function count_files($cid)
{
$zges = 0;
$e = db_query("SELECT `id` FROM `prefix_linkcats` WHERE `cat` = " . $cid);
if (db_num_rows($e) > 0) {
while ($r = db_fetch_assoc($e)) {
$zges = $zges + count_files($r['id']);
}
}
$zges = $zges + db_count_query("SELECT COUNT(*) FROM `prefix_links` WHERE `cat` = " . $cid);
return $zges;
}
function count_files($cid)
{
$zges = 0;
$e = db_query("SELECT id FROM prefix_gallery_cats WHERE cat = " . $cid);
if (db_num_rows($e) > 0) {
while ($r = db_fetch_assoc($e)) {
$zges = $zges + count_files($r['id']);
}
}
$zges = $zges + db_count_query("SELECT COUNT(*) FROM prefix_gallery_imgs WHERE cat = " . $cid);
return $zges;
}
function content_stats($m)
{
$numrows = db_count_query("SELECT COUNT(id) FROM `prefix_stats_content` WHERE content = '" . $m . "'");
if ($numrows == 0) {
if (db_query("INSERT INTO `prefix_stats_content` (content, counter) VALUES ('" . $m . "', '1')")) {
debug('"' . $m . '" zu ContentStats hinzugefuegt');
} else {
debug('"' . $m . '" konnte nicht geloggt werden');
}
} else {
if ($numrows >= 1) {
db_query("UPDATE `prefix_stats_content` SET counter = counter +1 WHERE content = '" . $m . "'");
debug('ContentStats aktualisiert...');
}
}
}
}
$ar['mods1'] = dbliste($ar['mod1'], $tpl, 'mods1', "SELECT id,name FROM prefix_user WHERE recht <= -4 ORDER BY name");
$ar['mods2'] = dbliste($ar['mod2'], $tpl, 'mods2', "SELECT id,name FROM prefix_user WHERE recht <= -4 ORDER BY name");
$ar['mods3'] = dbliste($ar['mod3'], $tpl, 'mods3', "SELECT id,name FROM prefix_user WHERE recht <= -4 ORDER BY name");
$ar['mods4'] = dbliste($ar['mod4'], $tpl, 'mods4', "SELECT id,name FROM prefix_user WHERE recht <= -4 ORDER BY name");
$ar['mods2'] = '<option value="0">keiner</option>' . $ar['mods2'];
$ar['mods3'] = '<option value="0">keiner</option>' . $ar['mods3'];
$ar['mods4'] = '<option value="0">keiner</option>' . $ar['mods4'];
$ar['pic'] = arlistee($ar['img'], get_teampic_ar());
$ar['pic'] = '<option value="0">kein Bild<option>' . $ar['pic'];
$ar['msg'] = empty($msg) ? '' : '<table width="50%" cellpadding="2" cellspacing="1" border="0" class="border"><tr><td class="Cnorm"><b>Nachricht:</b> ' . $msg . '</td></tr></table>';
$ar['joinu'] = '';
if (0 < db_result(db_query("SELECT COUNT(*) FROM prefix_usercheck WHERE ak = 4"), 0)) {
$ar['joinu'] = '<a href="admin.php?groups-joinus"><b>Joinus Anfragen bearbeiten</b></a><br /><br />';
}
$tpl->set_ar_out($ar, 0);
$class = 'Cnorm';
$erg = db_query("SELECT name,id FROM prefix_groups ORDER BY pos ASC");
while ($row = db_fetch_assoc($erg)) {
$row['useranz'] = db_count_query("SELECT COUNT(uid) FROM prefix_groupusers WHERE gid = " . $row['id']);
$class = $class == 'Cnorm' ? 'Cmite' : 'Cnorm';
$row['class'] = $class;
$tpl->set_ar_out($row, 1);
}
$tpl->out(2);
if ($allgAr['groups_forall'] and $_SESSION['authright'] > -8) {
$tpl->out(3);
}
$tpl->out(4);
}
$design->footer();
$e = db_query("SELECT id FROM prefix_forums WHERE cid = " . $cid);
while ($r = db_fetch_row($e)) {
db_query("DELETE FROM prefix_posts WHERE fid = " . $r[0]);
db_query("DELETE FROM prefix_topics WHERE fid = " . $r[0]);
}
db_query("DELETE FROM prefix_forums WHERE cid = " . $cid);
list($pos, $uid) = db_fetch_row(db_query("SELECT pos, cid FROM prefix_forumcats WHERE id = " . $cid));
db_query("UPDATE prefix_forumcats SET pos = pos -1 WHERE pos > " . $pos . " AND cid = " . $uid);
db_query("DELETE FROM prefix_forumcats WHERE id = " . $cid);
break;
case 'moveCategorie':
$move = $menu->get(2);
$cid = $menu->get(3);
$topcid = db_result(db_query("SELECT cid FROM `prefix_forumcats` WHERE id = {$cid}"), 0);
$pos = $menu->get(4);
$a = db_count_query("SELECT COUNT(*) as anz FROM prefix_forumcats WHERE cid = {$topcid}");
$np = $move == 0 ? $pos - 1 : $pos + 1;
$np = $np >= $a - 1 ? $a - 1 : $np;
$np = $np < 0 ? 0 : $np;
db_query("UPDATE prefix_forumcats SET pos = " . $pos . " WHERE cid = " . $topcid . " AND pos = " . $np);
db_query("UPDATE prefix_forumcats SET pos = " . $np . " WHERE id = " . $cid);
break;
case 'repair':
$tpl = new tpl('forum/repair', 1);
if (isset($_POST['sub'])) {
//Kategorien
if ($_POST['cb_repc'] == 'on') {
$cats_sql = db_query("SELECT cid FROM `prefix_forumcats`");
while ($cats_row = db_fetch_object($cats_sql)) {
$ucats_sql = db_query("SELECT id FROM `prefix_forumcats` WHERE cid = {$cats_row->cid} ORDER BY pos, id");
$pos = 0;
<?php
/**
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL)
* @copyright (C) 2000-2010 ilch.de
* @version $Id$
*/
defined('main') or die('no direct access');
// -----------------------------------------------------------|
$title = $allgAr['title'] . ' :: Joinus';
$hmenu = 'Joinus';
$header = array('jquery/jquery.validate.js', 'forms/joinus.js');
$design = new design($title, $hmenu);
$design->header($header);
if (0 == db_count_query("SELECT COUNT(*) FROM `prefix_groups` WHERE `show_joinus` = 1")) {
echo $lang['noteamthere'];
$design->footer();
exit;
}
$skill_ar = array(1 => $lang['verybad'], 2 => $lang['bad'], 3 => $lang['middle'], 4 => $lang['good'], 5 => $lang['verygood']);
$far = array('name', 'skill', 'icqnumber', 'favmap', 'mail', 'age', 'hometown', 'squad', 'ground', 'rules');
$x = 0;
foreach ($far as $v) {
if (!empty($_POST[$v])) {
${$v} = escape($_POST[$v], 'string');
$x++;
} else {
${$v} = '';
