function AddNewRole($var)
{
global $tbl_db_info;
$Conn = mysql_connect($tbl_db_info[0], $tbl_db_info[1], $tbl_db_info[2]);
mysql_select_db($tbl_db_info[3], $Conn);
$ret = "";
$rid = intval($var["roleid"]);
$uid = intval($var["userid"]);
$sex = intval($var["sex"]);
$camp = intval($var["camp"]);
$class = intval($var["class"]);
$serv_id = intval($var["serv_id"]);
$rolename = mysql_escape_string($var["rolename"]);
$qs = "select distinct us_uId from tbl_char c, tbl_char_static cs where cs.cs_uId = c.cs_uId and c_sName = '{$rolename}' or c_sNameFormer = '{$rolename}'";
$result = mysql_query($qs);
while ($row = mysql_fetch_row($result)) {
if ($row[0] != $uid) {
$ret = "400";
return;
}
}
$qs = "insert into tbl_char_static set cs_uId = '{$rid}',\nus_uId='{$uid}', cs_uSex='{$sex}', cs_uClass='{$class}', cs_uCamp='{$camp}', cs_dtCreateDate=now(), cs_uServerId='{$serv_id}'";
mysql_query($qs);
$qs = "insert into tbl_char set cs_uId = '{$rid}', c_sName='{$rolename}', c_sNameFormer=''";
mysql_query($qs);
LogAction("AddNewRole({$rid}, {$username}, {$uid}, {$sex}, {$class}, {$camp})", $serv_id);
$ret = "200";
header("Content-type: text/html; charset=utf-8");
header("Content-Length:" . strlen($ret));
print $ret;
}
function AddNewUser($var)
{
global $tbl_db_info;
$Conn = mysql_connect($tbl_db_info[0], $tbl_db_info[1], $tbl_db_info[2]);
mysql_select_db($tbl_db_info[3], $Conn);
$ret = "";
$username = $var["username"];
$userid = $var["userid"];
$vip_type = $var["vip_type"];
$serv_id = $var["serv_id"];
$username_esc = mysql_escape_string($username);
$userid_esc = intval($userid);
$vip_type_esc = intval($vip_type);
$qs = "replace into tbl_user_static set us_uId = '{$userid_esc}', us_sName='{$username_esc}', us_uVipType='{$vip_type_esc}'";
$result = mysql_query($qs);
if (!$result) {
$ret = "400";
return;
}
LogAction("AddNewUser({$username_esc}, {$userid_esc}, {$vip_type_esc})", $serv_id);
$ret = "200";
header("Content-type: text/html; charset=utf-8");
header("Content-Length:" . strlen($ret));
print $ret;
}
public function __construct($message, $code = 2, $log = '', $redirect = '')
{
// make sure everything is assigned properly
parent::__construct($message, $code);
// Set the alery
SetAlert(stripslashes($this->message));
// Log the Message if needed
if ($log != '') {
LogAction($log, $code);
}
// If needed Redirect
if ($redirect != '') {
header('Location:' . $redirect);
die;
}
}
function DelRole($var)
{
global $tbl_db_info;
$Conn = mysql_connect($tbl_db_info[0], $tbl_db_info[1], $tbl_db_info[2]);
mysql_select_db($tbl_db_info[3], $Conn);
$roleid = $var["roleid"];
$serv_id = $var["serv_id"];
$ret = "";
$newname_esc = mysql_escape_string($newname);
$roleid = intval($roleid);
$qs = "update tbl_char_static set cs_uState = 2 where cs_uId = '{$roleid}'";
$result = mysql_query($qs);
if (!$result) {
$ret = "400";
return;
}
LogAction("ChangeRoleName({$roleid}, {$newname_esc})", $serv_id);
$ret = "200";
header("Content-type: text/html; charset=utf-8");
header("Content-Length:" . strlen($ret));
print $ret;
}
function tic_mysql_error($file = null, $line = null, $log = true)
{
