$squads .= '<option>' . $row['name'] . '</option>';
}
return $squads;
}
##### A k t i o n e n
#Löschen
if ($menu->getA(1) == 'd' and is_numeric($menu->getE(1))) {
db_query('DELETE FROM `prefix_awards` WHERE id = "' . $menu->getE(1) . '" LIMIT 1');
}
#Eintragen
if (isset($_POST['ins'])) {
$datum = get_datum($_POST['datum']);
$wofur = escape($_POST['wofur'], 'string');
$text = escape($_POST['text'], 'string');
$platz = escape($_POST['platz'], 'string');
$bild = get_homepage(escape($_POST['bild'], 'string'));
if ($_POST['atype'] == 'user') {
$team = escape($_POST['name'], 'string');
} else {
$team = escape($_POST['team'], 'string');
}
if ($menu->getA(1) == 'e' and is_numeric($menu->getE(1))) {
$id = $menu->getE(1);
db_query("UPDATE `prefix_awards` SET time = '{$datum}', platz = '{$platz}',\r\n team = '{$team}', wofur = '{$wofur}', bild = '{$bild}', text = '{$text}' WHERE id = {$id}");
echo mysql_error();
$menu->set_url(1, '');
} else {
db_query("INSERT INTO `prefix_awards` (time, platz, team, wofur, bild, text) VALUES\r\n ('" . $datum . "', '" . $platz . "', '" . $team . "', '" . $wofur . "', '" . $bild . "', '" . $text . "')");
}
}
#Ändern/Ausgabearray füllen
$class = 'Cmite';
}
$row['page'] = get_homepage($row['page']);
$row['team'] = get_wargameimg($row['game']) . ' ' . $row['team'];
$row['class'] = $class;
$tpl->set_ar_out($row, 5);
}
$tpl->set_out('MPL', $MPL, 6);
}
$design->footer();
} elseif (is_numeric($menu->get(2))) {
$_GET['mehr'] = escape($menu->get(2), 'integer');
$erg = @db_query("SELECT\r\n\tDATE_FORMAT(datime,'%d.%m.%Y') as datum,\r\n\ttid, status, owp, opp, wlp,\r\n\tDATE_FORMAT(datime,'%H:%i:%s') as zeit,\r\n\tgegner, tag, page, mail, icq, wo, prefix_wars.`mod`, mtyp,\r\n\tgame, land, txt, prefix_wars.id,\r\n\tname as team\r\n\tFROM prefix_wars\r\n\tleft join prefix_groups ON prefix_wars.tid = prefix_groups.id\r\n\tWHERE prefix_wars.id = " . $_GET['mehr']);
db_check_erg($erg);
$row = db_fetch_assoc($erg);
$row['page'] = get_homepage($row['page']);
$row['txt'] = bbcode($row['txt']);
if ($row['status'] == 2) {
// nextwars
$title = $allgAr['title'] . ' :: Wars :: Nextwars';
$hmenu = '<a href="?wars" class="smalfont">Wars</a><b> » </b>Nextwars';
$design = new design($title, $hmenu);
$design->header();
$tpl = new tpl('wars_next');
$row['tag'] = empty($row['tag']) ? $row['gegner'] : $row['tag'];
if ($_SESSION['authright'] <= -3) {
$row['mail'] = $row['mail'];
$row['icq'] = $row['icq'];
$row['wo'] = $row['wo'];
$row['txt'] = $row['txt'];
} else {
db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),3)");
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$text = $lang['changedthemail'] . sprintf($lang['registconfirmlink'], $page, $id);
icmail($_POST['email'], $lang['mail'] . ' ' . $lang['changed'], $text);
$fmsg = $lang['pleaseconfirmmail'];
}
#
#remove account
if (isset($_POST['removeaccount'])) {
$id = $_SESSION['authid'] . '-remove-' . md5(uniqid(rand()));
db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),5)");
