Integrate multis into main accounts

The purpose of this is twofold:
* Allow players to navigate their main/multi accounts without
  having to log in and out.
* Synchronize things between the two accounts when it doesn't
  make sense to have two values (i.e. e-mail address, user
  preferences, bans, etc.).

Add a new table `account_link_login`, which associates a `login_id`
(the new primary key replacing `account_id` in the `account` table)
with an `account_id` (the primary key of `account_link_login`).
Each "login" (`account`) can be associated with multiple "accounts"
(`account_link_login`).

This is a little confusing, since ideally the `account` table would
be renamed `login` (or similar), but we are probably a bit too heavily
invested in the original infrastructure to completely change it now.

We provide a way on the "Play Game" page to switch to/create multis,
including an option to link an existing account as a multi.

Adds two helper methods to SmrAccount:
* getLinkedAccountList - finds all accounts associated with login
* getLinkedAccount - returns an account if it is associated with login

Author: hemberger

db/patches/V1_6_62_03__multi_accounts.sql

@@ -0,0 +1,14 @@
+-- Rename `account.account_id` to `account.login_id`
+ALTER TABLE account CHANGE `account_id` `login_id` smallint(6) unsigned NOT NULL AUTO_INCREMENT;
+
+-- Add `account_link_login` table
+CREATE TABLE account_link_login (
+  `account_id` smallint(6) unsigned NOT NULL AUTO_INCREMENT,
+  `login_id` smallint(6) unsigned NOT NULL,
+  PRIMARY KEY (`account_id`)
+) ENGINE=MyISAM AUTO_INCREMENT=1;
+
+-- Fill in `account_link_login` from the rows of `account`,
+-- setting account_id = login_id.
+INSERT INTO account_link_login (account_id, login_id)
+SELECT login_id, login_id as account_id FROM account;

engine/Default/game_play.php

@@ -8,9 +8,41 @@
 	$template->assign('Message',$var['msg']);
 }
 
+// ***************************************
+// ** Accounts
+// ***************************************
+
+if (isset($var['switch_account_id'])) {
+	// Override default account (and do sanity checks)
+	$account = $account->getLinkedAccount($var['switch_account_id']);
+	SmrSession::updateAccount($account->getAccountID());
+}
+
+// Get linked accounts (order the current account first, for simplicity)
+$linkedAccounts = $account->getLinkedAccountList();
+if (key($linkedAccounts) != $account->getAccountID()) {
+	$linkedAccounts = array_reverse($linkedAccounts);
+}
+$template->assign('AccountLabels', array_values($linkedAccounts));
+
+if (count($linkedAccounts) == SmrAccount::MAX_LINKED_ACCOUNTS) {
+	end($linkedAccounts);
+	$otherAccountID = key($linkedAccounts);
+	$switchContainer = create_container('skeleton.php', 'game_play.php');
+	$switchContainer['switch_account_id'] = $otherAccountID;
+} else {
+	$switchContainer = create_container('skeleton.php', 'switch_account_create.php');
+}
+$template->assign('SwitchAccountHREF', SmrSession::getNewHREF($switchContainer));
+
+
 $template->assign('UserRankingLink',SmrSession::getNewHREF(create_container('skeleton.php', 'rankings_view.php')));
 $template->assign('UserRankName',$account->getRankName());
 
+// ***************************************
+// ** Play Game
+// ***************************************
+
 $games = array();
 $games['Play'] = array();
 $game_id_list = array();

engine/Default/switch_account_create.php

@@ -0,0 +1,9 @@
+<?php
+
+$template->assign('PageTopic', 'Create Multi Account');
+
+$container = create_container('switch_account_create_processing.php');
+$container['action'] = 'Create';
+$template->assign('CreateHREF', SmrSession::getNewHREF($container));
+$container['action'] = 'Link';
+$template->assign('LinkHREF', SmrSession::getNewHREF($container));