$re = "<div style=\"text-align:left\"><ul><b>Mysql Fehler" . ($file != "" ? " in " . $file . "(" . $line . ")" : "") . ":</b>" . ($GLOBALS['last_sql_query'] ? "\n<li><b>Query:</b> " . $GLOBALS['last_sql_query'] . "</li>\n" : "") . "<li><b>Fehlermeldung:</b> " . mysql_errno() . " - " . mysql_error() . "</li>\n</ul></div></body></html>";
if ($log) {
LogAction("<div style=\"text-align:left\"><ul><b>Mysql Fehler" . ($file != "" ? " in " . $file . "(" . $line . ")" : "") . ":</b>" . ($GLOBALS['last_sql_query'] ? "\n<li><b>Query:</b> " . $GLOBALS['last_sql_query'] . "</li>\n" : "") . "<li><b>Fehlermeldung:</b> " . mysql_errno() . " - " . mysql_error() . "</li>\n</ul></div>", LOG_ERROR);
}
return $re;
}
}
if (!isset($_POST['txtAccGalaxie'])) {
$_POST['txtAccGalaxie'] = '';
}
if (!isset($_POST['txtAccPlanet'])) {
$_POST['txtAccPlanet'] = '';
}
if (!isset($_POST['txtAccPasswort'])) {
$_POST['txtAccPasswort'] = '';
}
if (!isset($_POST['lstAllianz'])) {
$_POST['lstAllianz'] = '';
}
if (!isset($_POST['lstRang'])) {
$_POST['lstRang'] = 0;
}
if ($_POST['txtAccName'] == '' || $_POST['txtAccGalaxie'] == '' || $_POST['txtAccPlanet'] == '' || $_POST['txtAccPasswort'] == '' || $_POST['lstAllianz'] == '') {
$error_code = 6;
} else {
if ($Benutzer['rang'] <= $_POST['lstRang']) {
$error_code = 5;
} else {
addgnuser($_POST['txtAccGalaxie'], $_POST['txtAccPlanet'], $_POST['txtAccName']);
$SQL_Result = tic_mysql_query('INSERT INTO `gn4accounts` (ticid, name, passwort, galaxie, planet, rang, allianz) VALUES ("' . $AllianzInfo[$_POST['lstAllianz']]['meta'] . '", "' . $_POST['txtAccName'] . '", "' . md5($_POST['txtAccPasswort']) . '","' . $_POST['txtAccGalaxie'] . '", "' . $_POST['txtAccPlanet'] . '", "' . $_POST['lstRang'] . '", "' . $_POST['lstAllianz'] . '")', $SQL_DBConn) or $error_code = 7;
if ($error_code == 0) {
LogAction("Account erstellt: Name=" . $_POST['txtAccName'] . "; Koordinaten=" . $_POST['txtAccGalaxie'] . ":" . $_POST['txtAccPlanet'] . "; Rang=" . $_POST['lstRang'] . "; Allianz=" . $_POST['lstAllianz'] . ";");
}
}
}
}
}
<?php
if ($Benutzer['rang'] >= RANG_TECHNIKER) {
if (isset($_POST['newmeta']) && $Benutzer['rang'] == RANG_STECHNIKER) {
tic_mysql_query('insert INTO `gn4meta` (name,duell,wars,naps,bnds,sysmsg) VALUES ("' . $_POST['meta'] . '", "' . $_POST['duell'] . '", "' . $_POST['wars'] . '", "' . $_POST['naps'] . '","' . $_POST['bnds'] . '" , "' . $_POST['sysmsg'] . '");', __FILE__, __LINE__);
$newmetaid = mysql_insert_id();
// echo $_POST['meta'].' angelegt!';
}
if (isset($_POST['metaspeichern'])) {
if ($Benutzer['rang'] == RANG_TECHNIKER) {
$_POST['metaid'] == $Benutzer['ticid'];
}
tic_mysql_query('Update `gn4meta` set name="' . $_POST['meta'] . '", duell="' . $_POST['duell'] . '", naps="' . $_POST['naps'] . '", bnds="' . $_POST['bnds'] . '", wars="' . $_POST['wars'] . '", sysmsg="' . $_POST['sysmsg'] . '" where id="' . $_POST['metaid'] . '" ;', __FILE__, __LINE__);
// echo '�derung gespeichert';
}
if (isset($_POST['metadelet']) && $Benutzer['rang'] == RANG_STECHNIKER) {
$SQL_Result = tic_mysql_query('Select id FROM `gn4allianzen` where ticid="' . $_POST['metaid'] . '";', __FILE__, __LINE__);
if (mysql_num_rows($SQL_Result) != '0') {
