Файл: 4mast/profmas.ru/adm/us.php
Строк: 81
<?php
require_once('../includes/Headers.php');
require_once('../includes/PDO_func.php');
if (!isset ($us)) {
header ('location: /');
exit;
}
if ($us['level']<2) {
header ('location:/');
exit;
}
if (!isset ($_GET['id'])) {
header ('location: /');
exit;
}
$query = DB :: $dbs -> query ("SELECT * FROM `us` WHERE (`id`=?)", array (intval ($_GET['id'])));
if ($query -> rowCount () == 0) {
header ('location: /');
exit;
}
$u = $query -> fetch ();
if ($u['level'] >= $us['level'] && $u['id']!=$us['id']) {
header ('location: /');
exit;
}
H ($u['nick'], Nick ($u['id']));
echo '<form action="/adm/us.php?id=' . $u['id'] . '&save" method="post" enctype="multipart/form-data">';
$query = DB :: $dbs -> query ("SELECT * FROM `reg` WHERE (`us`='" . $u['id'] . "') AND (`dop` != '')");
if ($query -> rowCount () != 0) {
$reg = $query -> fetch ();
$kem = DB :: $dbs -> queryFetch ("SELECT * FROM `us` WHERE `id`='" . $reg['kem'] . "'");
echo '<div class="block">Регистрацию ' . ( ( $reg['dop'] == 'da') ? 'подтвердил' : 'отклонил' ) . ($kem['sex']=='Муж'?'':'а') . ' ' . Nick ($reg['kem']) . '</div>';
}
echo '</div>';
echo '<div class="block">';
echo 'EMAIL:<br/><input name="email" value="' . $u['email'] . '"/><br/>';
echo '</div>';
if ($u['id']!=$us['id']) {
echo '<div class="block">';
echo '<b>Должность на сайте:</b><br/>';
echo '<select name="level">';
echo '<option value="0">Пользователь</option>';
echo '<option value="1" ' . ($u['level']==1 ? 'selected="selected"' : '') . '>Модер</option>';
echo '<option value="2" ' . ($u['level']==2 ? 'selected="selected"' : '') . '>Админ</option>';
echo '<option value="3" ' . ($u['level']==3 ? 'selected="selected"' : '') . '>Ст. Админ</option>';
echo '</select>';
echo '</div>';
}
echo '<div class="block">';
echo 'Градиент ника (без #): [<a href="/modules/works/color.php">Цвет. палитра</a>]<br />';
echo '<br/><input name="nickcolor1" value="' . $u['nickcolor1'] . '" size="6" maxlength="6"/> ';
echo '<input name="nickcolor2" value="' . $u['nickcolor2'] . '" size="6" maxlength="6"/><br/>';
echo '</div>';
echo '<div class="block">';
echo 'Статус:<br/><textarea name="status">' . $u['status'] . '</textarea><br/>';
echo '</div>';
echo '<div class="block">';
echo '<input type="checkbox" name="mosh" ' . ($u['mosh'] == 1 ? 'checked="checked"' : '') . '/> Клеймо мошенника<br/>';
echo '</div>';
echo '<div class="block">';
echo '<input type="checkbox" name="ups" ' . ($u['ups'] == 1 ? 'checked="checked"' : '') . '/> Управление статусом<br/>';
echo '</div>';
echo '<div class="block">';
echo 'Дизайн пользователя:<br/><select name="style">';
////////////////////////////////////////////////////////////
$s_wm_pasha963 = DB::$dbs->querySingle( "SELECT COUNT(*) FROM `us` WHERE (`style` = 'wm_pasha963')" );
echo '<option value="wm_pasha963"';
if ( $us[ 'style' ] == "wm_pasha963" ) echo 'selected';
echo '>WM by PASHA963 (' . $s_wm_pasha963 . ')</option>';
////////////////////////////////////////////////////////////
$s_defaults = DB::$dbs->querySingle( "SELECT COUNT(*) FROM `us` WHERE (`style` = 'defaults')" );
echo '<option value="defaults"';
if ( $us[ 'style' ] == "defaults" ) echo 'selected';
echo '>Стандартный (' . $s_defaults . ')</option>';
////////////////////////////////////////////////////////////
$s_by_mayk = DB::$dbs->querySingle( "SELECT COUNT(*) FROM `us` WHERE (`style` = 'by_mayk')" );
echo '<option value="by_mayk"';
if ( $u[ 'style' ] == "by_mayk" ) echo 'selected';
echo '>Touch Mayk</option>';
////////////////////////////////////////////////////////////
$s_zomboy_style = DB::$dbs->querySingle( "SELECT COUNT(*) FROM `us` WHERE (`style` = 'zomboy_style')" );
echo '<option value="zomboy_style"';
if ( $us[ 'style' ] == "zomboy_style" ) echo 'selected';
echo '>FORMAST blue (' . $s_zomboy_style . ')</option>';
////////////////////////////////////////////////////////////
echo '<option value="orange"';
if ( $u[ 'style' ] == "orange" ) echo 'selected';
echo '>Orange TheGood</option>';
echo '</select><br/></div>';
echo '<div class="lst">';
echo '<input type="submit" value="Сохранить"/>';
echo '</div>';
echo '</form>';
if (isset ($_GET['save'])) {
$_POST['email'] = htmlspecialchars (addslashes (trim ($_POST['email'])));
if (empty ($_POST['email'])) {
}
else {
$_POST['status'] = htmlspecialchars (addslashes (trim ($_POST['status'])));
if (empty ($_POST['status'])) {
$_POST['status'] = NULL;
}
$_POST['level']= intval ($_POST['level']);
if ($u['id']==$us['id']) {
$_POST['level'] = $us['level'];
}
$_POST['nickcolor1'] = htmlspecialchars (addslashes (trim ($_POST['nickcolor1'])));
if (empty ($_POST['nickcolor1'])) {
$_POST['nickcolor1'] = NULL;
}
else {
$_POST['nickcolor1'] = substr ($_POST['nickcolor1'],0, 6);
}
$_POST['nickcolor2'] = htmlspecialchars (addslashes (trim ($_POST['nickcolor2'])));
if (empty ($_POST['nickcolor2'])) {
$_POST['nickcolor2'] = NULL;
}
else {
$_POST['nickcolor2'] = substr ($_POST['nickcolor2'],0, 6);
}
DB :: $dbs -> query ("UPDATE `us` SET `email`=?, `level`=?, `nickcolor1`=?, `nickcolor2`=?, `ups`='" . (isset ($_POST['ups']) ? 1:0) . "', `status`=?, `mosh`='" . (isset ($_POST['mosh']) ? 1:0) . "', `style` = ? WHERE (`id`='" . $u['id'] . "')", array ($_POST['email'], $_POST['level'], $_POST['nickcolor1'], $_POST['nickcolor2'], $_POST['status'],$_POST['style']));
echo '<div class="access">Успешно сохранено!</div>';
header ('refresh: 1; url=/adm/us.php?id=' . $u['id']);
}
}
require_once('../includes/Footers.php');
?>