hi all Freichat for dzcp ? clan cms = http://www.dzcp.de pl freichat for dzcp thx. nice chat.

please follow the steps given in the following URL, http://evnix.com/drupal2/node/328

<?php ## OUTPUT BUFFER START ## include("../inc/buffer.php"); ## INCLUDES ## include(basePath."/inc/config.php"); include(basePath."/inc/bbcode.php"); ## SETTINGS ## $time_start = generatetime(); lang($language); $dir = "user"; $where = _site_user; ## SECTIONS ## if(!isset($_GET['action'])) $action = ""; else $action = $_GET['action']; switch ($action): case 'login'; $where = _site_user_login; if($_GET['do'] == "yes") { if($secureLogin == 1 && ($_POST['secure'] != $_SESSION['sec_login'] || empty($_SESSION['sec_login']))) { $index = error(_error_invalid_regcode, 1); } else { if(checkpwd($_POST['user'], md5($_POST['pwd']))) { $qry = db("SELECT id,user,nick,pwd,email,level,time FROM ".$db['users']." WHERE user = '".up($_POST['user'])."' AND pwd = '".md5($_POST['pwd'])."' AND level != '0'"); $get = _fetch($qry); if(isset($_POST['permanent'])) { set_cookie($prev."id",$get['id']); set_cookie($prev."pwd",$get['pwd']); } $_SESSION['id'] = $get['id']; $_SESSION['pwd'] = $get['pwd']; $_SESSION['lastvisit'] = $get['time']; $_SESSION['ip'] = $userip; $upd = db("UPDATE ".$db['userstats']." SET `logins` = logins+1 WHERE user = ".$get['id']); $upd = db("UPDATE ".$db['users']." SET `online` = '1', `sessid` = '".session_id()."', `ip` = '".$userip."' WHERE id = ".$get['id']); $protocol = "login(".$get['id'].")"; $upd = db("INSERT INTO ".$db['ipcheck']." SET `ip` = '".$userip."', `what` = '".$protocol."', `time` = '".((int)time())."'"); header("Location: ?action=userlobby"); } else { $qry = db("SELECT id FROM ".$db['users']." WHERE user = '".up($_POST['user'])."'"); if(_rows($qry)) { $get = _fetch($qry); $protocol = "trylogin(".$get['id'].")"; $upd = db("INSERT INTO ".$db['ipcheck']." SET `ip` = '".$userip."', `what` = '".$protocol."', `time` = '".((int)time())."'"); } set_cookie($prev."id",""); set_cookie($prev."pwd",""); $index = error(_login_pwd_dont_match); } } } else { if($chkMe == "unlogged") { if($secureLogin == 1) { $secure = show($dir."/secure", array("help" => _login_secure_help, "security" => _register_confirm)); } $index = show($dir."/login", array("loginhead" => _login_head, "loginname" => _loginname, "dis" => $dis, "secure" => $secure, "lostpwd" => _login_lostpwd, "permanent" => _login_permanent, "pwd" => _pwd)); } else { $index = error(_error_user_already_in, 1); set_cookie($prev."id",""); set_cookie($prev."pwd",""); } } break; case 'lostpwd'; $where = _site_user_lostpwd; if($chkMe == "unlogged") { $index = show($dir."/lostpwd", array("head" => _lostpwd_head, "name" => _loginname, "value" => _button_value_send, "security" => _register_confirm, "email" => _email)); if($_GET['do'] == "sended") { $qry = db("SELECT id,user,level,pwd FROM ".$db['users']." WHERE user= '".$_POST['user']."' AND email = '".$_POST['email']."'"); $get = _fetch($qry); if(_rows($qry) && ($_POST['secure'] == $_SESSION['sec_lostpwd'] && $_SESSION['sec_lostpwd'] != NULL)) { $pwd = mkpwd(); $upd = db("UPDATE ".$db['users']." SET `pwd` = '".md5($pwd)."' WHERE user = '".$_POST['user']."' AND email = '".$_POST['email']."'"); $protocol = "pwd(".$get['id'].")"; $upd = db("INSERT INTO ".$db['ipcheck']." SET `ip` = '".$userip."', `what` = '".$protocol."', `time` = '".((int)time())."'"); $message = show(settings('eml_pwd'), array("user" => $_POST['user'], "pwd" => $pwd)); $subject = settings('eml_pwd_subj'); sendMail($_POST['email'],$subject,$message); $index = info(_lostpwd_valid, "../user/?action=login"); } else { $protocol = "trypwd(".$get['id'].")"; $upd = db("INSERT INTO ".$db['ipcheck']." SET `ip` = '".$userip."', `what` = '".$protocol."', `time` = '".((int)time())."'"); if($_POST['secure'] != $_SESSION['sec_lostpwd'] || empty($_SESSION['sec_lostpwd'])) $index = error(_error_invalid_regcode,1); else $index = error(_lostpwd_failed, 1); } } } else { $index = error(_error_user_already_in, 1); } break; case 'logout'; $where = _site_user_logout; $qry = db("UPDATE ".$db['users']." SET online = '0', sessid = '' WHERE id = '".$userid."'"); $protocol = "logout(".$userid.")"; $upd = db("INSERT INTO ".$db['ipcheck']." SET `ip` = '".$userip."', `what` = '".$protocol."', `time` = '".((int)time())."'"); set_cookie($prev.'id', ''); set_cookie($prev.'pwd', ''); set_cookie(session_name(), ''); session_unset(); session_destroy(); session_regenerate_id(); header("Location: ../news/"); break; case 'register'; $where = _site_reg; $check_regcode = settings("regcode"); if($chkMe == "unlogged") { if($check_regcode == 1) { $regcode = show($dir."/register_regcode", array("confirm" => _register_confirm, "confirm_add" => _register_confirm_add,)); } else { $regcode = ""; } $index = show($dir."/register", array("registerhead" => _register_head, "error" => "", "name" => _loginname, "nick" => _nick, "pwd" => _pwd, "pwd2" => _pwd2, "email" => _email, "r_name" => "", "r_nick" => "", "r_email" => "", "value" => _button_value_reg, "regcode" => $regcode)); } else { $index = error(_error_user_already_in, 1); } if ($_GET['do'] == "add") { $check_user = db("SELECT id FROM ".$db['users']." WHERE user = '".$_POST['user']."'"); $check_nick = db("SELECT id FROM ".$db['users']." WHERE nick = '".$_POST['nick']."'"); $check_email = db("SELECT id FROM ".$db['users']." WHERE email = '".$_POST['email']."'"); $_POST['user'] = trim($_POST['user']); $_POST['nick'] = trim($_POST['nick']); if(empty($_POST['user']) || empty($_POST['nick']) || empty($_POST['email']) || ($_POST['pwd'] != $_POST['pwd2']) || ($check_regcode == 1 && ($_POST['confirm'] != $_SESSION['sec_reg'] || $_SESSION['sec_reg'] == NULL)) || _rows($check_user) || _rows($check_nick) || _rows($check_email)) { if($check_regcode == 1 && ($_POST['confirm'] != $_SESSION['sec_reg'] || $_SESSION['sec_reg'] == NULL)) $error = show("errors/errortable", array("error" => _error_invalid_regcode)); if($_POST['pwd2'] != $_POST['pwd']) $error = show("errors/errortable", array("error" => _wrong_pwd)); if(!check_email($_POST['email'])) $error = show("errors/errortable", array("error" => _error_invalid_email)); if(empty($_POST['email'])) $error = show("errors/errortable", array("error" => _empty_email)); if(_rows($check_email)) $error = show("errors/errortable", array("error" => _error_email_exists)); if(empty($_POST['nick'])) $error = show("errors/errortable", array("error" => _empty_nick)); if(_rows($check_nick)) $error = show("errors/errortable", array("error" => _error_nick_exists)); if(empty($_POST['user'])) $error = show("errors/errortable", array("error" => _empty_user)); if(_rows($check_user)) $error = show("errors/errortable", array("error" => _error_user_exists)); if($check_regcode == 1) { $regcode = show($dir."/register_regcode", array("confirm" => _register_confirm, "confirm_add" => _register_confirm_add,)); } else { $regcode = ""; } $index = show($dir."/register", array("registerhead" => _register_head, "error" => $error, "name" => _loginname, "nick" => _nick, "pwd" => _pwd, "pwd2" => _pwd2, "email" => _email, "r_name" => $_POST['user'], "r_nick" => $_POST['nick'], "r_email" => $_POST['email'], "value" => _button_value_reg, "regcode" => $regcode)); } else { if(empty($_POST['pwd'])) { $mkpwd = mkpwd(); $pwd = md5($mkpwd); $msg = _info_reg_valid; } else { $mkpwd = $_POST['pwd']; $pwd = md5($mkpwd); $msg = _info_reg_valid_pwd; } $qry = db("INSERT INTO ".$db['users']." SET `user` = '".up($_POST['user'])."', `nick` = '".up($_POST['nick'])."', `email` = '".up($_POST['email'])."', `pwd` = '".$pwd."', `regdatum` = '".((int)time())."', `level` = '1', `time` = '".time()."', `status` = '1'"); $insert_id = mysql_insert_id(); $qry = db("INSERT INTO ".$db['permissions']." SET `user` = '".((int)$insert_id)."'"); $qry = db("INSERT INTO ".$db['userstats']." SET `user` = '".((int)$insert_id)."', `lastvisit` = '".((int)time())."'"); $protocol = "reg(".$insert_id.")"; $qry = db("INSERT INTO ".$db['ipcheck']." SET `ip` = '".$userip."', `what` = '".$protocol."', `time` = '".((int)time())."'"); $message = show(settings('eml_reg'), array("user" => up($_POST['user']), "pwd" => $mkpwd)); $subject = settings('eml_reg_subj'); sendMail($_POST['email'],$subject,$message); $index = info(show($msg, array("email" => $_POST['email'])), "../user/?action=login"); } } break; case 'userlobby'; $where = _site_user_lobby; if($chkMe == "unlogged") { $index = error(_error_have_to_be_logged, 1); } else { $qry = db("SELECT lastvisit FROM ".$db['userstats']." WHERE user = ".$userid.""); $get = _fetch($qry); # if(!permission("intforum")) $addforum = "AND s1.intern = '0'"; $addforum = ""; $qrykat = db("SELECT s1.id,s2.kattopic,s1.intern,s2.id FROM ".$db['f_kats']." AS s1 LEFT JOIN ".$db['f_skats']." AS s2 ON s1.id = s2.sid ".$addforum." ORDER BY s1.kid,s2.kattopic"); while($getkat = _fetch($qrykat)) { unset($nthread); unset($post); unset($forumposts_show); if(fintern($getkat['id'])) { $qrytopic = db("SELECT lp,id,topic,first,sticky FROM ".$db['f_threads']." WHERE kid = '".$getkat['id']."' AND lp > ".$get['lastvisit']." ORDER BY lp DESC LIMIT 150"); while($gettopic = _fetch($qrytopic)) { $lp = ""; $cnt = ""; $count = cnt($db['f_posts'], " WHERE date > ".$get['lastvisit']." AND sid = '".$gettopic['id']."'"); $lp = cnt($db['f_posts'], " WHERE sid = '".$gettopic['id']."'"); if($count == 0) { $cnt = 1; $pagenr = 1; $post = ""; } elseif($count == 1) { $cnt = 1; $pagenr = ceil($lp/$maxfposts); $post = _new_post_1; } else { $cnt = $count; $pagenr = ceil($lp/$maxfposts); $post = _new_post_2; } if($gettopic['first'] == 1) $nthread = _no_new_thread; else $nthread = _new_thread; if(check_new($gettopic['lp'],1)) { if($getkat['intern'] != 1) $intern = ""; else $intern = '<span class="fontWichtig">'._internal.':</span>   '; if($gettopic['sticky'] != 1) $wichtig = ""; else $wichtig = '<span class="fontWichtig">'._sticky.':</span> '; $date = (date("d.m.")==date("d.m.",$gettopic['lp'])) ? '['.date("H:i",$gettopic['lp']).']' : date("d.m.",$gettopic['lp']).' ['.date("H:i",$gettopic['lp']).']'; $erase = _user_new_erase; $forumposts_show .= '  '.$date. show(_user_new_forum, array("cnt" => $cnt, "tid" => $gettopic['id'], "thread" => re($gettopic['topic']), "intern" => $intern, "wichtig" => $wichtig, "post" => $post, "page" => $pagenr, "nthread" => $nthread, "lp" => $lp +1)); } } if(!empty($forumposts_show)) $forumposts .