Ported some changes from the independent branch to the ag 1.0 trunk. This basicly implies all the clan invitation stuff. Additionally the user controll is cleaned up a bit. This checkin requires the user_clan_invitations table and some changes in the clan table (replacement clanzeichen,pw to clanz_pre, clanz_suff). See the database file for more information.

main
hecht 13 years ago
parent defc2c73f1
commit 9813e7c62f

@ -5,7 +5,6 @@
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
* *
*/ */
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php');
@ -13,149 +12,173 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php');
// GET-Section // GET-Section
// Kritisch (SQL-Injections) // Kritisch (SQL-Injections)
$clan_name = validateName($_GET['clan_name']); $clanid = validateUnsignedInteger($_GET['clanid'], null);
$clan_pw = validateString($_GET['clan_pw']);
$poll1 = validateString($_GET['poll1']); $poll1 = validateString($_GET['poll1']);
$poll2 = validateString('ASC'); $poll2 = validateString('ASC');
$pagenum = validateUnsignedInteger($_GET['pagenum'], null); $pagenum = validateUnsignedInteger($_GET['pagenum'], null);
// Unkritisch // Unkritisch
$charm = $_GET['charm']; $action = $_GET['action'];
$user = $user_ida; $user = $user_ida;
if ($charm == 1) { function joinClan($user, $clanid){
$clan = mysql_fetch_assoc(mysql_query('SELECT *, (Select 10 - count(*) from user u where clan = c.id and ((c.leader is null || c.leader != u.id) and (c.co_leader is null || c.co_leader != u.id))) as freeslots FROM clan c WHERE clanname=\''.$clan_name.'\' AND pw=\''.$clan_pw.'\'')); $sql = 'SELECT * FROM user_clan_invitations WHERE userid = '.$user['id'].' and clanid = '.$clanid.' and valid > now();';
$clan_user = mysql_fetch_assoc(mysql_query($sql));
if (!$clan['id']) {
displayErrorMessage(NULL, 'Clanname oder Clanpasswort ist falsch!', displayHistoryBackLink()); if($clan_user){
exit; $sql = 'Select *, (Select member - count(*) from user u where clan = c.id and ((c.leader is null || c.leader != u.id) and (c.co_leader is null || c.co_leader != u.id))) as freeslots from clan c where id = '.$clanid;
} // echo $sql . '<br>';
if ($user['clan'] != 0) { $clan = mysql_fetch_assoc(mysql_query($sql));
displayErrorMessage(NULL, 'Du bist schon in einem Clan!', displayHistoryBackLink()); if($clan['freeslots'] <= 0){
exit; displayErrorMessage(NULL,'Konnte die Einladung des Clans nicht annehmen (Clan voll)!',displayHistoryBackLink());
return;
} else{
$sql = 'UPDATE user SET clan = '.$clanid.' WHERE id = '.$user['id'];
// echo $sql.'<br>';
mysql_query($sql);
// unset the leader if the user is moving from one clan to another
mysql_query('UPDATE clan SET leader = NULL WHERE leader = ' .$user['id']);
mysql_query('UPDATE clan SET co_leader = NULL WHERE co_leader = ' .$user['id']);
displayErrorMessage('Aufgenommen','Du wurdest erfolgreich in den Clan aufgenommen!','<a href="index.php?as=clan/clan_info">weiter</a>');
}
} else{
displayErrorMessage(NULL,'Konnte die Einladung des Clans nicht annehmen!',displayHistoryBackLink());
return;
} }
mysql_query('DELETE FROM user_clan_invitations WHERE userid = '.$user['id'].' and clanid = '.$clanid);
}
if ($clan['freeslots'] <= 0) { // Keine Plätze mehr frei function denyClan($user, $clanid){
displayErrorMessage(NULL, 'Der Clan ist voll!', displayHistoryBackLink()); mysql_query('DELETE FROM user_clan_invitations WHERE userid = '.$user['id'].' and clanid = '.$clanid);
exit; if(mysql_affected_rows() > 0){
displayErrorMessage('Abgelehnt','Du hast die Einladung erfolgreich abgelehnt!','<a href="index.php?as=clan/add">weiter</a>');
} else{
displayErrorMessage(NULL,'Einladung des Clans konnte nicht abgelehnt werden!',displayHistoryBackLink());
} }
mysql_query('UPDATE user SET clan='.$clan['id'].' WHERE id='.$user_ida['id']);
displayErrorMessage(NULL, 'Du bist jetzt im '.$clan_name.' Clan', '<a href="index.php?as=clan/index">weiter...</a>');
exit;
} }
?>
<form action="index.php" method="GET"> if ($action == 'accept') {
<input type="hidden" name="as" value="clan/add"> joinClan($user_ida, $clanid);
<input type="hidden" name="charm" value="1"> } else if ($action == 'deny') {
<table cellpadding="0" cellspacing="0" width="100%"> denyClan($user_ida, $clanid);
<!-- MSTableType="layout" -->
<tr>
<td height="30" valign="top" width="585" colspan="6">
<p align="center"><b>Clan Beitreten</b><p align="center">&nbsp;</td>
</tr>
<tr>
<td height="30" valign="center" width="296" colspan="3">
<p align="right"><b>Clanname</b></td>
<td height="30" valign="center" width="289" colspan="3">
&nbsp;<input name="clan_name" size=20></td>
</tr>
<tr>
<td height="30" valign="top" width="296" colspan="3">
<p align="right"><b>Clan Passwort</b></td>
<td height="30" valign="center" width="289" colspan="3">
&nbsp;<input name="clan_pw" size=10> <input type=submit value="Beitreten">
</td>
</tr>
<?php
if (!$poll1) {
$poll1 = 'clanname';
$poll2 = 'ASC';
}
if ($poll1 == 'clanname' AND $poll2 == 'ASC') {
$poll['clanname'] = 'DESC';
} else {
$poll['clanname'] = 'ASC';
}
if ($poll1 == 'leader' AND $poll2 == 'ASC') {
$poll['leader'] = 'DESC';
} else {
$poll['leader'] = 'ASC';
}
if ($poll1 == 'geld' AND $poll2 == 'ASC') {
$poll['geld'] = 'DESC';
} else { } else {
$poll['geld'] = 'ASC';
}
$ready = 'clan/add&pagenum='.$pagenum;
?>
<tr>
<td height="33" width="96" valign="top">
<p align="center"><b><?php echo '<a href="index.php?as='.$ready.'&poll1=clanname&poll2='.$poll['clanname'].'">Clanname</a>'; ?></b></td>
<td height="33" width="128" valign="top">
<p align="center"><b><?php echo "<a href='index.php?as=$ready&poll1=leader&poll2=$poll[leader]'>Leader</a>"; ?></b></td>
<td height="33" width="76" valign="top">
<p align="center"><b>Mitglieder</b></td>
<td height="33" width="98" valign="top">
<p align="center"><b><?php echo "<a href='index.php?as=$ready&poll1=geld&poll2=$poll[geld]'>Geld</a>"; ?></b></td>
<td height="33" width="76" valign="top">
<p align="center"><b>Info</b></td>
<td height="33" width="115" valign="top">
<p align="center"><b>Beitreten</b></td>
</tr>
<?php
// TODO: Seitenzahlen ueber displayfunction funktion
if (!is_numeric($pagenum) || $pagenum <= 1) { ?>
$pagenum = 0;
} else{
$pagenum = ($pagenum -1) * 10;
}
$clan = mysql_Query('SELECT c.clanzeichen, c.clanname, c.geld, c.info, c.id, u.id AS uid, u.nickname FROM clan c LEFT JOIN user u ON(c.leader=u.id) ORDER BY '.$poll1.' '.$poll2.' LIMIT '.$pagenum.',20');
while ($row = mysql_fetch_array($clan)) {
$mitglieder = mysql_num_rows(mysql_query('SELECT id FROM user WHERE clan='.$row['id']));
$z_v = explode(',', $row['clanzeichen']);
?>
<tr> <form action="index.php" method="GET">
<td height="35" width="96" valign="top"> <input type="hidden" name="as" value="clan/add"> <input type="hidden"
<p align="center"><?php echo $row['clanname']; ?></td> name="charm" value="1">
<td height="25" width="128" valign="top"> <table cellpadding="0" cellspacing="0" width="100%">
<p align="center"><?php echo displayUserLink($row['uid'], $row['nickname'], $z_v[0], $z_v[1]); ?></td> <tr>
<td height="25" width="76" valign="top"> <th height="30" width="585" colspan="5" class="content">Erhaltene
<p align="center"><?php echo $mitglieder; ?></td> Claneinladungen</th>
<td height="25" width="98" valign="top"> </tr>
<p align="center"><?php echo displayMoney($row['geld']); ?></td> <tr>
<td height="25" width="100" valign="top"> <th height="30" class="content">Clanname</th>
<p align="center"><?php echo '<a href="index.php?as=clan/clan_info&clan_id='.$row['id'].'">Info</a>'; ?></td> <th height="30" colspan="2" class="content">Deadline</th>
<td height="25" width="115" valign="top"> <th height="30" colspan="2" class="content">Reagieren</th>
<p align="center"><?php echo '<a href="index.php?as=nachricht&charm=1&besitzer='.$row['nickname'].'">Beitreten</a>'; ?></td> <?php
</tr> $sql = 'SELECT * FROM user_clan_invitations WHERE userid = '.$user_ida['id'].' and valid > now();';
$qry = mysql_query($sql);
while($row = mysql_fetch_assoc($qry)){
?>
<tr>
<td height="30" align="center" class="content"><?php echo displayClanLink($row['clanid']); ?>
</td>
<td height="30" align="center" colspan="2" class="content"><?php echo $row['valid']; ?>
</td>
<td height="30" align="center" colspan="2" class="content"><a
href="index.php?as=clan/add&action=accept&clanid=<?php echo $row['clanid']; ?>">Akzeptieren</a>
| <a
href="index.php?as=clan/add&action=deny&clanid=<?php echo $row['clanid']; ?>">Ablehnen</a>
</td>
</tr>
<tr>
<td height="30" colspan="5" class="content"></td>
</tr>
<?php
}
if (!$poll1) {
$poll1 = 'clanname';
$poll2 = 'ASC';
}
if ($poll1 == 'clanname' AND $poll2 == 'ASC') {
$poll['clanname'] = 'DESC';
} else {
$poll['clanname'] = 'ASC';
}
if ($poll1 == 'leader' AND $poll2 == 'ASC') {
$poll['leader'] = 'DESC';
} else {
$poll['leader'] = 'ASC';
}
if ($poll1 == 'geld' AND $poll2 == 'ASC') {
$poll['geld'] = 'DESC';
} else {
$poll['geld'] = 'ASC';
}
$ready = 'clan/add&pagenum='.$pagenum;
?>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<th height="30" width="585" colspan="5" class="content">Übersicht
aller Clans</th>
</tr>
<tr>
<th height="33" width="96" valign="top" class="content"><?php echo '<a href="index.php?as='.$ready.'&poll1=clanname&poll2='.$poll['clanname'].'">Clanname</a>'; ?>
</th>
<th height="33" width="128" valign="top" class="content"><?php echo '<a href="index.php?as='.$ready.'&poll1=leader&poll2='.$poll['leader'].'">Leader</a>'; ?>
</th>
<th height="33" width="76" valign="top" class="content">Mitglieder</th>
<th height="33" width="98" valign="top" class="content"><?php echo '<a href="index.php?as='.$ready.'&poll1=geld&poll2='.$poll['geld'].'">Geld</a>'; ?>
</th>
<th height="33" width="76" valign="top" class="content">Info</th>
</tr>
<?php
$sql = 'SELECT c.clanz_pre, c.clanz_suff, c.clanname, c.geld, c.info, c.id, c.leader FROM clan c ORDER BY '.$poll1.' '.$poll2.' LIMIT '.($pagenum*20).',20';
$clan = mysql_query($sql);
while ($row = mysql_fetch_array($clan)) {
$mitglieder = mysql_num_rows(mysql_query('SELECT id FROM user WHERE clan='.$row['id']));
$z_v = array($row['clan_pre'], $row['clan_suff']);
?>
<tr>
<td height="35" width="96" valign="top" align="center"
class="content"><?php echo displayClanLink($row['id'], $row['clanname']); ?>
</td>
<td height="25" width="128" valign="top" align="center"
class="content"><?php echo displayUserLinkByID($row['leader']); ?>
</td>
<td height="25" width="76" valign="top" align="center"
class="content"><?php echo $mitglieder; ?>
</td>
<td height="25" width="98" valign="top" align="center"
class="content"><?php echo displayMoney($row['geld']); ?>
</td>
<td height="25" valign="top" align="center" class="content"><?php echo $row['info']; ?>
</td>
</tr>
<?php
// TODO: Seitenzahlen aus Designfunctions benutzen!!!
}
$Total = mysql_num_rows(mysql_query('SELECT id FROM clan'));
$url = '<a href="'.$_SERVER['PHP_SELF'].'?as=clan/add&pagenum=###PAGE###">###LABEL###</a>';
?>
<tr>
<td colspan="5" class="content"><?php echo displayPagelinksNew(20, $Total, $pagenum, $url); ?>
</td>
</tr>
</table>
</form>
<?php <?php
// TODO: Seitenzahlen aus Designfunctions benutzen!!!
}
$Total = mysql_num_rows(mysql_query('SELECT id FROM clan'));
$pages = ceil($Total / 20);
$z = 1;
$i = 0;
while ($pages > $i) {
$seiten .= '&nbsp;<a href="index.php?as=clan/add&pagenum='.$z.'">'.$z.'</a>&nbsp;';
$z++;
$i++;
} }
?> ?>
<tr>
<td height="18" width="589" valign="top" colspan="6">&nbsp;<b>Seite
<?php echo $seiten; ?></b></td>
</tr>
</table>
</form>