}
}
$xname = escape_nickname($name);
if (empty($_POST['vid'])) {
db_query('INSERT INTO `prefix_poll` (`frage`,`recht`,`stat`,`text`) VALUES ( "' . $_POST['frage'] . '" , "' . $_POST['poll_recht'] . '" , "1" ,"") ');
$poll_id = db_last_id();
$i = 1;
foreach ($_POST['antw'] as $v) {
if (!empty($v)) {
$v = escape($v, 'string');
db_query('INSERT INTO `prefix_poll_res` (`sort`,`poll_id`,`antw`,`res`) VALUES ( "' . $i . '" , "' . $poll_id . '" , "' . $v . '" , "" ) ');
$i++;
}
}
} else {
db_query('UPDATE `prefix_poll` SET frage = "' . $_POST['frage'] . '", recht = "' . $_POST['poll_recht'] . '" WHERE poll_id = "' . $_POST['vid'] . '"');
$i = 1;
foreach ($_POST['antw'] as $k => $v) {
$a = db_count_query("SELECT COUNT(*) FROM `prefix_poll_res` WHERE `poll_id` = " . $_POST['vid'] . " AND `sort` = " . $k);
$v = escape($v, 'string');
if ($a == 0 and $v != '') {
db_query("INSERT INTO `prefix_poll_res` (`sort`,`poll_id`,`antw`,`res`) VALUES ( '" . $i . "' , '" . $_POST['vid'] . "' , '" . $v . "' , '' )");
$i++;
} elseif ($a == 1 and $v == '') {
db_query("DELETE FROM `prefix_poll_res` WHERE `poll_id` = " . $_POST['vid'] . " AND `sort` = " . $k);
} elseif ($a == 1 and $v != '') {
db_query("UPDATE `prefix_poll_res` SET `antw` = '" . $v . "', `sort` = " . $i . " WHERE `poll_id` = " . $_POST['vid'] . " AND `sort` = " . $k);
$i++;
}
}
}
}
if (empty($_POST['add'])) {
if (isset($_GET['vid'])) {
$gAnz = @db_result(db_query(str_replace('{WHERE}', $where, str_replace('{SELECT}', ' COUNT(DISTINCT a.id)', $q))), 0);
$q = str_replace('{WHERE}', $where, str_replace('{SELECT}', $s, $q));
}
$MPL = db_make_sites($page, "", $limit, 'index.php?forum-' . $such . ($such == 'aeit' ? '-' . $uid : ''), "", $gAnz);
$tpl = new tpl('forum/search');
$q = db_query($q . " LIMIT {$anfang},{$limit}");
$class = '';
$tpl->set_out('gAnz', $gAnz, 0);
while ($r = db_fetch_assoc($q)) {
$class = $class == 'Cmite' ? 'Cnorm' : 'Cmite';
$r['class'] = $class;
$r['ctime'] = db_result(db_query("SELECT MAX(time) FROM prefix_posts WHERE tid = " . $r['id']), 0, 0);
$r['ord'] = forum_get_ordner($r['ctime'], $r['id'], $r['fid']);
$r['link'] = 'forum-showposts-' . $r['id'];
if ($menu->get(1) == 'aeit') {
$r['author'] = '';
} elseif ($such == 'aubt') {
$r['author'] = ' ' . $lang['from'] . ' ' . $r['author'];
} else {
$r['author'] = ' ' . $lang['newpost'] . ' ' . $lang['from'] . ' ' . $r['author'];
$r['postsbefore'] = db_count_query('SELECT COUNT(id) FROM prefix_posts WHERE tid = ' . $r['id'] . ' AND id < ' . $r['firstnew']);
$r['page'] = ceil(($r['postsbefore'] + 1) / $allgAr['Fpanz']);
$r['link'] .= '-p' . $r['page'] . '#' . $r['firstnew'];
}
$tpl->set_ar_out($r, 1);
}
$tpl->set_out('MPL', $MPL, 2);
if ($such == 'aeit') {
$tpl->set_out('name', $name, 3);
}
$design->footer();
db_query("UPDATE `prefix_profilefields` SET `show` = '" . $_POST['show'] . "', `func` = " . $_POST['func'] . " WHERE `id` = " . $_POST['sid']);
}
}
if ($menu->get(1) == 'delete') {
$id = $menu->get(2);
// TODO func in diesem query anpassen
$anz = db_count_query("SELECT COUNT(`id`) FROM `prefix_profilefields` WHERE `id` = " . $id . " AND `func` != 3 AND `func` != 2");
if ($anz == 1) {
$pos = db_result(db_query("SELECT `pos` FROM `prefix_profilefields` WHERE `id` = " . $id), 0);
db_query("DELETE FROM `prefix_profilefields` WHERE `id` = " . $id);
db_query("UPDATE `prefix_profilefields` SET `pos` = `pos` - 1 WHERE `pos` > " . $pos);
db_query("DELETE FROM `prefix_userfields` WHERE `fid` = " . $id);
}
}
if ($menu->get(1) == 'u' or $menu->get(1) == 'o') {
$a = db_count_query("SELECT COUNT(*) as `anz` FROM `prefix_profilefields`");
$np = $menu->get(1) == 'o' ? $menu->get(3) - 1 : $menu->get(3) + 1;
$np = $np >= $a - 1 ? $a - 1 : $np;
$np = $np < 0 ? 0 : $np;
db_query("UPDATE `prefix_profilefields` SET `pos` = " . $menu->get(3) . " WHERE `pos` = " . $np);
db_query("UPDATE `prefix_profilefields` SET `pos` = " . $np . " WHERE `id` = " . $menu->get(2));
}
if ($menu->get(1) == 'c') {
$n = $menu->get(3) == 3 ? 4 : 3;
db_query("UPDATE `prefix_profilefields` SET `func` = " . $n . " WHERE `id` = " . $menu->get(2));
}
if ($show) {
$tpl = new tpl('profilefields', 1);
if ($menu->get(1) != 'edit') {
$row = array('sub' => 'Eintragen', 'pos' => '', 'show' => '', 'func' => arliste('', profilefields_functions2(), $tpl, 'func'), 'sid' => '', 'ANTISPAM' => get_antispam('adminuser_action', 0, true));
} else {
$msn = escape($_POST['msn'], 'string');
$yahoo = escape($_POST['yahoo'], 'string');
$aim = escape($_POST['aim'], 'string');
$staat = escape($_POST['staat'], 'string');
$spezrank = escape($_POST['spezrank'], 'integer');
$geschlecht = escape($_POST['geschlecht'], 'integer');
$status = escape($_POST['status'], 'integer');
$sperre = escape($_POST['usersperre'], 'integer');
$opt_mail = escape($_POST['opt_mail'], 'integer');
$opt_pm = escape($_POST['opt_pm'], 'integer');
$opt_pm_popup = escape($_POST['opt_pm_popup'], 'integer');
$gebdatum = escape($_POST['gebdatum'], 'string');
$sig = escape($_POST['sig'], 'string');
// Name im Forum aendern
if ($_POST['forumname'] == 'on') {
$oldname = db_count_query("SELECT `name` FROM `prefix_user` WHERE `id` =" . $uid);
if ($oldname != $usaName1) {
db_query("UPDATE `prefix_posts` SET `erst` = '" . $usaName1 . "' WHERE `erstid` = " . $uid);
