Файл: adm_sp.php
Строк: 61
<?php
include_once 'sys/inc/start.php';
include_once 'sys/inc/compress.php';
include_once 'sys/inc/sess.php';
include_once 'sys/inc/home.php';
include_once 'sys/inc/settings.php';
include_once 'sys/inc/db_connect.php';
include_once 'sys/inc/ipua.php';
include_once 'sys/inc/fnc.php';
include_once 'sys/inc/user.php';
$set['title']='Мой список';
include_once 'sys/inc/thead.php';
title();
aut();
if($user['id']=='5066' OR $user['id']=='1' OR $user['id']=='176')
{
echo "<div class='nav2'>Доступно лишь администраторам с ид 176, 1 и 5066.<br/>
Лишь пользователи из этого списка смогут Вам писать.</div>";
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `adm_sp` WHERE `id_adm` = '".$user['id']."'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
$act=isset($_GET['act']) ? $_GET['act'] : null;
switch($act){
case 'del':
mysql_query("DELETE FROM `adm_sp` WHERE `id`='".intval($_GET['us'])."'");
header('Location: /adm_sp.php');
exit;
break;
case 'cr':
if(isset($_POST['ok'])){
if(mysql_result(mysql_query("SELECT COUNT(`nick`)FROM `user` WHERE `nick`='".my_esc($_POST['nick'])."' LIMIT 1"),0)==0)$err='Пользователя с таким ником не существует';
if(!$err){
$us=mysql_fetch_assoc(mysql_query("SELECT `id`,`nick` FROM `user` WHERE `nick`='".my_esc($_POST['nick'])."' LIMIT 1"));
mysql_query("INSERT INTO `adm_sp`(`id_user`,`id_adm`) values('".$us['id']."','".$user['id']."')");
}
}
echo "<div class='main'><form method='post' action='/adm_sp.php?act=cr' class='main'>";
echo "Nick Name<br/>";
echo "<input type='text' name='nick'>";
echo "<br/><input type='submit' value='Добавить' name='ok'>";
echo "</form></div>";
break;
default:
$q=mysql_query("SELECT `id_user` FROM `adm_sp` WHERE `id_adm`='".$user['id']."' LIMIT ".$start.",".$set['p_str']."");
while($post=mysql_fetch_assoc($q)){
echo "<div class='nav2'>";
echo group($post['id_user'])." ";
echo user::nick($post['id_user'],1,1,1)." ";
echo "<span style='float:right;'><a href='/adm_sp.php?act=del&us=".$post['id']."'><img src='/style/icons/cross_r.gif'></a></span>";
echo "</div>";
}
}
}
include_once 'sys/inc/tfoot.php';
?>