Skip to content
Snippets Groups Projects
userbearbeiten.php 15.9 KiB
Newer Older
Eric Laufer's avatar
1.1
Eric Laufer committed
<script type="text/javascript">
<!--
function ShowUserInfo (art) {
    /* alle container ausblenden */
    document.getElementById("Userinfo1").style.display = 'none';
    document.getElementById("Userinfo2").style.display = 'none';
    document.getElementById("Userinfo3").style.display = 'none';
    document.getElementById("Userinfo4").style.display = 'none';
    document.getElementById("Userinfo5").style.display = 'none';
    document.getElementById("Userinfo6").style.display = 'none';
	document.getElementById("Userinfo7").style.display = 'none';
    /* ausgewaehlten container einblenden */
    document.getElementById("Userinfo" + art).style.display = 'block';
}
-->
</script>


<?php
// Variable _GET['uid'] pruefen
if (!empty ($_GET['uid'])) $_POST['uid'] = $_GET['uid'];
$_POST['uid'] = (int)$_POST['uid'];
if (empty ($_POST['uid'])) die ('Keine korrekte User-ID &uuml;bergeben!');

// Allgemeine Daten speichern
if (isset ($_POST['profile'])) {
	db_query ('UPDATE '.$db_prefix.'_userdaten SET chat_sperre = "'.$_POST['chat_sperre'].'", nickname = "'.$_POST['nickname'].'", vorname = "'.$_POST['vorname'].'", nachname = "'.$_POST['nachname'].'" WHERE uid = '.$_POST['uid']);
	db_query ('UPDATE '.$db_prefix.'_emaildaten SET emailadresse = "'.$_POST['emailadresse'].'", freigabe_fuer = "'.$_POST['freigabe_fuer'].'" WHERE uid = '.$_POST['uid']);
	db_query ("UPDATE ".$db_prefix."_kontodaten SET auszahlung_sperre = '". $_POST['auszahlung_sperre']. "', forced_sperre = '".$_POST['forced_sperre']."', bettel_sperre = '".$_POST['bettel_sperre']."' WHERE uid = '".$_POST['uid']."' ");
	if ($_POST['werber'] != $_POST['alt_werber'] && $_POST['werber'] != $_POST['uid']) db_query ('UPDATE '.$db_prefix.'_werberdaten SET werber = "'.$_POST['werber'].'", umsatz = 0, zuordnungszeit = 0, reset = 0, resetzeit = 0, gesamt = 0, refback = 0, aktivzeit = 0 WHERE uid = '.$_POST['uid']);
}

// Betrag verbuchen
if (isset ($_POST['finanze'])) {
	if ($_POST['buchungssumme'] > 0 && $_POST['buchungssumme']) {
		$buchungs_id = create_code (14);
		kontobuchung ($_POST['buchungsart'], $_POST['buchungssumme'], $buchungs_id, $_POST['uid'],1, 'Adminbuchung');

if ($_POST['art'] == '+'){
$ausgabe = $_POST['buchungsmenge'];
}else{
$einnahme = $_POST['buchungsmenge'];
}

   bilanz($einnahme,$ausgabe);
		$nachricht = 'Hallo,'."\n\n".'Es wurde soeben eine Buchung auf dein Userkonto ausgeführt:'."\n\n".$_POST['buchungsart'].' '.number_format($_POST['buchungssumme'], 2, ',', '.').' '.$waehrung.' '.$_POST['buchungstext']."\n\n\n".'Mit freundlichen Grüßen, dein '.$seitenname.'-Team';
		if (isset ($_POST['send_mail']) && $_POST['send_mail'] == 'ja') usermail ($_POST['email'],$seitenname.' Kontobuchung', $nachricht, '"'.$seitenname.'" <'.$betreibermail.'>');
	}
}

