diff --git a/ag/gm/include/user.inc.php b/ag/gm/include/user.inc.php index 96d1324..930a239 100644 --- a/ag/gm/include/user.inc.php +++ b/ag/gm/include/user.inc.php @@ -40,7 +40,7 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) { $username = validateName($name); if($username !== NULL) { if ($delete !== NULL && $delete >= 0) { - removeUserToGroup($username, $delete); + removeUserFromGroup($username, $delete); } else if($add !== NULL && $add >= 0) { addUserToGroup($username, $add); } diff --git a/ag/include/usergroup.inc.php b/ag/include/usergroup.inc.php index 37d83da..e3c0c81 100644 --- a/ag/include/usergroup.inc.php +++ b/ag/include/usergroup.inc.php @@ -12,6 +12,8 @@ define("tester", 2); define("entwickler", 3); define("designer", 4); define("Werbung_an", 5); +define("inaktiv_loeschschutz", 6); +define("aktiv_loeschschutz", 7); include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php'); @@ -51,7 +53,7 @@ function isUserInGroup($usergrouparray, $group) { return false; } -function removeUserToGroup($user, $group) { +function removeUserFromGroup($user, $group) { if($user !== NULL) { if ($group !== NULL && $group >= 0) { $qry = 'DELETE FROM user_gruppe_zuordnung WHERE user_id in (SELECT id FROM user WHERE nickname = \''.$user. diff --git a/ag/item.php b/ag/item.php index 79dd018..0c6bfd9 100644 --- a/ag/item.php +++ b/ag/item.php @@ -41,7 +41,6 @@ else document.forms[0].elements['submit'].disabled=true; $user = $user_ida; if ($charm == 1) { - $item_info1 = mysql_fetch_array(mysql_query("SELECT item_id, id, user FROM ware WHERE id='$item_id1' LIMIT 1")); $item_info3 = mysql_fetch_array(mysql_query("SELECT preis, anzahl, hp, mp, starke, verteidigung, speed, s_type, type FROM item WHERE id='$item_info1[item_id]' LIMIT 1")); $char_id1 = getChar($char_id2); @@ -64,23 +63,23 @@ if ($charm == 1) { exit; } - $hp1 = explode(",", $char_id1[hp]); - $mp1 = explode(",", $char_id1[mp]); + $hp1 = explode(",", $char_id1['hp']); + $mp1 = explode(",", $char_id1['mp']); - $st1 = explode(",", $item_info3[starke]); + $st1 = explode(",", $item_info3['starke']); - $hp2 = explode(",", $item_info3[hp]); - $mp2 = explode(",", $item_info3[mp]); + $hp2 = explode(",", $item_info3['hp']); + $mp2 = explode(",", $item_info3['mp']); - $ver1 = explode(",", $item_info3[verteidigung]); - $speed1 = explode(",", $item_info3[speed]); + $ver1 = explode(",", $item_info3['verteidigung']); + $speed1 = explode(",", $item_info3['speed']); $new_hp2 = $hp1[1] + $hp2[1]; $new_mp2 = $mp1[1] + $mp2[1]; $new_hp = $hp1[0] + $hp2[0]; $new_mp = $mp1[0] + $mp2[0]; - $new_starke = $st1[0] + $char_id1[starke]; - $new_ver = $ver1[0] + $char_id1[verteidigung]; - $new_speed = $speed1[0] + $char_id1[speed]; + $new_starke = $st1[0] + $char_id1['starke']; + $new_ver = $ver1[0] + $char_id1['verteidigung']; + $new_speed = $speed1[0] + $char_id1['speed']; if ($new_hp > $hp1[1]) { $new_hp = $hp1[1]; @@ -129,27 +128,35 @@ if ($charm == 6) { $item_info = mysql_fetch_array(mysql_query("SELECT w.user, i.item, i.starke, i.ver, i.speed, i.ausdauer, i.hp, i.mp, i.glueck FROM wochen_ware w LEFT JOIN wochen_markt i ON(i.id=w.item) WHERE w.id='$sp_item' LIMIT 1")); $char_id1 = getChar($char_id2); - if ($item_info[user] != $user[id]) { + if ($item_info['user'] != $user['id']) { displayErrorMessage(NULL,'Dieses Item gehört nicht dir', displayHistoryBackLink()); exit; } - if ($char_id1[besitzer] != $user[id]) { + if ($char_id1['besitzer'] != $user['id']) { displayErrorMessage(NULL,'Dieser Charakter gehört nicht dir!', displayHistoryBackLink()); exit; } + + if ($char_id1['status'] != 'frei') { + displayErrorMessage(NULL,'Dieser Charakter ist nicht frei!', displayHistoryBackLink()); + exit; + } + + echo 