Merge branch 'spezial_includes_camp' of ssh://git.planetcyborg.de/home/git/projects/engelsystem into spezial_includes_camp
This commit is contained in:
Philip Häusler
commit
28ac46aa4e
|
|
@ -4,8 +4,14 @@ function admin_faq() {
|
||||||
$faqs_html = "";
|
$faqs_html = "";
|
||||||
$faqs = sql_select("SELECT * FROM `FAQ`");
|
$faqs = sql_select("SELECT * FROM `FAQ`");
|
||||||
foreach ($faqs as $faq) {
|
foreach ($faqs as $faq) {
|
||||||
$faqs_html .= '<tr><td><dl><dt>' . $faq['Frage_de'] . '</dt><dd>' . $faq['Antwort_de'] . '</dd></dl></td><td><dl><dt>' . $faq['Frage_en'] . '</dt><dd>' . $faq['Antwort_en'] . '</dd></dl></td>';
|
$faqs_html .= sprintf(
|
||||||
$faqs_html .= '<td><a href="' . page_link_to("admin_faq") . '&action=edit&id=' . $faq['FID'] . '">Edit</a></td></tr>';
|
'<tr><td> <dl><dt>%s</dt><dd>%s</dd></dl> </td>'
|
||||||
|
. '<td> <dl><dt>%s</dt><dd>%s</dd></dl> </td>'
|
||||||
|
. '<td><a href="%s&action=edit&id=%s">Edit</a></td></tr>',
|
||||||
|
$faq['Frage_de'], $faq['Antwort_de'],
|
||||||
|
$faq['Frage_en'], $faq['Antwort_en'],
|
||||||
|
page_link_to('admin_faq'), $faq['FID']
|
||||||
|
);
|
||||||
}
|
}
|
||||||
return template_render('../templates/admin_faq.html', array (
|
return template_render('../templates/admin_faq.html', array (
|
||||||
'link' => page_link_to("admin_faq"),
|
'link' => page_link_to("admin_faq"),
|
||||||
|
|
@ -14,11 +20,18 @@ function admin_faq() {
|
||||||
} else {
|
} else {
|
||||||
switch ($_REQUEST['action']) {
|
switch ($_REQUEST['action']) {
|
||||||
case 'create' :
|
case 'create' :
|
||||||
$frage = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['frage']));
|
$frage = strip_request_item_nl('frage');
|
||||||
$antwort = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['antwort']));
|
$antwort = strip_request_item_nl('antwort');
|
||||||
$question = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['question']));
|
$question = strip_request_item_nl('question');
|
||||||
$answer = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer']));
|
$answer = strip_request_item_nl('answer');
|
||||||
sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "'");
|
|
||||||
|
sql_query("INSERT INTO `FAQ` SET `Frage_de`='" . sql_escape($frage)
|
||||||
|
. "', `Frage_en`='" . sql_escape($question)
|
||||||
|
. "', `Antwort_de`='" . sql_escape($antwort)
|
||||||
|
. "', `Antwort_en`='" . sql_escape($answer)
|
||||||
|
. "'"
|
||||||
|
);
|
||||||
|
|
||||||
header("Location: " . page_link_to("admin_faq"));
|
header("Location: " . page_link_to("admin_faq"));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
|
@ -32,11 +45,18 @@ function admin_faq() {
|
||||||
if (count($faq) > 0) {
|
if (count($faq) > 0) {
|
||||||
list ($faq) = $faq;
|
list ($faq) = $faq;
|
||||||
|
|
||||||
$frage = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['frage']));
|
$frage = strip_request_item_nl('frage');
|
||||||
$antwort = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['antwort']));
|
$antwort = strip_request_item_nl('antwort');
|
||||||
$question = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['question']));
|
$question = strip_request_item_nl('question');
|
||||||
$answer = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer']));
|
$answer = strip_request_item_nl('answer');
|
||||||
sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage) . "', `Frage_en`='" . sql_escape($question) . "', `Antwort_de`='" . sql_escape($antwort) . "', `Antwort_en`='" . sql_escape($answer) . "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1");
|
|
||||||
|
sql_query("UPDATE `FAQ` SET `Frage_de`='" . sql_escape($frage)
|
||||||
|
. "', `Frage_en`='" . sql_escape($question)
|
||||||
|
. "', `Antwort_de`='" . sql_escape($antwort)
|
||||||
|
. "', `Antwort_en`='" . sql_escape($answer)
|
||||||
|
. "' WHERE `FID`=" . sql_escape($id) . " LIMIT 1"
|
||||||
|
);
|
||||||
|
|
||||||
header("Location: " . page_link_to("admin_faq"));
|
header("Location: " . page_link_to("admin_faq"));
|
||||||
} else
|
} else
|
||||||
return error("No FAQ found.");
|
return error("No FAQ found.");
|
||||||
|
|
|
||||||
|
|
@ -7,15 +7,23 @@ function admin_groups() {
|
||||||
if (!isset ($_REQUEST["action"])) {
|
if (!isset ($_REQUEST["action"])) {
|
||||||
$groups_html = "";
|
$groups_html = "";
|
||||||
foreach ($groups as $group) {
|
foreach ($groups as $group) {
|
||||||
$groups_html .= '<tr>';
|
$groups_html .= sprintf(
|
||||||
$groups_html .= '<td>' . $group['Name'] . '</td>';
|
'<tr><td>%s</td>',
|
||||||
|
$group['Name']
|
||||||
|
);
|
||||||
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID']));
|
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID']));
|
||||||
$privileges_html = array ();
|
$privileges_html = array ();
|
||||||
|
|
||||||
foreach ($privileges as $priv)
|
foreach ($privileges as $priv)
|
||||||
$privileges_html[] = $priv['name'];
|
$privileges_html[] = $priv['name'];
|
||||||
$groups_html .= '<td>' . join(", ", $privileges_html) . '</td>';
|
|
||||||
$groups_html .= '<td><a href="' . page_link_to("admin_groups") . '&action=edit&id=' . $group['UID'] . '">Ändern</a></td>';
|
$groups_html .= sprintf(
|
||||||
$groups_html .= '</tr>';
|
'<td>%s</td>'
|
||||||
|
. '<td><a href="%s&action=edit&id=%s">Ändern</a></td>',
|
||||||
|
join(', ', $privileges_html),
|
||||||
|
page_link_to("admin_groups"),
|
||||||
|
$group['UID']
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
return template_render('../templates/admin_groups.html', array (
|
return template_render('../templates/admin_groups.html', array (
|
||||||
|
|
|
||||||
|
|
@ -5,11 +5,17 @@ function guest_faq() {
|
||||||
foreach ($faqs as $faq) {
|
foreach ($faqs as $faq) {
|
||||||
$html .= "<dl>";
|
$html .= "<dl>";
|
||||||
if ($_SESSION['Sprache'] == "DE") {
|
if ($_SESSION['Sprache'] == "DE") {
|
||||||
$html .= "<dt>" . $faq['Frage_de'] . "</dt>";
|
$html .= sprintf(
|
||||||
$html .= "<dd>" . $faq['Antwort_de'] . "</dd>";
|
'<dt>%s</dt> <dd>%s</dd>',
|
||||||
|
$faq['frage_de'],
|
||||||
|
$faq['antwort_de']
|
||||||
|
);
|
||||||
} else {
|
} else {
|
||||||
$html .= "<dt>" . $faq['Frage_en'] . "</dt>";
|
$html .= sprintf(
|
||||||
$html .= "<dd>" . $faq['Antwort_en'] . "</dd>";
|
'<dt>%s</dt> <dd>%s</dd>',
|
||||||
|
$faq['frage_en'],
|
||||||
|
$faq['antwort_en']
|
||||||
|
);
|
||||||
}
|
}
|
||||||
$html .= "</dl>";
|
$html .= "</dl>";
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -16,12 +16,25 @@ function guest_register() {
|
||||||
$Ergans = sql_select("SELECT UID FROM `User` WHERE `Nick`='" . sql_escape($_POST["Nick"]) . "'");
|
$Ergans = sql_select("SELECT UID FROM `User` WHERE `Nick`='" . sql_escape($_POST["Nick"]) . "'");
|
||||||
|
|
||||||
if (strlen($_POST["Nick"]) < 2)
|
if (strlen($_POST["Nick"]) < 2)
|
||||||
$error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick2");
|
$error = Get_Text("makeuser_error_nick1")
|
||||||
elseif (count($Ergans) > 0) $error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick3");
|
. $_POST["Nick"] . Get_Text("makeuser_error_nick2");
|
||||||
elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false) $error = Get_Text("makeuser_error_mail");
|
|
||||||
elseif (!is_numeric($_POST["Alter"])) $error = Get_Text("makeuser_error_Alter");
|
elseif (count($Ergans) > 0)
|
||||||
elseif ($_POST["Passwort"] != $_POST["Passwort2"]) $error = Get_Text("makeuser_error_password1");
|
$error = Get_Text("makeuser_error_nick1")
|
||||||
elseif (strlen($_POST["Passwort"]) < 6) $error = Get_Text("makeuser_error_password2");
|
. $_POST["Nick"] . Get_Text("makeuser_error_nick3");
|
||||||
|
|
||||||
|
elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false)
|
||||||
|
$error = Get_Text("makeuser_error_mail");
|
||||||
|
|
||||||
|
elseif (!is_numeric($_POST["Alter"]))
|
||||||
|
$error = Get_Text("makeuser_error_Alter");
|
||||||
|
|
||||||
|
elseif ($_POST["Passwort"] != $_POST["Passwort2"])
|
||||||
|
$error = Get_Text("makeuser_error_password1");
|
||||||
|
|
||||||
|
elseif (strlen($_POST["Passwort"]) < 6)
|
||||||
|
$error = Get_Text("makeuser_error_password2");
|
||||||
|
|
||||||
else {
|
else {
|
||||||
$_POST["Passwort"] = PassCrypt($_POST["Passwort"]);
|
$_POST["Passwort"] = PassCrypt($_POST["Passwort"]);
|
||||||
unset ($_POST["Passwort2"]);
|
unset ($_POST["Passwort2"]);
|
||||||
|
|
@ -35,15 +48,26 @@ function guest_register() {
|
||||||
"`Size`, " . "`Passwort`, " .
|
"`Size`, " . "`Passwort`, " .
|
||||||
"`Art` , " . "`kommentar`, " .
|
"`Art` , " . "`kommentar`, " .
|
||||||
"`Hometown`," . "`CreateDate`, `Sprache` ) " .
|
"`Hometown`," . "`CreateDate`, `Sprache` ) " .
|
||||||
"VALUES ( " .
|
"VALUES ( '"
|
||||||
"'" . $_POST["Nick"] . "', " . "'" . $_POST["Name"] . "', " .
|
. sql_escape($_POST["Nick"]) . "', " . "'"
|
||||||
"'" . $_POST["Vorname"] . "', " . "'" . $_POST["Alter"] . "', " .
|
. sql_escape($_POST["Name"]) . "', " . "'"
|
||||||
"'" . $_POST["Telefon"] . "', " . "'" . $_POST["DECT"] . "', " .
|
. sql_escape($_POST["Vorname"]) . "', " . "'"
|
||||||
"'" . $_POST["Handy"] . "', " . "'" . $_POST["email"] . "', " .
|
. sql_escape($_POST["Alter"]) . "', " . "'"
|
||||||
"'" . $_POST["ICQ"] . "', " . "'" . $_POST["jabber"] . "', " .
|
. sql_escape($_POST["Telefon"]) . "', " . "'"
|
||||||
"'" . $_POST["Size"] . "', " . "'" . $_POST["Passwort"] . "', " .
|
. sql_escape($_POST["DECT"]) . "', " . "'"
|
||||||
"'" . $_POST["Art"] . "', " . "'" . $_POST["kommentar"] . "', " .
|
. sql_escape($_POST["Handy"]) . "', " . "'"
|
||||||
"'" . $_POST["Hometown"] . "'," . "NOW(), '" . $_SESSION['Sprache'] . "')");
|
. sql_escape($_POST["email"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["ICQ"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["jabber"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Size"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Passwort"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Art"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["kommentar"]) . "', " . "'"
|
||||||
|
. sql_escape($_POST["Hometown"]) . "',"
|
||||||
|
. "NOW(), '"
|
||||||
|
. sql_escape($_SESSION["Sprache"])
|
||||||
|
. "')"
|
||||||
|
);
|
||||||
|
|
||||||
if ($Erg != 1) {
|
if ($Erg != 1) {
|
||||||
$html .= Get_Text("makeuser_error_write1") . "<br />\n";
|
$html .= Get_Text("makeuser_error_write1") . "<br />\n";
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,13 @@ function user_unread_messages() {
|
||||||
$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
|
$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
|
||||||
|
|
||||||
if ($new_messages > 0)
|
if ($new_messages > 0)
|
||||||
return '<p class="notice"><a href="' . page_link_to("user_messages") . '">' . Get_Text("pub_messages_new1") . " " . $new_messages . " " . Get_Text("pub_messages_new2") . '</a></p><hr />';
|
return sprintf(
|
||||||
|
'<p class="notice"><a href="%s">%s %s %s</a></p><hr />',
|
||||||
|
page_link_to("user_messages"),
|
||||||
|
Get_Text("pub_messages_new1"),
|
||||||
|
$new_messages,
|
||||||
|
Get_Text("pub_messages_new2")
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
return "";
|
return "";
|
||||||
|
|
@ -16,23 +22,37 @@ function user_messages() {
|
||||||
global $user;
|
global $user;
|
||||||
|
|
||||||
if (!isset ($_REQUEST['action'])) {
|
if (!isset ($_REQUEST['action'])) {
|
||||||
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`");
|
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`="
|
||||||
|
. sql_escape($user['UID']) . " ORDER BY `Nick`");
|
||||||
|
|
||||||
$to_select_data = array (
|
$to_select_data = array (
|
||||||
"" => "Select receiver..."
|
"" => "Select receiver..."
|
||||||
);
|
);
|
||||||
|
|
||||||
foreach ($users as $u)
|
foreach ($users as $u)
|
||||||
$to_select_data[$u['UID']] = $u['Nick'];
|
$to_select_data[$u['UID']] = $u['Nick'];
|
||||||
|
|
||||||
$to_select = html_select_key('to', $to_select_data, '');
|
$to_select = html_select_key('to', $to_select_data, '');
|
||||||
|
|
||||||
$messages_html = "";
|
$messages_html = "";
|
||||||
$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC");
|
$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`="
|
||||||
|
. sql_escape($user['UID'])
|
||||||
|
. " OR `RUID`=" . sql_escape($user['UID'])
|
||||||
|
. " ORDER BY `isRead`,`Datum` DESC"
|
||||||
|
);
|
||||||
foreach ($messages as $message) {
|
foreach ($messages as $message) {
|
||||||
$messages_html .= '<tr' . ($message['isRead'] == 'N' ? ' class="new_message"' : '') . '>';
|
|
||||||
$messages_html .= '<td>' . ($message['isRead'] == 'N' ? '•' : '') . '</td>';
|
$messages_html .= sprintf(
|
||||||
$messages_html .= '<td>' . date("Y-m-d H:i", $message['Datum']) . '</td>';
|
'<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td>'
|
||||||
$messages_html .= '<td>' . UID2Nick($message['SUID']) . '</td>';
|
.'<td>%s</td>',
|
||||||
$messages_html .= '<td>' . UID2Nick($message['RUID']) . '</td>';
|
($message['isRead'] == 'N' ? ' class="new_message"' : ''),
|
||||||
$messages_html .= '<td>' . str_replace("\n", '<br />', $message['Text']) . '</td>';
|
($message['isRead'] == 'N' ? '•' : ''),
|
||||||
|
date("Y-m-d H:i", $message['Datum']),
|
||||||
|
UID2Nick($message['SUID']),
|
||||||
|
UID2Nick($message['RUID']),
|
||||||
|
str_replace("\n", '<br />', $message['Text'])
|
||||||
|
);
|
||||||
|
|
||||||
$messages_html .= '<td>';
|
$messages_html .= '<td>';
|
||||||
if ($message['RUID'] == $user['UID']) {
|
if ($message['RUID'] == $user['UID']) {
|
||||||
if ($message['isRead'] == 'N')
|
if ($message['isRead'] == 'N')
|
||||||
|
|
@ -45,7 +65,8 @@ function user_messages() {
|
||||||
|
|
||||||
return template_render('../templates/user_messages.html', array (
|
return template_render('../templates/user_messages.html', array (
|
||||||
'link' => page_link_to("user_messages"),
|
'link' => page_link_to("user_messages"),
|
||||||
'greeting' => Get_Text("Hello") . $user['Nick'] . ", <br />\n" . Get_Text("pub_messages_text1") . "<br /><br />\n",
|
'greeting' => Get_Text("Hello") . $user['Nick'] . ", <br />\n"
|
||||||
|
. Get_Text("pub_messages_text1") . "<br /><br />\n",
|
||||||
'messages' => $messages_html,
|
'messages' => $messages_html,
|
||||||
'new_label' => Get_Text("pub_messages_Neu"),
|
'new_label' => Get_Text("pub_messages_Neu"),
|
||||||
'date_label' => Get_Text("pub_messages_Datum"),
|
'date_label' => Get_Text("pub_messages_Datum"),
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,10 @@ function load_auth() {
|
||||||
if (count($user) > 0) {
|
if (count($user) > 0) {
|
||||||
// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
|
// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
|
||||||
list ($user) = $user;
|
list ($user) = $user;
|
||||||
sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . $_SESSION['uid'] . "' LIMIT 1;");
|
sql_query("UPDATE `User` SET "
|
||||||
|
. "`lastLogIn` = '" . time() . "'"
|
||||||
|
. " WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "' LIMIT 1;"
|
||||||
|
);
|
||||||
} else
|
} else
|
||||||
unset ($_SESSION['uid']);
|
unset ($_SESSION['uid']);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -8,6 +8,14 @@ function strip_request_item($name) {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function strip_request_item_nl($name) {
|
||||||
|
return preg_replace(
|
||||||
|
"/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui",
|
||||||
|
'',
|
||||||
|
strip_tags($_REQUEST[$name])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
function error($msg) {
|
function error($msg) {
|
||||||
return '<p class="error">' . $msg . '</p>';
|
return '<p class="error">' . $msg . '</p>';
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue