user messages
parent
d381f57951
commit
c0b15dfe0d
@ -0,0 +1,216 @@
|
|||||||
|
<?php
|
||||||
|
function user_unread_messages() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
|
||||||
|
|
||||||
|
if ($new_messages > 0)
|
||||||
|
return '<p class="notice"><a href="' . page_link_to("user_messages") . '">' . Get_Text("pub_messages_new1") . " " . $new_messages . " " . Get_Text("pub_messages_new2") . '</a></p><hr />';
|
||||||
|
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
|
||||||
|
function user_messages() {
|
||||||
|
global $user;
|
||||||
|
|
||||||
|
if (!isset ($_REQUEST['action'])) {
|
||||||
|
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`");
|
||||||
|
$to_select_data = array (
|
||||||
|
"" => "Select receiver..."
|
||||||
|
);
|
||||||
|
foreach ($users as $u)
|
||||||
|
$to_select_data[$u['UID']] = $u['Nick'];
|
||||||
|
$to_select = html_select_key('to', $to_select_data, '');
|
||||||
|
|
||||||
|
$messages_html = "";
|
||||||
|
$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC");
|
||||||
|
foreach ($messages as $message) {
|
||||||
|
$messages_html .= '<tr' . ($message['isRead'] == 'N' ? ' class="new_message"' : '') . '>';
|
||||||
|
$messages_html .= '<td>' . ($message['isRead'] == 'N' ? '•' : '') . '</td>';
|
||||||
|
$messages_html .= '<td>' . date("Y-m-d H:i", $message['Datum']) . '</td>';
|
||||||
|
$messages_html .= '<td>' . UID2Nick($message['SUID']) . '</td>';
|
||||||
|
$messages_html .= '<td>' . UID2Nick($message['RUID']) . '</td>';
|
||||||
|
$messages_html .= '<td>' . str_replace("\n", '<br />', $message['Text']) . '</td>';
|
||||||
|
$messages_html .= '<td>';
|
||||||
|
if ($message['RUID'] == $user['UID']) {
|
||||||
|
if ($message['isRead'] == 'N')
|
||||||
|
$messages_html .= '<a href="' . page_link_to("user_messages") . '&action=read&id=' . $message['id'] . '">' . Get_Text("pub_messages_MarkRead") . '</a>';
|
||||||
|
} else {
|
||||||
|
$messages_html .= '<a href="' . page_link_to("user_messages") . '&action=delete&id=' . $message['id'] . '">' . Get_Text("pub_messages_DelMsg") . '</a>';
|
||||||
|
}
|
||||||
|
$messages_html .= '</td></tr>';
|
||||||
|
}
|
||||||
|
|
||||||
|
return template_render('../templates/user_messages.html', array (
|
||||||
|
'link' => page_link_to("user_messages"),
|
||||||
|
'greeting' => Get_Text("Hello") . $user['Nick'] . ", <br />\n" . Get_Text("pub_messages_text1") . "<br /><br />\n",
|
||||||
|
'messages' => $messages_html,
|
||||||
|
'new_label' => Get_Text("pub_messages_Neu"),
|
||||||
|
'date_label' => Get_Text("pub_messages_Datum"),
|
||||||
|
'from_label' => Get_Text("pub_messages_Von"),
|
||||||
|
'to_label' => Get_Text("pub_messages_An"),
|
||||||
|
'text_label' => Get_Text("pub_messages_Text"),
|
||||||
|
'date' => date("Y-m-d H:i"),
|
||||||
|
'from' => $user['Nick'],
|
||||||
|
'to_select' => $to_select,
|
||||||
|
'submit_label' => Get_Text("save")
|
||||||
|
));
|
||||||
|
} else {
|
||||||
|
switch ($_REQUEST['action']) {
|
||||||
|
case "read" :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Message ID.");
|
||||||
|
|
||||||
|
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
|
||||||
|
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("user_messages"));
|
||||||
|
} else
|
||||||
|
return error("No Message found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "delete" :
|
||||||
|
if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
|
||||||
|
$id = $_REQUEST['id'];
|
||||||
|
else
|
||||||
|
return error("Incomplete call, missing Message ID.");
|
||||||
|
|
||||||
|
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
|
||||||
|
sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
|
||||||
|
header("Location: " . page_link_to("user_messages"));
|
||||||
|
} else
|
||||||
|
return error("No Message found.");
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "send" :
|
||||||
|
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
|
||||||
|
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['to']));
|
||||||
|
if ($text != "" && is_numeric($to) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
|
||||||
|
