$design->header();
if (!is_admin()) {
echo 'Dieser Bereich ist nicht fuer dich...';
$design->footer(1);
}
if (isset($_GET['m']) and $_GET['m'] == 'm') {
if (isset($_POST['sub'])) {
# immer alle loeschen und dann alle eintragen fals gewuenscht hort sich doch
# logisch an und ist es auch.
$mid = escape($_POST['md'], 'integer');
$gr = escape($_POST['gr'], 'integer');
db_query("DELETE FROM prefix_modulerights USING prefix_modulerights, prefix_user WHERE prefix_user.id = prefix_modulerights.uid AND prefix_modulerights.mid = " . $mid . " AND prefix_user.recht = " . $gr);
if ($_POST['ak'] == 1) {
db_query("INSERT INTO prefix_modulerights (mid,uid) SELECT " . $mid . " as mid, id as uid FROM prefix_user WHERE recht = " . $gr);
}
wd(array('Grundrechten' => 'admin.php?grundrechte', 'Userverwalten' => 'admin.php?user', 'zurück zu Modulrechte' => 'admin.php?grundrechte=0&m=m'), 'Die geünschte Operation wurde ausgeführt... Bitte überprüfen!!', 66);
$design->footer(1);
}
$grl = dblistee('', "SELECT id, name FROM prefix_grundrechte ORDER BY id ASC");
$mdl = dblistee('', "SELECT id, name FROM prefix_modules ORDER BY name");
?>
<form action="admin.php?grundrechte=0&m=m" method="POST">
<table cellpadding="2" cellspacing="0" border="0">
<tr>
<td>Allen</td>
<td><select name="gr"><?php
echo $grl;
?>
</select></td>
<td>das Modulrecht</td>
$text = edit_text(stripslashes($text), true);
$a = substr($akl, 0, 1);
#$e = substr ( $akl, 1 );
#if ( $e != 'neu' ) {
# unlink ( 'include/contents/selfbp/self'.$a.'/'.$e );
#}
if (!empty($_POST['exfilename']) and $_POST['exfilename'] != $_POST['filename']) {
$exfilename = escape($_POST['exfilename'], 'string');
@unlink('include/contents/selfbp/self' . $a . '/' . $exfilename);
}
$filename = get_nametosave($_POST['filename']);
$fname = 'include/contents/selfbp/self' . $a . '/' . $filename;
save_file_to($fname, $text);
if ($_POST['toggle'] == 0) {
$design->header();
wd('admin.php?selfbp=0&akl=' . $a . $filename, 'Ihre Aenderungen wurden gespeichert...', 13);
$design->footer(1);
}
}
#anzeigen
$design->header();
$tpl = new tpl('selfbp', 1);
$akl = '';
if (isset($_REQUEST['akl'])) {
$akl = $_REQUEST['akl'];
}
#löschen
if (isset($_REQUEST['del'])) {
$del = $_REQUEST['del'];
$a = substr($del, 0, 1);
$e = substr($del, 1);
}
$design->footer();
break;
case 'refuse':
$title = $allgAr['title'] . ' :: Users :: Freundschaftsanfrage abgelehnt';
$hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">Users</a><b> » </b> Freundschaftsanfrage abgelehnt';
$design = new design($title, $hmenu, 1);
$design->header();
if (loggedin() and is_numeric($fid)) {
db_query("DELETE FROM prefix_friendscheck WHERE uid = " . $fid . " AND fid = " . $uid);
wd('?user-fcheck-' . $uid, 'Du hast die Freundschaftsanfrage abgelehnt.');
} else {
wd('?user-fcheck-' . $uid, 'Es ist ein Fehler aufgetreten');
}
$design->footer();
break;
case 'del':
$title = $allgAr['title'] . ' :: Users :: Freund entfernen';
$hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">Users</a><b> » </b> Freund entfernen';
$design = new design($title, $hmenu, 1);
$design->header();
if (loggedin() and is_numeric($fid)) {
db_query("DELETE FROM prefix_friends WHERE uid = " . $uid . " AND fid = " . $fid);
db_query("DELETE FROM prefix_friends WHERE uid = " . $fid . " AND fid = " . $uid);
wd('?user-details-' . $fid, 'Freund wurde entfernt.');
} else {
wd('?user-details-' . $fid, 'Es ist ein Fehler aufgetreten');
}
$design->footer();
break;
}
$txt = 'Dein Thema "' . $top . '" wurde von dem Forum "' . $fal . '" in das neue Forum "' . $fne . '" verschoben... ';
$txt .= "\n\n- [url=http://" . $page . "?forum-showposts-" . $k . "]Link zum Thema[/url]";
$txt .= "\n- [url=http://" . $page . "?forum-showtopics-" . $_POST['nfid'] . "]Link zum neuen Forum[/url]";
$txt .= "\n- [url=http://" . $page . "?forum-showtopics-" . $_POST['afid'] . "]Link zum alten Forum[/url]";
sendpm($_SESSION['authid'], $uid, 'Thema verschoben', $txt);
}
}
$pmin = $pmin + $tmin;
$apid = db_result(db_query("SELECT MAX(id) FROM prefix_posts WHERE fid = " . $_POST['afid']), 0);
$npid = db_result(db_query("SELECT MAX(id) FROM prefix_posts WHERE fid = " . $_POST['nfid']), 0);
if (empty($apid)) {
$apid = 0;
}
db_query("UPDATE `prefix_forums` SET last_post_id = " . $apid . ", `posts` = `posts` - " . $pmin . ", `topics` = `topics` - " . $tmin . " WHERE id = " . $_POST['afid']);
db_query("UPDATE `prefix_forums` SET last_post_id = " . $npid . ", `posts` = `posts` + " . $pmin . ", `topics` = `topics` + " . $tmin . " WHERE id = " . $_POST['nfid']);
wd(array('neue Themen Übersicht' => 'index.php?forum-showtopics-' . $_POST['nfid'], 'alte Themen Übersicht' => 'index.php?forum-showtopics-' . $_POST['afid']), 'Thema erfolgreich verschoben', 3);
} elseif ($csrfCheck and (isset($_POST['del']) or isset($_POST['shift']))) {
echo '<form action="index.php?forum-editforum-' . $fid . '" method="POST">';
foreach ($_POST['in'] as $k => $v) {
echo '<input type="hidden" name="in[' . $k . ']" value="' . $v . '" />';
}
if (isset($_POST['del'])) {
echo '<input type="hidden" name="dely" value="yes" />';
echo 'Sicher die ausgewahlten Themen loeschen? <input type="submit" value="' . $lang['yes'] . '" name="del" />';
} elseif (isset($_POST['shift']) and $_POST['nfid'] != 'cat') {
