public function showTeam($teamid)
{
global $tmpl;
global $db;
$team = new team($teamid);
if (!$team->exists()) {
$tmpl->setTemplate('NoPerm');
return;
}
if (!$tmpl->setTemplate('teamSystemProfile')) {
$tmpl->noTemplateFound();
die;
}
// FIXME: implement something to avoid hardcoded paths
$tmpl->assign('pmLink', '../PM/?add&teamid=' . $teamid);
$tmpl->assign('status', $team->getStatus());
$tmpl->assign('title', 'Team ' . htmlent($team->getName()));
// the team's leader
$teamLeader = $team->getLeaderId();
$teamData = array();
$teamData['profileLink'] = './?profile=' . $team->getID();
$teamData['name'] = $team->getName();
$teamData['score'] = $team->getScore();
$teamData['scoreClass'] = $this->rankScore($teamData['score']);
$teamData['matchSearchLink'] = '../Matches/?search_string=' . $teamData['name'] . '&search_type=team+name' . '&search_result_amount=200' . '&search=Search';
$teamData['matchCount'] = $team->getMatchCount();
$teamData['memberCount'] = $team->getMemberCount();
$teamData['leaderLink'] = '../Players/?profile=' . $team->getLeaderId();
$teamData['leaderName'] = (new \user($team->getLeaderId()))->getName();
$teamData['activityNew'] = $team->getActivityNew();
$teamData['activityOld'] = $team->getActivityOld();
$teamData['created'] = $team->getCreationTimestampStr();
$teamData['wins'] = $team->getMatchCount('won');
$teamData['draws'] = $team->getMatchCount('draw');
$teamData['losses'] = $team->getMatchCount('lost');
$teamData['logo'] = $team->getAvatarURI();
$tmpl->assign('teamDescription', $team->getDescription());
$tmpl->assign('team', $teamData);
$tmpl->assign('teamid', $teamid);
$tmpl->assign('canPMTeam', \user::getCurrentUserLoggedIn() && \user::getCurrentUserId() > 0 ? true : false);
// tell template if user can edit this team
$tmpl->assign('canEditTeam', \user::getCurrentUserLoggedIn() && \user::getCurrentUserId() === $teamLeader || \user::getCurrentUser()->getPermission('allow_edit_any_team_profile'));
// tell template if user can delete this team
// either user has deletion permission for team
// or user is leader of team and there are one or less members in team
$tmpl->assign('canDeleteTeam', $team->getStatus() !== 'deleted' && (\user::getCurrentUser()->getPermission('team.allowDelete ' . $team->getID()) || \user::getCurrentUser()->getPermission('allow_delete_any_team') || \user::getCurrentUserId() === $team->getLeaderId()));
$showMemberActionOptions = false;
if (\user::getCurrentUserId() === $teamLeader || \user::getCurrentUser()->getPermission('allow_kick_any_team_members')) {
$showMemberActionOptions = true;
}
$members = array();
$memberids = $team->getUserIds();
foreach ($memberids as $memberid) {
$user = new \user($memberid);
$member = array();
// rename db result fields and assemble some additional informations
// use a temporary array for better readable (but slower) code
if (!$showMemberActionOptions && \user::getCurrentUserId() === $memberid) {
$showMemberActionOptions = true;
}
$member['profileLink'] = '../Players/?profile=' . $user->getID();
$member['userName'] = $user->getName();
$member['permissions'] = $teamLeader === $memberid ? 'Leader' : 'Standard';
if ($country = $user->getCountry()) {
$member['countryName'] = $country->getName();
if (strlen($country->getFlag()) > 0) {
$member['countryFlag'] = $country->getFlag();
}
}
$member['joined'] = $user->getJoinTimestampStr();
$member['last_login'] = $user->getLastLoginTimestampStr();
// show leave/kick links if permission is given
// a team leader can neither leave or be kicked
// a leader must first give someone else leadership to leave
if ((\user::getCurrentUserId() === $teamLeader || \user::getCurrentUser()->getPermission('allow_kick_any_team_members') || \user::getCurrentUserId() === $user->getID()) && $user->getID() !== $teamLeader) {
$member['removeLink'] = './?remove=' . $user->getID() . '&team=' . $teamid;
if (\user::getCurrentUserId() === $user->getID()) {
$member['removeDescription'] = 'Leave team';
} else {
$member['removeDescription'] = 'Kick member from team';
}
}
// append current member data
$members[] = $member;
unset($user);
}
$tmpl->assign('members', $members);
$tmpl->assign('showMemberActionOptions', $showMemberActionOptions);
// show last entered matches
$matches = array();
// show available options if any available
$allowEdit = \user::getCurrentUser()->getPermission('allow_edit_match');
$allowDelete = \user::getCurrentUser()->getPermission('allow_delete_match');
$tmpl->assign('showMatchActionOptions', $allowEdit || $allowDelete);
$tmpl->assign('allowEdit', $allowEdit);
$tmpl->assign('allowDelete', $allowDelete);
// get match data
// sort the data by id to find out if abusers entered a match at a long time in the past
