Hecht
/
agng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Code Säuberung

Browse Source 
2 weitere Usergruppen hinzugefügt
Charaktere können keine TF essen, wenn sie nicht 'frei' sind
Der Gewinner des WT bekommt die Möglichkeit, seinen Account vor der automatischen Löschung zu schützen.
main
radiskull 13 years ago
parent db79561dc1
commit 519f8f7ea0
5 changed files with 212 additions and 170 deletions
Show Stats Download Patch File Download Diff File

2
ag/gm/include/user.inc.php
Unescape View File

@ -40,7 +40,7 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
$username = validateName($name); $username = validateName($name);
if($username !== NULL) { if($username !== NULL) {
if ($delete !== NULL && $delete >= 0) { if ($delete !== NULL && $delete >= 0) {
removeUserToGroup($username, $delete); removeUserFromGroup($username, $delete);
} else if($add !== NULL && $add >= 0) { } else if($add !== NULL && $add >= 0) {
addUserToGroup($username, $add); addUserToGroup($username, $add);
} }

4
ag/include/usergroup.inc.php
Unescape View File

@ -12,6 +12,8 @@ define("tester", 2);
define("entwickler", 3); define("entwickler", 3);
define("designer", 4); define("designer", 4);
define("Werbung_an", 5); define("Werbung_an", 5);
define("inaktiv_loeschschutz", 6);
define("aktiv_loeschschutz", 7);
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php'); include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php');
@ -51,7 +53,7 @@ function isUserInGroup($usergrouparray, $group) {
return false; return false;
} }
function removeUserToGroup($user, $group) { function removeUserFromGroup($user, $group) {
if($user !== NULL) { if($user !== NULL) {
if ($group !== NULL && $group >= 0) { if ($group !== NULL && $group >= 0) {
$qry = 'DELETE FROM user_gruppe_zuordnung WHERE user_id in (SELECT id FROM user WHERE nickname = \''.$user. $qry = 'DELETE FROM user_gruppe_zuordnung WHERE user_id in (SELECT id FROM user WHERE nickname = \''.$user.

