removeLinks($_GET['del'],$session->uid); header("Location: spieler.php?s=2"); } ################################################################################# ## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ## ## --------------------------------------------------------------------------- ## ## Filename links.tpl ## ## Developed by: Slim, Manuel Mannhardt < manuel_mannhardt@web.de > ## ## License: TravianX Project ## ## Copyright: TravianX (c) 2010-2011. All rights reserved. ## ## ## ################################################################################# // Save new link or just edit a link if($_POST) { $links = array(); // let's do some complicated code x'D foreach($_POST as $key => $value) { if(substr($key, 0, 2) == 'nr') { $i = substr($key, 2); $links[$i]['nr'] = mysql_real_escape_string($value); } if(substr($key, 0, 2) == 'id') { $i = substr($key, 2); $links[$i]['id'] = mysql_real_escape_string($value); } if(substr($key, 0, 8) == 'linkname') { $i = substr($key, 8); $links[$i]['linkname'] = mysql_real_escape_string($value); } if(substr($key, 0, 8) == 'linkziel') { $i = substr($key, 8); $links[$i]['linkziel'] = mysql_real_escape_string($value); } } // Save foreach($links as $link) { settype($link['nr'], 'int'); if(trim($link['nr']) != '' AND trim($link['linkname']) != '' AND trim($link['linkziel']) != '' AND trim($link['id']) == '') { // Add new link $userid = $session->uid; if($session->access!=BANNED){ $query = mysql_query('INSERT INTO `' . TB_PREFIX . 'links` (`userid`, `name`, `url`, `pos`) VALUES (' . $userid . ', \'' . $link['linkname'] . '\', \'' . $link['linkziel'] . '\', ' . $link['nr'] . ')'); }else{ header("Location: banned.php"); } } elseif(trim($link['nr']) != '' AND trim($link['linkname']) != '' AND trim($link['linkziel']) != '' AND trim($link['id']) != '') { // Update link $query = mysql_query('SELECT * FROM `' . TB_PREFIX . 'links` WHERE `id` = ' . $link['id']); $data = mysql_fetch_assoc($query); // May the user update this entry? if($data['userid'] == $session->uid) { $query2 = mysql_query('UPDATE `' . TB_PREFIX . 'links` SET `name` = \'' . $link['linkname'] . '\', `url` = \'' . $link['linkziel'] . '\', `pos` = ' . $link['nr'] . ' WHERE `id` = ' . $link['id']); } } elseif(trim($link['nr']) == '' AND trim($link['linkname']) == '' AND trim($link['linkziel']) == '' AND trim($link['id']) != '') { // Delete entry $query = mysql_query('SELECT * FROM `' . TB_PREFIX . 'links` WHERE `id` = ' . $link['id']); $data = mysql_fetch_assoc($query); // May the user delete this entry? if($data['userid'] == $session->uid) { $query2 = mysql_query('DELETE FROM `' . TB_PREFIX . 'links` WHERE `id` = ' . $link['id']); } } } print ''; } // Fetch all links $query = mysql_query('SELECT * FROM `' . TB_PREFIX . 'links` WHERE `userid` = ' . $session->uid . ' ORDER BY `pos` ASC') or die(mysql_error()); $links = array(); while($data = mysql_fetch_assoc($query)) { $links[] = $data; } ?>