db_query("UPDATE `prefix_topics` SET `erst` = '" . $usaName1 . "' WHERE `erst` = '" . $oldname . "'");
}
}
db_query('UPDATE `prefix_user`
SET
`name` = "' . $usaName1 . '",
`recht` = "' . $neues_recht . '",
`email` = "' . $email . '",
`homepage` = "' . $homepage . '",
`wohnort` = "' . $wohnort . '",
`icq` = "' . $icq . '",
`msn` = "' . $msn . '",
`yahoo` = "' . $yahoo . '",
db_query("INSERT INTO `prefix_warmaps` (`wid`,`mnr`,`map`,`opp`,`owp`) VALUES (" . $wid . "," . $i . ",'" . escape($_POST['map'][$i], 'string') . "'," . escape($_POST['opp'][$i], 'string') . "," . escape($_POST['owp'][$i], 'string') . ")");
}
}
// in den kalender eintragen wenn gewuenscht
if (isset($_POST['kalender']) and $_POST['kalender'] == 'yes') {
$timestamp = strtotime(get_datime());
$page = str_replace('admin.php', 'index.php', $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]);
db_query("INSERT INTO `prefix_kalender` (`time`, `title`, `text`, `recht`) VALUES (" . $timestamp . ",'Lastwar gegen " . $_POST['gegner'] . "', '" . $_POST['mtyp'] . " " . $_POST['mod'] . " in " . $_POST['game'] . " gegen [url=" . $_POST['page'] . "]" . $_POST['gegner'] . "[/url]\n\n[url=http://" . $page . "?wars-more-" . $wid . "]details des Wars[/url]', 0)");
}
$msg = '<tr class="Cmite"><td colspan="2">Erfolgreich eingetragen</td></tr>';
} else {
//
db_query("UPDATE `prefix_wars` SET `datime` = '" . get_datime() . "', `status` = 3,`wlp` = '" . $_POST['wlp'] . "',`owp` = '" . $_POST['sumowp'] . "',`opp` = '" . $_POST['sumopp'] . "',`gegner` = '" . $_POST['gegner'] . "',`tag` = '" . $_POST['tag'] . "',`page` = '" . $_POST['page'] . "',`mail` = '" . $_POST['email'] . "',`icq` = '" . $_POST['icq'] . "',`wo` = '" . $_POST['wo'] . "',`tid` = '" . $_POST['tid'] . "',`mod` = '" . $_POST['mod'] . "',`game` = '" . $_POST['game'] . "',`mtyp` = '" . $_POST['mtyp'] . "',`land` = '" . $_POST['land'] . "',`txt` = '" . $_POST['txt'] . "' WHERE `id` = '" . $_POST['pkey'] . "'");
$wid = $_POST['pkey'];
for ($i = 1; $i <= 5; $i++) {
$a = db_count_query("SELECT COUNT(*) FROM `prefix_warmaps` WHERE `mnr` = " . $i . " AND `wid` = " . $wid);
if ($a == 0 and $_POST['map'][$i] != '' and $_POST['opp'][$i] != '' and $_POST['owp'][$i] != '') {
db_query("INSERT INTO `prefix_warmaps` (`wid`,`mnr`,`map`,`opp`,`owp`) VALUES (" . $wid . "," . $i . ",'" . $_POST['map'][$i] . "'," . $_POST['opp'][$i] . "," . $_POST['owp'][$i] . ")");
} elseif ($a == 1 and ($_POST['map'][$i] == '' or $_POST['opp'][$i] == '' and $_POST['owp'][$i] == '')) {
db_query("DELETE FROM `prefix_warmaps` WHERE `wid` = " . $wid . " AND `mnr` = " . $i);
if (file_exists('include/images/wars/' . $wid . '_' . $i . '.gif')) {
unlink('include/images/wars/' . $wid . '_' . $i . '.gif');
}
if (file_exists('include/images/wars/' . $wid . '_' . $i . '.png')) {
unlink('include/images/wars/' . $wid . '_' . $i . '.png');
}
if (file_exists('include/images/wars/' . $wid . '_' . $i . '.jpg')) {
unlink('include/images/wars/' . $wid . '_' . $i . '.jpg');
}
if (file_exists('include/images/wars/' . $wid . '_' . $i . '.jpeg')) {
unlink('include/images/wars/' . $wid . '_' . $i . '.jpeg');
' . $friendsCheckDiv . '
</div>
</div>';
if ($friendAnzahl > 0) {
$optionsClass = 'nOptions2';
} else {
$optionsClass = 'nOptions';
}
$options = '<div id="mOptions" class="button ' . $optionsClass . '">
<div class="pfeilDownIcon"></div>
</div>';
}
}
if (db_count_query('SELECT count(uid) FROM prefix_usergallery WHERE uid = ' . $uid) > '0' or $_SESSION['authid'] == $uid) {
$fotos = '<div class="button foto" onclick="location.href = \'?user-fotos-' . $uid . '\';">
<div class="buttonText">Fotos</div>
</div>';
}
if ($UGAnzahl > 0 or $_SESSION['authid'] == $uid) {
$friendClass = 'friend2';
} else {
$friendClass = 'friend';
}
if (db_count_query('SELECT count(uid) FROM prefix_friends WHERE uid = ' . $uid)) {
$friends = '<div class="button ' . $friendClass . '" onclick="location.href = \'?user-friends-' . $uid . '\';">
<div class="buttonText">Freunde</div>
</div>';
}
$arHeader = array("UID" => $row['id'], 'NAME' => $row['name'], 'TITELBILD' => $titelbild, 'sFriendschek' => $friendsCheck, 'sOpstions' => $options, 'AVATA' => $avatar, 'FRIENDADDBUTTON' => $friendAddButton, 'PNBUTTON' => $PNButton, 'MOREBUTTON' => $MoreButton, 'AVATA' => $avatar, 'sFotos' => $fotos, 'sFriends' => $friends);
$tpl = new tpl('uprofil/header.htm');
$tpl->set_ar_out($arHeader, 0);
// weiterleiten $_SERVER['host_name']
Header("Location: " . $dir . $banner . "");
exit;
} else {
}
} else {
$design->header();
echo '<center><strong>FEHLER</strong> : Banner-ID nicht vorhanden</center>';
$design->footer();
}
break;
// ################################################################
// ################################################################
case 'click':
// prüfen ob ID + Datei vorhanden
$checkid = db_count_query("SELECT COUNT(id) FROM `prefix_linkus` WHERE id = " . $menu_2 . "");
if ($checkid != 0) {
// Auslesen der Ziel-URL
$link = db_result(db_query("SELECT link FROM `prefix_linkus` WHERE id = " . $menu_2 . ""));
if ($menu_3 == 'true') {
// click-wert +1
db_query("UPDATE `prefix_linkus` SET klicks = klicks + 1 WHERE id = " . $menu_2 . "");
}
// weiterleiten
Header("Location: " . $link . "");
exit;
} else {
$design->header();
echo '<center><strong>FEHLER</strong> : Banner-ID nicht vorhanden</center>';
$design->footer();
}
if ($_POST['map'][$i] != '' and $_POST['opp'][$i] != '' and $_POST['owp'][$i] != '') {
db_query("INSERT INTO prefix_warmaps (wid,mnr,map,opp,owp) VALUES (" . $wid . "," . $i . ",'" . escape($_POST['map'][$i], 'string') . "'," . escape($_POST['opp'][$i], 'string') . "," . escape($_POST['owp'][$i], 'string') . ")");
}
}
# in den kalender eintragen wenn gewuenscht
if (isset($_POST['kalender']) and $_POST['kalender'] == 'yes') {
$timestamp = strtotime(get_datime());
$page = str_replace('admin.php', 'index.php', $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]);
db_query("INSERT INTO prefix_kalender (time, title, text, recht) VALUES (" . $timestamp . ",'Lastwar gegen " . $_POST['gegner'] . "', '" . $_POST['mtyp'] . " " . $_POST['mod'] . " in " . $_POST['game'] . " gegen [url=" . $_POST['page'] . "]" . $_POST['gegner'] . "[/url]\n\n[url=http://" . $page . "?wars-more-" . $wid . "]details des Wars[/url]', 0)");
}
$msg = '<tr class="Cmite"><td colspan="2">Erfolgreich eingetragen</td></tr>';
} else {
db_query("UPDATE prefix_wars SET datime = '" . get_datime() . "', status = 3,wlp = '" . $_POST['wlp'] . "',owp = '" . $_POST['sumowp'] . "',opp = '" . $_POST['sumopp'] . "',gegner = '" . $_POST['gegner'] . "',tag = '" . $_POST['tag'] . "',page = '" . $_POST['page'] . "',mail = '" . $_POST['email'] . "',icq = '" . $_POST['icq'] . "',wo = '" . $_POST['wo'] . "',tid = '" . $_POST['tid'] . "',`mod` = '" . $_POST['mod'] . "',game = '" . $_POST['game'] . "',mtyp = '" . $_POST['mtyp'] . "',land = '" . $_POST['land'] . "',txt = '" . $_POST['txt'] . "' WHERE id = '" . $_POST['pkey'] . "'");
$wid = $_POST['pkey'];
for ($i = 1; $i <= 5; $i++) {
$a = db_count_query("SELECT COUNT(*) FROM prefix_warmaps WHERE mnr = " . $i . " AND wid = " . $wid);
if ($a == 0 and $_POST['map'][$i] != '' and $_POST['opp'][$i] != '' and $_POST['owp'][$i] != '') {
db_query("INSERT INTO prefix_warmaps (wid,mnr,map,opp,owp) VALUES (" . $wid . "," . $i . ",'" . $_POST['map'][$i] . "'," . $_POST['opp'][$i] . "," . $_POST['owp'][$i] . ")");
} elseif ($a == 1 and ($_POST['map'][$i] == '' or $_POST['opp'][$i] == '' and $_POST['owp'][$i] == '')) {
db_query("DELETE FROM prefix_warmaps WHERE wid = " . $wid . " AND mnr = " . $i);
if (file_exists('include/images/wars/' . $wid . '_' . $i . '.gif')) {
unlink('include/images/wars/' . $wid . '_' . $i . '.gif');
}
if (file_exists('include/images/wars/' . $wid . '_' . $i . '.png')) {
unlink('include/images/wars/' . $wid . '_' . $i . '.png');
}
if (file_exists('include/images/wars/' . $wid . '_' . $i . '.jpg')) {
unlink('include/images/wars/' . $wid . '_' . $i . '.jpg');
}
if (file_exists('include/images/wars/' . $wid . '_' . $i . '.jpeg')) {
unlink('include/images/wars/' . $wid . '_' . $i . '.jpeg');
$row = db_fetch_assoc($erg);
if ($row['gebdatum'] != "0000-00-00") {
$gebdatum = '<img src="include/images/userprofil/icons/icon_birthday.png"> ' . date('d. M Y', strtotime($row['gebdatum'])) . '<br />';
} else {
$gebdatum = '';
}
if (empty($row['wohnort'])) {
$wohnort = '';
} else {
$wohnort = '<img src="include/images/userprofil/icons/icon_home.png"> aus ' . $row['wohnort'] . '<br />';
}
$geschlecht = array('0' => 'Unbekannt', '1' => 'Männlich', '2' => 'Weiblich');
$geschlecht = '<img src="include/images/userprofil/icons/icon_user.png"> ' . $geschlecht[$row['geschlecht']];
$UGAnzahl = db_count_query('SELECT count(uid) FROM prefix_usergallery WHERE uid = ' . $uid);
$FAnzahl = db_count_query('SELECT count(uid) FROM prefix_friends WHERE uid = ' . $uid);
$GBAnzahl = db_count_query('SELECT count(uid) FROM prefix_usergbook WHERE uid = ' . $uid);
$tpl = new tpl('uprofil/leftbox.htm');
$ar = array('UID' => $row['id'], 'GEBURTSTAG' => $gebdatum, 'WOHNORT' => $wohnort, 'GESCHLECHT' => $geschlecht, 'UGBILDER' => $UGAnzahl, 'JOINED' => '<img src="include/images/userprofil/icons/icon_calendar.png"> ' . date('d. M Y', $row['regist']) . '<br />', 'SITELINK' => $MPL);
$tpl->set_ar_out($ar, 0);
if ($UGAnzahl > 0) {
$tpl->set_out('UGBILDER', ' (' . $UGAnzahl . ')', 1);
while ($rowUG = db_fetch_assoc($ergUG)) {
if (empty($rowUG['txt'])) {
$rowUG['txt'] = $rowUG['name'];
} else {
$rowUG['txt'] = $rowUG['txt'];
}
$rowUG['BILDER'] = '<div class="boxUserFotos"><a href="include/images/usergallery/img_' . $rowUG['id'] . '.' . $rowUG['endung'] . '" target="_blank"><img src="include/images/usergallery/img_thumb_' . $rowUG['id'] . '.' . $rowUG['endung'] . '" title="' . $rowUG['txt'] . '" width="80px" height="80px"></a></div>';
$tpl->set_ar_out($rowUG, 2);
}
$tpl->out(3);
} else {
db_query("UPDATE `prefix_profilefields` SET `show` = '" . $_POST['show'] . "', func = " . $_POST['func'] . " WHERE id = " . $_POST['sid']);
}
}
if ($menu->get(1) == 'delete') {
$id = $menu->get(2);
$anz = db_count_query("SELECT COUNT(id) FROM prefix_profilefields WHERE id = " . $id . " AND func < 3");
if ($anz == 1) {
$pos = db_result(db_query("SELECT pos FROM prefix_profilefields WHERE id = " . $id), 0);
db_query("DELETE FROM `prefix_profilefields` WHERE id = " . $id);
db_query("UPDATE prefix_profilefields SET pos = pos - 1 WHERE pos > " . $pos);
db_query("DELETE FROM prefix_userfields WHERE fid = " . $id);
}
}