'vars:'; + print_r($char_id1); - $hp1 = explode(",", $char_id1[hp]); - $mp1 = explode(",", $char_id1[mp]); + $hp1 = explode(",", $char_id1['hp']); + $mp1 = explode(",", $char_id1['mp']); - $new_hp2 = $hp1[1] + $item_info[hp]; - $new_mp2 = $mp1[1] + $item_info[mp]; + $new_hp2 = $hp1[1] + $item_info['hp']; + $new_mp2 = $mp1[1] + $item_info['mp']; - $new_starke = $item_info[starke] + $char_id1[starke]; - $new_ver = $item_info[ver] + $char_id1[verteidigung]; - $new_speed = $item_info[speed] + $char_id1[speed]; - $new_ausdauer = $item_info[ausdauer] + $char_id1[ausdauer]; - $new_glueck = $item_info[glueck] + $char_id1[glueck]; + $new_starke = $item_info['starke'] + $char_id1['starke']; + $new_ver = $item_info['ver'] + $char_id1['verteidigung']; + $new_speed = $item_info['speed'] + $char_id1['speed']; + $new_ausdauer = $item_info['ausdauer'] + $char_id1['ausdauer']; + $new_glueck = $item_info['glueck'] + $char_id1['glueck']; mysql_Query("UPDATE chars SET frucht='$item_info[item]', ausdauer='$new_ausdauer', glueck='$new_glueck', starke='$new_starke', verteidigung='$new_ver', speed='$new_speed', hp='$hp1[0],$new_hp2', mp='$mp1[0],$new_mp2' WHERE id='$char_id2' LIMIT 1"); mysql_query("DELETE FROM wochen_ware WHERE id='$sp_item' LIMIT 1"); @@ -163,6 +170,9 @@ $sql = "SELECT item_id, count(item_id) as anzahl, user, id, ru_mal FROM ware WHE //echo $sql; $item2 = mysql_query($sql); $item1 = mysql_query("SELECT item_id, id, ru_mal FROM ware WHERE user='$user[id]' group by item_id"); + + +print_r($char_id1); ?>
@@ -171,7 +181,7 @@ $item1 = mysql_query("SELECT item_id, id, ru_mal FROM ware WHERE user='$user[id] Item nutzen - +
diff --git a/ag/profil.php b/ag/profil.php index 6a78d35..a663fb9 100644 --- a/ag/profil.php +++ b/ag/profil.php @@ -21,6 +21,7 @@ $new_nick2 = validateName($_GET['new_nick2']); $homepage = validateString($_GET['homepage']); $chat = validateString($_GET['chat']); $ads = validateString($_GET['ads']); +$acc_delete = validateString($_GET['acc_delete']); $alt_pw = validateString($_GET['alt_pw']); // Unkritisch @@ -42,59 +43,73 @@ function isNickChanged($user){ } -function changeProfil($user, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads){ - if(!is_numeric($chat)){ - displayErrorMessage(NULL,'Chat-Feld inkorrekt ausgefuellt!',''); - return; - } - if(!is_numeric($ads)){ - displayErrorMessage(NULL,'Werbung-Feld inkorrekt ausgefuellt!',''); - return; - } - if($new_nick == $new_nick2 && $new_nick !== ''){ - $raw_nick = $new_nick; - if(!isNickChanged($user) && $new_nick != $user['nickname'] && $raw_nick == $new_nick) { - $sql = 'Update user set nickname = \''.$new_nick.'\' where id = '.$user['id']; +function changeProfil($user, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads, $acc_delete){ + if(!is_numeric($chat)){ + displayErrorMessage(NULL,'Chat-Feld inkorrekt ausgefuellt!',''); + return; + } + if(!is_numeric($ads)){ + displayErrorMessage(NULL,'Werbung-Feld inkorrekt ausgefuellt!',''); + return; + } + if($new_nick == $new_nick2 && $new_nick !== ''){ + $raw_nick = $new_nick; + if(!isNickChanged($user) && $new_nick != $user['nickname'] && $raw_nick == $new_nick) { + $sql = 'Update user set nickname = \''.$new_nick.'\' where id = '.$user['id']; + mysql_query($sql); + if(mysql_affected_rows() > 0){ + $sql = 'Insert into user_rename(pre_name, post_name, datum, userid) values(\''.$user['nickname'].'\', \''.$new_nick.'\', now(), '.$user['id'].')'; + // echo $sql; mysql_query($sql); - if(mysql_affected_rows() > 0){ - $sql = 'Insert into user_rename(pre_name, post_name, datum, userid) values(\''.$user['nickname'].'\', \''.$new_nick.'\', now(), '.