Hecht
/
agng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b93d8f2ffa'
${ noResults }
agng/clan/profil.php

193 lines
6.7 KiB
PHP
Raw Blame History

<?php
/*
*
* @copyright (c) 2009 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php');
include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$new_leader = validateUnsignedInteger($_GET['new_leader'], null);
$co_leader = validateUnsignedInteger($_GET['co_leader'], null);
$clan_pw = validateString($_GET['clan_pw']);
$clan_name = validateName($_GET['clan_name']);
$clan_banner = validateURL($_GET['clan_banner']);
$clan_b = validateString($_GET['clan_b']);
$clan_page = validateString($_GET['clan_page']);
$clan_v = validateString($_GET['clan_v']);
$clan_info = validateString($_GET['clan_info']);
// Unkritisch
$charm = $_GET['charm'];
$clan = mysql_fetch_assoc(mysql_query('SELECT * FROM clan WHERE id=' . $user_ida['clan'] . ' LIMIT 1'));
$clan1 = mysql_query('SELECT nickname, id FROM user WHERE clan=' . $user_ida['clan']);
$clan2 = mysql_query('SELECT nickname, id FROM user WHERE clan=' . $user_ida['clan']);
$clan_8 = explode(',', $clan['clanzeichen']);
if ($charm == 1) {
$clan_upps = mysql_fetch_assoc(mysql_query("SELECT id, (Select 10 - count(*) from user u where clan = c.id and ((c.leader is null || c.leader != u.id) and (c.co_leader is null || c.co_leader != u.id))) as freeslots FROM clan c WHERE clanname='$clan_name' OR clanzeichen='$clan_v,$clan_b' AND id!='$user_ida[clan]'"));
$cuu = mysql_fetch_assoc(mysql_query('SELECT clan FROM user WHERE id=' . $new_leader));
if ($cuu['clan'] != $user_ida['clan']) {
displayErrorMessage(NULL, 'Fehler User ist nicht im Clan.', displayHistoryBackLink());
exit;
}
if ($clan_upps['id'] AND $clan_upps['id'] != $user_ida['clan']) {
displayErrorMessage(NULL, 'Clanname oder Clan Zeichen gibt es schon.', displayHistoryBackLink());
exit;
}
if (!$clan_pw) {
displayErrorMessage(NULL, 'Clanpasswort eingeben!', displayHistoryBackLink());
exit;
}
if (!$clan_v AND !$clan_b) {
displayErrorMessage(NULL, 'Sie m&uuml;ssen ein Clanzeichen haben.', displayHistoryBackLink());
exit;
}
if (!$clan_name) {
displayErrorMessage(NULL, 'Sie m&uuml;ssen einen Clanname haben.', displayHistoryBackLink());
exit;
}
if ($clan['leader'] != $user_ida['id'] AND $clan['co_leader'] != $user_ida['id']) {
displayErrorMessage(NULL, 'Sie sind weder Leader noch Co-Leader!', displayHistoryBackLink());
exit;
}
// Check new conditions (10 Members + 1 Co + 1 Leader Slot available)
if($clan['leader'] != $clan['co_leader'] && $new_leader == $co_leader && $clan_upps['freeslots'] <= 0){
// Failure
displayErrorMessage(NULL, 'Alleinherrschaft ist leider nicht möglich, da sich zuviele User im Clan befinden!', displayHistoryBackLink());
exit;
}
mysql_query("UPDATE clan SET clanname='$clan_name', clanzeichen='$clan_v,$clan_b', pw='$clan_pw', info='$clan_info', leader='$new_leader', co_leader='$co_leader', homepage='$clan_page', banner='$clan_banner' WHERE id='$user_ida[clan]'");
displayErrorMessage(NULL, 'Clan erfolgreich ge&auml;ndert.', '<a href="index.php?as=clan/profil">weiter...</a>');
exit;
}
?>
<html>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="GET">
<input type="hidden" name="as" value="clan/profil">
<input type="hidden" name="charm" value="1">
<table cellpadding="0" cellspacing="0" width="100%" height="51">
<tr>
<td valign="top" colspan="2" height="32">
<p align="center"><b>Ihr Profil</b></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Level</b></td>
<td valign="top" height="25" width="191">
&nbsp;<?php echo "$clan[level]"; ?></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Exp</b></td>
<td valign="top" height="25" width="191">
&nbsp;<?php echo "$clan[min_exp] / $clan[max_exp]"; ?></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Clanname</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name="clan_name" value="<?php echo $clan[clanname]; ?>"></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Passwort</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name="clan_pw" value="<?php echo $clan[pw]; ?>" size='20'></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Homepage</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name='clan_page' value="<?php echo $clan['homepage']; ?>" size='20'></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Banner (468 x 60)</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name='clan_banner' value="<?php echo $clan['banner']; ?>" size='20'></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Clanzeichen vorn</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name='clan_v' size='20' maxlength=10 value="<?php echo $clan_8[0]; ?>"></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Clanzeichen hinten</b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" name='clan_b' size='20' maxlength=10 value="<?php echo $clan_8[1]; ?>"></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Leader</b></td>
<td valign="top" height="25" width="191">
&nbsp;<select id="input" name="new_leader">
<option value=""></option>
<?php
$x = 0;
while ($row = mysql_fetch_array($clan1)) {
if ($row[id] == $clan[leader]) {
$selected[$x] = "selected";
}
echo "<option value=$row[id] $selected[$x]>$row[nickname]";
$x++;
}
?>
</select>
</td></tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b>Co. Leader</b></td>
<td valign="top" height="25" width="191">
&nbsp;<select id="input" name="co_leader">
<option value=""></option>
<?php
$y = 0;
while ($row = mysql_fetch_array($clan2)) {
if ($row[id] == $clan[co_leader]) {
$selecteds[$y] = "selected";
}
echo "<option value=$row[id] $selecteds[$y]>$row[nickname]";
$y++;
}
?>
</select>
</td></tr>
<tr>
<td height="25" width="162" valign="top">
<p align="center"><b>Clan Info</b></td>
<td height="25" width="395" valign="top">&nbsp;<textarea id="input" rows="5" cols="30" name="clan_info"><?php echo $clan[info]; ?></textarea></td>
</tr>
<tr>
<td valign="top" height="25" width="195">
<p align="center"><b></b></td>
<td valign="top" height="25" width="191">
&nbsp;<input id="input" type=submit value='speichern'></td>
</tr>
</table>
</form>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink