Файл: spuff.ru/panel/adminchat.php
Строк: 67
<?php
require_once '../includes/sys.php';
require_once '../includes/auth_a.php';
require_once '../includes/header.php';
switch ($act) {
default:
echo '<div class="title"><a href="./?">АДМ</a> » Админ-чат</div>';
$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `adminchat`"), 0);
if ($total > 0) {
$pages = ceil($total / $config['onpage']);
if ($page > $pages or $page == 0) {
$page = 1;
}
$begin = ($page - 1) * $config['onpage'];
$book_r = mysql_query("SELECT * FROM `adminchat` ORDER BY `time` DESC LIMIT $begin, $config[onpage]");
while ($book = mysql_fetch_assoc($book_r)) {
echo '<div class="raz"><a href="../other/profile.php?id='.$book['id_user'].'">'.login($book['id_user']).'</a> ';
echo ' '.ccdate($book['time'], $book['id_user']).' [<a href="?act=reply&id='.$book['id'].'">отв</a>]';
if ($u['access'] == 4 or $u['id'] == $book['id_user'] and time() - $book['time'] < $config['edit_time']) echo ' [<a href="?act=edit&id='.$book['id'].'">ред</a>]';
if ($u['access'] == 4) echo ' [<a href="?act=del&id='.$book['id'].'">удл</a>]';
echo '<br />'.bb($book['msg']);
if ($book['edit_by']) echo '<br />----------<br /><b>Редактировалось: '.username($book['edit_by'], 0).'</b>';
echo '</div>';
}
navig($page, '?', $pages);
} else {
echo '<div class="error">Админ-чат пуст</div>';
}
echo '<div class="title">Добавить сообщение</div>';
echo '<div class="body"><form name="form" action="?act=add" method="post">
<textarea name="msg" cols="" rows="3"></textarea>
<input name="" type="submit" value="Написать"></form></div>';
break;
case 'add':
if ($_POST['msg']) {
if (TIME > $_SESSION['antispam']) {
$msg = check($_POST['msg']);
mysql_query("INSERT INTO `adminchat` SET `id_user` = '$u[id]', `msg` = '$msg', `time` = '".TIME."'");
$_SESSION['antispam'] = TIME + $config['antispam'];
redirect('?');
} else {
error($lang['antispam'].' '.$config['antispam'].' sec');
nav('?');
}
} else {
redirect('?');
}
break;
case 'reply':
$msg_r = mysql_query("SELECT `id`, `id_user` FROM `adminchat` WHERE `id` = '$id'");
$msg = mysql_fetch_assoc($msg_r);
if ($msg['id']) {
if ($ok) {
if (TIME > $_SESSION['antispam']) {
if ($_POST['msg_text']) {
$msg_text = check($_POST['msg_text']);
mysql_query("INSERT INTO `adminchat` SET `id_user` = '$u[id]', `msg` = '$msg_text', `time` = '".time()."'");
$_SESSION['antispam'] = time() + $config['antispam'];
header('location: ?');
exit;
} else {
error('Вы не заполнили поле.');
}
} else {
error('Антиспам '.$config['antispam'].' sec.');
nav('?');
}
} else {
tp('<a href="?">Админчат</a>» Ответить');
echo '<div class="body"><form name="form" action="?act=reply&id='.$id.'&ok=1" method="post">
Сообщение(max250):<br /><textarea name="msg_text" cols="" rows="3">[b]'.username($msg['id_user'], 0).'[/b], </textarea><br />';
echo '<input name="submit" type="submit" value="Написать"></form></div>';
}
} else {
redirect('?');
}
break;
case 'edit':
$book_r = mysql_query("SELECT `id_user`, `msg`, `time` FROM `adminchat` WHERE `id` = '$id'");
$book = mysql_fetch_assoc($book_r);
if ($book['msg']) {
if (access(3) or ($u['id'] == $book['id_user'] and TIME - $book['time'] < $config['edit_time']) ) {
tp('<a href="?">Админчат</a>» Ред-е сообщения');
if (empty($ok)) {
echo '<div class="body"><form name="form" action="?act=edit&id='.$id.'&ok=1" method="post">
Текст(max250):<br /><textarea name="msg" cols="" rows="3">'.$book['msg'].'</textarea>
<input name="submit" type="submit" value="Изменить"></form></div>';
} else {
if ($_POST['msg']) {
$msg = check($_POST['msg']);
mysql_query("UPDATE `adminchat` SET `msg` = '$msg', `edit_by` = '$u[id]', `edit_time` = '".time()."' WHERE `id` = '$id'");
redirect('?');
} else {
redirect('?act=edit&id='.$id);
}
}
} else {
redirect('?');
}
} else {
redirect('?');
}
break;
case 'del':
if (access(3)) {
$msg_r = mysql_query("SELECT `id` FROM `adminchat` WHERE `id` = '$id'");
if (mysql_num_rows($msg_r)) {
mysql_query("DELETE FROM `adminchat` WHERE `id` = '$id'");
}
}
redirect('?');
break;
}
require_once '../includes/tail.php';
?>