" );
            if( DB_fetch_array($result))
              $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_comment).
-                                " WHERE user_id='$myid' AND pref_key='vacation comment'" );
+                                " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation comment'" );
            else
-             $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation comment',".
+             $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'vacation comment',".
                                 DB_quote_smart($vacation_comment).")");
 
            $changed_vacation = 1;
@@ -167,12 +167,12 @@ if(myisset("cards"))
       {
        /* check if we already have an entry for the user, if so change it, if not create new one */
        $result = DB_query("SELECT * from User_Prefs".
-                          " WHERE user_id='$myid' AND pref_key='cardset'" );
+                          " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='cardset'" );
        if( DB_fetch_array($result))
          $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
-                            " WHERE user_id='$myid' AND pref_key='cardset'" );
+                            " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='cardset'" );
        else
-         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
+         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'cardset',".
                             DB_quote_smart($cards).")");
        $changed_cards = 1;
       }
@@ -185,12 +185,12 @@ if(myisset("notify"))
       {
        /* check if we already have an entry for the user, if so change it, if not create new one */
        $result = DB_query("SELECT * from User_Prefs".
-                          " WHERE user_id='$myid' AND pref_key='email'" );
+                          " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='email'" );
        if( DB_fetch_array($result))
          $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
-                            " WHERE user_id='$myid' AND pref_key='email'" );
+                            " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='email'" );
        else
-         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
+         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'email',".
                             DB_quote_smart($notify).")");
        $changed_notify=1;
       }
@@ -203,12 +203,12 @@ if(myisset("digest"))
       {
        /* check if we already have an entry for the user, if so change it, if not create new one */
        $result = DB_query("SELECT * from User_Prefs".
-                          " WHERE user_id='$myid' AND pref_key='digest'" );
+                          " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='digest'" );
        if( DB_fetch_array($result))
          $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($digest).
-                            " WHERE user_id='$myid' AND pref_key='digest'" );
+                            " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='digest'" );
        else
-         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','digest',".
+         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'digest',".
                             DB_quote_smart($digest).")");
        $changed_digest=1;
       }
@@ -221,12 +221,12 @@ if(myisset("autosetup"))
       {
        /* check if we already have an entry for the user, if so change it, if not create new one */
        $result = DB_query("SELECT * from User_Prefs".
-                          " WHERE user_id='$myid' AND pref_key='autosetup'" );
+                          " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='autosetup'" );
        if( DB_fetch_array($result))
          $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup).
-                            " WHERE user_id='$myid' AND pref_key='autosetup'" );
+                            " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='autosetup'" );
        else
-         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','autosetup',".
+         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'autosetup',".
                             DB_quote_smart($autosetup).")");
        $changed_autosetup=1;
       }
@@ -239,12 +239,12 @@ if(myisset("sorting"))
       {
        /* check if we already have an entry for the user, if so change it, if not create new one */
        $result = DB_query("SELECT * from User_Prefs".
-                          " WHERE user_id='$myid' AND pref_key='sorting'" );
+                          " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='sorting'" );
        if( DB_fetch_array($result))
          $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($sorting).
-                            " WHERE user_id='$myid' AND pref_key='sorting'" );
+                            " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='sorting'" );
        else
-         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','sorting',".
+         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'sorting',".
                             DB_quote_smart($sorting).")");
        $changed_sorting=1;
       }
@@ -257,12 +257,12 @@ if(myisset("open_for_games"))
       {
        /* check if we already have an entry for the user, if so change it, if not create new one */
        $result = DB_query("SELECT * from User_Prefs".
-                          " WHERE user_id='$myid' AND pref_key='open for games'" );
+                          " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='open for games'" );
        if( DB_fetch_array($result))
          $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($openforgames).
-                            " WHERE user_id='$myid' AND pref_key='open for games'" );
+                            " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='open for games'" );
        else
-         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','open for games',".
+         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'open for games',".
                             DB_quote_smart($openforgames).")");
        $changed_openforgames=1;
       }
@@ -319,12 +319,12 @@ if(myisset("language"))
       {
        /* check if we already have an entry for the user, if so change it, if not create new one */
        $result = DB_query("SELECT * from User_Prefs".
-                          " WHERE user_id='$myid' AND pref_key='language'" );
+                          " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='language'" );
        if( DB_fetch_array($result))
          $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($language).
-                            " WHERE user_id='$myid' AND pref_key='language'" );
+                            " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='language'" );
        else
-         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','language',".
+         $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'language',".
                             DB_quote_smart($language).")");
        $changed_language = 1;
       }
@@ -341,7 +341,7 @@ $timezone = DB_get_user_timezone($myid);
 
 echo "<div class=\"user\">\n";
 echo "  <form action=\"index.php?action=prefs\" method=\"post\">\n";
-echo '  <h2>'._('Your settings are')."</h2>\n";
+echo '  <h2>'._('Your settings')."</h2>\n";
 echo "    <fieldset>\n";
 echo '    <legend>'._('Game-related')."</legend>\n";
 echo "      <table>\n";
@@ -472,16 +472,16 @@ echo " </td></tr>\n";
 
 echo '    <tr><td>'.('Card set').":              </td><td>\n";
 echo "         <select id=\"cards\" name=\"cards\" size=\"1\">\n";
-if($PREF['cardset']=="altenburg")
+if($PREF['cardset']=="english2")
   {
-    echo "           <option value=\"altenburg\" selected=\"selected\">"._('German cards')."</option>\n";
-    echo "           <option value=\"english\">"._('English cards')."</option>\n";
+    echo "           <option value=\"english\" >"._('English cards')."</option>\n";
+    echo "           <option value=\"english2\" selected=\"selected\">"._('English cards 2')."</option>\n";
   }
- else
+ else /* default */
    {
-     echo "           <option value=\"altenburg\">"._('German cards')."</option>\n";
      echo "           <option value=\"english\" selected=\"selected\">"._('English cards')."</option>\n";
-   }
+     echo "           <option value=\"english2\" >"._('English cards 2')."</option>\n";
+   };
 echo "         </select>";
 if($changed_cards) echo _('changed');
 echo " </td></tr>\n";