<?php
/*
*
* @copyright (c) 2009 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/clan.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php');
// GET-Section
if(isset($_GET['action'])) {
$action = $_GET['action'];
} else {
$action = NULL;
}
//Unkritisch
if(isset($_GET['what'])) {
$what = $_GET['what'];
} else {
$what = NULL;
}
// Kritisch (SQL-Injections)
$clan_id = validateUnsignedInteger($_GET['clan_id'], null);
$member = validateUnsignedInteger($_GET['member'], NULL);
$text = validateString($_GET['text']);
$displayMore = true;
if($clan_id == NULL){
if($user_ida['clan'] != null){
$clan_id = $user_ida['clan'];
} else {
$displayMore = false;
}
}
if(isset($_GET['value1'])) {
if($what == 'Banner'){
$value1 = validateURL($_GET['value1']);
} else if($what == 'Homepage' || $what == 'Info' || $what == 'Clan Passwort'){
$value1 = validateString($_GET['value1']);
} else if($what == 'Clanzeichen'){
$value1 = validateString($_GET['value1']);
$value2 = validateString($_GET['value2']);
} else if($what == 'Leadership') {
$value1 = validateUnsignedInteger($_GET['value1'], NULL);
$value2 = validateUnsignedInteger($_GET['value2'], NULL);
}
}
function displayClanProfileReadOnly($clan, $ownclan, $userid){
$member_qry = mysql_query('Select id from user where clan = '.$clan['id']);
$count = mysql_num_rows($member_qry);
$member = array();
while($row = mysql_fetch_assoc($member_qry)){
$tmp = displayUserLinkByID($row['id']);
if($row['id'] == $userid){
$member[] = $tmp.' (< a href = "index.php?as=clan/clan_info&action=fire&member='.$row['id'].'" > verlassen< / a > )';
} else{
$member[] = $tmp;
}
if($row['id'] == $clan['leader']){
$leader = $tmp;
}
if($row['id'] == $clan['co_leader']){
$coleader = $tmp;
}
}
$inv_qry = mysql_query('SELECT userid, TIMESTAMPDIFF(HOUR, now(), valid) as till FROM user_clan_invitations WHERE clanid = '.$clan['id'].' and valid > now()');
$invited = array();
while($row = mysql_fetch_assoc($inv_qry)) {
$invited[] = displayUserLinkByID($row['userid']) . ' (noch ' . $row['till'] . 'h gültig)';
}
?>
< div align = "center" >
< table width = "100%" >
< tr >
< th width = "100%" height = "39" colspan = "2" align = "center" > <?php echo $clan [ 'clanname' ]; ?>
Info< / th >
< / tr >
<?php
if($clan['banner'] != "0"){
?>
< tr >
< td width = "100%" height = "52" colspan = "2" align = "center" > < img
src="<?php echo $clan [ 'banner' ]; ?> " width="468" height="60"></ td >
< / tr >
<?php
}
?>
< tr >
< th width = "20%" align = "Left" > Leader:< / th >
<?php
if($leader == null & & $coleader == null){
if($ownclan) {
echo '< td rowspan = "2" > < a href = "index.php?as=clan/clan_info&action=putsch" > Macht ü bernehmen< / a > < / td > ';
} else {
echo '< td rowspan = "2" > Keine Leader< / td > ';
}
} else{
echo '< td > '.$leader.'< / td > ';
}
?>
< / tr >
< tr >
< th align = "Left" > Co-Leader:< / th >
<?php
if($leader != null & & $coleader != null){
echo '< td > '.$coleader.'< / td > ';
}
?>
< / tr >
< tr >
< th align = "Left" > Clanzeichen:< / th >
< td > <?php echo $clan [ 'clanz_pre' ] . ' ' . $clan [ 'clanz_suff' ]; ?> </ td >
< / tr >
< tr >
< th align = "Left" > Member (<?php echo $count ; ?> ):</ th >
< td > <?php echo join ( '<br>' , $member ); ?> </ td >
< / tr >
<?php
if($ownclan) {
?>
< tr >
< th align = "Left" > Eingeladen< / th >
< td > <?php echo join ( '<br' , $invited ); ?> </ td >
< / tr >
<?php
}
?>
< tr >
< th align = "Left" > Level:< / th >
< td > <?php echo $clan [ 'level' ]; ?> </ td >
< / tr >
< tr >
< th width = "96" height = "25" align = "Left" > Homepage:< / th >
<?php
if($clan['homepage'] != 'Keine'){
