'); } } @chmod($filepath.$avatar[name].".tmp", 0755); $info = getimagesize($filepath.$avatar[name].".tmp"); if($info[0] < 91 && $info[1] < 91) { if($info[2] == 2) { $pic=$id.'.jpg'; if(file_exists($filepath.$pic)) @unlink($filepath.$pic); if(file_exists($filepath.$id.'.gif')) @unlink($filepath.$id.'.gif'); rename($filepath.$avatar[name].".tmp", $filepath.$pic); safe_query("UPDATE ".PREFIX."user SET avatar='$pic' WHERE userID='".$_POST['id']."' "); } elseif($info[2] == 1) { $pic=$id.'.gif'; if(file_exists($filepath.$pic)) @unlink($filepath.$pic); if(file_exists($filepath.$id.'.jpg')) @unlink($filepath.$id.'.jpg'); rename($filepath.$avatar[name].".tmp", $filepath.$pic); safe_query("UPDATE ".PREFIX."user SET avatar='$pic' WHERE userID='".$_POST['id']."' "); } else { if(unlink($filepath.$avatar[name].".tmp")) { $error = "invalid picture-format (allowed: gif or jpg)"; die('ERROR: '.$error.'

'); } else { $error = "upload failed"; die('ERROR: '.$error.'

'); } } } else { @unlink($filepath.$avatar[name].".tmp"); $error = "picture is to big max 67/90px"; die('ERROR: '.$error.'

'); } } //userpic $filepath = "../images/userpics/"; if ($userpic[name] != "" OR ($_POST['userpic_url'] != "" AND $_POST['userpic_url'] != "http://")) { if($userpic[name] != "") { move_uploaded_file($userpic[tmp_name], $filepath.$userpic[name].".tmp"); } else { $userpic[name] = strrchr($_POST['userpic_url'],"/"); if(!copy($_POST['userpic_url'],$filepath.$userpic[name].".tmp")) { $error = "can not copy file from server"; die('ERROR: '.$error.'

'); } } @chmod($filepath.$userpic[name].".tmp", 0755); $info = getimagesize($filepath.$userpic[name].".tmp"); if($info[0] < 231 && $info[1] < 211) { if($info[2] == 2) { $pic=$id.'.jpg'; if(file_exists($filepath.$pic)) @unlink($filepath.$pic); if(file_exists($filepath.$id.'.gif')) @unlink($filepath.$id.'.gif'); rename($filepath.$userpic[name].".tmp", $filepath.$pic); safe_query("UPDATE ".PREFIX."user SET userpic='$pic' WHERE userID='".$_POST['id']."' "); } elseif($info[2] == 1) { $pic=$id.'.gif'; if(file_exists($filepath.$pic)) @unlink($filepath.$pic); if(file_exists($filepath.$id.'.jpg')) @unlink($filepath.$id.'.jpg'); rename($filepath.$userpic[name].".tmp", $filepath.$pic); safe_query("UPDATE ".PREFIX."user SET userpic='$pic' WHERE userID='".$_POST['id']."' "); } else { if(unlink($filepath.$userpic[name].".tmp")) { $error = "invalid picture-format (allowed: gif or jpg)"; die('ERROR: '.$error.'

'); } else { $error = "upload failed"; die('ERROR: '.$error.'

'); } } } else { @unlink($filepath.$userpic[name].".tmp"); $error = "picture is to big max 67/90px"; die('ERROR: '.$error.'

'); } } safe_query("UPDATE ".PREFIX."user SET nickname='".mysql_escape_string($_POST['nickname'])."', email='".mysql_escape_string($_POST['email'])."', firstname='".mysql_escape_string($_POST['firstname'])."', lastname='".mysql_escape_string($_POST['lastname'])."', town='".mysql_escape_string($_POST['town'])."', icq='".mysql_escape_string($_POST['icq'])."', usertext='".mysql_escape_string($_POST['usertext'])."', clantag='".mysql_escape_string($_POST['clantag'])."', clanname='".mysql_escape_string($_POST['clanname'])."', clanhp='".mysql_escape_string($_POST['clanhp'])."', clanirc='".mysql_escape_string($_POST['clanirc'])."', clanhistory='".mysql_escape_string($_POST['clanhistory'])."', cpu='".mysql_escape_string($_POST['cpu'])."', mainboard='".mysql_escape_string($_POST['mainboard'])."', ram='".mysql_escape_string($_POST['ram'])."', monitor='".mysql_escape_string($_POST['monitor'])."', graphiccard='".mysql_escape_string($_POST['graphiccard'])."', soundcard='".mysql_escape_string($_POST['soundcard'])."', verbindung='".mysql_escape_string($_POST['connection'])."', keyboard='".mysql_escape_string($_POST['keyboard'])."', mouse='".mysql_escape_string($_POST['mouse'])."', mousepad='".mysql_escape_string($_POST['mousepad'])."', homepage='".mysql_escape_string($_POST['homepage'])."', about='".mysql_escape_string($_POST['about'])."' WHERE userID='".$_POST['id']."' "); if($_POST['avatar']) { safe_query("UPDATE ".PREFIX."user SET avatar='' WHERE userID='".$_POST['id']."'"); @unlink('../images/avatars/'.$_POST['id'].'.jpg'); @unlink('../images/avatars/'.$_POST['id'].'.gif'); } if($_POST['userpic']) { safe_query("UPDATE ".PREFIX."user SET userpic='' WHERE userID='".$_POST['id']."'"); @unlink('../images/userpics/'.$_POST['id'].'.jpg'); @unlink('../images/userpics/'.$_POST['id'].'.gif'); } } elseif($_GET['banish']) { $id = $_GET['id']; if(!issuperadmin($id) OR (issuperadmin($id) AND issuperadmin($userID))) safe_query("UPDATE ".PREFIX."user SET banned='1' WHERE userID='$id'"); } elseif($_GET['unbanish']) { $id = $_GET['id']; safe_query("UPDATE ".PREFIX."user SET banned='0' WHERE userID='$id'"); } elseif($_GET['action']=="activate") { $id = $_GET['id']; safe_query("UPDATE ".PREFIX."user SET activated='1' WHERE userID='$id'"); } elseif($_POST['newuser']) { $anz = mysql_num_rows(safe_query("SELECT userID FROM ".PREFIX."user WHERE username='".$_POST['username']."'")); if(!$anz) safe_query("INSERT INTO ".PREFIX."user ( username, nickname, password, registerdate) VALUES( '".$_POST['username']."', '".$_POST['username']."', '".md5($_POST['pass'])."', '".time()."') "); } elseif($_GET['delete']) { $id = $_GET['id']; if(!issuperadmin($id) OR (issuperadmin($id) AND issuperadmin($userID))) { safe_query("DELETE FROM ".PREFIX."forum_moderators WHERE userID='$id'"); mysql_query("DELETE FROM ".PREFIX."messenger WHERE touser='$id'"); safe_query("DELETE FROM ".PREFIX."squads_members WHERE userID='$id'"); mysql_query("DELETE FROM ".PREFIX."upcoming_announce WHERE userID='$id'"); safe_query("DELETE FROM ".PREFIX."user WHERE userID='$id'"); safe_query("DELETE FROM ".PREFIX."user_groups WHERE userID='$id'"); $userfiles=Array('../images/avatars/'.$id.'.jpg', '../images/avatars/'.$id.'.gif', '../images/userpics/'.$id.'.jpg', '../images/userpics/'.$id.'.gif'); foreach($userfiles as $file) { if(file_exists($file)) unlink($file); } } } if($_GET['action']=="addtoclan") { echo'

