Файл: spuff.ru/panel/ban.php
Строк: 105
<?php
require_once '../includes/sys.php';
require_once '../includes/auth_a.php';
require_once '../includes/header.php';
switch ($act) {
default:
tp('<a href="./">АДМ</a>» Забанить юзера');
echo '<div class="body">';
note();
echo '<form name="form" action="?act=ban" method="post">
Логин(max12):<br /><input name="user" type="text" maxlength="12" value="'.htmlspecialchars($_GET['user'], ENT_QUOTES).'" /><br />
<form action="?act=ban&type=1&ok=1" method="post" name="form">
Причина(max250):<br /><textarea name="reason" cols="" rows="3"></textarea><br />
Срок:<br /><select name="banned">
<option value="900">15 минут</option>
<option value="1800">30 минут</option>
<option value="3600">1 час</option>
<option value="10800">3 часа</option>
<option value="21600">6 часов</option>
<option value="43200">12 часов</option>
<option value="86400">Сутки</option>
<option value="259200">Трое суток</option>
<option value="604800">Неделя</option>
<option value="2419200">Месяц</option>
</select><br />
<input name="submit" type="submit" value="Забанить" /></form></div>';
echo '<div class="raz"><a href="?act=banlist">Забаненные</a></div>';
break;
case 'ban':
$user = check($_POST['user']);
$us_r = mysql_query("SELECT `id`, `access` FROM `users` WHERE `username` = '$user'");
$us = mysql_fetch_assoc($us_r);
if ($us['id']) {
if (($u['access'] > $us['access']) or $u['id'] == 1) {
$ban_r = mysql_num_rows(mysql_query("SELECT `id` FROM `ban` WHERE `id_user` = '$us[id]' and `until` > '".TIME."'"));
if (!$ban_r) {
if ($_POST['reason'] and $_POST['banned']) {
$reason = check($_POST['reason']);
$until = abs(intval($_POST['banned'])) + TIME;
mysql_query("INSERT INTO `ban` SET `id_user` = '$us[id]', `until` = '$until', `reason` = '$reason', `by` = '$u[id]'");
redirect(HTTPHOME.'/other/profile.php?id='.$us[id]);
} else {
$_SESSION['note'] = 'Не указана причина';
redirect('?');
}
} else {
$_SESSION['note'] = 'Этот юзер уже пнут/забанен!';
redirect('?');
}
} else {
$_SESSION['note'] = 'Нельзя банить старшего по должности';
redirect('?');
}
} else {
$_SESSION['note'] = 'Юзер не существует';
redirect('?');
}
break;
case 'banlist':
tp('<a href="?">Бан</a>» Забаненные');
note();
$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `ban` WHERE `until` > '".TIME."'"), 0);
if ($total > 0) {
$pages = ceil($total / $config['onpage']);
if ($page > $pages or $page == 0) {
$page = 1;
}
$begin = ($page - 1) * $config['onpage'];
$ban_r = mysql_query("SELECT * FROM `ban` WHERE `until` > '".TIME."' ORDER BY `until` DESC LIMIT $begin, $config[onpage]");
while ($ban = mysql_fetch_assoc($ban_r)) {
echo '<div class="raz"><a href="../other/profile.php?id='.$ban['id_user'].'">'.username($ban['id_user'], 2).'</a> до '.ccdate($ban['until'], 0);
if (access(2)) {
echo ' [<a href="?act=ban_rm&id='.$ban['id'].'">разбан</a>]';
}
echo '</div>';
}
navig($page, '?', $pages);
}else{echo '<div class="error">Нет забаненных</div>';}
break;
case 'ban_rm':
if (access(2)) {
mysql_query("DELETE FROM `ban` WHERE `id` = '$id'");
$_SESSION['note'] = 'Разбанен';
} else {
$_SESSION['note'] = 'Нет доступа';
}
redirect('?act=banlist');
break;
}
require_once '../includes/tail.php';
?>