ERROR: status of session $session couldn't be determined.
";
+ output_footer();
+ DB_close();
+ exit();
+ }
+
+ if($session)
+ mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+ "'$ruleset','$session' ,NULL)");
+ else
+ {
+ /* get max session */
+ $max = DB_get_max_session();
+ $max++;
+ mysql_query("UPDATE Game SET session='".$max."' WHERE id=".DB_quote_smart($followup));
+ mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+ "'$ruleset','$max' ,NULL)");
+ }
}
else
- mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', NULL, NULL,'pre', NULL ,NULL)");
+ {
+ /* get ruleset information or create new one */
+ $ruleset = DB_get_ruleset($dullen,$schweinchen,$call);
+ if($ruleset <0)
+ {
+ myerror("Error defining ruleset: $ruleset");
+ output_footer();
+ DB_close();
+ exit();
+ };
+ /* get max session */
+ $max = DB_get_max_session();
+ $max++;
+
+ mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre', ".
+ "'$ruleset','$max' ,NULL)");
+ }
$game_id = mysql_insert_id();
/* create hash */
- $hashA = md5("AGameOfDoko".$game_id.$PlayerA.$EmailA);
- $hashB = md5("AGameOfDoko".$game_id.$PlayerB.$EmailB);
- $hashC = md5("AGameOfDoko".$game_id.$PlayerC.$EmailC);
- $hashD = md5("AGameOfDoko".$game_id.$PlayerD.$EmailD);
+ $TIME = (string) time(); /* to avoid collisions */
+ $hashA = md5("AGameOfDoko".$game_id.$PlayerA.$EmailA.$TIME);
+ $hashB = md5("AGameOfDoko".$game_id.$PlayerB.$EmailB.$TIME);
+ $hashC = md5("AGameOfDoko".$game_id.$PlayerC.$EmailC.$TIME);
+ $hashD = md5("AGameOfDoko".$game_id.$PlayerD.$EmailD.$TIME);
/* create hands */
mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridA).
- ", ".DB_quote_smart($hashA).", 'start','1',NULL,NULL,NULL,'false','false',NULL)");
+ ", ".DB_quote_smart($hashA).", 'start','1',NULL,NULL,NULL,NULL)");
$hand_idA = mysql_insert_id();
mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridB).
- ", ".DB_quote_smart($hashB).", 'start','2',NULL,NULL,NULL,'false','false',NULL)");
+ ", ".DB_quote_smart($hashB).", 'start','2',NULL,NULL,NULL,NULL)");
$hand_idB = mysql_insert_id();
mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridC).
- ", ".DB_quote_smart($hashC).", 'start','3',NULL,NULL,NULL,'false','false',NULL)");
+ ", ".DB_quote_smart($hashC).", 'start','3',NULL,NULL,NULL,NULL)");
$hand_idC = mysql_insert_id();
mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridD).
- ", ".DB_quote_smart($hashD).", 'start','4',NULL,NULL,NULL,'false','false',NULL)");
+ ", ".DB_quote_smart($hashD).", 'start','4',NULL,NULL,NULL,NULL)");
$hand_idD = mysql_insert_id();
/* save cards */
@@ -87,7 +165,7 @@ else if( isset($_REQUEST["PlayerA"]) &&
mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idC', '".$randomNR[$i]."', 'false')");
for($i=36;$i<48;$i++)
mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idD', '".$randomNR[$i]."', 'false')");
-
+
/* send out email, TODO: check for error with email */
$message = "\n".
"you are invited to play a game of DoKo (that is to debug the program ;).\n".
@@ -99,554 +177,1727 @@ else if( isset($_REQUEST["PlayerA"]) &&
"$PlayerC\n".
"$PlayerD\n\n".
"If you want to join this game, please follow this link:\n\n".
- " ".$host."?me=";
+ "".$host."?me=";
mymail($EmailA,"You are invited to a game of DoKo","Hello $PlayerA,\n".$message.$hashA);
mymail($EmailB,"You are invited to a game of DoKo","Hello $PlayerB,\n".$message.$hashB);
mymail($EmailC,"You are invited to a game of DoKo","Hello $PlayerC,\n".$message.$hashC);
mymail($EmailD,"You are invited to a game of DoKo","Hello $PlayerD,\n".$message.$hashD);
-
- }
-/* end set up a new game */
-
-else if(isset($_REQUEST["me"]))
- {
- /* handle request from one specifig player,
- * the hash is set on a per game base, so first just handle this game
- * perhaps also show links to other games in a sidebar
- */
+ echo "You started a new game. The emails have been sent out!";
+ } /* end set up a new game */
+/* cancle a game, if nothing has happend in the last N minutes */
+else if(myisset("cancle","me"))
+ {
$me = $_REQUEST["me"];
+
+ /* test for valid ID */
+ $myid = DB_get_userid_by_hash($me);
+ if(!$myid)
+ {
+ echo "Can't find you in the database, please check the url. \n";
+ echo "perhaps the game has been cancled, check by login in here.";
+ output_footer();
+ DB_close();
+ exit();
+ }
+
+ DB_update_user_timestamp($myid);
+
+ /* get some information from the DB */
+ $gameid = DB_get_gameid_by_hash($me);
+ $myname = DB_get_name_by_hash($me);
+ /* check if game really is old enough */
+ $result = mysql_query("SELECT mod_date from Game WHERE id='$gameid' " );
+ $r = mysql_fetch_array($result,MYSQL_NUM);
+ if(time()-strtotime($r[0]) > 60*60*24*30) /* = 1 month */
+ {
+ $message = "Hello, \n\n".