add to clan

'; $id = $_GET['id']; $nickname=getnickname($id); $squads=getsquads(); echo'
Nickname:'.$nickname.'
Squad:
Position:
Activity:active inactive
'; } elseif($_GET['action']=="adduser") { echo'
New User
Username:
Password:
'; } elseif($_GET['action']=="profile") { echo'

Edit profile

'; $id = $_GET['id']; $ds = mysql_fetch_array(safe_query("SELECT * FROM ".PREFIX."user WHERE userID='$id'")); echo'
User-ID:'.$ds[userID].'

General
Nickname:
E-Mail:

Pictures
Avatar:
Userpic:

Personal
Firstname:
Lastname:
Town:
ICQ:
Homepage:
Signatur:
About:

Various
Clantag:
Clanname:
Clan-HP:
Clan-IRC:
Clan-History:
CPU:
Mainboard:
RAM:
Monitor:
Graphic:
Sound:
Connection:
Keyboard:
Mouse:
Mousepad:
  Delete Avatar
  Delete Userpic
'; } else { $search = $_POST['search']; $page = $_GET['page']; $type = $_GET['type']; $sort = $_GET['sort']; if($search) $alle = safe_query("SELECT userID FROM ".PREFIX."user WHERE nickname LIKE '$search'"); else $alle = safe_query("SELECT userID FROM ".PREFIX."user"); $gesamt = mysql_num_rows($alle); $pages=1; if(!isset($page)) $page = 1; if(!isset($sort)) $sort="nickname"; if(!isset($type)) $type = "DESC"; $max=$maxusers; for ($n=$max; $n<=$gesamt; $n+=$max) { if($gesamt>$n) $pages++; } if($pages>1) { $page_link = makepagelink("admincenter.php?site=users&sort=$sort&type=$type&search=$search", $page, $pages); $page_link = str_replace('images/', '../images/', $page_link); } if ($page == "1") { if($search) $ergebnis = safe_query("SELECT * FROM ".PREFIX."user WHERE nickname LIKE '$search' ORDER BY $sort $type LIMIT 0,$max"); else $ergebnis = safe_query("SELECT * FROM ".PREFIX."user ORDER BY $sort $type LIMIT 0,$max"); if($type=="DESC") $n=$gesamt; else $n=1; } else { $start=$page*$max-$max; if($search) $ergebnis = safe_query("SELECT * FROM ".PREFIX."user WHERE nickname LIKE '$search' ORDER BY $sort $type LIMIT $start,$max"); else $ergebnis = safe_query("SELECT * FROM ".PREFIX."user ORDER BY $sort $type LIMIT $start,$max"); if($type=="DESC") $n = ($gesamt)-$page*$max+$max; else $n = ($gesamt+1)-$page*$max+$max; } echo'

users

'; $anz=mysql_num_rows($ergebnis); if($anz) { if($type=="ASC") $sorter='Sort:    '; else $sorter='Sort:    '; echo'
'.$sorter.' '.$page_link.' Nickname: us% will find user
'.$gesamt.' users selected
'; echo'
'; $n=1; while($ds=mysql_fetch_array($ergebnis)) { $id=$ds[userID]; $nickname=getnickname($ds[userID]); $replaced_search=str_replace("%", "", $search); $nickname=str_replace($replaced_search, ''.$replaced_search.'', $nickname); $nickname=''.$nickname.''; if(isclanmember($ds[userID])) $status='Clanmember'; else $status=''; $registered=date("d.m.Y - H:i", $ds[registerdate]); if(isbanned($ds[userID])) $banned=''; else $banned=''; if($ds['activated']=="1") $actions = ''; else $actions = ''; echo''; } echo'
Registered since: Nickname: Status: Banned: Actions:
'.$registered.' '.$nickname.' '.$status.' '.$banned.' '.$actions.'

Add user'; } else echo'no users found'; } ?>