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
|
||||||
|
header("Location: " . page_link_to("user_messages"));
|
||||||
|
} else {
|
||||||
|
return error(Get_Text("pub_messages_Send_Error"));
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!isset ($_GET["action"]))
|
||||||
|
$_GET["action"] = "start";
|
||||||
|
|
||||||
|
switch ($_GET["action"]) {
|
||||||
|
case "start" :
|
||||||
|
echo Get_Text("Hello") . $_SESSION['Nick'] . ", <br />\n";
|
||||||
|
echo Get_Text("pub_messages_text1") . "<br /><br />\n";
|
||||||
|
|
||||||
|
//show exist Messages
|
||||||
|
$SQL = "SELECT * FROM `Messages` WHERE `SUID`='" . $_SESSION["UID"] . "' OR `RUID`='" . $_SESSION["UID"] . "'";
|
||||||
|
$erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
echo "<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_Datum") . "</b></td>\n";
|
||||||
|
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_Von") . "</b></td>\n";
|
||||||
|
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_An") . "</b></td>\n";
|
||||||
|
echo "<td class=\"contenttopic\"><b>" . Get_Text("pub_messages_Text") . "</b></td>\n";
|
||||||
|
echo "<td class=\"contenttopic\"></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
|
||||||
|
for ($i = 0; $i < mysql_num_rows($erg); $i++) {
|
||||||
|
echo "<tr class=\"content\">\n";
|
||||||
|
echo "<td>" . mysql_result($erg, $i, "Datum") . "</td>\n";
|
||||||
|
echo "<td>" . UID2Nick(mysql_result($erg, $i, "SUID")) . "</td>\n";
|
||||||
|
echo "<td>" . UID2Nick(mysql_result($erg, $i, "RUID")) . "</td>\n";
|
||||||
|
echo "<td>" . mysql_result($erg, $i, "Text") . "</td>\n";
|
||||||
|
echo "<td>";
|
||||||
|
|
||||||
|
if (mysql_result($erg, $i, "RUID") == $_SESSION["UID"]) {
|
||||||
|
echo "<a href=\"?action=DelMsg&Datum=" . mysql_result($erg, $i, "Datum") . "\">" . Get_Text("pub_messages_DelMsg") . "</a>";
|
||||||
|
|
||||||
|
if (mysql_result($erg, $i, "isRead") == "N")
|
||||||
|
echo "<a href=\"?action=MarkRead&Datum=" . mysql_result($erg, $i, "Datum") . "\">" . Get_Text("pub_messages_MarkRead") . "</a>";
|
||||||
|
} else {
|
||||||
|
if (mysql_result($erg, $i, "isRead") == "N")
|
||||||
|
echo Get_Text("pub_messages_NotRead");
|
||||||
|
}
|
||||||
|
|
||||||
|
echo "</td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
// send Messeges
|
||||||
|
echo "<form action=\"" . $_SERVER['SCRIPT_NAME'] . "?action=SendMsg\" method=\"POST\">";
|
||||||
|
echo "<tr class=\"content\">\n";
|
||||||
|
echo "<td></td>\n";
|
||||||
|
echo "<td></td>\n";
|
||||||
|
|
||||||
|
// Listet alle Nicks auf
|
||||||
|
echo "<td><select name=\"RUID\">\n";
|
||||||
|
|
||||||
|
$usql = "SELECT * FROM `User` WHERE (`UID`!='" . $_SESSION["UID"] . "') ORDER BY `Nick`";
|
||||||
|
$uErg = mysql_query($usql, $con);
|
||||||
|
$urowcount = mysql_num_rows($uErg);
|
||||||
|
|
||||||
|
for ($k = 0; $k < $urowcount; $k++) {
|
||||||
|
echo "<option value=\"" . mysql_result($uErg, $k, "UID") . "\">" . mysql_result($uErg, $k, "Nick") . "</option>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
echo "</select></td>\n";
|
||||||
|
echo "<td><textarea name=\"Text\" cols=\"30\" rows=\"10\"></textarea></td>\n";
|
||||||
|
echo "<td><input type=\"submit\" value=\"" . Get_Text("save") . "\"></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "</form>";
|
||||||
|
|
||||||
|
echo "</table>\n";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "SendMsg" :
|
||||||
|
echo Get_Text("pub_messages_Send1") . "...<br />\n";
|
||||||
|
|
||||||
|
$SQL = "INSERT INTO `Messages` ( `Datum` , `SUID` , `RUID` , `Text` ) VALUES (" .
|
||||||
|
"'" . gmdate("Y-m-j H:i:s", time()) . "', " .
|
||||||
|
"'" . $_SESSION["UID"] . "', " .
|
||||||
|
"'" . $_POST["RUID"] . "', " .
|
||||||
|
"'" . $_POST["Text"] . "');";
|
||||||
|
|
||||||
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
if ($Erg == 1)
|
||||||
|
echo Get_Text("pub_messages_Send_OK") . "\n";
|
||||||
|
else
|
||||||
|
echo Get_Text("pub_messages_Send_Error") . "...\n(" . mysql_error($con) . ")";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "MarkRead" :
|
||||||
|
$SQL = "UPDATE `Messages` SET `isRead` = 'Y' " .
