function toggleLogin()
{
    global $DB;
    global $MySelf;
    global $IS_DEMO;
    if ($IS_DEMO) {
        makeNotice("The user would have been changed. (Operation canceled due to demo site restrictions.)", "notice", "Password change confirmed");
    }
    // Are we allowed to Manage Users?
    if (!$MySelf->canManageUser()) {
        makeNotice("You are not allowed to edit Users!", "error", "forbidden");
    }
    if ($MySelf->getID() == $_GET[id]) {
        makeNotice("You are not allowed to block yourself!", "error", "forbidden");
    }
    // Wash ID.
    numericCheck($_GET[id]);
    $ID = sanitize($_GET[id]);
    // update login capability.
    $DB->query("UPDATE users SET canLogin=1 XOR canLogin WHERE id='" . $ID . "' LIMIT 1");
    $username = idToUsername("{$ID}");
    $p = substr($username, 0, 1);
    // Return.
    header("Location: index.php?action=editusers&l={$p}");
}

function doPayout()
{
    // Um, yes.
    global $DB;
    global $TIMEMARK;
    global $MySelf;
    // Are we allowed to do this?
    if (!$MySelf->isAccountant()) {
        makeNotice("You are not an accountant to your corporation. Access denied.", "error", "Access denied");
    }
    // Get unpaid IDs.
    $IDS = $DB->query("SELECT DISTINCT request, amount, applicant FROM payoutRequests WHERE payoutTime IS NULL");
    // loop through all unpaid IDs.
    while ($ID = $IDS->fetchRow()) {
        // Check if we marked the id as "paid"
        if ($_POST[$ID[request]]) {
            // We did. Can user afford payment?
            //if (getCredits($ID[applicant]) >= $ID[amount]) {
            // Yes, he can!
            $transaction = new transaction($ID[applicant], 1, $ID[amount]);
            $transaction->setReason("payout request fulfilled");
            if ($transaction->commit()) {
                $DB->query("UPDATE payoutRequests SET payoutTime = '{$TIMEMARK}', banker='" . $MySelf->getID() . "' WHERE request='{$ID['request']}' LIMIT 1");
            }
            //}
        }
    }
    header("Location: index.php?action=payout");
}

function changeShipValue()
{
    // Import global Variables and the Database.
    global $DB;
    global $SHIPTYPES;
    global $DBSHIP;
    global $TIMEMARK;
    global $MySelf;
    // Are we allowed to change this?
    if (!$MySelf->canChangeOre()) {
        makeNotice("You are not allowed to fiddle around in there!", "error", "forbidden");
    }
    // Lets set the userID(!)
    $userID = $MySelf->getID();
    // Insert the new ship values into the database.
    $DB->query("insert into shipvalues (modifier, time) values (?,?)", array("{$userID}", "{$TIMEMARK}"));
    // Now loop through all possible oretypes.
    foreach ($DBSHIP as $SHIP) {
        // But check that the submited information is kosher.
        if (isset($_POST[$SHIP]) && is_numeric($_POST[$SHIP])) {
            // Write the new, updated values.
            $DB->query("UPDATE shipvalues SET " . $SHIP . "Value= '" . number_format($_POST[$SHIP] / 100, 4) . "' WHERE time = '{$TIMEMARK}'");
            // Enable or disable the shiptype.
            if ($_POST[$SHIP . Enabled]) {
                $DB->query("UPDATE shipconfig SET value = '1' where name='" . $SHIP . "Enabled' ");
            } else {
                $DB->query("UPDATE shipconfig SET value = '0' where name='" . $SHIP . "Enabled' ");
            }
        }
    }
    // Let the user know.
    makeNotice("The payout values for ships have been changed.", "notice", "New data accepted.", "index.php?action=showshipvalue", "[OK]");
}

function lotto_checkRatio($drawing)
{
    // We need some globals.
    global $DB;
    global $MySelf;
    $LOTTO_MAX_PERCENT = getConfig("lottoPercent");
    if (!getConfig("lotto")) {
        makeNotice("Your CEO disabled the Lotto module, request denied.", "warning", "Lotto Module Offline");
    }
    // Drawing ID valid?
    numericCheck($drawing);
    // Get current occupied tickets in the playa's name.
    $totalPlayerOwned = $DB->getCol("SELECT COUNT(id) FROM lotteryTickets WHERE owner='" . $MySelf->getID() . "' AND drawing='" . $drawing . "'");
    $totalPlayerOwned = $totalPlayerOwned[0];
    // Get total number of tickets.
    $totalTickets = $DB->getCol("SELECT COUNT(id) FROM lotteryTickets WHERE drawing='" . $drawing . "'");
    $totalTickets = $totalTickets[0];
    // Is there actually a limit requested?
    if (!$LOTTO_MAX_PERCENT) {
        // The sky  is the limit!
        $allowedTickets = $totalTickets;
    } else {
        // Calculate max allowed tickets per person, ceil it.
        $allowedTickets = ceil($totalTickets * $LOTTO_MAX_PERCENT / 100);
    }
    // return allowed tickets.
    return $allowedTickets - $totalPlayerOwned;
}