if ($menu->get(1) == 'u' or $menu->get(1) == 'o') {
$a = db_count_query("SELECT COUNT(*) as anz FROM prefix_profilefields");
$np = $menu->get(1) == 'o' ? $menu->get(3) - 1 : $menu->get(3) + 1;
$np = $np >= $a - 1 ? $a - 1 : $np;
$np = $np < 0 ? 0 : $np;
db_query("UPDATE prefix_profilefields SET pos = " . $menu->get(3) . " WHERE pos = " . $np);
db_query("UPDATE prefix_profilefields SET pos = " . $np . " WHERE id = " . $menu->get(2));
}
if ($menu->get(1) == 'c') {
$n = $menu->get(3) == 3 ? 4 : 3;
db_query("UPDATE prefix_profilefields SET func = " . $n . " WHERE id = " . $menu->get(2));
}
if ($show) {
$tpl = new tpl('profilefields', 1);
if ($menu->get(1) != 'edit') {
$row = array('sub' => 'Eintragen', 'pos' => '', 'show' => '', 'func' => arliste('', profilefields_functions2(), $tpl, 'func'), 'sid' => '');
} else {
$icq = escape($_POST['icq'], 'string');
$msn = escape($_POST['msn'], 'string');
$yahoo = escape($_POST['yahoo'], 'string');
$aim = escape($_POST['aim'], 'string');
$staat = escape($_POST['staat'], 'string');
$spezrank = escape($_POST['spezrank'], 'integer');
$geschlecht = escape($_POST['geschlecht'], 'integer');
$status = escape($_POST['status'], 'integer');
$opt_mail = escape($_POST['opt_mail'], 'integer');
$opt_pm = escape($_POST['opt_pm'], 'integer');
$opt_pm_popup = escape($_POST['opt_pm_popup'], 'integer');
$gebdatum = escape($_POST['gebdatum'], 'string');
$sig = escape($_POST['sig'], 'string');
// Name im Forum ändern
if ($_POST['forumname'] == 'on') {
$oldname = db_count_query("SELECT name FROM `prefix_user` WHERE id =" . $uid);
if ($oldname != $usaName1) {
db_query("UPDATE `prefix_posts` SET erst = '{$usaName1}' WHERE erstid = " . $uid);
db_query("UPDATE `prefix_topics` SET erst = '{$usaName1}' WHERE erst = '{$oldname}'");
}
}
db_query('UPDATE prefix_user
SET
name = "' . $usaName1 . '",
recht = "' . $neues_recht . '",
email = "' . $email . '",
homepage = "' . $homepage . '",
wohnort = "' . $wohnort . '",
icq = "' . $icq . '",
msn = "' . $msn . '",
yahoo = "' . $yahoo . '",
$e = db_query("SELECT `id` FROM `prefix_forums` WHERE `cid` = " . $cid);
while ($r = db_fetch_row($e)) {
db_query("DELETE FROM `prefix_posts` WHERE `fid` = " . $r[0]);
db_query("DELETE FROM `prefix_topics` WHERE `fid` = " . $r[0]);
}
db_query("DELETE FROM `prefix_forums` WHERE `cid` = " . $cid);
list($pos, $uid) = db_fetch_row(db_query("SELECT pos, cid FROM prefix_forumcats WHERE id = " . $cid));
db_query("UPDATE prefix_forumcats SET pos = pos -1 WHERE pos > " . $pos . " AND cid = " . $uid);
db_query("DELETE FROM `prefix_forumcats` WHERE `id` = " . $cid);
break;
case 'moveCategorie':
$move = $menu->get(2);
$cid = $menu->get(3);
$topcid = db_result(db_query("SELECT `cid` FROM `prefix_forumcats` WHERE `id` = " . $cid), 0);
$pos = $menu->get(4);
$a = db_count_query("SELECT COUNT(*) as `anz` FROM `prefix_forumcats` WHERE `cid` = " . $topcid);
$np = $move == 0 ? $pos - 1 : $pos + 1;
$np = $np >= $a - 1 ? $a - 1 : $np;
$np = $np < 0 ? 0 : $np;
db_query("UPDATE `prefix_forumcats` SET `pos` = " . $pos . " WHERE `cid` = " . $topcid . " AND `pos` = " . $np);
db_query("UPDATE `prefix_forumcats` SET `pos` = " . $np . " WHERE `id` = " . $cid);
break;
case 'repair':
$tpl = new tpl('forum/repair', 1);
$tpl->set('ANTISPAM', get_antispam('adminuser_action', 0, true));
if (isset($_POST['sub']) and chk_antispam('adminuser_action', true)) {
// Kategorien
if ($_POST['cb_repc'] == 'on') {
$cats_sql = db_query("SELECT `cid` FROM `prefix_forumcats`");
while ($cats_row = db_fetch_object($cats_sql)) {
$ucats_sql = db_query("SELECT `id` FROM `prefix_forumcats` WHERE `cid` = " . $cats_row->cid . " ORDER BY `pos`, `id`");
if (empty($_POST['vid'])) {
db_query('INSERT INTO `prefix_poll` (`frage`,`recht`,`stat`,`text`) VALUES ( "' . $_POST['frage'] . '" , "' . $_POST['poll_recht'] . '" , "1" ,"") ');
$poll_id = db_last_id();
$i = 1;
foreach ($_POST['antw'] as $v) {
if (!empty($v)) {
$v = escape($v, 'string');
db_query('INSERT INTO `prefix_poll_res` (`sort`,`poll_id`,`antw`,`res`) VALUES ( "' . $i . '" , "' . $poll_id . '" , "' . $v . '" , 0) ');
$i++;
}
}
} else {
db_query('UPDATE `prefix_poll` SET frage = "' . $_POST['frage'] . '", recht = "' . $_POST['poll_recht'] . '" WHERE poll_id = "' . $_POST['vid'] . '"');
$i = 1;
foreach ($_POST['antw'] as $k => $v) {
$a = db_count_query("SELECT COUNT(*) FROM prefix_poll_res WHERE poll_id = " . $_POST['vid'] . " AND sort = " . $k);
$v = escape($v, 'string');
if ($a == 0 and $v != '') {
db_query("INSERT INTO `prefix_poll_res` (`sort`,`poll_id`,`antw`,`res`) VALUES ( '" . $i . "' , '" . $_POST['vid'] . "' , '" . $v . "' , '' )");
$i++;
} elseif ($a == 1 and $v == '') {
db_query("DELETE FROM `prefix_poll_res` WHERE poll_id = " . $_POST['vid'] . " AND sort = " . $k);
} elseif ($a == 1 and $v != '') {
db_query("UPDATE `prefix_poll_res` SET antw = '" . $v . "', sort = " . $i . " WHERE poll_id = " . $_POST['vid'] . " AND sort = " . $k);
$i++;
}
}
}
}
if (empty($_POST['add'])) {
if (isset($_GET['vid'])) {
$sql_statements[] = "UPDATE `prefix_config` SET `frage` = 'Standard Absender bei eMails' WHERE `schl` = 'allg_default_subject' LIMIT 1";
$sql_statements[] = "INSERT INTO `prefix_config` ( `schl` , `typ` , `kat` , `frage` , `wert` ) VALUES ('groups_forall', 'r2', 'Team Optionen', 'Modulrecht <i>Gruppen</i> auf eigene Gruppe beschränken?', '1')";
