From 1da3236b0f4658675bd556a2006d631408d3f78c Mon Sep 17 00:00:00 2001
From: isaack <drericlaufer@gmx.de>
Date: Sun, 9 Dec 2018 10:01:58 +0100
Subject: [PATCH] Weitrere Updates
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- weitere classen dazu gekommen
- userliste Ã¼berarbeitet
- kleine Bugs beseitigt
---
 CHANGELOG                                     |   7 +
 adminforce/content/startseite.php             |  79 ++++--
 adminforce/content/usersystem/details.php     |  28 ++
 adminforce/content/usersystem/liste.php       |  92 ++++---
 .../usersystem/user_include/allgemeines.php   | 161 ++++++------
 .../usersystem/user_include/ansicht.php       |  13 +
 .../usersystem/user_include/bet_ref.php       |  19 +-
 .../usersystem/user_include/buchungen.php     |  84 +++---
 .../usersystem/user_include/notizen.php       |  35 ++-
 adminforce/lib/class/run.class.php            |  51 ++++
 adminforce/lib/class/userliste.class.php      | 240 ++++++++++++++++++
 adminforce/lib/funktionen/user/notiz.php      |   6 +
 adminforce/lib/funktionen/user/profil.php     |   7 +
 adminforce/lib/lang/lang.de.php               |   6 +
 adminforce/lib/run.inc.php                    |  10 +
 adminforce/lib/var.php                        |  17 +-
 content/konto/profil_include/nickpage.php     |  47 ++--
 content/konto/profil_include/pass.php         |  13 +
 content/konto/profil_include/profil.php       |  24 +-
 content/konto/refuebersicht.php               |   4 +-
 content/konto/userprofil.php                  |  92 +------
 install/mysql.txt                             |  55 +++-
 lib/class/chat.class.php                      |   8 +-
 lib/class/ein_aus_zahlung.class.php           |   6 +-
 lib/class/kontobuchung.class.php              |   9 +-
 lib/class/userprofil.class.php                |  97 +++++++
 lib/db_config.php                             |   4 +
 lib/funktionen/chat.php                       |   2 +-
 lib/funktionen/konto/delete_acc.php           |   7 +
 lib/funktionen/konto/pass_neu.php             |   7 +
 lib/funktionen/konto/user_daten.php           |   7 +
 lib/lang/lang.de.php                          |  11 +-
 lib/var.php                                   |  13 +-
 33 files changed, 877 insertions(+), 384 deletions(-)
 create mode 100644 adminforce/content/usersystem/details.php
 create mode 100644 adminforce/content/usersystem/user_include/ansicht.php
 create mode 100644 adminforce/lib/class/run.class.php
 create mode 100644 adminforce/lib/class/userliste.class.php
 create mode 100644 adminforce/lib/funktionen/user/notiz.php
 create mode 100644 adminforce/lib/funktionen/user/profil.php
 create mode 100644 content/konto/profil_include/pass.php
 create mode 100644 lib/class/userprofil.class.php
 create mode 100644 lib/funktionen/konto/delete_acc.php
 create mode 100644 lib/funktionen/konto/pass_neu.php
 create mode 100644 lib/funktionen/konto/user_daten.php

diff --git a/CHANGELOG b/CHANGELOG
index b3d4cbf..fd84874 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,11 @@
 # Was alles passiert
 
+##[0.0.7]
+##geÃ¤ndert
+- weitere classen dazu gekommen
+- userliste Ã¼berarbeitet
+- kleine Bugs beseitigt
+
 ##[0.0.6]
 ##geÃ¤ndert
 - classen kommen dazu
@@ -41,3 +47,4 @@
 ### Upload
 Die BETA Version von VMS-SUEE 2 wurde verÃ¶ffentlicht.
 Dies ist nicht die entgÃ¼ltige Version.
+
diff --git a/adminforce/content/startseite.php b/adminforce/content/startseite.php
index 36050b8..f69f603 100644
--- a/adminforce/content/startseite.php
+++ b/adminforce/content/startseite.php
@@ -1,23 +1,35 @@
 <?php
 if($_SESSION['admin'] == 1){
+	require_once('lib/class/userliste.class.php');
+	$User = new USERLISTE;
+	$UserStat = $User->startseite();
+	$Chart = $User->Chart();
 	
-    head("Userstatistik");
-
-    $kontostats = mysqli_fetch_array(db_query("SELECT COUNT(uid) AS kd_uid , SUM(kontostand) AS kd_kontostand FROM ".$db_prefix."_kontodaten"));
-    echo '<table class="table">
-    <tr>
-        <td width="55%">Angemeldete User</td>
-        <td align="right">'.@number_format($kontostats['kd_uid'],0,",",".").'&nbsp;&nbsp;</td>
-    </tr>
-    <tr>
-        <td>Gesamtguthaben</td>
-        <td align="right">'.@number_format($kontostats['kd_kontostand'],2,",",".").'&nbsp;&nbsp;</td>
-    </tr>
-    <tr>
-        <td width="55%">Guth. pro User</td>
-        <td align="right">'.@number_format($kontostats['kd_kontostand'] / $kontostats['kd_uid'],2,",",".").'&nbsp;&nbsp;</td>
-    </tr>
-    </table>';
+	head("Bilanz der letzten 14 Tage");
+		echo '<canvas class="my-4" id="BilanzChart" width="100%" height="10"></canvas>';
+	foot();
+	
+    head("");
+    echo '
+		<div class="row">
+			<div class="col-md-3">
+				<table class="table table-striped">
+					<tr>
+						<td width="55%">Angemeldete User</td>
+						<td align="right">'.@number_format($UserStat->kd_uid,0,",",".").'&nbsp;&nbsp;</td>
+					</tr>
+					<tr>
+						<td>Gesamtguthaben</td>
+						<td align="right">'.@number_format($UserStat->kd_kontostand,2,",",".").'&nbsp;&nbsp;</td>
+					</tr>
+					<tr>
+						<td width="55%">Guth. pro User</td>
+						<td align="right">'.@number_format($UserStat->kd_kontostand / $UserStat->kd_uid,2,",",".").'&nbsp;&nbsp;</td>
+					</tr>
+				</table>
+			</div>
+		</div>
+    ';
 foot();
     echo '</td>
     </tr></table>';
@@ -122,4 +134,35 @@ foot();
     }
 
  foot();
-}
\ No newline at end of file
+}
+?>
+<script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/Chart.min.js"></script>
+<script>
+      var ctx = document.getElementById("BilanzChart");
+      var myChart = new Chart(ctx, {
+        type: 'line',
+        data: {
+          labels: [<?php echo $Chart['label'];?>],
+          datasets: [{
+            data: [<?php echo $Chart['ges'];?>],
+            lineTension: 0,
+            backgroundColor: 'transparent',
+            borderColor: '#007bff',
+            borderWidth: 4,
+            pointBackgroundColor: '#007bff'
+          }]
+        },
+        options: {
+          scales: {
+            yAxes: [{
+              ticks: {
+                beginAtZero: false
+              }
+            }]
+          },
+          legend: {
+            display: false,
+          }
+        }
+      });
+</script>
diff --git a/adminforce/content/usersystem/details.php b/adminforce/content/usersystem/details.php
new file mode 100644
index 0000000..7e79757
--- /dev/null
+++ b/adminforce/content/usersystem/details.php
@@ -0,0 +1,28 @@
+<?php
+	require_once('lib/class/userliste.class.php');
+	$user = new USERLISTE;
+	$user->set_uid($_GET['uid']);
+	$daten = $user->userinfo();
+?>
+<ul class="nav nav-tabs" role="tablist">
+	<li role="presentation" class="active"><a href="#start" role="tab" data-toggle="tab">Start</a></li>
+	<li role="presentation"><a href="#buchungsliste" role="tab" data-toggle="tab">Buchungsliste</a></li>
+	<li role="presentation"><a href="#bettelref" role="tab" data-toggle="tab">Bettel Refferer</a></li>
+	<li role="presentation"><a href="#notizen" role="tab" data-toggle="tab">Notizen</a></li>
+	<li role="presentation"><a href="?content=/usersystem/liste" class="btn btn-default">Zur&uuml;ck</a></li>
+</ul>
+<hr>
+<div class="tab-content">
+	<div role="tabpanel" class="tab-pane active" id="start">
+		<?php require_once('content/usersystem/user_include/allgemeines.php'); ?>
+	</div>
+	<div role="tabpanel" class="tab-pane" id="buchungsliste">
+		<?php require_once('content/usersystem/user_include/buchungen.php');?>
+	</div>
+	<div role="tabpanel" class="tab-pane" id="bettelref">
+		<?php require_once('content/usersystem/user_include/bet_ref.php');?>
+	</div>
+	<div role="tabpanel" class="tab-pane" id="notizen">
+		<?php require_once('content/usersystem/user_include/notizen.php');?>
+	</div>
+</div>
diff --git a/adminforce/content/usersystem/liste.php b/adminforce/content/usersystem/liste.php
index c10cd7d..710b60f 100644
--- a/adminforce/content/usersystem/liste.php
+++ b/adminforce/content/usersystem/liste.php
@@ -1,43 +1,59 @@
+<script>
+var UserID;
+	function userdetails(uid){
+		UserID = uid;
+		$('#userdetails').modal('show');
+		$.ajax({
+			type: "POST",
+			url: "content/usersystem/user_include/ansicht.php",
+			data : { uid : UserID }
+		}).done(function( data )
+		{
+			var obj = JSON.parse(data);
+			document.getElementById("start_html").innerHTML = obj.konto;
+			
+		});
+	}
+</script>
 <?php
-$gfx_status[0] = '<img src="images/gelb.gif" width="15" height="15" border="0" alt="Nicht freigeschaltet">';
-$gfx_status[1] = '<img src="images/gruen.gif" width="15" height="15" border="0" alt="O.K.">';
-$gfx_status[2] = '<img src="images/rot.gif" width="15" height="15" border="0" alt="Gesperrt">';
+require_once('lib/class/userliste.class.php');
+$user = new USERLISTE;
+$liste = $user->liste();
 
 head("Userliste");
-?>
-<table class="table table-bordered">
-<tr class="tabellenhead">
-    <th>#</th>
-    <th>UID</th>
-    <th>Kontostand</th>
-    <th>Nickname</th>
-    <th>Name</th>
-    <th>Emailadresse</th>
-    <th>Angemeldet</th>
-</tr>
-<?php
-$userliste = db_query("SELECT k.login_ip,k.uid,k.status,k.kontostand,u.nickname,u.vorname,u.nachname,u.angemeldet_seit,e.emailadresse
-                             FROM " . $db_prefix . "_kontodaten AS k
-                             LEFT JOIN " . $db_prefix . "_userdaten AS u ON u.uid=k.uid
-                             LEFT JOIN " . $db_prefix . "_emaildaten AS e ON e.uid=k.uid
-ORDER BY k.uid ASC");
-$i = 0;
-while ($ausgabe = mysqli_fetch_array($userliste)) {
-    $i++;
-    $row = ($i % 2 == 0) ? 0 : 1;
-    echo'
-<tr  class="tabellenbody_' . $row . '">
-    <td align="center"><a href="?content=/usersystem/userbearbeiten&amp;uid=' . $ausgabe['uid'] . '" target="_self">' . $gfx_status[$ausgabe['status']] . '</a></td>
-    <td align="center"><a href="../?content=/nickpage&amp;id=' . $ausgabe['uid'] . '" target="_blank">' . $ausgabe['uid'] . '</a></td>
-    <td align="center">' . number_format($ausgabe['kontostand'], 2, ",", ".") . '</td>
-    <td align="center">' . $ausgabe['nickname'] . '</td>
-    <td align="center">' . $ausgabe['vorname'] . ' ' . $ausgabe['nachname'] . '</td>
-    <td align="center"><a href="mailto:' . $ausgabe['emailadresse'] . '">Mail</a></td>
-    <td align="center">' . date("d.m.y - H:i", $ausgabe['angemeldet_seit']) . '</td>
-</tr>
-';
-}
+echo $liste;
+foot();
 
