function toggleLogin()
{
    global $DB;
    global $MySelf;
    global $IS_DEMO;
    if ($IS_DEMO) {
        makeNotice("The user would have been changed. (Operation canceled due to demo site restrictions.)", "notice", "Password change confirmed");
    }
    // Are we allowed to Manage Users?
    if (!$MySelf->canManageUser()) {
        makeNotice("You are not allowed to edit Users!", "error", "forbidden");
    }
    if ($MySelf->getID() == $_GET[id]) {
        makeNotice("You are not allowed to block yourself!", "error", "forbidden");
    }
    // Wash ID.
    numericCheck($_GET[id]);
    $ID = sanitize($_GET[id]);
    // update login capability.
    $DB->query("UPDATE users SET canLogin=1 XOR canLogin WHERE id='" . $ID . "' LIMIT 1");
    $username = idToUsername("{$ID}");
    $p = substr($username, 0, 1);
    // Return.
    header("Location: index.php?action=editusers&l={$p}");
}

function lotto_checkRatio($drawing)
{
    // We need some globals.
    global $DB;
    global $MySelf;
    $LOTTO_MAX_PERCENT = getConfig("lottoPercent");
    if (!getConfig("lotto")) {
        makeNotice("Your CEO disabled the Lotto module, request denied.", "warning", "Lotto Module Offline");
    }
    // Drawing ID valid?
    numericCheck($drawing);
    // Get current occupied tickets in the playa's name.
    $totalPlayerOwned = $DB->getCol("SELECT COUNT(id) FROM lotteryTickets WHERE owner='" . $MySelf->getID() . "' AND drawing='" . $drawing . "'");
    $totalPlayerOwned = $totalPlayerOwned[0];
    // Get total number of tickets.
    $totalTickets = $DB->getCol("SELECT COUNT(id) FROM lotteryTickets WHERE drawing='" . $drawing . "'");
    $totalTickets = $totalTickets[0];
    // Is there actually a limit requested?
    if (!$LOTTO_MAX_PERCENT) {
        // The sky  is the limit!
        $allowedTickets = $totalTickets;
    } else {
        // Calculate max allowed tickets per person, ceil it.
        $allowedTickets = ceil($totalTickets * $LOTTO_MAX_PERCENT / 100);
    }
    // return allowed tickets.
    return $allowedTickets - $totalPlayerOwned;
}

function getCredits($id)
{
    numericCheck($id, -1);
    global $DB;
    $credits = $DB->getCol("SELECT SUM(amount) FROM transactions WHERE owner='{$id}' LIMIT 1");
    return $credits[0];
}

function editRanks()
{
    // Doh, globals!
    global $MySelf;
    global $DB;
    // Are we allowed to do this?
    if (!$MySelf->canEditRank()) {
        makeNotice("You do not have sufficient rights to access this page.", "warning", "Access denied");
    }
    // Get all unique rank IDS.
    $ranks = $DB->query("SELECT DISTINCT rankid FROM ranks");
    // Edit each one at a time.
    while ($rankID = $ranks->fetchRow()) {
        $ID = $rankID[rankid];
        if (isset($_POST["title_" . $ID . "_name"])) {
            // Cleanup
            $name = sanitize($_POST["title_" . $ID . "_name"]);
            numericCheck($_POST["order_" . $ID], 0);
            $order = $_POST["order_" . $ID];
            // Update the Database.
            $DB->query("UPDATE ranks SET name='" . $name . "', rankOrder='" . $order . "' WHERE rankid='" . $ID . "' LIMIT 1");
        }
    }
    header("Location: index.php?action=showranks");
}

