<?php
/*
*
* @copyright (c) 2009 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/clan.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php');
// GET-Section
if(isset($_GET['action'])) {
$action = $_GET['action'];
} else {
$action = NULL;
}
//Unkritisch
if(isset($_GET['what'])) {
$what = $_GET['what'];
} else {
$what = NULL;
}
// Kritisch (SQL-Injections)
$clan_id = validateUnsignedInteger($_GET['clan_id'], null);
$member = validateUnsignedInteger($_GET['member'], NULL);
$text = validateString($_GET['text']);
$displayMore = true;
if($clan_id == NULL){
if($user_ida['clan'] != null){
$clan_id = $user_ida['clan'];
} else {
$displayMore = false;
}
}
if(isset($_GET['value1'])) {
switch($what) {
case 'Banner':
case 'Homepage':
$value1 = validateURL($_GET['value1']);
break;
case 'Info':
$value1 = encodeNoHTMLWithBB($_GET['value1']);
break;
case 'Clanzeichen':
$value1 = validateString($_GET['value1']);
$value2 = validateString($_GET['value2']);
break;
case 'Leadership':
$value1 = validateUnsignedInteger($_GET['value1'], NULL);
$value2 = validateUnsignedInteger($_GET['value2'], NULL);
break;
}
}
function displayClanProfileReadOnly($clan, $ownclan, $userid){
$member_qry = mysql_query('Select id from user where clan = '.$clan['id']);
$count = mysql_num_rows($member_qry);
$member = array();
while($row = mysql_fetch_assoc($member_qry)){
$tmp = displayUserLinkByID($row['id']);
if($row['id'] == $userid){
$member[] = $tmp.' (< a href = "index.php?as=clan/clan_info&action=fire&member='.$row['id'].'" > verlassen< / a > )';
} else{
$member[] = $tmp;
}
if($row['id'] == $clan['leader']){
$leader = $tmp;
}
if($row['id'] == $clan['co_leader']){
$coleader = $tmp;
}
}
$inv_qry = mysql_query('SELECT userid, TIMESTAMPDIFF(HOUR, now(), valid) as till FROM user_clan_invitations WHERE clanid = '.$clan['id'].' and valid > now()');
$invited = array();
while($row = mysql_fetch_assoc($inv_qry)) {
$invited[] = displayUserLinkByID($row['userid']) . ' (noch ' . $row['till'] . 'h gültig)';
}
?>
< div align = "center" >
< table width = "100%" >
< tr >
< th width = "100%" height = "39" colspan = "2" align = "center" > <?php echo $clan [ 'clanname' ]; ?>
Info< / th >
< / tr >
<?php
if($clan['banner'] != "0"){
?>
< tr >
< td width = "100%" height = "52" colspan = "2" align = "center" > < img
src="<?php echo $clan [ 'banner' ]; ?> " width="468" height="60"></ td >
< / tr >
<?php
}
?>
< tr >
< th width = "20%" align = "Left" height = "25" > Leader:< / th >
<?php
if($leader == null & & $coleader == null){
if($ownclan) {
echo '< td rowspan = "2" > < a href = "index.php?as=clan/clan_info&action=putsch" > Macht ü bernehmen< / a > < / td > ';
} else {
echo '< td rowspan = "2" > Keine Leader< / td > ';
}
} else{
echo '< td > '.$leader.'< / td > ';
}
?>
< / tr >
< tr >
< th align = "Left" height = "25" > Co-Leader:< / th >
<?php
if($leader != null & & $coleader != null){
echo '< td > '.$coleader.'< / td > ';
}
?>
< / tr >
< tr >
< th align = "Left" height = "25" > Clanzeichen:< / th >
< td > <?php echo $clan [ 'clanz_pre' ] . ' ' . $clan [ 'clanz_suff' ]; ?> </ td >
< / tr >
< tr >
< th align = "Left" > Member (<?php echo $count . '/' . getMaximumMembers ( $clan [ 'id' ]); ?> ):</ th >
< td > <?php echo join ( '<br>' , $member ); ?> </ td >
< / tr >
<?php
if($ownclan) {
?>
< tr >
< th align = "Left" > Eingeladen< / th >
< td > <?php echo join ( '<br>' , $invited ); ?> </ td >
< / tr >
<?php
}
?>
< tr >
< th align = "Left" height = "25" > Level:< / th >
< td > <?php echo $clan [ 'level' ]; ?> </ td >
< / tr >
< tr >
< th align = "Left" height = "25" > Erfahrung: < / th >
< td > <?php echo $clan [ 'min_exp' ] . ' / ' . getRequiredClanExp ( $clan [ 'level' ]); ?> </ td >
