CLEANUP: cleaned up some debug message and error checking
[e-DoKo.git] / include / user.php
index 0f67a68f9791ff9f7fc418421d46817dbc12494d..0273183d0ba5a99b909f8319362ac91c82881527 100644 (file)
@@ -1,5 +1,5 @@
 <?php
-/* make sure that we are not called from outside the scripts, 
+/* make sure that we are not called from outside the scripts,
  * use a variable defined in config.php to check this
  */
 if(!isset($HOST))
@@ -11,12 +11,12 @@ if(!isset($_SESSION["name"]))
     $email     = $_REQUEST["email"];
     $password  = $_REQUEST["password"];
   }
- else
-   {
-     $name = $_SESSION["name"];
-     $email     = DB_get_email('name',$name);
-     $password  = DB_get_passwd_by_name($name);
-   };
+else
+  {
+    $name = $_SESSION["name"];
+    $email     = DB_get_email('name',$name);
+    $password  = DB_get_passwd_by_name($name);
+  };
 
 /* user has forgotten his password */
 if(myisset("forgot"))
@@ -53,8 +53,9 @@ if(myisset("forgot"))
              "   $newpw    \n".
              "to log into the server. The new password is valid for 24h, so make\n".
              "sure you reset your password to something new. Your old password will\n".
-             " also still be valid until you set a new one\n";
-           mymail($email,$EmailName."recovery ",$message);
+             "also still be valid until you set a new one.\n";
+           $subject = $EmailName.' Recovery';
+           sendmail($email,$subject,$message);
 
            /* we save these in the database */
            DB_set_recovery_password($myid,md5($newpw));
@@ -70,7 +71,7 @@ if(myisset("forgot"))
       }
     else
       {/* can't find user id in the database */
-            
+
        /* no email given? */
        if($email=="")
          echo "You need to give me an email address! <br />".
@@ -81,192 +82,140 @@ if(myisset("forgot"))
            "or else try <a href=\"$INDEX\">again</a>.";
       }
   }
- else 
-   { /* normal user page */
-
-
-     /* verify password and email */
-     if(strlen($password)!=32)
-       $password = md5($password);
+else
+  { /* normal user page */
 
-     $ok  = 1;
-     $myid = DB_get_userid('email-password',$email,$password);
-     if(!$myid)
-       $ok = 0;
+    /* verify password and email */
+    if(strlen($password)!=32)
+      $password = md5($password);
 
-     if($ok)
-       {
-        /* user information is ok */
-        $myname = DB_get_name('email',$email);
-        $_SESSION["name"] = $myname;
-        output_status();
-    
-        DB_get_PREF($myid);
-    
-        /* does the user want to change some preferences? */
-        if(myisset("setpref"))
-          {
-            $setpref=$_REQUEST["setpref"];
-            switch($setpref)
-              {
-              case "germancards":
-              case "englishcards":
-                $result = mysql_query("SELECT * from User_Prefs".
-                                      " WHERE user_id='$myid' AND pref_key='cardset'" );
-                if( mysql_fetch_array($result,MYSQL_NUM))
-                  $result = mysql_query("UPDATE User_Prefs SET value=".DB_quote_smart($setpref).
-                                        " WHERE user_id='$myid' AND pref_key='cardset'" );
-                else
-                  $result = mysql_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
-                                        DB_quote_smart($setpref).")");
-                echo "Ok, changed you preferences for the cards.\n";
-                break;
-              case "emailaddict":
-              case "emailnonaddict":
-                $result = mysql_query("SELECT * from User_Prefs".
-                                      " WHERE user_id='$myid' AND pref_key='email'" );
-                if( mysql_fetch_array($result,MYSQL_NUM))
-                  $result = mysql_query("UPDATE User_Prefs SET value=".DB_quote_smart($setpref).
-                                        " WHERE user_id='$myid' AND pref_key='email'" );
-                else
-                  $result = mysql_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
-                                        DB_quote_smart($setpref).")");
-                echo "Ok, changed you preferences for sending out emails.\n";
-                break;
-              }
-          }
-        /* user wants to change his password or request a temporary one */
-        else if(myisset("passwd"))
-          {
-            if( $_REQUEST["passwd"]=="ask" )
-              {
-                /* reset password form*/
-                output_password_recovery($email,$password);
-              }
-            else if($_REQUEST["passwd"]=="set")
-              {
-                /* reset password */
-                $ok = 1;
+    $ok  = 1;
+    $myid = DB_get_userid('email-password',$email,$password);
+    if(!$myid)
+      $ok = 0;
 
-                /* check if old password matches */
-                $oldpasswd = md5($_REQUEST["password0"]);
-                if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
-                  $ok = -1;
-                /* check if new passwords are types the same twice */
-                if($_REQUEST["password1"] != $_REQUEST["password2"] )
-                  $ok = -2;
+    if($ok)
+      {
+       /* user information is ok */
+       $myname = DB_get_name('email',$email);
+       $_SESSION["name"] = $myname;
 
-                switch($ok)
-                  {
-                  case '-2':
-                    echo "The new passwords don't match. <br />";
-                    break;
-                  case '-1':
-                    echo "The old password is not correct. <br />";
-                    break;
-                  case '1':
-                    echo "Changed the password.<br />";
-                    mysql_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
-                                "' WHERE id=".DB_quote_smart($myid));
-                    break;
-                  }
-                /* set password */
-              }
-          }
-        else /* output default user page */
-          {
-            /* display links to settings */
-            output_user_settings();
+       $PREF = DB_get_PREF($myid);
 
-            DB_update_user_timestamp($myid);
+       DB_update_user_timestamp($myid);
 
-            display_user_menu();
+       display_user_menu($myid);
 
-            /* display all games the user has played */
-            echo "<div class=\"user\">";
-            echo "<h4>These are all your games:</h4>\n";
-            echo "<p>Session: <br />\n";
-            echo "<span class=\"gamestatuspre\"> p </span> =  pre-game phase ";
-            echo "<span class=\"gamestatusplay\">P </span> =  game in progess ";
-            echo "<span class=\"gamestatusover\">F </span> =  game finished <br />";
-            echo "</p>\n";
+       /* display all games the user has played */
+       echo "<div class=\"user\">";
 
-            $output = array();
-            $result = mysql_query("SELECT Hand.hash,Hand.game_id,Game.mod_date,Game.player,Game.status from Hand".
-                                  " LEFT JOIN Game ON Game.id=Hand.game_id".
-                                  " WHERE user_id='$myid'".
-                                  " ORDER BY Game.session,Game.create_date" );
-            $gamenrold = -1;
-            echo "<table>\n <tr><td>\n";
-            while( $r = mysql_fetch_array($result,MYSQL_NUM))
-              {
-                $game = DB_format_gameid($r[1]);
-                $gamenr = (int) $game;
-                if($gamenrold < $gamenr)
-                  {
-                    if($gamenrold!=-1)
-                      echo "</td></tr>\n <tr> <td>$gamenr:</td><td> ";
-                    else
-                      echo "$gamenr:</td><td> ";
-                    $gamenrold = $gamenr;
-                  }
-                if($r[4]=='pre')
-                  {
-                    echo "\n   <span class=\"gamestatuspre\"><a href=\"".$INDEX."?me=".$r[0]."\">p </a></span> ";
+       if($myvacation = check_vacation($myid))
+         {
+           $vac_start   = $myvacation[0];
+           $vac_stop    = $myvacation[1];
+           $vac_comment = $myvacation[2];
+           echo "<p class=\"vacation\">Enjoy your vacation (don't forgot to change your settings once you're back). Between $vac_start and $vac_stop other users will see the following message: $vac_comment.</p>\n";
+         }
 
-                  }
-                else if ($r[4]=='gameover')
-                  echo "\n   <span class=\"gamestatusover\"><a href=\"".$INDEX."?me=".$r[0]."\">F </a></span> ";
-                else
-                  {
-                    echo "\n   <span class=\"gamestatusplay\"><a href=\"".$INDEX."?me=".$r[0]."\">P </a></span> ";
-                  }
-                if($r[4] != 'gameover')
-                  {
-                    echo "</td><td>\n    ";
-                    if($r[3]==$myid || !$r[3])
-                      echo "(it's <strong>your</strong> turn)\n";
-                    else
-                      {
-                        $name = DB_get_name('userid',$r[3]);
-                        $gameid = $r[1];
-                        if(DB_get_reminder($r[3],$gameid)==0)
-                          if(time()-strtotime($r[2]) > 60*60*24*7)
-                            echo "".
-                              "<a href=\"$INDEX?remind=1&amp;me=".$r[0]."\">Send a reminder.</a>";
-                        echo "(it's $name's turn)\n";
-                      };
-                    if(time()-strtotime($r[2]) > 60*60*24*30)
-                      echo "".
-                        "<a href=\"$INDEX?cancel=1&amp;me=".$r[0]."\">Cancel?</a>".
-                        " (clicking here is final and can't be restored)";
+       echo "<h4>These are all your games:</h4>\n";
+       /* output legend */
+       echo "<p>Session: <br />\n";
+       echo "<span class=\"gamestatuspre\"> p </span> =  pre-game phase ";
+       echo "<span class=\"gamestatusplay\">P </span> =  game in progess ";
+       echo "<span class=\"gamestatusover\">E </span> =  game ended ";
+       echo "<span class=\"gamestatusover multi\"><a>N</a> </span> =  N games with same hand <br />";
+       echo "</p>\n";
+
+       $output = array();
+       $result = DB_query("SELECT Hand.hash,Hand.game_id,G.mod_date,G.player,G.status, ".
+                          " (SELECT count(H.randomnumbers) FROM Game H WHERE H.randomnumbers=G.randomnumbers) AS count ".
+                          " FROM Hand".
+                          " LEFT JOIN Game G ON G.id=Hand.game_id".
+                          " WHERE user_id='$myid'".
+                          " ORDER BY G.session,G.create_date" );
+
+       $gamenrold = -1;
+       $count = 0;
+       echo "<table>\n <tr><td>\n";
+       while( $r = DB_fetch_array($result))
+         {
+           $count++;
+           $game = DB_format_gameid($r[1]);
+           $gamenr = (int) $game;
+           if($gamenrold < $gamenr)
+             {
+               if($gamenrold!=-1)
+                 echo "</td></tr>\n <tr> <td>$gamenr:</td>\n";
+               else
+                 echo "$gamenr:</td>\n";
+               $gamenrold = $gamenr;
+               echo "<td class=\"usergames\">\n";
+             }
+           $Multi = ($r[5]>1) ? "multi" : "";
+           if($r[4]=='pre')
+             echo "   <span class=\"gamestatuspre $Multi\"><a href=\"".$INDEX."?action=game&amp;me=".$r[0]."\">p </a></span>\n";
+           else if (in_array($r[4],array('gameover','cancel-timedout','cancel-nines','cancel-noplay','cancel-trump')))
+           {
+             echo "   <span class=\"gamestatusover $Multi\"><a href=\"".$INDEX."?action=game&amp;me=".$r[0]."\">";
+             if($r[5]<2)
+               echo "E ";
+             else
+               echo $r[5];
+             echo "</a></span>\n";
+           }
+           else
+             echo "   <span class=\"gamestatusplay $Multi\"><a href=\"".$INDEX."?action=game&amp;me=".$r[0]."\">P </a></span>\n";
+           if($r[4] == 'pre' || $r[4] == 'play')
+             {
+               echo "</td>\n<td>\n    ";
+               if($r[3]==$myid || !$r[3])
+                 echo "(it's <strong>your</strong> turn)\n";
+               else
+                 {
+                   $name = DB_get_name('userid',$r[3]);
+                   $gameid = $r[1];
+                   /* check if we need to send out a reminder */
+                   if(DB_get_reminder($r[3],$gameid)==0)
+                     if(time()-strtotime($r[2]) > 60*60*24*7)
+                       echo "<a href=\"$INDEX?action=reminder&amp;me=".$r[0]."\">Send a reminder.</a>";
+
+                   /* check vacaction status of this user */
+                   if($vacation=check_vacation($r[3]))
+                     {
+                       $stop = substr($vacation[1],0,10);
+                       $title = 'begin:'.substr($vacation[0],0,10).' end:'.$vacation[1].' '.$vacation[2];
+                       echo "(it's <span class=\"vacation\" title=\"$title\">$name's (on vacation until $stop)</span> turn)\n";
+                     }
+                   else
+                     echo "(it's $name's turn)\n";
+                 };
+               if(time()-strtotime($r[2]) > 60*60*24*30)
+                 echo "<a href=\"$INDEX?action=cancel&amp;me=".$r[0]."\">Cancel?</a> ";
+             }
+         }
+       echo "</td></tr>\n</table>\n";
 
-                  }
-              }
-            echo "</td></tr>\n</table>\n";
+       /* give a hint for new players */
+       if($count<10)
+         echo "<p class=\"newbiehint\">You can start new games using the link in the top right corner!</p>\n";
 
-            /* display last 5 users that have signed up to e-DoKo */
-            $names = DB_get_names_of_new_logins(5);
-            echo "<h4>New Players:</h4>\n<p>\n";
-            echo implode(", ",$names).",...\n";
-            echo "</p>\n";
+       /* display last 5 users that have signed up to e-DoKo */
+       $names = DB_get_names_of_new_logins(5);
+       echo "<h4>New Players:</h4>\n<p>\n";
+       echo implode(", ",$names).",...\n";
+       echo "</p>\n";
 
-            /* display last 5 users that logged on */
-            $names = DB_get_names_of_last_logins(5);
-            echo "<h4>Players last logged in:</h4>\n<p>\n";
-            echo implode(", ",$names).",...\n";
-            echo "</p>\n";
-              
-            echo "</div>\n";
-          }
-       }
-     else
-       {
-        echo "<div class=\"message\">Sorry email and password don't match. Please <a href=\"$INDEX\">try again</a>. </div>";
-       }
-   };
-output_footer();
-DB_close();
-exit();
+       /* display last 5 users that logged on */
+       $names = DB_get_names_of_last_logins(5);
+       echo "<h4>Players last logged in:</h4>\n<p>\n";
+       echo implode(", ",$names).",...\n";
+       echo "</p>\n";
 
+       echo "</div>\n";
+      }
+    else
+      {
+       echo "<div class=\"message\">Sorry email and password don't match. Please <a href=\"$INDEX\">try again</a>. </div>";
+      }
+  };
 ?>
\ No newline at end of file