 ?>
-</table>
-<?php foot(); ?>
\ No newline at end of file
+
+<div class="modal fade bs-example-modal-lg" id="userdetails" tabindex="-1" role="dialog" aria-labelledby="meinGroÃŸesModalLabel">
+	<div class="modal-dialog modal-lg">
+		<div class="modal-content">
+			<div class="modal-header">
+				<button type="button" class="close" data-dismiss="modal" aria-label="SchlieÃŸen"><span aria-hidden="true">&times;</span></button>
+				<h4 class="modal-title">Detailansicht</span></h4>
+			</div>
+			<div class="modal-body">
+				<ul class="nav nav-tabs" role="tablist">
+					<li role="presentation" class="active"><a href="#start" role="tab" data-toggle="tab">Start</a></li>
+					<li role="presentation"><a href="#profil" role="tab" data-toggle="tab" onclick="DetailsAnzeigen('Profil');">Profil</a></li>
+					<li role="presentation"><a href="#buchungsliste" role="tab" data-toggle="tab">Buchungsliste</a></li>
+					<li role="presentation"><a href="#bettelref" role="tab" data-toggle="tab">Bettel Refferer</a></li>
+					<li role="presentation"><a href="#einstellungen" role="tab" data-toggle="tab">Einstellungen</a></li>
+					<li role="presentation"><a href="#notizen" role="tab" data-toggle="tab">Notizen</a></li>
+				</ul>
+				<hr>
+				<div class="tab-content">
+					<div role="tabpanel" class="tab-pane active" id="start"><span id="start_html">...Laden...</span></div>
+					<div role="tabpanel" class="tab-pane" id="profil"><span id="profil_html"></span></div>
+					<div role="tabpanel" class="tab-pane" id="buchungsliste"><span id="buchung_html"></span></div>
+					<div role="tabpanel" class="tab-pane" id="bettelref"><span id="bettel_html"></span></div>
+					<div role="tabpanel" class="tab-pane" id="notizen"><span id="notiz_html"></span></div>
+				</div>
+			</div>
+			<div class="modal-footer">
+				<button type="button" class="btn btn-default" data-dismiss="modal">SchlieÃŸen</button>
+			</div>
+		</div>
+	</div>
+</div>
diff --git a/adminforce/content/usersystem/user_include/allgemeines.php b/adminforce/content/usersystem/user_include/allgemeines.php
index 6b8f470..36f0c75 100644
--- a/adminforce/content/usersystem/user_include/allgemeines.php
+++ b/adminforce/content/usersystem/user_include/allgemeines.php
@@ -1,81 +1,80 @@
-<form action="" method="POST">
-<input type="hidden" name="uid" value="<?php echo $alledaten['uid'];?>">
-<input type="hidden" name="alt_werber" value="<?php echo $alledaten['werber'];?>">
-<table class="table table-striped">
-	<tr>
-		<td align="right"><b>User-ID</b>:&nbsp;</td>
-		<td align="left">&nbsp;<?php echo $alledaten['uid'];?></td>
-	</tr>
-	<tr>
-		<td align="right"><b>Nickname</b>:&nbsp;</td>
-		<td align="left">&nbsp;<input type="text" name="nickname" value="<?php echo $alledaten['nickname'];?>"></td>
-	</tr>
-	<tr>
-		<td align="right"><b>Werber-ID</b>:&nbsp;</td>
-		<td align="left">&nbsp;<input type="text" name="werber" value="<?php echo $alledaten['werber'];?>"></td>
-	</tr>
-	<tr>
-		<td align="right"><b>Vorname</b>:&nbsp;</td>
-		<td align="left">&nbsp;<input type="text" name="vorname" value="<?php echo $alledaten['vorname'];?>"></td>
-	</tr>
-	<tr>
-		<td align="right"><b>Nachname</b>:&nbsp;</td>
-		<td align="left">&nbsp;<input type="text" name="nachname" value="<?php echo $alledaten['nachname'];?>"></td>
-	</tr>
-	<tr>
-		<td align="right"><b>eMailadresse</b>:&nbsp;</td>
-		<td align="left">&nbsp;<input type="text" name="emailadresse" value="<?php echo $alledaten['emailadresse'];?>"></td>
-	</tr>
-	<tr>
-		<td align="right"><b>IP/Herkunft</b>:&nbsp;</td>
-		<td align="left">&nbsp;<?php echo $alledaten['login_ip'].' / '. geoIP($ausgabe['login_ip']);?></td>
-	<tr>
-		<td align="right"><b>eMail-Empfang</b>:&nbsp;</td>
-		<td align="left">&nbsp;<select name="freigabe_fuer" size="1">
-		<option value="0" <?php if ($alledaten['freigabe_fuer'] == 0) echo'SELECTED';?>>Kein Empfang</option>
-		<option value="1" <?php if ($alledaten['freigabe_fuer'] == 1) echo'SELECTED';?>>Nur Newsletter</option>
-		<option value="2" <?php if ($alledaten['freigabe_fuer'] == 2) echo'SELECTED';?>>Nur Paidmails</option>
-		<option value="3" <?php if ($alledaten['freigabe_fuer'] == 3) echo'SELECTED';?>>Newsletter / Paidmails</option>
-		</select></td>
-	</tr>
-	<tr>
-		<td align="right">&nbsp;<b>Bettelsperre</b>:</td>
-		<td align="left">&nbsp;
-			<select name="bettel_sperre" size="1">
-				<option value="0" <?php if ($alledaten['bettel_sperre'] == 0) echo'SELECTED';?>>deaktiviert</option>
-				<option value="1" <?php if ($alledaten['bettel_sperre'] == 1) echo'SELECTED';?>>aktiviert</option>
-			</select>
-		</td>
-	</tr>
-	<tr>
-		<td align="right">&nbsp;<b>Banner Sperre</b>:</td>
-		<td align="left">&nbsp;
-			<select name="forced_sperre" size="1">
-				<option value="0" <?php if ($alledaten['forced_sperre'] == 0) echo'SELECTED';?>>deaktiviert</option>
-				<option value="1" <?php if ($alledaten['forced_sperre'] == 1) echo'SELECTED';?>>aktiviert</option>
-			</select>
-		</td>
-	</tr>
-	<tr>
-		<td align="right">&nbsp;<b>Chat Sperre</b>:</td>
-		<td align="left">&nbsp;
-			<select name="chat_sperre" size="1">
-				<option value="0" <?php if ($alledaten['chat_sperre'] == 0) echo'SELECTED';?>>deaktiviert</option>
-				<option value="1" <?php if ($alledaten['chat_sperre'] == 1) echo'SELECTED';?>>aktiviert</option>
-			</select>
-		</td>
-	</tr>
-	<tr>
-		<td><b>Auszahlungssperre</b></td>
-		<td>
-			<select name="auszahlung_sperre">
-				<option value="0" <?php if ($alledaten['auszahlung_sperre'] == 1) echo'SELECTED';?>>Gesperrt</option>
-				<option value="1" <?php if ($alledaten['auszahlung_sperre'] == 0) echo'SELECTED';?>>Freigeschaltet</option>
-			</select>
-		</td>
-	</tr>
-	<tr>
-		<td align="center" colspan="2"><br /><input type="submit" name="profile" value="&raquo; Updaten"><br />&nbsp;</td>
-	</tr>
-</table>
-</form>
\ No newline at end of file
+<div class="row">
+	<div class="col-md-6">
+		<form action="" method="POST">
+			<input type="hidden" name="uid" value="<?php echo $daten->uid;?>">
+			<input type="hidden" name="alt_werber" value="<?php echo $daten->werber;?>">
+			<table class="table table-striped">
+				<tr>
+					<td align="right"><b>Nickname</b>:&nbsp;</td>
+					<td align="left">&nbsp;<input type="text" name="nickname" class="form-control" value="<?php echo $daten->nickname;?>"></td>
+				</tr>
+				<tr>
+					<td align="right"><b>Werber-ID</b>:&nbsp;</td>
+					<td align="left">&nbsp;<input type="text" name="werber" class="form-control" value="<?php echo $daten->werber;?>"></td>
+				</tr>
+				<tr>
+					<td align="right"><b>eMailadresse</b>:&nbsp;</td>
+					<td align="left">&nbsp;<input type="text" name="emailadresse" class="form-control" value="<?php echo $daten->emailadresse;?>"></td>
+				</tr>
+				<tr>
+					<td align="right"><b>eMail-Empfang</b>:&nbsp;</td>
+					<td align="left">&nbsp;<select name="freigabe_fuer" size="1" class="form-control">
+					<option value="0" <?php if ($daten->freigabe_fuer == 0) echo'SELECTED';?>>Kein Empfang</option>
+					<option value="1" <?php if ($daten->freigabe_fuer == 1) echo'SELECTED';?>>Nur Newsletter</option>
+					<option value="2" <?php if ($daten->freigabe_fuer == 2) echo'SELECTED';?>>Nur Paidmails</option>
+					<option value="3" <?php if ($daten->freigabe_fuer == 3) echo'SELECTED';?>>Newsletter / Paidmails</option>
+					</select></td>
+				</tr>
+				<tr>
+					<td align="right">&nbsp;<b>Bettelsperre</b>:</td>
+					<td align="left">&nbsp;
+						<select name="bettel_sperre" size="1" class="form-control">
+							<option value="0" <?php if ($daten->bettel_sperre == 0) echo'SELECTED';?>>deaktiviert</option>
+							<option value="1" <?php if ($daten->bettel_sperre == 1) echo'SELECTED';?>>aktiviert</option>
+						</select>
+					</td>
+				</tr>
+				<tr>
+					<td align="right">&nbsp;<b>Banner Sperre</b>:</td>
+					<td align="left">&nbsp;
+						<select name="forced_sperre" size="1" class="form-control">
+							<option value="0" <?php if ($daten->forced_sperre == 0) echo'SELECTED';?>>deaktiviert</option>
+							<option value="1" <?php if ($daten->forced_sperre == 1) echo'SELECTED';?>>aktiviert</option>
+						</select>
+					</td>
+				</tr>
+				<tr>
+					<td align="right">&nbsp;<b>Chat Sperre</b>:</td>
+					<td align="left">&nbsp;
+						<select name="chat_sperre" size="1" class="form-control">
+							<option value="0" <?php if ($daten->chat_sperre == 0) echo'SELECTED';?>>deaktiviert</option>
+							<option value="1" <?php if ($daten->chat_sperre == 1) echo'SELECTED';?>>aktiviert</option>
+						</select>
+					</td>
+				</tr>
+				<tr>
+					<td align="right"><b>Auszahlungssperre</b></td>
+					<td align="left">
+						<select name="auszahlung_sperre" class="form-control">
+							<option value="0" <?php if ($daten->auszahlung_sperre == 1) echo'SELECTED';?>>Gesperrt</option>
+							<option value="1" <?php if ($daten->auszahlung_sperre == 0) echo'SELECTED';?>>Freigeschaltet</option>
+						</select>
+					</td>
+				</tr>
+				<tr>
+					<td align="center" colspan="2"><br /><input type="submit" class="btn btn-default" name="profile_save" value="Allgemeine Daten Speichern"><br />&nbsp;</td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<div class="col-md-6">
+		<ul class="list-group">
+			<li class="list-group-item"><b>User-ID:</b>&nbsp;<?php echo $daten->uid;?></li>
+			<li class="list-group-item"><b>Vorname:</b><?php echo $daten->vorname;?></li>
+			<li class="list-group-item"><b>Nachname:</b><?php echo $daten->nachname;?></li>
+			<li class="list-group-item"><b>Angemeldet seid:</b>&nbsp;<?php echo date("d.m.Y H:i", $daten->angemeldet_seit);?></li>
+			<li class="list-group-item"><b>IP:</b>&nbsp;<?php echo $daten->login_ip .' / '. geoIP($ausgabe['login_ip']);?></li>
+			<li class="list-group-item"><b>letzter Login:</b>&nbsp;<?php echo date("d.m.Y H:i", $daten->loginzeit);?></li>
+		</ul>
+	</div>
+</div>
diff --git a/adminforce/content/usersystem/user_include/ansicht.php b/adminforce/content/usersystem/user_include/ansicht.php
new file mode 100644
index 0000000..e27f761
--- /dev/null
+++ b/adminforce/content/usersystem/user_include/ansicht.php
@@ -0,0 +1,13 @@
+<?php 
+
+if( !isset( $_SERVER['HTTP_X_REQUESTED_WITH'] ) OR $_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest' OR $_SERVER['REQUEST_METHOD'] != 'POST'){ die();}
+
+
+require_once('../../../../lib/db_config.php');
+require_once('../../../../lib/datenbank.inc.php');
+$datenbank = new DB;
+require_once('../../../lib/class/userliste.class.php');
+
+$user = new USERLISTE;
+$user->set_uid($_POST['uid']);
+$user->userdetails();
diff --git a/adminforce/content/usersystem/user_include/bet_ref.php b/adminforce/content/usersystem/user_include/bet_ref.php
index ef3087c..ea2bc67 100644
--- a/adminforce/content/usersystem/user_include/bet_ref.php
+++ b/adminforce/content/usersystem/user_include/bet_ref.php
@@ -1,19 +1,10 @@
 <table class="table table-striped">
 		<tr class="tabellenhead">
-			<td>Zeit</td>
-			<td>Verg&uuml;tung</td>
-			<td>Refferer</td>
+			<th>Zeit</th>
+			<th>Verg&uuml;tung</th>
+			<th>Refferer</th>
 		</tr>
 <?php
-		$ref = db_query("SELECT zeit,betrag,refferer FROM ".$db_prefix."_bettel_buchung WHERE uid = '".$alledaten['uid']."' ");
-		while($refferer = mysqli_fetch_array($ref)){
-			echo '
-			<tr>
-				<td>'.date("d.m.Y - H:i", $refferer['zeit']).'</td>
-				<td>'.number_format($refferer['betrag'],2,",",".").'</td>
-				<td><a href="'.$refferer['refferer'].'" target="_new">'.$refferer['refferer'].'</a></td>
-			</tr>
-			';
-		}
+		echo $user->bettel_ref();
 ?>
-	</table>
\ No newline at end of file
+	</table>
diff --git a/adminforce/content/usersystem/user_include/buchungen.php b/adminforce/content/usersystem/user_include/buchungen.php
index 61b2b36..05efd81 100644
--- a/adminforce/content/usersystem/user_include/buchungen.php
+++ b/adminforce/content/usersystem/user_include/buchungen.php
@@ -1,56 +1,42 @@
 <?php
+	
 	if(empty($_GET['minus'])){ $_GET['minus'] = 1;}
-	$start = $_GET['minus'] * 30 - 30;	
+	$user->set_bseite($_GET['minus']);
 	