LogAction($Benutzer['name'] . ' hat Versucht den Meta mit der id ' . $_POST['metaid'] . ' zulöschen ohne die Allianzen vorher zu löschen !');
$metaerror = "Es müssen erst die Allianzen gelöscht werden bevor das Meta gelöscht werdne kann!";
} else {
tic_mysql_query('DELETE FROM `gn4meta` WHERE id="' . $_POST['metaid'] . '"', __FILE__, __LINE__);
unset($_POST['metaid']);
}
}
}
<?php
if (!isset($_GET['fbid'])) {
echo 'internal parameter-error #1';
return;
}
if (!isset($_GET['incsave'])) {
echo 'internal parameter-error #2';
return;
}
$SQL_Result = tic_mysql_query("SELECT verteidiger_galaxie, verteidiger_planet FROM `gn4flottenbewegungen` WHERE id ='" . $_GET['fbid'] . "'") or die(tic_mysql_error(__FILE__, __LINE__));
if (!($row = mysql_fetch_row($SQL_Result))) {
return;
}
if ($_GET['incsave'] == 1) {
$newsave = 0;
LogAction($row[0] . ":" . $row[1] . " -> Safe", LOG_SETSAFE);
} else {
$newsave = 1;
LogAction($row[0] . ":" . $row[1] . " -> Unsafe", LOG_SETSAFE);
}
tic_mysql_query("UPDATE `gn4flottenbewegungen` SET save='" . $newsave . "' WHERE id='" . $_GET['fbid'] . "'") or die(tic_mysql_error(__FILE__, __LINE__));
if (isset($_POST['action']) && $_POST['action'] != "") {
$action = $_POST['action'];
} else {
if (isset($_GET['action']) && $_GET['action'] != "") {
$action = $_GET['action'];
} else {
$action = "";
}
}
// Incoming makieren
if (isset($_GET['need_planet']) && isset($_GET['need_galaxie'])) {
LogAction($_GET['need_galaxie'] . ":" . $_GET['need_planet'] . " -> Unsafe", LOG_SETSAFE);
tic_mysql_query("UPDATE `gn4flottenbewegungen` SET save='0' WHERE verteidiger_galaxie='" . $_GET['need_galaxie'] . "' AND verteidiger_planet='" . $_GET['need_planet'] . "'") or die(tic_mysql_error(__FILE__, __LINE__));
}
if (isset($_GET['needno_planet']) && isset($_GET['needno_galaxie'])) {
LogAction($_GET['needno_galaxie'] . ":" . $_GET['needno_planet'] . " -> Safe", LOG_SETSAFE);
tic_mysql_query("UPDATE `gn4flottenbewegungen` SET save='1' WHERE verteidiger_galaxie='" . $_GET['needno_galaxie'] . "' AND verteidiger_planet='" . $_GET['needno_planet'] . "'") or die(tic_mysql_error(__FILE__, __LINE__));
}
if (isset($irc_log)) {
if ($irc_log) {
include 'irc-scans.inc.php';
}
}
// Funktion einbinden
if ($action != "") {
include "./function." . $action . ".php";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de" lang="de" dir="ltr">
<head>
LogAction('Saved Category: ' . stripslashes($myCategory->GetValue('category')), 1);
header('location:' . PATH . 'categories');
die;
}
}
// If Deleting
if ($_POST['submit'] == 'delete') {
$myCategory->SetValues($_POST);
$name = stripslashes($myCategory->GetValue('category'));
// Remove from the DB
if (!$myCategory->Delete()) {
throw new SimplException('Error deleting from the database, please try again.');
}
// Everything went fine
SetAlert('Category Deleted Successfully', 'success');
LogAction('Deleted Category: ' . $name, 1);
header('location:' . PATH . 'categories');
die;
}
// Set the requested primary key and get its info
if ($_GET['id'] != '' && $myCategory->GetPrimary() == '') {
$myCategory->SetPrimary((int) $_GET['id']);
// Try to get the info
if (!$myCategory->GetInfo()) {