|
||||||
|
"WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID`='" . $_SESSION["UID"] . "' " .
|
||||||
|
"LIMIT 1 ;";
|
||||||
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
if ($Erg == 1)
|
||||||
|
echo Get_Text("pub_messages_MarkRead_OK") . "\n";
|
||||||
|
else
|
||||||
|
echo Get_Text("pub_messages_MarkRead_KO") . "...\n(" . mysql_error($con) . ")";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "DelMsg" :
|
||||||
|
$SQL = "DELETE FROM `Messages` " .
|
||||||
|
"WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID` ='" . $_SESSION["UID"] . "' " .
|
||||||
|
"LIMIT 1;";
|
||||||
|
$Erg = mysql_query($SQL, $con);
|
||||||
|
|
||||||
|
if ($Erg == 1)
|
||||||
|
echo Get_Text("pub_messages_DelMsg_OK") . "\n";
|
||||||
|
else
|
||||||
|
echo Get_Text("pub_messages_DelMsg_KO") . "...\n(" . mysql_error($con) . ")";
|
||||||
|
break;
|
||||||
|
|
||||||
|
default :
|
||||||
|
echo Get_Text("pub_messages_NoCommand");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
@ -0,0 +1,50 @@
|
|||||||
|
%greeting%
|
||||||
|
<form action="%link%&action=send" method="post">
|
||||||
|
<table>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>
|
||||||
|
%new_label%
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
%date_label%
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
%from_label%
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
%to_label%
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
%text_label%
|
||||||
|
</th>
|
||||||
|
<th>
|
||||||
|
|
||||||
|
</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
%messages%
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
%date%
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
%from%
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
%to_select%
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<textarea name="text"></textarea>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<input type="submit" name="submit" value="%submit_label%" />
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</form>
|
@ -1,376 +0,0 @@
|
|||||||
<?php
|
|
||||||
require_once ('../bootstrap.php');
|
|
||||||
|
|
||||||
$title = "Himmel";
|
|
||||||
$header = "Deine persönlichen Einstellungen";
|
|
||||||
include "includes/header.php";
|
|
||||||
include "includes/crypt.php";
|
|
||||||
|
|
||||||
if (!isset ($_POST["action"])) {
|
|
||||||
echo Get_Text("Hallo") . $_SESSION['Nick'] . ",<br />\n\n";
|
|
||||||
Print_Text(13);
|
|
||||||
?>
|
|
||||||
<hr width="100%">
|
|
||||||
<?php Print_Text("pub_einstellungen_Text_UserData"); ?>
|
|
||||||
<form action="./einstellungen.php" method="post">
|
|
||||||
<input type="hidden" name="action" value="setUserData">
|
|
||||||
<table>
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text("pub_einstellungen_Nick"); ?></td>
|
|
||||||
<td><input type="text" name="eNick" size="23" value="<?php echo $_SESSION["Nick"]; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text("pub_einstellungen_Name"); ?></td>
|
|
||||||
<td><input type="text" name="eName" size="23" value="<?php echo $_SESSION['Name']; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text("pub_einstellungen_Vorname"); ?></td>
|
|
||||||
<td><input type="text" name="eVorname" size="23" value="<?php echo $_SESSION['Vorname']; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text("pub_einstellungen_Alter"); ?></td>
|
|
||||||
<td><input type="text" name="eAlter" size="3" value="<?php echo $_SESSION['Alter']; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text("pub_einstellungen_Telefon"); ?></td>
|
|
||||||
<td><input type="text" name="eTelefon" size="40" value="<?php echo $_SESSION['Telefon']; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text("pub_einstellungen_Handy"); ?></td>
|
|
||||||
<td><input type="text" name="eHandy" size="40" value="<?php echo $_SESSION['Handy']; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text("pub_einstellungen_DECT"); ?></td>
|
|
||||||
