{ $squads = ''; $erg1 = db_query("SELECT name, id FROM prefix_groups ORDER BY pos"); while ($row = db_fetch_assoc($erg1)) { $squads .= '<option>' . $row['name'] . '</option>'; } return $squads; } ##### A k t i o n e n #Löschen if ($menu->getA(1) == 'd' and is_numeric($menu->getE(1))) { db_query('DELETE FROM `prefix_awards` WHERE id = "' . $menu->getE(1) . '" LIMIT 1'); } #Eintragen if (isset($_POST['ins'])) { $datum = get_datum($_POST['datum']); $wofur = escape($_POST['wofur'], 'string'); $text = escape($_POST['text'], 'string'); $platz = escape($_POST['platz'], 'string'); $bild = get_homepage(escape($_POST['bild'], 'string')); if ($_POST['atype'] == 'user') { $team = escape($_POST['name'], 'string'); } else { $team = escape($_POST['team'], 'string'); } if ($menu->getA(1) == 'e' and is_numeric($menu->getE(1))) { $id = $menu->getE(1); db_query("UPDATE `prefix_awards` SET time = '{$datum}', platz = '{$platz}',\r\n team = '{$team}', wofur = '{$wofur}', bild = '{$bild}', text = '{$text}' WHERE id = {$id}"); echo mysql_error(); $menu->set_url(1, ''); } else {
echo $lang['nopermission']; $design->footer(1); } // status aendern if ($menu->getA(1) == 'c' and is_numeric($menu->getE(1)) and is_numeric($menu->get(2)) and is_siteadmin('awaycal')) { $uid = db_result(db_query("SELECT `uid` FROM `prefix_awaycal` WHERE `id` = " . $menu->getE(1)), 0); db_query("UPDATE `prefix_awaycal` SET `pruef` = " . $menu->get(2) . " WHERE `id` = " . $menu->getE(1)); sendpm($_SESSION['authid'], $uid, 'Away-Anfrage', $message3); } if ($menu->getA(1) == 'd' and is_numeric($menu->getE(1)) and is_siteadmin('awaycal')) { db_query("DELETE FROM `prefix_awaycal` WHERE `id` = " . $menu->getE(1)); } // eintragen if (isset($_POST['ch'])) { $von = get_datum(escape($_POST['von'], 'string')); $bis = get_datum(escape($_POST['bis'], 'string')); $bet = escape($_POST['betreff'], 'string'); $uid = $_SESSION['authid']; if (empty($_POST['ch'])) { away_sendpmtoleaders($message1, $uid, 0); db_query("INSERT INTO `prefix_awaycal` (`uid`,`von`,`bis`,`betreff`) VALUES (" . $uid . ",'" . $von . "','" . $bis . "','" . $bet . "')"); } else { $id = escape($_POST['ch'], 'integer'); $uid = db_result(db_query("SELECT `uid` FROM `prefix_awaycal` WHERE `id` = " . $id), 0); if (is_siteadmin('awaycal') or $uid == $_SESSION['authid']) { away_sendpmtoleaders($message2, $uid, 1); db_query("UPDATE `prefix_awaycal` SET `von` = '" . $von . "', `bis` = '" . $bis . "', `betreff` = '" . $bet . "' WHERE `id` = " . $id); } } } $tpl->out(1);
foreach ($far as $v) { if (!empty($_POST[$v])) { ${$v} = escape($_POST[$v], 'string'); $x++; } else { ${$v} = ''; } } if (count($far) == $x and chk_antispam('fightus')) { $squad = escape($squad, 'integer'); $abf = "SELECT `mod1`,`mod2`, `mod3`,name FROM prefix_groups WHERE id = " . $squad; $erg = db_query($abf); $row = db_fetch_assoc($erg); $txt = $lang['fightusrequest']; list($datum, $zeit) = explode(' - ', $meetingtime); $datum = get_datum($datum); $datum = $datum . " " . $zeit; $clanpage = get_homepage($clanpage); # als upcoming war vormerken (kategorie 1) db_query("INSERT INTO prefix_wars (datime,`status`,gegner,tag,page,mail,icq,wo,tid,`mod`,game,mtyp,land,txt) VALUES ('" . $datum . "','1','" . $clanname . "','" . $clantag . "','" . $clanpage . "','" . $mailaddy . "','" . $icqnumber . "','" . $meetingplace . "','" . $squad . "','" . $xonx . "','" . $game . "','" . $matchtype . "','" . $clancountry . "','" . $message . "')"); # pm an den leader sendpm($_SESSION['authid'], $row['mod1'], 'Fightus Anfrage', $txt, -1); # Wenn Co Leader != Leader if ($row['mod1'] != $row['mod2']) { sendpm($_SESSION['authid'], $row['mod2'], 'Fightus Anfrage', $txt, -1); } if ($row['mod3'] != $row['mod2'] and $row['mod1'] != $row['mod3']) { sendpm($_SESSION['authid'], $row['mod3'], 'Fightus Anfrage', $txt, -1); } # informieren echo sprintf($lang['leaderofxalert'], $row['name']);
