ilch Forum » Ilch Clan 1.1 » Fehlersuche und Probleme » Fehlermeldung / Userbearbeitung (ADMIN

Geschlossen
  1. #1
    User Pic
    IRvD Mitglied
    Registriert seit
    30.03.2010
    Beiträge
    460
    Beitragswertungen
    31 Beitragspunkte
    Nabend zusammen,

    ich wollte gerade ein User bearbeiten doch da kam mir eine Fehlermeldung:

    1064 : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id = "44"' at line 73
    in Query:
    UPDATE `ic1_user` SET name = " ...[USER DATEN ENTFERNT]... , mich = "", WHERE id = "44"
    Debug backtrace:
    	@ mysql.php:46 -- debug_bt()
    	@ mysql.php:64 -- db_check_error(...)
    	@ user.php:510 -- db_query(...)
    	@ admin.php:20 -- require_once(...)


    Hier wäre einmal die include/admin/user.php
    <?php
    // Copyright by: Manuel
    // Support: www.ilch.de
    defined ('main') or die ('no direct access');
    defined ('admin') or die ('only admin access');
    
    function user_get_group_list ($uid) {
        $l = '<b>Mitglied in Gruppen:</b><br />';
        $erg = db_query("SELECT prefix_groups.name FROM prefix_groupusers LEFT JOIN prefix_groups ON prefix_groups.id = prefix_groupusers.gid WHERE prefix_groupusers.uid = " . $uid);
        while ($r = db_fetch_assoc($erg)) {
            $l .= '&bull; ' . $r['name'] . '<br />';
        }
        return ($l);
    }
    
    function user_get_all_mod_list () {
        $l = '';
        $erg = db_query("SELECT DISTINCT name FROM prefix_modules WHERE fright = 1 ORDER BY prefix_modules.name");
        while ($r = db_fetch_assoc($erg)) {
            $x = $r['name'];
            $l .= '<th style="font-size: 9px; font-weight: normal;" title="' . $r['name'] . '" valign="bottom">' . $x . '</th>';
        }
        return ($l);
    }
    
    function user_get_mod_change_list ($uid) {
        $l = '';
        $erg = db_query("SELECT prefix_modules.id, uid FROM prefix_modules LEFT JOIN prefix_modulerights ON prefix_modulerights.mid = prefix_modules.id AND prefix_modulerights.uid = " . $uid . " WHERE fright = 1 ORDER BY prefix_modules.name");
        while ($r = db_fetch_assoc($erg)) {
            if ($r['uid'] == '') {
                $c = '';
            } else {
                $c = ' checked';
            }
            $l .= '<td align="center"><input onclick="changeModulRecht(' . $r['id'] . ',' . $uid . ')" type="checkbox" id="MN' . $r['id'] . '-' . $uid . '" name="MN' . $r['id'] . '-' . $uid . '" ' . $c . ' /></td>';
        }
        return ($l);
    }
    
    function user_get_mod_list ($uid) {
        $l = 'Modulrechte:<br />';
        $erg = db_query("SELECT DISTINCT module FROM prefix_modulerights WHERE uid = " . $uid);
        while ($r = db_fetch_assoc($erg)) {
            $l .= '- ' . $r['module'] . '<br />';
        }
        return ($l);
    }
    
     # Funktion Spiele auslesen
    function get_games_array () {
      $ar = array(); $o = opendir ( 'include/images/wargames' );
      while ( $f = readdir ( $o ) ) { if ( $f != '.' AND $f != '..' ) { $ar[$f] = $f; } }
      asort ( $ar ); return ( $ar ); }
      
     # Funktion Auszeichnung auslesen
    function get_auszeichnung_array () {
      $ar = array(); $o = opendir ( 'include/images/profilmod/auszeichnung' );
      while ( $f = readdir ( $o ) ) { if ( $f != '.' AND $f != '..' ) { $ar[$f] = $f; } }
      asort ( $ar ); return ( $ar ); } 
        
    
    function getfl($gid) {
        $liste = '';
        $erg = db_query("SELECT view,name,reply,start,mods FROM prefix_forums WHERE view = " . $gid . " OR reply = " . $gid . " OR start = " . $gid . " OR mods = " . $gid);
        while ($row = db_fetch_assoc($erg)) {
            $v = ($row['view'] == $gid ? 'sehen/lesen,' : '');
            $r = ($row['reply'] == $gid ? 'antworten,' : '');
            $s = ($row['start'] == $gid ? 'Themen starten,' : '');
            $m = ($row['mods'] == $gid ? 'Moderieren,' : '');
            $liste .= $row['name'] . '<span class="smalfont">(' . $v . $r . $s . $m . ')</span>&nbsp;';
        }
        return($liste);
    }
    
