X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=e-DoKo.git;a=blobdiff_plain;f=index.php;h=f0a8e7451d185a1a28e45021b574282073293040;hp=4b5ca5cb25f3e22b3aaed4092bd52ec3f031dd48;hb=9f3cec73181b5ac35486fea031828b11468bceb9;hpb=73a6f86691f53d8eb6339b5bb5e9156822cc7e54 diff --git a/index.php b/index.php index 4b5ca5c..f0a8e74 100644 --- a/index.php +++ b/index.php @@ -6,8 +6,10 @@ include_once("output.php"); /* html output only */ include_once("db.php"); /* database only */ include_once("functions.php"); /* the rest */ +/* make sure that user has set all variables in config.php */ config_check(); +/* open the database */ if(DB_open()<0) { output_header(); @@ -17,24 +19,38 @@ if(DB_open()<0) exit(); } -/* start a session, if it is not already running */ +/* start a session, if it is not already running. + * This way people don't have to log in all the times. + * The session variables can also be read out from different + * php scripts, so that the code can be easily split up across several files + */ session_start(); /* done major error checking, output header of HTML page */ output_header(); -/* check if we want to start a new game */ +/* The rest of the file consists of handling user input. + * The user sends information via html GET and POST variables, + * the script checks if these are set via "myisset" + * which can check a list of variables. + */ + +/* does the user want to log out? */ if(myisset("logout")) { + /* distroy the session */ session_unset(); session_destroy(); $_SESSION = array(); + echo "
You are now logged out!
\n". "(This will take you back to the home-page)
"; } +/* check if we want to start a new game */ else if(myisset("new")) { output_status(); + /* user needs to be logged in to do this */ if( isset($_SESSION["name"]) ) { $names = DB_get_all_names(); @@ -52,6 +68,7 @@ else if(myisset("new")) else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen","call" )) { output_status(); + /* user needs to be logged in */ if( !isset($_SESSION["name"]) ) { echo "
Please log in.
"; @@ -61,12 +78,13 @@ else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen" /* get my name */ $name = $_SESSION["name"]; + /* the names of the four players */ $PlayerA = $_REQUEST["PlayerA"]; $PlayerB = $_REQUEST["PlayerB"]; $PlayerC = $_REQUEST["PlayerC"]; $PlayerD = $_REQUEST["PlayerD"]; - /* check if user is in the game */ + /* the person who sets up the game has to be one of the players */ if(!in_array($name,array($PlayerA,$PlayerB,$PlayerC,$PlayerD))) { echo "
You need to be one of the players to start a new game.
"; @@ -74,16 +92,19 @@ else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen" DB_close(); exit(); } - + + /* what rules were selected */ $dullen = $_REQUEST["dullen"]; $schweinchen = $_REQUEST["schweinchen"]; $call = $_REQUEST["call"]; - $EmailA = DB_get_email_by_name($PlayerA); - $EmailB = DB_get_email_by_name($PlayerB); - $EmailC = DB_get_email_by_name($PlayerC); - $EmailD = DB_get_email_by_name($PlayerD); + /* get the emails addresses of the players */ + $EmailA = DB_get_email('name',$PlayerA); + $EmailB = DB_get_email('name',$PlayerB); + $EmailC = DB_get_email('name',$PlayerC); + $EmailD = DB_get_email('name',$PlayerD); + /* this is used to check if the player names are all ok */ if($EmailA=="" || $EmailB=="" || $EmailC=="" || $EmailD=="") { echo "couldn't find one of the names, please start a new game"; @@ -92,10 +113,11 @@ else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen" exit(); } - $useridA = DB_get_userid_by_name($PlayerA); - $useridB = DB_get_userid_by_name($PlayerB); - $useridC = DB_get_userid_by_name($PlayerC); - $useridD = DB_get_userid_by_name($PlayerD); + /* get user ids */ + $useridA = DB_get_userid('name',$PlayerA); + $useridB = DB_get_userid('name',$PlayerB); + $useridC = DB_get_userid('name',$PlayerC); + $useridD = DB_get_userid('name',$PlayerD); /* create random numbers */ $randomNR = create_array_of_random_numbers($useridA,$useridB,$useridC,$useridD); @@ -103,6 +125,7 @@ else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen" /* create game */ $followup = NULL; + /* is this game a follow up in an already started session? */ if(myisset("followup") ) { $followup= $_REQUEST["followup"]; @@ -131,7 +154,7 @@ else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen" "'$ruleset','$session' ,NULL)"); else { - /* get max session */ + /* get max session and start a new one */ $max = DB_get_max_session(); $max++; mysql_query("UPDATE Game SET session='".$max."' WHERE id=".DB_quote_smart($followup)); @@ -139,7 +162,7 @@ else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen" "'$ruleset','$max' ,NULL)"); } } - else + else /* no follow up, start a new session */ { /* get ruleset information or create new one */ $ruleset = DB_get_ruleset($dullen,$schweinchen,$call); @@ -210,7 +233,8 @@ else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen" echo "
You started a new game. The emails have been sent out!
\n"; } - } /* end set up a new game */ + /* end set up a new game */ + } /* cancel a game, if nothing has happend in the last N minutes */ else if(myisset("cancel","me")) { @@ -219,7 +243,7 @@ else if(myisset("cancel","me")) $me = $_REQUEST["me"]; /* test for valid ID */ - $myid = DB_get_userid_by_hash($me); + $myid = DB_get_userid('hash',$me); if(!$myid) { echo "Can't find you in the database, please check the url.
\n"; @@ -233,9 +257,9 @@ else if(myisset("cancel","me")) /* get some information from the DB */ $gameid = DB_get_gameid_by_hash($me); - $myname = DB_get_name_by_hash($me); + $myname = DB_get_name('hash',$me); - /* check if game really is old enough */ + /* check if game really is old enough to be canceled */ $result = mysql_query("SELECT mod_date from Game WHERE id='$gameid' " ); $r = mysql_fetch_array($result,MYSQL_NUM); if(time()-strtotime($r[0]) > 60*60*24*30) /* = 1 month */ @@ -247,7 +271,7 @@ else if(myisset("cancel","me")) $userids = DB_get_all_userid_by_gameid($gameid); foreach($userids as $user) { - $To = DB_get_email_by_userid($user); + $To = DB_get_email('userid',$user); mymail($To,$EmailName."game ".DB_format_gameid($gameid)." canceled (timed out)",$message); } @@ -268,7 +292,7 @@ else if(myisset("remind","me")) $me = $_REQUEST["me"]; /* test for valid ID */ - $myid = DB_get_userid_by_hash($me); + $myid = DB_get_userid('hash',$me); if(!$myid) { echo "Can't find you in the database, please check the url.
\n"; @@ -282,15 +306,15 @@ else if(myisset("remind","me")) /* get some information from the DB */ $gameid = DB_get_gameid_by_hash($me); - $myname = DB_get_name_by_hash($me); + $myname = DB_get_name('hash',$me); - /* check if game really is old enough */ + /* check if player hasn't done anything in a while */ $result = mysql_query("SELECT mod_date,player,status from Game WHERE id='$gameid' " ); $r = mysql_fetch_array($result,MYSQL_NUM); if( (time()-strtotime($r[0]) > 60*60*24*7) && ($r[2]!='gameover') ) /* = 1 week */ { - $name = DB_get_name_by_userid($r[1]); - $To = DB_get_email_by_userid($r[1]); + $name = DB_get_name('userid',$r[1]); + $To = DB_get_email('userid',$r[1]); $userhash = DB_get_hash_from_gameid_and_userid($gameid,$r[1]); $message = "Hello $name, \n\n". @@ -299,6 +323,7 @@ else if(myisset("remind","me")) "Please visit this link now to continue: \n". " ".$HOST.$INDEX."?me=".$userhash."\n\n" ; + /* make sure we don't send too many reminders to one person */ if(DB_get_reminder($r[1],$gameid)>0) { echo "

