Файл: public_html/ban.php
Строк: 47
<?php
include ('./system/system.php');
$title = 'Бан';
include ('./system/head.php');
if(!$user OR $user['access'] == 0) {
header('location: /index.php');
exit();
}
$id = _string(_num($_GET['id_user']));
if($id) {
$i = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'"');
$i = mysql_fetch_array($i);
}
if(!$i) {
header('location: /profile.php?id='.$id.'');
exit();
}
if($i['id'] == $user['id']) {
echo '<div class="block small red center">Нельзя забанить самого себя!</div>';
include ('./system/foot.php');
exit();
}
if(isset($_GET['ban'])){
$ban_time = _string($_POST['ban_time']);
if(strlen($ban_time) < 1 or strlen($ban_time) > 9) {
echo '<div class="block small red center">Длина 1-9 символов!</div>
<a href="?id_user='.$i['id'].'" class="link"><img src="/images/icons/forward.png"> Продолжить</a>';
include ('./system/foot.php');
exit();
}
mysql_query("update `users` set `ban_time` = '".(time() + $ban_time)."' where `id` = '".$i['id']."'");
mysql_query("INSERT INTO `ban_logs` SET `id_user` = '$user[id]', `time` = '".time()."', `time_ban` = '$ban_time', `user_ban` = '$i[id]'");
echo '<div class="block small green center">Игрок успешно забанен!</div>';
echo '<a href="/profile.php?id='.$i['id'].'" class="link"><img src="/images/icons/forward.png"> Продолжить</a>';
include ('./system/foot.php');
exit();
}
echo "<div class='block'>
<form method='post' action='/ban.php?id_user=$i[id]&ban'>
Логин: <br>
<input name='login' class='text' type='text' style='width: 97%' value='$i[login]' disabled>
Время бана: <br>
<input name='ban_time' class='text' type='text' style='width: 97%'/>
<input type='submit' class='submit' value='Забанить'></form></div>";
include ('./system/foot.php');
?>