<td><input type="text" name="eDECT" size="4" value="<?php echo $_SESSION['DECT']; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text("pub_einstellungen_email"); ?></td>
|
|
||||||
<td><input type="text" name="eemail" size="40" value="<?php echo $_SESSION['email']; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<tr>
|
|
||||||
<td>ICQ</td>
|
|
||||||
<td><input type="text" name="eICQ" size="40" value="<?php echo $_SESSION['ICQ']; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<tr>
|
|
||||||
<td>jabber</td>
|
|
||||||
<td><input type="text" name="ejabber" size="40" value="<?php echo $_SESSION['jabber']; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text("pub_einstellungen_Hometown"); ?></td>
|
|
||||||
<td><input type="text" name="Hometown" size="40" value="<?php echo $_SESSION['Hometown']; ?>"></td>
|
|
||||||
</tr>
|
|
||||||
|
|
||||||
<?php
|
|
||||||
|
|
||||||
|
|
||||||
if ($_SESSION['CVS']["Change T_Shirt Size"] == "Y") {
|
|
||||||
?>
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text("makeuser_T-Shirt"); ?></td>
|
|
||||||
<td><select name="Sizeid">
|
|
||||||
<option <?php if($_SESSION['Size'] == 'S') { echo "selected"; } ?> value="S">S</option>
|
|
||||||
<option <?php if($_SESSION['Size'] == 'M') { echo "selected"; } ?> value="M">M</option>
|
|
||||||
<option <?php if($_SESSION['Size'] == 'L') { echo "selected"; } ?> value="L">L</option>
|
|
||||||
<option <?php if($_SESSION['Size'] == 'XL') { echo "selected"; } ?> value="XL">XL</option>
|
|
||||||
<option <?php if($_SESSION['Size'] == 'XXL') { echo "selected"; } ?> value="XXL">XXL</option>
|
|
||||||
<option <?php if($_SESSION['Size'] == 'XXXL') { echo "selected"; } ?> value="XXXL">XXXL</option>
|
|
||||||
</select></td>
|
|
||||||
</tr>
|
|
||||||
<?php
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
?>
|
|
||||||
</table>
|
|
||||||
<input type="submit" value="<?php Print_Text("save"); ?>">
|
|
||||||
</form>
|
|
||||||
<br />
|
|
||||||
|
|
||||||
<hr width="100%">
|
|
||||||
<?php Print_Text(14); ?>
|
|
||||||
<form action="./einstellungen.php" method="post">
|
|
||||||
<input type="hidden" name="action" value="set">
|
|
||||||
<table>
|
|
||||||
<tr><td><?php Print_Text(15); ?></td><td><input type="password" name="old" size="20"></td></tr>
|
|
||||||
<tr><td><?php Print_Text(16); ?></td><td><input type="password" name="new1" size="20"></td></tr>
|
|
||||||
<tr><td><?php Print_Text(17); ?></td><td><input type="password" name="new2" size="20"></td></tr>
|
|
||||||
</table>
|
|
||||||
<input type="submit" value="<?php Print_Text("save"); ?>">
|
|
||||||
</form>
|
|
||||||
<br />
|
|
||||||
|
|
||||||
<hr width="100%">
|
|
||||||
<br />
|
|
||||||
<?php Print_Text(18); ?>
|
|
||||||
<form action="./einstellungen.php" method="post">
|
|
||||||
<input type="hidden" name="action" value="colour">
|
|
||||||
<table>
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text(19); ?></td>
|
|
||||||
<td>
|
|
||||||
<select name="colourid">
|
|
||||||
<option <?php if($_SESSION['color'] == 1) { echo "selected"; } ?> value="1">Standard-Style</option>
|
|
||||||
<option <?php if($_SESSION['color'] == 2) { echo "selected"; } ?> value="2">Rot/Gelber Style</option>
|
|
||||||
<option <?php if($_SESSION['color'] == 3) { echo "selected"; } ?> value="3">Club-Mate Style</option>
|
|
||||||
<option <?php if($_SESSION['color'] == 5) { echo "selected"; } ?> value="5">Debian Style</option>
|
|
||||||
<option <?php if($_SESSION['color'] == 6) { echo "selected"; } ?> value="6">c-base Style</option>
|
|
||||||
<option <?php if($_SESSION['color'] == 7) { echo "selected"; } ?> value="7">Blau/Gelber Style </option>
|
|
||||||
<option <?php if($_SESSION['color'] == 8) { echo "selected"; } ?> value="8">Pastel Style</option>
|
|
||||||
<option <?php if($_SESSION['color'] == 4) { echo "selected"; } ?> value="4">Test Style</option>
|
|
||||||
<option <?php if($_SESSION['color'] == 9) { echo "selected"; } ?> value="9">Test Style 21c3 </option>