An email has already been sent out.

\n"; @@ -322,7 +347,7 @@ else if(myisset("me")) $me = $_REQUEST["me"]; /* test for valid ID */ - $myid = DB_get_userid_by_hash($me); + $myid = DB_get_userid('hash',$me); if(!$myid) { echo "Can't find you in the database, please check the url.
\n"; @@ -331,7 +356,8 @@ else if(myisset("me")) DB_close(); exit(); } - + + /* user might get here by clicking on the link in an email, so session might not be set */ if(isset($_SESSION["name"])) output_status($_SESSION["name"]); @@ -340,15 +366,14 @@ else if(myisset("me")) /* get some information from the DB */ $gameid = DB_get_gameid_by_hash($me); - $myname = DB_get_name_by_hash($me); + $myname = DB_get_name('hash',$me); $mystatus = DB_get_status_by_hash($me); $mypos = DB_get_pos_by_hash($me); - $myhand = DB_get_handid_by_hash($me); + $myhand = DB_get_handid('hash',$me); $session = DB_get_session_by_gameid($gameid); /* get prefs and save them */ DB_get_PREF($myid); - /* end set pref */ /* get rule set for this game */ $result = mysql_query("SELECT * FROM Rulesets". @@ -410,9 +435,8 @@ else if(myisset("me")) display_table(); /* mystatus gets the player through the different stages of a game. - * start: yes/no - * init: check values from start, - * check for sickness + * start: does the player want to play? + * init: check for sickness * check: check for return values from init * poverty: handle poverty, wait here until all player have reached this state * display sickness and move on to game @@ -424,11 +448,13 @@ else if(myisset("me")) case 'start': if( !myisset("in") ) { + /* asks the player, if he wants to join the game */ output_check_want_to_play($me); break; } else { + /* check the result, if player wants to join, got next stage, else cancel game */ if($_REQUEST["in"] == "no") { /* cancel the game */ @@ -438,7 +464,7 @@ else if(myisset("me")) $userids = DB_get_all_userid_by_gameid($gameid); foreach($userids as $user) { - $To = DB_get_email_by_userid($user); + $To = DB_get_email('userid',$user); mymail($To,$EmailName."game ".DB_format_gameid($gameid)." canceled",$message); } @@ -481,13 +507,13 @@ else if(myisset("me")) { /* email startplayer */ /* - $email = DB_get_email_by_pos_and_gameid($startplayer,$gameid); + $email = DB_get_email('position-gameid',$startplayer,$gameid); $hash = DB_get_hash_from_game_and_pos($gameid,$startplayer); - $who = DB_get_userid_by_email($email); + $who = DB_get_userid('email',$email); DB_set_player_by_gameid($gameid,$who); $message = "It's your turn now in game ".DB_format_gameid($gameid).".\n". - "Use this link to play a card: ".$HOST.$INDEX."?me=".$hash."\n\n" ; + "Use this link to go the game: ".$HOST.$INDEX."?me=".$hash."\n\n" ; mymail($email,$EmailName."ready, set, go... (game ".DB_format_gameid($gameid).") ",$message); */ } @@ -611,7 +637,7 @@ else if(myisset("me")) foreach($userids as $user) { - $To = DB_get_email_by_userid($user); + $To = DB_get_email('userid',$user); $userhash = DB_get_hash_from_gameid_and_userid($gameid,$user); if($userhash != $me) { @@ -668,7 +694,7 @@ else if(myisset("me")) $solo = 0; foreach($userids as $user) { - $name = DB_get_name_by_userid($user); + $name = DB_get_name('userid',$user); $usersick = DB_get_sickness_by_userid_and_gameid($user,$gameid); if($usersick == 'nines') { @@ -704,7 +730,7 @@ else if(myisset("me")) /* cancel game */ /* TODO: should we keep statistics of this? */ $message = "Hello, \n\n". - " the game has been canceled because ".DB_get_name_by_userid($nines). + " the game has been canceled because ".DB_get_name('userid',$nines). " has five or more nines and nobody is playing solo.