diff --git a/ag/clan/clan_info.php b/ag/clan/clan_info.php
index e43d0b6..7228342 100644
--- a/ag/clan/clan_info.php
+++ b/ag/clan/clan_info.php
@@ -40,8 +40,12 @@ if($clan_id == NULL){
 	}
 }
 
+if(isset($_GET['cancel'])) {
+	$action = NULL;
+}
 
-if(isset($_GET['value1']) || isset($_GET['value2'])) {
+
+if((isset($_GET['value1']) || isset($_GET['value2']) || isset($_GET['edited'])) && !isset($_GET['cancel'])) {
 	switch($what) {
 		case 'Banner':
 		case 'Homepage':
@@ -58,6 +62,10 @@ if(isset($_GET['value1']) || isset($_GET['value2'])) {
 			$value1 = validateUnsignedInteger($_GET['value1'], NULL);
 			$value2 = validateUnsignedInteger($_GET['value2'], NULL);
 			break;
+		case 'Member':
+			$value1 = validateUnsignedIntegerArray($_GET['value1'], NULL); // kicked members
+			$value2 = validateUnsignedIntegerArray($_GET['value2'], NULL); // whitelist members
+			break;
 	}
 }
 
@@ -254,8 +262,6 @@ function displayClanProfileEditable($clan, $userid){
 		}
 		if($userid == $row['id'] && $kickable){
 			$member[] = $tmp.' (<a href="index.php?as=clan/clan_info&action=fire&member='.$row['id'].'">verlassen</a>)';
-		} else if($kickable){
-			$member[] = $tmp.' (<a href="index.php?as=clan/clan_info&action=fire&member='.$row['id'].'">kicken</a>)';
 		} else{
 			$member[] = $tmp;
 		}
@@ -319,7 +325,8 @@ function displayClanProfileEditable($clan, $userid){
 		<td><?php echo $clan['clanz_pre'].' '.$clan['clanz_suff']; ?></td>
 	</tr>
 	<tr>
-		<th align="Left">Member (<?php echo $count.'/'.getMaximumMembers($clan['id']); ?>):</th>
+		<th align="Left">Member (<?php echo $count.'/'.getMaximumMembers($clan['id']); ?>):<br><a
+			href="index.php?as=clan/clan_info&action=edit&what=Member">(verwalten)</a></th>
 		<td><?php echo join('<br>',$member); ?></td>
 	</tr>
 	<?php
@@ -423,7 +430,7 @@ function displayClanProfile($clanid, $userid){
 	}
 }
 
-function setProfile($what, $value1, $value2, $clanid, $rootlvl){
+function setProfile($user, $what, $value1, $value2, $clanid, $rootlvl){
 	if($rootlvl < 1) {
 		return 'Du hast keine Rechte um diese Aktion auszuf&uuml;hren!';
 	}
@@ -471,6 +478,23 @@ function setProfile($what, $value1, $value2, $clanid, $rootlvl){
 				mysql_query($sql);
 			}
 			return NULL;
+		case 'Member':
+			// okay, now apply the changes!! --> first filter the values of value2 that are in value1
+			$value2 = array_diff($value2, $value1);
+			$clan = getClan($clanid);
+			
+			// now kick some asses ;)
+			foreach($value1 as $member) {
+				if($clan['leader'] == $member || $clan['coleader'] == $member) {
+					// we cannot kick the asses of the leaders!!
+					continue;
+				}
+				fireMember($user, $member);
+			}
+			updateAuthorizedClanfightCoordinators($clanid, $value2);
+			
+			displayEdit($what, $clanid, $rootlvl);
+			return NULL;
 		default:
 			return 'Error!';
 	}
@@ -519,6 +543,53 @@ function displayEdit($what, $clanid, $rootlvl){
 			break;
 		case 'Info':
 			$content = '<tr><td colspan="2"><textarea class="input" name="value1" rows="8" cols="40">'.debbcode($clan['info']).'</textarea></td></tr>';
+			break;
+		case 'Member':
+				$content = '<tr><td colspan="2" width="400px">'.PHP_EOL;
+				$content .= '<table width="100%">'.PHP_EOL;
+				$content .= '<tr><th align="center">Member</th><th align="center" width="75px">Kick</th><th align="center" width="75px">CF Rechte</th></tr>'.PHP_EOL;
+				$content .= '<tr><td align="center" colspan="3"><hr /><input type="hidden" name="edited" value="1"></td></tr>'.PHP_EOL;
+				$member_qry = mysql_query('Select id from user where clan = '.$clan['id']);
+				$authorized = getAuthorizedClanfightCoordinatorIDs($clanid);
+				$leader = NULL;
+				$coleader = NULL;
+				while($row = mysql_fetch_assoc($member_qry)){
+					$row['nickname'] = generateUserLinkByID($row['id'], false);
+					if($row['id'] == $clan['leader']){
+						$leader = $row;
+					} else if($row['id'] == $clan['co_leader']) {
+						$coleader = $row;
+					} else {
+						$member[] = $row;
+					}
+				}
+				
+				$i = 0;
+				
+				// Kay, first display the chief
+				if($leader != NULL) {
+					$content .= '<tr><td align="center">' . $leader['nickname'] . '</td><td align="center"><input name="value1['.$i.']" type="checkbox" disabled="disabled" value="'. $leader['id'] .'" /></td><td align="center"><input name="value2['.$i.']" type="checkbox" disabled="disabled" checked="checked" value="'. $leader['id'] .'" /></td></tr>'.PHP_EOL;
+					$i++;
+				}
+				
+				if($coleader != null) {
+					$content .= '<tr><td align="center">' . $coleader['nickname'] . '</td><td align="center"><input name="value1['.$i.']" type="checkbox" disabled="disabled" value="'. $coleader['id'] .'" /></td><td align="center"><input name="value2['.$i.']" type="checkbox" disabled="disabled" checked="checked" value="'. $coleader['id'] .'" /></td></tr>'.PHP_EOL;
+					$i++;
+				}
+				
+				foreach($member as $memb) {
+					if(in_array($memb['id'], $authorized)) {
+						$checked = 'checked="checked"';
+					} else {
+						$checked = '';
+					}
+					$content .= '<tr><td align="center">' . $memb['nickname'] . '</td><td align="center"><input name="value1['.$i.']" value="'.$memb['id'].'" type="checkbox"/></td><td align="center"><input name="value2['.$i.']" value="'.$memb['id'].'" type="checkbox" '.$checked.'/></td></tr>'.PHP_EOL;
+					$i++;
+				}								
+				
+				$content .= '<tr><td align="center" colspan="3"><hr /></td></tr>'.PHP_EOL;
+				$content .= '</table>'.PHP_EOL.'</td></tr>';
+				
 			break;
 		case 'ERROR':
 			break;
@@ -538,8 +609,10 @@ function displayEdit($what, $clanid, $rootlvl){
 		</tr>
 		<?php echo $content; ?>
 		<tr>
-			<td align="center" colspan="2"><input class="input" type="submit"
-				value="Edit" />
+			<td align="center" colspan="2">
+				<input class="input" type="submit" value="Edit" />
+				&nbsp;
+				<button name="cancel" value="1" id="input">Hauptmen&uuml;</button>
 			</td>
 		</tr>
 	</table>
@@ -567,7 +640,7 @@ if($action !== NULL) { // this is done to not require to reprogramm the whole st
 				displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink());
 				$displayMore = false;
 			} else if(isset($value1) || isset($value2)){
-				$errorMsg = setProfile($what, $value1, $value2, $user_ida['clan'], $rootlvl);
+				$errorMsg = setProfile($user_ida, $what, $value1, $value2, $user_ida['clan'], $rootlvl);
 			} else{
 				$errorMsg = displayEdit($what, $user_ida['clan'], $rootlvl);
 				$displayMore = false;
@@ -575,6 +648,8 @@ if($action !== NULL) { // this is done to not require to reprogramm the whole st
 			if($errorMsg !== NULL) {
 				displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink());
 				$displayMore = false;
+			} else if($what == 'Member') {
+				$displayMore = false;
 			}
 
