Файл: banda_admin.php
Строк: 354
<?php
include 'inc/mysql.php';
include 'inc/check.php';
include ("inc/gzip.php");
if(isset($_SESSION['auth']) && $_SESSION['auth']==1){
include 'inc/shapka.php';
switch($_GET[mod]){
default:
$req = mysql_query("SELECT * FROM `banda` WHERE `nick` = '$account[id]'");
////////////////////////////
$lider=mysql_num_rows($req);
if($lider==0){
header("Location: banda_home.php");
exit;
}
$req = mysql_query("SELECT * FROM `banda` where `nick`='$account[id]'");
$avto=mysql_num_rows($req);
if($avto==1){
$clan = mysql_fetch_array($req);
$kolic = mysql_query("SELECT COUNT(`id`) FROM `banda_invite`WHERE `banda`='$account[banda]'");
$kols = mysql_result($kolic, 0);
echo'<div class="ssl">';
echo"<a href="banda_admin.php?mod=zayavka">  <img src="pic/main/banda1.png"> Заявки на вступление ($kols)</a></div>";
echo'<div class="ssl">';
echo"<a href="banda_admin.php?mod=rassulka">  <img src="pic/main/banda1.png"> Общая рассылка</a></div>";
echo'<div class="ssl">';
echo"<a href="banda_admin.php?mod=deleted&ask">  <img src="pic/main/banda1.png"> <b>Распустить банду</b></a></div>";
}
break;
case 'zayavka':
$req = mysql_query("SELECT * FROM `banda` WHERE `nick` = '$account[id]'");
////////////////////////////
$lider=mysql_num_rows($req);
if($lider==0){
echo"<img src="pic/main/!.png"> Попытка взлома лидера банды!";
header("Location: banda_home.php");
exit;
}
if (isset($_GET['yes'])){
$_GET['yes']=intval($_GET['yes']);
if ($_GET['yes']!=$account['id']){
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `banda_invite` WHERE `usr`='".$_GET['yes']."' AND `banda`='".$account['id']."'"),0)){
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `account` WHERE `id`='".$_GET['yes']."'"),0)){
$req = mysql_query("SELECT * FROM `banda` where `nick`='$account[id]'");
$avto=mysql_num_rows($req);
if($avto==1){
$clanss = mysql_fetch_array($req);
$req = mysql_query("SELECT `id` FROM `account` where `banda`='$account[banda]'");
////////////////////////////
$kk=mysql_num_rows($req);
if($kk==$clanss[sostav]){
echo"<img src="pic/main/!.png"> В банде нет свободных мест для вступлений.";
include 'inc/nogi.php';
exit;
}
}
mysql_query("UPDATE `account` SET `banda`='$account[banda]' WHERE `id` = '".mysql_real_escape_string($_GET['yes'])."'");
$req = mysql_query("SELECT `login`,`id` FROM `account` WHERE `id` = '".mysql_real_escape_string($_GET['yes'])."'");
$pic = mysql_fetch_array($req);
$dater= date("H:i d.m.y");
$n2='Персонаж <a href="infa.php?id='.$pic[id].'">'.$pic[login].'</a> вступил в банду!';
mysql_query("INSERT INTO `banda_hystory` SET `banda`='$account[banda]',`msg`='$n2', `time` = '$dater' ");
mysql_query("DELETE FROM `banda_invite` WHERE `banda`='".$account['id']."' AND `usr`='".mysql_real_escape_string($_GET['yes'])."'");
echo '<img src="/pic/main/!.png" alt="*"/> Заявка принята.<hr>';
}
}
}
}
if (isset($_GET['del'])){
$_GET['del']=intval($_GET['del']);
if ($_GET['del']!=$account['id']){
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `banda_invite` WHERE `usr`='".$_GET['del']."' AND `banda`='".$account['id']."'"),0)){
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `account` WHERE `id`='".$_GET['del']."'"),0)){
mysql_query("DELETE FROM `banda_invite` WHERE `banda`='".$account['id']."' AND `usr`='".mysql_real_escape_string($_GET['del'])."'");
echo '<img src="/pic/main/!.png" alt="*"/> Заявка отклонена.<hr>';
}
}
}
}
$ca=mysql_result(mysql_query("SELECT COUNT(*) FROM `banda_invite` WHERE `banda`='".$account['id']."'"),0);
$page=intval($_GET['page']);
$cop=3;
$cp=ceil($ca/$cop);
if ($page<=0){
$page=1;
}elseif($page>$cp){
$page=$cp;
}
$start=($page*$cop)-$cop;
$q=mysql_query("SELECT * FROM `banda_invite` WHERE `banda`='".$account['id']."'");
if($ca==0){
echo '<img src="/pic/main/!.png" alt="*"/> Нет заявок!';
include 'inc/nogi.php';
exit;
}
while($user=mysql_fetch_array($q)){