// Zugangsberechtigungen aendern
if (isset ($_POST['access'])) {
	if (isset ($_POST['send_mail']) && $_POST['send_mail'] == 'ja') {
		if ($_POST['status'] == 0) $desc = 'Wartend';
		elseif ($_POST['status'] == 1) $desc = 'Freigeschaltet';
		elseif ($_POST['status'] == 2) $desc = 'Gesperrt';
		elseif ($_POST['status'] == 'loeschen') $desc = 'Gelöscht';
		$grund = (empty ($_POST['hinweis'])) ? 'Keine Angabe' : $_POST['hinweis'];
		$nachricht = 'Hallo,'."\n\n".'Dein Userstatus auf '.$seitenname.' wurde soebend geändert.'."\n\n".'Neuer Status: '.$desc.''."\n\n".'Grund:'."\n".$grund."\n\n\n".'Mit freundlichen Grüßen, dein '.$seitenname.'-Team';
		usermail ($_POST['email'], 'Dein Account auf '.$seitenname, $nachricht, '"'.$seitenname.'" <'.$betreibermail.'>');
	}

	if ($_POST['status'] != 'loeschen') {
		$_POST['status'] = (int)$_POST['status'];
		db_query ('UPDATE '.$db_prefix.'_kontodaten SET status = '.$_POST['status'].', hinweis = "'.$_POST['hinweis'].'" WHERE uid = '.$_POST['uid']);
	} else {
		$sperrzeit = ( time() + ( 86400 * 365 ) );
		db_query ('INSERT INTO '.$db_prefix.'_userblacklist (uid,zeit) VALUES ('.$_POST['uid'].','.$sperrzeit.')');
		db_query ('DELETE FROM '.$db_prefix.'_kontodaten WHERE uid = '.$_POST['uid']);
		db_query ('DELETE FROM '.$db_prefix.'_emaildaten WHERE uid = '.$_POST['uid']);
		db_query ('DELETE FROM '.$db_prefix.'_userdaten WHERE uid = '.$_POST['uid']);
		db_query ('DELETE FROM '.$db_prefix.'_werberdaten WHERE uid = '.$_POST['uid']);
		db_query ('UPDATE '.$db_prefix.'_werberdaten SET werber = 0 WHERE werber = '.$_POST['uid']);
		echo '<meta http-equiv="refresh" content="0; URL=index.php?content=/usersystem/liste">';
	}
}

// Notizen speichern
if (isset ($_POST['notice'])) {
	db_query ("INSERT INTO ".$db_prefix."_user_notizen (uid,admin_id,datum,text) VALUES (
														'". mysqli_real_escape_string($sql_open,$_GET['uid']) ."',
														'". mysqli_real_escape_string($sql_open,$_SESSION['admin']) ."',
														'". time() ."',
														'". mysqli_real_escape_string($sql_open,$_POST['text']) ."'
														)");
}

// Daten einlesen
$sql = db_query ('SELECT * FROM '.$db_prefix.'_kontodaten t1, '.$db_prefix.'_userdaten t2, '.$db_prefix.'_emaildaten t3, '.$db_prefix.'_werberdaten t4 WHERE t1.uid = '.$_POST['uid'].' AND t2.uid = '.$_POST['uid'].' AND t3.uid = '.$_POST['uid'].' AND t4.uid = '.$_POST['uid'].' LIMIT 1');
if (mysqli_num_rows ($sql) == 0) die ('Die angegebene User-ID existiert nicht!');
$alledaten = mysqli_fetch_assoc ($sql);
?>

<?php head ('Bearbeiten des Users <i>'.$alledaten['nickname'].'</i> ('.$alledaten['uid'].')'); ?>
<div style="text-align: center;">
<a href="javascript:ShowUserInfo(1);">Allgemeines</a> &middot;
<a href="javascript:ShowUserInfo(2);">Statistik</a> &middot;
<a href="javascript:ShowUserInfo(3);">Konto</a> &middot;
<a href="javascript:ShowUserInfo(4);">Zugang</a> &middot;
<a href="javascript:ShowUserInfo(5);">Buchungen</a> &middot;
<a href="javascript:ShowUserInfo(6);">Notizen</a> &middot;
<a href="javascript:ShowUserInfo(7);">Bettel Refferer</a>
</div><hr size=1 style="color:#c0c0c0;">