throw new SimplException('Invalid category, please try another.', 3, 'Access to invalid category - ' . $myCategory->GetPrimary(), PATH . 'categories');
}
}
} catch (SimplException $e) {
}
// Set the object
$smarty->assign('myObject', $myCategory);
<?php
LogAction($mylogsrc, $mylogdst, "{$name} requested to allow access to the mpd stream and control port");
?>
<Pause />
<Say>Thank you for using Twi P N, goodbye</Say>
<Hangup />
<?php
break;
case 'killswitch':
?>
<Say>Emergency lock!</Say>
<?php
$output = shell_exec("sudo /usr/local/bin/iptables_wrapper_script.sh -d {$fh->ipaddr} {$fh->port} 0 ");
?>
<?php
LogAction($mylogsrc, $mylogdst, "{$name} requested to close {$fh->ipaddr}:{$fh->port}");
?>
<Pause />
<Say>Thank you for using Twi P N, goodbye</Say>
<Hangup />
<?php
break;
case 'update':
?>
<Say>Update menu</Say>
<Gather action="<?php
echo $baseurl . '?node=config';
?>
" numDigits="1">
<Say>Press 1 to change the address you want to control</Say>
<Say>Press 2 to change the port number</Say>
<?php
if ($Benutzer['rang'] >= RANG_VIZEADMIRAL) {
if (isset($_POST['Allispeichern']) && isset($_POST['selectid'])) {
if ($Benutzer['rang'] == RANG_VIZEADMIRAL || $Benutzer['rang'] == RANG_ADMIRAL) {
$_POST['selectid'] = $Benutzer['allianz'];
}
$query1 = $query = "";
if ($Benutzer['rang'] < RANG_STECHNIKER) {
$query = ' and ticid="' . $Benutzer['ticid'] . '"';
} else {
$query1 = ',ticid="' . $_POST['selectMeta'] . '"';
}
tic_mysql_query('update `gn4allianzen` set name="' . $_POST['Alliname'] . '",tag="' . $_POST['Allitag'] . '",info_bnds="' . $_POST['Allibnds'] . '",info_naps="' . $_POST['Allinaps'] . '",info_inoffizielle_naps="' . $_POST['Alliinnaps'] . '",info_kriege="' . $_POST['Allikriege'] . '"' . $query1 . ' where id="' . $_POST['selectid'] . '"' . $query . ';', __FILE__, __LINE__);
if ($Benutzer['rang'] == RANG_STECHNIKER) {
tic_mysql_query('update `gn4accounts` set ticid="' . $_POST['selectMeta'] . '" where allianz="' . $_POST['selectid'] . '";', __FILE__, __LINE__);
}
}
if (isset($_POST['Allidelet']) && $Benutzer['rang'] == RANG_STECHNIKER && isset($_POST['selectid'])) {
$SQL_Result = tic_mysql_query('DELETE FROM `gn4allianzen`WHERE id="' . $_POST['selectid'] . '" ;', __FILE__, __LINE__);
$SQL_Result = tic_mysql_query('DELETE FROM `gn4accounts` WHERE allianz="' . $_POST['selectid'] . '" ;', __FILE__, __LINE__);
LogAction("Alli und Accounts gelöscht. ID=" . $_POST['selectid'] . ";");
}
if (isset($_POST['Allineu']) && $Benutzer['rang'] == RANG_STECHNIKER) {
$SQL_Result = tic_mysql_query('Insert into `gn4allianzen` (`ticid` , `name` , `tag` , `info_bnds` , `info_naps` , `info_inoffizielle_naps` , `info_kriege`)VALUES ("' . $_POST['selectMeta'] . '", "' . $_POST['Alliname'] . '", "' . $_POST['Allitag'] . '", "' . $_POST['Allibnds'] . '", "' . $_POST['Allinaps'] . '", "' . $_POST['Alliinnaps'] . '", "' . $_POST['Allikriege'] . '");', __FILE__, __LINE__);
LogAction("Neue Allianz mit den namen " . $_POST['Alliname'] . " angelegt!;");
}
}
} elseif ($_POST['change'] == 'allianz') {
$sql = 'UPDATE `gn4accounts` SET allianz="' . $_POST['allianz'] . '", ticid="' . $AllianzInfo[$_POST['allianz']]['meta'] . '" WHERE id=' . $_POST['uid'];
