PageRenderTime 43ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 0ms

/modules/clanmgr/clanmgr.php

http://lansuite.googlecode.com/
PHP | 274 lines | 207 code | 57 blank | 10 comment | 75 complexity | 8b1d1813cebf63d22cd2fb1b54582c04 MD5 | raw file
Possible License(s): LGPL-3.0, AGPL-1.0, LGPL-2.1 
    

  1. <?php
    2. 

  2. 

  3. function ShowRole ($role) {
    4. 

  4.   global $auth, $line;
    5. 

  5. 

  6.   if ($role) $ret = t('Clan-Admin');
    7. 

  7.   else $ret = t('Clan-Mitglied');
    8. 

  8.   
    9. 

  9.   if (($_GET['clanid'] == $auth['clanid'] and $auth['clanadmin']) or $auth['type'] > 1) $ret = '<a href="index.php?mod=clanmgr&action=clanmgr&step=50&clanid='. $_GET['clanid'] .'&userid='. $line['userid'] .'">'. $ret .'</a>';
    10. 

  10.   
    11. 

  11.   return $ret;
    12. 

  12. }
    13. 

  13. 

  14. function CheckClanPW ($clanpw) {
    15. 

  15.   global $db, $auth;
    16. 

  16. 

  17.   $clan = $db->qry_first("SELECT password FROM %prefix%clan WHERE clanid = %int%", $_GET['clanid']);
    18. 

  18.   if ($clan['password'] and $clan['password'] == md5($clanpw)) return true;
    19. 

  19.   return false;
    20. 

  20. }
    21. 

  21. 

  22. function CheckExistingClan() {
    23. 

  23. 	global $auth, $db, $func;
    24. 

  24. 	$clanuser = $db->qry_first("SELECT clanid FROM %prefix%user WHERE userid=%int%", $auth['userid']);
    25. 

  25. 	if($clanuser["clanid"] == NULL | $clanuser["clanid"] == 0)
    26. 

  26. 		return true;	
    27. 

  27. 	else
    28. 

  28. 	{
    29. 

  29. 		$func->error(t('Bevor du einen neuen Clan anlegen kannst, musst du aus deinem aktuellen Clan austreten.'), "index.php?mod=clanmgr");
    30. 

  30. 		return false;
    31. 

  31. 	}
    32. 

  32. }
    33. 

  33. 

  34. function CountAdmins() {
    35. 

  35. 	global $auth, $db, $func;
    36. 

  36. 	
    37. 

  37. 	 $query_admins = $db->qry("SELECT * FROM %prefix%user WHERE clanid = %int% AND clanadmin = 1",$_GET['clanid']);     
    38. 

  38.      return $db->num_rows($query_admins); 
    39. 

  39. }
    40. 

  40. 

  41. function Update($id) {
    42. 

  42. 	global $auth, $db, $func;
    43. 

  43. 	
    44. 

  44. 	if(!$_GET['clanid']) {
    45. 

  45. 	  $func->log_event(t('Clan %1 erstellt', $_POST['name']), 1, t('clanmgr'));
    46. 

  46.   	if($db->qry("UPDATE %prefix%user SET clanid = %int%, clanadmin = 1 WHERE userid =%int%", $id, $auth["userid"]))
    47. 

  47. 			$func->confirmation(t('Der Clan wurde erfolgreich angelegt. Als Ersteller hast du die Rolle Admin in diesem Clan.'), "index.php?mod=clanmgr");
    48. 

  48.   }
    49. 

  49. }
    50. 

  50. 	
    51. 

  51. function link_to_clan($clan_url) {
    52. 

  52.   if ($clan_url== '') return '';
    53. 

  53.   if (substr($clan_url, 0, 7) != 'http://' and substr($clan_url, 0, 8) != 'https://') $clan_url = "http://".$clan_url;
    54. 

  54.   return '<a href="'. $clan_url .'" target="_blank">'. $clan_url .'</a>';
    55. 

  55. }
    56. 

  56. 

  57. switch ($_GET['step']) {
    58. 

  58.   default:
    59. 

  59.     include_once('modules/mastersearch2/class_mastersearch2.php');
    60. 

