Hecht
/
agng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Code Säuberung

Browse Source 
2 weitere Usergruppen hinzugefügt
Charaktere können keine TF essen, wenn sie nicht 'frei' sind
Der Gewinner des WT bekommt die Möglichkeit, seinen Account vor der automatischen Löschung zu schützen.
main
radiskull 13 years ago
parent db79561dc1
commit 519f8f7ea0
5 changed files with 212 additions and 170 deletions
Show Stats Download Patch File Download Diff File

2
ag/gm/include/user.inc.php
Unescape View File

@ -40,7 +40,7 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
$username = validateName($name);
if($username !== NULL) {
if ($delete !== NULL && $delete >= 0) {
removeUserToGroup($username, $delete);
removeUserFromGroup($username, $delete);
} else if($add !== NULL && $add >= 0) {
addUserToGroup($username, $add);
}

4
ag/include/usergroup.inc.php
Unescape View File

@ -12,6 +12,8 @@ define("tester", 2);
define("entwickler", 3);
define("designer", 4);
define("Werbung_an", 5);
define("inaktiv_loeschschutz", 6);
define("aktiv_loeschschutz", 7);
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php');
@ -51,7 +53,7 @@ function isUserInGroup($usergrouparray, $group) {
return false;
}
function removeUserToGroup($user, $group) {
function removeUserFromGroup($user, $group) {
if($user !== NULL) {
if ($group !== NULL && $group >= 0) {
$qry = 'DELETE FROM user_gruppe_zuordnung WHERE user_id in (SELECT id FROM user WHERE nickname = \''.$user.

