From 9813e7c62f52dc8b5970084d4a283dec6ff435ab Mon Sep 17 00:00:00 2001 From: hecht Date: Thu, 1 Sep 2011 08:12:44 +0000 Subject: [PATCH] Ported some changes from the independent branch to the ag 1.0 trunk. This basicly implies all the clan invitation stuff. Additionally the user controll is cleaned up a bit. This checkin requires the user_clan_invitations table and some changes in the clan table (replacement clanzeichen,pw to clanz_pre, clanz_suff). See the database file for more information. --- ag/clan/add.php | 281 +++++----- ag/clan/clan_info.php | 609 ++++++++++++++++++--- ag/clan/del.php | 28 - ag/clan/index.php | 87 --- ag/clan/new.php | 77 +-- ag/clan/post.php | 144 ++++- ag/clan/profil.php | 220 -------- ag/inclu/user-controll.php | 43 +- ag/include/clan.inc.php | 81 +++ ag/include/config/settings_example.inc.php | 8 + ag/include/designfunctions.inc.php | 58 +- ag/include/messagefunctions.inc.php | 6 + ag/info.php | 49 +- db/animegame_svn.sql | 23 +- 14 files changed, 1058 insertions(+), 656 deletions(-) delete mode 100644 ag/clan/del.php delete mode 100644 ag/clan/index.php delete mode 100644 ag/clan/profil.php create mode 100644 ag/include/clan.inc.php diff --git a/ag/clan/add.php b/ag/clan/add.php index de80f02..2c14fc7 100644 --- a/ag/clan/add.php +++ b/ag/clan/add.php @@ -5,7 +5,6 @@ * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence * */ - include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php'); @@ -13,149 +12,173 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php'); // GET-Section // Kritisch (SQL-Injections) -$clan_name = validateName($_GET['clan_name']); -$clan_pw = validateString($_GET['clan_pw']); +$clanid = validateUnsignedInteger($_GET['clanid'], null); $poll1 = validateString($_GET['poll1']); $poll2 = validateString('ASC'); $pagenum = validateUnsignedInteger($_GET['pagenum'], null); // Unkritisch -$charm = $_GET['charm']; +$action = $_GET['action']; $user = $user_ida; -if ($charm == 1) { - $clan = mysql_fetch_assoc(mysql_query('SELECT *, (Select 10 - count(*) from user u where clan = c.id and ((c.leader is null || c.leader != u.id) and (c.co_leader is null || c.co_leader != u.id))) as freeslots FROM clan c WHERE clanname=\''.$clan_name.'\' AND pw=\''.$clan_pw.'\'')); - - if (!$clan['id']) { - displayErrorMessage(NULL, 'Clanname oder Clanpasswort ist falsch!', displayHistoryBackLink()); - exit; - } - if ($user['clan'] != 0) { - displayErrorMessage(NULL, 'Du bist schon in einem Clan!', displayHistoryBackLink()); - exit; +function joinClan($user, $clanid){ + $sql = 'SELECT * FROM user_clan_invitations WHERE userid = '.$user['id'].' and clanid = '.$clanid.' and valid > now();'; + $clan_user = mysql_fetch_assoc(mysql_query($sql)); + + if($clan_user){ + $sql = 'Select *, (Select member - count(*) from user u where clan = c.id and ((c.leader is null || c.leader != u.id) and (c.co_leader is null || c.co_leader != u.id))) as freeslots from clan c where id = '.$clanid; +// echo $sql . '
'; + $clan = mysql_fetch_assoc(mysql_query($sql)); + if($clan['freeslots'] <= 0){ + displayErrorMessage(NULL,'Konnte die Einladung des Clans nicht annehmen (Clan voll)!',displayHistoryBackLink()); + return; + } else{ + $sql = 'UPDATE user SET clan = '.$clanid.' WHERE id = '.$user['id']; + // echo $sql.'
'; + mysql_query($sql); + + // unset the leader if the user is moving from one clan to another + mysql_query('UPDATE clan SET leader = NULL WHERE leader = ' .$user['id']); + mysql_query('UPDATE clan SET co_leader = NULL WHERE co_leader = ' .$user['id']); + + displayErrorMessage('Aufgenommen','Du wurdest erfolgreich in den Clan aufgenommen!','weiter'); + } + } else{ + displayErrorMessage(NULL,'Konnte die Einladung des Clans nicht annehmen!',displayHistoryBackLink()); + return; } + mysql_query('DELETE FROM user_clan_invitations WHERE userid = '.$user['id'].' and clanid = '.$clanid); +} - if ($clan['freeslots'] <= 0) { // Keine Plätze mehr frei - displayErrorMessage(NULL, 'Der Clan ist voll!', displayHistoryBackLink()); - exit; +function denyClan($user, $clanid){ + mysql_query('DELETE FROM user_clan_invitations WHERE userid = '.$user['id'].' and clanid = '.$clanid); + if(mysql_affected_rows() > 0){ + displayErrorMessage('Abgelehnt','Du hast die Einladung erfolgreich abgelehnt!','weiter'); + } else{ + displayErrorMessage(NULL,'Einladung des Clans konnte nicht abgelehnt werden!',displayHistoryBackLink()); } - - mysql_query('UPDATE user SET clan='.$clan['id'].' WHERE id='.$user_ida['id']); - - displayErrorMessage(NULL, 'Du bist jetzt im '.$clan_name.' Clan', 'weiter...'); - exit; } -?> -
- - - - - - - - - - - - - - - - - - - - - - - - - + ?> - - - - - - - - + + +
-

Clan Beitreten

 

