X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=e-DoKo.git;a=blobdiff_plain;f=include%2Fuser.php;h=19eb27bc6745da85544254d34e7acd1c632d11a4;hp=00426aa03e503b51a907f396acd62036978bc93a;hb=cd4cbd4a1cce2c35a6a78b1b957c17389001b4b1;hpb=9239ba22c382383cd258ad3f36b2bc0dc99664b2
diff --git a/include/user.php b/include/user.php
index 00426aa..19eb27b 100644
--- a/include/user.php
+++ b/include/user.php
@@ -6,17 +6,17 @@ if(!isset($HOST))
exit;
/* test id and password, should really be done in one step */
-if(!isset($_SESSION["name"]))
+if(!isset($_SESSION["name"]))
{
$email = $_REQUEST["email"];
$password = $_REQUEST["password"];
}
- else
- {
- $name = $_SESSION["name"];
- $email = DB_get_email('name',$name);
- $password = DB_get_passwd_by_name($name);
- };
+else
+ {
+ $name = $_SESSION["name"];
+ $email = DB_get_email('name',$name);
+ $password = DB_get_passwd_by_name($name);
+ };
/* user has forgotten his password */
if(myisset("forgot"))
@@ -81,192 +81,103 @@ if(myisset("forgot"))
"or else try again.";
}
}
- else
- { /* normal user page */
-
-
- /* verify password and email */
- if(strlen($password)!=32)
- $password = md5($password);
-
- $ok = 1;
- $myid = DB_get_userid('email-password',$email,$password);
- if(!$myid)
- $ok = 0;
-
- if($ok)
- {
- /* user information is ok */
- $myname = DB_get_name('email',$email);
- $_SESSION["name"] = $myname;
- output_status();
+else
+ { /* normal user page */
- $PREF = DB_get_PREF($myid);
+ /* verify password and email */
+ if(strlen($password)!=32)
+ $password = md5($password);
- /* does the user want to change some preferences? */
- if(myisset("setpref"))
- {
- $setpref=$_REQUEST["setpref"];
- switch($setpref)
- {
- case "germancards":
- case "englishcards":
- $result = DB_query("SELECT * from User_Prefs".
- " WHERE user_id='$myid' AND pref_key='cardset'" );
- if( DB_fetch_array($result))
- $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($setpref).
- " WHERE user_id='$myid' AND pref_key='cardset'" );
- else
- $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
- DB_quote_smart($setpref).")");
- echo "Ok, changed you preferences for the cards.\n";
- break;
- case "emailaddict":
- case "emailnonaddict":
- $result = DB_query("SELECT * from User_Prefs".
- " WHERE user_id='$myid' AND pref_key='email'" );
- if( DB_fetch_array($result))
- $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($setpref).
- " WHERE user_id='$myid' AND pref_key='email'" );
- else
- $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
- DB_quote_smart($setpref).")");
- echo "Ok, changed you preferences for sending out emails.\n";
- break;
- }
- }
- /* user wants to change his password or request a temporary one */
- else if(myisset("passwd"))
- {
- if( $_REQUEST["passwd"]=="ask" )
- {
- /* reset password form*/
- output_password_recovery($email,$password);
- }
- else if($_REQUEST["passwd"]=="set")
- {
- /* reset password */
- $ok = 1;
-
- /* check if old password matches */
- $oldpasswd = md5($_REQUEST["password0"]);
- if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
- $ok = -1;
- /* check if new passwords are types the same twice */
- if($_REQUEST["password1"] != $_REQUEST["password2"] )
- $ok = -2;
-
- switch($ok)
- {
- case '-2':
- echo "The new passwords don't match.
";
- break;
- case '-1':
- echo "The old password is not correct.
";
- break;
- case '1':
- echo "Changed the password.
";
- DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
- "' WHERE id=".DB_quote_smart($myid));
- break;
- }
- /* set password */
- }
- }
- else /* output default user page */
- {
- /* display links to settings */
- output_user_settings();
-
- DB_update_user_timestamp($myid);
-
- display_user_menu();
-
- /* display all games the user has played */
- echo "
Session:
\n";
- echo " p = pre-game phase ";
- echo "P = game in progess ";
- echo "F = game finished
";
- echo "
\n"; - while( $r = DB_fetch_array($result)) - { - $game = DB_format_gameid($r[1]); - $gamenr = (int) $game; - if($gamenrold < $gamenr) - { - if($gamenrold!=-1) - echo " | |||
$gamenr: | "; - else - echo "$gamenr: | "; - $gamenrold = $gamenr; - } - if($r[4]=='pre') - { - echo "\n p "; - - } - else if ($r[4]=='gameover') - echo "\n F "; - else - { - echo "\n P "; - } - if($r[4] != 'gameover') - { - echo " | \n "; - if($r[3]==$myid || !$r[3]) - echo "(it's your turn)\n"; - else - { - $name = DB_get_name('userid',$r[3]); - $gameid = $r[1]; - if(DB_get_reminder($r[3],$gameid)==0) - if(time()-strtotime($r[2]) > 60*60*24*7) - echo "". - "Send a reminder."; - echo "(it's $name's turn)\n"; - }; - if(time()-strtotime($r[2]) > 60*60*24*30) - echo "". - "Cancel?". - " (clicking here is final and can't be restored)"; - - } - } - echo " |
\n"; - echo implode(", ",$names).",...\n"; - echo "
\n"; - - /* display last 5 users that logged on */ - $names = DB_get_names_of_last_logins(5); - echo "\n"; - echo implode(", ",$names).",...\n"; - echo "
\n"; - - echo "Session:
\n";
+ echo " p = pre-game phase ";
+ echo "P = game in progess ";
+ echo "F = game finished
";
+ echo "
\n"; + while( $r = DB_fetch_array($result)) + { + $game = DB_format_gameid($r[1]); + $gamenr = (int) $game; + if($gamenrold < $gamenr) + { + if($gamenrold!=-1) + echo " | ||
$gamenr: | \n"; + else + echo "$gamenr:\n"; + $gamenrold = $gamenr; + echo "\n"; + } + if($r[4]=='pre') + echo " p \n"; + else if ($r[4]=='gameover') + echo " F \n"; + else + echo " P \n"; + if($r[4] != 'gameover') + { + echo " | \n\n "; + if($r[3]==$myid || !$r[3]) + echo "(it's your turn)\n"; + else + { + $name = DB_get_name('userid',$r[3]); + $gameid = $r[1]; + if(DB_get_reminder($r[3],$gameid)==0) + if(time()-strtotime($r[2]) > 60*60*24*7) + echo "Send a reminder."; + echo "(it's $name's turn)\n"; + }; + if(time()-strtotime($r[2]) > 60*60*24*30) + echo "Cancel?". + " (clicking here is final and can't be restored)"; + } + } + echo " |
\n"; + echo implode(", ",$names).",...\n"; + echo "
\n"; + + /* display last 5 users that logged on */ + $names = DB_get_names_of_last_logins(5); + echo "\n"; + echo implode(", ",$names).",...\n"; + echo "
\n"; + + echo "