From 73e0c873cfe68b88c84c926769028dd9d4315c32 Mon Sep 17 00:00:00 2001
From: isaack <drericlaufer@gmx.de>
Date: Sun, 2 Sep 2018 17:58:58 +0200
Subject: [PATCH] Bug, Update run.inc.php
Bearbeitung der run.inc.php
neue Tabelle in die Datenbank eingepflegt
Bug #9
---
CHANGELOG | 10 +-
content/konto/nickpage.php | 195 +++++++++--------
.../konto/profil_include/externe_konten.php | 61 ++++++
content/konto/profil_include/index.html | 0
content/konto/profil_include/profil.php | 75 +++++++
content/konto/userprofil.php | 205 ++++--------------
index.php | 7 +-
install/mysql.txt | 24 +-
lib/functions.lib.php | 2 +-
lib/funktionen/konto/nickpage.php | 5 +-
lib/run.inc.php | 18 +-
lib/session.lib.php | 20 +-
12 files changed, 317 insertions(+), 305 deletions(-)
create mode 100644 content/konto/profil_include/externe_konten.php
create mode 100644 content/konto/profil_include/index.html
create mode 100644 content/konto/profil_include/profil.php
diff --git a/CHANGELOG b/CHANGELOG
index 1a0e0cc..8677ca1 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,12 +1,12 @@
# Was alles passiert
-## [0.0.5.1]
+## [0.0.5.2]
+## hinzugefügt
+- neue Tabelle in der Datenbank
+
## geändert
-- run.inc.php
-- datenbank.inc.php
+- run.inc.php (Datein werden jetzt aus der Datenbank abgerufen)
-## BUGMELDUNG
-Nr.: 8
## [0.0.5]
## hinzugefügt
- AGB,Impressum,FAQ können aus dem Admin heraus berarbeitet werden
diff --git a/content/konto/nickpage.php b/content/konto/nickpage.php
index de590cd..1024812 100644
--- a/content/konto/nickpage.php
+++ b/content/konto/nickpage.php
@@ -1,11 +1,10 @@
<?php
-$nickpage = mysqli_fetch_array(db_query("SELECT * FROM ".$db_prefix."_nickpage WHERE uid=".$_SESSION['uid'].""));
-$userdaten = mysqli_fetch_array(db_query("SELECT * FROM ".$db_prefix."_userdaten WHERE uid=".$_SESSION['uid'].""));
+$nickpage = mysqli_fetch_array(db_query("SELECT * FROM ".$db_prefix."_nickpage WHERE uid='". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."'"));
$esc = mysqli_fetch_array(db_query("SELECT bdate FROM ".$db_prefix."_userdaten WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' "));
if($esc['bdate'] == 0){
- $bdate = 'placeholder="TT.MM.JJJ';
+ $bdate = 'placeholder="TT.MM.JJJ"';
}else{
$bdate = 'value="'. date("d.m.Y", $esc['bdate']) .'"';
}
@@ -13,100 +12,100 @@ if($esc['bdate'] == 0){
?>
<form action="" method="post">
-<table class="table">
- <tr>
- <td><strong>Geschlecht: </strong></td>
- <td>
- <select name="sex">
- <option value="" <?php if ($nickpage['sex'] == "") echo 'selected';?>>Bitte wählen</option>
- <option value="weiblich" <?php if ($nickpage['sex'] == 'weiblich') echo 'selected';?>>weiblich</option>
- <option value="männlich" <?php if ($nickpage['sex'] == 'männlich') echo 'selected';?>>männlich</option>
- </select>
- </td>
- </tr>
- <tr>
- <td><b>Geburtsdatum: </b></td>
- <td><input type="date" name="bdate" class="tcal" <?php echo $bdate;?>></td>
- </tr>
- <tr>
- <td><strong>Wohnort: </strong></td>
- <td>
- <input name="ort" value="<?php echo $nickpage['ort'];?>">
- </td>
- </tr>
- <tr>
- <td><strong>Land: </strong></td>
- <td>
- <input name="land" value="<?php echo $nickpage['land'];?>">
- </td>
- </tr>
- <tr>
- <td><b>Hobbys: </b></td>
- <td><input name="hobbys" value="<?php echo $nickpage['hobbys'];?>"></td>
- </tr>
- <tr>
- <td><b>Beruf: </b></td>