-

Clanname

-  
-

Clan Passwort

-   -
-

Clanname'; ?>

-

Leader"; ?>

-

Mitglieder

-

Geld"; ?>

-

Info

-

Beitreten

-

-

-

-

-

Info'; ?>

-

Beitreten'; ?>

+ + + + + + + + now();'; + $qry = mysql_query($sql); + while($row = mysql_fetch_assoc($qry)){ + ?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ###LABEL###'; + ?> + + + + +
Erhaltene + Claneinladungen
ClannameDeadlineReagieren
+ + Akzeptieren + | Ablehnen +
 
Übersicht + aller Clans
Clanname'; ?> + Leader'; ?> + MitgliederGeld'; ?> + Info
+ + + + +
+
+
$i) { - - $seiten .= ' '.$z.' '; - $z++; - $i++; } ?> - -  Seite - - - - - - diff --git a/ag/clan/clan_info.php b/ag/clan/clan_info.php index f961d1e..c3d038e 100644 --- a/ag/clan/clan_info.php +++ b/ag/clan/clan_info.php @@ -6,97 +6,556 @@ * */ -include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/designfunctions.inc.php'); -include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php'); +include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/clan.inc.php'); +include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php'); + + // GET-Section + +if(isset($_GET['action'])) { + $action = $_GET['action']; +} else { + $action = NULL; +} + +//Unkritisch +if(isset($_GET['what'])) { + $what = $_GET['what']; +} else { + $what = NULL; +} + // Kritisch (SQL-Injections) $clan_id = validateUnsignedInteger($_GET['clan_id'], null); -//Unkritisch +$member = validateUnsignedInteger($_GET['member'], NULL); +$text = validateString($_GET['text']); -function displayClanProfile($clanid){ - $sql = 'SELECT * FROM clan where clan.id = '.$clanid; - $clan = mysql_fetch_assoc(mysql_query($sql)); - $clan_zeichen = explode(",", $clan['clanzeichen']); - $member_qry = mysql_query('Select nickname, id from user where clan = '.$clan['id']); +$displayMore = true; + +if($clan_id == NULL){ + if($user_ida['clan'] != null){ + $clan_id = $user_ida['clan']; + } else { + $displayMore = false; + } +} + +if(isset($_GET['value1'])) { + if($what == 'Banner'){ + $value1 = validateURL($_GET['value1']); + } else if($what == 'Homepage' || $what == 'Info' || $what == 'Clan Passwort'){ + $value1 = validateString($_GET['value1']); + } else if($what == 'Clanzeichen'){ + $value1 = validateString($_GET['value1']); + $value2 = validateString($_GET['value2']); + } else if($what == 'Leadership') { + $value1 = validateUnsignedInteger($_GET['value1'], NULL); + $value2 = validateUnsignedInteger($_GET['value2'], NULL); + } +} + + + +function displayClanProfileReadOnly($clan, $ownclan, $userid){ + $member_qry = mysql_query('Select id from user where clan = '.$clan['id']); $count = mysql_num_rows($member_qry); + $member = array(); while($row = mysql_fetch_assoc($member_qry)){ - $member[] = displayUserLink($row['id'], $row['nickname'], $clan_zeichen[0], $clan_zeichen[1]); + $tmp = displayUserLinkByID($row['id']); + if($row['id'] == $userid){ + $member[] = $tmp.' (verlassen)'; + } else{ + $member[] = $tmp; + } if($row['id'] == $clan['leader']){ - $leader = $row; - } else if($row['id'] == $clan['co_leader']){ - $coleader = $row; + $leader = $tmp; + } + if($row['id'] == $clan['co_leader']){ + $coleader = $tmp; } - } + } + + $inv_qry = mysql_query('SELECT userid, TIMESTAMPDIFF(HOUR, now(), valid) as till FROM user_clan_invitations WHERE clanid = '.$clan['id'].' and valid > now()'); + $invited = array(); + + while($row = mysql_fetch_assoc($inv_qry)) { + $invited[] = displayUserLinkByID($row['userid']) . ' (noch ' . $row['till'] . 'h gültig)'; + } + ?> -
- - - - +
+
Info
+ + + + + + + + + + + Macht übernehmen'; + } else { + echo ''; + } + } else{ + echo ''; + } + ?> + + + '.$coleader.''; + } + ?> + + + + + + + + + + - - - + + + + + + + + + + + '.$clan['homepage'].''; + } else{ + echo ''; } ?> - - - - - - - - - - - - - - - - - - - - - - - '.$clan['homepage'].''; - } else{ - echo ''; - } - ?> - - - - - - - - - -
+ Info
Leader:Keine Leader'.$leader.'
Co-Leader:
Clanzeichen:
Member ():',$member); ?>
Eingeladen
Level:
Homepage: Keine
Leader:
Co-Leader:
Clanzeichen:
Member ():',$member); ?>
Level:
Homepage:Keine
Info:
-
- - + + Info: + + + +   + + +
+ + + + + + + + + + + +
Nachricht an alle Clanmember schicken
 
 
+
+ + + + + + + Dies ist keine Zahl

'; -} else { - /* Pr�fen ob die �bergebene oder eingegebene ID in der Tabelle der Clans vorhanden ist */ - $clanvorhanden = mysql_num_rows(mysql_query('SELECT id FROM clan where id = '.$clan_id)); - /* Wenn keine Datensatz mit dieser ID vorhanden ist, ist die Variable $clanvorhanden 0 */ - if ($clanvorhanden == 0) { - echo '

Einen Clan mit dieser ID exisitert nicht!