function usernameToID($username, $caller)
{
    global $DB;
    global $MySelf;
    $username = sanitize($username);
    // Just return the self-id.
    if ($username == $MySelf->getUsername()) {
        return $MySelf->GetID();
    }
    // Ask the oracle.
    $results = $DB->query("select id from users where username='{$username}' limit 1");
    // Valid user?
    if ($results->numRows() == 0) {
        // Special case: User got wiped from the database while logged in.
        if ("{$caller}" == "authKeyIsValid") {
            return "-1";
        }
        if ("{$caller}" == "Failed_Login") {
            return "-1";
        }
        makeNotice("Internal Error: Invalid User at usernameToID<br>(called by {$caller})", "error");
    }
    // return the username.
    while ($row = $results->fetchRow()) {
        return "{$row['id']}";
    }
}

function joinEvent()
{
    // Lets import some globals, why not.
    global $MySelf;
    global $DB;
    $ID = $MySelf->getID();
    // Are we allowed to be here?
    if (!$MySelf->canSeeEvents()) {
        makeNotice("You are not allowed to do this!", "error", "Forbidden");
    }
    // Is the ID safe?
    if (!is_numeric($_GET[id]) || $_GET[id] < 0) {
        makeNotice("Invalid ID given!", "error", "Invalid Data");
    }
    // Get the current list of members.
    $JOINS = $DB->getCol("SELECT signups FROM events WHERE id='{$_GET['id']}'");
    $JOINS = unserialize($JOINS[0]);
    // Add this ones ship.
    $JOINS[$ID] = sanitize($_GET[type]);
    // And store it back into the db.
    $p = $DB->query("UPDATE events SET signups = '" . serialize($JOINS) . "' WHERE ID='{$_GET['id']}' LIMIT 1");
    // Inform the user.
    if ($_GET[type] != "quit") {
        makeNotice("You have joined Event #{$_GET['id']}. Have fun, and dont be late!", "notice", "Joinup complete.", "index.php?action=showevent&id={$_GET['id']}", "[OK]");
    } else {
        makeNotice("You have left Event #{$_GET['id']}.", "notice", "Left Event", "index.php?action=showevent&id={$_GET['id']}", "[OK]");
    }
}

function toggleCharity()
{
    // Some globals required.
    global $DB;
    global $MySelf;
    // Sanitize!
    $ID = sanitize($_GET[id]);
    // Mining run still open?
    if (!miningRunOpen($ID)) {
        makeNotice("You can not set the charity flag on closed operations!", "warning", "Failed", "index.php?action=show&id={$ID}", "[Cancel]");
    }
    // update the flags
    $DB->query("UPDATE joinups SET charity=1 XOR charity WHERE userid='" . $MySelf->getID() . "' AND parted IS NULL AND run='" . $_GET[id] . "' LIMIT 1");
    // Check is we were successful.
    if ($DB->affectedRows() == 1) {
        // Load the new charity status.
        $newMode = $DB->getCol("SELECT charity FROM joinups WHERE userid='" . $MySelf->getID() . "' AND parted IS NULL AND run='" . $_GET[id] . "' LIMIT 1");
        if ($newMode[0]) {
            // He is now a volunteer.
            makeNotice("You have volunteered to waive your payout, and dontate it to your corporation. Thank you!", "notice", "Charity accepted", "index.php?action=show&id=" . $_GET[id]);
            header("Location: index.php?action=show&id=" . $_GET[id]);
        } else {
            // He is no longer a volunteer.
            makeNotice("You have revoked your waiver, you will recieve ISK for this run again.", "notice", "Charity revokation accepted", "index.php?action=show&id=" . $_GET[id]);
            header("Location: index.php?action=show&id=" . $_GET[id]);
        }
    } else {
        // Something went wrong with the database!
        makeNotice("Unable to set the charity flag!", "error", "Internal Error", "index.php?action=show&id=" . $_GET[id]);
    }
}

