summaryrefslogtreecommitdiff
path: root/nonpublic/einstellungen.php
diff options
context:
space:
mode:
Diffstat (limited to 'nonpublic/einstellungen.php')
-rwxr-xr-xnonpublic/einstellungen.php66
1 files changed, 32 insertions, 34 deletions
diff --git a/nonpublic/einstellungen.php b/nonpublic/einstellungen.php
index 36fa76a7..214593ae 100755
--- a/nonpublic/einstellungen.php
+++ b/nonpublic/einstellungen.php
@@ -4,12 +4,10 @@ $header = "Deine persönlichen Einstellungen";
include ("./inc/header.php");
include ("./inc/crypt.php");
-if (!IsSet($action)) {
-
-echo Get_Text(1).$_SESSION['Nick'].",<br>\n\n";
-
-Print_Text(13);
-
+if (!IsSet($_POST["action"]))
+{
+ echo Get_Text(1).$_SESSION['Nick'].",<br>\n\n";
+ Print_Text(13);
?>
<hr width=\"100%\">
<? Print_Text("pub_einstellungen_Text_UserData");?>
@@ -115,17 +113,16 @@ Print_Text(13);
//$ANZ_AVATAR= shell_exec("ls ".$_SERVER["DOCUMENT_ROOT"].$ENGEL_ROOT."inc/avatar/ | wc -l");
$ANZ_AVATAR= shell_exec("ls inc/avatar/ | wc -l");
-
?>
<select name="eAvatar" onChange="document.avatar.src = './inc/avatar/avatar' + this.value + '.gif'"
onKeyup= "document.avatar.src = './inc/avatar/avatar' + this.value + '.gif'">
- <option value="0" name="eAvatar" <?php if ($_SESSION['Avatar'] == $i) { echo " selected"; } ?>> <?PHP Print_Text(24); ?> </option>
<?php
- for ($i=1; $i <= $ANZ_AVATAR; $i++ ){
- echo "\t\t\t\t<option value=\"$i\"";
- if ($_SESSION['Avatar'] == $i) { echo " selected"; }
- echo ">avatar$i</option>\n";
+ for ($i=1; $i <= $ANZ_AVATAR; $i++ )
+ {
+ echo "\t\t\t\t<option value=\"$i\"";
+ if ($_SESSION['Avatar'] == $i) { echo " selected"; }
+ echo ">avatar$i</option>\n";
}
echo "\n";
?>
@@ -141,17 +138,18 @@ $ANZ_AVATAR= shell_exec("ls inc/avatar/ | wc -l");
} else {
-switch ($action) {
+switch ($_POST["action"]) {
case 'set':
- if ($new1==$new2){
+ if ($_POST["new1"]==$_POST["new2"]){
Print_Text(25);
$sql = "select * from User where UID=".$_SESSION['UID'];
$Erg = mysql_query($sql, $con);
- if (PassCrypt($old)==mysql_result($Erg, $i, "Passwort")) {
+ if (PassCrypt($_POST["old"])==mysql_result($Erg, 0, "Passwort")) {
Print_Text(26);
Print_Text(27);
- $usql = "update User set Passwort='".PassCrypt($new1)."' where UID=".$_SESSION['UID']." limit 1";
+ $usql = "update User set Passwort='".PassCrypt($_POST["new1"])."' ".
+ "where UID=".$_SESSION['UID']." limit 1";
$Erg = mysql_query($usql, $con);
if ($Erg==1) {
Print_Text(28);
@@ -168,9 +166,9 @@ case 'set':
case 'colour':
- $chsql="Update User set color= \"$colourid\" where UID = \"".$_SESSION['UID']."\" limit 1";
+ $chsql="Update User set color= \"". $_POST["colourid"]. "\" where UID = \"".$_SESSION['UID']."\" limit 1";
$Erg = mysql_query($chsql, $con);
- $_SESSION['color']=$colourid;
+ $_SESSION['color']=$_POST["colourid"];
if ($Erg==1) {
Print_Text(32);
} else {
@@ -181,9 +179,9 @@ case 'colour':
case 'sprache':
- $chsql="Update User set Sprache = \"$language\" where UID = \"".$_SESSION['UID']."\" limit 1";
+ $chsql="Update User set Sprache = \"". $_POST["language"]. "\" where UID = \"".$_SESSION['UID']."\" limit 1";
$Erg = mysql_query($chsql, $con);
- $_SESSION['Sprache']=$language;
+ $_SESSION['Sprache']=$_POST["language"];
if ($Erg==1) {
Print_Text(33);
} else {
@@ -192,11 +190,10 @@ case 'sprache':
break;
-
case 'avatar':
- $chsql="Update User set Avatar = \"$eAvatar\" where UID = \"".$_SESSION['UID']."\" limit 1";
+ $chsql="Update User set Avatar = \"". $_POST["eAvatar"]. "\" where UID = \"". $_SESSION['UID']. "\" limit 1";
$Erg = mysql_query($chsql, $con);
- $_SESSION['Avatar']=$eAvatar;
+ $_SESSION['Avatar']=$_POST["eAvatar"];
if ($Erg==1) {
Print_Text(34);
} else {
@@ -206,22 +203,23 @@ case 'avatar':
case 'setUserData':
$chsql= "UPDATE User SET ".
- "`Nick`='$eNick', `Name`='$eName', `Vorname`='$eVorname', ".
- "`Alter`='$eAlter', `Telefon`='$eTelefon', `Handy`='$eHandy', ".
- "`DECT`='$eDECT', `email`='$eemail' ".
+ "`Nick`='". $_POST["eNick"]. "', `Name`='". $_POST["eName"]. "', ".
+ "`Vorname`='". $_POST["eVorname"]. "', `Alter`='". $_POST["eAlter"]. "', ".
+ "`Telefon`='". $_POST["eTelefon"]. "', `Handy`='". $_POST["eHandy"]. "', ".
+ "`DECT`='". $_POST["eDECT"]. "', `email`='". $_POST["eemail"]. "' ".
"WHERE UID='". $_SESSION['UID']. "' LIMIT 1;";
$Erg = mysql_query($chsql, $con);
if ($Erg==1)
{
- $_SESSION['Nick'] = $eNick;
- $_SESSION['Name'] = $eName;
- $_SESSION['Vorname'] = $eVorname;
- $_SESSION['Alter'] = $eAlter;
- $_SESSION['Telefon'] = $eTelefon;
- $_SESSION['Handy'] = $eHandy;
- $_SESSION['DECT'] = $eDECT;
- $_SESSION['email'] = $eemail;
+ $_SESSION['Nick'] = $_POST["eNick"];
+ $_SESSION['Name'] = $_POST["eName"];
+ $_SESSION['Vorname'] = $_POST["eVorname"];
+ $_SESSION['Alter'] = $_POST["eAlter"];
+ $_SESSION['Telefon'] = $_POST["eTelefon"];
+ $_SESSION['Handy'] = $_POST["eHandy"];
+ $_SESSION['DECT'] = $_POST["eDECT"];
+ $_SESSION['email'] = $_POST["eemail"];
Print_Text("pub_einstellungen_UserDateSaved");
}