/** * Die Adminnavigation aus der angegeben XML-Datei auslesen * * @param $file die zu lesende XML-Datei */ function get_ini_menu($file) { $menus = simplexml_load_file($file); $umenu = ''; $tpl = new tpl('adminsubmenu', 1); if ($menus->attributes()->hide == 'true') { $tpl->out(4); return $umenu; } foreach ($menus->list as $liste) { $tpl->set_out('headline', $liste->attributes()->title, 0); $tpl->out(1); foreach ($liste->modul as $mod) { // wenn der nutzer die nötigen rechte hat if ($mod->right >= $_SESSION['authright'] or !isset($mod->right)) { $tpl->set_ar_out(array('url' => $mod->url, 'title' => utf8_decode($mod->title)), 2); } } $tpl->out(3); } return $umenu; }
} if (empty($row['wohnort'])) { $wohnort = ''; } else { $wohnort = '<img src="include/images/userprofil/icons/icon_home.png"> aus ' . $row['wohnort'] . '<br />'; } $geschlecht = array('0' => 'Unbekannt', '1' => 'Männlich', '2' => 'Weiblich'); $geschlecht = '<img src="include/images/userprofil/icons/icon_user.png"> ' . $geschlecht[$row['geschlecht']]; $UGAnzahl = db_count_query('SELECT count(uid) FROM prefix_usergallery WHERE uid = ' . $uid); $FAnzahl = db_count_query('SELECT count(uid) FROM prefix_friends WHERE uid = ' . $uid); $GBAnzahl = db_count_query('SELECT count(uid) FROM prefix_usergbook WHERE uid = ' . $uid); $tpl = new tpl('uprofil/leftbox.htm'); $ar = array('UID' => $row['id'], 'GEBURTSTAG' => $gebdatum, 'WOHNORT' => $wohnort, 'GESCHLECHT' => $geschlecht, 'UGBILDER' => $UGAnzahl, 'JOINED' => '<img src="include/images/userprofil/icons/icon_calendar.png"> ' . date('d. M Y', $row['regist']) . '<br />', 'SITELINK' => $MPL); $tpl->set_ar_out($ar, 0); if ($UGAnzahl > 0) { $tpl->set_out('UGBILDER', ' (' . $UGAnzahl . ')', 1); while ($rowUG = db_fetch_assoc($ergUG)) { if (empty($rowUG['txt'])) { $rowUG['txt'] = $rowUG['name']; } else { $rowUG['txt'] = $rowUG['txt']; } $rowUG['BILDER'] = '<div class="boxUserFotos"><a href="include/images/usergallery/img_' . $rowUG['id'] . '.' . $rowUG['endung'] . '" target="_blank"><img src="include/images/usergallery/img_thumb_' . $rowUG['id'] . '.' . $rowUG['endung'] . '" title="' . $rowUG['txt'] . '" width="80px" height="80px"></a></div>'; $tpl->set_ar_out($rowUG, 2); } $tpl->out(3); } if ($FAnzahl > 0) { $tpl->set_out('ZFRIENDS', ' (' . $FAnzahl . ')', 4); while ($rowF = db_fetch_assoc($ergF)) { if (file_exists($rowF['avatar'])) {
/** * @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) * @copyright (C) 2000-2010 ilch.de * @version $Id$ */ defined('main') or die('no direct access'); defined('admin') or die('only admin access'); if ($menu->get(1) == "phpinfo") { phpinfo(); } else { $design = new design('Ilch Admin-Control-Panel :: Serverkonfiguration', '', 2); $design->header(); $tpl = new tpl('checkconf', 1); $tpl->out(0); // # Server conf $tpl->set_out('head', $lang['phpserverconf'], 1); $tpl->set_ar_out(array('class' => 'Cmite', 'opt' => 'version', 'val' => phpversion()), 3); $confstrings = array("safe_mode", "display_errors", "max_execution_time", "memory_limit", "register_globals", "file_uploads", "upload_max_filesize", "post_max_size", "disable_functions"); $class = 'Cmite'; foreach ($confstrings as $str) { if ($class == 'Cmite') { $class = 'Cnorm'; } else { $class = 'Cmite'; } $tpl->set("class", $class); $tpl->set("opt", $str); $tpl->set("val", ini_get($str)); $tpl->out(3); } // sockets
} else { $tpl->out(0); } unset($tpl); $show = false; break; } if ($show) { $tpl = new tpl('forum/forum', 1); $firstcat = @db_result(db_query("SELECT id FROM `prefix_forumcats` ORDER BY pos LIMIT 1"), 0); if (isset($showcid)) { $id = $showcid; } else { $id = $menu->getA(1) == 'S' ? $menu->getE(1) : (is_numeric($firstcat) ? $firstcat : 0); } $tpl->set_out('cid', $id, 0); $class = ''; $erg = db_query("SELECT id, cid, name as cname, pos as cpos FROM prefix_forumcats WHERE id = {$id} ORDER BY pos"); while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; $tpl->set_ar_out($row, 1); $erg1 = db_query("SELECT\r\n prefix_forums.id as fid,\r\n prefix_forums.name as fname,\r\n prefix_forums.pos as fpos,\r\n case when view <= 0 then vg.name else vt.name end as view,\r\n case when reply <= 0 then rg.name else rt.name end as reply,\r\n case when start <= 0 then sg.name else st.name end as start\r\n FROM prefix_forums\r\n LEFT JOIN prefix_grundrechte as vg ON prefix_forums.view = vg.id\r\n LEFT JOIN prefix_grundrechte as rg ON rg.id = prefix_forums.reply\r\n LEFT JOIN prefix_grundrechte as sg ON sg.id = prefix_forums.start\r\n\r\n\t\t\tLEFT JOIN prefix_groups as vt ON prefix_forums.view = vt.id\r\n LEFT JOIN prefix_groups as rt ON rt.id = prefix_forums.reply\r\n LEFT JOIN prefix_groups as st ON st.id = prefix_forums.start\r\n WHERE prefix_forums.cid = " . $row['id'] . " ORDER BY prefix_forums.pos"); while ($row1 = db_fetch_assoc($erg1)) { $row1['class'] = $row['class']; $row1['cid'] = $id; $tpl->set_ar_out($row1, 2); } } $tpl->out(3); forum_admin_showcats(0, '');
