BUGFIX: people can't start new games unless they are part of it

author Arun Persaud <arun@nubati.net>

Sun, 6 Jan 2008 18:27:54 +0000 (19:27 +0100)

committer Arun Persaud <arun@nubati.net>

Sun, 6 Jan 2008 18:34:21 +0000 (19:34 +0100)
author Arun Persaud <arun@nubati.net>
Sun, 6 Jan 2008 18:27:54 +0000 (19:27 +0100)
committer Arun Persaud <arun@nubati.net>
Sun, 6 Jan 2008 18:34:21 +0000 (19:34 +0100)
diff --git a/index.php b/index.php

index 8af8c145bd75415625000ab1f138b5c6ee9e709a..bacb356fd3fc9237518b123de1cdab7b1ca12ff5 100644 (file)
--- a/index.php
+++ b/index.php
@@ -49,148 +49,167 @@ else if(myisset("new"))
        }
    }
  /*check if everything is ready to set up a new game */
        }
    }
  /*check if everything is ready to set up a new game */
- else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen","call" ))
+else if( myisset("PlayerA", "PlayerB","PlayerC","PlayerD","dullen","schweinchen","call" ))
    {
    {
-    $PlayerA = $_REQUEST["PlayerA"];
-    $PlayerB = $_REQUEST["PlayerB"];
-    $PlayerC = $_REQUEST["PlayerC"];
-    $PlayerD = $_REQUEST["PlayerD"];
-
-    $dullen      = $_REQUEST["dullen"];
-    $schweinchen = $_REQUEST["schweinchen"];
-    $call        = $_REQUEST["call"];
-
-    $EmailA  = DB_get_email_by_name($PlayerA);
-    $EmailB  = DB_get_email_by_name($PlayerB);
-    $EmailC  = DB_get_email_by_name($PlayerC);
-    $EmailD  = DB_get_email_by_name($PlayerD);
-
-    if($EmailA=="" || $EmailB=="" || $EmailC=="" || $EmailD=="")
+    output_status();
+    if( !isset($_SESSION["name"]) )
        {
        {
-       echo "couldn't find one of the names, please start a new game";
-       output_footer();
-       DB_close();
-       exit();
+       echo "<div class=\"message\">Please <a href=\"$INDEX\">log in</a>.</div>";
        }
        }
-
-    $useridA  = DB_get_userid_by_name($PlayerA);
-    $useridB  = DB_get_userid_by_name($PlayerB);
-    $useridC  = DB_get_userid_by_name($PlayerC);
-    $useridD  = DB_get_userid_by_name($PlayerD);
-
-    /* create random numbers */
-    $randomNR       = create_array_of_random_numbers($useridA,$useridB,$useridC,$useridD);
-    $randomNRstring = join(":",$randomNR);
-
-    /* create game */
-    $followup = NULL;
-    if(myisset("followup") )
+    else
        {
        {
-       $followup= $_REQUEST["followup"];
-       $session = DB_get_session_by_gameid($followup);
-       $ruleset = DB_get_ruleset_by_gameid($followup); /* just copy ruleset from old game,
-                                                        this way no manipulation is possible */
+       /* get my name */
+       $name = $_SESSION["name"];
+
+       $PlayerA = $_REQUEST["PlayerA"];
+       $PlayerB = $_REQUEST["PlayerB"];
+       $PlayerC = $_REQUEST["PlayerC"];
+       $PlayerD = $_REQUEST["PlayerD"];
  