56
ag/item.php
Unescape View File

@ -41,7 +41,6 @@ else document.forms[0].elements['submit'].disabled=true;
$user = $user_ida; $user = $user_ida;
if ($charm == 1) { if ($charm == 1) {
$item_info1 = mysql_fetch_array(mysql_query("SELECT item_id, id, user FROM ware WHERE id='$item_id1' LIMIT 1")); $item_info1 = mysql_fetch_array(mysql_query("SELECT item_id, id, user FROM ware WHERE id='$item_id1' LIMIT 1"));
$item_info3 = mysql_fetch_array(mysql_query("SELECT preis, anzahl, hp, mp, starke, verteidigung, speed, s_type, type FROM item WHERE id='$item_info1[item_id]' LIMIT 1")); $item_info3 = mysql_fetch_array(mysql_query("SELECT preis, anzahl, hp, mp, starke, verteidigung, speed, s_type, type FROM item WHERE id='$item_info1[item_id]' LIMIT 1"));
$char_id1 = getChar($char_id2); $char_id1 = getChar($char_id2);
@ -64,23 +63,23 @@ if ($charm == 1) {
exit; exit;
} }
$hp1 = explode(",", $char_id1[hp]); $hp1 = explode(",", $char_id1['hp']);
$mp1 = explode(",", $char_id1[mp]); $mp1 = explode(",", $char_id1['mp']);
$st1 = explode(",", $item_info3[starke]); $st1 = explode(",", $item_info3['starke']);
$hp2 = explode(",", $item_info3[hp]); $hp2 = explode(",", $item_info3['hp']);
$mp2 = explode(",", $item_info3[mp]); $mp2 = explode(",", $item_info3['mp']);
$ver1 = explode(",", $item_info3[verteidigung]); $ver1 = explode(",", $item_info3['verteidigung']);
$speed1 = explode(",", $item_info3[speed]); $speed1 = explode(",", $item_info3['speed']);
$new_hp2 = $hp1[1] + $hp2[1]; $new_hp2 = $hp1[1] + $hp2[1];
$new_mp2 = $mp1[1] + $mp2[1]; $new_mp2 = $mp1[1] + $mp2[1];
$new_hp = $hp1[0] + $hp2[0]; $new_hp = $hp1[0] + $hp2[0];
$new_mp = $mp1[0] + $mp2[0]; $new_mp = $mp1[0] + $mp2[0];
$new_starke = $st1[0] + $char_id1[starke]; $new_starke = $st1[0] + $char_id1['starke'];
$new_ver = $ver1[0] + $char_id1[verteidigung]; $new_ver = $ver1[0] + $char_id1['verteidigung'];
$new_speed = $speed1[0] + $char_id1[speed]; $new_speed = $speed1[0] + $char_id1['speed'];
if ($new_hp > $hp1[1]) { if ($new_hp > $hp1[1]) {
$new_hp = $hp1[1]; $new_hp = $hp1[1];
@ -129,27 +128,35 @@ if ($charm == 6) {
$item_info = mysql_fetch_array(mysql_query("SELECT w.user, i.item, i.starke, i.ver, i.speed, i.ausdauer, i.hp, i.mp, i.glueck FROM wochen_ware w LEFT JOIN wochen_markt i ON(i.id=w.item) WHERE w.id='$sp_item' LIMIT 1")); $item_info = mysql_fetch_array(mysql_query("SELECT w.user, i.item, i.starke, i.ver, i.speed, i.ausdauer, i.hp, i.mp, i.glueck FROM wochen_ware w LEFT JOIN wochen_markt i ON(i.id=w.item) WHERE w.id='$sp_item' LIMIT 1"));
$char_id1 = getChar($char_id2); $char_id1 = getChar($char_id2);
if ($item_info[user] != $user[id]) { if ($item_info['user'] != $user['id']) {
displayErrorMessage(NULL,'Dieses Item gehört nicht dir', displayHistoryBackLink()); displayErrorMessage(NULL,'Dieses Item gehört nicht dir', displayHistoryBackLink());
exit; exit;
} }