'; - /* Wenn es einen Datensatz mit der ID in der Tabelle gibt, werden die Claninformationen angezeigt */ + +function displayClanProfileEditable($clan, $userid){ + $member_qry = mysql_query('Select id from user where clan = '.$clan['id']); + $member = array(); + $count = mysql_num_rows($member_qry); + while($row = mysql_fetch_assoc($member_qry)){ + $tmp = displayUserLinkByID($row['id']); + $kickable = true; + + if($row['id'] == $clan['leader']){ + $leader = $tmp; + $kickable = false; + } + if($row['id'] == $clan['co_leader']){ + $coleader = $tmp; + $kickable = false; + } + if($userid == $row['id'] && $kickable){ + $member[] = $tmp.' (verlassen)'; + } else if($kickable){ + $member[] = $tmp.' (kicken)'; + } else{ + $member[] = $tmp; + } + } + + $inv_qry = mysql_query('SELECT userid, TIMESTAMPDIFF(HOUR, now(), valid) as till FROM user_clan_invitations WHERE clanid = '.$clan['id'].' and valid > now()'); + $invited = array(); + + while($row = mysql_fetch_assoc($inv_qry)) { + $invited[] = displayUserLinkByID($row['userid']) . ' (noch ' . $row['till'] . 'h gültig, zurückziehen)'; + } + + + ?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + '.$clan['homepage'].''; + } else{ + echo ''; + } + ?> + + + + + + + + + + + + + + +
+ Info
+
(edit) +
Leader:(edit) +
Co-Leader:(edit) +
Clanzeichen:(edit) +
Member ():',$member); ?>
Eingeladen
Level:
Homepage:(edit) + Keine
Info:(edit)
Clan auflösenClan + löschen
 
+
+ + + + + + + + + + + +
Nachricht an alle Clanmember schicken
 
 
+
+
+ '; + $clan = mysql_fetch_assoc(mysql_query($sql)); + $editable = $clan['leader'] == $user['id'] || $clan['co_leader'] == $user['id']; + if(!$editable){ + displayClanProfileReadOnly($clan, $user['clan'] == $clan['id'], $user['id']); + } else{ + displayClanProfileEditable($clan, $user['id']); + } +} + + +function setMeAsLeader($user){ + mysql_query('UPDATE clan set leader = '.$user['id'].' WHERE id = '.$user['clan'].' and leader is null and co_leader is null'); +} + +function sendClanNewsletter($user, $text){ + $qry = mysql_query('SELECT * FROM clan WHERE id = ' . $user['clan']); + $clan = mysql_fetch_assoc($qry); + + $errors = FALSE; + $sql = 'SELECT id FROM user WHERE clan='.$user['clan']; + $clans = mysql_query($sql); + while($row = mysql_fetch_assoc($clans)) { + $errors |= !sendMessage($user['nickname'], $row['id'], $clan['clanname'].' Nachricht', $text); + } + if($errors) { + displayErrorMessage(NULL,'Beim Versenden sind Fehler aufgetreten', 'weiter...'); } else { - displayClanProfile($clan_id); + displayErrorMessage(NULL,'Nachricht erfolgreich verschickt', 'weiter...'); + } +} + +function setProfile($what, $value1, $value2, $clanid, $root){ + + switch($what){ + case 'Homepage': + mysql_query('UPDATE clan SET homepage = \''.$value1.'\' where id = '.$clanid); + return; + case 'Clanzeichen': + mysql_query('UPDATE clan SET clanz_pre = \''.$value1.'\', clanz_suff = \''.$value2.'\' where id = '.$clanid); + return; + case 'Banner': + mysql_query('UPDATE clan SET banner = \''.$value1.'\' where id = '.$clanid); + return; + case 'Info': + mysql_query('UPDATE clan SET Info = \''.$value1.'\' where id = '.$clanid); + return; + case 'Leadership': + if($value1 == 0){$value1 = 'null';} + if($value2 == 0){$value2 = 'null';} + if(!$root){ + $sql = 'UPDATE clan SET co_leader = '.$value2.' where id = '.$clanid; + mysql_query($sql); + } else{ + $sql = 'UPDATE clan SET leader = '.$value1.', co_leader = '.$value2.' where id = '.$clanid; + // echo $sql.'
'; + mysql_query($sql); + } + return; + default: + echo 'Error!'; + return; + } +} + +function displayEdit($what, $clanid, $root){ + $clan_qry = mysql_query('Select * from clan where id = '.$clanid); + $clan = mysql_fetch_assoc($clan_qry); + + $content = ''; + switch($what){ + case 'Homepage': + $content = ''; + break; + case 'Clanzeichen': + $content = 'Prefix: Suffix: '; + break; + case 'Banner': + $content = ''; + break; + case 'Leadership': + $member_qry = mysql_query('Select id, nickname from user where clan = '.$clanid); + $member[] = ''; + $member2[] = ''; + while($row = mysql_fetch_assoc($member_qry)){ + if($row['id'] == $clan['leader']) { + $member[] = ''; + } else { + $member[] = ''; + } + + if($row['id'] == $clan['co_leader']) { + $member2[] = ''; + } else { + $member2[] = ''; + } + + } + if($root){ + $content = 'Leader:'; + } + $content .= 'Co-Leader:'; + break; + case 'Info': + $content = ''; + break; + case 'Clan Passwort': + $content = ''; + break; + default: + $content = 'Error '.$what.' unknown!'; + break; + } + + ?> +
+ + + + + + + + + +
Ändern
+
+
+ '; + mysql_query($sql); + if(mysql_affected_rows() > 0){ // Soll nur ausgeführt werden, wenn member wirklich gekickt wurde!! + $sql = 'Update chars set clan_train = NULL where besitzer = '.$member; + mysql_query($sql); + } + } else{ + echo displayErrorMessage(NULL, 'Du kannst den Member nicht feuern!', displayHistoryBackLink()); } } + +function deleteClan($user){ + $row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user['clan'])); + if($user['id'] == $row['leader']){ + mysql_query('DELETE FROM clan where id = '.$user['clan']); + } else{ + echo displayErrorMessage(NULL, 'Du kannst den Clan nicht auflösen!', displayHistoryBackLink()); + } +} + + + + +//if($edit == 1){ +// $row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user_ida['clan'])); +// if($row['leader'] != $user_ida['id'] && $row['co_leader'] != $user_ida['id']){ +// displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink()); +// } else if(isset($value1)){ +// setProfile($what, $value1, $value2, $user_ida['clan'], $row['leader'] == $user_ida['id'] || $row['leader'] === null); +// } else{ +// displayEdit($what, $user_ida['clan'],$row['leader'] == $user_ida['id'] || $row['leader'] === null); +// $displayMore = false; +// } +//} else if($putsch == 1){ +// setMeAsLeader($user_ida); +//} else if($fire == 1){ +// fireMember($user_ida, $member); +//} else if($kill == 1){ +// deleteClan($user_ida); +//} else if($reject == 1) { +// $errorMsg = revokeInvitation($user_ida, $member); +// if($errorMsg !== NULL) { +// echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink()); +// $displayMore = false; +// } else { +// displayErrorMessage('','Du hast die Einladung erfolgreich zurückgezogen!', 'weiter'); +// $displayMore = false; +// } +//} + + + + +if($action !== NULL) { // this is done to not require to reprogramm the whole stuff! + switch ($action) { + case 'edit': + $row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user_ida['clan'])); + if($row['leader'] != $user_ida['id'] && $row['co_leader'] != $user_ida['id']){ + displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink()); + } else if(isset($value1)){ + setProfile($what, $value1, $value2, $user_ida['clan'], $row['leader'] == $user_ida['id'] || $row['leader'] === null); + } else{ + displayEdit($what, $user_ida['clan'],$row['leader'] == $user_ida['id'] || $row['leader'] === null); + $displayMore = false; + } + break; + case 'fire': + fireMember($user_ida, $member); + break; + case 'putsch': + setMeAsLeader($user_ida); + break; + case 'kill': + deleteClan($user_ida); + break; + case 'reject': + $errorMsg = revokeInvitation($user_ida, $member); + if($errorMsg !== NULL) { + echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink()); + $displayMore = false; + } else { + displayErrorMessage('','Du hast die Einladung erfolgreich zurückgezogen!', 'weiter'); + $displayMore = false; + } + break; + case 'newsletter': + sendClanNewsletter($user_ida, $text); + $displayMore = false; + break; + default: + break; + } +} + +if($displayMore){ + displayClanProfile($clan_id, $user_ida); +} ?> \ No newline at end of file diff --git a/ag/clan/del.php b/ag/clan/del.php deleted file mode 100644 index 054123e..0000000 --- a/ag/clan/del.php +++ /dev/null @@ -1,28 +0,0 @@ -Ja | '.displayHistoryBackLink()); -} -if($charm == 1) { - $dl = mysql_fetch_array(mysql_query("SELECT id FROM clan WHERE id='$user_ida[clan]' AND leader='$user_ida[id]' LIMIT 1")); - if($dl['id']) { - mysql_query("DELETE FROM clan WHERE id='$user_ida[clan]' AND leader='$user_ida[id]' LIMIT 1"); - mysql_query("DELETE FROM clan_ware WHERE clan='$dl[id]'"); - - mysql_query("UPDATE user SET clan=NULL WHERE clan='$user_ida[clan]' LIMIT 1"); - displayErrorMessage(NULL,'Clan erfolgreich gelöscht', 'weiter...'); - } -} \ No newline at end of file diff --git a/ag/clan/index.php b/ag/clan/index.php deleted file mode 100644 index a2c43b2..0000000 --- a/ag/clan/index.php +++ /dev/null @@ -1,87 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - -
-

Clan Mitglieder

-

Nickname

 kicken"; } ?>
-

Charakter

 
-

\ No newline at end of file diff --git a/ag/clan/new.php b/ag/clan/new.php index 040a696..e6e5c3b 100644 --- a/ag/clan/new.php +++ b/ag/clan/new.php @@ -5,7 +5,6 @@ * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence * */ - include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php'); @@ -13,7 +12,6 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php'); // GET-Section // Kritisch (SQL-Injections) $clan_name = validateName($_GET['clan_name']); -$clan_pw = validateString($_GET['clan_pw']); $clan_for = validateString($_GET['clan_for']); $clan_back = validateString($_GET['clan_back']); $clan_info = validateString($_GET['clan_info']); @@ -24,20 +22,6 @@ $charm = $_GET['charm']; if ($charm == 1) { - $clanz = mysql_fetch_assoc(mysql_Query("SELECT id FROM clan ORDER BY id DESC LIMIT 1")); - $clan_upps = mysql_fetch_assoc(mysql_query("SELECT id FROM clan WHERE clanname='$clan_name' OR clanzeichen='$clan_for,$clan_back'")); - $clan_num = $clanz['id'] + 1; - - if ($clan_upps[id]) { - displayErrorMessage(NULL, 'Clanname oder Clan Zeichen gibt es schon.', displayHistoryBackLink()); - exit; - } - - if (!$clan_pw) { - displayErrorMessage(NULL, 'Clan Passwort Eingeben!', displayHistoryBackLink()); - exit; - } - if (!$clan_for AND !$clan_back) { displayErrorMessage(NULL, 'Sie müssen ein Clanzeichen haben.', displayHistoryBackLink()); exit; @@ -53,61 +37,52 @@ if ($charm == 1) { exit; } - $clan_name = preg_replace("#<#", "<", $clan_name); - $clan_pw = preg_replace("#<#", "<", $clan_pw); - $clan_info = preg_replace("#<#", "<", $clan_info); - - mysql_query("INSERT INTO clan SET clanname='$clan_name', clanzeichen='$clan_for,$clan_back', pw='$clan_pw', info='$clan_info', leader='$user_ida[id]'") OR DIE (mysql_error()); - $c_id = mysql_fetch_assoc(mysql_query('Select * from clan where clanname = \''.$clan_name.'\'')); - mysql_query('UPDATE user SET clan='.$c_id['id'].' WHERE id='.$user_ida['id']); - - displayErrorMessage(NULL, 'Clan erfolgreich Erstellt.', 'weiter...'); + $sql = 'INSERT into clan(clanname,clanz_pre,clanz_suff,info, leader) values(\''.$clan_name.'\', \''.$clan_for.'\', \''.$clan_back.'\', \''.$clan_info.'\', '.$user_ida['id'].')'; +// echo $sql.'
'; + mysql_query($sql); + if(mysql_affected_rows() > 0){ // Erstellen des Clans geglueckt + $c_id = mysql_fetch_assoc(mysql_query('Select * from clan where clanname = \''.$clan_name.'\'')); + mysql_query('UPDATE user SET clan='.$c_id['id'].' WHERE id='.$user_ida['id']); + displayErrorMessage(NULL, 'Clan erfolgreich Erstellt.', 'weiter...'); + } else{ + $sql = 'Select * from clan where clanname = \''.$clan_name.'\''; + $c_id = mysql_fetch_assoc(mysql_query($sql)); + if($c_id){ + $error = 'Clanname besteht schon!'; + } else{ + $error = 'Insert failed!'; + } + displayErrorMessage(NULL, 'Clan erstellen fehlgeschlagen! ('.$error.')', displayHistoryBackLink()); + } exit; } ?> - -
- - + - + - - + + - - + + - - + + - - - - - - +
-

