Файл: xmoder.php
Строк: 334
<?php
ini_set('display_errors', 'off');
header ("Content-type: text/html; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
print "<?xml version="1.0" encoding="utf-8"?>";
print "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8">";
include "./ini.php";
mysql_query ("select * from bannedib WHERE `ci`='$ci' AND (`ip` = '".getenv(REMOTE_ADDR)."')and(`browser` = '".getenv(HTTP_USER_AGENT)."')");
if(mysql_affected_rows()!=0){include "b.php";}
$login = autorize();
if($login['fsize'] == "medium") { $fsize1 = ""; $fsize2 = ""; }
elseif($login['fsize'] == "small") { $fsize1 = "<small>"; $fsize2 = "</small>"; }
elseif($login['fsize'] == "big") { $fsize1 = "<big>"; $fsize2 = "</big>"; }
print "<title>".$lang['modering']."</title><link rel="StyleSheet" type="text/css" href="style/0".$s.".css"></head><body><div class="smain">";
if($login&&$login['moder']) {
print "<div style="text-align: center"><div class="contur_rek"><div class="header_rek">".$fsize1."".$lang['modering']."".$fsize2."</div></div></div>";
print "<div style="text-align: left"><div class="contur"><div class="header">";
switch($mod) {
case 'setstatus':
if(empty($act)) {
print "".$fsize1."<form action="xmoder.php?s=$s&ci=$ci&id=$id&pass=$pass&mod=$mod" method="post">".$lang['who'].":<br/><input name="who" value="$who"/><br/>
".$lang['status'].":<br/><input name="status" value="".$data['status'].""/><br/><input type="hidden" name="act" value="set"/><input type="submit" value=" OK "></form>".$fsize2.""; } else {
if(@mysql_query("update `".$px.$utable."` set `status`='$status' where `login`='$who' and `ci`='$ci'")) print "".$fsize1."".$lang['done']."".$fsize2."";
else print $lang['error'];
}
break;
case 'delmsgs':
if(@mysql_query("delete from `".$px.$mtable."` where `ci`='$ci'")&&@mysql_query("delete from `".$px.$xtable."` where `ci`='$ci'")) print "".$fsize1."".$lang['done']."".$fsize2."";
else print $lang['error'];
break;
case 'editnik':
if(empty($act)) {
print "".$fsize1."<form action="xmoder.php?s=$s&ci=$ci&act=update&id=$id&pass=$pass&mod=$mod" method="post">".$lang['old_nick']."<br/><input type="text" name="old"/><br/>";
print $lang['new_nick']."<br/><input type="text" name="new"/><br/>";
print "<input type="submit" value=" OK "></form>".$fsize2."";
} else {
$q = @mysql_query("select * from `".$px.$utable."` where `login`='$new' and `ci`='$ci' limit 1;");
$ud = @mysql_fetch_array($q);
if($ud['id']) { print $lang['such_nick_exist']; } else {
if(@mysql_query("update `".$px.$utable."` set login='$new' where `login`='$old' and `ci`='$ci';")) print $lang['done'];
else print $lang['user_not_exist']; }
}
break;
case 'kill';
if($login['moder']>=2) {
$q = @mysql_query("select * from `".$px.$utable."` where `id`='$whoid' and ci= '$ci';");
$dbuser = @mysql_fetch_array($q);
if(@mysql_query("update `".$px.$utable."` set ban='kill' where `id`='".$whoid."' and `ci`='$ci';"))
print "".$fsize1."<b><u>".$dbuser['login']."</u>".$lang['killed']."</b>".$fsize2."<br/>"; }
else print $lang['access_denied'];
break;
case 'agent';
if($login['moder']>=3) {
$q = @mysql_query("select * from `".$px.$utable."` where `id`='$whoid' and `ci`='$ci';");
$dbuser = @mysql_fetch_array($q);
print "".$fsize1."<b>Ip:</b><br/>".$dbuser['ip']."".$fsize2."<br/>";
print "".$fsize1."<b>Браузер:</b><br/>".$dbuser['soft']."<br/>".$fsize2.""; }
else print $lang['access_denied'];
break;
case 'restore';
if($login['moder']>1) {
if(empty($act)) {
print "<".$fsize1."form action="moder.php?s=$s&ci=$ci&id=$id&pass=$pass&room=$room&mod=$mod" method="post">".$lang['login'].":<br/><input type="text" name="who"/><br/>";
print "<input type="hidden" name="act" value="kick"/><input type="submit" value=" OK "></form>".$fsize2."";
} else {
$q = @mysql_query("select * from `".$px.$utable."` where `login`='$who' and `ci`='$ci';");
$dbuser = @mysql_fetch_array($q);
if(@mysql_query("update `".$px.$utable."` set ban='', btime='', breason='' where `login`='".$who."' and `ci`='$ci';"))
print "<b><u>".$who."</u>".$lang['restored']."</b><br/>";
}
}
else print $lang['access_denied'];
break;
case 'kick':
if(empty($act)) {
print "".$fsize1."<form action="moder.php?s=$s&ci=$ci&id=$id&pass=$pass&room=$room&mod=$mod" method="post">".$lang['reason'].":<br/><input type="text" name="pr"/><br/>
<select name="len">
<option value="30">30".$lang['s']."</option>
<option value="60">60".$lang['s']."</option>
<option value="90">1".$lang['m']." 30".$lang['s']."</option>
<option value="120">2".$lang['m']."</option>
<option value="300">5".$lang['m']."</option>
<option value="600">10".$lang['m']."</option>".$fsize2."";
if($login['moder']>=2)
print "".$fsize1."<option value="1800">30".$lang['m']."</option><option value="3600">1".$lang['h']."</option><option value="86400">24".$lang['h']."</option>";
print "</select><br/><input type="hidden" name="act" value="kick"/><input type="hidden" name="whoid" value="$whoid"/><input type="submit" value=" OK "></form>".$fsize2."";
} else {
if($login['moder']>=1 && $len<=600 || $login['moder']>=2 && $len<=86400) {
$q = @mysql_query("select * from `".$px.$utable."` where `id`='$whoid' and `ci`='$ci';");
$dbuser = @mysql_fetch_array($q);
if(@mysql_query("update `".$px.$utable."` set ban='".$login['login']."', btime='".(time() + $len)."', breason='$pr' where `id`='".$whoid."' and `ci`='$ci';"))
print "<b><u>".$dbuser['login']."</u>".$lang['kicked']."</b><br/>"; }
}
break;
case 'addmeet':
$q = @mysql_query("select * from `".$px.$meettable."` where `login`='".$login['id']."' and `ci`='$ci' order by id desc;");
$last_meet = @mysql_fetch_array($q);
if(empty($act)) {
print "".$fsize1."<form action="moder.php?s=$s&ci=$ci&id=$id&pass=$pass&mod=$mod" method="post">".$lang['title'].":<br/><input name="t"/><br/>
".$lang['content'].":<br/><input name="content"/><br/>
".$lang['organizators'].":<br/><input name="organizatory"/><br/><input type="hidden" name="act" value="add"/><input type="submit" value=" OK "></form>".$fsize2."";
} else { if(empty($error)) {
if($t!=$last_meet['title']) {
if(@mysql_query("insert into `".$px.$meettable."` values(0,'".$login['login']."','$t','$content','$organizatory','$ci');")) { print $lang['done']; } else { print $lang['error']; } } else { print $lang['meet_exist']; }
} else { print $error; } }
break;
case 'delmeet':
$q = @mysql_query("select * from `".$px.$meettable."` where `ci`='$ci' order by id desc;");
if(empty($act)) {
while($arr = @mysql_fetch_array($q)) {
print "<".$fsize1."a href="moder.php?s=$s&ci=$ci&act=del&id=$id&pass=$pass&delid=".$arr['id']."&mod=$mod">".$arr['title']."</a>".$fsize2."<br/>"; }
} else {
if(mysql_query("delete from `".$px.$meettable."` where `id`='$delid' and `ci`='$ci' limit 1;")) print $lang['done'];
}
break;
case 'title':
if(empty($act)) {
print "".$fsize1."<form action="xmoder.php?s=$s&ci=$ci&act=update&id=$id&pass=$pass&mod=$mod" method="post">".$lang['head']."<br/><input type="text" name="t"/><br/>".$lang['room']."<br/><select name="name">".$fsize2."";
$q = @mysql_query("select * from `".$px.$stable."` where `mod`='room' and `ci`='$ci';");