if ($char_id1[besitzer] != $user[id]) { if ($char_id1['besitzer'] != $user['id']) {
displayErrorMessage(NULL,'Dieser Charakter gehört nicht dir!', displayHistoryBackLink()); displayErrorMessage(NULL,'Dieser Charakter gehört nicht dir!', displayHistoryBackLink());
exit; exit;
} }
if ($char_id1['status'] != 'frei') {
displayErrorMessage(NULL,'Dieser Charakter ist nicht frei!', displayHistoryBackLink());
exit;
}
echo 'vars:';
print_r($char_id1);
$hp1 = explode(",", $char_id1[hp]); $hp1 = explode(",", $char_id1['hp']);
$mp1 = explode(",", $char_id1[mp]); $mp1 = explode(",", $char_id1['mp']);
$new_hp2 = $hp1[1] + $item_info[hp]; $new_hp2 = $hp1[1] + $item_info['hp'];
$new_mp2 = $mp1[1] + $item_info[mp]; $new_mp2 = $mp1[1] + $item_info['mp'];
$new_starke = $item_info[starke] + $char_id1[starke]; $new_starke = $item_info['starke'] + $char_id1['starke'];
$new_ver = $item_info[ver] + $char_id1[verteidigung]; $new_ver = $item_info['ver'] + $char_id1['verteidigung'];
$new_speed = $item_info[speed] + $char_id1[speed]; $new_speed = $item_info['speed'] + $char_id1['speed'];
$new_ausdauer = $item_info[ausdauer] + $char_id1[ausdauer]; $new_ausdauer = $item_info['ausdauer'] + $char_id1['ausdauer'];
$new_glueck = $item_info[glueck] + $char_id1[glueck]; $new_glueck = $item_info['glueck'] + $char_id1['glueck'];
mysql_Query("UPDATE chars SET frucht='$item_info[item]', ausdauer='$new_ausdauer', glueck='$new_glueck', starke='$new_starke', verteidigung='$new_ver', speed='$new_speed', hp='$hp1[0],$new_hp2', mp='$mp1[0],$new_mp2' WHERE id='$char_id2' LIMIT 1"); mysql_Query("UPDATE chars SET frucht='$item_info[item]', ausdauer='$new_ausdauer', glueck='$new_glueck', starke='$new_starke', verteidigung='$new_ver', speed='$new_speed', hp='$hp1[0],$new_hp2', mp='$mp1[0],$new_mp2' WHERE id='$char_id2' LIMIT 1");
mysql_query("DELETE FROM wochen_ware WHERE id='$sp_item' LIMIT 1"); mysql_query("DELETE FROM wochen_ware WHERE id='$sp_item' LIMIT 1");
@ -163,6 +170,9 @@ $sql = "SELECT item_id, count(item_id) as anzahl, user, id, ru_mal FROM ware WHE
//echo $sql; //echo $sql;
$item2 = mysql_query($sql); $item2 = mysql_query($sql);
$item1 = mysql_query("SELECT item_id, id, ru_mal FROM ware WHERE user='$user[id]' group by item_id"); $item1 = mysql_query("SELECT item_id, id, ru_mal FROM ware WHERE user='$user[id]' group by item_id");
print_r($char_id1);
?> ?>
<div align="center"> <div align="center">
@ -171,7 +181,7 @@ $item1 = mysql_query("SELECT item_id, id, ru_mal FROM ware WHERE user='$user[id]
<tr> <tr>
<th align="center">Item nutzen</th> <th align="center">Item nutzen</th>
</tr> </tr>
<tr> <tr>
<td width="488" height="50" align="center"> <td width="488" height="50" align="center">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get"> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
<input type="hidden" name="as" value="item"> <input type="hidden" name="as" value="item">

