Ich habe MyHistory 1.06. installiert.
Übernommen werden zwar neuangelegt Teams,
allerdings die Useränderungen nicht.
Ich habe eine schon modifizierte User.php
und habe wie angegeben die Änderungen per Hand eingetragen.
Woran kann das liegen, findet ihr den Fehler ?
include-admin-user.php
<?php
// Copyright by: Manuel
// Support: www.ilch.de
defined ('main') or die ('no direct access');
defined ('admin') or die ('only admin access');
function user_get_group_list ($uid) {
$l = 'Mitglied in Gruppen:<br />';
$erg = db_query("SELECT xic_groups.name FROM xic_groupusers LEFT JOIN xic_groups ON xic_groups.id = xic_groupusers.gid WHERE xic_groupusers.uid = " . $uid);
while ($r = db_fetch_assoc($erg)) {
$l .= '- ' . $r['name'] . '<br />';
}
return ($l);
}
function user_get_all_mod_list () {
$l = '';
$erg = db_query("SELECT DISTINCT name FROM xic_modules WHERE fright = 1 ORDER BY xic_modules.name");
while ($r = db_fetch_assoc($erg)) {
$x = $r['name'];
$l .= '<th style="font-size: 9px; font-weight: normal;" title="' . $r['name'] . '" valign="bottom">' . $x . '</th>';
}
return ($l);
}
function user_get_mod_change_list ($uid) {
$l = '';
$erg = db_query("SELECT xic_modules.id, uid FROM xic_modules LEFT JOIN xic_modulerights ON xic_modulerights.mid = xic_modules.id AND xic_modulerights.uid = " . $uid . " WHERE fright = 1 ORDER BY xic_modules.name");
while ($r = db_fetch_assoc($erg)) {
if ($r['uid'] == '') {
$c = '';
} else {
$c = ' checked';
}
$l .= '<td align="center"><input onclick="changeModulRecht(' . $r['id'] . ',' . $uid . ')" type="checkbox" id="MN' . $r['id'] . '-' . $uid . '" name="MN' . $r['id'] . '-' . $uid . '" ' . $c . ' /></td>';
}
return ($l);
}
function user_get_mod_list ($uid) {
$l = 'Modulrechte:<br />';
$erg = db_query("SELECT DISTINCT module FROM xic_modulerights WHERE uid = " . $uid);
while ($r = db_fetch_assoc($erg)) {
$l .= '- ' . $r['module'] . '<br />';
}
return ($l);
}
function getfl($gid) {
$liste = '';
$erg = db_query("SELECT view,name,reply,start,mods FROM xic_forums WHERE view = " . $gid . " OR reply = " . $gid . " OR start = " . $gid . " OR mods = " . $gid);
while ($row = db_fetch_assoc($erg)) {
$v = ($row['view'] == $gid ? 'sehen/lesen,' : '');
$r = ($row['reply'] == $gid ? 'antworten,' : '');
$s = ($row['start'] == $gid ? 'Themen starten,' : '');
$m = ($row['mods'] == $gid ? 'Moderieren,' : '');
$liste .= $row['name'] . '<span class="smalfont">(' . $v . $r . $s . $m . ')</span> ';
}
return($liste);
}
if (isset($_POST['action'])) {
$design = new design ('Admins Area', 'Admins Area', 0);
$design->header();
$wdtext = 'Es ist ein Fehler aufgetreten.';
if (chk_antispam('adminuser_action', true) and isset($_POST['uid'])) {
$uid = escape($_POST['uid'], 'integer');
switch($_POST['action']){
// einen user komplett loeschen
case 'deleteUser':
$name = get_n($uid);
if ($uid != 1 and !empty($name)) {
user_remove($uid);
$wdtext = 'Der User ' . $name . ' wurde erfolgreich gelöscht.';
}
break;
// das recht eines users aendern
case 'changeRight' :
$altes_recht = db_result(db_query("SELECT recht FROM xic_user WHERE id = " . $uid), 0);
$neues_recht = escape($_POST['newright'], 'integer');
if (($neues_recht > $_SESSION['authright'] AND $altes_recht > $_SESSION['authright']) OR ($_SESSION['authid'] == 1 AND $uid != 1)) {