}
//Update 1.1i
$old = array();
$qry = db_query('SHOW FULL COLUMNS FROM `prefix_config`');
while ($r = db_fetch_assoc($qry)) {
$old[] = $r['Field'];
}
if (!in_array('pos', $old)) {
$sql_statements[] = '-- UPDATE 1.1I';
$sql_statements[] = "ALTER TABLE `prefix_config` ADD `pos` SMALLINT(6) NOT NULL default '0'";
$sql_statements[] = "INSERT INTO `prefix_config` (`schl`, `typ`, `kat`, `frage`, `wert`, `pos`) VALUES('mail_smtp', 'r2', 'Allgemeine Optionen', 'SMTP für den Mailversand verwenden? <a href=\"admin.php?smtpconf\" class=\"smalfont\">weitere Einstellungen</a>', '0', 0)";
}
//Update 1.1n
if (db_count_query("SELECT COUNT(*) FROM `prefix_allg` WHERE k = 'smtpconf'") == 0) {
$smtp = array('smtp_host' => '', 'smtp_port' => '', 'smtp_auth' => 'auth', 'smtp_pop3beforesmtp' => '', 'smtp_pop3host' => '', 'smtp_pop3port' => '', 'smtp_login' => '', 'smtp_email' => '', 'smtp_login' => '', 'smtp_pass' => '', 'smtp_changesubject' => '1');
$qry = db_query('SELECT * FROM `prefix_config` WHERE `schl` LIKE "mail_%"');
while ($r = db_fetch_assoc($qry)) {
switch ($r['schl']) {
case 'mail_smtp_login':
$smtp['smtp_login'] = $r['wert'];
break;
case 'mail_smtp_password':
$smtp['smtp_pass'] = $r['wert'];
break;
case 'mail_smtp_host':
$smtp['smtp_host'] = $r['wert'];
break;
case 'mail_smtp_email':
$smtp['smtp_email'] = $r['wert'];
include __DIR__ . DIRECTORY_SEPARATOR . 'header.php';
$tpl = new tpl('uprofil/friends.htm');
$FAnzahl = db_count_query('SELECT count(id) FROM prefix_friends WHERE uid = ' . $uid);
$limit = 6;
// Limit
$page = $menu->getA(3) == 'p' ? $menu->getE(3) : 1;
$anfang = ($page - 1) * $limit;
$MPL = db_make_sites($page, 'WHERE uid = ' . $uid, $limit, '?user-friends-' . $uid, 'friends');
$abfF = 'SELECT u.*, f.* FROM prefix_friends f LEFT JOIN prefix_user u ON u.id = f.fid WHERE f.uid = ' . $uid . ' ORDER BY f.id ASC LIMIT ' . $anfang . ',' . $limit;
$ergF = db_query($abfF);
if ($FAnzahl > 0) {
$tpl->out(0);
while ($rowF = db_fetch_assoc($ergF)) {
$rowF['FNAME'] = '<a href="?user-details-' . $rowF['fid'] . '">' . $rowF['name'] . '</a>';
if (file_exists($rowF['avatar'])) {
$rowF['AVATAR'] = '<img src="' . $rowF['avatar'] . '" width="80" height="80" border="0">';
} else {
$rowF['AVATAR'] = '<img src="include/images/userprofil/avatar/nouser.png" width="75" height="75" border="0">';
}
$countFriends = db_count_query('SELECT count(id) FROM prefix_friends WHERE uid = ' . $rowF['fid']);
if ($countFriends == 1) {
$langFriends = 'Freund';
} else {
$langFriends = 'Freunde';
}
$rowF['OTHER'] = '<br /><a href="?user-friends-' . $rowF['fid'] . '">' . $countFriends . ' ' . $langFriends . '</a>';
$tpl->set_ar_out($rowF, 1);
}
$tpl->out(2);
}
$design->footer();
}
$a = $b . $a;
return $a;
}
$tpl->set_ar_out(array('TEXTAREASTATUS' => $textareaStatus, 'SMILIES' => getPinnwadSmilies(), 'UID' => $uid), 0);
}
if ($GBAnzahl > 0) {
while ($rowGB = db_fetch_assoc($ergGB)) {
$rowGB['ID'] = $rowGB['id'];
$rowGB['UID'] = $uid;
$rowGB['SID'] = $rowGB['sid'];
$rowGB['ERSTELLER'] = db_result(db_query("SELECT name FROM prefix_user WHERE id = " . $rowGB['sid']), 0, 0);
$rowGB['EINTRAG'] = bbcode($rowGB['txt']);
$rowGB['DATETIME'] = date('d. M Y - H:i', $rowGB['datetime']);
//////////////////POST KOMMETARE////////////////////////////////////
$GBKAnzahl = db_count_query('SELECT count(id) FROM prefix_usergbook_koms WHERE gbid = ' . $rowGB['ID']);
$abfGBK = 'SELECT * FROM (SELECT * FROM prefix_usergbook_koms WHERE gbid = ' . $rowGB['ID'] . ' ORDER BY datetime DESC LIMIT 3) a ORDER BY datetime ASC';
$abfGBKALL = 'SELECT * FROM (SELECT * FROM prefix_usergbook_koms WHERE gbid = ' . $rowGB['ID'] . ' ORDER BY datetime DESC LIMIT 3,' . $GBKAnzahl . ') a ORDER BY datetime ASC';
$ergGBK = db_query($abfGBK);
$ergGBKALL = db_query($abfGBKALL);
@($komsavatar = db_result(db_query("SELECT avatar FROM prefix_user WHERE id = " . $_SESSION['authid']), 0, 0));
if (file_exists($komsavatar)) {
$komsavatar = '<img src="' . $komsavatar . '" width="35" height="35" border="0">';
} else {
$komsavatar = '<img src="include/images/userprofil/avatar/nouser.png" width="35" height="35" border="0">';
}
$rowGB['KOMAVATAR'] = $komsavatar;
if ($GBKAnzahl > 0) {
while ($rowGBK = db_fetch_assoc($ergGBK)) {
$komauthor = db_result(db_query("SELECT name FROM prefix_user WHERE id = " . $rowGBK['uid']), 0, 0);
$komavatar = db_result(db_query("SELECT avatar FROM prefix_user WHERE id = " . $rowGBK['uid']), 0, 0);
* @version $Id$
*/
defined('main') or die('no direct access');
defined('admin') or die('only admin access');
$design = new design('Ilch Admin-Control-Panel :: Registrierungen', '', 2);
$design->header();
$tpl = new tpl('puser', 1);
// add pending user
if ($menu->get(1) == "confirm" and isset($_GET['check'])) {
$erg = db_query("SELECT * FROM `prefix_usercheck` WHERE `check` = '" . escape($_GET['check'], 'string') . "'");
if (db_num_rows($erg) == 1) {
$row = db_fetch_assoc($erg);
switch ($row['ak']) {
// confirm regist
case 1:
if (0 == db_count_query("SELECT COUNT(*) FROM `prefix_user` WHERE `name_clean` = BINARY '" . $row['name_clean'] . "'")) {