= '<div style="padding:4px;padding-left:0"><span class="fontBold">'.$getkat['kattopic'].'</span></div>'.$forumposts_show; } } $qrycw = db("SELECT s1.*,s2.icon FROM ".$db['cw']." AS s1 LEFT JOIN ".$db['squads']." AS s2 ON s1.squad_id = s2.id ORDER BY s1.datum"); while($getcw = _fetch($qrycw)) { if(check_new($getcw['datum'],1)) { $check = cnt($db['cw'], " WHERE datum >".$get['lastvisit'].""); if($check == 1) { $cnt = 1; $eintrag = _new_eintrag_1; } else { $cnt = $check; $eintrag = _new_eintrag_2; } $cws .= show(_user_new_cw, array("datum" => date("d.m. H:i", $getcw['datum'])._uhr, "id" => $getcw['id'], "icon" => $getcw['icon'], "gegner" => re($getcw['clantag']))); } } $qryu = db("SELECT id,regdatum FROM ".$db['users']." ORDER BY id DESC"); $getu = _fetch($qryu); if(check_new($getu['regdatum'],1)) { $check = cnt($db['users'], " WHERE regdatum > ".$get['lastvisit'].""); if($check == 1) { $cnt = 1; $eintrag = _new_users_1; } else { $cnt = $check; $eintrag = _new_users_2; } $erase = _user_new_erase; $user = show(_user_new_users, array("cnt" => $cnt, "eintrag" => $eintrag)); } if(!permission("gb") && $gb_activ == '1') $activ = "WHERE public = 1"; elseif(permission("gb") && $gb_activ == '1') $activ = ""; elseif(permission("gb") && $gb_activ == '0') $activ = ""; elseif($gb_activ == '0') $activ = ""; if(!permission("gb") && $gb_activ == '1') $cntgb = "AND public = 1"; elseif(permission("gb") && $gb_activ == '1') $cntgb = ""; elseif(permission("gb") && $gb_activ == '0') $cntgb = ""; elseif($gb_activ == '0') $cntgb = ""; $qrygb = db("SELECT id,datum FROM ".$db['gb']." ".$activ." ORDER BY id DESC"); $getgb = _fetch($qrygb); if(check_new($getgb['datum'],1)) { $check = cnt($db['gb'], " WHERE datum > ".$get['lastvisit']." ".$cntgb.""); if($check == "1") { $cnt = "1"; $eintrag = _new_eintrag_1; } else { $cnt = $check; $eintrag = _new_eintrag_2; } $erase = _user_new_erase; $gb = show(_user_new_gb, array("cnt" => $cnt, "eintrag" => $eintrag)); } $qrymember = db("SELECT id,datum FROM ".$db['usergb']." WHERE user = '".$userid."' ORDER BY datum DESC"); $getmember = _fetch($qrymember); if(check_new($getmember['datum'],1)) { $check = cnt($db['usergb'], " WHERE datum > ".$get['lastvisit']." AND user = '".$userid."'"); if($check == "1") { $cnt = "1"; $eintrag = _new_eintrag_1; } else { $cnt = $check; $eintrag = _new_eintrag_2; } $erase = _user_new_erase; $membergb = show(_user_new_membergb, array("cnt" => $cnt, "id" => $userid, "eintrag" => $eintrag)); } // Nachrichten $qrymsg = db("SELECT id,an,datum FROM ".$db['msg']." WHERE an = '".$userid."' AND readed = 0 AND see_u = 0 ORDER BY datum DESC"); $getmsg = _fetch($qrymsg); $check = cnt($db['msg'], " WHERE an = '".$userid."' AND readed = 0 AND see_u = 0"); if($check == 1) { $cnt = 1; $mymsg = show(_lobby_mymessage, array("cnt" => $cnt)); } else { $cnt = $check; $mymsg = show(_lobby_mymessages, array("cnt" => $cnt)); } // News if($chkMe >= 2) { $qrynews = db("SELECT id,datum FROM ".$db['news']." WHERE public = 1 AND datum <= ".time()." ORDER BY id DESC"); } else { $qrynews = db("SELECT id,datum FROM ".$db['news']." WHERE public = 1 AND intern = 0 AND datum <= ".time()." ORDER BY id DESC"); } while($getnews = _fetch($qrynews)) { if(check_new($getnews['datum'],1)) { $check = cnt($db['news'], " WHERE datum > ".$get['lastvisit']." AND public = 1"); if($check == "1") $cnt = "1"; else $cnt = $check; $erase = _user_new_erase; $news = show(_user_new_news, array("cnt" => $cnt, "eintrag" => _lobby_new_news)); } } $qrycheckn = db("SELECT id,titel FROM ".$db['news']." WHERE public = 1 AND datum <= ".time().""); while($getcheckn = _fetch($qrycheckn)) { $qrynewsc = db("SELECT id,news,datum FROM ".$db['newscomments']." WHERE news = '".$getcheckn['id']."' ORDER BY datum DESC"); $getnewsc = _fetch($qrynewsc); if(check_new($getnewsc['datum'],1)) { $check = cnt($db['newscomments'], " WHERE datum > ".$get['lastvisit']." AND news = '".$getnewsc['news']."'"); if($check == "1") { $cnt = "1"; $eintrag = _lobby_new_newsc_1; } else { $cnt = $check; $eintrag = _lobby_new_newsc_2; } $erase = _user_new_erase; $newsc .= show(_user_new_newsc, array("cnt" => $cnt, "id" => $getnewsc['news'], "news" => re($getcheckn['titel']), "eintrag" => $eintrag)); } } $qrycheckcw = db("SELECT id FROM ".$db['cw'].""); while($getcheckcw = _fetch($qrycheckcw)) { $qrycwc = db("SELECT id,cw,datum FROM ".$db['cw_comments']." WHERE cw = '".$getcheckcw['id']."' ORDER BY datum DESC"); $getcwc = _fetch($qrycwc); if(check_new($getcwc['datum'],1)) { $check = cnt($db['cw_comments'], " WHERE datum > ".$get['lastvisit']." AND cw = '".$getcwc['cw']."'"); if($check == 1) { $cnt = 1; $eintrag = _lobby_new_cwc_1; } else { $cnt = $check; $eintrag = _lobby_new_cwc_2; } $erase = _user_new_erase; $cwcom .= show(_user_new_clanwar, array("cnt" => $cnt, "id" => $getcwc['cw'], "eintrag" => $eintrag)); } } if(permission("votes")) { $qrynewv = db("SELECT datum FROM ".$db['votes']." WHERE forum = 0 ORDER BY datum DESC"); } else { $qrynewv = db("SELECT datum FROM ".