X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=e-DoKo.git;a=blobdiff_plain;f=index.php;h=bacb356fd3fc9237518b123de1cdab7b1ca12ff5;hp=8af8c145bd75415625000ab1f138b5c6ee9e709a;hb=1c41d17d61ec513fe71e52e5a631e60b1a890e0e;hpb=9122cf59b57c7405a14b5a61238667b98dd58150

diff --git a/index.php b/index.php
index 8af8c14..bacb356 100644
--- a/index.php
+++ b/index.php
@@ -49,148 +49,167 @@ else if(myisset("new"))
       }
   }
 /*check if everything is ready to set up a new game */
- else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen","call" ))
+else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen","call" ))
   {
-    $PlayerA = $_REQUEST["PlayerA"];
-    $PlayerB = $_REQUEST["PlayerB"];
-    $PlayerC = $_REQUEST["PlayerC"];
-    $PlayerD = $_REQUEST["PlayerD"];
-
-    $dullen      = $_REQUEST["dullen"];
-    $schweinchen = $_REQUEST["schweinchen"];
-    $call        = $_REQUEST["call"];
-
-    $EmailA  = DB_get_email_by_name($PlayerA);
-    $EmailB  = DB_get_email_by_name($PlayerB);
-    $EmailC  = DB_get_email_by_name($PlayerC);
-    $EmailD  = DB_get_email_by_name($PlayerD);
-
-    if($EmailA=="" || $EmailB=="" || $EmailC=="" || $EmailD=="")
+    output_status();
+    if( !isset($_SESSION["name"]) )
       {
-	echo "couldn't find one of the names, please start a new game";
-	output_footer();
-	DB_close();
-	exit();
+	echo "<div class=\"message\">Please <a href=\"$INDEX\">log in</a>.</div>";
       }
-
-    $useridA  = DB_get_userid_by_name($PlayerA);
-    $useridB  = DB_get_userid_by_name($PlayerB);
-    $useridC  = DB_get_userid_by_name($PlayerC);
-    $useridD  = DB_get_userid_by_name($PlayerD);
-
-    /* create random numbers */
-    $randomNR       = create_array_of_random_numbers($useridA,$useridB,$useridC,$useridD);
-    $randomNRstring = join(":",$randomNR);
-
-    /* create game */
-    $followup = NULL;
-    if(myisset("followup") )
+    else
       {
-	$followup= $_REQUEST["followup"];
-	$session = DB_get_session_by_gameid($followup);
-	$ruleset = DB_get_ruleset_by_gameid($followup); /* just copy ruleset from old game,
-							 this way no manipulation is possible */
+	/* get my name */
+	$name = $_SESSION["name"];
+
+	$PlayerA = $_REQUEST["PlayerA"];
+	$PlayerB = $_REQUEST["PlayerB"];
+	$PlayerC = $_REQUEST["PlayerC"];
+	$PlayerD = $_REQUEST["PlayerD"];
 
-	/* check if there is a game in pre or play mode, in that case do nothing */
-	if( DB_is_session_active($session) > 0 )
+	/* check if user is in the game */
+	if(!in_array($name,array($PlayerA,$PlayerB,$PlayerC,$PlayerD)))
 	  {
-	    echo "<p class=\"message\"> There is already a game going on in session $session, you can't start a new one</p>";
+	    echo "<div class=\"message\">You need to be one of the players to start a <a href=\"$INDEX?new\">new game</a>.</div>";
 	    output_footer();
 	    DB_close();
 	    exit();
 	  }
-	else if ( DB_is_session_active($session) < 0 )
+
+	$dullen      = $_REQUEST["dullen"];
+	$schweinchen = $_REQUEST["schweinchen"];
+	$call        = $_REQUEST["call"];
+
+	$EmailA  = DB_get_email_by_name($PlayerA);
+	$EmailB  = DB_get_email_by_name($PlayerB);
+	$EmailC  = DB_get_email_by_name($PlayerC);
+	$EmailD  = DB_get_email_by_name($PlayerD);
+
+	if($EmailA=="" || $EmailB=="" || $EmailC=="" || $EmailD=="")
 	  {
-	    echo "<p class=\"message\"> ERROR: status of session $session couldn't be determined.</p>";
+	    echo "couldn't find one of the names, please start a new game";
 	    output_footer();
 	    DB_close();
 	    exit();
 	  }
 
-	if($session)
-	  mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
-		      "'$ruleset','$session' ,NULL)");
+	$useridA  = DB_get_userid_by_name($PlayerA);
+	$useridB  = DB_get_userid_by_name($PlayerB);
+	$useridC  = DB_get_userid_by_name($PlayerC);
+	$useridD  = DB_get_userid_by_name($PlayerD);
+
