Файл: moduls/groups/panel.php
Строк: 224
<?php
/**
* @package Prime Social
* @link http://primesocial.ru
* @copyright Copyright (C) 2016 Prime Social
* @author BoB | http://primesocial.ru/about
*/
require_once('../../core/start.php');
require_once('func.php');
check_auth();
$id = abs(num($_GET['id']));
$group = DB::$dbs->queryFetch("SELECT * FROM ".GROUPS." WHERE `id` = ? ",array($id));
if (empty($group)) {
head('Guruh topilmadi');
echo DIV_ERROR . 'Xatolik!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <b>Guruh topilmadi</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
if ($group['user_id'] != $user['user_id'] && privilegy('group') == FALSE) {
head('Kirishda xatolik');
echo DIV_ERROR . 'Xatolik!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <b>Kirishda xatolik</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
switch ($select) {
default:
head('Guruhni boshqarish');
echo DIV_LI . '<a href="'.HOME.'/groups/'.$group['id'].'/panel/logo/">Guruh logotipi</a>' . CLOSE_DIV;
echo DIV_LI . '<a href="'.HOME.'/groups/'.$group['id'].'/panel/info/">Asosiy ma`lumot</a>' . CLOSE_DIV;
echo DIV_LI . '<a href="'.HOME.'/groups/'.$group['id'].'/panel/private/">Shahsiylik sozlamalari</a>' . CLOSE_DIV;
echo DIV_LI . '<a href="'.HOME.'/groups/'.$group['id'].'/panel/peoples/">Guruhdagi foydalanuvchilar</a>' . CLOSE_DIV;
echo DIV_LI . '<a href="'.HOME.'/groups/'.$group['id'].'/panel/admin/">Ma`muriyat</a>' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <a href="'.HOME.'/groups/'.$group['id'].'/">'.$group['name'].'</a> / <b>Guruhni boshqarish</b>' . CLOSE_DIV;
break;
case 'logo':
head('Guruh logotipi');
if (isset($_GET['del'])) {
unlink('../../files/groups/'.$group['logo']);
unlink('../../files/groups/mini_'.$group['logo']);
DB::$dbs->query("UPDATE ".GROUPS." SET `logo` = ? WHERE `id` = ?", array('', $group['id']));
header("Location: ".HOME."/groups/".$group['id']."/panel/logo/");
}
if (!empty($_POST['upload'])) {
$name = $_FILES['file']['name']; # Fayl nomi
$ext = strtolower(strrchr($name, '.')); # Fayl formati
$par = getimagesize($_FILES['file']['tmp_name']); # Rasm shakli
$size = $_FILES['file']['size']; # Fayl hajmi
$time = time();
$file = $time.$ext;
$pictures = array('.jpg', '.jpeg', '.gif', '.png'); # Mumkun bo`lgan formatlar
if ($size > (1048576 * $config['max_upload_group'])) {
$err .= 'Fayl hajmi belgilangan miqdordan oshmoqda. [Max. '.$config['max_upload_group'].'Mb.]<br />';
}
if (preg_match('/.php/i', $name) || preg_match('/.pl/i', $name) || $name == '.htaccess' || !in_array($ext, $pictures)) {
$err .= 'Fayl formati noto`g`ri.<br />';
}
if (empty($err)) {
@unlink('../../files/groups/'.$group['logo']);
@unlink('../../files/groups/mini_'.$group['logo']);
copy($_FILES['file']['tmp_name'], '../../files/groups/'.$file); # Original tarzda yuklaymiz
img_resize('../../files/groups/'.$file, '../../files/groups/mini_'.$file, $config['mini_logo_par'][0], $config['mini_logo_par'][1]); # Mini
DB::$dbs->query("UPDATE ".GROUPS." SET `logo` = ? WHERE `id` = ? ", array($file, $group['id']));
header("Location: ".HOME."/groups/".$group['id']."/panel/logo/");
} else {
echo DIV_ERROR . $err . CLOSE_DIV;;
}
}
echo DIV_BLOCK . (empty($group['logo']) ? '<img src="' . HOME . '/style/img/img.png" style="width:150px;"/>' : '<img src="' . HOME . '/files/groups/mini_'.$group['logo'] . '" />') . CLOSE_DIV;
echo (!empty($group['logo']) ? DIV_BLOCK . '<a href="?del">O`chirish</a>' . CLOSE_DIV : NULL);
echo DIV_AUT;
echo '<form action="#" method="POST" enctype="multipart/form-data">';
echo '<b>Logotip:</b> [max. '.$config['max_upload_group'].'mb., jpg, gif, png]<br /><input type="file" name="file"/><br /><br />';
echo '<input type="submit" name="upload" value="Yuklash" /></form>';
echo CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <a href="'.HOME.'/groups/'.$group['id'].'/">'.$group['name'].'</a> / <a href="'.HOME.'/groups/'.$group['id'].'/panel/">Guruhni boshqarish</a> / <b>Guruh logotipi</b>' . CLOSE_DIV;