- <td><input name="beruf" value="<?php echo $nickpage['beruf'];?>"></td>
- </tr>
- <tr>
- <td><b>ICQ: </b></td>
- <td><input name="icq" value="<?php echo $nickpage['icq'];?>"></td>
- </tr>
- <tr>
- <td><b>MSN: </b></td>
- <td><input name="msn" value="<?php echo $nickpage['msn'];?>"></td>
- </tr>
- <tr>
- <td><b>AIM: </b></td>
- <td><input name="aim" value="<?php echo $nickpage['aim'];?>"></td>
- </tr>
- <tr>
- <td><b>Skype: </b></td>
- <td><input name="skype" value="<?php echo $nickpage['skype'];?>"></td>
- </tr>
- <tr>
- <td><b>Homepage:</b> (ohne http://) </td>
- <td><input name="www" value="<?php echo $nickpage['www'];?>"></td>
- </tr>
- <tr>
- <td><b>Lieblingswebsite 1:</b> (ohne http://) </td>
- <td><input name="www1" value="<?php echo $nickpage['www1'];?>"></td>
- </tr>
- <tr>
- <td><b>Lieblingswebsite 2:</b> (ohne http://) </td>
- <td><input name="www2" value="<?php echo $nickpage['www2'];?>"></td>
- </tr>
- <tr>
- <td><b>Lieblingswebsite 3:</b> (ohne http://) </td>
- <td><input name="www3" value="<?php echo $nickpage['www3'];?>"></td>
- </tr>
- <tr>
- <td valign="top">
- <strong>Link zu deinem Ava: </strong><br>
- Maximale Bildgröße: 200 x 250 Pixel
- </td>
- <td>
- <? if ($nickpage['ava'] == '') { ?>
- <input name="ava" value="" size="40">
- <? } else { ?>
- <input name="ava" value="<?php echo $nickpage['ava'];?>" size="40">
- <? } ?>
- </td>
- </tr>
- <tr>
- <td colspan="2" align="center">
- <?php
- if($nickpage['ava'] == ''){
- echo '<div class="alert alert-info">Kein Avatar gewählt</div>';
- }else{
- echo '<a href="#" class="thumbnail"><img src="'. $nickpage['ava'] .'" alt="'. $_SESSION['uid'] .'"></a>';
- }
- ?>
- </td>
- </tr>
-</table>
-<div class="text-center">
- <input type="submit" name="aendern_nickpage" class="btn btn-success" value="Änderungen speichern">
-</div>
+ <table class="table">
+ <tr>
+ <td><strong>Geschlecht: </strong></td>
+ <td>
+ <select name="sex" class="form-control">
+ <option value="" <?php if ($nickpage['sex'] == "") echo 'selected';?>>Bitte wählen</option>
+ <option value="weiblich" <?php if ($nickpage['sex'] == 'weiblich') echo 'selected';?>>weiblich</option>
+ <option value="männlich" <?php if ($nickpage['sex'] == 'männlich') echo 'selected';?>>männlich</option>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td><b>Geburtsdatum: </b></td>
+ <td><input type="date" name="bdate" class="tcal form-control" <?php echo $bdate;?>></td>
+ </tr>
+ <tr>
+ <td><strong>Wohnort: </strong></td>
+ <td>
+ <input name="ort" value="<?php echo $nickpage['ort'];?>" class="form-control">
+ </td>
+ </tr>
+ <tr>
+ <td><strong>Land: </strong></td>
+ <td>
+ <input name="land" value="<?php echo $nickpage['land'];?>" class="form-control">
+ </td>
+ </tr>
+ <tr>
+ <td><b>Hobbys: </b></td>
+ <td><input name="hobbys" value="<?php echo $nickpage['hobbys'];?>" class="form-control"></td>
+ </tr>
+ <tr>
+ <td><b>Beruf: </b></td>
+ <td><input name="beruf" value="<?php echo $nickpage['beruf'];?>" class="form-control"></td>
+ </tr>
+ <tr>
+ <td><b>ICQ: </b></td>
+ <td><input name="icq" value="<?php echo $nickpage['icq'];?>" class="form-control"></td>
+ </tr>
+ <tr>
+ <td><b>MSN: </b></td>
+ <td><input name="msn" value="<?php echo $nickpage['msn'];?>" class="form-control"></td>
+ </tr>
+ <tr>
+ <td><b>AIM: </b></td>
+ <td><input name="aim" value="<?php echo $nickpage['aim'];?>" class="form-control"></td>
