Hecht
/
agng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9f4ae9708e'
${ noResults }
agng/ag/clan/clan_info.php

598 lines
19 KiB
Raw Blame History

<?php
/*
*
* @copyright (c) 2009 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/clan.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php');
// GET-Section
if(isset($_GET['action'])) {
$action = $_GET['action'];
} else {
$action = NULL;
}
//Unkritisch
if(isset($_GET['what'])) {
$what = $_GET['what'];
} else {
$what = NULL;
}
// Kritisch (SQL-Injections)
$clan_id = validateUnsignedInteger($_GET['clan_id'], null);
$member = validateUnsignedInteger($_GET['member'], NULL);
$text = validateString($_GET['text']);
$displayMore = true;
if($clan_id == NULL){
if($user_ida['clan'] != null){
$clan_id = $user_ida['clan'];
} else {
$displayMore = false;
}
}
if(isset($_GET['value1']) || isset($_GET['value2'])) {
switch($what) {
case 'Banner':
case 'Homepage':
$value1 = validateURL($_GET['value1']);
break;
case 'Info':
$value1 = encodeNoHTMLWithBB($_GET['value1']);
break;
case 'Clanzeichen':
$value1 = validateString($_GET['value1']);
$value2 = validateString($_GET['value2']);
break;
case 'Leadership':
$value1 = validateUnsignedInteger($_GET['value1'], NULL);
$value2 = validateUnsignedInteger($_GET['value2'], NULL);
break;
}
}
function displayClanProfileReadOnly($clan, $ownclan, $userid){
$member_qry = mysql_query('Select id from user where clan = '.$clan['id']);
$count = mysql_num_rows($member_qry);
$member = array();
while($row = mysql_fetch_assoc($member_qry)){
$tmp = displayUserLinkByID($row['id']);
if($row['id'] == $userid){
$member[] = $tmp.' (<a href="index.php?as=clan/clan_info&action=fire&member='.$row['id'].'">verlassen</a>)';
} else{
$member[] = $tmp;
}
if($row['id'] == $clan['leader']){
$leader = $tmp;
}
if($row['id'] == $clan['co_leader']){
$coleader = $tmp;
}
}
$inv_qry = mysql_query('SELECT userid, TIMESTAMPDIFF(HOUR, now(), valid) as till FROM user_clan_invitations WHERE clanid = '.$clan['id'].' and valid > now()');
$invited = array();
while($row = mysql_fetch_assoc($inv_qry)) {
$invited[] = displayUserLinkByID($row['userid']) . ' (noch ' . $row['till'] . 'h gültig)';
}
?>
<div align="center">
<table width="100%">
<tr>
<th width="100%" height="39" colspan="2" align="center"><?php echo $clan['clanname']; ?>
Info</th>
</tr>
<?php
if($clan['banner'] != "0"){
?>
<tr>
<td width="100%" height="52" colspan="2" align="center"><img
src="<?php echo $clan['banner']; ?> " width="468" height="60"></td>
</tr>
<?php
}
?>
<tr>
<th width="20%" align="Left" height="25">Leader:</th>
<?php
if($leader == null && $coleader == null){
if($ownclan) {
echo '<td rowspan="2"><a href="index.php?as=clan/clan_info&action=putsch">Macht &uuml;bernehmen</a></td>';
} else {
echo '<td rowspan="2">Keine Leader</td>';
}
} else{
echo '<td>'.$leader.'</td>';
}
?>
</tr>
<tr>
<th align="Left" height="25">Co-Leader:</th>
<?php
if($leader != null && $coleader != null){
echo '<td>'.$coleader.'</td>';
}
?>
</tr>
<tr>
<th align="Left" height="25">Clanzeichen:</th>
<td><?php echo $clan['clanz_pre'].' '.$clan['clanz_suff']; ?></td>
</tr>
<tr>
<th align="Left">Member (<?php echo $count.'/'.getMaximumMembers($clan['id']); ?>):</th>
<td><?php echo join('<br>',$member); ?></td>
</tr>
<?php
if($ownclan) {
?>
<tr>
<th align="Left">Eingeladen</th>
<td><?php echo join('<br>', $invited); ?></td>
</tr>
<?php
}
?>
<tr>
<th align="Left" height="25">Level:</th>
<td><?php echo $clan['level']; ?></td>
</tr>
<tr>
<th align="Left" height="25">Erfahrung: </th>
<td><?php echo $clan['min_exp'].' / '.getRequiredClanExp($clan['level']); ?></td>
</tr>
<tr>
<th width="96" height="25" align="Left">Homepage:</th>
<?php
if($clan['homepage'] != 'Keine'){
echo '<td height="25"><a href="'.$clan['homepage'].'" target=_blank>'.$clan['homepage'].'</a></td>';