echo '< td width = "852" height = "25" > < a href = "'.$clan['homepage'].'" target = _blank > '.$clan['homepage'].'< / a > < / td > ';
} else{
echo '< td width = "852" height = "25" > Keine< / td > ';
}
?>
< / tr >
< tr >
< th align = "Left" > Info:< / th >
< td > <?php echo $clan [ 'info' ]; ?> </ td >
< / tr >
<?php
if($ownclan) {
?>
< tr > < td > < / td > < / tr >
< tr >
< td colspan = "2" >
< form action = " <?php echo $_SERVER [ 'PHP_SELF' ]; ?> " method = "GET" >
< input type = "hidden" name = "as" value = "clan/clan_info" > < input
type="hidden" name="action" value="newsletter">
< table cellpadding = "0" cellspacing = "0" width = "100%" height = "69" >
< tr >
< th height = "18" valign = "top" width = "603" colspan = "2"
class="content">Nachricht an alle Clanmember schicken< / th >
< / tr >
< tr >
< td height = "25" valign = "top" colspan = "2" align = "center" > < textarea
class="input" rows="8" name="text" cols="40">< / textarea > < / td >
< / tr >
< tr >
< td height = "25" valign = "top" colspan = "2" align = "center" > < input
class="input" type="submit" value="abschicken">< / td >
< / tr >
< / table >
< / form >
< / td >
< / tr >
<?php
}
?>
< / table >
< / div >
<?php
}
function displayClanProfileEditable($clan, $userid){
$member_qry = mysql_query('Select id from user where clan = '.$clan['id']);
$member = array();
$count = mysql_num_rows($member_qry);
while($row = mysql_fetch_assoc($member_qry)){
$tmp = displayUserLinkByID($row['id']);
$kickable = true;
if($row['id'] == $clan['leader']){
$leader = $tmp;
$kickable = false;
}
if($row['id'] == $clan['co_leader']){
$coleader = $tmp;
$kickable = false;
}
if($userid == $row['id'] & & $kickable){
$member[] = $tmp.' (< a href = "index.php?as=clan/clan_info&action=fire&member='.$row['id'].'" > verlassen< / a > )';
} else if($kickable){
$member[] = $tmp.' (< a href = "index.php?as=clan/clan_info&action=fire&member='.$row['id'].'" > kicken< / a > )';
} else{
$member[] = $tmp;
}
}
$inv_qry = mysql_query('SELECT userid, TIMESTAMPDIFF(HOUR, now(), valid) as till FROM user_clan_invitations WHERE clanid = '.$clan['id'].' and valid > now()');
$invited = array();
while($row = mysql_fetch_assoc($inv_qry)) {
$invited[] = displayUserLinkByID($row['userid']) . ' (noch ' . $row['till'] . 'h gültig, < a href = "index.php?as=clan/clan_info&action=reject&member='.$row['userid'].'" > zurückziehen< / a > )';
}
?>
< table width = "100%" >
< tr >
< th width = "500" height = "39" colspan = "2" align = "center" > <?php echo $clan [ 'clanname' ]; ?>
Info< / th >
< / tr >
< tr >
< td width = "100%" height = "52" colspan = "2" align = "center" > <?php
if($clan['banner'] != "0"){
?> < img src = " <?php echo $clan [ 'banner' ]; ?> " width = "468" height = "60" >
<?php
}
?> < br > < a href = "index.php?as=clan/clan_info&action=edit&what=Banner" > (edit)< / a >
< / td >
< / tr >
< tr >
< th width = "25%" align = "Left" > Leader:< a
href="index.php?as=clan/clan_info& action=edit& what=Leadership">(edit)< / a >
< / th >
< td > <?php echo $leader ; ?> </ td >
< / tr >
< tr >
< th align = "Left" > Co-Leader:< a
href="index.php?as=clan/clan_info& action=edit& what=Leadership">(edit)< / a >
< / th >
< td > <?php echo $coleader ; ?> </ td >
< / tr >
< tr >
< th align = "Left" > Clanzeichen:< a
href="index.php?as=clan/clan_info& action=edit& what=Clanzeichen">(edit)< / a >
< / th >
< td > <?php echo $clan [ 'clanz_pre' ] . ' ' . $clan [ 'clanz_suff' ]; ?> </ td >
< / tr >
< tr >
< th align = "Left" > Member (<?php echo $count ; ?> ):</ th >
< td > <?php echo join ( '<br>' , $member ); ?> </ td >