+ </tr>
+ <tr>
+ <td><b>Skype: </b></td>
+ <td><input name="skype" value="<?php echo $nickpage['skype'];?>" class="form-control"></td>
+ </tr>
+ <tr>
+ <td><b>Homepage:</b> (ohne http://) </td>
+ <td><input name="www" value="<?php echo $nickpage['www'];?>" class="form-control"></td>
+ </tr>
+ <tr>
+ <td><b>Lieblingswebsite 1:</b> (ohne http://) </td>
+ <td><input name="www1" value="<?php echo $nickpage['www1'];?>" class="form-control"></td>
+ </tr>
+ <tr>
+ <td><b>Lieblingswebsite 2:</b> (ohne http://) </td>
+ <td><input name="www2" value="<?php echo $nickpage['www2'];?>" class="form-control"></td>
+ </tr>
+ <tr>
+ <td><b>Lieblingswebsite 3:</b> (ohne http://) </td>
+ <td><input name="www3" value="<?php echo $nickpage['www3'];?>" class="form-control"></td>
+ </tr>
+ <tr>
+ <td valign="top">
+ <strong>Link zu deinem Ava: </strong><br>
+ Maximale Bildgröße: 200 x 250 Pixel
+ </td>
+ <td>
+ <?php if ($nickpage['ava'] == '') { ?>
+ <input name="ava" value="" size="40">
+ <?php } else { ?>
+ <input name="ava" value="<?php echo $nickpage['ava'];?>" size="40">
+ <?php } ?>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2" align="center">
+ <?php
+ if($nickpage['ava'] == ''){
+ echo '<div class="alert alert-info">Kein Avatar gewählt</div>';
+ }else{
+ echo '<a href="#" class="thumbnail"><img src="'. $nickpage['ava'] .'" alt="'. $_SESSION['uid'] .'"></a>';
+ }
+ ?>
+ </td>
+ </tr>
+ </table>
+ <div class="text-center">
+ <input type="submit" name="aendern_nickpage" class="btn btn-success" value="Speichern">
+ </div>
</form>
diff --git a/content/konto/profil_include/externe_konten.php b/content/konto/profil_include/externe_konten.php
new file mode 100644
index 0000000..6cbb3b0
--- /dev/null
+++ b/content/konto/profil_include/externe_konten.php
@@ -0,0 +1,61 @@
+<?php
+if (isset($_POST['veri'])) {
+ $schnittstelle = mysqli_fetch_array(db_query("SELECT * FROM " . $db_prefix . "_schnittstelle WHERE schnittstelle='" . $_POST['schnittstelle'] . "' AND aktiv > 0 LIMIT 1"));
+ // User beim Betreiber prüfen
+ db_query("INSERT INTO " . $db_prefix . "_schnittstelle_anfragen (zeit,uid) VALUES ('" . $tag . "'," . $_SESSION['uid'] . ")");
+ echo mysqli_error($sql_open);
+ require_once ("lib/schnittstellen/" . $schnittstelle['schnittstelle'] . ".php");
+ uservalidate ($schnittstelle['betreiber_id'], $schnittstelle['betreiber_passwort'], $_POST['veri_id'], $_POST['veri_pw']);
+ $error = $trans_ausgabe;
+ print_r($error);
+ if (!$error) db_query("INSERT INTO " . $db_prefix . "_multi_konten (uid, kontoid, waehrung) VALUES( " . $_SESSION['uid'] . ", '" . $_POST['veri_id'] . "', '" . $_POST['schnittstelle'] . "') ON DUPLICATE KEY UPDATE kontoid='" . $_POST['veri_id'] . "'");
+}
+
+
+$select_schnitt = '';
+$moeglichkeiten_q = db_query('SELECT schnittstelle FROM ' . $db_prefix . '_schnittstelle WHERE aktiv > 0 AND schnittstelle NOT IN (SELECT waehrung AS schnittstelle FROM vms_multi_konten WHERE uid=' . $_SESSION['uid'] . ')');
+while ($moeglichkeiten = mysqli_fetch_array($moeglichkeiten_q)) {
+ $select_schnitt .= '<option value="'. $moeglichkeiten['schnittstelle'] .'">'. $moeglichkeiten['schnittstelle'] .'</option>';
+}
+
+
+?>
+
+<form action="" method="post">
+ <table width="100%" border="0" cellpadding="1" cellspacing="1">
+ <tr>
+ <td>Konto:</td>
+ <td>
+ <select name="schnittstelle">