$result = mysql_fetch_assoc(mysql_query("SELECT * FROM `account` WHERE `id`='".$user['usr']."'"));
if($result['status']=="gm"){
$nik = gradient(''.$result[login].'','00FF00', '00CC00');
echo '<us><img src="pic/main/'.$result[sex].'.png" alt="*"/><a href="infa.php?id='.$result['id'].'"> '.$nik.'</us></a> '.$result['lvl'].' ур. ';
}else{
if($result['status']=="moder"){
$nik = gradient(''.$result[login].'','0066CC', 'AB82FF');
echo '<us><img src="pic/main/'.$result[sex].'.png" alt="*"/><a href="infa.php?id='.$result['id'].'"> '.$nik.'</us></a> '.$result['lvl'].' ур. ';
}else{
if($result['status']=="bot"){
$nik = gradient(''.$result[login].'','FFCC00', 'FF9933');
echo '<us><img src="pic/main/'.$result[sex].'.png" alt="*"/><a href="infa.php?id='.$result['id'].'"> '.$nik.'</us></a> '.$result['lvl'].' ур. ';
}else{
echo '<img src="pic/main/'.$result[sex].'.png" alt="*"/> <a href="infa.php?id='.$result['id'].'">'.htmlspecialchars(stripslashes($result['login'])).'</a> '.$result['lvl'].' ур. ';
}}}
echo '(<a href="banda_admin.php?mod=zayavka&yes='.$result['id'].'">Принять</a>) (<a href="banda_admin.php?mod=zayavka&del='.$result['id'].'">Отклонить</a>)<br>';
}
echo '<hr>
<center>
Навигация:
';
if($page-1>0){
echo '<a href="banda_home.php?mod=zayavka&page='.($page-1).'"><</a> ';
}
if($page-1>0){
echo '<a href="banda_home.php?mod=zayavka&page='.($page-1).'">'.($page-1).'</a> ';
}
echo '<b>'.$page.'</b>';
if($page+1<=$cp){
echo ' <a href="banda_home.php?mod=zayavka&page='.($page+1).'">'.($page+1).'</a>';
}
if($page+1<=$cp){
echo ' <a href="banda_home.php?mod=zayavka&page='.($page+1).'">></a>';
}
echo '</center>';
break;
case 'deleted':
$req = mysql_query("SELECT * FROM `banda` WHERE `nick` = '$account[id]'");
////////////////////////////
$lider=mysql_num_rows($req);
if($lider==0){
echo"<img src="pic/main/!.png"> Попытка взлома лидера банды!";
header("Location: banda_home.php");
exit;
}
$req = mysql_query("SELECT * FROM `banda` WHERE `nick` = '$account[id]'");
////////////////////////////
$lider=mysql_num_rows($req);
if($lider==1){
if(isset($_GET['ask'])){
echo'Вы действительно хотите распустить банду?<br/>';
echo"<img src="pic/main/oke.png"> <a href="banda_admin.php?mod=deleted"><b>ДА!</b></a><br/>";
echo"<img src="pic/main/nou.png"> <a href="banda_admin.php?">Нет, назад</a><br/>";
}else{
$req = mysql_query("SELECT `id` FROM `account` WHERE `banda` = '$account[id]' LIMIT 1");
// //////////////////////////
$avto = mysql_num_rows($req);
if ($avto == 1) {
while($claner = mysql_fetch_array($req)){
mysql_query("UPDATE `account` SET `banda` = '0',`banda_den` = '0',`exp_banda` = '0',`repa_minus` = '0',`repa_plus` = '0',`money_banda` = '0',`zoloto_banda` = '0',`fermany_banda` = '0',`bespredel1_1` = '50000',`bespredel2_2` = '80000',`bespredel3_3` = '100000',`bespredel1`='0',`bespredel2`='0',`bespredel3`='0' WHERE `banda` = '$account[banda]'");
mysql_query("UPDATE `account` SET `banda` = '0',`banda_den` = '0',`exp_banda` = '0',`repa_minus` = '0',`repa_plus` = '0',`money_banda` = '0',`zoloto_banda` = '0',`fermany_banda` = '0',`bespredel1_1` = '50000',`bespredel2_2` = '80000',`bespredel3_3` = '100000',`bespredel1`='0',`bespredel2`='0',`bespredel3`='0' WHERE `id` = '$claner[id]'");
}
}
mysql_query("DELETE FROM `banda` WHERE `nick` = '$account[id]'");
mysql_query("DELETE FROM `banda_chat` WHERE `banda` = '$account[id]'");
mysql_query("DELETE FROM `banda_invite` WHERE `banda` = '$account[id]'");
mysql_query("DELETE FROM `banda_log` WHERE `banda` = '$account[id]'");
mysql_query("DELETE FROM `banda_hystory` WHERE `banda` = '$account[id]'");
echo"<img src="pic/main/!.png"> Банда успешно распущена.";
}
}else{
echo"<img src="pic/main/!.png"> Доступ закрыт!";
}
break;
case 'rassulka':
$req = mysql_query("SELECT * FROM `banda` WHERE `nick` = '$account[id]'");
////////////////////////////
$lider=mysql_num_rows($req);
if($lider==0){
echo'<img src="pic/main/!.png"> Попытка взлома лидера банды!';