\n\n". " To redeal either start a new game or, in case the game was part of a tournament, \n". " go to the last game and use the link at the bottom of the page to redeal."; @@ -712,14 +738,14 @@ else if(myisset("me")) $userids = DB_get_all_userid_by_gameid($gameid); foreach($userids as $user) { - $To = DB_get_email_by_userid($user); + $To = DB_get_email('userid',$user); mymail($To,$EmailName."game ".DB_format_gameid($gameid)." canceled",$message); } /* delete everything from the dB */ DB_cancel_game($me); - echo "The game has been canceled because ".DB_get_name_by_userid($nines). + echo "The game has been canceled because ".DB_get_name('userid',$nines). " has five or more nines and nobody is playing solo.\n"; output_footer(); DB_close(); @@ -779,7 +805,7 @@ else if(myisset("me")) * stop when the sickness is the same as the gametype */ - $name = DB_get_name_by_userid($user); + $name = DB_get_name('userid',$user); $usersick = DB_get_sickness_by_userid_and_gameid($user,$gameid); if($usersick) @@ -800,7 +826,7 @@ else if(myisset("me")) /* output Schweinchen in case the rules need it */ if( $gametype != "solo") if($GAME["schweinchen"] && $RULES["schweinchen"]=="both" ) - echo DB_get_name_by_hash($GAME["schweinchen-who"])." has Schweinchen.
"; + echo DB_get_name('hash',$GAME["schweinchen-who"])." has Schweinchen.
"; echo "
\n"; @@ -883,9 +909,9 @@ else if(myisset("me")) if($who<=4) { - $To = DB_get_email_by_pos_and_gameid($who,$gameid); + $To = DB_get_email('position-gameid',$who,$gameid); $userhash = DB_get_hash_from_game_and_pos($gameid,$who); - $userid = DB_get_userid_by_email($To); + $userid = DB_get_userid('email',$To); DB_set_player_by_gameid($gameid,$userid); $message = "Someone has poverty, it's your turn to decide, if you want to take the trump. Please visit:". @@ -903,7 +929,7 @@ else if(myisset("me")) $trump = $_REQUEST["trump"]; /* get hand id for user $trump */ - $userhand = DB_get_handid_by_gameid_and_userid($gameid,$trump); + $userhand = DB_get_handid('gameid-userid',$gameid,$trump); /* copy trump from player A to B */ $result = mysql_query("UPDATE Hand_Card SET hand_id='$myhand' WHERE hand_id='$userhand' AND card_id<'27'" ); @@ -918,7 +944,7 @@ else if(myisset("me")) { $trump = $_REQUEST["trump"]; $exchange = $_REQUEST["exchange"]; - $userhand = DB_get_handid_by_gameid_and_userid($gameid,$trump); + $userhand = DB_get_handid('gameid-userid',$gameid,$trump); /* if exchange is set to a value>0, exchange that card back to user $trump */ if($exchange >0) @@ -964,9 +990,9 @@ else if(myisset("me")) $who = DB_get_sickness_by_gameid($gameid); if($who<=4) { - $To = DB_get_email_by_pos_and_gameid($who,$gameid); + $To = DB_get_email('position-gameid',$who,$gameid); $userhash = DB_get_hash_from_game_and_pos($gameid,$who); - $userid = DB_get_userid_by_email($To); + $userid = DB_get_userid('email',$To); DB_set_player_by_gameid($gameid,$userid); $message = "Someone has poverty, it's your turn to decide, ". @@ -1034,7 +1060,7 @@ else if(myisset("me")) echo "
\n"; foreach($userids as $user) { - $name = DB_get_name_by_userid($user); + $name = DB_get_name('userid',$user); $usersick = DB_get_sickness_by_userid_and_gameid($user,$gameid); if($usersick=="poverty") @@ -1078,7 +1104,7 @@ else if(myisset("me")) $userids = DB_get_all_userid_by_gameid($gameid); foreach($userids as $user) { - $To = DB_get_email_by_userid($user); + $To = DB_get_email('userid',$user); mymail($To,$EmailName."game ".DB_format_gameid($gameid)." canceled (poverty not resolved)",$message); } @@ -1107,9 +1133,9 @@ else if(myisset("me")) /* email startplayer */ $startplayer = DB_get_startplayer_by_gameid($gameid); - $email = DB_get_email_by_pos_and_gameid($startplayer,$gameid); + $email = DB_get_email('position-gameid',$startplayer,$gameid); $hash = DB_get_hash_from_game_and_pos($gameid,$startplayer); - $who = DB_get_userid_by_email($email); + $who = DB_get_userid('email',$email); DB_set_player_by_gameid($gameid,$who); if($hash!=$me && DB_get_email_pref_by_hash($hash)!="emailaddict") @@ -1158,7 +1184,7 @@ else if(myisset("me")) if($gamestatus == 'pre') { echo "

