$squads .= '<option>' . $row['name'] . '</option>'; } return $squads; } ##### A k t i o n e n #Löschen if ($menu->getA(1) == 'd' and is_numeric($menu->getE(1))) { db_query('DELETE FROM `prefix_awards` WHERE id = "' . $menu->getE(1) . '" LIMIT 1'); } #Eintragen if (isset($_POST['ins'])) { $datum = get_datum($_POST['datum']); $wofur = escape($_POST['wofur'], 'string'); $text = escape($_POST['text'], 'string'); $platz = escape($_POST['platz'], 'string'); $bild = get_homepage(escape($_POST['bild'], 'string')); if ($_POST['atype'] == 'user') { $team = escape($_POST['name'], 'string'); } else { $team = escape($_POST['team'], 'string'); } if ($menu->getA(1) == 'e' and is_numeric($menu->getE(1))) { $id = $menu->getE(1); db_query("UPDATE `prefix_awards` SET time = '{$datum}', platz = '{$platz}',\r\n team = '{$team}', wofur = '{$wofur}', bild = '{$bild}', text = '{$text}' WHERE id = {$id}"); echo mysql_error(); $menu->set_url(1, ''); } else { db_query("INSERT INTO `prefix_awards` (time, platz, team, wofur, bild, text) VALUES\r\n ('" . $datum . "', '" . $platz . "', '" . $team . "', '" . $wofur . "', '" . $bild . "', '" . $text . "')"); } } #Ändern/Ausgabearray füllen
$class = 'Cmite'; } $row['page'] = get_homepage($row['page']); $row['team'] = get_wargameimg($row['game']) . ' ' . $row['team']; $row['class'] = $class; $tpl->set_ar_out($row, 5); } $tpl->set_out('MPL', $MPL, 6); } $design->footer(); } elseif (is_numeric($menu->get(2))) { $_GET['mehr'] = escape($menu->get(2), 'integer'); $erg = @db_query("SELECT\r\n\tDATE_FORMAT(datime,'%d.%m.%Y') as datum,\r\n\ttid, status, owp, opp, wlp,\r\n\tDATE_FORMAT(datime,'%H:%i:%s') as zeit,\r\n\tgegner, tag, page, mail, icq, wo, prefix_wars.`mod`, mtyp,\r\n\tgame, land, txt, prefix_wars.id,\r\n\tname as team\r\n\tFROM prefix_wars\r\n\tleft join prefix_groups ON prefix_wars.tid = prefix_groups.id\r\n\tWHERE prefix_wars.id = " . $_GET['mehr']); db_check_erg($erg); $row = db_fetch_assoc($erg); $row['page'] = get_homepage($row['page']); $row['txt'] = bbcode($row['txt']); if ($row['status'] == 2) { // nextwars $title = $allgAr['title'] . ' :: Wars :: Nextwars'; $hmenu = '<a href="?wars" class="smalfont">Wars</a><b> » </b>Nextwars'; $design = new design($title, $hmenu); $design->header(); $tpl = new tpl('wars_next'); $row['tag'] = empty($row['tag']) ? $row['gegner'] : $row['tag']; if ($_SESSION['authright'] <= -3) { $row['mail'] = $row['mail']; $row['icq'] = $row['icq']; $row['wo'] = $row['wo']; $row['txt'] = $row['txt']; } else {
db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),3)"); $page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]; $text = $lang['changedthemail'] . sprintf($lang['registconfirmlink'], $page, $id); icmail($_POST['email'], $lang['mail'] . ' ' . $lang['changed'], $text); $fmsg = $lang['pleaseconfirmmail']; } # #remove account if (isset($_POST['removeaccount'])) { $id = $_SESSION['authid'] . '-remove-' . md5(uniqid(rand())); db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),5)"); $page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]; $text = $lang['removeconfirm'] . sprintf($lang['registconfirmlink'], $page, $id); icmail($_POST['email'], html_entity_decode($lang['removeaccount'], ILCH_ENTITIES_FLAGS, ILCH_CHARSET), $text); $fmsg = $lang['pleaseconfirmremove']; } #remove account # statische felder speichern db_query("UPDATE prefix_user\r\n\t\t\t SET\r\n homepage = '" . get_homepage(escape($_POST['homepage'], 'string')) . "',\r\n wohnort = '" . escape($_POST['wohnort'], 'string') . "',\r\n icq = '" . escape($_POST['icq'], 'string') . "',\r\n msn = '" . escape($_POST['msn'], 'string') . "',\r\n yahoo = '" . escape($_POST['yahoo'], 'string') . "',\r\n " . $avatar_sql_update . "\r\n aim = '" . escape($_POST['aim'], 'string') . "',\r\n staat = '" . escape($_POST['staat'], 'string') . "',\r\n geschlecht = '" . escape($_POST['geschlecht'], 'string') . "',\r\n status = '" . escape($_POST['status'], 'string') . "',\r\n opt_mail = '" . escape($_POST['opt_mail'], 'string') . "',\r\n opt_pm = '" . escape($_POST['opt_pm'], 'string') . "',\r\n opt_pm_popup = '" . escape($_POST['opt_pm_popup'], 'string') . "',\r\n gebdatum = '" . get_datum(escape($_POST['gebdatum'], 'string')) . "',\r\n sig = '" . substr(escape($_POST['sig'], 'string'), 0, $allgAr['forum_max_sig']) . "'\r\n\t\t\t\tWHERE id = " . $_SESSION['authid']); # change other profil fields profilefields_change_save($_SESSION['authid']); $design->header(); # definie and print msg $fmsg = isset($fmsg) ? $fmsg : $lang['changesuccessful']; wd('?user-8', $fmsg, 3); } } else { $tpl = new tpl('user/login'); $tpl->set_out('WDLINK', '?user-8', 0); } $design->footer();