|
|
||||||
<option <?php if($_SESSION['color'] == 10) { echo "selected"; } ?> value="10">msquare (cccamp2011)</option>
|
|
||||||
</select>
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
<tr>
|
|
||||||
<td>Menu</td>
|
|
||||||
<td><input type="radio" name="eMenu" value="L"<?php if($_SESSION['Menu'] == 'L') echo " checked"; ?>>L
|
|
||||||
<input type="radio" name="eMenu" value="R"<?php if($_SESSION['Menu'] == 'R') echo " checked"; ?>>R
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
</table>
|
|
||||||
<input type="submit" value="<?php Print_Text("save"); ?>">
|
|
||||||
</form>
|
|
||||||
<br />
|
|
||||||
<hr width="100%">
|
|
||||||
<br />
|
|
||||||
<?php Print_Text(20); ?>
|
|
||||||
<form action="./einstellungen.php" method="post">
|
|
||||||
<input type="hidden" name="action" value="sprache" />
|
|
||||||
<table>
|
|
||||||
<tr>
|
|
||||||
<td><?php Print_Text(21); ?></td>
|
|
||||||
<td>
|
|
||||||
<select name="language">
|
|
||||||
<option value="DE" <?php if($_SESSION['Sprache'] == 'DE') { echo "selected"; } ?>>Deutsch</option>
|
|
||||||
<option value="EN" <?php if($_SESSION['Sprache'] == 'EN') { echo "selected"; } ?>>English</option>
|
|
||||||
<?php
|
|
||||||
|
|
||||||
|
|
||||||
/* <option value="NL" <?php if($_SESSION['Sprache'] == 'NL') { echo "selected"; } ?>>Dutch</option> */
|
|
||||||
?>
|
|
||||||
</select>
|
|
||||||
</td></tr>
|
|
||||||
</table>
|
|
||||||
<input type="submit" value="<?php Print_Text("save"); ?>">
|
|
||||||
</form>
|
|
||||||
|
|
||||||
<?php
|
|
||||||
|
|
||||||
|
|
||||||
if (get_cfg_var("file_uploads")) {
|
|
||||||
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
|
|
||||||
echo Get_Text('pub_einstellungen_PictureUpload') . "<br />";
|
|
||||||
echo "<form action=\"./einstellungen.php\" method=\"post\" enctype=\"multipart/form-data\">\n";
|
|
||||||
echo "<input type=\"hidden\" name=\"action\" value=\"sendPicture\">\n";
|
|
||||||
echo "<input name=\"file\" type=\"file\" size=\"50\" maxlength=\"" . get_cfg_var("post_max_size") . "\">\n";
|
|
||||||
echo "(max " . get_cfg_var("post_max_size") . "Byte)<br />\n";
|
|
||||||
echo "<input type=\"submit\" value=\"" . Get_Text("upload"), "\">\n";
|
|
||||||
echo "</form>\n";
|
|
||||||
}
|
|
||||||
|
|
||||||
switch (GetPicturShow($_SESSION['UID'])) {
|
|
||||||
case 'Y' :
|
|
||||||
echo Get_Text('pub_einstellungen_PictureShow') . "<br />";
|
|
||||||
echo displayPictur($_SESSION['UID'], 0);
|
|
||||||
echo "<form action=\"./einstellungen.php\" method=\"post\">\n";
|
|
||||||
echo "<input type=\"hidden\" name=\"action\" value=\"delPicture\">\n";
|
|
||||||
echo "<input type=\"submit\" value=\"" . Get_Text("delete"), "\">\n";
|
|
||||||
echo "</form>\n";
|
|
||||||
break;
|
|
||||||
case 'N' :
|
|
||||||
echo Get_Text('pub_einstellungen_PictureNoShow') . "<br />";
|
|
||||||
echo displayPictur($_SESSION['UID'], 0);
|
|
||||||
echo "<form action=\"./einstellungen.php\" method=\"post\">\n";
|
|
||||||
echo "<input type=\"hidden\" name=\"action\" value=\"delPicture\">\n";
|
|
||||||
echo "<input type=\"submit\" value=\"" . Get_Text("delete"), "\">\n";
|
|
||||||
echo "</form>\n";
|
|
||||||
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
|
|
||||||
case '' :
|
|
||||||
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
|
|
||||||
echo Get_Text(22) . "<br />";
|
|
||||||
echo "\n<form action=\"./einstellungen.php\" method=\"post\">\n";
|
|
||||||
echo "<input type=\"hidden\" name=\"action\" value=\"avatar\">\n";
|
|
||||||
echo "<table>\n";
|
|
||||||
echo "<tr>\n<td>" . Get_Text(23) . "<br /></td>\n</tr>\n";
|
|
||||||
echo "<tr>\n";
|
|
||||||
echo "<td>\n";
|
|
||||||
echo "<select name=\"eAvatar\" onChange=\"document.avatar.src = '" . $url . $ENGEL_ROOT . "pic/avatar/avatar' + this.value + '.gif'\" onKeyup=\"document.avatar.src = '" . $url . $ENGEL_ROOT . "pic/avatar/avatar' + this.value + '.gif'\">\n";
|
|
||||||
|
|
||||||