      
    
    
    if (isset($_POST['action'])) {
    	$design = new design ('Admins Area', 'Admins Area', 0);
    	$design->header();
    	$wdtext = 'Es ist ein Fehler aufgetreten.';
    	if (chk_antispam('adminuser_action', true) and isset($_POST['uid'])) {
    		$uid = escape($_POST['uid'], 'integer');
    		switch($_POST['action']){
    			// einen user komplett loeschen
    			case 'deleteUser':
    				$name = get_n($uid);
    				if ($uid != 1 and !empty($name)) {
    					user_remove($uid);
    					$wdtext = 'Der User ' . $name . ' wurde erfolgreich gel&ouml;scht.';
    				}
    				break;
    			// das recht eines users aendern
    			case 'changeRight' :
    				$altes_recht = db_result(db_query("SELECT recht FROM prefix_user WHERE id = " . $uid), 0);
    				$neues_recht = escape($_POST['newright'], 'integer');
    				 if (($neues_recht > $_SESSION['authright'] AND $altes_recht > $_SESSION['authright']) OR ($_SESSION['authid'] == 1 AND $uid <> 1)) {
    
                // Trail-Account Set
                if ($neues_recht == -0 AND $altes_recht == -1) {
                    $q = "UPDATE prefix_user SET recht = ".$neues_recht." WHERE id = ".$uid;
                } else if ($neues_recht == -0) {
                    $q = "UPDATE prefix_user SET recht = ".$neues_recht.", trail_since = ".time()." WHERE id = ".$uid;
                } else {
                    $q = "UPDATE prefix_user SET recht = ".$neues_recht.", trail_since = 0 WHERE id = ".$uid;
                }
    
                db_query($q);
            }
    				$wdtext = false;
    			break;
    			
    			// modulrechte fuer einen user aendern
    			case 'changeModulRight' :
    				$modul = escape($_POST['modul'], 'integer');
    				$aktion = $_POST['giveremove'];
    				if ($aktion == 'give' AND 0 == db_result(db_query("SELECT COUNT(*) FROM prefix_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid), 0)) {
    					db_query("INSERT INTO prefix_modulerights (mid,uid) VALUES ('" . $modul . "'," . $uid . ")");
    				} elseif ($aktion == 'remove' AND 1 == db_result(db_query("SELECT COUNT(*) FROM prefix_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid), 0)) {
    					db_query("DELETE FROM prefix_modulerights WHERE mid = '" . $modul . "' AND uid = " . $uid);
    				}
    				$wdtext = false;
    			break;
    		}
    	}
    	if ($wdtext === false) {
    		$antispam = get_antispam('adminuser_action', 0, true);
    		?><script type="text/javascript"><!--
    		    function updateParent() { parent.setNewAntispam(document.getElementById('tmp').childNodes[0]);}
    		    window.onload = function() { updateParent(); };
    		    //--></script>
    		    <div id="tmp"><?php echo $antispam; ?></div>
    		<?php
    		exit;
    	}
    	wd('admin.php?' . $menu->get_complete(), $wdtext, 5);
    	$design->footer(1);
    }
    
    $um = $menu->get(1);
    switch ($um) {
        default :
           $design = new design ('Admins Area', 'Admins Area', 2);
            $design->header();
            $q = '';
            if (isset($_REQUEST['q'])) {
                $q = escape($_REQUEST['q'], 'string');
            }
            $tpl = new tpl ('user/user', 1);
            $tpl->set('modlall', user_get_all_mod_list());
            $tpl->set('anzmods', db_result(db_query("SELECT COUNT(*) FROM prefix_modules WHERE fright = 1"), 0));
            $tpl->set('action_antispam', get_antispam('adminuser_action', 0, true));
            $tpl->set_out('q', unescape($q), 0);
    