+ <?php echo $select_schnitt; ?>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td>ID:</td>
+ <td><input type="text" name="veri_id" /></td>
+ </tr>
+ <tr>
+ <td>Kennwort:</td>
+ <td><input type="text" name="veri_pw" /></td>
+ </tr>
+ <tr>
+ <td> </td>
+ <td><input type="submit" name="veri" value="Verifizieren" /></td>
+ </tr>
+ </table>
+</form>
+<h4>Bereits verifiziert:</h4>
+<table class="table table-striped">
+ <?php
+ $veri = mysqli_query('SELECT * FROM vms_multi_konten WHERE uid=' . $_SESSION['uid'] . '');
+ while ($verid = mysqli_fetch_array($veri)) {
+ echo '
+ <tr>
+ <td>'. $verid['waehrung'] .':</td>
+ <td>'. $verid['kontoid'] .'</td>
+ </tr>
+ ';
+ } ?>
+
+</table>
\ No newline at end of file
diff --git a/content/konto/profil_include/index.html b/content/konto/profil_include/index.html
new file mode 100644
index 0000000..e69de29
diff --git a/content/konto/profil_include/profil.php b/content/konto/profil_include/profil.php
new file mode 100644
index 0000000..cbf4f3d
--- /dev/null
+++ b/content/konto/profil_include/profil.php
@@ -0,0 +1,75 @@
+<form action="" method="post">
+ <table class="table">
+ <tr>
+ <td>Nickname/UID:</td>
+ <td><?php echo $info['nickname'];?> / <?php echo $_SESSION['uid'];?></td>
+ </tr>
+ <tr>
+ <td>Name:</td>
+ <td><input type="text" value="<?php echo $info['nachname'];?>"></td>
+ </tr>
+ <tr>
+ <td>Vorname:</td>
+ <td><input type="text" value="<?php echo $info['vorname'];?>"></td>
+ </tr>
+ <tr>
+ <td>Emailadresse:</td>
+ <td><input type="text" name="emailadresse" value="<?php echo $info['emailadresse'];?>"></td>
+ </tr>
+ <tr>
+ <td>Neues Passwort:</td>
+ <td><input type="password" name="pwd"></td>
+ </tr>
+ <tr>
+ <td>Neues Passwortbestätigung:</td>
+ <td><input type="password" name="pwd2"></td>
+ </tr>
+ <tr>
+ <td>Newsletter:</td>
+ <td>
+ <select name="newsletter">
+ <option value="1" <?php if ($newsletter == 1) echo 'selected';?>>Ja</option>
+ <option value="0" <?php if ($newsletter == 0) echo 'selected';?>>Nein</option>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td>Paidmails:</td>
+ <td>
+ <select name="paidmails">
+ <option value="1" <?php if ($paidmails == 1) echo 'selected';?>>Ja</option>
+ <option value="0" <?php if ($paidmails == 0) echo 'selected';?>>Nein</option>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td>Max. anzeigbare Forcedbanner:</td>
+ <td>
+ <table>
+ <tr>
+ <td><input name="max_forced" id="sliderValue1" type="Text" value="<?php echo $info['max_forced'];?>" size="3"></td>
+ <td><script language="JavaScript" src="js/userprofil_slieder/slider1.js"></script></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ <tr>
+ <td>Max. anzeigbare Textlinks:</td>
+ <td>
+ <table>
+ <tr>
+ <td><input name="max_paidlinks" id="sliderValue2" type="Text" value="<?php echo $info['max_paidlinks'];?>" size="3"></td>
+ <td><script language="JavaScript" src="js/userprofil_slieder/slider2.js"></script></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ <tr>
+ <td align="center" colspan="2"><br>
+ <input type="submit" name="aendern" value="Jetzt ändern!"><br>
+ <br>
+ <?php echo $change;?>
+ </td>
+ </tr>
+ </table>
+</form>
\ No newline at end of file
diff --git a/content/konto/userprofil.php b/content/konto/userprofil.php
index 8691f9b..f06f5d7 100644
--- a/content/konto/userprofil.php
+++ b/content/konto/userprofil.php