engine/Default/switch_account_create_processing.php

@@ -0,0 +1,41 @@
+<?php
+
+if (count($account->getLinkedAccountList()) >= SmrAccount::MAX_LINKED_ACCOUNTS) {
+	create_error('Cannot create another linked account!');
+}
+
+if ($var['action'] == 'Create') {
+	// Create a new multi account
+	$db->query('INSERT INTO account_link_login (login_id) VALUES ('.$account->getLoginID().')');
+	$newAccountID = $db->getInsertID();
+
+	$container = create_container('skeleton.php', 'game_play.php');
+	$container['switch_account_id'] = $newAccountID;
+
+} elseif ($var['action'] == 'Link') {
+	$login = $_REQUEST['multi_account_login'];
+	$password = $_REQUEST['multi_account_password'];
+
+	// Link an existing multi account
+	$db->query('SELECT login_id FROM account ' .
+	           'WHERE login = '.$db->escapeString($login).' AND ' .
+	           'password = '.$db->escapeString(md5($password)).' LIMIT 1');
+	if (!$db->nextRecord()) {
+		create_error('Could not find a matching account. If you believe this is an error, please contact an admin.');
+	}
+	$multiLoginID = $db->getInt('login_id');
+
+	// Sanity check: multi ID > current ID
+	if ($multiLoginID <= $account->getLoginID()) {
+		create_error('Multi account must be newer than main account!');
+	}
+
+	// update the account_link_login to reflect the new login association
+	// For existing accounts login_id == account_id
+	$db->query('UPDATE account_link_login SET login_id='.$db->escapeNumber($account->getLoginID()).' WHERE account_id='.$db->escapeNumber($multiLoginID));
+
+	// delete the old login
+	$db->query('DELETE FROM account WHERE login_id='.$db->escapeNumber($multiLoginID));
+
+
+}

htdocs/login_create.php

@@ -31,7 +31,6 @@
 				<h1>Create Login</h1>
 				<p align='justify'>
 					Creating multiple logins is not allowed.
-					<a href='https://wiki.smrealms.de/rules' target="_blank" style='font-weight:bold;'>Click HERE</a> for more information.
 				</p>
 
 				<form action='login_create_processing.php' method='POST'>

htdocs/login_processing.php

@@ -75,6 +75,7 @@
 			}
 
 			$db->query('SELECT account_id,old_account_id FROM account ' .
+			           'JOIN account_link_login USING (login_id) ' .
 					   'WHERE login = '.$db->escapeString($login).' AND ' .
 							 'password = '.$db->escapeString(md5($password)).' LIMIT 1');
 			if ($db->nextRecord()) {

lib/Default/AbstractSmrAccount.class.inc

@@ -3,6 +3,8 @@ abstract class AbstractSmrAccount {
 	const USER_RANKINGS_EACH_STAT_POW = .9;
 	const USER_RANKINGS_TOTAL_SCORE_POW = .3;
 	const USER_RANKINGS_RANK_BOUNDARY = 5.2;
+	const MAX_LINKED_ACCOUNTS = 2;
+
 	protected static $USER_RANKINGS_SCORE = array(
 		// [Stat, a, b]
 		// Used as: pow(Stat * a, USER_RANKINGS_EACH_STAT_POW) * b
@@ -35,6 +37,7 @@ abstract class AbstractSmrAccount {
 	protected $db;
 
 	protected $account_id;
+	protected $login_id;
 	protected $login;
 	protected $password;
 	protected $email;
@@ -91,7 +94,7 @@ abstract class AbstractSmrAccount {
 
 	public static function &getAccountByName($login,$forceUpdate = false) {
 		$db = new SmrMySqlDatabase();
-		$db->query('SELECT account_id FROM account WHERE login = '.$db->escapeString($login).' LIMIT 1');
+		$db->query('SELECT account_id FROM account JOIN account_link_login USING (login_id) WHERE login = '.$db->escapeString($login).' LIMIT 1');
 		if($db->nextRecord())
 			return self::getAccount($db->getField('account_id'),$forceUpdate);
 		$return = null;
@@ -100,7 +103,7 @@ abstract class AbstractSmrAccount {
 
 	public static function &getAccountByHofName($hofName,$forceUpdate = false) {
 		$db = new SmrMySqlDatabase();
-		$db->query('SELECT account_id FROM account WHERE hof_name = '.$db->escapeString($hofName).' LIMIT 1');
+		$db->query('SELECT account_id FROM account JOIN account_link_login USING (login_id) WHERE hof_name = '.$db->escapeString($hofName).' LIMIT 1');
 		if($db->nextRecord())
 			return self::getAccount($db->getField('account_id'),$forceUpdate);
 		$return = null;
@@ -109,7 +112,7 @@ abstract class AbstractSmrAccount {
 
 	public static function getAccountByDiscordId($id, $forceUpdate=false) {
 		$db = new SmrMySqlDatabase();
-		$db->query('SELECT account_id FROM account where discord_id = '.$db->escapeString($id).' LIMIT 1');
+		$db->query('SELECT account_id FROM account JOIN account_link_login USING (login_id) where discord_id = '.$db->escapeString($id).' LIMIT 1');
 		if ($db->nextRecord()) {
 			return self::getAccount($db->getField('account_id'), $forceUpdate);
 		} else {
@@ -119,7 +122,7 @@ abstract class AbstractSmrAccount {
 
 	public static function &getAccountByIrcNick($nick, $forceUpdate = false) {
 		$db = new SmrMySqlDatabase();
-		$db->query('SELECT account_id FROM account WHERE irc_nick = '.$db->escapeString($nick).' LIMIT 1');
+		$db->query('SELECT account_id FROM account JOIN account_link_login USING (login_id) WHERE irc_nick = '.$db->escapeString($nick).' LIMIT 1');
 		if($db->nextRecord())
 			return self::getAccount($db->getField('account_id'), $forceUpdate);
 		$return = null;
@@ -128,7 +131,7 @@ abstract class AbstractSmrAccount {
 
 	public static function &findAccountByIrcNick($nick, $forceUpdate = false) {
 		$db = new SmrMySqlDatabase();
-		$db->query('SELECT account_id FROM account WHERE irc_nick LIKE '.$db->escapeString($nick).' LIMIT 2');
+		$db->query('SELECT account_id FROM account JOIN account_link_login USING (login_id) WHERE irc_nick LIKE '.$db->escapeString($nick).' LIMIT 2');
 		if($db->getNumRows() > 1) {
 			$return = true;
 			return $return;
@@ -171,12 +174,13 @@ abstract class AbstractSmrAccount {
 
 	function __construct($accountID) {
 		$this->db = new SmrMySqlDatabase();
-		$this->db->query('SELECT * FROM account WHERE account_id = '.$this->db->escapeNumber($accountID).' LIMIT 1');
+		$this->db->query('SELECT * FROM account JOIN account_link_login USING (login_id) WHERE account_id = '.$this->db->escapeNumber($accountID).' LIMIT 1');
 
 		if ($this->db->nextRecord()) {
 			$row = $this->db->getRow();
 			$this->account_id		= $row['account_id'];
 
+			$this->login_id = $row['login_id'];
 			$this->login			= $row['login'];
 			$this->password			= $row['password'];
 			$this->email			= $row['email'];
@@ -298,7 +302,7 @@ abstract class AbstractSmrAccount {
 			', friendly_colour = ' . $this->db->escapeString($this->friendlyColour, true, true).
 			', neutral_colour = ' . $this->db->escapeString($this->neutralColour, true, true).
 			', enemy_colour = ' . $this->db->escapeString($this->enemyColour, true, true).
-			' WHERE account_id = '.$this->db->escapeNumber($this->account_id).' LIMIT 1');
+			' WHERE login_id = '.$this->db->escapeNumber($this->login_id).' LIMIT 1');
 		$this->hasChanged = false;
 	}
 
@@ -741,6 +745,10 @@ abstract class AbstractSmrAccount {
 		return false;
 	}
 
+	public function getLoginID() {
+		return $this->login_id;
+	}
+
 	public function getLogin() {
 		return $this->login;
 	}
@@ -1291,6 +1299,36 @@ abstract class AbstractSmrAccount {
 	public function getPersonalHofHREF() {
 		return SmrSession::getNewHREF(create_container('skeleton.php','hall_of_fame_player_detail.php',array('account_id' => $this->getAccountID())));
 	}
-}
 