318
ag/profil.php
Unescape View File

@ -21,6 +21,7 @@ $new_nick2 = validateName($_GET['new_nick2']);
$homepage = validateString($_GET['homepage']); $homepage = validateString($_GET['homepage']);
$chat = validateString($_GET['chat']); $chat = validateString($_GET['chat']);
$ads = validateString($_GET['ads']); $ads = validateString($_GET['ads']);
$acc_delete = validateString($_GET['acc_delete']);
$alt_pw = validateString($_GET['alt_pw']); $alt_pw = validateString($_GET['alt_pw']);
// Unkritisch // Unkritisch
@ -42,59 +43,73 @@ function isNickChanged($user){
} }
function changeProfil($user, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads){ function changeProfil($user, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads, $acc_delete){
if(!is_numeric($chat)){ if(!is_numeric($chat)){
displayErrorMessage(NULL,'Chat-Feld inkorrekt ausgefuellt!',''); displayErrorMessage(NULL,'Chat-Feld inkorrekt ausgefuellt!','');
return; return;
} }
if(!is_numeric($ads)){ if(!is_numeric($ads)){
displayErrorMessage(NULL,'Werbung-Feld inkorrekt ausgefuellt!',''); displayErrorMessage(NULL,'Werbung-Feld inkorrekt ausgefuellt!','');
return; return;
} }
if($new_nick == $new_nick2 && $new_nick !== ''){ if($new_nick == $new_nick2 && $new_nick !== ''){
$raw_nick = $new_nick; $raw_nick = $new_nick;
if(!isNickChanged($user) && $new_nick != $user['nickname'] && $raw_nick == $new_nick) { if(!isNickChanged($user) && $new_nick != $user['nickname'] && $raw_nick == $new_nick) {
$sql = 'Update user set nickname = \''.$new_nick.'\' where id = '.$user['id']; $sql = 'Update user set nickname = \''.$new_nick.'\' where id = '.$user['id'];
mysql_query($sql);
if(mysql_affected_rows() > 0){
$sql = 'Insert into user_rename(pre_name, post_name, datum, userid) values(\''.$user['nickname'].'\', \''.$new_nick.'\', now(), '.$user['id'].')';
// echo $sql;
mysql_query($sql); mysql_query($sql);
if(mysql_affected_rows() > 0){ displayErrorMessage('Nickname erfolgreich ge&auml;ndert','Ein neuer Login wird jedoch nun ben&ouml;tigt.','');
$sql = 'Insert into user_rename(pre_name, post_name, datum, userid) values(\''.$user['nickname'].'\', \''.$new_nick.'\', now(), '.$user['id'].')'; } else{
// echo $sql; displayErrorMessage('Fehler','Nickname konnte nicht ge&auml;ndert werden.','');
mysql_query($sql);
displayErrorMessage('Nickname erfolgreich ge&auml;ndert','Ein neuer Login wird jedoch nun ben&ouml;tigt.','');
} else{
displayErrorMessage('Fehler','Nickname konnte nicht ge&auml;ndert werden.','');
}
} else if($new_nick != $raw_nick){
displayErrorMessage('Neuer Nickname ung&uuml;ltig!','Es sind Sonderzeichen erlaubt!','');
} }
} else if($new_nick !== ''){ } else if($new_nick != $raw_nick){
displayErrorMessage('Neuer Nickname ung&uuml;ltig!','Es sind Sonderzeichen erlaubt!',''); displayErrorMessage('Neuer Nickname ung&uuml;ltig!','Es sind Sonderzeichen erlaubt!','');
} }
} else if($new_nick !== ''){
displayErrorMessage('Neuer Nickname ung&uuml;ltig!','Es sind Sonderzeichen erlaubt!','');
}
if($new_pw) { if($new_pw) {
if($new_pw == "") { if($new_pw == "") {
displayErrorMessage(NULL,'Neues Passwort nicht angegeben!',''); displayErrorMessage(NULL,'Neues Passwort nicht angegeben!','');
return; return;
}
$alt_pw = encryptPassword($alt_pw);
if($alt_pw != $user['passwort']) {
displayErrorMessage(NULL,'Passwort falsch!','');
return;
}
setPassword($user['nickname'], $new_pw);
} }
if($ads == 1) { $alt_pw = encryptPassword($alt_pw);
if(!isUserInGroup($usergroups, Werbung_an)) { if($alt_pw != $user['passwort']) {
addUserToGroup($user['nickname'], Werbung_an); displayErrorMessage(NULL,'Passwort falsch!','');
} return;
} else { }
if(isUserInGroup($usergroups, Werbung_an)) { setPassword($user['nickname'], $new_pw);
