X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=e-DoKo.git;a=blobdiff_plain;f=include%2Fdb.php;h=23959080ba704661c98737f641344d947fb39567;hp=6d4080c26ceefaa17232503a9e49e82af096b8a3;hb=d3841fcbcb98f5e2bbdeb7b89733b8757e848f20;hpb=4b622dbdb85fbb3512a881ec4786a05f6cd4701c diff --git a/include/db.php b/include/db.php index 6d4080c..2395908 100644 --- a/include/db.php +++ b/include/db.php @@ -1,4 +1,23 @@ + * + * This file is part of e-DoKo. + * + * e-DoKo is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * e-DoKo is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with e-DoKo. If not, see . + * + */ + /* make sure that we are not called from outside the scripts, * use a variable defined in config.php to check this */ @@ -11,14 +30,19 @@ if(!isset($HOST)) function DB_open() { + $version_needed = 5; + global $DB,$DB_user,$DB_host,$DB_database,$DB_password; - $DB = @mysql_connect($DB_host,$DB_user, $DB_password); - if ( $DB ) + $DB = new mysqli($DB_host,$DB_user, $DB_password, $DB_database); + if ( $DB->connect_errno ) { - mysql_select_db($DB_database) or die('Could not select database'); - } - else - return -1; + echo "Failed to connect to Mysql ".$DB->connect_error." (".$DB->connect_errno.")\n"; + return -1; + }; + + $version = DB_get_version(); + if ($version != $version_needed) + return -2; return 0; } @@ -26,19 +50,21 @@ function DB_open() function DB_close() { global $DB; - mysql_close($DB); + $DB->close(); return; } function DB_quote_smart($value) { + global $DB; /* Stripslashes */ if (get_magic_quotes_gpc()) { $value = stripslashes($value); } /* Quote if not a number or a numeric string */ if (!is_numeric($value)) { - $value = "'" . mysql_real_escape_string($value) . "'"; + $value = "'" . $DB->real_escape_string($value) . "'"; + $value = addcslashes($value, '%_'); } return $value; } @@ -58,22 +84,46 @@ function DB_test() /* use Mysql in the background */ function DB_query($query) { - return mysql_query($query); + global $DB; + /* debug/optimize the database + $time = microtime(); + $return = $DB->query($query); + $time = microtime() - $time; + + if($time > 0.15) // this way we can find only the long ones + { + $logfile=fopen('DBlog.log','a+'); + fwrite($logfile,"time of query: $time\n"); + fwrite($logfile,wordwrap(" EXPLAIN $query ;\n", 60, "\n ")); + + $result = ""; + $queryresult = mysql_query("EXPLAIN $query ;"); + if( $queryresult ) + while($row = DB_fetch_array($queryresult)) + $result .= " |".implode("|",$row)."|\n"; + + fwrite($logfile,"$result \n\n"); + fclose($logfile); + }; + + return $return; + */ + + return $DB->query($query); } function DB_fetch_array($result) { - return mysql_fetch_array($result,MYSQL_NUM); + if($result) + return $result->fetch_array(MYSQLI_NUM); + else + return NULL; } function DB_insert_id() { - return mysql_insert_id(); -} - -function DB_num_rows($result) -{ - return mysql_num_rows($result); + global $DB; + return $DB->insert_id; } /* end Mysql functions */ @@ -96,14 +146,10 @@ function DB_query_array_all($query) return $result; } -function DB_get_passwd_by_name($name) +function DB_get_version() { - $r = DB_query_array("SELECT password FROM User WHERE fullname=".DB_quote_smart($name).""); - - if($r) - return $r[0]; - else - return ""; + $version = DB_query_array('SELECT version FROM Version'); + return $version[0]; } function DB_get_passwd_by_userid($id) @@ -251,34 +297,6 @@ function DB_get_gameid_by_hash($hash) return 0; } -function DB_cancel_game($hash) -{ - $gameid = DB_get_gameid_by_hash($hash); - - if(!