LogAction('AllianzID für ID=' . $_POST['uid'] . ' ([' . $AllianzInfo[$userchange['allianz']]['tag'] . '] ' . $userchange['name'] . ') geändert auf ' . $_POST['allianz'] . ' ([' . $AllianzInfo[$_POST['allianz']]['tag'] . ']).');
} elseif ($_POST['change'] == 'name') {
$sql = 'UPDATE `gn4accounts` SET name="' . $_POST['name'] . '" WHERE id=' . $_POST['uid'];
addgnuser($_POST['selgala'], $selplanet, $_POST['name']);
LogAction('Name für ID=' . $_POST['uid'] . ' ([' . $AllianzInfo[$userchange['allianz']]['tag'] . '] ' . $userchange['name'] . ') geändert auf ' . $_POST['name'] . '.');
} elseif ($_POST['change'] == 'umode') {
if ($_POST['umode'] == 'on') {
if (!isset($_POST['umodedate']) || $_POST['umodedate'] == '') {
$_POST['umodedate'] = "tt.mm.jjjj";
}
$sql = 'UPDATE `gn4accounts` SET umod="' . date("d") . '.' . date("m") . '.' . date("Y") . '-' . $_POST['umodedate'] . '" WHERE id="' . $_POST['uid'] . '"';
LogAction('Umode für ID=' . $_POST['uid'] . ' ([' . $AllianzInfo[$userchange['allianz']]['tag'] . '] ' . $userchange['name'] . ') gesetzt.');
} else {
$sql = 'UPDATE `gn4accounts` SET umod="" WHERE id=' . $_POST['uid'];
LogAction('Umode für ID=' . $_POST['uid'] . ' ([' . $AllianzInfo[$userchange['allianz']]['tag'] . '] ' . $userchange['name'] . ') gelöscht.');
}
} elseif ($_POST['change'] == 'spy') {
if ($_POST['spy'] == 'gesperrt') {
$sql = 'UPDATE `gn4accounts` SET spy="1" WHERE id=' . $_POST['uid'];
LogAction('Acc ' . $_POST['uid'] . ' ([' . $AllianzInfo[$userchange['allianz']]['tag'] . '] ' . $userchange['name'] . ') gesperrt.');
} else {
$sql = 'UPDATE `gn4accounts` SET spy="0", versuche=0, ip="" WHERE id=' . $_POST['uid'];
LogAction('Acc ' . $_POST['uid'] . ' ([' . $AllianzInfo[$userchange['allianz']]['tag'] . '] ' . $userchange['name'] . ') entsperrt.');
}
}
if ($sql != '') {
$SQL_result = tic_mysql_query($sql, $SQL_DBConn);
}
$action = '';
<Sms>TwiPN SMS API: Completed request from <?php
echo $name;
?>
to <?php
echo $msg;
?>
</Sms>
</Response>
<?php
} else {
?>
</Response>
<?php
}
} else {
LogAction($mylogsrc, $mylogdst, $name . " posted a request with wrong syntax, no command was executed");
?>
<Sms>TwiPN SMS API: request from <?php
echo $name;
?>
had wrong TwiPN syntax, no command was executed</Sms>
</Response>
<?php
}
} else {
LogAction($mylogsrc, $mylogdst, "Unkown phone " . $_REQUEST['From'] . " posted a request, no command was executed");
?>
<Sms>TwiPN SMS API: This phone number is not allowed to execute commands, you may want to update the whitelist</Sms>
</Response>
<?php
}
$_POST['txtTitel'] = '';
}
if (!isset($_POST['txtText'])) {
$_POST['txtText'] = '';
}
if (!isset($_POST['txtHC'])) {
$_POST['txtHC'] = '';
}
if ($_POST['txtTitel'] == '' || $_POST['txtText'] == '') {
$error_code = 6;
} else {
$_POST['txtText'] = str_replace("\n", '<BR>', $_POST['txtText']);
$ticid = $Benutzer['ticid'];
if ($_POST['txtHC'] == 'HC') {
$ticid = "H" . $Benutzer['ticid'];
} else {
if ($_POST['txtHC'] == 'SHC') {
$ticid = "SHC";
} else {
if ($_POST['txtHC'] == 'alle') {
$ticid = "alle";
}
}
}
