Файл: mzone.php
Строк: 82
<?php
session_start();
include ('private/mysql.php');
include ('tmp/head.php');
if($user['access']<'2'){
header('Location: main.php?');
exit;
}
switch($sd){
default:
$new_ticket = mysql_num_rows(mysql_query("SELECT * FROM `ticket` WHERE `status`='on'"));
echo "<a href='?sd=ticket'>Тикет-система ($new_ticket)</a><br>";
break;
case 'ban':
if(empty($_POST['submit'])){
$us = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id`='$id'"));
echo "<form action='mzone.php?sd=ban&id=$id' method='post'>
Ник:<br>
<input type='text' name='user' value='$us[login]' class='enter'><br>
Причина:<br>
<textarea name='pri' class='enter'></textarea><br>
Время бана:<br>
<select name='time' class='enter'>
<option value='3600'>1 час</option>
<option value='43200'>12 часов</option>
<option value='86400'>24 часа</option>
<option value='2592000'>30 дней</option>
</select><br>
<input type='submit' name='submit' value='ОК' class='enter'></form>";
}else{
$rtr = time()+$_POST['time'];
mysql_query("INSERT INTO `ban` SET `user`='$id',`text`='$_POST[pri]',`who`='$log',`time`='$rtr'");
header('Location: main.php');
exit;
}
break;
case 'pred':
if(empty($_POST['submit'])){
$us = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id`='$id'"));
echo "<form action='mzone.php?sd=pred&id=$id' method='post'>
Ник:<br>
<input type='text' name='user' value='$us[login]' class='enter'><br>
Причина:<br>
<textarea name='pri' class='enter'></textarea><br>
<input type='submit' name='submit' value='ОК' class='enter'></form>";
}else{
mysql_query("UPDATE `users` SET `pred`=`pred`+'1' WHERE `id`='$id'");
mysql_query("INSERT INTO `mail` SET `user`='1',`to`='$id',`time`='".time()."',`text`='Модератор <a href=pers.php?id=$uid>$log</a> выдал вам предупреждение!<br>Причина: $_POST[pri]'");
header("Location: pers.php?id=$id");
exit;
}
break;
case 'ticket':
if($_GET['status']=='' || $_GET['status']=='on'){$st="on";$a1="Открытые тикеты";$a2="<a href='mzone.php?sd=ticket&status=off'>Закрытые тикеты</a>";}else{$st="off";$a1="<a href='mzone.php?sd=ticket&status=on'>Открытые тикеты</a>";$a2="Закрытые тикеты";}
echo "$a1 | $a2<hr>";
$q = mysql_query("SELECT * FROM `ticket` WHERE `status`='$st'");
$e = mysql_num_rows($q);
if($e == '0'){
echo "Тикетов нет<br>";
}
While($w = mysql_fetch_assoc($q)){
$us = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id`='$w[user]'"));
echo "$us[login],$w[theme] ($w[time]) - [<a href='mzone.php?sd=ticket2&id=$w[id]'>Посмотреть</a>]<br>";
}
echo "<hr><a href='mzone.php?'>← назад</a>";
break;
case 'ticket2':
$q = mysql_query("SELECT * FROM `ticket` WHERE `id`='$id'");
$w = mysql_fetch_assoc($q);
if(isset($_GET['off'])){
$time1 = date('d.m.y');
$time2 = date('H:i:s');
mysql_query("INSERT INTO `ticket_msg` SET `ticket`='$w[id]',`user`='$uid',`text`='Топик закрыт модератором.',`time`='$time1 в $time2'");
mysql_query("UPDATE `ticket` SET `status`='off' WHERE `id`='$w[id]'");
header('Location: mzone.php?sd=ticket2&id='.$w['id'].'');
exit;
}
if(isset($_GET['on'])){
$time1 = date('d.m.y');
$time2 = date('H:i:s');
mysql_query("INSERT INTO `ticket_msg` SET `ticket`='$w[id]',`user`='$uid',`text`='Топик открыт модератором.',`time`='$time1 в $time2'");
mysql_query("UPDATE `ticket` SET `status`='on' WHERE `id`='$w[id]'");
header('Location: mzone.php?sd=ticket2&id='.$w['id'].'');
exit;
}
if($w['status']=='off'){$sts = "<a href='mzone.php?sd=ticket2&id=$w[id]&on'>Открыть</a>";}else{$sts = "<a href='mzone.php?sd=ticket2&id=$w[id]&off'>Закрыть</a>";}
echo "Тема: <b>$w[theme]</b> [$w[time]] [$sts]<br>- - -<br>$w[text]<br>- - -<br>";
$q1 = mysql_query("SELECT * FROM `ticket_msg` WHERE `ticket`='$w[id]' ORDER BY `id` DESC LIMIT 10");
While($w1 = mysql_fetch_assoc($q1)){
$us = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id`='$w1[user]'"));
if($us['access']=='3'){$cl="lime";}
if($us['access']=='2'){$cl="blue";}
echo "<hr><font color=$cl>$us[login]</font> ($w1[time]):<br>$w1[text]";
}
echo "<br><br><font size=1 color=grey>В топике выводятся 10 последних сообщений</font>";
if($w['status'] == 'on'){
if(empty($_POST['submit'])){
echo "<br><br><form action='mzone.php?sd=ticket2&id=$w[id]' method='post'>
<textarea cols='50' rows='7' name='text' class='enter'></textarea><br>
<input type='submit' name='submit' value='Отправить' class='enter'></form>";
}else{
$text = mysql_real_escape_string(htmlspecialchars($_POST['text']));
$time1 = date('d.m.y');
$time2 = date('H:i:s');
mysql_query("INSERT INTO `ticket_msg` SET `ticket`='$w[id]',`user`='$uid',`text`='$text',`time`='$time1 в $time2'");
}
}else{
echo "<br>Данный топик закрыт.";
}
echo "<hr><a href='mzone.php?sd=ticket'>← назад</a>";
break;
}
include ('tmp/foot.php');
?>