$query = $db->prepare('SELECT `timestamp`,`team1_id`,`team2_id`,' . '(SELECT `name` FROM `teams` WHERE `id`=`team1_id`) AS `team1_name`' . ',(SELECT `name` FROM `teams` WHERE `id`=`team2_id`) AS `team2_name`' . ',`team1_points`,`team2_points`,`userid`' . ',(SELECT `users`.`name` FROM `users`' . ' WHERE `users`.`id`=`matches`.`userid`)' . ' AS `username`' . ',`matches`.`id`' . ' FROM `matches` WHERE `matches`.`team1_id`=?' . ' OR `matches`.`team2_id`=?' . ' ORDER BY `id` DESC LIMIT 0,10');
$db->execute($query, array($teamid, $teamid));
while ($row = $db->fetchRow($query)) {
// rename db result fields and assemble some additional informations
// use a temporary array for better readable (but slower) code
$prepared = array();
$prepared['time'] = $row['timestamp'];
$prepared['team1Link'] = '../Teams/?profile=' . $row['team1_id'];
$prepared['team2Link'] = '../Teams/?profile=' . $row['team2_id'];
$prepared['team1Name'] = $row['team1_name'];
$prepared['team2Name'] = $row['team2_name'];
$prepared['score1'] = $row['team1_points'];
$prepared['score2'] = $row['team2_points'];
$prepared['lastModById'] = $row['userid'];
$prepared['lastModByName'] = $row['username'];
$prepared['lastModByLink'] = '../Players/?profile=' . $prepared['lastModById'];
if ($allowEdit) {
$prepared['editLink'] = '../Matches/?edit=' . $row['id'];
}
if ($allowDelete) {
$prepared['deleteLink'] = '../Matches/?delete=' . $row['id'];
}
$matches[] = $prepared;
}
$tmpl->assign('matches', $matches);
// invitation data visible
// for team members
// for users who can issue any invitation
if (\user::getCurrentUser()->getMemberOfTeam($teamid) || \user::getCurrentUser()->getPermission('allow_invite_in_any_team')) {
$invitationData = array();
$invitations = invitation::getInvitationsForTeam($teamid);
foreach ($invitations as $invitation) {
$invitationUser = $invitation->getUsers()[0];
$invitationData[] = array('userName' => $invitationUser->getName(), 'profileLink' => '../Players/?profile=' . $invitationUser->getID(), 'expiration' => $invitation->getExpiration());
}
$tmpl->assign('invitations', $invitationData);
}
}
if (!($aData['token'] = $this->token->createToken('invitation', $account_id))) {
$this->setErrorMessage($this->getErrorMsg('E0027', $this->token->getError()));
return false;
}
$aData['username'] = $this->user->getUserName($account_id);
$aData['subject'] = 'Pending Invitation';
$this->log->log("info", $this->user->getUserName($account_id) . " sent an invitation");
if ($this->mail->sendMail('invitations/body', $aData)) {
$aToken = $this->token->getToken($aData['token'], 'invitation');
if (!$this->createInvitation($account_id, $aData['email'], $aToken['id'])) {
return false;
}
return true;
} else {
$this->log->log("warn", $this->user->getUserName($account_id) . " sent an invitation but failed to send e-mail");
$this->setErrorMessage($this->getErrorMsg('E0028'));
}
$this->setErrorMessage($this->getErrorMsg('E0029'));
return false;
}
}
// Instantiate class
$invitation = new invitation();
$invitation->setDebug($debug);
$invitation->setLog($log);
$invitation->setMysql($mysqli);
$invitation->setMail($mail);
$invitation->setUser($user);
$invitation->setToken($oToken);
$invitation->setConfig($config);
$invitation->setErrorCodes($aErrorCodes);
public function getAllowedToJoinTeam($teamid)
{
// not logged in or unidentified user can never join
if ($this->origUserId === 0) {
return false;
}
// investigate team
$team = new team($teamid);
// can not join deleted team
if ($team->getStatus() === 'deleted') {
return false;
}
// leader can always join own team (e.g. during team creation)
if ($team->getLeaderId() === $this->origUserId) {
return true;
}
require_once dirname(__FILE__) . '/invitation.php';
return $this->getPermission('allow_join_any_team') || (new team($teamid))->getOpen() || invitation::getInvitationsForTeam($teamid, $this->origUserId);
}
protected function reactivateTeam()
{
global $tmpl;
// perform sanity checks
if (($result = $this->sanityCheck()) !== true) {
$tmpl->assign('error', $result === false ? 'An unknown error occurred while checking your request' : $result);
return;
}
$tmpl->assign('teamName', $this->team->getName());
$tmpl->assign('teamid', $this->team->getID());
$tmpl->assign('userName', $this->user->getName());
$tmpl->assign('userid', $this->user->getID());
// reactivate team with chosen leader
// issue an invitation for team leader so he can join
$invitation = new invitation();
$invitation->forUserId($this->user->getID());
$invitation->toTeam($this->team->getID());
$invitation->insert(false);
// now change team status to reactivate and add the user to team then make the user leader
if (!$this->team->setStatus('reactivated') || !$this->team->update() || !$this->user->addTeamMembership($this->team->getID()) || !$this->user->update() || !$this->team->setLeaderId($this->user->getID()) || !$this->team->update()) {
/* var_dump($this->user->addTeamMembership($this->team->getID())); */
$tmpl->assign('error', 'An unknown error occurred while reactivating the team.');
} else {
// notify team members using a private message
$pm = new pm();