$db['votes']." WHERE intern = 0 AND forum = 0 ORDER BY datum DESC"); } $getnewv = _fetch($qrynewv); if(check_new($getnewv['datum'],1)) { $check = cnt($db['votes'], " WHERE datum > ".$get['lastvisit']." AND forum = 0"); if($check == "1") { $cnt = "1"; $eintrag = _new_vote_1; } else { $cnt = $check; $eintrag = _new_vote_2; } $erase = _user_new_erase; $newv = show(_user_new_votes, array("cnt" => $cnt, "eintrag" => $eintrag)); } $qrykal = db("SELECT * FROM ".$db['events']." WHERE datum > '".time()."' ORDER BY datum"); $getkal = _fetch($qrykal); if(check_new($getkal['datum'],1)) { if(date("d.m.Y",$getkal['datum']) == date("d.m.Y", time())) { $nextkal = show(_userlobby_kal_today, array("time" => mktime(0,0,0,date("m",$getkal['datum']), date("d",$getkal['datum']),date("Y",$getkal['datum'])))); } else { $nextkal = show(_userlobby_kal_not_today, array("time" => mktime(0,0,0,date("m",$getkal['datum']), date("d",$getkal['datum']),date("Y",$getkal['datum'])), "date" => date("d.m.Y", $getkal['datum']))); } } $qryaw = db("SELECT id,postdate FROM ".$db['awards']." ORDER BY id DESC"); $getaw = _fetch($qryaw); if(check_new($getaw['postdate'],1)) { $check = cnt($db['awards'], " WHERE postdate > ".$get['lastvisit'].""); if($check == "1") { $cnt = "1"; $eintrag = _new_awards_1; } else { $cnt = $check; $eintrag = _new_awards_2; } $erase = _user_new_erase; $awards = show(_user_new_awards, array("cnt" => $cnt, "eintrag" => $eintrag)); } $qryra = db("SELECT id,postdate FROM ".$db['rankings']." ORDER BY id DESC"); $getra = _fetch($qryra); if(check_new($getra['postdate'],1)) { $check = cnt($db['rankings'], " WHERE postdate > ".$get['lastvisit'].""); if($check == "1") { $cnt = "1"; $eintrag = _new_rankings_1; } else { $cnt = $check; $eintrag = _new_rankings_2; } $erase = _user_new_erase; $rankings = show(_user_new_rankings, array("cnt" => $cnt, "eintrag" => $eintrag)); } $qryart = db("SELECT id,datum FROM ".$db['artikel']." WHERE public = 1 ORDER BY id DESC"); while($getart = _fetch($qryart)) { if(check_new($getart['datum'],1)) { $check = cnt($db['artikel'], " WHERE datum > ".$get['lastvisit']." AND public = 1"); if($check == "1") { $cnt = "1"; $eintrag = _lobby_new_art_1; } else { $cnt = $check; $eintrag = _lobby_new_art_2; } $erase = _user_new_erase; $artikel = show(_user_new_art, array("cnt" => $cnt, "eintrag" => $eintrag)); } } $qrychecka = db("SELECT id FROM ".$db['artikel']." WHERE public = 1"); while($getchecka = _fetch($qrychecka)) { $qryartc = db("SELECT id,artikel,datum FROM ".$db['acomments']." WHERE artikel = '".$getchecka['id']."' ORDER BY datum DESC"); $getartc = _fetch($qryartc); if(check_new($getartc['datum'],1)) { $check = cnt($db['acomments'], " WHERE datum > ".$get['lastvisit']." AND artikel = '".$getartc['artikel']."'"); if($check == "1") { $cnt = "1"; $eintrag = _lobby_new_artc_1; } else { $cnt = $check; $eintrag = _lobby_new_artc_2; } $erase = _user_new_erase; $artc .= show(_user_new_artc, array("cnt" => $cnt, "id" => $getartc['artikel'], "eintrag" => $eintrag)); } } $qrygal = db("SELECT id,datum FROM ".$db['gallery']." ORDER BY id DESC"); $getgal = _fetch($qrygal); if(check_new($getgal['datum'],1)) { $check = cnt($db['gallery'], " WHERE datum > ".$get['lastvisit'].""); if($check == "1") { $cnt = "1"; $eintrag = _new_gal_1; } else { $cnt = $check; $eintrag = _new_gal_2; } $erase = _user_new_erase; $gal = show(_user_new_gallery, array("cnt" => $cnt, "eintrag" => $eintrag)); } // New Aways $chklevel = db("SELECT level FROM ".$db['users']." WHERE id = '".$userid."'"); $getchklevel = _fetch($chklevel); $qryawayn = db("SELECT * FROM ".$db['away']." ORDER BY id"); while($getawayn = _fetch($qryawayn)) { if(check_new($getawayn['date'],1) && $getchklevel['level'] >= 2) { $erase = _user_new_erase; $awayn .= show(_user_away_new, array("id" => $getawayn['id'], "user" => autor($getawayn['userid']), "ab" => date("d.m.y",$getawayn['start']), "wieder" => date("d.m.y",$getawayn['end']), "what" => $getawayn['titel'])); $away_new = show(_user_away, array("naway" => _lobby_away_new, "away" => $awayn)); } else { $away_new = ""; } } // Aways $qryawaya = db("SELECT * FROM ".$db['away']." WHERE start <= '".time()."' AND end >= '".time()."' ORDER BY start"); while($getawaya = _fetch($qryawaya)) { if(_rows($qryawaya) && $getchklevel['level'] >= 2) { if($getawaya['end'] > time()) $wieder = _away_to2.' <b>'.date("d.m.y",$getawaya['end']).'</b>'; if(date("d.m.Y",$getawaya['end']) == date("d.m.Y",time())) $wieder = _away_today; $awaya .= show(_user_away_now, array("id" => $getawaya['id'], "user" => autor($getawaya['userid']), "wieder" => $wieder, "what" => $getawaya['titel'])); $away_now = show(_user_away_currently, array("ncaway" => _lobby_away, "caway" => $awaya)); } else { $away_now = ""; } } $qryft = db("SELECT s1.t_text,s1.id,s1.topic,s1.kid,s2.kattopic,s3.intern,s1.sticky FROM ".$db['f_threads']." s1, ".$db['f_skats']." s2, ".$db['f_kats']." s3 WHERE s1.kid = s2.id AND s2.sid = s3.id ORDER BY s1.lp DESC LIMIT 10"); while($getft = _fetch($qryft)) { if(fintern($getft['kid'])) { $lp = cnt($db['f_posts'], " WHERE sid = '".