<?php
/*
*
* @copyright (c) 2009 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$new_leader = validateUnsignedInteger($_GET['new_leader'], null);
$co_leader = validateUnsignedInteger($_GET['co_leader'], null);
$clan_pw = validateString($_GET['clan_pw']);
$clan_name = validateName($_GET['clan_name']);
$clan_banner = validateURL($_GET['clan_banner']);
$clan_b = validateString($_GET['clan_b']);
$clan_page = validateString($_GET['clan_page']);
$clan_v = validateString($_GET['clan_v']);
$clan_info = validateString($_GET['clan_info']);
// Unkritisch
$charm = $_GET['charm'];
$clan = mysql_fetch_assoc(mysql_query('SELECT * FROM clan WHERE id=' . $user_ida['clan'] . ' LIMIT 1'));
$clan1 = mysql_query('SELECT nickname, id FROM user WHERE clan=' . $user_ida['clan']);
$clan2 = mysql_query('SELECT nickname, id FROM user WHERE clan=' . $user_ida['clan']);
$clan_8 = explode(',', $clan['clanzeichen']);
if ($charm == 1) {
$clan_upps = mysql_fetch_assoc(mysql_query("SELECT id, (Select 10 - count(*) from user u where clan = c.id and ((c.leader is null || c.leader != u.id) and (c.co_leader is null || c.co_leader != u.id))) as freeslots FROM clan c WHERE clanname='$clan_name' OR clanzeichen='$clan_v,$clan_b' AND id!='$user_ida[clan]'"));
$cuu = mysql_fetch_assoc(mysql_query('SELECT clan FROM user WHERE id=' . $new_leader));
if ($cuu['clan'] != $user_ida['clan']) {
displayErrorMessage(NULL, 'Fehler User ist nicht im Clan.', displayHistoryBackLink());
exit;
}
if ($clan_upps['id'] AND $clan_upps['id'] != $user_ida['clan']) {
displayErrorMessage(NULL, 'Clanname oder Clan Zeichen gibt es schon.', displayHistoryBackLink());
exit;
}
if (!$clan_pw) {
displayErrorMessage(NULL, 'Clanpasswort eingeben!', displayHistoryBackLink());
exit;
}
if (!$clan_v AND !$clan_b) {
displayErrorMessage(NULL, 'Sie mü ssen ein Clanzeichen haben.', displayHistoryBackLink());
exit;
}
if (!$clan_name) {
displayErrorMessage(NULL, 'Sie mü ssen einen Clanname haben.', displayHistoryBackLink());
exit;
}
if ($clan['leader'] != $user_ida['id'] AND $clan['co_leader'] != $user_ida['id']) {
displayErrorMessage(NULL, 'Sie sind weder Leader noch Co-Leader!', displayHistoryBackLink());
exit;
}
// Check new conditions (10 Members + 1 Co + 1 Leader Slot available)
if($clan['leader'] != $clan['co_leader'] & & $new_leader == $co_leader & & $clan_upps['freeslots'] < = 0){
// Failure
displayErrorMessage(NULL, 'Alleinherrschaft ist leider nicht möglich, da sich zuviele User im Clan befinden!', displayHistoryBackLink());
exit;
}
mysql_query("UPDATE clan SET clanname='$clan_name', clanzeichen='$clan_v,$clan_b', pw='$clan_pw', info='$clan_info', leader='$new_leader', co_leader='$co_leader', homepage='$clan_page', banner='$clan_banner' WHERE id='$user_ida[clan]'");
displayErrorMessage(NULL, 'Clan erfolgreich geä ndert.', '< a href = "index.php?as=clan/profil" > weiter...< / a > ');
exit;
}
?>
< html >
< body >
< form action = " <?php echo $_SERVER [ 'PHP_SELF' ]; ?> " method = "GET" >
< input type = "hidden" name = "as" value = "clan/profil" >
< input type = "hidden" name = "charm" value = "1" >
< table cellpadding = "0" cellspacing = "0" width = "100%" height = "51" >
< tr >
< td valign = "top" colspan = "2" height = "32" >
< p align = "center" > < b > Ihr Profil< / b > < / td >
< / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > Level< / b > < / td >
< td valign = "top" height = "25" width = "191" >
<?php echo " $clan[level] " ; ?> </ td >
< / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > Exp< / b > < / td >