+ "Game ".DB_format_gameid($gameid)." has been cancled since nothing happend for a while and $myname requested it.\n";
+
+ $userids = DB_get_all_userid_by_gameid($gameid);
+ foreach($userids as $user)
+ {
+ $To = DB_get_email_by_userid($user);
+ mymail($To,$EmailName."game ".DB_format_gameid($gameid)." cancled (timed out)",$message);
+ }
+
+ /* delete everything from the dB */
+ DB_cancel_game($me);
+
+ echo "
Game ".DB_format_gameid($gameid)." has been cancled.
";
+ }
+ else
+ echo "
You need to wait longer before you can cancle a game...
\n";
+ }
+/* send out a reminder */
+else if(myisset("remind","me"))
+ {
+ $me = $_REQUEST["me"];
+
/* test for valid ID */
$myid = DB_get_userid_by_hash($me);
if(!$myid)
{
echo "Can't find you in the database, please check the url. \n";
- echo "perhaps the game has been cancled.";
+ echo "perhaps the game has been cancled, check by login in here.";
+ output_footer();
+ DB_close();
exit();
}
DB_update_user_timestamp($myid);
+
+ /* get some information from the DB */
+ $gameid = DB_get_gameid_by_hash($me);
+ $myname = DB_get_name_by_hash($me);
+ /* check if game really is old enough */
+ $result = mysql_query("SELECT mod_date,player,status from Game WHERE id='$gameid' " );
+ $r = mysql_fetch_array($result,MYSQL_NUM);
+ if( (time()-strtotime($r[0]) > 60*60*24*7) && ($r[2]!='gameover') ) /* = 1 week */
+ {
+ $name = DB_get_name_by_userid($r[1]);
+ $To = DB_get_email_by_userid($r[1]);
+ $userhash = DB_get_hash_from_gameid_and_userid($gameid,$r[1]);
+
+ $message = "Hello $name, \n\n".
+ "It's your turn in game ".DB_format_gameid($gameid)." \n".
+ "Actually everyone else is waiting for you for more than a week now ;)\n\n".
+ "Please visit this link now to continue: \n".
+ " ".$host."?me=".$userhash."\n\n" ;
+
+ if(DB_get_reminder($r[1],$gameid)>0)
+ {
+ echo "
An email has already been sent out.
\n";
+ }
+ else
+ {
+ DB_set_reminder($r[1],$gameid);
+ mymail($To,$EmailName."Reminder: game ".DB_format_gameid($gameid)." it's your turn",$message);
+
+ echo "
Game ".DB_format_gameid($gameid).": an email has been sent out.
";
+ }
+ }
+ else
+ echo "
You need to wait longer before you can send out a reminder...
\n";
+ }
+/* handle request from one specific player for one game,
+ * (the hash is set on a per game base) */
+else if(myisset("me"))
+ {
+ $me = $_REQUEST["me"];
+
+ /* test for valid ID */
+ $myid = DB_get_userid_by_hash($me);
+ if(!$myid)
+ {
+ echo "Can't find you in the database, please check the url. \n";
+ echo "perhaps the game has been cancled, check by login in here.";
+ output_footer();
+ DB_close();
+ exit();
+ }
+
+ if(isset($_SESSION["name"]))
+ output_status($_SESSION["name"]);
+
+ /* the user had done something, update the timestamp */
+ DB_update_user_timestamp($myid);
+
/* get some information from the DB */
$gameid = DB_get_gameid_by_hash($me);
$myname = DB_get_name_by_hash($me);
$mystatus = DB_get_status_by_hash($me);
+ $mypos = DB_get_pos_by_hash($me);
+ $myhand = DB_get_handid_by_hash($me);
+ $session = DB_get_session_by_gameid($gameid);
+
+ /* get prefs and save them */
+ DB_get_PREF($myid);
+ /* end set pref */
+
+ /* get rule set for this game */
+ $result = mysql_query("SELECT * FROM Rulesets".