} else{
echo '<td height="25">Keine</td>';
}
?>
</tr>
<tr>
<th align="Left">Info:</th>
<td><?php echo $clan['info']; ?></td>
</tr>
<?php
if($ownclan) {
?>
<tr><td>&nbsp;</td></tr>
<tr>
<td colspan="2">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="GET">
<input type="hidden" name="as" value="clan/clan_info"> <input
type="hidden" name="action" value="newsletter">
<table cellpadding="0" cellspacing="0" width="100%" height="69">
<tr>
<th height="18" valign="top" width="603" colspan="2"
class="content">Nachricht an alle Clanmember schicken</th>
</tr>
<tr>
<td height="25" valign="top" colspan="2" align="center">&nbsp;<textarea
class="input" rows="8" name="text" cols="40"></textarea></td>
</tr>
<tr>
<td height="25" valign="top" colspan="2" align="center">&nbsp;<input
class="input" type="submit" value="abschicken"></td>
</tr>
</table>
</form>
</td>
</tr>
<?php
}
?>
<tr><th colspan="2">Debug Daten (Kein Bug, dass die naechste Zeile etwas komisch aussieht)</th></tr>
<tr><th colspan="2"><?php print_r($clan); ?></th></tr>
</table>
</div>
<?php
}
function displayClanProfileEditable($clan, $userid){
$member_qry = mysql_query('Select id from user where clan = '.$clan['id']);
$member = array();
$count = mysql_num_rows($member_qry);
while($row = mysql_fetch_assoc($member_qry)){
$tmp = displayUserLinkByID($row['id']);
$kickable = true;
if($row['id'] == $clan['leader']){
$leader = $tmp;
$kickable = false;
}
if($row['id'] == $clan['co_leader']){
$coleader = $tmp;
$kickable = false;
}
if($userid == $row['id'] && $kickable){
$member[] = $tmp.' (<a href="index.php?as=clan/clan_info&action=fire&member='.$row['id'].'">verlassen</a>)';
} else if($kickable){
$member[] = $tmp.' (<a href="index.php?as=clan/clan_info&action=fire&member='.$row['id'].'">kicken</a>)';
} else{
$member[] = $tmp;
}
}
$inv_qry = mysql_query('SELECT userid, TIMESTAMPDIFF(HOUR, now(), valid) as till FROM user_clan_invitations WHERE clanid = '.$clan['id'].' and valid > now()');
$invited = array();
while($row = mysql_fetch_assoc($inv_qry)) {
$invited[] = displayUserLinkByID($row['userid']) . ' (noch ' . $row['till'] . 'h gültig, <a href="index.php?as=clan/clan_info&action=reject&member='.$row['userid'].'">zurückziehen</a>)';
}
?>
<table width="100%">
<tr>
<th width="500" height="39" colspan="2" align="center"><?php echo $clan['clanname']; ?>
Info</th>
</tr>
<tr>
<td width="100%" height="52" colspan="2" align="center"><?php
if($clan['banner'] != "0"){
?> <img src="<?php echo $clan['banner']; ?> " width="468" height="60">
<?php
}
?> <br> <a href="index.php?as=clan/clan_info&action=edit&what=Banner">(edit)</a>
</td>
</tr>
<tr>
<th width="25%" align="Left" height="25">Leader:<a
href="index.php?as=clan/clan_info&action=edit&what=Leadership">(edit)</a>
</th>
<td><?php echo $leader; ?></td>
</tr>
<tr>
<th align="Left" height="25">Co-Leader:<a
href="index.php?as=clan/clan_info&action=edit&what=Leadership">(edit)</a>
</th>
<td><?php echo $coleader; ?></td>
</tr>
<tr>
<th align="Left" height="25">Clanzeichen:<a
href="index.php?as=clan/clan_info&action=edit&what=Clanzeichen">(edit)</a>
</th>
<td><?php echo $clan['clanz_pre'].' '.$clan['clanz_suff']; ?></td>
</tr>
<tr>
<th align="Left">Member (<?php echo $count.'/'.getMaximumMembers($clan['id']); ?>):</th>
<td><?php echo join('<br>',$member); ?></td>
</tr>
<tr>
<th align="Left">Eingeladen</th>
<td><?php echo join('<br>', $invited); ?></td>
</tr>
<tr>
<th align="Left" height="25">Level:</th>
<td><?php echo $clan['level']; ?></td>
</tr>
<tr>
<th align="Left" height="25">Erfahrung: </th>
<td><?php echo $clan['min_exp'].' / '.getRequiredClanExp($clan['level']); ?></td>
</tr>
<tr>
<th align="Left" height="25">Homepage:<a
href="index.php?as=clan/clan_info&action=edit&what=Homepage">(edit)</a>
</th>
<?php
if($clan['homepage'] != 'Keine'){
echo '<td><a href="'.$clan['homepage'].'" target=_blank>'.$clan['homepage'].'</a></td>';
} else{
echo '<td>Keine</td>';
}
?>
</tr>
<tr>
<th align="Left">Info:<a
href="index.php?as=clan/clan_info&action=edit&what=Info">(edit)</a></th>
<td><?php echo $clan['info']; ?></td>
</tr>
<tr>
<th align="left">Clan aufl&ouml;sen</th>
<td><a
href="javascript:if(confirm('Wirklich l&ouml;schen?')==true) window.location.href='index.php?as=clan/clan_info&action=kill'">Clan
l&ouml;schen</a></td>
</tr>
<tr><td>&nbsp;</td></tr>
<tr>
<td colspan="2">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="GET">
<input type="hidden" name="as" value="clan/clan_info"> <input
type="hidden" name="action" value="newsletter">
<table cellpadding="0" cellspacing="0" width="100%" height="69">
<tr>
<th height="18" valign="top" width="603" colspan="2"
class="content">Nachricht an alle Clanmember schicken</th>
</tr>
<tr>
<td height="25" valign="top" colspan="2" align="center">&nbsp;<textarea
class="input" rows="8" name="text" cols="40"></textarea></td>
</tr>
<tr>
<td height="25" valign="top" colspan="2" align="center">&nbsp;<input
class="input" type="submit" value="abschicken"></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
<?php
}
function displayClanProfile($clanid, $user){
$sql = 'SELECT * FROM clan where clan.id = '.$clanid;
// echo $sql.'<br>';
$clan = mysql_fetch_assoc(mysql_query($sql));
$editable = $clan['leader'] == $user['id'] || $clan['co_leader'] == $user['id'];
if(!$editable){
displayClanProfileReadOnly($clan, $user['clan'] == $clan['id'], $user['id']);
} else{
displayClanProfileEditable($clan, $user['id']);
}
}
function setMeAsLeader($user){
mysql_query('UPDATE clan set leader = '.$user['id'].' WHERE id = '.$user['clan'].' and leader is null and co_leader is null');
}
function sendClanNewsletter($user, $text){
$qry = mysql_query('SELECT * FROM clan WHERE id = ' . $user['clan']);
$clan = mysql_fetch_assoc($qry);
$errors = FALSE;
$sql = 'SELECT id FROM user WHERE clan='.$user['clan'];
$clans = mysql_query($sql);
while($row = mysql_fetch_assoc($clans)) {
$errors |= !sendMessage($user['nickname'], $row['id'], $clan['clanname'].' Nachricht', $text);
}
if($errors) {
displayErrorMessage(NULL,'Beim Versenden sind Fehler aufgetreten', '<a href="index.php?as=clan/clan_info">weiter...</a>');
} else {
displayErrorMessage(NULL,'Nachricht erfolgreich verschickt', '<a href="index.php?as=clan/clan_info">weiter...</a>');
}
}
function setProfile($what, $value1, $value2, $clanid, $rootlvl){
echo 'setProfile<br>';
if($rootlvl < 1) {
return 'Du hast keine Rechte um diese Aktion auszuf&uuml;hren!';
}
switch($what){
case 'Homepage':
mysql_query('UPDATE clan SET homepage = \''.$value1.'\' where id = '.$clanid);
return NULL;
case 'Clanzeichen':
mysql_query('UPDATE clan SET clanz_pre = \''.$value1.'\', clanz_suff = \''.$value2.'\' where id = '.$clanid);
return NULL;
case 'Banner':
mysql_query('UPDATE clan SET banner = \''.$value1.'\' where id = '.$clanid);
return NULL;
case 'Info':
mysql_query('UPDATE clan SET Info = \''.$value1.'\' where id = '.$clanid);
return NULL;
case 'Leadership':
echo 'setLeadership!<br>';
$clan = getClan($clanid);
if($value1 == 0 && $rootlvl == 2){$value1 = 'null';}
else if($rootlvl == 1) { $value1 = $clan['leader']; }
if($value2 == 0){$value2 = 'null';}
// okay, are we allowed to change?? If we have max members, it is not allowed to remove the co_leader
$clan = getClan($clanid);
$members = getClanMembersCount($clanid);
$members_max = getMaximumMembers($clan['id']);
if($members_max == $members && $clan['leader'] != $clan['co_leader'] && $value1 == $value2 || $value2 == 'null') {
// Okay, actually there are the max amount of users in the clan
// it is now not possible to change to a leader only clan!!