$tpl->set('readonly', loggedin() ? ' readonly' : ''); $tpl->set('FEHLER', '<div id="formfehler">' . $fehler . '</div>'); $tpl->out(0); if ($allgAr['joinus_rules'] != 1) { $tpl->out(1); } else { $rules = '<h2>' . $lang['rules'] . '</h2>'; $rerg = db_query('SELECT `zahl`,`titel`,`text` FROM `prefix_rules` ORDER BY `zahl`'); while ($rrow = db_fetch_row($rerg)) { $rules .= '<table width="100%" border="0" cellpadding="5" cellspacing="1" class="border">'; $rules .= '<tr class="Cmite"><td><b>§' . $rrow[0] . '. ' . $rrow[1] . '</b></td></tr>'; $rules .= '<tr class="Cnorm"><td>' . bbcode($rrow[2]) . '</td></tr>'; $rules .= '</table><br />'; } $rules .= '<input type="checkbox" name="rules" value="' . $lang['yes'] . '" />' . str_replace(array('<a target="_blank" href="index.php?rules">', '</a>'), '', $lang['rulzreaded']) . '<br />'; $tpl->set_out('RULES', $rules, 2); } $tpl->set('ANTISPAM', get_antispam('joinus', 100)); $tpl->out(3); } else { // eintragen $name = $xname; $userreg = $lang['no']; if (!loggedin() and $allgAr['forum_regist'] != 0) { $x = user_regist($name, $mail, genkey(8)); $userreg = $lang['yes']; } db_query("INSERT INTO `prefix_usercheck` (`check`,`name`,`datime`,`ak`,`groupid`) VALUES ('" . genkey(8) . "','" . $name . "',NOW(),4," . $squad . ")"); $squad = escape($squad, 'integer'); $abf = "SELECT `mod1`, `mod2`, `mod4`, `name` FROM `prefix_groups` WHERE `id` = " . $squad; $erg = db_query($abf);
$page = $menu->getA(3) == 'p' ? $menu->getE(3) : 1; $filtername = escape($menu->get(2), 'string'); } else { $page = $menu->getA(1) == 'p' ? $menu->getE(1) : 1; } $anfang = ($page - 1) * $limit; $tpl = new tpl('user/memb_list.htm'); if (isset($_GET['filtername']) and !empty($_GET['filtername'])) { $filtername = escape($_GET['filtername'], 'string'); } if (!empty($filtername)) { $sql_search = " WHERE prefix_user.name LIKE '%" . $filtername . "%'"; $MPL = db_make_sites($page, $sql_search, $limit, '?user-filtername-' . $filtername, 'user'); } else { $sql_search = ""; $MPL = db_make_sites($page, "", $limit, '?user', 'user'); } $tpl->set_out('SITELINK', $MPL, 0); $class = ''; $erg = db_query("SELECT\r\n posts,\r\n prefix_user.id,\r\n prefix_grundrechte.name as recht_name,\r\n regist,\r\n prefix_user.name\r\nFROM prefix_user\r\n LEFT JOIN prefix_grundrechte ON prefix_user.recht = prefix_grundrechte.id\r\n {$sql_search}\r\nORDER by recht,prefix_user.posts DESC LIMIT " . $anfang . "," . $limit); while ($row = db_fetch_object($erg)) { if ($class == 'Cmite') { $class = 'Cnorm'; } else { $class = 'Cmite'; } $ar = array('NAME' => $row->name, 'RANG' => userrang($row->posts, $row->id), 'CLASS' => $class, 'POSTS' => $row->posts, 'UID' => $row->id, 'DATE' => date('d.m.Y', $row->regist), 'GRUPE' => $row->recht_name); $tpl->set_ar_out($ar, 1); } $tpl->set_out('filtername', $filtername ? $filtername : '', 2); $design->footer();
$design = new design('Ilch Admin-Control-Panel :: Registrierungen', '', 2); $design->header(); $tpl = new tpl('puser', 1); // add pending user if ($menu->get(1) == "confirm" and isset($_GET['check'])) { $erg = db_query("SELECT * FROM `prefix_usercheck` WHERE `check` = '" . escape($_GET['check'], 'string') . "'"); if (db_num_rows($erg) == 1) { $row = db_fetch_assoc($erg); switch ($row['ak']) { // confirm regist case 1: if (0 == db_count_query("SELECT COUNT(*) FROM `prefix_user` WHERE `name_clean` = BINARY '" . $row['name_clean'] . "'")) { db_query("INSERT INTO `prefix_user` (`name`,`name_clean`,`pass`,`recht`,`regist`,`llogin`,`email`,`status`,`opt_mail`,`opt_pm`)\n \t\t\t VALUES('" . $row['name'] . "','" . $row['name_clean'] . "','" . $row['pass'] . "',-1,'" . time() . "','" . time() . "','" . $row['email'] . "',1,1,1)"); db_query("DELETE FROM `prefix_usercheck` WHERE `check` = '" . escape($_GET['check'], 'string') . "'"); } else { $tpl->set_out('error', 'Username existiert bereits', 3); } break; // confirm new pass // confirm new pass case 2: db_query("UPDATE `prefix_user` SET `pass` = '" . $row['pass'] . "' WHERE `name_clean` = BINARY '" . $row['name_clean'] . "'"); db_query("DELETE FROM `prefix_usercheck` WHERE `check` = '" . escape($_GET['check'], 'string') . "'"); break; // confirm new email // confirm new email case 3: list($id, $check) = explode('||', $row['check']); db_query("UPDATE `prefix_user` SET `email` = '" . $row['email'] . "' WHERE `id` = " . escape($id, 'integer')); db_query("DELETE FROM `prefix_usercheck` WHERE `check` = '" . escape($_GET['check'], 'string') . "'"); break;
