Файл: vsime.com/comm/inc/act_comm_users_ban.php
Строк: 360
<?
if(mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `comm` WHERE `id` = '".intval($_GET['id'])."'"))!=0)
{
$comm=mysqli_query($dbi, "SELECT * FROM `comm` WHERE `id` = '".intval($_GET['id'])."'");
$comm=mysqli_fetch_array($comm);
$cat=mysqli_query($dbi, "SELECT * FROM `comm_cat` WHERE `id` = '$comm[id_cat]'");
$cat=mysqli_fetch_array($cat);
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `comm_users` WHERE `id_comm` = '$comm[id]' AND `activate` = '1' AND `invite` = '0'"))==0)$comm['id_user']=0;
$ank=profile($comm['id_user']); // sozdak
$title .= ' - '.htmlspecialchars($comm['name']).' - Нарушители'; // Заголовок страницы
ex_head();
if (isset($_GET['sort']))
{
$sort = htmlspecialchars($_GET['sort']);
if ($sort == 'chat')$querysort = " AND `type` = 'chat'";
else
{
$sort = "forum";
$querysort = " AND `type` = 'forum'";
}
}
else
{
$sort = "forum";
$querysort = " AND `type` = 'forum'";
}
if (isset($_POST['nick']) && isset($_POST['submited']))
{
if (hsc(@$_POST['mdp'])==$mdp)
{
$ank2=mysqli_query($dbi, "SELECT * FROM `user` WHERE `nick` = '".my_esc($_POST['nick'])."'");
$ank2=mysqli_fetch_array($ank2);
if($ank2['id']!=0)
{
header("Location:?act=comm_users_ban&id=$comm[id]&user=$ank2[id]&sort=$sort");
exit();
}
else $error[]="Пользователь не найден";
} else hacked_by_Killer();
}
show_errors();
if (isset($_GET['add']) && $uinc && $uinc['access']!='user')
{
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `user` WHERE `id` = '".intval($_GET['add'])."'"))==0)
{
$error[] = 'Пользователь не найден';
show_errors();
ex_foot();
}
$ainc=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `comm_users` WHERE `id_user` = '".intval($_GET['add'])."' AND `id_comm` = '$comm[id]' AND `activate` = '1' AND `invite` = '0'"));
$ank2=profile(intval($_GET['add']));
if ($ainc == NULL)
{
$error[] = 'Пользователь не найден';
show_errors();
ex_foot();
}
if ($ainc['access']!='user')
{
show_errors("Вы не можете банить администрацию сообщества");
ex_foot();
}
if (isset($_GET['type']) && $_GET['type']=='chat')
{
$type = 'chat';
$type_name = 'Чат';
}
else
{
$type = 'forum';
$type_name = 'Форум';
}
if (isset($_POST['submited']))
{
if (hsc(@$_POST['mdp'])==$mdp)
{
$time_ban = intval($_POST['time_ban']);
if ($ank['id']==$user['id'] || $uinc['access']=='adm')
{
if (in_array($time_ban,array(3600, 10800, 86400, 432000)))$time_ban = $time_ban; else $time_ban = 3600;
}
else
{
if (in_array($time_ban,array(3600, 10800, 86400)))$time_ban = $time_ban; else $time_ban = 3600;
}
$time_ban = $time + $time_ban;
$msg = $_POST['msg'];
if (strlen2($msg)<1)$error[] = "Введите комментарий";
if (strlen2($msg)>512)$error[] = "Комментарий должен быть не больше 512-ти символов";
$reason = intval($_POST['reason']);
if (in_array($reason, array(1, 2, 3, 4, 5, 6)))$reason = $reason; else $reason = 1;
if (!isset($error))
{
mysqli_query($dbi, "INSERT INTO `users_ban` SET `id_comm` = '$comm[id]', `id_user` = '$ank2[id]', `id_ank` = '$user[id]', `time_ban` = '$time_ban', `time` = '$time', `msg` = '".my_esc($msg)."', `reason` = '$reason', `type` = '$type'");
header("Location: ?act=comm_users_ban&id=$comm[id]");
exit();
}
} else hacked_by_Killer();
}
show_errors();
echo "<form method='post' action='' class='multi'>n";
echo "<div class='list'>n";
echo "Пользователь: n";
echo profile_icon($ank2['id']).profile_nick($ank2['id'], 1).profile_medal($ank2['id']);
echo "</div>n";
echo "<div class='list'>n";
echo "Раздел: $type_name<br />n";
echo "</div>n";
echo "<div class='list'>n";
echo "Бан на:n";
echo "<select name='time_ban'><br/>n";
echo "<option value='3600'>1</option>n";
