Файл: modules/padmin/ban.php
Строк: 59
<?php
$locate = 'in_padmin';
if(isset($user) && $user['level'] >= 5 && isset($_GET['user_id']) && $user['id'] != $_GET['user_id'] && $db->query("SELECT level FROM `users` WHERE `id` = '". $_GET['user_id'] ."'")->fetchColumn() != 7) {
$title = $lang->word('to_ban');
require_once(SYS.'/view/header.php');
$tpl->div('title', $lang->word('to_ban').' '.tnick($_GET['user_id']));
if(isset($_POST['ban']) && $_GET['act']== 'ban') {
$ban_time = (time()+60*60*24*abs(intval($_POST['ban_time'])));
$ban_text = input($_POST['ban_text']);
$db->query("UPDATE `users` SET `ban_time` = '". $ban_time."', `ban_text` = '". $ban_text."' WHERE `id` = '".abs(intval($_GET['user_id'])) ."'");
$tpl->div('menu', $lang->word('succ_save'));
$tpl->div('block', img('nav.png') . '<a href="/user/'.abs(intval($_GET['user_id'])) .'/">'.$lang->word('back').'</a><br/>'. img('admin.png') .'<a href="/padmin/">'. $lang->word('padmin') .'</a><br/>'. HICO .'<a href="/">'. $lang->word('home') .'</a>');
require_once(SYS.'/view/footer.php');
exit;
}
echo '<div class="post">
<form action="/padmin/ban/'.abs(intval($_GET['user_id'])) .'/?act=ban" method="post">
<b>'. $lang->word('ban_time') .'</b>:<br/>
<input type="text" size="3" maxlength="3" name="ban_time" value="1" /><br/>
<b>'. $lang->word('ban_text') .'</b>:<br/>
<textarea name="ban_text" rows="5" cols="26"></textarea><br/>
<input type="submit" name="ban" value="'. $lang->word('to_ban') .'" /><br/>
</form>
</div>';
$tpl->div('block', HICO .'<a href="/">'. $lang->word('home') .'</a>');
require_once(SYS.'/view/footer.php');
} else { header('Location: /'); }
?>