Файл: rusikanlove/rusikanlove/admin/chat.php
Строк: 67
<?php
require_once"".$_SERVER['DOCUMENT_ROOT']."/template/session.php";
require_once"".$_SERVER['DOCUMENT_ROOT']."/ini.php";
$id = $_SESSION['id'];
$auth_u = mysql_query("SELECT id FROM user WHERE id='$id'");
if(mysql_num_rows($auth_u)=="0"){ session_destroy(); header('Location: /index.php');}
if($_SESSION['auth']=="1"){
//достаём логин и левел из таблицы
$zzz = mysql_query("SELECT login,level FROM user WHERE id='$id'");
$au = mysql_fetch_array($zzz);
$login = $au['login'];
$lev = $au['level'];
mysql_query("UPDATE user SET time='$time' WHERE id='$id'");
if($lev=="6"){
if(isset($_GET['m'])){ $m = $_GET['m']; } else { $m = "0"; }
//ВЫВОД КОМНАТ ЧАТА С РАЗЛИЧНЫМИ ФУНКЦИЯМИ
if($m=="0"){
$w = mysql_query("SELECT id FROM chat_room");
if(mysql_num_rows($w)!="0"){
$query = mysql_query("SELECT * FROM chat_room ORDER BY id DESC");
include_once"".$_SERVER['DOCUMENT_ROOT']."/template/head.php";
echo'<div class="r"><img src="../image/icon/chat.png" alt="" />Управление чатом</div>';
while($arr = mysql_fetch_array($query)){
$cid = $arr['id'];
echo'-<a href="/chat/chat.php?cid='.$cid.'">'.$arr['name'].'</a>
[<a href="chat.php?m=1&cid='.$cid.'">X</a>]<br />
<form action="?m=2&cid='.$cid.'" method="post">
<input name="msg" type="text" value="'.$arr['name'].'" /><br />
<input type="submit" value="изменить">
</form><br />';
}
echo'<hr /><form action="?m=3&'.sid.'" method="post">
Имя комнаты:<br />
<input name="name" type="text" /><br />
<input type="submit" value="создать">
</form><br />
«<a href="index.php">Админка</a><br />
<img src="/image/icon/home.png" alt="" /><a href="../menu.php">Меню</a><br />';
include_once"".$_SERVER['DOCUMENT_ROOT']."/template/foot.php";
} else {
include_once"".$_SERVER['DOCUMENT_ROOT']."/template/head.php";
echo'<div class="r"><img src="../image/icon/chat.png" alt="" />Управление чатом</div>
<form action="?m=3&'.sid.'" method="post">
Имя комнаты:<br />
<input name="name" type="text" /><br />
<input type="submit" value="создать">
</form><br />
«<a href="index.php">Админка</a><br />
<img src="/image/icon/home.png" alt="" /><a href="../menu.php">Меню</a><br />';
include_once"".$_SERVER['DOCUMENT_ROOT']."/template/foot.php";
}
}
//УДАЛЕНИЕ КОМНАТЫ
if($m=="1"){
if(preg_match('#^[d]{1,10}$#',$_GET['cid'])){
$cid = $_GET['cid'];
$w = mysql_query("SELECT id FROM chat_room WHERE id='$cid'");
if(mysql_num_rows($w)!="0"){
mysql_query("DELETE FROM chat_room WHERE id='$cid'");
header('Location: chat.php?'.sid.'');
}
} else {header('Location: chat.php?'.sid.'');}
}
//ИЗМЕНЕНИЕ КОМНАТЫ
if($m=="2"){
if(preg_match('#^[d]{1,3}$#',$_GET['cid'])){
if($_POST['msg']!=""){
$cid = $_GET['cid'];
$msg = trim(addslashes(htmlspecialchars($_POST['msg'])));
mysql_query("UPDATE chat_room SET name='$msg' WHERE id='$cid'");
header('Location: chat.php?'.sid.'');
} else {header('Location: chat.php?'.sid.'');}
} else {header('Location: chat.php?'.sid.'');}
}
//СОЗДАНИЕ КОМНАТЫ
if($m=="3"){
if($_POST['name']!=""){
$name = trim(htmlspecialchars(addslashes($_POST['name'])));
mysql_query("INSERT INTO chat_room SET name='$name'");
header('Location: chat.php?'.sid.'');
} else {header('Location: chat.php?'.sid.'');}
}
} else { header('Location: /menu.php?'.sid.''); }
} else { header('Location: /index.php?'.sid.''); }
?>