db_query("INSERT INTO `prefix_user` (`name`,`name_clean`,`pass`,`recht`,`regist`,`llogin`,`email`,`status`,`opt_mail`,`opt_pm`)\n \t\t\t VALUES('" . $row['name'] . "','" . $row['name_clean'] . "','" . $row['pass'] . "',-1,'" . time() . "','" . time() . "','" . $row['email'] . "',1,1,1)");
db_query("DELETE FROM `prefix_usercheck` WHERE `check` = '" . escape($_GET['check'], 'string') . "'");
} else {
$tpl->set_out('error', 'Username existiert bereits', 3);
}
break;
// confirm new pass
// confirm new pass
case 2:
db_query("UPDATE `prefix_user` SET `pass` = '" . $row['pass'] . "' WHERE `name_clean` = BINARY '" . $row['name_clean'] . "'");
db_query("DELETE FROM `prefix_usercheck` WHERE `check` = '" . escape($_GET['check'], 'string') . "'");
break;
// confirm new email
// confirm new email
case 3:
<?php
# Copyright by: Manuel
# Support: www.ilch.de
defined('main') or die('no direct access');
$title = $allgAr['title'] . ' :: Fightus';
$hmenu = 'Fightus';
$design = new design($title, $hmenu);
$design->header();
if (0 == db_count_query("SELECT COUNT(*) FROM prefix_groups WHERE show_fightus = 1")) {
echo $lang['noteamthere'];
$design->footer();
exit;
}
$far = array('clanname', 'clanpage', 'clantag', 'clancountry', 'mailaddy', 'icqnumber', 'squad', 'meetingplace', 'message', 'xonx', 'matchtype', 'game', 'meetingtime');
$x = 0;
foreach ($far as $v) {
if (!empty($_POST[$v])) {
${$v} = escape($_POST[$v], 'string');
$x++;
} else {
${$v} = '';
}
}
if (count($far) == $x and chk_antispam('fightus')) {
$squad = escape($squad, 'integer');
$abf = "SELECT `mod1`,`mod2`, `mod3`,name FROM prefix_groups WHERE id = " . $squad;
$erg = db_query($abf);
$row = db_fetch_assoc($erg);
$txt = $lang['fightusrequest'];
list($datum, $zeit) = explode(' - ', $meetingtime);
$gAnz = @db_result(db_query(str_replace('{WHERE}', $where, str_replace('{SELECT}', ' COUNT(DISTINCT `a`.`id`)', $q))), 0);
$q = str_replace('{WHERE}', $where, str_replace('{SELECT}', $s, $q));
}
$MPL = db_make_sites($page, "", $limit, 'index.php?forum-' . $such . ($such == 'aeit' ? '-' . $uid : ''), "", $gAnz);
$tpl = new tpl('forum/search');
$q = db_query($q . " LIMIT " . $anfang . "," . $limit);
$class = '';
$tpl->set_out('gAnz', $gAnz, 0);
while ($r = db_fetch_assoc($q)) {
$class = $class == 'Cmite' ? 'Cnorm' : 'Cmite';
$r['class'] = $class;
$r['ctime'] = db_result(db_query("SELECT MAX(`time`) FROM `prefix_posts` WHERE `tid` = " . $r['id']), 0, 0);
$r['ord'] = forum_get_ordner($r['ctime'], $r['id'], $r['fid']);
$r['link'] = 'forum-showposts-' . $r['id'];
if ($menu->get(1) == 'aeit') {
$r['author'] = '';
} elseif ($such == 'aubt') {
$r['author'] = ' ' . $lang['from'] . ' ' . $r['author'];
} else {
$r['author'] = ' ' . $lang['newpost'] . ' ' . $lang['from'] . ' ' . $r['author'];
$r['postsbefore'] = db_count_query('SELECT COUNT(`id`) FROM `prefix_posts` WHERE `tid` = ' . $r['id'] . ' AND `id` < ' . $r['firstnew']);
$r['page'] = ceil(($r['postsbefore'] + 1) / $allgAr['Fpanz']);
$r['link'] .= '-p' . $r['page'] . '#' . $r['firstnew'];
}
$tpl->set_ar_out($r, 1);
}
$tpl->set_out('MPL', $MPL, 2);
if ($such == 'aeit') {
$tpl->set_out('name', $name, 3);
}
$design->footer();
public function insert($ar)
{
$pos = db_count_query("SELECT COUNT(*) as `anz` FROM `prefix_profilefields`");
$config_value = serialize($this->getConfigValue($ar));
db_query(sprintf("INSERT INTO `prefix_profilefields` (\n\t\t\t\t\t\t\t\t`id` ,\n\t\t\t\t\t\t\t\t`show` ,\n\t\t\t\t\t\t\t\t`pos` ,\n\t\t\t\t\t\t\t\t`func` ,\n\t\t\t\t\t\t\t\t`config_value`\n\t\t\t\t\t\t\t)\n\t\t\t\t\t\tVALUES (\n\t\t\t\t\t\t\tNULL , '%s', '%d', '%d', '%s'\n\t\t\t\t\t\t);", $ar["show"], $pos, $ar["func"], $config_value));
}
for ($i = 0; $i < strlen($bm); $i++) {
if (is_numeric($bm[$i])) {
$needed .= $bm[$i];
}
}
$uid = $_SESSION['authid'];
if ($menu->get(3) == 'delete') {
$uid = $menu->get(4);
}
$ck = db_count_query("SELECT COUNT(wid) FROM prefix_warmember WHERE wid = " . $_GET['mehr'] . " AND uid = " . $uid);
// eine zu bzw. absage loeschen
if ($menu->get(3) == 'delete' and (has_right(array($row['tid'])) === true and $uid == $_SESSION['authid'] or is_siteadmin('wars')) and $ck == 1) {
db_query("DELETE FROM prefix_warmember WHERE wid = " . $_GET['mehr'] . " AND uid = " . $uid);
$ck = 0;
}
$available = db_count_query("SELECT COUNT(uid) FROM prefix_warmember WHERE wid = " . $_GET['mehr'] . " AND aktion = 1");
$aout1 = array('needed' => $needed, 'available' => $available, 'id' => $_GET['mehr']);
$tpl->set_ar_out($aout1, 1);
if ($ck == 0 and has_right(array($row['tid'])) === true) {
if (isset($_POST['sub'])) {
$aktion = $_POST['sub'] == 'zusagen' ? 1 : 0;
$kom = escape($_POST['kom'], 'string');
db_query("INSERT INTO prefix_warmember (uid,wid,aktion,kom) VALUES (" . $_SESSION['authid'] . "," . $_GET['mehr'] . "," . $aktion . ",'" . $kom . "')");
} else {
$tpl->out(2);
}
}
$class = '';
$aktionar = array('<font style="color:#FF0000; background:#666666; font-weight:bold;">abgesagt</font>', '<font style="font-weight:bold; color:#00FF00; background:#666666;">zugesagt</font>');
$erg1 = db_query("SELECT b.id as uid, b.name, a.aktion, a.kom FROM prefix_warmember a left join prefix_user b ON b.id = a.uid WHERE a.wid = " . $_GET['mehr']);
while ($row1 = db_fetch_assoc($erg1)) {
# Copyright by: Manuel
# Support: www.ilch.de
defined('main') or die('no direct access');
defined('admin') or die('only admin access');
