<?php /* * * @copyright (c) 2009 animegame.eu * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence * */ include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php'); // GET-Section // Kritisch (SQL-Injections) $clan_name = validateName($_GET['clan_name']); $clan_pw = validateString($_GET['clan_pw']); $poll1 = validateString($_GET['poll1']); $poll2 = validateString('ASC'); $pagenum = validateUnsignedInteger($_GET['pagenum'], null); // Unkritisch $charm = $_GET['charm']; $user = $user_ida; if ($charm == 1) { $clan = mysql_fetch_assoc(mysql_query('SELECT *, (Select 10 - count(*) from user u where clan = c.id and ((c.leader is null || c.leader != u.id) and (c.co_leader is null || c.co_leader != u.id))) as freeslots FROM clan c WHERE clanname=\''.$clan_name.'\' AND pw=\''.$clan_pw.'\'')); if (!$clan['id']) { displayErrorMessage(NULL, 'Clanname oder Clanpasswort ist falsch!', displayHistoryBackLink()); exit; } if ($user['clan'] != 0) { displayErrorMessage(NULL, 'Du bist schon in einem Clan!', displayHistoryBackLink()); exit; } if ($clan['freeslots'] <= 0) { // Keine Plätze mehr frei displayErrorMessage(NULL, 'Der Clan ist voll!', displayHistoryBackLink()); exit; } mysql_query('UPDATE user SET clan='.$clan['id'].' WHERE id='.$user_ida['id']); displayErrorMessage(NULL, 'Du bist jetzt im '.$clan_name.' Clan', '<a href="index.php?as=clan/index">weiter...</a>'); exit; } ?> <form action="index.php" method="GET"> <input type="hidden" name="as" value="clan/add"> <input type="hidden" name="charm" value="1"> <table cellpadding="0" cellspacing="0" width="100%"> <!-- MSTableType="layout" --> <tr> <td height="30" valign="top" width="585" colspan="6"> <p align="center"><b>Clan Beitreten</b><p align="center"> </td> </tr> <tr> <td height="30" valign="center" width="296" colspan="3"> <p align="right"><b>Clanname</b></td> <td height="30" valign="center" width="289" colspan="3"> <input name="clan_name" size=20></td> </tr> <tr> <td height="30" valign="top" width="296" colspan="3"> <p align="right"><b>Clan Passwort</b></td> <td height="30" valign="center" width="289" colspan="3"> <input name="clan_pw" size=10> <input type=submit value="Beitreten"> </td> </tr> <?php if (!$poll1) { $poll1 = 'clanname'; $poll2 = 'ASC'; } if ($poll1 == 'clanname' AND $poll2 == 'ASC') { $poll['clanname'] = 'DESC'; } else { $poll['clanname'] = 'ASC'; } if ($poll1 == 'leader' AND $poll2 == 'ASC') { $poll['leader'] = 'DESC'; } else { $poll['leader'] = 'ASC'; } if ($poll1 == 'geld' AND $poll2 == 'ASC') { $poll['geld'] = 'DESC'; } else { $poll['geld'] = 'ASC'; } $ready = 'clan/add&pagenum='.$pagenum; ?> <tr> <td height="33" width="96" valign="top"> <p align="center"><b><?php echo '<a href="index.php?as='.$ready.'&poll1=clanname&poll2='.$poll['clanname'].'">Clanname</a>'; ?></b></td> <td height="33" width="128" valign="top"> <p align="center"><b><?php echo "<a href='index.php?as=$ready&poll1=leader&poll2=$poll[leader]'>Leader</a>"; ?></b></td> <td height="33" width="76" valign="top"> <p align="center"><b>Mitglieder</b></td> <td height="33" width="98" valign="top"> <p align="center"><b><?php echo "<a href='index.php?as=$ready&poll1=geld&poll2=$poll[geld]'>Geld</a>"; ?></b></td> <td height="33" width="76" valign="top"> <p align="center"><b>Info</b></td> <td height="33" width="115" valign="top"> <p align="center"><b>Beitreten</b></td> </tr> <?php // TODO: Seitenzahlen ueber displayfunction funktion if (!is_numeric($pagenum) || $pagenum <= 1) { $pagenum = 0; } else{ $pagenum = ($pagenum -1) * 10; } $clan = mysql_Query('SELECT c.clanzeichen, c.clanname, c.geld, c.info, c.id, u.id AS uid, u.nickname FROM clan c LEFT JOIN user u ON(c.leader=u.id) ORDER BY '.$poll1.' '.$poll2.' LIMIT '.$pagenum.',20'); while ($row = mysql_fetch_array($clan)) { $mitglieder = mysql_num_rows(mysql_query('SELECT id FROM user WHERE clan='.$row['id'])); $z_v = explode(',', $row['clanzeichen']); ?> <tr> <td height="35" width="96" valign="top"> <p align="center"><?php echo $row['clanname']; ?></td> <td height="25" width="128" valign="top"> <p align="center"><?php echo displayUserLink($row['uid'], $row['nickname'], $z_v[0], $z_v[1]); ?></td> <td height="25" width="76" valign="top"> <p align="center"><?php echo $mitglieder; ?></td> <td height="25" width="98" valign="top"> <p align="center"><?php echo displayMoney($row['geld']); ?></td> <td height="25" width="100" valign="top"> <p align="center"><?php echo '<a href="index.php?as=clan/clan_info&clan_id='.$row['id'].'">Info</a>'; ?></td> <td height="25" width="115" valign="top"> <p align="center"><?php echo '<a href="index.php?as=nachricht&charm=1&besitzer='.$row['nickname'].'">Beitreten</a>'; ?></td> </tr> <?php // TODO: Seitenzahlen aus Designfunctions benutzen!!! } $Total = mysql_num_rows(mysql_query('SELECT id FROM clan')); $pages = ceil($Total / 20); $z = 1; $i = 0; while ($pages > $i) { $seiten .= ' <a href="index.php?as=clan/add&pagenum='.$z.'">'.$z.'</a> '; $z++; $i++; } ?> <tr> <td height="18" width="589" valign="top" colspan="6"> <b>Seite <?php echo $seiten; ?></b></td> </tr> </table> </form>