X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=e-DoKo.git;a=blobdiff_plain;f=index.php;h=7d35814cb400c13a4284c911e7e5962f07409bb2;hp=a4d774fb9f910bf6c445a769dbea71fc41bad974;hb=34ca8d684f3515232508f4a581828f5f069c323f;hpb=9db97c855d40d089037410aad3595893f68f6d6a
diff --git a/index.php b/index.php
index a4d774f..7d35814 100644
--- a/index.php
+++ b/index.php
@@ -1,48 +1,50 @@
\n";
echo "perhaps the game has been cancled, check by login in here.";
output_footer();
+ DB_close();
exit();
}
@@ -178,30 +190,82 @@ else if(myisset("cancle","me"))
/* get some information from the DB */
$gameid = DB_get_gameid_by_hash($me);
$myname = DB_get_name_by_hash($me);
-
+
/* check if game really is old enough */
$result = mysql_query("SELECT mod_date from Game WHERE id='$gameid' " );
$r = mysql_fetch_array($result,MYSQL_NUM);
if(time()-strtotime($r[0]) > 60*60*24*30) /* = 1 month */
{
$message = "Hello, \n\n".
- "Game $gameid has been cancled since nothing happend for a while and $myname requested it.\n";
+ "Game ".DB_format_gameid($gameid)." has been cancled since nothing happend for a while and $myname requested it.\n";
$userids = DB_get_all_userid_by_gameid($gameid);
foreach($userids as $user)
{
$To = DB_get_email_by_userid($user);
- mymail($To,$EmailName."game cancled (timed out)",$message);
+ mymail($To,$EmailName."game ".DB_format_gameid($gameid)." cancled (timed out)",$message);
}
/* delete everything from the dB */
DB_cancel_game($me);
- echo "
Game $gameid has been cancled.
";
+ echo "Game ".DB_format_gameid($gameid)." has been cancled.
";
}
else
echo "You need to wait longer before you can cancle a game...
\n";
}
+/* send out a reminder */
+else if(myisset("remind","me"))
+ {
+ $me = $_REQUEST["me"];
+
+ /* test for valid ID */
+ $myid = DB_get_userid_by_hash($me);
+ if(!$myid)
+ {
+ echo "Can't find you in the database, please check the url.
\n";
+ echo "perhaps the game has been cancled, check by login in here.";
+ output_footer();
+ DB_close();
+ exit();
+ }
+
+ DB_update_user_timestamp($myid);
+
+ /* get some information from the DB */
+ $gameid = DB_get_gameid_by_hash($me);
+ $myname = DB_get_name_by_hash($me);
+
+ /* check if game really is old enough */
+ $result = mysql_query("SELECT mod_date,player,status from Game WHERE id='$gameid' " );
+ $r = mysql_fetch_array($result,MYSQL_NUM);
+ if( (time()-strtotime($r[0]) > 60*60*24*7) && ($r[2]!='gameover') ) /* = 1 week */
+ {
+ $name = DB_get_name_by_userid($r[1]);
+ $To = DB_get_email_by_userid($r[1]);
+ $userhash = DB_get_hash_from_gameid_and_userid($gameid,$r[1]);
+
+ $message = "Hello $name, \n\n".
+ "It's your turn in game ".DB_format_gameid($gameid)." \n".
+ "Actually everyone else is waiting for you for more than a week now ;)\n\n".
+ "Please visit this link now to continue: \n".
+ " ".$host."?me=".$userhash."\n\n" ;
+
+ if(DB_get_reminder($r[1],$gameid)>0)
+ {
+ echo "An email has already been sent out.
\n";
+ }
+ else
+ {
+ DB_set_reminder($r[1],$gameid);
+ mymail($To,$EmailName."Reminder: game ".DB_format_gameid($gameid)." it's your turn",$message);
+
+ echo "Game ".DB_format_gameid($gameid).": an email has been sent out.
";
+ }
+ }
+ else
+ echo "You need to wait longer before you can send out a reminder...
\n";
+ }
/* handle request from one specific player for one game,
* (the hash is set on a per game base) */
else if(myisset("me"))
@@ -215,9 +279,13 @@ else if(myisset("me"))
echo "Can't find you in the database, please check the url.
\n";
echo "perhaps the game has been cancled, check by login in here.";
output_footer();
+ DB_close();
exit();
}
+ if(isset($_SESSION["name"]))
+ output_status($_SESSION["name"]);
+
/* the user had done something, update the timestamp */
DB_update_user_timestamp($myid);
@@ -227,21 +295,11 @@ else if(myisset("me"))
$mystatus = DB_get_status_by_hash($me);
$mypos = DB_get_pos_by_hash($me);
$myhand = DB_get_handid_by_hash($me);
+ $session = DB_get_session_by_gameid($gameid);
/* get prefs and save them */
- $result = mysql_query("SELECT value from User_Prefs".
- " WHERE user_id='$myid' AND pref_key='cardset'" );
- $r = mysql_fetch_array($result,MYSQL_NUM);
- if($r)
- {
- if($r[0]=="germancards" && (time()-strtotime( "2009-12-31 23:59:59")<0) ) /* licence only valid until then */
- $PREF["cardset"]="altenburg";
- else
- $PREF["cardset"]="english";
- }
- else
- $PREF["cardset"]="english";
-
+ DB_get_PREF($myid);
+ /* end set pref */
/* get rule set for this game */
$result = mysql_query("SELECT * FROM Rulesets".
@@ -251,7 +309,8 @@ else if(myisset("me"))
$RULES["dullen"] = $r[2];
$RULES["schweinchen"] = $r[3];
-
+ $RULES["call"] = $r[4];
+
/* get some infos about the game */
$gametype = DB_get_gametype_by_gameid($gameid);
$gamestatus = DB_get_game_status_by_gameid($gameid);
@@ -261,17 +320,6 @@ else if(myisset("me"))
$gametype = DB_get_solo_by_gameid($gameid);
$GT = $gametype." ".$GT;
}
-
- /* display rule set for this game */
- echo "\n";
-
- if($gamestatus != 'pre')
- echo " Gametype: $GT
\n";
-
- echo "Rules:
\n";
- echo "10ofhearts : ".$r[2]."
\n";
- echo "schweinchen: ".$r[3]."
\n";
- echo "
\n";
/* does anyone have both foxes */
$GAME["schweinchen"]=0;
@@ -286,6 +334,32 @@ else if(myisset("me"))
}
};
+ /* put everyting in a form */
+ echo "\n";
output_footer();
+ DB_close();
exit();
}
/* user status page */
- else if(myisset("email","password"))
+else if( myisset("email","password") || isset($_SESSION["name"]) )
{
/* test id and password, should really be done in one step */
- $email = $_REQUEST["email"];
- $password = $_REQUEST["password"];
-
+ if(!isset($_SESSION["name"]))
+ {
+ $email = $_REQUEST["email"];
+ $password = $_REQUEST["password"];
+ }
+ else
+ {
+ $name = $_SESSION["name"];
+ $email = DB_get_email_by_name($name);
+ $password = DB_get_passwd_by_name($name);
+ };
+
if(myisset("forgot"))
{
- $ok=1;
+ $ok = 1;
- $uid = DB_get_userid_by_email($email);
- if(!$uid)
- $ok=0;
+ $myid = DB_get_userid_by_email($email);
+ if(!$myid)
+ $ok = 0;
if($ok)
{
- echo "Hmm, you forgot your passwort...nothing I can do at the moment:( ";
- echo " you need to email Arun for now... in the future it will be all automated and an ";
- echo "email with a new password will go to $email.";
+ /* check how many entries in recovery table */
+ $number = DB_get_number_of_passwords_recovery($myid);
+
+ /* if less than N recent ones, add a new one and send out email */
+ if( $number < 5 )
+ {
+ echo "Ok, I send you a new password.
";
+ if($number >1)
+ echo "N.B. You tried this already $number times during the last day and it will only work ".
+ " 5 times during a day.
";
+ echo "The new password will be valid for one day, make sure you reset it to something else.
";
+ echo "Back to the main page.";
+
+ $TIME = (string) time(); /* to avoid collisions */
+ $hash = md5("Anewpassword".$email.$TIME);
+ $newpw = substr($hash,1,8);
+
+ $message = "Someone (hopefully you) requested a new password. \n".
+ "You can use this email and the following password: \n".
+ " $newpw \n".
+ "to log into the server. The new password is valid for 24h, so make\n".
+ "sure you reset your password to something new. Your old password will\n".
+ " also still be valid until you set a new one\n";
+ mymail($email,$EmailName."recovery ",$message);
+
+ DB_set_recovery_password($myid,md5($newpw));
+ }
+ else
+ {
+ echo "Sorry you already tried 5 times during the last 24h.
".
+ "You need to use one of those passwords or wait to get a new one.
";
+ echo "Back to the main page.";
+ }
}
else
{
if($email=="")
- echo "you need to give me an email address!";
+ echo "You need to give me an email address!
".
+ "Please try again.";
else
- echo "couldn't find a player with this email, please contact Arun, if you think this is a mistake";
+ echo "Couldn't find a player with this email!
".
+ "Please contact Arun, if you think this is a mistake
".
+ "or else try again.";
}
}
else
@@ -1342,13 +1677,15 @@ else if(myisset("me"))
if(strlen($password)!=32)
$password = md5($password);
- $ok=1;
- $uid = DB_get_userid_by_email_and_password($email,$password);
- if(!$uid)
- $ok=0;
+ $ok = 1;
+ $myid = DB_get_userid_by_email_and_password($email,$password);
+ if(!$myid)
+ $ok = 0;
if($ok)
{
+ DB_get_PREF($myid);
+
if(myisset("setpref"))
{
$setpref=$_REQUEST["setpref"];
@@ -1357,114 +1694,175 @@ else if(myisset("me"))
case "germancards":
case "englishcards":
$result = mysql_query("SELECT * from User_Prefs".
- " WHERE user_id='$uid' AND pref_key='cardset'" );
+ " WHERE user_id='$myid' AND pref_key='cardset'" );
if( mysql_fetch_array($result,MYSQL_NUM))
$result = mysql_query("UPDATE User_Prefs SET value=".DB_quote_smart($setpref).
- " WHERE user_id='$uid' AND pref_key='cardset'" );
+ " WHERE user_id='$myid' AND pref_key='cardset'" );
else
- $result = mysql_query("INSERT INTO User_Prefs VALUES(NULL,'$uid','cardset',".DB_quote_smart($setpref).")");
+ $result = mysql_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
+ DB_quote_smart($setpref).")");
echo "Ok, changed you preferences for the cards.\n";
break;
}
}
+ else if(myisset("passwd"))
+ {
+ if( $_REQUEST["passwd"]=="ask" )
+ {
+ /* reset password form*/
+ output_password_recovery($email,$password);
+ }
+ else if($_REQUEST["passwd"]=="set")
+ {
+ /* reset password */
+ $ok = 1;
+
+ /* check if old password matches */
+ $oldpasswd = md5($_REQUEST["password0"]);
+ if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
+ $ok = -1;
+ /* check if new passwords are types the same twice */
+ if($_REQUEST["password1"] != $_REQUEST["password2"] )
+ $ok = -2;
+
+ switch($ok)
+ {
+ case '-2':
+ echo "The new passwords don't match.
";
+ break;
+ case '-1':
+ echo "The old password is not correct.
";
+ break;
+ case '1':
+ echo "Changed the password.
";
+ mysql_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
+ "' WHERE id=".DB_quote_smart($myid));
+ break;
+ }
+ /* set password */
+ }
+ }
else /* output default user page */
{
- $time = DB_get_user_timestamp($uid);
- $unixtime =strtotime($time);
+ $time = DB_get_user_timestamp($myid);
+ $unixtime = strtotime($time);
- $offset = DB_get_user_timezone($uid);
- $zone = return_timezone($offset);
+ $offset = DB_get_user_timezone($myid);
+ $zone = return_timezone($offset);
date_default_timezone_set($zone);
+
+ $myname = DB_get_name_by_email($email);
+ $_SESSION["name"] = $myname;
+
+ if(isset($_SESSION["name"]))
+ output_status($_SESSION["name"]);
/* display links to settings */
output_user_settings($email,$password);
- echo "last login: ".date("r",$unixtime)."
";
+ echo "last login: ".date("r",$unixtime)."
";
- DB_update_user_timestamp($uid);
+ DB_update_user_timestamp($myid);
+
+ display_user_menu();
+
+ echo "";
+ echo "
These are all your games:
\n";
+ echo "
Session:
\n";
+ echo " p = pre-game phase ";
+ echo "P = game in progess ";
+ echo "F = game finished
";
+ echo "
\n";
- echo "
these are the games you are playing in:
\n";
- $result = mysql_query("SELECT Hand.hash,Hand.game_id,Game.mod_date from Hand".
- " LEFT JOIN Game On Hand.game_id=Game.id".
- " WHERE Hand.user_id='$uid' AND Game.status<>'gameover'" );
+ $output = array();
+ $result = mysql_query("SELECT Hand.hash,Hand.game_id,Game.mod_date,Game.player,Game.status from Hand".
+ " LEFT JOIN Game ON Game.id=Hand.game_id".
+ " WHERE user_id='$myid'".
+ " ORDER BY Game.session,Game.create_date" );
+ $gamenrold = -1;
+ echo "
\n \n";
while( $r = mysql_fetch_array($result,MYSQL_NUM))
{
- echo "game #".$r[1]." ";
- if(time()-strtotime($r[2]) > 60*60*24*30)
- echo " The game has been running for over a month.".
- " Do you want to cancel it? yes".
- " (clicking here is final and can't be restored)";
- echo " ";
+ $game = DB_format_gameid($r[1]);
+ $gamenr = (int) $game;
+ if($gamenrold < $gamenr)
+ {
+ if($gamenrold!=-1)
+ echo " |
\n $gamenr: | ";
+ else
+ echo "$gamenr: | ";
+ $gamenrold = $gamenr;
+ }
+ if($r[4]=='pre')
+ {
+ echo "\n p ";
+
+ }
+ else if ($r[4]=='gameover')
+ echo "\n F ";
+ else
+ {
+ echo "\n P ";
+ }
+ if($r[4] != 'gameover')
+ {
+ echo " | \n ";
+ if($r[3])
+ {
+ if($r[3]==$myid)
+ echo "(it's your turn)\n";
+ else
+ {
+ $name = DB_get_name_by_userid($r[3]);
+ $gameid = $r[1];
+ if(DB_get_reminder($r[3],$gameid)==0)
+ if(time()-strtotime($r[2]) > 60*60*24*7)
+ echo "".
+ "Send a reminder.";
+ echo "(it's $name's turn)\n";
+ };
+ }
+ if(time()-strtotime($r[2]) > 60*60*24*30)
+ echo "".
+ "Cancel?".
+ " (clicking here is final and can't be restored)";
+
+ }
}
- echo "\n";
-
-
- echo " and these are your games that are already done: Game: \n";
- $result = mysql_query("SELECT hash,game_id from Hand WHERE user_id='$uid' AND status='gameover'" );
- while( $r = mysql_fetch_array($result,MYSQL_NUM))
- echo "#".$r[1]." , ";
- echo " \n";
-
+ echo " |
\n
\n";
$names = DB_get_all_names();
- echo "
registered players:
\n";
- foreach ($names as $name)
- echo "$name, \n";
- echo "
\n";
-
- echo "
Want to start a new game? Visit this page.
";
+ echo "
Registered players:
\n
\n";
+ echo implode(", ",$names)."\n";
+ echo "
\n
";
}
}
else
{
- echo "sorry email and password don't match
";
+ echo "Sorry email and password don't match. Please try again.
";
}
};
output_footer();
+ DB_close();
exit();
}
-/* page for registration */
- else if(myisset("register") )
- {
- output_register();
- }
-/* new user wants to register */
- else if(myisset("Rfullname","Remail","Rpassword","Rtimezone") )
- {
- $ok=1;
- if(DB_get_userid_by_name($_REQUEST["Rfullname"]))
- {
- echo "please chose another name
";
- $ok=0;
- }
- if(DB_get_userid_by_email($_REQUEST["Remail"]))
- {
- echo "this email address is already used ?!
";
- $ok=0;
- }
- if($ok)
- {
- $r=mysql_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]).
- ",".DB_quote_smart($_REQUEST["Remail"]).
- ",".DB_quote_smart(md5($_REQUEST["Rpassword"])).
- ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL)");
-
- if($r)
- echo " added you to the database";
- else
- echo " something went wrong";
- }
- }
/* default login page */
else
{
- $pre=0;$game=0;$done=0;
+ $pre[0]=0;$game[0]=0;$done[0]=0;
$r=mysql_query("SELECT COUNT(id) FROM Game GROUP BY status");
if($r) {
- $pre = mysql_fetch_array($r,MYSQL_NUM);
+ $pre = mysql_fetch_array($r,MYSQL_NUM);
$game = mysql_fetch_array($r,MYSQL_NUM);
$done = mysql_fetch_array($r,MYSQL_NUM);
}
- output_home_page($pre[0],$game[0],$done[0]);
+
+ $r=mysql_query("SELECT AVG(datediff(mod_date,create_date)) FROM Game where status='gameover' ");
+ if($r)
+ $avgage= mysql_fetch_array($r,MYSQL_NUM);
+ else
+ $avgage[0]=0;
+
+ output_home_page($pre[0],$game[0],$done[0],$avgage[0]);
}
output_footer();