  60.     $ms2 = new mastersearch2('clanmgr');
    61. 

  61.     
    62. 

  62.     $ms2->query['from'] = "%prefix%clan AS c
    63. 

  63.         LEFT JOIN %prefix%user AS u ON c.clanid = u.clanid";
    64. 

  64.     
    65. 

  65.     $ms2->config['EntriesPerPage'] = 20;
    66. 

  66.     #$ms2->AddBGColor('c.clanid', array($auth['clanid'] => 'ff0000'));
    67. 

  67.     
    68. 

  68.     $ms2->AddTextSearchField(t('Clanname'), array('c.name' => '1337', 'c.url' => 'like'));
    69. 

  69.     $ms2->AddTextSearchDropDown(t('Mitglieder'), 'COUNT(u.clanid)', array('' => t('Alle'), '0' => t('Ohne Mitglieder'), '>1' => t('Mit Mitglieder')));
    70. 

  70.     
    71. 

  71.     $ms2->AddResultField(t('Clanname'), 'c.name');
    72. 

  72.     $ms2->AddResultField(t('Webseite'), 'c.url', 'link_to_clan');
    73. 

  73.     $ms2->AddResultField(t('Mitglieder'), 'COUNT(u.clanid) AS members');
    74. 

  74. 

  75.     $ms2->AddIconField('details', 'index.php?mod=clanmgr&step=2&clanid=', t('Clan-Details'));
    76. 

  76.     if ($auth['type'] >= 2) $ms2->AddIconField('change_pw', 'index.php?mod=clanmgr&step=10&clanid=', t('Passwort ändern'));
    77. 

  77.     if ($auth['type'] >= 2) $ms2->AddIconField('edit', 'index.php?mod=clanmgr&step=30&clanid=', t('Editieren'));
    78. 

  78.     if ($auth['type'] >= 3) $ms2->AddIconField('delete', 'index.php?mod=clanmgr&step=20&clanid=', t('Löschen'));
    79. 

  79. 

  80.     if ($auth['type'] >= 3) $ms2->AddMultiSelectAction(t('Löschen'), 'index.php?mod=clanmgr&step=20', 1);
    81. 

  81. 

  82.     $ms2->PrintSearch('index.php?mod=clanmgr', 'c.clanid');
    83. 

  83.    if ($auth['type'] >= 1)$dsp->AddSingleRow($dsp->FetchSpanButton(t('Hinzufügen'), 'index.php?mod=clanmgr&step=30'));
    84. 

  84.     
    85. 

  85.   break;
    86. 

  86. 

  87.   // Details
    88. 

  88.   case 2:
    89. 

  89.     $row = $db->qry_first('SELECT name, url, clanlogo_path FROM %prefix%clan WHERE clanid = %int%', $_GET['clanid']);
    90. 

  90.     
    91. 

  91.     if (func::chk_img_path($row['clanlogo_path'])) $dsp->AddDoubleRow(t(''), '<img src="'. $row['clanlogo_path'] .'" alt="'.$row['name'].'">');
    92. 

  92.     $dsp->AddDoubleRow(t('Clan'), $row['name']);
    93. 

  93. 	if(stristr($row['url'], 'http://') === FALSE) $row['url'] = "http://".$row['url'];
    94. 

  94. 	$dsp->AddDoubleRow(t('Webseite'), '<a href="'. $row['url'] .'" target="_blank">'. $row['url'] .'</a>');
    95. 

  95.     
    96. 

  96.     $buttons = '';
    97. 

  97.     if ($auth['type'] >= 1 and $auth['clanid'] != $_GET['clanid']) $buttons .= $dsp->FetchSpanButton(t('Clan beitreten'), 'index.php?mod='. $_GET['mod'] .'&step=60&clanid='. $_GET['clanid']).' ';
    98. 

  98.     if ($auth['type'] >= 1 and $auth['clanid'] == $_GET['clanid']) $buttons .= $dsp->FetchSpanButton(t('Clan verlassen'), 'index.php?mod='. $_GET['mod'] .'&step=40&clanid='. $_GET['clanid'].'&userid='.$auth['userid']).' ';
    99. 

  99.     if (($auth['type'] >= 1 and $auth['clanid'] == $_GET['clanid'] and $auth['clanadmin'] == 1) or $auth['type'] >= 2) $buttons .= $dsp->FetchSpanButton(t('Clan editieren'), 'index.php?mod='. $_GET['mod'] .'&step=30&clanid='. $_GET['clanid']).' ';
    100. 

  100.     if (($auth['type'] >= 1 and $auth['clanid'] == $_GET['clanid'] and $auth['clanadmin'] == 1) or $auth['type'] >= 2) $buttons .= $dsp->FetchSpanButton(t('Passwort ändern'), 'index.php?mod='. $_GET['mod'] .'&step=10&clanid='. $_GET['clanid']).' ';
    101. 

  101.     $dsp->AddDoubleRow('',$buttons);
    102. 

  102.     
    103. 

  103. 

  104.     $dsp->AddFieldSetStart(t('Mitglieder'));
    105. 

  105.     include_once('modules/mastersearch2/class_mastersearch2.php');
    106. 

  106.     $ms2 = new mastersearch2('clanmgr');
    107. 

  107.     
    108. 

  108.     $ms2->query['from'] = "%prefix%user AS u";
    109. 

  109.     $ms2->query['where'] = "u.clanid = ". (int)$_GET['clanid'];
    110. 

  110.     
    111. 

  111.     $ms2->config['EntriesPerPage'] = 100;
    112. 

  112. 	
    113. 

  113.     $ms2->AddSelect('u.firstname');
    114. 

  114. 	$ms2->AddSelect('u.name');
    115. 

  115. 	
    116. 

  116.     $ms2->AddResultField(t('Benutzername'), 'u.username', 'UserNameAndIcon');
    117. 

  117.     if (!$cfg['sys_internet'] or $auth['type'] > 1 or $auth['clanid'] == $_GET['clanid']) {
    118. 

  118.       $ms2->AddResultField(t('Vorname'), 'u.firstname', '');
    119. 

  119.       $ms2->AddResultField(t('Nachname'), 'u.name', '');
    120. 

  120.     }
    121. 

  121.     $ms2->AddResultField(t('Rolle'), 'u.clanadmin', 'ShowRole');
    122. 

  122.     
    123. 

  123.     $ms2->AddIconField('details', 'index.php?mod=usrmgr&action=details&userid=', t('Clan-Details'));
    124. 

  124.     if ($auth['type'] >= 3 | ($auth['clanid'] == $_GET['clanid'] & $auth['clanadmin'] == 1)) $ms2->AddIconField('delete', 'index.php?mod=clanmgr&action=clanmgr&step=40&clanid='. $_GET['clanid'] .'&userid=', t('Löschen'));
    125. 

  125. 

  126.     $ms2->PrintSearch('index.php?mod=clanmgr&action=clanmgr&step=2', 'u.userid');
    127. 

  127.     $dsp->AddFieldSetEnd();
    128. 

  128. 

  129.     $dsp->AddBackButton('index.php?mod=clanmgr&action=clanmgr');
    130. 

  130. 

  131.     include('inc/classes/class_mastercomment.php');
    132. 

  132.     new Mastercomment('Clan', $_GET['clanid'], '');
    133. 

  133.   break;
    134. 

  134. 

  135.   // Change clan password
    136. 

  136.   case 10:
    137. 

  137.     if($_GET['clanid'] == '') $func->error(t('Keine Clan-ID angegeben!'), "index.php?mod=home");
    138. 

  138.     elseif ($_GET['clanid'] != $auth['clanid'] and $auth['type'] < 2) $func->information(t('Du bist nicht berechtigt das Passwort dieses Clans zu ändern'), "index.php?mod=home");
    139. 

  139.     else {
    140. 

  140.       include_once('inc/classes/class_masterform.php');
    141. 

  141.       $mf = new masterform();
    142. 

  142. 

  143.       if ($auth['type'] < 2) $mf->AddField(t('Dezeitiges Passwort'), 'old_password', IS_PASSWORD, '', FIELD_OPTIONAL, 'CheckClanPW');
    144. 

  144.       $mf->AddField(t('Neues Passwort'), 'password', IS_NEW_PASSWORD);
    145. 

  145. 

  146.       if ($mf->SendForm('index.php?mod=clanmgr&action=clanmgr&step=10', 'clan', 'clanid', $_GET['clanid'])) {
    147. 

  147. 

  148.         include_once("modules/mail/class_mail.php");
    149. 

  149.         $mail = new mail();
    150. 

  150. 

  151.         // Send information mail to all clan members
    152. 

  152.       	$clanuser = $db->qry("SELECT userid, username, email FROM %prefix%user WHERE clanid=%int%", $_GET['clanid']);
    153. 

  153.       	while ($data = $db->fetch_array($clanuser)) {
    154. 

  154.       		$mail->create_mail($auth['userid'], $data['userid'], t('Clanpasswort geändert'), t('Das Clanpasswort wurde durch den Benutzer %1 in "%2" geändert', array($auth['username'], $_POST['password_original'])));
    155. 

  155.       		$mail->create_inet_mail($data['username'], $data['email'], t('Clanpasswort geändert'), t('Das Clanpasswort wurde durch den Benutzer %1 in "%2" geändert', array($auth['username'], $_POST['password_original'])), $cfg["sys_party_mail"]);
    156. 

  156.       	}
    157. 

  157.       	$func->log_event(t('Das Clanpasswort wurde durch den Benutzer %1 geändert', $auth['username']), 1, t('clanmgr'));
    158. 

  158.       }
    159. 

  159.     }
    160. 

  160.   break;
    161. 

  161. 

  162.   // Delete
    163. 

  163.   case 20:
    164. 

  164.     if ($auth['type'] >= 3) {
    165. 

  165.       if ($_GET['clanid']) $_POST['action'][$_GET['clanid']] = 1;
    166. 

  166.       if ($_POST['action']) foreach ($_POST['action'] as $key => $val) {
    167. 

  167.         $db->qry("DELETE FROM %prefix%clan WHERE clanid = %string%", $key);
    168. 

  168.         $db->qry("UPDATE %prefix%user SET clanid = 0 WHERE clanid = %string%", $key);
    169. 

  169.       }
    170. 

  170.       $func->confirmation(t('Löschen erfolgreich'), 'index.php?mod=clanmgr&action=clanmgr');      
    171. 

  171.     }
    172. 

  172.   break;
    173. 

  173.   
    174. 

  174.   // Add - Edit
    175. 

  175.   case 30:
    176. 

  176.    // if ($_GET['clanid'] == '') $func->error(t('Keine Clan-ID angegeben!'), "index.php?mod=home");
    177. 

  177.     if ($_GET['clanid'] != '' and !($_GET['clanid'] == $auth['clanid'] and $auth['clanadmin'] == 1) and $auth['type'] < 2) $func->information(t('Du bist nicht berechtigt diesen Clan zu ändern'), "index.php?mod=home");
    178. 

  178.     else {
    179. 

  179.       include_once('inc/classes/class_masterform.php');
    180. 

  180.       $mf = new masterform();
    181. 

  181. 

  182.       $dsp->AddFieldsetStart(t('Clan-Daten'));
    183. 

  183.       $mf->AddField(t('Clanname'), 'name');
    184. 

  184.       if(!$_GET['clanid']) $mf->AddField(t('Beitritts Passwort'), 'password', IS_NEW_PASSWORD);
    185. 

  185.       $mf->AddField(t('Webseite'), 'url', '', '', FIELD_OPTIONAL);
    186. 

  186.       $mf->AddField(t('Clanlogo'), 'clanlogo_path', IS_FILE_UPLOAD, 'ext_inc/clan/'. $auth['userid'] .'_', FIELD_OPTIONAL);
    187. 

  187.       
    188. 

  188.       
    189. 

  189.       
    190. 

  190.       if (!$_GET['clanid']) $mf->CheckBeforeInserFunction = 'CheckExistingClan';
    191. 

  191.       $mf->AdditionalDBUpdateFunction = 'Update';
    192. 

  192.       $mf->SendForm('index.php?mod=clanmgr&step='. $_GET['step'], 'clan', 'clanid', $_GET['clanid']);
    193. 

  193.       	
    194. 

  194. 

  195.       $dsp->AddFieldsetEnd();
    196. 

  196. 		
    197. 

  197. 	  if ($_GET['clanid'] != '')
    198. 

  198. 		{
    199. 

  199.       $dsp->AddFieldsetStart(t('Mitglieder'));
    200. 

  200.       include_once('modules/mastersearch2/class_mastersearch2.php');
    201. 

  201.       $ms2 = new mastersearch2('clanmgr');
    202. 

  202. 

  203.       $ms2->query['from'] = "%prefix%user AS u";
    204. 

  204.       $ms2->query['where'] = 'u.clanid = '. (int)$_GET['clanid'];
    205. 

  205.       $ms2->config['EntriesPerPage'] = 20;
    206. 

  206. 

  207.       $ms2->AddResultField(t('Vorname'), 'u.firstname');
    208. 

  208.       $ms2->AddResultField(t('Nachname'), 'u.name');
    209. 

  209.       $ms2->AddResultField(t('Benutzername'), 'u.username');
    210. 

  210.       $ms2->AddResultField(t('Rolle'), 'u.clanadmin', 'ShowRole');
    211. 

  211. 

  212.       $ms2->AddIconField('delete', 'index.php?mod=clanmgr&action=clanmgr&step=40&clanid='. $_GET['clanid'] .'&userid=', t('Löschen'));
    213. 

  213.       $ms2->PrintSearch('index.php?mod=clanmgr&action=clanmgr&step=30&clanid='. $_GET['clanid'] .'&userid=', 'u.userid');
    214. 

  214.       $dsp->AddFieldsetEnd();
    215. 

  215. 		}
    216. 

  216.       $dsp->AddBackButton('index.php?mod=clanmgr&action=clanmgr');
    217. 

  217. 		
    218. 

  218.     }
    219. 

  219.   break;
    220. 

  220.   
    221. 

  221.   // Delete Member
    222. 

  222.   case 40:
    223. 

  223.     if ($_GET['clanid'] == '') $func->error(t('Keine Clan-ID angegeben!'), "index.php?mod=home");
    224. 

  224.     elseif(CountAdmins() == 1 and $auth['clanadmin'] == 1) {$func->information(t('Löschen nicht möglich. Du bist der einzige Clan-Admin in diesem Clan. Benne bitte vorher einen weiteren Admin.'), 'index.php?mod=clanmgr&action=clanmgr&step=2&clanid='. $_GET['clanid']);}
    225. 

  225.     elseif (($_GET['clanid'] == $auth['clanid'] and $auth['clanadmin'] == 1) or ($_GET['clanid'] == $auth['clanid'] and $_GET['userid'] = $auth['userid']) or $auth['type'] > 2) {
    226. 

  226.       $db->qry("UPDATE %prefix%user SET clanid = 0 WHERE userid = %int%", $_GET['userid']);
    227. 

  227.       $func->confirmation(t('Löschen erfolgreich'), 'index.php?mod=clanmgr&action=clanmgr&step=2&clanid='. $_GET['clanid']);
    228. 

  228.     } else $func->information(t('Du bist nicht berechtigt Mitglieder aus diesem Clan zu entfernen'), "index.php?mod=home");
    229. 

  229.   break;
    230. 

  230. 

  231.   // Change role
    232. 

  232.   case 50:
    233. 

  233.     if ($_GET['clanid'] == '') $func->error(t('Keine Clan-ID angegeben!'), "index.php?mod=home");
    234. 

  234.     elseif (($_GET['clanid'] == $auth['clanid'] and $auth['clanadmin']) or $auth['type'] > 1) {  	
    235. 

  235.       $cur_role = $db->qry_first("SELECT username, clanadmin FROM %prefix%user WHERE clanid = %int% AND userid = %int%", $_GET['clanid'], $_GET['userid']);
    236. 

  236.       if ($cur_role['clanadmin'] and CountAdmins() == 1) $func->information(t('Du kannst %1 nicht die Admin Rolle entziehen, da %1 z.z das einzige Mitglied mit der Rolle Clan-Admin ist. Benenne bitte vorher einen anderen Admin.', $cur_role['username']), "index.php?mod=clanmgr&step=2&clanid=".$_GET["clanid"]);
    237. 

  237.       elseif ($cur_role['clanadmin']) {
    238. 

  238.         $db->qry("UPDATE %prefix%user SET clanadmin = 0 WHERE userid = %int%", $_GET['userid']);
    239. 

  239.         $func->confirmation(t('Benutzer %1 ist nun kein Clan-Admin mehr',$cur_role['username']), 'index.php?mod=clanmgr&action=clanmgr&step=2&clanid='. $_GET['clanid']);
    240. 

  240.       } else {
    241. 

  241.         $db->qry("UPDATE %prefix%user SET clanadmin = 1 WHERE userid = %int%", $_GET['userid']);
    242. 

  242.         $func->confirmation(t('Benutzer %1 ist nun Clan-Admin',$cur_role['username']), 'index.php?mod=clanmgr&action=clanmgr&step=2&clanid='. $_GET['clanid']);
    243. 

  243.       }
    244. 

  244.     } else $func->information(t('Du bist nicht berechtigt die Berehtigung dieses Nutzers zu verändern'), "index.php?mod=home");
    245. 

  245.   break;
    246. 

  246.   
    247. 

  247.   //Clan beitreten
    248. 

  248.   case 60:     
    249. 

  249.   if ($_GET['clanid'] == '') $func->error(t('Keine Clan-ID angegeben!'), "index.php?mod=home");
    250. 

  250.   elseif ($auth["type"] < 1) $func->error(t('Keine Berechtigung diese Funktion auszuführen'), "index.php?mod=home");
    251. 

  251.   elseif(!$_POST['clan_pass'])
    252. 

  252.   {
    253. 

  253.   	$dsp->SetForm("index.php?mod=clanmgr&action=clanmgr&step=60&clanid=".$_GET['clanid']);
    254. 

  254.     $dsp->AddSingleRow(t('Um den Clan beizutreten, musst du das Clanpasswort eingeben. Solltest du dies nicht kennen, wenden dich bitte an deinen Clan-Admin.'));
    255. 

  255.     $dsp->AddPasswordRow("clan_pass", t('Clan Passwort'), $_POST['clan_pass'], $mail_error);
    256. 

  256.     $dsp->AddFormSubmitRow("send");
    257. 

  257.     $dsp->AddBackButton("index.php?mod=clanmgr&action=clanmgr&step=2&clanid=".$_GET['clanid'], "usrmgr/pwremind");
    258. 

  258.   }
    259. 

  259.   else
    260. 

  260.   {
    261. 

  261.   	if(CheckClanPW($_POST['clan_pass']))
    262. 

  262.   	{
    263. 

  263.   		  $db->qry("UPDATE %prefix%user SET clanid = %int%, clanadmin = 0 WHERE userid =%int%", $_GET['clanid'], $auth["userid"]);
    264. 

  264.   		  $tmpclanname =  $db->qry_first("SELECT name FROM %prefix%clan WHERE clanid = %int%", $_GET['clanid']);
    265. 

  265.   		  $func->confirmation(t('Du bist erfolgreich dem Clan beigetreten.'), "index.php?mod=clanmgr&action=clanmgr&step=2&clanid=".$_GET['clanid']);
    266. 

  266.   		  $func->log_event(t('%1 ist dem Clan %2 beigetreten', $auth['username'], $tmpclanname['name']), 1, t('clanmgr'));
    267. 

  267.   	}
    268. 

  268.   	else
    269. 

  269.   		 $func->error(t('Das eingegebene Clanpasswort ist falsch.'), "index.php?mod=clanmgr&action=clanmgr&step=60&clanid=".$_GET['clanid']);
    270. 

  270.   }
    271. 

  271. 	
    272. 

  272. }
    273. 

  273. 

  274. ?>
    275. 

  275.