function makeAddUserForm()
{
    // Are we allowed to?
    global $MySelf;
    if (!$MySelf->canAddUser()) {
        makeNotice("You are not authorized to do that!", "error", "Forbidden");
    }
    // Suggest a user password.
    $suggestedPassword = crypt(base64_encode(rand(11111, 99999)), "8ewf7tg2k,leduj");
    $table = new table(2, true);
    $table->addHeader(">> Add a new user");
    $table->addRow("#060622");
    $table->addCol("You can manually add a new user with this form. But use this only " . "as a last resort, for example, if your server can not send eMails. " . "Always let the user request an account. This form was supposed to be " . "removed, but complains from the users kept it alive.", array("colspan" => 2));
    $table->addRow();
    $table->addCol("Username:");
    $table->addCol("<input type=\"text\" name=\"username\" maxlength=\"20\">");
    $table->addRow();
    $table->addCol("eMail:");
    $table->addCol("<input type=\"text\" name=\"email\">");
    $table->addRow();
    $table->addCol("Password:");
    $table->addCol("<input type=\"password\" name=\"pass1\" value=\"{$suggestedPassword}\"> (Suggested: {$suggestedPassword})");
    $table->addRow();
    $table->addCol("Verify Password:");
    $table->addCol("<input type=\"password\" name=\"pass2\" value=\"{$suggestedPassword}\">");
    $table->addHeaderCentered("<input type=\"submit\" name=\"create\" value=\"Add user to database\">");
    $page = "<h2>Add a new User</h2>";
    $page .= "<form action=\"index.php\" method=\"post\">";
    $page .= $table->flush();
    $page .= "<input type=\"hidden\" name=\"action\" value=\"newuser\">";
    $page .= "<input type=\"hidden\" name=\"check\" value=\"check\">";
    $page .= "</form>";
    return $page;
}

function lotto_createDrawing()
{
    // The usual susglobals. ;)
    global $DB;
    global $MySelf;
    global $TIMEMARK;
    $count = $_POST[count];
    // is Lotto enabled at all?
    if (!getConfig("lotto")) {
        makeNotice("Your CEO disabled the Lotto module, request denied.", "warning", "Lotto Module Offline");
    }
    // Deny access to non-lotto-officials.
    if (!$MySelf->isLottoOfficial()) {
        makeNotice("You are not allowed to do this!", "error", "Permission denied");
    }
    // We only allow boards greater 1 ticket.
    if (!is_numeric($count) && $count < 1) {
        makeNotice("Invalid count for the new drawing!", "error", "Invaid Count", "index.php?action=editLotto", "[Cancel]");
    }
    // Is there already a drawing opened?
    if (lotto_getOpenDrawing()) {
        makeNotice("You can only have one drawing open at the same time!", "error", "Close other drawing", "index.php?action=editLotto", "[Cancel]");
    }
    $DB->query("INSERT INTO lotto (opened,isOpen) VALUES (?,?)", array($TIMEMARK, "1"));
    if ($DB->affectedRows() != 1) {
        makeNotice("Error creating new drawing in database! Inform admin!", "error", "Internal Error", "index.php?action=editLotto", "[Cancel]");
    }
    // Which ID are we now?
    $drawing = lotto_getOpenDrawing();
    // insert tickets!
    for ($i = 1; $i <= $_POST[count]; $i++) {
        $DB->query("INSERT INTO lotteryTickets (ticket, drawing) VALUES ('{$i}', '{$drawing}')");
    }
    makeNotice("Drawing created, have fun!", "notice", "Here you go.", "index.php?action=lotto", "lotto! LOTTO!");
}

function leaveRun()
{
    // Access the globals.
    global $DB;
    global $TIMEMARK;
    global $MySelf;
    $runid = $_GET[id];
    $userid = $MySelf->getID();
    // Are we actually still in this run?
    if (userInRun($userid, $runid) == "none") {
        makeNotice("You can not leave a run you are currently not a part of.", "warning", "Not you run.", "index.php?action=show&id={$runid}", "[cancel]");
    }
    // Is $runid truly an integer?
    numericCheck($runid);
    // Oh yeah?
    if (runIsLocked($runid)) {
        confirm("Do you really want to leave mining operation #{$runid} ?<br><br>Careful: This operation has been locked by " . runSupervisor($runid, true) . ". You can not rejoin the operation unless its unlocked again.");
    } else {
        confirm("Do you really want to leave mining operation #{$runid} ?");
    }
    // Did the run start yet? If not, delete the request.
    $runStart = $DB->getCol("SELECT starttime FROM runs WHERE id='{$runid}' LIMIT 1");
    if ($TIMEMARK < $runStart[0]) {
        // Event not started yet. Delete.
        $DB->query("DELETE FROM joinups WHERE run='{$runid}' AND userid='{$userid}'");
    } else {
        // Event started, just mark inactive.
        $DB->query("update joinups set parted = '{$TIMEMARK}' where run = '{$runid}' and userid = '{$userid}' and parted IS NULL");
    }
    makeNotice("You have left the run.", "notice", "You left the Op.", "index.php?action=show&id={$runid}", "[OK]");
}

function idToUsername($id, $authID = false)
{
    // Need to access some globals.
    global $DB;
    // $id must be numeric.
    numericCheck("{$id}");
    // Is it -1 ? (Self-added)
    if ("{$id}" == "-1") {
        return "-self-";
    }
    // Ask the oracle.
    if (!$authID) {
        $results = $DB->query("select username from users where id='{$id}' limit 1");
    } else {
        $results = $DB->query("select username from users where authID='{$id}' order by authPrimary desc, id desc limit 1");
    }
    // Valid user?
    if ($results->numRows() == 0) {
        return "no one";
        makeNotice("Internal Error: Invalid User at idToUsername", "error");
    }
    // return the username.
    while ($row = $results->fetchRow()) {
        return $row['username'];
    }
}

function editRanks()
{
    // Doh, globals!
    global $MySelf;
    global $DB;
    // Are we allowed to do this?
    if (!$MySelf->canEditRank()) {
        makeNotice("You do not have sufficient rights to access this page.", "warning", "Access denied");
    }
    // Get all unique rank IDS.
    $ranks = $DB->query("SELECT DISTINCT rankid FROM ranks");
    // Edit each one at a time.
    while ($rankID = $ranks->fetchRow()) {
        $ID = $rankID[rankid];
        if (isset($_POST["title_" . $ID . "_name"])) {
            // Cleanup
            $name = sanitize($_POST["title_" . $ID . "_name"]);
            numericCheck($_POST["order_" . $ID], 0);
            $order = $_POST["order_" . $ID];
            // Update the Database.
            $DB->query("UPDATE ranks SET name='" . $name . "', rankOrder='" . $order . "' WHERE rankid='" . $ID . "' LIMIT 1");
        }
    }
    header("Location: index.php?action=showranks");
}

function deleteRun()
{
    // We need some globals.
    global $DB;
    global $MySelf;
    global $READONLY;
    // Are we allowed to delete runs?
    if (!$MySelf->canDeleteRun() || $READONLY) {
        makeNotice("You are not allowed to delete runs!", "error", "forbidden");
    }
    // Set the ID.
    $ID = sanitize("{$_GET['id']}");
    if (!is_numeric($ID) || $ID < 0) {
        makeNotice("Invalid ID passed to deleteRun!", "error");
    }
    // Are we sure?
    confirm("Do you really want to delete run #{$ID} ?");
    // Get the run in question.
    $run = $DB->getRow("SELECT * FROM runs WHERE id = '{$ID}' LIMIT 1");
    // is it closed?
    if ("{$run['endtime']}" < "0") {
        makeNotice("You can only delete closed runs!", "error", "Deletion canceled", "index.php?action=list", "[cancel]");
    }
    // delete it.
    $DB->query("DELETE FROM runs WHERE id ='{$ID}'");
    // Also delete all hauls.
    $DB->query("DELETE FROM hauled WHERE miningrun='{$ID}'");
    // And joinups.
    $DB->query("DELETE FROM joinups WHERE runid='{$ID}'");
    makeNotice("The Miningrun Nr. #{$ID} has been deleted from the database and all associated hauls as well.", "notice", "Mining Operation deleted", "index.php?action=list", "[OK]");
}

function numericCheckBool($num, $min = false, $max = false)
{
    // Is the number numeric?
    if (!is_numeric($num)) {
        $BT = nl2br(print_r(debug_backtrace(), true));
        makeNotice("Security related abortion.<br>\"{$num}\" is not an integer, but rather of type " . gettype($num) . ".<br><br><b>Backtrace:<br>{$BT}", "error");
    }
    // Do we want to check against specific minimal and maximal values?
    if (is_numeric($min) && is_numeric($max)) {
        // We do! Compare.
        if ($num >= $min && $num <= $max) {
            return true;
        } else {
            return false;
        }
    }
    // Compare only to a min value
    if (is_numeric($min) && !is_numeric($max)) {
        if ($num >= $min) {
            return true;
        } else {
            return false;
        }
    }
    // only check for numeric. But we did that earlier, sooo....
    return true;
}

