Файл: PROFIWM.COM/top/update.php
Строк: 180
<?
// by -=ШАХТЕР=- (waphp.ru - качай только тут)
require'../shaxty.php';
$align='left';
check_login();
$title='Управление топом';
include_once (H.'shaxty/head.php');
levels(9);
switch($mod){
case 'addrazd':
levels(8);
if (empty($act)){
echo '<form action="?act=act&mod='.$mod.'&'.SID.'" method="post">';
echo 'Раздел:<br/>';
echo '<input type="text" name="name" maxlength="50" title="Форум"/><br/>';
echo 'Положение:<br/>';
echo '<input type="text" name="pos" maxlength="50" title="Положение"/><br/>';
echo '<br /><input type="submit" class="ibutton" value="Добавить"/></form><br /><br />';
}else{
$name = check($_POST['name']);
if ($user['translit']==1)$name = translit($name);
$pos = check(intval($_POST['pos']));
if (strlen2($name)<3)$err = $err.'Короткое имя!<br />';
if (empty($pos)||strlen2($pos)<=0)$err = $err.'Положение указанно неверно!<br />';
if (empty($err)){
if (mysql_query ("INSERT INTO `razdels` (`name`,`pos`) VALUES ('$name','$pos')")){header ('Location: index.php'); exit;
}else echo 'Ошибка!<br />';
}else echo $err;
}
break;
case 'editrazd':
levels(8);
if (empty($act)){
if (isset($_GET['del'])){
$q = mysql_query("SELECT * FROM `forum_msg` where f_id = '".$id."';");
while($d = mysql_fetch_array($q)){
$fil = mysql_query("select * from `forum_file` where `m_id`='".$d['id']."' limit 5;");
if (mysql_affected_rows() != 0){
while($file = mysql_fetch_array($fil)){
if(unlink ('../files/forum/'.$file['file'])){
mysql_query("DELETE FROM `forum_file` where id = '".$file['id']."'");
}
}
}
}
mysql_query("DELETE FROM `forum_msg` where f_id = '".$id."'");
mysql_query("DELETE FROM `forum_r` where f_id = '".$id."'");
mysql_query("DELETE FROM `forum_t` where f_id = '".$id."'");
mysql_query("DELETE FROM `forum_f` where id = '".$id."'");
header ('Location: '.F.'index.php');
}
$for = mysql_fetch_array(mysql_query("select * from `forum_f` where id = '".$id."'" ));
echo '<form action="?act=act&mod='.$mod.'&'.SID.'" method="post">';
echo 'Форум:<br/>';
echo '<input type="text" name="name" value="'.$for[name].'" maxlength="50" title="Форум"/><br/>';
echo 'Положение:<br/>';
echo '<input type="text" name="pos" value="'.$for['pos'].'" maxlength="50" title="Положение"/><br/>';
if($level>=9){
echo 'Уровень >=:<br/>';
echo '<input type="text" name="lev" maxlength="50" value="'.$for['levels'].'" title="Уровень"/><br/>';
}
echo '<br /><input type="submit" class="ibutton" value="Изменить"/></form><br />';
echo '<br /><a href="?del">Удалить</a><br />';
}else{
$name = check($_POST['name']);
if ($user['translit']==1)$name = translit($name);
$pos = check(intval($_POST['pos']));
$lev = check(intval($_POST['lev']));
if (strlen2($name)<3)$err = 'Короткое имя форума!';
if (empty($pos)||strlen2($pos)<=0)$err = 'Положение указанно неверно!';
if (empty($err)){
if (mysql_query ("UPDATE `forum_f` SET `name` = '$name', `pos` = '$pos', `levels` = '$lev' where `id`='".$id."' LIMIT 1")){header ('Location: '.F.'index.php'); exit;
}else echo 'Ошибка!<br />';
}else echo $err;
}
break;
//////// Разделы //////////////////////////////////////////////////////////
case 'addr':
levels(8);
if (empty($act)){
if ($ver!='wml')echo '<form action="?act=act&mod='.$mod.'&'.SID.'" method="post">';
echo 'Раздел:<br/>';
echo '<input type="text" name="name" maxlength="50" title="Форум"/><br/>';
echo 'Положение:<br/>';
echo '<input type="text" name="pos" maxlength="50" title="Положение"/><br/>';
if ($ver=='wml'){