db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),3)"); $page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]; $text = $lang['changedthemail'] . sprintf($lang['registconfirmlink'], $page, $id); icmail($_POST['email'], $lang['mail'] . ' ' . $lang['changed'], $text); $fmsg = $lang['pleaseconfirmmail']; } # #remove account if (isset($_POST['removeaccount'])) { $id = $_SESSION['authid'] . '-remove-' . md5(uniqid(rand())); db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),5)"); $page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]; $text = $lang['removeconfirm'] . sprintf($lang['registconfirmlink'], $page, $id); icmail($_POST['email'], html_entity_decode($lang['removeaccount'], ILCH_ENTITIES_FLAGS, ILCH_CHARSET), $text); $fmsg = $lang['pleaseconfirmremove']; } #remove account # statische felder speichern db_query("UPDATE prefix_user\r\n\t\t\t SET\r\n homepage = '" . get_homepage(escape($_POST['homepage'], 'string')) . "',\r\n wohnort = '" . escape($_POST['wohnort'], 'string') . "',\r\n icq = '" . escape($_POST['icq'], 'string') . "',\r\n msn = '" . escape($_POST['msn'], 'string') . "',\r\n yahoo = '" . escape($_POST['yahoo'], 'string') . "',\r\n " . $avatar_sql_update . "\r\n aim = '" . escape($_POST['aim'], 'string') . "',\r\n staat = '" . escape($_POST['staat'], 'string') . "',\r\n geschlecht = '" . escape($_POST['geschlecht'], 'string') . "',\r\n status = '" . escape($_POST['status'], 'string') . "',\r\n opt_mail = '" . escape($_POST['opt_mail'], 'string') . "',\r\n opt_pm = '" . escape($_POST['opt_pm'], 'string') . "',\r\n opt_pm_popup = '" . escape($_POST['opt_pm_popup'], 'string') . "',\r\n gebdatum = '" . get_datum(escape($_POST['gebdatum'], 'string')) . "',\r\n sig = '" . substr(escape($_POST['sig'], 'string'), 0, $allgAr['forum_max_sig']) . "'\r\n\t\t\t\tWHERE id = " . $_SESSION['authid']); # change other profil fields profilefields_change_save($_SESSION['authid']); $design->header(); # definie and print msg $fmsg = isset($fmsg) ? $fmsg : $lang['changesuccessful']; wd('?user-8', $fmsg, 3); } } else { $tpl = new tpl('user/login'); $tpl->set_out('WDLINK', '?user-8', 0); } $design->footer();
if (isset($_POST['submit'])) { if (chk_antispam('fightus') != true) { $fehler .= '· ' . $lang['incorrectspam'] . '<br/>'; $fightusspam = false; } else { $fightusspam = true; } } if (count($far) == $x and $fightusspam == true) { $squad = escape($squad, 'integer'); $abf = "SELECT `mod1`,`mod2`, `mod3`,`name` FROM `prefix_groups` WHERE `id` = " . $squad; $erg = db_query($abf); $row = db_fetch_assoc($erg); $txt = $lang['fightusrequest']; $sekunde = '00'; $datum = get_datum($date) . ' - ' . $stunde . ':' . $minute . ':' . $sekunde; $clanpage = get_homepage($clanpage); // als upcoming war vormerken (kategorie 1) db_query("INSERT INTO `prefix_wars` (`datime`,`status`,`gegner`,`tag`,`page`,`mail`,`icq`,`wo`,`tid`,`mod`,`game`,`mtyp`,`land`,`txt`) VALUES ('" . $datum . "','1','" . $clanname . "','" . $clantag . "','" . $clanpage . "','" . $mailaddy . "','" . $icqnumber . "','" . $meetingplace . "','" . $squad . "','" . $xonx . "','" . $game . "','" . $matchtype . "','" . $clancountry . "','" . $message . "')"); // pm an den leader sendpm($_SESSION['authid'], $row['mod1'], 'Fightus Anfrage', $txt, -1); // Wenn Co Leader != Leader if ($row['mod1'] != $row['mod2']) { sendpm($_SESSION['authid'], $row['mod2'], 'Fightus Anfrage', $txt, -1); } if ($row['mod3'] != $row['mod2'] and $row['mod1'] != $row['mod3']) { sendpm($_SESSION['authid'], $row['mod3'], 'Fightus Anfrage', $txt, -1); } // informieren echo sprintf($lang['leaderofxalert'], $row['name']); } else {