            $q = str_replace('*', '%', $q);
            if (strpos($q, '%') === false) {
                $q = $q . '%';
            }
    
            $limit = 45; // Limit
            $page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1);
            $MPL = db_make_sites ($page , "WHERE name LIKE '" . $q . "'" , $limit , '?user' , 'user');
            $anfang = ($page - 1) * $limit;
            $class = '';
            $q = "SELECT name,recht,id FROM `prefix_user` WHERE name LIKE '" . $q . "' ORDER by recht,posts DESC LIMIT " . $anfang . "," . $limit;
            $erg = db_query($q);
            while ($row = db_fetch_object($erg)) {
                if ($class == 'Cmite') {
                    $class = 'Cnorm';
                } else {
                    $class = 'Cmite';
                }
                $ar = array ('name' => $row->name,
                    'class' => $class,
                    'id' => $row->id,
                    'grouplist' => user_get_group_list($row->id),
                    'recht' => dblistee($row->recht, "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC"),
                    'modslist' => user_get_mod_change_list($row->id),
                    );
    
                $tpl->set_ar_out($ar, 1);
            }
            $tpl->set_out('MPL', $MPL, 2);
            $design->footer();        
            break;
    
        // gruppen zugehoerigkeiten eines users aendern
        case 'gruppen' :
            $uid = $menu->get(2);
            if (isset($_POST['usergroups'])) {
                $erg = db_query("SELECT id FROM prefix_groups");
                while ($row = db_fetch_assoc($erg)) {
                    $ck = db_count_query("SELECT COUNT(uid) FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row['id']);
                    if ($ck == 0 AND isset ($_POST['grprhave'][$row['id']][$uid])) {
                        db_query("INSERT INTO prefix_groupusers (uid,gid,fid) VALUES ( " . $uid . ", " . $row['id'] . ", 3 )");
                    } elseif ($ck == 1 AND !isset ($_POST['grprhave'][$row['id']][$uid])) {
                        db_query("DELETE FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row['id']);
                    }
                }
            }
    
            $user_name = db_result(db_query("SELECT name FROM prefix_user WHERE id = " . $uid), 0);
            $tpl = new tpl ('user/gruppen', 1);
            $tpl->set_ar_out(array('username' => $user_name, 'userid' => $uid), 0);
            $class = 'Cnorm';
            $erg = db_query("SELECT name,id FROM prefix_groups");
            while ($row = db_fetch_assoc($erg)) {
                $ck = db_count_query("SELECT COUNT(uid) FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row['id']);
                $row['ck'] = ($ck == 0 ? '' : 'checked');
                $class = ($class == 'Cnorm' ? 'Cmite' : 'Cnorm');
                $row['class'] = $class;
                $tpl->set_ar_out($row, 1);
            }
            $tpl->out(2);
            break;
    
        // details eines users anzeigen
        case 1 :
         $design = new design ('Admins Area', 'Admins Area', 2);
            $design->header();
            if (isset ($_REQUEST['uID'])) {
                $uid = $_REQUEST['uID'];
            } else {
                $uid = $menu->get(2);
            }
            $erg = db_query("SELECT name,email,id,recht,games,auszeichnung,wohnort,homepage,facebook, teamspeak,status,staat,posten,gebdatum,sig,mich,opt_pm,opt_pm_popup,opt_mail,geschlecht,spezrank,avatar,char1,char2,char3,char4,char5,char6,char7,char8,char9,char10,char11,char12,char13,char14,char15,level1,level2,level3,level4,level5,level6,level7,level8,level9,level10,level11,level12,level13,level14,level15,charname1,charname2,charname3,charname4,charname5,charname6,charname7,charname8,charname9,charname10,charname11,charname12,charname13,charname14,charname15 FROM prefix_user WHERE id = '" . $uid . "'");
            if (db_num_rows($erg) == 0) {
                die ('Fehler: Username nicht gefunden <a href="?user">zur&uuml;ck</a>');
            } else {
                $row = db_fetch_assoc($erg);
    