for ($i = 1; file_exists("../pic/avatar/avatar" . $i . ".gif"); $i++)
|
|
||||||
echo "<option value=\"" . $i . "\"" . ($_SESSION['Avatar'] == $i ? " selected" : "") . ">avatar" . $i . "</option>\n";
|
|
||||||
|
|
||||||
echo "</select> \n";
|
|
||||||
echo "<img src=\"" . $url . $ENGEL_ROOT . "pic/avatar/avatar" . $_SESSION['Avatar'] . ".gif\" name=\"avatar\" border=\"0\" align=\"top\">\n";
|
|
||||||
echo "</td>\n</tr>\n";
|
|
||||||
echo "</table>\n";
|
|
||||||
echo "<input type=\"submit\" value=\"" . Get_Text("save") . "\">\n";
|
|
||||||
echo "</form>\n";
|
|
||||||
break;
|
|
||||||
} //CASE
|
|
||||||
|
|
||||||
} else {
|
|
||||||
switch ($_POST["action"]) {
|
|
||||||
case 'set' :
|
|
||||||
if ($_POST["new1"] == $_POST["new2"]) {
|
|
||||||
Print_Text(25);
|
|
||||||
$sql = "SELECT * FROM `User` WHERE `UID`='" . $_SESSION['UID'] . "'";
|
|
||||||
$Erg = mysql_query($sql, $con);
|
|
||||||
|
|
||||||
if (PassCrypt($_POST["old"]) == mysql_result($Erg, 0, "Passwort")) {
|
|
||||||
Print_Text(26);
|
|
||||||
Print_Text(27);
|
|
||||||
$usql = "UPDATE `User` SET `Passwort`='" . PassCrypt($_POST["new1"]) . "' WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
|
|
||||||
$Erg = mysql_query($usql, $con);
|
|
||||||
|
|
||||||
if ($Erg == 1) {
|
|
||||||
Print_Text(28);
|
|
||||||
} else {
|
|
||||||
Print_Text(29);
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
Print_Text(30);
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
Print_Text(31);
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'colour' :
|
|
||||||
|
|
||||||
$chsql = "UPDATE `User` SET " .
|
|
||||||
"`color`= '" . $_POST["colourid"] . "', " .
|
|
||||||
"`Menu`= '" . $_POST["eMenu"] . "' " .
|
|
||||||
"WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
|
|
||||||
$Erg = mysql_query($chsql, $con);
|
|
||||||
echo mysql_error($con);
|
|
||||||
$_SESSION['color'] = $_POST["colourid"];
|
|
||||||
$_SESSION['Menu'] = $_POST["eMenu"];
|
|
||||||
if ($Erg == 1) {
|
|
||||||
Print_Text(32);
|
|
||||||
} else {
|
|
||||||
Print_Text(29);
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'sprache' :
|
|
||||||
|
|
||||||
$chsql = "UPDATE `User` SET `Sprache` = '" . $_POST["language"] . "' WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
|
|
||||||
$Erg = mysql_query($chsql, $con);
|
|
||||||
$_SESSION['Sprache'] = $_POST["language"];
|
|
||||||
if ($Erg == 1) {
|
|
||||||
Print_Text(33);
|
|
||||||
} else {
|
|
||||||
Print_Text(29);
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'avatar' :
|
|
||||||
$chsql = "UPDATE `User` SET `Avatar`='" . $_POST["eAvatar"] . "' WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
|
|
||||||
$Erg = mysql_query($chsql, $con);
|
|
||||||
$_SESSION['Avatar'] = $_POST["eAvatar"];
|
|
||||||
if ($Erg == 1)
|
|
||||||
Print_Text(34);
|
|
||||||
else
|
|
||||||
Print_Text(29);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'setUserData' :
|
|
||||||
if ($_SESSION['CVS']["Change T_Shirt Size"] == "Y") {
|
|
||||||
$chsql = "UPDATE `User` SET " .
|
|
||||||
"`Nick`='" . $_POST["eNick"] . "', `Name`='" . $_POST["eName"] . "', " .
|
|
||||||
"`Vorname`='" . $_POST["eVorname"] . "', `Alter`='" . $_POST["eAlter"] . "', " .
|
|
||||||
"`Telefon`='" . $_POST["eTelefon"] . "', `Handy`='" . $_POST["eHandy"] . "', " .
|
|
||||||
"`DECT`='" . $_POST["eDECT"] . "', `email`='" . $_POST["eemail"] . "', " .
|
|
||||||
"`ICQ`='" . $_POST["eICQ"] . "', `jabber`='" . $_POST["ejabber"] . "', " .
|
|
||||||
"`Hometown`='" . $_POST["Hometown"] . "', `Size`='" . $_POST["Sizeid"] . "' " .
|
|
||||||
"WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1;";
|
|
||||||
} else {
|
|
||||||
$chsql = "UPDATE `User` SET " .
|
|
||||||
"`Nick`='" . $_POST["eNick"] . "', `Name`='" . $_POST["eName"] . "', " .
|
|
||||||
"`Vorname`='" . $_POST["eVorname"] . "', `Alter`='" . $_POST["eAlter"] . "', " .
|
|
||||||
"`Telefon`='" . $_POST["eTelefon"] . "', `Handy`='" . $_POST["eHandy"] . "', " .