echo '<input type="hidden" name="afid" value="' . $fid . '">neues Forum auswählen<br />';
echo '<select name="nfid">';
function stufe($anz, $t = 'f')
{
$z = $t == 'f' ? ' ' : '»';
for ($i = 0; $i < $anz; $i++) {
<td class="Cmite">Deine eMail</td>
<td class="Cnorm"><input type="text" name="email" value="<?php
echo $_POST['email'];
?>
"></td>
</tr><tr class="Cnorm">
<td class="Cmite" v>Nachricht</td>
<td class="Cnorm"><textarea cols="40" rows="10" name="txt"><?php
echo $_POST['txt'];
?>
</textarea></td>
</tr><tr class="Cdark">
<td></td>
<td><input type="submit" name="send" value="<?php
echo $lang['formsub'];
?>
"></td>
</tr>
</table></form>
<?php
} else {
$_SESSION['klicktime'] = time();
if (1 == $row['opt_mail']) {
icmail($row['email'], strip_tags($_POST['bet']), strip_tags($_POST['txt']), 'SeitenKontakt <' . escape_for_email($_POST['email']) . '>');
wd('index.php?forum', 'Die eMail wurde erfolgreich versendet');
} else {
header('location: index.php?' . $allAr['smodul']);
exit;
}
}
$design->footer();
} else {
$Fnch = 'checked';
$Fjch = '';
}
$Frid = $row->id;
$Fakt = 'change';
}
$tpl = new tpl('range', 1);
$ar = array('SUB' => $Fsub, 'BEZ' => $Fbez, 'MIN' => $Fmin, 'JCH' => $Fjch, 'NCH' => $Fnch, 'RID' => $Frid, 'AKT' => $Fakt);
$tpl->set_ar_out($ar, 3);
} else {
$_POST['bez'] = escape($_POST['bez'], 'string');
$_POST['min'] = escape($_POST['min'], 'integer');
$_POST['spez'] = escape($_POST['spez'], 'integer');
$_POST['rid'] = escape($_POST['rid'], 'integer');
if (empty($_POST['rid'])) {
if ($_POST['spez'] == 1) {
$_POST['min'] = '0';
}
db_query('INSERT INTO `prefix_ranks` (`bez`,`min`,`spez`) VALUES ( "' . $_POST['bez'] . '","' . $_POST['min'] . '","' . $_POST['spez'] . '" ) ');
wd('admin.php?range', 'Erfolgreich eingetragen', 1);
} else {
if ($_POST['spez'] == 1) {
$_POST['min'] = '0';
}
db_query('UPDATE `prefix_ranks` SET bez = "' . $_POST['bez'] . '", min = "' . $_POST['min'] . '", spez = "' . $_POST['spez'] . '" WHERE id = "' . $_POST['rid'] . '"');
wd('admin.php?range', 'Erfolgreich geändert', 1);
}
}
}
$design->footer();
$ar = array('uname' => $_SESSION['authname'], 'SMILIES' => getsmilies(), 'ANTISPAM' => get_antispam('gbook', 1), 'TXTL' => $allgAr['Gtxtl']);
$tpl->set_ar_out($ar, 3);
if (!isset($_SESSION['klicktime_gbook'])) {
$_SESSION['klicktime_gbook'] = 0;
}
break;
case 2:
$dppk_time = time();
if ($_SESSION['klicktime_gbook'] + $timeSperre < $dppk_time and isset($_POST['name']) and isset($_POST['txt']) and trim($_POST['name']) != "" and trim($_POST['txt']) != "" and chk_antispam('gbook') and strlen($_POST['txt']) <= $allgAr['Gtxtl']) {
$txt = escape($_POST['txt'], 'textarea');
$name = escape($_POST['name'], 'string');
$mail = escape($_POST['mail'], 'string');
$page = escape($_POST['page'], 'string');
db_query("INSERT INTO prefix_gbook (`name`,`mail`,`page`,`time`,`ip`,`txt`) VALUES ('" . $name . "', '" . $mail . "', '" . $page . "', '" . time() . "', '" . getip() . "', '" . $txt . "')");
$_SESSION['klicktime_gbook'] = $dppk_time;
wd('index.php?gbook', $lang['insertsuccessful']);
} else {
echo '- ' . $lang['donotpostsofast'];
echo '<br />- ' . sprintf($lang['gbooktexttolong'], $allgAr['Gtxtl']);
echo '<br />- ' . $lang['plsfilloutallfields'];
}
break;
case 'show':
if ($allgAr['gbook_koms_for_inserts'] == 1) {
$id = escape($menu->get(2), 'integer');
if (chk_antispam('gbookkom') and isset($_POST['name']) and isset($_POST['text'])) {
$name = escape($_POST['name'], 'string');
$text = escape($_POST['text'], 'string');
db_query("INSERT INTO prefix_koms (name,text,uid,cat) VALUES ('" . $name . "', '" . $text . "', " . $id . ", 'GBOOK')");
}
if ($menu->getA(3) == 'd' and is_numeric($menu->getE(3)) and has_right(-7, 'gbook')) {
$var2 = escape($_POST['id'], 'string');
$var3 = escape($_POST['url'], 'string');
if ($var2 == '0') {
db_query("UPDATE `prefix_shbox4config`\n SET\n `{$var1}` = '1'\n WHERE\n `id` = '1'\n ") or die('Probleme mit der Datenbank');
wd('?shbox4admin-' . $var3, '', 0);
} elseif ($var2 == '1') {
db_query("UPDATE `prefix_shbox4config`\n SET\n `{$var1}` = '0'\n WHERE\n `id` = '1'\n ") or die('Probleme mit der Datenbank');
wd('?shbox4admin-' . $var3, '', 0);
}
}
if (escape($menu->get(1), 'string') == 'updates') {
$var1 = escape($menu->get(2), 'string');
$var2 = escape($_POST[$var1], 'string');
$var3 = escape($_POST['url'], 'string');
db_query("UPDATE `prefix_shbox4config`\n SET\n `{$var1}` = '" . $var2 . "'\n WHERE\n `id` = '1'\n ") or die('Probleme mit der Datenbank');
wd('?shbox4admin-' . $var3, '', 0);
}
if (escape($menu->get(1), 'string') == 'show') {
if (escape($menu->get(2), 'string') == 'send') {
db_query("UPDATE `prefix_shbox4`\n SET `txt` = '" . escape($_POST['edittxt'], 'string') . "'\n WHERE `id` = '" . escape($menu->get(3), 'string') . "'\n ") or die('Probleme mit der Datenbank');
} elseif (escape($menu->get(2), 'string') == 'del') {
db_query("DELETE FROM `prefix_shbox4` WHERE `id` = '" . escape($menu->get(3), 'string') . "'") or die('Probleme mit der Datenbank');
}
}
if (escape($menu->get(1), 'string') == 'allg') {
$erg = db_query('SELECT * FROM `prefix_shbox4config` WHERE id = "1"');
$row = db_fetch_assoc($erg);
$url = 'allg';
$ar = array('AKTIV' => $var->check_var('aktiv', 'Aktiv', $row['aktiv'], $url), 'GAST' => $var->check_var('gast', 'Gast', $row['gast'], $url), 'RELOAD' => $var->check_var('reload', 'Reload', $row['reload'], $url), 'DATUM' => $var->check_var('datum', 'Datum', $row['datum'], $url), 'FARBEN' => $var->check_var('farbe', 'Farben', $row['farbe'], $url), 'SPAM' => $var->check_var('spam', 'SPAM', $row['spam'], $url), 'SMILIES' => $var->check_var('smilies', 'Smilies & BBcode', $row['smilies'], $url), 'RTIME' => $row['time'], 'DBN1' => 'time', 'AKTIVTEXT' => $row['aktivtext'], 'DBN11' => 'aktivtext', 'AUSGABE' => $row['ausgabe'], 'DBN2' => 'ausgabe', 'DATUMF' => $row['format'], 'DBN3' => 'format', 'SIZE' => $row['size'], 'DBN4' => 'size', 'MTEXT' => $row['mtext'], 'DBN5' => 'mtext', 'BBFETT' => $var->shcheckbox($var->shconfig('smilies'), $var->shconfig('bbfett'), 'bbfett', 'Fett', $row['bbfett'], $url, 'bold'), 'BBKURSIV' => $var->shcheckbox($var->shconfig('smilies'), $var->shconfig('bbkursiv'), 'bbkursiv', 'Kursiv', $row['bbkursiv'], $url, 'italic'), 'BBUNTER' => $var->shcheckbox($var->shconfig('smilies'), $var->shconfig('bbunter'), 'bbunter', 'Unterstrich', $row['bbunter'], $url, 'underline'), 'BBLINK' => $var->shcheckbox($var->shconfig('smilies'), $var->shconfig('bblink'), 'bblink', 'Link', $row['bblink'], $url, 'link'));
$tpl->set_ar_out($ar, 1);
}
}
# topic alert ausfuehren.
$topic_alerts_abf = "SELECT\r\n prefix_topics.name as topic,\r\n prefix_user.email as email,\r\n prefix_user.name as user,\r\n prefix_user.id as uid\r\n FROM prefix_topic_alerts\r\n LEFT JOIN prefix_topics ON prefix_topics.id = prefix_topic_alerts.tid\r\n LEFT JOIN prefix_user ON prefix_user.id = prefix_topic_alerts.uid\r\n WHERE prefix_topic_alerts.tid = " . $tid;
$topic_alerts_erg = db_query($topic_alerts_abf);
while ($topic_alerts_row = db_fetch_assoc($topic_alerts_erg)) {
if ($uid == $topic_alerts_row['uid']) {
continue;
}
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$text = sprintf($lang['topicalertmessage'], $topic_alerts_row['user'], $topic_alerts_row['topic'], $page, $tid);
icmail($topic_alerts_row['email'], 'neue Antwort im Thema: "' . $topic_alerts_row['topic'] . '"', $text);
debug($topic_alerts_row['email']);
}
db_query("DELETE FROM prefix_topic_alerts WHERE tid = " . $tid);
# topic alert insert wenn gewaehlt.
if (!empty($_POST['topic_alert']) and $_POST['topic_alert'] == 'yes' and loggedin()) {
if (0 == db_result(db_query("SELECT COUNT(*) FROM prefix_topic_alerts WHERE uid = " . $_SESSION['authid'] . " AND tid = " . $tid), 0)) {
db_query("INSERT INTO prefix_topic_alerts (tid,uid) VALUES (" . $tid . ", " . $_SESSION['authid'] . ")");
}
}
# topic alert ende
db_query("INSERT INTO `prefix_posts` (tid,fid,erst,erstid,time,txt) VALUES ( " . $tid . ", " . $fid . ", '" . $erst . "', " . $uid . ", " . $time . ", '" . $txt . "')");
$pid = db_last_id();
db_query("UPDATE `prefix_topics` SET last_post_id = " . $pid . ", rep = rep + 1 WHERE id = " . $tid);
db_query("UPDATE `prefix_forums` SET posts = posts + 1, last_post_id = " . $pid . " WHERE id = " . $fid);
$page = ceil(($aktTopicRow['rep'] + 2) / $allgAr['Fpanz']);
# toipc als gelesen markieren
$_SESSION['forumSEE'][$fid][$tid] = time();
wd(array($lang['backtotopic'] => 'index.php?forum-showposts-' . $tid . '-p' . $page . '#' . $pid, $lang['backtotopicoverview'] => 'index.php?forum-showtopics-' . $fid), $lang['createpostsuccessful'], 3);
}
$design->footer();
}
if (isset($_POST['re']) and strpos($ar['BET'], 're') === false and strpos($ar['BET'], 'Re') === false and strpos($ar['BET'], 'RE') === false) {
$ar['BET'] = 'Re(1): ' . $ar['BET'];
} elseif (isset($_POST['re'])) {
$x = preg_replace("/re\\((\\d+)\\):.*/i", "\\1", trim($ar['BET']));
if (is_numeric($x)) {
$x = $x + 1;
$ar['BET'] = preg_replace("/(re)\\(\\d+\\):(.*)/i", "\\1(" . $x . "):\\2", $ar['BET']);
}
}
$tpl = new tpl('forum/pm/new');
$tpl->set_ar_out($ar, 0);
} else {
$eid = db_result(db_query("SELECT `id` FROM `prefix_user` WHERE `name` = BINARY '" . $name . "'"), 0);
sendpm($_SESSION['authid'], $eid, $bet, $txt);
wd('index.php?forum-privmsg', 'Die Nachricht wurde erfolgreich gesendet');
}
break;
case 'showmsg':
// message anzeigen lassen
$pid = escape($menu->get(3), 'integer');
$soeid = $menu->get(4) == 's' ? 'eid' : 'sid';
$erg = db_query("SELECT `a`.`gelesen`, `a`.`eid`, `a`.`sid`, `a`.`id`, `b`.`name`, `a`.`titel`, `a`.`time`, `a`.`txt` FROM `prefix_pm` `a` LEFT JOIN `prefix_user` `b` ON `a`.`" . $soeid . "` = `b`.`id` WHERE `a`.`id` = " . $pid);
$row = db_fetch_assoc($erg);
if ($row['sid'] != $_SESSION['authid'] and $menu->get(4) == 's' or $row['eid'] != $_SESSION['authid'] and $menu->get(4) != 's') {
$design->footer(1);
}
if ($row['gelesen'] == 0 and $menu->get(4) != 's') {
db_query("UPDATE `prefix_pm` SET `gelesen` = 1 WHERE `id` = " . $pid);
}
$row['time'] = date('d M. Y - H:i', $row['time']);
case 2:
db_query("UPDATE prefix_user SET pass = '******'pass'] . "' WHERE name = BINARY '" . $row['name'] . "'");
echo $lang['confirmpassword'];
break;
# confirm new email
# confirm new email
case 3:
list($id, $muell) = explode('||', $row['check']);
db_query("UPDATE prefix_user SET email = '" . $row['email'] . "' WHERE id = " . escape($id, 'integer'));
echo $lang['confirmemail'];
break;