$limit = $allgAr['gbook_posts_per_site']; // Limit $page = $menu->getA(1) == 'p' ? escape($menu->getE(1), 'integer') : 1; $MPL = db_make_sites($page, "", $limit, "?gbook", 'gbook'); $anfang = ($page - 1) * $limit; $tpl = new tpl('gbook.htm'); $ei1 = @db_query("SELECT COUNT(ID) FROM prefix_gbook"); $ein = @db_result($ei1, 0); $ar = array('EINTRAGE' => $ein); $tpl->set_ar_out($ar, 0); $erg = db_query("SELECT * FROM prefix_gbook ORDER BY time DESC LIMIT " . $anfang . "," . $limit) or die(db_error()); while ($row = db_fetch_object($erg)) { $page = ''; $mail = ''; if ($row->page) { $row->page = get_homepage($row->page); $page = ' <a href="' . $row->page . '" target="_blank"><img src="include/images/icons/page.gif" border="0" alt="Homepage ' . $lang['from'] . ' ' . $row->name . '"></a>'; } if ($row->mail) { $mail = ' <a href="mailto:' . escape_email_to_show($row->mail) . '"><img src="include/images/icons/mail.gif" border="0" alt="E-Mail ' . $lang['from'] . ' ' . $row->name . '"></a>'; } $koms = ''; if ($allgAr['gbook_koms_for_inserts'] == 1) { $koms = db_result(db_query("SELECT COUNT(*) FROM prefix_koms WHERE uid = " . $row->id . " AND cat = 'GBOOK'"), 0, 0); $koms = '<a href="index.php?gbook-show-' . $row->id . '">' . $koms . ' ' . $lang['comments'] . '</a>'; } $ar = array('NAME' => $row->name, 'DATE' => date("d.m.Y", $row->time), 'koms' => $koms, 'MAIL' => $mail, 'ID' => $row->id, 'PAGE' => $page, 'TEXT' => BBCode($row->txt)); $tpl->set_ar_out($ar, 1); } $tpl->set_out('SITELINK', $MPL, 2); break;
// Partners case 'partners': $design = new design('Admins Area', 'Admins Area', 2); $design->header(); $tpl = new tpl('archiv/partners', 1); // loeschen if ($menu->getA(2) == 'd') { $pos = db_result(db_query("SELECT pos FROM prefix_partners WHERE id = " . $menu->getE(2)), 0); db_query("DELETE FROM prefix_partners WHERE id = " . $menu->getE(2)); db_query("UPDATE prefix_partners SET pos = pos -1 WHERE pos > " . $pos); } // aendern / eintragen if (isset($_POST['sub'])) { $_POST['name'] = escape($_POST['name'], 'string'); $_POST['banner'] = escape($_POST['banner'], 'string'); $_POST['link'] = get_homepage(escape($_POST['link'], 'string')); if (empty($_POST['pkey'])) { $_POST['pos'] = db_result(db_query("SELECT COUNT(*) FROM prefix_partners"), 0); db_query("INSERT INTO prefix_partners (name,banner,link,pos) VALUES ('" . $_POST['name'] . "','" . $_POST['banner'] . "','" . $_POST['link'] . "','" . $_POST['pos'] . "')"); } else { db_query("UPDATE prefix_partners SET name = '" . $_POST['name'] . "',banner = '" . $_POST['banner'] . "',link = '" . $_POST['link'] . "' WHERE id = '" . $_POST['pkey'] . "'"); } } // verschieben if ($menu->getA(2) == 'o' or $menu->getA(2) == 'u') { $pos = $menu->get(3); $id = $menu->getE(2); $nps = $menu->getA(2) == 'u' ? $pos + 1 : $pos - 1; $anz = db_result(db_query("SELECT COUNT(*) FROM prefix_partners"), 0); if ($nps < 0) { db_query("UPDATE prefix_partners SET pos = " . $anz . " WHERE id = " . $id);
${$v} = escape($_POST[$v], 'string'); $x++; } else { ${$v} = ''; } } if (count($far) == $x and chk_antispam('fightus')) { $squad = escape($squad, 'integer'); $abf = "SELECT `mod1`,`mod2`, `mod3`,name FROM prefix_groups WHERE id = " . $squad; $erg = db_query($abf); $row = db_fetch_assoc($erg); $txt = $lang['fightusrequest']; list($datum, $zeit) = explode(' - ', $meetingtime); $datum = get_datum($datum); $datum = $datum . " " . $zeit; $clanpage = get_homepage($clanpage); # als upcoming war vormerken (kategorie 1) db_query("INSERT INTO prefix_wars (datime,`status`,gegner,tag,page,mail,icq,wo,tid,`mod`,game,mtyp,land,txt) VALUES ('" . $datum . "','1','" . $clanname . "','" . $clantag . "','" . $clanpage . "','" . $mailaddy . "','" . $icqnumber . "','" . $meetingplace . "','" . $squad . "','" . $xonx . "','" . $game . "','" . $matchtype . "','" . $clancountry . "','" . $message . "')"); # pm an den leader sendpm($_SESSION['authid'], $row['mod1'], 'Fightus Anfrage', $txt, -1); # Wenn Co Leader != Leader if ($row['mod1'] != $row['mod2']) { sendpm($_SESSION['authid'], $row['mod2'], 'Fightus Anfrage', $txt, -1); } if ($row['mod3'] != $row['mod2'] and $row['mod1'] != $row['mod3']) { sendpm($_SESSION['authid'], $row['mod3'], 'Fightus Anfrage', $txt, -1); } # informieren echo sprintf($lang['leaderofxalert'], $row['name']); } else { $clancountry = arlistee($clancountry, get_nationality_array());