X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=e-DoKo.git;a=blobdiff_plain;f=include%2Fuser.php;h=5142918fbb9188dd564831c82d377cf6577a8d45;hp=d85dac50179d39d1e9e7af9fc6a40fcef36edf6b;hb=a83ac7d982fa4f9d49ac3e6dedac8b489f2f7baa;hpb=fd52a255dd62431bf20532b733c4b14d0db85f1c;ds=sidebyside diff --git a/include/user.php b/include/user.php index d85dac5..5142918 100644 --- a/include/user.php +++ b/include/user.php @@ -1,5 +1,5 @@ +/* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016 Arun Persaud * * This file is part of e-DoKo. * @@ -25,11 +25,15 @@ if(!isset($HOST)) exit; /* test id and password, should really be done in one step */ -if(isset($_SESSION['name'])) +if(isset($_SESSION['id'])) { - $name = $_SESSION['name']; - $email = DB_get_email('name',$name); - $password = DB_get_passwd_by_name($name); + $myid = $_SESSION['id']; + $r = DB_query_array("SELECT email,password FROM User WHERE id=".DB_quote_smart($myid).""); + if($r) + { + $email = $r[0]; + $password = $r[1]; + }; }; global $ADMIN_NAME; @@ -46,6 +50,8 @@ if(myisset('forgot')) if($ok) { + set_language($myid,'uid'); + /* check how many entries in recovery table */ $number = DB_get_number_of_passwords_recovery($myid); @@ -61,7 +67,8 @@ if(myisset('forgot')) /* create temporary password, use the fist 8 letters of a md5 hash */ $TIME = (string) time(); /* to avoid collisions */ - $hash = md5('Anewpassword'.$email.$TIME); + $rndstring = sha1(rand()); /* add some randomness */ + $hash = md5('Anewpassword'.$email.$TIME.$rndstring); $newpw = substr($hash,1,8); $message = sprintf( _("Someone (hopefully you) requested a new password.\n". @@ -154,7 +161,7 @@ else " G.session". " FROM Hand". " LEFT JOIN Game G ON G.id=Hand.game_id". - " WHERE user_id='$myid'". + " WHERE user_id=".DB_quote_smart($myid). " ORDER BY G.session,G.create_date" ); /* sort into active and passive sessions */ @@ -198,8 +205,8 @@ else /* create output */ $sessionoutput .= $gameoutput; - $gameoutput = " " - .$gamefrequence."\n"; + $gameoutput = " " + .$gamefrequence."\n"; } else { /* new session */ @@ -212,13 +219,13 @@ else { $output_active .= "
  • "; if($gamestatus == 'pre') - $output_active .= ''; + $class= 'class="gamestatuspre gameid"'; else if($gamestatus == 'play') - $output_active .= ''; + $class= 'class="gamestatusplay gameid"'; else - $output_active .= ''; - $output_active .= "". - DB_format_gameid($gameid).'   '; + $class= 'class="gamestatusover gameid"'; + $output_active .= "". + DB_format_gameid($gameid).'   '; @@ -308,11 +315,14 @@ else if($count<10) echo '

    '._('You can start new games using the link in the top right corner!')."

    \n"; - /* display last 5 users that have signed up to e-DoKo */ + /* display last 5 users that have signed up to e-DoKo within the 45 days */ $names = DB_get_names_of_new_logins(5); - echo '

    '._('New Players').":

    \n

    \n"; - echo implode(", ",$names).",...\n"; - echo "

    \n"; + if ($names) + { + echo '

    '._('New Player(s)').":

    \n

    \n"; + echo implode(", ",$names).",...\n"; + echo "

    \n"; + }; /* display last 5 users that logged on */ echo '

    '._('Players last logged in').":

    \n

    \n"; @@ -322,7 +332,7 @@ else for($i=0;$i<7;$i++) { echo '\n"; } echo "

    \n";