Файл: profi_wm/modules/honorable/index.php
Строк: 131
<?php
include '../../system/core.php';
include '../../system/header.php';
if(!$user['id']){
header('Location: /index.php/?m=guest'); exit;
}
if($user['menu'] == 1)
{
include '../../modules/menu/index.php';
}else{
}
switch($_GET['m']){
#Главная
default:
echo '<div class="s"><b>Лучшие мастера</b></div>';
include '../../system/nvg.php';
echo '<div class="list1"><center><img src="/images/pochet.png" alt="*"></center></div>';
echo '<div class="lst"><img src="/images/addceda.png" alt="*">
<a href="?m=add" > Добавить заметку</a>
</div>';
$cop = $user['on_page'];
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `honorable`"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p'])){
$p = $_GET['p'];
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
}else{
$p = 1;
}
$start = $p*$cop-$cop;
$news = mysql_query("SELECT * FROM `honorable` where `mode` = '1' ORDER BY `time` DESC LIMIT $start,$cop");
while($news2 = mysql_fetch_assoc($news)){
echo '<div class="mist"><b>Логин:</b> '.ustatus($news2['login']).' <a href="/us'.$news2['login'].'">'.uname($news2['login']).'</a> '.uaccess($news2['login']).'<br><b>Причина:</b> '.smiles(bbcode($news2['text'])).'<br><b>Имя:</b> '.smiles(bbcode($news2['name'])).'<br><b>Доп. Инфо.:</b> '.smiles(bbcode($news2['din'])).'<br>
<b>WMID:</b> '.smiles(bbcode($news2['wmid'])).'<br>
Вписал: '.ustatus($news2['author']).' <a href="/us'.$news2['author'].'">'.uname($news2['author']).'</a> '.uaccess($news2['author']).' ('.times($news2['time']).')';
if($user['status'] >= 2) echo ' [<a href="?m=del&id='.$news2['id'].'">уд</a>] [<a href="?m=edit&id='.$news2['id'].'">ред</a>]';
echo '</div></div>';
}
echo '<div class="levo">Стр. ';
if($p-2>0) echo '<a href="/honorable?p=1"><<</a> ';
if($p-1>0) echo '<a href="/honorable?p='.($p-1).'"><</a> ';
if($p-3>0) echo '<a href="/honorable?p='.($p-3).'">'.($p-3).'</a> | ';
if($p-2>0) echo '<a href="/honorable?p='.($p-2).'">'.($p-2).'</a> | ';
if($p-1>0) echo '<a href="/honorable?p='.($p-1).'">'.($p-1).'</a> | ';
echo '<b>'.$p.'</b>';
if($p+1<=$cp) echo ' | <a href="/honorable?p='.($p+1).'">'.($p+1).'</a>';
if($p+2<=$cp) echo ' | <a href="/honorable?p='.($p+2).'">'.($p+2).'</a>';
if($p+3<=$cp) echo ' | <a href="/honorable?p='.($p+3).'">'.($p+3).'</a>';
if($p+1<=$cp) echo ' <a href="/honorable?p='.($p+1).'">></a>';
if($p+2<=$cp) echo ' <a href="/honorable?p='.ceil($ca/$cop).'">>></a>';
echo '</div>';
break;
case 'del':
if($user['status'] < 2){
header('Location: /honorable'); exit;
}
$id = TextGuard($_GET['id']);
$news = mysql_fetch_array(mysql_query('select * from `honorable` where `id` = "'.$id.'" limit 1'));
if(empty($id) or !is_numeric($id) or $news == 0){
header('Location: /honorable'); exit;
}
$news_com = mysql_query('select * from `honorable_com` where `honorable` = "'.$id.'"');
while($news_com2 = mysql_fetch_array($news_com)){
mysql_query("DELETE FROM `honorable_com` WHERE `id` = '".$news_com2['id']."'");
}
mysql_query("DELETE FROM `honorable` WHERE `id` = '$id'");
header('Location: /honorable'); exit;
break;
case 'add':
echo '<div class="verh"><a href="/honorable"><b>Лучшие мастера</a> | Добавить</b></div>';
include '../../system/nvg.php';
if(isset($_POST['submit'])){
$text = TextGuard($_POST['text']);
if(empty($text)) $err[] = 'Сообщение осталось пустым...';
$login2 = TextGuard($_POST['login2']);
if(empty($login2)) $err[] = 'ID довенного пользователя не введен...';
$name= TextGuard($_POST['name']);
if(empty($name)) $err[] = 'Имя осталось пустым...';
$wmid= TextGuard($_POST['wmid']);
if(empty($wmid)) $err[] = 'wmid незаполнен...';
$din= TextGuard($_POST['din']);
if(empty($din)) $err[] = 'Незаполнено...';
if(!$err){
mysql_query("INSERT INTO `honorable`(
`author`,
`text`,
`login2`,
`name`,
`din`,
`wmid`,
`time`,
`mode`
)VALUES(
'".$user['id']."',
'".$text."',
'".$login2."',
'".$name."',
'".$din."',
'".$wmid."',
'".time()."',
'0'
)");
$ar = mysql_query("SELECT * FROM `user` WHERE `status` > '1'");
while($ar2 = mysql_fetch_assoc($ar)){
mysql_query("INSERT INTO `op`(
`who`,
`ho`,
`text`,
`time`,
`read`
)VALUES(
'".$ar2['id']."',
'".$user['id']."',
'Хочет добавить [url=/admin?m=honorable]заметку о пользователе[/url]',
'".time()."',
'0'
)");
}
header('Location: /honorable'); exit;
}else{
echo '<div class="pet">';
foreach($err as $err_info){
echo $err_info.'<br>';
}
echo '</div>';
}
}
echo '<div class="mist">
<form action="/honorable?m=add" method="post">
Имя:<br><textarea style="width:98%" name="name" rows="3"></textarea><br>
Причина:<br><textarea style="width:98%" name="text" rows="3"></textarea><br>
ID (довенного пользователя на сайте):<br><textarea style="width:98%" name="login2" rows="3"></textarea><br>
Доп. Инфо.:<br><textarea style="width:98%" name="din" rows="3"></textarea><br>
WMID:<br><textarea style="width:98%" name="wmid" rows="3"></textarea><br>
<input type="submit" value="Добавить" name="submit"/>
</form></div>';
break;
case 'edit':
$id = TextGuard($_GET['id']);
$news = mysql_fetch_array(mysql_query('select * from `honorable` where `id` = "'.$id.'" limit 1'));
if(empty($id) or !is_numeric($id) or $news == 0){
header('Location: /honorable'); exit;
}
echo '<div class="verh"><a href="/honorable"><b>Список мошенников</a> | Редактировать довенного пользователя</b></div>';
include '../../system/nvg.php';
if(isset($_POST['submit'])){
$text = TextGuard($_POST['text']);
if(empty($text)) $err[] = 'Сообщение осталось пустым...';
if(!$err){
mysql_query("UPDATE `honorable` SET `text`='".$text."' WHERE `id` = '".$id."' limit 1");
header('Location: /honorable'); exit;
}else{
echo '<div class="pet">';
foreach($err as $err_info){
echo $err_info.'<br>';
}
echo '</div>';
}
}
echo '<div class="mist">
<form action="/honorable?m=edit&id='.$id.'" method="post">
Текст:<br><textarea style="width:98%" name="text" rows="3">'.$news['text'].'</textarea><br>
<input type="submit" value="Добавить" name="submit"/>
</form></div>';
break;
}
include '../../system/footer.php';
?>