Файл: vxas.ru/soo/info.php
Строк: 159
<?
require '../sys/inc/start.php';
require '../sys/inc/compress.php';
require '../sys/inc/sess.php';
require '../sys/inc/home.php';
require '../sys/inc/settings.php';
require '../sys/inc/db_connect.php';
require '../sys/inc/ipua.php';
require '../sys/inc/fnc.php';
require '../sys/inc/user.php';
if(isset($_GET['s']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `soo` WHERE `id` = '".intval($_GET['s'])."' LIMIT 1"),0)==1)
{
$s=intval($_GET['s']);
$soo=mysql_fetch_assoc(mysql_query("SELECT * FROM `soo` WHERE `id` = '".mysql_real_escape_string($s)."' LIMIT 1"));
require 'inc/ban.php';
if($soo['konf_soo']==0 || isset($user) && (mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '".mysql_real_escape_string($soo[id])."' AND `id_user`='".mysql_real_escape_string($user[id])."' AND `invit`='0' AND `activate`='0' LIMIT 1"),0)==1 || $user['id']==$soo['admid'] || $user['level']>0))
{
if(isset($_GET['id']) && (mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_users` WHERE `id_user` = '".intval($_GET['id'])."' AND `id_soo`='".mysql_real_escape_string($soo[id])."' AND `activate`='0' AND `invit`='0' LIMIT 1"),0)==1 || htmlspecialchars($_GET['id'])==$soo['admid']) || isset($user) && !isset($_GET['id']) && (mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_users` WHERE `id_user` = '".mysql_real_escape_string($user[id])."' AND `id_soo`='".mysql_real_escape_string($soo[id])."' AND `activate`='0' AND `invit`='0' LIMIT 1"),0)==1 || $user['id']==$soo['admid']))
{
if(isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"),0)==1)
{
$id=intval($_GET['id']);
$ank=get_user($id);
}else{
$ank=get_user($user['id']);
}
$ank_soo = mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_users` WHERE `id_user`='".mysql_real_escape_string($ank[id])."' LIMIT 1"));
$set['title']=$soo['name'].' - '.$ank['nick']; // заголовок страницы
require '../sys/inc/thead.php';
title();
if(isset($_GET['del']) && $user['id']!=$ank['id'] && $user['id']==$soo['admid'])
{
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`) values ('0', '".mysql_real_escape_string($ank[id])."', '".mysql_real_escape_string(Вас выгнали из сообщества [url=/soo/$soo[id]]$soo[name][/url])."', '".mysql_real_escape_string($time)."')");
mysql_query("DELETE FROM `soo_chat` WHERE `id_user`='".mysql_real_escape_string($ank[id])."' AND `id_soo`='".mysql_real_escape_string($soo[id])."'");
mysql_query("DELETE FROM `soo_forum_thems` WHERE `id_user`='".mysql_real_escape_string($ank[id])."' AND `id_soo`='".mysql_real_escape_string($soo[id])."'");
mysql_query("DELETE FROM `soo_forum_mess` WHERE `id_user`='".mysql_real_escape_string($ank[id])."' AND `id_soo`='".mysql_real_escape_string($soo[id])."'");
mysql_query("DELETE FROM `soo_users` WHERE `id_user`='".mysql_real_escape_string($ank[id])."' AND `id_soo`='".mysql_real_escape_string($soo[id])."' LIMIT 1");
$q=mysql_query("SELECT * FROM `soo_obmen_files` WHERE `id_soo`='".mysql_real_escape_string($soo[id])."' AND `id_user`='".mysql_real_escape_string($ank[id])."'");
while ($del = mysql_fetch_assoc($q))
{
unlink(H.'sys/soo/obmen/files/'.htmlspecialchars($del['id']).'.dat');
mysql_query("DELETE FROM `soo_obmen_komm` WHERE `id_soo`='".mysql_real_escape_string($soo[id])."' AND `id_file`='".mysql_real_escape_string($del[id])."'");
}
mysql_query("DELETE FROM `soo_obmen_files` WHERE `id_user`='".mysql_real_escape_string($ank[id])."' AND `id_soo`='".mysql_real_escape_string($soo[id])."'");
mysql_query("DELETE FROM `soo_votes_otvet` WHERE `id_user`='".mysql_real_escape_string($ank[id])."' AND `id_soo`='".mysql_real_escape_string($soo[id])."' LIMIT 1");
mysql_query("UPDATE `soo` SET `users` = '".mysql_real_escape_string($soo['users']-1)."' WHERE `id` = '".mysql_real_escape_string($soo[id])."' LIMIT 1");
msg('Юзер успешно выгнан из соо');
}
echo'<span style="color:'.htmlspecialchars($ank['ncolor']).'">'.htmlspecialchars($ank['nick']).'</span><br/>';
avatar($ank['id']);
if($ank['id']!=$soo['admid'] && $ank_soo['ban']!=NULL && $ank_soo['ban']>$time)
{
echo'<b>Участник забанен до '.vremja($ank_soo['ban']).' за '.output_text($ank_soo['prich']).'</b><br/>';
}
echo'<div class="menu">';
if($ank['id']==$soo['admid'])
{
if($ank['pol']==0)echo'Создала сообщество: '.vremja($soo['time']).'<br/>'; else echo'Создал сообщество: '.vremja($soo['time']).'<br/>';
}
else
{
if($ank['pol']==0)echo'Вступила в сообщество: '.vremja($ank_soo['time']).'<br/>'; else echo'Вступил в сообщество: '.vremja($ank_soo['time']).'<br/>';
}
if($ank_soo['invit_us']!=NULL && $ank_soo['invit_us']!=0)
{
$ank_invit = get_user($ank_soo['invit_us']);
if($ank_invit['pol']==0)
{
echo'Пригласила: ';
}
else
{
echo'Пригласил: ';
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo`='".mysql_real_escape_string($soo[id])."' AND `id_user` = '".mysql_real_escape_string($ank_invit[id])."' LIMIT 1"),0)==1)echo'<a href="info.php?s='.htmlspecialchars($soo['id']).'&id='.htmlspecialchars($ank_invit['id']).'">'.htmlspecialchars($ank_invit['nick']).'</a><br/>'; else echo'<a href="/info.php?id='.htmlspecialchars($ank_invit['id']).'">'.htmlspecialchars($ank_invit['nick']).'</a><br/>';
}
echo'<a href="/info.php?id='.htmlspecialchars($ank['id']).'">Анкета сайта</a><br/>';
echo'Тем на форуме: '.mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forum_thems` WHERE `id_soo` = '".mysql_real_escape_string($soo[id])."' AND `id_user`='".mysql_real_escape_string($ank[id])."'"),0).'<br/>';
echo'Сообщений на форуме: '.mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forum_mess` WHERE `id_soo` = '".mysql_real_escape_string($soo[id])."' AND `id_user`='".mysql_real_escape_string($ank[id])."'"),0).'<br/>';
echo'Сообщений в мини-чате: '.mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_chat` WHERE `id_soo` = '".mysql_real_escape_string($soo[id])."' AND `id_user`='".mysql_real_escape_string($ank[id])."'"),0).'<br/>';
if(isset($user) && $ank['id']!=$user['id'] && $ank['id']!=$soo['admid'] && ($user['id']==$soo['admid'] || mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '".mysql_real_escape_string($soo[id])."' AND `id_user`='".mysql_real_escape_string($user[id])."' AND `mod`='1' LIMIT 1"),0)==1))
{
echo'<a href="banned.php?s='.htmlspecialchars($soo['id']).'&ban='.htmlspecialchars($ank['id']).'">Забанить</a><br/>';
if($user['id']==$soo['admid'])
{
echo'<a href="?s='.htmlspecialchars($soo['id']).'&id='.htmlspecialchars($ank['id']).'&del">Выгнать из соо</a><br/>';
echo'<a href="admin.php?s='.htmlspecialchars($soo['id']).'&bl&uz='.htmlspecialchars($ank['id']).'">Добавить в BlackList</a><br/>';
}
}
echo'</div>';
echo "<div class='navi'>n";
echo '<img src="img/back.png" alt="" class="icon"/> <a href="index.php?s='.htmlspecialchars($soo['id']).'">В сообщество</a><br/>';
echo "</div>n";
}else{
header("Location:index.php?s=$soo[id]");
}
}else{
echo'Вам недоступен просмотр анкеты участников данной группы';
}
}else{
header("Location:index.php");
}
require '../sys/inc/tfoot.php';
?>