diff --git a/CHANGELOG b/CHANGELOG
index b3d4cbf06eb41ad672c1a6d0cfe780473b2e2b13..fd84874d31b07381d54bd1436c530aeac3597c8f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,11 @@
# Was alles passiert
+##[0.0.7]
+##geändert
+- weitere classen dazu gekommen
+- userliste überarbeitet
+- kleine Bugs beseitigt
+
##[0.0.6]
##geändert
- classen kommen dazu
@@ -41,3 +47,4 @@
### Upload
Die BETA Version von VMS-SUEE 2 wurde veröffentlicht.
Dies ist nicht die entgültige Version.
+
diff --git a/adminforce/content/startseite.php b/adminforce/content/startseite.php
index 36050b8f3456edac5a52fbda915b5dcf7c23089a..f69f603c12ed8e3e811059676da1ffb55101e495 100644
--- a/adminforce/content/startseite.php
+++ b/adminforce/content/startseite.php
@@ -1,23 +1,35 @@
<?php
if($_SESSION['admin'] == 1){
+ require_once('lib/class/userliste.class.php');
+ $User = new USERLISTE;
+ $UserStat = $User->startseite();
+ $Chart = $User->Chart();
- head("Userstatistik");
-
- $kontostats = mysqli_fetch_array(db_query("SELECT COUNT(uid) AS kd_uid , SUM(kontostand) AS kd_kontostand FROM ".$db_prefix."_kontodaten"));
- echo '<table class="table">
- <tr>
- <td width="55%">Angemeldete User</td>
- <td align="right">'.@number_format($kontostats['kd_uid'],0,",",".").' </td>
- </tr>
- <tr>
- <td>Gesamtguthaben</td>
- <td align="right">'.@number_format($kontostats['kd_kontostand'],2,",",".").' </td>
- </tr>
- <tr>
- <td width="55%">Guth. pro User</td>
- <td align="right">'.@number_format($kontostats['kd_kontostand'] / $kontostats['kd_uid'],2,",",".").' </td>
- </tr>
- </table>';
+ head("Bilanz der letzten 14 Tage");
+ echo '<canvas class="my-4" id="BilanzChart" width="100%" height="10"></canvas>';
+ foot();
+
+ head("");
+ echo '
+ <div class="row">
+ <div class="col-md-3">
+ <table class="table table-striped">
+ <tr>
+ <td width="55%">Angemeldete User</td>
+ <td align="right">'.@number_format($UserStat->kd_uid,0,",",".").' </td>
+ </tr>
+ <tr>
+ <td>Gesamtguthaben</td>
+ <td align="right">'.@number_format($UserStat->kd_kontostand,2,",",".").' </td>
+ </tr>
+ <tr>
+ <td width="55%">Guth. pro User</td>
+ <td align="right">'.@number_format($UserStat->kd_kontostand / $UserStat->kd_uid,2,",",".").' </td>
+ </tr>
+ </table>
+ </div>
+ </div>
+ ';
foot();
echo '</td>
</tr></table>';
@@ -122,4 +134,35 @@ foot();
}
foot();
-}
\ No newline at end of file
+}
+?>
+<script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/Chart.min.js"></script>
+<script>
+ var ctx = document.getElementById("BilanzChart");
+ var myChart = new Chart(ctx, {
+ type: 'line',
+ data: {
+ labels: [<?php echo $Chart['label'];?>],
+ datasets: [{
+ data: [<?php echo $Chart['ges'];?>],
+ lineTension: 0,
+ backgroundColor: 'transparent',
+ borderColor: '#007bff',
+ borderWidth: 4,
+ pointBackgroundColor: '#007bff'
+ }]
+ },
+ options: {
+ scales: {
+ yAxes: [{
+ ticks: {
+ beginAtZero: false
+ }
+ }]
+ },
+ legend: {
+ display: false,
+ }
+ }
+ });
+</script>
diff --git a/adminforce/content/usersystem/details.php b/adminforce/content/usersystem/details.php
new file mode 100644
index 0000000000000000000000000000000000000000..7e79757f962f43e28e7367cc4e6deae7c3e01e4a
--- /dev/null
+++ b/adminforce/content/usersystem/details.php
@@ -0,0 +1,28 @@
+<?php
+ require_once('lib/class/userliste.class.php');
+ $user = new USERLISTE;
+ $user->set_uid($_GET['uid']);
+ $daten = $user->userinfo();
+?>
+<ul class="nav nav-tabs" role="tablist">
+ <li role="presentation" class="active"><a href="#start" role="tab" data-toggle="tab">Start</a></li>
+ <li role="presentation"><a href="#buchungsliste" role="tab" data-toggle="tab">Buchungsliste</a></li>
+ <li role="presentation"><a href="#bettelref" role="tab" data-toggle="tab">Bettel Refferer</a></li>
+ <li role="presentation"><a href="#notizen" role="tab" data-toggle="tab">Notizen</a></li>
+ <li role="presentation"><a href="?content=/usersystem/liste" class="btn btn-default">Zurück</a></li>
+</ul>
+<hr>
+<div class="tab-content">
+ <div role="tabpanel" class="tab-pane active" id="start">
+ <?php require_once('content/usersystem/user_include/allgemeines.php'); ?>
+ </div>
+ <div role="tabpanel" class="tab-pane" id="buchungsliste">
+ <?php require_once('content/usersystem/user_include/buchungen.php');?>
+ </div>
+ <div role="tabpanel" class="tab-pane" id="bettelref">
+ <?php require_once('content/usersystem/user_include/bet_ref.php');?>
+ </div>
+ <div role="tabpanel" class="tab-pane" id="notizen">
+ <?php require_once('content/usersystem/user_include/notizen.php');?>
+ </div>
+</div>
diff --git a/adminforce/content/usersystem/liste.php b/adminforce/content/usersystem/liste.php
index c10cd7d012182def6e209b7af03168e85f6c8e83..710b60f87378ecf1162dd0b5897e2b8580bf0916 100644
--- a/adminforce/content/usersystem/liste.php
+++ b/adminforce/content/usersystem/liste.php
@@ -1,43 +1,59 @@
+<script>
+var UserID;
+ function userdetails(uid){
+ UserID = uid;
+ $('#userdetails').modal('show');
+ $.ajax({
+ type: "POST",
+ url: "content/usersystem/user_include/ansicht.php",
+ data : { uid : UserID }
+ }).done(function( data )
+ {
+ var obj = JSON.parse(data);
+ document.getElementById("start_html").innerHTML = obj.konto;
+
+ });
+ }
+</script>
<?php
-$gfx_status[0] = '<img src="images/gelb.gif" width="15" height="15" border="0" alt="Nicht freigeschaltet">';
-$gfx_status[1] = '<img src="images/gruen.gif" width="15" height="15" border="0" alt="O.K.">';
-$gfx_status[2] = '<img src="images/rot.gif" width="15" height="15" border="0" alt="Gesperrt">';
+require_once('lib/class/userliste.class.php');
+$user = new USERLISTE;
+$liste = $user->liste();
head("Userliste");
-?>
-<table class="table table-bordered">
-<tr class="tabellenhead">
- <th>#</th>
- <th>UID</th>
- <th>Kontostand</th>
- <th>Nickname</th>
- <th>Name</th>
- <th>Emailadresse</th>
- <th>Angemeldet</th>
-</tr>
-<?php
-$userliste = db_query("SELECT k.login_ip,k.uid,k.status,k.kontostand,u.nickname,u.vorname,u.nachname,u.angemeldet_seit,e.emailadresse
- FROM " . $db_prefix . "_kontodaten AS k
- LEFT JOIN " . $db_prefix . "_userdaten AS u ON u.uid=k.uid
- LEFT JOIN " . $db_prefix . "_emaildaten AS e ON e.uid=k.uid
-ORDER BY k.uid ASC");
-$i = 0;
-while ($ausgabe = mysqli_fetch_array($userliste)) {
- $i++;
- $row = ($i % 2 == 0) ? 0 : 1;
- echo'
-<tr class="tabellenbody_' . $row . '">
- <td align="center"><a href="?content=/usersystem/userbearbeiten&uid=' . $ausgabe['uid'] . '" target="_self">' . $gfx_status[$ausgabe['status']] . '</a></td>
- <td align="center"><a href="../?content=/nickpage&id=' . $ausgabe['uid'] . '" target="_blank">' . $ausgabe['uid'] . '</a></td>
- <td align="center">' . number_format($ausgabe['kontostand'], 2, ",", ".") . '</td>
- <td align="center">' . $ausgabe['nickname'] . '</td>
- <td align="center">' . $ausgabe['vorname'] . ' ' . $ausgabe['nachname'] . '</td>
- <td align="center"><a href="mailto:' . $ausgabe['emailadresse'] . '">Mail</a></td>
- <td align="center">' . date("d.m.y - H:i", $ausgabe['angemeldet_seit']) . '</td>
-</tr>
-';
-}
+echo $liste;
+foot();
?>
-</table>
-<?php foot(); ?>
\ No newline at end of file
+
+<div class="modal fade bs-example-modal-lg" id="userdetails" tabindex="-1" role="dialog" aria-labelledby="meinGroßesModalLabel">
+ <div class="modal-dialog modal-lg">
+ <div class="modal-content">
+ <div class="modal-header">
+ <button type="button" class="close" data-dismiss="modal" aria-label="Schließen"><span aria-hidden="true">×</span></button>
+ <h4 class="modal-title">Detailansicht</span></h4>
+ </div>
+ <div class="modal-body">
+ <ul class="nav nav-tabs" role="tablist">
+ <li role="presentation" class="active"><a href="#start" role="tab" data-toggle="tab">Start</a></li>
+ <li role="presentation"><a href="#profil" role="tab" data-toggle="tab" onclick="DetailsAnzeigen('Profil');">Profil</a></li>
+ <li role="presentation"><a href="#buchungsliste" role="tab" data-toggle="tab">Buchungsliste</a></li>
+ <li role="presentation"><a href="#bettelref" role="tab" data-toggle="tab">Bettel Refferer</a></li>
+ <li role="presentation"><a href="#einstellungen" role="tab" data-toggle="tab">Einstellungen</a></li>
+ <li role="presentation"><a href="#notizen" role="tab" data-toggle="tab">Notizen</a></li>
+ </ul>
+ <hr>
+ <div class="tab-content">
+ <div role="tabpanel" class="tab-pane active" id="start"><span id="start_html">...Laden...</span></div>
+ <div role="tabpanel" class="tab-pane" id="profil"><span id="profil_html"></span></div>
+ <div role="tabpanel" class="tab-pane" id="buchungsliste"><span id="buchung_html"></span></div>
+ <div role="tabpanel" class="tab-pane" id="bettelref"><span id="bettel_html"></span></div>
+ <div role="tabpanel" class="tab-pane" id="notizen"><span id="notiz_html"></span></div>
+ </div>
+ </div>
+ <div class="modal-footer">
+ <button type="button" class="btn btn-default" data-dismiss="modal">Schließen</button>
+ </div>
+ </div>
+ </div>
+</div>
diff --git a/adminforce/content/usersystem/user_include/allgemeines.php b/adminforce/content/usersystem/user_include/allgemeines.php
index 6b8f47097fd478abf95ab3ea22be12924fb53f36..36f0c75712644cccbc755c64bd306d8289610825 100644
--- a/adminforce/content/usersystem/user_include/allgemeines.php
+++ b/adminforce/content/usersystem/user_include/allgemeines.php
@@ -1,81 +1,80 @@
-<form action="" method="POST">
-<input type="hidden" name="uid" value="<?php echo $alledaten['uid'];?>">
-<input type="hidden" name="alt_werber" value="<?php echo $alledaten['werber'];?>">
-<table class="table table-striped">
- <tr>
- <td align="right"><b>User-ID</b>: </td>
- <td align="left"> <?php echo $alledaten['uid'];?></td>
- </tr>
- <tr>
- <td align="right"><b>Nickname</b>: </td>
- <td align="left"> <input type="text" name="nickname" value="<?php echo $alledaten['nickname'];?>"></td>
- </tr>
- <tr>
- <td align="right"><b>Werber-ID</b>: </td>
- <td align="left"> <input type="text" name="werber" value="<?php echo $alledaten['werber'];?>"></td>
- </tr>
- <tr>
- <td align="right"><b>Vorname</b>: </td>
- <td align="left"> <input type="text" name="vorname" value="<?php echo $alledaten['vorname'];?>"></td>
- </tr>
- <tr>
- <td align="right"><b>Nachname</b>: </td>
- <td align="left"> <input type="text" name="nachname" value="<?php echo $alledaten['nachname'];?>"></td>
- </tr>
- <tr>
- <td align="right"><b>eMailadresse</b>: </td>
- <td align="left"> <input type="text" name="emailadresse" value="<?php echo $alledaten['emailadresse'];?>"></td>
- </tr>
- <tr>
- <td align="right"><b>IP/Herkunft</b>: </td>
- <td align="left"> <?php echo $alledaten['login_ip'].' / '. geoIP($ausgabe['login_ip']);?></td>
- <tr>
- <td align="right"><b>eMail-Empfang</b>: </td>
- <td align="left"> <select name="freigabe_fuer" size="1">
- <option value="0" <?php if ($alledaten['freigabe_fuer'] == 0) echo'SELECTED';?>>Kein Empfang</option>
- <option value="1" <?php if ($alledaten['freigabe_fuer'] == 1) echo'SELECTED';?>>Nur Newsletter</option>
- <option value="2" <?php if ($alledaten['freigabe_fuer'] == 2) echo'SELECTED';?>>Nur Paidmails</option>
- <option value="3" <?php if ($alledaten['freigabe_fuer'] == 3) echo'SELECTED';?>>Newsletter / Paidmails</option>
- </select></td>
- </tr>
- <tr>
- <td align="right"> <b>Bettelsperre</b>:</td>
- <td align="left">
- <select name="bettel_sperre" size="1">
- <option value="0" <?php if ($alledaten['bettel_sperre'] == 0) echo'SELECTED';?>>deaktiviert</option>
- <option value="1" <?php if ($alledaten['bettel_sperre'] == 1) echo'SELECTED';?>>aktiviert</option>
- </select>
- </td>
- </tr>
- <tr>
- <td align="right"> <b>Banner Sperre</b>:</td>
- <td align="left">
- <select name="forced_sperre" size="1">
- <option value="0" <?php if ($alledaten['forced_sperre'] == 0) echo'SELECTED';?>>deaktiviert</option>
- <option value="1" <?php if ($alledaten['forced_sperre'] == 1) echo'SELECTED';?>>aktiviert</option>
- </select>
- </td>
- </tr>
- <tr>
- <td align="right"> <b>Chat Sperre</b>:</td>
- <td align="left">
- <select name="chat_sperre" size="1">
- <option value="0" <?php if ($alledaten['chat_sperre'] == 0) echo'SELECTED';?>>deaktiviert</option>
- <option value="1" <?php if ($alledaten['chat_sperre'] == 1) echo'SELECTED';?>>aktiviert</option>
- </select>
- </td>
- </tr>
- <tr>
- <td><b>Auszahlungssperre</b></td>
- <td>
- <select name="auszahlung_sperre">
- <option value="0" <?php if ($alledaten['auszahlung_sperre'] == 1) echo'SELECTED';?>>Gesperrt</option>
- <option value="1" <?php if ($alledaten['auszahlung_sperre'] == 0) echo'SELECTED';?>>Freigeschaltet</option>
- </select>
- </td>
- </tr>
- <tr>
- <td align="center" colspan="2"><br /><input type="submit" name="profile" value="» Updaten"><br /> </td>
- </tr>
-</table>
-</form>
\ No newline at end of file
+<div class="row">
+ <div class="col-md-6">
+ <form action="" method="POST">
+ <input type="hidden" name="uid" value="<?php echo $daten->uid;?>">
+ <input type="hidden" name="alt_werber" value="<?php echo $daten->werber;?>">
+ <table class="table table-striped">
+ <tr>
+ <td align="right"><b>Nickname</b>: </td>
+ <td align="left"> <input type="text" name="nickname" class="form-control" value="<?php echo $daten->nickname;?>"></td>
+ </tr>
+ <tr>
+ <td align="right"><b>Werber-ID</b>: </td>
+ <td align="left"> <input type="text" name="werber" class="form-control" value="<?php echo $daten->werber;?>"></td>
+ </tr>
+ <tr>
+ <td align="right"><b>eMailadresse</b>: </td>
+ <td align="left"> <input type="text" name="emailadresse" class="form-control" value="<?php echo $daten->emailadresse;?>"></td>
+ </tr>
+ <tr>
+ <td align="right"><b>eMail-Empfang</b>: </td>
+ <td align="left"> <select name="freigabe_fuer" size="1" class="form-control">
+ <option value="0" <?php if ($daten->freigabe_fuer == 0) echo'SELECTED';?>>Kein Empfang</option>
+ <option value="1" <?php if ($daten->freigabe_fuer == 1) echo'SELECTED';?>>Nur Newsletter</option>
+ <option value="2" <?php if ($daten->freigabe_fuer == 2) echo'SELECTED';?>>Nur Paidmails</option>
+ <option value="3" <?php if ($daten->freigabe_fuer == 3) echo'SELECTED';?>>Newsletter / Paidmails</option>
+ </select></td>
+ </tr>
+ <tr>
+ <td align="right"> <b>Bettelsperre</b>:</td>
+ <td align="left">
+ <select name="bettel_sperre" size="1" class="form-control">
+ <option value="0" <?php if ($daten->bettel_sperre == 0) echo'SELECTED';?>>deaktiviert</option>
+ <option value="1" <?php if ($daten->bettel_sperre == 1) echo'SELECTED';?>>aktiviert</option>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td align="right"> <b>Banner Sperre</b>:</td>
+ <td align="left">
+ <select name="forced_sperre" size="1" class="form-control">
+ <option value="0" <?php if ($daten->forced_sperre == 0) echo'SELECTED';?>>deaktiviert</option>
+ <option value="1" <?php if ($daten->forced_sperre == 1) echo'SELECTED';?>>aktiviert</option>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td align="right"> <b>Chat Sperre</b>:</td>
+ <td align="left">
+ <select name="chat_sperre" size="1" class="form-control">
+ <option value="0" <?php if ($daten->chat_sperre == 0) echo'SELECTED';?>>deaktiviert</option>
+ <option value="1" <?php if ($daten->chat_sperre == 1) echo'SELECTED';?>>aktiviert</option>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td align="right"><b>Auszahlungssperre</b></td>
+ <td align="left">
+ <select name="auszahlung_sperre" class="form-control">
+ <option value="0" <?php if ($daten->auszahlung_sperre == 1) echo'SELECTED';?>>Gesperrt</option>
+ <option value="1" <?php if ($daten->auszahlung_sperre == 0) echo'SELECTED';?>>Freigeschaltet</option>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td align="center" colspan="2"><br /><input type="submit" class="btn btn-default" name="profile_save" value="Allgemeine Daten Speichern"><br /> </td>
+ </tr>
+ </table>
+ </form>
+ </div>
+ <div class="col-md-6">
+ <ul class="list-group">
+ <li class="list-group-item"><b>User-ID:</b> <?php echo $daten->uid;?></li>
+ <li class="list-group-item"><b>Vorname:</b><?php echo $daten->vorname;?></li>
+ <li class="list-group-item"><b>Nachname:</b><?php echo $daten->nachname;?></li>
+ <li class="list-group-item"><b>Angemeldet seid:</b> <?php echo date("d.m.Y H:i", $daten->angemeldet_seit);?></li>
+ <li class="list-group-item"><b>IP:</b> <?php echo $daten->login_ip .' / '. geoIP($ausgabe['login_ip']);?></li>
+ <li class="list-group-item"><b>letzter Login:</b> <?php echo date("d.m.Y H:i", $daten->loginzeit);?></li>
+ </ul>
+ </div>
+</div>
diff --git a/adminforce/content/usersystem/user_include/ansicht.php b/adminforce/content/usersystem/user_include/ansicht.php
new file mode 100644
index 0000000000000000000000000000000000000000..e27f7617ba211654e7ea1ffc3ec5e45ef81e8ae8
--- /dev/null
+++ b/adminforce/content/usersystem/user_include/ansicht.php
@@ -0,0 +1,13 @@
+<?php
+
+if( !isset( $_SERVER['HTTP_X_REQUESTED_WITH'] ) OR $_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest' OR $_SERVER['REQUEST_METHOD'] != 'POST'){ die();}
+
+
+require_once('../../../../lib/db_config.php');
+require_once('../../../../lib/datenbank.inc.php');
+$datenbank = new DB;
+require_once('../../../lib/class/userliste.class.php');
+
+$user = new USERLISTE;
+$user->set_uid($_POST['uid']);
+$user->userdetails();
diff --git a/adminforce/content/usersystem/user_include/bet_ref.php b/adminforce/content/usersystem/user_include/bet_ref.php
index ef3087c368ea1e461b025c774d7b779ba926410e..ea2bc6778fed85560718bd696e7c781ed1e81f9b 100644
--- a/adminforce/content/usersystem/user_include/bet_ref.php
+++ b/adminforce/content/usersystem/user_include/bet_ref.php
@@ -1,19 +1,10 @@
<table class="table table-striped">
<tr class="tabellenhead">
- <td>Zeit</td>
- <td>Vergütung</td>
- <td>Refferer</td>
+ <th>Zeit</th>
+ <th>Vergütung</th>
+ <th>Refferer</th>
</tr>
<?php
- $ref = db_query("SELECT zeit,betrag,refferer FROM ".$db_prefix."_bettel_buchung WHERE uid = '".$alledaten['uid']."' ");
- while($refferer = mysqli_fetch_array($ref)){
- echo '
- <tr>
- <td>'.date("d.m.Y - H:i", $refferer['zeit']).'</td>
- <td>'.number_format($refferer['betrag'],2,",",".").'</td>
- <td><a href="'.$refferer['refferer'].'" target="_new">'.$refferer['refferer'].'</a></td>
- </tr>
- ';
- }
+ echo $user->bettel_ref();
?>
- </table>
\ No newline at end of file
+ </table>
diff --git a/adminforce/content/usersystem/user_include/buchungen.php b/adminforce/content/usersystem/user_include/buchungen.php
index 61b2b361c1424aaff4d32368c3932209aa00a95b..05efd8158bd2ae6e2348ec6f2f15115c968f9b5a 100644
--- a/adminforce/content/usersystem/user_include/buchungen.php
+++ b/adminforce/content/usersystem/user_include/buchungen.php
@@ -1,56 +1,42 @@
<?php
+
if(empty($_GET['minus'])){ $_GET['minus'] = 1;}
- $start = $_GET['minus'] * 30 - 30;
+ $user->set_bseite($_GET['minus']);
- $buchungen = '';
- $bu = db_query("SELECT * FROM ".$db_prefix."_buchungen WHERE uid=".$_GET['uid']." ORDER BY buchungszeit DESC LIMIT $start,30");
- while($b = mysqli_fetch_assoc($bu)){
- if($b['buchungsmenge'] < 0){ $style = 'class="alert alert-danger"';}else{ $style = 'class="alert alert-success"';}
- if($b['buchung_ok'] == 1){
- $erfolg = '<span class="glyphicon glyphicon-ok" style="color:green;" aria-hidden="true"></span>';
- }else{
- $erfolg = '<span class="glyphicon glyphicon-remove" style="color:red" aria-hidden="true"></span>';
- }
- $buchungen .= '
- <tr '.$style.'>
- <td>'. date("d.m.Y H:i",$b['buchungszeit']) .'</td>
- <td>'. $b['buchungs_id'] .'</td>
- <td>'. number_format($b['buchungsmenge'],2,',','.') .'</td>
- <td>'. $b['verwendungszweck'] .'</td>
- <td>'. $b['buchungs_id'] .'</td>
- <td class="text-center">'. $erfolg .'</td>
- </tr>
- ';
- }
-
-define("MAX_EINTRAEGE","30");
-define("NAV_LEISTE","6");
- $seiteAktuell = $_GET['minus'] + 0;
- if(empty($seiteAktuell))$seiteAktuell = 1;
- $start = $seiteAktuell * MAX_EINTRAEGE - MAX_EINTRAEGE;
- $result = db_query("SELECT * FROM ". $db_prefix ."_buchungen LIMIT $start, ".MAX_EINTRAEGE);
- $resultGesamt = mysqli_fetch_array(db_query("SELECT COUNT(*) AS menge FROM ". $db_prefix ."_buchungen "));
- $Eintraege = $resultGesamt['menge'];
- $contentWeb = '<div class="btn-group">';
- $SitesComplete = ceil($Eintraege / MAX_EINTRAEGE);
- $extVariables = '';
- $contentWeb .= navigationsLeiste($SitesComplete,$seiteAktuell,$extVariables,'minus',"?content=/konto/buchungen");
- $contentWeb .= '</div>';
- $nav_minus = '<center>'.$contentWeb.'</center>';
+ $buchungen = $user->buchungen();
-?>
-<table class="table tabgle-striped">
- <tr>
- <th>Zeit</th>
- <th>Buchung</th>
- <th><?php echo $waehrung;?></th>
- <th>Verwendungszweck</th>
- <th>TAN</th>
- <th>Kontobuchung erfolgreich</th>
- </tr>
- <?php echo $buchungen;?>
-</table>
+?>
+<div class="row">
+ <div class="col-md-6">
+ <u><b>Kontobuchungen Konto A</b></u>
+ <table class="table tabgle-striped">
+ <tr>
+ <th>Zeit</th>
+ <th>Buchung</th>
+ <th><?php echo $waehrung;?></th>
+ <th>Verwendungszweck</th>
+ <th>TAN</th>
+ <th>Kontobuchung erfolgreich</th>
+ </tr>
+ <?php echo $buchungen['A'];?>
+ </table>
+ </div>
+ <div class="col-md-6">
+ <u><b>Kontobuchungen Konto B</b></u>
+ <table class="table tabgle-striped">
+ <tr>
+ <th>Zeit</th>
+ <th>Buchung</th>
+ <th><?php echo $waehrung;?></th>
+ <th>Verwendungszweck</th>
+ <th>TAN</th>
+ <th>Kontobuchung erfolgreich</th>
+ </tr>
+ <?php echo $buchungen['B'];?>
+ </table>
+ </div>
+</div>
-<?php echo $nav_minus;?>
\ No newline at end of file
+<?php echo $nav_minus;?>
diff --git a/adminforce/content/usersystem/user_include/notizen.php b/adminforce/content/usersystem/user_include/notizen.php
index 6870d05f0150a3b2023dc463fd4b3cec6ffd9216..51254d1924320055631b24effb01aef6273c6280 100644
--- a/adminforce/content/usersystem/user_include/notizen.php
+++ b/adminforce/content/usersystem/user_include/notizen.php
@@ -1,32 +1,27 @@
<center>
<form action="" method="POST">
<table align="center" border="0" cellpadding="0" cellspacing="2">
- <tr>
+ <tr>
<td><b>Notizen</b>:<br />
- <textarea name="text" cols="50" rows="20"></textarea></td>
+ <textarea name="text" class="form-control" rows="3"></textarea>
</tr>
<tr>
- <td align="center"><br /><input type="submit" name="notice" value="» Speichern" /></td>
+ <td align="center"><br /><input type="submit" name="notice" value="Notiz hinzufügen" class="btn btn-success"></td>
</tr>
</table>
</form>
</center>
<hr>
<br>
-<table class="table">
- <tr>
- <td></td>
- <td>Notiz</td>
- </tr>
-<?php
- $da = db_query("SELECT * FROM ".$db_prefix."_user_notizen WHERE uid = '". mysqli_real_escape_string($sql_open,$_GET['uid']) ."' ");
- while($daten = mysqli_fetch_array($da)){
- echo '
- <tr>
- <td>'. date("d.m.Y", $daten['datum']) .'<br>Admin-ID: '.$daten['admin_id'] .'</td>
- <td>'. nl2br($daten['text']) .'</td>
- </tr>
- ';
- }
-?>
-</table>
\ No newline at end of file
+<ul class="list-group">
+ <li class="list-group-item">
+ <div class="row">
+ <div class="col-md-3"><u><b>Datum</b></u></div>
+ <div class="col-md-9"><u><b>Notiz</b></u></div>
+ </div>
+ </li>
+ <?php
+ $user->ShowNotizen();
+ ?>
+</ul>
+</table>
diff --git a/adminforce/lib/class/run.class.php b/adminforce/lib/class/run.class.php
new file mode 100644
index 0000000000000000000000000000000000000000..2b7f399030403b55dc0cf3ccfd659a143b2bc79d
--- /dev/null
+++ b/adminforce/lib/class/run.class.php
@@ -0,0 +1,51 @@
+<?php
+
+ class RUN {
+ public function sicher($string) {
+ global $datenbank;
+ return trim(strip_tags($datenbank->escape($string)));
+ }
+
+ public function vars($type = 'REQUEST'){
+ if($type == 'REQUEST')
+ $ay = $_REQUEST;
+ elseif($type == 'POST')
+ $ay = $_POST;
+ elseif($type == 'GET')
+ $ay = $_GET;
+
+ $rtn = new stdClass();
+ foreach($ay as $a1 => $a2){
+ $rtn->{$this->sicher($a1)} = $this->sicher($a2);
+ }
+
+ return $rtn;
+ }
+
+ public function value($rtn){
+ $count = count((array)$rtn);
+ $i = 1;
+ foreach($rtn as $key => $value) {
+ if($i <= $count){
+ $post = array("name" => $key, "value" => $value);
+ }
+ $i++;
+ }
+
+ return $post;
+ }
+
+ public function datei_holen($value){
+ global $datenbank,$error,$meldung;
+ $query = "SELECT datei FROM ". PREFIX . RUN_INC ." WHERE value = '". $datenbank->escape($value['value']) ."' AND name = '". $datenbank->escape($value['name']) ."' ";
+ $dat = $datenbank->num_rows($query);
+ if($dat == 1){
+ $a = $datenbank->get_row($query,true);
+ }else{
+ $error = 1;
+ $meldung = 'Aktion kann nicht ausgeführt werden.';
+ }
+
+ return $a->datei;
+ }
+ }
\ No newline at end of file
diff --git a/adminforce/lib/class/userliste.class.php b/adminforce/lib/class/userliste.class.php
new file mode 100644
index 0000000000000000000000000000000000000000..d05453143017ce8c95655091a6f7a6ab6afd856f
--- /dev/null
+++ b/adminforce/lib/class/userliste.class.php
@@ -0,0 +1,240 @@
+<?php
+
+class USERLISTE{
+ private $db;
+ private $uid;
+ private $array = array();
+ private $seite;
+
+ public function __construct(){
+ global $datenbank;
+ $this->db = $datenbank;
+ }
+
+ public function liste(){
+ $aus = '
+ <table class="table table-bordered table-striped">
+ <tr>
+ <th>#</th>
+ <th>UID</th>
+ <th>
+ Kontostand<br>
+ <small><i>(Währung/Bonuswährung)</i></small>
+ </th>
+ <th>Nickname</th>
+ <th>Name</th>
+ <th>Emailadresse</th>
+ <th>Angemeldet</th>
+ <th></th>
+ </tr>';
+ $daten = $this->db->get_results("
+ SELECT
+ u.*,k.kontostand_a,k.kontostand_b,k.status,e.emailadresse
+ FROM
+ ". PREFIX . KONTO ." AS k
+ LEFT JOIN
+ ". PREFIX . USER ." AS u
+ ON
+ u.uid=k.uid
+ LEFT JOIN
+ " . PREFIX . EMAIL . " AS e
+ ON
+ e.uid=k.uid
+ ORDER BY
+ k.uid ASC ");
+ foreach($daten AS $dat){
+ if($dat->status == 0){
+ $icon = 'glyphicon-ban-circle';
+ $alt = 'Bestätigung fehlt';
+ $color = 'yellow';
+ }elseif($dat->status == 1){
+ $icon = 'glyphicon-ok-circle';
+ $alt = 'freigeschaltet';
+ $color = 'green';
+ }elseif($dat->status == 2){
+ $icon = 'glyphicon-remove-circle';
+ $alt = 'Gesperrt';
+ $color = 'red';
+ }
+ $aus .= "
+ <tr>
+ <td><span class='glyphicon $icon' alt='$alt' aria-hidden='true' style='color:$color;'></span></td>
+ <td>$dat->uid</td>
+ <td>".number_format($dat->kontostand_a,2,',','.') ."/". number_format($dat->kontostand_b,2,',','.') ."</td>
+ <td>$dat->nickname</td>
+ <td>$dat->vorname</td>
+ <td>$dat->nachname</td>
+ <td>". date("d.m.Y H:i",$dat->angemeldet_seit) ."</td>
+ <td><a href='?content=/usersystem/details&uid=". $dat->uid ."' class='btn btn-default'>Details</a></td>
+ </tr>";
+ }
+ $aus .= '</table>';
+ return $aus;
+ }
+
+ public function profil_save($post){
+ global $meldung;
+ $this->make_array($post);
+ $user = array("nickname" => $this->array['nickname']);
+ $mail = array("emailadresse" => $this->array['emailadresse'], "freigabe_fuer" => $this->array['freigabe_fuer']);
+ $konto = array(
+ "bettel_sperre" => $this->array['bettel_sperre'],
+ "forced_sperre" => $this->array['forced_sperre'],
+ "chat_sperre" => $this->array['chat_sperre'],
+ "auszahlung_sperre" => $this->array['auszahlung_sperre']
+ );
+ $update = $this->db->update(PREFIX . KONTO , $konto, array("uid" => $this->uid));
+ $update = $this->db->update(PREFIX . EMAIL , $mail, array("uid" => $this->uid));
+ $update = $this->db->update(PREFIX . USER , $user, array("uid" => $this->uid));
+ $meldung = ALLGEMEINE_DATEN_SAVE;
+ }
+
+ private function make_array($post){
+ foreach($post AS $key => $value){
+ if($key != 'profile_save' && $key != 'notice'){
+ $this->array[$key] = $value;
+ }
+ }
+ }
+
+ public function set_uid($uid){
+ if(!is_numeric($uid)){ $this->uid = 0;}else{$this->uid = $uid;}
+ }
+
+ public function startseite(){
+ $erg = $this->db->get_row("SELECT COUNT(uid) AS kd_uid , SUM(kontostand_a) AS kd_kontostand FROM ". PREFIX . KONTO ."",true);
+ return $erg;
+ }
+
+ public function Chart(){
+ $array = array("label" => "", "ges" => "");
+ $result = $this->db->get_results("SELECT datum,SUM(ein) AS ein, SUM(aus) as aus FROM ". PREFIX . BILANZ ." GROUP BY datum ORDER BY datum ASC LIMIT 14");
+ foreach($result AS $res){
+ $array['label'] .= '"'.date("d.m.",$res->datum).'"' .",";
+ $array['ges'] .= $res->ein - $res->aus .',';
+ }
+
+ return $array;
+ }
+
+ public function userinfo(){
+ $daten = $this->db->get_row("
+ SELECT
+ u.*,k.*,b.*,e.*
+ FROM
+ ". PREFIX . KONTO ." AS k
+ LEFT JOIN
+ ". PREFIX . USER ." AS u
+ ON
+ u.uid=k.uid
+ LEFT JOIN
+ " . PREFIX . EMAIL . " AS e
+ ON
+ e.uid=k.uid
+ LEFT JOIN
+ ". PREFIX . BUCH ." AS b
+ ON
+ b.uid = k.uid
+ WHERE k.uid = '$this->uid'
+ ",true);
+ return $daten;
+ }
+
+ public function set_bseite($seite){
+ $this->seite = $seite * 30 - 30;
+ }
+
+ public function buchungen($seite = 0){
+ $aus = array("A" => "", "B" => "");
+ $bua = $this->db->get_results("SELECT * FROM ". PREFIX . BUCH." WHERE uid='$this->uid' ORDER BY buchungszeit DESC LIMIT $this->seite,30");
+ foreach($bua AS $b){
+ if($b->buchungsmenge < 0){ $style = 'class="alert alert-danger"';}else{ $style = 'class="alert alert-success"';}
+ if($b->buchung_ok == 1){
+ $erfolg = '<span class="glyphicon glyphicon-ok" style="color:green;" aria-hidden="true"></span>';
+ }else{
+ $erfolg = '<span class="glyphicon glyphicon-remove" style="color:red" aria-hidden="true"></span>';
+ }
+ $aus['A'] .= '
+ <tr '.$style.'>
+ <td>'. date("d.m.Y H:i",$b->buchungszeit) .'</td>
+ <td>'. $b->buchungs_id .'</td>
+ <td>'. number_format($b->buchungsmenge,2,',','.') .'</td>
+ <td>'. $b->verwendungszweck .'</td>
+ <td>'. $b->buchungs_id .'</td>
+ <td class="text-center">'. $erfolg .'</td>
+ </tr>
+ ';
+ }
+
+ $bub = $this->db->get_results("SELECT * FROM ". PREFIX . BUCH_B ." WHERE uid='$this->uid' ORDER BY buchungszeit DESC LIMIT $this->seite,30");
+ foreach($bub AS $b){
+ if($b->buchungsmenge < 0){ $style = 'class="alert alert-danger"';}else{ $style = 'class="alert alert-success"';}
+ if($b->buchung_ok == 1){
+ $erfolg = '<span class="glyphicon glyphicon-ok" style="color:green;" aria-hidden="true"></span>';
+ }else{
+ $erfolg = '<span class="glyphicon glyphicon-remove" style="color:red" aria-hidden="true"></span>';
+ }
+ $aus['B'] .= '
+ <tr '.$style.'>
+ <td>'. date("d.m.Y H:i",$b->buchungszeit) .'</td>
+ <td>'. $b->buchungs_id .'</td>
+ <td>'. number_format($b->buchungsmenge,2,',','.') .'</td>
+ <td>'. $b->verwendungszweck .'</td>
+ <td>'. $b->buchungs_id .'</td>
+ <td class="text-center">'. $erfolg .'</td>
+ </tr>
+ ';
+ }
+
+ return $aus;
+ }
+
+ public function bettel_ref(){
+ $aus = '';
+ $result = $this->db->get_results("SELECT * FROM ". PREFIX . BETTELB ." WHERE uid = '$this->uid' ORDER BY id DESC LIMIT 120");
+ foreach($result AS $res){
+ $aus .= '
+ <tr>
+ <td>'.date("d.m.Y - H:i", $res->zeit).'</td>
+ <td>'.number_format($res->betrag,2,",",".").'</td>
+ <td><a href="'.$res->refferer.'" target="_new">'.$res->refferer.'</a></td>
+ </tr>
+ ';
+ }
+ return $aus;
+ }
+
+ public function ShowNotizen(){
+ $result = $this->db->get_results("SELECT * FROM ". PREFIX . NOTIZ ." WHERE uid = '$this->uid' ");
+ foreach($result AS $res){
+ echo '
+ <li class="list-group-item">
+ <div class="row">
+ <div class="col-md-3">'. date("d.m.Y", $res->datum) .'</div>
+ <div class="col-md-9">'. nl2br($res->text) .'</div>
+ </div>
+ </li>
+ ';
+ }
+ }
+
+ public function AddNotiz(){
+ global $_POST,$_GET,$error,$meldung;
+ $this->make_array($_POST);
+ if(empty($this->array['text'] )){ $error = 1; $meldung .= NOTIZ_EMPTY;}
+ if($error == 0){
+ $eintrag = array(
+ "uid" => $this->uid,
+ "text" => $this->array['text'],
+ "datum" => time()
+ );
+ $insert = $this->db->insert(PREFIX . NOTIZ, $eintrag);
+ if($insert == true){
+ $meleung = NOTIZ_SAVE_TRUE;
+ }else{
+ $error = 1;
+ $meldung = NOTIZ_SAVE_FALSE;
+ }
+ }
+ }
+}
diff --git a/adminforce/lib/funktionen/user/notiz.php b/adminforce/lib/funktionen/user/notiz.php
new file mode 100644
index 0000000000000000000000000000000000000000..2cba9aabd29a85d131c359dd83facb9cfb14bc64
--- /dev/null
+++ b/adminforce/lib/funktionen/user/notiz.php
@@ -0,0 +1,6 @@
+<?php
+
+require_once('lib/class/userliste.class.php');
+$notiz = new USERLISTE;
+$notiz->set_uid($_GET['uid']);
+$notiz->AddNotiz();
diff --git a/adminforce/lib/funktionen/user/profil.php b/adminforce/lib/funktionen/user/profil.php
new file mode 100644
index 0000000000000000000000000000000000000000..df9057ef6e2dd02b494c617c83df9b678b2c05d2
--- /dev/null
+++ b/adminforce/lib/funktionen/user/profil.php
@@ -0,0 +1,7 @@
+<?php
+require_once('lib/class/userliste.class.php');
+$user = new USERLISTE;
+if(isset($_POST['profile_save'])){
+ $user->set_uid($_POST['uid']);
+ $user->profil_save($_POST);
+}
diff --git a/adminforce/lib/lang/lang.de.php b/adminforce/lib/lang/lang.de.php
index 00cf9a84d5eb698972b25b92c47f6093d3f29282..fac959ad48ce575bcb6dfd60732d5c1851262803 100644
--- a/adminforce/lib/lang/lang.de.php
+++ b/adminforce/lib/lang/lang.de.php
@@ -16,4 +16,10 @@
define("BETREIBERDATEN_SAVE_TRUE","Die Daten wurden erfolgreich gespeichert.<br>");
define("BETREIBERDATEN_SAVE_FALSE","Fehler beim Speichern der Betreiberdaten.<br>");
+
+//USER BEARBEITEN
+ define("ALLGEMEINE_DATEN_SAVE","Die Daten wurden gespeichert.<br>");
+ define("NOTIZ_EMPTY","Keine Notiz eingetragen.<br>");
+ define("NOTIZ_SAVE_TRUE","Die Notiz wurde gespeichert.<br>");
+ define("NOTIZ_SAVE_FALSE","Die Notiz konnte nicht gespeichert werden.<br>");
?>
diff --git a/adminforce/lib/run.inc.php b/adminforce/lib/run.inc.php
index 301c67bdb8ead064ca7ae07b872752cdc53d67f7..69a0fdee049505792996e5ee68f443d240e7d9f1 100644
--- a/adminforce/lib/run.inc.php
+++ b/adminforce/lib/run.inc.php
@@ -6,6 +6,16 @@ if (isset($_POST['updaten_betreiberdaten'])){
$betreiber->post();
}
+if($_SERVER["REQUEST_METHOD"] == "POST" && !isset($_POST['login'])){
+ require_once('lib/class/run.class.php');
+ $var = new RUN();
+ $v = $var->vars();
+ $value = $var->value($v);
+ $datei = $var->datei_holen($value);
+ if($datei != ''){
+ require('lib/funktionen/'.$datei);
+ }
+}
//Boxverwaltung User
//Eintragen
if(isset($_POST['box_save']) && $_SESSION['admin'] == 1){ require('lib/funktionen/boxen/boxen_neu.php');}
diff --git a/adminforce/lib/var.php b/adminforce/lib/var.php
index 50312ecdcae523a12437dc9ad6bbf89f513be3b1..1e9543247d836dee58b958dcdf8acd9952d3a87d 100644
--- a/adminforce/lib/var.php
+++ b/adminforce/lib/var.php
@@ -5,20 +5,5 @@ $betreiberdaten = new stdClass();
$datenbank = new DB;
-//$_POST
-//BETREIBERDATEN
-if (!isset($_POST['updaten'])){ $_POST['updaten'] = '';}
-if (!isset($_POST['betreiber_id'])){ $_POST['betreiber_id'] = '';}
-if (!isset($_POST['betreiber_passwort'])){ $_POST['betreiber_passwort'] = '';}
-if (!isset($_POST['betreiber_kennung'])){ $_POST['betreiber_kennung'] = '';}
-if (!isset($_POST['schnittstelle'])){ $_POST['schnittstelle'] = '';}
-if (!isset($_POST['einzahltext'])){ $_POST['einzahltext'] = '';}
-if (!isset($_POST['auszahltext'])){ $_POST['auszahltext'] = '';}
-if (!isset($_POST['anfragen_tag'])){ $_POST['anfragen_tag'] = '';}
-if (!isset($_POST['anfragen_user'])){ $_POST['anfragen_user'] = '';}
-if (!isset($_POST['aktiv'])){ $_POST['aktiv'] = '';}
-if (!isset($_POST['waehrung_name'])){ $_POST['waehrung_name'] = '';}
-if (!isset($_POST['punktewert'])){ $_POST['punktewert'] = '';}
-if (!isset($_POST['wertepunkt'])){ $_POST['wertepunkt'] = '';}
-if (!isset($_POST['updaten'])){ $_POST['updaten'] = '';}
+
?>
diff --git a/content/konto/profil_include/nickpage.php b/content/konto/profil_include/nickpage.php
index d9867b2e841fb7511cfc1832ea3198ee5282453d..ffb31e8b095a79b15034ae5f4e7cf2b40626533f 100644
--- a/content/konto/profil_include/nickpage.php
+++ b/content/konto/profil_include/nickpage.php
@@ -1,25 +1,12 @@
-<?php
-
-$nickpage = mysqli_fetch_array(db_query("SELECT * FROM ".$db_prefix."_nickpage WHERE uid='". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."'"));
-$esc = mysqli_fetch_array(db_query("SELECT bdate FROM ".$db_prefix."_userdaten WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' "));
-
-if($esc['bdate'] == 0){
- $bdate = 'placeholder="TT.MM.JJJ"';
-}else{
- $bdate = 'value="'. date("d.m.Y", $esc['bdate']) .'"';
-}
-
-?>
-
<form action="" method="post">
<table class="table">
<tr>
<td><strong>Geschlecht: </strong></td>
<td>
<select name="sex" class="form-control">
- <option value="" <?php if ($nickpage['sex'] == "") echo 'selected';?>>Bitte wählen</option>
- <option value="weiblich" <?php if ($nickpage['sex'] == 'weiblich') echo 'selected';?>>weiblich</option>
- <option value="männlich" <?php if ($nickpage['sex'] == 'männlich') echo 'selected';?>>männlich</option>
+ <option value="" <?php if ($daten->sex == "") echo 'selected';?>>Bitte wählen</option>
+ <option value="weiblich" <?php if ($daten->sex == 'weiblich') echo 'selected';?>>weiblich</option>
+ <option value="männlich" <?php if ($daten->sex == 'männlich') echo 'selected';?>>männlich</option>
</select>
</td>
</tr>
@@ -30,54 +17,54 @@ if($esc['bdate'] == 0){
<tr>
<td><strong>Wohnort: </strong></td>
<td>
- <input name="ort" value="<?php echo $nickpage['ort'];?>" class="form-control">
+ <input name="ort" value="<?php echo $daten->ort;?>" class="form-control">
</td>
</tr>
<tr>
<td><strong>Land: </strong></td>
<td>
- <input name="land" value="<?php echo $nickpage['land'];?>" class="form-control">
+ <input name="land" value="<?php echo $daten->land;?>" class="form-control">
</td>
</tr>
<tr>
<td><b>Hobbys: </b></td>
- <td><input name="hobbys" value="<?php echo $nickpage['hobbys'];?>" class="form-control"></td>
+ <td><input name="hobbys" value="<?php echo $daten->hobbys;?>" class="form-control"></td>
</tr>
<tr>
<td><b>Beruf: </b></td>
- <td><input name="beruf" value="<?php echo $nickpage['beruf'];?>" class="form-control"></td>
+ <td><input name="beruf" value="<?php echo $daten->beruf;?>" class="form-control"></td>
</tr>
<tr>
<td><b>ICQ: </b></td>
- <td><input name="icq" value="<?php echo $nickpage['icq'];?>" class="form-control"></td>
+ <td><input name="icq" value="<?php echo $daten->icq;?>" class="form-control"></td>
</tr>
<tr>
<td><b>MSN: </b></td>
- <td><input name="msn" value="<?php echo $nickpage['msn'];?>" class="form-control"></td>
+ <td><input name="msn" value="<?php echo $daten->msn;?>" class="form-control"></td>
</tr>
<tr>
<td><b>AIM: </b></td>
- <td><input name="aim" value="<?php echo $nickpage['aim'];?>" class="form-control"></td>
+ <td><input name="aim" value="<?php echo $daten->aim;?>" class="form-control"></td>
</tr>
<tr>
<td><b>Skype: </b></td>
- <td><input name="skype" value="<?php echo $nickpage['skype'];?>" class="form-control"></td>
+ <td><input name="skype" value="<?php echo $daten->skype;?>" class="form-control"></td>
</tr>
<tr>
<td><b>Homepage:</b> (ohne http://) </td>
- <td><input name="www" value="<?php echo $nickpage['www'];?>" class="form-control"></td>
+ <td><input name="www" value="<?php echo $daten->www;?>" class="form-control"></td>
</tr>
<tr>
<td><b>Lieblingswebsite 1:</b> (ohne http://) </td>
- <td><input name="www1" value="<?php echo $nickpage['www1'];?>" class="form-control"></td>
+ <td><input name="www1" value="<?php echo $daten->www1;?>" class="form-control"></td>
</tr>
<tr>
<td><b>Lieblingswebsite 2:</b> (ohne http://) </td>
- <td><input name="www2" value="<?php echo $nickpage['www2'];?>" class="form-control"></td>
+ <td><input name="www2" value="<?php echo $daten->www2;?>" class="form-control"></td>
</tr>
<tr>
<td><b>Lieblingswebsite 3:</b> (ohne http://) </td>
- <td><input name="www3" value="<?php echo $nickpage['www3'];?>" class="form-control"></td>
+ <td><input name="www3" value="<?php echo $daten->www3;?>" class="form-control"></td>
</tr>
<tr>
<td valign="top">
@@ -88,7 +75,7 @@ if($esc['bdate'] == 0){
<?php if ($nickpage['ava'] == '') { ?>
<input name="ava" value="" size="40">
<?php } else { ?>
- <input name="ava" value="<?php echo $nickpage['ava'];?>" size="40">
+ <input name="ava" value="<?php echo $daten->ava;?>" size="40">
<?php } ?>
</td>
</tr>
@@ -98,7 +85,7 @@ if($esc['bdate'] == 0){
if($nickpage['ava'] == ''){
echo '<div class="alert alert-info">Kein Avatar gewählt</div>';
}else{
- echo '<a href="#" class="thumbnail"><img src="'. $nickpage['ava'] .'" alt="'. $_SESSION['uid'] .'"></a>';
+ echo '<a href="#" class="thumbnail"><img src="'. $daten->ava .'" alt="'. $_SESSION['uid'] .'"></a>';
}
?>
</td>
diff --git a/content/konto/profil_include/pass.php b/content/konto/profil_include/pass.php
new file mode 100644
index 0000000000000000000000000000000000000000..7d99694c2950a8843c12787efba40683bbf7a184
--- /dev/null
+++ b/content/konto/profil_include/pass.php
@@ -0,0 +1,13 @@
+<form method="post" action="">
+ <table class="table table-striped">
+ <tr>
+ <td>Neues Passwort:</td>
+ <td><input type="password" name="pwd" class="form-control"></td>
+ </tr>
+ <tr>
+ <td>Neues Passwortbestätigung:</td>
+ <td><input type="password" name="pwd2" class="form-control"></td>
+ </tr>
+ </table>
+ <input type="submit" name="pw_neu" value="Speichern" class="btn btn-success btn-block">
+</form>
diff --git a/content/konto/profil_include/profil.php b/content/konto/profil_include/profil.php
index cbf4f3d3659b92a3d6761a83c58f40b2f422d108..f777b2761d2f34d5751aa89b004a48ac6b2d933a 100644
--- a/content/konto/profil_include/profil.php
+++ b/content/konto/profil_include/profil.php
@@ -2,27 +2,19 @@
<table class="table">
<tr>
<td>Nickname/UID:</td>
- <td><?php echo $info['nickname'];?> / <?php echo $_SESSION['uid'];?></td>
+ <td><?php echo $daten->nickname;?> / <?php echo $_SESSION['uid'];?></td>
</tr>
<tr>
<td>Name:</td>
- <td><input type="text" value="<?php echo $info['nachname'];?>"></td>
+ <td><input type="text" name="nachname" value="<?php echo $daten->nachname;?>"></td>
</tr>
<tr>
<td>Vorname:</td>
- <td><input type="text" value="<?php echo $info['vorname'];?>"></td>
+ <td><input type="text" name="vorname" value="<?php echo $daten->vorname;?>"></td>
</tr>
<tr>
<td>Emailadresse:</td>
- <td><input type="text" name="emailadresse" value="<?php echo $info['emailadresse'];?>"></td>
- </tr>
- <tr>
- <td>Neues Passwort:</td>
- <td><input type="password" name="pwd"></td>
- </tr>
- <tr>
- <td>Neues Passwortbestätigung:</td>
- <td><input type="password" name="pwd2"></td>
+ <td><input type="text" name="emailadresse" value="<?php echo $daten->emailadresse;?>"></td>
</tr>
<tr>
<td>Newsletter:</td>
@@ -47,7 +39,7 @@
<td>
<table>
<tr>
- <td><input name="max_forced" id="sliderValue1" type="Text" value="<?php echo $info['max_forced'];?>" size="3"></td>
+ <td><input name="max_forced" id="sliderValue1" type="Text" value="<?php echo $daten->max_forced;?>" size="3"></td>
<td><script language="JavaScript" src="js/userprofil_slieder/slider1.js"></script></td>
</tr>
</table>
@@ -58,7 +50,7 @@
<td>
<table>
<tr>
- <td><input name="max_paidlinks" id="sliderValue2" type="Text" value="<?php echo $info['max_paidlinks'];?>" size="3"></td>
+ <td><input name="max_paidlinks" id="sliderValue2" type="Text" value="<?php echo $daten->max_paidlinks;?>" size="3"></td>
<td><script language="JavaScript" src="js/userprofil_slieder/slider2.js"></script></td>
</tr>
</table>
@@ -66,10 +58,10 @@
</tr>
<tr>
<td align="center" colspan="2"><br>
- <input type="submit" name="aendern" value="Jetzt ändern!"><br>
+ <input type="submit" name="aendern" class="btn btn-default" value="Jetzt ändern!"><br>
<br>
<?php echo $change;?>
</td>
</tr>
</table>
-</form>
\ No newline at end of file
+</form>
diff --git a/content/konto/refuebersicht.php b/content/konto/refuebersicht.php
index 8d02e6839ecac1073f7c9f898e0ec0e11c2b8db4..1c475ec7ae0b7e4f71c4faba927af78d1b06f0a8 100644
--- a/content/konto/refuebersicht.php
+++ b/content/konto/refuebersicht.php
@@ -1,4 +1,4 @@
-<?php userstatus();
+<?php
$ebene_1 = false;
$ebene_2 = false;
@@ -155,4 +155,4 @@ echo "<center>Noch keine Refs in Ebene 3</center>";
<span class="glyphicon glyphicon-certificate" aria-hidden="true" style="color:yellow;"></span> User war mind. 7 Tage nicht mehr aktiv.<br>
<span class="glyphicon glyphicon-certificate" aria-hidden="true" style="color:green;"></span> User war in den letzen 7 Tagen aktiv.<br></center>
</td></tr></table></center>
-<?php foot();?>
\ No newline at end of file
+<?php foot();?>
diff --git a/content/konto/userprofil.php b/content/konto/userprofil.php
index 50a478605553e27432f9796370ef174efe314014..e9332047d89024a16fcb04281907f1a0b87c04da 100644
--- a/content/konto/userprofil.php
+++ b/content/konto/userprofil.php
@@ -1,92 +1,22 @@
<?php
-userstatus();
+require_once('lib/class/userprofil.class.php');
+$profil = new USERPROFIL;
+$profil->set_uid($_SESSION['uid']);
+$daten = $profil->get_daten();
-// Variabeln definieren
-if (!isset($_POST['aendern'])) $_POST['aendern'] = "";
-if (!isset($_POST['acc_del'])) $_POST['acc_del'] = "";
-if (!isset($_POST['del_passwort'])) $_POST['del_passwort'] = "";
-if (!isset($_POST['pwd'])) $_POST['pwd'] = "";
-if (!isset($_POST['pwd2'])) $_POST['pwd2'] = "";
-if (!isset($_POST['nickname'])) $_POST['nickname'] = "";
-if (!isset($_POST['newsletter'])) $_POST['newsletter'] = "";
-if (!isset($_POST['paidmails'])) $_POST['paidmails'] = "";
-if (!isset($_POST['bdate'])) $_POST['bdate'] = "";
-if (!isset($change)) $change = "";
-if (!isset($mailstatus)) $mailstatus = "";
-if (!isset($delchange)) $delchange = "";
-
-if ($_POST['acc_del'] == 'Jetzt löschen!' && $_POST['del_passwort']) {
- $schnittstelle = mysqli_fetch_array(db_query("SELECT `passwort` FROM " . $db_prefix . "_kontodaten LIMIT 1")) or die("Userinfo");
- if ($schnittstelle['passwort'] != md5($_GET['del_passwort'])) {
- echo 'Passwort falsch';
- } else {
- $sperrzeit = time() + (86400 * 30);
- db_query("DELETE FROM " . $db_prefix . "_kontodaten WHERE uid=" . $_SESSION['uid'] . "");
- db_query("DELETE FROM " . $db_prefix . "_emaildaten WHERE uid=" . $_SESSION['uid'] . "");
- db_query("DELETE FROM " . $db_prefix . "_userdaten WHERE uid=" . $_SESSION['uid'] . "");
- db_query("DELETE FROM " . $db_prefix . "_werberdaten WHERE uid=" . $_SESSION['uid'] . "");
- db_query("UPDATE " . $db_prefix . "_werberdaten SET werber = 0 WHERE werber=" . $_SESSION['uid'] . "");
- db_query ('DELETE FROM ' . $db_prefix . '_admin_abuse WHERE uid = ' . $_SESSION['uid']);
- db_query ('DELETE FROM ' . $db_prefix . '_adscan_userblacklist WHERE uid = ' . $_SESSION['uid']);
- db_query ('DELETE FROM vms_buchungen WHERE uid = ' . $_SESSION['uid']);
- db_query ('DELETE FROM vms_reloads WHERE uid = ' . $_SESSION['uid']);
- db_query ('DELETE FROM vms_schnittstelle_anfragen WHERE uid = ' . $_SESSION['uid']);
- echo '<meta http-equiv="refresh" content="0; URL=http://' . $_SERVER['HTTP_HOST'] . '/?content=/intern/startseite&logout=true">';
- }
-}
-
-if ($_POST['aendern'] == 'Jetzt ändern!') {
- // Passwort ändern beginn!
- if ($_POST['pwd'] && $_POST['pwd2']) {
- if ($_POST['pwd'] == $_POST['pwd2']) {
- if (strlen($_POST['pwd']) >= 8) {
- $pw = pw_erstellen($_POST['pwd']);
- db_query("UPDATE " . $db_prefix . "_kontodaten SET passwort = '" . $pw . "' WHERE uid=" . $_SESSION['uid'] . "");
- echo '<meta http-equiv="refresh" content="0; URL=http://' . $_SERVER['HTTP_HOST'] . '/?content=/intern/startseite&logout=true">';
- // $change .= 'Das Passwort wurde geändert!<br><b><font color="#FF0000">Bitte logge Dich jetzt aus und wieder neu ein!</font></b><br>';
- } else {
- $change = 'Passwörter müssen min. 8 Zeichen haben!';
- }
- } else {
- $change = 'Die Passwörter stimmen nicht überein!';
- }
- }
- // Passwort ändern ende!
- if ($_POST['aendern'] == 'Jetzt ändern!') {
- if (check_email($_POST['emailadresse']) == false) {
- $change .= 'Der Emailsyntax ist falsch!<br>';
- } else {
- if ($_POST['newsletter'] == 0 and $_POST['paidmails'] == 0) $mailstatus = 0;
- if ($_POST['newsletter'] == 1 and $_POST['paidmails'] == 0) $mailstatus = 1;
- if ($_POST['newsletter'] == 0 and $_POST['paidmails'] == 1) $mailstatus = 2;
- if ($_POST['newsletter'] == 1 and $_POST['paidmails'] == 1) $mailstatus = 3;
- $_POST['max_forced'] = (int)$_POST['max_forced'];
- db_query("UPDATE " . $db_prefix . "_emaildaten SET freigabe_fuer = " . mysqli_real_escape_string($sql_open,$mailstatus) . ",
- emailadresse = '" . mysqli_real_escape_string($sql_open,$_POST['emailadresse']) . "'
- WHERE uid=" . $_SESSION['uid'] . "");
-
- db_query("UPDATE " . $db_prefix . "_userdaten SET max_forced = '" . mysqli_real_escape_string($sql_open,$_POST['max_forced']) . "',
- max_paidlinks = '". mysqli_real_escape_string($sql_open,$_POST['max_paidlinks']) ."'
- WHERE uid=" . $_SESSION['uid'] . "");
- $change .= 'Deine Daten wurden aktualisiert!<br>';
- }
- }
-}
- $info = mysqli_fetch_array(db_query("SELECT u.*,e.emailadresse,e.freigabe_fuer FROM " . $db_prefix . "_userdaten AS u LEFT JOIN " . $db_prefix . "_emaildaten AS e ON e.uid=u.uid WHERE u.uid=" . $_SESSION['uid'] . " LIMIT 1"));
-
- if ($info['freigabe_fuer'] == 0) {
+ if ($daten->freigabe_fuer == 0) {
$newsletter = 0;
$paidmails = 0;
}
- if ($info['freigabe_fuer'] == 1) {
+ if ($daten->freigabe_fuer == 1) {
$newsletter = 1;
$paidmails = 0;
}
- if ($info['freigabe_fuer'] == 2) {
+ if ($daten->freigabe_fuer == 2) {
$newsletter = 0;
$paidmails = 1;
}
- if ($info['freigabe_fuer'] == 3) {
+ if ($daten->freigabe_fuer == 3) {
$newsletter = 1;
$paidmails = 1;
}
@@ -96,6 +26,7 @@ if ($_POST['aendern'] == 'Jetzt ändern!') {
<div>
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="active"><a href="#start" role="tab" data-toggle="tab">Profildaten</a></li>
+ <li role="presentation"><a href="#pass" role="tab" data-toggle="tab">Passwort</a></li>
<?php
if($moeglich != 0){
echo '<li role="presentation"><a href="#profil" role="tab" data-toggle="tab">Externe Konten</a></li>';
@@ -108,6 +39,9 @@ if ($_POST['aendern'] == 'Jetzt ändern!') {
<div role="tabpanel" class="tab-pane active" id="start">
<?php require('content/konto/profil_include/profil.php');?>
</div>
+ <div role="tabpanel" class="tab-pane" id="pass">
+ <?php require('content/konto/profil_include/pass.php');?>
+ </div>
<div role="tabpanel" class="tab-pane" id="profil">
<?php
if($moeglich != 0){
@@ -133,4 +67,4 @@ if ($_POST['aendern'] == 'Jetzt ändern!') {
</div>
</div>
-</div>
\ No newline at end of file
+</div>
diff --git a/install/mysql.txt b/install/mysql.txt
index 7433e169cf82e71944cad737a7b214491b1fd156..02895ea1a2349adca00d223b00cc3968c950dac2 100644
--- a/install/mysql.txt
+++ b/install/mysql.txt
@@ -549,13 +549,54 @@ CREATE TABLE `vms_run_inc` (
`beschreibung` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
-INSERT INTO `vms_run_inc` (`id`, `name`, `value`, `datei`, `beschreibung`) VALUES
-(1, 'chat_absenden', 'Absenden', 'chat.php', 'Chat absenden'),
-(2, 'news_komment', 'Kommentar Speichern', 'news/kommentar.php', 'News Kommentieren'),
-(3, 'anmelden', 'Jetzt anmelden!', 'konto/anmelden.php', 'Registrtieren'),
-(4, 'auszahlen', 'Auszahlen', 'konto/auszahlen.php', 'Auszahlen'),
-(5, 'ueberweisen', 'Senden', 'konto/ueberweisen.php', 'Ãœberweisen'),
-(6, 'aendern_nickpage', 'Änderungen speichern', 'konto/nickpage.php', 'Nickpage Speichern');
+INSERT INTO `vms_run_inc` (`id`, `name`, `value`, `datei`, `beschreibung`, `berechtigung`) VALUES
+(1, 'chat_absenden', 'Absenden', 'chat.php', 'Chat absenden', 0),
+(2, 'news_komment', 'Kommentar Speichern', 'news/kommentar.php', 'News Kommentieren', 0),
+(3, 'anmelden', 'Jetzt anmelden!', 'konto/anmelden.php', 'Registrtieren', 0),
+(4, 'auszahlen', 'Auszahlen', 'konto/auszahlen.php', 'Auszahlen', 0),
+(5, 'ueberweisen', 'Senden', 'konto/ueberweisen.php', 'Ãœberweisen', 0),
+(6, 'aendern_nickpage', 'Speichern', 'konto/nickpage.php', 'Nickpage Speichern', 0),
+(7, 'checkid', 'Login', 'session/login.php', 'Login', 0),
+(8, 'anf_daten', 'Anfordern!', 'konto/daten.php', 'Passwort anfordern', 0),
+(9, 'admin_box_save', 'Speichern', 'boxen/admin_boxen_neu.php', 'Menübox Adminbereich erstellen', 1),
+(10, 'admin_box_loschen', 'Löschen', 'boxen/admin_loschen.php', 'Menüboxen admin löschen', 1),
+(11, 'admin_box_aendern', 'Ändern', 'boxen/admin_andern.php', 'Menübocen admin bearbeiten', 1),
+(12, 'box_save', 'Speichern', 'boxen/boxen_neu.php', 'Menüboxen User erstellen', 1),
+(13, 'aendern', 'Ändern', 'boxen/andern.php', 'Menüboxen User bearbeiten', 1),
+(14, 'box_loschen', 'Löschen', 'boxen/loschen.php', 'Menüboxen User löschen', 1),
+(15, 'link_zuordnen_neu', 'Bearbeiten', 'menu/zuordnung_menu_neu.php', '', 1),
+(16, 'link_zuordnen_loschen', 'Löschen', 'menu/zuordnung_menu_neu_losch.php', '', 1),
+(17, 'menue_neu_save', 'Anlegen', 'menu/menu_neu.php', '', 1),
+(18, 'link_bearbeiten', '', 'menu/menu_bearbeiten.php', '', 1),
+(19, 'link_loschen', '', 'menu/menu_loschen.php', '', 1),
+(20, 'admin_link_zuordnen_neu', '', 'menu/admin_zuordnung_menu_neu.php', '', 1),
+(21, 'admin_link_zuordnen_loschen', '', 'menu/admin_zuordnung_menu_neu_losch.php', '', 1),
+(22, 'admin_menue_neu_save', '', 'menu/admin_menu_neu.php', '', 1),
+(23, 'admin_link_bearbeiten', '', 'menu/admin_menu_bearbeiten.php', '', 1),
+(24, 'admin_link_loschen', '', 'menu/admin_menu_loschen.php', '', 1),
+(28, 'chat_save', 'Chat Einstellungen Speichern', 'chat/einstellungen.php', '', 1),
+(29, 'chat_nachricht_loeschen', 'Löschen', 'chat/nachrichten_loeschen.php', '', 1),
+(30, 'seite_save', 'Speichern', 'cms/neue_seite.php', '', 1),
+(31, 'updaten_betreiberdaten', 'Updaten', 'class/betreiber.class.php', '', 1),
+(33, 'einzahlen', 'Einzahlen', 'konto/einzahlen.php', '', 0),
+(34, 'aendern', 'Jetzt ändern!', 'konto/user_daten.php', '', 0),
+(35, 'pw_neu', 'Speichern', 'konto/pass_neu.php', '', 0),
+(36, 'acc_del', 'Jetzt löschen!', 'konto/delete_acc.php', '', 0),
+(37, 'profile_save', 'Allgemeine Daten Speichern', 'user/profil.php', '', 1),
+(38, 'notice', 'Notiz hinzufügen', 'user/notiz.php', 'User Notizen hinzufügen', 1);
+
+CREATE TABLE `vms_user_notizen` (
+ `id` int(11) NOT NULL,
+ `uid` int(11) NOT NULL,
+ `datum` int(11) NOT NULL,
+ `text` longtext NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+ALTER TABLE `vms_user_notizen`
+ ADD PRIMARY KEY (`id`);
+
+ALTER TABLE `vms_user_notizen`
+ MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
ALTER TABLE `vms_adminblacklist`
ADD PRIMARY KEY (`tan`);
diff --git a/lib/class/chat.class.php b/lib/class/chat.class.php
index 0dba0a49383dc3169e0bd0d79f6f78337ea213e9..a25d2e6992f995ccc122cc747daf388178c2874c 100644
--- a/lib/class/chat.class.php
+++ b/lib/class/chat.class.php
@@ -2,10 +2,9 @@
class chatClass{
public static function getRestChatLines($id){
- global $db_host,$db_user,$db_pass,$db_base;
$arr = array();
$jsonData = '{"results":[';
- $db_connection = new mysqli( $db_host, $db_user, $db_pass, $db_base);
+ $db_connection = new mysqli( DB_HOST, DB_USER, DB_PASS, DB_BASS);
$db_connection->query( "SET NAMES 'UTF8'" );
$statement = $db_connection->prepare( "SELECT id, absender, nachricht, time FROM vms_chat WHERE id > ? ");
$statement->bind_param( 'i', $id);
@@ -27,8 +26,7 @@ class chatClass{
}
public static function setChatLines( $chattext, $usrname, $color) {
- global $db_host,$db_user,$db_pass,$db_base;
- $db_connection = new mysqli( $db_host, $db_user, $db_pass, $db_base);
+ $db_connection = new mysqli( DB_HOST, DB_USER, DB_PASS, DB_BASS);
$db_connection->query( "SET NAMES 'UTF8'" );
$statement = $db_connection->prepare( "INSERT INTO chat( usrname, color, chattext) VALUES(?, ?, ?)");
$statement->bind_param( 'sss', $usrname, $color, $chattext);
@@ -37,4 +35,4 @@ class chatClass{
$db_connection->close();
}
}
-?>
\ No newline at end of file
+?>
diff --git a/lib/class/ein_aus_zahlung.class.php b/lib/class/ein_aus_zahlung.class.php
index 73e0b6fe7af17aaae2875b0d5117a20785033a53..8425e41e98b19f5ba5e26d91be60bd1ba2d75fb9 100644
--- a/lib/class/ein_aus_zahlung.class.php
+++ b/lib/class/ein_aus_zahlung.class.php
@@ -1,5 +1,7 @@
<?php
-require_once("lib/schnittstellen/".$_POST['id'] .".php");
+if(isset($_POST['id'])){
+ require_once("lib/schnittstellen/".$_POST['id'] .".php");
+}
class EIN_AUS_ZAHLUNG{
@@ -123,4 +125,4 @@ class EIN_AUS_ZAHLUNG{
}
}
}
-}
\ No newline at end of file
+}
diff --git a/lib/class/kontobuchung.class.php b/lib/class/kontobuchung.class.php
index 88533e5cd6ccb8806789812add0c82e1c7a77dd5..bde2af48038ba92e7c94f4b30c0de091e82fb7a4 100644
--- a/lib/class/kontobuchung.class.php
+++ b/lib/class/kontobuchung.class.php
@@ -52,11 +52,11 @@ class KONTOBUCHUNG_CLASS{
global $datenbank;
$konto = $this->kontostand();
$konto_neu = $konto->kontostand + $this->betrag;
- $datenbank->update(PREFIX . KONTO , array("kontostand_a" => $konto_neu) , array("uid" => $this->uid),1 );
- $this->buchungsliste();
+ $buchung_ok = $datenbank->update(PREFIX . KONTO , array("kontostand_a" => $konto_neu) , array("uid" => $this->uid),1 );
+ $this->buchungsliste($buchung_ok);
}
- private function buchungsliste(){
+ private function buchungsliste($buchung_ok){
global $datenbank;
$buch = array(
"uid" => $this->uid,
@@ -65,6 +65,7 @@ class KONTOBUCHUNG_CLASS{
"buchungsmenge" => $this->art . $betrag,
"verwendungszweck" => $this->verwendung
);
+ if($buchung_ok == true){ $buch['buchung_ok'] = 1;}
$datenbank->insert(PREFIX . BUCH , $buch);
}
@@ -72,4 +73,4 @@ class KONTOBUCHUNG_CLASS{
global $datenbank;
return $datenbank->get_row("SELECT kontostand_a FROM ". PREFIX . KONTO ." WHERE uid = '$this->uid' ");
}
-}
\ No newline at end of file
+}
diff --git a/lib/class/userprofil.class.php b/lib/class/userprofil.class.php
new file mode 100644
index 0000000000000000000000000000000000000000..8766ccba08a6bc5ca39144b1d19f628b0fa7fcff
--- /dev/null
+++ b/lib/class/userprofil.class.php
@@ -0,0 +1,97 @@
+<?php
+
+class USERPROFIL {
+
+ private $db;
+ private $uid;
+ private $delete_true = false;
+ private $array;
+
+ public function __construct() {
+ global $datenbank;
+ $this->db = $datenbank;
+ }
+
+ public function set_uid($uid){
+ if(!is_numeric($uid)){ $this->uid = 0;}else{ $this->uid = $this->db->escape($uid);}
+ }
+
+ public function get_daten(){
+ $aus = $this->db->get_row("
+ SELECT u.*, e.*, k.*, n.* FROM ". PREFIX . USER . " AS u LEFT JOIN ". PREFIX . EMAIL . " AS e ON e.uid = u.uid LEFT JOIN ". PREFIX . KONTO ." AS k ON k.uid = u.uid LEFT JOIN ". PREFIX . NICKP ." AS n ON n.uid = u.uid WHERE u.uid = '" . $this->uid . "' ",true);
+ return $aus;
+ }
+
+ public function delete_account($pw){
+ global $error,$meldung;
+ $this->pass_pruef($pw);
+ if($this->delete_true == true){
+ $this->db->delete(PREFIX . KONTO , array("uid" => $this->uid),1);
+ $this->db->delete(PREFIX . EMAIL, array("uid" => $this->uid),1);
+ $this->db->delete(PREFIX . USER , array("uid" => $this->uid),1);
+ $this->db->delete(PREFIX . WERBER , array("uid" => $this->uid),1);
+ $this->db->update(PREFIX . WERBER, array("werber" => 0), array("werber" => $this->uid));
+ $this->db->delete(PREFIX . BUCH , array("uid" => $this->uid),1);
+ $this->db->delete(PREFIX . RELOAD , array("uid" => $this->uid),1);
+ $this->db->delete(PREFIX . S_ANF , array("uid" => $this->uid),1);
+ header('Location: '. $_SERVER['HTTP_HOST']);
+ }else{
+ $error = 1;
+ $meldung = PASS_FALSE;
+ }
+ }
+
+ protected function pass_pruef($pw){
+ if($this->db->num_rows("SELECT id FROM ". PREFIX . KONTO ." WHERE uid = '$this->uid' AND passwort = '". pw_erstellen($pw) ."' ") == 1){
+ $this->delete_true = true;
+ }
+ }
+
+ public function user_daten_save(){
+ global $error,$meldung;
+ $this->make_array();
+ if ($this->array['newsletter'] == 0 and $this->array['paidmails'] == 0) $mailstatus = 0;
+ if ($this->array['newsletter'] == 1 and $this->array['paidmails'] == 0) $mailstatus = 1;
+ if ($this->array['newsletter'] == 0 and $this->array['paidmails'] == 1) $mailstatus = 2;
+ if ($this->array['newsletter'] == 1 and $this->array['paidmails'] == 1) $mailstatus = 3;
+ $array = array(
+ "freigabe_fuer" => $mailstatus,
+ "emailadresse" => $this->array['emailadresse']
+ );
+ $array_user = array(
+ "max_forced" => $this->array['max_forced'],
+ "max_paidlinks" => $this->array['max_paidlinks']
+ );
+ $update_mail = $datenbank->update(PREFIX . MAIL , $array, array("uid" => $this->uid), 1);
+ if($update_mail == true){ $meldung .= MAILEMPFANG_TRUE;}else{$error = 1; $meldung .= MAILEMPFANG_FALSE;}
+ $update_user = $datenbank->update(PREFIX . USER , $array_user, array("uid" => $this->uid), 1);
+ if($update_user == true){ $meldung .= BANNER_TRUE;}else{ $error = 1; $meldung .= BANNER_FALSE;}
+ }
+
+ public function pw_erneuern(){
+ global $error,$meldung;
+ $this->make_array();
+ if(empty($this->array['pwd']) OR empty($this->array['pwd2'])){ $error = 1; $meldung .= ANMELDEN_PASS1_FALSE;}
+ if($this->array['pwd'] != $this->array['pwd2']){ $error = 1; $meldung .= ANMELDEN_PASS_KONTROLLE;}
+ if($error == 0){
+ $update = $this->db->update(PREFIX . KONTO , array("passwort" => pw_erstellen($this->array['pwd'])), array("uid" => $this->uid) , 1);
+ if($update == true){
+ $meldung .= UPDATE_PASS_TRUE;
+ }else{
+ $error = 1;
+ $meldung .= UPDATE_PASS_FALSE;
+ }
+ }
+ }
+
+ private function make_array(){
+ global $_POST;
+ $array = array();
+ foreach($_POST AS $key => $value){
+ $array[$key] = $this->db->escape($value);
+ }
+ $this->array = $array;
+ }
+}
+
+?>
diff --git a/lib/db_config.php b/lib/db_config.php
index 6d39e7a232fc09ffbcd540ceb69d34fcffd4cc53..2994cd459286c853845e3ac15534bc8299bf9b6f 100644
--- a/lib/db_config.php
+++ b/lib/db_config.php
@@ -7,6 +7,7 @@
define("PREFIX","vms_");
define("CONFIG","seitenkonfig");
+ define("BILANZ","bilanz");
define("USER","userdaten");
define("EMAIL","emaildaten");
define("KONTO","kontodaten");
@@ -25,5 +26,8 @@
define("AKT","aktivierungen");
define("MULTIK","multi_konten");
define("S_ANF","schnittstelle_anfragen");
+ define("RELOAD","reloads");
+ define("BETTELB","bettel_buchung");
+ define("NOTIZ","user_notizen");
?>
diff --git a/lib/funktionen/chat.php b/lib/funktionen/chat.php
index 0ead74dfab4f4f78e4b0ee246d6c720402094e01..d5df89d8c502b4190be74ed08593649dede29857 100644
--- a/lib/funktionen/chat.php
+++ b/lib/funktionen/chat.php
@@ -4,7 +4,7 @@ require_once('../../lib/functions.lib.php');
require_once('../../lib/session.lib.php');
$error = 0;
-$sperre = mysqli_fetch_array(db_query("SELECT chat_sperre FROM ".$db_prefix."_userdaten WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' "));
+$sperre = mysqli_fetch_array(db_query("SELECT chat_sperre FROM ". PREFIX . KONTO ." WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' "));
if($sperre['chat_sperre'] == '1'){ $error = 1; $meldung = 'Du bist für den Chat gesperrt.';}
if(empty($_POST['inhalt'])){ $error = 1; $meldung = 'Bitte Text eingeben.';}
if($_SESSION['uid'] <= 0){ $error = 1; $meldung = 'Ungültige User-ID.';}
diff --git a/lib/funktionen/konto/delete_acc.php b/lib/funktionen/konto/delete_acc.php
new file mode 100644
index 0000000000000000000000000000000000000000..bafd61067ccca81d674ad6171d8c2c70c8d5febc
--- /dev/null
+++ b/lib/funktionen/konto/delete_acc.php
@@ -0,0 +1,7 @@
+<?php
+
+require_once('lib/class/userprofil.class.php');
+$profil = new USERPROFIL;
+
+$profil->set_uid($_SESSION['uid']);
+$profil->delete_account();
diff --git a/lib/funktionen/konto/pass_neu.php b/lib/funktionen/konto/pass_neu.php
new file mode 100644
index 0000000000000000000000000000000000000000..31177820c93662f47823bf76fdb6bccd49368711
--- /dev/null
+++ b/lib/funktionen/konto/pass_neu.php
@@ -0,0 +1,7 @@
+<?php
+
+require_once('lib/class/userprofil.class.php');
+$pass = NEW USERPROFIL;
+
+$pass->set_uid($_SESSION['uid']);
+$pass->pw_erneuern();
diff --git a/lib/funktionen/konto/user_daten.php b/lib/funktionen/konto/user_daten.php
new file mode 100644
index 0000000000000000000000000000000000000000..70aed85823947b4c9b6bf924a0da251bbf817b1e
--- /dev/null
+++ b/lib/funktionen/konto/user_daten.php
@@ -0,0 +1,7 @@
+<?php
+
+require_once('lib/class/userprofil.class.php');
+$profil = new USERPROFIL;
+$profil->set_uid($_SESSION['uid']);
+
+$update = $profil->user_daten_save();
diff --git a/lib/lang/lang.de.php b/lib/lang/lang.de.php
index 701e36ff7938d8d1a2ca2fc6c346bb2882813aec..357d6d780468d47892f42db49f028767575161a3 100644
--- a/lib/lang/lang.de.php
+++ b/lib/lang/lang.de.php
@@ -40,4 +40,13 @@
define("EINZAHLUNG_BETRAG_HIGHT","Dein Einzahlungsbetrag übersteigt das Einzahllimit.<br>");
define("AUSZAHLUNG_ANFRAGEN_USER_FALSE","Die Auszahlungen sind für heute verbraucht.<br>");
define("AUSZAHLUNG_TRUE","Die Auszahlung wurde erfolgreich durchgeführt.<br>");
- define("EINZAHLUNG_TRUE","Die Einzahlung wurde erfolgreich durchgeführt.<br>");
\ No newline at end of file
+ define("EINZAHLUNG_TRUE","Die Einzahlung wurde erfolgreich durchgeführt.<br>");
+
+ //KONTO
+ define("PASS_FALSE","Das angegebene Passwort ist nicht richtig");
+ define("MAILEMPFANG_TRUE","Einstellungen für den Mailempfang gespeichert.<br>");
+ define("MAILEMPFANG_FALSE","Konnte einstellungen für den Mailempfang nicht speichern");
+ define("BANNER_TRUE","Werbeeinstellungen wurden erfolgreich gespeichert.<br>");
+ define("BANNER_FALSE","Konnte Werbeeinstellungen nicht speichern.<br>".$sko);
+ define("UPDATE_PASS_TRUE","Das Passwort wurde erfolgreich gespeichert.<br>");
+ define("UPDATE_PASS_FALSE","Das Passwort konnte nicht gespeichert werden.<br>".$sko);
diff --git a/lib/var.php b/lib/var.php
index 5fed887f191cfb66ab50118c9624756231e44891..8aa099ce182fdd92045cf010cc3e91b57bfcf290 100644
--- a/lib/var.php
+++ b/lib/var.php
@@ -43,7 +43,18 @@ if(!isset($_POST['einzahlen'])) { $_POST['einzahlen'] = "";}
if(!isset($_POST['uid_passwort'])) { $_POST['uid_passwort'] = "";}
if(!isset($_POST['trans_menge'])) { $_POST['trans_menge'] = "";}
if(!isset($einzahlmeldung)) { $einzahlmeldung = "";}
-
+if (!isset($_POST['aendern'])) { $_POST['aendern'] = "";}
+if (!isset($_POST['acc_del'])) { $_POST['acc_del'] = "";}
+if (!isset($_POST['del_passwort'])) { $_POST['del_passwort'] = "";}
+if (!isset($_POST['pwd'])) { $_POST['pwd'] = "";}
+if (!isset($_POST['pwd2'])) { $_POST['pwd2'] = "";}
+if (!isset($_POST['nickname'])) { $_POST['nickname'] = "";}
+if (!isset($_POST['newsletter'])) { $_POST['newsletter'] = "";}
+if (!isset($_POST['paidmails'])) { $_POST['paidmails'] = "";}
+if (!isset($_POST['bdate'])) { $_POST['bdate'] = "";}
+if (!isset($change)) { $change = "";}
+if (!isset($mailstatus)) { $mailstatus = "";}
+if (!isset($delchange)) { $delchange = "";}
//$_SESSION