@ -6,97 +6,556 @@
* *
*/ */
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/designfunctions.inc.php'); include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/clan.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php'); include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php');
// GET-Section // GET-Section
if(isset($_GET['action'])) {
$action = $_GET['action'];
} else {
$action = NULL;
}
//Unkritisch
if(isset($_GET['what'])) {
$what = $_GET['what'];
} else {
$what = NULL;
}
// Kritisch (SQL-Injections) // Kritisch (SQL-Injections)
$clan_id = validateUnsignedInteger($_GET['clan_id'], null); $clan_id = validateUnsignedInteger($_GET['clan_id'], null);
//Unkritisch $member = validateUnsignedInteger($_GET['member'], NULL);
$text = validateString($_GET['text']);
function displayClanProfile($clanid){ $displayMore = true;
$sql = 'SELECT * FROM clan where clan.id = '.$clanid;
$clan = mysql_fetch_assoc(mysql_query($sql)); if($clan_id == NULL){
$clan_zeichen = explode(",", $clan['clanzeichen']); if($user_ida['clan'] != null){
$member_qry = mysql_query('Select nickname, id from user where clan = '.$clan['id']); $clan_id = $user_ida['clan'];
} else {
$displayMore = false;
}
}
if(isset($_GET['value1'])) {
if($what == 'Banner'){
$value1 = validateURL($_GET['value1']);
} else if($what == 'Homepage' || $what == 'Info' || $what == 'Clan Passwort'){
$value1 = validateString($_GET['value1']);
} else if($what == 'Clanzeichen'){
$value1 = validateString($_GET['value1']);
$value2 = validateString($_GET['value2']);
} else if($what == 'Leadership') {
$value1 = validateUnsignedInteger($_GET['value1'], NULL);
$value2 = validateUnsignedInteger($_GET['value2'], NULL);
}
}
function displayClanProfileReadOnly($clan, $ownclan, $userid){
$member_qry = mysql_query('Select id from user where clan = '.$clan['id']);
$count = mysql_num_rows($member_qry); $count = mysql_num_rows($member_qry);
$member = array();
while($row = mysql_fetch_assoc($member_qry)){ while($row = mysql_fetch_assoc($member_qry)){
$member[] = displayUserLink($row['id'], $row['nickname'], $clan_zeichen[0], $clan_zeichen[1]); $tmp = displayUserLinkByID($row['id']);
if($row['id'] == $userid){
$member[] = $tmp.' (<a href="index.php?as=clan/clan_info&action=fire&member='.$row['id'].'">verlassen</a>)';
} else{
$member[] = $tmp;
}
if($row['id'] == $clan['leader']){ if($row['id'] == $clan['leader']){
$leader = $row; $leader = $tmp;
} else if($row['id'] == $clan['co_leader']){ }
$coleader = $row; if($row['id'] == $clan['co_leader']){
$coleader = $tmp;
} }
} }
$inv_qry = mysql_query('SELECT userid, TIMESTAMPDIFF(HOUR, now(), valid) as till FROM user_clan_invitations WHERE clanid = '.$clan['id'].' and valid > now()');
$invited = array();
while($row = mysql_fetch_assoc($inv_qry)) {
$invited[] = displayUserLinkByID($row['userid']) . ' (noch ' . $row['till'] . 'h gültig)';
}
?> ?>
<div align="center"> <div align="center">
<table border="0" width="100%" border="1"> <table width="100%">
<tr> <tr>
<th width="100%" height="39" colspan="2" align="center"><?php echo $clan['name']; ?> Info</th> <th width="100%" height="39" colspan="2" align="center"><?php echo $clan['clanname']; ?>
</tr> Info</th>
</tr>
<?php
if($clan['banner'] != "0"){
?>
<tr>
<td width="100%" height="52" colspan="2" align="center"><img
src="<?php echo $clan['banner']; ?> " width="468" height="60"></td>
</tr>
<?php
}
?>
<tr>
<th width="20%" align="Left">Leader:</th>
<?php
if($leader == null && $coleader == null){
if($ownclan) {
echo '<td rowspan="2"><a href="index.php?as=clan/clan_info&action=putsch">Macht &uuml;bernehmen</a></td>';
} else {
echo '<td rowspan="2">Keine Leader</td>';
}
} else{
echo '<td>'.$leader.'</td>';
}
?>
</tr>
<tr>
<th align="Left">Co-Leader:</th>
<?php <?php
if($clan['banner'] != "0"){ if($leader != null && $coleader != null){
echo '<td>'.$coleader.'</td>';
}
?>
</tr>
<tr>
<th align="Left">Clanzeichen:</th>
<td><?php echo $clan['clanz_pre'].' '.$clan['clanz_suff']; ?></td>
</tr>
<tr>
<th align="Left">Member (<?php echo $count; ?>):</th>
<td><?php echo join('<br>',$member); ?></td>
</tr>
<?php
if($ownclan) {
?> ?>
<tr> <tr>
<td width="948" height="52" colspan="2" align="center"><img src="<?php echo $clan['banner']; ?> " width="468" height="60"></td> <th align="Left">Eingeladen</th>
</tr> <td><?php echo join('<br', $invited); ?></td>
</tr>
<?php
}
?>
<tr>
<th align="Left">Level:</th>
<td><?php echo $clan['level']; ?></td>
</tr>
<tr>
<th width="96" height="25" align="Left">Homepage:</th>
<?php <?php
if($clan['homepage'] != 'Keine'){
echo '<td width="852" height="25"><a href="'.$clan['homepage'].'" target=_blank>'.$clan['homepage'].'</a></td>';
} else{
echo '<td width="852" height="25">Keine</td>';
} }
?> ?>
<tr> </tr>
<th width="96" height="25" align="Left">Leader:</th> <tr>
<td width="852" height="25"><?php echo $leader['nickname']; ?></td> <th align="Left">Info:</th>
</tr> <td><?php echo $clan['info']; ?></td>
<tr> </tr>
<th width="96" height="25" align="Left">Co-Leader:</th> <?php
<td width="852" height="25"><?php echo $coleader['nickname']; ?></td> if($ownclan) {
</tr> ?>
<tr> <tr><td>&nbsp;</td></tr>
<th width="96" height="25" align="Left">Clanzeichen:</th> <tr>
<td width="852" height="25"><?php echo $clan['clanzeichen']; ?></td> <td colspan="2">
</tr> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="GET">
<tr> <input type="hidden" name="as" value="clan/clan_info"> <input
<th width="96" height="25" valign="top" align="Left">Member (<?php echo $count; ?>):</th> type="hidden" name="action" value="newsletter">
<td width="852" height="25"><?php echo join('<br>',$member); ?></td> <table cellpadding="0" cellspacing="0" width="100%" height="69">
</tr> <tr>
<tr> <th height="18" valign="top" width="603" colspan="2"
<th width="96" height="25" align="Left">Level:</th> class="content">Nachricht an alle Clanmember schicken</th>
<td width="852" height="25"><?php echo $clan['level']; ?></td> </tr>
</tr> <tr>
<tr> <td height="25" valign="top" colspan="2" align="center">&nbsp;<textarea
<th width="96" height="25" align="Left">Homepage:</th> class="input" rows="8" name="text" cols="40"></textarea></td>
<?php </tr>
if($clan['homepage'] != 'Keine'){ <tr>
echo '<td width="852" height="25"><a href="'.$clan['homepage'].'" target=_blank>'.$clan['homepage'].'</a></td>'; <td height="25" valign="top" colspan="2" align="center">&nbsp;<input
} else{ class="input" type="submit" value="abschicken"></td>
echo '<td width="852" height="25">Keine</td>'; </tr>
} </table>
?> </form>
</tr> </td>
<tr> </tr>
<th width="96" height="25" valign="top" align="Left">Info:</th> <?php
<td width="852" height="25"><?php echo $clan['info']; ?></td> }
</tr> ?>
<tr> </table>
<td width="96" height="25"></td> </div>
<td width="852" height="25"><?php echo displayHistoryBackLink(); ?></td>
</tr> <?php
</table>
</div>
<?php
} }
/* Pr<50>fen ob die <20>bergebene oder eingegebene ID eine Zahl ist */
if (!is_numeric($clan_id)) { function displayClanProfileEditable($clan, $userid){
echo '<p>Dies ist keine Zahl</p>'; $member_qry = mysql_query('Select id from user where clan = '.$clan['id']);
} else { $member = array();
/* Pr<50>fen ob die <20>bergebene oder eingegebene ID in der Tabelle der Clans vorhanden ist */ $count = mysql_num_rows($member_qry);
$clanvorhanden = mysql_num_rows(mysql_query('SELECT id FROM clan where id = '.$clan_id)); while($row = mysql_fetch_assoc($member_qry)){
/* Wenn keine Datensatz mit dieser ID vorhanden ist, ist die Variable $clanvorhanden 0 */ $tmp = displayUserLinkByID($row['id']);
if ($clanvorhanden == 0) { $kickable = true;
echo '<p>Einen Clan mit dieser ID exisitert nicht!</p>';
/* Wenn es einen Datensatz mit der ID in der Tabelle gibt, werden die Claninformationen angezeigt */ if($row['id'] == $clan['leader']){
$leader = $tmp;
$kickable = false;
}
if($row['id'] == $clan['co_leader']){
$coleader = $tmp;
$kickable = false;
}
if($userid == $row['id'] && $kickable){
$member[] = $tmp.' (<a href="index.php?as=clan/clan_info&action=fire&member='.$row['id'].'">verlassen</a>)';
} else if($kickable){
$member[] = $tmp.' (<a href="index.php?as=clan/clan_info&action=fire&member='.$row['id'].'">kicken</a>)';
} else{
$member[] = $tmp;
}
}
$inv_qry = mysql_query('SELECT userid, TIMESTAMPDIFF(HOUR, now(), valid) as till FROM user_clan_invitations WHERE clanid = '.$clan['id'].' and valid > now()');
$invited = array();
while($row = mysql_fetch_assoc($inv_qry)) {
$invited[] = displayUserLinkByID($row['userid']) . ' (noch ' . $row['till'] . 'h gültig, <a href="index.php?as=clan/clan_info&action=reject&member='.$row['userid'].'">zurückziehen</a>)';
}
?>
<table width="100%">
<tr>
<th width="500" height="39" colspan="2" align="center"><?php echo $clan['clanname']; ?>
Info</th>
</tr>
<tr>
<td width="100%" height="52" colspan="2" align="center"><?php
if($clan['banner'] != "0"){
?> <img src="<?php echo $clan['banner']; ?> " width="468" height="60">
<?php
}
?> <br> <a href="index.php?as=clan/clan_info&action=edit&what=Banner">(edit)</a>
</td>
</tr>
<tr>
<th width="25%" align="Left">Leader:<a
href="index.php?as=clan/clan_info&action=edit&what=Leadership">(edit)</a>
</th>
<td><?php echo $leader; ?></td>
</tr>
<tr>
<th align="Left">Co-Leader:<a
href="index.php?as=clan/clan_info&action=edit&what=Leadership">(edit)</a>
</th>
<td><?php echo $coleader; ?></td>
</tr>
<tr>
<th align="Left">Clanzeichen:<a
href="index.php?as=clan/clan_info&action=edit&what=Clanzeichen">(edit)</a>
</th>
<td><?php echo $clan['clanz_pre'].' '.$clan['clanz_suff']; ?></td>
</tr>
<tr>
