Файл: anibiliwar.ru/pravka.php
Строк: 328
<?
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if(!$user OR $user['access'] < 1) {
header('location: /');
exit;
}
switch($_GET['action']) {
default:
$title = 'Админка';
include './system/h.php';
?>
<div class='title'><?=$title?></div>
<div class='line'></div>
<div class='list'>
<li><a href='/pravka/clon/'><img src='/images/icon/arrow.png' alt='*'/> Проверить клонов</a></li>
<li><a href='/pravka/ban/'><img src='/images/icon/arrow.png' alt='*'/> Баны</a></li>
<li><a href='/pravka/trade/'><img src='/images/icon/arrow.png' alt='*'/> Передача вещей</a></li>
<li><a href='/adm1.php/'><img src='/images/icon/arrow.png' alt='*'/> ТЕСТ</a></li>
<?
if($user['access'] == 2) {
?>
<li><a href='/ticket.php?mode=viev_all'><img src='/images/icon/arrow.png' alt='*'/> Запросы в ТЕХПОДДЕРЖКЕ</a></li>
<li><a href='/pravka/acc/'><img src='/images/icon/arrow.png' alt='*'/> Изменить игрока</a></li>
<li><a href='/wkk.oplata.php'><img src='/images/icon/arrow.png' alt='*'/> Успешные пополнения</a></li>
<li><a href='/wk.oplata.php'><img src='/images/icon/arrow.png' alt='*'/> Пополнения</a></li>
<li><a href='/pravka/deposit/'><img src='/images/icon/arrow.png' alt='*'/> Перевод средств</a></li>
<li><a href='/art_online.php'><img src='/images/icon/arrow.png' alt='*'/> Включить offline</a></li>
<li><a href='/md_battle.php'><img src='/images/icon/arrow.png' alt='*'/> Настройка Великой битвы</a></li>
<li><a href='/pravka/news/'><img src='/images/icon/arrow.png' alt='*'/> Создать Новость</a></li>
<li class='no_b'></li>
</div>
<?
}
?>
<?
include './system/f.php';
break;
case 'ref':
$title = 'Чисто News';
include './system/h.php';
?>
<div class='title'><?=$title?></div>
<div class='line'></div>
<div class='content'>
<?
?>
</div>
<?
include './system/f.php';
break;
case 'news':
$title = 'Добавить новость';
include './system/h.php';
?>
<div class='title'><?=$title?></div>
<div class='line'></div>
<div class='content'>
<?
if(isset($_GET['add'])){
$name=$_POST['name'];
$text=$_POST['text'];
$news = mysql_query("SELECT * FROM `news` ORDER BY id DESC LIMIT 1");
$news = mysql_fetch_array($news);
$day = 3*1;
$time = time()-$news['time'];
if($time >= $day){
mysql_query("INSERT INTO `news` (`name`,`text`,`user`,`time`) VALUES ('$name','$text','".$user['id']."','".time()."')");
mysql_query("DELETE FROM `news_go` WHERE 1");
}
header('location: /');
}
?>
<form action="?add" method="post">
<p>Заголовок: <input type="text" name="name" /></p>
<p>Описание: <input type="text" name="text" /></p>
<p><input type="submit" value='Добавить!'/></p>
</form>
<br>
Писать новость можно раз в 6 часов
</div>
<?
include './system/f.php';
break;
case 'clon':
$title = 'Проверка на мультоводство';
include './system/h.php';
?>
<div class='title'><?=$title?></div>
<div class='line'></div>
<div class='content'>
<?
$id = _string(_num($_POST['id']));
if($id) {
$users = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'"');
$users = mysql_fetch_array($users);
if(!$users) {
header('location: /pravka/clon/');
exit;
}
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `users` WHERE `ip` = "'.$users['ip'].'" AND `id` != "'.$users['id'].'"'),0);
?>
IP: <?=$users['ip']?> [<?=$users['ua']?>]<br/>
</div>
<div class='line'></div>
<div class='content'>
<?
if($count > 0) {
$q = mysql_query('SELECT * FROM `users` WHERE `ip` = "'.$users['ip'].'" AND `id` != "'.$users['id'].'"');
while($row = mysql_fetch_array($q)) {
?>
<img src='/images/icon/race/<?=$row['r']?>.png' alt='*'/> <a href='/user/<?=$row['id']?>/'><?=$row['login']?></a><br/>
<?