-	$buchungen = '';
-	$bu = db_query("SELECT * FROM ".$db_prefix."_buchungen WHERE uid=".$_GET['uid']." ORDER BY buchungszeit  DESC LIMIT $start,30");
-	while($b = mysqli_fetch_assoc($bu)){
-		if($b['buchungsmenge'] < 0){ $style = 'class="alert alert-danger"';}else{ $style = 'class="alert alert-success"';}
-		if($b['buchung_ok'] == 1){
-			$erfolg = '<span class="glyphicon glyphicon-ok" style="color:green;" aria-hidden="true"></span>';
-		}else{
-			$erfolg = '<span class="glyphicon glyphicon-remove" style="color:red" aria-hidden="true"></span>';
-		}
-		$buchungen .= '
-			<tr '.$style.'>
-				<td>'. date("d.m.Y H:i",$b['buchungszeit']) .'</td>
-				<td>'. $b['buchungs_id'] .'</td>
-				<td>'. number_format($b['buchungsmenge'],2,',','.') .'</td>
-				<td>'. $b['verwendungszweck'] .'</td>
-				<td>'. $b['buchungs_id'] .'</td>
-				<td class="text-center">'. $erfolg .'</td>
-			</tr>
-		';
-	}
-
-define("MAX_EINTRAEGE","30");
-define("NAV_LEISTE","6");
-	$seiteAktuell = $_GET['minus'] + 0;
-	if(empty($seiteAktuell))$seiteAktuell = 1;
-	$start = $seiteAktuell * MAX_EINTRAEGE - MAX_EINTRAEGE;
-	$result = db_query("SELECT * FROM ". $db_prefix ."_buchungen LIMIT $start, ".MAX_EINTRAEGE);
-	$resultGesamt = mysqli_fetch_array(db_query("SELECT COUNT(*) AS menge FROM ". $db_prefix ."_buchungen ")); 
-	$Eintraege = $resultGesamt['menge'];
-	$contentWeb = '<div class="btn-group">'; 
-	$SitesComplete = ceil($Eintraege / MAX_EINTRAEGE);
-	$extVariables = '';
-	$contentWeb .= navigationsLeiste($SitesComplete,$seiteAktuell,$extVariables,'minus',"?content=/konto/buchungen"); 
-	$contentWeb .= '</div>';
-	$nav_minus = '<center>'.$contentWeb.'</center>';
+	$buchungen = $user->buchungen();
 	
 	
-?>
 
-<table class="table tabgle-striped">
-	<tr>
-		<th>Zeit</th>
-		<th>Buchung</th>
-		<th><?php echo $waehrung;?></th>
-		<th>Verwendungszweck</th>
-		<th>TAN</th>
-		<th>Kontobuchung erfolgreich</th>
-	</tr>
-	<?php echo $buchungen;?>
-</table>
+?>
+<div class="row">
+	<div class="col-md-6">
+		<u><b>Kontobuchungen Konto A</b></u>
+		<table class="table tabgle-striped">
+			<tr>
+				<th>Zeit</th>
+				<th>Buchung</th>
+				<th><?php echo $waehrung;?></th>
+				<th>Verwendungszweck</th>
+				<th>TAN</th>
+				<th>Kontobuchung erfolgreich</th>
+			</tr>
+			<?php echo $buchungen['A'];?>
+		</table>
+	</div>
+	<div class="col-md-6">
+		<u><b>Kontobuchungen Konto B</b></u>
+		<table class="table tabgle-striped">
+			<tr>
+				<th>Zeit</th>
+				<th>Buchung</th>
+				<th><?php echo $waehrung;?></th>
+				<th>Verwendungszweck</th>
+				<th>TAN</th>
+				<th>Kontobuchung erfolgreich</th>
+			</tr>
+			<?php echo $buchungen['B'];?>
+		</table>
+	</div>
+</div>
 