+ " LEFT JOIN Game ON Game.ruleset=Rulesets.id ".
+ " WHERE Game.id='$gameid'" );
+ $r = mysql_fetch_array($result,MYSQL_NUM);
+
+ $RULES["dullen"] = $r[2];
+ $RULES["schweinchen"] = $r[3];
+ $RULES["call"] = $r[4];
+
+ /* get some infos about the game */
+ $gametype = DB_get_gametype_by_gameid($gameid);
+ $gamestatus = DB_get_game_status_by_gameid($gameid);
+ $GT = $gametype;
+ if($gametype=="solo")
+ {
+ $gametype = DB_get_solo_by_gameid($gameid);
+ $GT = $gametype." ".$GT;
+ }
+ /* does anyone have both foxes */
+ $GAME["schweinchen"]=0;
+ for($i=1;$i<5;$i++)
+ {
+ $hash = DB_get_hash_from_game_and_pos($gameid,$i);
+ $cards = DB_get_all_hand($hash);
+ if( in_array("19",$cards) && in_array("20",$cards) )
+ {
+ $GAME["schweinchen"]=1;
+ $GAME["schweinchen-who"]=$hash;
+ }
+ };
+
+ /* put everyting in a form */
+ echo "\n";
+ output_footer();
+ DB_close();
exit();
- }
+ }
/* user status page */
- else if(isset($_REQUEST["email"]) && isset($_REQUEST["password"]))
- {
- /* test id and password, should really be done in one step */
- $email = $_REQUEST["email"];
- $password = $_REQUEST["password"];
+else if( myisset("email","password") || isset($_SESSION["name"]) )
+ {
+ /* test id and password, should really be done in one step */
+ if(!isset($_SESSION["name"]))
+ {
+ $email = $_REQUEST["email"];
+ $password = $_REQUEST["password"];
+ }
+ else
+ {
+ $name = $_SESSION["name"];
+ $email = DB_get_email_by_name($name);
+ $password = DB_get_passwd_by_name($name);
+ };
+
+ if(myisset("forgot"))
+ {
+ $ok = 1;
- if(strlen($password)!=32)
- $password = md5($password);
+ $myid = DB_get_userid_by_email($email);
+ if(!$myid)
+ $ok = 0;
+
+ if($ok)
+ {
+ /* check how many entries in recovery table */
+ $number = DB_get_number_of_passwords_recovery($myid);
+
+ /* if less than N recent ones, add a new one and send out email */
+ if( $number < 5 )
+ {
+ echo "Ok, I send you a new password. ";
+ if($number >1)
+ echo "N.B. You tried this already $number times during the last day and it will only work ".
+ " 5 times during a day. ";
+ echo "The new password will be valid for one day, make sure you reset it to something else. ";
+ echo "Back to the main page.";
+
+ $TIME = (string) time(); /* to avoid collisions */
+ $hash = md5("Anewpassword".$email.$TIME);
+ $newpw = substr($hash,1,8);
+
+ $message = "Someone (hopefully you) requested a new password. \n".
+ "You can use this email and the following password: \n".
+ " $newpw \n".
+ "to log into the server. The new password is valid for 24h, so make\n".
+ "sure you reset your password to something new. Your old password will\n".
+ " also still be valid until you set a new one\n";
+ mymail($email,$EmailName."recovery ",$message);
+
+ DB_set_recovery_password($myid,md5($newpw));
+ }
+ else
+ {
+ echo "Sorry you already tried 5 times during the last 24h. ".
+ "You need to use one of those passwords or wait to get a new one. ";
+ echo "Back to the main page.";
+ }
+ }
+ else
+ {
+ if($email=="")
+ echo "You need to give me an email address! ".
+ "Please try again.";
+ else
+ echo "Couldn't find a player with this email! ".
+ "Please contact Arun, if you think this is a mistake ".
+ "or else try again.";
+ }
+ }
+ else
+ {
+ /* verify password and email */
+ if(strlen($password)!=32)
+ $password = md5($password);
+
+ $ok = 1;
+ $myid = DB_get_userid_by_email_and_password($email,$password);
+ if(!$myid)
+ $ok = 0;
+
+ if($ok)
+ {
+ DB_get_PREF($myid);
- $ok=1;
- $uid = DB_get_userid_by_email_and_password($email,$password);
- if(!$uid)
- $ok=0;
+ if(myisset("setpref"))
+ {
+ $setpref=$_REQUEST["setpref"];
+ switch($setpref)
+ {
+ case "germancards":
+ case "englishcards":
+ $result = mysql_query("SELECT * from User_Prefs".
+ " WHERE user_id='$myid' AND pref_key='cardset'" );
+ if( mysql_fetch_array($result,MYSQL_NUM))
+ $result = mysql_query("UPDATE User_Prefs SET value=".DB_quote_smart($setpref).
