nun werden user angezeigt die gar keine Eingabe bei dem Feld Xfire gemacht haben
der banner sieht dann so aus:
1 2 | UNNAME OFFLINE |
gibt es eine möglichkeit dies zu umgehen ?
verwendete ilchClan Version: 1.1
betroffene Homepage: swat-report.net
Hier kann eine Notiz zum Merk-Eintrag hinzugefügt werden (optional)
Geschlossen |
1 2 | UNNAME OFFLINE |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | <?php $abf = 'SELECT * FROM prefix_user WHERE xfire != "" AND recht < "' . $allgAr [ 'xfire_recht' ]. '" OR recht = "' . $allgAr [ 'xfire_recht' ]. '" ORDER BY RAND() LIMIT ' . $allgAr [ 'xfire_box_limit' ]. ';' ; $erg = db_query( $abf ); echo '<marquee scrollamount="3" direction="down" onmouseover="this.stop()" onmouseout="this.start()"><table width="100%" border="0">' ; while ( $row = db_fetch_assoc( $erg )){ if ( empty ( $row [ 'xfire' ])){ echo "" ; } else { echo ' <tr> <td><div align= "center" ><a href= "http://www.xfire.com/profile/'.$row['xfire'].'/" ><img src= "http://de.miniprofile.xfire.com/bg/sh/type/3/'.$row['xfire'].'.png" border= "0" /></a></div></td> </tr> <tr> <td>X-Fire: <a href= "index.php?user-details-'.$row['id'].'" > '.$row[' name '].' </a></td> </tr> '; };} echo '</table></marquee>' ; echo '<a href="index.php?user-xfire">Alle anzeigen</a>' ; ?> |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | <?php defined ( 'main' ) or die ( 'no direct access' ); $title = $allgAr [ 'title' ]. ' :: X-Fire' ; $hmenu = 'X-Fire' ; $design = new design ( $title , $hmenu ); $design ->header(); $abf = 'SELECT * FROM prefix_user WHERE xfire != "" AND recht < "' . $allgAr [ 'xfire_recht' ]. '" OR recht = "' . $allgAr [ 'xfire_recht' ]. '"' ; $erg = db_query( $abf ); echo '<center><h2>X-Fire Mitgliederliste</h2></center>' ; echo '<table width="100%" border="0">' ; while ( $row = db_fetch_assoc( $erg )) { if ( empty ( $row [ 'xfire' ])){ echo "" ; } else { echo ' <tr> <td><div id= "'.$row['id'].'" align= "center" ><a href= "http://www.xfire.com/profile/'.$row['xfire'].'/" ><img src= "http://de.miniprofile.xfire.com/bg/sh/type/'.$allgAr['xfire_banner'].'/'.$row['xfire'].'.png" border= "0" /></a></div></td> </tr> <tr> <td>X-Fire Signatur von <a href= "index.php?user-details-'.$row['id'].'" > '.$row[' name '].' </a> </td> </tr> '; };} echo '</table>' ; $design ->footer(); ?> |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 | <form action="admin.php?user-2" method="POST" enctype="multipart/form-data"> <input type="hidden" name="uID" value="{id}"> {antispam} <table border="0" cellspacing="1" cellpadding="3" class="border"> <tr class="Chead"><td colspan="2"><b>Details von {name} - ID: {id}</b></td></tr> <tr> <td width="20%" class="Cmite">Recht</td> <td width="80%" class="Cnorm"><select name="urecht">{_list_recht@<option%1 value="%2">%3</option>}</select></td> </tr><tr> <td class="Cmite">Name</td> <td class="Cnorm"><input name='usaName1' maxlength="100" value='{name}' onfocus="document.getElementById('fnc').style.display='';"><span id="fnc" style="display:none;"><input type="checkbox" name="forumname" /> Name im Forum ändern</span></td> </tr><tr> <td class="Cmite">eMail</td> <td class="Cnorm"><input name='email' maxlength="100" value='{email}'></td> </tr><tr> <td class="Cmite">Homepage</td> <td class="Cnorm"><input name="homepage" value="{homepage}" /></td> </tr><tr> <td class="Cmite">Wohnort</td> <td class="Cnorm"><input name="wohnort" value="{wohnort}" /></td> </tr><tr> <td class="Cmite">ICQ</td> <td class="Cnorm"><input name="icq" value="{icq}" /></td> </tr><tr> <td class="Cmite">MSN</td> <td class="Cnorm"><input name="msn" value="{msn}" /></td> </tr><tr> <td class="Cmite">Yahoo</td> <td class="Cnorm"><input name="yahoo" value="{yahoo}" /></td> </tr><tr> <td class="Cmite">AIM</td> <td class="Cnorm"><input name="aim" value="{aim}" /></td> </tr><tr> <td class="Cmite">Xfire</td> <td class="Cnorm"><input name="xfire" value="{xfire}" /></td> </tr><tr> <td class="Cmite">Gebdatum</td> <td class="Cnorm"><input name="gebdatum" value="{gebdatum}" /></td> </tr><tr> <td class="Cmite">Staat</td> <td class="Cnorm"><select name="staat">{_list_staat@<option%1 value="%2">%3</option>}</select></td> </tr><tr> <td class="Cmite">Rank</td> <td class="Cnorm"><select name="spezrank">{_list_spezrank@<option%1 value="%2">%3</option>}</select></td> </tr><tr> <td class="Cmite">Geschlecht</td> <td class="Cnorm"><input type="radio" value="1" name="geschlecht" {geschlecht1} /> männlich, <input type="radio" value="2" name="geschlecht" {geschlecht2} /> weiblich, <input type="radio" value="0" name="geschlecht" {geschlecht0} /> wurstegal</td> </tr><tr> <td class="Cmite">Status</td> <td class="Cnorm"><input type="radio" value="1" name="status" {status1} /> aktiv, <input type="radio" value="0" name="status" {status0} /> inaktiv</td> </tr><tr> <td class="Cmite">eMails</td> <td class="Cnorm"><input type="radio" value="1" name="opt_mail" {opt_mail1} /> ja, <input type="radio" value="0" name="opt_mail" {opt_mail0} /> nein ||Erklärung: eMails von anderen Usern?</td> </tr><tr> <td class="Cmite">PrivMsgs</td> <td class="Cnorm"><input type="radio" value="1" name="opt_pm" {opt_pm1} /> ja, <input type="radio" value="0" name="opt_pm" {opt_pm0} /> nein ||Erklärung: PrivMsgs von anderen Usern?