< / tr >
< tr >
< th align = "Left" > Eingeladen< / th >
< td > <?php echo join ( '<br' , $invited ); ?> </ td >
< / tr >
< tr >
< th align = "Left" > Level:< / th >
< td > <?php echo $clan [ 'level' ]; ?> </ td >
< / tr >
< tr >
< th align = "Left" > Homepage:< a
href="index.php?as=clan/clan_info& action=edit& what=Homepage">(edit)< / a >
< / th >
<?php
if($clan['homepage'] != 'Keine'){
echo '< td > < a href = "'.$clan['homepage'].'" target = _blank > '.$clan['homepage'].'< / a > < / td > ';
} else{
echo '< td > Keine< / td > ';
}
?>
< / tr >
< tr >
< th align = "Left" > Info:< a
href="index.php?as=clan/clan_info& action=edit& what=Info">(edit)< / a > < / th >
< td > <?php echo $clan [ 'info' ]; ?> </ td >
< / tr >
< tr >
< th align = "left" > Clan auflö sen< / th >
< td > < a
href="javascript:if(confirm('Wirklich lö schen?')==true) window.location.href='index.php?as=clan/clan_info& action=kill'">Clan
lö schen< / a > < / td >
< / tr >
< tr > < td > < / td > < / tr >
< tr >
< td colspan = "2" >
< form action = " <?php echo $_SERVER [ 'PHP_SELF' ]; ?> " method = "GET" >
< input type = "hidden" name = "as" value = "clan/clan_info" > < input
type="hidden" name="action" value="newsletter">
< table cellpadding = "0" cellspacing = "0" width = "100%" height = "69" >
< tr >
< th height = "18" valign = "top" width = "603" colspan = "2"
class="content">Nachricht an alle Clanmember schicken< / th >
< / tr >
< tr >
< td height = "25" valign = "top" colspan = "2" align = "center" > < textarea
class="input" rows="8" name="text" cols="40">< / textarea > < / td >
< / tr >
< tr >
< td height = "25" valign = "top" colspan = "2" align = "center" > < input
class="input" type="submit" value="abschicken">< / td >
< / tr >
< / table >
< / form >
< / td >
< / tr >
< / table >
<?php
}
function displayClanProfile($clanid, $user){
$sql = 'SELECT * FROM clan where clan.id = '.$clanid;
// echo $sql.'< br > ';
$clan = mysql_fetch_assoc(mysql_query($sql));
$editable = $clan['leader'] == $user['id'] || $clan['co_leader'] == $user['id'];
if(!$editable){
displayClanProfileReadOnly($clan, $user['clan'] == $clan['id'], $user['id']);
} else{
displayClanProfileEditable($clan, $user['id']);
}
}
function setMeAsLeader($user){
mysql_query('UPDATE clan set leader = '.$user['id'].' WHERE id = '.$user['clan'].' and leader is null and co_leader is null');
}
function sendClanNewsletter($user, $text){
$qry = mysql_query('SELECT * FROM clan WHERE id = ' . $user['clan']);
$clan = mysql_fetch_assoc($qry);
$errors = FALSE;
$sql = 'SELECT id FROM user WHERE clan='.$user['clan'];
$clans = mysql_query($sql);
while($row = mysql_fetch_assoc($clans)) {
$errors |= !sendMessage($user['nickname'], $row['id'], $clan['clanname'].' Nachricht', $text);
}
if($errors) {
displayErrorMessage(NULL,'Beim Versenden sind Fehler aufgetreten', '< a href = "index.php?as=clan/clan_info" > weiter...< / a > ');
} else {
displayErrorMessage(NULL,'Nachricht erfolgreich verschickt', '< a href = "index.php?as=clan/clan_info" > weiter...< / a > ');
}
}
function setProfile($what, $value1, $value2, $clanid, $root){
switch($what){
case 'Homepage':
mysql_query('UPDATE clan SET homepage = \''.$value1.'\' where id = '.$clanid);
return;
case 'Clanzeichen':
mysql_query('UPDATE clan SET clanz_pre = \''.$value1.'\', clanz_suff = \''.$value2.'\' where id = '.$clanid);
return;
case 'Banner':
mysql_query('UPDATE clan SET banner = \''.$value1.'\' where id = '.$clanid);
return;
case 'Info':
mysql_query('UPDATE clan SET Info = \''.$value1.'\' where id = '.$clanid);
return;
case 'Leadership':
