Файл: modules/news/admin.php
Строк: 292
<?php
########################################
## WAP-ENGINE ##
########################################
## ##
## Автор : CHUMA (Токарев Владимир) ##
## e-mail : crazychuma@gmail.com ##
## WAP : http://wap-engine.ru ##
## ##
########################################
## ВЫ НЕ ИМЕЕТЕ ПРАВО ##
## ИЗМЕНЯТЬ КОД СКРИПТА ##
## ДЛЯ ДАЛЬНЕЙШЕГО РАСПРОСТРАНЕНИЯ! ##
########################################
include ('../../config.php');
include ('../../templates/run.php');
include ('../../templates/func.php');
####################
$str = filter($_GET['str']);
$page = filter($_GET['page']);
$num = filter($_GET['id']);
$n = filter($_GET['n']);
####################
if($_GET['act']=='edit_form')
{
if (isset($_SESSION['pass']) && isset($passw) && $_SESSION['pass'] == $passw && ($status == '1' || $status == '2'))
{
$basestr = file('../../data/news.txt');
$news_arr = explode('|', $basestr[$str]);
$news = str_replace('<br />', '
', $news_arr[3]);
include '../../themes/'.$themes.'.php';
echo '<p class="modul_name">Редактирование новости</p>';
echo"<form method="post" action="admin.php?act=editnews&id=$num&str=$str&page=$page&".session_name()."=".session_id()."">";
echo"<p align="center" class="b">Новость:<br /><textarea rows="4" cols="15" name="news">$news</textarea><br />
<input type="checkbox" name="msgtrans" value="1" /> Транслит новости<br />
<input type="checkbox" name="del_koms" value="1" /> Удалить комментари этой новости<br />";
echo"<input value="Изменить" name="do" type="submit" /></form></p>";
echo"<p><a href="index.php?page=$page&".session_name()."=".session_id()."">В новости</a></p>";
include '../../templates/foot.php';
}
else
{
include '../../themes/'.$themes.'.php';
echo "<p class="err">Ошибка авторизации!!!<br /></p>";
echo "<p><a href="index.php?page=$page&".session_name()."=".session_id()."">В новости</a></p>";
include '../../templates/foot.php';
}
}
####################
if($_GET['act']=='delnews')
{
if(isset($_SESSION['pass']) && isset($passw) && $_SESSION['pass'] == $passw && ($status == '1' || $status == '2'))
{
$basedel = '../../data/news.txt';
$basestr = file($basedel);
$kol_news = count($basestr);
if($kol_news != 1)
{
$delstr = trim($basestr[$str]);
$news_exp = explode('|', $basestr[$str]);
$deleted_news = trim($news_exp[3]);
$buff = @file_get_contents($basedel);
$buff = str_replace("$delstrrn",'',$buff);
$file = fopen($basedel,'w');
fputs($file, $buff);
fclose($file);
if(file_exists('../../data/newskoments/'.$num.'.txt'))
{
$file = fopen('../../data/newskoments/'.$num.'.txt','w');
fputs($file,'');
fclose($file);
@unlink('../../data/newskoments/'.$num.'.txt');
}
$date = date('d.m.Y / H:i:s', time() + ($sdvigclock*3600));
$adm_log_f = @file('../../data/adm_log.php');
$adm_log_count = count($adm_log_f) - 2;
$mes_to_adm_log = "$login|$date|Удалил новость "$deleted_news"rn";
for($i=2; $i < $adm_log_count; $i++)
{
$mes_to_adm_log .= "$adm_log_f[$i]";
}
$mes_to_adm_log = trim($mes_to_adm_log);
write_to_file('../../data/adm_log.php', "<?phprn/*rn$mes_to_adm_logrn*/rn?>");
header ("location: index.php?page=$page&".session_name()."=".session_id()."");
}
else
{
include '../../themes/'.$themes.'.php';
echo "<p class="err">Ошибка!!! Нельзя удалить единственную новость. Хотя бы одна новость должна оставаться.<br /></p>";
echo "<p><a href="index.php?page=$page&".session_name()."=".session_id()."">В новости</a></p>";
include '../../templates/foot.php';
}
}
else
{
include '../../themes/'.$themes.'.php';
echo "<p class="err">Ошибка авторизации!!!<br /></p>";
