PHP-Code:
<?
// Variable _GET['uid'] pruefen
if (!empty ($_GET['uid'])) $_POST['uid'] = $_GET['uid'];
$_POST['uid'] = (int)$_POST['uid'];
if (empty ($_POST['uid'])) die ('Keine korrekte User-ID übergeben!');
// Allgemeine Daten speichern
if (isset ($_POST['profile'])) {
db_query ('UPDATE '.$db_prefix.'_userdaten SET vorname = "'.$_POST['vorname'].'", nachname = "'.$_POST['nachname'].'" WHERE uid = '.$_POST['uid']);
db_query ('UPDATE '.$db_prefix.'_emaildaten SET emailadresse = "'.$_POST['emailadresse'].'", freigabe_fuer = "'.$_POST['freigabe_fuer'].'" WHERE uid = '.$_POST['uid']);
if ($_POST['werber'] != $_POST['alt_werber'] && $_POST['werber'] != $_POST['uid']) db_query ('UPDATE '.$db_prefix.'_werberdaten SET werber = "'.$_POST['werber'].'", umsatz = 0, zuordnungszeit = 0, reset = 0, resetzeit = 0, gesamt = 0, refback = 0, aktivzeit = 0 WHERE uid = '.$_POST['uid']);
}
// Betrag verbuchen
if (isset ($_POST['finanze'])) {
if ($_POST['buchungssumme'] > 0 && $_POST['buchungssumme']) {
$buchungs_id = create_code (14);
buchungsliste ($buchungs_id, $_POST['buchungsart'].$_POST['buchungssumme'], $_POST['buchungstext'].' (Admin)', $_POST['uid']);
kontobuchung ($_POST['buchungsart'], $_POST['buchungssumme'], $_POST['uid']);
if ($_POST['art'] == '+'){
$ausgabe = $_POST['buchungsmenge'];
}else{
$einnahme = $_POST['buchungsmenge'];
}
bilanz($einnahme,$ausgabe);
$nachricht = 'Hallo,'."\n\n".'Es wurde soeben eine Buchung auf dein Userkonto ausgeführt:'."\n\n".$_POST['buchungsart'].' '.number_format($_POST['buchungssumme'], 2, ',', '.').' '.$waehrung.' '.$_POST['buchungstext']."\n\n\n".'Mit freundlichen Grüßen, dein '.$seitenname.'-Team';
if (isset ($_POST['send_mail']) && $_POST['send_mail'] == 'ja') usermail ($_POST['email'],$seitenname.' Kontobuchung', $nachricht, '"'.$seitenname.'" <'.$betreibermail.'>');
}
}
// Zugangsberechtigungen aendern
if (isset ($_POST['access'])) {
if (isset ($_POST['send_mail']) && $_POST['send_mail'] == 'ja') {
if ($_POST['status'] == 0) $desc = 'Wartend';
elseif ($_POST['status'] == 1) $desc = 'Freigeschaltet';
elseif ($_POST['status'] == 2) $desc = 'Gesperrt';
elseif ($_POST['status'] == 'loeschen') $desc = 'Gelöscht';
$grund = (empty ($_POST['hinweis'])) ? 'Keine Angabe' : $_POST['hinweis'];
$nachricht = 'Hallo,'."\n\n".'Dein Userstatus auf '.$seitenname.' wurde so ebend geändert.'."\n\n".'Neuer Status: '.$desc.''."\n\n".'Grund:'."\n".$grund."\n\n\n".'Mit freundlichen Grüßen, dein '.$seitenname.'-Team';
usermail ($_POST['email'], 'Dein Account auf '.$seitenname, $nachricht, '"'.$seitenname.'" <'.$betreibermail.'>');
}
if ($_POST['status'] != 'loeschen') {
$_POST['status'] = (int)$_POST['status'];
db_query ('UPDATE '.$db_prefix.'_kontodaten SET status = '.$_POST['status'].', hinweis = "'.$_POST['hinweis'].'" WHERE uid = '.$_POST['uid']);
} else {
$sperrzeit = ( time() + ( 86400 * 365 ) );
db_query ('INSERT INTO '.$db_prefix.'_userblacklist (uid,zeit) VALUES ('.$_POST['uid'].','.$sperrzeit.')');
db_query ('DELETE FROM '.$db_prefix.'_kontodaten WHERE uid = '.$_POST['uid']);
db_query ('DELETE FROM '.$db_prefix.'_emaildaten WHERE uid = '.$_POST['uid']);
db_query ('DELETE FROM '.$db_prefix.'_userdaten WHERE uid = '.$_POST['uid']);
db_query ('DELETE FROM '.$db_prefix.'_werberdaten WHERE uid = '.$_POST['uid']);
db_query ('UPDATE '.$db_prefix.'_werberdaten SET werber = 0 WHERE werber = '.$_POST['uid']);
echo '<meta http-equiv="refresh" content="0; URL=index.php?content=/usersystem/liste">';
}
}
// Notizen speichern
if (isset ($_POST['notice'])) {
db_query ('UPDATE '.$db_prefix.'_userdaten SET notizen = "'.$_POST['notizen'].'" WHERE uid = '.$_POST['uid']);
}
// Goldmember Addon
if($_POST['upgrade_id']!=''){
if($_POST['upgrade_id']=='delete'){
db_query("DELETE FROM ".$db_prefix."_goldmember WHERE uid='".$_POST['uid']."'");
}else{
db_query("DELETE FROM ".$db_prefix."_goldmember WHERE uid='".$_POST['uid']."'");
$paket=mysql_fetch_array(db_query("SELECT * FROM ".$db_prefix."_goldbonus WHERE id='".$_POST['upgrade_id']."' LIMIT 1"));
$ab=time();
$bis=time()+$paket['gueltigkeit'];
if($paket['gueltigkeit']==0) $x=', unbegrenzt=\'1\''; else $x='';
db_query("INSERT INTO ".$db_prefix."_goldmember SET bonus='".$_POST['upgrade_id']."', gueltig_ab='".$ab."', gueltig_bis='".$bis."', uid='".$_POST['uid']."' $x");
}
}
// Daten einlesen
$sql = db_query ('SELECT * FROM '.$db_prefix.'_kontodaten t1, '.$db_prefix.'_userdaten t2, '.$db_prefix.'_emaildaten t3, '.$db_prefix.'_werberdaten t4 WHERE t1.uid = '.$_POST['uid'].' AND t2.uid = '.$_POST['uid'].' AND t3.uid = '.$_POST['uid'].' AND t4.uid = '.$_POST['uid'].' LIMIT 1');
db_query("UPDATE ".$db_prefix."_userdaten SET a_free='".$_POST['a_free']."' WHERE uid='".$_POST['uid']."'");
if (mysql_num_rows ($sql) == 0) die ('Die angegebene User-ID existiert nicht!');
$alledaten = mysql_fetch_assoc ($sql);
?>
<? head ('Bearbeiten des Users <i>'.$alledaten['nickname'].'</i> ('.$alledaten['uid'].')'); ?>
<div style="text-align: center;">
<a href="javascript:ShowUserInfo(1);">Allgemeines</a> ·
<a href="javascript:ShowUserInfo(2);">Statistik</a> ·
<a href="javascript:ShowUserInfo(3);">Konto</a> ·
<a href="javascript:ShowUserInfo(4);">Zugang</a> ·
<a href="javascript:ShowUserInfo(5);">Buchungen</a> ·
<a href="javascript:ShowUserInfo(6);">Notizen</a>
</div><hr size=1 style="color:#c0c0c0;">
<div id="Userinfo1" style="display: block;">
<form action="" method="POST">
<input type="hidden" name="uid" value="<?=$alledaten['uid'];?>">
<input type="hidden" name="alt_werber" value="<?=$alledaten['werber'];?>">
<table width="350" border="0" cellpadding="1" cellspacing="1" align="center" bgcolor="#000000">
<tr bgcolor="#fafafa">
<td align="right"><b>User-ID</b>: </td>
<td align="left"> <?=$alledaten['uid'];?></td>
</tr>
<tr bgcolor="#ededed">
<td align="right"><b>Nickname</b>: </td>
<td align="left"> <?=$alledaten['nickname'];?></td>
</tr>
<tr bgcolor="#fafafa">
<td align="right"><b>Werber-ID</b>: </td>
<td align="left"> <input type="text" name="werber" value="<?=$alledaten['werber'];?>"></td>
</tr>
<tr bgcolor="#ededed">
<td align="right"><b>Vorname</b>: </td>
<td align="left"> <input type="text" name="vorname" value="<?=$alledaten['vorname'];?>"></td>
</tr>
<tr bgcolor="#fafafa">
<td align="right"><b>Nachname</b>: </td>
<td align="left"> <input type="text" name="nachname" value="<?=$alledaten['nachname'];?>"></td>
</tr>
<tr bgcolor="#ededed">
<td align="right"><b>eMailadresse</b>: </td>
<td align="left"> <input type="text" name="emailadresse" value="<?=$alledaten['emailadresse'];?>"></td>
</tr>
<tr bgcolor="#fafafa">
<td align="right"><b>eMail-Empfang</b>: </td>
<td align="left"> <select name="freigabe_fuer" size="1">
<option value="0" <?if ($alledaten['freigabe_fuer'] == 0) echo'SELECTED';?>>Kein Empfang</option>
<option value="1" <?if ($alledaten['freigabe_fuer'] == 1) echo'SELECTED';?>>Nur Newsletter</option>
<option value="2" <?if ($alledaten['freigabe_fuer'] == 2) echo'SELECTED';?>>Nur Paidmails</option>
<option value="3" <?if ($alledaten['freigabe_fuer'] == 3) echo'SELECTED';?>>Newsletter / Paidmails</option>
</select></td>
</tr>
<tr bgcolor="#fafafa">
<td align="right"><b>Upgrade</b></td>
<td align="left">
<select name="upgrade_id" size="1">
<option value="">-- Keine Änderung --</option>
<option value="delete">-- Keins --</option>
<?php
$paket=mysql_fetch_array(db_query("SELECT bonus FROM ".$db_prefix."_goldmember WHERE uid='".$_GET['uid']."' LIMIT 1"));
$pakete=db_query("SELECT id,name FROM ".$db_prefix."_goldbonus");
while($pinfo=mysql_fetch_array($pakete)){
?><option value="<?=$pinfo['id']; ?>"><?=$pinfo['name']; ?> <?php if($paket['bonus']==$pinfo['id']) print '(gekauft)'; ?></option>
<?php } ?>
</select>
</td>
</tr>
<tr bgcolor="#fafafa">
<td align="right"><b>Gültig:</b></td>
<td align="left">
<?php $paket=mysql_fetch_array(db_query("SELECT gueltig_ab, gueltig_bis, unbegrenzt FROM ".$db_prefix."_goldmember WHERE uid='".$_GET['uid']."' LIMIT 1")); ?>
Von: <?php print date("d.m.Y G:h",$paket['gueltig_ab']); ?> Bis: <?php if($up['unbegrenzt']==1) print'unbegrenzt gültig'; else print date("d.m.Y G:h",$paket['gueltig_bis']); ?>
</td>
</tr>
<tr bgcolor="#fafafa">
<td align="right"><b>Auzahlungs Status</b></td>
<td align="left">
<?
$a_free= mysql_fetch_array(db_query("SELECT a_free AS free FROM ".$db_prefix."_userdaten WHERE uid=".$_GET['uid']));?>
<select name="a_free" size="1">
<option value="0" <?if ($a_free['free'] == 0) echo'SELECTED';?>>Gespert</option>
<option value="1" <?if ($a_free['free'] == 1) echo'SELECTED';?>>Freigegeben</option>
</select> </td>
</tr>
<tr bgcolor="#ededed">
<td align="center" colspan="2"><br /><input type="submit" name="profile" value="» Updaten"><br /> </td>
</tr>
</table>
</form>
</div>
<div id="Userinfo2" style="display: none;">
<table width="350" border="0" cellpadding="1" cellspacing="1" align="center" bgcolor="#000000">
<tr bgcolor="#fafafa">
<td> <b>Refback</b>:</td>
<td colspan="2" align="right"><?=$alledaten['refback'];?> % </td>
</tr>
<tr bgcolor="#ededed">
<td> <b>Angemeldet</b>:</td>
<td colspan="2" align="right"><?=date('d.m.Y H:i', $alledaten['angemeldet_seit']);?> </td>
</tr>
<tr bgcolor="#fafafa">
<td> <b>Letzter Login</b>:</td>
<td colspan="2" align="right"><?=date('d.m.Y H:i', $alledaten['loginzeit']);?> </td>
</tr>
<tr bgcolor="#ededed">
<td> <b>Letzte Aktivität</b>:</td>
<td colspan="2" align="right"><?=date('d.m.Y H:i', $alledaten['last_active']);?> </td>
</tr>
<tr bgcolor="#fafafa">
<td> <b>Letzte IP</b>:</td>
<td colspan="2" align="right"><?=$alledaten['login_ip'];?> </td>
</tr>
<tr bgcolor="#ededed">
<td> <b>ForcedKlicks</b>:</td>
<td width=50 align="right"><?=$alledaten['klicks'];?> </td>
<td align="right"><?=number_format ($alledaten['kv'], 2, ',', '.').' '.$waehrung;?> </td>
</tr>
<tr bgcolor="#fafafa">
<td> <b>Betteln</b>:</td>
<td align="right"><?=$alledaten['angebettelt'];?> </td>
<td align="right"><?=number_format ($alledaten['bv'], 2, ',', '.').' '.$waehrung;?> </td>
</tr>
</table>
</div>
<div id="Userinfo3" style="display: none;">
<form action="" method="POST">
<input type="hidden" name="uid" value="<?=$alledaten['uid'];?>">
<input type="hidden" name="email" value="<?=$alledaten['emailadresse'];?>">
<table align="center" border="0" cellpadding="0" cellspacing="2">
<tr>
<td><b>Kontostand</b>:<br />
<?=number_format($alledaten['kontostand'],2,",",".").' '.$waehrung;?></td>
</tr>
<tr>
<td><br /><b>Summe</b>:<br />
<select style="width: 40px" name="buchungsart" size="1"><option value="+" SELECTED>+</option><option value="-">-</option></select><input style="width: 100px; height: 19px;" type="Text" name="buchungssumme" value=""></td>
</tr>
<tr>
<td><br /><b>Grund</b> (max. 30 Zeichen):<br />
<input style="width: 140px" type="text" name="buchungstext" value="" maxlength="30"></td>
</tr>
<tr>
<td><br /><b>Mail an User</b>:<br />
<input type="radio" name="send_mail" value="ja" /> Ja <input checked="checked" type="radio" name="send_mail" value="nein" /> Nein</td>
</tr>
<tr>
<td align="center"><br /><input type="submit" name="finanze" value="» Buchen" /></td>
</tr>
</table>
</form>
</div>
<div id="Userinfo4" style="display: none;">
<form action="" method="POST">
<input type="hidden" name="uid" value="<?=$alledaten['uid'];?>">
<input type="hidden" name="email" value="<?=$alledaten['emailadresse'];?>">
<table align="center" border="0" cellpadding="0" cellspacing="2">
<tr>
<td><b>Status</b>:<br />
<select name="status" size="1" style="width: 140px;">
<option value="0" <?if ($alledaten['status'] == 0) echo'SELECTED';?>>Wartend</option>
<option value="1" <?if ($alledaten['status'] == 1) echo'SELECTED';?>>Freigeschaltet</option>
<option value="2" <?if ($alledaten['status'] == 2) echo'SELECTED';?>>Gesperrt</option>
<option value="<?=$alledaten['status'];?>">--------------</option>
<option value="loeschen">User löschen</option>
</select></td>
</tr>
<tr>
<td><br /><b>Hinweistext</b>:<br />
<textarea name="hinweis" style="width: 140px; height: 100px;"><?=$alledaten['hinweis'];?></textarea></td>
</tr>
<tr>
<td><br /><b>Mail an User</b>:<br />
<input checked="checked" type="radio" name="send_mail" value="ja" /> Ja <input type="radio" name="send_mail" value="nein" /> Nein</td>
</tr>
<tr>
<td align="center"><br /><input type="submit" name="access" value="» Ändern" /></td>
</tr>
</table>
</form>
</div>
<div id="Userinfo5" style="display: none;">
<table border="0" width="100%" cellpadding="0" cellspacing="1" bgcolor="#303030">
<tr class="tr_head">
<td align="center"><b>Buchungs Id</b></td>
<td align="center"><b>Datum</b></td>
<td align="center"><b>Zeit</b></td>
<td align="center"><b><?=$waehrung;?></b></td>
<td align="center"><b>Verwendungszweck</b></td>
</tr>
<?
$buchungen_lesen = db_query('SELECT * FROM '.$db_prefix.'_buchungen WHERE uid = '.$alledaten['uid'].' ORDER BY buchungszeit DESC LIMIT 250');
while ($buchung_schreiben = mysql_fetch_array($buchungen_lesen)) {
$i++;
$buchcolor = ($buchung_schreiben['buchungsmenge'] > 0) ? '#000000' : '#cc0000';
$linecolor = ($i %2 == 0) ? 1 : 0;
?>
<tr class="tr_row<?=$linecolor;?>">
<td align="left"> <?=$buchung_schreiben['buchungs_id'];?></td>
<td align="center"> <?=date("d.m.Y",$buchung_schreiben['buchungszeit']);?> </td>
<td align="center"> <?=date("H:i",$buchung_schreiben['buchungszeit']);?> </td>
<td align="right"> <font color="<?=$buchcolor;?>"><?=number_format($buchung_schreiben['buchungsmenge'],2,",",".");?></font> </td>
<td align="left"> <?=$buchung_schreiben['verwendungszweck'];?></td>
</tr>
<?
}
?>
</table>
</div>
<div id="Userinfo6" style="display: none;">
<form action="" method="POST">
<input type="hidden" name="uid" value="<?=$alledaten['uid'];?>">
<table align="center" border="0" cellpadding="0" cellspacing="2">
<tr>
<td><b>Notizen</b>:<br />
<textarea name="notizen" style="width: 340px; height: 150px;"><?=$alledaten['notizen'];?></textarea></td>
</tr>
<tr>
<td align="center"><br /><input type="submit" name="notice" value="» Speichern" /></td>
</tr>
</table>
</form>
</div>
<? foot(); ?>
greez