@ -21,6 +21,7 @@ $new_nick2 = validateName($_GET['new_nick2']);
$homepage = validateString($_GET['homepage']);
$homepage = validateString($_GET['homepage']);
$chat = validateString($_GET['chat']);
$chat = validateString($_GET['chat']);
$ads = validateString($_GET['ads']);
$ads = validateString($_GET['ads']);
$acc_delete = validateString($_GET['acc_delete']);
$alt_pw = validateString($_GET['alt_pw']);
$alt_pw = validateString($_GET['alt_pw']);
// Unkritisch
// Unkritisch
@ -42,59 +43,73 @@ function isNickChanged($user){
}
}
function changeProfil($user, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads){
function changeProfil($user, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads, $acc_delete){
if(!is_numeric($chat)){
if(!is_numeric($chat)){
displayErrorMessage(NULL,'Chat-Feld inkorrekt ausgefuellt!','');
displayErrorMessage(NULL,'Chat-Feld inkorrekt ausgefuellt!','');
return;
return;
}
}
if(!is_numeric($ads)){
if(!is_numeric($ads)){
displayErrorMessage(NULL,'Werbung-Feld inkorrekt ausgefuellt!','');
displayErrorMessage(NULL,'Werbung-Feld inkorrekt ausgefuellt!','');
return;
return;
}
}
if($new_nick == $new_nick2 & & $new_nick !== ''){
if($new_nick == $new_nick2 & & $new_nick !== ''){
$raw_nick = $new_nick;
$raw_nick = $new_nick;
if(!isNickChanged($user) & & $new_nick != $user['nickname'] & & $raw_nick == $new_nick) {
if(!isNickChanged($user) & & $new_nick != $user['nickname'] & & $raw_nick == $new_nick) {
$sql = 'Update user set nickname = \''.$new_nick.'\' where id = '.$user['id'];
$sql = 'Update user set nickname = \''.$new_nick.'\' where id = '.$user['id'];
mysql_query($sql);
if(mysql_affected_rows() > 0){
$sql = 'Insert into user_rename(pre_name, post_name, datum, userid) values(\''.$user['nickname'].'\', \''.$new_nick.'\', now(), '.$user['id'].')';
// echo $sql;
mysql_query($sql);
mysql_query($sql);
if(mysql_affected_rows() > 0){
displayErrorMessage('Nickname erfolgreich geä ndert','Ein neuer Login wird jedoch nun benö tigt.','');
$sql = 'Insert into user_rename(pre_name, post_name, datum, userid) values(\''.$user['nickname'].'\', \''.$new_nick.'\', now(), '.$user['id'].')';
} else{
// echo $sql;
displayErrorMessage('Fehler','Nickname konnte nicht geä ndert werden.','');
mysql_query($sql);
displayErrorMessage('Nickname erfolgreich geä ndert','Ein neuer Login wird jedoch nun benö tigt.','');
} else{
displayErrorMessage('Fehler','Nickname konnte nicht geä ndert werden.','');
}
} else if($new_nick != $raw_nick){
displayErrorMessage('Neuer Nickname ungü ltig!','Es sind Sonderzeichen erlaubt!','');
}
}
} else if($new_nick !== '' ){
} else if($new_nick != $raw_nick){
displayErrorMessage('Neuer Nickname ungü ltig!','Es sind Sonderzeichen erlaubt!','');
displayErrorMessage('Neuer Nickname ungü ltig!','Es sind Sonderzeichen erlaubt!','');
}
}
} else if($new_nick !== ''){
displayErrorMessage('Neuer Nickname ungü ltig!','Es sind Sonderzeichen erlaubt!','');
}
if($new_pw) {
if($new_pw) {
if($new_pw == "") {
if($new_pw == "") {
displayErrorMessage(NULL,'Neues Passwort nicht angegeben!','');
displayErrorMessage(NULL,'Neues Passwort nicht angegeben!','');
return;
return;
}
$alt_pw = encryptPassword($alt_pw);
if($alt_pw != $user['passwort']) {
displayErrorMessage(NULL,'Passwort falsch!','');
return;
}
setPassword($user['nickname'], $new_pw);
}
}
if($ads == 1) {
$alt_pw = encryptPassword($alt_pw);
if(!isUserInGroup($usergroups, Werbung_an)) {
if($alt_pw != $user['passwort']) {
addUserToGroup($user['nickname'], Werbung_an);
displayErrorMessage(NULL,'Passwort falsch!','');
}
return;
} else {
}
if(isUserInGroup($usergroups, Werbung_an)) {
