summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--includes/UserCVS.php4
-rw-r--r--includes/footer.php2
-rw-r--r--includes/pages/guest_credits.php5
-rw-r--r--includes/pages/guest_faq.php21
-rw-r--r--includes/pages/guest_login.php250
-rw-r--r--includes/pages/guest_start.php13
-rw-r--r--includes/sys_auth.php47
-rw-r--r--includes/sys_lang.php (renamed from includes/funktion_lang.php)1
-rw-r--r--includes/sys_menu.php72
-rw-r--r--includes/sys_mysql.php61
-rw-r--r--includes/sys_page.php9
-rw-r--r--includes/sys_template.php17
-rw-r--r--templates/guest_credits.html12
-rw-r--r--templates/guest_login_form.html22
-rw-r--r--templates/layout.html42
-rw-r--r--www-ssl/credits.php18
-rw-r--r--www-ssl/css/base.css18
-rw-r--r--www-ssl/index.php74
18 files changed, 656 insertions, 32 deletions
diff --git a/includes/UserCVS.php b/includes/UserCVS.php
index 98a4fec7..b7fb412c 100644
--- a/includes/UserCVS.php
+++ b/includes/UserCVS.php
@@ -20,8 +20,8 @@
}
// pagename ermitteln
- $Page["Name"] = basename($_SERVER['PHP_SELF']);
-// $Page["Name"] = str_replace($ENGEL_ROOT, '', $_SERVER['PHP_SELF']);
+// $Page["Name"] = basename($_SERVER['PHP_SELF']);
+ $Page["Name"] = str_replace($ENGEL_ROOT, '', $_SERVER['PHP_SELF']);
//recht fuer diese seite auslesen
if(isset($_SESSION['CVS'][$Page["Name"]]))
diff --git a/includes/footer.php b/includes/footer.php
index 8e5b35b9..fdf00581 100644
--- a/includes/footer.php
+++ b/includes/footer.php
@@ -4,7 +4,7 @@
<footer>
<p>
- &copy; copyleft | <a href="mailto:erzengel@lists.ccc.de">Kontakt</a> | <a href="<?php echo $ENGEL_ROOT; ?>credits.php">Credits</a><br />
+ &copy; copyleft | <a href="mailto:erzengel@lists.ccc.de">Contact</a> | <a href="<?php echo $ENGEL_ROOT; ?>credits.php">Credits</a><br />
This is hell. Temporarily.
</p>
</footer>
diff --git a/includes/pages/guest_credits.php b/includes/pages/guest_credits.php
new file mode 100644
index 00000000..89f68fde
--- /dev/null
+++ b/includes/pages/guest_credits.php
@@ -0,0 +1,5 @@
+<?php
+function guest_credits() {
+ return template_render('../templates/guest_credits.html', array ());
+}
+?> \ No newline at end of file
diff --git a/includes/pages/guest_faq.php b/includes/pages/guest_faq.php
new file mode 100644
index 00000000..6b5eeeeb
--- /dev/null
+++ b/includes/pages/guest_faq.php
@@ -0,0 +1,21 @@
+<?php
+function guest_faq() {
+ $html = "";
+ $faqs = sql_select("SELECT * FROM `FAQ`");
+ foreach ($faqs as $faq)
+ if ($faq['Antwort'] != "") {
+ list ($frage_de, $frage_en) = explode('<br />', $faq['Frage']);
+ list ($antwort_de, $antwort_en) = explode('<br />', $faq['Antwort']);
+ $html .= "<dl>";
+ if ($_SESSION['Sprache'] == "DE") {
+ $html .= "<dt>" . $frage_de . "</dt>";
+ $html .= "<dd>" . $antwort_de . "</dd>";
+ } else {
+ $html .= "<dt>" . $frage_en . "</dt>";
+ $html .= "<dd>" . $antwort_en . "</dd>";
+ }
+ $html .= "</dl>";
+ }
+ return $html;
+}
+?>
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php
new file mode 100644
index 00000000..76a473df
--- /dev/null
+++ b/includes/pages/guest_login.php
@@ -0,0 +1,250 @@
+<?php
+
+
+// Engel registrieren
+function guest_register() {
+ $html = "";
+ $success = "none";
+
+ if (isset ($_POST["send"])) {
+ $eNick = trim($_POST["Nick"]);
+
+ if ($_POST["Alter"] == "")
+ $_POST["Alter"] = 23;
+
+ // user vorhanden?
+ $Ergans = sql_select("SELECT UID FROM `User` WHERE `Nick`='" . sql_escape($_POST["Nick"]) . "'");
+
+ if (strlen($_POST["Nick"]) < 2)
+ $error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick2");
+ elseif (count($Ergans) > 0) $error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick3");
+ elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false) $error = Get_Text("makeuser_error_mail");
+ elseif (!is_numeric($_POST["Alter"])) $error = Get_Text("makeuser_error_Alter");
+ elseif ($_POST["Passwort"] != $_POST["Passwort2"]) $error = Get_Text("makeuser_error_password1");
+ elseif (strlen($_POST["Passwort"]) < 6) $error = Get_Text("makeuser_error_password2");
+ else {
+ $_POST["Passwort"] = PassCrypt($_POST["Passwort"]);
+ unset ($_POST["Passwort2"]);
+
+ $Erg = sql_query("INSERT INTO `User` (" .
+ "`Nick` , " . "`Name` , " .
+ "`Vorname`, " . "`Alter` , " .
+ "`Telefon`, " . "`DECT`, " .
+ "`Handy`, " . "`email`, " .
+ "`ICQ`, " . "`jabber`, " .
+ "`Size`, " . "`Passwort`, " .
+ "`Art` , " . "`kommentar`, " .
+ "`Hometown`," . "`CreateDate` ) " .
+ "VALUES ( " .
+ "'" . $_POST["Nick"] . "', " . "'" . $_POST["Name"] . "', " .
+ "'" . $_POST["Vorname"] . "', " . "'" . $_POST["Alter"] . "', " .
+ "'" . $_POST["Telefon"] . "', " . "'" . $_POST["DECT"] . "', " .
+ "'" . $_POST["Handy"] . "', " . "'" . $_POST["email"] . "', " .
+ "'" . $_POST["ICQ"] . "', " . "'" . $_POST["jabber"] . "', " .
+ "'" . $_POST["Size"] . "', " . "'" . $_POST["Passwort"] . "', " .
+ "'" . $_POST["Art"] . "', " . "'" . $_POST["kommentar"] . "', " .
+ "'" . $_POST["Hometown"] . "'," . "NOW())");
+
+ if ($Erg != 1) {
+ $html .= Get_Text("makeuser_error_write1") . "<br />\n";
+ $error = sql_error();
+ } else {
+ $html .= "<p class=\"success\">" . Get_Text("makeuser_writeOK") . "\n";
+
+ $SQL2 = "SELECT `UID` FROM `User` WHERE `Nick`='" . $_POST["Nick"] . "';";
+ $Erg2 = mysql_query($SQL2, $con);
+ $Data = mysql_fetch_array($Erg2);
+
+ $SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('" . $Data["UID"] . "');";
+ $Erg3 = mysql_query($SQL3, $con);
+
+ if ($Erg3 != 1) {
+ $html .= "<h1>" . Get_Text("makeuser_error_write2") . "<br />\n";
+ $error = mysql_error($con);
+ } else {
+ $html .= Get_Text("makeuser_writeOK2") . "<br />\n";
+ $html .= "<h1>" . Get_Text("makeuser_writeOK3") . "</h1>\n";
+ }
+
+ $html .= Get_Text("makeuser_writeOK4") . "</p><p></p>\n<br /><br />\n";
+ $success = "any";
+
+ if (isset ($SubscribeMailinglist)) {
+ if ($_POST["subscribe-mailinglist"] == "") {
+ $headers = "From: " . $_POST["email"] . "\r\n" .
+ "X-Mailer: PHP/" . phpversion();
+ mail($SubscribeMailinglist, "subject", "message", $headers);
+ }
+ }
+ }
+ }
+
+ if (isset ($error))
+ $html .= error($error);
+ } else {
+ // init vars
+ $_POST["Nick"] = "";
+ $_POST["Name"] = "";
+ $_POST["Vorname"] = "";
+ $_POST["Alter"] = "";
+ $_POST["Telefon"] = "";
+ $_POST["DECT"] = "";
+ $_POST["Handy"] = "";
+ $_POST["email"] = "";
+ $_POST["subscribe-mailinglist"] = "";
+ $_POST["ICQ"] = "";
+ $_POST["jabber"] = "";
+ $_POST["Size"] = "L";
+ $_POST["Art"] = "";
+ $_POST["kommentar"] = "";
+ $_POST["Hometown"] = "";
+ }
+
+ if ($success == "none") {
+ $html .= "<h1>" . Get_Text("makeuser_text0") . "</h1>\n";
+ $html .= "<h2>" . Get_Text("makeuser_text1") . "</h2>\n";
+ $html .= "<form action=\"\" method=\"post\">\n";
+ $html .= "<table>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_Nickname") . "*</td><td><input type=\"text\" size=\"40\" name=\"Nick\" value=\"" . $_POST["Nick"] . "\" /></td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_Nachname") . "</td><td><input type=\"text\" size=\"40\" name=\"Name\" value=\"" . $_POST["Name"] . "\" /></td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_Vorname") . "</td><td><input type=\"text\" size=\"40\" name=\"Vorname\" value=\"" . $_POST["Vorname"] . "\" /></td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_Alter") . "</td><td><input type=\"text\" size=\"40\" name=\"Alter\" value=\"" . $_POST["Alter"] . "\"></td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_Telefon") . "</td><td><input type=\"text\" size=\"40\" name=\"Telefon\" value=\"" . $_POST["Telefon"] . "\"></td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_DECT") . "</td><td><input type=\"text\" size=\"40\" name=\"DECT\" value=\"" . $_POST["DECT"] . "\"></td><td>\n";
+ $html .= "<!--a href=\"https://21c3.ccc.de/wiki/index.php/POC\"><img src=\"./pic/external.png\" alt=\"external: \">DECT</a--></td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_Handy") . "</td><td><input type=\"text\" size=\"40\" name=\"Handy\" value=\"" . $_POST["Handy"] . "\"></td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_E-Mail") . "*</td><td><input type=\"text\" size=\"40\" name=\"email\" value=\"" . $_POST["email"] . "\"></td></tr>\n";
+
+ if (isset ($SubscribeMailinglist))
+ $html .= "<tr><td>" . Get_Text("makeuser_subscribe-mailinglist") . "</td><td><input type=\"checkbox\" name=\"subscribe-mailinglist\" value=\"" . $_POST["subscribe-mailinglist"] . "\">($SubscribeMailinglist)</td></tr>\n";
+
+ $html .= "<tr><td>ICQ</td><td><input type=\"text\" size=\"40\" name=\"ICQ\" value=\"" . $_POST["ICQ"] . "\"></td></tr>\n";
+ $html .= "<tr><td>jabber</td><td><input type=\"text\" size=\"40\" name=\"jabber\" value=\"" . $_POST["jabber"] . "\"></td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_T-Shirt") . " Gr&ouml;sse*</td><td align=\"left\">\n";
+ $html .= "<select name=\"Size\">\n";
+ $html .= "<option value=\"S\"";
+ if ($_POST["Size"] == "S")
+ $html .= " selected";
+ $html .= ">S</option>\n";
+ $html .= "<option value=\"M\"";
+ if ($_POST["Size"] == "M")
+ $html .= " selected";
+ $html .= ">M</option>\n";
+ $html .= "<option value=\"L\"";
+ if ($_POST["Size"] == "L")
+ $html .= " selected";
+ $html .= ">L</option>\n";
