{
$squads = '';
$erg1 = db_query("SELECT name, id FROM prefix_groups ORDER BY pos");
while ($row = db_fetch_assoc($erg1)) {
$squads .= '<option>' . $row['name'] . '</option>';
}
return $squads;
}
##### A k t i o n e n
#Löschen
if ($menu->getA(1) == 'd' and is_numeric($menu->getE(1))) {
db_query('DELETE FROM `prefix_awards` WHERE id = "' . $menu->getE(1) . '" LIMIT 1');
}
#Eintragen
if (isset($_POST['ins'])) {
$datum = get_datum($_POST['datum']);
$wofur = escape($_POST['wofur'], 'string');
$text = escape($_POST['text'], 'string');
$platz = escape($_POST['platz'], 'string');
$bild = get_homepage(escape($_POST['bild'], 'string'));
if ($_POST['atype'] == 'user') {
$team = escape($_POST['name'], 'string');
} else {
$team = escape($_POST['team'], 'string');
}
if ($menu->getA(1) == 'e' and is_numeric($menu->getE(1))) {
$id = $menu->getE(1);
db_query("UPDATE `prefix_awards` SET time = '{$datum}', platz = '{$platz}',\r\n team = '{$team}', wofur = '{$wofur}', bild = '{$bild}', text = '{$text}' WHERE id = {$id}");
echo mysql_error();
$menu->set_url(1, '');
} else {
echo $lang['nopermission'];
$design->footer(1);
}
// status aendern
if ($menu->getA(1) == 'c' and is_numeric($menu->getE(1)) and is_numeric($menu->get(2)) and is_siteadmin('awaycal')) {
$uid = db_result(db_query("SELECT `uid` FROM `prefix_awaycal` WHERE `id` = " . $menu->getE(1)), 0);
db_query("UPDATE `prefix_awaycal` SET `pruef` = " . $menu->get(2) . " WHERE `id` = " . $menu->getE(1));
sendpm($_SESSION['authid'], $uid, 'Away-Anfrage', $message3);
}
if ($menu->getA(1) == 'd' and is_numeric($menu->getE(1)) and is_siteadmin('awaycal')) {
db_query("DELETE FROM `prefix_awaycal` WHERE `id` = " . $menu->getE(1));
}
// eintragen
if (isset($_POST['ch'])) {
$von = get_datum(escape($_POST['von'], 'string'));
$bis = get_datum(escape($_POST['bis'], 'string'));
$bet = escape($_POST['betreff'], 'string');
$uid = $_SESSION['authid'];
if (empty($_POST['ch'])) {
away_sendpmtoleaders($message1, $uid, 0);
db_query("INSERT INTO `prefix_awaycal` (`uid`,`von`,`bis`,`betreff`) VALUES (" . $uid . ",'" . $von . "','" . $bis . "','" . $bet . "')");
} else {
$id = escape($_POST['ch'], 'integer');
$uid = db_result(db_query("SELECT `uid` FROM `prefix_awaycal` WHERE `id` = " . $id), 0);
if (is_siteadmin('awaycal') or $uid == $_SESSION['authid']) {
away_sendpmtoleaders($message2, $uid, 1);
db_query("UPDATE `prefix_awaycal` SET `von` = '" . $von . "', `bis` = '" . $bis . "', `betreff` = '" . $bet . "' WHERE `id` = " . $id);
}
}
}
$tpl->out(1);
foreach ($far as $v) {
if (!empty($_POST[$v])) {
${$v} = escape($_POST[$v], 'string');
$x++;
} else {
${$v} = '';
}
}
if (count($far) == $x and chk_antispam('fightus')) {
$squad = escape($squad, 'integer');
$abf = "SELECT `mod1`,`mod2`, `mod3`,name FROM prefix_groups WHERE id = " . $squad;
$erg = db_query($abf);
$row = db_fetch_assoc($erg);
$txt = $lang['fightusrequest'];
list($datum, $zeit) = explode(' - ', $meetingtime);
$datum = get_datum($datum);
$datum = $datum . " " . $zeit;
$clanpage = get_homepage($clanpage);
# als upcoming war vormerken (kategorie 1)
db_query("INSERT INTO prefix_wars (datime,`status`,gegner,tag,page,mail,icq,wo,tid,`mod`,game,mtyp,land,txt) VALUES ('" . $datum . "','1','" . $clanname . "','" . $clantag . "','" . $clanpage . "','" . $mailaddy . "','" . $icqnumber . "','" . $meetingplace . "','" . $squad . "','" . $xonx . "','" . $game . "','" . $matchtype . "','" . $clancountry . "','" . $message . "')");
# pm an den leader
sendpm($_SESSION['authid'], $row['mod1'], 'Fightus Anfrage', $txt, -1);
# Wenn Co Leader != Leader
if ($row['mod1'] != $row['mod2']) {
sendpm($_SESSION['authid'], $row['mod2'], 'Fightus Anfrage', $txt, -1);
}
if ($row['mod3'] != $row['mod2'] and $row['mod1'] != $row['mod3']) {