if($value1 == 0){$value1 = 'null';}
if($value2 == 0){$value2 = 'null';}
if(!$root){
$sql = 'UPDATE clan SET co_leader = '.$value2.' where id = '.$clanid;
mysql_query($sql);
} else{
$sql = 'UPDATE clan SET leader = '.$value1.', co_leader = '.$value2.' where id = '.$clanid;
// echo $sql.'< br > ';
mysql_query($sql);
}
return;
default:
echo 'Error!';
return;
}
}
function displayEdit($what, $clanid, $root){
$clan_qry = mysql_query('Select * from clan where id = '.$clanid);
$clan = mysql_fetch_assoc($clan_qry);
$content = '';
switch($what){
case 'Homepage':
$content = '< tr > < td colspan = "2" > < input class = "input" name = "value1" value = "'.$clan['homepage'].'" / > < / td > < / tr > ';
break;
case 'Clanzeichen':
$content = '< tr > < td > Prefix: < input class = "input" name = "value1" value = "'.$clan['clanz_pre'].'" / > < / td > < td > Suffix: < input class = "input" name = "value2" value = "'.$clan['clanz_suff'].'" / > < / td > < / tr > ';
break;
case 'Banner':
$content = '< tr > < td colspan = "2" > < input class = "input" name = "value1" value = "'.$clan['banner'].'" / > < / td > < / tr > ';
break;
case 'Leadership':
$member_qry = mysql_query('Select id, nickname from user where clan = '.$clanid);
$member[] = '< option value = "0" selected > Niemand< / option > ';
$member2[] = '< option value = "0" selected > Niemand< / option > ';
while($row = mysql_fetch_assoc($member_qry)){
if($row['id'] == $clan['leader']) {
$member[] = '< option value = "'.$row['id'].'" selected = "selected" > '.$row['nickname'].'< / option > ';
} else {
$member[] = '< option value = "'.$row['id'].'" > '.$row['nickname'].'< / option > ';
}
if($row['id'] == $clan['co_leader']) {
$member2[] = '< option value = "'.$row['id'].'" selected = "selected" > '.$row['nickname'].'< / option > ';
} else {
$member2[] = '< option value = "'.$row['id'].'" > '.$row['nickname'].'< / option > ';
}
}
if($root){
$content = '< tr > < td > Leader:< / td > < td > < select class = "input" name = "value1" / > '.join('',$member).'< / select > < / td > < / tr > ';
}
$content .= '< tr > < td > Co-Leader:< / td > < td > < select class = "input" name = "value2" / > '.join('',$member2).'< / select > < / td > < / tr > ';
break;
case 'Info':
$content = '< tr > < td colspan = "2" > < textarea class = "input" name = "value1" > < / textarea > < / td > < / tr > ';
break;
case 'Clan Passwort':
$content = '< tr > < td colspan = "2" > < input class = "input" name = "value1" / > < / td > < / tr > ';
break;
default:
$content = '< tr > < td colspan = "2" > Error '.$what.' unknown!< / td > < / tr > ';
break;
}
?>
< form action = "index.php" method = "GET" >
< input type = "hidden" name = "as" value = "clan/clan_info" / > < input
type="hidden" name="action" value="edit" /> < input type = "hidden"
name="what" value="<?php echo $what ; ?> " />
< table >
< tr >
< th colspan = "2" > <?php echo $what ; ?> Ä ndern</ th >
< / tr >
<?php echo $content ; ?>
< tr >
< td align = "center" colspan = "2" > < input class = "input" type = "submit"
value="Edit" />
< / td >
< / tr >
< / table >
< / form >
<?php
}
function fireMember($user, $member){
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user['clan']));
if($member != $row['leader'] & & $member != $row['co_leader'] & & ($user['id'] == $row['leader'] || $user['id'] == $row['co_leader'] || $member == $user['id'])){
$sql = 'Update user set clan = NULL where id = '.$member.' AND clan = '.$user['clan'];
// echo $sql.'< br > ';
mysql_query($sql);
if(mysql_affected_rows() > 0){ // Soll nur ausgeführt werden, wenn member wirklich gekickt wurde!!