+ " WHERE user_id='$myid' AND pref_key='cardset'" );
+ else
+ $result = mysql_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
+ DB_quote_smart($setpref).")");
+ echo "Ok, changed you preferences for the cards.\n";
+ break;
+ }
+ }
+ else if(myisset("passwd"))
+ {
+ if( $_REQUEST["passwd"]=="ask" )
+ {
+ /* reset password form*/
+ output_password_recovery($email,$password);
+ }
+ else if($_REQUEST["passwd"]=="set")
+ {
+ /* reset password */
+ $ok = 1;
- if($ok)
- {
- $time = DB_get_user_timestamp($uid);
- $unixtime =strtotime($time);
-
- $offset = DB_get_user_timezone($uid);
- $zone = return_timezone($offset);
- date_default_timezone_set($zone);
+ /* check if old password matches */
+ $oldpasswd = md5($_REQUEST["password0"]);
+ if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
+ $ok = -1;
+ /* check if new passwords are types the same twice */
+ if($_REQUEST["password1"] != $_REQUEST["password2"] )
+ $ok = -2;
+
+ switch($ok)
+ {
+ case '-2':
+ echo "The new passwords don't match. ";
+ break;
+ case '-1':
+ echo "The old password is not correct. ";
+ break;
+ case '1':
+ echo "Changed the password. ";
+ mysql_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
+ "' WHERE id=".DB_quote_smart($myid));
+ break;
+ }
+ /* set password */
+ }
+ }
+ else /* output default user page */
+ {
+ $time = DB_get_user_timestamp($myid);
+ $unixtime = strtotime($time);
+
+ $offset = DB_get_user_timezone($myid);
+ $zone = return_timezone($offset);
+ date_default_timezone_set($zone);
- echo "last login: ".date("r",$unixtime)." ";
+ $myname = DB_get_name_by_email($email);
+ $_SESSION["name"] = $myname;
- DB_update_user_timestamp($uid);
+ if(isset($_SESSION["name"]))
+ output_status($_SESSION["name"]);
+
+ /* display links to settings */
+ output_user_settings($email,$password);
+
+ echo "
these are the games you are playing in: \n";
- $result = mysql_query("SELECT hash,game_id from Hand WHERE user_id='$uid' AND status<>'gameover'" );
- while( $r = mysql_fetch_array($result,MYSQL_NUM))
- echo "game #".$r[1]." ";
- echo "
Want to start a new game? remember 4 names from the list above and visit ".
- "this page.
";
- }
- else
- {
- echo "sorry email and password don't match ";
- }
- exit();
- }
-/* page for registration */
-else if(isset($_REQUEST["register"]) )
- {
- echo "IMPORTANT: passwords are going over the net as clear text, so pick an easy password. No need to pick anything complicated here ;)
";
- echo "TODO: convert timezone into a menu \n";
- echo "TODO: figure out a way to handle passwrods \n";
-?>
-
-";
- $ok=0;
- }
- if(DB_get_userid_by_email($_REQUEST["Remail"]))
- {
- echo "this email address is already used ?! ";
- $ok=0;
- }
- if($ok)
- {
- $r=mysql_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]).
- ",".DB_quote_smart($_REQUEST["Remail"]).
- ",".DB_quote_smart(md5($_REQUEST["Rpassword"])).
- ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL)");
-
- if($r)
- echo " added you to the database";
- else
- echo " something went wrong";
- }
- }
+ }
+ }
+ echo "
\n
\n";
+ $names = DB_get_all_names();
+ echo "
Registered players:
\n
\n";
+ echo implode(", ",$names)."\n";
+ echo "
\n
";
+ }
+ }
+ else
+ {
+ echo "Sorry email and password don't match. Please try again. ";
+ }
+ };
+ output_footer();
+ DB_close();
+ exit();
+ }
/* default login page */
-else
- { /* no new game, not in a game */
- home_page();
- }
+ else
+ {
+ $pre[0]=0;$game[0]=0;$done[0]=0;
+ $r=mysql_query("SELECT COUNT(id) FROM Game GROUP BY status");
+ if($r) {
+ $pre = mysql_fetch_array($r,MYSQL_NUM);
+ $game = mysql_fetch_array($r,MYSQL_NUM);
+ $done = mysql_fetch_array($r,MYSQL_NUM);
+ }
+
+ $r=mysql_query("SELECT AVG(datediff(mod_date,create_date)) FROM Game where status='gameover' ");
+ if($r)
+ $avgage= mysql_fetch_array($r,MYSQL_NUM);
+ else
+ $avgage[0]=0;
+
+ output_home_page($pre[0],$game[0],$done[0],$avgage[0]);
+ }
output_footer();