function leaveRun()
{
    // Access the globals.
    global $DB;
    global $TIMEMARK;
    global $MySelf;
    $runid = $_GET[id];
    $userid = $MySelf->getID();
    // Are we actually still in this run?
    if (userInRun($userid, $runid) == "none") {
        makeNotice("You can not leave a run you are currently not a part of.", "warning", "Not you run.", "index.php?action=show&id={$runid}", "[cancel]");
    }
    // Is $runid truly an integer?
    numericCheck($runid);
    // Oh yeah?
    if (runIsLocked($runid)) {
        confirm("Do you really want to leave mining operation #{$runid} ?<br><br>Careful: This operation has been locked by " . runSupervisor($runid, true) . ". You can not rejoin the operation unless its unlocked again.");
    } else {
        confirm("Do you really want to leave mining operation #{$runid} ?");
    }
    // Did the run start yet? If not, delete the request.
    $runStart = $DB->getCol("SELECT starttime FROM runs WHERE id='{$runid}' LIMIT 1");
    if ($TIMEMARK < $runStart[0]) {
        // Event not started yet. Delete.
        $DB->query("DELETE FROM joinups WHERE run='{$runid}' AND userid='{$userid}'");
    } else {
        // Event started, just mark inactive.
        $DB->query("update joinups set parted = '{$TIMEMARK}' where run = '{$runid}' and userid = '{$userid}' and parted IS NULL");
    }
    makeNotice("You have left the run.", "notice", "You left the Op.", "index.php?action=show&id={$runid}", "[OK]");
}

function idToUsername($id, $authID = false)
{
    // Need to access some globals.
    global $DB;
    // $id must be numeric.
    numericCheck("{$id}");
    // Is it -1 ? (Self-added)
    if ("{$id}" == "-1") {
        return "-self-";
    }
    // Ask the oracle.
    if (!$authID) {
        $results = $DB->query("select username from users where id='{$id}' limit 1");
    } else {
        $results = $DB->query("select username from users where authID='{$id}' order by authPrimary desc, id desc limit 1");
    }
    // Valid user?
    if ($results->numRows() == 0) {
        return "no one";
        makeNotice("Internal Error: Invalid User at idToUsername", "error");
    }
    // return the username.
    while ($row = $results->fetchRow()) {
        return $row['username'];
    }
}

function userInRun($username, $run = "check")
{
    // Get / Set important variables.
    global $DB;
    // If username is given, convert to ID.
    if (!is_numeric($username)) {
        $userID = usernameToID($username, "userInRun");
    } else {
        $userID = $username;
    }
    // Is $run truly an integer?
    if ($run != "check") {
        // We want to know wether user is in run X.
        numericCheck($run);
    } else {
        // We want to know if user is in any run, and if so, in which one.
        $results = $DB->getCol("select run from joinups where userid = '{$userID}' and parted is NULL limit 1");
        // Return false if in no run, else ID of runNr.
        if ($results == null) {
            return false;
        } else {
            return $results[0];
        }
    }
    // Query the database and return wether he is in run X or not.
    $results = $DB->query("select joined from joinups where userid in (select id from users where authID in (select distinct authID from users where id = '{$userID}')) and run = '{$run}' and parted is NULL limit 1");
    if ($results->numRows() == 0) {
        return "none";
    } else {
        while ($row = $results->fetchRow()) {
            return $row[joined];
        }
    }
}

 public function __construct($ID)
 {
     // Link the DB.
     global $DB;
     $this->DB =& $DB;
     // Link the MySelf object.
     global $MySelf;
     $this->MySelf =& $MySelf;
     // Set the ID.
     $this->ID = sanitize($ID);
     numericCheck($this->ID, 0);
     // Set the picture links.
     $this->setImageLinks();
     // Load the profile.
     $this->getProfileDB();
     // is it out own profile?
     if ($MySelf->getID() == $this->ID) {
         $this->isOwn = true;
     }
     // Set some vars.
     $this->minerFlag = $this->profileDB[isMiner];
     $this->haulerFlag = $this->profileDB[isHauler];
     $this->fighterFlag = $this->profileDB[isFighter];
     $this->emailVisible = $this->profileDB[emailVisible];
     $this->about = $this->profileDB[about];
 }

function getTotalHaulRuns($run)
{
    global $DB;
    // Is $run truly an integer?
    numericCheck($run);
    // Query the oracle.
    $result = $DB->query("select * from hauled where miningrun = '{$run}'");
    // Now return the results.
    return $result->numRows();
}