-<?php echo $nav_minus;?>
\ No newline at end of file
+<?php echo $nav_minus;?>
diff --git a/adminforce/content/usersystem/user_include/notizen.php b/adminforce/content/usersystem/user_include/notizen.php
index 6870d05..51254d1 100644
--- a/adminforce/content/usersystem/user_include/notizen.php
+++ b/adminforce/content/usersystem/user_include/notizen.php
@@ -1,32 +1,27 @@
 <center>
 	<form action="" method="POST">
 		<table align="center" border="0" cellpadding="0" cellspacing="2">
-			   <tr>
+			<tr>
 				<td><b>Notizen</b>:<br />
-				<textarea name="text" cols="50" rows="20"></textarea></td>
+				<textarea name="text" class="form-control" rows="3"></textarea>
 			</tr>
 			<tr>
-				<td align="center"><br /><input type="submit" name="notice" value="&raquo; Speichern" /></td>
+				<td align="center"><br /><input type="submit" name="notice" value="Notiz hinzuf&uuml;gen" class="btn btn-success"></td>
 			</tr>
 		</table>
 	</form>
 </center>
 <hr>
 <br>
-<table class="table">
-	<tr>
-		<td></td>
-		<td>Notiz</td>
-	</tr>
-<?php
-	$da = db_query("SELECT * FROM ".$db_prefix."_user_notizen WHERE uid = '". mysqli_real_escape_string($sql_open,$_GET['uid']) ."' ");
-	while($daten = mysqli_fetch_array($da)){
-		echo '
-			<tr>
-				<td>'. date("d.m.Y", $daten['datum']) .'<br>Admin-ID: '.$daten['admin_id'] .'</td>
-				<td>'. nl2br($daten['text']) .'</td>
-			</tr>
-		';
-	}
-?>
-</table>
\ No newline at end of file
+<ul class="list-group">
+	<li class="list-group-item">
+		<div class="row">
+			<div class="col-md-3"><u><b>Datum</b></u></div>
+			<div class="col-md-9"><u><b>Notiz</b></u></div>
+		</div>
+	</li>
+		<?php
+			$user->ShowNotizen();
+		?>
+</ul>
+</table>
diff --git a/adminforce/lib/class/run.class.php b/adminforce/lib/class/run.class.php
new file mode 100644
index 0000000..2b7f399
--- /dev/null
+++ b/adminforce/lib/class/run.class.php
@@ -0,0 +1,51 @@
+<?php
+
+	class RUN {
+		public function sicher($string) {
+			global $datenbank;
+			return trim(strip_tags($datenbank->escape($string))); 
+		}
+		
+		public function vars($type = 'REQUEST'){
+			if($type == 'REQUEST')
+				$ay = $_REQUEST;
+			elseif($type == 'POST')
+				$ay = $_POST;
+			elseif($type == 'GET')
+				$ay = $_GET;
+				
+			$rtn = new stdClass();
+			foreach($ay as $a1 => $a2){
+				$rtn->{$this->sicher($a1)} = $this->sicher($a2);
+			}
+				
+			return $rtn;   
+		}
+		
+		public function value($rtn){
+			$count = count((array)$rtn);
+			$i = 1;
+			foreach($rtn as $key => $value) {
+				if($i <= $count){
+					$post = array("name" => $key, "value" => $value);
+				}
+				$i++;
+			}
+			
+			return $post;
+		}
+		
+		public function datei_holen($value){
+			global $datenbank,$error,$meldung;
+			$query = "SELECT datei FROM ". PREFIX . RUN_INC ." WHERE value = '". $datenbank->escape($value['value']) ."' AND name = '". $datenbank->escape($value['name']) ."' ";
+			$dat = $datenbank->num_rows($query);
+			if($dat == 1){
+				$a = $datenbank->get_row($query,true);
+			}else{
+				$error = 1;
+				$meldung = 'Aktion kann nicht ausgef&uuml;hrt werden.';
+			}
+			
+			return $a->datei;
+		}
+	}
\ No newline at end of file
diff --git a/adminforce/lib/class/userliste.class.php b/adminforce/lib/class/userliste.class.php
new file mode 100644
index 0000000..d054531
--- /dev/null
+++ b/adminforce/lib/class/userliste.class.php
@@ -0,0 +1,240 @@
+<?php
+
+class USERLISTE{
+	private $db;
+	private $uid;
+	private $array = array();
+	private $seite;
+	
+	public function __construct(){
+		global $datenbank;
+		$this->db = $datenbank;
+	}
+	
+	public function liste(){
+		$aus = '
+		<table class="table table-bordered table-striped">
+			<tr>
+				<th>#</th>
+				<th>UID</th>
+				<th>
+					Kontostand<br>
+					<small><i>(W&auml;hrung/Bonusw&auml;hrung)</i></small>
+				</th>
+				<th>Nickname</th>
+				<th>Name</th>
+				<th>Emailadresse</th>
+				<th>Angemeldet</th>
+				<th></th>
+			</tr>';
+		$daten = $this->db->get_results("
+									SELECT 
+										u.*,k.kontostand_a,k.kontostand_b,k.status,e.emailadresse 
+									FROM 
+										". PREFIX . KONTO ." AS k
+									LEFT JOIN
+										". PREFIX . USER ." AS u 
+									ON 
+										u.uid=k.uid
+									LEFT JOIN 
+										" . PREFIX . EMAIL . " AS e 
+									ON 
+										e.uid=k.uid
+									ORDER BY 
+										k.uid ASC ");
+		foreach($daten AS $dat){
+			if($dat->status == 0){
+				$icon = 'glyphicon-ban-circle';
+				$alt = 'Best&auml;tigung fehlt';
+				$color = 'yellow';
+			}elseif($dat->status == 1){
+				$icon = 'glyphicon-ok-circle';
+				$alt = 'freigeschaltet';
+				$color = 'green';
+			}elseif($dat->status == 2){
+				$icon = 'glyphicon-remove-circle';
+				$alt = 'Gesperrt';
+				$color = 'red';
+			}
+			$aus .= "
+				<tr>
+					<td><span class='glyphicon $icon' alt='$alt' aria-hidden='true' style='color:$color;'></span></td>
+					<td>$dat->uid</td>
+					<td>".number_format($dat->kontostand_a,2,',','.') ."/". number_format($dat->kontostand_b,2,',','.') ."</td>
+					<td>$dat->nickname</td>
+					<td>$dat->vorname</td>
+					<td>$dat->nachname</td>
+					<td>". date("d.m.Y H:i",$dat->angemeldet_seit) ."</td>
+					<td><a href='?content=/usersystem/details&uid=". $dat->uid ."' class='btn btn-default'>Details</a></td>
+				</tr>";
+		}
+		$aus .= '</table>';
+		return $aus;
+	}
+	
+	public function profil_save($post){
+		global $meldung;
+		$this->make_array($post);
+		$user = array("nickname" => $this->array['nickname']);
+		$mail = array("emailadresse" => $this->array['emailadresse'], "freigabe_fuer" => $this->array['freigabe_fuer']);
+		$konto = array(
+			"bettel_sperre" => $this->array['bettel_sperre'],
+			"forced_sperre" => $this->array['forced_sperre'],
+			"chat_sperre" => $this->array['chat_sperre'],
+			"auszahlung_sperre" => $this->array['auszahlung_sperre']
+		);
+		$update = $this->db->update(PREFIX . KONTO , $konto, array("uid" => $this->uid));
+		$update = $this->db->update(PREFIX . EMAIL , $mail, array("uid" => $this->uid));
+		$update = $this->db->update(PREFIX . USER , $user, array("uid" => $this->uid));
+		$meldung = ALLGEMEINE_DATEN_SAVE;
+	}
+	
+	private function make_array($post){
+		foreach($post AS $key => $value){
+			if($key != 'profile_save' && $key != 'notice'){
+				$this->array[$key] = $value;
+			}
+		}
+	}
+	
+	public function set_uid($uid){
+		if(!is_numeric($uid)){ $this->uid = 0;}else{$this->uid = $uid;}
+	}
+	
+	public function startseite(){
+		$erg = $this->db->get_row("SELECT COUNT(uid) AS kd_uid , SUM(kontostand_a) AS kd_kontostand FROM ". PREFIX . KONTO ."",true);
+		return $erg;
+	}
+	
+	public function Chart(){
+		$array = array("label" => "", "ges" => "");
+		$result = $this->db->get_results("SELECT datum,SUM(ein) AS ein, SUM(aus) as aus FROM ". PREFIX . BILANZ ." GROUP BY datum ORDER BY datum ASC LIMIT 14");
+		foreach($result AS $res){
+			$array['label'] .= 	'"'.date("d.m.",$res->datum).'"' .",";
+			$array['ges'] .= $res->ein - $res->aus .',';
+		}
+		
+		return $array;
+	}
+	
+	public function userinfo(){
+		$daten = $this->db->get_row("
+					SELECT 
+						u.*,k.*,b.*,e.* 
+					FROM 
+						". PREFIX . KONTO ." AS k
+					LEFT JOIN
+						". PREFIX . USER ." AS u 
+					ON 
+						u.uid=k.uid
+					LEFT JOIN 
+						" . PREFIX . EMAIL . " AS e 
+					ON 
+						e.uid=k.uid
+					LEFT JOIN
+						". PREFIX . BUCH ." AS b
+					ON
+						b.uid = k.uid
+					WHERE k.uid = '$this->uid'
+					",true);
+		return $daten;
+	}
+	
+	public function set_bseite($seite){
+		$this->seite = $seite * 30 - 30;	
+	}
+	
+	public function buchungen($seite = 0){
+		$aus = array("A" => "", "B" => "");
+		$bua = $this->db->get_results("SELECT * FROM ". PREFIX . BUCH." WHERE uid='$this->uid' ORDER BY buchungszeit  DESC LIMIT $this->seite,30");
+		foreach($bua AS $b){
+			if($b->buchungsmenge < 0){ $style = 'class="alert alert-danger"';}else{ $style = 'class="alert alert-success"';}
+			if($b->buchung_ok == 1){
+				$erfolg = '<span class="glyphicon glyphicon-ok" style="color:green;" aria-hidden="true"></span>';
+			}else{
+				$erfolg = '<span class="glyphicon glyphicon-remove" style="color:red" aria-hidden="true"></span>';
+			}
+			$aus['A'] .= '
+				<tr '.$style.'>
+					<td>'. date("d.m.Y H:i",$b->buchungszeit) .'</td>
+					<td>'. $b->buchungs_id .'</td>
+					<td>'. number_format($b->buchungsmenge,2,',','.') .'</td>
+					<td>'. $b->verwendungszweck .'</td>
+					<td>'. $b->buchungs_id .'</td>
+					<td class="text-center">'. $erfolg .'</td>
+				</tr>
+			';
+		}
+		
+		$bub = $this->db->get_results("SELECT * FROM ". PREFIX . BUCH_B ." WHERE uid='$this->uid' ORDER BY buchungszeit  DESC LIMIT $this->seite,30");
+		foreach($bub AS $b){
+			if($b->buchungsmenge < 0){ $style = 'class="alert alert-danger"';}else{ $style = 'class="alert alert-success"';}
+			if($b->buchung_ok == 1){
+				$erfolg = '<span class="glyphicon glyphicon-ok" style="color:green;" aria-hidden="true"></span>';
+			}else{
+				$erfolg = '<span class="glyphicon glyphicon-remove" style="color:red" aria-hidden="true"></span>';
+			}
+			$aus['B'] .= '
+				<tr '.$style.'>
+					<td>'. date("d.m.Y H:i",$b->buchungszeit) .'</td>
+					<td>'. $b->buchungs_id .'</td>
+					<td>'. number_format($b->buchungsmenge,2,',','.') .'</td>
+					<td>'. $b->verwendungszweck .'</td>
+					<td>'. $b->buchungs_id .'</td>
+					<td class="text-center">'. $erfolg .'</td>
+				</tr>
+			';
+		}
+		
+		return $aus;
+	}
+	
+	public function bettel_ref(){
+		$aus = '';
+		$result = $this->db->get_results("SELECT * FROM ". PREFIX . BETTELB ." WHERE uid = '$this->uid' ORDER BY id DESC LIMIT 120");
+		foreach($result AS $res){
+			$aus .= '
+				<tr>
+					<td>'.date("d.m.Y - H:i", $res->zeit).'</td>
+					<td>'.number_format($res->betrag,2,",",".").'</td>
+					<td><a href="'.$res->refferer.'" target="_new">'.$res->refferer.'</a></td>
+				</tr>
+			';
+		}
+		return $aus;
+	}
+	
+	public function ShowNotizen(){
+		$result = $this->db->get_results("SELECT * FROM ". PREFIX . NOTIZ ." WHERE uid = '$this->uid' ");
+		foreach($result AS $res){
+			echo '
+			 <li class="list-group-item">
+				<div class="row">
+					<div class="col-md-3">'. date("d.m.Y", $res->datum) .'</div>
+					<div class="col-md-9">'. nl2br($res->text) .'</div>
+				</div>
+			</li>
+			';
+		}
+	}
+	
+	public function AddNotiz(){
+		global $_POST,$_GET,$error,$meldung;
+		$this->make_array($_POST);
+		if(empty($this->array['text'] )){ $error = 1; $meldung .= NOTIZ_EMPTY;}
+		if($error == 0){
+			$eintrag = array(
+				"uid" => $this->uid,
+				"text" => $this->array['text'],
+				"datum" => time()
+			);
+			$insert = $this->db->insert(PREFIX . NOTIZ, $eintrag);
+			if($insert == true){
+				$meleung = NOTIZ_SAVE_TRUE;
+			}else{
+				$error = 1;
+				$meldung = NOTIZ_SAVE_FALSE;
+			}
+		}
+	}
+}
diff --git a/adminforce/lib/funktionen/user/notiz.php b/adminforce/lib/funktionen/user/notiz.php
new file mode 100644
index 0000000..2cba9aa
--- /dev/null
+++ b/adminforce/lib/funktionen/user/notiz.php
@@ -0,0 +1,6 @@
+<?php
+
+require_once('lib/class/userliste.class.php');
+$notiz = new USERLISTE;
+$notiz->set_uid($_GET['uid']);
+$notiz->AddNotiz();
diff --git a/adminforce/lib/funktionen/user/profil.php b/adminforce/lib/funktionen/user/profil.php
new file mode 100644
index 0000000..df9057e
--- /dev/null
+++ b/adminforce/lib/funktionen/user/profil.php
@@ -0,0 +1,7 @@
+<?php
+require_once('lib/class/userliste.class.php');
+$user = new USERLISTE;
+if(isset($_POST['profile_save'])){
+	$user->set_uid($_POST['uid']);
+	$user->profil_save($_POST);
+}
diff --git a/adminforce/lib/lang/lang.de.php b/adminforce/lib/lang/lang.de.php
index 00cf9a8..fac959a 100644
--- a/adminforce/lib/lang/lang.de.php
+++ b/adminforce/lib/lang/lang.de.php
@@ -16,4 +16,10 @@
 	