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$text = $lang['removeconfirm'] . sprintf($lang['registconfirmlink'], $page, $id);
icmail($_POST['email'], html_entity_decode($lang['removeaccount'], ILCH_ENTITIES_FLAGS, ILCH_CHARSET), $text);
$fmsg = $lang['pleaseconfirmremove'];
}
#remove account
# statische felder speichern
db_query("UPDATE prefix_user\r\n\t\t\t SET\r\n homepage = '" . get_homepage(escape($_POST['homepage'], 'string')) . "',\r\n wohnort = '" . escape($_POST['wohnort'], 'string') . "',\r\n icq = '" . escape($_POST['icq'], 'string') . "',\r\n msn = '" . escape($_POST['msn'], 'string') . "',\r\n yahoo = '" . escape($_POST['yahoo'], 'string') . "',\r\n " . $avatar_sql_update . "\r\n aim = '" . escape($_POST['aim'], 'string') . "',\r\n staat = '" . escape($_POST['staat'], 'string') . "',\r\n geschlecht = '" . escape($_POST['geschlecht'], 'string') . "',\r\n status = '" . escape($_POST['status'], 'string') . "',\r\n opt_mail = '" . escape($_POST['opt_mail'], 'string') . "',\r\n opt_pm = '" . escape($_POST['opt_pm'], 'string') . "',\r\n opt_pm_popup = '" . escape($_POST['opt_pm_popup'], 'string') . "',\r\n gebdatum = '" . get_datum(escape($_POST['gebdatum'], 'string')) . "',\r\n sig = '" . substr(escape($_POST['sig'], 'string'), 0, $allgAr['forum_max_sig']) . "'\r\n\t\t\t\tWHERE id = " . $_SESSION['authid']);
# change other profil fields
profilefields_change_save($_SESSION['authid']);
$design->header();
# definie and print msg
$fmsg = isset($fmsg) ? $fmsg : $lang['changesuccessful'];
wd('?user-8', $fmsg, 3);
}
} else {
$tpl = new tpl('user/login');
$tpl->set_out('WDLINK', '?user-8', 0);
}
$design->footer();
$limit = $allgAr['gbook_posts_per_site'];
// Limit
$page = $menu->getA(1) == 'p' ? escape($menu->getE(1), 'integer') : 1;
$MPL = db_make_sites($page, "", $limit, "?gbook", 'gbook');
$anfang = ($page - 1) * $limit;
$tpl = new tpl('gbook.htm');
$ei1 = @db_query("SELECT COUNT(ID) FROM prefix_gbook");
$ein = @db_result($ei1, 0);
$ar = array('EINTRAGE' => $ein);
$tpl->set_ar_out($ar, 0);
$erg = db_query("SELECT * FROM prefix_gbook ORDER BY time DESC LIMIT " . $anfang . "," . $limit) or die(db_error());
while ($row = db_fetch_object($erg)) {
$page = '';
$mail = '';
if ($row->page) {
$row->page = get_homepage($row->page);
$page = ' <a href="' . $row->page . '" target="_blank"><img src="include/images/icons/page.gif" border="0" alt="Homepage ' . $lang['from'] . ' ' . $row->name . '"></a>';
}
if ($row->mail) {
$mail = ' <a href="mailto:' . escape_email_to_show($row->mail) . '"><img src="include/images/icons/mail.gif" border="0" alt="E-Mail ' . $lang['from'] . ' ' . $row->name . '"></a>';
}
$koms = '';
if ($allgAr['gbook_koms_for_inserts'] == 1) {
$koms = db_result(db_query("SELECT COUNT(*) FROM prefix_koms WHERE uid = " . $row->id . " AND cat = 'GBOOK'"), 0, 0);
$koms = '<a href="index.php?gbook-show-' . $row->id . '">' . $koms . ' ' . $lang['comments'] . '</a>';
}
$ar = array('NAME' => $row->name, 'DATE' => date("d.m.Y", $row->time), 'koms' => $koms, 'MAIL' => $mail, 'ID' => $row->id, 'PAGE' => $page, 'TEXT' => BBCode($row->txt));