56
ag/item.php
Unescape View File

@ -41,7 +41,6 @@ else document.forms[0].elements['submit'].disabled=true;
$user = $user_ida;
if ($charm == 1) {
$item_info1 = mysql_fetch_array(mysql_query("SELECT item_id, id, user FROM ware WHERE id='$item_id1' LIMIT 1"));
$item_info3 = mysql_fetch_array(mysql_query("SELECT preis, anzahl, hp, mp, starke, verteidigung, speed, s_type, type FROM item WHERE id='$item_info1[item_id]' LIMIT 1"));
$char_id1 = getChar($char_id2);
@ -64,23 +63,23 @@ if ($charm == 1) {
exit;
}
$hp1 = explode(",", $char_id1[hp]);
$mp1 = explode(",", $char_id1[mp]);
$hp1 = explode(",", $char_id1['hp']);
$mp1 = explode(",", $char_id1['mp']);
$st1 = explode(",", $item_info3[starke]);
$st1 = explode(",", $item_info3['starke']);
$hp2 = explode(",", $item_info3[hp]);
$mp2 = explode(",", $item_info3[mp]);
$hp2 = explode(",", $item_info3['hp']);
$mp2 = explode(",", $item_info3['mp']);
$ver1 = explode(",", $item_info3[verteidigung]);
$speed1 = explode(",", $item_info3[speed]);
$ver1 = explode(",", $item_info3['verteidigung']);
$speed1 = explode(",", $item_info3['speed']);
$new_hp2 = $hp1[1] + $hp2[1];
$new_mp2 = $mp1[1] + $mp2[1];
$new_hp = $hp1[0] + $hp2[0];
$new_mp = $mp1[0] + $mp2[0];
$new_starke = $st1[0] + $char_id1[starke];
$new_ver = $ver1[0] + $char_id1[verteidigung];
$new_speed = $speed1[0] + $char_id1[speed];
$new_starke = $st1[0] + $char_id1['starke'];
$new_ver = $ver1[0] + $char_id1['verteidigung'];
$new_speed = $speed1[0] + $char_id1['speed'];
if ($new_hp > $hp1[1]) {
$new_hp = $hp1[1];
@ -129,27 +128,35 @@ if ($charm == 6) {
$item_info = mysql_fetch_array(mysql_query("SELECT w.user, i.item, i.starke, i.ver, i.speed, i.ausdauer, i.hp, i.mp, i.glueck FROM wochen_ware w LEFT JOIN wochen_markt i ON(i.id=w.item) WHERE w.id='$sp_item' LIMIT 1"));
$char_id1 = getChar($char_id2);
if ($item_info[user] != $user[id]) {
if ($item_info['user'] != $user['id']) {
displayErrorMessage(NULL,'Dieses Item gehört nicht dir', displayHistoryBackLink());
exit;
}
if ($char_id1[besitzer] != $user[id]) {
if ($char_id1['besitzer'] != $user['id']) {
displayErrorMessage(NULL,'Dieser Charakter gehört nicht dir!', displayHistoryBackLink());
exit;
}
if ($char_id1['status'] != 'frei') {
displayErrorMessage(NULL,'Dieser Charakter ist nicht frei!', displayHistoryBackLink());
exit;
}
echo 'vars:';
print_r($char_id1);
$hp1 = explode(",", $char_id1[hp]);
$mp1 = explode(",", $char_id1[mp]);
$hp1 = explode(",", $char_id1['hp']);
$mp1 = explode(",", $char_id1['mp']);
$new_hp2 = $hp1[1] + $item_info[hp];
$new_mp2 = $mp1[1] + $item_info[mp];
$new_hp2 = $hp1[1] + $item_info['hp'];
$new_mp2 = $mp1[1] + $item_info['mp'];
$new_starke = $item_info[starke] + $char_id1[starke];
$new_ver = $item_info[ver] + $char_id1[verteidigung];
$new_speed = $item_info[speed] + $char_id1[speed];
$new_ausdauer = $item_info[ausdauer] + $char_id1[ausdauer];
$new_glueck = $item_info[glueck] + $char_id1[glueck];
$new_starke = $item_info['starke'] + $char_id1['starke'];
$new_ver = $item_info['ver'] + $char_id1['verteidigung'];
$new_speed = $item_info['speed'] + $char_id1['speed'];
$new_ausdauer = $item_info['ausdauer'] + $char_id1['ausdauer'];
$new_glueck = $item_info['glueck'] + $char_id1['glueck'];
mysql_Query("UPDATE chars SET frucht='$item_info[item]', ausdauer='$new_ausdauer', glueck='$new_glueck', starke='$new_starke', verteidigung='$new_ver', speed='$new_speed', hp='$hp1[0],$new_hp2', mp='$mp1[0],$new_mp2' WHERE id='$char_id2' LIMIT 1");
mysql_query("DELETE FROM wochen_ware WHERE id='$sp_item' LIMIT 1");
@ -163,6 +170,9 @@ $sql = "SELECT item_id, count(item_id) as anzahl, user, id, ru_mal FROM ware WHE
//echo $sql;
$item2 = mysql_query($sql);
$item1 = mysql_query("SELECT item_id, id, ru_mal FROM ware WHERE user='$user[id]' group by item_id");
print_r($char_id1);
?>
<div align="center">
@ -171,7 +181,7 @@ $item1 = mysql_query("SELECT item_id, id, ru_mal FROM ware WHERE user='$user[id]
<tr>
<th align="center">Item nutzen</th>
</tr>
<tr>
<tr>
<td width="488" height="50" align="center">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
<input type="hidden" name="as" value="item">