<div id="Userinfo1" style="display: block;">
<form action="" method="POST">
<input type="hidden" name="uid" value="<?php echo $alledaten['uid'];?>">
<input type="hidden" name="alt_werber" value="<?php echo $alledaten['werber'];?>">
<table width="350" border="0" cellpadding="1" cellspacing="1" align="center" bgcolor="#000000">
	<tr bgcolor="#fafafa">
		<td align="right"><b>User-ID</b>:&nbsp;</td>
		<td align="left">&nbsp;<?php echo $alledaten['uid'];?></td>
	</tr>
	<tr bgcolor="#ededed">
		<td align="right"><b>Nickname</b>:&nbsp;</td>
		<td align="left">&nbsp;<input type="text" name="nickname" value="<?php echo $alledaten['nickname'];?>"></td>
	</tr>
	<tr bgcolor="#fafafa">
		<td align="right"><b>Werber-ID</b>:&nbsp;</td>
		<td align="left">&nbsp;<input type="text" name="werber" value="<?php echo $alledaten['werber'];?>"></td>
	</tr>
	<tr bgcolor="#ededed">
		<td align="right"><b>Vorname</b>:&nbsp;</td>
		<td align="left">&nbsp;<input type="text" name="vorname" value="<?php echo $alledaten['vorname'];?>"></td>
	</tr>
	<tr bgcolor="#fafafa">
		<td align="right"><b>Nachname</b>:&nbsp;</td>
		<td align="left">&nbsp;<input type="text" name="nachname" value="<?php echo $alledaten['nachname'];?>"></td>
	</tr>
	<tr bgcolor="#ededed">
		<td align="right"><b>eMailadresse</b>:&nbsp;</td>
		<td align="left">&nbsp;<input type="text" name="emailadresse" value="<?php echo $alledaten['emailadresse'];?>"></td>
	</tr>
	<tr bgcolor="#fafafa">
		<td align="right"><b>eMail-Empfang</b>:&nbsp;</td>
		<td align="left">&nbsp;<select name="freigabe_fuer" size="1">
		<option value="0" <?php if ($alledaten['freigabe_fuer'] == 0) echo'SELECTED';?>>Kein Empfang</option>
		<option value="1" <?php if ($alledaten['freigabe_fuer'] == 1) echo'SELECTED';?>>Nur Newsletter</option>
		<option value="2" <?php if ($alledaten['freigabe_fuer'] == 2) echo'SELECTED';?>>Nur Paidmails</option>
		<option value="3" <?php if ($alledaten['freigabe_fuer'] == 3) echo'SELECTED';?>>Newsletter / Paidmails</option>
		</select></td>
	</tr>
	<tr bgcolor="#ededed">
		<td align="right">&nbsp;<b>Bettelsperre</b>:</td>
		<td align="left">&nbsp;
			<select name="bettel_sperre" size="1">
				<option value="0" <?php if ($alledaten['bettel_sperre'] == 0) echo'SELECTED';?>>deaktiviert</option>
				<option value="1" <?php if ($alledaten['bettel_sperre'] == 1) echo'SELECTED';?>>aktiviert</option>
			</select>
		</td>
	</tr>
	<tr bgcolor="#fafafa">
		<td align="right">&nbsp;<b>Banner Sperre</b>:</td>
		<td align="left">&nbsp;
			<select name="forced_sperre" size="1">
				<option value="0" <?php if ($alledaten['forced_sperre'] == 0) echo'SELECTED';?>>deaktiviert</option>
				<option value="1" <?php if ($alledaten['forced_sperre'] == 1) echo'SELECTED';?>>aktiviert</option>
			</select>
		</td>
	</tr>
	<tr bgcolor="#ededed">
		<td align="right">&nbsp;<b>Chat Sperre</b>:</td>
		<td align="left">&nbsp;
			<select name="chat_sperre" size="1">
				<option value="0" <?php if ($alledaten['chat_sperre'] == 0) echo'SELECTED';?>>deaktiviert</option>
				<option value="1" <?php if ($alledaten['chat_sperre'] == 1) echo'SELECTED';?>>aktiviert</option>
			</select>
		</td>
	</tr>
	<tr bgcolor="#fafafa">
		<td><b>Auszahlungssperre</b></td>
		<td>
			<select name="auszahlung_sperre">
				<option value="0" <?php if ($alledaten['auszahlung_sperre'] == 1) echo'SELECTED';?>>Gesperrt</option>
				<option value="1" <?php if ($alledaten['auszahlung_sperre'] == 0) echo'SELECTED';?>>Freigeschaltet</option>
			</select>
		</td>
	</tr>
	<tr bgcolor="#ededed">
		<td align="center" colspan="2"><br /><input type="submit" name="profile" value="&raquo; Updaten"><br />&nbsp;</td>
	</tr>
</table>
</form>
</div>