Clan Gründen

Clan gründen
-

Clanname

Clanname  
-

Clan Passwort

 Clanzeichen vorn 
-

Clanzeichen vorn

 Clanzeichen hinten 
-

Clanzeichen hinten

 Clan Info 
-

Clan Info

 
  
- - - diff --git a/ag/clan/post.php b/ag/clan/post.php index 6f4a981..52ee122 100644 --- a/ag/clan/post.php +++ b/ag/clan/post.php @@ -11,41 +11,133 @@ include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/designfunctions.inc.php'); include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/messagefunctions.inc.php'); - // GET-Section // Kritisch (SQL-Injections) -$text = validateString($_REQUEST['text']); +$text = validateString($_GET['text']); +$username = validateName($_GET['username'], NULL); + // Unkritisch -$charm = $_REQUEST['charm']; +$action = $_GET['action']; -if($charm) { - if($user_ida['clan'] <= 0){ - return; +function handleInvitation($user, $username, $clan){ + if($clan['leader'] != $user['id'] && $clan['co_leader'] != $user['id']){ + displayErrorMessage(NULL, 'Nur der Leader, bzw. der Co-Leader kann neue Member einladen!'); + return false; + } + + if($user['clan'] == NULL){ + displayErrorMessage(NULL, 'Fehler! Nutzer existiert nicht!'); + return false; } - $clans = mysql_query('SELECT id FROM user WHERE clan='.$user_ida['clan']); - while($row = mysql_fetch_array($clans)) { - sendMessage($user_ida['nickname'], $row['id'], 'Clan Nachricht', $text); -// mysql_query("INSERT nachricht SET von='$user_ida[nickname]', besitzer='$row[id]', betreff='Clan Nachricht', text='$text'"); + $row = mysql_fetch_assoc(mysql_query('SELECT * FROM user where nickname = \''. $username.'\'')); + $userid = $row['id']; + if($row['clan'] == $user['clan']){ + displayErrorMessage(NULL, 'Fehler! Nutzer ist schon in deinem Clan!', displayHistoryBackLink()); + return false; + } + + if($row){ + $sql = 'INSERT INTO user_clan_invitations(userid, clanid, valid) values('.$userid.','.$user['clan'].',TIMESTAMPADD(DAY, 5, now()))'; +// echo $sql.'
'; + mysql_query($sql); + if(mysql_affected_rows() <= 0){ // Fehler? + $sql = 'UPDATE user_clan_invitations SET valid = TIMESTAMPADD(DAY, 5, now()) where userid = '.$userid.' and clanid = '.$user['clan']; +// echo $sql.'
'; + mysql_query($sql); + if(mysql_affected_rows() <= 0){ // Fehler? + displayErrorMessage(NULL, 'Fehler! Konnte Nutzer nicht einladen!', displayHistoryBackLink()); + return false; + } else{ + displayErrorMessage('','Nutzereinladung aufgefrischt!', 'weiter'); + sendMessage($user['id'], $userid, 'Einladung in Clan', 'Die Einladung des Clans '.$clan['clanname'].' wurde aufgefrischt! Klicke auf "Clan beitreten" um die Einladung anzunehmen!'); + } + } else{ + displayErrorMessage('','Nutzer erfolgreich eingeladen!', 'weiter'); + sendMessage($user['id'], $userid, 'Einladung in Clan', 'Du wurdest eingeladen dich dem Clan '.$clan['clanname'].' anzuschliessen! Klicke auf "Clan beitreten" um die Einladung anzunehmen!'); } - + } + return true; +} + +function sendClanNewsletter($user, $clan, $text){ + if($clan == NULL){ + return; + } + $sql = 'SELECT id FROM user WHERE clan='.$clan['id']; + $clans = mysql_query($sql); + while($row = mysql_fetch_assoc($clans)) { + sendMessage($user['id'], $row['id'], $clan['clanname'].' Nachricht', $text); + } displayErrorMessage(NULL,'Nachricht erfolgreich verschickt', 'weiter...'); - exit; } -?> -
+ +function revertInvitation($user, $clan, $userid){ + if($clan['leader'] != $user['id'] && $clan['co_leader'] != $user['id']){ + displayErrorMessage(NULL, 'Nur der Leader, bzw. der Co-Leader kann Einladungen zurückziehen!!', displayHistoryBackLink()); + return false; + } + mysql_query('DELETE FROM user_clan_invitations WHERE clan = '.$clan['id'].' AND userid = '.$userid); + if(mysql_affected_rows() > 0){ + displayErrorMessage('Zurückgezogen','Du hast die Einladung erfolgreich zurückgezogen!','weiter'); + } else{ + displayErrorMessage(NULL,'Einladung konnte nicht zurückgezogen werden!',displayHistoryBackLink()); + return false; + } + return true; +} + + +$clan = mysql_fetch_assoc(mysql_query('SELECT * from clan where id = '.$user_ida['clan'])); + +if($action == 'newsletter') { + sendClanNewsletter($user_ida, $clan, $text); +} else if($action == 'invite'){ + handleInvitation($user_ida, $username, $clan); +} else if($action == 'reject'){ + revertInvitation($user_ida, $username, $clan); +} else { + ?> + + - - - - - - + +
- Nachricht an Alle clan member
+ + + + + + + + + +
+ Nutzer in Clan einladen! +
 
 
+
+ + - - + + - - + + + + now();'; + $qry = mysql_query($sql); + while($row = mysql_fetch_assoc($qry)){ +?> + + + + + +
 
Versendete Claneinladungen
 
UsernameDeadlineAktion
zurückziehen
- \ No newline at end of file + \ No newline at end of file diff --git a/ag/clan/profil.php b/ag/clan/profil.php deleted file mode 100644 index 6046f4a..0000000 --- a/ag/clan/profil.php +++ /dev/null @@ -1,220 +0,0 @@ -weiter...'); - exit; -} -?> - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Ihr Profil

-

Level

-  
-

Exp

-  
-

Clanname

-  
-

Passwort

-  
-

Homepage

-  
-

Banner (468 x 60)

-  
-

Clanzeichen vorn

-  
-

Clanzeichen hinten

-  
-

Leader

-   -
-

Co. Leader

-   -
-

Clan Info

 
-

-   -
- -
- - - - - - - - -
-

-

- - -

-

- -

Clan löschen

- - -

-
- - - \ No newline at end of file diff --git a/ag/inclu/user-controll.php b/ag/inclu/user-controll.php index 7c90c5b..9f7ceea 100644 --- a/ag/inclu/user-controll.php +++ b/ag/inclu/user-controll.php @@ -49,8 +49,8 @@ if ($name AND $passwort) { Meine Wanted Kämpfe
"; $charakter_009 = "Charakter Übersicht
".$charakter_009; - - + + $training_009 = ""; $turnier_009 = 'Wochen Turnier Anmeldung
' . @@ -79,21 +79,22 @@ if ($name AND $passwort) { Clan Nachricht
+ Mein Clan
Clan Markt
Clan Item Nutzung
- Clan Profil
- Clan Ticker
- Clan Mitglieder
Geld Spenden
- Clan Kämpfe Anzeige
"; + Clan Ticker
+ Clan Wechseln
+ "; } - + +// $clan_009 .= "Clan Kämpfe Anzeige
"; + // Ist user der leader? - $chiefs = mysql_fetch_assoc(mysql_query('Select co_leader, leader from clan where id = '.$user_ida['clan'])); - if($chiefs['co_leader'] == $user_ida['id'] || $chiefs['leader'] == $user_ida['id']){ - $clan_009 .= 'Clan Kämpfe
'; - } +// $chiefs = mysql_fetch_assoc(mysql_query('Select co_leader, leader from clan where id = '.$user_ida['clan'])); +// if($chiefs['co_leader'] == $user_ida['id'] || $chiefs['leader'] == $user_ida['id']){ +// $clan_009 .= 'Clan Kämpfe
'; +// } $info_009 = " Alle User
@@ -117,26 +118,26 @@ if ($name AND $passwort) { $points = mysql_Fetch_array(mysql_Query("SELECT pkt FROM user WHERE nickname='$name' LIMIT 1")); $points2[pkt] = number_format($points[pkt], 0, "", "."); $points3 = $points2[pkt]; - - + + if ($name == 'Pegasus') { $status_009 .= "Status
"; } $status_009 .= "Geld: $geldstring
"; -// $status_009 .= "IP: $points3
"; - +// $status_009 .= "IP: $points3
"; + $status_009 .= 'Profil
'; $status_009 .= 'User Ticker
'; $status_009 .= 'User Postfach
'; - + $status_009 .= 'Meine Items
'; $status_009 .= 'Markt
'; $status_009 .= 'Auktions Markt
'; // $status_009 .= 'Shakkys Abzockbar
'; - + $status_009 .= 'Logout
'; - + } else { $agc_009 = " @@ -148,9 +149,9 @@ if ($name AND $passwort) { "; } $active = mysql_fetch_assoc(mysql_query('select count(*) as anzahl from user where online_zeit between TIMESTAMPADD(DAY, -7, now()) and now()')); - + $o_datum = preg_split('# #',$online_rekord_1_0['datum']); - $info_019 = " + $info_019 = " FAQ
Anfängerguide
AG Unterstützen
diff --git a/ag/include/clan.inc.php b/ag/include/clan.inc.php new file mode 100644 index 0000000..a9052ae --- /dev/null +++ b/ag/include/clan.inc.php @@ -0,0 +1,81 @@ +'; + mysql_query($sql); + if(mysql_affected_rows() > 0){ + return NULL; + } else{ + return 'Einladung konnte nicht zurückgezogen werden!'; + } +} + +/** + * + * Enter description here ... + * @param array $user the user that wants to invite + * @param int $userid the id of the user that should be invited + * @param array $clan the optional clan array (if available) + */ +function inviteUser(array $user, $userid, array $clan = NULL){ + if($user['clan'] === NULL) { + return 'Du bist in keinem Clan!'; + } + + if($clan === NULL) { + $qry = mysql_query('Select * from clan where id = ' . $user['clan']); + $clan = mysql_fetch_assoc($qry); + } + + if($clan['leader'] != $user['id'] && $clan['co_leader'] != $user['id']){ + return 'Nur der Leader, bzw. der Co-Leader kann neue Member einladen!'; + } + + $row = mysql_fetch_assoc(mysql_query('SELECT * FROM user where id = \''. $userid.'\'')); + if(!row) { + return 'Fehler! Nutzer exisitiert nicht!!'; + } + if($row['clan'] == $user['clan']){ + return 'Fehler! Nutzer ist schon in deinem Clan!'; + } + + $sql = 'INSERT INTO user_clan_invitations(userid, clanid, valid) values('.$userid.','.$user['clan'].',TIMESTAMPADD(DAY, 5, now()))'; + // echo $sql.'
'; + mysql_query($sql); + if(mysql_affected_rows() <= 0){ // Fehler? + $sql = 'UPDATE user_clan_invitations SET valid = TIMESTAMPADD(DAY, 5, now()) where userid = '.$userid.' and clanid = '.$user['clan']; + // echo $sql.'