318
ag/profil.php
Unescape View File

@ -21,6 +21,7 @@ $new_nick2 = validateName($_GET['new_nick2']);
$homepage = validateString($_GET['homepage']);
$chat = validateString($_GET['chat']);
$ads = validateString($_GET['ads']);
$acc_delete = validateString($_GET['acc_delete']);
$alt_pw = validateString($_GET['alt_pw']);
// Unkritisch
@ -42,59 +43,73 @@ function isNickChanged($user){
}
function changeProfil($user, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads){
if(!is_numeric($chat)){
displayErrorMessage(NULL,'Chat-Feld inkorrekt ausgefuellt!','');
return;
}
if(!is_numeric($ads)){
displayErrorMessage(NULL,'Werbung-Feld inkorrekt ausgefuellt!','');
return;
}
if($new_nick == $new_nick2 && $new_nick !== ''){
$raw_nick = $new_nick;
if(!isNickChanged($user) && $new_nick != $user['nickname'] && $raw_nick == $new_nick) {
$sql = 'Update user set nickname = \''.$new_nick.'\' where id = '.$user['id'];
function changeProfil($user, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads, $acc_delete){
if(!is_numeric($chat)){
displayErrorMessage(NULL,'Chat-Feld inkorrekt ausgefuellt!','');
return;
}
if(!is_numeric($ads)){
displayErrorMessage(NULL,'Werbung-Feld inkorrekt ausgefuellt!','');
return;
}
if($new_nick == $new_nick2 && $new_nick !== ''){
$raw_nick = $new_nick;
if(!isNickChanged($user) && $new_nick != $user['nickname'] && $raw_nick == $new_nick) {
$sql = 'Update user set nickname = \''.$new_nick.'\' where id = '.$user['id'];
mysql_query($sql);
if(mysql_affected_rows() > 0){
$sql = 'Insert into user_rename(pre_name, post_name, datum, userid) values(\''.$user['nickname'].'\', \''.$new_nick.'\', now(), '.$user['id'].')';
// echo $sql;
mysql_query($sql);
if(mysql_affected_rows() > 0){
$sql = 'Insert into user_rename(pre_name, post_name, datum, userid) values(\''.$user['nickname'].'\', \''.$new_nick.'\', now(), '.$user['id'].')';
// echo $sql;
mysql_query($sql);
displayErrorMessage('Nickname erfolgreich ge&auml;ndert','Ein neuer Login wird jedoch nun ben&ouml;tigt.','');
} else{
displayErrorMessage('Fehler','Nickname konnte nicht ge&auml;ndert werden.','');
}
} else if($new_nick != $raw_nick){
displayErrorMessage('Neuer Nickname ung&uuml;ltig!','Es sind Sonderzeichen erlaubt!','');
displayErrorMessage('Nickname erfolgreich ge&auml;ndert','Ein neuer Login wird jedoch nun ben&ouml;tigt.','');
} else{
displayErrorMessage('Fehler','Nickname konnte nicht ge&auml;ndert werden.','');
}
} else if($new_nick !== ''){
} else if($new_nick != $raw_nick){
displayErrorMessage('Neuer Nickname ung&uuml;ltig!','Es sind Sonderzeichen erlaubt!','');
}
} else if($new_nick !== ''){
displayErrorMessage('Neuer Nickname ung&uuml;ltig!','Es sind Sonderzeichen erlaubt!','');
}
if($new_pw) {
if($new_pw == "") {
displayErrorMessage(NULL,'Neues Passwort nicht angegeben!','');
return;
}
$alt_pw = encryptPassword($alt_pw);
if($alt_pw != $user['passwort']) {
displayErrorMessage(NULL,'Passwort falsch!','');
return;
}
setPassword($user['nickname'], $new_pw);
if($new_pw) {
if($new_pw == "") {
displayErrorMessage(NULL,'Neues Passwort nicht angegeben!','');
return;
}
if($ads == 1) {
if(!isUserInGroup($usergroups, Werbung_an)) {
addUserToGroup($user['nickname'], Werbung_an);
}
} else {
if(isUserInGroup($usergroups, Werbung_an)) {
removeUserToGroup($user['nickname'], Werbung_an);
}
$alt_pw = encryptPassword($alt_pw);
if($alt_pw != $user['passwort']) {
displayErrorMessage(NULL,'Passwort falsch!','');