<th align="Left">Member (<?php echo $count; ?>):</th>
<td><?php echo join('<br>',$member); ?></td>
</tr>
<tr>
<th align="Left">Eingeladen</th>
<td><?php echo join('<br', $invited); ?></td>
</tr>
<tr>
<th align="Left">Level:</th>
<td><?php echo $clan['level']; ?></td>
</tr>
<tr>
<th align="Left">Homepage:<a
href="index.php?as=clan/clan_info&action=edit&what=Homepage">(edit)</a>
</th>
<?php
if($clan['homepage'] != 'Keine'){
echo '<td><a href="'.$clan['homepage'].'" target=_blank>'.$clan['homepage'].'</a></td>';
} else{
echo '<td>Keine</td>';
}
?>
</tr>
<tr>
<th align="Left">Info:<a
href="index.php?as=clan/clan_info&action=edit&what=Info">(edit)</a></th>
<td><?php echo $clan['info']; ?></td>
</tr>
<tr>
<th align="left">Clan aufl&ouml;sen</th>
<td><a
href="javascript:if(confirm('Wirklich l&ouml;schen?')==true) window.location.href='index.php?as=clan/clan_info&action=kill'">Clan
l&ouml;schen</a></td>
</tr>
<tr><td>&nbsp;</td></tr>
<tr>
<td colspan="2">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="GET">
<input type="hidden" name="as" value="clan/clan_info"> <input
type="hidden" name="action" value="newsletter">
<table cellpadding="0" cellspacing="0" width="100%" height="69">
<tr>
<th height="18" valign="top" width="603" colspan="2"
class="content">Nachricht an alle Clanmember schicken</th>
</tr>
<tr>
<td height="25" valign="top" colspan="2" align="center">&nbsp;<textarea
class="input" rows="8" name="text" cols="40"></textarea></td>
</tr>
<tr>
<td height="25" valign="top" colspan="2" align="center">&nbsp;<input
class="input" type="submit" value="abschicken"></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
<?php
}
function displayClanProfile($clanid, $user){
$sql = 'SELECT * FROM clan where clan.id = '.$clanid;
// echo $sql.'<br>';
$clan = mysql_fetch_assoc(mysql_query($sql));
$editable = $clan['leader'] == $user['id'] || $clan['co_leader'] == $user['id'];
if(!$editable){
displayClanProfileReadOnly($clan, $user['clan'] == $clan['id'], $user['id']);
} else{
displayClanProfileEditable($clan, $user['id']);
}
}
function setMeAsLeader($user){
mysql_query('UPDATE clan set leader = '.$user['id'].' WHERE id = '.$user['clan'].' and leader is null and co_leader is null');
}
function sendClanNewsletter($user, $text){
$qry = mysql_query('SELECT * FROM clan WHERE id = ' . $user['clan']);
$clan = mysql_fetch_assoc($qry);
$errors = FALSE;
$sql = 'SELECT id FROM user WHERE clan='.$user['clan'];
$clans = mysql_query($sql);
while($row = mysql_fetch_assoc($clans)) {
$errors |= !sendMessage($user['nickname'], $row['id'], $clan['clanname'].' Nachricht', $text);
}
if($errors) {
displayErrorMessage(NULL,'Beim Versenden sind Fehler aufgetreten', '<a href="index.php?as=clan/clan_info">weiter...</a>');
} else { } else {
displayClanProfile($clan_id); displayErrorMessage(NULL,'Nachricht erfolgreich verschickt', '<a href="index.php?as=clan/clan_info">weiter...</a>');
}
}
function setProfile($what, $value1, $value2, $clanid, $root){
switch($what){
case 'Homepage':
mysql_query('UPDATE clan SET homepage = \''.$value1.'\' where id = '.$clanid);
return;
case 'Clanzeichen':
mysql_query('UPDATE clan SET clanz_pre = \''.$value1.'\', clanz_suff = \''.$value2.'\' where id = '.$clanid);
return;
case 'Banner':
mysql_query('UPDATE clan SET banner = \''.$value1.'\' where id = '.$clanid);
return;
case 'Info':
mysql_query('UPDATE clan SET Info = \''.$value1.'\' where id = '.$clanid);
return;
case 'Leadership':
if($value1 == 0){$value1 = 'null';}
if($value2 == 0){$value2 = 'null';}
if(!$root){
$sql = 'UPDATE clan SET co_leader = '.$value2.' where id = '.$clanid;
mysql_query($sql);
} else{
$sql = 'UPDATE clan SET leader = '.$value1.', co_leader = '.$value2.' where id = '.$clanid;
// echo $sql.'<br>';
mysql_query($sql);
}
return;
default:
echo 'Error!';
return;
}
}
function displayEdit($what, $clanid, $root){
$clan_qry = mysql_query('Select * from clan where id = '.$clanid);
$clan = mysql_fetch_assoc($clan_qry);
$content = '';
switch($what){
case 'Homepage':
$content = '<tr><td colspan="2"><input class="input" name="value1" value="'.$clan['homepage'].'"/></td></tr>';
break;
case 'Clanzeichen':
$content = '<tr><td>Prefix: <input class="input" name="value1" value="'.$clan['clanz_pre'].'"/></td><td>Suffix: <input class="input" name="value2" value="'.$clan['clanz_suff'].'"/></td></tr>';
break;
case 'Banner':
$content = '<tr><td colspan="2"><input class="input" name="value1" value="'.$clan['banner'].'"/></td></tr>';
break;
case 'Leadership':
$member_qry = mysql_query('Select id, nickname from user where clan = '.$clanid);
$member[] = '<option value="0" selected>Niemand</option>';
$member2[] = '<option value="0" selected>Niemand</option>';
while($row = mysql_fetch_assoc($member_qry)){
if($row['id'] == $clan['leader']) {
$member[] = '<option value="'.$row['id'].'" selected="selected">'.$row['nickname'].'</option>';
} else {
$member[] = '<option value="'.$row['id'].'">'.$row['nickname'].'</option>';
}
if($row['id'] == $clan['co_leader']) {
$member2[] = '<option value="'.$row['id'].'" selected="selected">'.$row['nickname'].'</option>';
} else {
$member2[] = '<option value="'.$row['id'].'">'.$row['nickname'].'</option>';
}
}
if($root){
$content = '<tr><td>Leader:</td><td><select class="input" name="value1" />'.join('',$member).'</select></td></tr>';
}
$content .= '<tr><td>Co-Leader:</td><td><select class="input" name="value2" />'.join('',$member2).'</select></td></tr>';
break;
case 'Info':
$content = '<tr><td colspan="2"><textarea class="input" name="value1"></textarea></td></tr>';
break;
case 'Clan Passwort':
$content = '<tr><td colspan="2"><input class="input" name="value1" /></td></tr>';
break;
default:
$content = '<tr><td colspan="2">Error '.$what.' unknown!</td></tr>';
break;
}
?>
<form action="index.php" method="GET">
<input type="hidden" name="as" value="clan/clan_info" /> <input
type="hidden" name="action" value="edit" /> <input type="hidden"
name="what" value="<?php echo $what; ?>" />
<table>
<tr>
<th colspan="2"><?php echo $what; ?> &Auml;ndern</th>
</tr>
<?php echo $content; ?>
<tr>
<td align="center" colspan="2"><input class="input" type="submit"
value="Edit" />
</td>
</tr>
</table>
</form>
<?php
}
function fireMember($user, $member){
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user['clan']));
if($member != $row['leader'] && $member != $row['co_leader'] && ($user['id'] == $row['leader'] || $user['id'] == $row['co_leader'] || $member == $user['id'])){
$sql = 'Update user set clan = NULL where id = '.$member.' AND clan = '.$user['clan'];
// echo $sql.'<br>';
mysql_query($sql);
if(mysql_affected_rows() > 0){ // Soll nur ausgeführt werden, wenn member wirklich gekickt wurde!!
$sql = 'Update chars set clan_train = NULL where besitzer = '.$member;
mysql_query($sql);
}
} else{
echo displayErrorMessage(NULL, 'Du kannst den Member nicht feuern!', displayHistoryBackLink());
} }
} }
function deleteClan($user){
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user['clan']));
if($user['id'] == $row['leader']){
mysql_query('DELETE FROM clan where id = '.$user['clan']);
} else{
echo displayErrorMessage(NULL, 'Du kannst den Clan nicht aufl&ouml;sen!', displayHistoryBackLink());
}
}
//if($edit == 1){
// $row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user_ida['clan']));
// if($row['leader'] != $user_ida['id'] && $row['co_leader'] != $user_ida['id']){
// displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink());
// } else if(isset($value1)){
// setProfile($what, $value1, $value2, $user_ida['clan'], $row['leader'] == $user_ida['id'] || $row['leader'] === null);
// } else{
// displayEdit($what, $user_ida['clan'],$row['leader'] == $user_ida['id'] || $row['leader'] === null);
// $displayMore = false;
// }
//} else if($putsch == 1){
// setMeAsLeader($user_ida);
//} else if($fire == 1){
// fireMember($user_ida, $member);
//} else if($kill == 1){
// deleteClan($user_ida);
//} else if($reject == 1) {
// $errorMsg = revokeInvitation($user_ida, $member);
// if($errorMsg !== NULL) {
// echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink());
// $displayMore = false;
// } else {
// displayErrorMessage('','Du hast die Einladung erfolgreich zur&uuml;ckgezogen!', '<a href="index.php?as=clan/clan_info">weiter</a>');
// $displayMore = false;
// }
//}
if($action !== NULL) { // this is done to not require to reprogramm the whole stuff!
switch ($action) {
case 'edit':
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user_ida['clan']));
if($row['leader'] != $user_ida['id'] && $row['co_leader'] != $user_ida['id']){
displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink());
} else if(isset($value1)){
setProfile($what, $value1, $value2, $user_ida['clan'], $row['leader'] == $user_ida['id'] || $row['leader'] === null);
} else{
displayEdit($what, $user_ida['clan'],$row['leader'] == $user_ida['id'] || $row['leader'] === null);
$displayMore = false;
}
break;
case 'fire':
fireMember($user_ida, $member);
break;
case 'putsch':
setMeAsLeader($user_ida);
break;
case 'kill':
deleteClan($user_ida);
break;
case 'reject':
$errorMsg = revokeInvitation($user_ida, $member);
if($errorMsg !== NULL) {
echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink());
$displayMore = false;
} else {
displayErrorMessage('','Du hast die Einladung erfolgreich zur&uuml;ckgezogen!', '<a href="index.php?as=clan/clan_info">weiter</a>');
$displayMore = false;
}
break;
case 'newsletter':
sendClanNewsletter($user_ida, $text);
$displayMore = false;
break;
default:
break;
}
}
if($displayMore){
displayClanProfile($clan_id, $user_ida);
}
?> ?>

@ -1,28 +0,0 @@
<?php
/*
* Created on 07.03.2009
*
* @copyright (c) 2009 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/designfunctions.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/config.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php');
$charm = $_GET['charm'];
if(!$charm) {
displayErrorMessage(NULL,'Clan wirklich l&ouml;schen?', '<a href="index.php?as=clan/del&charm=1">Ja</a> | '.displayHistoryBackLink());
}
if($charm == 1) {
$dl = mysql_fetch_array(mysql_query("SELECT id FROM clan WHERE id='$user_ida[clan]' AND leader='$user_ida[id]' LIMIT 1"));
if($dl['id']) {
mysql_query("DELETE FROM clan WHERE id='$user_ida[clan]' AND leader='$user_ida[id]' LIMIT 1");
mysql_query("DELETE FROM clan_ware WHERE clan='$dl[id]'");
mysql_query("UPDATE user SET clan=NULL WHERE clan='$user_ida[clan]' LIMIT 1");
displayErrorMessage(NULL,'Clan erfolgreich gel&ouml;scht', '<a href="index.php?as=char_index">weiter...</a>');
}
}

@ -1,87 +0,0 @@
<?php
/*
*
* @copyright (c) 2009 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/char.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$user_id = validateUnsignedInteger($_GET['user_id'], null);
// Unkritisch
$charm = $_GET['charm'];
if ($charm) {
$clan = mysql_fetch_array(mysql_Query("SELECT leader FROM clan WHERE id='$user_ida[clan]'"));
$kick_u = mysql_fetch_array(mysql_Query("SELECT clan, nickname FROM user WHERE id='$user_id'"));
if (($clan['leader'] == $user_ida['id']) OR ($user_id == $user_ida['id']) AND $clan['leader'] != $user_id AND $kick_u['clan'] == $user_ida['clan']) {
mysql_query("UPDATE user SET clan=NULL WHERE id='$user_id'");
mysql_query('Update chars set clan_train = 0 where besitzer = '.$user_id);
displayErrorMessage(NULL, 'User erfolgreich aus den Clan gekickt!', displayHistoryBackLink());
exit;
}
}
?>
<table cellpadding="0" cellspacing="0" width="100%" height="69">
<!-- MSTableType="layout" -->
<tr>
<td height="18" valign="top" width="603" colspan="2">
<p align="center"><b>Clan Mitglieder</b></td>
</tr>
<?php
$clan = mysql_fetch_array(mysql_Query("SELECT clanzeichen, leader FROM clan where id='$user_ida[clan]' LIMIT 1"));
if ($clan[leader] == $user_ida[id]) {
$kick = "ja";
}
$clan1 = explode(",", $clan[clanzeichen]);
if ($user_ida['clan'] != 0) {
$user = mysql_query("SELECT id, nickname FROM user WHERE clan='$user_ida[clan]' LIMIT 50");
while ($row = mysql_fetch_array($user)) {
?>
<tr>
<td height="25" valign="top" width="161">
<p align="center"><b>Nickname</b></td>
<td height="25" valign="top" width="442">&nbsp;<?php echo displayUserLink($row['id'],$row['nickname'],$clan1[0],$clan1[1]); if(($kick == "ja" OR $user_ida[id] == $row[id]) AND ($clan[leader] != $row[id])) { echo " | <b><a href='index.php?as=clan/index&charm=1&user_id=$row[id]'>kicken</a></b>"; } ?></td>
</tr>
<?php
$chars = getCharsOfUser($row['id']);
foreach ($chars as $row2) {
?>
<tr>
<td height="25" width="161" valign="top">
<p align="center"><b>Charakter</b></td>
<td height="25" width="442" valign="top">&nbsp;<?php echo displayCharLink($row2['id'],$row2['name'],NULL,$clan1[0],$clan1[1]); ?></td>
</tr>
<?php
}
?>
<tr>
<td height="25" width="161" valign="top">
<p align="center"><b></b></td>
<td height="25" width="442" valign="top"></td>
</tr>
<?php
}
}
if ($clan[leader] == $user_ida[id]) {
?>
<?php
}
?>
</table>