$gameid) - return; - - /* get the IDs of all players */ - $result = DB_query("SELECT id FROM Hand WHERE game_id=".DB_quote_smart($gameid)); - while($r = DB_fetch_array($result)) - { - $id = $r[0]; - - $tmp = DB_query_array("SELECT id FROM Hand_Card WHERE hand_id=".DB_quote_smart($id)); - DB_query("DELETE FROM Play WHERE hand_card_id=".DB_quote_smart($tmp[0])); - - DB_query("DELETE FROM Hand_Card WHERE hand_id=".DB_quote_smart($id)); - DB_query("DELETE FROM Hand WHERE id=".DB_quote_smart($id)); - } - - /* delete game */ - DB_query("DELETE FROM User_Game_Prefs WHERE game_id=".DB_quote_smart($gameid)); - DB_query("DELETE FROM Trick WHERE game_id=".DB_quote_smart($gameid)); - DB_query("DELETE FROM Game WHERE id=".DB_quote_smart($gameid)); - - return; -} - function DB_get_hand($me) { $cards = array(); @@ -474,6 +492,17 @@ function DB_get_names_of_last_logins($N) return $names; } +function DB_get_emails_of_last_logins($N) +{ + $emails = array(); + + $result = DB_query("SELECT email FROM User ORDER BY last_login DESC LIMIT $N"); + while($r = DB_fetch_array($result)) + $emails[] = $r[0]; + + return $emails; +} + function DB_get_names_of_new_logins($N) { $names = array(); @@ -491,6 +520,15 @@ function DB_update_game_timestamp($gameid) return; } +function DB_get_game_timestamp($gameid) +{ + $r = DB_query_array("SELECT mod_date FROM Game WHERE id=".DB_quote_smart($gameid)); + + if($r) + return $r[0]; + else + return NULL; +} function DB_update_user_timestamp($userid) { @@ -507,6 +545,17 @@ function DB_get_user_timestamp($userid) else return NULL; } + +function DB_get_user_creation_date($userid) +{ + $r = DB_query_array("SELECT create_date FROM User WHERE id=".DB_quote_smart($userid)); + + if($r) + return $r[0]; + else + return NULL; +} + function DB_get_user_timezone($userid) { $r = DB_query_array("SELECT timezone FROM User WHERE id=".DB_quote_smart($userid)); @@ -517,13 +566,31 @@ function DB_get_user_timezone($userid) return "Europe/London"; } -function DB_insert_comment($comment,$playid,$userid) +function DB_insert_comment($comment,$playid,$gameid,$userid) { - DB_query("INSERT INTO Comment VALUES (NULL,NULL,NULL,$userid,$playid, ".DB_quote_smart($comment).")"); + DB_query("INSERT INTO Comment VALUES (NULL,NULL,NULL,$userid,$playid,$gameid, ".DB_quote_smart($comment).")"); return; } +function DB_get_pre_comment($gameid) +{ + $r = DB_query_array_all("SELECT comment, User.fullname FROM Comment". + " LEFT JOIN User ON User.id=user_id". + " WHERE play_id=-1". + " AND game_id=$gameid "); + return $r; +} + +function DB_get_pre_comment_call($gameid) +{ + $r = DB_query_array_all("SELECT comment, User.fullname FROM Comment". + " LEFT JOIN User ON User.id=user_id". + " WHERE play_id=-2". + " AND game_id=$gameid "); + return $r; +} + function DB_insert_note($comment,$gameid,$userid) { DB_query("INSERT INTO Notes VALUES (NULL,NULL,NULL,$userid,$gameid, ".DB_quote_smart($comment).")"); @@ -650,14 +717,15 @@ function DB_get_hashes_by_session($session,$user) return $r; } -function DB_get_ruleset($dullen,$schweinchen,$call) +function DB_get_ruleset($dullen,$schweinchen,$call,$lowtrump) { $r = array(); $result = DB_query("SELECT id FROM Rulesets WHERE". " dullen=".DB_quote_smart($dullen)." AND ". " Rulesets.call=".DB_quote_smart($call)." AND ". - " schweinchen=".DB_quote_smart($schweinchen)); + " schweinchen=".DB_quote_smart($schweinchen)." AND ". + " lowtrump=".DB_quote_smart($lowtrump)); if($result) $r = DB_fetch_array($result); @@ -669,6 +737,7 @@ function DB_get_ruleset($dullen,$schweinchen,$call) $result = DB_query("INSERT INTO Rulesets VALUES (NULL, NULL, ". DB_quote_smart($dullen).",". DB_quote_smart($schweinchen).",". + DB_quote_smart($lowtrump).",". DB_quote_smart($call). ", NULL)"); if($result) @@ -699,6 +768,18 @@ function DB_get_party_by_gameid_and_userid($gameid,$userid) return NULL; } +function DB_get_party_by_session_and_userid($session,$userid) +{ + /* used in score table by index. gameids are sorted by date, so we need to sort here too! */ + $r = DB_query_array_all("SELECT party FROM Hand". + " LEFT JOIN Game ON Game.id = Hand.game_id". + " WHERE Game.session=".DB_quote_smart($session). + " AND user_id=".DB_quote_smart($userid)."". + " AND Game.status='gameover' ". + " ORDER BY Game.create_date ASC"); + return $r; +} + function DB_set_party_by_hash($hash,$party) { DB_query("UPDATE Hand SET party=".DB_quote_smart($party)." WHERE hash=".DB_quote_smart($hash)); @@ -707,62 +788,76 @@ function DB_set_party_by_hash($hash,$party) function DB_get_PREF($myid) { - /* Cardset */ - $r = DB_query_array("SELECT value from User_Prefs". - " WHERE user_id='$myid' AND pref_key='cardset'" ); - if($r) - { - /* licence only valid until then */ - if($r[0]=="altenburg" && (time()-strtotime( "2009-12-31 23:59:59")<0) ) - $PREF["cardset"]="altenburg"; - else - $PREF["cardset"]="english"; - } - else - $PREF["cardset"]="english"; - - /* Email */ - $r = DB_query_array("SELECT value FROM User_Prefs". - " WHERE user_id='$myid' AND pref_key='email'" ); - if($r) - { - if($r[0]=="emailaddict") - $PREF["email"]="emailaddict"; - else - $PREF["email"]="emailnonaddict"; - } - else - $PREF["email"]="emailnonaddict"; - - /* Autosetup */ - $r = DB_query_array("SELECT value FROM User_Prefs". - " WHERE user_id='$myid' AND pref_key='autosetup'" ); - if($r) + /* set defaults */ + $PREF['cardset'] = 'english'; + $PREF['email'] = 'emailnonaddict'; + $PREF['digest'] = 'digest-off'; + $PREF['autosetup'] = 'no'; + $PREF['sorting'] = 'high-low'; + $PREF['open_for_games'] = 'yes'; + $PREF['vacation_start'] = NULL; + $PREF['vacation_stop'] = NULL; + $PREF['vacation_comment'] = ''; + $PREF['language'] = 'en'; + + /* get all preferences */ + $r = DB_query('SELECT pref_key, value FROM User_Prefs'. + " WHERE user_id=".DB_quote_smart($myid) ); + while($pref = DB_fetch_array($r) ) { - if($r[0]=='yes') - $PREF['autosetup']='yes'; - else - $PREF['autosetup']='no'; + switch($pref[0]) + { + case 'cardset': + if($pref[1]) + $PREF['cardset'] = $pref[1]; + break; + + case 'email': + if($pref[1]=='emailaddict') + $PREF['email']='emailaddict'; + break; + + case 