return;
}
setPassword($user['nickname'], $new_pw);
}
if($ads == 1) {
if(!isUserInGroup($usergroups, Werbung_an)) {
addUserToGroup($user['nickname'], Werbung_an);
}
} else {
if(isUserInGroup($usergroups, Werbung_an)) {
removeUserFromGroup($user['nickname'], Werbung_an);
}
}
echo 'Accountdelete: '.$acc_delete;
if($acc_delete == 1) {
if(!isUserInGroup($usergroups, aktiv_loeschschutz)) {
addUserToGroup($user['nickname'], aktiv_loeschschutz);
removeUserFromGroup($user['nickname'], inaktiv_loeschschutz);
}
mysql_query('UPDATE user SET homepage=\''.$homepage.'\', icq=\''.$icq.'\', chat = '.$chat.' WHERE id=\''.$user['id'].'\'');
displayErrorMessage('Profil erfolgreich ge&auml;ndert','Sollte das Passwort ge&auml;ndert worden sein, ist ein erneuter Login erforderlich.','');
return mysql_fetch_assoc(mysql_query('Select * from user where id = '.$user['id']));
} else if($acc_delete == 0) {
if(isUserInGroup($usergroups, aktiv_loeschschutz)) {
removeUserFromGroup($user['nickname'], aktiv_loeschschutz);
addUserToGroup($user['nickname'], inaktiv_loeschschutz);
}
}
mysql_query('UPDATE user SET homepage=\''.$homepage.'\', icq=\''.$icq.'\', chat = '.$chat.' WHERE id=\''.$user['id'].'\'');
displayErrorMessage('Profil erfolgreich ge&auml;ndert','Sollte das Passwort ge&auml;ndert worden sein, ist ein erneuter Login erforderlich.','');
return mysql_fetch_assoc(mysql_query('Select * from user where id = '.$user['id']));
}
@ -104,109 +119,124 @@ function display($user, $usergroups){
}
if($user['schnelllink'] == 2){
$char_schnell = 'selected';
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
<input type="hidden" name="as" value="profil">
<input type="hidden" name="charm" value="1">
<table cellpadding="0" cellspacing="0" width="100%" height="51">
<tr>
<th colspan="2" align="center">Ihr Profil</th>
</tr>
<tr>
<th align="center">Nickname</th>
<td><?php echo $user['nickname']; ?></td>
</tr>
<?php
if(!isNickChanged($user)){
?>
<tr>
<th align="center">Neuer Nickname</th>
<td><input class="input" name="new_nick" value=""/></td>
</tr>
<tr>
<th align="center">Neuer Nickname</th>
<td><input class="input" name="new_nick2" value=""/></td>
</tr>
<?php
}
?>
<tr>
<th align="center">Altes Passwort</th>
<td>
<input id="input" name="alt_pw" type="password" size="35">
</td>
</tr>
<tr>
<th align="center">Neues Passwort</th>
<td>
<input id="input" name="new_pw" type="password" size="35">
</td>
</tr>
<tr>
<th align="center">Homepage</th>
<td>
<input id="input" name="homepage" size="35" value="<?php echo $user['homepage']; ?>">
</td>
</tr>
<tr>
<th align="center">ICQ:</th>
<td>
<input id="input" name="icq" size="35" value="<?php echo $user['icq']; ?>">
</td>
</tr>
<tr>
<th align="center">Werbegrad:</th>
<td>
<?php
if(!isUserInGroup($usergroups, Werbung_an)) {
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?>
moderat: <input type="radio" name="ads" value="0" <?php echo $che1; ?>/>
<?php
//if(!(getLayerAdvertisement() == '' or getLayerAdvertisement == null)){
echo 'hardcore: <input type="radio" name="ads" value="1"'.$che2.'/>';
//}
?>
</td>
</tr>
<tr>
<th align="center">Chat:</th>
<td>
<?php
if($user['chat'] == 1){
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?>
an: <input type="radio" name="chat" value="1" <?php echo $che1; ?>/>
aus: <input type="radio" name="chat" value="0"<?php echo $che2; ?> />
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td>
<input id="input" size="15" type="submit" value="&auml;ndern">