'; + mysql_query($sql); + if(mysql_affected_rows() <= 0){ // Fehler? + return 'Fehler! Konnte Nutzer nicht einladen!'; + } else{ + sendMessage($user['id'], $userid, 'Einladung in Clan', 'Die Einladung des Clans '.$clan['clanname'].' wurde aufgefrischt! Klicke auf "Clan beitreten" um die Einladung anzunehmen!'); + return NULL; + } + } else{ + sendMessage($user['id'], $userid, 'Einladung in Clan', 'Du wurdest eingeladen dich dem Clan '.$clan['clanname'].' anzuschliessen! Klicke auf "Clan beitreten" um die Einladung anzunehmen!'); + return NULL; + } +} + +?> \ No newline at end of file diff --git a/ag/include/config/settings_example.inc.php b/ag/include/config/settings_example.inc.php index 1abde3a..239bac4 100644 --- a/ag/include/config/settings_example.inc.php +++ b/ag/include/config/settings_example.inc.php @@ -12,4 +12,12 @@ * Der Pfad muss auf eine Date zeigen, in der die Rassen (aehnlich wie bei der rassen.inc.php aufgelistet sind!) */ # $GLOBALS['races_location_file'] = $_SERVER['DOCUMENT_ROOT'].'ag/include/config/myraces.inc.php'; + + +// Farben +$GLOBALS['COLOR_SUPPORTER'] = 'gold'; +$GLOBALS['COLOR_GM'] = 'lime'; +$GLOBALS['COLOR_DEVELOPER'] = 'blue'; +$GLOBALS['COLOR_CREATIVE'] = 'red'; + ?> \ No newline at end of file diff --git a/ag/include/designfunctions.inc.php b/ag/include/designfunctions.inc.php index 7e2165e..ee7161f 100644 --- a/ag/include/designfunctions.inc.php +++ b/ag/include/designfunctions.inc.php @@ -7,15 +7,61 @@ */ // Diese Funktion muss in ein Darstellungspackage hinein und muss noch verlegt werden, Gestaltung in css-Datei -function displayUserLink($userid, $username, $clanpre = NULL, $clansu = NULL){ - if($clanpre === NULL && $clansu === NULL){ - return ''.$username.''; + +/** + * use displayUserLinkByID instead + * @deprecated + */ +function displayUserLink($userid, $username = NULL, $clanpre = NULL, $clansu = NULL){ + // backwards compat!! + return displayUserLinkByID($userid); +} + +function displayUserNameByID($userid, $showClanTags = TRUE){ + if($userid === null){return '';} + $sql = 'select nickname, user.id as userid, clan.clanz_pre, clan.clanz_suff, ads, gm from user left join clan on user.clan = clan.id where user.id = '.$userid; + $user_info = mysql_fetch_assoc(mysql_query($sql)); + if($user_info['gm'] != 'nein'){ + if($user_info['gm'] == 'ja'){ + $color = 'style="color:'.$GLOBALS['COLOR_GM'].'"'; + } else if($user_info['gm'] == 'et'){ + $color = 'style="color:'.$GLOBALS['COLOR_DEVELOPER'].'"'; + } else if($user_info['gm'] == 'ka'){ + $color = 'style="color:'.$GLOBALS['COLOR_CREATIVE'].'"'; + } + } else if($user_info['ads'] == 1){ + $color = 'style="color:'.$GLOBALS['COLOR_SUPPORTER'].'"'; } else{ - return ''.$clanpre.' '.$username.' '.$clansu.''; + $color = ''; + } + + $nickname = $user_info['nickname']; + if($user_info['clanz_pre'] !== NULL && $user_info['clanz_pre'] != '' && $showClanTags) { + $nickname = $user_info['clanz_pre'] . ' ' . $nickname; + } + if($user_info['clanz_suff'] !== NULL && $user_info['clanz_suff'] != '' && $showClanTags) { + $nickname = $nickname . ' ' . $user_info['clanz_suff']; + } + + if($color == ''){ + return $nickname; + } else{ + return ''.$nickname.''; } } -function displayClanLink($clanid, $clanname){ +// Diese Funktion muss in ein Darstellungspackage hinein und muss noch verlegt werden, Gestaltung in css-Datei +function displayUserLinkByID($userid, $showClanTags = TRUE){ + return ''.displayUserNameByID($userid, $showClanTags).''; +} + + +function displayClanLink($clanid, $clanname = NULL){ + if($clanname === NULL) { + $qry = mysql_query('SELECT clanname FROM clan WHERE id = ' . $clanid); + $row = mysql_fetch_assoc($qry); + $clanname = $row['clanname']; + } return ''.$clanname.''; } @@ -27,7 +73,7 @@ function displayIndexBackLink(){ return 'zurück'; } -function displayCharLink($charid, $charname, $img = NULL, $clanpre = NULL, $clansu = NUL){ +function displayCharLink($charid, $charname, $img = NULL, $clanpre = NULL, $clansu = NULL){ if($clanpre !== NULL && $clansu !== NULL){ $charname = $clanpre.' '.$charname.' '.$clansu; } diff --git a/ag/include/messagefunctions.inc.php b/ag/include/messagefunctions.inc.php index 1914c9c..8c6de92 100644 --- a/ag/include/messagefunctions.inc.php +++ b/ag/include/messagefunctions.inc.php @@ -30,6 +30,7 @@ function sendMessage($von, $besitzer, $betreff, $text){ $sql = 'INSERT INTO nachricht(von, besitzer, betreff, text) VALUES (\''.$von.'\', '.$besitzer.', \''.$betreff.'\', \''.$text.'\')'; // echo $sql.'