$astat = db_result(db_query("SELECT stat FROM prefix_topics WHERE id = " . $k), 0, 0); $nstat = $astat == 1 ? 0 : 1; db_query("UPDATE `prefix_topics` SET stat = '" . $nstat . "' WHERE id = " . $k); } wd('index.php?forum-showtopics-' . $fid, 'Status geändert', 2); } elseif (!$csrfCheck || empty($_POST['del']) && empty($_POST['shift'])) { $limit = $allgAr['Ftanz']; // Limit $page = $menu->getA(3) == 'p' ? $menu->getE(3) : 1; $MPL = db_make_sites($page, "WHERE fid = '{$fid}'", $limit, '?forum-editforum-' . $fid, 'topics'); $anfang = ($page - 1) * $limit; $q = "SELECT a.id, a.name, a.rep, a.erst, a.hit, a.art, a.stat, b.time, b.erst as last, b.id as pid\r\n FROM prefix_topics a\r\n \tLEFT JOIN prefix_posts b ON a.last_post_id = b.id\r\n \tWHERE a.fid = {$fid}\r\n \tORDER BY a.art DESC, b.time DESC\r\n \tLIMIT " . $anfang . "," . $limit; $tpl = new tpl('forum/editforum.htm'); $tpl->set('id', $fid); $tpl->set('antispam', get_antispam('forum_edit_forum', 0, true)); $tpl->set_out('MPL', $MPL, 0); $erg = db_query($q); while ($row = db_fetch_assoc($erg)) { $row['date'] = date('d.m.y - H:i', $row['time']); $tpl->set_ar_out($row, 1); } $tpl->out(2); } elseif (isset($_POST['del']) and isset($_POST['dely']) and $_POST['dely'] == 'yes' and $csrfCheck) { $pmin = 0; $tmin = 0; foreach ($_POST['in'] as $k => $v) { $k = escape($k, 'integer'); $erg = db_query("SELECT erstid FROM prefix_posts WHERE tid = " . $k . " AND erstid > 0"); while ($row = db_fetch_object($erg)) { db_query("UPDATE prefix_user SET posts = posts - 1 WHERE id = " . $row->erstid); $pmin++;
$emails = array('bbc', $allgAr['adminMail']); while ($row = db_fetch_object($erg)) { if (!in_array($row->email, $emails) and preg_match('/^([a-z0-9])(([-a-z0-9._])*([a-z0-9]))*\\@([a-z0-9])' . '(([a-z0-9-])*([a-z0-9]))+' . '(\\.([a-z0-9])([-a-z0-9_-])?([a-z0-9])+)+$/i', $row->email) == 1) { $emails[] = $row->email; $zahler++; } } icmail($emails, $_POST['bet'], $_POST['txt'], '', isset($_POST['html'])); } elseif ($mailopm == 'P') { $uids = array(); while ($row = db_fetch_object($erg)) { $uids[] = $row->uid; $zahler++; } sendpm($_SESSION['authid'], $uids, escape($_POST['bet'], 'string'), escape($_POST['txt'], 'string'), -1); } if ($mailopm == 'E') { $eMailorPmsg = 'eMail(s)'; } elseif ($mailopm == 'P') { $eMailorPmsg = 'Private Nachrichte(n)'; } wd('admin.php?newsletter', 'Es wurde(n) ' . $zahler . ' ' . $eMailorPmsg . ' verschickt.', 5); } else { wd('admin.php?newsletter', 'Für diese Auswahl konnte nichts gefunden werden.', 5); } } else { echo $xajax->printJavascript(); $tpl = new tpl('newsletter', 1); $tpl->set_out('antispam', get_antispam('newsletter', 0, true), 0); } $design->footer();
$erg = db_query($abf); while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; $row['date'] = date('d.m.Y', $row['time']); $row['time'] = date('H:i', $row['time']); $row['BET'] = trim($row['titel']) == '' ? ' -- kein Nachrichtentitel -- ' : $row['titel']; $tpl->set_ar_out($row, 1); } $tpl->out(2); break; default: // message übersicht. $tpl = new tpl('forum/pm/show'); $ad = $menu->getA(2) == 'a' ? 'ASC' : 'DESC'; $tpl->set_out('ad', $ad == 'ASC' ? 'd' : 'a', 0); $class = 'Cmite'; switch ($menu->getE(2)) { default: case '3': $order = "`a`.`time` " . $ad; break; case '2': $order = "`b`.`name` " . $ad . ", `a`.`time` DESC"; break; case '1': $order = "`a`.`titel` " . $ad . ", `a`.`time` DESC"; break; } $abf = "SELECT `a`.`titel` as `BET`, `a`.`gelesen` as `NEW`, `b`.`name` as `ABS`, `a`.`id` as `ID`, `a`.`time` FROM `prefix_pm` `a` LEFT JOIN `prefix_user` `b` ON `a`.`sid` = `b`.`id` WHERE `a`.`eid` = " . $_SESSION['authid'] . " AND `a`.`status` <= 0 ORDER BY " . $order; $erg = db_query($abf);
<?php /** * @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) * @copyright (C) 2000-2010 ilch.de * @version $Id$ */ defined('main') or die('no direct access'); $tpl = new tpl('adminsubmenu', 1); $tpl->set_out('headline', 'Menü auswählen', 0); $tpl->out(1); for ($i = 1; $i <= $allgAr['menu_anz']; $i++) { $tpl->set_ar_out(array('url' => 'admin.php?menu-' . $i, 'title' => 'Menü ' . $i), 2); } $tpl->out(3);
public function get_url($w = '') { global $allgAr; if ($w != '') { $this->type = $w; } // startwert und pfad zum pruefen raustuefteln. if ($this->type == 'contents') { $pfad = 'include/contents'; $smod = $allgAr['smodul']; } elseif ($this->type == 'box') { $file = 'include/boxes/' . $this->get(0) . '.php'; return (file_exists($file) and $this->check_rights()) ? $file : false; } else { $pfad = 'include/admin'; $smod = 'admin'; } // wennes also leer is wird das startmodul genommen if (empty($this->menu_ar[0])) { $this->set_url(0, $smod); } // diverse sachen geprueft zum zurueck geben, // is halt so dings wegen selfpages usw... if (!file_exists($pfad . '/' . $this->get(0) . '.php') and file_exists($pfad . '/selfbp/selfp/' . $this->get(0) . '.php')) { $this->set_url(1, $this->get(0)); $this->set_url(0, 'self'); } elseif (!file_exists($pfad . '/' . $this->get(0) . '.php')) { if (substr($smod, 0, 5) == 'self-') { $this->set_url(1, substr($smod, 5)); $this->set_url(0, 'self'); } elseif (file_exists($pfad . '/selfbp/selfp/' . $smod . '.php')) { $this->set_url(1, $smod); $this->set_url(0, 'self'); } else { $this->set_url(0, $smod); } } // pruefen ob der client die noetigen rechte hat // das modul zu sehen.. bzw. den menupunkt zu sehen $exit = !$this->check_rights(); // das usermodul kann aus eigener sicherheit nicht // gesperrt werden, sonst koennen sich member // usw. nicht mehr einloggen, bzw. es kann // sich sonst keiner registrieren. deshalb is das // user modul immer frei geschaltet $alwaysallowed = array('regist', 'login', '1', '2', 'confirm', 'remind', '13', '3', 'logout'); if ($exit === true and $this->get(0) == 'user' and in_array($this->get(1), $alwaysallowed)) { $exit = false; debug('o'); } if ($exit) { $title = $allgAr['title'] . ' :: Keine Berechtigung'; $hmenu = 'Keine Berechtigung'; $design = new design($title, $hmenu); if (loggedin()) { $design->header(); if (is_coadmin()) { echo 'Entweder diese Seite ist nicht in der Navigation verlinkt und die Option <strong>Zugriff auf nicht im Menü verlinkte Module für alle?