sendpm($_SESSION['authid'], $row['mod3'], 'Fightus Anfrage', $txt, -1);
}
# informieren
echo sprintf($lang['leaderofxalert'], $row['name']);
db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),3)");
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$text = $lang['changedthemail'] . sprintf($lang['registconfirmlink'], $page, $id);
icmail($_POST['email'], $lang['mail'] . ' ' . $lang['changed'], $text);
$fmsg = $lang['pleaseconfirmmail'];
}
#
#remove account
if (isset($_POST['removeaccount'])) {
$id = $_SESSION['authid'] . '-remove-' . md5(uniqid(rand()));
db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),5)");
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$text = $lang['removeconfirm'] . sprintf($lang['registconfirmlink'], $page, $id);
icmail($_POST['email'], html_entity_decode($lang['removeaccount'], ILCH_ENTITIES_FLAGS, ILCH_CHARSET), $text);
$fmsg = $lang['pleaseconfirmremove'];
}
#remove account
# statische felder speichern
db_query("UPDATE prefix_user\r\n\t\t\t SET\r\n homepage = '" . get_homepage(escape($_POST['homepage'], 'string')) . "',\r\n wohnort = '" . escape($_POST['wohnort'], 'string') . "',\r\n icq = '" . escape($_POST['icq'], 'string') . "',\r\n msn = '" . escape($_POST['msn'], 'string') . "',\r\n yahoo = '" . escape($_POST['yahoo'], 'string') . "',\r\n " . $avatar_sql_update . "\r\n aim = '" . escape($_POST['aim'], 'string') . "',\r\n staat = '" . escape($_POST['staat'], 'string') . "',\r\n geschlecht = '" . escape($_POST['geschlecht'], 'string') . "',\r\n status = '" . escape($_POST['status'], 'string') . "',\r\n opt_mail = '" . escape($_POST['opt_mail'], 'string') . "',\r\n opt_pm = '" . escape($_POST['opt_pm'], 'string') . "',\r\n opt_pm_popup = '" . escape($_POST['opt_pm_popup'], 'string') . "',\r\n gebdatum = '" . get_datum(escape($_POST['gebdatum'], 'string')) . "',\r\n sig = '" . substr(escape($_POST['sig'], 'string'), 0, $allgAr['forum_max_sig']) . "'\r\n\t\t\t\tWHERE id = " . $_SESSION['authid']);
# change other profil fields
profilefields_change_save($_SESSION['authid']);
$design->header();
# definie and print msg
$fmsg = isset($fmsg) ? $fmsg : $lang['changesuccessful'];
wd('?user-8', $fmsg, 3);
}
} else {
$tpl = new tpl('user/login');
$tpl->set_out('WDLINK', '?user-8', 0);
}
$design->footer();
if (isset($_POST['submit'])) {
if (chk_antispam('fightus') != true) {
$fehler .= '· ' . $lang['incorrectspam'] . '<br/>';
$fightusspam = false;
} else {
$fightusspam = true;
}
}
if (count($far) == $x and $fightusspam == true) {
$squad = escape($squad, 'integer');
$abf = "SELECT `mod1`,`mod2`, `mod3`,`name` FROM `prefix_groups` WHERE `id` = " . $squad;
$erg = db_query($abf);
$row = db_fetch_assoc($erg);
$txt = $lang['fightusrequest'];
$sekunde = '00';
$datum = get_datum($date) . ' - ' . $stunde . ':' . $minute . ':' . $sekunde;
$clanpage = get_homepage($clanpage);
// als upcoming war vormerken (kategorie 1)
db_query("INSERT INTO `prefix_wars` (`datime`,`status`,`gegner`,`tag`,`page`,`mail`,`icq`,`wo`,`tid`,`mod`,`game`,`mtyp`,`land`,`txt`) VALUES ('" . $datum . "','1','" . $clanname . "','" . $clantag . "','" . $clanpage . "','" . $mailaddy . "','" . $icqnumber . "','" . $meetingplace . "','" . $squad . "','" . $xonx . "','" . $game . "','" . $matchtype . "','" . $clancountry . "','" . $message . "')");
// pm an den leader
sendpm($_SESSION['authid'], $row['mod1'], 'Fightus Anfrage', $txt, -1);
// Wenn Co Leader != Leader
if ($row['mod1'] != $row['mod2']) {
sendpm($_SESSION['authid'], $row['mod2'], 'Fightus Anfrage', $txt, -1);
}
if ($row['mod3'] != $row['mod2'] and $row['mod1'] != $row['mod3']) {
sendpm($_SESSION['authid'], $row['mod3'], 'Fightus Anfrage', $txt, -1);
}
// informieren
echo sprintf($lang['leaderofxalert'], $row['name']);
} else {