$SQL_Result = tic_mysql_query('INSERT INTO `gn4nachrichten` (ticid, name, zeit, titel, text) VALUES ("' . $ticid . '", "' . $Benutzer['galaxie'] . ':' . $Benutzer['planet'] . ' ' . $Benutzer['name'] . ' (' . $RangName[$Benutzer['rang']] . ' @ [' . $AllianzTag[$Benutzer['allianz']] . '])", "' . date("H") . ':' . date("i") . ' ' . date("d") . '.' . date("m") . '.' . date("Y") . '", "' . $_POST['txtTitel'] . '", "' . $_POST['txtText'] . '")', $SQL_DBConn) or $error_code = 7;
if ($error_code == 0) {
LogAction("Nachricht geschrieben: Titel='" . $_POST['txtTitel'] . "';");
}
}
}
}
<?php
// Nachricht l�schen
if ($_POST['action'] == 'nachrichtloeschen') {
if ($Benutzer['rang'] < $Rang_GC) {
$error_code = 5;
} else {
if (!isset($_POST['id'])) {
$_POST['id'] = '';
}
if ($_POST['id'] == '') {
$error_code = 6;
} else {
$SQL_Result = tic_mysql_query('DELETE FROM `gn4nachrichten` WHERE id=' . $_POST['id'] . ' ;', $SQL_DBConn) or $error_code = 7;
}
if ($error_code == 0) {
LogAction("Nachricht gel�scht: ID=" . $_POST['id'] . ";");
}
}
}
if (!isset($_GET['txtChPlanet'])) {
$_GET['txtChPlanet'] = '';
}
if (!isset($_GET['lstChAllianz'])) {
$_GET['lstChAllianz'] = '';
}
if ($Benutzer['rang'] == $Rang_GC) {
$_GET['txtChGalaxie'] = $Benutzer['galaxie'];
}
if ($Benutzer['rang'] != $Rang_Techniker) {
$_GET['lstChAllianz'] = $Benutzer['allianz'];
}
if ($_GET['id'] != '' && $_GET['lstChRang'] != '' && $_GET['txtChGalaxie'] != '' && $_GET['txtChPlanet'] != '' && $_GET['lstChAllianz'] != '') {
$SQL_Result = tic_mysql_query('SELECT * FROM `gn4accounts` WHERE id="' . $_GET['id'] . '";', $SQL_DBConn) or $error_code = 4;
if (mysql_num_rows($SQL_Result) == 1) {
$tmp_rang = mysql_result($SQL_Result, 0, 'rang');
if ($tmp_rang >= $Benutzer['rang'] || $_GET['lstChRang'] >= $Benutzer['rang']) {
$error_code = 5;
} else {
$SQL_Result = tic_mysql_query('UPDATE `gn4accounts` SET rang="' . $_GET['lstChRang'] . '", galaxie="' . $_GET['txtChGalaxie'] . '", planet="' . $_GET['txtChPlanet'] . '", allianz="' . $_GET['lstChAllianz'] . '" WHERE id="' . $_GET['id'] . '" and ticid="' . $Benutzer['ticid'] . '";', $SQL_DBConn) or $error_code = 7;
if ($error_code == 0) {
LogAction("Accountdaten geändert: ID=" . $_GET['id'] . "; Koordinaten=" . $_GET['txtChGalaxie'] . ":" . $_GET['txtChPlanet'] . "; Rang=" . $_GET['lstChRang'] . "; Allianz=" . $_GET['lstChAllianz'] . ";");
}
}
} else {
$error_code = 8;
}
} else {
$error_code = 6;
}
}
if ($Benutzer['rang'] == 0) {
die;
}
$SQL_Result = tic_mysql_query('SELECT * FROM `gn4accounts` WHERE id="' . $_GET['id'] . '";', $SQL_DBConn) or $error_code = 4;
if (mysql_num_rows($SQL_Result) == 1) {
$tmp_rang = mysql_result($SQL_Result, 0, 'rang');
$tmp_galaxie = mysql_result($SQL_Result, 0, 'galaxie');
$tmp_alli = mysql_result($SQL_Result, 0, 'allianz');
if ($Benutzer['allianz'] != $tmp_alli && $Benutzer['rang'] < 4) {
$error_code = 5;
} else {
if ($tmp_rang >= $Benutzer['rang']) {
$error_code = 5;
} else {
if (!($Benutzer['rang'] == $Rang_GC && $tmp_galaxie != $Benutzer['galaxie'])) {
$SQL_Result = tic_mysql_query('DELETE FROM `gn4accounts` WHERE id=' . $_GET['id'] . '', $SQL_DBConn) or $error_code = 7;
}
if ($error_code == 0) {
LogAction("Account gelöscht: ID=" . $_GET['id'] . ";");
} else {
$error_code = 5;
}
}
}
} else {
$error_code = 8;
}
} else {
$error_code = 6;
}
}