< / tr >
< tr >
< th width = "96" height = "25" align = "Left" > Homepage:< / th >
<?php
if($clan['homepage'] != 'Keine'){
echo '< td height = "25" > < a href = "'.$clan['homepage'].'" target = _blank > '.$clan['homepage'].'< / a > < / td > ';
} else{
echo '< td height = "25" > Keine< / td > ';
}
?>
< / tr >
< tr >
< th align = "Left" > Info:< / th >
< td > <?php echo $clan [ 'info' ]; ?> </ td >
< / tr >
<?php
if($ownclan) {
?>
< tr > < td > < / td > < / tr >
< tr >
< td colspan = "2" >
< form action = " <?php echo $_SERVER [ 'PHP_SELF' ]; ?> " method = "GET" >
< input type = "hidden" name = "as" value = "clan/clan_info" > < input
type="hidden" name="action" value="newsletter">
< table cellpadding = "0" cellspacing = "0" width = "100%" height = "69" >
< tr >
< th height = "18" valign = "top" width = "603" colspan = "2"
class="content">Nachricht an alle Clanmember schicken< / th >
< / tr >
< tr >
< td height = "25" valign = "top" colspan = "2" align = "center" > < textarea
class="input" rows="8" name="text" cols="40">< / textarea > < / td >
< / tr >
< tr >
< td height = "25" valign = "top" colspan = "2" align = "center" > < input
class="input" type="submit" value="abschicken">< / td >
< / tr >
< / table >
< / form >
< / td >
< / tr >
<?php
}
?>
< tr > < th colspan = "2" > Debug Daten (Kein Bug, dass die naechste Zeile etwas komisch aussieht)< / th > < / tr >
< tr >< th colspan = "2" > <?php print_r ( $clan ); ?> </ th ></ tr >
< / table >
< / div >
<?php
}
function displayClanProfileEditable($clan, $userid){
$member_qry = mysql_query('Select id from user where clan = '.$clan['id']);
$member = array();
$count = mysql_num_rows($member_qry);
while($row = mysql_fetch_assoc($member_qry)){
$tmp = displayUserLinkByID($row['id']);
$kickable = true;
if($row['id'] == $clan['leader']){
$leader = $tmp;
$kickable = false;
}
if($row['id'] == $clan['co_leader']){
$coleader = $tmp;
$kickable = false;
}
if($userid == $row['id'] & & $kickable){
$member[] = $tmp.' (< a href = "index.php?as=clan/clan_info&action=fire&member='.$row['id'].'" > verlassen< / a > )';
} else if($kickable){
$member[] = $tmp.' (< a href = "index.php?as=clan/clan_info&action=fire&member='.$row['id'].'" > kicken< / a > )';
} else{
$member[] = $tmp;
}
}
$inv_qry = mysql_query('SELECT userid, TIMESTAMPDIFF(HOUR, now(), valid) as till FROM user_clan_invitations WHERE clanid = '.$clan['id'].' and valid > now()');
$invited = array();
while($row = mysql_fetch_assoc($inv_qry)) {
$invited[] = displayUserLinkByID($row['userid']) . ' (noch ' . $row['till'] . 'h gültig, < a href = "index.php?as=clan/clan_info&action=reject&member='.$row['userid'].'" > zurückziehen< / a > )';
}
?>
< table width = "100%" >
< tr >
< th width = "500" height = "39" colspan = "2" align = "center" > <?php echo $clan [ 'clanname' ]; ?>
Info< / th >
< / tr >
< tr >
< td width = "100%" height = "52" colspan = "2" align = "center" > <?php
if($clan['banner'] != "0"){
?> < img src = " <?php echo $clan [ 'banner' ]; ?> " width = "468" height = "60" >
<?php
}
?> < br > < a href = "index.php?as=clan/clan_info&action=edit&what=Banner" > (edit)< / a >
< / td >
< / tr >
< tr >
< th width = "25%" align = "Left" height = "25" > Leader:< a
href="index.php?as=clan/clan_info& action=edit& what=Leadership">(edit)< / a >
< / th >
< td > <?php echo $leader ; ?> </ td >
< / tr >
< tr >
< th align = "Left" height = "25" > Co-Leader:< a
href="index.php?as=clan/clan_info& action=edit& what=Leadership">(edit)< / a >
< / th >
< td > <?php echo $coleader ; ?> </ td >
< / tr >
< tr >
< th align = "Left" height = "25" > Clanzeichen:< a