}
}
else
{
?>
<font color='#999'>Персонажей нет!</font>
<?
}
}
else
{
?>
<form action='/pravka/clon/' method='post'>
ID персонажа:<br/><input name='id'/><br/>
<input type='submit' value='Поиск'/>
</form>
<?
}
?>
</div>
<?
include './system/f.php';
break;
case 'ban':
$title = 'Управление банами';
include './system/h.php';
?>
<div class='title'><?=$title?></div>
<div class='line'></div>
<?
if($_GET['list'] == true) {
$max = 10;
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `ban` WHERE `time` > "'.time().'"'),0);
$pages = ceil($count/$max);
$page = _string(_num($_GET['page']));
if($page > $pages) {
$page = $pages;
}
if($page < 1) {
$page = 1;
}
$start = $page * $max - $max;
if($count > 0) {
$id = _string(_num($_GET['id']));
if($id) {
$ban = mysql_query('SELECT * FROM `ban` WHERE `id` = "'.$id.'"');
$ban = mysql_fetch_array($ban);
if(!$ban) {
header('location: /pravka/ban/list/?page='.$page);
exit;
}
?>
<div class='content'>
</div>
<div class='line'></div>
<?
if($_GET['delete'] == true) {
mysql_query('DELETE FROM `ban` WHERE `id` = "'.$id.'"');
header('location: /pravka/ban/list/?page='.$page);
}
}
?>
<div class='menu'>
<?
$q = mysql_query('SELECT * FROM `ban` WHERE `time` > "'.time().'" ORDER BY `id` DESC LIMIT '.$start.', '.$max.'');
while($row = mysql_fetch_array($q)) {
$u = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$row['user'].'"');
$u = mysql_fetch_array($u);
?>
<li><span style='float: right;'>( <a href='/pravka/ban/list/?id=<?=$row['id']?>&delete=true&page=<?=$page?>'>Удалить</a> | <a href='/pravka/ban/list/?id=<?=$row['id']?>&page=<?=$page?>'>Редактировать</a> )</span><img src='/images/icon/race/<?=$u['r'].($u['online'] > time() - 300 ? '':'-off')?>.png' alt='*'/> <a href='/user/<?=$u['id']?>/'><?=$u['login']?></a>
<br/>
Осталось: <?=_time($row['time'] - time())?>
</li>
<?
}
?>
<li class='no_b'><?=pages('/pravka/ban/list/?')?></li>
<?
}
else
{
}
?>
</div>
<?
}
else
{
$id = _string(_num($_POST['id']));
if($id) {
$users = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'"');
$users = mysql_fetch_array($users);
if(!$users OR $users['access'] >= $user['access']) {
header('location: /pravka/ban/');
exit;
}
$d = _string(_num($_POST['d']));
$h = _string(_num($_POST['h']));
if($h > 24) {
$h = 24;
}
$m = _string(_num($_POST['m']));
if($m > 60) {
$m = 60;
}
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `ban` WHERE `user` = "'.$users['id'].'"'),0);
if($count == 0) {
mysql_query('INSERT INTO `ban` (`user`,
`time`,
`ip`) VALUES ("'.$users['id'].'",
"'.(time() + ($d * 86400) + ($h * 3600) + ($m * 60)).'",
"'.$users['ip'].'")');
?>
<div class='content' align='center'>
<img src='/images/icon/ok.png' alt='*'/> <font color='#3c3'>Персонаж заблокирован!</font></div>
<?
}
else
{
?>
<div class='content' align='center'>
<img src='/images/icon/error.png' alt='*'/> <font color='#c66'>Персонаж уже заблокирован!</font><br/></div>
<?
}
?>
<div class='line'></div>
<?
}
?>
<div class='content'>
<form action='/pravka/ban/' method='post'>
ID персонажа:<br/><input name='id'/><br/>
<br/>дней <input name='d' size='2' value='0'/><br/>
<br/>часов <input name='h' size='2' value='0'/><br/>
<br/>минут <input name='m' size='2' value='0'/><br/>
<input type='submit' value='Забанить'/>
</form>
</div>
<div class='line'></div>
<div class='list'>
<li class='no_b'><a href='/pravka/ban/list/'><img src='/images/icon/arrow.png' alt='*'/> Список забаненых: (<?=mysql_result(mysql_query('SELECT COUNT(*) FROM `ban` WHERE `time` > "'.time().'"'),0)?>)</li></a>
</div>
<?
}
include './system/f.php';
break;
case 'unitpay':
if($user['access'] == 3) {
header('location: /pravka/');
exit;
}
$title = 'Пополнения';
include './system/h.php';
?>
<div class='title'><?=$title?></div>
<div class='line'></div>
<?
$max = 10;
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `unitpay_payments`'),0);
$pages = ceil($count/$max);
$page = _string(_num($_GET['page']));
if($page > $pages) {
$page = $pages;
}
if($page < 1) {
$page = 1;
}
$start = $page * $max - $max;
if($count > 0) {
?>
<div class='menu'>
<li><table width='100%' cellpadding='0' cellspacing='0'>
<tr>
<td width='30%'>Имя персонажа<td>
<td width='30%'>Сумма</td>
<td>Статус</td>
</tr></table></li>
<?
$q = mysql_query('SELECT * FROM `unitpay_payments` ORDER BY `id` DESC LIMIT '.$start.', '.$max.'');
while($row = mysql_fetch_array($q)) {
$account = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$row['account'].'"');
$account = mysql_fetch_array($account);
?>
<li><table width='100%' cellpadding='0' cellspacing='0'>
<tr>
<td width='30%'><img src='/images/icon/race/<?=$account['r'].($account['online'] > time() - 300 ? '':'-off')?>.png' alt='*'/> <a href='/user/<?=$account['id']?>/'><?=$account['login']?></a></td>
<td width='30%'><?=number_format($row['sum'], 2, '.', '')?> руб.</td>
<td><?=($row['status'] == 0 ? '<font color='#c06060'>Ошибка</font>':'<font color='#3c3'>Успешно</font>')?></td>
</tr></table></li>
<?
}
?>
<li class='no_b'><?=pages('/pravka.php?action=unitpay&')?></li>
</div>
<?
}
else
{
?>
<?
}
include './system/f.php';
break;
case 'deposit':
if($user['access'] < 3) {
header('location: /pravka/');
exit;
}
$title = 'Передача средств';
include './system/h.php';
?>
<div class='title'><?=$title?></div>
<div class='line'></div>
<?
if($_POST['submit']) {
$id = _string(_num($_POST['id']));
$users = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'"');
$users = mysql_fetch_array($users);
if($users) {
$type = _string($_POST['type']);
$count= _string(_num($_POST['count']));
if(mysql_query('UPDATE `users` SET `'.$type.'` = `'.$type.'` + '.$count.' WHERE `id` = "'.$id.'"')) {
?>
<div class='content' align='center'>Перевод успешно выполнен!</div>
<div class='line'></div>
<?