 	define("BETREIBERDATEN_SAVE_TRUE","Die Daten wurden erfolgreich gespeichert.<br>");
 	define("BETREIBERDATEN_SAVE_FALSE","Fehler beim Speichern der Betreiberdaten.<br>");
+	
+//USER BEARBEITEN
+	define("ALLGEMEINE_DATEN_SAVE","Die Daten wurden gespeichert.<br>");
+	define("NOTIZ_EMPTY","Keine Notiz eingetragen.<br>");
+	define("NOTIZ_SAVE_TRUE","Die Notiz wurde gespeichert.<br>");
+	define("NOTIZ_SAVE_FALSE","Die Notiz konnte nicht gespeichert werden.<br>");
 ?>
diff --git a/adminforce/lib/run.inc.php b/adminforce/lib/run.inc.php
index 301c67b..69a0fde 100644
--- a/adminforce/lib/run.inc.php
+++ b/adminforce/lib/run.inc.php
@@ -6,6 +6,16 @@ if (isset($_POST['updaten_betreiberdaten'])){
 	$betreiber->post();
 }
 
+if($_SERVER["REQUEST_METHOD"] == "POST" && !isset($_POST['login'])){
+	require_once('lib/class/run.class.php');
+	$var = new RUN();
+	$v = $var->vars();
+	$value = $var->value($v);
+	$datei = $var->datei_holen($value);
+	if($datei != ''){
+		require('lib/funktionen/'.$datei);
+	}
+}
 //Boxverwaltung User
 	//Eintragen
 	if(isset($_POST['box_save']) && $_SESSION['admin'] == 1){ require('lib/funktionen/boxen/boxen_neu.php');}
diff --git a/adminforce/lib/var.php b/adminforce/lib/var.php
index 50312ec..1e95432 100644
--- a/adminforce/lib/var.php
+++ b/adminforce/lib/var.php
@@ -5,20 +5,5 @@ $betreiberdaten = new stdClass();
 $datenbank = new DB;
 
 
-//$_POST
-//BETREIBERDATEN
-if (!isset($_POST['updaten'])){				$_POST['updaten'] = '';}
-if (!isset($_POST['betreiber_id'])){		$_POST['betreiber_id'] = '';}
-if (!isset($_POST['betreiber_passwort'])){	$_POST['betreiber_passwort'] = '';}
-if (!isset($_POST['betreiber_kennung'])){	$_POST['betreiber_kennung'] = '';}
-if (!isset($_POST['schnittstelle'])){		$_POST['schnittstelle'] = '';}
-if (!isset($_POST['einzahltext'])){			$_POST['einzahltext'] = '';}
-if (!isset($_POST['auszahltext'])){			$_POST['auszahltext'] = '';}
-if (!isset($_POST['anfragen_tag'])){		$_POST['anfragen_tag'] = '';}
-if (!isset($_POST['anfragen_user'])){		$_POST['anfragen_user'] = '';}
-if (!isset($_POST['aktiv'])){				$_POST['aktiv'] = '';}
-if (!isset($_POST['waehrung_name'])){		$_POST['waehrung_name'] = '';}
-if (!isset($_POST['punktewert'])){			$_POST['punktewert'] = '';}
-if (!isset($_POST['wertepunkt'])){			$_POST['wertepunkt'] = '';}
-if (!isset($_POST['updaten'])){				$_POST['updaten'] = '';}
+
 ?>
diff --git a/content/konto/profil_include/nickpage.php b/content/konto/profil_include/nickpage.php
index d9867b2..ffb31e8 100644
--- a/content/konto/profil_include/nickpage.php
+++ b/content/konto/profil_include/nickpage.php
@@ -1,25 +1,12 @@
-<?php
-
-$nickpage	= mysqli_fetch_array(db_query("SELECT * FROM ".$db_prefix."_nickpage WHERE uid='". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."'"));
-$esc = mysqli_fetch_array(db_query("SELECT bdate FROM ".$db_prefix."_userdaten WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' "));
-
-if($esc['bdate'] == 0){
-	$bdate = 'placeholder="TT.MM.JJJ"';
-}else{
-	$bdate = 'value="'. date("d.m.Y", $esc['bdate']) .'"';
-}
-
-?>
-
 <form action="" method="post">
 	<table class="table">	
 		<tr>
 			<td><strong>Geschlecht: &nbsp;</strong></td>
 			<td>
 			<select name="sex"  class="form-control">
-				<option value="" <?php if ($nickpage['sex'] == "") echo 'selected';?>>Bitte w&auml;hlen</option>
-				<option value="weiblich" <?php if ($nickpage['sex'] == 'weiblich') echo 'selected';?>>weiblich</option>
-				<option value="mÃ¤nnlich" <?php if ($nickpage['sex'] == 'mÃ¤nnlich') echo 'selected';?>>m&auml;nnlich</option>
+				<option value="" <?php if ($daten->sex == "") echo 'selected';?>>Bitte w&auml;hlen</option>
+				<option value="weiblich" <?php if ($daten->sex == 'weiblich') echo 'selected';?>>weiblich</option>
+				<option value="mÃ¤nnlich" <?php if ($daten->sex == 'mÃ¤nnlich') echo 'selected';?>>m&auml;nnlich</option>
 			</select>
 			</td>
 		</tr>
@@ -30,54 +17,54 @@ if($esc['bdate'] == 0){
 		<tr>
 			<td><strong>Wohnort: &nbsp;</strong></td>
 			<td>
-				<input name="ort" value="<?php echo $nickpage['ort'];?>" class="form-control">
+				<input name="ort" value="<?php echo $daten->ort;?>" class="form-control">
 			</td>
 		</tr>
 		<tr>
 			<td><strong>Land: &nbsp;</strong></td>
 			<td>
-				<input name="land" value="<?php echo $nickpage['land'];?>" class="form-control">
+				<input name="land" value="<?php echo $daten->land;?>" class="form-control">
 			</td>
 		</tr>
 		<tr>
 			<td><b>Hobbys: &nbsp;</b></td>
-			<td><input name="hobbys" value="<?php echo $nickpage['hobbys'];?>" class="form-control"></td>
+			<td><input name="hobbys" value="<?php echo $daten->hobbys;?>" class="form-control"></td>
 		</tr>
 		<tr>
 			<td><b>Beruf: &nbsp;</b></td>
-			<td><input name="beruf" value="<?php echo $nickpage['beruf'];?>" class="form-control"></td>
+			<td><input name="beruf" value="<?php echo $daten->beruf;?>" class="form-control"></td>
 		</tr>
 		<tr>
 			<td><b>ICQ: &nbsp;</b></td>
-			<td><input name="icq" value="<?php echo $nickpage['icq'];?>" class="form-control"></td>
+			<td><input name="icq" value="<?php echo $daten->icq;?>" class="form-control"></td>
 		</tr>
 		<tr>
 			<td><b>MSN: &nbsp;</b></td>
-			<td><input name="msn" value="<?php echo $nickpage['msn'];?>" class="form-control"></td>
+			<td><input name="msn" value="<?php echo $daten->msn;?>" class="form-control"></td>
 		</tr>
 		<tr>
 			<td><b>AIM: &nbsp;</b></td>
-			<td><input name="aim" value="<?php echo $nickpage['aim'];?>" class="form-control"></td>
+			<td><input name="aim" value="<?php echo $daten->aim;?>" class="form-control"></td>
 		</tr>
 		<tr>
 			<td><b>Skype: &nbsp;</b></td>
-			<td><input name="skype" value="<?php echo $nickpage['skype'];?>" class="form-control"></td>
+			<td><input name="skype" value="<?php echo $daten->skype;?>" class="form-control"></td>
 		</tr>
 		<tr>
 			<td><b>Homepage:</b> (ohne http://)  &nbsp;</td>
-			<td><input name="www" value="<?php echo $nickpage['www'];?>" class="form-control"></td>
+			<td><input name="www" value="<?php echo $daten->www;?>" class="form-control"></td>
 		</tr>
 		<tr>
 			<td><b>Lieblingswebsite 1:</b> (ohne http://)  &nbsp;</td>
-			<td><input name="www1" value="<?php echo $nickpage['www1'];?>" class="form-control"></td>
+			<td><input name="www1" value="<?php echo $daten->www1;?>" class="form-control"></td>
 		</tr>
 		<tr>
 			<td><b>Lieblingswebsite 2:</b> (ohne http://)  &nbsp;</td>
-			<td><input name="www2" value="<?php echo $nickpage['www2'];?>" class="form-control"></td>
+			<td><input name="www2" value="<?php echo $daten->www2;?>" class="form-control"></td>
 		</tr>
 		<tr>
 			<td><b>Lieblingswebsite 3:</b> (ohne http://)  &nbsp;</td>
-			<td><input name="www3" value="<?php echo $nickpage['www3'];?>" class="form-control"></td>
+			<td><input name="www3" value="<?php echo $daten->www3;?>" class="form-control"></td>
 		</tr>	
 		<tr>
 			<td valign="top">
@@ -88,7 +75,7 @@ if($esc['bdate'] == 0){
 				<?php if ($nickpage['ava'] == '') { ?>
 				<input name="ava" value="" size="40">						
 				<?php } else { ?>
-				<input name="ava" value="<?php echo $nickpage['ava'];?>" size="40">	
+				<input name="ava" value="<?php echo $daten->ava;?>" size="40">	
 				<?php } ?>			
 			</td>
 		</tr>
@@ -98,7 +85,7 @@ if($esc['bdate'] == 0){
 				if($nickpage['ava'] == ''){
 					echo '<div class="alert alert-info">Kein Avatar gew&auml;hlt</div>';
 				}else{
-					echo '<a href="#" class="thumbnail"><img src="'. $nickpage['ava'] .'" alt="'. $_SESSION['uid'] .'"></a>';
+					echo '<a href="#" class="thumbnail"><img src="'. $daten->ava .'" alt="'. $_SESSION['uid'] .'"></a>';
 				}
 				?>
 			</td>
diff --git a/content/konto/profil_include/pass.php b/content/konto/profil_include/pass.php
new file mode 100644
index 0000000..7d99694
--- /dev/null
+++ b/content/konto/profil_include/pass.php
@@ -0,0 +1,13 @@
+<form method="post" action="">
+	<table class="table table-striped">
+		<tr>
+			<td>Neues Passwort:</td>
+			<td><input type="password" name="pwd" class="form-control"></td>
+		</tr>
+		<tr>
+			<td>Neues PasswortbestÃ¤tigung:</td>
+			<td><input type="password" name="pwd2" class="form-control"></td>
+		</tr>
+	</table>
+	<input type="submit" name="pw_neu" value="Speichern" class="btn btn-success btn-block">
+</form>
diff --git a/content/konto/profil_include/profil.php b/content/konto/profil_include/profil.php
index cbf4f3d..f777b27 100644
--- a/content/konto/profil_include/profil.php
+++ b/content/konto/profil_include/profil.php
@@ -2,27 +2,19 @@
 	<table class="table">
 		<tr>
 			<td>Nickname/UID:</td>
-			<td><?php echo $info['nickname'];?>&nbsp;/&nbsp;<?php echo $_SESSION['uid'];?></td>
+			<td><?php echo $daten->nickname;?>&nbsp;/&nbsp;<?php echo $_SESSION['uid'];?></td>
 		</tr>
 		<tr>
 			<td>Name:</td>
-			<td><input type="text" value="<?php echo $info['nachname'];?>"></td>
+			<td><input type="text" name="nachname" value="<?php echo $daten->nachname;?>"></td>
 		</tr>
 		<tr>
 			<td>Vorname:</td>
-			<td><input type="text" value="<?php echo $info['vorname'];?>"></td>
+			<td><input type="text" name="vorname" value="<?php echo $daten->vorname;?>"></td>
 		</tr>
 		<tr>
 			<td>Emailadresse:</td>
-			<td><input type="text" name="emailadresse" value="<?php echo $info['emailadresse'];?>"></td>
-		</tr>
-		<tr>
-			<td>Neues Passwort:</td>
-			<td><input type="password" name="pwd"></td>
-		</tr>
-		<tr>
-			<td>Neues PasswortbestÃ¤tigung:</td>
-			<td><input type="password" name="pwd2"></td>
+			<td><input type="text" name="emailadresse" value="<?php echo $daten->emailadresse;?>"></td>
 		</tr>
 		<tr>
 			<td>Newsletter:</td>
@@ -47,7 +39,7 @@
 			<td>
 				<table>
 					<tr>
-						<td><input name="max_forced" id="sliderValue1" type="Text" value="<?php echo $info['max_forced'];?>" size="3"></td>
+						<td><input name="max_forced" id="sliderValue1" type="Text" value="<?php echo $daten->max_forced;?>" size="3"></td>
 						<td><script language="JavaScript" src="js/userprofil_slieder/slider1.js"></script></td>
 					</tr>
 				</table>
@@ -58,7 +50,7 @@
 			<td>
 				<table>
 					<tr>
-						<td><input name="max_paidlinks" id="sliderValue2" type="Text" value="<?php echo $info['max_paidlinks'];?>" size="3"></td>
+						<td><input name="max_paidlinks" id="sliderValue2" type="Text" value="<?php echo $daten->max_paidlinks;?>" size="3"></td>
 						<td><script language="JavaScript" src="js/userprofil_slieder/slider2.js"></script></td>
 					</tr>
 				</table>
@@ -66,10 +58,10 @@
 		</tr>
 		<tr>
 			<td align="center" colspan="2"><br>
-				<input type="submit" name="aendern" value="Jetzt Ã¤ndern!"><br>
+				<input type="submit" name="aendern" class="btn btn-default" value="Jetzt Ã¤ndern!"><br>
 			   <br>
 			   <?php echo $change;?>
 		   </td>
 		</tr>
 	</table>
-</form>
\ No newline at end of file
+</form>
diff --git a/content/konto/refuebersicht.php b/content/konto/refuebersicht.php
index 8d02e68..1c475ec 100644
--- a/content/konto/refuebersicht.php
+++ b/content/konto/refuebersicht.php
@@ -1,4 +1,4 @@
-<?php userstatus();
+<?php 
 