</td>
</tr>
</table>
</form>
<?php
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
<input type="hidden" name="as" value="profil"> <input type="hidden"
name="charm" value="1"> <input type="hidden" name="acc_delete"
value="-1">
<table cellpadding="0" cellspacing="0" width="100%" height="51">
<tr>
<th colspan="2" align="center">Ihr Profil</th>
</tr>
<tr>
<th align="center">Nickname</th>
<td><?php echo $user['nickname']; ?></td>
</tr>
<?php
if(!isNickChanged($user)){
?>
<tr>
<th align="center">Neuer Nickname</th>
<td><input class="input" name="new_nick" value="" /></td>
</tr>
<tr>
<th align="center">Neuer Nickname</th>
<td><input class="input" name="new_nick2" value="" /></td>
</tr>
<?php
}
?>
<tr>
<th align="center">Altes Passwort</th>
<td><input id="input" name="alt_pw" type="password" size="35">
</td>
</tr>
<tr>
<th align="center">Neues Passwort</th>
<td><input id="input" name="new_pw" type="password" size="35">
</td>
</tr>
<tr>
<th align="center">Homepage</th>
<td><input id="input" name="homepage" size="35"
value="<?php echo $user['homepage']; ?>">
</td>
</tr>
<tr>
<th align="center">ICQ:</th>
<td><input id="input" name="icq" size="35"
value="<?php echo $user['icq']; ?>">
</td>
</tr>
<tr>
<th align="center">Werbegrad:</th>
<td><?php
if(!isUserInGroup($usergroups, Werbung_an)) {
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?> moderat: <input type="radio" name="ads" value="0"
<?php echo $che1; ?> /> <?php
if(!(getLayerAdvertisement() == '' or getLayerAdvertisement == null)){
echo 'hardcore: <input type="radio" name="ads" value="1"'.$che2.'/>';
}
?>
</td>
</tr>
<tr>
<th align="center">Chat:</th>
<td><?php
if($user['chat'] == 1){
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?> an: <input type="radio" name="chat" value="1" <?php echo $che1; ?> />
aus: <input type="radio" name="chat" value="0" <?php echo $che2; ?> />
</td>
</tr>
<tr>
<th align="center">Account L&ouml;schschutz</th>
<td><?php
$disabled = '';
$che1 = '';
$che2 = '';
if(isUserInGroup($usergroups, inaktiv_loeschschutz)){
$che1 = '';
$che2 = 'checked="checked"';
} else if (isUserInGroup($usergroups, aktiv_loeschschutz)){
$che1 = 'checked="checked"';
$che2 = '';
} else {
$disabled = 'disabled';
}
?> an: <input type="radio" name="acc_delete" value="1"
<?php echo $che1.' '.$disabled; ?> /> aus: <input type="radio"
name="acc_delete" value="0" <?php echo $che2.' '.$disabled; ?> />
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input id="input" size="15" type="submit" value="&auml;ndern">
</td>
</tr>
</table>
</form>
<?php
}
if($charm == '1'){
$user_ida = changeProfil($user_ida, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads);
$user_ida = changeProfil($user_ida, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads, $acc_delete);
$usergroups = getUserGroups($user_ida['nickname']);
}
}
display($user_ida, $usergroups);

2
ag/turnier.php
Unescape View File

@ -45,7 +45,7 @@ function anmelden($user, $charid, $art){
} else{
$anzahl = 64;
}
// sehr speziell und deswegen nicht getChar();
// sehr speziell und deswegen nicht getChar();
$PRUEF = mysql_num_rows(mysql_query('SELECT id FROM chars WHERE id=\''.$charid.'\' '.$special_clue.' AND besitzer=\''.$user['id'].'\' LIMIT 1'));
if(!$PRUEF) {
displayErrorMessage(NULL,'Charakter erf&uuml;llt die Bestimungen nicht!','<a href="index.php?as=turnier&art='.$art.'">weiter...</a>');

Write Preview
Loading…
Cancel
Save