 			break;
diff --git a/ag/include/clan_fights.inc.php b/ag/include/clan_fights.inc.php
index b46d22e..3d6c22c 100644
--- a/ag/include/clan_fights.inc.php
+++ b/ag/include/clan_fights.inc.php
@@ -756,6 +756,34 @@ function getClanFightCapableClanIds() {
 	return $ids;
 }
 
+
+function updateAuthorizedClanfightCoordinators($clan_id, array $user_ids) {
+	$ids = getAuthorizedClanfightCoordinatorIDs($clan_id);
+	
+	$add = array_diff($user_ids, $ids);
+	$remove = array_diff($ids, $user_ids);
+	
+	$sql = 'DELETE FROM `clan_challenge_whitelist` WHERE `user_id` IN (' . implode(',', $remove) .') AND `clan_id` = ' . $clan_id;
+//	echo $sql . '<br>';
+	mysql_query($sql);
+		
+	foreach($add as $user_id) {
+		$sql = 'INSERT INTO `clan_challenge_whitelist`(`user_id`, `clan_id`) values('.$user_id.', '.$clan_id.')';
+//		echo $sql . '<br>';
+		mysql_query($sql);
+	}
+}
+
+function getAuthorizedClanfightCoordinatorIDs($clan_id) {
+	$sql = 'SELECT user_id as id FROM `clan_challenge_whitelist` WHERE `clan_id` = '.$clan_id;
+	$qry = mysql_query($sql);
+	$return = array();
+	while($row = mysql_fetch_assoc($qry)) {
+		$return[] = $row['id'];
+	}
+	return $return;
+}
+
 /**
  * Checks if the user is authorized to coordinate clanfights (if a id is given, it checks this for a given clan_fight)
  *
diff --git a/ag/include/parse.inc.php b/ag/include/parse.inc.php
index bbd7028..12eef02 100644
--- a/ag/include/parse.inc.php
+++ b/ag/include/parse.inc.php
@@ -265,8 +265,11 @@ function validateInteger($value, $default){
 }
 
 function validateIntegerArray($value, $default){
-	for($i=0,$n=count($value);$i<$n;$i++){
-		$value[$i] = validateInteger($value[$i], $default);
+	if($value == null)
+		$value = array();
+	
+	foreach($value as $i => $v) {
+		$value[$i] = validateInteger($v, $default);
 	}
 	return $value;
 }
@@ -276,8 +279,11 @@ function validateUnsignedInteger($value, $default){
 }
 
 function validateUnsignedIntegerArray($value, $default){
-	for($i=0,$n=count($value);$i<$n;$i++){
-		$value[$i] = validateUnsignedInteger($value[$i], $default);
+	if($value == null)
+		$value = array();
+
+	foreach($value as $i => $v) {
+		$value[$i] = validateUnsignedInteger($v, $default);
 	}
 	return $value;
 }
@@ -287,8 +293,11 @@ function validateString($value){
 }
 
 function validateStringArray($value){
-	for($i=0,$n=count($value);$i<$n;$i++){
-		$value[$i] = validateString($value[$i]);
+	if($value == null)
+		$value = array();
+
+	foreach($value as $i => $v) {
+		$value[$i] = validateString($v);
 	}
 	return $value;
 }

Member	Kick	CF Rechte

' . $leader['nickname'] . '
' . $coleader['nickname'] . '
' . $memb['nickname'] . '