function lotto_claimTicket()
{
    global $DB;
    global $MySelf;
    $LOTTO_MAX_PERCENT = getConfig("lottoPercent");
    if (!getConfig("lotto")) {
        makeNotice("Your CEO disabled the Lotto module, request denied.", "warning", "Lotto Module Offline");
    }
    // Only people with parents consent may play!
    if (!$MySelf->canPlayLotto()) {
        makeNotice("Im sorry, but you are not allowed to play Lotto. " . "Ask your CEO or a friendly Director to enable this for you.", "warning", "Unable to play :(");
    }
    // Ticket ID sane?
    numericCheck($_GET[ticket], 0);
    $ticket = $_GET[ticket];
    // Get the drawing ID.
    $drawing = lotto_getOpenDrawing();
    // Get my credits
    $MyStuff = $DB->getRow("SELECT lottoCredit, lottoCreditsSpent FROM users WHERE id='" . $MySelf->getID() . "'");
    $Credits = $MyStuff[lottoCredit];
    $CreditsSpent = $MyStuff[lottoCreditsSpent];
    // Are we broke?
    if ($Credits < 1) {
        makeNotice("You can not afford the ticket, go get more credits!", "warning", "You're broke!'", "index.php?action=lotto", "[ashamed]");
    }
    // Now check if we bust it.
    $myTickets = lotto_checkRatio($drawing);
    if ($myTickets <= 0) {
        makeNotice("You are already owning the maximum allowed tickets!", "warning", "Exceeded ticket ratio!", "index.php?action=lotto", "[Cancel]");
    }
    // Deduct credit from account.
    $newcount = $Credits - 1;
    $DB->query("UPDATE users SET lottoCredit='{$newcount}' WHERE id='" . $MySelf->getID() . "' LIMIT 1");
    if ($DB->affectedRows() != 1) {
        makeNotice("Internal Error: Problem with your bank account... :(", "error", "Internal Error", "index.php?action=lotto", "[Cancel]");
    }
    // Add to "Spent".
    $spent = $CreditsSpent + 1;
    $DB->query("UPDATE users SET lottoCreditsSpent='{$spent}' WHERE id='" . $MySelf->getID() . "' LIMIT 1");
    if ($DB->affectedRows() != 1) {
        makeNotice("Internal Error: Problem with your bank account... :(", "error", "Internal Error", "index.php?action=lotto", "[Cancel]");
    }
    // Lets check that the ticket is still unclaimed.
    $Ticket = $DB->getCol("SELECT owner FROM lotteryTickets WHERE ticket='{$ticket}' AND drawing='{$drawing}'");
    if ($Ticket[0] >= 0) {
        makeNotice("Im sorry, but someone else was faster that you and already claimed that ticket.", "warning", "Its gone, Jim!", "index.php?action=lotto", "[Damn!]");
    }
    // Give him the ticket.
    $DB->query("UPDATE lotteryTickets SET owner='" . $MySelf->getID() . "' WHERE ticket='{$ticket}' AND drawing='{$drawing}' LIMIT 1");
    if ($DB->affectedRows() == 1) {
        Header("Location: index.php?action=lotto");
    } else {
        makeNotice("Internal Error: Could not grant you the ticket :(", "error", "Internal Error", "index.php?action=lotto", "[Cancel]");
    }
}

function calcTMEC($runID, $force = false)
{
    // We need the database.
    global $DB;
    // Check RunID for validity.
    numericCheck($runID, "0");
    if (!$force) {
        // Try to load a current TMEC.
        $TMEC = $DB->getCol("SELECT tmec FROM runs WHERE id='" . $runID . "'");
        $TMEC = $TMEC[0];
        // Got one, return that.
        if ($TMEC > 0) {
            return $TMEC;
        }
    }
    // Calculate how long the op lasted.
    $times = $DB->query("SELECT * FROM runs WHERE id=" . $runID . " LIMIT 1");
    // Check that the run exists.
    if ($times->numRows() != 1) {
        // Doesnt. good thing we checked.
        return "0";
    }
    $run = $times->fetchRow();
    if ($run['optype'] == "PI") {
        return "0";
    }
    // check that the endtime is valid.
    if ($run['endtime'] == 0) {
        // Run still ongoing, pretent it ends now.
        global $TIMEMARK;
        $endtime = $TIMEMARK;
    } else {
        // Use real endtime.
        $endtime = $run['endtime'];
    }
    // Calculate how many seconds the run lasted.
    $lasted = $endtime - $run['starttime'];
    // Get the total ISK mined by the run.
    $ISK = getTotalWorth($runID);
    // Load PlayerCount.
    $playerCount = $DB->getCol("SELECT COUNT(DISTINCT userid) FROM joinups WHERE run='" . $runID . "'");
    $playerCount = $playerCount[0];
    // Calculate the TMEC.
    $TMEC = $ISK / ($lasted / 60 / 60) / $playerCount / 1000000;
    // Only positive TMECS
    if ($TMEC < 0) {
        $TMEC = 0;
    }
    if (!$force) {
        // Store the TMEC in the database.
        $DB->query("UPDATE runs SET tmec ='" . $TMEC . "' WHERE id='" . $runID . "' LIMIT 1");
    }
    return number_format($TMEC, 3);
}

