Fire-Devils/monitor-frontend
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

ready to go

Browse Source
This commit is contained in:
Manuel Weiser
2018-08-04 17:21:54 +02:00
parent 2c0012a6f4
commit 8cf053078a
7 changed files with 82 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
pmfunctions.inc.php
View File

@ -22,7 +22,7 @@
require_once("config.inc.php");
if( $_GET["pmdo"] == "reply" )
if( isset($_GET["pmdo"]) && $_GET["pmdo"] == "reply" )
{
$result = mysqli_query($dbconn, "SELECT real_name FROM admin_users WHERE id = '$_GET[to]'") or die (mysqli_error($dbconn));
$row = mysqli_fetch_array($result);
@ -30,7 +30,7 @@ if( $_GET["pmdo"] == "reply" )
echo $message_field;
}
elseif( $_GET["pmdo"] == "doreply" )
elseif( isset($_GET["pmdo"]) && $_GET["pmdo"] == "doreply" )
{
$result = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')");
$result = mysqli_query($dbconn, "DELETE FROM messages WHERE id = '$_REQUEST[msg_id]'")or die(mysqli_error($dbconn));
@ -38,18 +38,18 @@ elseif( $_GET["pmdo"] == "doreply" )
echo gohome($_SERVER["PHP_SELF"]);
}
elseif( $_GET["pmdo"] == "write" )
elseif( isset($_GET["pmdo"]) && $_GET["pmdo"] == "write" )
{
$select_msg_to = '
<select name="userid_to" id="userid_to">
<option value="0">Empf<EFBFBD>nger</option>
<option value="0">Empf&auml;nger</option>
<option>--------------------</option>
<option value="0">Alle</option>';
$result = mysqli_query($dbconn, "SELECT id, real_name FROM admin_users WHERE pm_allow = '1' ORDER BY real_name ASC") or die (mysqli_error($dbconn));
while($row = mysqli_fetch_array($result))
{
if( $_GET["msg_to"] == $row["id"] ) { $selected = 'selected'; $can_pm = '1'; } else { $selected = ''; }
if( isset($_GET["msg_to"]) && $_GET["msg_to"] == $row["id"] ) { $selected = 'selected'; $can_pm = '1'; } else { $selected = ''; }
$select_msg_to .= '
<option value="'.$row["id"].'" '.$selected.'>'.$row["real_name"].'</option>
';
@ -59,20 +59,22 @@ elseif( $_GET["pmdo"] == "write" )
</select>
';
if( $_GET["msg_to"] && empty($can_pm) )
if( isset($_GET["pmdo"]) && empty($can_pm) )
{
// pm_allow ist auf 0
if (!isset($message_field)) $message_field="";
$message_field .= "<b><font color=\"red\"><br>Der User darf keine PM Empfangen/Senden</font></b><br><br>";
}
else
{
//pm_allow ist auf 1
if (!isset($message_field)) $message_field = "";
eval ("\$message_field .= \"".gettemplate($template_dir."body_message_write")."\";");
}
echo $message_field;
}
elseif( $_GET["pmdo"] == "dowrite" )
elseif( isset($_GET["pmdo"]) && $_GET["pmdo"] == "dowrite" )
{
if( $_REQUEST["userid_to"] != '0' )
{
@ -92,7 +94,7 @@ elseif( $_GET["pmdo"] == "dowrite" )
echo gohome($_SERVER["PHP_SELF"]);
}
elseif( $_GET["pmdo"] == "deletepm" )
elseif( isset($_GET["pmdo"]) && $_GET["pmdo"] == "deletepm" )
{
$result = mysqli_query($dbconn, "DELETE FROM messages WHERE id = '$_GET[msg_id]'")or die(mysqli_error($dbconn));
}