echo "<p><a href="index.php?page=$page&".session_name()."=".session_id()."">В новости</a></p>";
include '../../templates/foot.php';
}
}
####################
if($_GET['act']=='editnews')
{
if(isset($_SESSION['pass']) && isset($passw) && $_SESSION['pass'] == $passw && ($status == '1' || $status == '2'))
{
$confnews = $_POST['news'];
$setnews = stripslashes(trim($confnews));
$news_f = file('../../data/news.txt');
$news_arr = explode('|', $news_f[$str]);
if($_POST['msgtrans'] == 1)
{
$setnews = tr_to_win($setnews);
}
$setnews = str_replace('
', '<br />', $setnews);
$confignews = str_replace($news_arr[3], "$setnewsrn", $news_f[$str]);
$zap = implode($news_f);
$zap = str_replace($news_f[$str], $confignews, $zap);
$fip = fopen('../../data/news.txt','w');
fwrite($fip, $zap);
fclose($fip);
if($_POST['del_koms'] == 1)
{
if(file_exists('../../data/newskoments/'.$num.'.txt'))
{
$file = fopen('../../data/newskoments/'.$num.'.txt','w');
fputs($file,'');
fclose($file);
@unlink('../../data/newskoments/'.$num.'.txt');
}
}
$deleted_news = trim($news_arr[3]);
$date = date('d.m.Y / H:i:s', time() + ($sdvigclock*3600));
$adm_log_f = @file('../../data/adm_log.php');
$adm_log_count = count($adm_log_f) - 2;
$mes_to_adm_log = "$login|$date|Отредактировал новость "$deleted_news" на "$setnews"rn";
for($i=2; $i < $adm_log_count; $i++)
{
$mes_to_adm_log .= $adm_log_f[$i];
}
$mes_to_adm_log = trim($mes_to_adm_log);
write_to_file('../../data/adm_log.php', "<?phprn/*rn$mes_to_adm_logrn*/rn?>");
header ("location: index.php?page=$page&".session_name()."=".session_id()."");
}
else
{
include '../../themes/'.$themes.'.php';
echo "<p class="err">Ошибка авторизации!!!<br /></p>";
echo "<p><a href="index.php?page=$page&".session_name()."=".session_id()."">В новости</a></p>";
include '../../templates/foot.php';
}
}
####################
if($_GET['act']=='delkom')
{
if(isset($_SESSION['pass']) && isset($passw) && $_SESSION['pass'] == $passw && ($status == '1' || $status == '2' || $status == '3'))
{
$basedel = '../../data/newskoments/'.$num.'.txt';
$basestr = file("$basedel");
$delstr = trim($basestr[$str]);
$kom_exp = explode('|', $basestr[$str]);
$deleted_kom = trim($kom_exp[0]).': '.trim($kom_exp[5]);
$buff = @file_get_contents($basedel);
$buff = str_replace("$delstrrn",'',$buff);
write_to_file($basedel, $buff);
$deleted_news = trim($news_arr[3]);
$date = date('d.m.Y / H:i:s', time() + ($sdvigclock*3600));
$adm_log_f = @file('../../data/adm_log.php');
$adm_log_count = count($adm_log_f) - 2;
$mes_to_adm_log = "$login|$date|Удалил комментарий в новости "$deleted_kom"rn";
for($i=2; $i < $adm_log_count; $i++)
{
$mes_to_adm_log .= $adm_log_f[$i];
}
$mes_to_adm_log = trim($mes_to_adm_log);
write_to_file('../../data/adm_log.php', "<?phprn/*rn$mes_to_adm_logrn*/rn?>");
header ("location: kom.php?id=$num&n=$n&page=$page&".session_name()."=".session_id()."");
}
else
{
include '../../themes/'.$themes.'.php';
echo "<p class="err">Ошибка авторизации!!!<br /></p>";
echo "<p><a href="kom.php?id=$num&n=$n&page=$page&".session_name()."=".session_id()."">В коментарии</a></p>";
include '../../templates/foot.php';
}
}
####################
if($_GET['act']=='ban')
{
if (isset($_SESSION['pass']) && isset($passw) && $_SESSION['pass'] == $passw && ($status == '1' || $status == '2' || $status == '3'))
{
$ban_ip = htmlspecialchars(stripslashes(trim($_GET['ban'])));
$banlist = '../../data/ban.txt';
$file = fopen($banlist,'a+');
fputs($file,"$ban_iprn");
fclose($file);
$ban_exp = explode('||', $ban_ip);
$ban_ip = $ban_exp[0].' - '.$ban_exp[1];