                $tpl = new tpl ('user/details', 1);
                $row['recht'] = dbliste ($row['recht'] , $tpl, 'recht', "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC");
                $row['staat'] = '<option></option>' . arliste ($row['staat'] , get_nationality_array() , $tpl , 'staat');
    			$row['clanlogo'] = '<option></option>' . arliste ($row['clanlogo'] , get_clanlogo_array() , $tpl , 'clanlogo');
                $row['spezrank'] = '<option></option>' . dbliste ($row['spezrank'], $tpl, 'spezrank', "SELECT id, bez FROM prefix_ranks WHERE spez = 1");
    			$row['posten'] = '<option></option>' . arliste ($row['posten'] , get_posten_array() , $tpl , 'posten');
            $row['char1'] = '<option></option>'.arliste ( $row['char1'] , get_char1_array() , $tpl , 'char1' );
            $row['char2'] = '<option></option>'.arliste ( $row['char2'] , get_char2_array() , $tpl , 'char2' );
            $row['char3'] = '<option></option>'.arliste ( $row['char3'] , get_char3_array() , $tpl , 'char3' );
            $row['char4'] = '<option></option>'.arliste ( $row['char4'] , get_char4_array() , $tpl , 'char4' );
            $row['char5'] = '<option></option>'.arliste ( $row['char5'] , get_char5_array() , $tpl , 'char5' );
            $row['char6'] = '<option></option>'.arliste ( $row['char6'] , get_char6_array() , $tpl , 'char6' );
            $row['char7'] = '<option></option>'.arliste ( $row['char7'] , get_char7_array() , $tpl , 'char7' );
            $row['char8'] = '<option></option>'.arliste ( $row['char8'] , get_char8_array() , $tpl , 'char8' );
            $row['char9'] = '<option></option>'.arliste ( $row['char9'] , get_char9_array() , $tpl , 'char9' );
            $row['char10'] = '<option></option>'.arliste ( $row['char10'] , get_char10_array() , $tpl , 'char10' );
            $row['char11'] = '<option></option>'.arliste ( $row['char11'] , get_char10_array() , $tpl , 'char11' );
            $row['char12'] = '<option></option>'.arliste ( $row['char12'] , get_char10_array() , $tpl , 'char12' );
    
                $row['geschlecht0'] = ($row['geschlecht'] < 1 ? 'checked' : '');
                $row['geschlecht1'] = ($row['geschlecht'] == 1 ? 'checked' : '');
                $row['geschlecht2'] = ($row['geschlecht'] == 2 ? 'checked' : '');
                if ($row['status'] == 1) {
                    $row['status1'] = 'checked';
                    $row['status0'] = '';
                } else {
                    $row['status1'] = '';
                    $row['status0'] = 'checked';
                }
                if ($row['opt_mail'] == 1) {
                    $row['opt_mail1'] = 'checked';
                    $row['opt_mail0'] = '';
                } else {
                    $row['opt_mail1'] = '';
                    $row['opt_mail0'] = 'checked';
                }
                if ($row['opt_pm'] == 1) {
                    $row['opt_pm1'] = 'checked';
                    $row['opt_pm0'] = '';
                } else {
                    $row['opt_pm1'] = '';
                    $row['opt_pm0'] = 'checked';
                }
                if ($row['opt_pm_popup'] == 1) {
                    $row['opt_pm_popup1'] = 'checked';
                    $row['opt_pm_popup0'] = '';
                } else {
                    $row['opt_pm_popup1'] = '';
                    $row['opt_pm_popup0'] = 'checked';
                }
                if (@file_exists($row['avatar'])) {
                    $row['avatar'] = '<img src="' . $row['avatar'] . '" border="0" /><br />' ;
                }else {
                    $row['avatar'] = '';
                }
    			
    			
    			
                $row['antispam'] = get_antispam('adminuser', 0, true);
                $tpl->set_ar_out ($row, 0);
    
                profilefields_change ($row['id']);
    
                $tpl->out(1);
            }
            $design->footer();        
            break;
        // details des users aendern
        case 2 :
            $design = new design ('Admins Area', 'Admins Area', 2);
            $design->header();
            $changeok = true;
            $uid = escape($_POST['uID'], 'integer');
    