|
|
||||||
"`DECT`='" . $_POST["eDECT"] . "', `email`='" . $_POST["eemail"] . "', " .
|
|
||||||
"`ICQ`='" . $_POST["eICQ"] . "', `jabber`='" . $_POST["ejabber"] . "', " .
|
|
||||||
"`Hometown`='" . $_POST["Hometown"] . "' " .
|
|
||||||
"WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1;";
|
|
||||||
}
|
|
||||||
$Erg = mysql_query($chsql, $con);
|
|
||||||
|
|
||||||
if ($Erg == 1) {
|
|
||||||
$_SESSION['Nick'] = $_POST["eNick"];
|
|
||||||
$_SESSION['Name'] = $_POST["eName"];
|
|
||||||
$_SESSION['Vorname'] = $_POST["eVorname"];
|
|
||||||
$_SESSION['Alter'] = $_POST["eAlter"];
|
|
||||||
$_SESSION['Telefon'] = $_POST["eTelefon"];
|
|
||||||
$_SESSION['Handy'] = $_POST["eHandy"];
|
|
||||||
$_SESSION['DECT'] = $_POST["eDECT"];
|
|
||||||
$_SESSION['email'] = $_POST["eemail"];
|
|
||||||
$_SESSION['ICQ'] = $_POST["eICQ"];
|
|
||||||
$_SESSION['jabber'] = $_POST["ejabber"];
|
|
||||||
$_SESSION['Hometown'] = $_POST["Hometown"];
|
|
||||||
if ($_SESSION['CVS']["Change T_Shirt Size"] == "Y") {
|
|
||||||
$_SESSION['Size'] = $_POST["Sizeid"];
|
|
||||||
} else
|
|
||||||
if ($_SESSION['Size'] != $_POST["Sizeid"]) {
|
|
||||||
array_push($error_messages, "einstellungen.php, change t-shirt size not allowed\n");
|
|
||||||
}
|
|
||||||
|
|
||||||
Print_Text("pub_einstellungen_UserDateSaved");
|
|
||||||
} else {
|
|
||||||
Print_Text(29);
|
|
||||||
echo mysql_error($con);
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'sendPicture' :
|
|
||||||
if ($_FILES["file"]["size"] > 0) {
|
|
||||||
if (($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/gif")) {
|
|
||||||
$data = addslashes(fread(fopen($_FILES["file"]["tmp_name"], "r"), filesize($_FILES["file"]["tmp_name"])));
|
|
||||||
|
|
||||||
if (GetPicturShow($_SESSION['UID']) == "")
|
|
||||||
$SQL = "INSERT INTO `UserPicture` " .
|
|
||||||
"( `UID`,`Bild`, `ContentType`, `show`) " .
|
|
||||||
"VALUES ('" . $_SESSION['UID'] . "', '$data', '" . $_FILES["file"]["type"] . "', 'N')";
|
|
||||||
else
|
|
||||||
$SQL = "UPDATE `UserPicture` SET " .
|
|
||||||
"`Bild`='$data', " .
|
|
||||||
"`ContentType`='" . $_FILES["file"]["type"] . "', " .
|
|
||||||
"`show`='N' " .
|
|
||||||
"WHERE `UID`='" . $_SESSION['UID'] . "'";
|
|
||||||
|
|
||||||
$res = mysql_query($SQL, $con);
|
|
||||||
if ($res)
|
|
||||||
Print_Text("pub_einstellungen_send_OK");
|
|
||||||
else
|
|
||||||
Print_Text("pub_einstellungen_send_KO");
|
|
||||||
|
|
||||||
echo "<h6>('" . $_FILES["file"]["name"] . "', MIME-Type: " . $_FILES["file"]["type"] . ", " . $_FILES["file"]["size"] . " Byte)</h6>";
|
|
||||||
} else
|
|
||||||
Print_Text("pub_einstellungen_send_KO");
|
|
||||||
} else
|
|
||||||
Print_Text("pub_einstellungen_send_KO");
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'delPicture' :
|
|
||||||
$chsql = "DELETE FROM `UserPicture` WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
|
|
||||||
$Erg = mysql_query($chsql, $con);
|
|
||||||
if ($Erg == 1)
|
|
||||||
Print_Text("pub_einstellungen_del_OK");
|
|
||||||
else
|
|
||||||
Print_Text("pub_einstellungen_del_KO");
|
|
||||||
Break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
include ("includes/footer.php");
|
|
||||||
?>
|
|
@ -1,77 +0,0 @@
|
|||||||
<?PHP
|
|
||||||
include ('../bootstrap.php');
|
|
||||||
|
|
||||||
$title = "Index";
|
|
||||||
$header = "Index";
|
|
||||||
|
|
||||||
include ("config/config_db.php");
|
|
||||||
include ("includes/crypt.php");
|
|
||||||
|
|
||||||
session_start(); // alte Session - falls vorhanden - wiederherstellen...