$q = "UPDATE xic_user SET recht = " . $neues_recht . " WHERE id = " . $uid;
db_query($q);
}
$wdtext = false;
break;
// modulrechte fuer einen user aendern
case 'changeModulRight' :
$modul = escape($_POST['modul'], 'integer');
$aktion = $_POST['giveremove'];
if ($aktion == 'give' AND 0 == db_result(db_query("SELECT COUNT(*) FROM xic_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid), 0)) {
db_query("INSERT INTO xic_modulerights (mid,uid) VALUES ('" . $modul . "'," . $uid . ")");
} elseif ($aktion == 'remove' AND 1 == db_result(db_query("SELECT COUNT(*) FROM xic_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid), 0)) {
db_query("DELETE FROM xic_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid);
}
$wdtext = false;
break;
}
}
if ($wdtext === false) {
$antispam = get_antispam('adminuser_action', 0, true);
?><script type="text/javascript"><!--
function updateParent() { parent.setNewAntispam(document.getElementById('tmp').childNodes[0]);}
window.onload = function() { updateParent(); };
//--></script>
<div id="tmp"><?php echo $antispam; ?></div>
<?php
exit;
}
wd('admin.php?' . $menu->get_complete(), $wdtext, 5);
$design->footer(1);
}
$um = $menu->get(1);
switch ($um) {
default :
$design = new design ('Admins Area', 'Admins Area', 2);
$design->header();
$q = '';
if (isset($_REQUEST['q'])) {
$q = escape($_REQUEST['q'], 'string');
}
$tpl = new tpl ('user/user', 1);
$tpl->set('modlall', user_get_all_mod_list());
$tpl->set('anzmods', db_result(db_query("SELECT COUNT(*) FROM xic_modules WHERE fright = 1"), 0));
$tpl->set('action_antispam', get_antispam('adminuser_action', 0, true));
$tpl->set_out('q', unescape($q), 0);
$q = str_replace('*', '%', $q);
if (strpos($q, '%') === false) {
$q = $q . '%';
}
$limit = 15; // Limit
$page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1);
$MPL = db_make_sites ($page , "WHERE name LIKE '" . $q . "'" , $limit , '?user' , 'user');
$anfang = ($page - 1) * $limit;
$class = '';
$q = "SELECT name,recht,id FROM `xic_user` WHERE name LIKE '" . $q . "' ORDER by recht,posts DESC LIMIT " . $anfang . "," . $limit;
$erg = db_query($q);
while ($row = db_fetch_object($erg)) {
if ($class == 'Cmite') {
$class = 'Cnorm';
} else {
$class = 'Cmite';
}
$ar = array ('name' => $row->name,
'class' => $class,
'id' => $row->id,
'grouplist' => user_get_group_list($row->id),
'recht' => dblistee($row->recht, "SELECT id,name FROM xic_grundrechte ORDER BY id ASC"),
'modslist' => user_get_mod_change_list($row->id),
);
$tpl->set_ar_out($ar, 1);
}
$tpl->set_out('MPL', $MPL, 2);
$design->footer();
break;
// gruppen zugehoerigkeiten eines users aendern
case 'gruppen' :
$uid = $menu->get(2);
if (isset($_POST['usergroups'])) {
$erg = db_query("SELECT id FROM xic_groups");
while ($row = db_fetch_assoc($erg)) {
$ck = db_count_query("SELECT COUNT(uid) FROM xic_groupusers WHERE uid = " . $uid . " AND gid = " . $row['id']);
if ($ck == 0 AND isset ($_POST['grprhave'][$row['id']][$uid])) {
db_query("INSERT INTO xic_groupusers (uid,gid,fid) VALUES ( " . $uid . ", " . $row['id'] . ", 3 )");
} elseif ($ck == 1 AND !isset ($_POST['grprhave'][$row['id']][$uid])) {
db_query("DELETE FROM xic_groupusers WHERE uid = " . $uid . " AND gid = " . $row['id']);
}
}
}
$user_name = db_result(db_query("SELECT name FROM xic_user WHERE id = " . $uid), 0);
$tpl = new tpl ('user/gruppen', 1);
$tpl->set_ar_out(array('username' => $user_name, 'userid' => $uid), 0);
$class = 'Cnorm';
$erg = db_query("SELECT name,id FROM xic_groups");
while ($row = db_fetch_assoc($erg)) {
$ck = db_count_query("SELECT COUNT(uid) FROM xic_groupusers WHERE uid = " . $uid . " AND gid = " . $row['id']);
$row['ck'] = ($ck == 0 ? '' : 'checked');
$class = ($class == 'Cnorm' ? 'Cmite' : 'Cnorm');
$row['class'] = $class;
$tpl->set_ar_out($row, 1);
}
$tpl->out(2);
break;
#Änderungen Beginn#
#---------------#
# das recht eines users aendern
case 'changeRecht' :
$uid = $menu->get(2);
$gtitle = db_result(db_query("SELECT a.name FROM xic_grundrechte a inner join xic_user b on a.id = b.recht WHERE b.id = ".$uid),0);
$altes_recht = db_result(db_query("SELECT name, recht FROM xic_user WHERE id = ".$uid),0);
$neues_recht = escape($_GET['newright'], 'integer');
if (($neues_recht > $_SESSION['authright'] AND $altes_recht > $_SESSION['authright']) OR ($_SESSION['authid'] == 1 AND $uid <> 1)) {
$q = "UPDATE xic_user SET recht = ".$neues_recht." WHERE id = ".$uid;
db_query($q);
db_query("INSERT INTO xic_history (date, title, hispic, txt ) VALUES (FROM_UNIXTIME(".$membercreatetime."),'".$title."','".$hispic."','".$txt."')");
}
if ($altes_recht != $neues_recht AND $neues_recht == -4) { # Wenn Recht geändert, dann Eintrag in History
$title = 'Neues Mitglied beigetreten';
$name =db_result(db_query("SELECT name FROM xic_user WHERE id = ".$uid),0);
$txt = 'Wir haben eine neues Mitglied bekommen. [color=#00FF00][url=http://www.nxp-clan.de/index.php?user-details-'.$uid.']'.$name. '[/url][/color] hat die Probezeit überstanden und ist jetzt Vollmitglied im Clan' ;
$hispic = '../include/images/history/newmember.gif'; # Hier bitte den festen Pfad für dein "Neues Team" Bild eingeben
db_query("INSERT INTO xic_history (date, title, hispic, txt ) VALUES (NOW(),'".$title."','".$hispic."','".$txt."')");
}
if ($altes_recht != $neues_recht AND $neues_recht == -5) { # Wenn Recht geändert, dann Eintrag in History
$gtitle = db_result(db_query("SELECT a.name FROM xic_grundrechte a inner join xic_user b on a.id = b.recht WHERE b.id = ".$uid),0);
$title = 'Neues Grundrecht ('.$gtitle.') erreicht';
$name = db_result(db_query("SELECT name FROM xic_user WHERE id = ".$uid),0);
$txt = '[color=#00FF00][url=http://www.nxp-clan.de/index.php?user-details-'.$uid.']'.$name. '[/url][/color] ist nun '.$gtitle ;
$hispic = '../include/images/history/newgl1.gif'; # Hier bitte den festen Pfad für dein "Neues Team" Bild eingeben
db_query("INSERT INTO xic_history (date, title, hispic, txt ) VALUES (NOW(),'".$title."','".$hispic."','".$txt."')");
}
if ($altes_recht != $neues_recht AND $neues_recht == -6) { # Wenn Recht geändert, dann Eintrag in History
$gtitle = db_result(db_query("SELECT a.name FROM xic_grundrechte a inner join xic_user b on a.id = b.recht WHERE b.id = ".$uid),0);
$title = 'Neues Grundrecht ('.$gtitle.') erreicht';
$name =db_result(db_query("SELECT name FROM xic_user WHERE id = ".$uid),0);
$txt = '[color=#00FF00][url=http://www.nxp-clan.de/index.php?user-details-'.$uid.']'.$name. '[/url][/color] ist nun '.$gtitle ;
$hispic = '../include/images/history/newgl.gif'; # Hier bitte den festen Pfad für dein "Neues Team" Bild eingeben
db_query("INSERT INTO xic_history (date, title, hispic, txt ) VALUES (NOW(),'".$title."','".$hispic."','".$txt."')");
}
if ($altes_recht != $neues_recht AND $neues_recht == -7) { # Wenn Recht geändert, dann Eintrag in History
$gtitle = db_result(db_query("SELECT a.name FROM xic_grundrechte a inner join xic_user b on a.id = b.recht WHERE b.id = ".$uid),0);
$title = 'Neues Grundrecht ('.$gtitle.') erreicht';
$name =db_result(db_query("SELECT name FROM xic_user WHERE id = ".$uid),0);
$txt = '[color=#00FF00][url=http://www.nxp-clan.de/index.php?user-details-'.$uid.']'.$name. '[/url][/color] ist nun '.$gtitle ;
$hispic = '../include/images/history/newsitemember.gif'; # Hier bitte den festen Pfad für dein "Neues Team" Bild eingeben
db_query("INSERT INTO xic_history (date, title, hispic, txt ) VALUES (NOW(),'".$title."','".$hispic."','".$txt."')");
}
if ($altes_recht != $neues_recht AND $neues_recht == -8) { # Wenn Recht geändert, dann Eintrag in History
$gtitle = db_result(db_query("SELECT a.name FROM xic_grundrechte a inner join xic_user b on a.id = b.recht WHERE b.id = ".$uid),0);
$title = 'Neues Grundrecht ('.$gtitle.') erreicht';
$name =db_result(db_query("SELECT name FROM xic_user WHERE id = ".$uid),0);
$txt = '[color=#00FF00][url=http://www.nxp-clan.de/index.php?user-details-'.$uid.']'.$name. '[/url][/color] ist nun '.$gtitle ;
$hispic = '../include/images/history/newmemberco.gif'; # Hier bitte den festen Pfad für dein "Neues Team" Bild eingeben
db_query("INSERT INTO xic_history (date, title, hispic, txt ) VALUES (NOW(),'".$title."','".$hispic."','".$txt."')");
}
### Das gelb markierte macht nur Sinn, wenn ein Admin mit der Nummer 1 einem anderen Admin das Recht -9 gibt ####
#---------------------------------------------------------------------------------------------------------------#
/* if ($altes_recht != $neues_recht AND $neues_recht == -9) { # Wenn Recht geändert, dann Eintrag in History
$gtitle = db_result(db_query("SELECT a.name FROM xic_grundrechte a inner join xic_user b on a.id = b.recht WHERE b.id = ".$uid),0);
$title = 'Höchstets Grundrecht (Administrator) erreicht';
$name =db_result(db_query("SELECT name FROM xic_user WHERE id = ".$uid),0);
$txt = '[color=#00FF00]'.$name. '[/color] ist nun '.$gtitle ;
$hispic = '../include/images/history/newmemberadmin.gif'; # Hier bitte den festen Pfad für dein "Neues Team" Bild eingeben
db_query("INSERT INTO xic_history (date, title, hispic, txt ) VALUES (NOW(),'".$title."','".$hispic."','".$txt."')");
} */
#Änderungen Ende#
#---------------#
// details eines users anzeigen
case 1 :
$design = new design ('Admins Area', 'Admins Area', 2);
$design->header();
if (isset ($_REQUEST['uID'])) {
$uid = $_REQUEST['uID'];
} else {
$uid = $menu->get(2);
}
$erg = db_query("SELECT name,email,id,recht,wohnort,homepage,aim,msn,icq,yahoo,status,staat,gebdatum,sig,opt_pm,opt_pm_popup,opt_mail,geschlecht,spezrank,game,spielerfahrungen,clan,map,waffe,essen,trinken,film,musik,sport,cpu,mainboard,ram,monitor,grafikkarte,soundkarte,festplatte,i_net_verbindung,tastatur,maus,jappy,facebook,wkw,studivz,myspace,youtube,avatar FROM xic_user WHERE id = '" . $uid . "'");
if (db_num_rows($erg) == 0) {
