aschwarz/Leitgedanken
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Leitgedanken/profil.php
aschwarz c56c928c6f Finale Version altes Template
2023-07-12 10:50:07 +02:00

323 lines
11 KiB
PHP
Raw Permalink Blame History

<?php
session_start();
/*
# Fuer debugging
error_reporting(E_ALL);
ini_set('display_errors', 1);
#echo __LINE__."<br>";
*/
include_once 'classes/lg-on_Smarty.class.php';
$smarty = new lgon_Smarty();
require_once("config.inc.php");
require_once("func_rollenrechte.php");
$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
require_once "language/german.inc.php";
$sid = session_id();
$datum=date("Y-m-d H:i:s");
$result_1 = $db->query( "INSERT INTO historie (vaid, datum, session_id, art, art_id) VALUES ('$user_vaid;', '$datum', '$sid', 'P', '')" );
// Rechteüberprüfung
$db = dbconnect();
if ($user_admin == ""){ require("index.php"); exit;} //Wenn man nicht angemeldet ist, darf man nicht auf die Seite
if(!rore($user_admin,'a_profil','RE')){require("lib/rechte.php");exit;}
// Rechteüberprüfung ende
if(isset($_GET['action'])){
$action = $_GET['action'];
}else{
$action = '';
}
if($action == ''){
$db = dbconnect();
$result = $db->query( "SELECT nachname, vorname, mail FROM admin where user=\"$user_admin\"" );
$row = $result->fetch_array();
$smarty->assign('profil_name', "$row[vorname] $row[nachname]");
$smarty->assign('profil_mail', "$row[mail]");
$result1 = $db->query( "SELECT prid, wgd, bibellink, kal_bettag, kal_erntedank, querverweis, lesung, kategorie, export_header FROM profil WHERE user=\"$user_admin\"" );
$row1 = $result1->fetch_array();
$smarty->assign('profil_prid', "$row1[prid]");
if($row1['wgd'] == "0"){
$smarty->assign('profil_wgd0_chk', "checked");
}
if($row1['wgd'] == "1"){
$smarty->assign('profil_wgd1_chk', "checked");
}
if($row1['bibellink'] == "lokal"){
$smarty->assign('profil_link_lokal_chk', "checked");
}
if($row1['bibellink'] == "bibleserver"){
$smarty->assign('profil_link_bibleserver_chk', "checked");
}
if($row1['kal_bettag'] == "0"){
$smarty->assign('profil_bettag0_chk', "checked");
}
if($row1['kal_bettag'] == "1"){
$smarty->assign('profil_bettag1_chk', "checked");
}
if($row1['kal_erntedank'] == "0"){
$smarty->assign('profil_erntedank0_chk', "checked");
}
if($row1['kal_erntedank'] == "1"){
$smarty->assign('profil_erntedank1_chk', "checked");
}
if($row1['querverweis'] == "none"){
$smarty->assign('profil_querver_none_chk', "checked");
}
if($row1['querverweis'] == "block"){
$smarty->assign('profil_querver_block_chk', "checked");
}
if($row1['lesung'] == "none"){
$smarty->assign('profil_lesung_none_chk', "checked");
}
if($row1['lesung'] == "block"){
$smarty->assign('profil_lesung_block_chk', "checked");
}
if(rore($user_admin,'a_outlook','RE')){
$smarty->assign('profil_outlook_exists', "1");
$smarty->assign('profil_outlook_kategorie', "$row1[kategorie]");
if($row1['export_header'] == "utf8"){
$smarty->assign('profil_outlook_header_utf8', "checked");
}
if($row1['export_header'] == "latin"){
$smarty->assign('profil_outlook_header_latin', "checked");
}
}
$result1 = $db->query( "SELECT hintergrund, fontsize
FROM stylesheet
WHERE user = '$user_admin'" );
$row1 = $result1->fetch_array();
if($row1['hintergrund'] =='#6487DC'){
$smarty->assign('profil_background_6487DC', "selected");
}
if($row1['hintergrund'] =='#000000'){
$smarty->assign('profil_background_000000', "selected");
}
if($row1['hintergrund'] =='#FF0000'){
$smarty->assign('profil_background_FF0000', "selected");
}
if($row1['hintergrund'] =='#FFFF00'){
$smarty->assign('profil_background_FFFF00', "selected");
}
if($row1['hintergrund'] =='#00FF00'){
$smarty->assign('profil_background_00FF00', "selected");
}
if($row1['hintergrund'] =='#00FFFF'){
$smarty->assign('profil_background_00FFFF', "selected");
}
if($row1['hintergrund'] =='#FF00FF'){
$smarty->assign('profil_background_FF00FF', "selected");
}
if($row1['fontsize'] =='7'){
$smarty->assign('profil_fontsize7', "selected");
}
if($row1['fontsize'] =='9'){
$smarty->assign('profil_fontsize9', "selected");
}
if($row1['fontsize'] =='11'){
$smarty->assign('profil_fontsize11', "selected");
}
if($row1['fontsize'] =='13'){
$smarty->assign('profil_fontsize13', "selected");
}
}
if($action == 'wechsel'){
function checkmail($email){
$regex = '/^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+|\-[a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/';
if (preg_match($regex, $email)) {
$i="1";
}else {
$i="0";
}
return $i;
}
#if(checkmail($_POST['mail']) == '0'){
if (!filter_var($_POST['mail'], FILTER_VALIDATE_EMAIL)) {
$smarty->assign('profil_chkmail', "1");
$fehler = TRUE;
}
elseif (!empty($_POST['pw_alt'])){
if (empty($_POST['pw_neu']) or empty($_POST['pw_wied'])){
$smarty->assign('profil_switch_noinput', "1");
$fehler = TRUE;
}else{
$pw_alt = $_POST['pw_alt'];
$pw_neu=$_POST['pw_neu'];
$pw_wied=$_POST['pw_wied'];
$db = dbconnect();
$result = $db->query( "SELECT passwort FROM admin WHERE user=\"$user_admin\"" );
$row = $result->fetch_array();
$pw_md5_neu = md5($pw_neu); // passwort md-5 codieren
$result2 = $db->query( "SELECT 1
FROM passwd_log
WHERE USER = '$user_admin'
AND passwort = '$pw_md5_neu'
ORDER BY datum DESC
LIMIT 0 , 7
" );
$row2 = $result2->fetch_array();
$result3 = $db->query( "SELECT 1
FROM admin
WHERE user = '$user_admin'
AND DATE_ADD( DATE_SUB( pw_expire, INTERVAL 1 MONTH ) , INTERVAL 2 DAY) <= now( )
" );
$row3 = $result3->fetch_array();
$result4 = $db->query( "SELECT DATE_FORMAT(DATE_ADD( DATE_SUB( pw_expire, INTERVAL 1 MONTH ) , INTERVAL 2 DAY ), '%d.%m.%Y, %H:%i Uhr') aend_datum
FROM admin
WHERE user = '$user_admin'
" );
$row4 = $result4->fetch_array();
if (md5($pw_alt) != $row['passwort']){
$smarty->assign('profil_switch_invalid', "1");
$fehler = TRUE;
}
elseif ($pw_neu != $pw_wied){
$smarty->assign('profil_switch_uneven', "1");
$fehler = TRUE;
}
elseif (strlen($pw_neu) < 6){
$smarty->assign('profil_switch_strlen', "1");
$fehler = TRUE;
}
elseif ($pw_neu == $user_admin){
$smarty->assign('profil_switch_evenusername', "1");
$fehler = TRUE;
}
elseif ($row2[0] == 1 or $pw_neu == $row['passwort'] or $pw_neu == $pw_alt){
$smarty->assign('profil_switch_repeat', "1");
$fehler = TRUE;
}
elseif ($row3[0] != 1){
$smarty->assign('profil_noswitch', "1");
$smarty->assign('profil_noswitch_date', "$row4[aend_datum]");
$fehler = TRUE;
}else{
$datum=date("Y-m-d H:i:s");
$sql = $db->query( "INSERT INTO passwd_log (user, passwort, datum) VALUES ('$user_admin', '$row[passwort]', '$datum') ");
$query1 = "SELECT pwid
FROM passwd_log
WHERE USER = '$user_admin'
ORDER BY datum DESC
LIMIT 7 , 100
";
$result1 = $db->query( $query1);
// For each result that we got from the Database
while ($row1 = $result1->fetch_array()){
$sql1 = $db->query( "DELETE FROM passwd_log WHERE user = '$user_admin' AND pwid='$row1[pwid]'" );
}
$result = $db->query( "SELECT distinct DATE_ADD(NOW(), INTERVAL 1 MONTH) exp_date
FROM admin
WHERE user ='$user_admin'
" );
$row = $result->fetch_array();
#echo "UPDATE admin SET passwort='$pw_md5_neu', pw_expire='$row[exp_date]' WHERE user='$user_admin'";
$sql1 = $db->query( "UPDATE admin SET passwort='$pw_md5_neu', pw_expire='$row[exp_date]' WHERE user='$user_admin'" );
#exit;
} // Ende wenn alle Passwortkriterien erfüllt sind.
} // Ende wenn Passwort neu/wied nicht leer ist
} // Ende Wenn Mail stimmt und Passwort nicht leer ist bzw alle PW-Eingaben stimmen
if(!isset($fehler)){
$result2 = $db->query( "SELECT wgd, kal_bettag FROM profil WHERE user='$user_admin'" );
$row2 = $result2->fetch_array();
if($row2['wgd'] != $_POST['wgd']){ // Bei WochenGDänderung den linken Frame refreshen
echo "<script language=\"javascript\">
top.frames[1].location.href = \"menuframe.php\";
</script>";
}
if($row2['kal_bettag'] != $_POST['kal_bettag'] AND $_POST['wgd'] == 1){ // Bei Buß-und Bettag den linken Frame refreshen wenn man eine Donnerstagsgemeinde ist, da Bettag immer mittwochs ist
echo "<script language=\"javascript\">
top.frames[1].location.href = \"menuframe.php\";
</script>";
}
$db = dbconnect();
$sql1 = $db->query( "UPDATE admin SET mail='$_POST[mail]' WHERE user='$user_admin'" );
$sql2 = $db->query( "UPDATE profil SET wgd='$_POST[wgd]'
, kategorie='$_POST[kategorie]'
, export_header='$_POST[outlookheader]'
, kal_bettag='$_POST[kal_bettag]'
, kal_erntedank='$_POST[kal_erntedank]'
, querverweis='$_POST[verweis]'
, lesung='$_POST[lesung]'
, bibellink ='$_POST[bibellink]'
WHERE user='$user_admin'" );
$css = ".farbe { background-color:$_POST[hintergrund];}
.td2 {font-family:verdana, arial;font-size:$_POST[fontsize]pt;line-height:150%;text-align:justify}";
$sql3 = $db->query( "DELETE FROM stylesheet WHERE user='$user_admin'" );
$sql4 = $db->query( "INSERT INTO stylesheet (user, css, hintergrund, fontsize) VALUES ('$user_admin', '$css', '$_POST[hintergrund]', '$_POST[fontsize]')" );
if($sql1 AND $sql2 AND $sql3 AND $sql4){
$smarty->assign('profil_success', "1");
}else{
$smarty->assign('profil_success', "2");
}
}
}
$smarty->assign('action', "$action");
$smarty->display("$template/$templatename");
?>
Reference in New Issue View Git Blame Copy Permalink