$getft['id']."'"); $pagenr = ceil($lp/$maxfposts); if($pagenr == 0) $page = 1; else $page = $pagenr; $qryp = db("SELECT text FROM ".$db['f_posts']." WHERE kid = '".$getft['kid']."' AND sid = '".$getft['id']."' ORDER BY date DESC LIMIT 1"); $getp = _fetch($qryp); if(_rows($qryp)) $text = strip_tags($getp['text']); else $text = strip_tags($getft['t_text']); if($getft['intern'] != 1) $intern = ""; else $intern = '<span class="fontWichtig">'._internal.':</span> '; if($getft['sticky'] != 1) $wichtig = ""; else $wichtig = '<span class="fontWichtig">'._sticky.':</span> '; $ftopics .= show($dir."/userlobby_forum", array("id" => $getft['id'], "pagenr" => $page, "p" => $lp +1, "intern" => $intern, "wichtig" => $wichtig, "lpost" => cut(re($text), 100), "kat" => re($getft['kattopic']), "titel" => re($getft['topic']), "kid" => $getft['kid'])); } } // Userlevel $lvl = data($userid,"level"); if($lvl == 1) $mylevel = _status_user; elseif($lvl == 2) $mylevel = _status_trial; elseif($lvl == 3) $mylevel = _status_member; elseif($lvl == 4) $mylevel = _status_admin; $index = show($dir."/userlobby", array("userlobbyhead" => _userlobby, "userstats" => _lobby_stats, "erase" => $erase, "pic" => useravatar($userid), "mynick" => autor($userid), "myrank" => getrank($userid), "myposts" => userstats($userid, "forumposts"), "mylogins" => userstats($userid, "logins"), "myhits" => userstats($userid, "hits"), "mymsg" => $mymsg, "mylevel" => $mylevel, "puser" => _user, "plevel" => _admin_user_level, "plogins" => _profil_logins, "phits" => _profil_pagehits, "prank" => _profil_position, "pposts" => _profil_forenposts, "nkal" => _kalender, "kal" => $nextkal, "nart" => _artikel, "art" => $artikel, "nartc" => _lobby_artikelc, "artc" => $artc, "board" => _forum, "threads" => _forum_thread, "rankings" => $rankings, "nrankings" => _lobby_rankings, "awards" => $awards, "nawards" => _lobby_awards, "nforum" => _lobby_forum, "ftopics" => $ftopics, "lastforum" => _last_forum, "forum" => $forumposts, "nvotes" => _lobby_votes, "ncwcom" => _cw_comments_head, "cwcom" => $cwcom, "ngal" => _lobby_gallery, "gal" => $gal, "votes" => $newv, "cws" => $cws, "ncws" => _lobby_cw, "nnewsc" => _lobby_newsc, "newsc" => $newsc, "ngb" => _lobby_gb, "gb" => $gb, "nuser" => _lobby_user, "user" => $user, "nmgb" => _lobby_membergb, "mgb" => $membergb, "nmsg" => _msg, "msg" => $msg, "nnews" => _lobby_news, "news" => $news, "away_new" => $away_new, "away_now" => $away_now, "neuerungen" => _lobby_new)); } break; case 'erase'; $_SESSION['lastvisit'] = data($userid, "time"); $update = db("UPDATE ".$db['userstats']." SET `lastvisit` = '".((int)$_SESSION['lastvisit'])."' WHERE user = '".$userid."'"); header("Location: ?action=userlobby"); break; case 'user'; $where = _user_profile_of.'autor_'.$_GET['id']; if(!exist($_GET['id'])) { $index = error(_user_dont_exist, 1); } else { $update = db("UPDATE ".$db['userstats']." SET `profilhits` = profilhits+1 WHERE user = '".intval($_GET['id'])."'"); $qry = db("SELECT * FROM ".$db['users']." WHERE id = '".intval($_GET['id'])."'"); $get = _fetch($qry); if($get['sex'] == "1") $sex = _male; elseif($get['sex'] == "2") $sex = _female; else $sex = '-'; if(empty($get['hp'])) $hp = "-"; else $hp = "<a href=\"".$get['hp']."\" target=\"_blank\">".$get['hp']."</a>";; if(empty($get['email'])) $email = "-"; else $email = "<img src=\"../inc/images/mailto.gif\" alt=\"\" align=\"texttop\"> <a href=\"mailto:".eMailAddr($get['email'])."\" target=\"_blank\">".eMailAddr($get['email'])."</a>"; $pn = show(_pn_write, array("id" => $_GET['id'], "nick" => $get['nick'])); if(empty($get['hlswid'])) $hlsw = "-"; else $hlsw = show(_hlswicon, array("id" => re($get['hlswid']), "img" => "1", "css" => "")); if($get['bday'] == ".." || $get['bday'] == 0 || empty($get['bday'])) $bday = "-"; else $bday = $get['bday']; if(empty($get['icq'])) { $icq = "-"; } else { $icq = show(_icqstatus, array("uin" => $get['icq'])); $icqnr = re($get['icq']); } if($get['status'] == 1 || ($getl['level'] != 1 && isset($_GET['sq']))) $status = _aktiv_icon; else $status = _inaktiv_icon; $qryl = db("SELECT * FROM ".$db['users']." WHERE id = '".intval($_GET['id'])."'"); $getl = _fetch($qryl); if($getl['level'] != 1 || isset($_GET['sq'])) { $sq = db("SELECT * FROM ".$db['userpos']." WHERE user = '".intval($_GET['id'])."'"); $cnt = cnt($db['userpos'], " WHERE user = '".$get['id']."'"); $i=1; if(_rows($sq) && !isset($_GET['sq'])) { while($getsq = _fetch($sq)) { if($i == $cnt) $br = ""; else $br = "-"; $pos .= " ".getrank($get['id'],$getsq['squad'],1)." ".$br; $i++; } } elseif(isset($_GET['sq'])) $pos = getrank($get['id'],$_GET['sq'],1); else $pos = getrank($get['id']); $qrycustom = db("SELECT * FROM ".$db['profile']." WHERE kid = '2' AND shown = '1' ORDER BY id ASC"); while($getcustom = _fetch($qrycustom)) { $qrycontent = db("SELECT ".$getcustom['feldname']." FROM ".$db['users']." WHERE id = '".intval($_GET['id'])."' LIMIT 1"); $getcontent = _fetch($qrycontent); if(!empty($getcontent[$getcustom['feldname']])) { if($getcustom['type'] == 2) $custom_clan .= show(_profil_custom_url, array("name" => re(pfields_name($getcustom['name'])), "value" => re($getcontent[$getcustom['feldname']]))); elseif($getcustom['type'] == 3) $custom_clan .