+	/**
+	 * Return an array of account_ids associated with this login.
+	 * We assume that each login has only MAX_LINKED_ACCOUNTS accounts and
+	 * that the smallest ID (created first) is the primary account_id.
+	 */
+	public function getLinkedAccountList() {
+		$this->db->query('SELECT account_id FROM account_link_login WHERE login_id='.$this->db->escapeNumber($this->getLoginID()).' ORDER BY account_id ASC LIMIT '.$this->db->escapeNumber(self::MAX_LINKED_ACCOUNTS));
+		$result = array();
+		while ($this->db->nextRecord()) {
+			$name = count($result) == 0 ? 'Main' : 'Multi';
+			$result[$this->db->getInt('account_id')] = $name;
+		}
+		return $result;
+	}
+
+	/**
+	 * Returns another account that is linked to this login.
+	 */
+	public function getLinkedAccount($accountID) {
+		if ($accountID == $this->getAccountID()) {
+			return $this;
+		}
+		$linkedAccounts = $this->getLinkedAccountList();
+		if (isset($linkedAccounts[$accountID])) {
+			return $this::getAccount($accountID);
+		} else {
+			throw new Exception('No linked account with ID: ' . $accountID);
+		}
+	}
+
+}
 ?>

lib/Default/SmrSession.class.inc

@@ -253,6 +253,17 @@ class SmrSession {
 		$db = new SmrMySqlDatabase();
 	}
 
+	/**
+	 * Updates the `account_id` attribute of the session.
+	 */
+	public static function updateAccount($accountID) {
+		if (self::$account_id == $accountID) {
+			return;
+		}
+		self::$account_id = $accountID;
+		self::$db->query('UPDATE active_session SET account_id=' . self::$db->escapeNumber(self::$account_id) . ' WHERE session_id=' . self::$db->escapeString(self::$session_id));
+	}
+
 	public static function updateSN() {
 		self::$db = new SmrSessionMySqlDatabase();
 		if(!USING_AJAX)

templates/Default/engine/Default/game_play.php

@@ -6,6 +6,12 @@
 	echo $Message; ?><br /><br /><?php
 } ?>
 
+
+<b class="yellow">Accounts</b><br />
+You are on your <?php echo $AccountLabels[0]; ?> account.
+<a href="<?php echo $SwitchAccountHREF; ?>">[Switch to <?php echo $AccountLabels[1]; ?>]</a>
+<br /><br />
+
 <a href="<?php echo $ThisAccount->getUserRankingHREF(); ?>"><b class="yellow">Rankings</b></a>
 <br />You are ranked as <?php $this->doAn($ThisAccount->getRankName()); ?> <span style="font-size:125%;color:greenyellow;"><?php echo $UserRankName ?></span> player.<br /><br />
 
@@ -133,4 +139,4 @@
 	else {
 		?><p>There are no previous games.</p><?php
 	} ?>
-</div>
+</div>

templates/Default/engine/Default/switch_account_create.php

@@ -0,0 +1,49 @@
+<h2>Create New Multi Account</h2>
+<p>All players are allowed a second ("multi") account in addition to their
+primary ("main") account. It is created only through this interface, so
+<b>DO NOT</b> create a second login!</p>
+
+<p>There are very specific rules about how you can use you multi account.
+<a href='https://wiki.smrealms.de/rules' target="_blank" style='font-weight:bold;'>Click HERE</a> for more information.</p>
+
+<p>If you have an existing multi account, please link it below instead of
+creating a new one.</p>
+
+<div class="buttonA">
+	<a class="buttonA" href="<?php echo $CreateHREF; ?>">Create Multi</a>
+</div>
+<br /><br /><br />
+
+<h2>Link Existing Multi Account</h2>
+
+<p>If you are logged in on an existing multi account, <b>DO NOT CONTINUE</b>.
+Instead, please log into your main account and link your multi account from
+there.</p>
+
+<p><span class="bold red">WARNING</span>: When you do this, your multi login
+will be deleted. This action cannot be undone! However, your multi account
+data will then be associated as the multi of the account you are currently
+logged in as.</p>
+
+<p>If you are at all unsure how to procede, please contact an admin for
+assistance.</p>
+
+<form id="LinkOldAccountForm" method="POST" action="<?php echo $LinkHREF; ?>">
+	<table>
+		<tr>
+			<th colspan="2">Enter Existing Account Credentials</th>
+		</tr>
+		<tr>
+			<td>Login:</td>
+			<td><input type="text" name="multi_account_login"/></td>
+		</tr>
+		<tr>
+			<td>Password:</td>
+			<td><input type="password" name="multi_account_password"/></td>
+		</tr>
+		<tr>
+			<td></td>
+			<td><input type="submit" name="action" value="Link Account" id="InputFields" /></td>
+		</tr>
+	</table>
+</form>