'digest': + if($pref[1]) + $PREF['digest'] = $pref[1]; + break; + + case 'autosetup': + if($pref[1]=='yes') + $PREF['autosetup']='yes'; + break; + + case 'sorting': + if($pref[1]) + $PREF['sorting'] = $pref[1]; + break; + + case 'open for games': + if($pref[1]) + $PREF['open_for_games'] = $pref[1]; + break; + + case 'vacation start': + if($pref[1]) + $PREF['vacation_start'] = $pref[1]; + break; + + case 'vacation stop': + if($pref[1]) + $PREF['vacation_stop'] = $pref[1]; + break; + + case 'vacation comment': + if($pref[1]) + $PREF['vacation_comment'] = $pref[1]; + break; + + case 'language': + if($pref[1]) + $PREF['language'] = $pref[1]; + break; + } } - else - $PREF['autosetup']='no'; - - /* Sorting */ - $r = DB_query_array("SELECT value FROM User_Prefs". - " WHERE user_id='$myid' AND pref_key='sorting'" ); - if($r) - $PREF['sorting'] = $r[0]; - else - $PREF['sorting']='high-low'; - - /* Open for new games */ - $r = DB_query_array("SELECT value FROM User_Prefs". - " WHERE user_id='$myid' AND pref_key='open for games'" ); - if($r) - $PREF['open_for_games'] = $r[0]; - else - $PREF['open_for_games']='yes'; - return $PREF; } @@ -771,11 +866,12 @@ function DB_get_RULES($gameid) { $r = DB_query_array("SELECT * FROM Rulesets". " LEFT JOIN Game ON Game.ruleset=Rulesets.id ". - " WHERE Game.id='$gameid'" ); + " WHERE Game.id=".DB_quote_smart($gameid) ); - $RULES["dullen"] = $r[2]; - $RULES["schweinchen"] = $r[3]; - $RULES["call"] = $r[4]; + $RULES['dullen'] = $r[2]; + $RULES['schweinchen'] = $r[3]; + $RULES['lowtrump'] = $r[4]; + $RULES['call'] = $r[5]; return $RULES; } @@ -784,7 +880,7 @@ function DB_get_email_pref_by_hash($hash) { $r = DB_query_array("SELECT value FROM Hand". " LEFT JOIN User_Prefs ON Hand.user_id=User_Prefs.user_id". - " WHERE hash='$hash' AND pref_key='email'" ); + " WHERE hash=".DB_quote_smart($hash)." AND pref_key='email'" ); if($r) { if($r[0]=="emailaddict") @@ -799,7 +895,7 @@ function DB_get_email_pref_by_hash($hash) function DB_get_email_pref_by_uid($uid) { $r = DB_query_array("SELECT value FROM User_Prefs ". - " WHERE user_id='$uid' AND pref_key='email'" ); + " WHERE user_id=".DB_quote_smart($uid)." AND pref_key='email'" ); if($r) { if($r[0]=="emailaddict") @@ -820,7 +916,7 @@ function DB_get_unused_randomnumbers($userstr) */ DB_query("DROP TEMPORARY TABLE IF EXISTS gametmp;"); DB_query("CREATE TEMPORARY TABLE gametmp SELECT id,randomnumbers FROM Game;"); - DB_query("DELETE FROM gametmp WHERE id IN (SELECT game_id FROM Hand WHERE user_id IN (".$userstr."));"); + DB_query("DELETE FROM gametmp WHERE randomnumbers IN (SELECT randomnumbers FROM Hand LEFT JOIN Game ON Game.id=game_id WHERE user_id IN (".$userstr."));"); $r = DB_query_array("SELECT randomnumbers FROM gametmp LIMIT 1;"); DB_query("DROP TEMPORARY TABLE IF EXISTS gametmp;"); @@ -834,7 +930,7 @@ function DB_get_unused_randomnumbers($userstr) function DB_get_number_of_passwords_recovery($user) { $r = DB_query_array("SELECT COUNT(*) FROM Recovery ". - " WHERE user_id=$user ". + " WHERE user_id=".DB_quote_smart($user). " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= create_date". " GROUP BY user_id " ); if($r) @@ -850,9 +946,18 @@ function DB_set_recovery_password($user,$newpw) return; } +function DB_delete_recovery_passwords($userid) +{ + DB_query("DELETE FROM Recovery WHERE user_id=".DB_quote_smart($userid)); + return; +} + function DB_get_card_name($card) { - $r = DB_query_array("SELECT strength,suite FROM Card WHERE id='$card'"); + if($card==0) + return 'backside'; + + $r = DB_query_array("SELECT strength,suite FROM Card WHERE id=".DB_quote_smart($card)); if($r) return $r[0]." of ".