# ak 4 wurde besetzt fuer joinus anfragen...
# ak 4 wurde besetzt fuer joinus anfragen...
case 4:
break;
# ak 5 remove account
# ak 5 remove account
case 5:
list($id, $muell) = explode('-remove-', $row['check']);
if ($id != $_SESSION['authid']) {
break;
}
user_remove($id);
wd('index.php', 'Dein Account wurde gelöscht. Du wirst nun auf die Startseite geleitet.', 7);
break;
}
db_query("DELETE FROM prefix_usercheck WHERE `check` = '" . $row['check'] . "'");
} else {
echo $lang['confirmfailure'];
}
$design->footer();
$fromUser = $_SESSION["authid"];
} else {
$fromUser = 0;
}
$tpl->set("NAME", get_n($fromUser));
$tpl->set("BEITRAG", get_topic_title($topicId));
$tpl->set("PID", $postId);
$tpl->set("TID", $topicId);
sendpm($fromUser, 1, $tpl->get("pm_betreff"), $tpl->get("pm_content"), 0);
// weiterleitung
wd("index.php?forum-showposts-" . $topicId, $tpl->get("weiterleitung"));
} else {
// An die Mods schicken
foreach ($getmodids as $userid) {
if (isset($_SESSION["authid"])) {
$fromUser = $_SESSION["authid"];
} else {
$fromUser = 0;
}
$tpl->set("NAME", get_n($fromUser));
$tpl->set("BEITRAG", get_topic_title($topicId));
$tpl->set("PID", $postId);
$tpl->set("TID", $topicId);
sendpm($fromUser, $userid, $tpl->get("pm_betreff"), $tpl->get("pm_content"), 0);
// weiterleitung
wd("index.php?forum-showposts-" . $topicId, $tpl->get("weiterleitung"));
}
}
}
}
$design->footer();
`status` = "' . $status . '",
`sperre` = "' . $sperre . '",
`opt_mail` = "' . $opt_mail . '",
`opt_pm` = "' . $opt_pm . '",
`opt_pm_popup` = "' . $opt_pm_popup . '",
`gebdatum` = "' . $gebdatum . '",
`sig` = "' . $sig . '"
' . $avatar_sql_update . '
WHERE `id` = "' . $uid . '"');
}
if ($sperre == 1) {
@db_query("DELETE FROM `prefix_online` WHERE uid = '" . $uid . "' ");
$sperrinfo = ' und User wurde ausgeloggt';
}
}
wd('admin.php?user-1-' . $uid, 'Das Profil wurde erfolgreich geändert' . $sperrinfo, 2);
$design->footer();
break;
// mal kurz nen neuen user anlegen
// mal kurz nen neuen user anlegen
case 'createNewUser':
$msg = '';
if (!empty($_POST['name']) and !empty($_POST['pass']) and !empty($_POST['email']) and chk_antispam('adminuser_action', true)) {
$_POST['name'] = escape($_POST['name'], 'string');
$_POST['recht'] = escape($_POST['recht'], 'integer');
$_POST['email'] = escape($_POST['email'], 'string');
$erg = db_query("SELECT `id` FROM `prefix_user` WHERE `name_clean` = BINARY '" . get_lower($_POST['name']) . "'");
if (db_num_rows($erg) > 0) {
$msg = 'Der Name ist leider schon vorhanden!';
} else {
$new_pass = $_POST['pass'];
$this_id = $getid;
$outar['thumbwidth'] = 100;
if (!empty($_FILES['editlogo']['tmp_name'])) {
$uploadname = $getid . '_' . $_FILES["editlogo"]["name"];
if ($getpicname != '.no-image-opponent.png' and $getpicname != 'thumb_.no-image-opponent.png') {
@unlink('include/images/opponents/' . $getpicname . '');
@unlink('include/images/opponents/thumb_' . $getpicname . '');
}
move_uploaded_file($_FILES["editlogo"]["tmp_name"], $updir . $uploadname);
create_thumb($updir . $uploadname, $updir . 'thumb_' . $uploadname, $outar['thumbwidth']);
} else {
$uploadname = $getpicname;
}
// DB UPDATE
db_query("UPDATE `prefix_opponents` SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tname \t= '" . $editclanname . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\t\ttag \t= '" . $editclantag . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tpage \t= '" . $editurl . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\t\temail \t= '" . $editemail . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\t\ticq \t= '" . $editicq . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tnation \t= '" . $editnation . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tlogo \t= '" . $uploadname . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tid = " . $getid . "");
wd('admin.php?opponents', 'Daten gespeichert', 3);
$design->footer(1);
}
$outar['ANTISPAM'] = get_antispam('adminuser_action', 0, true);
$tpl->set_ar_out($outar, 1);
$design->footer();
}
break;
default:
// Gegnerliste ausgeben
$limit = 15;
$page = $menu->getA(1) == 'p' ? $menu->getE(1) : 1;
$anfang = ($page - 1) * $limit;
if (isset($_POST['submit'])) {
$suchstr = escape($_POST['suche'], 'string');
$WHERE = "WHERE name LIKE '%" . $suchstr . "%' OR tag LIKE '%" . $suchstr . "%'";
yahoo = "' . $yahoo . '",
aim = "' . $aim . '",
staat = "' . $staat . '",
spezrank = "' . $spezrank . '",
geschlecht = "' . $geschlecht . '",
status = "' . $status . '",
opt_mail = "' . $opt_mail . '",
opt_pm = "' . $opt_pm . '",
opt_pm_popup = "' . $opt_pm_popup . '",
gebdatum = "' . $gebdatum . '",
sig = "' . $sig . '"
' . $avatar_sql_update . '
WHERE id = "' . $uid . '"');
}
}
wd('admin.php?user-1-' . $uid, 'Das Profil wurde erfolgreich geaendert', 2);
$design->footer();
break;
// mal kurz nen neuen user anlegen
// mal kurz nen neuen user anlegen
case 'createNewUser':
$msg = '';
if (!empty($_POST['name']) and !empty($_POST['pass']) and !empty($_POST['email']) and chk_antispam('adminuser_create', true)) {
$_POST['name'] = escape($_POST['name'], 'string');
$_POST['recht'] = escape($_POST['recht'], 'integer');
$_POST['email'] = escape($_POST['email'], 'string');
$erg = db_query("SELECT id FROM prefix_user WHERE name = BINARY '" . $_POST['name'] . "'");
if (db_num_rows($erg) > 0) {
$msg = 'Der Name ist leider schon vorhanden!';
} else {
$new_pass = $_POST['pass'];
<?php
/**
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL)
* @copyright (C) 2000-2010 ilch.de
* @version $Id$
*/
defined('main') or die('no direct access');
$title = $allgAr['title'] . ' :: ' . $lang['login'];
$hmenu = $extented_forum_menu . $lang['login'] . $extented_forum_menu_sufix;
$tpl = new tpl('user/login.htm');
if (loggedin()) {
$design = new design($title, $hmenu, 0);
$design->header();
if (isset($_POST['wdlink'])) {
$wd = $_POST['wdlink'];
} else {
$wd = 'index.php?' . $allgAr['smodul'];
}
wd($wd, $lang['yourareloged']);
$design->footer();
} else {
$design = new design($title, $hmenu);
$design->addheader($tpl->get(0));
$design->header();
$tpl = new tpl('user/login.htm');
$tpl->set_out('WDLINK', 'index.php?' . $allgAr['smodul'], 1);
$design->footer();
}
echo '<select name="' . $row['schl'] . '">' . $grl . '</select>';
} elseif ($row['typ'] == 'grecht2') {
$grl = dblistee($allgAr[$row['schl']], "SELECT id,name FROM prefix_grundrechte WHERE id >= -2 ORDER BY id ASC");
echo '<select name="' . $row['schl'] . '">' . $grl . '</select>';
} elseif ($row['typ'] == 'password') {
echo '<input size="50" type="password" name="' . $row['schl'] . '" value="***" />';
}
echo '</td></tr>' . "\n\n";
$ch = $row['kat'];
}
echo '<tr class="Cdark"><td></td><td><input type="submit" value="Absenden" name="submit"></td></tr>';
echo '</table>';
echo get_antispam('admin_allg', 0, true);
echo '</form>';
} elseif ($csrfCheck) {
$abf = 'SELECT * FROM `prefix_config` ORDER BY kat';
$erg = db_query($abf);
while ($row = db_fetch_assoc($erg)) {
if ($row['typ'] == 'password' and $_POST[$row['schl']] == '***') {
continue;
} elseif ($row['typ'] == 'password') {
require_once 'include/includes/class/AzDGCrypt.class.inc.php';
$cr64 = new AzDGCrypt(DBDATE . DBUSER . DBPREF);
$_POST[$row['schl']] = $cr64->crypt($_POST[$row['schl']]);
}
db_query('UPDATE `prefix_config` SET wert = "' . escape($_POST[$row['schl']], 'textarea') . '" WHERE schl = "' . $row['schl'] . '"');
}
wd('admin.php?allg', 'Erfolgreich geändert', 2);
}
//-----------------------------------------------------------|
$design->footer();
<?php
/**
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL)
* @copyright (C) 2000-2010 ilch.de
* @version $Id$
*/
defined('main') or die('no direct access');
defined('admin') or die('only admin access');
$design = new design('Ilch Admin-Control-Panel :: Trainzeiten', '', 2);
$design->header();
$tpl = new tpl('trains', 1);
if (!empty($_POST['send']) and chk_antispam('adminuser_action', true)) {
$mon = str_replace('#', '', escape($_POST['mon'], 'textarea'));
$die = str_replace('#', '', escape($_POST['die'], 'textarea'));
$mit = str_replace('#', '', escape($_POST['mit'], 'textarea'));
$don = str_replace('#', '', escape($_POST['don'], 'textarea'));
$fre = str_replace('#', '', escape($_POST['fre'], 'textarea'));
$sam = str_replace('#', '', escape($_POST['sam'], 'textarea'));
$son = str_replace('#', '', escape($_POST['son'], 'textarea'));
$new = $mon . '#' . $die . '#' . $mit . '#' . $don . '#' . $fre . '#' . $sam . '#' . $son;
db_query("UPDATE `prefix_allg` SET `t1` = '" . $new . "' WHERE `k` = 'trainzeiten'");
wd('admin.php?trains', 'Daten erfolgreich geändert', 2);
} else {
$row = db_fetch_object(db_query("SELECT `t1` FROM `prefix_allg` WHERE `k` = 'trainzeiten'"));
$dbe = explode('#', $row->t1);
$ar = array('MON' => $dbe[0], 'DIE' => $dbe[1], 'MIT' => $dbe[2], 'DON' => $dbe[3], 'FRE' => $dbe[4], 'SAM' => $dbe[5], 'SON' => $dbe[6], 'ANTISPAM' => get_antispam('adminuser_action', 0, true));
$tpl->set_ar_out($ar, 0);
}
$design->footer();
$class = $class == 'Cmite' ? 'Cnorm' : 'Cmite';
$row['class'] = $class;
$tpl->set_ar_out($row, 4);
}
}
// Tabellenuebergang
$tpl->out(1);
// Aendern oder Einfuegen
if ($aid == 'edit') {
$lid = $menu->get(3);
$erg = db_query('SELECT `task`, `file`, `description` FROM `prefix_loader` WHERE `id` = ' . $lid);
$row = db_fetch_assoc($erg);
$task = getTasks($row['task']);
$tpl->set_ar_out(array('aname' => 'Eintrag bearbeiten', 'task' => $task, 'file' => $row['file'], 'description' => $row['description'], 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5);
} else {
$task = getTasks('');