die ('Fehler: Username nicht gefunden <a href="?user">zurück</a>');
} else {
$row = db_fetch_assoc($erg);
$tpl = new tpl ('user/details', 1);
$row['recht'] = dbliste ($row['recht'] , $tpl, 'recht', "SELECT id,name FROM xic_grundrechte ORDER BY id ASC");
$row['staat'] = '<option></option>' . arliste ($row['staat'] , get_nationality_array() , $tpl , 'staat');
$row['spezrank'] = '<option></option>' . dbliste ($row['spezrank'], $tpl, 'spezrank', "SELECT id, bez FROM xic_ranks WHERE spez = 1");
$row['geschlecht0'] = ($row['geschlecht'] < 1 ? 'checked' : '');
$row['geschlecht1'] = ($row['geschlecht'] == 1 ? 'checked' : '');
$row['geschlecht2'] = ($row['geschlecht'] == 2 ? 'checked' : '');
if ($row['status'] == 1) {
$row['status1'] = 'checked';
$row['status0'] = '';
} else {
$row['status1'] = '';
$row['status0'] = 'checked';
}
if ($row['opt_mail'] == 1) {
$row['opt_mail1'] = 'checked';
$row['opt_mail0'] = '';
} else {
$row['opt_mail1'] = '';
$row['opt_mail0'] = 'checked';
}
if ($row['opt_pm'] == 1) {
$row['opt_pm1'] = 'checked';
$row['opt_pm0'] = '';
} else {
$row['opt_pm1'] = '';
$row['opt_pm0'] = 'checked';
}
if ($row['opt_pm_popup'] == 1) {
$row['opt_pm_popup1'] = 'checked';
$row['opt_pm_popup0'] = '';
} else {
$row['opt_pm_popup1'] = '';
$row['opt_pm_popup0'] = 'checked';
}
if (@file_exists($row['avatar'])) {
$row['avatar'] = '<img src="' . $row['avatar'] . '" border="0" /><br />' ;
}else {
$row['avatar'] = '';
}
$row['antispam'] = get_antispam('adminuser', 0, true);
$tpl->set_ar_out ($row, 0);
profilefields_change ($row['id']);
$tpl->out(1);
}
$design->footer();
break;
// details des users aendern
case 2 :
$design = new design ('Admins Area', 'Admins Area', 2);
$design->header();
$changeok = true;
$uid = escape($_POST['uID'], 'integer');
$altes_recht = db_result(db_query("SELECT recht FROM xic_user WHERE id = " . $uid), 0);
$neues_recht = escape($_POST['urecht'], 'integer');
if (($neues_recht <= $_SESSION['authright'] OR $altes_recht <= $_SESSION['authright']) AND $_SESSION['authid'] > 1) {
$changeok = false;
}
if ($changeok and chk_antispam('adminuser', true)) {
if (isset($_POST['userdel'])) {
user_remove($uid);
wd ('?user', 'User wurde erfolgreich gelöscht');
} else {
$abf = "SELECT * FROM xic_user WHERE id = '" . $uid . "'";
$erg = db_query($abf);
$row = db_fetch_object($erg);
if (isset($_POST['passw'])) {
$newPass = genkey (8);
$newPassMD5 = md5($newPass);
icmail ($row->email , 'neues Password' , "Hallo\n\nDein Password wurde soeben von einem Administrator gäendert es ist nun:\n\n$newPass\n\nGruß der Administrator");
db_query('UPDATE `xic_user` SET pass = "' . $newPassMD5 . '" WHERE id = "' . escape($_POST['uID'], 'integer') . '"');
}
// avatar speichern START
$avatar_sql_update = '';
if (!empty ($_FILES['avatarfile']['name'])) {
$file_tmpe = $_FILES['avatarfile']['tmp_name'];
$rile_type = ic_mime_type ($_FILES['avatarfile']['tmp_name']);
$file_type = $_FILES['avatarfile']['type'];
$file_size = $_FILES['avatarfile']['size'];
$fmsg = $lang['avatarisnopicture'];
$size = @getimagesize ($file_tmpe);
$endar = array (1 => 'gif', 2 => 'jpg', 3 => 'png');
if (($size[2] == 1 OR $size[2] == 2 OR $size[2] == 3) AND $size[0] > 10 AND $size[1] > 10 AND substr ($file_type , 0 , 6) == 'image/' AND substr ($rile_type , 0 , 6) == 'image/') {
$endung = $endar[$size[2]];
$breite = $size[0];
$hoehe = $size[1];
$neuer_name = 'include/images/avatars/' . $uid . '.' . $endung;
@unlink (db_result(db_query("SELECT avatar FROM xic_user WHERE id = " . $uid), 0));
move_uploaded_file ($file_tmpe , $neuer_name);
@chmod($neuer_name, 0777);
$avatar_sql_update = ', avatar = "' . $neuer_name . '"';
$fmsg = $lang['pictureuploaded'];
}
} elseif (isset($_POST['avatardel'])) {
$fmsg = $lang['picturedelete'];
@unlink (db_result(db_query("SELECT avatar FROM xic_user WHERE id = " . $uid), 0));
$avatar_sql_update = ', avatar = ""';
}
// avatar speichern ENDE
profilefields_change_save (escape($_POST['uID'], 'integer'));
$usaName1 = escape($_POST['usaName1'], 'string');
$email = escape($_POST['email'], 'string');
$homepage = escape($_POST['homepage'], 'string');
$wohnort = escape($_POST['wohnort'], 'string');
$icq = escape($_POST['icq'], 'string');
$msn = escape($_POST['msn'], 'string');
$yahoo = escape($_POST['yahoo'], 'string');
$aim = escape($_POST['aim'], 'string');
$staat = escape($_POST['staat'], 'string');
$spezrank = escape($_POST['spezrank'], 'integer');
$geschlecht = escape($_POST['geschlecht'], 'integer');
$status = escape($_POST['status'], 'integer');
$opt_mail = escape($_POST['opt_mail'], 'integer');
$opt_pm = escape($_POST['opt_pm'], 'integer');
$opt_pm_popup = escape($_POST['opt_pm_popup'], 'integer');
$gebdatum = escape($_POST['gebdatum'], 'string');
$game = escape($_POST['game'], 'string');
$spielerfahrungen = escape($_POST['spielerfahrungen'], 'string');
$clan = escape($_POST['clan'], 'string');
$map = escape($_POST['map'], 'string');
$waffe = escape($_POST['waffe'], 'string');
$essen = escape($_POST['essen'], 'string');
$trinken = escape($_POST['trinken'], 'string');
$film = escape($_POST['film'], 'string');
$musik = escape($_POST['musik'], 'string');
$sport = escape($_POST['sport'], 'string');
$cpu = escape($_POST['cpu'], 'string');
$mainboard = escape($_POST['mainboard'], 'string');
$ram = escape($_POST['ram'], 'string');
$monitor = escape($_POST['monitor'], 'string');
$grafikkarte = escape($_POST['grafikkarte'], 'string');
$soundkarte = escape($_POST['soundkarte'], 'string');
$festplatte = escape($_POST['festplatte'], 'string');
$i_net_verbindung = escape($_POST['i_net_verbindung'], 'string');
$tastatur= escape($_POST['tastatur'], 'string');
$maus = escape($_POST['maus'], 'string');
$jappy = escape($_POST['jappy'], 'string');
$facebook = escape($_POST['facebook'], 'string');
$wkw = escape($_POST['wkw'], 'string');
$studivz = escape($_POST['studivz'], 'string');
$myspace = escape($_POST['myspace'], 'string');
$youtube = escape($_POST['youtube'], 'string');
$sig = escape($_POST['sig'], 'string');
// Name im Forum ändern
if ($_POST['forumname'] == 'on') {
$oldname = db_count_query("SELECT name FROM `xic_user` WHERE id =" . $uid);
if ($oldname != $usaName1) {
db_query("UPDATE `xic_posts` SET erst = '$usaName1' WHERE erstid = " . $uid);
db_query("UPDATE `xic_topics` SET erst = '$usaName1' WHERE erst = '$oldname'");
}
}
db_query('UPDATE xic_user
SET
name = "' . $usaName1 . '",
recht = "' . $neues_recht . '",
email = "' . $email . '",
homepage = "' . $homepage . '",
wohnort = "' . $wohnort . '",
icq = "' . $icq . '",