$r[1]; @@ -862,21 +967,22 @@ function DB_get_card_name($card) function DB_get_current_playid($gameid) { + /* return playid or -1 for pre-game phase */ $trick = DB_get_max_trickid($gameid); - if(!$trick) return NULL; + if(!$trick) return -1; - $r = DB_query_array("SELECT id FROM Play WHERE trick_id='$trick' ORDER BY create_date DESC LIMIT 1"); + $r = DB_query_array("SELECT id FROM Play WHERE trick_id=".DB_quote_smart($trick)." ORDER BY create_date DESC LIMIT 1"); if($r) return $r[0]; - return ""; + return -1; } function DB_get_call_by_hash($hash) { - $r = DB_query_array("SELECT point_call FROM Hand WHERE hash='$hash'"); + $r = DB_query_array("SELECT point_call FROM Hand WHERE hash=".DB_quote_smart($hash)); if($r) return $r[0]; @@ -890,7 +996,7 @@ function DB_get_partner_call_by_hash($hash) if($partner) { - $r = DB_query_array("SELECT point_call FROM Hand WHERE hash='$partner'"); + $r = DB_query_array("SELECT point_call FROM Hand WHERE hash=".DB_quote_smart($partner)); if($r) return $r[0]; @@ -904,7 +1010,8 @@ function DB_get_partner_hash_by_hash($hash) $gameid = DB_get_gameid_by_hash($hash); $party = DB_get_party_by_hash($hash); - $r = DB_query_array("SELECT hash FROM Hand WHERE game_id='$gameid' AND party='$party' AND hash<>'$hash'"); + $r = DB_query_array("SELECT hash FROM Hand WHERE game_id=".DB_quote_smart($gameid). + " AND party=".DB_quote_smart($party)." AND hash<>".DB_quote_smart($hash)); if($r) return $r[0]; @@ -914,20 +1021,23 @@ function DB_get_partner_hash_by_hash($hash) function DB_format_gameid($gameid) { - $session = DB_get_session_by_gameid($gameid); + /* get session and create date */ + $r = DB_query_array("SELECT session, create_date FROM Game WHERE id=".DB_quote_smart($gameid)); + $session = $r[0]; + $date = $r[1]; /* get number of game */ - $r = DB_query_array("SELECT SUM(TIME_TO_SEC(TIMEDIFF(create_date, (SELECT create_date FROM Game WHERE id='$gameid')))<=0) ". + $r = DB_query_array("SELECT SUM(TIME_TO_SEC(TIMEDIFF(create_date, '$date'))<=0) ". " FROM Game". - " WHERE session='$session' "); - return $session.".".$r[0]; + " WHERE session=".DB_quote_smart($session)); + return $session.'.'.$r[0]; } function DB_get_reminder($user,$gameid) { $r = DB_query_array("SELECT COUNT(*) FROM Reminder ". - " WHERE user_id=$user ". - " AND game_id=$gameid ". + " WHERE user_id=".DB_quote_smart($user). + " AND game_id=".DB_quote_smart($gameid). " AND DATE_SUB(CURDATE(),INTERVAL 1 DAY) <= create_date". " GROUP BY user_id " ); if($r) @@ -948,61 +1058,37 @@ function DB_is_session_active($session) { $r = DB_query_array("SELECT COUNT(*) FROM Game ". " WHERE session=$session ". - " AND status<>'gameover' "); + " AND status IN ('pre','play') "); if($r) return $r[0]; else return -1; } -function DB_get_score_by_gameid($gameid) -{ - /* returns the points of a game from the point of the re parth (<0 if they lost) */ - $queryresult = DB_query("SELECT COUNT(*),party FROM Score ". - " WHERE game_id=$gameid ". - " GROUP BY party "); - $re = 0; - $contra = 0; - - while($r = DB_fetch_array($queryresult) ) - { - if($r[1] == "re") - $re += $r[0]; - else if ($r[1] == "contra") - $contra += $r[0]; - }; - - return ($re - $contra); -} - function DB_get_gameids_of_finished_games_by_session($session) { $ids = array (); if($session==0) /* return all games */ - $queryresult = DB_query("SELECT id FROM Game ". - " WHERE status='gameover' ". - " ORDER BY create_date ASC"); + $queryresult = DB_query_array_all("SELECT Game.id,SUM(IF(STRCMP(Score.party,'re'),-1,1)),Game.type FROM Game ". + " LEFT JOIN Score on game_id=Game.id". + " WHERE status='gameover' ". + " GROUP BY Game.id"); else /* return games in a session */ - $queryresult = DB_query("SELECT id FROM Game ". - " WHERE session=$session ". - " AND status='gameover' ". - " ORDER BY create_date ASC"); + $queryresult = DB_query_array_all("SELECT Game.id,SUM(IF(STRCMP(Score.party,'re'),-1,1)),Game.type FROM Game ". + " LEFT JOIN Score on game_id=Game.id". + " WHERE session=".DB_quote_smart($session). + " AND status='gameover' ". + " GROUP BY Game.id". + " ORDER BY Game.create_date ASC"); - $i=0; - while($r = DB_fetch_array($queryresult) ) - { - $ids[$i] = $r[0]; - $i++; - } - - return $ids; + return $queryresult; } function DB_get_card_value_by_cardid($id) { $r = DB_query_array("SELECT points FROM Card ". - " WHERE id=$id "); + " WHERE id=".DB_quote_smart($id)); if($r) return $r[0]; @@ -1040,7 +1126,7 @@ function DB_get_userid($type,$var1="",$var2="") /* test if a recovery password has been set */ if(!$r) { - echo "testing alternative password"; + /* testing alternative password */ $result = DB_query("SELECT User.id FROM User". " LEFT JOIN Recovery ON User.id=Recovery.user_id". " WHERE email=".DB_quote_smart($var1). @@ -1151,4 +1237,47 @@ function DB_played_by_others($gameid) $gameids[]=$r[0]; return $gameids; } + +function DB_get_number_of_tricks($gameid,$position) +{ + $r = DB_query_array("SELECT COUNT(winner) FROM Trick Where game_id='$gameid' and winner='$position'"); + return $r[0]; +} + +function DB_digest_insert_email($To,$message,$type,$gameid) +{ + if($type == GAME_YOUR_TURN) + DB_query("INSERT INTO digest_email VALUES (NULL,".DB_quote_smart($To).",NULL,'your_turn',$gameid,".DB_quote_smart($message).")"); + else + DB_query("INSERT INTO digest_email VALUES (NULL,".DB_quote_smart($To).",NULL,'misc',NULL,".DB_quote_smart($message).")"); + return; +} + +function DB_get_digest_users() +{ + $users = array(); + + $result = DB_query("SELECT user_id FROM User_Prefs WHERE pref_key='digest' and value <> 'digest-off'"); + while($r = DB_fetch_array($result)) + $users[]=$r[0]; + + return $users; +} + +function DB_get_digest_message_by_email($email) +{ + $messages = array(); + + $result = DB_query("SELECT id,content,type,game_id FROM digest_email Where email='$email'"); + while($r = DB_fetch_array($result)) + $messages[]=$r; + + return $messages; +} + +function DB_digest_delete_message($id) +{ + DB_query("Delete from digest_email where id='$id'"); +} + ?> \ No newline at end of file