Файл: vkolhoze.com/kop/admin.users.php
Строк: 118
<?
if(isset($_GET['edit']) && intval($_GET['edit'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_user` WHERE `id` = '".intval($_GET['edit'])."'"),0)!=0)
{
$edit=mysql_fetch_array(mysql_query("SELECT * FROM `kolhoz_user` WHERE `id` = '".intval($_GET['edit'])."'"));
echo "<div class='event'><h1><a href='?admin=$admin'>$admin_name</a> / Редактировать</h1></div>";
echo '<div class="content"><div class="block">';
if(isset($_POST['ok']))
{
$id=intval($_POST['id']);
$money=intval($_POST['money']);
$rating=intval($_POST['rating']);
$rubies=intval($_POST['rubies']);
$cook_mas=intval($_POST['cook_mas']);
$level=intval($_POST['level']);
if(!is_numeric($money) || strlen2($money)<1){$err=1;err_game('Неверное к-во монет');}
if(!is_numeric($rating) || strlen2($rating)<1){$err=1;err_game('Неверный опыт');}
if(!is_numeric($rubies) || strlen2($rubies)<1){$err=1;err_game('Неверное к-во рубинов');}
if(!is_numeric($cook_mas) || strlen2($cook_mas)<1){$err=1;err_game('Неверный опыт');}
if(!is_numeric($level) || strlen2($level)<1){$err=1;err_game('Неверный уровень');}
if (!isset($err))
{
mysql_query("UPDATE `kolhoz_user` SET `money` = '$money', `rating` = '$rating', `rubies` = '$rubies', `level` = '$level' WHERE `id` = '$edit[id]'") or die (mysql_error());
header("Location:?admin=$admin");
}
}
echo "<ul>";
echo "<li style='padding-bottom:8px'>";
echo "<div class='small'>";
echo "</div></ul><div style='clear:both'></div>";
echo "<form method="post">n";
echo "Монеты:<br /><input name="money" type="text" maxlength='32' value='$edit[money]' /><br />n";echo "Опыт:<br /><input name="rating" type="text" maxlength='32' value='$edit[rating]' /><br />n";echo "Рубины:<br /><input name="rubies" type="text" maxlength='32' value='$edit[rubies]'/><br />n";echo "Уровень:<br /><input name="level" type="text" maxlength='32' value='$edit[level]'/><br />n";echo "<input value='Сохранить' type='submit' name='ok' /></form>n";
echo "<div><br/>» <a href='?admin=$admin&del=$edit[id]'>Удалить</a></div>";
echo "</div>";
include_once 'inc/foot.php';
exit;
}
if(isset($_GET['del']) && intval($_GET['del'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_user` WHERE `id` = '".intval($_GET['del'])."'"),0)!=0)
{
$del=mysql_fetch_array(mysql_query("SELECT * FROM `kolhoz_user` WHERE `id` = '".intval($_GET['del'])."'"));
if(isset($_GET['ok']))
{
mysql_query("DELETE FROM `kolhoz_user` WHERE `id` = '$del[id]'");
header("Location:?admin=$admin");
}
podtv("?admin=$admin&del=$del[id]&ok","?admin=$admin");
include_once 'inc/foot.php';
}
echo "<div class='event'><h1><a href='?admin=list'>Админка</a> / $admin_name</h1></div>";
echo '<div class="content"><div class="block">';
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_user`"),0);
if ($k_post==0)
{
echo "Список пользователей пуст...";
}
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
$q=mysql_query("SELECT * FROM `kolhoz_user` ORDER BY `id` DESC LIMIT $start, $set[p_str]");
echo "<ul>";
while($post=mysql_fetch_array($q))
{
echo "<li style='padding-bottom:8px'>";
echo "<a href='?admin=$admin&edit=$post[id]'></a><div><span><a href= '?admin=$admin&edit=$post[id]'>ID ".hsc($post['id'])."</a></span><span class='minor'>, </span><span><img width='16' height='16' src='images/icons/money.png' alt='o'><span class='title'>$post[money]</span>, <img width='16' height='16' src='images/icons/ruby.png' alt='o'><span class='title'>$post[rubies]</span></span></div><div style='clear:both'></div></li>";
}
if ($k_page>1)str("?admin=$admin&",$k_page,$page); // Вывод страниц
echo "</ul></div>";
include_once 'inc/foot.php';
?>