  
-       /* check if there is a game in pre or play mode, in that case do nothing */
-       if( DB_is_session_active($session) > 0 )
+       /* check if user is in the game */
+       if(!in_array($name,array($PlayerA,$PlayerB,$PlayerC,$PlayerD)))
           {
           {
-           echo "<p class=\"message\"> There is already a game going on in session $session, you can't start a new one</p>";
+           echo "<div class=\"message\">You need to be one of the players to start a <a href=\"$INDEX?new\">new game</a>.</div>";
             output_footer();
             DB_close();
             exit();
           }
             output_footer();
             DB_close();
             exit();
           }
-       else if ( DB_is_session_active($session) < 0 )
+
+       $dullen      = $_REQUEST["dullen"];
+       $schweinchen = $_REQUEST["schweinchen"];
+       $call        = $_REQUEST["call"];
+
+       $EmailA  = DB_get_email_by_name($PlayerA);
+       $EmailB  = DB_get_email_by_name($PlayerB);
+       $EmailC  = DB_get_email_by_name($PlayerC);
+       $EmailD  = DB_get_email_by_name($PlayerD);
+
+       if($EmailA=="" || $EmailB=="" || $EmailC=="" || $EmailD=="")
           {
           {
-           echo "<p class=\"message\"> ERROR: status of session $session couldn't be determined.</p>";
+           echo "couldn't find one of the names, please start a new game";
             output_footer();
             DB_close();
             exit();
           }
  