+	/* create random numbers */
+	$randomNR       = create_array_of_random_numbers($useridA,$useridB,$useridC,$useridD);
+	$randomNRstring = join(":",$randomNR);
+
+	/* create game */
+	$followup = NULL;
+	if(myisset("followup") )
+	  {
+	    $followup= $_REQUEST["followup"];
+	    $session = DB_get_session_by_gameid($followup);
+	    $ruleset = DB_get_ruleset_by_gameid($followup); /* just copy ruleset from old game,
+							     this way no manipulation is possible */
+
+	    /* check if there is a game in pre or play mode, in that case do nothing */
+	    if( DB_is_session_active($session) > 0 )
+	      {
+		echo "<p class=\"message\"> There is already a game going on in session $session, you can't start a new one</p>";
+		output_footer();
+		DB_close();
+		exit();
+	      }
+	    else if ( DB_is_session_active($session) < 0 )
+	      {
+		echo "<p class=\"message\"> ERROR: status of session $session couldn't be determined.</p>";
+		output_footer();
+		DB_close();
+		exit();
+	      }
+
+	    if($session)
+	      mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+			  "'$ruleset','$session' ,NULL)");
+	    else
+	      {
+		/* get max session */
+		$max = DB_get_max_session();
+		$max++;
+		mysql_query("UPDATE Game SET session='".$max."' WHERE id=".DB_quote_smart($followup));
+		mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+			    "'$ruleset','$max' ,NULL)");
+	      }
+	  }
 	else
 	  {
+	    /* get ruleset information or create new one */
+	    $ruleset = DB_get_ruleset($dullen,$schweinchen,$call);
+	    if($ruleset <0)
+	      {
+		myerror("Error defining ruleset: $ruleset");
+		output_footer();
+		DB_close();
+		exit();
+	      };
 	    /* get max session */
 	    $max = DB_get_max_session();
 	    $max++;
-	    mysql_query("UPDATE Game SET session='".$max."' WHERE id=".DB_quote_smart($followup));
-	    mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+
+	    mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre', ".
 			"'$ruleset','$max' ,NULL)");
 	  }
+	$game_id = mysql_insert_id();
+
+	/* create hash */
+	$TIME  = (string) time(); /* to avoid collisions */
+	$hashA = md5("AGameOfDoko".$game_id.$PlayerA.$EmailA.$TIME);
+	$hashB = md5("AGameOfDoko".$game_id.$PlayerB.$EmailB.$TIME);
+	$hashC = md5("AGameOfDoko".$game_id.$PlayerC.$EmailC.$TIME);
+	$hashD = md5("AGameOfDoko".$game_id.$PlayerD.$EmailD.$TIME);
+
+	/* create hands */
+	mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridA).
+		    ", ".DB_quote_smart($hashA).", 'start','1',NULL,NULL,NULL,NULL)");
+	$hand_idA = mysql_insert_id();
+	mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridB).
+		    ", ".DB_quote_smart($hashB).", 'start','2',NULL,NULL,NULL,NULL)");
+	$hand_idB = mysql_insert_id();
+	mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridC).
+		    ", ".DB_quote_smart($hashC).", 'start','3',NULL,NULL,NULL,NULL)");
+	$hand_idC = mysql_insert_id();
+	mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridD).
+		    ", ".DB_quote_smart($hashD).", 'start','4',NULL,NULL,NULL,NULL)");
+	$hand_idD = mysql_insert_id();
+
+	/* save cards */
+	for($i=0;$i<12;$i++)
+	  mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idA', '".$randomNR[$i]."', 'false')");
+	for($i=12;$i<24;$i++)
+	  mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idB', '".$randomNR[$i]."', 'false')");
+	for($i=24;$i<36;$i++)
+	  mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idC', '".$randomNR[$i]."', 'false')");
+	for($i=36;$i<48;$i++)
+	  mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idD', '".$randomNR[$i]."', 'false')");
+
+	/* send out email, TODO: check for error with email */
+	$message = "\n".
+	  "you are invited to play a game of DoKo (that is to debug the program ;).\n".
+	  "Place comments and bug reports here:\n".
+	  "http://wiki.nubati.net/index.php?title=EmailDoko\n\n".
+	  "The whole round would consist of the following players:\n".
+	  "$PlayerA\n".
+	  "$PlayerB\n".
+	  "$PlayerC\n".
+	  "$PlayerD\n\n".
+	  "If you want to join this game, please follow this link:\n\n".
+	  "".$HOST.$INDEX."?me=";
+
+	mymail($EmailA,"You are invited to a game of DoKo","Hello $PlayerA,\n".$message.$hashA);
+	mymail($EmailB,"You are invited to a game of DoKo","Hello $PlayerB,\n".$message.$hashB);
+	mymail($EmailC,"You are invited to a game of DoKo","Hello $PlayerC,\n".$message.$hashC);
+	mymail($EmailD,"You are invited to a game of DoKo","Hello $PlayerD,\n".$message.$hashD);
+
+	echo "<div class=\"message\">You started a new game. The emails have been sent out!</div>\n";
       }
-    else
-      {
-	/* get ruleset information or create new one */
-	$ruleset = DB_get_ruleset($dullen,$schweinchen,$call);
-	if($ruleset <0)
-	  {
-	    myerror("Error defining ruleset: $ruleset");
-	    output_footer();
-	    DB_close();
-	    exit();
-	  };
-	/* get max session */
-	$max = DB_get_max_session();
-	$max++;
-
-	mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre', ".
-		  "'$ruleset','$max' ,NULL)");
-      }
-    $game_id = mysql_insert_id();
-
-    /* create hash */
-    $TIME  = (string) time(); /* to avoid collisions */
-    $hashA = md5("AGameOfDoko".$game_id.$PlayerA.$EmailA.$TIME);
-    $hashB = md5("AGameOfDoko".$game_id.$PlayerB.$EmailB.$TIME);
-    $hashC = md5("AGameOfDoko".$game_id.$PlayerC.$EmailC.$TIME);
-    $hashD = md5("AGameOfDoko".$game_id.$PlayerD.$EmailD.$TIME);
-
-    /* create hands */
-    mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridA).
-		", ".DB_quote_smart($hashA).", 'start','1',NULL,NULL,NULL,NULL)");
-    $hand_idA = mysql_insert_id();
-    mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridB).
-		", ".DB_quote_smart($hashB).", 'start','2',NULL,NULL,NULL,NULL)");
-    $hand_idB = mysql_insert_id();
-    mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridC).
-		", ".DB_quote_smart($hashC).", 'start','3',NULL,NULL,NULL,NULL)");
-    $hand_idC = mysql_insert_id();
-    mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridD).
-		", ".DB_quote_smart($hashD).", 'start','4',NULL,NULL,NULL,NULL)");
-    $hand_idD = mysql_insert_id();
-
-    /* save cards */
-    for($i=0;$i<12;$i++)
-      mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idA', '".$randomNR[$i]."', 'false')");
-    for($i=12;$i<24;$i++)
-      mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idB', '".$randomNR[$i]."', 'false')");
-    for($i=24;$i<36;$i++)
-      mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idC', '".$randomNR[$i]."', 'false')");
-    for($i=36;$i<48;$i++)
-      mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idD', '".$randomNR[$i]."', 'false')");
-
-    /* send out email, TODO: check for error with email */
-    $message = "\n".
-      "you are invited to play a game of DoKo (that is to debug the program ;).\n".
-      "Place comments and bug reports here:\n".
-      "http://wiki.nubati.net/index.php?title=EmailDoko\n\n".
-      "The whole round would consist of the following players:\n".
-      "$PlayerA\n".
-      "$PlayerB\n".
-      "$PlayerC\n".
-      "$PlayerD\n\n".
-      "If you want to join this game, please follow this link:\n\n".
-      "".$HOST.$INDEX."?me=";
-
-    mymail($EmailA,"You are invited to a game of DoKo","Hello $PlayerA,\n".$message.$hashA);
-    mymail($EmailB,"You are invited to a game of DoKo","Hello $PlayerB,\n".$message.$hashB);
-    mymail($EmailC,"You are invited to a game of DoKo","Hello $PlayerC,\n".$message.$hashC);
-    mymail($EmailD,"You are invited to a game of DoKo","Hello $PlayerD,\n".$message.$hashD);
-
-    output_status();
-    echo "<div class=\"message\">You started a new game. The emails have been sent out!</div>\n";
   }    /* end set up a new game */
 /* cancel a game, if nothing has happend in the last N minutes */
 else if(myisset("cancel","me"))