return 'Es ist nicht m&ouml;glich den Co-Leader zu &auml;ndern, da der clan die maximale Anzahl Member besitzt!';
}
if($rootlvl == 1){ // the co leader may only set the co leader XD
$sql = 'UPDATE clan SET co_leader = '.$value2.' where id = '.$clanid;
echo $sql.'<br>';
mysql_query($sql);
} else if($rootlvl == 2) { // the leader may set the leader and the co leader
$sql = 'UPDATE clan SET leader = '.$value1.', co_leader = '.$value2.' where id = '.$clanid;
// echo $sql.'<br>';
mysql_query($sql);
}
return NULL;
default:
return 'Error!';
}
}
function displayEdit($what, $clanid, $rootlvl){
if($rootlvl < 1) {
$content = '<tr><td colspan="2">Du hast keine Rechte um diese Aktion auszuf&uuml;hren!</td></tr>';
$what = 'ERROR';
}
$clan = getCLan($clanid);
$content = '';
switch($what){
case 'Homepage':
$content = '<tr><td colspan="2"><input class="input" name="value1" value="'.$clan['homepage'].'"/></td></tr>';
break;
case 'Clanzeichen':
$content = '<tr><td>Prefix: <input class="input" name="value1" value="'.$clan['clanz_pre'].'"/></td><td>Suffix: <input class="input" name="value2" value="'.$clan['clanz_suff'].'"/></td></tr>';
break;
case 'Banner':
$content = '<tr><td colspan="2"><input class="input" name="value1" value="'.$clan['banner'].'"/></td></tr>';
break;
case 'Leadership':
$member_qry = mysql_query('Select id, nickname from user where clan = '.$clanid);
$member[] = '<option value="0" selected>Niemand</option>';
$member2[] = '<option value="0" selected>Niemand</option>';
while($row = mysql_fetch_assoc($member_qry)){
if($row['id'] == $clan['leader']) {
$member[] = '<option value="'.$row['id'].'" selected="selected">'.$row['nickname'].'</option>';
} else {
$member[] = '<option value="'.$row['id'].'">'.$row['nickname'].'</option>';
}
if($row['id'] == $clan['co_leader']) {
$member2[] = '<option value="'.$row['id'].'" selected="selected">'.$row['nickname'].'</option>';
} else {
$member2[] = '<option value="'.$row['id'].'">'.$row['nickname'].'</option>';
}
}
if($rootlvl == 2){
$content = '<tr><td>Leader:</td><td><select class="input" name="value1" />'.join('',$member).'</select></td></tr>';
}
$content .= '<tr><td>Co-Leader:</td><td><select class="input" name="value2" />'.join('',$member2).'</select></td></tr>';
break;
case 'Info':
$content = '<tr><td colspan="2"><textarea class="input" name="value1" rows="8" cols="40">'.debbcode($clan['info']).'</textarea></td></tr>';
break;
case 'ERROR':
break;
default:
$content = '<tr><td colspan="2">Error '.$what.' unknown!</td></tr>';
break;
}
?>
<form action="index.php" method="GET">
<input type="hidden" name="as" value="clan/clan_info" /> <input
type="hidden" name="action" value="edit" /> <input type="hidden"
name="what" value="<?php echo $what; ?>" />
<table>
<tr>
<th colspan="2"><?php echo $what; ?> &Auml;ndern</th>
</tr>
<?php echo $content; ?>
<tr>
<td align="center" colspan="2"><input class="input" type="submit"
value="Edit" />
</td>
</tr>
</table>
</form>
<?php
}
function fireMember($user, $member){
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user['clan']));
if($member != $row['leader'] && $member != $row['co_leader'] && ($user['id'] == $row['leader'] || $user['id'] == $row['co_leader'] || $member == $user['id'])){
$sql = 'Update user set clan = NULL where id = '.$member.' AND clan = '.$user['clan'];
// echo $sql.'<br>';
mysql_query($sql);
if(mysql_affected_rows() > 0){ // Soll nur ausgeführt werden, wenn member wirklich gekickt wurde!!
$sql = 'Update chars set clan_train = NULL where besitzer = '.$member;
mysql_query($sql);
if($user['id'] != $member) {
sendMessage($user['nickname'], $member, 'Clan rauswurf!', 'Du wurdest von '.$user['nickname'].' aus deinem Clan geworfen. Du wirst dir wohl einen neuen suchen m&uuml;ssen!');
}
}
} else{
echo displayErrorMessage(NULL, 'Du kannst den Member nicht feuern!', displayHistoryBackLink());
}
}
function deleteClan($user){
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user['clan']));
if($user['id'] == $row['leader']){
$qry = mysql_query('SELECT id FROM user WHERE clan = '.$user['clan']);
while($member = mysql_fetch_assoc($qry)) {
sendMessage($user['nickname'], $member['id'], 'Clan wurde gelöscht!', 'Dein Clan wurde von '.$user['nickname'].' gel&ouml;scht. Du wirst dir wohl einen neuen suchen m&uuml;ssen!');
}
mysql_query('DELETE FROM clan where id = '.$user['clan']);
} else{
echo displayErrorMessage(NULL, 'Du kannst den Clan nicht aufl&ouml;sen!', displayHistoryBackLink());
}
}
if($action !== NULL) { // this is done to not require to reprogramm the whole stuff!
$rootlvl = 0;
$clan = getClan($user_ida['clan']);
if($clan['leader'] == $user_ida['id'] || ($clan['leader'] === null && ($clan['co_leader'] === null || $clan['co_leader'] = $user_ida['id']))) {
$rootlvl = 2; // leader or putsch!!
} else if($clan['co_leader'] = $user_ida['id']) {
$rootlvl = 1; // co_leader
}
echo 'Rootlvl = ' . $rootlvl . '<br>';;
switch ($action) {
case 'edit':
$errorMsg = NULL;
$row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user_ida['clan']));
if($row['leader'] != $user_ida['id'] && $row['co_leader'] != $user_ida['id']){
displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink());
} else if(isset($value1) || isset($value2)){
$errorMsg = setProfile($what, $value1, $value2, $user_ida['clan'], $rootlvl);
} else{
$errorMsg = displayEdit($what, $user_ida['clan'], $rootlvl);
$displayMore = false;
}
if($errorMsg !== NULL) {
echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink());
$displayMore = false;
}
break;
case 'fire':
fireMember($user_ida, $member);
if($user_ida['id'] == $member) {
$displayMore = false;
}
break;
case 'putsch':
setMeAsLeader($user_ida);
break;
case 'kill':
deleteClan($user_ida);
$displayMore = false;
break;
case 'reject':
$errorMsg = revokeInvitation($user_ida, $member);
if($errorMsg !== NULL) {
echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink());
$displayMore = false;
} else {
displayErrorMessage('','Du hast die Einladung erfolgreich zur&uuml;ckgezogen!', '<a href="index.php?as=clan/clan_info">weiter</a>');
$displayMore = false;
}
break;
case 'newsletter':
sendClanNewsletter($user_ida, $text);
$displayMore = false;
break;
default:
break;
}
}
if($displayMore){
displayClanProfile($clan_id, $user_ida);
}
?>
Reference in new issue View Git Blame Copy Permalink