            $altes_recht = db_result(db_query("SELECT recht FROM prefix_user WHERE id = " . $uid), 0);
            $neues_recht = escape($_POST['urecht'], 'integer');
            if (($neues_recht <= $_SESSION['authright'] OR $altes_recht <= $_SESSION['authright']) AND $_SESSION['authid'] > 1) {
                $changeok = false;
            }
    		
    
            if ($changeok and chk_antispam('adminuser', true)) {
    			
    			
    			
                if (isset($_POST['userdel'])) {
                    user_remove($uid);
                    wd ('?user', 'User wurde erfolgreich gel&ouml;scht');
                } else {
                    $abf = "SELECT * FROM prefix_user WHERE id = '" . $uid . "'";
                    $erg = db_query($abf);
                    $row = db_fetch_object($erg);
    
                    if (isset($_POST['passw'])) {
                        $newPass = genkey (8);
                        $newPassMD5 = md5($newPass);
                        icmail ($row->email , 'neues Password' , "Hallo\n\nDein Password wurde soeben von einem Administrator gäendert es ist nun:\n\n$newPass\n\nGruß der Administrator");
                        db_query('UPDATE `prefix_user` SET pass = "' . $newPassMD5 . '" WHERE id = "' . escape($_POST['uID'], 'integer') . '"');
                    }
                    // avatar speichern START
                    $avatar_sql_update = '';
                    if (!empty ($_FILES['avatarfile']['name'])) {
                        $file_tmpe = $_FILES['avatarfile']['tmp_name'];
                        $rile_type = ic_mime_type ($_FILES['avatarfile']['tmp_name']);
                        $file_type = $_FILES['avatarfile']['type'];
                        $file_size = $_FILES['avatarfile']['size'];
                        $fmsg = $lang['avatarisnopicture'];
                        $size = @getimagesize ($file_tmpe);
                        $endar = array (1 => 'gif', 2 => 'jpg', 3 => 'png');
                        if (($size[2] == 1 OR $size[2] == 2 OR $size[2] == 3) AND $size[0] > 10 AND $size[1] > 10 AND substr ($file_type , 0 , 6) == 'image/' AND substr ($rile_type , 0 , 6) == 'image/') {
                            $endung = $endar[$size[2]];
                            $breite = $size[0];
                            $hoehe = $size[1];
                            $neuer_name = 'include/images/avatars/' . $uid . '.' . $endung;
                            @unlink (db_result(db_query("SELECT avatar FROM prefix_user WHERE id = " . $uid), 0));
                            move_uploaded_file ($file_tmpe , $neuer_name);
                            @chmod($neuer_name, 0777);
                            $avatar_sql_update = ', avatar = "' . $neuer_name . '"';
                            $fmsg = $lang['pictureuploaded'];
                        }
                    } elseif (isset($_POST['avatardel'])) {
                        $fmsg = $lang['picturedelete'];
                        @unlink (db_result(db_query("SELECT avatar FROM prefix_user WHERE id = " . $uid), 0));
                        $avatar_sql_update = ', avatar = ""';
                    }
                    // avatar speichern ENDE
    				
    				
    				
                    profilefields_change_save (escape($_POST['uID'], 'integer'));
                    $usaName1 = escape($_POST['usaName1'], 'string');
                    $email = escape($_POST['email'], 'string');
                    $homepage = escape($_POST['homepage'], 'string');
                    $wohnort = escape($_POST['wohnort'], 'string');
                    $staat = escape($_POST['staat'], 'string');
    				$posten = escape($_POST['posten'], 'string');
    
    				$facebook = escape($_POST['facebook'], 'string');
    				$teamspeak = escape($_POST['teamspeak'], 'string');
    
    				$char1 = escape($_POST['char1'], 'string');
    				$char2 = escape($_POST['char2'], 'string');
    				$char3 = escape($_POST['char3'], 'string');
    				$char4 = escape($_POST['char4'], 'string');
    				$char5 = escape($_POST['char5'], 'string');
    				$char6 = escape($_POST['char6'], 'string');
    				$char7 = escape($_POST['char7'], 'string');
    				$char8 = escape($_POST['char8'], 'string');
    				$char9 = escape($_POST['char9'], 'string');
    				$char10 = escape($_POST['char10'], 'string');
    				$char11 = escape($_POST['char11'], 'string');
    				$char12 = escape($_POST['char12'], 'string');
    				$char13 = escape($_POST['char13'], 'string');
    				$char14 = escape($_POST['char14'], 'string');
    				$char15 = escape($_POST['char15'], 'string');
    