echo '<br /><anchor title="go">Добавить<go href="?act=add&'.SID.'" method="post">';
echo '<postfield name="name" value="$name"/>
<postfield name="pos" value="$pos"/>
</go></anchor><br />';
}else{
echo '<br /><input type="submit" class="ibutton" value="Добавить"/></form><br /><br />';
}
}else{
$name = check($_POST['name']);
if ($user['translit']==1)$name = translit($name);
$pos = check(intval($_POST['pos']));
if (strlen2($name)<3)$err = 'Короткое имя раздела!';
if (empty($pos)||strlen2($pos)<=0)$err = 'Положение указанно неверно!';
if (empty($err)){
if (mysql_query ("INSERT INTO forum_r (f_id,name,pos) VALUES ('$id','$name','$pos')")){header ('Location: '.F.'razdel/'.$id.'?'.SID); exit;
}else echo 'Ошибка!<br />';
}else echo $err;
}
break;
case 'editr':
levels(8);
$for = @mysql_fetch_array(mysql_query("select * from `forum_r` where id = '".$id."'" ));
if (empty($act)){
if (isset($_GET['del'])){
$q = @mysql_query("SELECT * FROM `forum_msg` where r_id = '".$id."';");
while($d = mysql_fetch_array($q)){
$fil = mysql_query("select * from `forum_file` where `m_id`='".$d['id']."' limit 5;");
if (mysql_affected_rows() != 0){
while($file = mysql_fetch_array($fil)){
if(unlink ('../files/forum/'.$file['file'])){
mysql_query("DELETE FROM `forum_file` where id = '".$file['id']."'");
}
}
}
}
mysql_query("DELETE FROM `forum_msg` where r_id = '".$id."'");
mysql_query("DELETE FROM `forum_t` where r_id = '".$id."'");
mysql_query("DELETE FROM `forum_r` where id = '".$id."'");
header ('Location: '.F.'razdel/'.$for['f_id'].'?'.SID); exit;
}
if ($ver!='wml')echo '<form action="?act=act&mod='.$mod.'&'.SID.'" method="post">';
echo 'Раздел:<br/>';
echo '<input type="text" name="name" value="'.$for[name].'" maxlength="50" title="Форум"/><br/>';
echo 'Положение:<br/>';
echo '<input type="text" name="pos" value="'.$for['pos'].'" maxlength="50" title="Положение"/><br/>';
if ($ver=='wml'){
echo '<br /><anchor title="go">Изменить<go href="?act=add&'.SID.'" method="post">';
echo '<postfield name="name" value="$name"/>
<postfield name="pos" value="$pos"/>
</go></anchor><br />';
}else{
echo '<br /><input type="submit" class="ibutton" value="Изменить"/></form><br />';
}
echo '<br /><a href="?del">Удалить</a><br />';
}else{
$name = check($_POST['name']);
if ($user['translit']==1)$name = translit($name);
$pos = check(intval($_POST['pos']));
if (strlen2($name)<3)$err = 'Короткое имя раздела!';
if (empty($pos)||strlen2($pos)<=0)$err = 'Положение указанно неверно!';
if (empty($err)){
if (mysql_query ("UPDATE `forum_r` SET `name` = '$name', `pos` = '$pos' where `id`='".$id."' LIMIT 1")){header ('Location: '.F.'razdel/'.$id.'?'.SID); exit;
}else echo 'Ошибка!<br />';
}else echo $err;
}
break;
// Редактируем тему
case 'editt':
levels(6);
$tem = @mysql_fetch_array(mysql_query("select * from `forum_t` where id = '".$id."'" ));
if (empty($act)){
if ($tem['close']==0 && $user['level']<5)echo ' | <a href="?close">Закрыть</a>';
if ($tem['close'] == 1)echo '<a href="?open">Открыть</a>|';
else echo '<a href="?close">Закрыть</a>|';
if ($tem['zak'] == 0)echo '<a href="?fix">Закрепить</a>';
else echo '<a href="?unfix">Открепить</a>';
echo '|<a href="?delet">Удалить</a><br/>';
// Закрываем тему
if (isset($_GET['close'])){
mysql_query("UPDATE `forum_t` SET `close` = '1' WHERE `id` = '".$id."'");
header ('Location: '.F.'temes/'.$tem[r_id].'?'.SID); exit;
}
// Открываем тему
if (isset($_GET['open'])){
mysql_query("UPDATE `forum_t` SET `close` = '0' WHERE `id` = '".$id."'");