href="index.php?as=clan/clan_info& action=edit& what=Clanzeichen">(edit)< / a >
< / th >
< td > <?php echo $clan [ 'clanz_pre' ] . ' ' . $clan [ 'clanz_suff' ]; ?> </ td >
< / tr >
< tr >
< th align = "Left" > Member (<?php echo $count . '/' . getMaximumMembers ( $clan [ 'id' ]); ?> ):</ th >
< td > <?php echo join ( '<br>' , $member ); ?> </ td >
< / tr >
< tr >
< th align = "Left" > Eingeladen< / th >
< td > <?php echo join ( '<br>' , $invited ); ?> </ td >
< / tr >
< tr >
< th align = "Left" height = "25" > Level:< / th >
< td > <?php echo $clan [ 'level' ]; ?> </ td >
< / tr >
< tr >
< th align = "Left" height = "25" > Erfahrung: < / th >
< td > <?php echo $clan [ 'min_exp' ] . ' / ' . getRequiredClanExp ( $clan [ 'level' ]); ?> </ td >
< / tr >
< tr >
< th align = "Left" height = "25" > Homepage:< a
href="index.php?as=clan/clan_info& action=edit& what=Homepage">(edit)< / a >
< / th >
<?php
if($clan['homepage'] != 'Keine'){
echo '< td > < a href = "'.$clan['homepage'].'" target = _blank > '.$clan['homepage'].'< / a > < / td > ';
} else{
echo '< td > Keine< / td > ';
}
?>
< / tr >
< tr >
< th align = "Left" > Info:< a
href="index.php?as=clan/clan_info& action=edit& what=Info">(edit)< / a > < / th >
< td > <?php echo $clan [ 'info' ]; ?> </ td >
< / tr >
< tr >
< th align = "left" > Clan auflö sen< / th >
< td > < a
href="javascript:if(confirm('Wirklich lö schen?')==true) window.location.href='index.php?as=clan/clan_info& action=kill'">Clan
lö schen< / a > < / td >
< / tr >
< tr > < td > < / td > < / tr >
< tr >
< td colspan = "2" >
< form action = " <?php echo $_SERVER [ 'PHP_SELF' ]; ?> " method = "GET" >
< input type = "hidden" name = "as" value = "clan/clan_info" > < input
type="hidden" name="action" value="newsletter">
< table cellpadding = "0" cellspacing = "0" width = "100%" height = "69" >
< tr >
< th height = "18" valign = "top" width = "603" colspan = "2"
class="content">Nachricht an alle Clanmember schicken< / th >
< / tr >
< tr >
< td height = "25" valign = "top" colspan = "2" align = "center" > < textarea
class="input" rows="8" name="text" cols="40">< / textarea > < / td >
< / tr >
< tr >
< td height = "25" valign = "top" colspan = "2" align = "center" > < input
class="input" type="submit" value="abschicken">< / td >
< / tr >
< / table >
< / form >
< / td >
< / tr >
< / table >
<?php
}
function displayClanProfile($clanid, $user){
$sql = 'SELECT * FROM clan where clan.id = '.$clanid;
// echo $sql.'< br > ';
$clan = mysql_fetch_assoc(mysql_query($sql));
$editable = $clan['leader'] == $user['id'] || $clan['co_leader'] == $user['id'];
if(!$editable){
displayClanProfileReadOnly($clan, $user['clan'] == $clan['id'], $user['id']);
} else{
displayClanProfileEditable($clan, $user['id']);
}
}
function setMeAsLeader($user){
mysql_query('UPDATE clan set leader = '.$user['id'].' WHERE id = '.$user['clan'].' and leader is null and co_leader is null');
}
function sendClanNewsletter($user, $text){
$qry = mysql_query('SELECT * FROM clan WHERE id = ' . $user['clan']);
$clan = mysql_fetch_assoc($qry);
$errors = FALSE;
$sql = 'SELECT id FROM user WHERE clan='.$user['clan'];
$clans = mysql_query($sql);
while($row = mysql_fetch_assoc($clans)) {
$errors |= !sendMessage($user['nickname'], $row['id'], $clan['clanname'].' Nachricht', $text);
}
if($errors) {
displayErrorMessage(NULL,'Beim Versenden sind Fehler aufgetreten', '< a href = "index.php?as=clan/clan_info" > weiter...< / a > ');
} else {
displayErrorMessage(NULL,'Nachricht erfolgreich verschickt', '< a href = "index.php?as=clan/clan_info" > weiter...< / a > ');
}
}
function setProfile($what, $value1, $value2, $clanid, $rootlvl){
if($rootlvl < 1 ) {