header("Location: banda_home.php");
exit;
}
if(empty($_POST['text'])){
echo "Введите текст рассылки:<br/>";
echo '<form name="form" action="banda_admin.php?mod=rassulka" method="post">'.bbpanel('form', 'text').'<textarea name="text" cols="30" rows="3"></textarea>';
echo "<br><input type="submit" value="Отправить" class="ibutton"></form>";
}else{
$text=htmlspecialchars($_POST[text]);
$req = mysql_query("SELECT `id` FROM `account` where `banda`='$account[banda]'");
////////////////////////////
$avto=mysql_num_rows($req);
if($avto>1){
While($clan = mysql_fetch_array($req))
{
$dater = time();
mysql_query("INSERT INTO `mail` SET `user` = '2', `to` = '$clan[id]', `time` = '$dater', `read` = '0', `msg` = '$text'");
}
echo'<img src='pic/main/!.png'> Рассылка успешно отправлена!';
}else{
echo'<img src='pic/main/!.png'> Нет игроков в вашей банде!';
}
}
break;
case 'infa':
$req = mysql_query("SELECT * FROM `banda` WHERE `nick` = '$account[id]'");
////////////////////////////
$lider=mysql_num_rows($req);
if($lider==0){
echo'Попытка взлома лидера банды!';
header("Location: banda_home.php");
exit;
}
if(empty($_POST[text])){
echo"Текст информации о банде:<br/>";
echo"<small><font color='#999999'>* Текст информации может содержать до 1000-ти рус. или латин. символов.</font></small><br/>";
echo '<form name="form" action="banda_admin.php?mod=infa" method="post">'.bbpanel('form', 'text').'<textarea name="text" cols="30" rows="3"></textarea>';
echo '<br><input class="button" type="submit" value="Написать" /></form>';
}else{
$text=htmlspecialchars($_POST[text]);
mysql_query("UPDATE `banda` SET `desk` = '$text' WHERE `nick` = '$account[id]'");
header ("Location: banda_home.php?");
}
break;
case 'del_text':
$req = mysql_query("SELECT * FROM `banda` WHERE `nick` = '$account[id]'");
////////////////////////////
$lider=mysql_num_rows($req);
if($lider==0){
echo'Попытка взлома лидера банды!';
header("Location: banda_home.php");
exit;
}
mysql_query("UPDATE `banda` SET `desk` = '' WHERE `nick` = '$account[id]'");
header("Location: banda_home.php");
break;
case 'delpers':
$req = mysql_query("SELECT * FROM `banda` WHERE `nick` = '$account[id]'");
////////////////////////////
$lider=mysql_num_rows($req);
if($lider==0){
echo"<img src="pic/main/!.png"> Попытка взлома лидера банды!";
header("Location: banda_home.php");
exit;
}
if(empty($_GET[usr])){
echo"<img src="pic/main/!.png"> Не выбран игрок!";
header("Location: banda_home.php");
exit;
}
if($_GET[usr]==$account[id]){
header("Location: banda_home.php");
exit;
}
$req = mysql_query("SELECT `login`,`id` FROM `account` WHERE `id` = '".mysql_real_escape_string($_GET['usr'])."' LIMIT 1");
// //////////////////////////
$avto = mysql_num_rows($req);
if ($avto == 1) {
$claner = mysql_fetch_array($req);
mysql_query("UPDATE `account` SET `banda` = '0',`banda_den` = '0',`exp_banda` = '0',`repa_plus` = '0',`repa_minus` = '0',`money_banda` = '0',`zoloto_banda` = '0',`fermany_banda` = '0',`bespredel1_1` = '50000',`bespredel2_2` = '80000',`bespredel3_3` = '100000',`bespredel1`='0',`bespredel2`='0',`bespredel3`='0' WHERE `id` = '".mysql_real_escape_string($_GET['usr'])."'");
$text = "Лидер банды $account[login] исключил вас из банды!";
$dater = time();
mysql_query("INSERT INTO `mail` SET `user` = '2', `to` = '".mysql_real_escape_string($_GET['usr'])."', `time` = '$dater', `read` = '0', `msg` = '$text'");
}else{
echo"<img src="pic/main/!.png"> Нет такого игрока в вашей банде!";
header("Location: banda_home.php");
exit;
}
$dater = date("H:i d.m.y");
$n2='Лидер банды <a href="infa.php?id='.$account[id].'">'.$account[login].'</a> выгнал <a href="infa.php?id='.$claner[id].'">'.$claner[login].'</a> из банды!';
mysql_query("INSERT INTO `banda_hystory` SET `banda` = '$account[banda]', `msg` = '$n2', `time` = '$dater'");
header("Location: banda_home.php");
}
}else{
header ("Location: index.php"); exit;
}
include 'inc/nogi.php';
?>