+ $html .= "<option value=\"XL\"";
+ if ($_POST["Size"] == "XL")
+ $html .= " selected";
+ $html .= ">XL</option>\n";
+ $html .= "<option value=\"2XL\"";
+ if ($_POST["Size"] == "2XL")
+ $html .= " selected";
+ $html .= ">2XL</option>\n";
+ $html .= "<option value=\"3XL\"";
+ if ($_POST["Size"] == "3XL")
+ $html .= " selected";
+ $html .= ">3XL</option>\n";
+ $html .= "<option value=\"4XL\"";
+ if ($_POST["Size"] == "4XL")
+ $html .= " selected";
+ $html .= ">4XL</option>\n";
+ $html .= "<option value=\"5XL\"";
+ if ($_POST["Size"] == "5XL")
+ $html .= " selected";
+ $html .= ">5XL</option>\n";
+ $html .= "<option value=\"S-G\"";
+ if ($_POST["Size"] == "S-G")
+ $html .= " selected";
+ $html .= ">S Girl</option>\n";
+ $html .= "<option value=\"M-G\"";
+ if ($_POST["Size"] == "M-G")
+ $html .= " selected";
+ $html .= ">M Girl</option>\n";
+ $html .= "<option value=\"L-G\"";
+ if ($_POST["Size"] == "L-G")
+ $html .= " selected";
+ $html .= ">L Girl</option>\n";
+ $html .= "<option value=\"XL-G\"";
+ if ($_POST["Size"] == "XL-G")
+ $html .= " selected";
+ $html .= ">XL Girl</option>\n";
+ $html .= "</select>\n";
+ $html .= "</td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_Engelart") . "</td><td align=\"left\">\n";
+ $html .= "<select name=\"Art\">\n";
+
+ $engel_types = sql_select("SELECT * FROM `EngelType` ORDER BY `NAME`");
+ foreach ($engel_types as $engel_type) {
+ $Name = $engel_type['Name'] . Get_Text("inc_schicht_engel");
+ $html .= "<option value=\"" . $Name . "\"";
+
+ if ($_POST["Art"] == $Name)
+ $html .= " selected";
+
+ $html .= ">$Name</option>\n";
+ }
+
+ $html .= "</select>\n";
+ $html .= "</td>\n";
+ $html .= "</tr>\n";
+ $html .= "<tr>\n";
+ $html .= "<td>" . Get_Text("makeuser_text2") . "</td>\n";
+ $html .= "<td><textarea rows=\"5\" cols=\"40\" name=\"kommentar\">" . $_POST["kommentar"] . "</textarea></td>\n";
+ $html .= "</tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_Hometown") . "</td><td><input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $_POST["Hometown"] . "\"></td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_Passwort") . "*</td><td><input type=\"password\" size=\"40\" name=\"Passwort\"/></td></tr>\n";
+ $html .= "<tr><td>" . Get_Text("makeuser_Passwort2") . "*</td><td><input type=\"password\" size=\"40\" name=\"Passwort2\"/></td></tr>\n";
+ $html .= "<tr><td>&nbsp;</td><td><input type=\"submit\" name=\"send\" value=\"" . Get_Text("makeuser_Anmelden") . "\"/></td></tr>\n";
+ $html .= "</table>\n";
+ $html .= "</form>\n";
+ $html .= Get_Text("makeuser_text3");
+ }
+ return $html;
+}
+
+function guest_logout() {
+ unset ($_SESSION['uid']);
+ header("Location: " . page_link_to("start"));
+}
+
+function guest_login() {
+ global $user;
+ unset ($_SESSION['uid']);
+
+ $html = "";
+ if (isset ($_REQUEST['login_submit'])) {
+ $login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST["user"]) . "'");
+
+ if (count($login_user) == 1) { // Check, ob User angemeldet wird...
+ $login_user = $login_user[0];
+ if ($login_user["Passwort"] == PassCrypt($_REQUEST["password"])) { // Passwort ok...
+ $_SESSION['uid'] = $login_user['UID'];
+ $_SESSION['Sprache'] = $login_user['Sprache'];
+ header("Location: " . page_link_to("news"));
+ } else { // Passwort nicht ok...
+ $ErrorText = "pub_index_pass_no_ok";
+ } // Ende Passwort-Check
+ } else { // Anzahl der User in User-Tabelle <> 1 --> keine Anmeldung
+ if ($user_anz == 0)
+ $ErrorText = "pub_index_User_unset";
+ else
+ $ErrorText = "pub_index_User_more_as_one";
+ } // Ende Check, ob User angemeldet wurde}
+ }
+ if (isset ($ErrorText))
+ $html .= error(Get_Text($ErrorText));
+ $html .= guest_login_form();
+ return $html;
+}
+
+function guest_login_form() {
+ return template_render("../templates/guest_login_form.html", array (
+ 'link' => page_link_to("login"),
+ 'nick' => Get_Text("index_lang_nick"),
+ 'pass' => Get_Text("index_lang_pass"),
+ 'send' => Get_Text("index_lang_send")
+ ));
+}
+?> \ No newline at end of file
diff --git a/includes/pages/guest_start.php b/includes/pages/guest_start.php
new file mode 100644
index 00000000..286511f2
--- /dev/null
+++ b/includes/pages/guest_start.php
@@ -0,0 +1,13 @@
+<?php
+function guest_start() {
+ require_once ('includes/pages/guest_login.php');
+ $html = "<p>" . Get_Text("index_text1") . "</p>\n";
+ $html .= "<p>" . Get_Text("index_text2") . "</p>\n";
+ $html .= "<p>" . Get_Text("index_text3") . "</p>\n";
+
+ $html .= guest_login_form();
+
+ $html .= "<h6>" . Get_Text("index_text4") . "</h6>";
+ return $html;
+}
+?> \ No newline at end of file
diff --git a/includes/sys_auth.php b/includes/sys_auth.php
new file mode 100644
index 00000000..1c15122e
--- /dev/null
+++ b/includes/sys_auth.php
@@ -0,0 +1,47 @@
+<?php
+
+
+// Testet ob ein User eingeloggt ist und lädt die entsprechenden Privilegien
+function load_auth() {
+ global $user;
+
+ $user = null;
+ if (isset ($_SESSION['uid'])) {
+ $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_SESSION['uid']) . " LIMIT 1");
+ if (count($user) > 0) {
+ // User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
+ list ($user) = $user;
+ sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . $_SESSION['uid'] . "' LIMIT 1;");
+ } else
+ unset ($_SESSION['uid']);
+ }
+
+ load_privileges();
+}
+
+function load_privileges() {
+ global $privileges, $user;
+
+ $privileges = array ();
+ if (isset ($user)) {
+ $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($user['UID']) . ";");
+ foreach ($user_privs as $user_priv)
+ $privileges[] = $user_priv['name'];
+ } else {
+ $guest_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=-1;");
+ foreach ($guest_privs as $guest_priv)
+ $privileges[] = $guest_priv['name'];
+ }
+}
+
+function PassCrypt($passwort) {
+ global $crypt_system;
+
+ switch ($crypt_system) {
+ case "crypt" :
+ return "{crypt}" . crypt($passwort, "77");
+ case "md5" :
+ return md5($passwort);
+ }
+}
+?> \ No newline at end of file
diff --git a/includes/funktion_lang.php b/includes/sys_lang.php
index 3e26ea33..833d00b8 100644
--- a/includes/funktion_lang.php
+++ b/includes/sys_lang.php
@@ -16,7 +16,6 @@ function Get_Text($TextID, $NoError = false) {
return (@ mysql_result($Erg, 0, "Text"));
elseif ($NoError && !$debug) return "";
else {
- array_push($error_messages, "Get_Text, '$TextID' found " . mysql_num_rows($Erg) . "x in Sprache Database Table for Language (" . $_SESSION['Sprache'] . ")\n");
return "Error Data, '$TextID' found " . mysql_num_rows($Erg) . "x";
}
}
diff --git a/includes/sys_menu.php b/includes/sys_menu.php
new file mode 100644
index 00000000..8c993d1b
--- /dev/null
+++ b/includes/sys_menu.php
@@ -0,0 +1,72 @@
+<?php
+function page_link_to($page) {
+ return '?p=' . $page;
+}
+
+function make_navigation() {
+ global $p;
+ global $privileges;
+ $menu_items = $privileges;
+ $menu_items[] = "faq";
+
+ $menu = '<nav class="container"><h4>' . Get_Text('/') . '</h4><ul class="content">';
+ foreach ($menu_items as $item)
+ $menu .= '<li' . ($item == $p ? ' class="selected"' : '') . '><a href="' . page_link_to($item) . '">' . Get_Text($item) . '</a></li>';
+ $menu .= '</ul></nav>';
+ return $menu;
+}
+
+function make_menu() {
+ return make_navigation() . make_onlineusers() . make_langselect();
+}
+
+function make_onlineusers() {
+ global $privileges, $user;
+ $html = '<nav class="container"><h4>Engel online</h4>';
+
+ $query = "SELECT UID, Nick, lastLogIn " . "FROM User " . "WHERE (`lastLogIn` > '" . (time() - 60 * 60) . "') " . "ORDER BY lastLogIn DESC";
+ $users = sql_select($query);
+
+ if (count($users) > 0) {
+ $html .= "<ul class=\"content\">";
+
+ foreach ($users as $online_user) {
+ if (isset ($user) && $online_user['UID'] == $user['UID'])
+ continue;
+
+ $html .= "<li>";
+
+ if (isset ($user))
+ $html .= DisplayAvatar($online_user['UID']);
+
+ // Show Admin Page
+ if (in_array("admin_user_edit", $privileges)) {
+ $html .= '<a href="admin/userChangeNormal.php?enterUID=' . $online_user['UID'] . '&Type=Normal">' . $online_user['Nick'] . '</a>';
+ } else {
+ $html .= $online_user['Nick'];
+ }
+ $last_action = time() - $online_user['lastLogIn'];
+
+ $html .= " " . date("i:s", $last_action);
+ $html .= "</li>\n";
+ }
+
+ $html .= "</ul>";
+ } else {
+ $html .= '<p class="content">Nobody...</p>';
+ }
+ $html .= '</nav>';
+ return $html;
+}
+
+function make_langselect() {
+ if (strpos($_SERVER["REQUEST_URI"], "?") > 0)
+ $URL = $_SERVER["REQUEST_URI"] . "&SetLanguage=";
+ else
+ $URL = $_SERVER["REQUEST_URI"] . "?SetLanguage=";
+
+ $html = '<p class="content"><a class="sprache" href="' . $URL . 'DE"><img src="pic/flag/de.png" alt="DE" title="Deutsch"></a>';
+ $html .= '<a class="sprache" href="' . $URL . 'EN"><img src="pic/flag/en.png" alt="EN" title="English"></a></p>';
+ return '<nav class="container"><h4>' . Get_Text("Sprache") . '</h4>' . $html . '</nav>';
+}
+?> \ No newline at end of file
diff --git a/includes/sys_mysql.php b/includes/sys_mysql.php
new file mode 100644
index 00000000..c076be7c
--- /dev/null
+++ b/includes/sys_mysql.php
@@ -0,0 +1,61 @@
+<?php
+function sql_connect($host, $user, $pw, $db) {
+ global $con;
+ global $host;
+
+ @ $con = mysql_connect($host, $user, $pw);
+
+ if ($con == null)
+ die("no mysql-connection");
+
+ if (!mysql_select_db($db, $con))
+ die("mysql db-selection failed");
+
+ mysql_query("SET CHARACTER SET utf8;", $con);
+ mysql_query("SET NAMES 'utf8'", $con);
+}
+
+// Do select query
+function sql_select($query) {
+ global $con;
+ $start = microtime(true);
+ if ($result = mysql_query($query, $con)) {
+ $data = array ();
+ while ($line = mysql_fetch_assoc($result)) {
+ array_push($data, $line);
+ }
+ return $data;
+ } else {
+ die('MySQL-query error: ' . $query . ", " . mysql_error($con));
+ }
+}
+
+// Execute a query
+function sql_query($query) {
+ global $con;
+ $start = microtime(true);
+ if ($result = mysql_query($query, $con)) {
+ return $result;
+ } else {
+ die('MySQL-query error: ' . $query . ", " . mysql_error($con));
+ }
+}
+
+function sql_id() {
+ global $con;
+ return mysql_insert_id($con);
+}
+
+function sql_escape($query) {
+ return mysql_real_escape_string($query);
+}
+
+function sql_num_query($query) {
+ return mysql_num_rows(sql_query($query));
+}
+
+function sql_error() {
+ global $con;
+ return mysql_error($con);
+}
+?>
diff --git a/includes/sys_page.php b/includes/sys_page.php
new file mode 100644
index 00000000..ab8b05e2
--- /dev/null
+++ b/includes/sys_page.php
@@ -0,0 +1,9 @@
+<?php
+function error($msg) {
+ return '<p class="error">' . $msg . '</p>';
+}
+
+function success($msg) {
+ return '<p class="success">' . $msg . '</p>';
+}
+?> \ No newline at end of file
diff --git a/includes/sys_template.php b/includes/sys_template.php
new file mode 100644
index 00000000..ab613c07
--- /dev/null
+++ b/includes/sys_template.php
@@ -0,0 +1,17 @@
+<?php
+
+
+// Load and render template
+function template_render($file, $data) {
+ if (file_exists($file)) {
+ $template = file_get_contents($file);
+ if (is_array($data))
+ foreach ($data as $name => $content) {
+ $template = str_replace("%" . $name . "%", $content, $template);
+ }
+ return $template;
+ } else {
+ die('Cannot find template file &laquo;' . $file . '&raquo;.');
+ }
+}
+?> \ No newline at end of file
diff --git a/templates/guest_credits.html b/templates/guest_credits.html
new file mode 100644
index 00000000..a248d431
--- /dev/null
+++ b/templates/guest_credits.html
@@ -0,0 +1,12 @@
+<h2>The angelsystem has been (re)done by:</h2>
+<ul>
+ <li>
+ ?
+ </li>
+ <li>
+ helios
+ </li>
+ <li>
+ msquare
+ </li>
+</ul>
diff --git a/templates/guest_login_form.html b/templates/guest_login_form.html
new file mode 100644
index 00000000..c0cef263
--- /dev/null
+++ b/templates/guest_login_form.html
@@ -0,0 +1,22 @@
+<form action="%link%" method="post">
+ <table>
+ <tr>
+ <td align="right">
+ %nick%
+ </td>
+ <td>
+ <input type="text" name="user" size="23" />
+ </td>
+ </tr>
+ <tr>
+ <td align="right">
+ %pass%
+ </td>
+ <td>
+ <input type="password" name="password" size="23">
+ </td>
+ </tr>
+ </table>
+ <br/>
+ <input type="submit" name="login_submit" value="%send%">
+</form> \ No newline at end of file
diff --git a/templates/layout.html b/templates/layout.html
new file mode 100644
index 00000000..0eb67e5b
--- /dev/null
+++ b/templates/layout.html
@@ -0,0 +1,42 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <title>%title% - Engelsystem</title>
+ <meta charset="UTF-8" />
+ <meta http-equiv="content-type" content="text/html;charset=utf-8" />
+ <meta name="content-style-type" content="text/css" />
+ <meta name="keywords" content="Engel, Himmelsverwaltung" />
+ <meta http-equiv="Content-Style-Type" content="text/css" />
+ <meta http-equiv="expires" content="0" />
+ <meta name="robots" content="index" />
+ <meta name="revisit-after" content="1 days" />
+ <script type="text/javascript" src="css/grossbild.js">
+ </script>
+ <link rel="stylesheet" type="text/css" href="css/base.css" />
+ <link rel="stylesheet" type="text/css" href="css/style%theme%.css" />
+ </head>
+ <body class="background">
+ <header>
+ <a href="?" id="logo"></a>
+ </header>
+ <div id="body">
+ <div id="menu">
+ %menu%
+ </div>
+ <div id="content" class="container">
+ <h1>%title%</h1>
+ <article class="content">
+ %content%
+ </article>
+ </div>
+ </div>
+ <footer>
+ <p>
+ &copy; copyleft | <a href="mailto:erzengel@lists.ccc.de">Contact</a>
+ | <a href="?p=credits">Credits</a>
+ <br/>
+ This is hell. Temporarily.
+ </p>
+ </footer>
+ </body>
+</html>
diff --git a/www-ssl/credits.php b/www-ssl/credits.php
deleted file mode 100644
index bbfa747d..00000000
--- a/www-ssl/credits.php
+++ /dev/null
@@ -1,18 +0,0 @@
-<?php
-require_once ('bootstrap.php');
-
-$title = "Credits";
-$header = "Credits";
-include "includes/header.php";
-?>
-<h1>The angelsystem has been (re)done by:</h1>
-<ul>
- <li>?</li>
- <li>helios</li>
- <li>msquare</li>
-</ul>
-<?php
-
-
-include "includes/footer.php";
-?>
diff --git a/www-ssl/css/base.css b/www-ssl/css/base.css
index 6c0bc298..808fb512 100644
--- a/www-ssl/css/base.css
+++ b/www-ssl/css/base.css
@@ -81,8 +81,16 @@ nav {
padding: 10px;
}
+p {
+ padding: 0 0 10px 0;
+}
+
+#menu p {
+ padding: 4px;
+}
+
a.sprache img {
- margin: 5px;
+ margin-right: 5px;
}
.background {
@@ -96,3 +104,11 @@ a.sprache img {
.content {
background: #fff;
}
+
+.error {
+ color: #f00;
+}
+
+.success {
+ color: #090;
+}
diff --git a/www-ssl/index.php b/www-ssl/index.php
index cdec1559..5126981c 100644
--- a/www-ssl/index.php
+++ b/www-ssl/index.php
@@ -1,17 +1,73 @@
<?php
require_once ('bootstrap.php');
+require_once ('includes/sys_auth.php');
+require_once ('includes/sys_lang.php');
+require_once ('includes/sys_menu.php');
+require_once ('includes/sys_mysql.php');
+require_once ('includes/sys_page.php');
+require_once ('includes/sys_template.php');
-$title = "Start";
-$header = "Start";
-include "includes/header.php";
+require_once ('config/config.php');
+require_once ('config/config_db.php');
-echo "<p>" . Get_Text("index_text1") . "</p>\n";
-echo "<p>" . Get_Text("index_text2") . "</p>\n";
-echo "<p>" . Get_Text("index_text3") . "</p>\n";
+session_start();
-include "includes/login_eingabefeld.php";
+sql_connect($config['host'], $config['user'], $config['pw'], $config['db']);
-echo "<h6>" . Get_Text("index_text4") . "</h6>";
+load_auth();
-include "includes/footer.php";
+// Gewünschte Seite/Funktion
+$p = "start";
+if (isset ($_REQUEST['p']))
+ $p = $_REQUEST['p'];
+
+$title = Get_Text($p);
+$content = "";
+
+// Recht dafür vorhanden?
+if (in_array($p, $privileges)) {
+ if ($p == "news") {
+ //require_once ('includes/pages/user_news.php');
+ $content = "news";
+ }
+ elseif ($p == "login") {
+ require_once ('includes/pages/guest_login.php');
+ $content = guest_login();
+ }
+ elseif ($p == "register") {
+ require_once ('includes/pages/guest_login.php');
+ $content = guest_register();
+ }
+ elseif ($p == "logout") {
+ require_once ('includes/pages/guest_login.php');
+ $content = guest_logout();
+ } else {
+ require_once ('includes/pages/guest_start.php');
+ $content = guest_start();
+ }
+}
+elseif ($p == "credits") {
+ require_once ('includes/pages/guest_credits.php');
+ $content = guest_credits();
+}
+elseif ($p == "faq") {
+ require_once ('includes/pages/guest_faq.php');
+ $content = guest_faq();
+} else {
+ // Wenn schon eingeloggt, keine-Berechtigung-Seite anzeigen
+ if (isset ($user)) {
+ $title = Get_Text("no_access_title");
+ $content = Get_Text("no_access_text");
+ } else {
+ // Sonst zur Loginseite leiten
+ header("Location: " . page_link_to("login"));
+ }
+}
+
+echo template_render('../templates/layout.html', array (
+ 'theme' => isset ($user) ? $user['color'] : $default_theme,
+ 'title' => $title,
+ 'menu' => make_menu(),
+ 'content' => $content
+));
?>