</strong> steht auf <strong>nein</strong> oder aber du hast kein Recht sie zu betrachten, deswegen kommt diese Meldung.<br /> Also entweder die Seite <strong>' . $this->get(0) . '</strong> in der <a href="admin.php?menu">Navigation</a> verlinken, oder die Option umstellen, ersteres wird empfohlen.'; } else { echo 'Du hast leider nicht die nötigen Rechte, um diese Seite zu betrachten.'; } } else { $tpl = new tpl('user/login'); $design->addheader($tpl->get(0)); $design->header(); $tpl->set_out('WDLINK', 'index.php', 1); } $design->footer(); exit; } return $this->get(0) . '.php'; }
# Support: www.ilch.de defined('main') or die('no direct access'); if ($forum_rights['mods'] == FALSE) { $forum_failure[] = 'Keine Berechtigung dieses Forum zu moderiren'; check_forum_failure($forum_failure); } $title = $allgAr['title'] . ' :: Forum :: ' . $aktForumRow['kat'] . ' :: ' . $aktForumRow['name'] . ' :: ' . $aktTopicRow['name'] . ' :: Beitrag löschen'; $hmenu = $extented_forum_menu . '<a class="smalfont" href="index.php?forum">Forum</a><b> » </b><a class="smalfont" href="index.php?forum-showcat-' . $aktForumRow['cid'] . '">' . $aktForumRow['kat'] . '</a><b> » </b><a class="smalfont" href="index.php?forum-showtopics-' . $fid . '">' . $aktForumRow['name'] . '</a><b> » </b>'; $hmenu .= '<a class="smalfont" href="index.php?forum-showposts-' . $tid . '">' . $aktTopicRow['name'] . '</a> <b> » </b>Beitrag löschen' . $extented_forum_menu_sufix; $design = new design($title, $hmenu, 1); $design->header(); $postid = escape($menu->get(3), 'integer'); $csrfCheck = chk_antispam('forum_del_post', true); if (empty($_POST['delete']) || !$csrfCheck) { $tpl = new tpl('forum/del_post'); $tpl->set_ar(array('tid' => $tid, 'get3' => $postid, 'antispam' => get_antispam('forum_del_post', 0, true))); $tpl->out(0); } elseif ($csrfCheck) { $erstid = @db_result(db_query("SELECT erstid FROM `prefix_posts` WHERE id = " . $postid . " LIMIT 1"), 0); if ($erstid > 0) { db_query("UPDATE `prefix_user` SET posts = posts - 1 WHERE id = {$erstid}"); } db_query("DELETE FROM `prefix_posts` WHERE id = " . $postid . " LIMIT 1"); $erg = db_query("SELECT MAX(id) FROM prefix_posts WHERE tid = " . $tid); $max = db_result($erg, 0); db_query("UPDATE `prefix_topics` SET last_post_id = " . $max . ", `rep` = `rep` - 1 WHERE id = " . $tid); db_query("UPDATE `prefix_forums` SET last_post_id = " . $max . ", posts = posts - 1 WHERE id = " . $fid); $tpl = new tpl('forum/del_post'); $tpl->set_out('tid', $tid, 1); } $design->footer();
/** * @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) * @copyright (C) 2000-2010 ilch.de * @version $Id$ */ defined('main') or die('no direct access'); $tpl = new tpl('adminmenu', 1); if (is_coadmin()) { $kat = ''; $i = 1; foreach ($menuAr as $key => $tab) { if ($kat != $tab['menu']) { if (!empty($kat)) { $tpl->out(3); } $tpl->set_out('id', $i++, 1); $kat = $tab['menu']; } $tpl->set_ar_out(array('url' => $key, 'title' => $tab['name']), 2); } } elseif (count($_SESSION['authmod']) > 0) { $kat = 'modulerights'; $q = "SELECT DISTINCT `url`, `name`\n\tFROM `prefix_modulerights` `a`\n\tLEFT JOIN `prefix_modules` `b` ON `b`.`id` = `a`.`mid`\n\tWHERE `b`.`gshow` = 1 AND `uid` = " . $_SESSION['authid']; $tpl->set_out('id', 1, 1); $erg = db_query($q); while ($row = db_fetch_assoc($erg)) { $tpl->set_ar_out(array('url' => $row['url'], 'title' => $row['name']), 2); } } if (!empty($kat)) { $tpl->out(3);
function get_url($w = 'contents') { global $allgAr; # startwert und pfad zum pruefen raustuefteln. if ($w == 'contents') { $pfad = 'include/contents'; $smod = $allgAr['smodul']; } else { $pfad = 'include/admin'; $smod = 'admin'; } # wennes also leer is wird das startmodul genommen if (empty($this->menu_ar[0])) { $this->set_url(0, $smod); } # diverse sachen geprueft zum zurueck geben, # is halt so dings wegen selfpages usw... if (!file_exists($pfad . '/' . $this->get(0) . '.php') and file_exists($pfad . '/selfbp/selfp/' . $this->get(0) . '.php')) { $this->set_url(1, $this->get(0)); $this->set_url(0, 'self'); } elseif (!file_exists($pfad . '/' . $this->get(0) . '.php')) { if (substr($smod, 0, 5) == 'self-') { $this->set_url(1, substr($smod, 5)); $this->set_url(0, 'self'); } elseif (file_exists($pfad . '/selfbp/selfp/' . $smod . '.php')) { $this->set_url(1, $smod); $this->set_url(0, 'self'); } else { $this->set_url(0, $smod); } } # pruefen ob der client die noetigen rechte hat # das modul zu sehen.. bzw. den menupunkt zu sehen $exit = false; if ($w == 'contents') { $where = "(path = '" . $this->get(0) . "' OR path = '" . $this->get(0) . "-" . $this->get(1) . "')"; if ($this->get(0) == 'self') { $where = "(path = '" . $this->get(0) . "-" . $this->get(1) . "' OR path = '" . $this->get(1) . "')"; } $r = @db_result(@db_query("SELECT recht FROM