= show(_profil_custom_mail, array("name" => re(pfields_name($getcustom['name'])), "value" => eMailAddr(re($getcontent[$getcustom['feldname']])))); else $custom_clan .= show(_profil_custom, array("name" => re(pfields_name($getcustom['name'])), "value" => re($getcontent[$getcustom['feldname']]))); } } $clan = show($dir."/clan", array("clan" => _profil_clan, "pposition" => _profil_position, "pstatus" => _profil_status, "position" => $pos, "status" => $status, "custom_clan" => $custom_clan)); } else { $clan = ""; } $buddyadd = show(_addbuddyicon, array("id" => $_GET['id'])); if(permission("editusers")) { $edituser = show("page/button_edit_single", array("id" => "", "action" => "action=admin&edit=".$_GET['id'], "title" => _button_title_edit)); $edituser = str_replace("&id=","",$edituser); } else { $edituser = ""; } if($_GET['show'] == "gallery") { $qrygl = db("SELECT * FROM ".$db['usergallery']." WHERE user = '".intval($_GET['id'])."' ORDER BY id DESC"); while($getgl = _fetch($qrygl)) { $class = ($color % 2) ? "contentMainSecond" : "contentMainFirst"; $color++; $gal .= show($dir."/profil_gallery_show", array("picture" => img_size("inc/images/uploads/usergallery"."/".$_GET['id']."_".$getgl['pic']), "beschreibung" => bbcode($getgl['beschreibung']), "class" => $class)); } $show = show($dir."/profil_gallery", array("galleryhead" => _gallery_head, "pic" => _gallery_pic, "beschr" => _gallery_beschr, "showgallery" => $gal)); } elseif($_GET['show'] == "gb") { $addgb = show(_usergb_eintragen, array("id" => $_GET['id'])); if(isset($_GET['page'])) $page = $_GET['page']; else $page = 1; $qrygb = db("SELECT * FROM ".$db['usergb']." WHERE user = ".intval($_GET['id'])." ORDER BY datum DESC LIMIT ".($page - 1)*$maxusergb.",".$maxusergb.""); $entrys = cnt($db['usergb'], " WHERE user = ".intval($_GET['id'])); $i = $entrys-($page - 1)*$maxusergb; while($getgb = _fetch($qrygb)) { if($getgb['hp']) $gbhp = show(_hpicon, array("hp" => $getgb['hp'])); else $gbhp = ""; if($getgb['email']) $gbemail = show(_emailicon, array("email" => eMailAddr($getgb['email']))); else $gbemail = ""; if(permission('editusers') || $_GET['id'] == $userid) { $edit = show("page/button_edit_single", array("id" => $get['id'], "action" => "action=user&show=gb&do=edit&gbid=".$getgb['id'], "title" => _button_title_edit)); $delete = show("page/button_delete_single", array("id" => $_GET['id'], "action" => "action=user&show=gb&do=delete&gbid=".$getgb['id'], "title" => _button_title_del, "del" => convSpace(_confirm_del_entry))); } else { $edit = ""; $delete = ""; } if($chkMe == 4) $posted_ip = $get['ip']; else $posted_ip = _logged; if($getgb['reg'] == 0) { if($getgb['hp']) $hp = show(_hpicon_forum, array("hp" => $getgb['hp'])); else $hp = ""; if($getgb['email']) $email = '<br />'.show(_emailicon_forum, array("email" => eMailAddr($getgb['email']))); else $email = ""; $onoff = ""; $avatar = ""; $nick = show(_link_mailto, array("nick" => re($getgb['nick']), "email" => eMailAddr($getgb['email']))); } else { $www = data($getgb['reg'], "hp"); $hp = empty($www) ? '' : show(_hpicon_forum, array("hp" => $www)); $email = '<br />'.show(_emailicon_forum, array("email" => eMailAddr(data($getgb['reg'], "email")))); $onoff = onlinecheck($getgb['reg']); $nick = autor($getgb['reg']); } $titel = show(_eintrag_titel, array("postid" => $i, "datum" => date("d.m.Y", $getgb['datum']), "zeit" => date("H:i", $getgb['datum'])._uhr, "edit" => $edit, "delete" => $delete)); if($chkMe == 4) $posted_ip = $getgb['ip']; else $posted_ip = _logged; $membergb .= show("page/comments_show", array("titel" => $titel, "comment" => bbcode($getgb['nachricht']), "nick" => $nick, "hp" => $hp, "editby" => bbcode($getgb['editby']), "email" => $email, "avatar" => useravatar($getgb['reg']), "onoff" => $onoff, "rank" => getrank($getgb['reg']), "ip" => $posted_ip)); $i--; } if(!ipcheck("mgbid(".$_GET['id'].")", $flood_membergb)) { if(isset($userid)) { $form = show("page/editor_regged", array("nick" => autor($userid), "von" => _autor)); } else { $form = show("page/editor_notregged", array("nickhead" => _nick, "emailhead" => _email, "hphead" => _hp, "postemail" => "")); } $add = show($dir."/usergb_add", array("titel" => _eintragen_titel, "nickhead" => _nick, "bbcodehead" => _bbcode, "emailhead" => _email, "hphead" => _hp, "form" => $form, "security" => _register_confirm, "preview" => _preview, "ed" => "&uid=".$_GET['id'], "whaturl" => "add", "reg" => "", "b1" => $u_b1, "b2" => $u_b2, "id" => $_GET['id'], "postemail" => $postemail, "add_head" => _gb_add_head, "what" => _button_value_add, "lang" => $language, "ip" => _iplog_info, "posthp" => $posthp, "postnick" => $postnick, "posteintrag" => "", "error" => "", "eintraghead" => _eintrag)); } else { $add = ""; } $seiten = nav($entrys,$maxusergb,"?action=user&id=".$_GET['id']."&show=gb"); $show = show($dir."/profil_gb",array("gbhead" => _membergb, "show" => $membergb, "seiten" => $seiten, "entry" => $add)); } else { $qrycustom = db("SELECT * FROM ".$db['profile']." WHERE kid = '1' AND shown = '1' ORDER BY id ASC"); while($getcustom = _fetch($qrycustom)) { $qrycontent = db("SELECT ".$getcustom['feldname']." FROM ".$db['users']." WHERE id = '".intval($_GET['id'])."' LIMIT 1"); $getcontent = _fetch($qrycontent); if(!empty($getcontent[$getcustom['feldname']])) { if($getcustom['type'] == 2) $custom_about .= show(_profil_custom_url, array("name" => re(pfields_name($getcustom['name'])), "value" => re($getcontent[$getcustom['feldname']]))); elseif($getcustom['type'] == 3) $custom_about .= show(_profil_custom_mail, array("name" => re(pfields_name($getcustom['name'])), "value" => eMailAddr(re($getcontent[$getcustom['feldname']])))); else $custom_about .= show(_profil_custom, array("name" => re(pfields_name($getcustom['name'])), "value" => re($getcontent[$getcustom['feldname']]))); } } $qrycustom = db("SELECT * FROM ".$db['profile']." WHERE kid = '3' AND shown = '1' ORDER BY id ASC"); while($getcustom = _fetch($qrycustom)) { $qrycontent = db("SELECT ".$getcustom['feldname']." FROM ".$db['users']." WHERE id = '".intval($_GET['id'])."' LIMIT 1"); $getcontent = _fetch($qrycontent); if(!empty($getcontent[$getcustom['feldname']])) { if($getcustom['type'] == 2) $custom_contact .= show(_profil_custom_url, array("name" => re(pfields_name($getcustom['name'])), "value" => re($getcontent[$getcustom['feldname']]))); elseif($getcustom['type'] == 3) $custom_contact .= show(_profil_custom_mail, array("name" => re(pfields_name($getcustom['name'])), "value" => eMailAddr(re($getcontent[$getcustom['feldname']])))); else $custom_contact .= show(_profil_custom, array("name" => re(pfields_name($getcustom['name'])), "value" => re($getcontent[$getcustom['feldname']]))); } } $qrycustom = db("SELECT * FROM ".$db['profile']." WHERE kid = '4' AND shown = '1' ORDER BY id ASC"); $cf = 0; while($getcustom = _fetch($qrycustom)) { $qrycontent = db("SELECT ".$getcustom['feldname']." FROM ".$db['users']." WHERE id = '".intval($_GET['id'])."' LIMIT 1"); $getcontent = _fetch($qrycontent); if(!empty($getcontent[$getcustom['feldname']])) { if($getcustom['type']==2) $custom_favos .= show(_profil_custom_url, array("name" => re(pfields_name($getcustom['name'])), "value" => re($getcontent[$getcustom['feldname']]))); elseif($getcustom['type']==3) $custom_favos .= show(_profil_custom_mail, array("name" => re(pfields_name($getcustom['name'])), "value" => eMailAddr(re($getcontent[$getcustom['feldname']])))); else $custom_favos .= show(_profil_custom, array("name" => re(pfields_name($getcustom['name'])), "value" => re($getcontent[$getcustom['feldname']]))); $cf++; } } if($cf != 0) $favos_head = show(_profil_head_cont, array("what" => _profil_favos)); $qrycustom = db("SELECT * FROM ".$db['profile']." WHERE kid = '5' AND shown = '1' ORDER BY id ASC"); $ch = 0; while($getcustom = _fetch($qrycustom)) { $qrycontent = db("SELECT ".$getcustom['feldname']." FROM ".$db['users']." WHERE id = '".intval($_GET['id'])."' LIMIT 1"); $getcontent = _fetch($qrycontent); if(!empty($getcontent[$getcustom['feldname']])) { if($getcustom['type']==2) $custom_hardware .= show(_profil_custom_url, array("name" => re(pfields_name($getcustom['name'])), "value" => re($getcontent[$getcustom['feldname']]))); elseif($getcustom['type']==3) $custom_hardware .= show(_profil_custom_mail, array("name" => re(pfields_name($getcustom['name'])), "value" => eMailAddr(re($getcontent[$getcustom['feldname']])))); else $custom_hardware .= show(_profil_custom, array("name" => re(pfields_name($getcustom['name'])), "value" => re($getcontent[$getcustom['feldname']]))); $ch++; } } if($ch != 0) $hardware_head = show(_profil_head_cont, array("what" => _profil_hardware)); if(empty($get['rlname'])) $rlname = '-'; else $rlname = re($get['rlname']); $show = show($dir."/profil_show",array("hardware_head" => $hardware_head, "about" => _profil_about, "rang" => $rang, "country" => flag($get['country']), "rangpic" => $rangpic, "pcity" => _profil_city, "city" => re($get['city']), "prank" => _profile_rank, "stats_hits" => _profil_pagehits, "stats_profilhits" => _profil_profilhits, "stats_msgs" => _profil_msgs, "stats_lastvisit" => _profil_last_visit, "stats_forenposts" => _profil_forenposts, "stats_logins" => _profil_logins, "stats_cws" => _profil_cws, "stats_reg" => _profil_registered, "stats_votes" => _profil_votes, "logins" => userstats($_GET['id'], "logins"), "hits" => userstats($_GET['id'], "hits"), "msgs" => userstats($_GET['id'], "writtenmsg"), "forenposts" => userstats($_GET['id'], "forumposts"), "votes" => userstats($_GET['id'], "votes"), "cws" => userstats($_GET['id'], "cws"), "regdatum" => date("d.m.Y H:i", $get['regdatum'])._uhr, "lastvisit" => date("d.m.Y