 $ebene_1 = false;
 $ebene_2 = false;
@@ -155,4 +155,4 @@ echo "<center>Noch keine Refs in Ebene 3</center>";
 <span class="glyphicon glyphicon-certificate" aria-hidden="true" style="color:yellow;"></span> User war mind. 7 Tage nicht mehr aktiv.<br>
 <span class="glyphicon glyphicon-certificate" aria-hidden="true" style="color:green;"></span> User war in den letzen 7 Tagen aktiv.<br></center>
 </td></tr></table></center>
-<?php foot();?>
\ No newline at end of file
+<?php foot();?>
diff --git a/content/konto/userprofil.php b/content/konto/userprofil.php
index 50a4786..e933204 100644
--- a/content/konto/userprofil.php
+++ b/content/konto/userprofil.php
@@ -1,92 +1,22 @@
 <?php
-userstatus();
+require_once('lib/class/userprofil.class.php');
+$profil = new USERPROFIL;
+$profil->set_uid($_SESSION['uid']);
+$daten = $profil->get_daten();
 
-// Variabeln definieren
-if (!isset($_POST['aendern'])) $_POST['aendern'] = "";
-if (!isset($_POST['acc_del'])) $_POST['acc_del'] = "";
-if (!isset($_POST['del_passwort'])) $_POST['del_passwort'] = "";
-if (!isset($_POST['pwd'])) $_POST['pwd'] = "";
-if (!isset($_POST['pwd2'])) $_POST['pwd2'] = "";
-if (!isset($_POST['nickname'])) $_POST['nickname'] = "";
-if (!isset($_POST['newsletter'])) $_POST['newsletter'] = "";
-if (!isset($_POST['paidmails'])) $_POST['paidmails'] = "";
-if (!isset($_POST['bdate'])) $_POST['bdate'] = "";
-if (!isset($change)) $change = "";
-if (!isset($mailstatus)) $mailstatus = "";
-if (!isset($delchange)) $delchange = "";
-
-if ($_POST['acc_del'] == 'Jetzt lÃ¶schen!' && $_POST['del_passwort']) {
-    $schnittstelle = mysqli_fetch_array(db_query("SELECT `passwort` FROM " . $db_prefix . "_kontodaten LIMIT 1")) or die("Userinfo");
-    if ($schnittstelle['passwort'] != md5($_GET['del_passwort'])) {
-        echo 'Passwort falsch';
-    } else {
-        $sperrzeit = time() + (86400 * 30);
-        db_query("DELETE FROM " . $db_prefix . "_kontodaten WHERE uid=" . $_SESSION['uid'] . "");
-        db_query("DELETE FROM " . $db_prefix . "_emaildaten WHERE uid=" . $_SESSION['uid'] . "");
-        db_query("DELETE FROM " . $db_prefix . "_userdaten WHERE uid=" . $_SESSION['uid'] . "");
-        db_query("DELETE FROM " . $db_prefix . "_werberdaten WHERE uid=" . $_SESSION['uid'] . "");
-        db_query("UPDATE " . $db_prefix . "_werberdaten SET werber = 0 WHERE werber=" . $_SESSION['uid'] . "");
-        db_query ('DELETE FROM ' . $db_prefix . '_admin_abuse WHERE uid = ' . $_SESSION['uid']);
-        db_query ('DELETE FROM ' . $db_prefix . '_adscan_userblacklist WHERE uid = ' . $_SESSION['uid']);
-        db_query ('DELETE FROM vms_buchungen WHERE uid = ' . $_SESSION['uid']);
-        db_query ('DELETE FROM vms_reloads WHERE uid = ' . $_SESSION['uid']);
-        db_query ('DELETE FROM vms_schnittstelle_anfragen WHERE uid = ' . $_SESSION['uid']);
-        echo '<meta http-equiv="refresh" content="0; URL=http://' . $_SERVER['HTTP_HOST'] . '/?content=/intern/startseite&logout=true">';
-    }
-}
-
-if ($_POST['aendern'] == 'Jetzt Ã¤ndern!') {
-    // Passwort Ã¤ndern beginn!
-    if ($_POST['pwd'] && $_POST['pwd2']) {
-        if ($_POST['pwd'] == $_POST['pwd2']) {
-            if (strlen($_POST['pwd']) >= 8) {
-				$pw = pw_erstellen($_POST['pwd']);
-                db_query("UPDATE " . $db_prefix . "_kontodaten SET passwort = '" . $pw . "' WHERE uid=" . $_SESSION['uid'] . "");
-                echo '<meta http-equiv="refresh" content="0; URL=http://' . $_SERVER['HTTP_HOST'] . '/?content=/intern/startseite&logout=true">';
-                // $change .= 'Das Passwort wurde geÃ¤ndert!<br><b><font color="#FF0000">Bitte logge Dich jetzt aus und wieder neu ein!</font></b><br>';
-            } else {
-                $change = 'PasswÃ¶rter mÃ¼ssen min. 8 Zeichen haben!';
-            }
-        } else {
-            $change = 'Die PasswÃ¶rter stimmen nicht Ã¼berein!';
-        }
-    }
-    // Passwort Ã¤ndern ende!
-    if ($_POST['aendern'] == 'Jetzt Ã¤ndern!') {
-        if (check_email($_POST['emailadresse']) == false) {
-            $change .= 'Der Emailsyntax ist falsch!<br>';
-        } else {
-            if ($_POST['newsletter'] == 0 and $_POST['paidmails'] == 0) $mailstatus = 0;
-            if ($_POST['newsletter'] == 1 and $_POST['paidmails'] == 0) $mailstatus = 1;
-            if ($_POST['newsletter'] == 0 and $_POST['paidmails'] == 1) $mailstatus = 2;
-            if ($_POST['newsletter'] == 1 and $_POST['paidmails'] == 1) $mailstatus = 3;
-            $_POST['max_forced'] = (int)$_POST['max_forced'];
-            db_query("UPDATE " . $db_prefix . "_emaildaten SET freigabe_fuer = " . mysqli_real_escape_string($sql_open,$mailstatus) . ",
-																emailadresse = '" . mysqli_real_escape_string($sql_open,$_POST['emailadresse']) . "'
-																WHERE uid=" . $_SESSION['uid'] . "");
-            
-			db_query("UPDATE " . $db_prefix . "_userdaten SET	max_forced = '" . mysqli_real_escape_string($sql_open,$_POST['max_forced']) . "',
-																max_paidlinks = '". mysqli_real_escape_string($sql_open,$_POST['max_paidlinks']) ."'
-																WHERE uid=" . $_SESSION['uid'] . "");
-            $change .= 'Deine Daten wurden aktualisiert!<br>';
-        }
-    }
-}
-    $info = mysqli_fetch_array(db_query("SELECT u.*,e.emailadresse,e.freigabe_fuer FROM " . $db_prefix . "_userdaten AS u LEFT JOIN " . $db_prefix . "_emaildaten AS e ON e.uid=u.uid WHERE u.uid=" . $_SESSION['uid'] . " LIMIT 1"));
-
-    if ($info['freigabe_fuer'] == 0) {
+    if ($daten->freigabe_fuer == 0) {
         $newsletter = 0;
         $paidmails = 0;
     }
-    if ($info['freigabe_fuer'] == 1) {
+    if ($daten->freigabe_fuer == 1) {
         $newsletter = 1;
         $paidmails = 0;
     }
-    if ($info['freigabe_fuer'] == 2) {
+    if ($daten->freigabe_fuer == 2) {
         $newsletter = 0;
         $paidmails = 1;
     }
-    if ($info['freigabe_fuer'] == 3) {
+    if ($daten->freigabe_fuer == 3) {
         $newsletter = 1;
         $paidmails = 1;
     }
@@ -96,6 +26,7 @@ if ($_POST['aendern'] == 'Jetzt Ã¤ndern!') {
 <div>
 	<ul class="nav nav-tabs" role="tablist">
 		<li role="presentation" class="active"><a href="#start" role="tab" data-toggle="tab">Profildaten</a></li>
+		<li role="presentation"><a href="#pass" role="tab" data-toggle="tab">Passwort</a></li>
 		<?php
 		if($moeglich != 0){
 			echo '<li role="presentation"><a href="#profil" role="tab" data-toggle="tab">Externe Konten</a></li>';
@@ -108,6 +39,9 @@ if ($_POST['aendern'] == 'Jetzt Ã¤ndern!') {
 		<div role="tabpanel" class="tab-pane active" id="start">
 			<?php require('content/konto/profil_include/profil.php');?>
 		</div>
+		<div role="tabpanel" class="tab-pane" id="pass">
+			<?php require('content/konto/profil_include/pass.php');?>
+		</div>
 		<div role="tabpanel" class="tab-pane" id="profil">
 		<?php
 		if($moeglich != 0){
@@ -133,4 +67,4 @@ if ($_POST['aendern'] == 'Jetzt Ã¤ndern!') {
 		</div>
 	</div>
 