             output_footer();
             DB_close();
             exit();
           }
  
-       if($session)
-         mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
-                     "'$ruleset','$session' ,NULL)");
+       $useridA  = DB_get_userid_by_name($PlayerA);
+       $useridB  = DB_get_userid_by_name($PlayerB);
+       $useridC  = DB_get_userid_by_name($PlayerC);
+       $useridD  = DB_get_userid_by_name($PlayerD);
+
+       /* create random numbers */
+       $randomNR       = create_array_of_random_numbers($useridA,$useridB,$useridC,$useridD);
+       $randomNRstring = join(":",$randomNR);
+
+       /* create game */
+       $followup = NULL;
+       if(myisset("followup") )
+         {
+           $followup= $_REQUEST["followup"];
+           $session = DB_get_session_by_gameid($followup);
+           $ruleset = DB_get_ruleset_by_gameid($followup); /* just copy ruleset from old game,
+                                                            this way no manipulation is possible */
+
+           /* check if there is a game in pre or play mode, in that case do nothing */
+           if( DB_is_session_active($session) > 0 )
+             {
+               echo "<p class=\"message\"> There is already a game going on in session $session, you can't start a new one</p>";
+               output_footer();
+               DB_close();
+               exit();
+             }
+           else if ( DB_is_session_active($session) < 0 )
+             {
+               echo "<p class=\"message\"> ERROR: status of session $session couldn't be determined.</p>";
+               output_footer();
+               DB_close();
+               exit();
+             }
+
+           if($session)
+             mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+                         "'$ruleset','$session' ,NULL)");
+           else
+             {
+               /* get max session */
+               $max = DB_get_max_session();
+               $max++;
+               mysql_query("UPDATE Game SET session='".$max."' WHERE id=".DB_quote_smart($followup));
+               mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+                           "'$ruleset','$max' ,NULL)");
+             }
+         }
         else
           {
         else
           {
+           /* get ruleset information or create new one */
+           $ruleset = DB_get_ruleset($dullen,$schweinchen,$call);
+           if($ruleset <0)
+             {
+               myerror("Error defining ruleset: $ruleset");
+               output_footer();
+               DB_close();
+               exit();
+             };
             /* get max session */
             $max = DB_get_max_session();
             $max++;
             /* get max session */
             $max = DB_get_max_session();
             $max++;
-           mysql_query("UPDATE Game SET session='".$max."' WHERE id=".DB_quote_smart($followup));
-           mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre',".
+
+           mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre', ".
                         "'$ruleset','$max' ,NULL)");
           }
                         "'$ruleset','$max' ,NULL)");
           }
+       $game_id = mysql_insert_id();
+
+       /* create hash */
+       $TIME  = (string) time(); /* to avoid collisions */
+       $hashA = md5("AGameOfDoko".$game_id.$PlayerA.$EmailA.$TIME);
+       $hashB = md5("AGameOfDoko".$game_id.$PlayerB.$EmailB.$TIME);
+       $hashC = md5("AGameOfDoko".$game_id.$PlayerC.$EmailC.$TIME);
+       $hashD = md5("AGameOfDoko".$game_id.$PlayerD.$EmailD.$TIME);
+
+       /* create hands */
+       mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridA).
+                   ", ".DB_quote_smart($hashA).", 'start','1',NULL,NULL,NULL,NULL)");
+       $hand_idA = mysql_insert_id();
+       mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridB).
+                   ", ".DB_quote_smart($hashB).", 'start','2',NULL,NULL,NULL,NULL)");
+       $hand_idB = mysql_insert_id();
+       mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridC).
+                   ", ".DB_quote_smart($hashC).", 'start','3',NULL,NULL,NULL,NULL)");
+       $hand_idC = mysql_insert_id();
+       mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridD).
+                   ", ".DB_quote_smart($hashD).", 'start','4',NULL,NULL,NULL,NULL)");
+       $hand_idD = mysql_insert_id();
+
+       /* save cards */
+       for($i=0;$i<12;$i++)
+         mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idA', '".$randomNR[$i]."', 'false')");
+       for($i=12;$i<24;$i++)
+         mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idB', '".$randomNR[$i]."', 'false')");
+       for($i=24;$i<36;$i++)
+         mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idC', '".$randomNR[$i]."', 'false')");
+       for($i=36;$i<48;$i++)
+         mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idD', '".$randomNR[$i]."', 'false')");
+
+       /* send out email, TODO: check for error with email */
+       $message = "\n".
+         "you are invited to play a game of DoKo (that is to debug the program ;).\n".
+         "Place comments and bug reports here:\n".
+         "http://wiki.nubati.net/index.php?title=EmailDoko\n\n".