function deleteEvent()
{
    // is the events module active?
    if (!getConfig("events")) {
        makeNotice("The admin has deactivated the events module.", "warning", "Module not active");
    }
    // Import the globals, as usual.
    global $DB;
    global $MySelf;
    // Are we allowed to be here?
    if (!$MySelf->canDeleteEvents()) {
        makeNotice("You are not allowed to do this!", "error", "Forbidden");
    }
    // Is the ID safe?
    if (!is_numeric($_GET[id]) || $_GET[id] < 0) {
        makeNotice("Invalid ID given!", "error", "Invalid Data");
    }
    // Does the user really want this?
    confirm("Are you sure you want to delete this event?");
    // Ok, then delete it.
    $DB->query("DELETE FROM events WHERE id = '{$_GET['id']}' LIMIT 1");
    if ($DB->affectedRows() == 1) {
        // Inform the people!
        // mailUser();
        makeNotice("The event has been deleted", "notice", "Event deleted", "index.php?action=showevents", "[OK]");
    } else {
        makeNotice("Could not delete the event from the database.", "error", "DB Error", "index.php?action=showevents", "[Cancel]");
    }
}

function changeEmail()
{
    global $SALT;
    global $DB;
    global $MySelf;
    // Are we allowed to change our email?
    if (!$MySelf->canChangeEmail()) {
        makeNotice("You are not allowed to change your email. Ask your CEO to re-enable this feature for your account.", "error", "Forbidden");
    }
    /*
     * At this point we know that the user who submited the
     * email change form is both legit and the form was not tampered
     * with. Proceed with the email-change.
     */
    // its easier on the eyes.
    $email = sanitize($_POST[email]);
    $username = $MySelf->getUsername();
    // Update the Database.
    global $IS_DEMO;
    if (!$IS_DEMO) {
        $DB->query("update users set email = '{$email}', emailvalid = '0' where username = '{$username}'");
        makeNotice("Your email information has been updated. Thank you for keeping your records straight!", "notice", "Information updated");
    } else {
        makeNotice("Your email would have been changed. (Operation canceled due to demo site restrictions.)", "notice", "Email change confirmed");
    }
}

function lotto_editLottery()
{
    // We need some globals
    global $MySelf;
    global $DB;
    $formDisable = "";
    if (lotto_getOpenDrawing()) {
        $formDisable = "disabled";
    }
    // is Lotto enabled at all?
    if (!getConfig("lotto")) {
        makeNotice("Your CEO disabled the Lotto module, request denied.", "warning", "Lotto Module Offline");
    }
    // Deny access to non-lotto-officials.
    if (!$MySelf->isLottoOfficial()) {
        makeNotice("You are not allowed to do this!", "error", "Permission denied");
    }
    $table = new table(2, true);
    $table->addHeader(">> Open new drawing");
    $table->addRow();
    $table->addCol("Number of tickets in draw:");
    $table->addCol("<input type=\"text\" name=\"count\" " . $formDisable . " value=\"30\">");
    //	$newLotto = new table (2);
    $table->addHeaderCentered("<input type=\"submit\" name=\"submit\" " . $formDisable . " value=\"open new drawing\">", array("bold" => true, "colspan" => 2));
    $html = "<h2>Lotto Administration</h2>";
    $html .= "<form action=\"index.php\" method=\"POST\">";
    $html .= "<input type=\"hidden\" name=\"check\" value=\"true\">";
    $html .= "<input type=\"hidden\" name=\"action\" value=\"createDrawing\">";
    $html .= $table->flush();
    $html .= "</form>";
    if (lotto_getOpenDrawing()) {
        $html .= "[<a href=\"index.php?action=drawLotto\">Draw Winner</a>]";
    }
    return $html;
}