|
|
||||||
|
|
||||||
function LoginOK() {
|
|
||||||
include ("config/config.php");
|
|
||||||
header("HTTP/1.1 302 Moved Temporarily");
|
|
||||||
header("Location: " . $url . $ENGEL_ROOT . "nonpublic/news.php");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!IsSet ($_POST["user"])) { // User ist bereits angemeldet... normaler Inhalt...
|
|
||||||
LoginOK();
|
|
||||||
} else { // User ist noch nicht angemeldet
|
|
||||||
$sql = "SELECT * FROM `User` WHERE `Nick`='" . $_POST["user"] . "'";
|
|
||||||
$userstring = mysql_query($sql, $con);
|
|
||||||
|
|
||||||
// anzahl zeilen
|
|
||||||
$user_anz = mysql_num_rows($userstring);
|
|
||||||
|
|
||||||
if ($user_anz == 1) { // Check, ob User angemeldet wird...
|
|
||||||
if (mysql_result($userstring, 0, "Passwort") == PassCrypt($_POST["password"])) { // Passwort ok...
|
|
||||||
// Session wird eingeleitet und Session-Variablen gesetzt..
|
|
||||||
// session_start();
|
|
||||||
session_name("Himmel");
|
|
||||||
$_SESSION['UID'] = mysql_result($userstring, 0, "UID");
|
|
||||||
$_SESSION['Nick'] = mysql_result($userstring, 0, "Nick");
|
|
||||||
$_SESSION['Name'] = mysql_result($userstring, 0, "Name");
|
|
||||||
$_SESSION['Vorname'] = mysql_result($userstring, 0, "Vorname");
|
|
||||||
$_SESSION['Alter'] = mysql_result($userstring, 0, "Alter");
|
|
||||||
$_SESSION['Telefon'] = mysql_result($userstring, 0, "Telefon");
|
|
||||||
$_SESSION['Handy'] = mysql_result($userstring, 0, "Handy");
|
|
||||||
$_SESSION['DECT'] = mysql_result($userstring, 0, "DECT");
|
|
||||||
$_SESSION['email'] = mysql_result($userstring, 0, "email");
|
|
||||||
$_SESSION['ICQ'] = mysql_result($userstring, 0, "ICQ");
|
|
||||||
$_SESSION['jabber'] = mysql_result($userstring, 0, "jabber");
|
|
||||||
$_SESSION['Size'] = mysql_result($userstring, 0, "Size");
|
|
||||||
$_SESSION['Gekommen'] = mysql_result($userstring, 0, "Gekommen");
|
|
||||||
$_SESSION['Aktiv'] = mysql_result($userstring, 0, "Aktiv");
|
|
||||||
$_SESSION['Tshirt'] = mysql_result($userstring, 0, "Tshirt");
|
|
||||||
$_SESSION['Menu'] = mysql_result($userstring, 0, "Menu");
|
|
||||||
$_SESSION['color'] = mysql_result($userstring, 0, "color");
|
|
||||||
$_SESSION['Avatar'] = mysql_result($userstring, 0, "Avatar");
|
|
||||||
$_SESSION['Sprache'] = mysql_result($userstring, 0, "Sprache");
|
|
||||||
$_SESSION['Hometown'] = mysql_result($userstring, 0, "Hometown");
|
|
||||||
$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
|
|
||||||
|
|
||||||
// CVS import Data
|
|
||||||
$SQL = "SELECT * FROM `UserCVS` WHERE `UID`='" . $_SESSION['UID'] . "'";
|
|
||||||
$Erg_CVS = mysql_query($SQL, $con);
|
|
||||||
$_SESSION['CVS'] = mysql_fetch_array($Erg_CVS);
|
|
||||||
|
|
||||||
LoginOK();
|
|
||||||
} else { // Passwort nicht ok...
|
|
||||||
$ErrorText = "pub_index_pass_no_ok";
|
|
||||||
} // Ende Passwort-Check
|
|
||||||
} else { // Anzahl der User in User-Tabelle <> 1 --> keine Anmeldung
|
|
||||||
if ($user_anz == 0)
|
|
||||||
$ErrorText = "pub_index_User_unset";
|
|
||||||
else
|
|
||||||
$ErrorText = "pub_index_User_more_as_one";
|
|
||||||
} // Ende Check, ob User angemeldet wurde
|
|
||||||
}
|
|
||||||
include ("includes/header.php");
|
|
||||||
if (isset ($ErrorText))
|
|
||||||
echo "<h2>" . Get_Text($ErrorText) . "</h2><br />\n";
|
|
||||||
include ("includes/login_eingabefeld.php");
|
|
||||||
include ("includes/footer.php");
|
|
||||||
?>
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue