1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
290:
291:
292:
293:
294:
295:
296:
297:
298:
299:
300:
301:
302:
303:
304:
305:
306:
307:
308:
309:
310:
311:
312:
|
<?php
/*
Teamsite Hack V3 by Blue
http://www.robertotto.de
V3 REV 3.0.1 -- 13.08.2005
*/
$filename='teamsite.php';
require('./global.php');
$lang->load('ACP_TEAMSITE,MISC,TEAMSITE');
if((($wbbuserdata['a_can_team_edit'])or($wbbuserdata['m_can_team_auf_edit']))or(($wbbuserdata['a_can_team_edit'])and($wbbuserdata['m_can_team_auf_edit'])));
else access_error();
if (isset($_REQUEST['action'])) $action = $_REQUEST['action'];
else $action = '';
if (isset($_REQUEST['userid'])) $userid = $_REQUEST['userid'];
else $userid = '';
if (isset($_REQUEST['username'])) $username = $_REQUEST['username'];
else $username = '';
if (isset($_REQUEST['up'])) $up = $_REQUEST['up'];
else $up = '';
if (isset($_REQUEST['del'])) $del = $_REQUEST['del'];
else $del = '';
if (isset($_REQUEST['edit'])) $edit = $_REQUEST['edit'];
else $edit = '';
if (isset($_REQUEST['imagename'])) $imagename = $_REQUEST['imagename'];
else $imagename = '';
### Einstellungen auslesen und Zeigen ###
if ($action == 'view') {
$result = $db->query("SELECT * FROM bb".$n."_teamsite");
while ($row = $db->fetch_array($result)) {
$tsversion = $row['tsversion'];
$avatar = $row['avatar'];
$pn = $row['pn'];
$email = $row['email'];
$aufgabe = $row['aufgabe'];
$usertext = $row['usertext'];
$rang = $row['rang'];
$herkunft = $row['herkunft'];
$userpost = $row['userpost'];
$userprofil = $row['userprofil'];
$moderator = $row['moderator'];
$portrait = $row['portrait'];
$pxw = $row['pxw'];
$pxh = $row['pxh'];
$icqteam = $row['icqteam'];
$icqall = $row['icqall'];
$images = $row['images'];
}
if ($avatar == "0") $group0sel[0] = " selected=\"selected\"";
elseif ($avatar == "1") $group0sel[1] = " selected=\"selected\"";
if ($pn == "0") $group1sel[0] = " selected=\"selected\"";
elseif ($pn == "1") $group1sel[1] = " selected=\"selected\"";
if ($email == "0") $group2sel[0] = " selected=\"selected\"";
elseif ($email == "1") $group2sel[1] = " selected=\"selected\"";
if ($aufgabe == "0") $group3sel[0] = " selected=\"selected\"";
elseif ($aufgabe == "1") $group3sel[1] = " selected=\"selected\"";
if ($usertext == "0") $group4sel[0] = " selected=\"selected\"";
elseif ($usertext == "1") $group4sel[1] = " selected=\"selected\"";
if ($rang == "0") $group5sel[0] = " selected=\"selected\"";
elseif ($rang == "1") $group5sel[1] = " selected=\"selected\"";
if ($herkunft == "0") $group6sel[0] = " selected=\"selected\"";
elseif ($herkunft == "1") $group6sel[1] = " selected=\"selected\"";
if ($userpost == "0") $group7sel[0] = " selected=\"selected\"";
elseif ($userpost == "1") $group7sel[1] = " selected=\"selected\"";
if ($userprofil == "0") $group8sel[0] = " selected=\"selected\"";
elseif ($userprofil == "1") $group8sel[1] = " selected=\"selected\"";
if ($moderator == "0") $group9sel[0] = " selected=\"selected\"";
elseif ($moderator == "1") $group9sel[1] = " selected=\"selected\"";
if ($portrait == "0") $group10sel[0] = " selected=\"selected\"";
elseif ($portrait == "1") $group10sel[1] = " selected=\"selected\"";
if ($icqteam == "0") $group11sel[0] = " selected=\"selected\"";
elseif ($icqteam == "1") $group11sel[1] = " selected=\"selected\"";
if ($icqall == "0") $group12sel[0] = " selected=\"selected\"";
elseif ($icqall == "1") $group12sel[1] = " selected=\"selected\"";
if ($images == "0") $group13sel[0] = " selected=\"selected\"";
elseif ($images == "1") $group13sel[1] = " selected=\"selected\"";
eval("\$tpl->output(\"".$tpl->get("teamsite_edit", 1)."\",1);");
}
### Einstellungen updaten ###
if ($action == "update") {
if (isset($_POST['send'])) {
$db->query("UPDATE bb".$n."_teamsite SET avatar = '".intval($_POST['avatar'])."', pn = '".intval($_POST['pn'])."', email = '".intval($_POST['email'])."', aufgabe = '".intval($_POST['aufgabe'])."', usertext = '".intval($_POST['usertext'])."', rang = '".intval($_POST['rang'])."', herkunft = '".intval($_POST['herkunft'])."', userpost = '".intval($_POST['userpost'])."', userprofil = '".intval($_POST['userprofil'])."', moderator = '".intval($_POST['moderator'])."', portrait = '".intval($_POST['portrait'])."', pxw = '".intval($_POST['pxw'])."', pxh = '".intval($_POST['pxh'])."', icqteam = '".intval($_POST['icqteam'])."', icqall = '".intval($_POST['icqall'])."', images = '".intval($_POST['images'])."'");
header("Location: teamsite.php?action=view&sid=$session[hash]");
exit();
}
}
### Aufgabe edit own ###
if ($action == 'ownedit') {
$userid = $wbbuserdata['userid'];
$result = $db->query("SELECT * FROM bb".$n."_users WHERE userid='$userid'");
while ($row = $db->fetch_array($result)) {
$aufgabe = $row['aufgabe'];
$portrait = $row['portrait'];
}
if ($portrait == '') {
$haveportrait = 0;
} else {
$haveportrait = 1;
}
$result1 = $db->query("SELECT pxw,pxh FROM bb".$n."_teamsite");
while ($row1 = $db->fetch_array($result1)) {
$pxw = $row1['pxw'];
$pxh = $row1['pxh'];
}
eval("\$tpl->output(\"".$tpl->get("teamsite_ownauf", 1)."\",1);");
}
if ($action == 'owneditup') {
// Bildupload Portrait
if ($up == 'up') {
$dateityp = GetImageSize($_FILES['portrait']['tmp_name']);
$typ = '.gif';
if($dateityp[2] != 0)
{
move_uploaded_file($_FILES['portrait']['tmp_name'], "../images/ts_images/".$wbbuserdata['userid']."_portrait".$typ);
} else {
eval("\$tpl->output(\"".$tpl->get("teamsite_upload_error", 1)."\",1);");
exit();
}
$portrait2 = $wbbuserdata['userid']."_portrait.gif";
$userid = $wbbuserdata['userid'];
$db->query("UPDATE bb".$n."_users SET portrait='$portrait2' WHERE userid='$userid'");
$haveportrait = 1;
header("Location: teamsite.php?action=ownedit&sid=$session[hash]");
exit();
}
// Portrait Delete
if ($del == 'del') {
$userid = $wbbuserdata['userid'];
$db->query("UPDATE bb".$n."_users SET portrait='' WHERE userid='$userid'");
unlink("../images/ts_images/".$userid."_portrait.gif");
header("Location: teamsite.php?action=ownedit&sid=$session[hash]");
exit();
}
// Eigener Aufgabenbereich
if (isset($_POST['send'])) {
$userid = $wbbuserdata['userid'];
$db->query("UPDATE bb".$n."_users SET aufgabe = '".addslashes($_POST['aufgabe'])."' WHERE userid='$userid'");
header("Location: teamsite.php?action=ownedit&sid=$session[hash]");
exit();
}
}
### Aufgabe edit team ###
if ($action == 'aufedit') {
if (isset($_REQUEST['edit'])) $edit = $_REQUEST['edit'];
else $edit = '';
$users = $db->unbuffered_query("SELECT g.groupid, g.title, uf.*, ".
"u.userid, u.username, u.invisible, u.receivepm, u.lastactivity, u.email, u.showemail, u.usercanemail,".
"gl.userid AS groupleader ".
"FROM bb".$n."_groups g ".
"LEFT JOIN bb".$n."_user2groups USING (groupid) ".
"LEFT JOIN bb".$n."_users u USING (userid) ".
"LEFT JOIN bb".$n."_userfields uf USING (userid) ".
"LEFT JOIN bb".$n."_groupleaders gl ON (gl.userid=u.userid AND gl.groupid=g.groupid) ".
"WHERE g.showonteam = 1 ORDER BY g.showorder, g.groupid, u.username");
while ($user = $db->fetch_array($users)) {
$teamname = $user['username'];
$teamid = $user['userid'];
if ($teamid == '') {
$noname = 0;
} else {
$noname = 1;
}
eval("\$teamsite_bit .= \"".$tpl->get("teamsite_bit", 1)."\";");
}
eval("\$tpl->output(\"".$tpl->get("teamsite_aufeditid", 1)."\",1);");
// Anzeige team edit
if ($edit == '1') {
$result = $db->query("SELECT * FROM bb".$n."_users WHERE userid='$userid'");
while ($row = $db->fetch_array($result)) {
$aufgabe = $row['aufgabe'];
$result1 = $db->query("SELECT * FROM bb".$n."_teamsite_image WHERE userid='$userid'");
while ($row1 = $db->fetch_array($result1)) {
$imagename = $row1['imageftp'];
$imageuser = $row1['userid'];
eval("\$ordenlist .= \"".$tpl->get("teamsite_orden_bit", 1)."\";");
}
eval("\$tpl->output(\"".$tpl->get("teamsite_aufedit", 1)."\",1);");
}
}
}
if ($action == 'aufedit2') {
$db->query("UPDATE bb".$n."_users SET aufgabe = '".addslashes($_POST['aufgabe'])."' WHERE userid='$userid'");
header("Location: teamsite.php?action=aufedit&sid=$session[hash]");
exit();
}
### Order auslesen und Zeigen ###
if ($action == 'orderview') {
$result = $db->query("SELECT * FROM bb".$n."_teamsite_colorder ORDER BY 'colorder'");
while ($row = $db->fetch_array($result)) {
$order = $row['colorder'];
$name = $row['name'];
$id = $row['colid'];
$i++;
if ($i == 0) {
$tdclass = "firstrow";
}
if ($i == 1) {
$tdclass = "secondrow";
}
if ($i == 2) {
$tdclass = "firstrow";
$i = 0;
}
eval("\$ordername .= \"".$tpl->get("teamsite_order_bit", 1)."\";");
eval("\$orderid .= \"".$tpl->get("teamsite_order_bit2", 1)."\";");
}
eval("\$tpl->output(\"".$tpl->get("teamsite_order", 1)."\",1);");
}
if ($action == "orderupdate") {
$db->query("UPDATE bb".$n."_teamsite_colorder SET colorder = '$_POST[id1]' WHERE colid='1'");
$db->query("UPDATE bb".$n."_teamsite_colorder SET colorder = '$_POST[id2]' WHERE colid='2'");
$db->query("UPDATE bb".$n."_teamsite_colorder SET colorder = '$_POST[id3]' WHERE colid='3'");
$db->query("UPDATE bb".$n."_teamsite_colorder SET colorder = '$_POST[id4]' WHERE colid='4'");
$db->query("UPDATE bb".$n."_teamsite_colorder SET colorder = '$_POST[id5]' WHERE colid='5'");
$db->query("UPDATE bb".$n."_teamsite_colorder SET colorder = '$_POST[id6]' WHERE colid='6'");
$db->query("UPDATE bb".$n."_teamsite_colorder SET colorder = '$_POST[id7]' WHERE colid='7'");
$db->query("UPDATE bb".$n."_teamsite_colorder SET colorder = '$_POST[id8]' WHERE colid='8'");
$db->query("UPDATE bb".$n."_teamsite_colorder SET colorder = '$_POST[id9]' WHERE colid='9'");
header("Location: teamsite.php?action=orderview&sid=$session[hash]");
exit();
}
// Ordenupload
if ($action == 'ordenup') {
if ($up == 'up') {
$zeitstempel = time();
$dateityp = GetImageSize($_FILES['orden']['tmp_name']);
$typ = '.gif';
if($dateityp[2] != 0)
{
move_uploaded_file($_FILES['orden']['tmp_name'], "../images/ts_images/".$zeitstempel."_orden".$typ);
} else {
eval("\$tpl->output(\"".$tpl->get("teamsite_upload_error", 1)."\",1);");
exit();
}
$image = $zeitstempel."_orden.gif";
// überprüfe grösse max 150 x 150 px
$imagesize = "../images/ts_images/".$zeitstempel."_orden.gif";
$size = getimagesize("$imagesize");
$breite = $size[1];
$hoehe = $size[0];
if (($breite >= '151')||($hoehe >= '151')) {
unlink("../images/ts_images/$image");
eval("\$tpl->output(\"".$tpl->get("teamsite_upload_error", 1)."\",1);");
exit();
}
$imagefull .= " <img src=\"images/ts_images/".$image."\" border=\"0\" />";
$db->unbuffered_query("INSERT bb".$n."_teamsite_image (imageid,userid,image,imageftp) VALUES ('LAST_INSERT_ID( '' )','$userid','$imagefull','$image')");
$haveorden = 1;
header("Location: teamsite.php?action=aufedit&sid=$session[hash]");
exit();
}
// Ordenbilder Delete
if ($del == 'del') {
$db->query("DELETE FROM bb".$n."_teamsite_image WHERE imageftp='$imagename'");
unlink("../images/ts_images/$imagename");
header("Location: teamsite.php?action=aufedit&sid=$session[hash]");
exit();
}
}
?>
|