return 'Du hast keine Rechte um diese Aktion auszufü hren!';
}
switch($what){
case 'Homepage':
mysql_query('UPDATE clan SET homepage = \''.$value1.'\' where id = '.$clanid);
return NULL;
case 'Clanzeichen':
mysql_query('UPDATE clan SET clanz_pre = \''.$value1.'\', clanz_suff = \''.$value2.'\' where id = '.$clanid);
return NULL;
case 'Banner':
mysql_query('UPDATE clan SET banner = \''.$value1.'\' where id = '.$clanid);
return NULL;
case 'Info':
mysql_query('UPDATE clan SET Info = \''.$value1.'\' where id = '.$clanid);
return NULL;
case 'Leadership':
if($value1 == 0){$value1 = 'null';}
if($value2 == 0){$value2 = 'null';}
// okay, are we allowed to change?? If we have max members, it is not allowed to remove the co_leader
$clan = getClan($clanid);
$members = getClanMembersCount($clanid);
$members_max = getMaximumMembers($clan['id']);
if($members_max == $members & & $clan['leader'] != $clan['co_leader'] & & $value1 == $value2) {
// Okay, actually there are the max amount of users in the clan
// it is now not possible to change to a leader only clan!!
return 'Es ist nicht m&oouml; glich den co_leader zu feuern, da der clan die maximale Anzahl Member besitzt!';
}
if($rootlvl == 1){ // the co leader may only set the co leader XD
$sql = 'UPDATE clan SET co_leader = '.$value2.' where id = '.$clanid;
mysql_query($sql);
} else if($rootlvl == 2) { // the leader may set the leader and the co leader
$sql = 'UPDATE clan SET leader = '.$value1.', co_leader = '.$value2.' where id = '.$clanid;
// echo $sql.'< br > ';
mysql_query($sql);
}
return NULL;
default:
return 'Error!';
}
}
function displayEdit($what, $clanid, $rootlvl){
if($rootlvl < 1 ) {
$content = '< tr > < td colspan = "2" > Du hast keine Rechte um diese Aktion auszufü hren!< / td > < / tr > ';
$what = 'ERROR';
}
$clan = getCLan($clanid);
$content = '';
switch($what){
case 'Homepage':
$content = '< tr > < td colspan = "2" > < input class = "input" name = "value1" value = "'.$clan['homepage'].'" / > < / td > < / tr > ';
break;
case 'Clanzeichen':
$content = '< tr > < td > Prefix: < input class = "input" name = "value1" value = "'.$clan['clanz_pre'].'" / > < / td > < td > Suffix: < input class = "input" name = "value2" value = "'.$clan['clanz_suff'].'" / > < / td > < / tr > ';
break;
case 'Banner':
$content = '< tr > < td colspan = "2" > < input class = "input" name = "value1" value = "'.$clan['banner'].'" / > < / td > < / tr > ';
break;
case 'Leadership':
$member_qry = mysql_query('Select id, nickname from user where clan = '.$clanid);
$member[] = '< option value = "0" selected > Niemand< / option > ';
$member2[] = '< option value = "0" selected > Niemand< / option > ';
while($row = mysql_fetch_assoc($member_qry)){
if($row['id'] == $clan['leader']) {
$member[] = '< option value = "'.$row['id'].'" selected = "selected" > '.$row['nickname'].'< / option > ';
} else {
$member[] = '< option value = "'.$row['id'].'" > '.$row['nickname'].'< / option > ';
}
if($row['id'] == $clan['co_leader']) {
$member2[] = '< option value = "'.$row['id'].'" selected = "selected" > '.$row['nickname'].'< / option > ';
} else {
$member2[] = '< option value = "'.$row['id'].'" > '.$row['nickname'].'< / option > ';
}
}
if($root){
$content = '< tr > < td > Leader:< / td > < td > < select class = "input" name = "value1" / > '.join('',$member).'< / select > < / td > < / tr > ';
}
$content .= '< tr > < td > Co-Leader:< / td > < td > < select class = "input" name = "value2" / > '.join('',$member2).'< / select > < / td > < / tr > ';
break;
case 'Info':
$content = '< tr > < td colspan = "2" > < textarea class = "input" name = "value1" rows = "8" cols = "40" > '.debbcode($clan['info']).'< / textarea > < / td > < / tr > ';
