Файл: spuff.ru/panel/users.php
Строк: 185
<?php
require_once '../includes/sys.php';
require_once '../includes/auth_a.php';
require_once '../includes/header.php';
if (!access(3)) {
redirect(HTTPHOME);
}
switch ($act) {
default:
tp('<a href="./">АДМ</a>» Юзеры');
$users = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users`"), 0);
$users_e0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `email_ver` = 0"), 0);
$users0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
echo '<div class="raz">[<a href="?act=sort&q=">Все ('.$users.')</a>] [<a href="?act=email_ver">Не подтвердили mail ('.$users_e0.')</a>] [<a href="?act=nonact">Неактивны ('.$users0.')</a>]</div>';
echo '<div class="body"><form name="form" action="?act=sort" method="post">
<input name="q" type="text" maxlength="12" size="10" />
<input name="submit" type="submit" value="Поиск" />
</form></div>';
echo '<div class="body">[<a href="?act=sort&q=1">0-9</a>] [<a href="?act=sort&q=a">A</a>] [<a href="?act=sort&q=b">B</a>] [<a href="?act=sort&q=c">C</a>] [<a href="?act=sort&q=d">D</a>] [<a href="?act=sort&q=e">E</a>] [<a href="?act=sort&q=f">F</a>] [<a href="?act=sort&q=g">G</a>] [<a href="?act=sort&q=h">H</a>] [<a href="?act=sort&q=i">I</a>] [<a href="?act=sort&q=j">J</a>] [<a href="?act=sort&q=k">K</a>] [<a href="?act=sort&q=l">L</a>] [<a href="?act=sort&q=m">M</a>] [<a href="?act=sort&q=n">N</a>] [<a href="?act=sort&q=o">O</a>] [<a href="?act=sort&q=p">P</a>] [<a href="?act=sort&q=q">Q</a>] [<a href="?act=sort&q=r">R</a>] [<a href="?act=sort&q=s">S</a>] [<a href="?act=sort&q=t">T</a>] [<a href="?act=sort&q=u">U</a>] [<a href="?act=sort&q=v">V</a>] [<a href="?act=sort&q=w">W</a>] [<a href="?act=sort&q=x">X</a>] [<a href="?act=sort&q=y">Y</a>] [<a href="?act=sort&q=z">Z</a>]</div>';
break;
case 'sort':
if (isset($_POST['q'])) {
$q = check(strtolower($_POST['q']));
} else {
$q = check(strtolower($_GET['q']));
}
if (isset($q)) {
if ($q == 1) {
$search = "RLIKE '^[-0-9]'";
} else {
$search = "LIKE '$q%'";
}
}
$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE LOWER(`username`) ".$search.";"), 0);
$pages = ceil($total / $config['onpage']);
if ($page > $pages or $page == 0) {
$page = 1;
}
$begin = ($page - 1) * $config['onpage'];
tp('<a href="./">АДМ</a>» <a href="?">Юзеры</a>');
echo '<div class="body"><form name="form" action="?act=sort" method="post">
<input name="q" type="text" maxlength="12" size="10" />
<input name="submit" type="submit" value="Поиск" />
</form></div>';
$users_r = mysql_query("SELECT `id`, `karma` FROM `users` WHERE LOWER(`username`) ".$search." ORDER BY `id` DESC LIMIT $begin, $config[onpage]");
while ($user = mysql_fetch_assoc($users_r)) {
echo '<div class="raz"><a href="/other/profile.php?id='.$user['id'].'">'.username($user['id'], 2).'</a> [<a href="?act=edit&id='.$user['id'].'"><font color="green">ред</font></a>] [<a href="?act=del&id='.$user['id'].'"><font color="red">DEL</font></a>]</div>';
}
navig($page, '?act=sort&', $pages);
break;
case 'edit':
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$id'"));
if ($user['id']) {
if ($ok) {
$email = check($_POST['email']);
$access = abs(intval($_POST['access']));
switch ($access) {
default: $access = $user['access']; break;
case '1': $access = 1; break;
case '2': $access = 2; break;
case '3': $access = 3; break;
case '4': $access = 0; break;
}
$icq = abs(intval($_POST['icq']));
$gorod = check($_POST['gorod']);
$wmr=check($_POST['wmr']);
$wmid=check($_POST['wmid']);
$login = check($_POST['login']);
$name = check($_POST['name']);
$gender = abs(intval($_POST['gender']));
$from = check($_POST['from']);
$birthday = check($_POST['birthday']);
$site = check($_POST['site']);
$about = check($_POST['about']);
mysql_query("UPDATE `users` SET `email` = '$email', `access` = '$access', `icq` = '$icq', `gorod` = '$gorod', `username` = '$login', `name` = '$name', `gender` = '$gender', `from` = '$from', `birthday` = '$birthday', `site` = '$site', `wmid` = '$wmid', `wmr` = '$wmr', `about` = '$about' WHERE `id` = '$id'");
redirect('?act=edit&id='.$id);
} else {
echo '<div class="title"><a href="?">Юзеры</a>» Ред-ть <a href="../other/profile.php?id='.$user['id'].'">'.$user['username'].'</a></div>';
echo '<div class="body"><form name="form" action="?act=edit&id='.$id.'&ok=1" method="post">
<b>'.access2($user['id']).' </b>
<select name="access">
<option value="0">Не изменять</option>';
if ($user['access'] < 4) {
echo '<option value="4">Пользователь</option>
<option value="1">Куратор</option>
<option value="2">Модератор</option>
<option value="3">Администратор</option>';
}
echo '</select><br />
<b>Логин:</b><br /><input name="login" type="text" maxlength="50" value="'.$user['username'].'" /><br />
<b>E-mail(max50):</b><br /><input name="email" type="text" maxlength="50" value="'.$user['email'].'" /><br />
<b>ICQ(max9):</b><br /><input name="icq" type="text" maxlength="9" value="'.$user['icq'].'" /><br />
<b>Город(max32):</b><br /><input name="gorod" type="text" maxlength="32" value="'.$user['gorod'].'" /><br />
<b>Имя(max20):</b><br /><input name="name" type="text" maxlength="20" value="'.$user['name'].'" /><br />
<b>Пол:</b> ';
switch ($user['gender']) {
case '1': echo 'муж<input name="gender" type="radio" value="1" checked /> <input name="gender" type="radio" value="2" />жен'; break;
case '2': echo 'муж<input name="gender" type="radio" value="1" /> <input name="gender" type="radio" value="2" checked />жен'; break;
default: echo 'муж<input name="gender" type="radio" value="1" /> <input name="gender" type="radio" value="2" />жен'; break;
}
echo '<br />
<b>Страна(max25):</b><br /><input name="from" type="text" maxlength="25" value="'.$user['from'].'" /><br />
<b>Дата рождения (дд.мм.гггг):</b><br /><input name="birthday" type="text" maxlength="25" value="'.$user['birthday'].'" /><br />
<b>Сайт(без http://, max20):</b><br /><input name="site" type="text" maxlength="20" value="'.$user['site'].'" /><br />
<b>О себе(max250):</b><br /><textarea name="about" cols="" rows="3">'.$user['about'].'</textarea><br />
<b>WMID:</b><br/><input type="text" name="wmid" value="'.$user['wmid'].'"><br/>
<b>WMR (только цифры):</b><br/><input type="text" name="wmr" value="'.$user['wmr'].'"><br/>
<input name="submit" type="submit" value="Изменить"></form></div>';
}
} else {
redirect('?');
}
break;
case 'del':
if (($id != '2') && ($id != '1')){
if ($ok) {
mysql_query("DELETE FROM `voting` WHERE `type` = 'profile' and `id_for` = '$id'");
mysql_query("DELETE FROM `users` WHERE `id` = '$id'");
$_SESSION['note'] = 'Юзер удален';
redirect('?');
} else {
tp('Подтвердите, пожалуйста');
echo '<div class="body">
Вы действительно хотите удалить <b>'.username($id, 2).'</b>?
<form name="form" action="?act=del&id='.$id.'&ok=1" method="post">
<input name="submit" type="submit" value="Да" />
</form></div>';
}
} else {
$_SESSION['note'] = '<div class="error">Нельзя удалить создателя</div>';
redirect('?');
}
break;
case 'email_ver':
$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
$pages = ceil($total / $config['onpage']);
if ($page > $pages or $page == 0) {
$page = 1;
}
$begin = ($page - 1) * $config['onpage'];
tp('<a href="./">АДМ</a>» Юзеры</a>');
$users = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users`"), 0);
$users_e0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `email_ver` = 0"), 0);
$users0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
echo '<div class="raz">[<a href="?act=sort&q=">Все ('.$users.')</a>] [<b>Не подтвердили E-mail ('.$users_e0.')</b>] [<a href="?act=nonact">Неактивны ('.$users0.')</a>]</div>';
note();
$users_r = mysql_query("SELECT `id`, `karma` FROM `users` WHERE `email_ver` = 0 ORDER BY `regtime` LIMIT $begin, $config[onpage]");
while ($user = mysql_fetch_assoc($users_r)) {
echo '<div class="raz"><a href="/other/profile.php?id='.$user['id'].'">'.username($user['id'], 2).'</a> [<a href="?act=email_ver&id='.$user['id'].'"><font color="green">Подтв.</font></a>] [<a href="?act=del&id='.$user['id'].'"><font color="red">DEL</font></a>]</div>';
}
navig($page, '?act=nonact&', $pages);
echo '<div class="raz" style="text-align: center"><a href="?act=prove_all">Подтвердить E-mail всем</a></div>';
if ($id) {
mysql_query("UPDATE `users` SET `email_ver` = 1 WHERE `id` = '$id'");
redirect('?act=email_ver');
}
if ($_GET['prove_all']) {
mysql_query("UPDATE `users` SET `email_ver` = 1 WHERE `email_ver` != 1");
}
break;
case 'nonact':
$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
$pages = ceil($total / $config['onpage']);
if ($page > $pages or $page == 0) {
$page = 1;
}
$begin = ($page - 1) * $config['onpage'];
tp('<a href="./">АДМ</a>» Юзеры</a>');
$users = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users`"), 0);
$users_e0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `email_ver` = 0"), 0);
$users0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
echo '<div class="raz">[<a href="?">Все ('.$users.')</a>] [<a href="?act=email_ver">Не подтвердили mail ('.$users_e0.')</a>] [<b>Неактивны ('.$users0.')</b>]</div>';
note();
$users_r = mysql_query("SELECT `id`, `karma` FROM `users` WHERE `ok` = 0 ORDER BY `regtime` LIMIT $begin, $config[onpage]");
while ($user = mysql_fetch_assoc($users_r)) {
echo '<div class="raz"><a href="/other/profile.php?id='.$user['id'].'">'.username($user['id'], 2).'</a> [<a href="?act=useract&id='.$user['id'].'"><font color="green">Акт</font></a>] [<a href="?act=del&id='.$user['id'].'"><font color="red">DEL</font></a>)</div>';
}
navig($page, '?act=nonact&', $pages);
echo '<div class="raz" style="text-align: center"><a href="?act=useract_all">Активировать всех</a></div>';
break;
case 'useract':
mysql_query("UPDATE `users` SET `ok` = 1 WHERE `id` = '$id'");
$_SESSION['note'] = 'Активирован.';
redirect('?act=nonact');
break;
case 'useract_all':
mysql_query("UPDATE `users` SET `ok` = 1");
$_SESSION['note'] = 'Все были активированы.';
redirect('?act=nonact');
break;
}
require_once '../includes/tail.php';
?>