-</div>
\ No newline at end of file
+</div>
diff --git a/install/mysql.txt b/install/mysql.txt
index 7433e16..02895ea 100644
--- a/install/mysql.txt
+++ b/install/mysql.txt
@@ -549,13 +549,54 @@ CREATE TABLE `vms_run_inc` (
   `beschreibung` text NOT NULL
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
 
-INSERT INTO `vms_run_inc` (`id`, `name`, `value`, `datei`, `beschreibung`) VALUES
-(1, 'chat_absenden', 'Absenden', 'chat.php', 'Chat absenden'),
-(2, 'news_komment', 'Kommentar Speichern', 'news/kommentar.php', 'News Kommentieren'),
-(3, 'anmelden', 'Jetzt anmelden!', 'konto/anmelden.php', 'Registrtieren'),
-(4, 'auszahlen', 'Auszahlen', 'konto/auszahlen.php', 'Auszahlen'),
-(5, 'ueberweisen', 'Senden', 'konto/ueberweisen.php', 'Ãœberweisen'),
-(6, 'aendern_nickpage', 'Ã„nderungen speichern', 'konto/nickpage.php', 'Nickpage Speichern');
+INSERT INTO `vms_run_inc` (`id`, `name`, `value`, `datei`, `beschreibung`, `berechtigung`) VALUES
+(1, 'chat_absenden', 'Absenden', 'chat.php', 'Chat absenden', 0),
+(2, 'news_komment', 'Kommentar Speichern', 'news/kommentar.php', 'News Kommentieren', 0),
+(3, 'anmelden', 'Jetzt anmelden!', 'konto/anmelden.php', 'Registrtieren', 0),
+(4, 'auszahlen', 'Auszahlen', 'konto/auszahlen.php', 'Auszahlen', 0),
+(5, 'ueberweisen', 'Senden', 'konto/ueberweisen.php', 'Ãœberweisen', 0),
+(6, 'aendern_nickpage', 'Speichern', 'konto/nickpage.php', 'Nickpage Speichern', 0),
+(7, 'checkid', 'Login', 'session/login.php', 'Login', 0),
+(8, 'anf_daten', 'Anfordern!', 'konto/daten.php', 'Passwort anfordern', 0),
+(9, 'admin_box_save', 'Speichern', 'boxen/admin_boxen_neu.php', 'MenÃ¼box Adminbereich erstellen', 1),
+(10, 'admin_box_loschen', 'LÃ¶schen', 'boxen/admin_loschen.php', 'MenÃ¼boxen admin lÃ¶schen', 1),
+(11, 'admin_box_aendern', 'Ã„ndern', 'boxen/admin_andern.php', 'MenÃ¼bocen admin bearbeiten', 1),
+(12, 'box_save', 'Speichern', 'boxen/boxen_neu.php', 'MenÃ¼boxen User erstellen', 1),
+(13, 'aendern', 'Ã„ndern', 'boxen/andern.php', 'MenÃ¼boxen User bearbeiten', 1),
+(14, 'box_loschen', 'LÃ¶schen', 'boxen/loschen.php', 'MenÃ¼boxen User lÃ¶schen', 1),
+(15, 'link_zuordnen_neu', 'Bearbeiten', 'menu/zuordnung_menu_neu.php', '', 1),
+(16, 'link_zuordnen_loschen', 'LÃ¶schen', 'menu/zuordnung_menu_neu_losch.php', '', 1),
+(17, 'menue_neu_save', 'Anlegen', 'menu/menu_neu.php', '', 1),
+(18, 'link_bearbeiten', '', 'menu/menu_bearbeiten.php', '', 1),
+(19, 'link_loschen', '', 'menu/menu_loschen.php', '', 1),
+(20, 'admin_link_zuordnen_neu', '', 'menu/admin_zuordnung_menu_neu.php', '', 1),
+(21, 'admin_link_zuordnen_loschen', '', 'menu/admin_zuordnung_menu_neu_losch.php', '', 1),
+(22, 'admin_menue_neu_save', '', 'menu/admin_menu_neu.php', '', 1),
+(23, 'admin_link_bearbeiten', '', 'menu/admin_menu_bearbeiten.php', '', 1),
+(24, 'admin_link_loschen', '', 'menu/admin_menu_loschen.php', '', 1),
+(28, 'chat_save', 'Chat Einstellungen Speichern', 'chat/einstellungen.php', '', 1),
+(29, 'chat_nachricht_loeschen', 'LÃ¶schen', 'chat/nachrichten_loeschen.php', '', 1),
+(30, 'seite_save', 'Speichern', 'cms/neue_seite.php', '', 1),
+(31, 'updaten_betreiberdaten', 'Updaten', 'class/betreiber.class.php', '', 1),
+(33, 'einzahlen', 'Einzahlen', 'konto/einzahlen.php', '', 0),
+(34, 'aendern', 'Jetzt Ã¤ndern!', 'konto/user_daten.php', '', 0),
+(35, 'pw_neu', 'Speichern', 'konto/pass_neu.php', '', 0),
+(36, 'acc_del', 'Jetzt lÃ¶schen!', 'konto/delete_acc.php', '', 0),
+(37, 'profile_save', 'Allgemeine Daten Speichern', 'user/profil.php', '', 1),
+(38, 'notice', 'Notiz hinzufÃ¼gen', 'user/notiz.php', 'User Notizen hinzufÃ¼gen', 1);
+
+CREATE TABLE `vms_user_notizen` (
+  `id` int(11) NOT NULL,
+  `uid` int(11) NOT NULL,
+  `datum` int(11) NOT NULL,
+  `text` longtext NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+ALTER TABLE `vms_user_notizen`
+  ADD PRIMARY KEY (`id`);
+
+ALTER TABLE `vms_user_notizen`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
 
 ALTER TABLE `vms_adminblacklist`
  ADD PRIMARY KEY (`tan`);
diff --git a/lib/class/chat.class.php b/lib/class/chat.class.php
index 0dba0a4..a25d2e6 100644
--- a/lib/class/chat.class.php
+++ b/lib/class/chat.class.php
@@ -2,10 +2,9 @@
 
 class chatClass{
     public static function getRestChatLines($id){
-		global $db_host,$db_user,$db_pass,$db_base;
 		$arr = array();
 		$jsonData = '{"results":[';
-		$db_connection = new mysqli( $db_host, $db_user, $db_pass, $db_base);
+		$db_connection = new mysqli( DB_HOST, DB_USER, DB_PASS, DB_BASS);
 		$db_connection->query( "SET NAMES 'UTF8'" );
 		$statement = $db_connection->prepare( "SELECT id, absender, nachricht, time FROM vms_chat WHERE id > ? ");
 		$statement->bind_param( 'i', $id);
@@ -27,8 +26,7 @@ class chatClass{
     }
     
     public static function setChatLines( $chattext, $usrname, $color) {
-		global $db_host,$db_user,$db_pass,$db_base;
-		$db_connection = new mysqli( $db_host, $db_user, $db_pass, $db_base);
+		$db_connection = new mysqli( DB_HOST, DB_USER, DB_PASS, DB_BASS);
 		$db_connection->query( "SET NAMES 'UTF8'" );
 		$statement = $db_connection->prepare( "INSERT INTO chat( usrname, color, chattext) VALUES(?, ?, ?)");
 		$statement->bind_param( 'sss', $usrname, $color, $chattext);
@@ -37,4 +35,4 @@ class chatClass{
 		$db_connection->close();
     }
 }
-?>
\ No newline at end of file
+?>
diff --git a/lib/class/ein_aus_zahlung.class.php b/lib/class/ein_aus_zahlung.class.php
index 73e0b6f..8425e41 100644
--- a/lib/class/ein_aus_zahlung.class.php
+++ b/lib/class/ein_aus_zahlung.class.php
@@ -1,5 +1,7 @@
 <?php
-require_once("lib/schnittstellen/".$_POST['id'] .".php");
+if(isset($_POST['id'])){
+	require_once("lib/schnittstellen/".$_POST['id'] .".php");
+}
 
 class EIN_AUS_ZAHLUNG{
 	
@@ -123,4 +125,4 @@ class EIN_AUS_ZAHLUNG{
 			}
 		}
 	}
-}
\ No newline at end of file
+}
diff --git a/lib/class/kontobuchung.class.php b/lib/class/kontobuchung.class.php
index 88533e5..bde2af4 100644
--- a/lib/class/kontobuchung.class.php
+++ b/lib/class/kontobuchung.class.php
@@ -52,11 +52,11 @@ class KONTOBUCHUNG_CLASS{
 		global $datenbank;
 		$konto = $this->kontostand();
 		$konto_neu = $konto->kontostand + $this->betrag;
-		$datenbank->update(PREFIX . KONTO , array("kontostand_a" => $konto_neu) , array("uid" => $this->uid),1 );
-		$this->buchungsliste();
+		$buchung_ok = $datenbank->update(PREFIX . KONTO , array("kontostand_a" => $konto_neu) , array("uid" => $this->uid),1 );
+		$this->buchungsliste($buchung_ok);
 	}
 	
-	private function buchungsliste(){
+	private function buchungsliste($buchung_ok){
 		global $datenbank;
 		$buch = array(
 			"uid" => $this->uid,
@@ -65,6 +65,7 @@ class KONTOBUCHUNG_CLASS{
 			"buchungsmenge" => $this->art . $betrag,
 			"verwendungszweck" => $this->verwendung
 		);
+		if($buchung_ok == true){ $buch['buchung_ok'] = 1;}
 		$datenbank->insert(PREFIX . BUCH , $buch);
 	}
 	