break;
case 'ERROR':
break;
default:
$content = '< tr > < td colspan = "2" > Error '.$what.' unknown!< / td > < / tr > ';
break;
}
?>
< form action = "index.php" method = "GET" >
< input type = "hidden" name = "as" value = "clan/clan_info" / > < input
type="hidden" name="action" value="edit" /> < input type = "hidden"
name="what" value="<?php echo $what ; ?> " />
< table >
< tr >
< th colspan = "2" > <?php echo $what ; ?> Ä ndern</ th >
< / tr >
<?php echo $content ; ?>
< tr >
< td align = "center" colspan = "2" > < input class = "input" type = "submit"
value="Edit" />
< / td >
< / tr >
< / table >
< / form >
<?php
}
function fireMember($user, $member){
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user['clan']));
if($member != $row['leader'] & & $member != $row['co_leader'] & & ($user['id'] == $row['leader'] || $user['id'] == $row['co_leader'] || $member == $user['id'])){
$sql = 'Update user set clan = NULL where id = '.$member.' AND clan = '.$user['clan'];
// echo $sql.'< br > ';
mysql_query($sql);
if(mysql_affected_rows() > 0){ // Soll nur ausgeführt werden, wenn member wirklich gekickt wurde!!
$sql = 'Update chars set clan_train = NULL where besitzer = '.$member;
mysql_query($sql);
if($user['id'] != $member) {
sendMessage($user['nickname'], $member, 'Clan rauswurf!', 'Du wurdest von '.$user['nickname'].' aus deinem Clan geworfen. Du wirst dir wohl einen neuen suchen mü ssen!');
}
}
} else{
echo displayErrorMessage(NULL, 'Du kannst den Member nicht feuern!', displayHistoryBackLink());
}
}
function deleteClan($user){
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user['clan']));
if($user['id'] == $row['leader']){
$qry = mysql_query('SELECT id FROM user WHERE clan = '.$user['clan']);
while($member = mysql_fetch_assoc($qry)) {
sendMessage($user['nickname'], $member['id'], 'Clan wurde gelöscht!', 'Dein Clan wurde von '.$user['nickname'].' gelö scht. Du wirst dir wohl einen neuen suchen mü ssen!');
}
mysql_query('DELETE FROM clan where id = '.$user['clan']);
} else{
echo displayErrorMessage(NULL, 'Du kannst den Clan nicht auflö sen!', displayHistoryBackLink());
}
}
if($action !== NULL) { // this is done to not require to reprogramm the whole stuff!
$rootlvl = 0;
if($row['leader'] == $user_ida['id'] || ($row['leader'] === null & & ($row['co_leader'] === null || $row['co_leader'] = $user_ida['id']))) {
$rootlvl = 2; // leader or putsch!!
} else if($row['co_leader'] = $user_ida['id']) {
$rootlvl = 1; // co_leader
}
switch ($action) {
case 'edit':
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user_ida['clan']));
if($row['leader'] != $user_ida['id'] & & $row['co_leader'] != $user_ida['id']){
displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink());
} else if(isset($value1)){
setProfile($what, $value1, $value2, $user_ida['clan'], $rootlvl);
} else{
displayEdit($what, $user_ida['clan'], $rootlvl);
$displayMore = false;
}
break;
case 'fire':
fireMember($user_ida, $member);
if($user_ida['id'] == $member) {
$displayMore = false;
}
break;
case 'putsch':
setMeAsLeader($user_ida);
break;
case 'kill':
deleteClan($user_ida);
$displayMore = false;
break;
case 'reject':
$errorMsg = revokeInvitation($user_ida, $member);
if($errorMsg !== NULL) {
echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink());
$displayMore = false;
} else {
displayErrorMessage('','Du hast die Einladung erfolgreich zurü ckgezogen!', '< a href = "index.php?as=clan/clan_info" > weiter< / a > ');
$displayMore = false;
}
break;
case 'newsletter':
sendClanNewsletter($user_ida, $text);
$displayMore = false;
break;
default:
break;
}
}
if($displayMore){
displayClanProfile($clan_id, $user_ida);
}
?>