You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

213 lines
6.4 KiB

<?php
/*
*
* @copyright (c) 2010 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/config.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/designfunctions.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/user.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$icq = validateString($_GET['icq']);
$new_pw = validateString($_GET['new_pw']);
$new_nick = validateName($_GET['new_nick']);
// wird später benötigt
$new_nick2 = validateName($_GET['new_nick2']);
$homepage = validateString($_GET['homepage']);
$chat = validateString($_GET['chat']);
$ads = validateString($_GET['ads']);
$alt_pw = validateString($_GET['alt_pw']);
// Unkritisch
$charm = $_GET['charm'];
if($_GET['new_nick'] == ''){
$new_nick = '';
}
if((!is_null($_GET['new_nick']) && is_null($new_nick)) || ($new_nick != $_GET['new_nick'])){
displayErrorMessage('Name ung&uuml;tig!', 'Der Name ist leider ung&uuml;ltig!', displayHistoryBackLink());
exit;
}
function isNickChanged($user){
$sql = 'Select count(*) as anzahl from user_rename where userid = '.$user['id'].' and wunsch = 0 and datum >= TIMESTAMPADD(MONTH, -6, now())';
$row = mysql_fetch_assoc(mysql_query($sql));
return $row['anzahl'] != 0;
}
function changeProfil($user, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads){
if(!is_numeric($chat)){
displayErrorMessage(NULL,'Chat-Feld inkorrekt ausgefuellt!','');
return;
}
if(!is_numeric($ads)){
displayErrorMessage(NULL,'Werbung-Feld inkorrekt ausgefuellt!','');
return;
}
if($new_nick == $new_nick2 && $new_nick !== ''){
$raw_nick = $new_nick;
if(!isNickChanged($user) && $new_nick != $user['nickname'] && $raw_nick == $new_nick) {
$sql = 'Update user set nickname = \''.$new_nick.'\' where id = '.$user['id'];
mysql_query($sql);
if(mysql_affected_rows() > 0){
$sql = 'Insert into user_rename(pre_name, post_name, datum, userid) values(\''.$user['nickname'].'\', \''.$new_nick.'\', now(), '.$user['id'].')';
// echo $sql;
mysql_query($sql);
displayErrorMessage('Nickname erfolgreich ge&auml;ndert','Ein neuer Login wird jedoch nun ben&ouml;tigt.','');
} else{
displayErrorMessage('Fehler','Nickname konnte nicht ge&auml;ndert werden.','');
}
} else if($new_nick != $raw_nick){
displayErrorMessage('Neuer Nickname ung&uuml;ltig!','Es sind Sonderzeichen erlaubt!','');
}
} else if($new_nick !== ''){
displayErrorMessage('Neuer Nickname ung&uuml;ltig!','Es sind Sonderzeichen erlaubt!','');
}
if($new_pw) {
if($new_pw == "") {
displayErrorMessage(NULL,'Neues Passwort nicht angegeben!','');
return;
}
$alt_pw = encryptPassword($alt_pw);
if($alt_pw != $user['passwort']) {
displayErrorMessage(NULL,'Passwort falsch!','');
return;
}
setPassword($user['nickname'], $new_pw);
}
if($ads == 1) {
if(!isUserInGroup($usergroups, Werbung_an)) {
addUserToGroup($user['nickname'], Werbung_an);
}
} else {
if(isUserInGroup($usergroups, Werbung_an)) {
removeUserToGroup($user['nickname'], Werbung_an);
}
}
mysql_query('UPDATE user SET homepage=\''.$homepage.'\', icq=\''.$icq.'\', chat = '.$chat.' WHERE id=\''.$user['id'].'\'');
displayErrorMessage('Profil erfolgreich ge&auml;ndert','Sollte das Passwort ge&auml;ndert worden sein, ist ein erneuter Login erforderlich.','');
return mysql_fetch_assoc(mysql_query('Select * from user where id = '.$user['id']));
}
function display($user, $usergroups){
if($user['post']){
$post_check = 'checked';
}
if($user['schnelllink'] == 2){
$char_schnell = 'selected';
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
<input type="hidden" name="as" value="profil">
<input type="hidden" name="charm" value="1">
<table cellpadding="0" cellspacing="0" width="100%" height="51">
<tr>
<th colspan="2" align="center">Ihr Profil</th>
</tr>
<tr>
<th align="center">Nickname</th>
<td><?php echo $user['nickname']; ?></td>
</tr>
<?php
if(!isNickChanged($user)){
?>
<tr>
<th align="center">Neuer Nickname</th>
<td><input class="input" name="new_nick" value=""/></td>
</tr>
<tr>
<th align="center">Neuer Nickname</th>
<td><input class="input" name="new_nick2" value=""/></td>
</tr>
<?php
}
?>
<tr>
<th align="center">Altes Passwort</th>
<td>
<input id="input" name="alt_pw" type="password" size="35">
</td>
</tr>
<tr>
<th align="center">Neues Passwort</th>
<td>
<input id="input" name="new_pw" type="password" size="35">
</td>
</tr>
<tr>
<th align="center">Homepage</th>
<td>
<input id="input" name="homepage" size="35" value="<?php echo $user['homepage']; ?>">
</td>
</tr>
<tr>
<th align="center">ICQ:</th>
<td>
<input id="input" name="icq" size="35" value="<?php echo $user['icq']; ?>">
</td>
</tr>
<tr>
<th align="center">Werbegrad:</th>
<td>
<?php
if(isUserInGroup($usergroups, Werbung_an)) {
//$user['ads'] == 0){
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?>
moderat: <input type="radio" name="ads" value="0" <?php echo $che1; ?>/>
<?php
if(!(getLayerAdvertisement() == '' or getLayerAdvertisement == null)){
echo 'hardcore: <input type="radio" name="ads" value="1"'.$che2.'/>';
}
?>
</td>
</tr>
<tr>
<th align="center">Chat:</th>
<td>
<?php
if($user['chat'] == 1){
$che1 = 'checked="checked"';
$che2 = '';
} else{
$che1 = '';
$che2 = 'checked="checked"';
}
?>
an: <input type="radio" name="chat" value="1" <?php echo $che1; ?>/>
aus: <input type="radio" name="chat" value="0"<?php echo $che2; ?> />
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td>
<input id="input" size="15" type="submit" value="&auml;ndern">
</td>
</tr>
</table>
</form>
<?php
}
if($charm == '1'){
$user_ida = changeProfil($user_ida, $usergroups, $new_pw, $new_nick, $new_nick2, $alt_pw, $homepage, $icq, $chat, $ads);
}
display($user_ida, $usergroups);
?>