$tpl->set_ar_out($ar, 1);
}
$tpl->set_out('SITELINK', $MPL, 2);
break;
// Partners
case 'partners':
$design = new design('Admins Area', 'Admins Area', 2);
$design->header();
$tpl = new tpl('archiv/partners', 1);
// loeschen
if ($menu->getA(2) == 'd') {
$pos = db_result(db_query("SELECT pos FROM prefix_partners WHERE id = " . $menu->getE(2)), 0);
db_query("DELETE FROM prefix_partners WHERE id = " . $menu->getE(2));
db_query("UPDATE prefix_partners SET pos = pos -1 WHERE pos > " . $pos);
}
// aendern / eintragen
if (isset($_POST['sub'])) {
$_POST['name'] = escape($_POST['name'], 'string');
$_POST['banner'] = escape($_POST['banner'], 'string');
$_POST['link'] = get_homepage(escape($_POST['link'], 'string'));
if (empty($_POST['pkey'])) {
$_POST['pos'] = db_result(db_query("SELECT COUNT(*) FROM prefix_partners"), 0);
db_query("INSERT INTO prefix_partners (name,banner,link,pos) VALUES ('" . $_POST['name'] . "','" . $_POST['banner'] . "','" . $_POST['link'] . "','" . $_POST['pos'] . "')");
} else {
db_query("UPDATE prefix_partners SET name = '" . $_POST['name'] . "',banner = '" . $_POST['banner'] . "',link = '" . $_POST['link'] . "' WHERE id = '" . $_POST['pkey'] . "'");
}
}
// verschieben
if ($menu->getA(2) == 'o' or $menu->getA(2) == 'u') {
$pos = $menu->get(3);
$id = $menu->getE(2);
$nps = $menu->getA(2) == 'u' ? $pos + 1 : $pos - 1;
$anz = db_result(db_query("SELECT COUNT(*) FROM prefix_partners"), 0);
if ($nps < 0) {
db_query("UPDATE prefix_partners SET pos = " . $anz . " WHERE id = " . $id);
${$v} = escape($_POST[$v], 'string');
$x++;
} else {
${$v} = '';
}
}
if (count($far) == $x and chk_antispam('fightus')) {
$squad = escape($squad, 'integer');
$abf = "SELECT `mod1`,`mod2`, `mod3`,name FROM prefix_groups WHERE id = " . $squad;
$erg = db_query($abf);
$row = db_fetch_assoc($erg);
$txt = $lang['fightusrequest'];
list($datum, $zeit) = explode(' - ', $meetingtime);
$datum = get_datum($datum);
$datum = $datum . " " . $zeit;
$clanpage = get_homepage($clanpage);
# als upcoming war vormerken (kategorie 1)
db_query("INSERT INTO prefix_wars (datime,`status`,gegner,tag,page,mail,icq,wo,tid,`mod`,game,mtyp,land,txt) VALUES ('" . $datum . "','1','" . $clanname . "','" . $clantag . "','" . $clanpage . "','" . $mailaddy . "','" . $icqnumber . "','" . $meetingplace . "','" . $squad . "','" . $xonx . "','" . $game . "','" . $matchtype . "','" . $clancountry . "','" . $message . "')");
# pm an den leader
sendpm($_SESSION['authid'], $row['mod1'], 'Fightus Anfrage', $txt, -1);
# Wenn Co Leader != Leader
if ($row['mod1'] != $row['mod2']) {
sendpm($_SESSION['authid'], $row['mod2'], 'Fightus Anfrage', $txt, -1);
}
if ($row['mod3'] != $row['mod2'] and $row['mod1'] != $row['mod3']) {
sendpm($_SESSION['authid'], $row['mod3'], 'Fightus Anfrage', $txt, -1);
}
# informieren
echo sprintf($lang['leaderofxalert'], $row['name']);
} else {
$clancountry = arlistee($clancountry, get_nationality_array());