setPassword($user['nickname'], $new_pw);
removeUserToGroup($user['nickname'], Werbung_an);
}
}
if($ads == 1) {
if(!isUserInGroup($usergroups, Werbung_an)) {
addUserToGroup($user['nickname'], Werbung_an);
}
} else {
if(isUserInGroup($usergroups, Werbung_an)) {
removeUserFromGroup($user['nickname'], Werbung_an);
}
}
echo 'Accountdelete: '.$acc_delete;
if($acc_delete == 1) {
if(!isUserInGroup($usergroups, aktiv_loeschschutz)) {
addUserToGroup($user['nickname'], aktiv_loeschschutz);
removeUserFromGroup($user['nickname'], inaktiv_loeschschutz);
}
}
mysql_query('UPDATE user SET homepage=\''.$homepage.'\', icq=\''.$icq.'\', chat = '.$chat.' WHERE id=\''.$user['id'].'\'');
} else if($acc_delete == 0) {
displayErrorMessage('Profil erfolgreich geä ndert','Sollte das Passwort geä ndert worden sein, ist ein erneuter Login erforderlich.','');
if(isUserInGroup($usergroups, aktiv_loeschschutz)) {
return mysql_fetch_assoc(mysql_query('Select * from user where id = '.$user['id']));
removeUserFromGroup($user['nickname'], aktiv_loeschschutz);
addUserToGroup($user['nickname'], inaktiv_loeschschutz);
}
}
mysql_query('UPDATE user SET homepage=\''.$homepage.'\', icq=\''.$icq.'\', chat = '.$chat.' WHERE id=\''.$user['id'].'\'');
displayErrorMessage('Profil erfolgreich geä ndert','Sollte das Passwort geä ndert worden sein, ist ein erneuter Login erforderlich.','');
return mysql_fetch_assoc(mysql_query('Select * from user where id = '.$user['id']));
}
}
@ -104,109 +119,124 @@ function display($user, $usergroups){
}
}
if($user['schnelllink'] == 2){
if($user['schnelllink'] == 2){
$char_schnell = 'selected';
$char_schnell = 'selected';
}
?>
< form action = " <?php echo $_SERVER [ 'PHP_SELF' ]; ?> " method = "get" >
< input type = "hidden" name = "as" value = "profil" >
< input type = "hidden" name = "charm" value = "1" >
< table cellpadding = "0" cellspacing = "0" width = "100%" height = "51" >
< tr >
< th colspan = "2" align = "center" > Ihr Profil< / th >
< / tr >
< tr >
< th align = "center" > Nickname< / th >
< td > <?php echo $user [ 'nickname' ]; ?> </ td >
< / tr >
<?php
if(!isNickChanged($user)){
?>
< tr >
< th align = "center" > Neuer Nickname< / th >
< td > < input class = "input" name = "new_nick" value = "" / > < / td >
< / tr >
< tr >
< th align = "center" > Neuer Nickname< / th >
< td > < input class = "input" name = "new_nick2" value = "" / > < / td >
< / tr >
<?php
}
?>
< tr >
< th align = "center" > Altes Passwort< / th >
< td >
< input id = "input" name = "alt_pw" type = "password" size = "35" >
< / td >
< / tr >
< tr >
< th align = "center" > Neues Passwort< / th >
< td >
< input id = "input" name = "new_pw" type = "password" size = "35" >
< / td >
< / tr >
< tr >
< th align = "center" > Homepage< / th >
< td >
< input id = "input" name = "homepage" size = "35" value = " <?php echo $user [ 'homepage' ]; ?> " >
< / td >
< / tr >
< tr >
< th align = "center" > ICQ:< / th >
< td >
< input id = "input" name = "icq" size = "35" value = " <?php echo $user [ 'icq' ]; ?> " >
< / td >
< / tr >
< tr >
< th align = "center" > Werbegrad:< / th >
< td >
<?php
if(!isUserInGroup($usergroups, Werbung_an)) {
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?>
moderat: < input type = "radio" name = "ads" value = "0" <?php echo $che1 ; ?> />
<?php
//if(!(getLayerAdvertisement() == '' or getLayerAdvertisement == null)){
echo 'hardcore: < input type = "radio" name = "ads" value = "1" ' . $ che2 . ' / > ';
//}
?>
< / td >
< / tr >
< tr >
< th align = "center" > Chat:< / th >
< td >
<?php
if($user['chat'] == 1){
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
}
?>
?>