msn = "' . $msn . '",
yahoo = "' . $yahoo . '",
aim = "' . $aim . '",
staat = "' . $staat . '",
spezrank = "' . $spezrank . '",
geschlecht = "' . $geschlecht . '",
status = "' . $status . '",
opt_mail = "' . $opt_mail . '",
opt_pm = "' . $opt_pm . '",
opt_pm_popup = "' . $opt_pm_popup . '",
gebdatum = "' . $gebdatum . '",
game = "' . $game . '",
spielerfahrungen = "' . $spielerfahrungen . '",
clan = "' . $clan . '",
map = "' . $map . '",
waffe = "' . $waffe . '",
essen = "' . $essen . '",
trinken = "' . $trinken . '",
film = "' . $film . '",
musik = "' . $musik . '",
sport = "' . $sport . '",
cpu = "' . $cpu . '",
mainboard = "' . $mainboard . '",
ram = "' . $ram . '",
monitor = "' . $monitor . '",
grafikkarte = "' . $grafikkarte . '",
soundkarte = "' . $soundkarte . '",
festplatte = "' . $festplatte . '",
i_net_verbindung = "' . $i_net_verbindung . '",
tastatur = "' . $tastatur . '",
maus = "' . $maus . '",
jappy = "' . $jappy . '",
facebook = "' . $facebook . '",
wkw = "' . $wkw . '",
studivz = "' . $studivz . '",
myspace = "' . $myspace . '",
youtube = "' . $youtube . '",
sig = "' . $sig . '"
' . $avatar_sql_update . '
WHERE id = "' . $uid . '"');
}
}
wd('admin.php?user-1-' . $uid, 'Das Profil wurde erfolgreich geaendert', 2);
$design->footer();
break;
// mal kurz nen neuen user anlegen
case 'createNewUser' :
$msg = '';
if (!empty($_POST['name']) AND !empty($_POST['pass']) AND !empty($_POST['email']) and chk_antispam('adminuser_create', true)) {
$_POST['name'] = escape($_POST['name'], 'string');
$_POST['recht'] = escape($_POST['recht'], 'integer');
$_POST['email'] = escape($_POST['email'], 'string');
$erg = db_query("SELECT id FROM xic_user WHERE name = BINARY '" . $_POST['name'] . "'");
if (db_num_rows($erg) > 0) {
$msg = 'Der Name ist leider schon vorhanden!';
} else {
$new_pass = $_POST['pass'];
$md5_pass = md5($new_pass);
db_query("INSERT INTO xic_user (name,pass,recht,regist,llogin,email)
VALUES('" . $_POST['name'] . "','" . $md5_pass . "'," . $_POST['recht'] . ",'" . time() . "','" . time() . "','" . $_POST['email'] . "')");
$userid = db_last_id();
db_query("INSERT INTO xic_userfields (uid,fid,val) VALUES (" . $userid . ",2,'1')");
db_query("INSERT INTO xic_userfields (uid,fid,val) VALUES (" . $userid . ",3,'1')");
if (isset($_POST['info'])) {
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$page = str_replace('admin.php', 'index.php', $page);
$tpl = new tpl ('user/new_user_email', 1);
$tpl->set('name', $_POST['name']);
$tpl->set('pass', $_POST['pass']);
$tpl->set('page', $page);
$txt = $tpl->get(0);
unset($tpl);
icmail ($_POST['email'], 'Admin hat dich angelegt', $txt);
}
$msg = 'Benutzer angelegt <a href="javascript:closeThisWindow()">Fenster schließen</a>';
}
}
$pass = '';
$email = '';
$recht = '';
if (isset($_POST['pass'])) {
$pass = $_POST['pass'];
}
if (isset($_POST['email'])) {
$email = $_POST['email'];
}
if (isset($_POST['recht'])) {
$recht = $_POST['recht'];
} else {
$recht = '-1';
}
$tpl = new tpl ('user/new_user', 1);
$tpl->set('msg', $msg);
$tpl->set('pass', $pass);
$tpl->set('email', $email);
$tpl->set('recht', dblistee($recht, "SELECT id,name FROM xic_grundrechte ORDER BY id ASC"));
$tpl->set('antispam', get_antispam('adminuser_create', 0, true));
$tpl->out(0);
break;
}
?>