    				$charname1 = escape($_POST['charname1'], 'string');
    				$charname2 = escape($_POST['charname2'], 'string');
    				$charname3 = escape($_POST['charname3'], 'string');
    				$charname4 = escape($_POST['charname4'], 'string');
    				$charname5 = escape($_POST['charname5'], 'string');
    				$charname6 = escape($_POST['charname6'], 'string');
    				$charname7 = escape($_POST['charname7'], 'string');
    				$charname8 = escape($_POST['charname8'], 'string');
    				$charname9 = escape($_POST['charname9'], 'string');
    				$charname10 = escape($_POST['charname10'], 'string');
    				$charname11 = escape($_POST['charname11'], 'string');
    				$charname12 = escape($_POST['charname12'], 'string');
    				$charname13 = escape($_POST['charname13'], 'string');
    				$charname14 = escape($_POST['charname14'], 'string');
    				$charname15 = escape($_POST['charname15'], 'string');
    				
    				$level1 = escape($_POST['level1'], 'string');
    				$level2 = escape($_POST['level2'], 'string');
    				$level3 = escape($_POST['level3'], 'string');
    				$level4 = escape($_POST['level4'], 'string');
    				$level5 = escape($_POST['level5'], 'string');
    				$level6 = escape($_POST['level6'], 'string');
    				$level7 = escape($_POST['level7'], 'string');
    				$level8 = escape($_POST['level8'], 'string');
    				$level9 = escape($_POST['level9'], 'string');
    				$level10 = escape($_POST['level10'], 'string');
    				$level11 = escape($_POST['level11'], 'string');
    				$level12 = escape($_POST['level12'], 'string');
    				$level13 = escape($_POST['level13'], 'string');
    				$level14 = escape($_POST['level14'], 'string');
    				$level15 = escape($_POST['level15'], 'string');
    
                    $spezrank = escape($_POST['spezrank'], 'integer');
                    $geschlecht = escape($_POST['geschlecht'], 'integer');
                    $status = escape($_POST['status'], 'integer');
                    $opt_mail = escape($_POST['opt_mail'], 'integer');
                    $opt_pm = escape($_POST['opt_pm'], 'integer');
                    $opt_pm_popup = escape($_POST['opt_pm_popup'], 'integer');
                    $gebdatum = escape($_POST['gebdatum'], 'string');
                    $sig = escape($_POST['sig'], 'string');
    				$mich = escape($_POST['mich'], 'string');
                    // Name im Forum ändern
                    if ($_POST['forumname'] == 'on') {
                        $oldname = db_count_query("SELECT name FROM `prefix_user` WHERE id =" . $uid);
                        if ($oldname != $usaName1) {
                            db_query("UPDATE `prefix_posts` SET erst = '$usaName1' WHERE erstid = " . $uid);
                            db_query("UPDATE `prefix_topics` SET erst = '$usaName1' WHERE erst = '$oldname'");
                        }
                    }
    				
                    db_query('UPDATE prefix_user
    			  SET
    					name  = "' . $usaName1 . '",
    					recht = "' . $neues_recht . '",
    					email = "' . $email . '",
              homepage = "' . $homepage . '",
              wohnort = "' . $wohnort . '",
              staat = "' . $staat . '",
      
    		  posten = "' . $posten . '",
    
    		  facebook = "' . $facebook . '",
    		  teamspeak = "' . $teamspeak . '",
    
    		  char1 = "' . $char1 . '",
    		  char2 = "' . $char2 . '",
    		  char3 = "' . $char3 . '",
    		  char4 = "' . $char4 . '",
    		  char5 = "' . $char5 . '",
    		  char6 = "' . $char6 . '",
    		  char7 = "' . $char7 . '",
    		  char8 = "' . $char8 . '",
    		  char9 = "' . $char9 . '",
    		  char10 = "' . $char10 . '",
    		  char11 = "' . $char11 . '",
    		  char12 = "' . $char12 . '",
    		  char13 = "' . $char13 . '",
    		  char14 = "' . $char14 . '",
    		  char15 = "' . $char15 . '",
    