prefix_menu WHERE " . $where . " ORDER BY LENGTH(path) DESC"), 0); if ($r != '' and !has_right($r) or $r == '' and $allgAr['allg_menupoint_access'] == 0) { $exit = true; } } # das usermodul kann aus eigener sicherheit nicht # gesperrt werden, sonst koennen sich member # usw. nicht mehr einloggen, bzw. es kann # sich sonst keiner registrieren. deshalb is das # user modul immer frei geschaltet $alwaysallowed = array('regist', 'login', '1', '2', 'confirm', 'remind', '13', '3', 'logout'); if ($exit === true and $this->get(0) == 'user' and in_array($this->get(1), $alwaysallowed)) { $exit = false; debug('o'); } if ($exit) { $title = $allgAr['title'] . ' :: Keine Berechtigung'; $hmenu = 'Keine Berechtigung'; $design = new design($title, $hmenu); $design->header(); if (loggedin()) { echo 'Du hast leider nicht die nötigen Rechte... :-S'; } else { $tpl = new tpl('user/login'); $tpl->set_out('WDLINK', 'index.php', 0); } $design->footer(); exit; } return $this->get(0) . '.php'; }
$hmenu = $extented_forum_menu . '<a class="smalfont" href="index.php?forum">Forum</a><b> » </b>' . aktForumCats($aktForumRow['kat']) . '<b> » </b>' . $aktForumRow['name'] . $extented_forum_menu_sufix; $design = new design($title, $hmenu, 1); $design->header(); $limit = $allgAr['Ftanz']; // Limit $page = $menu->getA(3) == 'p' ? $menu->getE(3) : 1; $MPL = db_make_sites($page, "WHERE fid = '{$fid}'", $limit, '?forum-showtopics-' . $fid, 'topics'); $anfang = ($page - 1) * $limit; $tpl = new tpl('forum/showtopic'); if ($forum_rights['start'] == TRUE) { $tpl->set('NEWTOPIC', '<b>[ <a href="index.php?forum-newtopic-' . $fid . '">' . $lang['newtopic'] . '</a> ]</b>'); } else { $tpl->set('NEWTOPIC', ''); } $tpl->set('MPL', $MPL); $tpl->set_out('FID', $fid, 0); $q = "SELECT a.id, a.name, a.rep, a.erst, a.hit, a.art, a.stat, b.time, b.erst as last, b.id as pid\r\n\tFROM prefix_topics a\r\n\tLEFT JOIN prefix_posts b ON a.last_post_id = b.id\r\n\tWHERE a.fid = {$fid}\r\n\tORDER BY a.art DESC, b.time DESC\r\n\tLIMIT " . $anfang . "," . $limit; $erg = db_query($q); if (db_num_rows($erg) > 0) { while ($row = db_fetch_assoc($erg)) { if ($row['stat'] == 0) { $row['ORD'] = 'cord'; } else { #$row['ORD'] = get_ordner($row['time']); $row['ORD'] = forum_get_ordner($row['time'], $row['id'], $fid); } $row['date'] = date('d.m.y - H:i', $row['time']); $row['page'] = ceil(($row['rep'] + 1) / $allgAr['Fpanz']); $row['VORT'] = $row['art'] == 1 ? 'Fest: ' : ''; $tpl->set_ar_out($row, 1); }
function user_has_admin_right(&$menu, $sl = true) { if ($_SESSION['authright'] <= -8) { // co leader... return true; } else { $uri_to_check1 = $menu->get(0); $uri_to_check2 = $menu->get(1); if (count($_SESSION['authmod']) < 1 or !loggedin()) { if ($sl === true) { if (!loggedin()) { $design = new design('', '', 0); $menu->set_url(0, 'user'); load_modul_lang(); $tpl = new tpl('user/login.htm'); $design->addheader($tpl->get(0)); $design->header(); $tpl->set_out('WDLINK', 'admin.php', 1); $design->footer(); } else { echo '<strong>Keine Berechtigung!</strong> <a href="index.php">Startseite</a>'; } } return false; } elseif (isset($_SESSION['authmod'][$uri_to_check1]) and $_SESSION['authmod'][$uri_to_check1] == true or isset($_SESSION['authmod'][$uri_to_check1 . '-' . $uri_to_check2]) and $_SESSION['authmod'][$uri_to_check1 . '-' . $uri_to_check2] == true) { return true; } elseif (count($_SESSION['authmod']) > 0 and loggedin()) { if ($sl === true) { foreach ($_SESSION['authmod'] as $k => $v) { $x = $k; break; } $x = explode('-', $x); $menu->set_url(0, $x[0]); if (isset($x[1])) { $menu->set_url(1, $x[1]); } } return true; } } return false; }
<?php /** * @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) * @copyright (C) 2000-2010 ilch.de * @version $Id$ */ defined('main') or die('no direct access'); $title = $allgAr['title'] . ' :: ' . $lang['login']; $hmenu = $extented_forum_menu . $lang['login'] . $extented_forum_menu_sufix; $tpl = new tpl('user/login.htm'); if (loggedin()) { $design = new design($title, $hmenu, 0); $design->header(); if (isset($_POST['wdlink'])) { $wd = $_POST['wdlink']; } else { $wd = 'index.php?' . $allgAr['smodul']; } wd($wd, $lang['yourareloged']); $design->footer(); } else { $design = new design($title, $hmenu); $design->addheader($tpl->get(0)); $design->header(); $tpl = new tpl('user/login.htm'); $tpl->set_out('WDLINK', 'index.php?' . $allgAr['smodul'], 1); $design->footer(); }