You finished the setup, but not everyone else finished it... ". - "so you need to wait for the others. Just wait for the an email...

"; + "You need to wait for the others. Just wait for an email.

"; break; /* not sure this works... the idea is that you can * only play a card after everyone is ready to play */ } @@ -1179,6 +1205,16 @@ else if(myisset("me")) DB_insert_comment($comment,$playid,$myid); }; + /* handle notes in case player didn't play a card, allow notes only during a game */ + if( (!myisset("card") && $mystatus=='play') ) + if(myisset("note")) + { + $note = $_REQUEST["note"]; + + if($note != "") + DB_insert_note($note,$gameid,$myid); + }; + /* get everything relevant to display the tricks */ $result = mysql_query("SELECT Hand_Card.card_id as card,". " Hand.position as position,". @@ -1313,7 +1349,7 @@ else if(myisset("me")) if(myisset("card") && $myturn) { $card = $_REQUEST["card"]; - $handid = DB_get_handid_by_hash($me); + $handid = DB_get_handid('hash',$me); /* check if we have card and that we haven't played it yet*/ /* set played in hand_card to true where hand_id and card_id*/ @@ -1351,8 +1387,12 @@ else if(myisset("me")) $playid = DB_play_card($trickid,$handcardid,$sequence); - /* check for schweinchen */ - if($GAME["schweinchen"] && ($card == 19 || $card == 20) ) + /* check special output for schweinchen in case: + * schweinchen is in the rules, a fox has been played and the gametype is correct + */ + if( $GAME["schweinchen"] && + ($card == 19 || $card == 20) && + ($gametype == "normal" || $gametype == "silent"|| $gametype=="trump")) { $GAME["schweinchen"]++; // count how many have been played including this one if($GAME["schweinchen"]==3 && $RULES["schweinchen"]=="second" ) @@ -1381,7 +1421,7 @@ else if(myisset("me")) /* who won the trick */ $play = DB_get_cards_by_trick($trickid); $winner = get_winner($play,$gametype); /* returns the position */ - $winnerid = DB_get_userid_by_gameid_and_position($gameid,$winner); + $winnerid = DB_get_userid('gameid-position',$gameid,$winner); /* is tricknr <=3 */ if($tricknr <=3 && $winnerid!=$whosick) { @@ -1406,15 +1446,28 @@ else if(myisset("me")) $winner = get_winner($play,$gametype); /* returns the position */ /* check if someone caught a fox */ - if(DB_get_gametype_by_gameid($gameid)!="solo") + /* first check if we should account for solos at all, + * since it doesn't make sense in some games + */ + $ok = 0; /* fox shouldn't be counted */ + if(DB_get_gametype_by_gameid($gameid)=="solo") + { + $solo = DB_get_solo_by_gameid($gameid); + if($solo == "trump" || $solo == "silent") + $ok = 1; /* for trump solos and silent solos, foxes are ok */ + } + else + $ok = 1; /* for all other games (not solos) foxes are ok too */ + + if($ok==1) foreach($play as $played) { if ( $played['card']==19 || $played['card']==20 ) if ($played['pos']!= $winner ) { /* possible caught a fox, check party */ - $uid1 = DB_get_userid_by_gameid_and_position($gameid,$winner); - $uid2 = DB_get_userid_by_gameid_and_position($gameid,$played['pos']); + $uid1 = DB_get_userid('gameid-position',$gameid,$winner); + $uid2 = DB_get_userid('gameid-position',$gameid,$played['pos']); $party1 = DB_get_party_by_gameid_and_userid($gameid,$uid1); $party2 = DB_get_party_by_gameid_and_userid($gameid,$uid2); @@ -1424,14 +1477,27 @@ else if(myisset("me")) " VALUES( NULL,NULL,$gameid,'$party1',$uid1,$uid2,'fox')"); } } + /* check for karlchen (jack of clubs in the last trick)*/ - if(DB_get_gametype_by_gameid($gameid)!="solo" && $tricknr == 12) + /* same as for foxes, karlchen doesn't always make sense + * check what kind of game it is and set karlchen accordingly */ + $ok = 1; /* default: karlchen should be accounted for */ + if($tricknr != 12 ) + $ok = 0; /* Karlchen works only in the last trick */ + if($ok && DB_get_gametype_by_gameid($gameid)=="solo" ) + { + $solo = DB_get_solo_by_gameid($gameid); + if($solo == "trumpless" || $solo == "jack" || $solo == "queen" ) + $ok = 0; /* no Karlchen in these solos */ + } + + if($ok) foreach($play as $played) if ( $played['card']==11 || $played['card']==12 ) if ($played['pos'] == $winner ) { /* possible caught a fox, check party */ - $uid1 = DB_get_userid_by_gameid_and_position($gameid,$winner); + $uid1 = DB_get_userid('gameid-position',$gameid,$winner); $party1 = DB_get_party_by_gameid_and_userid($gameid,$uid1); mysql_query("INSERT INTO Score". @@ -1445,7 +1511,7 @@ else if(myisset("me")) } if($points > 39) { - $uid1 = DB_get_userid_by_gameid_and_position($gameid,$winner); + $uid1 = DB_get_userid('gameid-position',$gameid,$winner); $party1 = DB_get_party_by_gameid_and_userid($gameid,$uid1); mysql_query("INSERT INTO Score". @@ -1477,6 +1543,14 @@ else if(myisset("me")) DB_insert_comment($comment,$playid,$myid); }; + /* check for note */ + if(myisset("note")) + { + $note = $_REQUEST["note"]; + if($note != "") + DB_insert_note($note,$gameid,$myid); + }; + /* display played card */ $pos = DB_get_pos_by_hash($me); if($sequence==1) @@ -1519,8 +1593,8 @@ else if(myisset("me")) if(DB_get_game_status_by_gameid($gameid)=='play') { $next_hash = DB_get_hash_from_game_and_pos($gameid,$next); - $email = DB_get_email_by_hash($next_hash); - $who = DB_get_userid_by_email($email); + $email = DB_get_email('hash',$next_hash); + $who = DB_get_userid('email',$email); DB_set_player_by_gameid($gameid,$who); $message = "A card has been played in game ".DB_format_gameid($gameid).".\n\n". @@ -1747,9 +1821,9 @@ else if(myisset("me")) $score = generate_score_table($session); /* convert html to ascii */ $score = str_replace("
\n\n \n","",$score); + $score = str_replace("
\n","",$score); $score = str_replace("\n","",$score); $score = str_replace(array("","","",""),array("","\n","","|"),$score); - $score = str_replace("
\n","",$score); $score = explode("\n",$score); $header = array_slice($score,0,1); @@ -1772,14 +1846,14 @@ else if(myisset("me")) $score = implode("\n",$score); $score = $header.$score; - $message .= "Score Table\n"; + $message .= "Score Table:\n"; $message .= $score; /* send out final email */ $all = array(); foreach($userids as $user) - $all[] = DB_get_email_by_userid($user); + $all[] = DB_get_email('userid',$user); $To = implode(",",$all); $help = "\n\n (you can use reply all on this email to reach all the players.)\n"; @@ -1787,7 +1861,7 @@ else if(myisset("me")) foreach($userids as $user) { - $To = DB_get_email_by_userid($user); + $To = DB_get_email('userid',$user); $hash = DB_get_hash_from_gameid_and_userid($gameid,$user); $link = "Use this link to have a look at game ".DB_format_gameid($gameid).": ". @@ -1837,6 +1911,13 @@ else if(myisset("me")) echo "\n"; /* end ul tricks*/ + echo "
Personal notes:
\n"; + $notes = DB_get_notes_by_userid_and_gameid($myid,$gameid); + foreach($notes as $note) + echo "$note
\n"; + echo "Insert note:\n"; + echo "
\n"; + $mycards = DB_get_hand($me); $mycards = mysort($mycards,$gametype); echo "
\n"; @@ -1882,7 +1963,7 @@ else if(myisset("me")) { echo "
"; - $name = DB_get_name_by_userid($user); + $name = DB_get_name('userid',$user); $oldcards = DB_get_all_hand($userhash); $oldcards = mysort($oldcards,$gametype); echo "$name's cards were:
\n"; @@ -2014,7 +2095,6 @@ else if(myisset("me")) echo "
\n"; - echo "\n"; output_footer(); DB_close(); @@ -2032,15 +2112,17 @@ else if( myisset("email","password") || isset($_SESSION["name"]) ) else { $name = $_SESSION["name"]; - $email = DB_get_email_by_name($name); + $email = DB_get_email('name',$name); $password = DB_get_passwd_by_name($name); }; + /* user has forgotten his password */ if(myisset("forgot")) { + /* check if player is in the database */ $ok = 1; - $myid = DB_get_userid_by_email($email); + $myid = DB_get_userid('email',$email); if(!$myid) $ok = 0; @@ -2059,6 +2141,7 @@ else if( myisset("email","password") || isset($_SESSION["name"]) ) echo "The new password will be valid for one day, make sure you reset it to something else.
"; echo "Back to the main page."; + /* create temporary password, use the fist 8 letters of a md5 hash */ $TIME = (string) time(); /* to avoid collisions */ $hash = md5("Anewpassword".$email.$TIME); $newpw = substr($hash,1,8); @@ -2071,45 +2154,52 @@ else if( myisset("email","password") || isset($_SESSION["name"]) ) " also still be valid until you set a new one\n"; mymail($email,$EmailName."recovery ",$message); + /* we save these in the database */ DB_set_recovery_password($myid,md5($newpw)); } else { + /* make it so that people (or a robot) can request thousands of passwords within a short time + * and spam a user this way */ echo "Sorry you already tried 5 times during the last 24h.
". "You need to use one of those passwords or wait to get a new one.
"; echo "Back to the main page."; } } else - { + {/* can't find user id in the database */ + + /* no email given? */ if($email=="") echo "You need to give me an email address!
". "Please try again."; - else + else /* default error message */ echo "Couldn't find a player with this email!
". "Please contact Arun, if you think this is a mistake
". "or else try again."; } } - else - { + else + { /* normal user page */ /* verify password and email */ if(strlen($password)!=32) $password = md5($password); $ok = 1; - $myid = DB_get_userid_by_email_and_password($email,$password); + $myid = DB_get_userid('email-password',$email,$password); if(!$myid) $ok = 0; if($ok) { - $myname = DB_get_name_by_email($email); + /* user information is ok */ + $myname = DB_get_name('email',$email); $_SESSION["name"] = $myname; output_status(); DB_get_PREF($myid); + /* does the user want to change some preferences? */ if(myisset("setpref")) { $setpref=$_REQUEST["setpref"]; @@ -2141,6 +2231,7 @@ else if( myisset("email","password") || isset($_SESSION["name"]) ) break; } } + /* user wants to change his password or request a temporary one */ else if(myisset("passwd")) { if( $_REQUEST["passwd"]=="ask" ) @@ -2187,6 +2278,7 @@ else if( myisset("email","password") || isset($_SESSION["name"]) ) display_user_menu(); + /* display all games the user has played */ echo "
"; echo "

