X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=e-DoKo.git;a=blobdiff_plain;f=db.php;h=bae70cbc943b7273f4478bce795c0d64871bb34c;hp=a44436043228c57c132c9367425e58756aa6bfaf;hb=14cdf8ad54e90d7b208b72cd0bfd568e9c22bc32;hpb=7128076b9409b55551f206d875218fc8f70bb273 diff --git a/db.php b/db.php index a444360..bae70cb 100644 --- a/db.php +++ b/db.php @@ -134,6 +134,17 @@ function DB_get_userid_by_email_and_password($email,$password) $result = mysql_query("SELECT id FROM User WHERE email=".DB_quote_smart($email)." AND password=".DB_quote_smart($password)); $r = mysql_fetch_array($result,MYSQL_NUM); + /* test if a recovery password has been set */ + if(!$r) + { + $result = mysql_query("SELECT User.id FROM User". + " LEFT JOIN Recovery ON User.id=Recovery.user_id". + " WHERE email=".DB_quote_smart($email). + " AND Recovery.password=".DB_quote_smart($password). + " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= Recovery.create_date"); + $r = mysql_fetch_array($result,MYSQL_NUM); + } + if($r) return $r[0]; else @@ -455,7 +466,7 @@ function DB_get_current_trickid($gameid) if(!$sequence || $sequence==4) { - mysql_query("INSERT INTO Trick VALUES (NULL,NULL,NULL, ".DB_quote_smart($gameid).")"); + mysql_query("INSERT INTO Trick VALUES (NULL,NULL,NULL, ".DB_quote_smart($gameid).",NULL)"); $trickid = mysql_insert_id(); $sequence = 1; $number++; @@ -694,12 +705,13 @@ function DB_get_hashes_by_session($session,$user) return $r; } -function DB_get_ruleset($dullen,$schweinchen) +function DB_get_ruleset($dullen,$schweinchen,$call) { $r = array(); $result = mysql_query("SELECT id FROM Rulesets WHERE". " dullen=".DB_quote_smart($dullen)." AND ". + " call=".DB_quote_smart($call)." AND ". " schweinchen=".DB_quote_smart($schweinchen)); if($result) $r = mysql_fetch_array($result,MYSQL_NUM); @@ -711,7 +723,8 @@ function DB_get_ruleset($dullen,$schweinchen) /* create new one */ $result = mysql_query("INSERT INTO Rulesets VALUES (NULL, NULL, ". DB_quote_smart($dullen).",". - DB_quote_smart($schweinchen). + DB_quote_smart($schweinchen).",". + DB_quote_smart($call). ", NULL)"); if($result) return mysql_insert_id(); @@ -753,22 +766,14 @@ function DB_get_PREF($myid) else $PREF["cardset"]="english"; - $result = mysql_query("SELECT value from User_Prefs". - " WHERE user_id='$myid' AND pref_key='ccemail'" ); - $r = mysql_fetch_array($result,MYSQL_NUM); - if($r) - $PREF["ccemail"]=$r[0]; - else - $PREF["ccemail"]="no"; - return; } function DB_get_unused_randomnumbers($userstr) { - $queryresult = mysql_query("SELECT randomnumbers,Game.id FROM Game ". + $queryresult = mysql_query("SELECT randomnumbers,Game.id, COUNT(*) as num FROM Game ". " LEFT JOIN Hand ON Hand.game_id=Game.id ". - " AND user_id not in (".$userstr.")". + " AND user_id not in (".$userstr.")". " GROUP BY Game.id ". " HAVING num=4"); @@ -779,4 +784,37 @@ function DB_get_unused_randomnumbers($userstr) return ""; } +function DB_get_number_of_passwords_recovery($user) +{ + $queryresult = mysql_query("SELECT COUNT(*) FROM Recovery ". + " WHERE user_id=$user ". + " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= create_date". + " GROUP BY user_id " ); + + $r = mysql_fetch_array($queryresult,MYSQL_NUM); + if($r) + return $r[0]; + else + return 0; +} + +function DB_set_recovery_password($user,$newpw) +{ + mysql_query("INSERT INTO Recovery VALUES(NULL,".DB_quote_smart($user). + ",".DB_quote_smart($newpw).",NULL)"); + + return; +} + +function DB_get_card_name($card) +{ + $queryresult = mysql_query("SELECT strength,suite FROM Card WHERE id='$card'"); + + $r = mysql_fetch_array($queryresult,MYSQL_NUM); + if($r) + return $r[0]." of ".$r[1]; + else + return "Error during get_card_name ".$card; +} + ?> \ No newline at end of file