break;
case 'info':
head('Asosiy ma`lumotlar');
if (!empty($_POST['edit'])) {
$name2 = html($_POST['name']);
$info = html($_POST['info']);
if (empty($name2)) {
$err .= 'Guruh nomini to`ldiring<br />';
}
if (empty($info)) {
$err .= 'Guruh ta`rifini to`ldiring<br />';
}
if (empty($err)) {
DB::$dbs->query("UPDATE ".GROUPS." SET `name` = ?, `info` = ? WHERE `id` = ? ", array($name2, $info, $group['id']));
header("Location: ".HOME."/groups/".$group['id']."/panel/info/");
} else {
echo DIV_ERROR . $err . CLOSE_DIV;
}
}
echo DIV_AUT;
echo '<form action="#" method="POST">';
echo '<b>Nom:</b> [max. 100]<br /><input type="text" name="name" value="'.$group['name'].'" /><br /><br />';
echo '<b>Ta`rif:</b> [max. 250]<br /><textarea name="info">'.$group['info'].'</textarea><br /><br />';
echo '<input type="submit" name="edit" value="O`zgartirish" /></form>';
echo CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <a href="'.HOME.'/groups/'.$group['id'].'/">'.$group['name'].'</a> / <a href="'.HOME.'/groups/'.$group['id'].'/panel/">Guruhni boshqarish</a> / <b>Asosiy ma`lumotlar</b>' . CLOSE_DIV;
break;
case 'private':
head('Shahsiylik sozlamalari');
if (!empty($_POST['sett'])) {
$private_forum = num($_POST['private_forum']);
DB::$dbs->query("UPDATE ".GROUPS." SET `private_forum` = ? WHERE `id` = ? ", array($private_forum, $group['id']));
header("Location: ".HOME."/groups/".$group['id']."/panel/private/");
}
echo DIV_AUT;
echo '<b>Forumga kirishi mumkun:</b><br />';
echo '<form action="#" method="POST">';
echo '<select name="private_forum">';
echo '<option '.(0 == $group['private_forum'] ? 'selected="selected"' : NULL).' value="0">Hamma</option>';
echo '<option '.(1 == $group['private_forum'] ? 'selected="selected"' : NULL).' value="1">Faqat ishtrokchilar</option>';
echo '</select>';
echo '<input type="submit" name="sett" value="Saqlash" /></form>';
echo CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <a href="'.HOME.'/groups/'.$group['id'].'/">'.$group['name'].'</a> / <a href="'.HOME.'/groups/'.$group['id'].'/panel/">Guruhni boshqarish</a> / <b>Shahsiylik sozlamalari</b>' . CLOSE_DIV;
break;
case 'peoples':
head('Guruhdagi foydalanuvchilar');
$n = new Navigator($all,10,'select=peoples&id='.$group['id']);
$sql = DB::$dbs->query("SELECT * FROM ".GROUPS_PEOPLES." WHERE `group_id` = ? ORDER BY `id` DESC LIMIT {$n->start()}, 10", array($group['id']));
while($ank = $sql -> fetch()) {
echo DIV_LI . userLink($ank['user_id']) . ' [<b>' . group_level($ank['level']) . '</b>] <a href="'.HOME.'/groups/'.$group['id'].'/panel/peoples/'.$ank['user_id'].'/update/">[Tahrirlash]</a> <a href="'.HOME.'/groups/'.$group['id'].'/panel/peoples/'.$ank['user_id'].'/delete/">[O`chr.]</a>' . CLOSE_DIV;
}
echo $n->navi();
echo DIV_AUT;
echo '<form action="'.HOME.'/groups/'.$group['id'].'/panel/peoples/search/" method="POST">';
echo '<b>ID</b> yoki <b>Login</b>:<br />';
echo '<input type="text" name="user" /><br />
<input type="checkbox" name="type" value="1" /> ID orqali izlash<br />
<input type="submit" name="search" value="Izlash"/><br />';
echo '</form>';
echo CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <a href="'.HOME.'/groups/'.$group['id'].'/">'.$group['name'].'</a> / <a href="'.HOME.'/groups/'.$group['id'].'/panel/">Guruhni boshqarish</a> / <b>Guruhdagi foydalanuvchilar</b>' . CLOSE_DIV;
break;
case 'update':
head('Ishtrokchini tahrirlash');
$ank = DB::$dbs->queryFetch("SELECT * FROM ".GROUPS_PEOPLES." WHERE `user_id` = ? && `group_id` = ? ", array(abs(num($_GET['user'])), $group['id']));
if ($ank['user_id'] == $user['user_id']) {
echo DIV_ERROR . 'mumkunmas)' . CLOSE_DIV;
} else {
if (empty($ank)) {
echo DIV_ERROR . 'Foydalanuvchi topilmadi' . CLOSE_DIV;
} else {
if (!empty($_POST['level'])) {
$level = num($_POST['level']);
DB::$dbs->query("UPDATE ".GROUPS_PEOPLES." SET `level` = ? WHERE `user_id` = ? && `group_id` = ? ", array($level, $ank['user_id'], $group['id']));
header("Location: ".HOME."/groups/".$group['id']."/panel/peoples/");
}
echo DIV_AUT;
echo '<b>Daraja:</b><br />';
echo '<form action="#" method="POST">';
echo '<select name="level">';
echo '<option '.(0 == $ank['level'] ? 'selected="selected"' : NULL).' value="0">Ishtrokchi</option>';
echo '<option '.(1 == $ank['level'] ? 'selected="selected"' : NULL).' value="1">Moderator</option>';
echo '</select><br /><br />';
echo '<input type="submit" name="update" value="Saqlash" /></form>' . CLOSE_DIV;
}
}
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <a href="'.HOME.'/groups/'.$group['id'].'/">'.$group['name'].'</a> / <a href="'.HOME.'/groups/'.$group['id'].'/panel/">Guruhni boshqarish</a> / <a href="'.HOME.'/groups/'.$group['id'].'/panel/peoples/">Guruhdagi foydalanuvchilar</a> / <b>Tahrirlash</b>' . CLOSE_DIV;
break;
case 'delete':
head('Ishtrokchini o`chirish');
$ank = DB::$dbs->queryFetch("SELECT * FROM ".GROUPS_PEOPLES." WHERE `user_id` = ? && `group_id` = ? ", array(abs(num($_GET['user'])), $group['id']));
if ($ank['user_id'] == $user['user_id']) {
echo DIV_ERROR . 'mumkunmas)' . CLOSE_DIV;
} else {
if (empty($ank)) {
echo DIV_ERROR . 'Foydalanuvchi topilmadi' . CLOSE_DIV;
} else {
if (!isset($_GET['go'])) {
echo DIV_LI . '<b>O`chirishni tastiqlang:</b> <a href="'.HOME.'/groups/'.$group['id'].'/panel/peoples/'.$ank['user_id'].'/delete/?go">[O`chirish]</a> <a href="'.HOME.'/groups/'.$group['id'].'/panel/peoples/">[Yo`q]</a>' . CLOSE_DIV;
} else {
DB::$dbs->query("DELETE FROM ".GROUPS_PEOPLES." WHERE `user_id` = ? && `group_id` = ? ", array(abs(num($_GET['user'])), $group['id']));
header("Location: ".HOME."/groups/".$group['id']."/panel/peoples/");
}
}
}
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <a href="'.HOME.'/groups/'.$group['id'].'/">'.$group['name'].'</a> / <a href="'.HOME.'/groups/'.$group['id'].'/panel/">Guruhni boshqarish</a> / <a href="'.HOME.'/groups/'.$group['id'].'/panel/peoples/">Guruhdagi foydalanuvchilar</a> / <b>Удаление</b>' . CLOSE_DIV;
break;
case 'search':
head('Ishtrokchilarni izlash');
$sql = html($_POST['user']);
$type = abs(num($_POST['type']));
if (empty($sql)) {
header("Location: ".HOME."/groups/".$group['id']."/panel/peoples/");
}
if (!empty($type)) {
$sql = abs(num($sql));
$all = DB::$dbs->queryFetch("SELECT `level` FROM ".GROUPS_PEOPLES." WHERE `user_id` = ? && `group_id` = ? ", array($sql, $group['id']));
if (!empty($all)) {
echo DIV_BLOCK . '<b>Izlash natijalari:</b><br />' . userLink($sql) . ' [<b>' . group_level($all['level']) . '</b>]' . CLOSE_DIV;
} else {
echo DIV_BLOCK . '<b>Izlash natijalari:</b><br />Ishtrokchi topilmadi' . CLOSE_DIV;
}
}
echo DIV_LI . '<a href="'.HOME.'/groups/'.$group['id'].'/panel/peoples/">So`rovni takrorlash</a>' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <a href="'.HOME.'/groups/'.$group['id'].'/">'.$group['name'].'</a> / <a href="'.HOME.'/groups/'.$group['id'].'/panel/">Guruhni boshqarish</a> / <b>Ishtrokchilarni izlash</b>' . CLOSE_DIV;
break;
case 'admin':
head('Ma`muriyat');
$n = new Navigator($all,10,'select=peoples&id='.$group['id']);
$sql = DB::$dbs->query("SELECT * FROM ".GROUPS_PEOPLES." WHERE `group_id` = ? && `level` > 0 ORDER BY `id` DESC LIMIT {$n->start()}, 10", array($group['id']));
while($ank = $sql -> fetch()) {
echo DIV_LI . userLink($ank['user_id']) . ' [<b>' . group_level($ank['level']) . '</b>] <a href="'.HOME.'/groups/'.$group['id'].'/panel/peoples/'.$ank['user_id'].'/update/">[Tahrirlash]</a> <a href="'.HOME.'/groups/'.$group['id'].'/panel/peoples/'.$ank['user_id'].'/delete/">[O`chr.]</a>' . CLOSE_DIV;
}
echo $n->navi();
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/groups/">Guruh</a> / <a href="'.HOME.'/groups/'.$group['id'].'/">'.$group['name'].'</a> / <a href="'.HOME.'/groups/'.$group['id'].'/panel/">Guruhni boshqarish</a> / <b>Ma`muriyat</b>' . CLOSE_DIV;
break;
}
require_once('../../core/stop.php');
?>