Файл: titwar.ru/mod_panel.php
Строк: 325
<?
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if(!$user OR $user['access'] < 1) {
header('location: /');
exit;
}
switch($_GET['action']) {
default:
$title = 'Administration';
include './system/h.php';
?>
<div class='list'><li>
<a href='/mod_panel/clon/'><img src='/images/icon/arrow.png' alt='*'/> IP checker</a>
<a href='/mod_panel/ban/'><img src='/images/icon/arrow.png' alt='*'/> Bans</a>
<?
if($user['access'] < 2) {
?>
<a href='/mod_panel/acc/'><img src='/images/icon/arrow.png' alt='*'/> Players stats'</a>
<?
}
?>
</div>
<?
include './system/f.php';
break;
case 'clon':
$title = 'Checker';
include './system/h.php';
?>
<div class='line'></div>
<div class='content'>
<?
$id = _string(_num($_POST['id']));
if($id) {
$users = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'"');
$users = mysql_fetch_array($users);
if(!$users) {
header('location: /mod_panel/clon/');
exit;
}
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `users` WHERE `ip` = "'.$users['ip'].'" AND `id` != "'.$users['id'].'"'),0);
?>
IP: <?=$users['ip']?> [<?=$users['ua']?>]<br/>
</div>
<div class='line'></div>
<div class='content'>
<?
if($count > 0) {
$q = mysql_query('SELECT * FROM `users` WHERE `ua` = "'.$users['ua'].'" AND `id` != "'.$users['id'].'"');
while($row = mysql_fetch_array($q)) {
?>
<img src='/images/icon/race/<?=$row['r']?>.png' alt='*'/> <a href='/user/<?=$row['id']?>/'><?=$row['login']?></a><br/>
<?
}
}
else
{
?>
<font color='#999'>There are no clons!</font>
<?
}
}
else
{
?>
<form action='/mod_panel/clon/' method='post'>
Character's ID:<br/><input name='id'/><br/>
<input type='submit' value='Check'/>
</form>
<?
}
?>
</div>
<?
include './system/f.php';
break;
case 'ban':
$title = 'Bans';
include './system/h.php';
?>
<div class='line'></div>
<?
if($_GET['list'] == true) {
$max = 10;
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `ban` WHERE `time` > "'.time().'"'),0);
$pages = ceil($count/$max);
$page = _string(_num($_GET['page']));
if($page > $pages) {
$page = $pages;
}
if($page < 1) {
$page = 1;
}
$start = $page * $max - $max;
if($count > 0) {
$id = _string(_num($_GET['id']));
if($id) {
$ban = mysql_query('SELECT * FROM `ban` WHERE `id` = "'.$id.'"');
$ban = mysql_fetch_array($ban);
if(!$ban) {
header('location: /mod_panel/ban/list/?page='.$page);
exit;
}
?>
<div class='content'>
</div>
<div class='line'></div>
<?
if($_GET['delete'] == true) {
mysql_query('DELETE FROM `ban` WHERE `id` = "'.$id.'"');
header('location: /mod_panel/ban/list/?page='.$page);
}
}
?>
<div class='content'>
<?
$q = mysql_query('SELECT * FROM `ban` WHERE `time` > "'.time().'" ORDER BY `id` DESC LIMIT '.$start.', '.$max.'');
while($row = mysql_fetch_array($q)) {
$u = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$row['user'].'"');
$u = mysql_fetch_array($u);
?>
<span style='float: right;'><a href='/mod_panel/ban/list/?id=<?=$row['id']?>&delete=true&page=<?=$page?>'>Take out from ban</a></span><img src='/images/icon/race/<?=$u['r'].($u['online'] > time() - 300 ? '':'-off')?>.png' alt='*'/> <a href='/user/<?=$u['id']?>/'><?=$u['login']?></a>
<br/>
Duration: <?=_time($row['time'] - time())?>
<?
}
?>
<?=pages('/mod_panel/ban/list/?')?>
<?
}
else
{
}
?>
</div>
<?