    		  charname1 = "' . $charname1 . '",
    		  charname2 = "' . $charname2 . '",
    		  charname3 = "' . $charname3 . '",
    		  charname4 = "' . $charname4 . '",
    		  charname5 = "' . $charname5 . '",
    		  charname6 = "' . $charname6 . '",
    		  charname7 = "' . $charname7 . '",
    		  charname8 = "' . $charname8 . '",
    		  charname9 = "' . $charname9 . '",
    		  charname10 = "' . $charname10 . '",
    		  charname11 = "' . $charname11 . '",
    		  charname12 = "' . $charname12 . '",
    		  charname13 = "' . $charname13 . '",
    		  charname14 = "' . $charname14 . '",
    		  charname15 = "' . $charname15 . '",
    		  
    		  level1 = "' . $level1 . '",
    		  level2 = "' . $level2 . '",
    		  level3 = "' . $level3 . '",
    		  level4 = "' . $level4 . '",
    		  level5 = "' . $level5 . '",
    		  level6 = "' . $level6 . '",
    		  level7 = "' . $level7 . '",
    		  level8 = "' . $level8 . '",
    		  level9 = "' . $level9 . '",
    		  level10 = "' . $level10 . '",
    		  level11 = "' . $level11 . '",
    		  level12 = "' . $level12 . '",
    		  level13 = "' . $level13 . '",
    		  level14 = "' . $level14 . '",
    		  level15 = "' . $level15 . '",
    
              spezrank = "' . $spezrank . '",
              geschlecht = "' . $geschlecht . '",
              status = "' . $status . '",
              opt_mail = "' . $opt_mail . '",
              opt_pm = "' . $opt_pm . '",
              opt_pm_popup = "' . $opt_pm_popup . '",
              gebdatum = "' . $gebdatum . '",
              sig = "'.$sig.'",
    		  mich = "'.$mich.'",
              ' . $avatar_sql_update . '
    				WHERE id = "' . $uid . '"');
                }
            }
            wd('admin.php?user-1-' . $uid, 'Das Profil wurde erfolgreich geaendert', 2);
     	$design->footer();        
            break;
        // mal kurz nen neuen user anlegen
        case 'createNewUser' :
            $msg = '';
            if (!empty($_POST['name']) AND !empty($_POST['pass']) AND !empty($_POST['email']) and chk_antispam('adminuser_create', true)) {
                $_POST['name'] = escape($_POST['name'], 'string');
                $_POST['recht'] = escape($_POST['recht'], 'integer');
                $_POST['email'] = escape($_POST['email'], 'string');
                $erg = db_query("SELECT id FROM prefix_user WHERE name = BINARY '" . $_POST['name'] . "'");
                if (db_num_rows($erg) > 0) {
                    $msg = 'Der Name ist leider schon vorhanden!';
                } else {
                    $new_pass = $_POST['pass'];
                    $md5_pass = md5($new_pass);
    				
    				
                     db_query("INSERT INTO prefix_user (name,pass,recht,regist,llogin,email)
            VALUES('".$_POST['name']."','".$md5_pass."',".$_POST['recht'].",'".time()."','".time()."','".$_POST['email']."')");
                    $userid = db_last_id();
                    db_query("INSERT INTO prefix_userfields (uid,fid,val) VALUES (" . $userid . ",2,'1')");
                    db_query("INSERT INTO prefix_userfields (uid,fid,val) VALUES (" . $userid . ",3,'1')");
    
                    if (isset($_POST['info'])) {
                        $page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
                        $page = str_replace('admin.php', 'index.php', $page);
                        $tpl = new tpl ('user/new_user_email', 1);
                        $tpl->set('name', $_POST['name']);
                        $tpl->set('pass', $_POST['pass']);
                        $tpl->set('page', $page);
                        $txt = $tpl->get(0);
                        unset($tpl);
                        icmail ($_POST['email'], 'Admin hat dich angelegt', $txt);
                    }
                    $msg = 'Benutzer angelegt <a href="javascript:closeThisWindow()">Fenster schließen</a>';
                }
            }
            $pass = '';
            $email = '';
            $recht = '';
            if (isset($_POST['pass'])) {
                $pass = $_POST['pass'];
            }
            if (isset($_POST['email'])) {
                $email = $_POST['email'];
            }
            if (isset($_POST['recht'])) {
                $recht = $_POST['recht'];
            } else {
                $recht = '-1';
            }
            $tpl = new tpl ('user/new_user', 1);
            $tpl->set('msg', $msg);
            $tpl->set('pass', $pass);
            $tpl->set('email', $email);
            $tpl->set('recht', dblistee($recht, "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC"));
        	$tpl->set('antispam', get_antispam('adminuser_create', 0, true));
            $tpl->out(0);
            break;
    }
    