$i = 0; $class = 'Cmite'; $x = ''; if (loggedin()) { $x .= '<a href="index.php?user-usergallery-' . $_SESSION['authid'] . '">Meine Gallery</a><br /><br />'; } $erg = db_query("SELECT `uid`, `prefix_user`.`name` as `uname`, COUNT(*) as `anz` FROM `prefix_usergallery` LEFT JOIN `prefix_user` ON `prefix_usergallery`.`uid` = `prefix_user`.`id` GROUP BY `uid`, `uname` ORDER BY `anz` DESC"); while ($r = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $x .= '<div class="' . $class . '" style="float: left; padding: 5px;"><a href="index.php?user-usergallery-' . $r['uid'] . '">' . $r['uname'] . '</a><br /><span class="smalfont">Anzahl Bilder: ' . $r['anz'] . '</span></a></div>'; if ($i != 0 and $i % 5 == 0) { $x .= '<br />'; } } $tpl = new tpl('user/gallery'); $tpl->set_out('x', $x, 4); $design->footer(); exit; } // user gallery zeigen $uname = db_result(db_query("SELECT `name` FROM `prefix_user` WHERE `id` = " . $uid), 0, 0); $title = $allgAr['title'] . ' :: Users :: Gallery'; $hmenu = $extented_forum_menu . '<a class="smalfont" href="index.php?user">Users</a><b> » </b><a class="smalfont" href="?user-usergallery">Gallery</a><b> » </b>von ' . $uname . $extented_forum_menu_sufix; $design = new design($title, $hmenu, 1); $design->header(); $tpl = new tpl('user/gallery'); $tpl->set('uid', $uid); $tpl->set('uname', $uname); // bild loeschen... if ($menu->getA(4) == 'd' and is_numeric($menu->getE(4)) and loggedin() and (is_siteadmin() or $uid == $_SESSION['authid'])) { $delid = escape($menu->getE(4), 'integer');
$frei = ''; if ($allgAr['archiv_down_userupload'] == 1 and is_writeable('include/downs/downloads/user_upload')) { $frei = '<tr class="Cmite"><td colspan="5"><a href="?archiv-downloads-Sa">User-Uploads freischalten</a></td></tr>'; } $tpl->out(0); $class = 0; $abf = "SELECT id,`cat`,`version`,`name`,pos FROM prefix_downloads WHERE cat = " . $azk . " ORDER BY pos"; $erg = db_query($abf); while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; $tpl->set_ar($row); $tpl->out(1); } // downs $tpl->set_out('frei', $frei, 2); // cat if ($menu->getA(2) == 'E') { $erg = db_query("SELECT id,cat as Ccat, recht as Crecht, name as Cname,pos as Cpos,`desc` as Cdesc FROM prefix_downcats WHERE id = '" . $menu->getE(2) . "'"); $_Cilch = db_fetch_assoc($erg); $_Cilch['Cpkey'] = $menu->getE(2); } else { $_Cilch = array('Ccat' => '', 'Cpkey' => '', 'Cpos' => '', 'Cname' => '', 'Crecht' => '', 'Cdesc' => ''); } $_Cilch['Crecht'] = dblistee($_Cilch['Crecht'], "SELECT id,name FROM prefix_grundrechte ORDER BY id DESC"); archiv_downs_admin_selectcats('0', '', $_Cilch['Ccat'], $_Cilch['Ccat']); $_Cilch['Ccat'] = '<option value="0">Keine</option>' . $_Cilch['Ccat']; archiv_downs_admin_showcats(0, ''); $tpl->set_ar($_ilch); $tpl->set_ar($_Cilch); $tpl->out(3);
$gAnz = @db_result(db_query(str_replace('{WHERE}', $where, str_replace('{SELECT}', ' COUNT(DISTINCT `a`.`id`)', $q))), 0); $q = str_replace('{WHERE}', $where, str_replace('{SELECT}', $s, $q)); } elseif ($such == 'augt') { $where = "`c`.`time` >= " . $x . " AND `c`.`time` >= " . $_SESSION['lastlogin']; $gAnz = @db_result(db_query(str_replace('{WHERE}', $where, str_replace('{SELECT}', ' COUNT(DISTINCT `a`.`id`)', $q))), 0); $q = str_replace('{WHERE}', $where, str_replace('{SELECT}', $s, $q2)); } elseif ($such == 'aeit') { $where = "`c`.`time` >= " . $x . " AND `c`.`erstid` = " . $uid; $gAnz = @db_result(db_query(str_replace('{WHERE}', $where, str_replace('{SELECT}', ' COUNT(DISTINCT `a`.`id`)', $q))), 0); $q = str_replace('{WHERE}', $where, str_replace('{SELECT}', $s, $q)); } $MPL = db_make_sites($page, "", $limit, 'index.php?forum-' . $such . ($such == 'aeit' ? '-' . $uid : ''), "", $gAnz); $tpl = new tpl('forum/search'); $q = db_query($q . " LIMIT " . $anfang . "," . $limit); $class = ''; $tpl->set_out('gAnz', $gAnz, 0); while ($r = db_fetch_assoc($q)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $r['class'] = $class; $r['ctime'] = db_result(db_query("SELECT MAX(`time`) FROM `prefix_posts` WHERE `tid` = " . $r['id']), 0, 0); $r['ord'] = forum_get_ordner($r['ctime'], $r['id'], $r['fid']); $r['link'] = 'forum-showposts-' . $r['id']; if ($menu->get(1) == 'aeit') { $r['author'] = ''; } elseif ($such == 'aubt') { $r['author'] = ' ' . $lang['from'] . ' ' . $r['author']; } else { $r['author'] = ' ' . $lang['newpost'] . ' ' . $lang['from'] . ' ' . $r['author']; $r['postsbefore'] = db_count_query('SELECT COUNT(`id`) FROM `prefix_posts` WHERE `tid` = ' . $r['id'] . ' AND `id` < ' . $r['firstnew']); $r['page'] = ceil(($r['postsbefore'] + 1) / $allgAr['Fpanz']); $r['link'] .= '-p' . $r['page'] . '#' . $r['firstnew'];
} } else { echo 'Datum stimmt nicht, bitte im Format DD.MM.YYYY eingeben also z.B. 29.12.2005<br />'; } } if (!isset($IdToDelete)) { if ($menu->getA(1) == 'e' and is_numeric($menu->getE(1)) and empty($IdToEdit)) { $IdToEdit = escape($menu->getE(1), 'integer'); $erg = db_query("SELECT id,DATE_FORMAT(date,'%d.%m.%Y') as date,title,txt FROM prefix_history WHERE id = '" . $IdToEdit . "'"); $_ilch = db_fetch_assoc($erg); $_ilch['pkey'] = $IdToEdit; } else { $_ilch = array('pkey' => '', 'date' => date('d.m.Y'), 'title' => '', 'txt' => ''); } $tpl->set_ar_out($_ilch, 0); $limit = 20; $page = $menu->getA(1) == 'p' ? escape($menu->getE(1), 'integer') : 1; $MPL = db_make_sites($page, 'ORDER BY `date` DESC', $limit, '?history', 'history'); $anfang = ($page - 1) * $limit; $abf = "SELECT `id`,`date`,`title` FROM prefix_history ORDER BY `date` DESC LIMIT " . $anfang . "," . $limit; $erg = db_query($abf); while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; list($y, $m, $d) = explode('-', $row['date']); $row['date'] = $d . '.' . $m . '.' . $y; $tpl->set_ar_out($row, 1); } $tpl->set_out('MPL', $MPL, 2); } $design->footer();