$tpl->set_ar_out(array('aname' => 'Eintrag hinzufügen', 'task' => $task, 'file' => '', 'description' => '', 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5);
}
// Template-Footer
$tpl->out(2);
break;
case 'del':
// Betroffene Task-ID
$lid = $menu->get(3);
// Wert entfernen
db_query('DELETE FROM `prefix_loader` WHERE `id` = ' . $lid);
wd('admin.php?modules-loader', 'Eintrag gelöscht');
$design->footer(1);
break;
}
$design->footer();
<?php
/**
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL)
* @copyright (C) 2000-2010 ilch.de
* @version $Id$
*/
defined('main') or die('no direct access');
// -----------------------------------------------------------|
if (!empty($_POST['temp_ch'])) {
$_SESSION['authgfx'] = $_POST['temp_ch'];
wd('', '', 0);
} else {
echo '<form action="index.php?' . $menu->get_complete() . '" method="POST">';
echo '<div align="center">';
echo '<select name="temp_ch" onchange="this.form.submit();">';
$o = opendir('include/designs');
while ($f = readdir($o)) {
if (!preg_match("/\\..*/", $f) and is_dir('include/designs/' . $f)) {
$s = $f == $_SESSION['authgfx'] ? ' selected' : '';
echo '<option' . $s . '>' . $f . '</option>';
}
}
echo '</select></div></form>';
}
$tpl->out(1);
// Aendern oder Einfuegen
if ($aid == 'edit') {
$mid = $menu->get(3);
$erg = db_query('SELECT `pos`, `menu` FROM `prefix_modules` WHERE `id` = ' . $mid);
$row = db_fetch_assoc($erg);
$kat = getKats($row['menu']);
$modul = dblistee($mid, 'SELECT `id`, `name` FROM `prefix_modules` WHERE (`menu` = "" AND (`gshow` = 1 OR `ashow` = 1)) OR `id` = ' . $mid . ' ORDER BY `name` ASC');
$tpl->set_ar_out(array('aname' => 'Eintrag bearbeiten', 'modul' => $modul, 'kat' => $kat, 'pos' => $row['pos'], 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5);
} else {
$kat = getKats();
$modul = dblistee('', 'SELECT `id`, `name` FROM `prefix_modules` WHERE `menu` = "" AND (`gshow` = 1 OR `ashow` = 1) ORDER BY `name` ASC');
$tpl->set_ar_out(array('aname' => 'Eintrag hinzufügen', 'modul' => $modul, 'kat' => $kat, 'pos' => $row['pos'], 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5);
}
// Template-Footer
$tpl->out(2);
break;
case 'del':
// Betroffene Modul-ID
$mid = $menu->get(3);
// Aktuelle Position und Menus abfragen
$erg = db_query('SELECT `pos`, `menu` FROM `prefix_modules` WHERE `id` = ' . $mid . ' LIMIT 0, 1');
$row = db_fetch_assoc($erg);
// Postitionen des alten Menues neu speichern und Modul-Kat zuruecksetzen
db_query('UPDATE `prefix_modules` SET `pos` = `pos` -1 WHERE `menu` = "' . $row['menu'] . '" AND `pos` > ' . $row['pos']);
db_query('UPDATE `prefix_modules` SET `menu` = "", `pos` = NULL WHERE `id` = ' . $mid);
wd('admin.php?modules-adminmenu', 'Eintrag gelöscht');
$design->footer(1);
break;
}
$design->footer();
<?php
# Copyright by: Manuel
# Support: www.ilch.de
defined('main') or die('no direct access');
defined('admin') or die('only admin access');
$design = new design('Admins Area', 'Admins Area', 2);
$design->header();
$tpl = new tpl('history', 1);
# delete
if ($menu->getA(1) == 'd' and is_numeric($menu->getE(1))) {
$IdToDelete = escape($menu->getE(1), 'integer');
db_query("DELETE FROM prefix_history WHERE id = '" . $IdToDelete . "'");
wd('?history', 'Erfolgreich gelöscht', 3);
}
if (isset($_POST['pkey'])) {
$IdToEdit = escape($_POST['pkey'], 'integer');
}
if (!empty($_POST['sub'])) {
list($d, $m, $y) = explode('.', $_POST['date']);
if (@checkdate($m, $d, $y)) {
$date = $y . '-' . $m . '-' . $d;
$date = escape($date, 'string');
$txt = escape($_POST['txt'], 'textarea');
$title = escape($_POST['title'], 'string');
if (empty($_POST['pkey'])) {
db_query("INSERT INTO prefix_history (date,title,txt) VALUES ('" . $date . "','" . $title . "','" . $txt . "')");
} else {
db_query("UPDATE prefix_history SET date = '" . $date . "',title = '" . $title . "',txt = '" . $txt . "' WHERE id = '" . $IdToEdit . "'");
}
} else {
db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),3)");
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$text = $lang['changedthemail'] . sprintf($lang['registconfirmlink'], $page, $id);
icmail($_POST['email'], $lang['mail'] . ' ' . $lang['changed'], $text);
$fmsg = $lang['pleaseconfirmmail'];
}
#
#remove account
if (isset($_POST['removeaccount'])) {
$id = $_SESSION['authid'] . '-remove-' . md5(uniqid(rand()));
db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),5)");
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$text = $lang['removeconfirm'] . sprintf($lang['registconfirmlink'], $page, $id);
icmail($_POST['email'], html_entity_decode($lang['removeaccount'], ILCH_ENTITIES_FLAGS, ILCH_CHARSET), $text);
$fmsg = $lang['pleaseconfirmremove'];
}
#remove account
# statische felder speichern
db_query("UPDATE prefix_user\r\n\t\t\t SET\r\n homepage = '" . get_homepage(escape($_POST['homepage'], 'string')) . "',\r\n wohnort = '" . escape($_POST['wohnort'], 'string') . "',\r\n icq = '" . escape($_POST['icq'], 'string') . "',\r\n msn = '" . escape($_POST['msn'], 'string') . "',\r\n yahoo = '" . escape($_POST['yahoo'], 'string') . "',\r\n " . $avatar_sql_update . "\r\n aim = '" . escape($_POST['aim'], 'string') . "',\r\n staat = '" . escape($_POST['staat'], 'string') . "',\r\n geschlecht = '" . escape($_POST['geschlecht'], 'string') . "',\r\n status = '" . escape($_POST['status'], 'string') . "',\r\n opt_mail = '" . escape($_POST['opt_mail'], 'string') . "',\r\n opt_pm = '" . escape($_POST['opt_pm'], 'string') . "',\r\n opt_pm_popup = '" . escape($_POST['opt_pm_popup'], 'string') . "',\r\n gebdatum = '" . get_datum(escape($_POST['gebdatum'], 'string')) . "',\r\n sig = '" . substr(escape($_POST['sig'], 'string'), 0, $allgAr['forum_max_sig']) . "'\r\n\t\t\t\tWHERE id = " . $_SESSION['authid']);
# change other profil fields
profilefields_change_save($_SESSION['authid']);
$design->header();
# definie and print msg
$fmsg = isset($fmsg) ? $fmsg : $lang['changesuccessful'];
wd('?user-8', $fmsg, 3);
}
} else {
$tpl = new tpl('user/login');
$tpl->set_out('WDLINK', '?user-8', 0);
}
$design->footer();
$Frid = $row->id;
$Fakt = 'change';
}
$tpl = new tpl('range', 1);
$ar = array('SUB' => $Fsub, 'BEZ' => $Fbez, 'MIN' => $Fmin, 'JCH' => $Fjch, 'NCH' => $Fnch, 'RID' => $Frid, 'AKT' => $Fakt, 'ANTISPAM' => get_antispam('adminuser_action', 0, true));
$tpl->set_ar_out($ar, 3);
} else {
if (chk_antispam('adminuser_action', true)) {
$_POST['bez'] = escape($_POST['bez'], 'string');
$_POST['min'] = escape($_POST['min'], 'integer');
$_POST['spez'] = escape($_POST['spez'], 'integer');
$_POST['rid'] = escape($_POST['rid'], 'integer');
if (empty($_POST['rid'])) {
if ($_POST['spez'] == 1) {
$_POST['min'] = '0';
}
db_query('INSERT INTO `prefix_ranks` (`bez`,`min`,`spez`) VALUES ( "' . $_POST['bez'] . '","' . $_POST['min'] . '","' . $_POST['spez'] . '" ) ');
wd('admin.php?range', 'Erfolgreich eingetragen', 1);
} else {
if ($_POST['spez'] == 1) {
$_POST['min'] = '0';
}
db_query('UPDATE `prefix_ranks` SET `bez` = "' . $_POST['bez'] . '", `min` = "' . $_POST['min'] . '", `spez` = "' . $_POST['spez'] . '" WHERE `id` = "' . $_POST['rid'] . '"');
wd('admin.php?range', 'Erfolgreich geändert', 1);
}
} else {
wd('admin.php?range', 'Fehler', 1);
}
}
}
$design->footer();
$tpl->out(0);
$class = '';
$erg = db_query("SELECT name, uid FROM prefix_forummods LEFT JOIN prefix_user ON prefix_user.id = prefix_forummods.uid WHERE prefix_forummods.fid = " . $fid);
while ($r = db_fetch_assoc($erg)) {
$class = $class == 'Cmite' ? 'Cnorm' : 'Cmite';
$r['class'] = $class;
$tpl->set_ar_out($r, 1);
}
$tpl->out(2);
$show = false;
break;
case 'newForum':
if (empty($_POST['sub'])) {
# false if no cat exists
if (db_result(db_query("SELECT COUNT(id) FROM prefix_forumcats"), 0) == 0) {
wd('admin.php?forum-newCategorie', 'Erst eine neue Kategorie anlegen dann ein Forum');
die;
}
$ar = array('ak' => 'new', 'sub' => 'Eintragen', 'name' => '', 'fid' => '', 'text' => '');
$tpl = new tpl('forum/eforum', 1);
if ($menu->getA(2) == 'c' and is_numeric($menu->getE(2))) {
$cid = $menu->getE(2);
} else {
$cid = 0;
}
forum_admin_selectcats(0, '', $ar['kats'], $cid);
$ar['view'] = '<optgroup label="Grundrechte">';
$ar['view'] .= dbliste('', $tpl, 'view', "SELECT id, name FROM prefix_grundrechte ORDER BY id DESC");
$ar['view'] .= '</optgroup>';
$ar['view'] .= '<optgroup label="Gruppen">';
$ar['view'] .= dbliste('', $tpl, 'view', "SELECT id, name FROM prefix_groups ORDER BY id DESC");
$emails = array('bbc', $allgAr['adminMail']);
while ($row = db_fetch_object($erg)) {
if (!in_array($row->email, $emails) and preg_match('/^([a-z0-9])(([-a-z0-9._])*([a-z0-9]))*\\@([a-z0-9])' . '(([a-z0-9-])*([a-z0-9]))+' . '(\\.([a-z0-9])([-a-z0-9_-])?([a-z0-9])+)+$/i', $row->email) == 1) {
$emails[] = $row->email;
$zahler++;
}
}
icmail($emails, $_POST['bet'], $_POST['txt'], '', isset($_POST['html']));
} elseif ($mailopm == 'P') {
$uids = array();
while ($row = db_fetch_object($erg)) {
$uids[] = $row->uid;
$zahler++;
}
sendpm($_SESSION['authid'], $uids, escape($_POST['bet'], 'string'), escape($_POST['txt'], 'string'), -1);
}
if ($mailopm == 'E') {
$eMailorPmsg = 'eMail(s)';
} elseif ($mailopm == 'P') {
$eMailorPmsg = 'Private Nachrichte(n)';
}
wd('admin.php?newsletter', 'Es wurde(n) ' . $zahler . ' ' . $eMailorPmsg . ' verschickt.', 5);
} else {
wd('admin.php?newsletter', 'Für diese Auswahl konnte nichts gefunden werden.', 5);
}
} else {
echo $xajax->printJavascript();
$tpl = new tpl('newsletter', 1);
$tpl->set_out('ANTISPAM', get_antispam('adminuser_action', 0, true), 0);
}
$design->footer();
<?php
defined('main') or die('no direct access');
defined('admin') or die('only admin access');
$design = new design('Admins Area', 'Admins Area', 2);
$design->header();
$tpl = new tpl('trains', 1);
if (!empty($_POST['send'])) {
$mon = str_replace('#', '', escape($_POST['mon'], 'textarea'));
$die = str_replace('#', '', escape($_POST['die'], 'textarea'));
$mit = str_replace('#', '', escape($_POST['mit'], 'textarea'));
$don = str_replace('#', '', escape($_POST['don'], 'textarea'));
$fre = str_replace('#', '', escape($_POST['fre'], 'textarea'));
$sam = str_replace('#', '', escape($_POST['sam'], 'textarea'));
$son = str_replace('#', '', escape($_POST['son'], 'textarea'));
$new = $mon . '#' . $die . '#' . $mit . '#' . $don . '#' . $fre . '#' . $sam . '#' . $son;
db_query("UPDATE `prefix_allg` SET t1 = '" . $new . "' WHERE k = 'trainzeiten'");
wd('?trains', 'Daten erfolgreich geändert', 2);
} else {
$row = db_fetch_object(db_query("SELECT t1 FROM `prefix_allg` WHERE k = 'trainzeiten'"));
$dbe = explode('#', $row->t1);
$ar = array('MON' => $dbe[0], 'DIE' => $dbe[1], 'MIT' => $dbe[2], 'DON' => $dbe[3], 'FRE' => $dbe[4], 'SAM' => $dbe[5], 'SON' => $dbe[6]);
$tpl->set_ar_out($ar, 0);
}
$design->footer();
$tpl->set_ar_out($ar, 1);
} else {
// save toipc
$_SESSION['klicktime'] = $dppk_time;
$design = new design($title, $hmenu, 0);
$design->header($load);
if (loggedin()) {
$uid = $_SESSION['authid'];
$erst = escape($_SESSION['authname'], 'string');
db_query("UPDATE `prefix_user` SET `posts` = `posts`+1 WHERE `id` = " . $uid);
} else {
$erst = $xnn;
$uid = 0;
}
db_query("INSERT INTO `prefix_topics` (`fid`, `name`, `erst`, `stat`) VALUES ( " . $fid . ", '" . $topic . "', '" . $erst . "', 1 )");
$tid = db_last_id();
// topic alert
if (!empty($_POST['topic_alert']) and $_POST['topic_alert'] == 'yes' and loggedin()) {
if (0 == db_result(db_query("SELECT COUNT(*) FROM `prefix_topic_alerts` WHERE `uid` = " . $_SESSION['authid'] . " AND `tid` = " . $tid), 0)) {
db_query("INSERT INTO `prefix_topic_alerts` (`tid`,`uid`) VALUES (" . $tid . ", " . $_SESSION['authid'] . ")");
}
}
db_query("INSERT INTO `prefix_posts` (`tid`,`fid`,`erst`,`erstid`,`time`,`txt`) VALUES ( " . $tid . ", " . $fid . ", '" . $erst . "', " . $uid . ", " . $time . ", '" . $txt . "')");
$pid = db_last_id();
db_query("UPDATE `prefix_topics` SET `last_post_id` = " . $pid . " WHERE `id` = " . $tid);
db_query("UPDATE `prefix_forums` SET `posts` = `posts` + 1, `last_post_id` = " . $pid . ", `topics` = `topics` + 1 WHERE `id` = " . $fid);
// toipc als gelesen markieren
$_SESSION['forumSEE'][$fid][$tid] = time();
wd('index.php?forum-showposts-' . $tid, $lang['createtopicsuccessful']);
}
$design->footer();
<?php
# Copyright by: Manuel
# Support: www.ilch.de
defined('main') or die('no direct access');
$title = $allgAr['title'] . ' :: Logout';
$hmenu = $extented_forum_menu . 'Logout' . $extented_forum_menu_sufix;
$design = new design($title, $hmenu, 0);
# ausloggen
user_logout();
$design->header();
wd('?' . $allgAr['smodul'], $lang['logoutsuccessful']);
$design->footer();
$design->addheader('<link rel="stylesheet" type="text/css" href="include/includes/css/uprofil/uprofil.css">');
$design->addheader('<script type="text/javascript" src="include/includes/js/uprofil.js"></script>');
$design->addheader('<script type="text/javascript" src="http://code.jquery.com/jquery-latest.min.js"></script>');
$design->addheader('<script type="text/javascript" src="include/includes/js/jquery.textareaAutoResize.js"></script>');
$design->addheader('<script type="text/javascript" src="include/includes/js/bbcode.js"></script>');
$design->header();
if (loggedin() and $menu->get(2) == $_SESSION['authid']) {
//Header
include __DIR__ . DIRECTORY_SEPARATOR . '../header.php';
$tpl = new tpl('uprofil/settings/blockierung.htm');
$FAnzahl = db_count_query('SELECT count(id) FROM prefix_friendscheck WHERE fid = ' . $uid);
$BAnzahl = db_count_query('SELECT count(id) FROM prefix_userblock WHERE uid = ' . $uid);
$abfF = 'SELECT u.*, f.* FROM prefix_friendscheck f LEFT JOIN prefix_user u ON u.id = f.uid WHERE f.fid = ' . $uid . ' ORDER BY f.id ASC';
$ergF = db_query($abfF);
$abfBlock = 'SELECT u.*, f.* FROM prefix_userblock f LEFT JOIN prefix_user u ON u.id = f.bid WHERE f.uid = ' . $uid . ' ORDER BY f.id ASC';
$ergBlock = db_query($abfBlock);
$tpl->out(0);
if ($BAnzahl > 0) {
while ($rowBlock = db_fetch_assoc($ergBlock)) {
$rowBlock['FNAME'] = $rowBlock['name'];
$rowBlock['OTHER'] = '<br /><br /><div class="friendButton blockURefuse" onclick="location.href = \'?user-allgcheck-refuse-' . $rowBlock['bid'] . '\';">Blockierung aufheben</div>';
$tpl->set_ar_out($rowBlock, 1);
}
} else {
echo '<br /><div id="contenText" align="center">Keine Blockierte User vorhanden.</div>';
}
$tpl->out(2);
} else {
wd('index.php', 'Es ist ein Fehler aufgetreten.');
}
$design->footer();