$pm->setSubject(\user::getCurrentUser()->getName() . ' reactivated team ' . $this->team->getName());
$pm->setContent('Congratulations: Player ' . \user::getCurrentUser()->getName() . ' reactivated team ' . $this->team->getName() . ' with you as its leader.');
$pm->setTimestamp(date('Y-m-d H:i:s'));
$pm->addUserID($this->user->getID());
// send it
$pm->send();
// tell user that team reactivation was successful
$tmpl->assign('teamReactivationSuccessful', true);
}
}
private function doLogin($moduleInstance, $moduleName)
{
global $config;
// if used login module is not local, then an external login has been used
$externalLogin = strcasecmp($moduleName, 'local') !== 0;
// init user id to reserved value 0
$uid = 0;
// load operations framework
include dirname(__FILE__) . '/classes/userOperations.php';
$userOperations = new userOperations();
if ($externalLogin) {
// lookup internal id using external id
$uid = \user::getIdByExternalId($moduleInstance->getID());
} else {
// local login id is equal to internal login id by definition
$uid = $moduleInstance->getID();
}
// if uid is 0 this means
// either new user
// or user already registered using local login
if ($uid === 0) {
if ($externalLogin) {
// try to recover uid by username based db lookup
$uid_list = \user::getIdByName($moduleInstance->getName());
// iterate through the list, trying to update old callsigns
// and hoping to find the proper user account for this login attempt
foreach ($uid_list as $one_uid) {
// check external login id for match with external login module id
// $moduleInstance->getID() must have a valid value if login got approved
// by the external login module used
$user = new \user($one_uid);
$servicematch = false;
foreach ($user->getExternalIds as $eservice) {
// only act on matching service type
if ($eservice->service === $moduleInstance->getType) {
$servicematch = true;
if ($eservice->euid !== $moduleInstance->getID()) {
// try to resolve the name conflict by updating a username that might be forgotten
$userOperations->updateUserName($one_uid, $eservice->euid, $moduleInstance->getName());
} else {
$uid = $one_uid;
break;
}
}
}
if (!$servicematch) {
$uid = $one_uid;
}
}
unset($servicematch);
unset($eservice);
unset($uid_list);
unset($one_uid);
}
// init newUser to false (do not send welcome message by default)
$newUser = false;
// find out if an internal id can be found for callsign
$newUser = $uid !== 0 ? false : true;
if ($newUser) {
// a new user, be happy :)
if ($config->getValue('login.welcome.summary')) {
$this->moduleOutput[] = strval($config->getValue('login.welcome.summary'));
} else {
$this->moduleOutput[] = 'Welcome and thanks for registering on this website.';
}
// register the account on db
if ($uid = $userOperations->registerAccount($moduleInstance, $externalLogin)) {
// send welcome message if registering was successful
\pm::sendWelcomeMessage($uid);
}
} else {
// existing account with no external login
// call logout as bandaid for erroneous login modules
$user->logout();
$this->moduleOutput[] = 'This account does not have any external logins enabled. ' . 'You may try using ' . '<a href="./?module=local&action=form">local login</a>' . ' first.';
// login failed without any possibility to recover from user error
return false;
}
// does a user try to log in using reserved id 0?
if ($uid === 0) {
// call logout as bandaid for erroneous login modules
// these may log the user in, even though they never should
$user->logout();
$this->moduleOutput[] = 'An internal error occurred: $uid === 0 on login.';
return false;
}
}
$user = new \user($uid);
// re-activate deleted accounts
// stop processing disabled/banned or broken accounts
// call logout as bandaid for erroneous login modules
$status = $user->getStatus();
switch ($status) {
case 'active':
break;
case 'deleted':
$user->setStatus('active');
break;
case 'login disabled':
$this->moduleOutput[] = 'Your account is disabled: No login possible.';
$user->logout();
return false;
break;
// TODO: implement site wide ban list
// TODO: implement site wide ban list
case 'banned':
$this->moduleOutput[] = 'You have been banned from this website.';
$user->logout();
return false;
break;
default:
$this->moduleOutput[] = 'The impossible happened: Account status is' . htmlent($status) . '.';
$user->logout();
return false;
}
if ($uid > 0) {
// update username first because online user list uses the name directly instead of an id
//hmm, uid := $moduleInstance->getID()
$userOperations->updateUserName($uid, $externalLogin ? $moduleInstance->getID() : 0, $moduleInstance->getName());
user::setCurrentUserID($uid);
$moduleInstance->givePermissions();
$userOperations->addToVisitsLog($uid);
$user->setLastLogin();
$user->update();
$userOperations->addToOnlineUserList($moduleInstance->getName(), $uid);
invitation::deleteOldInvitations();
$this->moduleOutput[] = 'Login was successful!';
return true;
} else {
$user->logout();
}
return false;
}
