Файл: NskriptS.zip/kick.php
Строк: 391
<?php
error_reporting(0);
include("config.php");
include("./includes/".$ver."/banned");
list($msec, $sec) = explode(chr(32), microtime());
$headtime = $sec + $msec;
$nocache = rand(10000, 99999);
switch($ver)
{
////////////////////////////////////////////////////////
//WML VERSION
////////////////////////////////////////////////////////
case 'wml':
header("Content-type: text/vnd.wap.wml; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
//AUTH
$id = intval($_GET['id']);
$password = mysql_escape_string($_GET['password']);
$q = mysql_query("SELECT `level` FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".$password."';");
if(mysql_num_rows($q) == 0)
{
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.3//EN" "http://www.wapforum.org/DTD/wml13.dtd"><wml>n";
echo "<card title="ERROR" ontimer="index.php?ver=wml"><timer value="15"/><p align="left">n";
echo "<small>Ошибка авторизации!<br/>n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>n";
echo "</small></p></card></wml>";
exit();
}
//END AUTH
$level = mysql_result($q, 0);
if($level == 0)
{
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.3//EN" "http://www.wapforum.org/DTD/wml13.dtd"><wml>n";
echo "<card id="error" title="ERROR" ontimer="menu.php?ver=wml&id=$id&password=$password"><timer value="15"/><p align="left">n";
echo "<small>Доступ запрещен<br/>n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>n";
echo "</small></p></card></wml>";
exit();
}
$uid = intval($_GET['uid']);
$sql = mysql_query("SELECT `level`, `nickname` FROM `chat_users` WHERE `id` = '".$uid."';");
if(mysql_num_rows($sql) == 0)
{
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.3//EN" "http://www.wapforum.org/DTD/wml13.dtd"><wml>n";
echo "<card id="error" title="ERROR" ontimer="menu.php?ver=wml&id=$id&password=$password"><timer value="15"/><p align="left">n";
echo "<small>Пользователь не найден<br/>n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>n";
echo "</small></p></card></wml>";
exit();
}
else
{
$lev = mysql_result($sql, 0, 'level');
$nick = mysql_result($sql, 0, 'nickname');
}
if($lev > $level or $uid == 1)
{
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.3//EN" "http://www.wapforum.org/DTD/wml13.dtd"><wml>n";
echo "<card id="error" title="ERROR" ontimer="menu.php?ver=wml&id=$id&password=$password"><timer value="15"/><p align="left">n";
echo "<small>Вы не можете блокировать данного пользователя. Нет прав.<br/>n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>n";
echo "</small></p></card></wml>";
exit();
}
//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.3//EN" "http://www.wapforum.org/DTD/wml13.dtd"><wml>n";
echo "<card title="$nick"><p align="left">n";
if(isset($_POST['action']))
{
$reason = trim(mysql_escape_string(htmlspecialchars($_POST['reason'])));
$reason = str_replace('$', '$$', $reason);
$kick = intval($_POST['time']);
if($level == 1 or $level == 2)
{
if($kick != 60 && $kick != 90 && $kick != 300 && $kick != 43200 && $kick != 86400 && $kick != 172800)
{
echo "Вы попытались выбрать некорретное значение переключателя "Время пинка"!<br/>n";
echo "<a href="rules/moder_rules.php?id=$id&password=$password&ver=wml">Правила модераторов</a><br/>n";
break;
}
}
if($kick == 0)
{
echo "Нельзя выкидывать из чата на 0 секунд!<br/>n";
break;
}
if(empty($reason))
{
echo "Вы не указали причину пинка!<br/>n";
break;
}
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
$moder = mysql_result($q, 0);
$q = mysql_query("UPDATE `chat_users` SET `kick` = '".($kick + time())."', `reason` = '".$reason."', `moder` = '".$moder."' WHERE `id` = '".$uid."';");
echo "$nick успешно выпнут(а) на $kick секунд!<br/>n";
$date = date("d-m-y H:i:s");
$query = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
$moder = mysql_result($query, 0);
$q = mysql_query("INSERT INTO `chat_logs` VALUES(0, '".$moder."', 1, '".$nick."', '".$reason."', '".$date."', ".time().");");
}
else
{
echo "Никнейм:<br/>n";
echo "[$nick]<br/>n";
echo "Время пинка (сек):<br/>n";
if($level == 1 or $level == 2)
{
echo "<select name="time$nocache" value="60">n";
echo "<option value="60">60</option>n";
echo "<option value="90">90</option>n";
echo "<option value="300">300</option>n";
echo "<option value="43200">43200</option>n";
echo "<option value="86400">86400</option>n";
echo "<option value="172800">172800</option>n";
echo "</select><br/>n";
}
else
{
echo "<input name="time$nocache" maxlength="6" format="*N"/><br/>n";
}
echo "Причина:<br/>n";
echo "<input name="reason$nocache" maxlength="200" title="reason"/><br/>n";
if(isset($_GET['rid'])) echo "<anchor>[Пнуть]<go href="kick.php?nocache=$nocache&ver=wml&id=$id&password=$password&mod=kick&uid=$uid&rid=".$_GET['rid']."" method="post">n";
if(isset($_GET['key'])) echo "<anchor>[Пнуть]<go href="kick.php?nocache=$nocache&ver=wml&id=$id&password=$password&mod=kick&uid=$uid&key=".$_GET['key']."" method="post">n";
echo "<postfield name="reason" value="$(reason$nocache)"/>n";
echo "<postfield name="time" value="$(time$nocache)"/>n";
echo "<postfield name="time" value="$(time$nocache)"/>n";
echo "<postfield name="action" value="kick"/>n";
echo "</go></anchor><br/>n";
}
if(!empty($_GET['rid'])) echo "<a href="room.php?id=$id&password=$password&ver=wml&rid=".intval($_GET['rid'])."">В чат</a><br/>n";
if(!empty($_GET['key'])) echo "<a href="intim.php?id=$id&password=$password&ver=wml&key=".$_GET['key']."">В чат</a><br/>n";
echo "<a href="menu.php?id=$id&password=$password&ver=wml">Меню чата</a><br/>n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>n";
echo "</p></card></wml>";
break;
////////////////////////////////////////////////////////
//HTML VERSION
////////////////////////////////////////////////////////
case 'html':
header("Content-type: text/html; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
//AUTH
$id = intval($_GET['id']);
$password = mysql_escape_string($_GET['password']);
$q = mysql_query("SELECT `level` FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".$password."';");
if(mysql_num_rows($q) == 0)
{
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">n";
echo "<html><head>n";
echo "<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>n";
echo '<link href="css.css" rel="stylesheet" type="text/css"><title>'.$title.'</title>
</head>
<body>';
echo "Ошибка авторизации!<br/>n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>n";
echo "</body></html>";
exit();
}
//END AUTH
//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0 WHERE `id` = '".$id."';");
//END ONLINE
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">n";
echo "<html><head>n";
echo "<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>n";
echo '<link href="css.css" rel="stylesheet" type="text/css"><title>'.$title.'</title>
</head>
<body>';
$level = mysql_result($q, 0);
if($level == 0)
{
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">n";
echo "<html><head>n";
echo "<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>n";
echo '<link href="css.css" rel="stylesheet" type="text/css"><title>'.$title.'</title>
</head>
<body>';
echo "Доступ запрещен<br/>n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>n";
echo "</div></body></html>";
exit();
}
$uid = intval($_GET['uid']);
$sql = mysql_query("SELECT `level`, `nickname` FROM `chat_users` WHERE `id` = '".$uid."';");
if(mysql_num_rows($sql) == 0)
{
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">n";
echo "<html><head>n";
echo "<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>n";
echo '<link href="css.css" rel="stylesheet" type="text/css"><title>'.$title.'</title>
</head>
<body>';
echo "<div class="lic2">Пользователь не найден в базе данных.</div>n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>n";
echo "</div></body></html>";
exit();
}
else
{
$lev = mysql_result($sql, 0, 'level');
$nick = mysql_result($sql, 0, 'nickname');
}
if($lev > $level or $uid == 1)
{
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">n";
echo "<html><head>n";
echo "<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>n";
echo '<link href="css.css" rel="stylesheet" type="text/css"><title>'.$title.'</title>
</head>
<body>';
echo "Вы не можете блокировать данного пользователя. Нет прав.<br/>n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>n";
echo "</div></body></html>";
exit();
}
//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE
echo "<?xml version="1.0" encoding="UTF-8"?>n";
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">n";
echo "<html><head>n";
echo "<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>n";
echo '<link href="css.css" rel="stylesheet" type="text/css"><title>'.$nick.'</title>
</head>
<body>';
if(isset($_POST['action']))
{
$reason = trim(mysql_escape_string(htmlspecialchars($_POST['reason'])));
$reason = str_replace('$', '$$', $reason);
$kick = intval($_POST['time']);
if($level == 1 or $level == 2)
{
if($kick != 60 && $kick != 90 && $kick != 300 && $kick != 43200 && $kick != 86400 && $kick != 172800)
{
echo "Вы попытались выбрать некорретное значение переключателя "Время пинка"!<br/>n";
echo "<a href="rules/moder_rules.php?id=$id&password=$password&ver=html">Правила модераторов</a><br/>n";
break;
}
}
if($kick == 0)
{
echo "Нельзя выкидывать из чата на 0 секунд!<br/>n";
break;
}
if(empty($reason))
{
echo "Вы не указали причину пинка!<br/>n";
break;
}
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
$moder = mysql_result($q, 0);
$q = mysql_query("UPDATE `chat_users` SET `kick` = '".($kick + time())."', `reason` = '".$reason."', `moder` = '".$moder."' WHERE `id` = '".$uid."';");
echo "$nick успешно выпнут(а) на $kick секунд!<br/>n";
$date = date("d-m-y H:i:s");
$query = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
$moder = mysql_result($query, 0);
$q = mysql_query("INSERT INTO `chat_logs` VALUES(0, '".$moder."', 1, '".$nick."', '".$reason."', '".$date."', ".time().");");
}
else
{
echo "<div class="lic2">n";
if(!empty($_GET['rid'])) echo "<form method="post" action="kick.php?nocache=$nocache&ver=html&id=$id&password=$password&uid=$uid&rid=$rid">n";
if(!empty($_GET['key'])) echo "<form method="post" action="kick.php?nocache=$nocache&ver=html&id=$id&password=$password&uid=$uid&key=$key">n";
echo "<div class="lic">Логин:</div>n";
echo "[$nick]<br/>n";
echo "<div class="lic">Время пинка (сек):</div>n";
if($level == 1 or $level == 2)
{
echo "<select name="time">n";
echo "<option value="60" selected="selected">60</option>n";
echo "<option value="90">90</option>n";
echo "<option value="300">300</option>n";
echo "<option value="43200">43200</option>n";
echo "<option value="86400">86400</option>n";
echo "<option value="172800">172800</option>n";
echo "</select><br/>n";
}
else
{
echo "<input type="text" name="time" maxlength="6"/><br/>n";
}
echo "<div class="lic">Причина:</div>n";
echo "<input type="hidden" name="action" value="kick"/>n";
echo "<input type="text" name="reason" maxlength="200"/><br/>n";
echo "<input type="submit" value="OK"/></form></div><br/>n";}
if(!empty($_GET['rid'])) echo "<a href="room.php?id=$id&password=$password&ver=html&rid=".intval($_GET['rid'])."">В чат</a><br/>n";
if(!empty($_GET['key'])) echo "<a href="intim.php?id=$id&password=$password&ver=html&key=".$_GET['key']."">В чат</a><br/>n";
echo "<a href="menu.php?id=$id&password=$password&ver=html">Меню чата</a><br/>";
list($msec, $sec) = explode(chr(32), microtime());
echo "</div></body></html>";
break;
}
?>