< td valign = "top" height = "25" width = "191" >
<?php echo " $clan[min_exp] / $clan[max_exp] " ; ?> </ td >
< / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > Clanname< / b > < / td >
< td valign = "top" height = "25" width = "191" >
< input id = "input" name = "clan_name" value = " <?php echo $clan [ clanname ]; ?> " ></ td >
< / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > Passwort< / b > < / td >
< td valign = "top" height = "25" width = "191" >
< input id = "input" name = "clan_pw" value = " <?php echo $clan [ pw ]; ?> " size = '20' ></ td >
< / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > Homepage< / b > < / td >
< td valign = "top" height = "25" width = "191" >
< input id = "input" name = 'clan_page' value = " <?php echo $clan [ 'homepage' ]; ?> " size = '20' ></ td >
< / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > Banner (468 x 60)< / b > < / td >
< td valign = "top" height = "25" width = "191" >
< input id = "input" name = 'clan_banner' value = " <?php echo $clan [ 'banner' ]; ?> " size = '20' ></ td >
< / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > Clanzeichen vorn< / b > < / td >
< td valign = "top" height = "25" width = "191" >
< input id = "input" name = 'clan_v' size = '20' maxlength = 10 value = " <?php echo $clan_8 [ 0 ]; ?> " ></ td >
< / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > Clanzeichen hinten< / b > < / td >
< td valign = "top" height = "25" width = "191" >
< input id = "input" name = 'clan_b' size = '20' maxlength = 10 value = " <?php echo $clan_8 [ 1 ]; ?> " ></ td >
< / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > Leader< / b > < / td >
< td valign = "top" height = "25" width = "191" >
< select id = "input" name = "new_leader" >
< option value = "" > < / option >
<?php
$x = 0;
while ($row = mysql_fetch_array($clan1)) {
if ($row[id] == $clan[leader]) {
$selected[$x] = "selected";
}
echo "< option value = $row[id] $ selected [ $ x ] > $row[nickname]";
$x++;
}
?>
< / select >
< / td > < / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > Co. Leader< / b > < / td >
< td valign = "top" height = "25" width = "191" >
< select id = "input" name = "co_leader" >
< option value = "" > < / option >
<?php
$y = 0;
while ($row = mysql_fetch_array($clan2)) {
if ($row[id] == $clan[co_leader]) {
$selecteds[$y] = "selected";
}
echo "< option value = $row[id] $ selecteds [ $ y ] > $row[nickname]";
$y++;
}
?>
< / select >
< / td > < / tr >
< tr >
< td height = "25" width = "162" valign = "top" >
< p align = "center" > < b > Clan Info< / b > < / td >
< td height = "25" width = "395" valign = "top" > < textarea id = "input" rows = "5" cols = "30" name = "clan_info" > <?php echo $clan [ info ]; ?> </ textarea ></ td >
< / tr >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < b > < / b > < / td >
< td valign = "top" height = "25" width = "191" >
< input id = "input" type = submit value = 'speichern' >
< / td > < / tr >
< / table >
<?php
if ($clan[leader] == $user_ida[id]) {
?>
< hr style = "width:500px; color:#333333; border-style:solid;" >
< table >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < / td >
< td valign = "top" height = "25" width = "191" >
< p align = "left" >
< tr >
< td valign = "top" height = "25" width = "195" >
< p align = "center" > < / td >
< td valign = "top" height = "25" width = "191" >
< p align = "left" > < a href = "index.php?as=clan/del" > Clan lö schen< p > < / a >
<?php
}
?>
< / td > < / tr >
< / table >
< / form >
< / body >
< / html >