}
else
{
}
}
else
{
}
}
?>
<div class='content'>
<form action='/pravka/deposit/' method='post'>
ID персонажа:<br/><input name='id'/><br/>
<select name='type'>
<option value='s'>Серебро</option>
<option value='g'>Золото</option>
</select>
<br/><input name='count' size='2' value='0'/><br/>
<input type='submit' name='submit' value='Перевести'/>
</form>
</div>
<?
include './system/f.php';
break;
case 'trade':
if($user['access'] < 3) {
header('location: /pravka/');
exit;
}
$title = 'Передача вещей';
include './system/h.php';
?>
<div class='title'><?=$title?></div>
<div class='line'></div>
<?
if($_POST['submit']) {
$id = _string(_num($_POST['id']));
$item = _string(_num($_POST['item']));
$users = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'"');
$users = mysql_fetch_array($users);
$item = mysql_query('SELECT * FROM `items` WHERE `id` = "'.$item.'"');
$item = mysql_fetch_array($item);
switch($item['quality']) {
case 0:
$bonus = 0;
$str =28;
$vit =28;
$agi =28;
$def =28;
break;
case 1:
$bonus = 5;
$str =31;
$vit =31;
$agi =31;
$def =31;
break;
case 2:
$bonus = 10;
$str =45;
$vit =45;
$agi =45;
$def =45;
break;
case 3:
$bonus = 10;
$str =52;
$vit =52;
$agi =52;
$def =52;
break;
case 4:
$bonus = 10;
$str =60;
$vit =60;
$agi =60;
$def =60;
break;
case 5:
$bonus = 10;
$str =120;
$vit =120;
$agi =120;
$def =120;
break;
case 6:
$bonus = 10;
$str =170;
$vit =170;
$agi =170;
$def =170;
break;
}
if($users && $item) {
$type = _string($_POST['type']);
$count= _string(_num($_POST['count']));
if(mysql_query('INSERT INTO `inv` (`user`,
`item`,
`bonus`,
`_str`,
`_vit`,
`_agi`,
`_def`) VALUES ("'.$users['id'].'",
"'.$item['id'].'",
"'.$bonus.'",
"'.$str.'",
"'.$vit.'",
"'.$agi.'",
"'.$def.'")')) {
?>
<div class='content' align='center'>Вещь успешно передана!</div>
<div class='line'></div>
<?
}
else
{
}
}
else
{
}
}
?>
<div class='content'>
<form action='/pravka/trade/' method='post'>
ID персонажа:<br/><input name='id'/>
<select name='item'>
<?
$q = mysql_query('SELECT * FROM `items` ORDER BY `id`');
while($row = mysql_fetch_array($q)) {
switch($row['quality']) {
case 0:
$quality = 'П';
break;
case 1:
$quality = 'О';
break;
case 2:
$quality = 'Р';
break;
case 3:
$quality = 'Э';
break;
case 4:
$quality = 'Л';
break;
case 5:
$quality = 'Б';
break;
case 6:
$quality = 'С Б';
break;
}
?>
<option value='<?=$row['id']?>'><?=$row['id']?> / <?=$quality?> / <?=$row['name']?></option>
<?
}
?>
</select><br/>
<input type='submit' name='submit' value='Передать'/>
</form>
</div>
<?
include './system/f.php';
break;
case 'acc':
if($user['access'] < 3) {
header('location: /pravka/');
exit;
}
$title = 'Редактирование Игрока';
include './system/h.php';
if(isset($_GET['yes'])){
echo _string($_POST['name']);
mysql_query('UPDATE `boss` SET `name` = ''._string($_POST['name']).' WHERE `id` = '._string(_num($_GET['yes'])).' LIMIT 1');
header('location: /pravka/acc/');
exit;
}
if(isset($_POST['submit']) & !empty($_POST['id'])){
$acc = mysql_fetch_array(mysql_query('SELECT * FROM `boss` WHERE `id` = '._string(_num($_POST['id'])).' LIMIT 1'));
?>
<div class="content">
<form action='/pravka/acc/yes/<?=_string(_num($_POST['id']))?>/'method='post'>
Никнейм:
<br/>
<input type='text' name='name' value='<?=$acc['name']?>'
<br/>
<input type='submit' name='submit' value='Изменить'/>
</form>
</div>
<?
}
else{
?>
<div class="content">
<form action='/pravka/acc/' method='post'>
ID bosa:
<br/>
<input name='id'/>
<br/>
<input type='submit' name='submit' value='Изменить'/>
</form>
</div>
<?
}
include './system/f.php';
break;
}
?>