@ -5,7 +5,6 @@
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
* *
*/ */
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php');
@ -13,7 +12,6 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php');
// GET-Section // GET-Section
// Kritisch (SQL-Injections) // Kritisch (SQL-Injections)
$clan_name = validateName($_GET['clan_name']); $clan_name = validateName($_GET['clan_name']);
$clan_pw = validateString($_GET['clan_pw']);
$clan_for = validateString($_GET['clan_for']); $clan_for = validateString($_GET['clan_for']);
$clan_back = validateString($_GET['clan_back']); $clan_back = validateString($_GET['clan_back']);
$clan_info = validateString($_GET['clan_info']); $clan_info = validateString($_GET['clan_info']);
@ -24,20 +22,6 @@ $charm = $_GET['charm'];
if ($charm == 1) { if ($charm == 1) {
$clanz = mysql_fetch_assoc(mysql_Query("SELECT id FROM clan ORDER BY id DESC LIMIT 1"));
$clan_upps = mysql_fetch_assoc(mysql_query("SELECT id FROM clan WHERE clanname='$clan_name' OR clanzeichen='$clan_for,$clan_back'"));
$clan_num = $clanz['id'] + 1;
if ($clan_upps[id]) {
displayErrorMessage(NULL, 'Clanname oder Clan Zeichen gibt es schon.', displayHistoryBackLink());
exit;
}
if (!$clan_pw) {
displayErrorMessage(NULL, 'Clan Passwort Eingeben!', displayHistoryBackLink());
exit;
}
if (!$clan_for AND !$clan_back) { if (!$clan_for AND !$clan_back) {
displayErrorMessage(NULL, 'Sie m&uuml;ssen ein Clanzeichen haben.', displayHistoryBackLink()); displayErrorMessage(NULL, 'Sie m&uuml;ssen ein Clanzeichen haben.', displayHistoryBackLink());
exit; exit;
@ -53,61 +37,52 @@ if ($charm == 1) {
exit; exit;
} }
$clan_name = preg_replace("#<#", "&lt;", $clan_name); $sql = 'INSERT into clan(clanname,clanz_pre,clanz_suff,info, leader) values(\''.$clan_name.'\', \''.$clan_for.'\', \''.$clan_back.'\', \''.$clan_info.'\', '.$user_ida['id'].')';
$clan_pw = preg_replace("#<#", "&lt;", $clan_pw); // echo $sql.'<br>';
$clan_info = preg_replace("#<#", "&lt;", $clan_info); mysql_query($sql);
if(mysql_affected_rows() > 0){ // Erstellen des Clans geglueckt
mysql_query("INSERT INTO clan SET clanname='$clan_name', clanzeichen='$clan_for,$clan_back', pw='$clan_pw', info='$clan_info', leader='$user_ida[id]'") OR DIE (mysql_error()); $c_id = mysql_fetch_assoc(mysql_query('Select * from clan where clanname = \''.$clan_name.'\''));
$c_id = mysql_fetch_assoc(mysql_query('Select * from clan where clanname = \''.$clan_name.'\'')); mysql_query('UPDATE user SET clan='.$c_id['id'].' WHERE id='.$user_ida['id']);
mysql_query('UPDATE user SET clan='.$c_id['id'].' WHERE id='.$user_ida['id']); displayErrorMessage(NULL, 'Clan erfolgreich Erstellt.', '<a href="index.php?as=clan/clan_info">weiter...</a>');
} else{
displayErrorMessage(NULL, 'Clan erfolgreich Erstellt.', '<a href="index.php?as=clan/index">weiter...</a>'); $sql = 'Select * from clan where clanname = \''.$clan_name.'\'';
$c_id = mysql_fetch_assoc(mysql_query($sql));
if($c_id){
$error = 'Clanname besteht schon!';
} else{
$error = 'Insert failed!';
}
displayErrorMessage(NULL, 'Clan erstellen fehlgeschlagen! ('.$error.')', displayHistoryBackLink());
}
exit; exit;
} }
?> ?>
<html>
<body>
<form action="index.php" method="GET"> <form action="index.php" method="GET">
<input type="hidden" name="as" value="clan/new" /> <input type="hidden" name="as" value="clan/new" />
<input type="hidden" name="charm" value="1" /> <input type="hidden" name="charm" value="1" />
<table cellpadding="0" cellspacing="0" width="100%"> <table cellpadding="0" cellspacing="0" width="100%">
<!-- MSTableType="layout" -->
<tr> <tr>
<td height="25" valign="top" width="557" colspan="2"> <th height="25" valign="top" width="557" colspan="2" align="center">Clan gr&uuml;nden</th>
<p align="center"><b>Clan Gr&uuml;nden</b></td>
</tr> </tr>
<tr> <tr>
<td height="25" width="162" valign="top"> <th height="25" width="162" valign="top" align="center">Clanname</th>
<p align="center"><b>Clanname</b></td>
<td height="25" width="395" valign="top">&nbsp;<input name="clan_name"></td> <td height="25" width="395" valign="top">&nbsp;<input name="clan_name"></td>
</tr> </tr>
<tr> <tr>
<td height="25" width="162" valign="top"> <th height="25" width="162" valign="top" align="center">Clanzeichen vorn</th>
<p align="center"><b>Clan Passwort</b></td> <td height="25" width="395" valign="top">&nbsp;<input name="clan_for" size="5" maxlength="10"></td>
<td height="25" width="395" valign="top">&nbsp;<input name="clan_pw"></td>
</tr> </tr>
<tr> <tr>
<td height="25" width="162" valign="top"> <th height="25" width="162" valign="top" align="center">Clanzeichen hinten</th>
<p align="center"><b>Clanzeichen vorn</b></td> <td height="25" width="395" valign="top">&nbsp;<input name="clan_back" size="5" maxlength="10"></td>
<td height="25" width="395" valign="top">&nbsp;<input name="clan_for" size=5 maxlength=10></td>
</tr> </tr>
<tr> <tr>
<td height="25" width="162" valign="top"> <th height="25" width="162" valign="top" align="center">Clan Info</th>
<p align="center"><b>Clanzeichen hinten</b></td> <td height="25" width="395" valign="top">&nbsp;<textarea rows="5" cols="30" name="clan_info"></textarea></td>
<td height="25" width="395" valign="top">&nbsp;<input name="clan_back" size=5 maxlength=10></td>
</tr> </tr>
<tr> <tr>
<td height="25" width="162" valign="top"> <td height="25" width="162" align="center" colspan="2"><input type="submit" value="Clan gr&uuml;nden"></td>
<p align="center"><b>Clan Info</b></td>
<td height="25" width="395" valign="top">&nbsp;<textarea rows=5 cols=30 name="clan_info"></textarea></td>
</tr>
<tr>
<td height="25" width="162">&nbsp;</td>
<td height="25" width="395" valign="top">&nbsp;<input type=submit value="Clan Gr&uuml;nden"></td>
</tr> </tr>
</table> </table>
</form> </form>
</body>
</html>

@ -11,41 +11,133 @@ include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/designfunctions.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php'); include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/messagefunctions.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/messagefunctions.inc.php');
// GET-Section // GET-Section
// Kritisch (SQL-Injections) // Kritisch (SQL-Injections)
$text = validateString($_REQUEST['text']); $text = validateString($_GET['text']);
$username = validateName($_GET['username'], NULL);
// Unkritisch // Unkritisch
$charm = $_REQUEST['charm']; $action = $_GET['action'];
if($charm) { function handleInvitation($user, $username, $clan){
if($user_ida['clan'] <= 0){ if($clan['leader'] != $user['id'] && $clan['co_leader'] != $user['id']){
return; displayErrorMessage(NULL, 'Nur der Leader, bzw. der Co-Leader kann neue Member einladen!');
return false;
}
if($user['clan'] == NULL){
displayErrorMessage(NULL, 'Fehler! Nutzer existiert nicht!');
return false;
} }
$clans = mysql_query('SELECT id FROM user WHERE clan='.$user_ida['clan']); $row = mysql_fetch_assoc(mysql_query('SELECT * FROM user where nickname = \''. $username.'\''));
while($row = mysql_fetch_array($clans)) { $userid = $row['id'];
sendMessage($user_ida['nickname'], $row['id'], 'Clan Nachricht', $text); if($row['clan'] == $user['clan']){
// mysql_query("INSERT nachricht SET von='$user_ida[nickname]', besitzer='$row[id]', betreff='Clan Nachricht', text='$text'"); displayErrorMessage(NULL, 'Fehler! Nutzer ist schon in deinem Clan!', displayHistoryBackLink());
return false;
}
if($row){
$sql = 'INSERT INTO user_clan_invitations(userid, clanid, valid) values('.$userid.','.$user['clan'].',TIMESTAMPADD(DAY, 5, now()))';
// echo $sql.'<br>';
mysql_query($sql);
if(mysql_affected_rows() <= 0){ // Fehler?
$sql = 'UPDATE user_clan_invitations SET valid = TIMESTAMPADD(DAY, 5, now()) where userid = '.$userid.' and clanid = '.$user['clan'];
// echo $sql.'<br>';
mysql_query($sql);
if(mysql_affected_rows() <= 0){ // Fehler?
displayErrorMessage(NULL, 'Fehler! Konnte Nutzer nicht einladen!', displayHistoryBackLink());
return false;
} else{
displayErrorMessage('','Nutzereinladung aufgefrischt!', '<a href="index.php?as=clan/post">weiter</a>');
sendMessage($user['id'], $userid, 'Einladung in Clan', 'Die Einladung des Clans '.$clan['clanname'].' wurde aufgefrischt! Klicke auf "Clan beitreten" um die Einladung anzunehmen!');
}
} else{
displayErrorMessage('','Nutzer erfolgreich eingeladen!', '<a href="index.php?as=clan/post">weiter</a>');
sendMessage($user['id'], $userid, 'Einladung in Clan', 'Du wurdest eingeladen dich dem Clan '.$clan['clanname'].' anzuschliessen! Klicke auf "Clan beitreten" um die Einladung anzunehmen!');
} }
}
return true;
}
function sendClanNewsletter($user, $clan, $text){
if($clan == NULL){
return;
}
$sql = 'SELECT id FROM user WHERE clan='.$clan['id'];
$clans = mysql_query($sql);
while($row = mysql_fetch_assoc($clans)) {
sendMessage($user['id'], $row['id'], $clan['clanname'].' Nachricht', $text);
}
displayErrorMessage(NULL,'Nachricht erfolgreich verschickt', '<a href="index.php?as=clan/post">weiter...</a>'); displayErrorMessage(NULL,'Nachricht erfolgreich verschickt', '<a href="index.php?as=clan/post">weiter...</a>');
exit;
} }
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST"> function revertInvitation($user, $clan, $userid){
if($clan['leader'] != $user['id'] && $clan['co_leader'] != $user['id']){
displayErrorMessage(NULL, 'Nur der Leader, bzw. der Co-Leader kann Einladungen zur&uuml;ckziehen!!', displayHistoryBackLink());
return false;
}
mysql_query('DELETE FROM user_clan_invitations WHERE clan = '.$clan['id'].' AND userid = '.$userid);
if(mysql_affected_rows() > 0){
displayErrorMessage('Zur&uuml;ckgezogen','Du hast die Einladung erfolgreich zur&uuml;ckgezogen!','<a href="index.php?as=clan/post">weiter</a>');
} else{
displayErrorMessage(NULL,'Einladung konnte nicht zur&uuml;ckgezogen werden!',displayHistoryBackLink());
return false;
}
return true;
}
$clan = mysql_fetch_assoc(mysql_query('SELECT * from clan where id = '.$user_ida['clan']));
if($action == 'newsletter') {
sendClanNewsletter($user_ida, $clan, $text);
} else if($action == 'invite'){
handleInvitation($user_ida, $username, $clan);
} else if($action == 'reject'){
revertInvitation($user_ida, $username, $clan);
} else {
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="GET">
<input type="hidden" name="as" value="clan/post"> <input type="hidden" name="as" value="clan/post">
<input type="hidden" name="charm" value="1"> <input type="hidden" name="action" value="invite">
<table cellpadding="0" cellspacing="0" width="100%" height="69"> <table cellpadding="0" cellspacing="0" width="100%" height="69">
<!-- MSTableType="layout" --> <tr>
<tr> <th height="18" width="603" class="content">
<td height="18" valign="top" width="603" colspan="2" align="center"> Nutzer in Clan einladen!
<b>Nachricht an Alle clan member</b></td> </th>
</tr> </tr>
<tr>
<td height="25" align="center">&nbsp;<input class="input" name="username"/></td>
</tr>
<tr>
<td height="25" valign="top" colspan="2" align="center">&nbsp;<input class="input" type="submit" value="abschicken"></td>
</tr>
</table>
</form>
<table cellpadding="0" cellspacing="0" width="100%">
<tr> <tr>
<td height="25" valign="top" colspan="2" align="center">&nbsp;<textarea id="input" rows="8" name="text" cols="40"></textarea></td> <th height="30" width="585" colspan="5" class="content">Versendete Claneinladungen</th>
</tr> </tr>
<tr> <tr>
<td height="25" valign="top" colspan="2" align="center">&nbsp;<input id="input" type="submit" value="abschicken"></td> <th height="30" class="content">Username</th>
</tr> <th height="30" colspan="2" class="content">Deadline</th>
<th height="30" colspan="2" class="content">Aktion</th>
<?php
$sql = 'SELECT * FROM user_clan_invitations WHERE clanid = '.$user_ida['clan'].' and valid > now();';
$qry = mysql_query($sql);
while($row = mysql_fetch_assoc($qry)){
?>
<tr>
<td height="30" align="center" class="content"><?php echo displayUserLinkById($row['userid']); ?></td>
<td height="30" align="center" colspan="2" class="content"><?php echo $row['valid']; ?></td>
<td height="30" align="center" colspan="2" class="content"><a href="index.php?as=clan/post&action=reject&userid=<?php echo $row['userid']; ?>">zur&uuml;ckziehen</a></td>
</tr>
<?php
}
?>
</table> </table>
</form> <?php
}
?>