    ?>



    Hoffe es ist nur ein kleiner Fehler

    verwendete ilch Version: 1.1 P

    betroffene Homepage: externer Link


    EDIT: Ich habe die Userdaten (Name, Email, Wohnort) aus der SQL Anweisung entfernt. Gruß Lord|Schirmer


    Zuletzt modifiziert von Lord|Schirmer am 10.01.2016 - 09:40:55
    0 Mitglieder finden den Beitrag gut.
  2. #2
    User Pic
    Lord|Schirmer Administrator
    Registriert seit
    21.03.2007
    Beiträge
    7.675
    Beitragswertungen
    1212 Beitragspunkte
    Zeile 508 ein Komma zuviel, dieses wegnehmen!

    mich = "'.$mich.'",
    rules :: doku :: faq :: linkus
    0 Mitglieder finden den Beitrag gut.
  3. #3
    User Pic
    IRvD Mitglied
    Registriert seit
    30.03.2010
    Beiträge
    460
    Beitragswertungen
    31 Beitragspunkte
    daran lag es leider nicht -.-
    Hab das gefühl es hängt hiermit zusammen

                // Trail-Account Set
                if ($neues_recht == -0 AND $altes_recht == -1) {
                    $q = "UPDATE prefix_user SET recht = ".$neues_recht." WHERE id = ".$uid;
                } else if ($neues_recht == -0) {
                    $q = "UPDATE prefix_user SET recht = ".$neues_recht.", trail_since = ".time()." WHERE id = ".$uid;
                } else {
                    $q = "UPDATE prefix_user SET recht = ".$neues_recht.", trail_since = 0 WHERE id = ".$uid;
                }
    0 Mitglieder finden den Beitrag gut.
  4. #4
    User Pic
    Lord|Schirmer Administrator
    Registriert seit
    21.03.2007
    Beiträge
    7.675
    Beitragswertungen
    1212 Beitragspunkte
    Doch deine Fehlermeldung weisst genau auf den genannten Fehler hin.
    rules :: doku :: faq :: linkus
    0 Mitglieder finden den Beitrag gut.
  5. #5
    User Pic
    IRvD Mitglied
    Registriert seit
    30.03.2010
    Beiträge
    460
    Beitragswertungen
    31 Beitragspunkte
    Ich entschuldige mich!
    Da ich das Profilfeld "mich = "'.$mich.'"," so oder so zuviel hatte, hatte ich es gelöscht, dabei ist natürlich das , tzd noch zuviel gewesen bei den feld daüber -.-

    Sollte lieber ins Bett! Funktioniert wieder zwinker Vielen Dank
    0 Mitglieder finden den Beitrag gut.
  6. #6
    User Pic
    Lord|Schirmer Administrator
    Registriert seit
    21.03.2007
    Beiträge
    7.675
    Beitragswertungen
    1212 Beitragspunkte
    Kein Ding & Gute Nacht lachen
    rules :: doku :: faq :: linkus
    0 Mitglieder finden den Beitrag gut.
  7. #7
    User Pic
    blackcoder Entwickler
    Registriert seit
    22.05.2014
    Beiträge
    2.414
    Beitragswertungen
    394 Beitragspunkte
    Besser noch die Email-Adresse aus dem ersten Post entfernen (....@web.de).


    Zuletzt modifiziert von blackcoder am 11.01.2016 - 16:17:27
    0 Mitglieder finden den Beitrag gut.
  8. #8
    User Pic
    Lord|Schirmer Administrator
    Registriert seit
    21.03.2007
    Beiträge
    7.675
    Beitragswertungen
    1212 Beitragspunkte
    Habe die Userdaten der SQL Anweisung entfernt.
    rules :: doku :: faq :: linkus
    0 Mitglieder finden den Beitrag gut.
Geschlossen

Zurück zu Fehlersuche und Probleme

Optionen: Bei einer Antwort zu diesem Thema eine eMail erhalten