'; mysql_query($sql); + return mysql_affected_rows() != 0; } function colorize($text){ @@ -139,4 +140,9 @@ function insertClanTickerMessage($clanid, $message, $offset = 0){ //$test = 'Test'; //echo encodeMessage($test).'
'; + +function sendInviteToClanMessage($leaderid, $userid) { + +} + ?> \ No newline at end of file diff --git a/ag/info.php b/ag/info.php index 67dbef9..f03ef85 100644 --- a/ag/info.php +++ b/ag/info.php @@ -8,7 +8,9 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/char.inc.php'); +include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/clan.inc.php'); include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php'); +include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php'); @@ -103,13 +105,13 @@ function display1($char_id){ } -function display2($user_id, $userage){ +function display2($user_id, $userage, $user_ida){ if($userage != NULL){ $user_a = mysql_fetch_assoc(mysql_query('SELECT * FROM user WHERE nickname=\''.$userage.'\'')); } else{ $user_a = mysql_fetch_assoc(mysql_query('SELECT * FROM user WHERE id='.$user_id)); } - + ?> @@ -129,12 +131,28 @@ function display2($user_id, $userage){ echo 'Keiner'; } else{ $clan = mysql_fetch_assoc(mysql_query('SELECT * FROM clan WHERE id = '.$user_a['clan'])); - echo displayClanLink ($clan['id'], $clan['clanname']) ; + echo displayClanLink ($clan['id'], $clan['clanname']) ; } - + // Now could it be that the user is in an other clan and we may invite him ;), check if current user is a leader! + $qry = mysql_query('Select id from clan where leader = ' . $user_ida['id'] . ' or co_leader = ' . $user_ida['id']); + $clan = mysql_fetch_assoc($qry); + // is there data available and if yes does the other user have the same clan? + if($clan && $clan['id'] !== $user_a['clan']) { + // check if we already invited him. Then renew invitation -> + $qry = mysql_query('Select count(*) as anzahl from user_clan_invitations where clanid = '.$clan['id'].' AND userid = ' . $user_id); + $row = mysql_fetch_assoc($qry); + + if ($row['anzahl'] > 0) { + $action = 'Einladung erneuern'; + } else { + $action = 'einladen'; + } + // no ?? Then display the option to invite this user ;) + echo ' ('.$action.')'; + } ?> - + -
Geschlecht @@ -152,7 +170,7 @@ function display2($user_id, $userage){ Nick-History ',$nick_history) ?>
- @@ -214,8 +232,17 @@ if($charm == 1) { display1($char_id); } else if($charm == 2){ display3($group,$item_id); -}else if($user_id != NULL || $userage != NULL){ - display2($user_id, $userage); +} elseif ($charm == 3) { + $errorMsg = inviteUser($user_ida, $user_id); + if($errorMsg !== NULL) { + echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink()); + $displayMore = false; + } else { + displayErrorMessage('','Du hast die Einladung erfolgreich verschickt!', 'weiter'); + $displayMore = false; + } +} else if($user_id != NULL || $userage != NULL){ + display2($user_id, $userage, $user_ida); } ?> \ No newline at end of file diff --git a/db/animegame_svn.sql b/db/animegame_svn.sql index c4a77b6..68376e7 100644 --- a/db/animegame_svn.sql +++ b/db/animegame_svn.sql @@ -408,12 +408,12 @@ UNLOCK TABLES; DROP TABLE IF EXISTS `clan`; CREATE TABLE `clan` ( `clanname` varchar(50) collate utf8_unicode_ci NOT NULL default '', - `clanzeichen` varchar(255) collate utf8_unicode_ci NOT NULL default ',', + `clanz_pre` varchar(25) collate utf8_unicode_ci NOT NULL default '', + `clanz_suff` varchar(25) collate utf8_unicode_ci NOT NULL default '', `geld` int(15) NOT NULL default '0', `info` text collate utf8_unicode_ci NOT NULL, `id` int(11) NOT NULL auto_increment, `leader` int(11) default '0', - `pw` varchar(50) collate utf8_unicode_ci NOT NULL default '', `siege` int(25) NOT NULL default '0', `niederlagen` int(25) NOT NULL default '0', `co_leader` int(11) default NULL, @@ -2242,6 +2242,25 @@ CREATE TABLE `turnier_preis` ( ) ENGINE = InnoDB CHARSET=utf8 COLLATE=utf8_unicode_ci; +DROP TABLE IF EXISTS `user_clan_invitations`; +CREATE TABLE `user_clan_invitations` ( + `userid` INTEGER NOT NULL, + `clanid` INTEGER NOT NULL, + `valid` TIMESTAMP NOT NULL, + PRIMARY KEY (`userid`, `clanid`), + CONSTRAINT `user_clan_invitations_userid` FOREIGN KEY `user_clan_invitations_userid` (`userid`) + REFERENCES `user` (`id`) + ON DELETE CASCADE + ON UPDATE CASCADE, + CONSTRAINT `user_clan_invitations_clanid` FOREIGN KEY `user_clan_invitations_clanid` (`clanid`) + REFERENCES `clan` (`id`) + ON DELETE CASCADE + ON UPDATE CASCADE +) +ENGINE = InnoDB +CHARACTER SET utf8 COLLATE utf8_general_ci; + + /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
+