Файл: archive_01122016_1136/public_html/admin/user.php
Строк: 98
<?php
$add = "add";
if($_GET['mode']==$add)
{
include ("../conf.php");
include ("../lock.php");
if ($user == $myrow["user"] && $pass == $myrow["pass"] && $user != '')
{
if($user == $adname){
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo <<< sss
<div class='nav'><form name="form" action="user.php?mode=user&user=$user&pass=$pass" method="post">
Логин:<br />
<input name="user_name" type="text" value=""><br />
<input type="submit" value="Ok">
</form></div>
sss;
echo "<a href=../menu.php?user=$user&pass=$pass>В меню</a>";
include ("../foot.php");
exit();
}
}
else
{
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo "Ошибка! <br />Неверный <b>Ник</b> или <b>Пароль</b>!<br />";
echo <<<sss
<a href="../index.php">На главную</a>
sss;
include ("../foot.php");
}
}
$user = "user";
if($_GET['mode']==$user)
{
include ("../conf.php");
include ("../lock.php");
if ($user == $myrow["user"] && $pass == $myrow["pass"] && $user != '')
{
if($user == $adname){
$user_name = mysql_real_escape_string(trim($_POST['user_name']));
$result111 = mysql_query("SELECT * FROM userlist WHERE user='".$user_name."'");
$myrow111 = mysql_fetch_array($result111);
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo "<div class='nav'>";
echo "Ник: ".$myrow111['user']."<br />ID: ".$myrow111['id']."<br />Пароль: ".$myrow111['pass']."</div>";
if($myrow111["level"] == 2)
{
echo "<a href='user.php?mode=mdel&user=$user&pass=$pass&ids=".$myrow111['id']."'>Разжаловать</a>";
}
else
{
echo "<a href='user.php?mode=moder&user=$user&pass=$pass&ids=".$myrow111['id']."'>Назначить модером</a>";
}
echo "<div class=stb><form name='' action='user.php?mode=del&user=$user&pass=$pass' method='post'>";
echo "<input name='id' type='hidden' value='".$myrow111['id']."'>";
echo "<input type='submit' value='Удалить игрока'></form></div>";
echo "<a href=../menu.php?user=$user&pass=$pass>В меню</a>";
include ("../foot.php");
exit();
}
}
else
{
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo "Ошибка! <br />Неверный <b>Ник</b> или <b>Пароль</b>!<br />";
echo <<<sss
<a href="../index.php">На главную</a>
sss;
include ("../foot.php");
}
}
$del = "del";
if($_GET['mode']==$del)
{
include ("../conf.php");
include ("../lock.php");
if ($user == $myrow["user"] && $pass == $myrow["pass"] && $user != '' && $user == $adname)
{
$id = mysql_real_escape_string(trim($_POST['id']));
if($id != '')
{
$result = mysql_query("DELETE FROM userlist WHERE id='".$id."'");
if ($result == 'true')
{
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo "<div class='nav'>Юзер Удален!</div>";
echo "<a href=../menu.php?user=$user&pass=$pass>В меню</a>";
include ("../foot.php");
exit();
}
}
else
{
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo "<div class='nav'>";
echo "Юзер не Удален!</div>";
echo <<< sss
<a href=../menu.php?user=$user&pass=$pass>В меню</a>
sss;
include ("../foot.php");
exit();
}
}
else
{
include ("../head.php");
echo "Ошибка! <br />Неверный <b>Ник</b> или <b>Пароль</b>!<br />";
echo <<<sss
<a href="../index.php">На главную</a>
sss;
include ("../foot.php");
}
}
$moder = "moder";
if($_GET['mode']==$moder)
{
include ("../conf.php");
include ("../lock.php");
if ($user == $myrow["user"] && $pass == $myrow["pass"] && $user != '')
{
if($user == $adname){
$ids = mysql_real_escape_string(trim($_GET['ids']));
$result33 = mysql_query("UPDATE userlist SET level='2' WHERE id='".$ids."'");
if ($result33 == 'true')
{
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo "<div class='nav'>";
echo "Юзер назначен модером!<div>";
echo "<a href=../menu.php?user=$user&pass=$pass>В меню</a>";
include ("../foot.php");
exit();
}
else
{
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo "<div class='nav'>";
echo "Ошибка! Юзер не назначен модером!<div>";
echo "<a href=../menu.php?user=$user&pass=$pass>В меню</a>";
include ("../foot.php");
exit();
}
}
}
else
{
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo "Ошибка! <br />Неверный <b>Ник</b> или <b>Пароль</b>!<br />";
echo <<<sss
<a href="../index.php">На главную</a>
sss;
include ("../foot.php");
}
}
$mdel = "mdel";
if($_GET['mode']==$mdel)
{
include ("../conf.php");
include ("../lock.php");
if ($user == $myrow["user"] && $pass == $myrow["pass"] && $user != '' && $user == $adname)
{
$ids = mysql_real_escape_string(trim($_GET['ids']));
if($ids != '')
{
$result = mysql_query("UPDATE userlist SET level='0' WHERE id='".$ids."'");
if ($result == 'true')
{
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo "<div class='nav'>Юзер разжалован!</div>";
echo "<a href=../menu.php?user=$user&pass=$pass>В меню</a>";
include ("../foot.php");
exit();
}
}
else
{
include ("../head.php");
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
echo "<div class='nav'>";
echo "Юзер не разжалован!</div>";
echo <<< sss
<a href=../menu.php?user=$user&pass=$pass>В меню</a>
sss;
include ("../foot.php");
exit();
}
}
else
{
include ("../head.php");
echo "Ошибка! <br />Неверный <b>Ник</b> или <b>Пароль</b>!<br />";
echo <<<sss
<a href="../index.php">На главную</a>
sss;
include ("../foot.php");
}
}
?>