$user['id'].')'; -// echo $sql; - mysql_query($sql); - displayErrorMessage('Nickname erfolgreich geändert','Ein neuer Login wird jedoch nun benötigt.',''); - } else{ - displayErrorMessage('Fehler','Nickname konnte nicht geändert werden.',''); - } - } else if($new_nick != $raw_nick){ - displayErrorMessage('Neuer Nickname ungültig!','Es sind Sonderzeichen erlaubt!',''); + displayErrorMessage('Nickname erfolgreich geändert','Ein neuer Login wird jedoch nun benötigt.',''); + } else{ + displayErrorMessage('Fehler','Nickname konnte nicht geändert werden.',''); } - } else if($new_nick !== ''){ + } else if($new_nick != $raw_nick){ displayErrorMessage('Neuer Nickname ungültig!','Es sind Sonderzeichen erlaubt!',''); } + } else if($new_nick !== ''){ + displayErrorMessage('Neuer Nickname ungültig!','Es sind Sonderzeichen erlaubt!',''); + } - if($new_pw) { - if($new_pw == "") { - displayErrorMessage(NULL,'Neues Passwort nicht angegeben!',''); - return; - } - $alt_pw = encryptPassword($alt_pw); - if($alt_pw != $user['passwort']) { - displayErrorMessage(NULL,'Passwort falsch!',''); - return; - } - setPassword($user['nickname'], $new_pw); + if($new_pw) { + if($new_pw == "") { + displayErrorMessage(NULL,'Neues Passwort nicht angegeben!',''); + return; } - if($ads == 1) { - if(!isUserInGroup($usergroups, Werbung_an)) { - addUserToGroup($user['nickname'], Werbung_an); - } - } else { - if(isUserInGroup($usergroups, Werbung_an)) { - removeUserToGroup($user['nickname'], Werbung_an); - } + $alt_pw = encryptPassword($alt_pw); + if($alt_pw != $user['passwort']) { + displayErrorMessage(NULL,'Passwort falsch!',''); + return; + } + setPassword($user['nickname'], $new_pw); + } + if($ads == 1) { + if(!isUserInGroup($usergroups, Werbung_an)) { + addUserToGroup($user['nickname'], Werbung_an); + } + } else { + if(isUserInGroup($usergroups, Werbung_an)) { + removeUserFromGroup($user['nickname'], Werbung_an); + } + } + echo 'Accountdelete: '.$acc_delete; + if($acc_delete == 1) { + if(!isUserInGroup($usergroups, aktiv_loeschschutz)) { + addUserToGroup($user['nickname'], aktiv_loeschschutz); + removeUserFromGroup($user['nickname'], inaktiv_loeschschutz); } - mysql_query('UPDATE user SET homepage=\''.$homepage.'\', icq=\''.$icq.'\', chat = '.$chat.' WHERE id=\''.$user['id'].'\''); - displayErrorMessage('Profil erfolgreich geändert','Sollte das Passwort geändert worden sein, ist ein erneuter Login erforderlich.',''); - return mysql_fetch_assoc(mysql_query('Select * from user where id = '.$user['id'])); + } else if($acc_delete == 0) { + if(isUserInGroup($usergroups, aktiv_loeschschutz)) { + removeUserFromGroup($user['nickname'], aktiv_loeschschutz); + addUserToGroup($user['nickname'], inaktiv_loeschschutz); + } + } + + + mysql_query('UPDATE user SET homepage=\''.$homepage.'\', icq=\''.$icq.'\', chat = '.$chat.' WHERE id=\''.$user['id'].'\''); + displayErrorMessage('Profil erfolgreich geändert','Sollte das Passwort geändert worden sein, ist ein erneuter Login erforderlich.',''); + return mysql_fetch_assoc(mysql_query('Select * from user where id = '.$user['id'])); } @@ -104,109 +119,124 @@ function display($user, $usergroups){ } if($user['schnelllink'] == 2){ $char_schnell = 'selected'; - } - ?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Ihr Profil
Nickname
Neuer Nickname
Neuer Nickname
Altes Passwort - -
Neues Passwort - -
Homepage - -
ICQ: - -
Werbegrad: - - moderat: /> - '; - //} - ?> -
Chat: - - an: /> - aus: /> -
  - -
-
- +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Ihr Profil
Nickname
Neuer Nickname
Neuer Nickname
Altes Passwort +
Neues Passwort +
Homepage +
ICQ: +
Werbegrad: moderat: /> '; + } + ?> +
Chat: an: /> + aus: /> +
Account Löschschutz an: /> aus: /> +
  +
+
+ weiter...');