@@ -90,168 +90,47 @@ if ($_POST['aendern'] == 'Jetzt ändern!') {
$newsletter = 1;
$paidmails = 1;
}
-
- ?>
-
-<?php head("$seitenname - Userprofil");?>
-Hier findest Du deine Profildaten, bitte passe diese Daten immer an so das diese aktuell sind. Deaktiviere bitte
-die Paidmails wenn Du keine habe möchtest!<br>
-<?php foot();?>
-
-<?php head("$seitenname - Profildaten");?>
- <form action="" method="post">
- <table class="table">
- <tr>
- <td>Nickname/UID:</td>
- <td><?php echo $info['nickname'];?> / <?php echo $_SESSION['uid'];?></td>
- </tr>
- <tr>
- <td>Name:</td>
- <td><input type="text" value="<?php echo $info['nachname'];?>"></td>
- </tr>
- <tr>
- <td>Vorname:</td>
- <td><input type="text" value="<?php echo $info['vorname'];?>"></td>
- </tr>
- <tr>
- <td>Emailadresse:</td>
- <td><input type="text" name="emailadresse" value="<?php echo $info['emailadresse'];?>"></td>
- </tr>
- <tr>
- <td>Neues Passwort:</td>
- <td><input type="password" name="pwd"></td>
- </tr>
- <tr>
- <td>Neues Passwortbestätigung:</td>
- <td><input type="password" name="pwd2"></td>
- </tr>
- <tr>
- <td>Newsletter:</td>
- <td>
- <select name="newsletter">
- <option value="1" <?php if ($newsletter == 1) echo 'selected';?>>Ja</option>
- <option value="0" <?php if ($newsletter == 0) echo 'selected';?>>Nein</option>
- </select>
- </td>
- </tr>
- <tr>
- <td>Paidmails:</td>
- <td>
- <select name="paidmails">
- <option value="1" <?php if ($paidmails == 1) echo 'selected';?>>Ja</option>
- <option value="0" <?php if ($paidmails == 0) echo 'selected';?>>Nein</option>
- </select>
- </td>
- </tr>
- <tr>
- <td>Max. anzeigbare Forcedbanner:</td>
- <td>
- <table>
- <tr>
- <td><input name="max_forced" id="sliderValue1" type="Text" value="<?php echo $info['max_forced'];?>" size="3"></td>
- <td><script language="JavaScript" src="js/userprofil_slieder/slider1.js"></script></td>
- </tr>
- </table>
- </td>
- </tr>
- <tr>
- <td>Max. anzeigbare Textlinks:</td>
- <td>
- <table>
- <tr>
- <td><input name="max_paidlinks" id="sliderValue2" type="Text" value="<?php echo $info['max_paidlinks'];?>" size="3"></td>
- <td><script language="JavaScript" src="js/userprofil_slieder/slider2.js"></script></td>
- </tr>
- </table>
- </td>
- </tr>
- <tr>
- <td align="center" colspan="2"><br>
- <input type="submit" name="aendern" value="Jetzt ändern!"><br>
- <br>
- <?php echo $change;?>
- </td>
- </tr>
- </table>
- </form>
-<?php foot();
- $moeglich = mysqli_fetch_row(db_query('SELECT schnittstelle FROM ' . $db_prefix . '_schnittstelle WHERE aktiv > 0'));
-
- if ($moeglich != 0) {
- head("Externe Konten");
-
- if (isset($_POST['veri'])) {
- $schnittstelle = mysqli_fetch_array(db_query("SELECT * FROM " . $db_prefix . "_schnittstelle WHERE schnittstelle='" . $_POST['schnittstelle'] . "' AND aktiv > 0 LIMIT 1"));
- echo mysqli_error($sql_open);
- // User beim Betreiber prüfen
- db_query("INSERT INTO " . $db_prefix . "_schnittstelle_anfragen (zeit,uid) VALUES ('" . $tag . "'," . $_SESSION['uid'] . ")");
- echo mysqli_error($sql_open);
- require_once ("lib/schnittstellen/" . $schnittstelle['schnittstelle'] . ".php");
- uservalidate ($schnittstelle['betreiber_id'], $schnittstelle['betreiber_passwort'], $_POST['veri_id'], $_POST['veri_pw']);
- $error = $trans_ausgabe;
- print_r($error);