header ('Location: '.F.'temes/'.$tem[r_id].'?'.SID); exit;
}
// Закрепляем тему
if (isset($_GET['fix'])){
mysql_query("UPDATE `forum_t` SET `zak` = '1' WHERE `id` = '".$id."'");
header ('Location: '.F.'temes/'.$tem[r_id].'?'.SID); exit;
}
// Открепляем тему
if (isset($_GET['unfix'])){
mysql_query("UPDATE `forum_t` SET `zak` = '0' WHERE `id` = '".$id."'");
header ('Location: '.F.'temes/'.$tem[r_id].'?'.SID); exit;
}
// Удаляем тему
if (isset($_GET['delet'])){
$q = @mysql_query("SELECT * FROM `forum_msg` where t_id = '".$id."';");
while($d = mysql_fetch_array($q)){
$fil = mysql_query("select * from `forum_file` where `m_id`='".$d['id']."' limit 5;");
if (mysql_affected_rows() != 0){
while($file = mysql_fetch_array($fil)){
if(unlink ('../files/forum/'.$file['file'])){
mysql_query("DELETE FROM `forum_file` where id = '".$file['id']."'");
}
}
}
}
mysql_query("DELETE FROM `forum_msg` where t_id = '".$id."'");
mysql_query("DELETE FROM `forum_t` where id = '".$id."'");
header ('Location: '.F.'temes/'.$tem[r_id].'?'.SID); exit;
}
echo '<dl><dt></dt></dl>';
if ($ver!='wml')echo '<form action="?act=name&'.SID.'" method="post">';
echo 'Тема:<br/>';
echo '<input type="text" name="name" value="'.$tem[name].'" maxlength="50" title="Форум"/><br/>';
if ($ver=='wml'){
echo '<br /><anchor title="go">Изменить<go href="?act=name&'.SID.'" method="post">';
echo '<postfield name="name" value="$name"/></go></anchor><br />';
}else{
echo '<br /><input type="submit" class="ibutton" value="Изменить"/></form><dt></dt>';
}
if ($ver!='wml')echo '<form action="?act=razd&'.SID.'" method="post">';
echo 'Переместить в:<br/>';
echo "<select name="razdel">";
$q = mysql_query("SELECT * FROM `forum_r` ORDER BY `id` ASC");
while ($r = mysql_fetch_array($q))
{
$f = mysql_fetch_array(mysql_query("SELECT * FROM `forum_f` where id='".$r['f_id']."'"));
echo "<option value="$r[id]">$f[name]/$r[name]</option>";
}
echo "</select><br/>";
if ($ver=='wml'){
echo '<br /><anchor title="go">Изменить<go href="?act=razd&'.SID.'" method="post">';
echo '<postfield name="razdel" value="$razdel"/></go></anchor><br />';
}else{
echo '<br /><input type="submit" class="ibutton" value="Переместить"/></form><br />';
}
}else if($act=='name'){
$name = check($_POST['name']);
if ($user['translit']==1)$name = translit($name);
if (strlen2($name)<3)$err = 'Короткое имя!';
if (empty($err)){
if (mysql_query ("UPDATE `forum_t` SET `name` = '$name' where `id`='".$id."' LIMIT 1")){header ('Location: '.F.'temes/'.$tem[r_id].'?'.SID); exit;
}else echo 'Ошибка!<br />';
}else echo $err;
}else if($act=='razd'){
$razdel = check(intval($_POST['razdel']));
$r = mysql_fetch_array(mysql_query("SELECT * FROM `forum_r` where id='".$razdel."'"));
$f = mysql_fetch_array(mysql_query("SELECT * FROM `forum_f` where id='".$r['f_id']."'"));
$t = mysql_fetch_array(mysql_query("SELECT * FROM `forum_t` where id='".$id."'"));
if (mysql_query ("UPDATE `forum_t` SET `r_id` = '$razdel', `f_id` = '$f[id]', `name` = '".$t['name']."(Перенесено)' where `id`='".$id."' LIMIT 1")){
mysql_query ("UPDATE `forum_msg` SET `r_id` = '$razdel', `f_id` = '$f[id]' where `t_id`='".$id."'");
mysql_query ("UPDATE `forum_file` SET `r_id` = '$razdel', `f_id` = '$f[id]' where `t_id`='".$id."'");
header ('Location: '.F.'temes/'.$razdel.'?'.SID); exit;
}else echo 'Ошибка!<br />';
}
break;
}
echo "<br />$div1<a href="".F."index.php">Форум</a>$div9";
include_once (H.'shaxty/foot.php');
?>