H:i", userstats($_GET['id'], "lastvisit"))._uhr, "contact" => _profil_contact, "preal" => _profil_real, "pemail" => _email, "picq" => _icq, "phlsw" => _hlswstatus, "psteam" => _steamid, "php" => _hp, "hp" => $hp, "pnick" => _nick, "pbday" => _profil_bday, "page" => _profil_age, "psex" => _profil_sex, "gamestuff" => _profil_gamestuff, "xfire" => re($get['hlswid']), "buddyadd" => $buddyadd, "userstats" => _profil_userstats, "pos" => _profil_os, "pcpu" => _profil_cpu, "pram" => _profil_ram, "phdd" => _profil_hdd, "pboard" => _profil_board, "pmaus" => _profil_maus, "nick" => autor($get['id']), "rlname" => $rlname, "bday" => $bday, "age" => getAge($get['bday']), "sex" => $sex, "email" => $email, "icq" => $icq, "icqnr" => $icqnr, "pn" => $pn, "edituser" => $edituser, "hlswid" => $hlsw, "steamid" => $steamid, "steam" => $steam, "onoff" => onlinecheck($get['id']), "clan" => $clan, "picture" => userpic($get['id']), "favos_head" => $favos_head, "sonst" => _profil_sonst, "pich" => _profil_ich, "pposition" => _profil_position, "pstatus" => _profil_status, "position" => getrank($get['id']), "status" => $status, "ich" => bbcode($get['beschreibung']), "custom_about" => $custom_about, "custom_contact" => $custom_contact, "custom_favos" => $custom_favos, "custom_hardware" => $custom_hardware)); } $navi_profil = show(_profil_navi_profil, array("id" => $_GET['id'])); $navi_gb = show(_profil_navi_gb, array("id" => $_GET['id'])); $navi_gallery = show(_profil_navi_gallery, array("id" => $_GET['id'])); $profil_head = show(_profil_head, array("profilhits" => userstats($_GET['id'],"profilhits"))); $index = show($dir."/profil", array("profilhead" => $profil_head, "show" => $show, "nick" => autor($_GET['id']), "profil" => $navi_profil, "gb" => $navi_gb, "gallery" => $navi_gallery)); if($_GET['do'] == "delete") { if($chkMe == "4" || $_GET['id'] == $userid) { $qry = db("DELETE FROM ".$db['usergb']." WHERE user = '".intval($_GET['id'])."' AND id = '".intval($_GET['gbid'])."'"); $index = info(_gb_delete_successful, "?action=user&id=".$_GET['id']."&show=gb"); } else { $index = error(_error_wrong_permissions, 1); } } elseif($_GET['do'] == "edit") { $qry = db("SELECT * FROM ".$db['usergb']." WHERE id = '".intval($_GET['gbid'])."'"); $get = _fetch($qry); if($get['reg'] == $userid || permission('editusers')) { if($get['reg'] != 0) { $form = show("page/editor_regged", array("nick" => autor($get['reg']), "von" => _autor)); } else { $form = show("page/editor_notregged", array("nickhead" => _nick, "emailhead" => _email, "hphead" => _hp, "postemail" => re($get['email']), "posthp" => re($get['hp']), "postnick" => re($get['nick']))); } $index = show($dir."/usergb_add", array("nickhead" => _nick, "add_head" => _gb_edit_head, "bbcodehead" => _bbcode, "emailhead" => _email, "preview" => _preview, "whaturl" => "edit&gbid=".$_GET['gbid'], "ed" => "&do=edit&uid=".$_GET['id']."&gbid=".$_GET['gbid'], "security" => _register_confirm, "b1" => $u_b1, "b2" => $u_b2, "what" => _button_value_edit, "reg" => $get['reg'], "hphead" => _hp, "id" => $_GET['id'], "form" => $form, "postemail" => $get['email'], "posthp" => $get['hp'], "postnick" => re($get['nick']), "posteintrag" => re_bbcode($get['nachricht']), "error" => $error, "ip" => _iplog_info, "eintraghead" => _eintrag)); } else { $index = error(_error_edit_post,1); } } } break; case 'usergb'; $where = _site_user_profil; if($_GET['do'] == "add") { if(isset($userid)) $toCheck = empty($_POST['eintrag']); else $toCheck = empty($_POST['nick']) || empty($_POST['email']) || empty($_POST['eintrag']) || !check_email($_POST['email']) || $_POST['secure'] != $_SESSION['sec_'.$dir] || empty($_SESSION['sec_'.$dir]); if($toCheck) { if(isset($userid)) { if(empty($_POST['eintrag'])) $error = _empty_eintrag; $form = show("page/editor_regged", array("nick" => autor($userid), "von" => _autor)); } else { if(($_POST['secure'] != $_SESSION['sec_'.$dir]) || empty($_SESSION['sec_'.$dir])) $error = _error_invalid_regcode; elseif(empty($_POST['nick'])) $error = _empty_nick; elseif(empty($_POST['email'])) $error = _empty_email; elseif(!check_email($_POST['email'])) $error = _error_invalid_email; elseif(empty($_POST['eintrag'])) $error = _empty_eintrag; $form = show("page/editor_notregged", array("nickhead" => _nick, "emailhead" => _email, "hphead" => _hp,)); } $error = show("errors/errortable", array("error" => $error)); $index = show($dir."/usergb_add", array("titel" => _eintragen_titel, "nickhead" => _nick, "add_head" => _gb_add_head, "bbcodehead" => _bbcode, "emailhead" => _email, "preview" => _preview, "ed" => "&uid=".$_GET['id'], "whaturl" => "add", "security" => _register_confirm, "b1" => $u_b1, "b2" => $u_b2, "what" => _button_value_add, "hphead" => _hp, "id" => $_GET['id'], "reg" => $_POST['reg'], "form" => $form, "postemail" => $_POST['email'], "posthp" => $_POST['hp'], "postnick" => re($_POST['nick']), "posteintrag" => re_bbcode($_POST['eintrag']), "error" => $error, "ip" => _iplog_info, "eintraghead" => _eintrag)); } else { $qry = db("INSERT INTO ".$db['usergb']." SET `user` = '".((int)$_GET['id'])."', `datum` = '".((int)time())."', `nick` = '".up($_POST['nick'])."', `email` = '".up($_POST['email'])."', `hp` = '".links($_POST['hp'])."', `reg` = '".((int)$userid)."', `nachricht` = '".up($_POST['eintrag'],1)."', `ip` = '".$userip."'"); $mgbid = "mgbid(".$_GET['id'].")"; $qry = db("INSERT INTO ".$db['ipcheck']." SET `ip` = '".$userip."', `what` = '".$mgbid."', `time` = '".((int)time())."'"); $index = info(_usergb_entry_successful, "?action=user&id=".$_GET['id']."&show=gb"); } } elseif($_GET['do'] == 'edit') { if($_POST['reg'] == $userid || permission('editusers')) { if($_POST['reg'] == 0) { $addme = "`nick