@ -1,220 +0,0 @@
<?php
/*
*
* @copyright (c) 2009 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$new_leader = validateUnsignedInteger($_GET['new_leader'], null);
$co_leader = validateUnsignedInteger($_GET['co_leader'], null);
$clan_pw = validateString($_GET['clan_pw']);
$clan_name = validateName($_GET['clan_name']);
$clan_banner = validateURL($_GET['clan_banner']);
$clan_b = validateString($_GET['clan_b']);
$clan_page = validateString($_GET['clan_page']);
$clan_v = validateString($_GET['clan_v']);
$clan_info = validateString($_GET['clan_info']);
// Unkritisch
$charm = $_GET['charm'];
$clan = mysql_fetch_assoc(mysql_query('SELECT * FROM clan WHERE id=' . $user_ida['clan'] . ' LIMIT 1'));
$clan1 = mysql_query('SELECT nickname, id FROM user WHERE clan=' . $user_ida['clan']);
$clan2 = mysql_query('SELECT nickname, id FROM user WHERE clan=' . $user_ida['clan']);
$clan_8 = explode(',', $clan['clanzeichen']);
if ($charm == 1) {
$clan_upps = mysql_fetch_assoc(mysql_query("SELECT id, (Select 10 - count(*) from user u where clan = c.id and ((c.leader is null || c.leader != u.id) and (c.co_leader is null || c.co_leader != u.id))) as freeslots FROM clan c WHERE clanname='$clan_name' OR clanzeichen='$clan_v,$clan_b' AND id!='$user_ida[clan]'"));
$cuu = mysql_fetch_assoc(mysql_query('SELECT clan FROM user WHERE id=' . $new_leader));
if ($cuu['clan'] != $user_ida['clan']) {
displayErrorMessage(NULL, 'Fehler User ist nicht im Clan.', displayHistoryBackLink());
exit;
}
if ($clan_upps['id'] AND $clan_upps['id'] != $user_ida['clan']) {
displayErrorMessage(NULL, 'Clanname oder Clan Zeichen gibt es schon.', displayHistoryBackLink());
exit;
}
if (!$clan_pw) {
displayErrorMessage(NULL, 'Clanpasswort eingeben!', displayHistoryBackLink());
exit;
}
if (!$clan_v AND !$clan_b) {
displayErrorMessage(NULL, 'Sie m&uuml;ssen ein Clanzeichen haben.', displayHistoryBackLink());
exit;
}
if (!$clan_name) {
displayErrorMessage(NULL, 'Sie m&uuml;ssen einen Clanname haben.', displayHistoryBackLink());
exit;
}
if ($clan['leader'] != $user_ida['id'] AND $clan['co_leader'] != $user_ida['id']) {
displayErrorMessage(NULL, 'Sie sind weder Leader noch Co-Leader!', displayHistoryBackLink());
exit;
}
// Check new conditions (10 Members + 1 Co + 1 Leader Slot available)
if($clan['leader'] != $clan['co_leader'] && $new_leader == $co_leader && $clan_upps['freeslots'] <= 0){
// Failure
displayErrorMessage(NULL, 'Alleinherrschaft ist leider nicht möglich, da sich zuviele User im Clan befinden!', displayHistoryBackLink());
exit;
}
mysql_query("UPDATE clan SET clanname='$clan_name', clanzeichen='$clan_v,$clan_b', pw='$clan_pw', info='$clan_info', leader='$new_leader', co_leader='$co_leader', homepage='$clan_page', banner='$clan_banner' WHERE id='$user_ida[clan]'");
displayErrorMessage(NULL, 'Clan erfolgreich ge&auml;ndert.', '<a href="index.php?as=clan/profil">weiter...</a>');
exit;
}
?>
<html>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="GET">
<input type="hidden" name="as" value="clan/profil">
<input type="hidden" name="charm" value="1">
<table cellpadding="0" cellspacing="0" width="100%" height="51">
<tr>
<td valign="top" colspan="2" height="32">
<p align="center"><b>Ihr Profil</b></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Level</b></td>
<td valign="top" height="25" width="191">
&nbsp;<?php echo "$clan[level]"; ?></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Exp</b></td>
<td valign="top" height="25" width="191">
&nbsp;<?php echo "$clan[min_exp] / $clan[max_exp]"; ?></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Clanname</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name="clan_name" value="<?php echo $clan[clanname]; ?>"></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Passwort</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name="clan_pw" value="<?php echo $clan[pw]; ?>" size='20'></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Homepage</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name='clan_page' value="<?php echo $clan['homepage']; ?>" size='20'></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Banner (468 x 60)</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name='clan_banner' value="<?php echo $clan['banner']; ?>" size='20'></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Clanzeichen vorn</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name='clan_v' size='20' maxlength=10 value="<?php echo $clan_8[0]; ?>"></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Clanzeichen hinten</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name='clan_b' size='20' maxlength=10 value="<?php echo $clan_8[1]; ?>"></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Leader</b></td>
<td valign="top" height="25" width="191">
&nbsp;<select id="input" name="new_leader">
<option value=""></option>
<?php
$x = 0;
while ($row = mysql_fetch_array($clan1)) {
if ($row[id] == $clan[leader]) {
$selected[$x] = "selected";
}
echo "<option value=$row[id] $selected[$x]>$row[nickname]";
$x++;
}
?>
</select>
</td></tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Co. Leader</b></td>
<td valign="top" height="25" width="191">
&nbsp;<select id="input" name="co_leader">
<option value=""></option>
<?php
$y = 0;
while ($row = mysql_fetch_array($clan2)) {
if ($row[id] == $clan[co_leader]) {
$selecteds[$y] = "selected";
}
echo "<option value=$row[id] $selecteds[$y]>$row[nickname]";
$y++;
}
?>
</select>
</td></tr>
<tr>
<td height="25" width="162" valign="top">
<p align="center"><b>Clan Info</b></td>
<td height="25" width="395" valign="top">&nbsp;<textarea id="input" rows="5" cols="30" name="clan_info"><?php echo $clan[info]; ?></textarea></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b></b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" type=submit value='speichern'>
</td></tr>
</table>
<?php
if ($clan['leader'] == $user_ida['id']) {
?>
<hr style="width:500px; color:#333333; border-style:solid;">
<table>
<tr>
<td valign="top" height="25" width="195">
<p align="center"></td>
<td valign="top" height="25" width="191">
<p align="left">
<tr>
<td valign="top" height="25" width="195">
<p align="center"></td>
<td valign="top" height="25" width="191">
<p align="left"><a href="index.php?as=clan/del">Clan l&ouml;schen<p></a>
<?php
}
?>
</td></tr>
</table>
</form>
</body>
</html>