function getTotalRuntime($runid)
{
    // Get the globals, query the DB.
    global $DB;
    // Is $run truly an integer?
    numericCheck($runid);
    $result = $DB->query("select starttime, endtime from runs where id = '{$runid}'");
    // Return total run-seconds.
    while ($row = $result->fetchRow()) {
        return $row[endtime] - $row[starttime];
    }
}

function editTemplate()
{
    global $DB;
    global $MySelf;
    // Are we allowed to?
    if (!$MySelf->isAdmin()) {
        makeNotice("Only an Administator can edit the sites templates.", "warning", "Access denied");
    }
    // No Identifier, no service
    if ($_POST[check]) {
        // We got the returning form, edit it.
        numericCheck($_POST[id], 0);
        $ID = $_POST[id];
        // Fetch the current template, see that its there.
        $test = $DB->query("SELECT identifier FROM templates WHERE id='{$ID}' LIMIT 1");
        if ($test->numRows() == 1) {
            // We got the template
            $template = sanitize($_POST[template]);
            $DB->query("UPDATE templates SET template='" . $template . "' WHERE id='{$ID}' LIMIT 1");
            // Check for success
            if ($DB->affectedRows() == 1) {
                // Success!
                header("Location: index.php?action=edittemplate&id={$ID}");
            } else {
                // Fail!
                makeNotice("There was a problem updating the template in the database!", "error", "Internal Error", "index.php?action=edittemplate&id={$ID}", "Cancel");
            }
        } else {
            // There is no such template
            makeNotice("There is no such template in the database!", "error", "Invalid Template!", "index.php?action=edittemplate&id={$ID}", "Cancel");
        }
    } elseif (empty($_GET[id])) {
        // No returning form, no identifier.
        header("Location: index.php?action=configuration");
    } else {
        $ID = $_GET[id];
    }
    // numericheck!
    numericCheck($ID, 0);
    $temp = $DB->getCol("SELECT template FROM templates WHERE id='{$ID}' LIMIT 1");
    $table = new table(1, true);
    $table->addHeader(">> Edit template");
    $table->addRow();
    $table->addCol("<center><textarea name=\"template\" rows=\"30\" cols=\"60\">" . $temp[0] . "</textarea></center>");
    $table->addHeaderCentered("<input type=\"submit\" name=\"submit\" value=\"Edit Template\">");
    $form1 = "<form action=\"index.php\" method=\"POST\">";
    $form2 = "<input type=\"hidden\" name=\"check\" value=\"true\">";
    $form2 .= "<input type=\"hidden\" name=\"action\" value=\"editTemplate\">";
    $form2 .= "<input type=\"hidden\" name=\"id\" value=\"" . $ID . "\">";
    $form2 .= "</form>";
    $backlink = "<br><a href=\"index.php?action=configuration\">Back to configuration</a>";
    return "<h2>Edit the template</h2>" . $form1 . $table->flush() . $form2 . $backlink;
}

function getRank($ID)
{
    global $DB;
    numericCheck($ID, 0);
    $rankID = $DB->getCol("SELECT rank FROM users WHERE id='" . $ID . "' AND deleted='0'");
    if (is_numeric($rankID[0])) {
        $rank = resolveRankID($rankID[0]);
        return $rank;
    } else {
        return "No rank.";
    }
}