+         "The whole round would consist of the following players:\n".
+         "$PlayerA\n".
+         "$PlayerB\n".
+         "$PlayerC\n".
+         "$PlayerD\n\n".
+         "If you want to join this game, please follow this link:\n\n".
+         "".$HOST.$INDEX."?me=";
+
+       mymail($EmailA,"You are invited to a game of DoKo","Hello $PlayerA,\n".$message.$hashA);
+       mymail($EmailB,"You are invited to a game of DoKo","Hello $PlayerB,\n".$message.$hashB);
+       mymail($EmailC,"You are invited to a game of DoKo","Hello $PlayerC,\n".$message.$hashC);
+       mymail($EmailD,"You are invited to a game of DoKo","Hello $PlayerD,\n".$message.$hashD);
+
+       echo "<div class=\"message\">You started a new game. The emails have been sent out!</div>\n";
        }
        }
-    else
-      {
-       /* get ruleset information or create new one */
-       $ruleset = DB_get_ruleset($dullen,$schweinchen,$call);
-       if($ruleset <0)
-         {
-           myerror("Error defining ruleset: $ruleset");
-           output_footer();
-           DB_close();
-           exit();
-         };
-       /* get max session */
-       $max = DB_get_max_session();
-       $max++;
-
-       mysql_query("INSERT INTO Game VALUES (NULL, NULL, '$randomNRstring', 'normal', NULL,NULL,'1',NULL,'pre', ".
-                 "'$ruleset','$max' ,NULL)");
-      }
-    $game_id = mysql_insert_id();
-
-    /* create hash */
-    $TIME  = (string) time(); /* to avoid collisions */
-    $hashA = md5("AGameOfDoko".$game_id.$PlayerA.$EmailA.$TIME);
-    $hashB = md5("AGameOfDoko".$game_id.$PlayerB.$EmailB.$TIME);
-    $hashC = md5("AGameOfDoko".$game_id.$PlayerC.$EmailC.$TIME);
-    $hashD = md5("AGameOfDoko".$game_id.$PlayerD.$EmailD.$TIME);
-
-    /* create hands */
-    mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridA).
-               ", ".DB_quote_smart($hashA).", 'start','1',NULL,NULL,NULL,NULL)");
-    $hand_idA = mysql_insert_id();
-    mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridB).
-               ", ".DB_quote_smart($hashB).", 'start','2',NULL,NULL,NULL,NULL)");
-    $hand_idB = mysql_insert_id();
-    mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridC).
-               ", ".DB_quote_smart($hashC).", 'start','3',NULL,NULL,NULL,NULL)");
-    $hand_idC = mysql_insert_id();
-    mysql_query("INSERT INTO Hand VALUES (NULL,".DB_quote_smart($game_id).",".DB_quote_smart($useridD).
-               ", ".DB_quote_smart($hashD).", 'start','4',NULL,NULL,NULL,NULL)");
-    $hand_idD = mysql_insert_id();
-
-    /* save cards */
-    for($i=0;$i<12;$i++)
-      mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idA', '".$randomNR[$i]."', 'false')");
-    for($i=12;$i<24;$i++)
-      mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idB', '".$randomNR[$i]."', 'false')");
-    for($i=24;$i<36;$i++)
-      mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idC', '".$randomNR[$i]."', 'false')");
-    for($i=36;$i<48;$i++)
-      mysql_query("INSERT INTO Hand_Card VALUES (NULL, '$hand_idD', '".$randomNR[$i]."', 'false')");
-
-    /* send out email, TODO: check for error with email */
-    $message = "\n".
-      "you are invited to play a game of DoKo (that is to debug the program ;).\n".
-      "Place comments and bug reports here:\n".
-      "http://wiki.nubati.net/index.php?title=EmailDoko\n\n".
-      "The whole round would consist of the following players:\n".
-      "$PlayerA\n".
-      "$PlayerB\n".
-      "$PlayerC\n".
-      "$PlayerD\n\n".
-      "If you want to join this game, please follow this link:\n\n".
-      "".$HOST.$INDEX."?me=";
-
-    mymail($EmailA,"You are invited to a game of DoKo","Hello $PlayerA,\n".$message.$hashA);
-    mymail($EmailB,"You are invited to a game of DoKo","Hello $PlayerB,\n".$message.$hashB);
-    mymail($EmailC,"You are invited to a game of DoKo","Hello $PlayerC,\n".$message.$hashC);
-    mymail($EmailD,"You are invited to a game of DoKo","Hello $PlayerD,\n".$message.$hashD);
-
-    output_status();
-    echo "<div class=\"message\">You started a new game. The emails have been sent out!</div>\n";
    }    /* end set up a new game */
  /* cancel a game, if nothing has happend in the last N minutes */
  else if(myisset("cancel","me"))
    }    /* end set up a new game */
  /* cancel a game, if nothing has happend in the last N minutes */
  else if(myisset("cancel","me"))
diff --git a/output.php b/output.php

index 1adc1a77b74b29a28accd55185ed9e4a8b1b6726..cf84e8b828cf8480ccff89d2c3cf7ce6f0937327 100644 (file)
--- a/output.php
+++ b/output.php
@@ -50,6 +50,7 @@ function output_form_for_new_game($names)
  ?>
      <h2> Players </h2>
      <p>Please select four players (or use the randomly pre-selected names)</p>
  ?>
      <h2> Players </h2>
      <p>Please select four players (or use the randomly pre-selected names)</p>
+    <p>Remember: you need to be one of the players ;) </p>
         <form action="index.php" method="post">
  
     <div class="table">
         <form action="index.php" method="post">
  
     <div class="table">
author	Arun Persaud <arun@nubati.net>
	Sun, 6 Jan 2008 18:27:54 +0000 (19:27 +0100)
committer	Arun Persaud <arun@nubati.net>
	Sun, 6 Jan 2008 18:34:21 +0000 (19:34 +0100)
index.php		patch \| blob \| history
output.php		patch \| blob \| history