- if (!$error) db_query("INSERT INTO " . $db_prefix . "_multi_konten (uid, kontoid, waehrung) VALUES( " . $_SESSION['uid'] . ", '" . $_POST['veri_id'] . "', '" . $_POST['schnittstelle'] . "') ON DUPLICATE KEY UPDATE kontoid='" . $_POST['veri_id'] . "'");
- echo mysqli_error();
- }
-
- $moeglichkeiten_q = db_query('SELECT schnittstelle FROM ' . $db_prefix . '_schnittstelle WHERE aktiv > 0 AND schnittstelle NOT IN (SELECT waehrung AS schnittstelle FROM vms_multi_konten WHERE uid=' . $_SESSION['uid'] . ')');
-
- ?>
- <form action="" method="post">
- <table width="100%" border="0" cellpadding="1" cellspacing="1">
- <tr>
- <td>Konto:</td>
- <td><select name="schnittstelle">
- <?php
- while ($moeglichkeiten = mysqli_fetch_array($moeglichkeiten_q)) { ?>
-<option value="<?php echo $moeglichkeiten['schnittstelle']; ?>"><?php echo $moeglichkeiten['schnittstelle']; ?></option>
- <?php } ?>
- </select>
-</td>
- </tr>
- <tr>
- <td>ID:</td>
- <td><input type="text" name="veri_id" /></td>
- </tr>
- <tr>
- <td>Kennwort:</td>
- <td><input type="text" name="veri_pw" /></td>
- </tr>
- <tr>
- <td> </td>
- <td><input type="submit" name="veri" value="Verifizieren" /></td>
- </tr>
- </table>
-</form>
-Bereits verifiziert:<br />
-<table>
- <?php
- $veri = mysqli_query('SELECT * FROM vms_multi_konten WHERE uid=' . $_SESSION['uid'] . '');
- while ($verid = mysqli_fetch_array($veri)) { ?>
- <tr>
- <td><?php echo $verid['waehrung']; ?>:</td>
- <td><?php echo $verid['kontoid']; ?></td>
- </tr>
- <?php } ?></table>
-
- <?php foot();
- }
-
+ $moeglich = mysqli_fetch_row(db_query('SELECT schnittstelle FROM ' . $db_prefix . '_schnittstelle WHERE aktiv > 0'));
?>
-<?php
-head("Nickpage einrichten");
-require_once('content/konto/nickpage.php');
-foot();?>
-
+
+<div>
+ <ul class="nav nav-tabs" role="tablist">
+ <li role="presentation" class="active"><a href="#start" role="tab" data-toggle="tab">Profildaten</a></li>
+ <?php
+ if($moeglich != 0){
+ echo '<li role="presentation"><a href="#profil" role="tab" data-toggle="tab">Externe Konten</a></li>';
+ }
+ ?>
+ <li role="presentation"><a href="#nickpage" role="tab" data-toggle="tab">Nickpage</a></li>
+ <li role="presentation"><a href="#delete" role="tab" data-toggle="tab">Account löschen</a></li>
+ </ul>
+ <div class="tab-content">
+ <div role="tabpanel" class="tab-pane active" id="start">
+ <?php require('content/konto/profil_include/profil.php');?>
+ </div>
+ <div role="tabpanel" class="tab-pane" id="profil">
+ <?php
+ if($moeglich != 0){
+ require('content/konto/profil_include/externe_konten.php');
+ }
+ ?>
+ </div>
+ <div role="tabpanel" class="tab-pane" id="nickpage">
+ <?php require_once('content/konto/nickpage.php');?>
+ </div>
+ <div role="tabpanel" class="tab-pane" id="delete">
+ <div class="alert alert-danger">
+ Hier an dieser Stelle kannst Du deinen Account sofort selber löschen wenn Du es wünscht.
+ Bitte bedenke das alle Daten von Dir verloren gehen und bestehendes Guthaben dann auch
+ verloren geht, eine spätere Forderung an <? echo $waehrung;?> ist ausgeschlossen!
+ <div align="center">
+ <form action="" method="post"><br>
+ <?php echo $delchange;?>
+ Passwort: <input type="Password" name="del_passwort" value=""> <input type="Submit" name="acc_del" value="Jetzt löschen!">
+ </form>
+ </div>
+ </div>
+ </div>
+ </div>
-<?php head("$seitenname - Account löschen");?>
-Hier an dieser Stelle kannst Du deinen Account sofort selber löschen wenn Du es wünscht.