<div id="Userinfo2" style="display: none;">
<table width="350" border="0" cellpadding="1" cellspacing="1" align="center" bgcolor="#000000">
	<tr bgcolor="#fafafa">
		<td>&nbsp;<b>Refback</b>:</td>
		<td colspan="2" align="right"><?php echo $alledaten['refback'];?> %&nbsp;</td>
	</tr>
	<tr bgcolor="#ededed">
		<td>&nbsp;<b>Angemeldet</b>:</td>
		<td colspan="2" align="right"><?php echo date('d.m.Y H:i', $alledaten['angemeldet_seit']);?>&nbsp;</td>
	</tr>
	<tr bgcolor="#fafafa">
		<td>&nbsp;<b>Letzter Login</b>:</td>
		<td colspan="2" align="right"><?php echo date('d.m.Y H:i', $alledaten['loginzeit']);?>&nbsp;</td>
	</tr>
	<tr bgcolor="#ededed">
		<td>&nbsp;<b>Letzte Aktivit&auml;t</b>:</td>
		<td colspan="2" align="right"><?php echo date('d.m.Y H:i', $alledaten['last_active']);?>&nbsp;</td>
	</tr>
	<tr bgcolor="#fafafa">
		<td>&nbsp;<b>Letzte IP</b>:</td>
		<td colspan="2" align="right"><?php echo $alledaten['login_ip'];?>&nbsp;</td>
	</tr>
	<tr bgcolor="#ededed">
		<td>&nbsp;<b>ForcedKlicks</b>:</td>
		<td width=50 align="right"><?php echo $alledaten['klicks'];?>&nbsp;</td>
		<td align="right"><?php echo number_format ($alledaten['kv'], 2, ',', '.').' '.$waehrung;?>&nbsp;</td>
	</tr>
	<tr bgcolor="#fafafa">
		<td>&nbsp;<b>Betteln</b>:</td>
		<td align="right"><?php echo $alledaten['angebettelt'];?>&nbsp;</td>
		<td align="right"><?php echo number_format ($alledaten['bv'], 2, ',', '.').' '.$waehrung;?>&nbsp;</td>
	</tr>
</table>
</div>

<div id="Userinfo3" style="display: none;">
<form action="" method="POST">
<input type="hidden" name="uid" value="<?php echo $alledaten['uid'];?>">
<input type="hidden" name="email" value="<?php echo $alledaten['emailadresse'];?>">
<table align="center" border="0" cellpadding="0" cellspacing="2">
	<tr>
		<td><b>Kontostand</b>:<br />
		<?php echo number_format($alledaten['kontostand'],2,",",".").' '.$waehrung;?></td>
	</tr>
	<tr>
		<td><br /><b>Summe</b>:<br />
		<select style="width: 40px" name="buchungsart" size="1"><option value="+" SELECTED>+</option><option value="-">-</option></select><input style="width: 100px;" type="Text" name="buchungssumme" value=""></td>
	</tr>
	<tr>
		<td><br /><b>Grund</b> (max. 30 Zeichen):<br />
		<input style="width: 140px" type="text" name="buchungstext" value="" maxlength="30"></td>
	</tr>
	<tr>
		<td><br /><b>Mail an User</b>:<br />
		<input type="radio" name="send_mail" value="ja" /> Ja &nbsp; <input checked="checked" type="radio" name="send_mail" value="nein" /> Nein</td>
	</tr>
	<tr>
		<td align="center"><br /><input type="submit" name="finanze" value="&raquo; Buchen" /></td>
	</tr>
</table>
</form>
</div>

<div id="Userinfo4" style="display: none;">
<form action="" method="POST">
<input type="hidden" name="uid" value="<?php echo $alledaten['uid'];?>">
<input type="hidden" name="email" value="<?php echo $alledaten['emailadresse'];?>">
<table align="center" border="0" cellpadding="0" cellspacing="2">
	<tr>
		<td><b>Status</b>:<br />
		<select name="status" size="1" style="width: 140px;">
		<option value="0" <?php if ($alledaten['status'] == 0) echo'SELECTED';?>>Wartend</option>
		<option value="1" <?php if ($alledaten['status'] == 1) echo'SELECTED';?>>Freigeschaltet</option>
		<option value="2" <?php if ($alledaten['status'] == 2) echo'SELECTED';?>>Gesperrt</option>
		<option value="<?php echo $alledaten['status'];?>">--------------</option>
		<option value="loeschen">User l&ouml;schen</option>
</select></td>
	</tr>
	<tr>
		<td><br /><b>Hinweistext</b>:<br />
		<textarea name="hinweis" style="width: 140px; height: 100px;"><?php echo $alledaten['hinweis'];?></textarea></td>
	</tr>
	<tr>
		<td><br /><b>Mail an User</b>:<br />
		<input checked="checked" type="radio" name="send_mail" value="ja" /> Ja &nbsp; <input type="radio" name="send_mail" value="nein" /> Nein</td>
	</tr>
	<tr>
		<td align="center"><br /><input type="submit" name="access" value="&raquo; &Auml;ndern" /></td>
	</tr>
</table>
</form>
</div>

<div id="Userinfo5" style="display: none;">
<table class="tabellen" style="width:100%">
<tr class="tabellenhead">
<td align="center"><b>Buchungs Id</b></td>
<td align="center"><b>Datum</b></td>
<td align="center"><b>Zeit</b></td>
<td align="center"><b><?php echo $waehrung;?></b></td>
<td align="center"><b>Verwendungszweck</b></td>
</tr>
<?php
$buchungen_lesen = db_query('SELECT * FROM '.$db_prefix.'_buchungen WHERE uid = '.$alledaten['uid'].' ORDER BY buchungszeit DESC LIMIT 250');
while ($buchung_schreiben = mysqli_fetch_array($buchungen_lesen)) {
$i++;
	$buchcolor = ($buchung_schreiben['buchungsmenge'] > 0) ? '#000000' : '#cc0000';
	$linecolor = ($i %2 == 0) ? 1 : 0;
?>
<tr class="tabellenbody_<?php echo $linecolor;?>">
<td align="left">&nbsp;<?php echo $buchung_schreiben['buchungs_id'];?></td>
<td align="center">&nbsp;<?php echo date("d.m.Y",$buchung_schreiben['buchungszeit']);?>&nbsp;</td>
<td align="center">&nbsp;<?php echo date("H:i",$buchung_schreiben['buchungszeit']);?>&nbsp;</td>
<td align="right">&nbsp;<font color="<?php echo $buchcolor;?>"><?php echo number_format($buchung_schreiben['buchungsmenge'],2,",",".");?></font>&nbsp;</td>
<td align="left">&nbsp;<?php echo $buchung_schreiben['verwendungszweck'];?></td>
</tr>
<?php
}
?>
</table>
</div>

<div id="Userinfo6" style="display: none;">
<center>
	<form action="" method="POST">
		<table align="center" border="0" cellpadding="0" cellspacing="2">
			   <tr>
				<td><b>Notizen</b>:<br />
				<textarea name="text" cols="50" rows="20"></textarea></td>
			</tr>
			<tr>
				<td align="center"><br /><input type="submit" name="notice" value="&raquo; Speichern" /></td>
			</tr>
		</table>
	</form>
</center>
<hr>
<br>
<table width="100%">
	<tr>
		<td></td>
		<td>Notiz</td>
	</tr>
<?php
	$da = db_query("SELECT * FROM ".$db_prefix."_user_notizen WHERE uid = '". mysqli_real_escape_string($sql_open,$_GET['uid']) ."' ");
	while($daten = mysqli_fetch_array($da)){
		echo '
			<tr>
				<td>'. date("d.m.Y", $daten['datum']) .'<br>Admin-ID: '.$daten['admin_id'] .'</td>
				<td>'. nl2br($daten['text']) .'</td>
			</tr>
		';
	}
?>
</table>
</div>

<div id="Userinfo7" style="display: none;">
	<table class="tabellen" width="100%">
		<tr class="tabellenhead">
			<td>Zeit</td>
			<td>Verg&uuml;tung</td>
			<td>Refferer</td>
		</tr>
<?php
		$ref = db_query("SELECT zeit,betrag,refferer FROM ".$db_prefix."_bettel_buchung WHERE uid = '".$alledaten['uid']."' ");
		while($refferer = mysqli_fetch_array($ref)){
			echo '
			<tr>
				<td>'.date("d.m.Y - H:i", $refferer['zeit']).'</td>
				<td>'.number_format($refferer['betrag'],2,",",".").'</td>
				<td><a href="'.$refferer['refferer'].'" target="_new">'.$refferer['refferer'].'</a></td>
			</tr>
			';
		}
?>
	</table>
</div>
<?php  foot(); ?>