These are all your games:

\n"; echo "

Session:
\n"; @@ -2232,7 +2324,7 @@ else if( myisset("email","password") || isset($_SESSION["name"]) ) echo "(it's your turn)\n"; else { - $name = DB_get_name_by_userid($r[3]); + $name = DB_get_name('userid',$r[3]); $gameid = $r[1]; if(DB_get_reminder($r[3],$gameid)==0) if(time()-strtotime($r[2]) > 60*60*24*7) @@ -2248,10 +2340,20 @@ else if( myisset("email","password") || isset($_SESSION["name"]) ) } } echo "\n\n"; - $names = DB_get_all_names(); - echo "

Registered players:

\n

\n"; - echo implode(", ",$names)."\n"; - echo "

\n
"; + + /* display last 5 users that have signed up to e-DoKo */ + $names = DB_get_names_of_new_logins(5); + echo "

New Players:

\n

\n"; + echo implode(", ",$names).",...\n"; + echo "

\n"; + + /* display last 5 users that logged on */ + $names = DB_get_names_of_last_logins(5); + echo "

Players last logged in:

\n

\n"; + echo implode(", ",$names).",...\n"; + echo "

\n"; + + echo "\n"; } } else @@ -2266,6 +2368,8 @@ else if( myisset("email","password") || isset($_SESSION["name"]) ) /* default login page */ else { + /* this outputs the default home page with some extra statistics on it */ + $pre[0]=0;$game[0]=0;$done[0]=0; $r=mysql_query("SELECT COUNT(id) FROM Game GROUP BY status"); if($r) {