<?php
/*
*
* @copyright (c) 2009 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once (ROOT_PATH . '/include/config.inc.php');
include_once (ROOT_PATH . '/include/designfunctions.inc.php');
include_once (ROOT_PATH . '/include/fehlerausgabe.inc.php');
include_once (ROOT_PATH . '/include/parse.inc.php');
include_once (ROOT_PATH . '/include/clan.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$clan_name = validateName($_GET['clan_name']);
$clan_for = validateString($_GET['clan_for']);
$clan_back = validateString($_GET['clan_back']);
$clan_info = validateString($_GET['clan_info']);
// Unkritisch
$user = $user_ida;
$charm = $_GET['charm'];
if ($charm == 1) {
if (!$clan_for AND !$clan_back) {
displayErrorMessage(NULL, 'Sie mü ssen ein Clanzeichen haben.', displayHistoryBackLink());
exit;
}
if(strlen($clan_for.$clan_back) > MAX_CHARS_CLANSIGN) {
displayErrorMessage(NULL, 'Clanzeichen sind ungültig: Summe aus beiden Teilen darf nicht größer als '.MAX_CHARS_CLANSIGN.' Zeichen sein!.', displayHistoryBackLink());
exit;
}
if (!$clan_name) {
displayErrorMessage(NULL, 'Sie mü ssen einen Clannamen haben.', displayHistoryBackLink());
exit;
}
if ($user['clan'] != 0) {
displayErrorMessage(NULL, 'Sie haben schon einen Clan.', displayHistoryBackLink());
exit;
}
$sql = 'SELECT id, clanname FROM clan WHERE clanname = \'' .$clan_name. '\'';
// echo $sql.'< br > ';
$dup = mysql_fetch_assoc(mysql_query($sql));
if($dup) {
// we have a clan that has the same name!!
displayErrorMessage(NULL, 'Es gibt schon einen Clan mit dem Namen '.$clan_name.'.', displayHistoryBackLink());
exit;
}
$sql = 'INSERT into clan(clanname,clanz_pre,clanz_suff,info, leader) values(\''.$clan_name.'\', \''.$clan_for.'\', \''.$clan_back.'\', \''.$clan_info.'\', '.$user_ida['id'].')';
// echo $sql.'< br > ';
mysql_query($sql);
if(mysql_affected_rows() > 0){ // Erstellen des Clans geglueckt
$c_id = mysql_fetch_assoc(mysql_query('Select * from clan where clanname = \''.$clan_name.'\''));
mysql_query('UPDATE user SET clan='.$c_id['id'].' WHERE id='.$user_ida['id']);
displayErrorMessage(NULL, 'Clan erfolgreich Erstellt.', '< a href = "index.php?as=clan/clan_info" > weiter...< / a > ');
} else{
$sql = 'Select * from clan where clanname = \''.$clan_name.'\'';
$c_id = mysql_fetch_assoc(mysql_query($sql));
if($c_id){
$error = 'Clanname besteht schon!';
} else{
$error = 'Insert failed!';
}
displayErrorMessage(NULL, 'Clan erstellen fehlgeschlagen! ('.$error.')', displayHistoryBackLink());
}
exit;
}
?>
< form action = "index.php" method = "GET" >
< input type = "hidden" name = "as" value = "clan/new" / >
< input type = "hidden" name = "charm" value = "1" / >
< table cellpadding = "0" cellspacing = "0" width = "100%" >
< tr >
< th height = "25" valign = "top" width = "557" colspan = "2" align = "center" > Clan grü nden< / th >
< / tr >
< tr >
< th height = "25" width = "162" valign = "top" align = "center" > Clanname< / th >
< td height = "25" width = "395" valign = "top" > < input name = "clan_name" > < / td >
< / tr >
< tr >
< th height = "25" width = "162" valign = "top" align = "center" > Clanzeichen vorn< / th >
< td height = "25" width = "395" valign = "top" > < input name = "clan_for" size = "5" maxlength = "10" > < / td >
< / tr >
< tr >
< th height = "25" width = "162" valign = "top" align = "center" > Clanzeichen hinten< / th >
< td height = "25" width = "395" valign = "top" > < input name = "clan_back" size = "5" maxlength = "10" > < / td >
< / tr >
< tr >
< th height = "25" width = "162" valign = "top" align = "center" > Clan Info< / th >
< td height = "25" width = "395" valign = "top" > < textarea rows = "5" cols = "30" name = "clan_info" > < / textarea > < / td >
< / tr >
< tr >
< td height = "25" width = "162" align = "center" colspan = "2" > < input type = "submit" value = "Clan gründen" > < / td >
< / tr >
< / table >
< / form >