@ -49,8 +49,8 @@ if ($name AND $passwort) {
<a href='index.php?as=wanted_kampf_anzeige'>Meine Wanted K&auml;mpfe</a><br> <a href='index.php?as=wanted_kampf_anzeige'>Meine Wanted K&auml;mpfe</a><br>
"; ";
$charakter_009 = "<a href=index.php?as=char_overview>Charakter &Uuml;bersicht</a><br>".$charakter_009; $charakter_009 = "<a href=index.php?as=char_overview>Charakter &Uuml;bersicht</a><br>".$charakter_009;
$training_009 = ""; $training_009 = "";
$turnier_009 = '<a href="index.php?as=turnier&art=wochen">Wochen Turnier Anmeldung</a><br>' . $turnier_009 = '<a href="index.php?as=turnier&art=wochen">Wochen Turnier Anmeldung</a><br>' .
@ -79,21 +79,22 @@ if ($name AND $passwort) {
<?php <?php
$clan_009 = " $clan_009 = "
<a href=index.php?as=clan/post>Clan Nachricht</a><br> <a href=index.php?as=clan/clan_info>Mein Clan</a><br>
<a href=index.php?as=clan/c_markt>Clan Markt</a><br> <a href=index.php?as=clan/c_markt>Clan Markt</a><br>
<a href=index.php?as=clan/c_ware>Clan Item Nutzung</a><br> <a href=index.php?as=clan/c_ware>Clan Item Nutzung</a><br>
<a href=index.php?as=clan/profil>Clan Profil</a><br>
<a href=index.php?as=clan/c_ticker>Clan Ticker</a><br>
<a href=index.php?as=clan/index>Clan Mitglieder</a><br>
<a href=index.php?as=clan/spende>Geld Spenden</a><br> <a href=index.php?as=clan/spende>Geld Spenden</a><br>
<a href=index.php?as=clan/c_kampf&id=fights>Clan K&auml;mpfe Anzeige</a><br>"; <a href=index.php?as=clan/c_ticker>Clan Ticker</a><br>
<a href=index.php?as=clan/add>Clan Wechseln</a><br>
";
} }
// $clan_009 .= "<a href=index.php?as=clan/c_kampf&id=fights>Clan K&auml;mpfe Anzeige</a><br>";
// Ist user der leader? // Ist user der leader?
$chiefs = mysql_fetch_assoc(mysql_query('Select co_leader, leader from clan where id = '.$user_ida['clan'])); // $chiefs = mysql_fetch_assoc(mysql_query('Select co_leader, leader from clan where id = '.$user_ida['clan']));
if($chiefs['co_leader'] == $user_ida['id'] || $chiefs['leader'] == $user_ida['id']){ // if($chiefs['co_leader'] == $user_ida['id'] || $chiefs['leader'] == $user_ida['id']){
$clan_009 .= '<a href=index.php?as=clan/c_kampf>Clan K&auml;mpfe</a><br>'; // $clan_009 .= '<a href=index.php?as=clan/c_kampf>Clan K&auml;mpfe</a><br>';
} // }
$info_009 = " $info_009 = "
<a href=index.php?as=auser>Alle User</a><br> <a href=index.php?as=auser>Alle User</a><br>
@ -117,26 +118,26 @@ if ($name AND $passwort) {
$points = mysql_Fetch_array(mysql_Query("SELECT pkt FROM user WHERE nickname='$name' LIMIT 1")); $points = mysql_Fetch_array(mysql_Query("SELECT pkt FROM user WHERE nickname='$name' LIMIT 1"));
$points2[pkt] = number_format($points[pkt], 0, "", "."); $points2[pkt] = number_format($points[pkt], 0, "", ".");
$points3 = $points2[pkt]; $points3 = $points2[pkt];
if ($name == 'Pegasus') { if ($name == 'Pegasus') {
$status_009 .= "<a href='index.php?as=status'>Status</a><br>"; $status_009 .= "<a href='index.php?as=status'>Status</a><br>";
} }
$status_009 .= "Geld: $geldstring<br>"; $status_009 .= "Geld: $geldstring<br>";
// $status_009 .= "IP: $points3 <br>"; // $status_009 .= "IP: $points3 <br>";
$status_009 .= '<a href="index.php?as=profil">Profil</a><br>'; $status_009 .= '<a href="index.php?as=profil">Profil</a><br>';
$status_009 .= '<a href="index.php?as=ticker">User Ticker</a><br>'; $status_009 .= '<a href="index.php?as=ticker">User Ticker</a><br>';
$status_009 .= '<a href="index.php?as=nachricht">User Postfach</a><br>'; $status_009 .= '<a href="index.php?as=nachricht">User Postfach</a><br>';
$status_009 .= '<a href="index.php?as=item">Meine Items</a><br>'; $status_009 .= '<a href="index.php?as=item">Meine Items</a><br>';
$status_009 .= '<a href="javascript:markt();">Markt</a><br>'; $status_009 .= '<a href="javascript:markt();">Markt</a><br>';
$status_009 .= '<a href="index.php?as=auktion">Auktions Markt</a><br>'; $status_009 .= '<a href="index.php?as=auktion">Auktions Markt</a><br>';
// $status_009 .= '<a href="index.php?as=shop">Shakkys Abzockbar</a><br>'; // $status_009 .= '<a href="index.php?as=shop">Shakkys Abzockbar</a><br>';
$status_009 .= '<a href="logout.php">Logout</a><br>'; $status_009 .= '<a href="logout.php">Logout</a><br>';
} else { } else {
$agc_009 = " $agc_009 = "
@ -148,9 +149,9 @@ if ($name AND $passwort) {
"; ";
} }
$active = mysql_fetch_assoc(mysql_query('select count(*) as anzahl from user where online_zeit between TIMESTAMPADD(DAY, -7, now()) and now()')); $active = mysql_fetch_assoc(mysql_query('select count(*) as anzahl from user where online_zeit between TIMESTAMPADD(DAY, -7, now()) and now()'));
$o_datum = preg_split('# #',$online_rekord_1_0['datum']); $o_datum = preg_split('# #',$online_rekord_1_0['datum']);
$info_019 = " $info_019 = "
<a href=\"$GLOBALS[faq_url]\">FAQ</a><br> <a href=\"$GLOBALS[faq_url]\">FAQ</a><br>
<a href=\"$GLOBALS[noobguide_url]\">Anf&auml;ngerguide</a><br> <a href=\"$GLOBALS[noobguide_url]\">Anf&auml;ngerguide</a><br>
<a href=index.php?as=support>AG Unterst&uuml;tzen</a><br> <a href=index.php?as=support>AG Unterst&uuml;tzen</a><br>

@ -0,0 +1,81 @@
<?php
/*
*
* @copyright (c) 2011 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
function revokeInvitation($user, $userid, $clan = NULL){
if($user['clan'] === NULL) {
return 'Du bist in keinem Clan!';
}
if($clan === NULL) {
$qry = mysql_query('Select * from clan where id = ' . $user['clan']);
$clan = mysql_fetch_assoc($qry);
}
if($clan['leader'] != $user['id'] && $clan['co_leader'] != $user['id']){
return 'Nur der Leader, bzw. der Co-Leader kann Einladungen zur&uuml;ckziehen!!';
}
$sql = 'DELETE FROM user_clan_invitations WHERE clanid = '.$clan['id'].' AND userid = '.$userid;
// echo $sql . '<br>';
mysql_query($sql);
if(mysql_affected_rows() > 0){
return NULL;
} else{
return 'Einladung konnte nicht zur&uuml;ckgezogen werden!';
}
}
/**
*
* Enter description here ...
* @param array $user the user that wants to invite
* @param int $userid the id of the user that should be invited
* @param array $clan the optional clan array (if available)
*/
function inviteUser(array $user, $userid, array $clan = NULL){
if($user['clan'] === NULL) {
return 'Du bist in keinem Clan!';
}
if($clan === NULL) {
$qry = mysql_query('Select * from clan where id = ' . $user['clan']);
$clan = mysql_fetch_assoc($qry);
}
if($clan['leader'] != $user['id'] && $clan['co_leader'] != $user['id']){
return 'Nur der Leader, bzw. der Co-Leader kann neue Member einladen!';
}
$row = mysql_fetch_assoc(mysql_query('SELECT * FROM user where id = \''. $userid.'\''));
if(!row) {
return 'Fehler! Nutzer exisitiert nicht!!';
}
if($row['clan'] == $user['clan']){
return 'Fehler! Nutzer ist schon in deinem Clan!';
}
$sql = 'INSERT INTO user_clan_invitations(userid, clanid, valid) values('.$userid.','.$user['clan'].',TIMESTAMPADD(DAY, 5, now()))';
// echo $sql.'<br>';
mysql_query($sql);
if(mysql_affected_rows() <= 0){ // Fehler?
$sql = 'UPDATE user_clan_invitations SET valid = TIMESTAMPADD(DAY, 5, now()) where userid = '.$userid.' and clanid = '.$user['clan'];
// echo $sql.'<br>';
mysql_query($sql);
if(mysql_affected_rows() <= 0){ // Fehler?
return 'Fehler! Konnte Nutzer nicht einladen!';
} else{
sendMessage($user['id'], $userid, 'Einladung in Clan', 'Die Einladung des Clans '.$clan['clanname'].' wurde aufgefrischt! Klicke auf "Clan beitreten" um die Einladung anzunehmen!');
return NULL;
}
} else{
sendMessage($user['id'], $userid, 'Einladung in Clan', 'Du wurdest eingeladen dich dem Clan '.$clan['clanname'].' anzuschliessen! Klicke auf "Clan beitreten" um die Einladung anzunehmen!');
return NULL;
}
}
?>

@ -12,4 +12,12 @@
* Der Pfad muss auf eine Date zeigen, in der die Rassen (aehnlich wie bei der rassen.inc.php aufgelistet sind!) * Der Pfad muss auf eine Date zeigen, in der die Rassen (aehnlich wie bei der rassen.inc.php aufgelistet sind!)
*/ */
# $GLOBALS['races_location_file'] = $_SERVER['DOCUMENT_ROOT'].'ag/include/config/myraces.inc.php'; # $GLOBALS['races_location_file'] = $_SERVER['DOCUMENT_ROOT'].'ag/include/config/myraces.inc.php';
// Farben
$GLOBALS['COLOR_SUPPORTER'] = 'gold';
$GLOBALS['COLOR_GM'] = 'lime';
$GLOBALS['COLOR_DEVELOPER'] = 'blue';
$GLOBALS['COLOR_CREATIVE'] = 'red';
?> ?>

@ -7,15 +7,61 @@
*/ */
// Diese Funktion muss in ein Darstellungspackage hinein und muss noch verlegt werden, Gestaltung in css-Datei // Diese Funktion muss in ein Darstellungspackage hinein und muss noch verlegt werden, Gestaltung in css-Datei
function displayUserLink($userid, $username, $clanpre = NULL, $clansu = NULL){
if($clanpre === NULL && $clansu === NULL){ /**
return '<a href="index.php?as=info&user_id='.$userid.'">'.$username.'</a>'; * use displayUserLinkByID instead
* @deprecated
*/
function displayUserLink($userid, $username = NULL, $clanpre = NULL, $clansu = NULL){
// backwards compat!!
return displayUserLinkByID($userid);
}
function displayUserNameByID($userid, $showClanTags = TRUE){
if($userid === null){return '';}
$sql = 'select nickname, user.id as userid, clan.clanz_pre, clan.clanz_suff, ads, gm from user left join clan on user.clan = clan.id where user.id = '.$userid;
$user_info = mysql_fetch_assoc(mysql_query($sql));
if($user_info['gm'] != 'nein'){
if($user_info['gm'] == 'ja'){
$color = 'style="color:'.$GLOBALS['COLOR_GM'].'"';
} else if($user_info['gm'] == 'et'){
$color = 'style="color:'.$GLOBALS['COLOR_DEVELOPER'].'"';
} else if($user_info['gm'] == 'ka'){
$color = 'style="color:'.$GLOBALS['COLOR_CREATIVE'].'"';
}
} else if($user_info['ads'] == 1){
$color = 'style="color:'.$GLOBALS['COLOR_SUPPORTER'].'"';
} else{ } else{
return '<a href="index.php?as=info&user_id='.$userid.'">'.$clanpre.' '.$username.' '.$clansu.'</a>'; $color = '';
}
$nickname = $user_info['nickname'];
if($user_info['clanz_pre'] !== NULL && $user_info['clanz_pre'] != '' && $showClanTags) {
$nickname = $user_info['clanz_pre'] . ' ' . $nickname;
}
if($user_info['clanz_suff'] !== NULL && $user_info['clanz_suff'] != '' && $showClanTags) {
$nickname = $nickname . ' ' . $user_info['clanz_suff'];
}
if($color == ''){
return $nickname;
} else{
return '<span '.$color.'>'.$nickname.'</span>';
} }
} }
function displayClanLink($clanid, $clanname){ // Diese Funktion muss in ein Darstellungspackage hinein und muss noch verlegt werden, Gestaltung in css-Datei
function displayUserLinkByID($userid, $showClanTags = TRUE){
return '<a href="index.php?as=info&user_id='.$userid.'">'.displayUserNameByID($userid, $showClanTags).'</a>';
}
function displayClanLink($clanid, $clanname = NULL){
if($clanname === NULL) {
$qry = mysql_query('SELECT clanname FROM clan WHERE id = ' . $clanid);
$row = mysql_fetch_assoc($qry);
$clanname = $row['clanname'];
}
return '<a href="index.php?as=clan/clan_info&clan_id='.$clanid.'">'.$clanname.'</a>'; return '<a href="index.php?as=clan/clan_info&clan_id='.$clanid.'">'.$clanname.'</a>';
} }
@ -27,7 +73,7 @@ function displayIndexBackLink(){
return '<a href="index.php">zur&uuml;ck</a>'; return '<a href="index.php">zur&uuml;ck</a>';
} }
function displayCharLink($charid, $charname, $img = NULL, $clanpre = NULL, $clansu = NUL){ function displayCharLink($charid, $charname, $img = NULL, $clanpre = NULL, $clansu = NULL){
if($clanpre !== NULL && $clansu !== NULL){ if($clanpre !== NULL && $clansu !== NULL){
$charname = $clanpre.' '.$charname.' '.$clansu; $charname = $clanpre.' '.$charname.' '.$clansu;
} }

@ -30,6 +30,7 @@ function sendMessage($von, $besitzer, $betreff, $text){
$sql = 'INSERT INTO nachricht(von, besitzer, betreff, text) VALUES (\''.$von.'\', '.$besitzer.', \''.$betreff.'\', \''.$text.'\')'; $sql = 'INSERT INTO nachricht(von, besitzer, betreff, text) VALUES (\''.$von.'\', '.$besitzer.', \''.$betreff.'\', \''.$text.'\')';
// echo $sql.'<br>'; // echo $sql.'<br>';
mysql_query($sql); mysql_query($sql);
return mysql_affected_rows() != 0;
} }
function colorize($text){ function colorize($text){
@ -139,4 +140,9 @@ function insertClanTickerMessage($clanid, $message, $offset = 0){
//$test = '<a href="test.html">Test</a>'; //$test = '<a href="test.html">Test</a>';
//echo encodeMessage($test).'<br>'; //echo encodeMessage($test).'<br>';
function sendInviteToClanMessage($leaderid, $userid) {
}
?> ?>

@ -8,7 +8,9 @@
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/char.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/char.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/clan.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php'); include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php');
@ -103,13 +105,13 @@ function display1($char_id){
} }
function display2($user_id, $userage){ function display2($user_id, $userage, $user_ida){
if($userage != NULL){ if($userage != NULL){
$user_a = mysql_fetch_assoc(mysql_query('SELECT * FROM user WHERE nickname=\''.$userage.'\'')); $user_a = mysql_fetch_assoc(mysql_query('SELECT * FROM user WHERE nickname=\''.$userage.'\''));
} else{ } else{
$user_a = mysql_fetch_assoc(mysql_query('SELECT * FROM user WHERE id='.$user_id)); $user_a = mysql_fetch_assoc(mysql_query('SELECT * FROM user WHERE id='.$user_id));
} }
?> ?>
<table cellpadding="0" cellspacing="0" width="100%" height="51"> <table cellpadding="0" cellspacing="0" width="100%" height="51">
@ -129,12 +131,28 @@ function display2($user_id, $userage){
echo 'Keiner'; echo 'Keiner';
} else{ } else{
$clan = mysql_fetch_assoc(mysql_query('SELECT * FROM clan WHERE id = '.$user_a['clan'])); $clan = mysql_fetch_assoc(mysql_query('SELECT * FROM clan WHERE id = '.$user_a['clan']));
echo displayClanLink ($clan['id'], $clan['clanname']) ; echo displayClanLink ($clan['id'], $clan['clanname']) ;
} }
// Now could it be that the user is in an other clan and we may invite him ;), check if current user is a leader!
$qry = mysql_query('Select id from clan where leader = ' . $user_ida['id'] . ' or co_leader = ' . $user_ida['id']);
$clan = mysql_fetch_assoc($qry);
// is there data available and if yes does the other user have the same clan?
if($clan && $clan['id'] !== $user_a['clan']) {
// check if we already invited him. Then renew invitation ->
$qry = mysql_query('Select count(*) as anzahl from user_clan_invitations where clanid = '.$clan['id'].' AND userid = ' . $user_id);
$row = mysql_fetch_assoc($qry);
if ($row['anzahl'] > 0) {
$action = 'Einladung erneuern';
} else {
$action = 'einladen';
}
// no ?? Then display the option to invite this user ;)
echo ' <a href="index.php?as=info&charm=3&user_id='.$user_id.'">('.$action.')</a>';
}
?></td> ?></td>
</tr> </tr>
<tr> <tr>
<td valign="top" height="25" width="195" align="center"><b>Geschlecht</b></td> <td valign="top" height="25" width="195" align="center"><b>Geschlecht</b></td>
<td valign="top" height="25" width="191"> <td valign="top" height="25" width="191">
@ -152,7 +170,7 @@ function display2($user_id, $userage){
<td valign="top" height="25" width="195" align="center"><b>Nick-History</b></td> <td valign="top" height="25" width="195" align="center"><b>Nick-History</b></td>
<td valign="top" height="25" width="191"><?php echo join('<br>',$nick_history) ?></td> <td valign="top" height="25" width="191"><?php echo join('<br>',$nick_history) ?></td>
</tr> </tr>
<?php <?php
} }
?> ?>
<?php <?php
@ -183,18 +201,18 @@ function display3($tablename, $itemid){
if($tablename == 'ware'){ if($tablename == 'ware'){
$tabletogo = 'item'; $tabletogo = 'item';
} else if($tablename == 'sp_ware'){ } else if($tablename == 'sp_ware'){
$tabletogo = 'sp_item'; $tabletogo = 'sp_item';
} else if($tablename == 'wochen_ware'){ } else if($tablename == 'wochen_ware'){
$tabletogo = 'wochen_markt'; $tabletogo = 'wochen_markt';
} else{ } else{
return; return;
} }
$item_a = mysql_fetch_assoc(mysql_query('SELECT * FROM '.$tabletogo.' WHERE id='.$itemid)); $item_a = mysql_fetch_assoc(mysql_query('SELECT * FROM '.$tabletogo.' WHERE id='.$itemid));
?> ?>
<table cellpadding="0" cellspacing="0" width="100%" height="51"> <table cellpadding="0" cellspacing="0" width="100%" height="51">
<tr> <tr>
<th valign="top" height="32" align="center"><?php echo $item_a['name'].$item_a['item']; ?></td> <th valign="top" height="32" align="center"><?php echo $item_a['name'].$item_a['item']; ?></th>
</tr> </tr>
<tr> <tr>
<td valign="top" height="25" width="191"> <?php echo $item_a['info']; ?></td> <td valign="top" height="25" width="191"> <?php echo $item_a['info']; ?></td>
@ -214,8 +232,17 @@ if($charm == 1) {
display1($char_id); display1($char_id);
} else if($charm == 2){ } else if($charm == 2){
display3($group,$item_id); display3($group,$item_id);
}else if($user_id != NULL || $userage != NULL){ } elseif ($charm == 3) {
display2($user_id, $userage); $errorMsg = inviteUser($user_ida, $user_id);
if($errorMsg !== NULL) {
echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink());
$displayMore = false;
} else {
displayErrorMessage('','Du hast die Einladung erfolgreich verschickt!', '<a href="index.php?as=info&user_id='.$user_id.'">weiter</a>');
$displayMore = false;
}
} else if($user_id != NULL || $userage != NULL){
display2($user_id, $userage, $user_ida);
} }
?> ?>

@ -408,12 +408,12 @@ UNLOCK TABLES;
DROP TABLE IF EXISTS `clan`; DROP TABLE IF EXISTS `clan`;
CREATE TABLE `clan` ( CREATE TABLE `clan` (
`clanname` varchar(50) collate utf8_unicode_ci NOT NULL default '', `clanname` varchar(50) collate utf8_unicode_ci NOT NULL default '',
`clanzeichen` varchar(255) collate utf8_unicode_ci NOT NULL default ',', `clanz_pre` varchar(25) collate utf8_unicode_ci NOT NULL default '',
`clanz_suff` varchar(25) collate utf8_unicode_ci NOT NULL default '',
`geld` int(15) NOT NULL default '0', `geld` int(15) NOT NULL default '0',
`info` text collate utf8_unicode_ci NOT NULL, `info` text collate utf8_unicode_ci NOT NULL,
`id` int(11) NOT NULL auto_increment, `id` int(11) NOT NULL auto_increment,
`leader` int(11) default '0', `leader` int(11) default '0',
`pw` varchar(50) collate utf8_unicode_ci NOT NULL default '',
`siege` int(25) NOT NULL default '0', `siege` int(25) NOT NULL default '0',
`niederlagen` int(25) NOT NULL default '0', `niederlagen` int(25) NOT NULL default '0',
`co_leader` int(11) default NULL, `co_leader` int(11) default NULL,
@ -2242,6 +2242,25 @@ CREATE TABLE `turnier_preis` (
) )
ENGINE = InnoDB CHARSET=utf8 COLLATE=utf8_unicode_ci; ENGINE = InnoDB CHARSET=utf8 COLLATE=utf8_unicode_ci;
DROP TABLE IF EXISTS `user_clan_invitations`;
CREATE TABLE `user_clan_invitations` (
`userid` INTEGER NOT NULL,
`clanid` INTEGER NOT NULL,
`valid` TIMESTAMP NOT NULL,
PRIMARY KEY (`userid`, `clanid`),
CONSTRAINT `user_clan_invitations_userid` FOREIGN KEY `user_clan_invitations_userid` (`userid`)
REFERENCES `user` (`id`)
ON DELETE CASCADE
ON UPDATE CASCADE,
CONSTRAINT `user_clan_invitations_clanid` FOREIGN KEY `user_clan_invitations_clanid` (`clanid`)
REFERENCES `clan` (`id`)
ON DELETE CASCADE
ON UPDATE CASCADE
)
ENGINE = InnoDB
CHARACTER SET utf8 COLLATE utf8_general_ci;
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;

Loading…
Cancel
Save