Файл: vkollektive2014/soo/banned.php
Строк: 128
<?
include_once '../connect.php';
if(isset($_GET['s']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `soo` WHERE `id` = '".intval($_GET['s'])."' LIMIT 1"),0)==1)
{
$s=intval($_GET['s']);
$soo=mysql_fetch_assoc(mysql_query("SELECT * FROM `soo` WHERE `id` = '$s' LIMIT 1"));
$title=$soo['name'].' - Забаненные'; // заголовок страницы
include_once '../head.php';
include_once '../core/panel.php';
include_once '../core/bb_code.php';
$ank_s = mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_users` WHERE `id_soo`='$soo[id]' AND `id_user`='$ank[id]' LIMIT 1"));
$user_s = mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_users` WHERE `id_soo`='$soo[id]' AND `id_user`='$u[id]' LIMIT 1"));
if(isset($u) && (mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '$soo[id]' AND `id_user`='$u[id]' AND `invit`='0' AND `activate`='0' LIMIT 1"),0)==1))
{
if(isset($u) && ($u['id']==$soo['admid'] || $user_s['level']>'0' && $user_s['level']>$ank_s['level']))
{
if(isset($_GET['ban']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '$soo[id]' AND `id_user` = '".intval($_GET['ban'])."' AND `activate`='0' AND `invit`='0' LIMIT 1"),0) && $_GET['ban']!=$u['id'])
{
if(isset($_POST['ban_time']) && intval($_POST['ban_time']) && isset($_POST['ban_type']) && (intval($_POST['ban_type'])==0 || intval($_POST['ban_type'])==1) && isset($_POST['prich']) && $_POST['prich']!=NULL)
{
$ban_time = intval($_POST['ban_time']);
$ban_type = intval($_POST['ban_type']);
if($ban_type==0)$time_ban=$time+60*60*$ban_time; else $time_ban=$time+60*60*24*$ban_time;
$prich=mysql_real_escape_string(trim(htmlspecialchars($_POST['prich'], ENT_QUOTES)));
if ($prich>1024){$err[]='Причина слишком длинная';}
elseif ($prich<2){$err[]='Короткая причина';}
if(!empty($err))
{
mysql_query("UPDATE `soo_users` SET `ban`='$time_ban' WHERE `id_user`='".intval($_GET['ban'])."' AND `id_soo`='$soo[id]' LIMIT 1");
mysql_query("UPDATE `soo_users` SET `prich`='".$prich."' WHERE `id_user`='".intval($_GET['ban'])."' AND `id_soo`='$soo[id]' LIMIT 1");
//msg('Юзер успешно забанен');
}
}
else
{
$ban=intval($_GET['ban']);
$us=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id`='$ban' LIMIT 1"));
echo'Забанить юзера '.$us['login'].'<br/>';
echo'<form method="post" action="?s='.$soo['id'].'&ban='.$ban.'">';
echo'На срок<br/>';
echo'<input type="text" name="ban_time" size="3">';
echo'<select name="ban_type">';
echo'<option value="1">Дней</option>';
echo'<option value="0">Часов</option>';
echo'</select><br/>';
echo'Причина(обязательно)<br/>';
echo'<textarea name="prich"></textarea><br/>';
echo'<input type="submit" value="Отправить"></form><br/>';
}
}
//err();
if(isset($_GET['del']) && $u['id']==$soo['admid'] && mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_users` WHERE `id_user` = '".intval($_GET['del'])."' AND `activate`='0' AND `invit`='0' AND `ban`>'".$time."' LIMIT 1"),0)==1)
{
mysql_query("UPDATE `soo_users` SET `ban`='$time' WHERE `id_user`='".intval($_GET['del'])."' AND `id_soo`='$soo[id]' LIMIT 1");
mysql_query("UPDATE `soo_users` SET `prich`='' WHERE `id_user`='".intval($_GET['del'])."' AND `id_soo`='$soo[id]' LIMIT 1");
//msg('Участник успешно разбанен');
}
}
if(isset($u) && mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_users` WHERE `id_user` = '$u[id]' AND `activate`='0' AND `invit`='0' AND `ban`>'$time' LIMIT 1"),0)==1)
{
$us_ban=mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_users` WHERE `id_soo` = '$soo[id]' AND `id_user`='$u[id]' LIMIT 1"));
echo'Вы забанены в данном сообществе до за '.smile(links(bb_code($us_ban['prich']))).'<br/>';
echo'Вернетесь '.vremya($us_ban['ban']).'<br/>';
if($soo['rules']!=NULL)
{
echo'<b>А пока можете пока почитать правила сообщества</b><br/>';
echo'<div class="menu">'.smile(links(bb_code($soo['rules']))).'</div>';
}
}
else
{
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo`='$soo[id]' AND `activate`='0' AND `invit`='0' AND `ban`>'$time'"),0);
$total = intval(($k_post - 1) / 10) + 1;
$page = intval(@$_GET['page']);
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * 10 - 10;
echo '<class="post">';
if ($k_post==0)
{
echo '<div class="cred">Забаненных нет</div>';
}
$q=mysql_query("SELECT * FROM `soo_users` WHERE `id_soo`='$soo[id]' AND `activate`='0' AND `invit`='0' AND `ban`>'$time' ORDER BY `ban` DESC LIMIT $start, 10");
while ($ank = mysql_fetch_assoc($q))
{
$us = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$ank[id_user]' LIMIT 1"));
if($num==1){
echo "<div class='div'>";
$num=0;
}else{
echo "<div class='nav'>";
$num=1;}
echo '<a href="info.php?s='.$soo['id'].'&id='.$us['id'].'">'.$us['login'].'</a> '.online($us['id']).'';
if(isset($u) && $u['id']==$soo['admid'])echo' [<a href="?s='.$soo['id'].'&del='.$us['id'].'">Разбанить</a>]<br />';
echo '<span class="ank_n">Забанен до:</span> <span class="ank_d">'.vremya($ank['ban']).'</span><br/>';
echo '<span class="ank_n">Причина:</span> <span class="ank_d">'.smile(links(bb_code($ank['prich']))).'</span>';
echo "</div>";
}
if($page>1)navigation($page, $total,'?s='.$soo['id'].'&'); // Вывод страниц
echo'<div class="zona"><img src="/style/img/l.gif" alt="" class="icon"/><a href="index.php?s='.$soo['id'].'">В сообщество</a></div>';
}
}
else
{
echo'Вам недоступен просмотр забаненных участников данного сообщества';
}
}
else
{
header("Location:index.php");
}
include_once '../foot.php';
?>