From a3be0289286c43d8656052217457d9162261ba90 Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Thu, 2 Jun 2011 00:48:29 +0200
Subject: rewrite

---
 includes/pages/guest_login.php | 250 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 250 insertions(+)
 create mode 100644 includes/pages/guest_login.php

(limited to 'includes/pages/guest_login.php')
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php
new file mode 100644
index 00000000..76a473df
--- /dev/null
+++ b/includes/pages/guest_login.php
@@ -0,0 +1,250 @@
+<?php
+
+
+// Engel registrieren
+function guest_register() {
+	$html = "";
+	$success = "none";
+
+	if (isset ($_POST["send"])) {
+		$eNick = trim($_POST["Nick"]);
+
+		if ($_POST["Alter"] == "")
+			$_POST["Alter"] = 23;
+
+		// user vorhanden?
+		$Ergans = sql_select("SELECT UID FROM `User` WHERE `Nick`='" . sql_escape($_POST["Nick"]) . "'");
+
+		if (strlen($_POST["Nick"]) < 2)
+			$error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick2");
+		elseif (count($Ergans) > 0) $error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick3");
+		elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false) $error = Get_Text("makeuser_error_mail");
+		elseif (!is_numeric($_POST["Alter"])) $error = Get_Text("makeuser_error_Alter");
+		elseif ($_POST["Passwort"] != $_POST["Passwort2"]) $error = Get_Text("makeuser_error_password1");
+		elseif (strlen($_POST["Passwort"]) < 6) $error = Get_Text("makeuser_error_password2");
+		else {
+			$_POST["Passwort"] = PassCrypt($_POST["Passwort"]);
+			unset ($_POST["Passwort2"]);
+
+			$Erg = sql_query("INSERT INTO `User` (" .
+			"`Nick` , " . "`Name` , " .
+			"`Vorname`, " . "`Alter` , " .
+			"`Telefon`, " . "`DECT`, " .
+			"`Handy`, " . "`email`, " .
+			"`ICQ`, " . "`jabber`, " .
+			"`Size`, " . "`Passwort`, " .
+			"`Art` , " . "`kommentar`, " .
+			"`Hometown`," . "`CreateDate` ) " .
+			"VALUES ( " .
+			"'" . $_POST["Nick"] . "', " . "'" . $_POST["Name"] . "', " .
+			"'" . $_POST["Vorname"] . "', " . "'" . $_POST["Alter"] . "', " .
+			"'" . $_POST["Telefon"] . "', " . "'" . $_POST["DECT"] . "', " .
+			"'" . $_POST["Handy"] . "', " . "'" . $_POST["email"] . "', " .
+			"'" . $_POST["ICQ"] . "', " . "'" . $_POST["jabber"] . "', " .
+			"'" . $_POST["Size"] . "', " . "'" . $_POST["Passwort"] . "', " .
+			"'" . $_POST["Art"] . "', " . "'" . $_POST["kommentar"] . "', " .
+			"'" . $_POST["Hometown"] . "'," . "NOW())");
+
+			if ($Erg != 1) {
+				$html .= Get_Text("makeuser_error_write1") . "<br />\n";
+				$error = sql_error();
+			} else {
+				$html .= "<p class=\"success\">" . Get_Text("makeuser_writeOK") . "\n";
+
+				$SQL2 = "SELECT `UID` FROM `User` WHERE `Nick`='" . $_POST["Nick"] . "';";
+				$Erg2 = mysql_query($SQL2, $con);
+				$Data = mysql_fetch_array($Erg2);
+
+				$SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('" . $Data["UID"] . "');";
+				$Erg3 = mysql_query($SQL3, $con);
+
+				if ($Erg3 != 1) {
+					$html .= "<h1>" . Get_Text("makeuser_error_write2") . "<br />\n";
+					$error = mysql_error($con);
+				} else {
+					$html .= Get_Text("makeuser_writeOK2") . "<br />\n";
+					$html .= "<h1>" . Get_Text("makeuser_writeOK3") . "</h1>\n";
+				}
+
+				$html .= Get_Text("makeuser_writeOK4") . "</p><p></p>\n<br /><br />\n";
+				$success = "any";
+
+				if (isset ($SubscribeMailinglist)) {
+					if ($_POST["subscribe-mailinglist"] == "") {
+						$headers = "From: " . $_POST["email"] . "\r\n" .