LogAction('Saved Answer: ' . stripslashes($myAnswer->GetValue('question')), 1);
header('location:' . PATH . 'answers');
die;
}
}
// If Deleting
if ($_POST['submit'] == 'Delete') {
$myAnswer->SetValues($_POST);
$name = stripslashes($myAnswer->GetValue('question'));
// Remove from the DB
if (!$myAnswer->Delete()) {
throw new SimplException('Error deleting from the database, please try again.');
}
// Everything went fine
SetAlert('Answer Deleted Successfully', 'success');
LogAction('Deleted Answer: ' . $name, 1);
header('location:' . PATH . 'answers');
die;
}
// Set the requested primary key and get its info
if ($_GET['id'] != '' && $myAnswer->GetPrimary() == '') {
$myAnswer->SetPrimary((int) $_GET['id']);
// Try to get the info
if (!$myAnswer->GetInfo()) {
throw new SimplException('Invalid answer, please try another.', 3, 'Access to invalid answer - ' . $myAnswer->GetPrimary(), PATH . 'answers');
}
}
// If saving categories
if ($_POST['submit'] == 'Save Categories') {
$myAnswer->SyncCategories($_POST['category']);
}
} else {
if (!isset($_POST['lstCode'])) {
$_POST['lstCode'] = 0;
}
$SQL_Result = tic_mysql_query('UPDATE `gn4allianzen` SET code="' . $_POST['lstCode'] . '" WHERE id="' . $Benutzer['allianz'] . '";', $SQL_DBConn) or $error_code = 7;
if (isset($_POST['txtBNDs'])) {
$SQL_Result = tic_mysql_query('UPDATE `gn4allianzen` SET info_bnds="' . $_POST['txtBNDs'] . '" WHERE id="' . $Benutzer['allianz'] . '";', $SQL_DBConn) or $error_code = 7;
}
if (isset($_POST['txtNAPs'])) {
$SQL_Result = tic_mysql_query('UPDATE `gn4allianzen` SET info_naps="' . $_POST['txtNAPs'] . '" WHERE id="' . $Benutzer['allianz'] . '";', $SQL_DBConn) or $error_code = 7;
}
if (isset($_POST['txtInoffizielleNAPs'])) {
$SQL_Result = tic_mysql_query('UPDATE `gn4allianzen` SET info_inoffizielle_naps="' . $_POST['txtInoffizielleNAPs'] . '" WHERE id="' . $Benutzer['allianz'] . '";', $SQL_DBConn) or $error_code = 7;
}
if (isset($_POST['txtKriege'])) {
$SQL_Result = tic_mysql_query('UPDATE `gn4allianzen` SET info_kriege="' . $_POST['txtKriege'] . '" WHERE id="' . $Benutzer['allianz'] . '";', $SQL_DBConn) or $error_code = 7;
}
if (isset($_POST['txtGalas'])) {
$SQL_Result = tic_mysql_query('UPDATE `gn4allianzen` SET galalist="' . $_POST['txtGalas'] . '" WHERE id="' . $Benutzer['allianz'] . '";', $SQL_DBConn) or $error_code = 7;
}
$AllianzInfo[$Benutzer['allianz']]['code'] = $_POST['lstCode'];
$AllianzInfo[$Benutzer['allianz']]['info_bnds'] = $_POST['txtBNDs'];
$AllianzInfo[$Benutzer['allianz']]['info_naps'] = $_POST['txtNAPs'];
$AllianzInfo[$Benutzer['allianz']]['info_inoffizielle_naps'] = $_POST['txtInoffizielleNAPs'];
$AllianzInfo[$Benutzer['allianz']]['info_kriege'] = $_POST['txtKriege'];
$AllianzInfo[$Benutzer['allianz']]['galalist'] = $_POST['txtGalas'];
if ($error_code == 0) {
LogAction("Systemeinstellungen geändert: Code=" . $AllianzInfo[$Benutzer['allianz']]['code'] . "; BNDs='" . $AllianzInfo[$Benutzer['allianz']]['info_bnds'] . "'; NAPs='" . $AllianzInfo[$Benutzer['allianz']]['info_naps'] . "'; inoff. NAPs='" . $AllianzInfo[$Benutzer['allianz']]['info_inoffizielle_naps'] . "'; Kriege='" . $AllianzInfo[$Benutzer['allianz']]['info_kriege'] . "';");
}
}
}