$design = new design('Admins Area', 'Admins Area', 2);
$design->header();
$tpl = new tpl('puser', 1);
# add pending user
if ($menu->get(1) == "confirm" and isset($_GET['check'])) {
$erg = db_query("SELECT * FROM prefix_usercheck WHERE `check` = '" . escape($_GET['check'], 'string') . "'");
if (db_num_rows($erg) == 1) {
$row = db_fetch_assoc($erg);
switch ($row['ak']) {
# confirm regist
case 1:
if (0 == db_count_query("SELECT COUNT(*) FROM prefix_user WHERE name = BINARY '" . $row['name'] . "'")) {
db_query("INSERT INTO prefix_user (name,pass,recht,regist,llogin,email,status,opt_mail,opt_pm)\r\n \t\t\t VALUES('" . $row['name'] . "','" . $row['pass'] . "',-1,'" . time() . "','" . time() . "','" . $row['email'] . "',1,1,1)");
db_query("DELETE FROM prefix_usercheck WHERE `check` = '" . escape($_GET['check'], 'string') . "'");
} else {
$tpl->set_out('error', 'Username existiert bereits', 3);
}
break;
# confirm new pass
# confirm new pass
case 2:
db_query("UPDATE prefix_user SET pass = '******'pass'] . "' WHERE name = BINARY '" . $row['name'] . "'");
db_query("DELETE FROM prefix_usercheck WHERE `check` = '" . escape($_GET['check'], 'string') . "'");
break;
# confirm new email
# confirm new email
case 3:
$row = db_fetch_assoc($erg);
$title = $allgAr['title'] . ' :: Users :: Details von ' . $row['name'];
$hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">Users</a><b> » </b> Details von ' . $row['name'] . $extented_forum_menu_sufix;
$design = new design($title, $hmenu, 1);
$design->addheader('<link rel="stylesheet" type="text/css" href="include/includes/css/uprofil/uprofil.css">');
$design->addheader('<script type="text/javascript" src="include/includes/js/uprofil.js"></script>');
$design->addheader('<script type="text/javascript" src="http://code.jquery.com/jquery-latest.min.js"></script>');
$design->addheader('<script type="text/javascript" src="include/includes/js/jquery.textareaAutoResize.js"></script>');
$design->addheader('<script type="text/javascript" src="include/includes/js/bbcode.js"></script>');
$design->header();
if (loggedin() and $menu->get(2) == $_SESSION['authid']) {
//Header
include __DIR__ . DIRECTORY_SEPARATOR . '../header.php';
$tpl = new tpl('uprofil/fcheck.htm');
$FAnzahl = db_count_query('SELECT count(id) FROM prefix_friendscheck WHERE fid = ' . $uid);
$BAnzahl = db_count_query('SELECT count(id) FROM prefix_userblock WHERE uid = ' . $uid);
$abfF = 'SELECT u.*, f.* FROM prefix_friendscheck f LEFT JOIN prefix_user u ON u.id = f.uid WHERE f.fid = ' . $uid . ' ORDER BY f.id ASC';
$ergF = db_query($abfF);
$abfBlock = 'SELECT u.*, f.* FROM prefix_userblock f LEFT JOIN prefix_user u ON u.id = f.bid WHERE f.uid = ' . $uid . ' ORDER BY f.id ASC';
$ergBlock = db_query($abfBlock);
$tpl->out(0);
if ($FAnzahl > 0) {
while ($rowF = db_fetch_assoc($ergF)) {
$rowF['FNAME'] = '<a href="?user-details-' . $rowF['uid'] . '">' . $rowF['name'] . '</a>';
if (file_exists($rowF['avatar'])) {
$rowF['AVATAR'] = '<img src="' . $rowF['avatar'] . '" width="80" height="80" border="0">';
} else {
$rowF['AVATAR'] = '<img src="include/images/userprofil/avatar/nouser.png" width="75" height="75" border="0">';
}
$rowF['OTHER'] = '<br /><br /><div class="friendButton friendAccept" onclick="location.href = \'?user-fcheck-accept-' . $rowF['uid'] . '\';">Annehmen</div>';
$rowF['OTHER'] .= '<div class="friendButton friendRefuse" onclick="location.href = \'?user-fcheck-refuse-' . $rowF['uid'] . '\';">Ablehnen</div>';
$ar['mods1'] = dbliste($ar['mod1'], $tpl, 'mods1', "SELECT `id`,`name` FROM `prefix_user` WHERE `recht` <= '-4' ORDER BY `name`");
$ar['mods2'] = dbliste($ar['mod2'], $tpl, 'mods2', "SELECT `id`,`name` FROM `prefix_user` WHERE `recht` <= '-4' ORDER BY `name`");
$ar['mods3'] = dbliste($ar['mod3'], $tpl, 'mods3', "SELECT `id`,`name` FROM `prefix_user` WHERE `recht` <= '-4' ORDER BY `name`");
$ar['mods4'] = dbliste($ar['mod4'], $tpl, 'mods4', "SELECT `id`,`name` FROM `prefix_user` WHERE `recht` <= '-4' ORDER BY `name`");
$ar['mods2'] = '<option value="0">keiner</option>' . $ar['mods2'];
$ar['mods3'] = '<option value="0">keiner</option>' . $ar['mods3'];
$ar['mods4'] = '<option value="0">keiner</option>' . $ar['mods4'];
$ar['pic'] = arlistee($ar['img'], get_teampic_ar());
$ar['pic'] = '<option value="0">kein Bild<option>' . $ar['pic'];
$ar['msg'] = empty($msg) ? '' : '<table width="50%" cellpadding="2" cellspacing="1" border="0" class="border"><tr><td class="Cnorm"><b>Nachricht:</b> ' . $msg . '</td></tr></table>';
$ar['joinu'] = '';
if (0 < db_result(db_query("SELECT COUNT(*) FROM prefix_usercheck WHERE ak = 4"), 0)) {
$ar['joinu'] = '<a href="admin.php?groups-joinus"><b>Joinus Anfragen bearbeiten</b></a><br /><br />';
}
$ar['ANTISPAM'] = get_antispam('adminuser_action', 0, true);
$tpl->set_ar_out($ar, 0);
$class = 'Cnorm';
$erg = db_query("SELECT `name`,`id` FROM `prefix_groups` ORDER BY `pos` ASC");
while ($row = db_fetch_assoc($erg)) {
$row['useranz'] = db_count_query("SELECT COUNT(`uid`) FROM `prefix_groupusers` WHERE `gid` = '{$row['id']}'");
$class = $class == 'Cnorm' ? 'Cmite' : 'Cnorm';
$row['class'] = $class;
$tpl->set_ar_out($row, 1);
}
$tpl->out(2);
if ($allgAr['groups_forall'] and $_SESSION['authright'] > -8) {
$tpl->out(3);
}
$tpl->out(4);
}
$design->footer();