function mailUser($mail, $subject, $group = null)
{
    // We need the Database to gather all the eMails.
    global $DB;
    global $MB_EMAIL;
    // We need something to mail around!
    if (empty($mail) || empty($subject)) {
        makeNotice("Nothing to send in mailUser()!", "error", "Internal Error");
    }
    // Get the eMail addresses. Only use emails that are opt-in and valid.
    global $IS_DEMO;
    if (!$IS_DEMO) {
        if ($group != null && $group != "") {
            $group = "AND `{$group}`='1'";
        }
        $EMAIL_DS = $DB->query("SELECT username, email FROM users WHERE optIn='1' AND emailValid='1' AND deleted='0' {$group}");
        // Do this for everyone that opt-ed in.
        while ($recipient = $EMAIL_DS->fetchRow()) {
            $copy = str_replace("{{USER}}", "{$recipient['username']}", $mail);
            $to = $recipient[email];
            $headers = "From:" . $MB_EMAIL;
            mail($to, $subject, $copy, $headers);
        }
    }
}

function lotto_claimTicket()
{
    global $DB;
    global $MySelf;
    $LOTTO_MAX_PERCENT = getConfig("lottoPercent");
    if (!getConfig("lotto")) {
        makeNotice("Your CEO disabled the Lotto module, request denied.", "warning", "Lotto Module Offline");
    }
    // Only people with parents consent may play!
    if (!$MySelf->canPlayLotto()) {
        makeNotice("Im sorry, but you are not allowed to play Lotto. " . "Ask your CEO or a friendly Director to enable this for you.", "warning", "Unable to play :(");
    }
    // Ticket ID sane?
    numericCheck($_GET[ticket], 0);
    $ticket = $_GET[ticket];
    // Get the drawing ID.
    $drawing = lotto_getOpenDrawing();
    // Get my credits
    $MyStuff = $DB->getRow("SELECT lottoCredit, lottoCreditsSpent FROM users WHERE id='" . $MySelf->getID() . "'");
    $Credits = $MyStuff[lottoCredit];
    $CreditsSpent = $MyStuff[lottoCreditsSpent];
    // Are we broke?
    if ($Credits < 1) {
        makeNotice("You can not afford the ticket, go get more credits!", "warning", "You're broke!'", "index.php?action=lotto", "[ashamed]");
    }
    // Now check if we bust it.
    $myTickets = lotto_checkRatio($drawing);
    if ($myTickets <= 0) {
        makeNotice("You are already owning the maximum allowed tickets!", "warning", "Exceeded ticket ratio!", "index.php?action=lotto", "[Cancel]");
    }
    // Deduct credit from account.
    $newcount = $Credits - 1;
    $DB->query("UPDATE users SET lottoCredit='{$newcount}' WHERE id='" . $MySelf->getID() . "' LIMIT 1");
    if ($DB->affectedRows() != 1) {
        makeNotice("Internal Error: Problem with your bank account... :(", "error", "Internal Error", "index.php?action=lotto", "[Cancel]");
    }
    // Add to "Spent".
    $spent = $CreditsSpent + 1;
    $DB->query("UPDATE users SET lottoCreditsSpent='{$spent}' WHERE id='" . $MySelf->getID() . "' LIMIT 1");
    if ($DB->affectedRows() != 1) {
        makeNotice("Internal Error: Problem with your bank account... :(", "error", "Internal Error", "index.php?action=lotto", "[Cancel]");
    }
    // Lets check that the ticket is still unclaimed.
    $Ticket = $DB->getCol("SELECT owner FROM lotteryTickets WHERE ticket='{$ticket}' AND drawing='{$drawing}'");
    if ($Ticket[0] >= 0) {
        makeNotice("Im sorry, but someone else was faster that you and already claimed that ticket.", "warning", "Its gone, Jim!", "index.php?action=lotto", "[Damn!]");
    }
    // Give him the ticket.
    $DB->query("UPDATE lotteryTickets SET owner='" . $MySelf->getID() . "' WHERE ticket='{$ticket}' AND drawing='{$drawing}' LIMIT 1");
    if ($DB->affectedRows() == 1) {
        Header("Location: index.php?action=lotto");
    } else {
        makeNotice("Internal Error: Could not grant you the ticket :(", "error", "Internal Error", "index.php?action=lotto", "[Cancel]");
    }
}

function deleteAPIKey()
{
    global $MySelf;
    global $DB;
    if ($MySelf->canManageUser()) {
        numericCheck($_GET[id]);
        $api = new api($_GET[id]);
        $api->deleteApiKey();
        makeNotice("Api key for user " . ucfirst(idToUsername($_GET[id])) . " has been deleted from the database", "notice", "API deleted.", "index.php?action=edituser&id=" . $_GET[id], "[OK]");
    }
    makeNotice("You do not have permission to modify users.", "warning", "Access denied.");
}