+						"X-Mailer: PHP/" . phpversion();
+						mail($SubscribeMailinglist, "subject", "message", $headers);
+					}
+				}
+			}
+		}
+
+		if (isset ($error))
+			$html .= error($error);
+	} else {
+		// init vars
+		$_POST["Nick"] = "";
+		$_POST["Name"] = "";
+		$_POST["Vorname"] = "";
+		$_POST["Alter"] = "";
+		$_POST["Telefon"] = "";
+		$_POST["DECT"] = "";
+		$_POST["Handy"] = "";
+		$_POST["email"] = "";
+		$_POST["subscribe-mailinglist"] = "";
+		$_POST["ICQ"] = "";
+		$_POST["jabber"] = "";
+		$_POST["Size"] = "L";
+		$_POST["Art"] = "";
+		$_POST["kommentar"] = "";
+		$_POST["Hometown"] = "";
+	}
+
+	if ($success == "none") {
+		$html .= "<h1>" . Get_Text("makeuser_text0") . "</h1>\n";
+		$html .= "<h2>" . Get_Text("makeuser_text1") . "</h2>\n";
+		$html .= "<form action=\"\" method=\"post\">\n";
+		$html .= "<table>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_Nickname") . "*</td><td><input type=\"text\" size=\"40\" name=\"Nick\" value=\"" . $_POST["Nick"] . "\" /></td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_Nachname") . "</td><td><input type=\"text\" size=\"40\" name=\"Name\" value=\"" . $_POST["Name"] . "\" /></td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_Vorname") . "</td><td><input type=\"text\" size=\"40\" name=\"Vorname\" value=\"" . $_POST["Vorname"] . "\" /></td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_Alter") . "</td><td><input type=\"text\" size=\"40\" name=\"Alter\" value=\"" . $_POST["Alter"] . "\"></td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_Telefon") . "</td><td><input type=\"text\" size=\"40\" name=\"Telefon\" value=\"" . $_POST["Telefon"] . "\"></td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_DECT") . "</td><td><input type=\"text\" size=\"40\" name=\"DECT\" value=\"" . $_POST["DECT"] . "\"></td><td>\n";
+		$html .= "<!--a href=\"https://21c3.ccc.de/wiki/index.php/POC\"><img src=\"./pic/external.png\" alt=\"external: \">DECT</a--></td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_Handy") . "</td><td><input type=\"text\" size=\"40\" name=\"Handy\" value=\"" . $_POST["Handy"] . "\"></td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_E-Mail") . "*</td><td><input type=\"text\" size=\"40\" name=\"email\" value=\"" . $_POST["email"] . "\"></td></tr>\n";
+
+		if (isset ($SubscribeMailinglist))
+			$html .= "<tr><td>" . Get_Text("makeuser_subscribe-mailinglist") . "</td><td><input type=\"checkbox\" name=\"subscribe-mailinglist\" value=\"" . $_POST["subscribe-mailinglist"] . "\">($SubscribeMailinglist)</td></tr>\n";
+
+		$html .= "<tr><td>ICQ</td><td><input type=\"text\" size=\"40\" name=\"ICQ\" value=\"" . $_POST["ICQ"] . "\"></td></tr>\n";
+		$html .= "<tr><td>jabber</td><td><input type=\"text\" size=\"40\" name=\"jabber\" value=\"" . $_POST["jabber"] . "\"></td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_T-Shirt") . " Gr&ouml;sse*</td><td align=\"left\">\n";
+		$html .= "<select name=\"Size\">\n";
+		$html .= "<option value=\"S\"";
+		if ($_POST["Size"] == "S")
+			$html .= " selected";
+		$html .= ">S</option>\n";
+		$html .= "<option value=\"M\"";
+		if ($_POST["Size"] == "M")
+			$html .= " selected";
+		$html .= ">M</option>\n";
+		$html .= "<option value=\"L\"";
+		if ($_POST["Size"] == "L")
+			$html .= " selected";
+		$html .= ">L</option>\n";
+		$html .= "<option value=\"XL\"";
+		if ($_POST["Size"] == "XL")
+			$html .= " selected";
+		$html .= ">XL</option>\n";
+		$html .= "<option value=\"2XL\"";
+		if ($_POST["Size"] == "2XL")
+			$html .= " selected";
+		$html .= ">2XL</option>\n";
+		$html .= "<option value=\"3XL\"";
+		if ($_POST["Size"] == "3XL")
+			$html .= " selected";
+		$html .= ">3XL</option>\n";
+		$html .= "<option value=\"4XL\"";
+		if ($_POST["Size"] == "4XL")
+			$html .= " selected";
+		$html .= ">4XL</option>\n";
+		$html .= "<option value=\"5XL\"";
+		if ($_POST["Size"] == "5XL")
+			$html .= " selected";
+		$html .= ">5XL</option>\n";
+		$html .= "<option value=\"S-G\"";
+		if ($_POST["Size"] == "S-G")
+			$html .= " selected";
+		$html .= ">S Girl</option>\n";
+		$html .= "<option value=\"M-G\"";
+		if ($_POST["Size"] == "M-G")
+			$html .= " selected";
+		$html .= ">M Girl</option>\n";
+		$html .= "<option value=\"L-G\"";
+		if ($_POST["Size"] == "L-G")
+			$html .= " selected";
+		$html .= ">L Girl</option>\n";
+		$html .= "<option value=\"XL-G\"";
+		if ($_POST["Size"] == "XL-G")
+			$html .= " selected";
+		$html .= ">XL Girl</option>\n";
+		$html .= "</select>\n";
+		$html .= "</td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_Engelart") . "</td><td align=\"left\">\n";
+		$html .= "<select name=\"Art\">\n";
+
+		$engel_types = sql_select("SELECT * FROM `EngelType` ORDER BY `NAME`");
+		foreach ($engel_types as $engel_type) {
+			$Name = $engel_type['Name'] . Get_Text("inc_schicht_engel");
+			$html .= "<option value=\"" . $Name . "\"";
+
+			if ($_POST["Art"] == $Name)
+				$html .= " selected";
+
+			$html .= ">$Name</option>\n";
+		}
+
+		$html .= "</select>\n";
+		$html .= "</td>\n";
+		$html .= "</tr>\n";
+		$html .= "<tr>\n";
+		$html .= "<td>" . Get_Text("makeuser_text2") . "</td>\n";
+		$html .= "<td><textarea rows=\"5\" cols=\"40\" name=\"kommentar\">" . $_POST["kommentar"] . "</textarea></td>\n";
+		$html .= "</tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_Hometown") . "</td><td><input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $_POST["Hometown"] . "\"></td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_Passwort") . "*</td><td><input type=\"password\" size=\"40\" name=\"Passwort\"/></td></tr>\n";
+		$html .= "<tr><td>" . Get_Text("makeuser_Passwort2") . "*</td><td><input type=\"password\" size=\"40\" name=\"Passwort2\"/></td></tr>\n";
+		$html .= "<tr><td>&nbsp;</td><td><input type=\"submit\" name=\"send\" value=\"" . Get_Text("makeuser_Anmelden") . "\"/></td></tr>\n";
+		$html .= "</table>\n";
+		$html .= "</form>\n";
+		$html .= Get_Text("makeuser_text3");
+	}
+	return $html;
+}
+
+function guest_logout() {
+	unset ($_SESSION['uid']);
+	header("Location: " . page_link_to("start"));
+}
+
+function guest_login() {
+	global $user;
+	unset ($_SESSION['uid']);
+
+	$html = "";
+	if (isset ($_REQUEST['login_submit'])) {
+		$login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST["user"]) . "'");
+
+		if (count($login_user) == 1) { // Check, ob User angemeldet wird...
+			$login_user = $login_user[0];
+			if ($login_user["Passwort"] == PassCrypt($_REQUEST["password"])) { // Passwort ok...
+				$_SESSION['uid'] = $login_user['UID'];
+				$_SESSION['Sprache'] = $login_user['Sprache'];
+				header("Location: " . page_link_to("news"));
+			} else { // Passwort nicht ok...
+				$ErrorText = "pub_index_pass_no_ok";
+			} // Ende Passwort-Check
+		} else { // Anzahl der User in User-Tabelle <> 1 --> keine Anmeldung
+			if ($user_anz == 0)
+				$ErrorText = "pub_index_User_unset";
+			else
+				$ErrorText = "pub_index_User_more_as_one";
+		} // Ende Check, ob User angemeldet wurde}
+	}
+	if (isset ($ErrorText))
+		$html .= error(Get_Text($ErrorText));
+	$html .= guest_login_form();
+	return $html;
+}
+
+function guest_login_form() {
+	return template_render("../templates/guest_login_form.html", array (
+		'link' => page_link_to("login"),
+		'nick' => Get_Text("index_lang_nick"),
+		'pass' => Get_Text("index_lang_pass"),
+		'send' => Get_Text("index_lang_send")
+	));
+}
+?>
\ No newline at end of file
-- 
cgit v1.2.3-54-g00ecf


" . Get_Text("makeuser_Nickname") . "*
" . Get_Text("makeuser_Nachname") . "
" . Get_Text("makeuser_Vorname") . "
" . Get_Text("makeuser_Alter") . "
" . Get_Text("makeuser_Telefon") . "
" . Get_Text("makeuser_DECT") . "		\n"; + $html .= "
" . Get_Text("makeuser_Handy") . "
" . Get_Text("makeuser_E-Mail") . "*
" . Get_Text("makeuser_subscribe-mailinglist") . "	($SubscribeMailinglist)
ICQ
jabber
" . Get_Text("makeuser_T-Shirt") . " Grösse*	\n"; + $html .= "	\n"; + $html .= "	" . $_POST["kommentar"] . "
" . Get_Text("makeuser_Hometown") . "
" . Get_Text("makeuser_Passwort") . "*
" . Get_Text("makeuser_Passwort2") . "*