$sql = 'Update chars set clan_train = NULL where besitzer = '.$member;
mysql_query($sql);
sendMessage($user['nickname'], $member, 'Clan rauswurf!', 'Du wurdest von '.$user['nickname'].' aus deinem Clan geworfen. Du wirst dir wohl einen neuen suchen mü ssen!');
}
} else{
echo displayErrorMessage(NULL, 'Du kannst den Member nicht feuern!', displayHistoryBackLink());
}
}
function deleteClan($user){
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user['clan']));
if($user['id'] == $row['leader']){
$qry = mysql_query('SELECT id FROM user WHERE clan = '.$user['clan']);
while($member = mysql_fetch_assoc($qry)) {
sendMessage($user['nickname'], $member['id'], 'Clan wurde gelöscht!', 'Dein Clan wurde von '.$user['nickname'].' gelö scht. Du wirst dir wohl einen neuen suchen mü ssen!');
}
mysql_query('DELETE FROM clan where id = '.$user['clan']);
} else{
echo displayErrorMessage(NULL, 'Du kannst den Clan nicht auflö sen!', displayHistoryBackLink());
}
}
//if($edit == 1){
// $row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user_ida['clan']));
// if($row['leader'] != $user_ida['id'] & & $row['co_leader'] != $user_ida['id']){
// displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink());
// } else if(isset($value1)){
// setProfile($what, $value1, $value2, $user_ida['clan'], $row['leader'] == $user_ida['id'] || $row['leader'] === null);
// } else{
// displayEdit($what, $user_ida['clan'],$row['leader'] == $user_ida['id'] || $row['leader'] === null);
// $displayMore = false;
// }
//} else if($putsch == 1){
// setMeAsLeader($user_ida);
//} else if($fire == 1){
// fireMember($user_ida, $member);
//} else if($kill == 1){
// deleteClan($user_ida);
//} else if($reject == 1) {
// $errorMsg = revokeInvitation($user_ida, $member);
// if($errorMsg !== NULL) {
// echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink());
// $displayMore = false;
// } else {
// displayErrorMessage('','Du hast die Einladung erfolgreich zurü ckgezogen!', '< a href = "index.php?as=clan/clan_info" > weiter< / a > ');
// $displayMore = false;
// }
//}
if($action !== NULL) { // this is done to not require to reprogramm the whole stuff!
switch ($action) {
case 'edit':
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user_ida['clan']));
if($row['leader'] != $user_ida['id'] & & $row['co_leader'] != $user_ida['id']){
displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink());
} else if(isset($value1)){
setProfile($what, $value1, $value2, $user_ida['clan'], $row['leader'] == $user_ida['id'] || $row['leader'] === null);
} else{
displayEdit($what, $user_ida['clan'],$row['leader'] == $user_ida['id'] || $row['leader'] === null);
$displayMore = false;
}
break;
case 'fire':
fireMember($user_ida, $member);
break;
case 'putsch':
setMeAsLeader($user_ida);
break;
case 'kill':
deleteClan($user_ida);
$displayMore = false;
break;
case 'reject':
$errorMsg = revokeInvitation($user_ida, $member);
if($errorMsg !== NULL) {
echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink());
$displayMore = false;
} else {
displayErrorMessage('','Du hast die Einladung erfolgreich zurü ckgezogen!', '< a href = "index.php?as=clan/clan_info" > weiter< / a > ');
$displayMore = false;
}
break;
case 'newsletter':
sendClanNewsletter($user_ida, $text);
$displayMore = false;
break;
default:
break;
}
}
if($displayMore){
displayClanProfile($clan_id, $user_ida);
}
?>