db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),3)"); $page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]; $text = $lang['changedthemail'] . sprintf($lang['registconfirmlink'], $page, $id); icmail($_POST['email'], $lang['mail'] . ' ' . $lang['changed'], $text); $fmsg = $lang['pleaseconfirmmail']; } # #remove account if (isset($_POST['removeaccount'])) { $id = $_SESSION['authid'] . '-remove-' . md5(uniqid(rand())); db_query("INSERT INTO prefix_usercheck (`check`,email,datime,ak)\r\n VALUES ('" . $id . "','" . escape($_POST['email'], 'string') . "',NOW(),5)"); $page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]; $text = $lang['removeconfirm'] . sprintf($lang['registconfirmlink'], $page, $id); icmail($_POST['email'], html_entity_decode($lang['removeaccount'], ILCH_ENTITIES_FLAGS, ILCH_CHARSET), $text); $fmsg = $lang['pleaseconfirmremove']; } #remove account # statische felder speichern db_query("UPDATE prefix_user\r\n\t\t\t SET\r\n homepage = '" . get_homepage(escape($_POST['homepage'], 'string')) . "',\r\n wohnort = '" . escape($_POST['wohnort'], 'string') . "',\r\n icq = '" . escape($_POST['icq'], 'string') . "',\r\n msn = '" . escape($_POST['msn'], 'string') . "',\r\n yahoo = '" . escape($_POST['yahoo'], 'string') . "',\r\n " . $avatar_sql_update . "\r\n aim = '" . escape($_POST['aim'], 'string') . "',\r\n staat = '" . escape($_POST['staat'], 'string') . "',\r\n geschlecht = '" . escape($_POST['geschlecht'], 'string') . "',\r\n status = '" . escape($_POST['status'], 'string') . "',\r\n opt_mail = '" . escape($_POST['opt_mail'], 'string') . "',\r\n opt_pm = '" . escape($_POST['opt_pm'], 'string') . "',\r\n opt_pm_popup = '" . escape($_POST['opt_pm_popup'], 'string') . "',\r\n gebdatum = '" . get_datum(escape($_POST['gebdatum'], 'string')) . "',\r\n sig = '" . substr(escape($_POST['sig'], 'string'), 0, $allgAr['forum_max_sig']) . "'\r\n\t\t\t\tWHERE id = " . $_SESSION['authid']); # change other profil fields profilefields_change_save($_SESSION['authid']); $design->header(); # definie and print msg $fmsg = isset($fmsg) ? $fmsg : $lang['changesuccessful']; wd('?user-8', $fmsg, 3); } } else { $tpl = new tpl('user/login'); $tpl->set_out('WDLINK', '?user-8', 0); } $design->footer();
$emails = array('bbc', $allgAr['adminMail']); while ($row = db_fetch_object($erg)) { if (!in_array($row->email, $emails) and preg_match('/^([a-z0-9])(([-a-z0-9._])*([a-z0-9]))*\\@([a-z0-9])' . '(([a-z0-9-])*([a-z0-9]))+' . '(\\.([a-z0-9])([-a-z0-9_-])?([a-z0-9])+)+$/i', $row->email) == 1) { $emails[] = $row->email; $zahler++; } } icmail($emails, $_POST['bet'], $_POST['txt'], '', isset($_POST['html'])); } elseif ($mailopm == 'P') { $uids = array(); while ($row = db_fetch_object($erg)) { $uids[] = $row->uid; $zahler++; } sendpm($_SESSION['authid'], $uids, escape($_POST['bet'], 'string'), escape($_POST['txt'], 'string'), -1); } if ($mailopm == 'E') { $eMailorPmsg = 'eMail(s)'; } elseif ($mailopm == 'P') { $eMailorPmsg = 'Private Nachrichte(n)'; } wd('admin.php?newsletter', 'Es wurde(n) ' . $zahler . ' ' . $eMailorPmsg . ' verschickt.', 5); } else { wd('admin.php?newsletter', 'Für diese Auswahl konnte nichts gefunden werden.', 5); } } else { echo $xajax->printJavascript(); $tpl = new tpl('newsletter', 1); $tpl->set_out('ANTISPAM', get_antispam('adminuser_action', 0, true), 0); } $design->footer();
$erg = db_query("SELECT a.owp,a.opp,a.wlp,a.land,a.mtyp,a.game,a.id,a.gegner,a.page,b.name as team,DATE_FORMAT(datime,'%d.%m.%Y') as time FROM prefix_wars a left join prefix_groups b ON a.tid = b.id " . $sqla . " ORDER BY a.datime DESC, id DESC LIMIT " . $anfang . "," . $limit); while ($row = db_fetch_assoc($erg)) { $row['erg'] = $row['opp'] . ':' . $row['owp']; $row['farbe'] = $farbe1wlpar[$row['wlp']]; $row['farbe2'] = $farbe2wlpar[$row['wlp']]; if ($class == 'Cmite') { $class = 'Cnorm'; } else { $class = 'Cmite'; } $row['page'] = get_homepage($row['page']); $row['team'] = get_wargameimg($row['game']) . ' ' . $row['team']; $row['class'] = $class; $tpl->set_ar_out($row, 5); } $tpl->set_out('MPL', $MPL, 6); } $design->footer(); } elseif (is_numeric($menu->get(2))) { $_GET['mehr'] = escape($menu->get(2), 'integer'); $erg = @db_query("SELECT\r\n\tDATE_FORMAT(datime,'%d.%m.%Y') as datum,\r\n\ttid, status, owp, opp, wlp,\r\n\tDATE_FORMAT(datime,'%H:%i:%s') as zeit,\r\n\tgegner, tag, page, mail, icq, wo, prefix_wars.`mod`, mtyp,\r\n\tgame, land, txt, prefix_wars.id,\r\n\tname as team\r\n\tFROM prefix_wars\r\n\tleft join prefix_groups ON prefix_wars.tid = prefix_groups.id\r\n\tWHERE prefix_wars.id = " . $_GET['mehr']); db_check_erg($erg); $row = db_fetch_assoc($erg); $row['page'] = get_homepage($row['page']); $row['txt'] = bbcode($row['txt']); if ($row['status'] == 2) { // nextwars $title = $allgAr['title'] . ' :: Wars :: Nextwars'; $hmenu = '<a href="?wars" class="smalfont">Wars</a><b> » </b>Nextwars'; $design = new design($title, $hmenu); $design->header();
