Hecht
/
agng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'defc2c73f1'
${ noResults }
agng/ag/clan/add.php

162 lines
5.5 KiB
Raw Normal View History Unescape

13 years ago
<?php
/*
*
* @copyright (c) 2009 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$clan_name = validateName($_GET['clan_name']);
$clan_pw = validateString($_GET['clan_pw']);
$poll1 = validateString($_GET['poll1']);
$poll2 = validateString('ASC');
$pagenum = validateUnsignedInteger($_GET['pagenum'], null);
// Unkritisch
$charm = $_GET['charm'];
$user = $user_ida;
if ($charm == 1) {
$clan = mysql_fetch_assoc(mysql_query('SELECT *, (Select 10 - count(*) from user u where clan = c.id and ((c.leader is null || c.leader != u.id) and (c.co_leader is null || c.co_leader != u.id))) as freeslots FROM clan c WHERE clanname=\''.$clan_name.'\' AND pw=\''.$clan_pw.'\''));
if (!$clan['id']) {
displayErrorMessage(NULL, 'Clanname oder Clanpasswort ist falsch!', displayHistoryBackLink());
exit;
}
if ($user['clan'] != 0) {
displayErrorMessage(NULL, 'Du bist schon in einem Clan!', displayHistoryBackLink());
exit;
}
if ($clan['freeslots'] <= 0) { // Keine Plätze mehr frei
displayErrorMessage(NULL, 'Der Clan ist voll!', displayHistoryBackLink());
exit;
}
mysql_query('UPDATE user SET clan='.$clan['id'].' WHERE id='.$user_ida['id']);
displayErrorMessage(NULL, 'Du bist jetzt im '.$clan_name.' Clan', '<a href="index.php?as=clan/index">weiter...</a>');
exit;
}
?>
<form action="index.php" method="GET">
<input type="hidden" name="as" value="clan/add">
<input type="hidden" name="charm" value="1">
<table cellpadding="0" cellspacing="0" width="100%">
<!-- MSTableType="layout" -->
<tr>
<td height="30" valign="top" width="585" colspan="6">
<p align="center"><b>Clan Beitreten</b><p align="center">&nbsp;</td>
</tr>
<tr>
<td height="30" valign="center" width="296" colspan="3">
<p align="right"><b>Clanname</b></td>
<td height="30" valign="center" width="289" colspan="3">
&nbsp;<input name="clan_name" size=20></td>
</tr>
<tr>
<td height="30" valign="top" width="296" colspan="3">
<p align="right"><b>Clan Passwort</b></td>
<td height="30" valign="center" width="289" colspan="3">
&nbsp;<input name="clan_pw" size=10> <input type=submit value="Beitreten">
</td>
</tr>
<?php
if (!$poll1) {
$poll1 = 'clanname';
$poll2 = 'ASC';
}
if ($poll1 == 'clanname' AND $poll2 == 'ASC') {
$poll['clanname'] = 'DESC';
} else {
$poll['clanname'] = 'ASC';
}
if ($poll1 == 'leader' AND $poll2 == 'ASC') {
$poll['leader'] = 'DESC';
} else {
$poll['leader'] = 'ASC';
}
if ($poll1 == 'geld' AND $poll2 == 'ASC') {
$poll['geld'] = 'DESC';
} else {
$poll['geld'] = 'ASC';
}
$ready = 'clan/add&pagenum='.$pagenum;
?>
<tr>
<td height="33" width="96" valign="top">
<p align="center"><b><?php echo '<a href="index.php?as='.$ready.'&poll1=clanname&poll2='.$poll['clanname'].'">Clanname</a>'; ?></b></td>
<td height="33" width="128" valign="top">
<p align="center"><b><?php echo "<a href='index.php?as=$ready&poll1=leader&poll2=$poll[leader]'>Leader</a>"; ?></b></td>
<td height="33" width="76" valign="top">
<p align="center"><b>Mitglieder</b></td>
<td height="33" width="98" valign="top">
<p align="center"><b><?php echo "<a href='index.php?as=$ready&poll1=geld&poll2=$poll[geld]'>Geld</a>"; ?></b></td>
<td height="33" width="76" valign="top">
<p align="center"><b>Info</b></td>
<td height="33" width="115" valign="top">
<p align="center"><b>Beitreten</b></td>
</tr>
<?php
// TODO: Seitenzahlen ueber displayfunction funktion
if (!is_numeric($pagenum) || $pagenum <= 1) {
$pagenum = 0;
} else{
$pagenum = ($pagenum -1) * 10;
}
$clan = mysql_Query('SELECT c.clanzeichen, c.clanname, c.geld, c.info, c.id, u.id AS uid, u.nickname FROM clan c LEFT JOIN user u ON(c.leader=u.id) ORDER BY '.$poll1.' '.$poll2.' LIMIT '.$pagenum.',20');
while ($row = mysql_fetch_array($clan)) {
$mitglieder = mysql_num_rows(mysql_query('SELECT id FROM user WHERE clan='.$row['id']));
$z_v = explode(',', $row['clanzeichen']);
?>
<tr>
<td height="35" width="96" valign="top">
<p align="center"><?php echo $row['clanname']; ?></td>
<td height="25" width="128" valign="top">
<p align="center"><?php echo displayUserLink($row['uid'], $row['nickname'], $z_v[0], $z_v[1]); ?></td>
<td height="25" width="76" valign="top">
<p align="center"><?php echo $mitglieder; ?></td>
<td height="25" width="98" valign="top">
<p align="center"><?php echo displayMoney($row['geld']); ?></td>
<td height="25" width="100" valign="top">
<p align="center"><?php echo '<a href="index.php?as=clan/clan_info&clan_id='.$row['id'].'">Info</a>'; ?></td>
<td height="25" width="115" valign="top">
<p align="center"><?php echo '<a href="index.php?as=nachricht&charm=1&besitzer='.$row['nickname'].'">Beitreten</a>'; ?></td>
</tr>
<?php
// TODO: Seitenzahlen aus Designfunctions benutzen!!!
}
$Total = mysql_num_rows(mysql_query('SELECT id FROM clan'));
$pages = ceil($Total / 20);
$z = 1;
$i = 0;
while ($pages > $i) {
$seiten .= '&nbsp;<a href="index.php?as=clan/add&pagenum='.$z.'">'.$z.'</a>&nbsp;';
$z++;
$i++;
}
?>
<tr>
<td height="18" width="589" valign="top" colspan="6">&nbsp;<b>Seite
<?php echo $seiten; ?></b></td>
</tr>
</table>
</form>