$date = date('d.m.Y / H:i:s', time() + ($sdvigclock*3600));
$adm_log_f = @file('../../data/adm_log.php');
$adm_log_count = count($adm_log_f) - 2;
$mes_to_adm_log = "$login|$date|Забанил IP $ban_iprn";
for($i=2; $i < $adm_log_count; $i++)
{
$mes_to_adm_log .= $adm_log_f[$i];
}
$mes_to_adm_log = trim($mes_to_adm_log);
write_to_file('../../data/adm_log.php', "<?phprn/*rn$mes_to_adm_logrn*/rn?>");
include '../../themes/'.$themes.'.php';
echo "<p class="b">IP и браузер забанены!<br /></p>";
echo "<p><a href="kom.php?id=$num&n=$n&page=$page&".session_name()."=".session_id()."">В коментарии</a></p>";
include '../../templates/foot.php';
}
else
{
include '../../themes/'.$themes.'.php';
echo "<p class="err">Ошибка авторизации!!!<br /></p>";
echo "<p><a href="kom.php?id=$num&n=$n&page=$page&".session_name()."=".session_id()."">В коментарии</a></p>";
include '../../templates/foot.php';
}
}
####################
if($_GET[act]=='banuser')
{
if (isset($_SESSION['pass']) && isset($passw) && $_SESSION['pass'] == $passw && ($status == "1" || $status == "2" || $status == "3"))
{
include '../../themes/'.$themes.'.php';
$kogo = filter($_GET['ban']);
echo'<p class="modul_name">Забанить пользователя '.$kogo.'</p>';
echo"<form method="post" action="../admin/users.php?act=ban&nick=$kogo&".session_name()."=".session_id().""><p class="b">";
echo"До какого времени:<br />";
echo"Год: <select name="god" class="textbox">";
for($g=2010; $g <= 2020; $g++)
{
if($g == date ("Y", time() + ($sdvigclock*3600)))
{ echo"<option selected="selected">$g</option>"; } else
{ echo"<option>$g</option>"; }
}
echo "</select>";
echo "Сейчас: ".date ("Y", time() + ($sdvigclock*3600))."<br />";
echo"Месяц: <select name="mes" class="textbox">";
for($m=1; $m <= 12; $m++)
{
if($m < 10) { $m = "0".$m; }
if($m == date ("m", time() + ($sdvigclock*3600)))
{ echo"<option selected="selected">$m</option>"; } else
{ echo"<option>$m</option>"; }
}
echo "</select>";
echo "Сейчас: ".date ("m", time() + ($sdvigclock*3600))."<br />";
echo"День: <select name="den" class="textbox">";
for($d=1; $d <= 31; $d++)
{
if($d < 10) { $d = "0".$d; }
if($d == date ("d", time() + ($sdvigclock*3600)))
{ echo"<option selected="selected">$d</option>"; } else
{ echo"<option>$d</option>"; }
}
echo "</select>";
echo "Сейчас: ".date ("d", time() + ($sdvigclock*3600))."<br />";
echo"Час: <select name="chas" class="textbox">";
for($ch=0; $ch <= 23; $ch++)
{
if($ch < 10) { $ch = "0".$ch; }
if($ch == date ("H", time() + ($sdvigclock*3600)))
{ echo"<option selected="selected">$ch</option>"; } else
{ echo"<option>$ch</option>"; }
}
echo "</select>";
echo "Сейчас: ".date ("H", time() + ($sdvigclock*3600))."<br />";
echo"Минут: <select name="minut" class="textbox">";
for($mi=0; $mi <= 59; $mi++)
{
if($mi < 10) { $mi = "0".$mi; }
if($mi == date ("i", time() + ($sdvigclock*3600)))
{ echo"<option selected="selected">$mi</option>"; } else
{ echo"<option>$mi</option>"; }
}
echo "</select>";
echo "Сейчас: ".date ("i", time() + ($sdvigclock*3600))."<br />";
echo"За (что?):<br /><input name="why" value="плохое поведение" /><br />";
echo"<input value="Применить" type="submit" /></p></form>";
echo "<p><a href="kom.php?id=$num&n=$n&page=$page&".session_name()."=".session_id()."">В коментарии</a></p>";
include '../../templates/foot.php';
}
else
{
include '../../themes/'.$themes.'.php';
echo "<p class="err">Ошибка авторизации!!!<br /></p>";
echo "<p><a href="kom.php?id=$num&n=$n&page=$page&".session_name()."=".session_id()."">В коментарии</a></p>";
include '../../templates/foot.php';
}
}
####################
?>