removeUserToGroup($user['nickname'], Werbung_an); }
} if($ads == 1) {
if(!isUserInGroup($usergroups, Werbung_an)) {
addUserToGroup($user['nickname'], Werbung_an);
}
} else {
if(isUserInGroup($usergroups, Werbung_an)) {
removeUserFromGroup($user['nickname'], Werbung_an);
}
}
echo 'Accountdelete: '.$acc_delete;
if($acc_delete == 1) {
if(!isUserInGroup($usergroups, aktiv_loeschschutz)) {
addUserToGroup($user['nickname'], aktiv_loeschschutz);
removeUserFromGroup($user['nickname'], inaktiv_loeschschutz);
} }
mysql_query('UPDATE user SET homepage=\''.$homepage.'\', icq=\''.$icq.'\', chat = '.$chat.' WHERE id=\''.$user['id'].'\''); } else if($acc_delete == 0) {
displayErrorMessage('Profil erfolgreich ge&auml;ndert','Sollte das Passwort ge&auml;ndert worden sein, ist ein erneuter Login erforderlich.',''); if(isUserInGroup($usergroups, aktiv_loeschschutz)) {
return mysql_fetch_assoc(mysql_query('Select * from user where id = '.$user['id'])); removeUserFromGroup($user['nickname'], aktiv_loeschschutz);
addUserToGroup($user['nickname'], inaktiv_loeschschutz);
}
}
mysql_query('UPDATE user SET homepage=\''.$homepage.'\', icq=\''.$icq.'\', chat = '.$chat.' WHERE id=\''.$user['id'].'\'');
displayErrorMessage('Profil erfolgreich ge&auml;ndert','Sollte das Passwort ge&auml;ndert worden sein, ist ein erneuter Login erforderlich.','');
return mysql_fetch_assoc(mysql_query('Select * from user where id = '.$user['id']));
} }
@ -104,109 +119,124 @@ function display($user, $usergroups){
} }
if($user['schnelllink'] == 2){ if($user['schnelllink'] == 2){
$char_schnell = 'selected'; $char_schnell = 'selected';
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
<input type="hidden" name="as" value="profil">
<input type="hidden" name="charm" value="1">
<table cellpadding="0" cellspacing="0" width="100%" height="51">
<tr>
<th colspan="2" align="center">Ihr Profil</th>
</tr>
<tr>
<th align="center">Nickname</th>
<td><?php echo $user['nickname']; ?></td>
</tr>
<?php
if(!isNickChanged($user)){
?>
<tr>
<th align="center">Neuer Nickname</th>
<td><input class="input" name="new_nick" value=""/></td>
</tr>
<tr>
<th align="center">Neuer Nickname</th>
<td><input class="input" name="new_nick2" value=""/></td>
</tr>
<?php
}
?>
<tr>
<th align="center">Altes Passwort</th>
<td>
<input id="input" name="alt_pw" type="password" size="35">
</td>
</tr>
<tr>
<th align="center">Neues Passwort</th>
<td>
<input id="input" name="new_pw" type="password" size="35">
</td>
</tr>
<tr>
<th align="center">Homepage</th>
<td>
<input id="input" name="homepage" size="35" value="<?php echo $user['homepage']; ?>">
</td>
</tr>
<tr>
<th align="center">ICQ:</th>
<td>
<input id="input" name="icq" size="35" value="<?php echo $user['icq']; ?>">
</td>
</tr>
<tr>
<th align="center">Werbegrad:</th>
<td>
<?php
if(!isUserInGroup($usergroups, Werbung_an)) {
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?>
moderat: <input type="radio" name="ads" value="0" <?php echo $che1; ?>/>
<?php
//if(!(getLayerAdvertisement() == '' or getLayerAdvertisement == null)){
echo 'hardcore: <input type="radio" name="ads" value="1"'.$che2.'/>';
//}
?>
</td>
</tr>
<tr>
<th align="center">Chat:</th>
<td>
<?php
if($user['chat'] == 1){
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
} }
?> ?>
an: <input type="radio" name="chat" value="1" <?php echo $che1; ?>/> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
aus: <input type="radio" name="chat" value="0"<?php echo $che2; ?> /> <input type="hidden" name="as" value="profil"> <input type="hidden"
</td> name="charm" value="1"> <input type="hidden" name="acc_delete"
</tr> value="-1">
<tr> <table cellpadding="0" cellspacing="0" width="100%" height="51">
<td>&nbsp;</td> <tr>
<td> <th colspan="2" align="center">Ihr Profil</th>
<input id="input" size="15" type="submit" value="&auml;ndern"> </tr>
</td> <tr>
</tr> <th align="center">Nickname</th>
<td><?php echo $user['nickname']; ?></td>
</table> </tr>
</form> <?php
<?php if(!isNickChanged($user)){
?>
<tr>
<th align="center">Neuer Nickname</th>
<td><input class="input" name="new_nick" value="" /></td>
</tr>
<tr>
<th align="center">Neuer Nickname</th>
<td><input class="input" name="new_nick2" value="" /></td>
</tr>
<?php
}
?>
<tr>
<th align="center">Altes Passwort</th>
<td><input id="input" name="alt_pw" type="password" size="35">
</td>
</tr>
<tr>
<th align="center">Neues Passwort</th>
<td><input id="input" name="new_pw" type="password" size="35">
</td>
</tr>
<tr>
<th align="center">Homepage</th>
<td><input id="input" name="homepage" size="35"
value="<?php echo $user['homepage']; ?>">
</td>
</tr>
<tr>
<th align="center">ICQ:</th>
<td><input id="input" name="icq" size="35"
value="<?php echo $user['icq']; ?>">
</td>
</tr>
<tr>
<th align="center">Werbegrad:</th>
<td><?php
if(!isUserInGroup($usergroups, Werbung_an)) {
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?> moderat: <input type="radio" name="ads" value="0"
<?php echo $che1; ?> /> <?php
if(!(getLayerAdvertisement() == '' or getLayerAdvertisement == null)){
echo 'hardcore: <input type="radio" name="ads" value="1"'.$che2.'/>';
}
?>
</td>
</tr>
<tr>
<th align="center">Chat:</th>
<td><?php
if($user['chat'] == 1){
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?> an: <input type="radio" name="chat" value="1" <?php echo $che1; ?> />
aus: <input type="radio" name="chat" value="0" <?php echo $che2; ?> />
</td>
</tr>
<tr>
<th align="center">Account L&ouml;schschutz</th>
<td><?php
$disabled = '';
$che1 = '';
$che2 = '';
if(isUserInGroup($usergroups, inaktiv_loeschschutz)){
$che1 = '';
$che2 = 'checked="checked"';
} else if (isUserInGroup($usergroups, aktiv_loeschschutz)){
$che1 = 'checked="checked"';
$che2 = '';
} else {
$disabled = 'disabled';
}
?> an: <input type="radio" name="acc_delete" value="1"
<?php echo $che1.' '.$disabled; ?> /> aus: <input type="radio"
name="acc_delete" value="0" <?php echo $che2.' '.$disabled; ?> />
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input id="input" size="15" type="submit" value="&auml;ndern">
</td>
</tr>
</table>
</form>
<?php
} }
if($charm == '1'){ if($charm == '1'){
$user_ida = changeProfil($user_ida, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads); $user_ida = changeProfil($user_ida, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads, $acc_delete);
$usergroups = getUserGroups($user_ida['nickname']); $usergroups = getUserGroups($user_ida['nickname']);
} }
display($user_ida, $usergroups); display($user_ida, $usergroups);

2
ag/turnier.php
Unescape View File

@ -45,7 +45,7 @@ function anmelden($user, $charid, $art){
} else{ } else{
$anzahl = 64; $anzahl = 64;
} }
// sehr speziell und deswegen nicht getChar(); // sehr speziell und deswegen nicht getChar();
$PRUEF = mysql_num_rows(mysql_query('SELECT id FROM chars WHERE id=\''.$charid.'\' '.$special_clue.' AND besitzer=\''.$user['id'].'\' LIMIT 1')); $PRUEF = mysql_num_rows(mysql_query('SELECT id FROM chars WHERE id=\''.$charid.'\' '.$special_clue.' AND besitzer=\''.$user['id'].'\' LIMIT 1'));
if(!$PRUEF) { if(!$PRUEF) {
displayErrorMessage(NULL,'Charakter erf&uuml;llt die Bestimungen nicht!','<a href="index.php?as=turnier&art='.$art.'">weiter...</a>'); displayErrorMessage(NULL,'Charakter erf&uuml;llt die Bestimungen nicht!','<a href="index.php?as=turnier&art='.$art.'">weiter...</a>');

Write Preview
Loading…
Cancel
Save