-Bitte bedenke das alle Daten von Dir verloren gehen und bestehendes Guthaben dann auch
-verloren geht, eine spätere Forderung an <? echo $waehrung;?> ist ausgeschlossen!
-<div align="center">
-<form action="" method="post"><br>
-<?php echo $delchange;?>
-Passwort: <input type="Password" name="del_passwort" value=""> <input type="Submit" name="acc_del" value="Jetzt löschen!">
-</form>
-</div>
-<?php foot();?>
+</div>
\ No newline at end of file
diff --git a/index.php b/index.php
index 0f6489b..983d01d 100644
--- a/index.php
+++ b/index.php
@@ -17,9 +17,10 @@ require ('lib/datenbank.inc.php');
db_connect();
require ('lib/functions.lib.php');
require ('lib/session.lib.php');
+require ('lib/run.inc.php');
require ('lib/layout.lib.php');
require ('lib/extras.lib.php');
-require ('lib/run.inc.php');
+
require ('lib/extra/mail.php');
if (!isset($_GET['content']) || empty ($_GET['content'])) $_GET['content'] = '/intern/startseite';
@@ -138,10 +139,10 @@ $ts = strtotime($datetime);
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Login <span class="caret"></span></a>
<ul class="dropdown-menu">
<li>
- <form method="post">
+ <form action="" method="post">
<input type="Text" class ="topbar_input" name="nickname" value="<?php echo $_POST['nickname'];?>" placeholder="Username">
<input type="Password" class ="topbar_input" name="passwort" value="" placeholder="Passwort">
- <input type="hidden" name="autologin" value="true">
+ <input type="checkbox" name="autologin">
<button type="submit" name="checkid" value="Login">Login</button>
</form>
</li>
diff --git a/install/mysql.txt b/install/mysql.txt
index 9da703a..7433e16 100644
--- a/install/mysql.txt
+++ b/install/mysql.txt
@@ -296,19 +296,19 @@ INSERT INTO `vms_news_komment` (`id`, `uid`, `datum`, `news`, `kommentar`) VALUE
CREATE TABLE `vms_nickpage` (
`uid` int(11) NOT NULL,
- `sex` int(11) NOT NULL,
- `ort` int(11) NOT NULL,
- `land` int(11) NOT NULL,
- `hobbys` int(11) NOT NULL,
- `beruf` int(11) NOT NULL,
+ `sex` text NOT NULL,
+ `ort` text NOT NULL,
+ `land` text NOT NULL,
+ `hobbys` longtext NOT NULL,
+ `beruf` text NOT NULL,
`icq` int(11) NOT NULL,
- `msn` int(11) NOT NULL,
- `aim` int(11) NOT NULL,
- `skype` int(11) NOT NULL,
- `www` int(11) NOT NULL,
- `www1` int(11) NOT NULL,
- `www2` int(11) NOT NULL,
- `www3` int(11) NOT NULL
+ `msn` text NOT NULL,
+ `aim` text NOT NULL,
+ `skype` text NOT NULL,
+ `www` text NOT NULL,
+ `www1` text NOT NULL,
+ `www2` text NOT NULL,
+ `www3` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `vms_paidmails_empfaenger` (
diff --git a/lib/functions.lib.php b/lib/functions.lib.php
index 9395241..e11d2be 100644
--- a/lib/functions.lib.php
+++ b/lib/functions.lib.php
@@ -259,7 +259,7 @@ function sonderzeichen($text){
}
function check_email($email) {
- if(!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
+ if(!filter_var($email_a, FILTER_VALIDATE_EMAIL)) {
return false;
}
$email_array = explode("@", $email);
diff --git a/lib/funktionen/konto/nickpage.php b/lib/funktionen/konto/nickpage.php
index 94f5b59..a4bd490 100644
--- a/lib/funktionen/konto/nickpage.php
+++ b/lib/funktionen/konto/nickpage.php
@@ -15,13 +15,12 @@
if($error == 0){
if($_POST['bdate'] != ''){
- $explode = explode(".",$_POST['bdate']);
+ $explode = explode("-",$_POST['bdate']);
$bdate = mktime(0,0,0,$explode[1],$explode[0],$explode[2]);
}else{
$bdate = 0;
}
-
$update = db_query("UPDATE ".$db_prefix."_nickpage SET
sex = '".htmlspecialchars($_POST['sex'])."',
ort = '".htmlspecialchars($_POST['ort'])."',
@@ -36,7 +35,7 @@
www1 = '".htmlspecialchars($_POST['www1'])."',
www2 = '".htmlspecialchars($_POST['www2'])."',
www3 = '".htmlspecialchars($_POST['www3'])."'
