Файл: Rpanel/msg.php
Строк: 119
<?
define('PROTECTOR', 1);
$path='../';
$headmod = 'adm_panel';//фикс. места
$textl='Админ-панель';
include($path.'files/db.php');
include($path.'files/auth.php');
include($path.'files/func.php');
include($path.'files/core.php');
include($path.'files/head.php');
include($path.'files/zag.php');
$_GET[id]=intval($_GET['id']);
$_POST[city] = addslashes(htmlspecialchars($_POST['city']));
$_POST[x] = addslashes(htmlspecialchars($_POST['x']));
$_POST[y] = addslashes(htmlspecialchars($_POST['y']));
$_POST[title] = addslashes(htmlspecialchars($_POST['title']));
$_POST[text] = addslashes(htmlspecialchars($_POST['text']));
$_POST[nick] = addslashes(htmlspecialchars($_POST['nick']));
if($udata[prava]<5){
echo'Доступ закрыт!';
include($path.'files/down.php');
exit;
}
if($udata[usr]!='Admin'){
echo'Доступ закрыт!';
include($path.'files/down.php');
exit;
}
switch($_GET[mod]){
default:
echo"<a href="msg.php?mod=1">MSG v1.0 by RGame</a><br/>";
break;
case '1':
if($udata[prava]<5){
echo'Доступ закрыт!';
include($path.'files/down.php');
exit;
}
$nick=$_POST[nick];
$nick = htmlspecialchars(stripslashes($nick));
echo "<form action="msg.php?mod=go" method="post">Введите ник:<br/>";
echo "<input name="nick" maxlength="10" title="nick" emptyok="true"/><br/>";
echo "<input type="submit" value="Найти" /></form>";
break;
case 'go':
if($_POST[nick]==''){$_POST[nick]=$_GET[nick];}
$_POST[nick] = htmlspecialchars("$_POST[nick]");
$find = mysql_num_rows(mysql_query("SELECT usr FROM users WHERE usr LIKE '%".mysql_escape_string($_POST[nick])."%'"));
if($find==0){
echo "not<br/><a href="msg.php?">Назад</a><br/>";
include($path.'files/down.php');
exit;
}
echo "<br/>Найдено игроков: <i>$find</i><br/>";
$page = (isset($_GET['page'])) ? $_GET['page'] : NULL;
$page=intval($page);
if ($page == "" || $page < 0 || $page == "0")
{
$page = 0;
}
$next = $page + 1;
$back = $page - 1;
$num = $page * 10;
if($page == "0")
{$i = 1;}
else{$i = ($page*10)+1;}
$viso = mysql_num_rows(mysql_query("SELECT usr FROM users WHERE usr LIKE '%".mysql_escape_string($_POST[nick])."%'"));
$puslap = floor($viso/10);
$useras = mysql_query("SELECT usr,id FROM users WHERE usr LIKE '%".mysql_escape_string($_POST[nick])."%' ORDER BY lvl DESC LIMIT $num,10");
while ($users = mysql_fetch_array($useras))
{
$users11 = strip_tags($users['id']);
$users = strip_tags($users['usr']);
$req1 = mysql_query("SELECT * FROM `users` WHERE `usr` = '$users'");
$users1 = mysql_fetch_array($req1);
$storona = strip_tags($users1['storona']);
$lvl = strip_tags($users1['lvl']);
if($storona=="white"){echo" <img src='/pic/main/white.png' alt='*'/>";}
if($storona=="black"){echo"<img src='/pic/main/black.png' alt='*'/>";}
echo "<a href='user.php?id=$users11&mod=2'>$users</a> $lvl ур.";
if($udata[usr]=='MAGISTER'){
echo"
| <a href='user.php?id=$users11&mod=666'>[уд]</a> <br/>
<a href='msg.php?nick=$users&mod=ishod'>[исход]</a> | <a href='msg.php?nick=$users&mod=vhod'>[вход]</a> <br/><br/>
";
}}
if ($_POST[nick] == "") {
echo "<b>Вы не ввели имя в поле!</b><br/>";
}
$skok= mysql_num_rows(mysql_query("SELECT usr FROM users WHERE usr LIKE '%".mysql_escape_string($_POST[nick])."%'"));
$koll=$skok/10;
$koll= ceil ($koll);
$koll2=$koll-1;
$page = (isset($_GET['page'])) ? $_GET['page'] : NULL;
$page=intval($page);
if($viso>10){
if ($page > 0)
{$page1=$page;
echo "<a href="msg.php?mod=go&page=0&nick=$_POST[nick]">«</a> <a href="msg.php?mod=go&page=$back&nick=$_POST[nick]">$page1</a> ";}
elseif ($page == 0)
{echo "« 1";}
if ($page>0)
{$page3=$page+1; echo " $page3 ";}
if($page < $puslap || $page == "" || $page == 0){
$page2=$page+2;
echo " <a href="msg.php?mod=go&page=$next&nick=$_POST[nick]">$page2</a> ";
echo"<a href="msg.php?mod=go&page=$koll2&nick=$_POST[nick]">»</a>";
}else{
$page2=$page+2;
echo "$page2 »";}
echo " ($koll)";
}
echo "<br/><a href="msg.php?">Назад</a><br/>";
break;
case 'ishod':
$page = (isset($_GET['page'])) ? $_GET['page'] : NULL;
$page=intval($page);
if ($page == "" || $page < 0 || $page == "0")
{
$page = 0;
}
$next = $page + 1;
$back = $page - 1;
$num = $page * 10;
if($page == "0")
{$i = 1;}
else{$i = ($page*10)+1;}
$viso = mysql_num_rows(mysql_query("SELECT * FROM msg_r WHERE user_from='$_GET[nick]'"));
$puslap = floor($viso/10);
$useras = mysql_query("SELECT * FROM msg_r WHERE user_from='$_GET[nick]' ORDER BY id DESC LIMIT $num,10");
while ($users = mysql_fetch_array($useras))
{
echo "Кому:<i> $users[user_to]</i> <br/> $users[mail_msg] <br/> <br/> ";
}
$skok= mysql_num_rows(mysql_query("SELECT * FROM msg_r WHERE user_from='$_GET[nick]'"));
$koll=$skok/10;
$koll= ceil ($koll);
$koll2=$koll-1;
$page = (isset($_GET['page'])) ? $_GET['page'] : NULL;
$page=intval($page);
if($viso>10){
if ($page > 0)
{$page1=$page;
echo "<a href="msg.php?mod=ishod&page=0&nick=$_GET[nick]">«</a> <a href="msg.php?mod=ishod&page=$back&nick=$_GET[nick]">$page1</a> ";}
elseif ($page == 0)
{echo "« 1";}
if ($page>0)
{$page3=$page+1; echo " $page3 ";}
if($page < $puslap || $page == "" || $page == 0){
$page2=$page+2;
echo " <a href="msg.php?mod=ishod&page=$next&nick=$_GET[nick]">$page2</a> ";
echo"<a href="msg.php?mod=ishod&page=$koll2&nick=$_GET[nick]">»</a>";
}else{
$page2=$page+2;
echo "$page2 »";}
echo " ($koll)";
}
break;
case 'vhod':
$page = (isset($_GET['page'])) ? $_GET['page'] : NULL;
$page=intval($page);
if ($page == "" || $page < 0 || $page == "0")
{
$page = 0;
}
$next = $page + 1;
$back = $page - 1;
$num = $page * 10;
if($page == "0")
{$i = 1;}
else{$i = ($page*10)+1;}
$viso = mysql_num_rows(mysql_query("SELECT * FROM msg_r WHERE user_to='$_GET[nick]'"));
$puslap = floor($viso/10);
$useras = mysql_query("SELECT * FROM msg_r WHERE user_to='$_GET[nick]' ORDER BY id DESC LIMIT $num,10");
while ($users = mysql_fetch_array($useras))
{
echo "Кто:<i> $users[user_from]</i> <br/> $users[mail_msg] <br/> <br/> ";
}
$skok= mysql_num_rows(mysql_query("SELECT * FROM msg_r WHERE user_to='$_GET[nick]'"));
$koll=$skok/10;
$koll= ceil ($koll);
$koll2=$koll-1;
$page = (isset($_GET['page'])) ? $_GET['page'] : NULL;
$page=intval($page);
if($viso>10){
if ($page > 0)
{$page1=$page;
echo "<a href="msg.php?mod=vhod&page=0&nick=$_GET[nick]">«</a> <a href="msg.php?mod=vhod&page=$back&nick=$_GET[nick]">$page1</a> ";}
elseif ($page == 0)
{echo "« 1";}
if ($page>0)
{$page3=$page+1; echo " $page3 ";}
if($page < $puslap || $page == "" || $page == 0){
$page2=$page+2;
echo " <a href="msg.php?mod=vhod&page=$next&nick=$_GET[nick]">$page2</a> ";
echo"<a href="msg.php?mod=vhod&page=$koll2&nick=$_GET[nick]">»</a>";
}else{
$page2=$page+2;
echo "$page2 »";}
echo " ($koll)";
}
break;
}
echo"<br/><a href="index.php?">Админ панель</a>";
include($path.'files/down.php');
?>