$txt = trim(escape($_POST['txt'], 'textarea')); } if (isset($_POST['Gname'])) { $xnn = trim(escape_nickname($_POST['Gname'])); } if ($_SESSION['klicktime'] + 15 > $dppk_time or empty($topic) or empty($txt) or !empty($_POST['priview']) or empty($_POST['Gname']) and !loggedin() or !chk_antispam('newtopic')) { $design = new design($title, $hmenu, 1); $design->header($load); $tpl = new tpl('forum/newtopic'); $name = ''; if (!loggedin()) { $name = '<tr><td class="Cmite"0><b>' . $lang['name'] . '</b></td>'; $name .= '<td class="Cnorm"><input type="text" value="' . unescape($xnn) . '" maxlength="15" name="Gname"></td></tr>'; } if (isset($_POST['priview'])) { $tpl->set_out('txt', bbcode(unescape($txt)), 0); } $ar = array('name' => $name, 'txt' => escape_for_fields(unescape($txt)), 'topic' => escape_for_fields(unescape($topic)), 'fid' => $fid, 'SMILIES' => getsmilies(), 'antispam' => get_antispam('newtopic', 1)); $tpl->set_ar_out($ar, 1); } else { // save toipc $_SESSION['klicktime'] = $dppk_time; $design = new design($title, $hmenu, 0); $design->header($load); if (loggedin()) { $uid = $_SESSION['authid']; $erst = escape($_SESSION['authname'], 'string'); db_query("UPDATE `prefix_user` SET `posts` = `posts`+1 WHERE `id` = " . $uid); } else { $erst = $xnn; $uid = 0;
while ($row = db_fetch_assoc($erg)) { $k0m = db_query("SELECT COUNT(ID) FROM `prefix_koms` WHERE uid = " . $row['id'] . " AND cat = 'NEWS'"); $row['kom'] = db_result($k0m, 0); $row['kate'] = news_find_kat($row['kate']); $row['datum'] = $lang[$row['dayofweek']] . ' ' . $row['datum']; if (strpos($row['text'], '[PREVIEWENDE]') !== FALSE) { $a = explode('[PREVIEWENDE]', $row['text']); $row['text'] = $a[0]; $row['readwholenews'] = '» <a href="index.php?news-' . $row['id'] . '">' . $lang['readwholenews'] . '</a> «'; } else { $row['readwholenews'] = ''; } $row['text'] = bbcode($row['text']); $tpl->set_ar_out($row, 0); } $tpl->set_out('SITELINK', $MPL, 1); unset($tpl); } } else { $design->header(); $nid = escape($menu->get(1), 'integer'); $row = db_fetch_object(db_query("SELECT * FROM `prefix_news` WHERE news_id = '" . $nid . "'")); if (has_right(array($row->news_recht))) { $komsOK = true; if ($allgAr['Ngkoms'] == 0) { if (loggedin()) { $komsOK = true; } else { $komsOK = false; } }
$tpl = new tpl('links'); $erg = db_query("SELECT `id`,`name`,`desc` FROM `prefix_linkcats` WHERE `cat` = " . $cid . " ORDER BY `pos`"); if (db_num_rows($erg) > 0) { $tpl->out(1); $class = 'Cnorm'; while ($row = db_fetch_assoc($erg)) { $row['links'] = count_files($row['id']); $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; $tpl->set_ar_out($row, 2); } $tpl->out(3); } $erg = db_query("SELECT `id`,`name`,`link`,`banner`,`desc`,`hits` FROM `prefix_links` WHERE `cat` = " . $cid . " ORDER BY `pos`"); if (db_num_rows($erg) > 0) { $tpl->set_out('catname', $catname2, 4); $class = 'Cnorm'; while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; $row['desc'] = !empty($row['desc']) ? '<br /><span class="smalfont">» ' . $row['desc'] . '</span>' : ''; if (!empty($row['banner'])) { $row['name'] = '<img src="' . $row['banner'] . '" border="0" alt="' . $row['name'] . '" title="' . $row['name'] . '">'; } $tpl->set_ar_out($row, 5); } $tpl->out(6); } $design->footer(); break; case 's':
} elseif ($ch_name == false) { $fehler = $lang['namealreadyinuse']; } elseif ($email != $xemail) { $fehler = $lang['wrongemail']; } elseif ($ch_email == false) { $fehler = $lang['emailalreadyinuse']; } $tpl = new tpl('user/regist'); $tpl->set('name', $name); $tpl->set('email', $email); $tpl->set_out('FEHLER', $fehler, 1); if ($allgAr['forum_regist_user_pass'] == 1) { $tpl->out(2); } $tpl->out(3); } else { $pass = genkey(8); if (!empty($_POST['pass'])) { $pass = escape($_POST['pass'], 'string'); } user_regist($name, $email, $pass); $tpl = new tpl('user/regist'); $title = $allgAr['title'] . ' :: Users :: Registrieren :: Step 3 von 3'; $hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">User</a><b> » </b><a class="smalfont" href="?user-regist">Registrieren</a><b> » </b>Step 3 von 3' . $extented_forum_menu_sufix; $design = new design($title, $hmenu, 1); $design->header(); $tpl->set_out('NAME', $name, 4); } $design->footer(); break; }
$design->footer(1); } $um = $menu->get(1); switch ($um) { default: $design = new design('Admins Area', 'Admins Area', 2); $design->header(); $q = ''; if (isset($_REQUEST['q'])) { $q = escape($_REQUEST['q'], 'string'); } $tpl = new tpl('user/user', 1); $tpl->set('modlall', user_get_all_mod_list()); $tpl->set('anzmods', db_result(db_query("SELECT COUNT(*) FROM prefix_modules WHERE fright = 1"), 0)); $tpl->set('action_antispam', get_antispam('adminuser_action', 0, true)); $tpl->set_out('q', unescape($q), 0); $q = str_replace('*', '%', $q); if (strpos($q, '%') === false) { $q = $q . '%'; } $limit = 15; // Limit $page = $menu->getA(1) == 'p' ? $menu->getE(1) : 1; $MPL = db_make_sites($page, "WHERE name LIKE '" . $q . "'", $limit, '?user', 'user'); $anfang = ($page - 1) * $limit; $class = ''; $q = "SELECT name,recht,id FROM `prefix_user` WHERE name LIKE '" . $q . "' ORDER by recht,posts DESC LIMIT " . $anfang . "," . $limit; $erg = db_query($q); while ($row = db_fetch_object($erg)) { if ($class == 'Cmite') { $class = 'Cnorm';