114 lines
3.3 KiB
PHP
114 lines
3.3 KiB
PHP
|
<?php
|
||
|
session_start();
|
||
|
include ($_SERVER["DOCUMENT_ROOT"]."/Site/checkadmin.php");
|
||
|
$moduleurl = $_REQUEST["path"];
|
||
|
|
||
|
// Aufbau der Datenbankverbindung
|
||
|
require($_SERVER["DOCUMENT_ROOT"]."/Config/_dbconfig_.php");
|
||
|
@$y = mysql_connect($MYSQL_HOST,$MYSQL_USER,$MYSQL_PASS);
|
||
|
@$x = mysql_select_db($MYSQL_DATABASE);
|
||
|
if (empty($x))
|
||
|
{
|
||
|
die ("Could not connect to database!");
|
||
|
}
|
||
|
|
||
|
// Definition der Benutzer
|
||
|
$benutzer["IsAdmin"] = mysql_real_escape_string($_REQUEST["isadmin"]);
|
||
|
$benutzer["VPNId"] = mysql_real_escape_string($_REQUEST["vpnid"]);
|
||
|
$benutzer["Nickname"] = mysql_real_escape_string($_REQUEST["nickname"]);
|
||
|
$benutzer["Kennwort"] = mysql_real_escape_string($_REQUEST["pwd"]);
|
||
|
$benutzer["Nachname"] = mysql_real_escape_string($_REQUEST["nachname"]);
|
||
|
$benutzer["Vorname"] = mysql_real_escape_string($_REQUEST["vorname"]);
|
||
|
$benutzer["Email"] = mysql_real_escape_string($_REQUEST["email"]);
|
||
|
$benutzer["NovLogin"] = mysql_real_escape_string($_REQUEST["novlogin"]);
|
||
|
$benutzer["NovPass"] = mysql_real_escape_string($_REQUEST["novpass"]);
|
||
|
|
||
|
|
||
|
// Daten eintragen
|
||
|
// SQL-Anweisung erstellen
|
||
|
$strcount = 0;
|
||
|
$sql = "UPDATE userdata SET ";
|
||
|
if($benutzer["IsAdmin"] != "")
|
||
|
{
|
||
|
$sql = $sql . "IsAdmin='".$benutzer["IsAdmin"]."' ";
|
||
|
$strcount = 1;
|
||
|
}
|
||
|
if($benutzer["VPNId"] != "")
|
||
|
{
|
||
|
if(isset($strcount))
|
||
|
{
|
||
|
$sql = $sql . ",";
|
||
|
}
|
||
|
$sql = $sql . "VPNId='". $benutzer["VPNId"]."' ";
|
||
|
$strcount = 1;
|
||
|
}
|
||
|
if($benutzer["Kennwort"] != "")
|
||
|
{
|
||
|
if(isset($strcount))
|
||
|
{
|
||
|
$sql = $sql . ",";
|
||
|
}
|
||
|
$sql = $sql . "Kennwort='". md5 ($benutzer["Kennwort"])."' ";
|
||
|
$strcount = 1;
|
||
|
}
|
||
|
if($benutzer["Nachname"] != "")
|
||
|
{
|
||
|
if(isset($strcount))
|
||
|
{
|
||
|
$sql = $sql . ",";
|
||
|
}
|
||
|
$sql = $sql . "Nachname='". $benutzer["Nachname"]."' ";
|
||
|
$strcount = 1;
|
||
|
}
|
||
|
if($benutzer["Vorname"] != "")
|
||
|
{
|
||
|
if(isset($strcount))
|
||
|
{
|
||
|
$sql = $sql . ",";
|
||
|
}
|
||
|
$sql = $sql . "Vorname='". $benutzer["Vorname"]."' ";
|
||
|
$strcount = 1;
|
||
|
}
|
||
|
if($benutzer["Email"] != "")
|
||
|
{
|
||
|
if(isset($strcount))
|
||
|
{
|
||
|
$sql = $sql . ",";
|
||
|
}
|
||
|
$sql = $sql . "Email='". $benutzer["Email"]."' ";
|
||
|
$strcount = 1;
|
||
|
}
|
||
|
if($benutzer["NovLogin"] != "")
|
||
|
{
|
||
|
if(isset($strcount))
|
||
|
{
|
||
|
$sql = $sql . ",";
|
||
|
}
|
||
|
$sql = $sql . "NovLogin='". $benutzer["NovLogin"]."' ";
|
||
|
$strcount = 1;
|
||
|
}
|
||
|
if($benutzer["NovPass"] != "")
|
||
|
{
|
||
|
if(isset($strcount))
|
||
|
{
|
||
|
$sql = $sql . ",";
|
||
|
}
|
||
|
$sql = $sql . "NovPass='". $benutzer["NovPass"]."' ";
|
||
|
$strcount = 1;
|
||
|
}
|
||
|
$sql = $sql . "WHERE Nickname = '" . $benutzer["Nickname"]."'";
|
||
|
//die($sql);
|
||
|
mysql_query ($sql);
|
||
|
|
||
|
if (mysql_affected_rows ($y) > 0)
|
||
|
{
|
||
|
mysql_close();
|
||
|
header ("Location: ".$moduleurl."&uebergabe2=2");
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
mysql_close();
|
||
|
echo "Fehler beim Editieren des Benutzers. (Nothing changed?)<br>\n";
|
||
|
}
|
||
|
?>
|