- WHERE uid=".$_SESSION['uid']."");
+ WHERE uid='".$_SESSION['uid']."'");
db_query("UPDATE ".$db_prefix."_userdaten SET bdate = '". mysqli_real_escape_string($sql_open,$bdate) ."' WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' ");
if ($_POST['ava'] == '') {
diff --git a/lib/run.inc.php b/lib/run.inc.php
index b544981..eabd6a5 100644
--- a/lib/run.inc.php
+++ b/lib/run.inc.php
@@ -1,24 +1,20 @@
<?php
-if($_SERVER["REQUEST_METHOD"] == "POST" && !isset($_POST['payment_save'] ) && !isset($_POST['login'])){
- $count = 0;
+
+if($_SERVER["REQUEST_METHOD"] == "POST" && !isset($_POST['login'])){
$count = count($_POST);
if($count != 0){
- $post = array();
$i = 1;
foreach($_POST as $key => $value) {
if($i == $count){
- $post[] = array("name" => $key, "value" => $value);
+ $post = array("name" => $key, "value" => $value);
}
$i++;
}
- $ab = mysqli_query($con,"SELECT datei,admin FROM ". $db_prefix ." WHERE value = '". mysqli_real_escape_string($con,$post[0]['value']) ."' AND name = '". mysqli_real_escape_string($con,$post[0]['name']) ."' ");
- if(mysqli_num_rows($ab) == 1){
- $a = mysqli_fetch_array($ab);
- if($a['admin'] == 1){
- if($_SESSION['admin'] == 1 AND rechte() == true){ die(); }
- }
- require('lib/funktionen/'.$a['datei']);
+ $dat = db_query("SELECT id,datei FROM ". $db_prefix ."_run_inc WHERE value = '". mysqli_real_escape_string($sql_open,$post['value']) ."' AND name = '". mysqli_real_escape_string($sql_open,$post['name']) ."' ");
+ if(mysqli_num_rows($dat) == 1){
+ $a = mysqli_fetch_object($dat);
+ require('lib/funktionen/'.$a->datei);
}else{
$error = 1;
$meldung = 'Aktion kann nicht ausgeführt werden.';
diff --git a/lib/session.lib.php b/lib/session.lib.php
index f4d9453..d4acc66 100644
--- a/lib/session.lib.php
+++ b/lib/session.lib.php
@@ -5,15 +5,17 @@ Datei : session.lib.php
*/
@session_start();
// Variabeln definieren
-if (!isset($_SESSION['login'])) $_SESSION['login'] = "";
-if (!isset($_SESSION['werber'])) $_SESSION['werber'] = "0";
-if (!isset($_SESSION['uid'])) $_SESSION['uid'] = "0";
-if (!isset($_POST['nickname'])) $_POST['nickname'] = "";
-if (!isset($_POST['passwort'])) $_POST['passwort'] = "";
-if (!isset($_POST['checkid'])) $_POST['checkid'] = "";
-if (!isset($_POST['autologin'])) $_POST['autologin'] = "";
-if (!isset($_GET['logout'])) $_GET['logout'] = "";
-if (!isset($_GET['ref'])) $_GET['ref'] = "0";
+if(isset($_POST['checkid'])){
+ if (!isset($_SESSION['login'])) $_SESSION['login'] = "";
+ if (!isset($_SESSION['werber'])) $_SESSION['werber'] = "0";
+ if (!isset($_SESSION['uid'])) $_SESSION['uid'] = "0";
+ if (!isset($_POST['nickname'])) $_POST['nickname'] = "";
+ if (!isset($_POST['passwort'])) $_POST['passwort'] = "";
+ if (!isset($_POST['checkid'])) $_POST['checkid'] = "";
+ if (!isset($_POST['autologin'])) $_POST['autologin'] = "";
+ if (!isset($_GET['logout'])) $_GET['logout'] = "";
+ if (!isset($_GET['ref'])) $_GET['ref'] = "0";
+}
if ($_SESSION['werber'] == "0") $_SESSION['werber'] = (int)$_GET['ref'];
// Seiteneinstellungen laden...
--
GitLab