</td> </tr><tr> <td class="Cmite">PrivMsgs Popup</td> <td class="Cnorm"><input type="radio" value="1" name="opt_pm_popup" {opt_pm_popup1} /> ja, <input type="radio" value="0" name="opt_pm_popup" {opt_pm_popup0} /> nein ||Erklärung: Popup bei einer neuen PrivMsgs?</td> </tr><tr> <td class="Cmite">Avatar</td> <td class="Cnorm"><input type="checkbox" name="avatardel" value="1">Löschen ?<br /> {avatar}<input type="file" name="avatarfile" /></td> </tr><tr> <td class="Cmite">Password</td> <td class="Cnorm"><input type="checkbox" name="passw" value="1">neues generieren ?</td> </tr><tr> <td class="Cmite">User</td> <td class="Cnorm"><input type="checkbox" name="userdel" value="1">Löschen ? <font color="#FF0000">Achtung der User wird <strong>ohne Rückfrage</strong> gelöscht</font></td> </tr><tr> <td class="Cmite">Signature</td> <td class="Cnorm"><textarea cols="60" rows="2" name="sig">{sig}</textarea></td> </tr><tr> <td colspan="2" class="Cnorm"> <fieldset><legend>Profilefields </legend> {EXPLODE} </fieldset> </td></tr> <tr> <td class="Cdark"></td> <td class="Cdark"> <input type="submit" value="Ändern" name="submit"> <input type="button" value="zurück" onclick="javscript:history.back();" /> </td> </tr> </table> </form> |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 | <?php // Copyright by: Manuel // Support: www.ilch.de defined ( 'main' ) or die ( 'no direct access' ); defined ( 'admin' ) or die ( 'only admin access' ); function user_get_group_list ( $uid ) { $l = 'Mitglied in Gruppen:<br />' ; $erg = db_query( "SELECT prefix_groups.name FROM prefix_groupusers LEFT JOIN prefix_groups ON prefix_groups.id = prefix_groupusers.gid WHERE prefix_groupusers.uid = " . $uid ); while ( $r = db_fetch_assoc( $erg )) { $l .= '- ' . $r [ 'name' ] . '<br />' ; } return ( $l ); } function user_get_all_mod_list () { $l = '' ; $erg = db_query( "SELECT DISTINCT name FROM prefix_modules WHERE fright = 1 ORDER BY prefix_modules.name" ); while ( $r = db_fetch_assoc( $erg )) { $x = $r [ 'name' ]; $l .= '<th style="font-size: 9px; font-weight: normal;" title="' . $r [ 'name' ] . '" valign="bottom">' . $x . '</th>' ; } return ( $l ); } function user_get_mod_change_list ( $uid ) { $l = '' ; $erg = db_query( "SELECT prefix_modules.id, uid FROM prefix_modules LEFT JOIN prefix_modulerights ON prefix_modulerights.mid = prefix_modules.id AND prefix_modulerights.uid = " . $uid . " WHERE fright = 1 ORDER BY prefix_modules.name" ); while ( $r = db_fetch_assoc( $erg )) { if ( $r [ 'uid' ] == '' ) { $c = '' ; } else { $c = ' checked' ; } $l .= '<td align="center"><input onclick="changeModulRecht(' . $r [ 'id' ] . ',' . $uid . ')" type="checkbox" id="MN' . $r [ 'id' ] . '-' . $uid . '" name="MN' . $r [ 'id' ] . '-' . $uid . '" ' . $c . ' /></td>' ; } return ( $l ); } function user_get_mod_list ( $uid ) { $l = 'Modulrechte:<br />' ; $erg = db_query( "SELECT DISTINCT module FROM prefix_modulerights WHERE uid = " . $uid ); while ( $r = db_fetch_assoc( $erg )) { $l .= '- ' . $r [ 'module' ] . '<br />' ; } return ( $l ); } function getfl( $gid ) { $liste = '' ; $erg = db_query( "SELECT view,name,reply,start,mods FROM prefix_forums WHERE view = " . $gid . " OR reply = " . $gid . " OR start = " . $gid . " OR mods = " . $gid ); while ( $row = db_fetch_assoc( $erg )) { $v = ( $row [ 'view' ] == $gid ? 'sehen/lesen,' : '' ); $r = ( $row [ 'reply' ] == $gid ? 'antworten,' : '' ); $s = ( $row [ 'start' ] == $gid ? 'Themen starten,' : '' ); $m = ( $row [ 'mods' ] == $gid ? 'Moderieren,' : '' ); $liste .= $row [ 'name' ] . '<span class="smalfont">(' . $v . $r . $s . $m . ')</span> ' ; } return ( $liste ); } if (isset( $_POST [ 'action' ])) { $design = new design ( 'Admins Area' , 'Admins Area' , 0); $design ->header(); $wdtext = 'Es ist ein Fehler aufgetreten.' ; if (chk_antispam( 'adminuser_action' , true) and isset( $_POST [ 'uid' ])) { $uid = escape( $_POST [ 'uid' ], 'integer' ); switch ( $_POST [ 'action' ]){ // einen user komplett loeschen case 'deleteUser' : $name = get_n( $uid ); if ( $uid != 1 and ! empty ( $name )) { user_remove( $uid ); $wdtext = 'Der User ' . $name . ' wurde erfolgreich gelöscht.' ; } break ; // das recht eines users aendern case 'changeRight' : $altes_recht = db_result(db_query( "SELECT recht FROM prefix_user WHERE id = " . $uid ), 0); $neues_recht = escape( $_POST [ 'newright' ], 'integer' ); if (( $neues_recht > $_SESSION [ 'authright' ] AND $altes_recht > $_SESSION [ 'authright' ]) OR ( $_SESSION [ 'authid' ] == 1 AND $uid != 1)) { $q = "UPDATE prefix_user SET recht = " . $neues_recht . " WHERE id = " . $uid ; db_query( $q ); } $wdtext = false; break ; // modulrechte fuer einen user aendern case 'changeModulRight' : $modul = escape( $_POST [ 'modul' ], 'integer' ); $aktion = $_POST [ 'giveremove' ]; if ( $aktion == 'give' AND 0 == db_result(db_query( "SELECT COUNT(*) FROM prefix_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid ), 0)) { db_query( "INSERT INTO prefix_modulerights (mid,uid) VALUES ('" . $modul . "'," . $uid . ")" ); } elseif ( $aktion == 'remove' AND 1 == db_result(db_query( "SELECT COUNT(*) FROM prefix_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid ), 0)) { db_query( "DELETE FROM prefix_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid ); } $wdtext = false; break ; } } if ( $wdtext === false) { $antispam = get_antispam( 'adminuser_action' , 0, true); ?><script type= "text/javascript" ><!-- function updateParent() { parent.setNewAntispam(document.getElementById( 'tmp' ).childNodes[0]);} window.onload = function () { updateParent(); }; //--></script> <div id= "tmp" ><?php echo $antispam ; ?></div> <?php exit ; } wd( 'admin.php?' . $menu ->get_complete(), $wdtext , 5); $design ->footer(1); } $um = $menu ->get(1); switch ( $um ) { default : $design = new design ( 'Admins Area' , 'Admins Area' , 2); $design ->header(); $q = '' ; if (isset( $_REQUEST [ 'q' ])) { $q = escape( $_REQUEST [ 'q' ], 'string' ); } $tpl = new tpl ( 'user/user' , 1); $tpl ->set( 'modlall' , user_get_all_mod_list()); $tpl ->set( 'anzmods' , db_result(db_query( "SELECT COUNT(*) FROM prefix_modules WHERE fright = 1" ), 0)); $tpl ->set( 'action_antispam' , get_antispam( 'adminuser_action' , 0, true)); $tpl ->set_out( 'q' , unescape( $q ), 0); $q = str_replace ( '*' , '%' , $q ); if ( strpos ( $q , '%' ) === false) { $q = $q . '%' ; } $limit = 15; // Limit $page = ( $menu ->getA(1) == 'p' ? $menu ->getE(1) : 1); $MPL = db_make_sites ( $page , "WHERE name LIKE '" . $q . "'" , $limit , '?user' , 'user' ); $anfang = ( $page - 1) * $limit ; $class = '' ; $q = "SELECT name,recht,id FROM `prefix_user` WHERE name LIKE '" . $q . "' ORDER by recht,posts DESC LIMIT " . $anfang . "," . $limit ; $erg = db_query( $q ); while ( $row = db_fetch_object( $erg )) { if ( $class == 'Cmite' ) { $class = 'Cnorm' ; } else { $class = 'Cmite' ; } $ar = array ( 'name' => $row ->name, 'class' => $class , 'id' => $row ->id, 'grouplist' => user_get_group_list( $row ->id), 'recht' => dblistee( $row ->recht, "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC" ), 'modslist' => user_get_mod_change_list( $row ->id), ); $tpl ->set_ar_out( $ar , 1); } $tpl ->set_out( 'MPL' , $MPL , 2); $design ->footer(); break ; // gruppen zugehoerigkeiten eines users aendern case 'gruppen' : $uid = $menu ->get(2); if (isset( $_POST [ 'usergroups' ])) { $erg = db_query( "SELECT id FROM prefix_groups" ); while ( $row = db_fetch_assoc( $erg )) { $ck = db_count_query( "SELECT COUNT(uid) FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row [ 'id' ]); if ( $ck == 0 AND isset ( $_POST [ 'grprhave' ][ $row [ 'id' ]][ $uid ])) { db_query( "INSERT INTO prefix_groupusers (uid,gid,fid) VALUES ( " . $uid . ", " . $row [ 'id' ] . ", 3 )" ); } elseif ( $ck == 1 AND !isset ( $_POST [ 'grprhave' ][ $row [ 'id' ]][ $uid ])) { db_query( "DELETE FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row [ 'id' ]); } } } $user_name = db_result(db_query( "SELECT name FROM prefix_user WHERE id = " . $uid ), 0); $tpl = new tpl ( 'user/gruppen' , 1); $tpl ->set_ar_out( array ( 'username' => $user_name , 'userid' => $uid ), 0); $class = 'Cnorm' ; $erg = db_query( "SELECT name,id FROM prefix_groups" ); while ( $row = db_fetch_assoc( $erg )) { $ck = db_count_query( "SELECT COUNT(uid) FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row [ 'id' ]); $row [ 'ck' ] = ( $ck == 0 ? '' : 'checked' ); $class = ( $class == 'Cnorm' ? 'Cmite' : 'Cnorm' ); $row [ 'class' ] = $class ; $tpl ->set_ar_out( $row , 1); } $tpl ->out(2); break ; // details eines users anzeigen case 1 : $design = new design ( 'Admins Area' , 'Admins Area' , 2); $design ->header(); if (isset ( $_REQUEST [ 'uID' ])) { $uid = $_REQUEST [ 'uID' ]; } else { $uid = $menu ->get(2); } $erg = db_query( "SELECT name,email,id,recht,wohnort,homepage,aim,msn,icq,yahoo,status,staat,gebdatum,sig,opt_pm,opt_pm_popup,opt_mail,geschlecht,spezrank,avatar,xfire FROM prefix_user WHERE id = '" . $uid . "'" ); if (db_num_rows( $erg ) == 0) { die ( 'Fehler: Username nicht gefunden <a href="?user">zurück</a>' ); } else { $row = db_fetch_assoc( $erg ); $tpl = new tpl ( 'user/details' , 1); $row [ 'recht' ] = dbliste ( $row [ 'recht' ] , $tpl , 'recht' , "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC" ); $row [ 'staat' ] = '<option></option>' . arliste ( $row [ 'staat' ] , get_nationality_array() , $tpl , 'staat' ); $row [ 'spezrank' ] = '<option></option>' . dbliste ( $row [ 'spezrank' ], $tpl , 'spezrank' , "SELECT id, bez FROM prefix_ranks WHERE spez = 1" ); $row [ 'geschlecht0' ] = ( $row [ 'geschlecht' ] < 1 ? 'checked' : '' ); $row [ 'geschlecht1' ] = ( $row [ 'geschlecht' ] == 1 ? 'checked' : '' ); $row [ 'geschlecht2' ] = ( $row [ 'geschlecht' ] == 2 ? 'checked' : '' ); if ( $row [ 'status' ] == 1) { $row [ 'status1' ] = 'checked' ; $row [ 'status0' ] = '' ; } else { $row [ 'status1' ] = '' ; $row [ 'status0' ] = 'checked' ; } if ( $row [ 'opt_mail' ] == 1) { $row [ 'opt_mail1' ] = 'checked' ; $row [ 'opt_mail0' ] = '' ; } else { $row [ 'opt_mail1' ] = '' ; $row [ 'opt_mail0' ] = 'checked' ; } if ( $row [ 'opt_pm' ] == 1) { $row [ 'opt_pm1' ] = 'checked' ; $row [ 'opt_pm0' ] = '' ; } else { $row [ 'opt_pm1' ] = '' ; $row [ 'opt_pm0' ] = 'checked' ; } if ( $row [ 'opt_pm_popup' ] == 1) { $row [ 'opt_pm_popup1' ] = 'checked' ; $row [ 'opt_pm_popup0' ] = '' ; } else { $row [ 'opt_pm_popup1' ] = '' ; $row [ 'opt_pm_popup0' ] = 'checked' ; } if (@ file_exists ( $row [ 'avatar' ])) { $row [ 'avatar' ] = '<img src="' . $row [ 'avatar' ] . '" border="0" /><br />' ; } else { $row [ 'avatar' ] = '' ; } $row [ 'antispam' ] = get_antispam( 'adminuser' , 0, true); $tpl ->set_ar_out ( $row , 0); profilefields_change ( $row [ 'id' ]); $tpl ->out(1); } $design ->footer(); break ; // details des users aendern case 2 : $design = new design ( 'Admins Area' , 'Admins Area' , 2); $design ->header(); $changeok = true; $uid = escape( $_POST [ 'uID' ], 'integer' ); $altes_recht = db_result(db_query( "SELECT recht FROM prefix_user WHERE id = " . $uid ), 0); $neues_recht = escape( $_POST [ 'urecht' ], 'integer' ); if (( $neues_recht <= $_SESSION [ 'authright' ] OR $altes_recht <= $_SESSION [ 'authright' ]) AND $_SESSION [ 'authid' ] > 1) { $changeok = false; } if ( $changeok and chk_antispam( 'adminuser' , true)) { if (isset( $_POST [ 'userdel' ])) { user_remove( $uid ); wd ( '?user' , 'User wurde erfolgreich gelöscht' ); } else { $abf = "SELECT * FROM prefix_user WHERE id = '" . $uid . "'" ; $erg = db_query( $abf ); $row = db_fetch_object( $erg ); if (isset( $_POST [ 'passw' ])) { $newPass = genkey (8); $newPassMD5 = md5( $newPass ); icmail ( $row ->email , 'neues Password' , "Hallo\n\nDein Password wurde soeben von einem Administrator gäendert es ist nun:\n\n$newPass\n\nGruß der Administrator" ); db_query( 'UPDATE `prefix_user` SET pass = "' . $newPassMD5 . '" WHERE id = "' . escape( $_POST [ 'uID' ], 'integer' ) . '"' ); } // avatar speichern START $avatar_sql_update = '' ; if (! empty ( $_FILES [ 'avatarfile' ][ 'name' ])) { $file_tmpe = $_FILES [ 'avatarfile' ][ 'tmp_name' ]; $rile_type = ic_mime_type ( $_FILES [ 'avatarfile' ][ 'tmp_name' ]); $file_type = $_FILES [ 'avatarfile' ][ 'type' ]; $file_size = $_FILES [ 'avatarfile' ][ 'size' ]; $fmsg = $lang [ 'avatarisnopicture' ]; $size = @ getimagesize ( $file_tmpe ); $endar = array (1 => 'gif' , 2 => 'jpg' , 3 => 'png' ); if (( $size [2] == 1 OR $size [2] == 2 OR $size [2] == 3) AND $size [0] > 10 AND $size [1] > 10 AND substr ( $file_type , 0 , 6) == 'image/' AND substr ( $rile_type , 0 , 6) == 'image/' ) { $endung = $endar [ $size [2]]; $breite = $size [0]; $hoehe = $size [1]; $neuer_name = 'include/images/avatars/' . $uid . '.' . $endung ; @unlink (db_result(db_query( "SELECT avatar FROM prefix_user WHERE id = " . $uid ), 0)); move_uploaded_file ( $file_tmpe , $neuer_name ); @ chmod ( $neuer_name , 0777); $avatar_sql_update = ', avatar = "' . $neuer_name . '"' ; $fmsg = $lang [ 'pictureuploaded' ]; } } elseif (isset( $_POST [ 'avatardel' ])) { $fmsg = $lang [ 'picturedelete' ]; @unlink (db_result(db_query( "SELECT avatar FROM prefix_user WHERE id = " . $uid ), 0)); $avatar_sql_update = ', avatar = ""' ; } // avatar speichern ENDE profilefields_change_save (escape( $_POST [ 'uID' ], 'integer' )); $usaName1 = escape( $_POST [ 'usaName1' ], 'string' ); $email = escape( $_POST [ 'email' ], 'string' ); $homepage = escape( $_POST [ 'homepage' ], 'string' ); $wohnort = escape( $_POST [ 'wohnort' ], 'string' ); $icq = escape( $_POST [ 'icq' ], 'string' ); $msn = escape( $_POST [ 'msn' ], 'string' ); $yahoo = escape( $_POST [ 'yahoo' ], 'string' ); $aim = escape( $_POST [ 'aim' ], 'string' ); $staat = escape( $_POST [ 'staat' ], 'string' ); $spezrank = escape( $_POST [ 'spezrank' ], 'integer' ); $geschlecht = escape( $_POST [ 'geschlecht' ], 'integer' ); $status = escape( $_POST [ 'status' ], 'integer' ); $opt_mail = escape( $_POST [ 'opt_mail' ], 'integer' ); $opt_pm = escape( $_POST [ 'opt_pm' ], 'integer' ); $opt_pm_popup = escape( $_POST [ 'opt_pm_popup' ], 'integer' ); $xfire = escape( $_POST [ 'xfire' ], 'string' ); $gebdatum = escape( $_POST [ 'gebdatum' ], 'string' ); $sig = escape( $_POST [ 'sig' ], 'string' ); // Name im Forum ändern if ( $_POST [ 'forumname' ] == 'on' ) { $oldname = db_count_query( "SELECT name FROM `prefix_user` WHERE id =" . $uid ); if ( $oldname != $usaName1 ) { db_query( "UPDATE `prefix_posts` SET erst = '$usaName1' WHERE erstid = " . $uid ); db_query( "UPDATE `prefix_topics` SET erst = '$usaName1' WHERE erst = '$oldname'" ); } } db_query('UPDATE prefix_user SET name = "' . $usaName1 . '" , recht = "' . $neues_recht . '" , email = "' . $email . '" , homepage = "' . $homepage . '" , wohnort = "' . $wohnort . '" , icq = "' . $icq . '" , msn = "' . $msn . '" , yahoo = "' . $yahoo . '" , aim = "' . $aim . '" , staat = "' . $staat . '" , spezrank = "' . $spezrank . '" , geschlecht = "' . $geschlecht . '" , status = "' . $status . '" , opt_mail = "' . $opt_mail . '" , opt_pm = "' . $opt_pm . '" , opt_pm_popup = "' . $opt_pm_popup . '" , xfire = "' . $xfire . '" , gebdatum = "' . $gebdatum . '" , sig = "' . $sig . '" ' . $avatar_sql_update . ' WHERE id = "' . $uid . '" '); } } wd( 'admin.php?user-1-' . $uid , 'Das Profil wurde erfolgreich geaendert' , 2); $design ->footer(); break ; // mal kurz nen neuen user anlegen case 'createNewUser' : $msg = '' ; if (! empty ( $_POST [ 'name' ]) AND ! empty ( $_POST [ 'pass' ]) AND ! empty ( $_POST [ 'email' ]) and chk_antispam( 'adminuser_create' , true)) { $_POST [ 'name' ] = escape( $_POST [ 'name' ], 'string' ); $_POST [ 'recht' ] = escape( $_POST [ 'recht' ], 'integer' ); $_POST [ 'email' ] = escape( $_POST [ 'email' ], 'string' ); $erg = db_query( "SELECT id FROM prefix_user WHERE name = BINARY '" . $_POST ['name '] . "' "); if (db_num_rows( $erg ) > 0) { $msg = 'Der Name ist leider schon vorhanden!' ; } else { $new_pass = $_POST [ 'pass' ]; $md5_pass = md5( $new_pass ); db_query("INSERT INTO prefix_user (name,pass,recht,regist,llogin,email) VALUES( '" . $_POST[' name '] . "' , '" . $md5_pass . "' , " . $_POST['recht'] . " , '" . time() . "' , '" . time() . "' , '" . $_POST[' email '] . "' )"); $userid = db_last_id(); db_query( "INSERT INTO prefix_userfields (uid,fid,val) VALUES (" . $userid . ",2,'1')" ); db_query( "INSERT INTO prefix_userfields (uid,fid,val) VALUES (" . $userid . ",3,'1')" ); if (isset( $_POST [ 'info' ])) { $page = $_SERVER [ "HTTP_HOST" ] . $_SERVER [ "SCRIPT_NAME" ]; $page = str_replace ( 'admin.php' , 'index.php' , $page ); $tpl = new tpl ( 'user/new_user_email' , 1); $tpl ->set( 'name' , $_POST [ 'name' ]); $tpl ->set( 'pass' , $_POST [ 'pass' ]); $tpl ->set( 'page' , $page ); $txt = $tpl ->get(0); unset( $tpl ); icmail ( $_POST [ 'email' ], 'Admin hat dich angelegt' , $txt ); } $msg = 'Benutzer angelegt <a href="javascript:closeThisWindow()">Fenster schließen</a>' ; } } $pass = '' ; $email = '' ; $recht = '' ; if (isset( $_POST [ 'pass' ])) { $pass = $_POST [ 'pass' ]; } if (isset( $_POST [ 'email' ])) { $email = $_POST [ 'email' ]; } if (isset( $_POST [ 'recht' ])) { $recht = $_POST [ 'recht' ]; } else { $recht = '-1' ; } $tpl = new tpl ( 'user/new_user' , 1); $tpl ->set( 'msg' , $msg ); $tpl ->set( 'pass' , $pass ); $tpl ->set( 'email' , $email ); $tpl ->set( 'recht' , dblistee( $recht , "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC" )); $tpl ->set( 'antispam' , get_antispam( 'adminuser_create' , 0, true)); $tpl ->out(0); break ; } ?> |
1 | $erg = db_query("SELECT name,email,id,recht,wohnort,homepage,aim,msn,icq,yahoo,status,staat,gebdatum,sig,opt_pm,opt_pm_popup,opt_mail,geschlecht,spezrank,avatar,xfire FROM prefix_user WHERE id = '" . $uid . "'"); |
1 | $xfire = escape($_POST['xfire'], 'string'); |
1 | xfire = "' . $xfire . '", |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 | <script language="JavaScript" type="text/javascript"> <!-- function setufocus() { document.f.q.focus(); } // manage div ... document.onmousemove = checkPosition; function checkPosition(e) { if(document.all) { mausX = event.clientX + document.body.scrollLeft; mausY = event.clientY + document.body.scrollTop; } else { mausX = e.pageX; mausY = e.pageY; } } function alertpos(dname) { if (document.layers) { document.layers[0].left = mausX; document.layers[0].top = mausY; } else if (document.getElementById) { document.getElementById(dname).style.left = (mausX + 10) + "px"; document.getElementById(dname).style.top = (mausY + 50 ) + "px"; } document.getElementById(dname).style.display = "inline"; } function hiddpos(dname) { document.getElementById(dname).style.display = "none"; } function changeUserRight (id1) { var x = confirm ( 'Das Recht dieses Users wirklich aendern?' ); if (x) { var newr = document.getElementById('recht'+id1).value; var Fenster = window.open ('admin.php?user-changeRecht-' + id1 + '=0&newr='+ newr, 'changeRecht', 'status=no,scrollbars=no,height=10,width=10'); Fenster.focus(); } } function changeGruppen (id1) { var Fenster = window.open ('admin.php?user-gruppen-' + id1, 'changeGruppen', 'status=yes,scrollbars=yes,height=500,width=250,left=300,top=50'); Fenster.focus(); } function changeModulrecht (id1) { var Fenster = window.open ('admin.php?user-modulrecht-' + id1, 'changeModulrecht', 'status=yes,scrollbars=yes,height=500,width=250,left=300,top=50'); Fenster.focus(); } function deleteUser (id1) { var x = confirm ( 'Diesen User wirklich komplett entfernen?' ); if (x) { var Fenster = window.open ('admin.php?user-deleteUser-' + id1, 'deleteUser', 'status=no,scrollbars=no,height=10,width=10'); Fenster.focus(); } } function changeModulRecht ( modul, uid ) { var aktion = 'loeschen'; if ( document.getElementById("MN" + modul + "-" + uid).checked == true ) { aktion = 'eintragen'; } var Fenster = window.open ('admin.php?user-modulrecht-' +uid+ '=0&modul=' + modul + '&aktion=' + aktion, 'changeModulRecht', 'status=no,scrollbars=no,height=10,width=10'); } //--> </script> <div style="float:right"><a href="admin.php?puser">Noch nicht bestätigte Registrierungen verwalten</a></div> <body onload="setufocus()"> <form action="admin.php" name="f" method="GET" style="padding: 0px; margin:0px 0px 0px 0px;" > <input type="hidden" name="user" value="" /> <table cellpadding="3" cellspacing="1" border="0" class="border" style="float:left"> <tr> <td class="Cmite"><input name="q" value="{q}" /></td> <td class="Cdark"><input type="submit" value="Suchen" /></td> </tr> </table> </form> <br /> <br /> <br /> <table cellpadding="3" cellspacing="1" border="0" class="border"> <tr> <td colspan="6"></td> <td class="Cmite" colspan="{anzmods}"><b>Modulrechte:</b></td> </tr> <tr class="Chead"> <th>Name</th> <th>Recht</th> <th>Gruppe</th> <th></th> <th></th> <th class="border"> </th> {modlall} </tr> {EXPLODE} <tr class="{class}"> <td><div onmouseover="hiddpos('groupdiv{id}')" id="groupdiv{id}" style="position:absolute; top:50px; left:50px; display:none; width:200px;"> <table width="100%" class="border" border="0" cellspacing="1" cellpadding="4"> <tr> <td class="{class}" align="left">{grouplist}</td> </tr> </table> </div><strong>{name}</strong></td> <td><select id="recht{id}" onChange="changeUserRight({id})">{recht}</select></td> <td style="text-align: center;"><a onmouseout="hiddpos('groupdiv{id}')" onmouseover="alertpos('groupdiv{id}')" href="javascript:changeGruppen({id})" title="hier die Gruppenzugehörigkeit ändern">Gruppen</a></td> <td> <a href="admin.php?user-1-{id}"><img src="include/images/icons/edit.gif" border="0" title="ändern" alt="ändern" /></a> </td> <td> <a href="javascript:deleteUser({id})"><img src="include/images/icons/del.gif" border="0" title="löschen" alt="löschen" /></a> </td> <td class="border"></td> {modslist} </tr> {EXPLODE} </table> {MPL} |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 | <?php # Copyright by: Manuel Staechele # Support: www.ilch.de defined ( 'main' ) or die ( 'no direct access' ); defined ( 'admin' ) or die ( 'only admin access' ); function user_get_group_list ( $uid ) { $l = 'Mitglied in Gruppen:<br />' ; $erg = db_query( "SELECT prefix_groups.name FROM prefix_groupusers LEFT JOIN prefix_groups ON prefix_groups.id = prefix_groupusers.gid WHERE prefix_groupusers.uid = " . $uid ); while ( $r = db_fetch_assoc( $erg )) { $l .= '- ' . $r [ 'name' ]. '<br />' ; } return ( $l ); } function user_get_all_mod_list () { $l = '' ; $erg = db_query( "SELECT DISTINCT name FROM prefix_modules WHERE fright = 1 ORDER BY prefix_modules.name" ); while ( $r = db_fetch_assoc( $erg )) { $x = $r [ 'name' ]; $l .= '<th style="font-size: 9px; font-weight: normal;" title="' . $r [ 'name' ]. '" valign="bottom">' . $x . '</th>' ; } return ( $l ); } function user_get_mod_change_list ( $uid ) { $l = '' ; $erg = db_query( "SELECT prefix_modules.id, uid FROM prefix_modules LEFT JOIN prefix_modulerights ON prefix_modulerights.mid = prefix_modules.id AND prefix_modulerights.uid = " . $uid . " WHERE fright = 1 ORDER BY prefix_modules.name" ); while ( $r = db_fetch_assoc( $erg )) { if ( $r [ 'uid' ] == '' ) { $c = '' ; } else { $c = ' checked' ; } $l .= '<td align="center"><input onChange="changeModulRecht(' . $r [ 'id' ]. ',' . $uid . ')" type="checkbox" id="MN' . $r [ 'id' ]. '-' . $uid . '" name="MN' . $r [ 'id' ]. '-' . $uid . '" ' . $c . ' /></td>' ; } return ( $l ); } function user_get_mod_list ( $uid ) { $l = 'Modulrechte:<br />' ; $erg = db_query( "SELECT DISTINCT module FROM prefix_modulerights WHERE uid = " . $uid ); while ( $r = db_fetch_assoc( $erg )) { $l .= '- ' . $r [ 'module' ]. '<br />' ; } return ( $l ); } function getfl( $gid ) { $liste = '' ; $erg = db_query( "SELECT view,name,reply,start,mods FROM prefix_forums WHERE view = " . $gid . " OR reply = " . $gid . " OR start = " . $gid . " OR mods = " . $gid ); while ( $row = db_fetch_assoc( $erg ) ) { $v = ( $row [ 'view' ] == $gid ? 'sehen/lesen,' : '' ); $r = ( $row [ 'reply' ] == $gid ? 'antworten,' : '' ); $s = ( $row [ 'start' ] == $gid ? 'Themen starten,' : '' ); $m = ( $row [ 'mods' ] == $gid ? 'Moderieren,' : '' ); $liste .= $row [ 'name' ]. '<span class="smalfont">(' . $v . $r . $s . $m . ')</span> ' ; } return ( $liste ); } $um = $menu ->get(1); switch ( $um ) { default : $design = new design ( 'Admins Area' , 'Admins Area' , 2 ); $design ->header(); $q = '' ; if ( isset( $_REQUEST [ 'q' ]) ) { $q = escape( $_REQUEST [ 'q' ], 'string' ); } $tpl = new tpl ( 'user/user' , 1); $tpl ->set( 'modlall' , user_get_all_mod_list()); $tpl ->set( 'anzmods' , db_result(db_query( "SELECT COUNT(*) FROM prefix_modules WHERE fright = 1" ),0) ); $tpl ->set_out( 'q' ,unescape( $q ),0); $q = str_replace ( '*' , '%' , $q ); if ( strpos ( $q , '%' ) === FALSE ) { $q = $q . '%' ; } $limit = 15; // Limit $page = ( $menu ->getA(1) == 'p' ? $menu ->getE(1) : 1 ); $MPL = db_make_sites ( $page , "WHERE name LIKE '" . $q . "'" , $limit , '?user' , 'user' ); $anfang = ( $page - 1) * $limit ; $class = '' ; $q = "SELECT name,recht,id FROM `prefix_user` WHERE name LIKE '" . $q . "' ORDER by recht,posts DESC LIMIT " . $anfang . "," . $limit ; $erg = db_query( $q ); while ( $row = db_fetch_object( $erg )) { if ( $class == 'Cmite' ) { $class = 'Cnorm' ; } else { $class = 'Cmite' ; } $ar = array ( 'name' => $row ->name, 'class' => $class , 'id' => $row ->id, 'grouplist' => user_get_group_list( $row ->id), 'recht' => dblistee( $row ->recht, "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC" ), 'modslist' => user_get_mod_change_list( $row ->id), ); $tpl ->set_ar_out( $ar ,1); } $tpl ->set_out( 'MPL' , $MPL ,2); $design ->footer(); break ; # modulrechte fuer einen user aendern case 'modulrecht' : $uid = intval ( $menu ->get(2)); $modul = intval ( $_REQUEST [ 'modul' ]); $aktion = $_REQUEST [ 'aktion' ]; if ( $aktion == 'eintragen' AND 0 == db_result(db_query( "SELECT COUNT(*) FROM prefix_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid ),0) ) { db_query( "INSERT INTO prefix_modulerights (mid,uid) VALUES ('" . $modul . "'," . $uid . ")" ); } elseif ( $aktion == 'loeschen' AND 1 == db_result(db_query( "SELECT COUNT(*) FROM prefix_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid ),0) ) { db_query( "DELETE FROM prefix_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid ); } ?><html><head><script language= "JavaScript" type= "text/javascript" ><!-- opener.location.reload(); function closeThisWindow() { opener.focus(); window.close(); } closeThisWindow() //--></script></head><body></body></html><?php break ; # gruppen zugehoerigkeiten eines users aendern case 'gruppen' : $uid = $menu ->get(2); if (isset( $_POST [ 'usergroups' ])) { $erg = db_query( "SELECT id FROM prefix_groups" ); while ( $row = db_fetch_assoc( $erg ) ) { $ck = db_count_query( "SELECT COUNT(uid) FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row [ 'id' ]); if ( $ck == 0 AND isset ( $_POST [ 'grprhave' ][ $row [ 'id' ]][ $uid ] ) ) { db_query( "INSERT INTO prefix_groupusers (uid,gid,fid) VALUES ( " . $uid . ", " . $row [ 'id' ]. ", 3 )" ); } elseif ( $ck == 1 AND !isset ( $_POST [ 'grprhave' ][ $row [ 'id' ]][ $uid ] ) ) { db_query( "DELETE FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row [ 'id' ]); } } } $user_name = db_result(db_query( "SELECT name FROM prefix_user WHERE id = " . $uid ),0); $tpl = new tpl ( 'user/gruppen' , 1); $tpl ->set_ar_out( array ( 'username' => $user_name , 'userid' => $uid ),0); $class = 'Cnorm' ; $erg = db_query( "SELECT name,id FROM prefix_groups" ); while ( $row = db_fetch_assoc( $erg ) ) { $ck = db_count_query( "SELECT COUNT(uid) FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row [ 'id' ]); $row [ 'ck' ] = ( $ck == 0 ? '' : 'checked' ); $class = ( $class == 'Cnorm' ? 'Cmite' : 'Cnorm' ); $row [ 'class' ] = $class ; $tpl ->set_ar_out( $row ,1); } $tpl ->out(2); break ; # das recht eines users aendern case 'changeRecht' : $uid = $menu ->get(2); $altes_recht = db_result(db_query( "SELECT recht FROM prefix_user WHERE id = " . $uid ),0); $neues_recht = escape( $_GET [ 'newr' ], 'integer' ); if (( $neues_recht > $_SESSION [ 'authright' ] AND $altes_recht > $_SESSION [ 'authright' ]) OR ( $_SESSION [ 'authid' ] == 27 AND $uid <> 28)) { $q = "UPDATE prefix_user SET recht = " . $neues_recht . " WHERE id = " . $uid ; db_query( $q ); } ?><html><head><script language= "JavaScript" type= "text/javascript" ><!-- function closeThisWindow() { opener.focus(); window.close(); } closeThisWindow() //--></script></head><body></body></html><?php break ; # details eines users anzeigen case 1 : $design = new design ( 'Admins Area' , 'Admins Area' , 2 ); $design ->header(); if ( isset ( $_REQUEST [ 'uID' ])) { $uid = $_REQUEST [ 'uID' ]; } else { $uid = $menu ->get(2); } $erg = db_query( "SELECT name,email,id,recht,wohnort,homepage,aim,msn,icq,xfire name,yahoo,status,staat,gebdatum,sig,opt_pm,opt_pm_popup,opt_mail,geschlecht,spezrank,avatar FROM prefix_user WHERE id = '" . $uid . "'" ); if ( db_num_rows( $erg ) == 0 ) { die ( 'Fehler: Username nicht gefunden <a href="?user">zurück</a>' ); } else { $row = db_fetch_assoc( $erg ); $tpl = new tpl ( 'user/details' , 1); $row [ 'recht' ] = dbliste ( $row [ 'recht' ] , $tpl , 'recht' , "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC" ); $row [ 'staat' ] = '<option></option>' .arliste ( $row [ 'staat' ] , get_nationality_array() , $tpl , 'staat' ); $row [ 'spezrank' ] = '<option></option>' .dbliste ( $row [ 'spezrank' ], $tpl , 'spezrank' , "SELECT id, bez FROM prefix_ranks WHERE spez = 1" ); $row [ 'geschlecht0' ] = ( $row [ 'geschlecht' ] < 1 ? 'checked' : '' ); $row [ 'geschlecht1' ] = ( $row [ 'geschlecht' ] == 1 ? 'checked' : '' ); $row [ 'geschlecht2' ] = ( $row [ 'geschlecht' ] == 2 ? 'checked' : '' ); if ( $row [ 'status' ] == 1 ) { $row [ 'status1' ] = 'checked' ; $row [ 'status0' ] = '' ; } else { $row [ 'status1' ] = '' ; $row [ 'status0' ] = 'checked' ; } if ( $row [ 'opt_mail' ] == 1 ) { $row [ 'opt_mail1' ] = 'checked' ; $row [ 'opt_mail0' ] = '' ; } else { $row [ 'opt_mail1' ] = '' ; $row [ 'opt_mail0' ] = 'checked' ; } if ( $row [ 'opt_pm' ] == 1 ) { $row [ 'opt_pm1' ] = 'checked' ; $row [ 'opt_pm0' ] = '' ; } else { $row [ 'opt_pm1' ] = '' ; $row [ 'opt_pm0' ] = 'checked' ; } if ( $row [ 'opt_pm_popup' ] == 1 ) { $row [ 'opt_pm_popup1' ] = 'checked' ; $row [ 'opt_pm_popup0' ] = '' ; } else { $row [ 'opt_pm_popup1' ] = '' ; $row [ 'opt_pm_popup0' ] = 'checked' ; } if ( @ file_exists ( $row [ 'avatar' ]) ) { $row [ 'avatar' ] = '<img src="' . $row [ 'avatar' ]. '" border="0" /><br />' ; } else { $row [ 'avatar' ] = '' ; } $tpl ->set_ar_out ( $row ,0); profilefields_change ( $row [ 'id' ] ); $tpl ->out(1); } $design ->footer(); break ; # details des users aendern case 2 : $design = new design ( 'Admins Area' , 'Admins Area' , 2 ); $design ->header(); $changeok = true; $uid = escape( $_POST [ 'uID' ], 'integer' ); $altes_recht = db_result(db_query( "SELECT recht FROM prefix_user WHERE id = " . $uid ),0); $neues_recht = escape( $_POST [ 'urecht' ], 'integer' ); if (( $neues_recht <= $_SESSION [ 'authright' ] OR $altes_recht <= $_SESSION [ 'authright' ]) AND $_SESSION [ 'authid' ] > 1) { $changeok = false; } if ( $changeok ) { if (isset( $_POST [ 'userdel' ])) { user_remove( $uid ); wd ( '?user' , 'User wurde erfolgreich gelöscht' ); } else { $abf = "SELECT * FROM prefix_user WHERE id = '" . $uid . "'" ; $erg = db_query( $abf ); $row = db_fetch_object( $erg ); if (isset( $_POST [ 'passw' ])) { $newPass = genkey ( 8 ); $newPassMD5 = md5( $newPass ); icmail ( $row ->email , 'neues Password' , "Hallo\n\nDein Password wurde soeben von einem Administrator gäendert es ist nun:\n\n$newPass\n\nGruß der Administrator" ); db_query( 'UPDATE `prefix_user` SET pass = "' . $newPassMD5 . '" WHERE id = "' . $_POST [ 'uID' ]. '"' ); } # avatar speichern START $avatar_sql_update = '' ; if ( ! empty ( $_FILES [ 'avatarfile' ][ 'name' ] ) ) { $file_tmpe = $_FILES [ 'avatarfile' ][ 'tmp_name' ]; $rile_type = ic_mime_type ( $_FILES [ 'avatarfile' ][ 'tmp_name' ]); $file_type = $_FILES [ 'avatarfile' ][ 'type' ]; $file_size = $_FILES [ 'avatarfile' ][ 'size' ]; $fmsg = $lang [ 'avatarisnopicture' ]; $size = @ getimagesize ( $file_tmpe ); $endar = array (1 => 'gif' , 2 => 'jpg' , 3 => 'png' ); if ( ( $size [2] == 1 OR $size [2] == 2 OR $size [2] == 3) AND $size [0] > 10 AND $size [1] > 10 AND substr ( $file_type , 0 , 6 ) == 'image/' AND substr ( $rile_type , 0 , 6 ) == 'image/' ) { $endung = $endar [ $size [2]]; $breite = $size [0]; $hoehe = $size [1]; $neuer_name = 'include/images/avatars/' . $uid . '.' . $endung ; @unlink (db_result(db_query( "SELECT avatar FROM prefix_user WHERE id = " . $uid ),0)); move_uploaded_file ( $file_tmpe , $neuer_name ); @ chmod ( $neuer_name , 0777); $avatar_sql_update = ', avatar = "' . $neuer_name . '"' ; $fmsg = $lang [ 'pictureuploaded' ]; } } elseif ( isset( $_POST [ 'avatardel' ]) ) { $fmsg = $lang [ 'picturedelete' ]; @unlink (db_result(db_query( "SELECT avatar FROM prefix_user WHERE id = " . $uid ),0)); $avatar_sql_update = ', avatar = ""' ; } # avatar speichern ENDE profilefields_change_save ( $_POST [ 'uID' ] ); $usaName1 = escape( $_POST [ 'usaName1' ], 'string' ); $email = escape( $_POST [ 'email' ], 'string' ); $homepage = escape( $_POST [ 'homepage' ], 'string' ); $wohnort = escape( $_POST [ 'wohnort' ], 'string' ); $icq = escape( $_POST [ 'icq' ], 'string' ); $msn = escape( $_POST [ 'msn' ], 'string' ); $yahoo = escape( $_POST [ 'yahoo' ], 'string' ); $aim = escape( $_POST [ 'aim' ], 'string' ); $staat = escape( $_POST [ 'staat' ], 'string' ); $spezrank = escape( $_POST [ 'spezrank' ], 'integer' ); $geschlecht = escape( $_POST [ 'geschlecht' ], 'integer' ); $status = escape( $_POST [ 'status' ], 'integer' ); $opt_mail = escape( $_POST [ 'opt_mail' ], 'integer' ); $opt_pm = escape( $_POST [ 'opt_pm' ], 'integer' ); $opt_pm_popup = escape( $_POST [ 'opt_pm_popup' ], 'integer' ); $gebdatum = escape( $_POST [ 'gebdatum' ], 'string' ); $sig = escape( $_POST [ 'sig' ], 'string' ); //Name im Forum ändern if ( $_POST [ 'forumname' ] == 'on' ) { $oldname = db_count_query( "SELECT name FROM `prefix_user` WHERE id =" . $uid ); if ( $oldname != $usaName1 ) { db_query( "UPDATE `prefix_posts` SET erst = '$usaName1' WHERE erstid = " . $uid ); db_query( "UPDATE `prefix_topics` SET erst = '$usaName1' WHERE erst = '$oldname'" ); } } db_query('UPDATE prefix_user SET name = "'.$usaName1.'" , recht = "'.$neues_recht.'" , email = "'.$email.'" , homepage = "'.$homepage.'" , wohnort = "'.$wohnort.'" , icq = "'.$icq.'" , msn = "'.$msn.'" , yahoo = "'.$yahoo.'" , aim = "'.$aim.'" , staat = "'.$staat.'" , spezrank = "'.$spezrank.'" , geschlecht = "'.$geschlecht.'" , status = "'.$status.'" , opt_mail = "'.$opt_mail.'" , opt_pm = "'.$opt_pm.'" , opt_pm_popup = "'.$opt_pm_popup.'" , gebdatum = "'.$gebdatum.'" , sig = "'.$sig.'" '.$avatar_sql_update.' WHERE id = "'.$uid.'" '); } } wd( 'admin.php?user-1-' . $uid , 'Das Profil wurde erfolgreich geaendert' ,2); $design ->footer(); break ; # mal kurz nen neuen user anlegen case 'createNewUser' : $msg = '' ; if (! empty ( $_POST [ 'name' ]) AND ! empty ( $_POST [ 'pass' ]) AND ! empty ( $_POST [ 'email' ])) { $erg = db_query( "SELECT id FROM prefix_user WHERE name = BINARY '" . $_POST ['name ']."' "); if ( db_num_rows( $erg ) > 0 ) { $msg = 'Der Name ist leider schon vorhanden!' ; } else { $new_pass = $_POST [ 'pass' ]; $md5_pass = md5( $new_pass ); db_query("INSERT INTO prefix_user (name,pass,recht,regist,llogin,email) VALUES( '".$_POST[' name ']."' , '".$md5_pass."' , ".$_POST['recht']." , '".time()."' , '".time()."' , '".$_POST[' email ']."' )"); $userid = db_last_id(); db_query( "INSERT INTO prefix_userfields (uid,fid,val) VALUES (" . $userid . ",2,'1')" ); db_query( "INSERT INTO prefix_userfields (uid,fid,val) VALUES (" . $userid . ",3,'1')" ); if (isset( $_POST [ 'info' ]) ) { $page = $_SERVER [ "HTTP_HOST" ]. $_SERVER [ "SCRIPT_NAME" ]; $page = str_replace ( 'admin.php' , 'index.php' , $page ); $tpl = new tpl ( 'user/new_user_email' , 1); $tpl ->set( 'name' , $_POST [ 'name' ]); $tpl ->set( 'pass' , $_POST [ 'pass' ]); $tpl ->set( 'page' , $page ); $txt = $tpl ->get(0); unset( $tpl ); icmail ( $_POST [ 'email' ], 'Admin hat dich angelegt' , $txt ); } $msg = 'Benutzer angelegt <a href="javascript:closeThisWindow()">Fenster schließen</a>' ; } } $pass = '' ; $email = '' ; $recht = '' ; if (isset( $_POST [ 'pass' ])) { $pass = $_POST [ 'pass' ]; } if (isset( $_POST [ 'email' ])) { $email = $_POST [ 'email' ]; } if (isset( $_POST [ 'recht' ])) { $recht = $_POST [ 'recht' ]; } else { $recht = '-1' ;} $tpl = new tpl ( 'user/new_user' , 1); $tpl ->set( 'msg' , $msg ); $tpl ->set( 'pass' , $pass ); $tpl ->set( 'email' , $email ); $tpl ->set( 'recht' ,dblistee( $recht , "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC" )); $tpl ->out(0); break ; # einen user komplett loeschen case 'deleteUser' : $uid = $menu ->get(2); if ( $uid <> 1 ) { user_remove( $uid ); ?><html><head><script language= "JavaScript" type= "text/javascript" ><!-- function closeThisWindow() { opener.location.reload(); opener.focus(); window.close(); } closeThisWindow() //--></script></head><body></body></html><?php } break ; } ?> |
Geschlossen | ||
![]() |
Zurück zu Module und Modifikationen |