}
else
{
$id = _string(_num($_POST['id']));
if($id) {
$users = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'"');
$users = mysql_fetch_array($users);
if(!$users OR $users['access'] >= $user['access']) {
header('location: /mod_panel/ban/');
exit;
}
$d = _string(_num($_POST['d']));
$h = _string(_num($_POST['h']));
if($h > 24) {
$h = 24;
}
$m = _string(_num($_POST['m']));
if($m > 60) {
$m = 60;
}
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `ban` WHERE `user` = "'.$users['id'].'"'),0);
if($count == 0) {
mysql_query('INSERT INTO `ban` (`user`,
`time`,
`ip`) VALUES ("'.$users['id'].'",
"'.(time() + ($d * 86400) + ($h * 3600) + ($m * 60)).'",
"'.$users['ip'].'")');
?>
<div class='content' align='center'>
<img src='/images/icon/ok.png' alt='*'/> <font color='#3c3'>Character was banned!</font></div>
<?
}
else
{
?>
<div class='content' align='center'>
<img src='/images/icon/error.png' alt='*'/> <font color='#c66'>Character already banned!</font><br/></div>
<?
}
?>
<div class='line'></div>
<?
}
?>
<div class='content'>
<form action='/mod_panel/ban/' method='post'>
Character's ID:<br/><input name='id'/><br/>
<br/>days <input name='d' size='20' value='1'/><br/>
<br/>hours <input name='h' size='20' value='0'/><br/>
<br/>minutes <input name='m' size='20' value='0'/><br/>
<input type='submit' value='Ban'/>
</form>
</div>
<div class='line'></div>
<div class='list'>
<li><a href='/mod_panel/ban/list/'><img src='/images/icon/arrow.png' alt='*'/> Banned: (<?=mysql_result(mysql_query('SELECT COUNT(*) FROM `ban` WHERE `time` > "'.time().'"'),0)?>)</a></li>
</div>
<?
}
include './system/f.php';
break;
case 'unitpay':
if($user['access'] < 2) {
header('location: /adm/');
exit;
}
$title = 'Replenishment';
include './system/h.php';
?>
<div class='line'></div>
<?
$max = 10;
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `unitpay_payments`'),0);
$pages = ceil($count/$max);
$page = _string(_num($_GET['page']));
if($page > $pages) {
$page = $pages;
}
if($page < 1) {
$page = 1;
}
$start = $page * $max - $max;
if($count > 0) {
?>
<div class='menu'>
<table width='100%' cellpadding='0' cellspacing='0'>
<tr>
<td width='30%'>Character's name<td>
<td width='30%'>Sum</td>
<td>Status</td>
</tr></table>
<?
$q = mysql_query('SELECT * FROM `unitpay_payments` ORDER BY `id` DESC LIMIT '.$start.', '.$max.'');
while($row = mysql_fetch_array($q)) {
$account = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$row['account'].'"');
$account = mysql_fetch_array($account);
?>
<table width='100%' cellpadding='0' cellspacing='0'>
<tr>
<td width='30%'><img src='/images/icon/race/<?=$account['r'].($account['online'] > time() - 300 ? '':'-off')?>.png' alt='*'/> <a href='/user/<?=$account['id']?>/'><?=$account['login']?></a></td>
<td width='30%'><?=number_format($row['sum'], 2, '.', '')?> run.</td>
<td><?=($row['status'] == 0 ? '<font color='#c06060'>Error</font>':'<font color='#3c3'>Success</font>')?></td>
</tr></table>
<?
}
?>
<?=pages('/adm.php?action=unitpay&')?>
</div>
<?
}
else
{
?>
<?
}
include './system/f.php';
break;
case 'deposit':
if($user['access'] < 2) {
header('location: /adm/');
exit;
}
$title = 'Distribution of currency';
include './system/h.php';
?>
<div class='line'></div>
<?
if($_POST['submit']) {
$id = _string(_num($_POST['id']));
$users = mysql_query('SELECT * FROM `users`');
$users = mysql_fetch_array($users);
if($users) {
$type = _string($_POST['type']);
$count= _string(_num($_POST['count']));
if(mysql_query('UPDATE `users` SET `'.$type.'` = `'.$type.'` + '.$count.'')) {
?>
<div class='content' align='center'>Completed!</div>
<div class='line'></div>
<?
}
else
{
}
}
else
{
}
}
?>
<div class='content'>
<form action='/adm/deposit/' method='post'>
Currency: <br/>
<select name='type'>
<option value='s'>Silver</option>
<option value='g'>Gold</option>
</select>
<br/><input name='count' size='20' value='10000'/><br/>
<input type='submit' name='submit' value='Готово'/>
</form>
</div>
<?
include './system/f.php';
break;
case 'trade':
if($user['access'] < 2) {
header('location: /adm/');
exit;
}
$title = 'Distribution of items';
include './system/h.php';
?>
<div class='line'></div>
<?
if($_POST['submit']) {
$id = _string(_num($_POST['id']));
$item = _string(_num($_POST['item']));
$users = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'"');
$users = mysql_fetch_array($users);
$item = mysql_query('SELECT * FROM `items` WHERE `id` = "'.$item.'"');
$item = mysql_fetch_array($item);
switch($item['quality']) {
case 0:
$bonus = 0;
$str =28;
$vit =28;
$agi =28;
$def =28;
break;
case 1:
$bonus = 5;
$str =31;
$vit =31;
$agi =31;
$def =31;
break;
case 2:
$bonus = 10;
$str =45;
$vit =45;
$agi =45;
$def =45;
break;
case 3:
$bonus = 10;
$str =52;
$vit =52;
$agi =52;
$def =52;
break;
case 4:
$bonus = 10;
$str =60;
$vit =60;
$agi =60;
$def =60;
break;
case 5:
$bonus = 10;
$str =120;
$vit =120;
$agi =120;
$def =120;
break;
case 6:
$bonus = 10;
$str =170;
$vit =170;
$agi =170;
$def =170;
break;
}
if($users && $item) {
$type = _string($_POST['type']);
$count= _string(_num($_POST['count']));
if(mysql_query('INSERT INTO `inv` (`user`,
`item`,
`bonus`,
`_str`,
`_vit`,
`_agi`,
`_def`) VALUES ("'.$users['id'].'",
"'.$item['id'].'",
"'.$bonus.'",
"'.$str.'",
"'.$vit.'",
"'.$agi.'",
"'.$def.'")')) {
?>
<div class='content' align='center'>Successfully!</div>
<div class='line'></div>
<?
}
else
{
}
}
else
{
}
}
?>
<div class='content'>
<form action='/adm/trade/' method='post'>
Character's ID:<br/><input name='id'/>
<select name='item'>
<?
$q = mysql_query('SELECT * FROM `items` ORDER BY `id`');
while($row = mysql_fetch_array($q)) {
switch($row['quality']) {
case 0:
$quality = 'П';
break;
case 1:
$quality = 'О';
break;
case 2:
$quality = 'Р';
break;
case 3:
$quality = 'Э';
break;
case 4:
$quality = 'Л';
break;
case 5:
$quality = 'Б';
break;
case 6:
$quality = 'С Б';
break;
}
?>
<option value='<?=$row['id']?>'><?=$row['id']?> / <?=$quality?> / <?=$row['name']?></option>
<?
}
?>
</select><br/>
<input type='submit' name='submit' value='Completed'/>
</form>
</div>
<?
include './system/f.php';
break;
case 'acc':
if($user['access'] < 1) {
header('location: /mod_panel/');
exit;
}
$title = 'Editor';
include './system/h.php';
if(isset($_GET['yes'])){
echo _string($_POST['login']);
mysql_query('UPDATE `users` SET `login` = ''._string($_POST['login']).'', `s` = '._string(_num($_POST['s'])).', `g` = '._string(_num($_POST['g'])).', `exp` = '._string(_num($_POST['exp'])).' WHERE `id` = '._string(_num($_GET['yes'])).' LIMIT 1');
header('location: /mod_panel/acc/');
exit;
}
if(isset($_POST['submit']) & !empty($_POST['id'])){
$acc = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `id` = '._string(_num($_POST['id'])).' LIMIT 1'));
?>
<div class="content">
<form action='/mod_panel/acc/yes/<?=_string(_num($_POST['id']))?>/' method='post'>
Username:
<br/>
<input type='text' name='login' value='<?=$acc['login']?>'/>
<br/>
Silver:
<br/>
<input name='s' value='<?=$acc['s']?>'/>
<br/>
Gold:
<br/>
<input name='g' value='<?=$acc['g']?>'/>
<br/>
Experience:
<br/>
<input name='exp' value='<?=$acc['exp']?>'/>
<br/>
<input type='submit' name='submit' value='Submit'/>
</form>
</div>
<?
}
else{
?>
<div class="content">
<form action='/mod_panel/acc/' method='post'>
Character's ID:
<br/>
<input name='id'/>
<br/>
<input type='submit' name='submit' value='Continue'/>
</form>
</div>
<?
}
include './system/f.php';
break;
}
?>