while ($dbdata = @mysql_fetch_array($q)) {
print "".$fsize1."<option value="".$dbdata['var']."">".$dbdata['val1']."</option>"; }
print "</select><br/><input type="submit" value="Изменить"></form>".$fsize2."";
} else {
$t=htmlspecialchars(stripslashes(trim(substr($t,0,25))));
if(@mysql_query("update `".$px.$stable."` set val2='$t' where `var`='$name' and `mod`='room' and `ci`='$ci';")) print $lang['done'];
}
break;
case 'ipb':
if(empty($act)) {
print "....!<br/>";
} else {
$query_users = mysql_query("select * from chat_users where `ci`='".$ci."' AND `login`='".$who."';");
$query_login = mysql_query("select * from chat_users where `ci`='".$ci."' AND (`id`='".$id."' or `login`='".$login."');");
if (MySQL_Num_rows($query_users)==0) {print "".$fsize1."Не найден!".$fsize2."<br/>";
} else {
$data = mysql_fetch_array($query_users);
$must = mysql_fetch_array($query_login);
$id = htmlspecialchars($must['id'], ENT_QUOTES);
$login = htmlspecialchars($must['login'], ENT_QUOTES);
$moder=htmlspecialchars($must['moder'], ENT_QUOTES);
$user_moder=htmlspecialchars($data['moder'], ENT_QUOTES);
$admin=htmlspecialchars($must['admin'], ENT_QUOTES);
$to=htmlspecialchars($data['email'], ENT_QUOTES);
$from=htmlspecialchars($must['email'], ENT_QUOTES);
$photo=htmlspecialchars($data['photo'], ENT_QUOTES);
$status=htmlspecialchars($data['status'], ENT_QUOTES);
$ip=htmlspecialchars($data['ip'], ENT_QUOTES);
$browser=htmlspecialchars($data['soft'], ENT_QUOTES);
print "Ник ".$data['login']."<br/>"; }
$browser = UrlEncode($browser);
echo "<br/>".$fsize1."<a href="xmoder.php?s=$s&ci=$ci&id=$id&pass=$pass&mod=banip&act=add&ip=$ip&brows=$browser">Забанить</a>".$fsize2."<br/>";
}
break;
case 'banip':
if(empty($act)) {
print "....!<br/>";
} else {
$browser = UrlDecode($browser);
if(mysql_query("insert into bannedib values(0,'$ip','$brows','$login','$ci');")) print "<b>IP: $ip+Браузер: $brows забанен!</b><br/>";
}
break;
default:
print "</div></div></div><div style="text-align: left"><div class="contur"><div class="header">".$fsize1."<a href="./xmoder.php?s=$s&ci=$ci&id=$id&pass=$pass&mod=addmeet">→ ".$lang['add_meet']."</a><br/>";
print "<a href="./xmoder.php?s=$s&ci=$ci&id=$id&pass=$pass&mod=delmeet">→ ".$lang['del_meet']."</a><br/>";
print "<a href="./xmoder.php?s=$s&ci=$ci&id=$id&pass=$pass&mod=title">→ ".$lang['change_head']."</a><br/>";
if($login['moder']>=2)
print "<a href="./xmoder.php?s=$s&ci=$ci&id=$id&pass=$pass&mod=restore">→ ".$lang['restore_login']."</a><br/>";
if($login['moder']>=4) {
print "<a href="$PHP_SELF?s=$s&ci=$ci&id=$id&pass=$pass&mod=editnik">→ ".$lang['change_login']."</a><br/>";
print "<a href="$PHP_SELF?s=$s&ci=$ci&id=$id&pass=$pass&mod=setstatus">→ ".$lang['change_status']."</a><br/>";
print "<a href="$PHP_SELF?s=$s&ci=$ci&id=$id&pass=$pass&mod=delmsgs">→ ".$lang['empty_rooms']."</a>".$fsize2."</div></div>";
}
break;
}
if($mod)
print "<div class="main"><br/></div><div class="smain">".$fsize1."<a href="./xmoder.php?s=$s&ci=$ci&id=$id&pass=$pass">→ ".$lang['modering']."</a>".$fsize2."<br/>";
print "</div></div></div>";
if($room)
echo "<div class="main"><br/></div><div class="smain">".$fsize1."<a href="./xroom.php?s=$s&ci=$ci&id=$id&pass=$pass&room=$room">".$lang['to_chat']."</a>".$fsize2."<br/>";
else
echo "<div style="text-align: center"><div class="contur_rek"><div class="header_rek">".$fsize1."<a href="./enter.php?s=$s&ci=$ci&id=$id&pass=$pass">".$lang['holl']."</a>".$fsize2."</div>";
} else { $lang['access_denied']; }
mysql_close();
ob_end_flush();
print "</div></body></html>n";
?>