@@ -72,4 +73,4 @@ class KONTOBUCHUNG_CLASS{
 		global $datenbank;
 		return $datenbank->get_row("SELECT kontostand_a FROM ". PREFIX . KONTO ." WHERE uid = '$this->uid' ");
 	}
-}
\ No newline at end of file
+}
diff --git a/lib/class/userprofil.class.php b/lib/class/userprofil.class.php
new file mode 100644
index 0000000..8766ccb
--- /dev/null
+++ b/lib/class/userprofil.class.php
@@ -0,0 +1,97 @@
+<?php
+
+class USERPROFIL {
+	
+	private $db;
+	private $uid;
+	private $delete_true = false;
+	private $array;
+	
+	public function __construct() {
+		global $datenbank;
+		$this->db = $datenbank;
+	}
+	
+	public function set_uid($uid){
+		if(!is_numeric($uid)){ $this->uid = 0;}else{ $this->uid = $this->db->escape($uid);}
+	}
+	
+	public function get_daten(){
+		$aus = $this->db->get_row("
+		SELECT u.*, e.*, k.*, n.* FROM ". PREFIX . USER . " AS u LEFT JOIN  ". PREFIX . EMAIL . " AS e ON e.uid = u.uid LEFT JOIN ". PREFIX . KONTO ." AS k ON k.uid = u.uid LEFT JOIN ". PREFIX . NICKP ." AS n ON n.uid = u.uid WHERE u.uid = '" . $this->uid . "' ",true);
+		return $aus;
+	}
+	
+	public function delete_account($pw){
+		global $error,$meldung;
+		$this->pass_pruef($pw);
+		if($this->delete_true == true){
+			$this->db->delete(PREFIX . KONTO , array("uid" => $this->uid),1);
+			$this->db->delete(PREFIX . EMAIL, array("uid" => $this->uid),1);
+			$this->db->delete(PREFIX . USER , array("uid" => $this->uid),1);
+			$this->db->delete(PREFIX . WERBER , array("uid" => $this->uid),1);
+			$this->db->update(PREFIX . WERBER, array("werber" => 0), array("werber" => $this->uid));
+			$this->db->delete(PREFIX . BUCH , array("uid" => $this->uid),1);
+			$this->db->delete(PREFIX . RELOAD , array("uid" => $this->uid),1);
+			$this->db->delete(PREFIX . S_ANF , array("uid" => $this->uid),1);
+			header('Location: '. $_SERVER['HTTP_HOST']);
+		}else{
+			$error = 1;
+			$meldung = PASS_FALSE;
+		}
+	}
+	
+	protected function pass_pruef($pw){
+		if($this->db->num_rows("SELECT id FROM ". PREFIX . KONTO ." WHERE uid = '$this->uid' AND passwort = '". pw_erstellen($pw) ."' ") == 1){
+			$this->delete_true = true;
+		}
+	}
+	
+	public function user_daten_save(){
+		global $error,$meldung;
+		$this->make_array();
+		if ($this->array['newsletter'] == 0 and $this->array['paidmails'] == 0) $mailstatus = 0;
+        if ($this->array['newsletter'] == 1 and $this->array['paidmails'] == 0) $mailstatus = 1;
+        if ($this->array['newsletter'] == 0 and $this->array['paidmails'] == 1) $mailstatus = 2;
+        if ($this->array['newsletter'] == 1 and $this->array['paidmails'] == 1) $mailstatus = 3;
+		$array = array(
+			"freigabe_fuer" => $mailstatus,
+			"emailadresse" => $this->array['emailadresse']
+		);
+		$array_user = array(
+			"max_forced" => $this->array['max_forced'],
+			"max_paidlinks" => $this->array['max_paidlinks']
+		);
+		$update_mail = $datenbank->update(PREFIX . MAIL , $array, array("uid" => $this->uid), 1);
+		if($update_mail == true){ $meldung .= MAILEMPFANG_TRUE;}else{$error = 1; $meldung .= MAILEMPFANG_FALSE;}
+		$update_user = $datenbank->update(PREFIX . USER , $array_user, array("uid" => $this->uid), 1);
+		if($update_user == true){ $meldung .= BANNER_TRUE;}else{ $error = 1; $meldung .= BANNER_FALSE;}
+	}
+	
+	public function pw_erneuern(){
+		global $error,$meldung;
+		$this->make_array();
+		if(empty($this->array['pwd']) OR empty($this->array['pwd2'])){ $error = 1; $meldung .= ANMELDEN_PASS1_FALSE;}
+		if($this->array['pwd'] != $this->array['pwd2']){ $error = 1; $meldung .= ANMELDEN_PASS_KONTROLLE;}
+		if($error == 0){
+			$update = $this->db->update(PREFIX . KONTO , array("passwort" => pw_erstellen($this->array['pwd'])), array("uid" => $this->uid) , 1);
+			if($update == true){
+				$meldung .= UPDATE_PASS_TRUE;
+			}else{
+				$error = 1;
+				$meldung .= UPDATE_PASS_FALSE;
+			}
+		}
+	}
+	
+	private function make_array(){
+		global $_POST;
+		$array = array();
+		foreach($_POST AS $key => $value){
+			$array[$key] = $this->db->escape($value);
+		}
+		$this->array = $array;
+	}
+}
+
+?>
diff --git a/lib/db_config.php b/lib/db_config.php
index 6d39e7a..2994cd4 100644
--- a/lib/db_config.php
+++ b/lib/db_config.php
@@ -7,6 +7,7 @@
 	
 	define("PREFIX","vms_");
 	define("CONFIG","seitenkonfig");
+	define("BILANZ","bilanz");
 	define("USER","userdaten");
 	define("EMAIL","emaildaten");
 	define("KONTO","kontodaten");
@@ -25,5 +26,8 @@
 	define("AKT","aktivierungen");
 	define("MULTIK","multi_konten");
 	define("S_ANF","schnittstelle_anfragen");
+	define("RELOAD","reloads");
+	define("BETTELB","bettel_buchung");
+	define("NOTIZ","user_notizen");
 	
 ?>
diff --git a/lib/funktionen/chat.php b/lib/funktionen/chat.php
index 0ead74d..d5df89d 100644
--- a/lib/funktionen/chat.php
+++ b/lib/funktionen/chat.php
@@ -4,7 +4,7 @@ require_once('../../lib/functions.lib.php');
 require_once('../../lib/session.lib.php');
 $error = 0;
 
-$sperre = mysqli_fetch_array(db_query("SELECT chat_sperre FROM ".$db_prefix."_userdaten WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' "));
+$sperre = mysqli_fetch_array(db_query("SELECT chat_sperre FROM ". PREFIX . KONTO ." WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' "));
 if($sperre['chat_sperre'] == '1'){ $error = 1; $meldung = 'Du bist fÃ¼r den Chat gesperrt.';}
 if(empty($_POST['inhalt'])){ $error = 1; $meldung = 'Bitte Text eingeben.';}
 if($_SESSION['uid'] <= 0){ $error = 1; $meldung = 'Ung&uuml;ltige User-ID.';}
diff --git a/lib/funktionen/konto/delete_acc.php b/lib/funktionen/konto/delete_acc.php
new file mode 100644
index 0000000..bafd610
--- /dev/null
+++ b/lib/funktionen/konto/delete_acc.php
@@ -0,0 +1,7 @@
+<?php
+
+require_once('lib/class/userprofil.class.php');
+$profil = new USERPROFIL;
+
+$profil->set_uid($_SESSION['uid']);
+$profil->delete_account();
diff --git a/lib/funktionen/konto/pass_neu.php b/lib/funktionen/konto/pass_neu.php
new file mode 100644
index 0000000..3117782
--- /dev/null
+++ b/lib/funktionen/konto/pass_neu.php
@@ -0,0 +1,7 @@
+<?php
+
+require_once('lib/class/userprofil.class.php');
+$pass = NEW USERPROFIL;
+
+$pass->set_uid($_SESSION['uid']);
+$pass->pw_erneuern();
diff --git a/lib/funktionen/konto/user_daten.php b/lib/funktionen/konto/user_daten.php
new file mode 100644
index 0000000..70aed85
--- /dev/null
+++ b/lib/funktionen/konto/user_daten.php
@@ -0,0 +1,7 @@
+<?php
+
+require_once('lib/class/userprofil.class.php');
+$profil = new USERPROFIL;
+$profil->set_uid($_SESSION['uid']);
+
+$update = $profil->user_daten_save();
diff --git a/lib/lang/lang.de.php b/lib/lang/lang.de.php
index 701e36f..357d6d7 100644
--- a/lib/lang/lang.de.php
+++ b/lib/lang/lang.de.php
@@ -40,4 +40,13 @@
 	define("EINZAHLUNG_BETRAG_HIGHT","Dein Einzahlungsbetrag &uuml;bersteigt das Einzahllimit.<br>");
 	define("AUSZAHLUNG_ANFRAGEN_USER_FALSE","Die Auszahlungen sind f&uuml;r heute verbraucht.<br>");
 	define("AUSZAHLUNG_TRUE","Die Auszahlung wurde erfolgreich durchgef&uuml;hrt.<br>");
-	define("EINZAHLUNG_TRUE","Die Einzahlung wurde erfolgreich durchgef&uuml;hrt.<br>");
\ No newline at end of file
+	define("EINZAHLUNG_TRUE","Die Einzahlung wurde erfolgreich durchgef&uuml;hrt.<br>");
+	
+	//KONTO
+	define("PASS_FALSE","Das angegebene Passwort ist nicht richtig");
+	define("MAILEMPFANG_TRUE","Einstellungen f&uuml;r den Mailempfang gespeichert.<br>");
+	define("MAILEMPFANG_FALSE","Konnte einstellungen f&uuml;r den Mailempfang nicht speichern");
+	define("BANNER_TRUE","Werbeeinstellungen wurden erfolgreich gespeichert.<br>");
+	define("BANNER_FALSE","Konnte Werbeeinstellungen nicht speichern.<br>".$sko);
+	define("UPDATE_PASS_TRUE","Das Passwort wurde erfolgreich gespeichert.<br>");
+	define("UPDATE_PASS_FALSE","Das Passwort konnte nicht gespeichert werden.<br>".$sko);
diff --git a/lib/var.php b/lib/var.php
index 5fed887..8aa099c 100644
--- a/lib/var.php
+++ b/lib/var.php
@@ -43,7 +43,18 @@ if(!isset($_POST['einzahlen']))		{ $_POST['einzahlen']			= "";}
 if(!isset($_POST['uid_passwort']))	{ $_POST['uid_passwort']		= "";}
 if(!isset($_POST['trans_menge']))	{ $_POST['trans_menge']		= "";}
 if(!isset($einzahlmeldung))			{ $einzahlmeldung				= "";}
-
+if (!isset($_POST['aendern']))		{ $_POST['aendern'] = "";}
+if (!isset($_POST['acc_del']))		{ $_POST['acc_del'] = "";}
+if (!isset($_POST['del_passwort']))	{ $_POST['del_passwort'] = "";}
+if (!isset($_POST['pwd']))			{ $_POST['pwd'] = "";}
+if (!isset($_POST['pwd2']))			{ $_POST['pwd2'] = "";}
+if (!isset($_POST['nickname']))		{ $_POST['nickname'] = "";}
+if (!isset($_POST['newsletter']))	{ $_POST['newsletter'] = "";}
+if (!isset($_POST['paidmails']))	{ $_POST['paidmails'] = "";}
+if (!isset($_POST['bdate']))		{ $_POST['bdate'] = "";}
+if (!isset($change))				{ $change = "";}
+if (!isset($mailstatus))			{ $mailstatus = "";}
+if (!isset($delchange))				{ $delchange = "";}
 
 //$_SESSION
 
-- 
GitLab