projects / e-DoKo.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix error when language is not set
[e-DoKo.git] / include / user.php
diff --git a/include/user.php b/include/user.php
index eb4f6c4c33dd8160c066491811546b3328bb75ae..5142918fbb9188dd564831c82d377cf6577a8d45 100644 (file)
--- a/include/user.php
+++ b/include/user.php
@@ -1,5 +1,5 @@
 <?php
 <?php
-/* Copyright 2006, 2007, 2008, 2009, 2010 Arun Persaud <arun@nubati.net>
+/* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016 Arun Persaud <arun@nubati.net>
  *
  *   This file is part of e-DoKo.
  *
  *
  *   This file is part of e-DoKo.
  *
@@ -25,20 +25,21 @@ if(!isset($HOST))
   exit;
 
 /* test id and password, should really be done in one step */
   exit;
 
 /* test id and password, should really be done in one step */
-if(!isset($_SESSION["name"]))
+if(isset($_SESSION['id']))
   {
   {
-    $email     = $_REQUEST["email"];
-    $password  = $_REQUEST["password"];
-  }
-else
-  {
-    $name = $_SESSION["name"];
-    $email     = DB_get_email('name',$name);
-    $password  = DB_get_passwd_by_name($name);
+    $myid = $_SESSION['id'];
+    $r = DB_query_array("SELECT email,password FROM User WHERE id=".DB_quote_smart($myid)."");
+    if($r)
+      {
+       $email     = $r[0];
+       $password  = $r[1];
+      };
   };
 
   };
 
+global  $ADMIN_NAME;
+
 /* user has forgotten his password */
 /* user has forgotten his password */
-if(myisset("forgot"))
+if(myisset('forgot'))
   {
     /* check if player is in the database */
     $ok = 1;
   {
     /* check if player is in the database */
     $ok = 1;
@@ -49,32 +50,34 @@ if(myisset("forgot"))
 
     if($ok)
       {
 
     if($ok)
       {
+       set_language($myid,'uid');
+
        /* check how many entries in recovery table */
        $number = DB_get_number_of_passwords_recovery($myid);
 
        /* if less than N recent ones, add a new one and send out email */
        if( $number < 5 )
          {
        /* check how many entries in recovery table */
        $number = DB_get_number_of_passwords_recovery($myid);
 
        /* if less than N recent ones, add a new one and send out email */
        if( $number < 5 )
          {
-           echo "Ok, I send you a new password. <br />";
+           echo _('Ok, I will send you a new password.').' <br />';
            if($number >1)
            if($number >1)
-             echo "N.B. You tried this already $number times during the last day and it will only work ".
-               " 5 times during a day.<br />";
-           echo "The new password will be valid for one day, make sure you reset it to something else.<br />";
-           echo "Back to the  <a href=\"$INDEX\">main page</a>.";
+             echo sprintf(_("N.B. You tried this already %s times during the last day and it will only work".
+                            " 5 times during a day."),$number)."<br />\n";
+           echo _('The new password will be valid for one day, make sure you reset it to something else.').'<br />';
+           echo sprintf(_('Back to the <a href="%s">main page</a>.'),$INDEX);
 
            /* create temporary password, use the fist 8 letters of a md5 hash */
            $TIME  = (string) time(); /* to avoid collisions */
 
            /* create temporary password, use the fist 8 letters of a md5 hash */
            $TIME  = (string) time(); /* to avoid collisions */
-           $hash  = md5("Anewpassword".$email.$TIME);
+           $rndstring = sha1(rand()); /* add some randomness */
+           $hash  = md5('Anewpassword'.$email.$TIME.$rndstring);
            $newpw = substr($hash,1,8);
 
            $newpw = substr($hash,1,8);
 
-           $message = "Someone (hopefully you) requested a new password. \n".
-             "You can use this email and the following password: \n".
-             "   $newpw    \n".
+           $message = sprintf( _("Someone (hopefully you) requested a new password.\n".
+             "You can use this email and the following password:\n".
+             "   %s\n".
              "to log into the server. The new password is valid for 24h, so make\n".
              "sure you reset your password to something new. Your old password will\n".
              "to log into the server. The new password is valid for 24h, so make\n".
              "sure you reset your password to something new. Your old password will\n".
-             "also still be valid until you set a new one.\n";
-           $subject = 'Recovery';
-           mymail($myid,$subject,$message);
+             "also still be valid until you set a new one.\n"), $newpw);
+           mymail($myid,0, GAME_RECOVERY, $message);
 
            /* we save these in the database */
            DB_set_recovery_password($myid,md5($newpw));
 
            /* we save these in the database */
            DB_set_recovery_password($myid,md5($newpw));
@@ -83,9 +86,9 @@ if(myisset("forgot"))
          {
            /* make it so that people (or a robot) can request thousands of passwords within a short time
             * and spam a user this way */
          {
            /* make it so that people (or a robot) can request thousands of passwords within a short time
             * and spam a user this way */
-           echo "Sorry you already tried 5 times during the last 24h.<br />".
-             "You need to use one of those passwords or wait to get a new one.<br />";
-           echo "Back to the <a href=\"$INDEX\">main page</a>.";
+           echo _('Sorry you already tried 5 times during the last 24h.<br />'.
+                  'You need to use one of those passwords or wait to get a new one.').'<br />';
+           echo sprintf(_('Back to the <a href="%s">main page</a>.'),$INDEX);
          }
       }
     else
          }
       }
     else
@@ -93,56 +96,62 @@ if(myisset("forgot"))
 
        /* no email given? */
        if($email=="")
 
        /* no email given? */
        if($email=="")
-         echo "You need to give me an email address! <br />".
-           "Please try <a href=\"$INDEX\">again</a>.";
+         echo _('You need to give me an email address!')." <br />".
+           sprintf(_('Please try <a href="%s">again</a>.'),$INDEX);
        else /* default error message */
        else /* default error message */
-         echo "Couldn't find a player with this email! <br />".
-           "Please contact Arun, if you think this is a mistake <br />".
-           "or else try <a href=\"$INDEX\">again</a>.";
+         echo _("Couldn't find a player with this email!")."<br />".
+           sprintf(_('Please contact %s, if you think this is a mistake '.
+                     'or else try <a href="%s">again</a>.'),$ADMIN_NAME, $INDEX );
       }
   }
 else
   { /* normal user page */
 
     /* verify password and email */
       }
   }
 else
   { /* normal user page */
 
     /* verify password and email */
-    if(strlen($password)!=32)
-      $password = md5($password);
-
     $ok  = 1;
     $ok  = 1;
-    $myid = DB_get_userid('email-password',$email,$password);
-    if(!$myid)
+    if(isset($email, $password))
+      {
+       $myid = DB_get_userid('email-password',$email,$password);
+        if(!$myid)
+         $ok = 0;
+      }
+    else
       $ok = 0;
 
     if($ok)
       {
        /* user information is ok */
        $myname = DB_get_name('email',$email);
       $ok = 0;
 
     if($ok)
       {
        /* user information is ok */
        $myname = DB_get_name('email',$email);
-       $_SESSION["name"] = $myname;
+       $_SESSION['name'] = $myname;
 
        $PREF = DB_get_PREF($myid);
 
        $PREF = DB_get_PREF($myid);
+       /* set language chosen in preferences, will become active on the next reload (see index.php)*/
+       $_SESSION['language'] = $PREF['language'];
+       set_language($PREF['language']);
 
        DB_update_user_timestamp($myid);
 
        display_user_menu($myid);
 
        /* display all games the user has played */
 
        DB_update_user_timestamp($myid);
 
        display_user_menu($myid);
 
        /* display all games the user has played */
-       echo "<div class=\"user\">";
+       echo '<div class="user">';
 
        if($myvacation = check_vacation($myid))
          {
            $vac_start   = $myvacation[0];
            $vac_stop    = $myvacation[1];
            $vac_comment = $myvacation[2];
 
        if($myvacation = check_vacation($myid))
          {
            $vac_start   = $myvacation[0];
            $vac_stop    = $myvacation[1];
            $vac_comment = $myvacation[2];
-           echo "<p class=\"vacation\">Enjoy your vacation (don't forgot to change your settings once you're back). Between $vac_start and $vac_stop other users will see the following message: $vac_comment.</p>\n";
+           echo '<p class="vacation">'._("Enjoy your vacation (don't forgot to change your settings once you're back).")." ".
+             _("Between $vac_start and $vac_stop other users will see the following message: $vac_comment.")."</p>\n";
          }
 
          }
 
-       echo "<h4>These are all your games:</h4>\n";
+       echo '<h4>'._('These are your games').":</h4>\n";
        /* output legend */
        /* output legend */
-       echo "<p>Games: \n";
-       echo "<span class=\"gamestatuspre\"> &nbsp; </span> =  pre-game phase ";
-       echo "<span class=\"gamestatusplay\"> &nbsp; </span> =  game in progess ";
-       echo "<span class=\"gamestatusover \"><a>N</a> </span> =  game over (N people played the same hand) <br />";
-       echo " Reminder: canceling a game can't be reversed!";
+       echo "<p>\n";
+       echo ' <span class="gamestatuspre"> &nbsp; </span> &nbsp;'._('pre-game phase');
+       echo ' <span class="gamestatusplay"> &nbsp; </span> &nbsp;'._('game in progess');
+       echo ' <span class="gamestatusover "><a>N</a> </span> &nbsp;'._('game over (N people played this hand)').' <br />';
+       echo ' '._("Reminder: canceling a game can't be reversed!");
        echo "</p>\n";
 
        /* get all games */
        echo "</p>\n";
 
        /* get all games */
@@ -152,7 +161,7 @@ else
                           " G.session".
                           " FROM Hand".
                           " LEFT JOIN Game G ON G.id=Hand.game_id".
                           " G.session".
                           " FROM Hand".
                           " LEFT JOIN Game G ON G.id=Hand.game_id".
-                          " WHERE user_id='$myid'".
+                          " WHERE user_id=".DB_quote_smart($myid).
                           " ORDER BY G.session,G.create_date" );
 
        /* sort into active and passive sessions */
                           " ORDER BY G.session,G.create_date" );
 
        /* sort into active and passive sessions */
@@ -196,8 +205,8 @@ else
 
                /* create output */
                $sessionoutput .= $gameoutput;
 
                /* create output */
                $sessionoutput .= $gameoutput;
-               $gameoutput     = "   <span class=\"gamestatusover \"><a href=\"".$INDEX."?action=game&amp;me=".$myhash."\">"
-                 .$gamefrequence."</a></span>\n";
+               $gameoutput     = "  <a class=\"gamestatusover\" href=\"".$INDEX."?action=game&amp;me=".$myhash."\">"
+                 .$gamefrequence."</a>\n";
              }
            else
              { /* new session */
              }
            else
              { /* new session */
@@ -210,13 +219,13 @@ else
                      {
                        $output_active .= "<li> ";
                        if($gamestatus == 'pre')
                      {
                        $output_active .= "<li> ";
                        if($gamestatus == 'pre')
-                         $output_active .= '<span class="gamestatuspre gameid">';
+                         $class= 'class="gamestatuspre gameid"';
                        else if($gamestatus == 'play')
                        else if($gamestatus == 'play')
-                         $output_active .= '<span class="gamestatusplay gameid">';
+                         $class= 'class="gamestatusplay gameid"';
                        else
                        else
-                         $output_active .= '<span class="gamestatusover gameid">';
-                       $output_active .= "<a href=\"$INDEX?action=game&amp;me=$myhash\">".
-                         DB_format_gameid($gameid).'</a></span>&nbsp;&nbsp;&nbsp;';
+                         $class= 'class="gamestatusover gameid"';
+                       $output_active .= "<a $class href=\"$INDEX?action=game&amp;me=$myhash\">".
+                         DB_format_gameid($gameid).'</a>&nbsp;&nbsp;&nbsp;';
 
 
 
 
 
 
@@ -225,7 +234,7 @@ else
                          {
                            $output_active .= '<span class="turn">';
                            if($userid==$myid || !$userid)
                          {
                            $output_active .= '<span class="turn">';
                            if($userid==$myid || !$userid)
-                             $output_active .= " <strong>your</strong> turn\n";
+                             $output_active .= ' <strong>'._('your turn')."</strong>\n";
                            else
                              {
                                $name = DB_get_name('userid',$userid);
                            else
                              {
                                $name = DB_get_name('userid',$userid);
@@ -234,27 +243,29 @@ else
                                if($vacation=check_vacation($userid))
                                  {
                                    $stop = substr($vacation[1],0,10);
                                if($vacation=check_vacation($userid))
                                  {
                                    $stop = substr($vacation[1],0,10);
-                                   $title = 'begin:'.substr($vacation[0],0,10).' end:'.$vacation[1].' '.$vacation[2];
-                                   $output_active .= " <span class=\"vacation\" title=\"$title\">$name's (on vacation until $stop)</span> turn\n";
+                                   $title = _('begin:').substr($vacation[0],0,10).' '._('end:').$vacation[1].' '.$vacation[2];
+                                   $output_active .= " <span class=\"vacation\" title=\"$title\">".
+                                     sprintf(_("%s's turn"),$name).' '._("(on vacation until $stop)")."</span>\n";
                                  }
                                else
                                  }
                                else
-                                 $output_active .= "$name's turn\n";
+                                 $output_active .= sprintf(_("%s's turn"),$name)."\n";
 
                                /* check if we need to send out a reminder */
                                if(DB_get_reminder($userid,$gameid)==0)
                                  if(time()-strtotime($gamemoddate) > 60*60*24*7)
 
                                /* check if we need to send out a reminder */
                                if(DB_get_reminder($userid,$gameid)==0)
                                  if(time()-strtotime($gamemoddate) > 60*60*24*7)
-                                   $output_active .= "<a href=\"$INDEX?action=reminder&amp;me=".$myhash."\">Send a reminder?</a> ";
+                                   $output_active .= "<a href=\"$INDEX?action=reminder&amp;me=".$myhash."\">"._('Send a reminder?').'</a> ';
 
                              };
                            $output_active .= '</span>';
 
                            if(time()-strtotime($gamemoddate) > 60*60*24*30)
 
                              };
                            $output_active .= '</span>';
 
                            if(time()-strtotime($gamemoddate) > 60*60*24*30)
-                             $output_active .= "<a href=\"$INDEX?action=cancel&amp;me=".$myhash."\">Cancel?</a> ";
+                             $output_active .= "<a href=\"$INDEX?action=cancel&amp;me=".$myhash."\">"._('Cancel?').'</a> ';
                          }
 
                        if($maxgame>1)
                          {
                          }
 
                        if($maxgame>1)
                          {
-                           $output_active .= ' <span class="gameshidesession link">(hide/show) old</span><br />'."\n";
+                           $output_active .= ' <span class="gamesshowsession"><a href="#">'._('show old').'</a></span>'.
+                             '  <span class="gameshidesession"><a href="#">'._('hide old').'</a></span><br />'."\n";
                            $output_active .= ' <span class="gamessession">'.$sessionoutput.'</span>';
                          }
 
                            $output_active .= ' <span class="gamessession">'.$sessionoutput.'</span>';
                          }
 
@@ -295,29 +306,34 @@ else
          }
 
        echo "<ul>\n ";
          }
 
        echo "<ul>\n ";
-       echo " <li><span class=\"gameshowall link\">show all</span> <span class=\"gamehideall link\">hide all</span></li>\n";
+       echo ' <li><span class="gameshowall"><a href="#">'._('show all').'</a></span> <span class="gamehideall"><a href="#">'._('hide all')."</a></span></li>\n";
        echo $output_active;
        echo $output_active;
-       echo " <li><span class=\"gameshidesession link\">hide/show inactive</span><ul class=\"gamessession\">$output_inactive </ul></li>";
+       echo ' <li><span class="gamesshowsession"><a href="#">'._('show inactive').'</a></span><span class="gameshidesession"><a href="#">'._('hide inactive').'</a></span><ul class="gamessession">'."$output_inactive </ul></li>";
        echo "</ul>\n";
 
        /* give a hint for new players */
        if($count<10)
        echo "</ul>\n";
 
        /* give a hint for new players */
        if($count<10)
-         echo "<p class=\"newbiehint\">You can start new games using the link in the top right corner!</p>\n";
+         echo '<p class="newbiehint">'._('You can start new games using the link in the top right corner!')."</p>\n";
 
 
-       /* display last 5 users that have signed up to e-DoKo */
+       /* display last 5 users that have signed up to e-DoKo within the 45 days */
        $names = DB_get_names_of_new_logins(5);
        $names = DB_get_names_of_new_logins(5);
-       echo "<h4>New Players:</h4>\n<p>\n";
-       echo implode(", ",$names).",...\n";
-       echo "</p>\n";
+        if ($names)
+         {
+           echo '<h4>'._('New Player(s)').":</h4>\n<p>\n";
+           echo implode(", ",$names).",...\n";
+           echo "</p>\n";
+         };
 
        /* display last 5 users that logged on */
 
        /* display last 5 users that logged on */
-       echo "<h4>Players last logged in:</h4>\n<p>\n";
+       echo '<h4>'._('Players last logged in').":</h4>\n<p>\n";
 
        $names  = DB_get_names_of_last_logins(7);
        $emails = DB_get_emails_of_last_logins(7);
        for($i=0;$i<7;$i++)
          {
 
        $names  = DB_get_names_of_last_logins(7);
        $emails = DB_get_emails_of_last_logins(7);
        for($i=0;$i<7;$i++)
          {
-           echo "<img class=\"gravatar\" title=\"".$names[$i]."\" src=\"http://www.gravatar.com/avatar/".md5(strtolower(trim($emails[$i])))."?d=identicon\" />\n";
+           echo '<img class="gravatar" title="'.$names[$i].
+             '" src="https://www.gravatar.com/avatar/'.
+             md5(strtolower(trim($emails[$i])))."?d=identicon\" />\n";
          }
        echo "</p>\n";
 
          }
        echo "</p>\n";
 
@@ -325,7 +341,9 @@ else
       }
     else
       {
       }
     else
       {
-       echo "<div class=\"message\">Sorry email and password don't match. Please <a href=\"$INDEX\">try again</a>. </div>";
+       echo '<div class="message">'."\n";
+       echo  sprintf(_("Sorry email and password don't match. Please <a href=\"%s\">try again</a>."),$INDEX);
+       echo '</div>'."\n";
       }
   };
 ?>
\ No newline at end of file
       }
   };
 ?>
\ No newline at end of file
Email/Web based Dopppelkopf server