function deleteAPIKey()
{
    global $MySelf;
    global $DB;
    if ($MySelf->canManageUser()) {
        numericCheck($_GET[id]);
        $api = new api($_GET[id]);
        $api->deleteApiKey();
        makeNotice("Api key for user " . ucfirst(idToUsername($_GET[id])) . " has been deleted from the database", "notice", "API deleted.", "index.php?action=edituser&id=" . $_GET[id], "[OK]");
    }
    makeNotice("You do not have permission to modify users.", "warning", "Access denied.");
}

function resolveRankID($ID)
{
    global $DB;
    numericCheck($ID);
    $resolved = $DB->getCol("SELECT name FROM ranks WHERE rankid='{$ID}' LIMIT 1");
    $resolved = $resolved[0];
    if ($resolved == "") {
        return "-invalid rank-";
    } else {
        return $resolved;
    }
}

function miningRunOpen($run)
{
    global $DB;
    // Is $run truly an integer?
    numericCheck($run);
    // Query the oracle.
    $result = $DB->query("select id from runs where endtime is NULL and id = '{$run}' limit 1");
    if ($result->numRows() > 0) {
        return true;
    } else {
        return false;
    }
}

function getLocationOfRun($id)
{
    // We need the database access.
    global $DB;
    // Is the ID a number and greater (or euqal) zero?
    numericCheck($id, 0);
    //	if (!numericCheck($id, 0)) {
    //		makeNotice("Internal Error: getLocationOfRun called with negative ID.", "error", "Internal Error");
    //	}
    // Compact: Query, sort and return.
    $loc = $DB->getCol("SELECT location FROM runs WHERE id = '{$id}'");
    return $loc[0];
}

function createTransaction()
{
    // We need globals.
    global $DB;
    global $MySelf;
    global $TIMEMARK;
    // Are we allowed to poke in here?
    if (!$MySelf->isAccountant()) {
        makeNotice("Umm, you are not allowed to do this. Really. You are not.", "warning", "You are not supposed to be here");
    }
    // Check the ints.
    numericCheck($_POST[wod], 0, 1);
    numericCheck($_POST[amount], 0);
    numericCheck($_POST[id], 0);
    // Its easier on the eyes.
    $type = $_POST[wod];
    $amount = $_POST[amount];
    $id = $_POST[id];
    $username = idToUsername($id);
    // invert the amount if we have a withdrawal.
    if ($_POST[wod] == 1) {
        $dir = "withdrawed";
        $dir2 = "from";
        $hisMoney = getCredits($id);
        if ($hisMoney < $amount) {
            $ayee = $hisMoney - $amount;
            confirm("WARNING:<br>{$username} can NOT afford this withdrawal. If you choose to " . "authorize this transaction anyway his account will be at " . number_format($ayee, 2) . " ISK.");
        }
    } else {
        $amount = $_POST[amount];
        $dir = "deposited";
        $dir2 = "into";
    }
    // We use custom reason, if set.
    if ($_POST[reason2] != "") {
        $reason = sanitize($_POST[reason2]);
    } else {
        $reason = sanitize($_POST[reason1]);
    }
    // Create transaction.
    $transaction = new transaction($id, $type, $amount);
    $transaction->setReason($reason);
    // Success?
    if (!$transaction->commit()) {
        // Nope :(
        makeNotice("Unable to create transaction. Danger, Will Robinson, DANGER!", "error", "Internal Error", "index.php?action=edituser&id={$id}", "[Back]");
    } else {
        // Success !
        makeNotice("You successfully {$dir} {$amount} ISK {$dir2} " . $username . "'s account.", "notice", "Transaction complete", "index.php?action=edituser&id={$id}", "[Ok]");
    }
}

function quickConfirm()
{
    global $DB;
    global $MySelf;
    if ($MySelf->canManageUser() == false) {
        makeNotice("You are not allowed to do this!", "error", "Forbidden");
    }
    $ID = sanitize($_GET[id]);
    numericCheck($ID);
    $DB->query("UPDATE users SET confirmed='1' WHERE id='" . $ID . "'");
    $userDS = $DB->query("SELECT * FROM users WHERE id='{$ID}' LIMIT 1");
    $user = $userDS->fetchRow();
    lostPassword($user[username]);
    header("Location: index.php?action=editusers&newusers=true");
    die;
}