an: < input type = "radio" name = "chat" value = "1" <?php echo $che1 ; ?> />
< form action = " <?php echo $_SERVER [ 'PHP_SELF' ]; ?> " method = "get" >
aus: < input type = "radio" name = "chat" value = "0" <?php echo $che2 ; ?> />
< input type = "hidden" name = "as" value = "profil" > < input type = "hidden"
< / td >
name="charm" value="1"> < input type = "hidden" name = "acc_delete"
< / tr >
value="-1">
< tr >
< table cellpadding = "0" cellspacing = "0" width = "100%" height = "51" >
< td > < / td >
< tr >
< td >
< th colspan = "2" align = "center" > Ihr Profil< / th >
< input id = "input" size = "15" type = "submit" value = "ändern" >
< / tr >
< / td >
< tr >
< / tr >
< th align = "center" > Nickname< / th >
< td > <?php echo $user [ 'nickname' ]; ?> </ td >
< / table >
< / tr >
< / form >
<?php
<?php
if(!isNickChanged($user)){
?>
< tr >
< th align = "center" > Neuer Nickname< / th >
< td > < input class = "input" name = "new_nick" value = "" / > < / td >
< / tr >
< tr >
< th align = "center" > Neuer Nickname< / th >
< td > < input class = "input" name = "new_nick2" value = "" / > < / td >
< / tr >
<?php
}
?>
< tr >
< th align = "center" > Altes Passwort< / th >
< td > < input id = "input" name = "alt_pw" type = "password" size = "35" >
< / td >
< / tr >
< tr >
< th align = "center" > Neues Passwort< / th >
< td > < input id = "input" name = "new_pw" type = "password" size = "35" >
< / td >
< / tr >
< tr >
< th align = "center" > Homepage< / th >
< td > < input id = "input" name = "homepage" size = "35"
value="<?php echo $user [ 'homepage' ]; ?> ">
< / td >
< / tr >
< tr >
< th align = "center" > ICQ:< / th >
< td > < input id = "input" name = "icq" size = "35"
value="<?php echo $user [ 'icq' ]; ?> ">
< / td >
< / tr >
< tr >
< th align = "center" > Werbegrad:< / th >
< td > <?php
if(!isUserInGroup($usergroups, Werbung_an)) {
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?> moderat: < input type = "radio" name = "ads" value = "0"
<?php echo $che1 ; ?> /> <?php
if(!(getLayerAdvertisement() == '' or getLayerAdvertisement == null)){
echo 'hardcore: < input type = "radio" name = "ads" value = "1" ' . $ che2 . ' / > ';
}
?>
< / td >
< / tr >
< tr >
< th align = "center" > Chat:< / th >
< td > <?php
if($user['chat'] == 1){
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?> an: < input type = "radio" name = "chat" value = "1" <?php echo $che1 ; ?> />
aus: < input type = "radio" name = "chat" value = "0" <?php echo $che2 ; ?> />
< / td >
< / tr >
< tr >
< th align = "center" > Account Lö schschutz< / th >
< td > <?php
$disabled = '';
$che1 = '';
$che2 = '';
if(isUserInGroup($usergroups, inaktiv_loeschschutz)){
$che1 = '';
$che2 = 'checked="checked"';
} else if (isUserInGroup($usergroups, aktiv_loeschschutz)){
$che1 = 'checked="checked"';
$che2 = '';
} else {
$disabled = 'disabled';
}
?> an: < input type = "radio" name = "acc_delete" value = "1"
<?php echo $che1 . ' ' . $disabled ; ?> /> aus: < input type = "radio"
name="acc_delete" value="0" <?php echo $che2 . ' ' . $disabled ; ?> />
< / td >
< / tr >
< tr >
< td > < / td >
< td > < input id = "input" size = "15" type = "submit" value = "ändern" >
< / td >
< / tr >
< / table >
< / form >
<?php
}
}
if($charm == '1'){
if($charm == '1'){
$user_ida = changeProfil($user_ida, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads);
$user_ida = changeProfil($user_ida, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads, $acc_delete );
$usergroups = getUserGroups($user_ida['nickname']);
$usergroups = getUserGroups($user_ida['nickname']);
}
}
display($user_ida, $usergroups);
display($user_ida, $usergroups);