echo "<option value='10800'>3</option>n";
echo "<option value='86400'>24</option>n";
if ($ank['id']==$user['id'] || $uinc['access']=='adm') {
echo "<option value='432000'>120</option>n";
}
echo "</select><br/>n";
echo "</div>n";
echo "<div class='list'>n";
echo "Причина:<br/>n";
echo "<input type='radio' name='reason' value='1' checked='checked'> Грубость и оскорбления<br/>n";
echo "<input type='radio' name='reason' value='2'> Нецензурная лексика<br/>n";
echo "<input type='radio' name='reason' value='3'> Реклама<br/>n";
echo "<input type='radio' name='reason' value='4'> Пропаганда ненависти<br/>n";
echo "<input type='radio' name='reason' value='5'> Флуд<br/>n";
echo "<input type='radio' name='reason' value='6'> Иное<br/>n";
echo "</div>n";
input_bbs();
echo "<div class='list'>n";
echo "Комментарий:<br/>n";
echo "<textarea name='msg' id='textarea' rows='3' cols='17' style='width:95%'></textarea>n";
echo "<input type='hidden' name='mdp' value='$mdp'>n";
echo "<input type='submit' name='submited' value='Забанить'/>n";
echo "</div>n";
echo "</form>n";
echo "<div class='foot'>n";
echo image_back()." <a href='?act=comm_users_ban&id=$comm[id]'>Назад</a>n";
echo "</div>n";
ex_foot();
}
if (isset($_GET['ban_info']) && mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `users_ban` WHERE `id` = '".intval($_GET['ban_info'])."' AND `id_comm` = '$comm[id]'"))!=0)
{
$ban=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `users_ban` WHERE `id` = '".intval($_GET['ban_info'])."' AND `id_comm` = '$comm[id]'"));
$ban_user=profile($ban['id_user']);
$ban_user_give=profile($ban['id_ank']);
$time_ban = ($ban['time_ban']-$ban['time'])/3600;
if ($ban['reason']==2)$reason_name = 'Нецензурная лексика';
if ($ban['reason']==3)$reason_name = 'Реклама';
if ($ban['reason']==4)$reason_name = 'Пропаганда ненависти';
if ($ban['reason']==5)$reason_name = 'Флуд';
if ($ban['reason']==6)$reason_name = 'Иное';
else $reason_name = 'Грубость и оскорбления';
?>
<div class="list"><span style="color:red;">Бан активен</span></div>
<div class="list">Обитатель: <?php echo profile_icon($ban_user['id']).profile_nick($ban_user['id'], 1).profile_medal($ban_user['id']);?></div>
<div class="list">Сообщество: <a href="?act=comm&id=<?php echo $comm['id'];?>"><?php echo htmlspecialchars($comm['name']);?></a></div>
<div class="list">Дата:</b> <?php echo vremja($ban['time']);?></div>
<div class="list">Модератор: <?php echo profile_icon($ban_user_give['id']).profile_nick($ban_user_give['id'], 1).profile_medal($ban_user_give['id']);?></div>
<div class="list">Время: <?php echo $time_ban;?> ч.</div>
<div class="list">Причина: <?php echo $reason_name;?></div>
<div class="list">Комментарий: <?php echo output_text($ban['msg'], $ban_user_give['id']);?></div>
<? if ($ank['id']==$user['id'] || $uinc['access']=='adm')
{
?><div class="list"><img src="/i/site/delete.png" /> <a href='?act=comm_users_ban&id=<?php echo $comm['id'];?>&delete=<?php echo $ban['id'];?>'>Удалить нарушение</a></div>
<?
}
?>
<?
echo "<div class='foot'>n";
echo image_back()." <a href='?act=comm_users_ban&id=$comm[id]'>Назад</a> | <a href='?act=comm&id=$comm[id]'>В сообщество</a>n";
echo "</div>n";
ex_foot();
}
if (isset($_GET['delete']) && mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `users_ban` WHERE `id` = '".intval($_GET['delete'])."' AND `id_comm` = '$comm[id]'"))!=0 && ($ank['id']==$user['id'] || $uinc['access']=='adm'))
{
$ban=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `users_ban` WHERE `id` = '".intval($_GET['delete'])."' AND `id_comm` = '$comm[id]'"));
$ban_user=profile($ban['id_user']);
if (isset($_POST['submited']))
{
if (hsc(@$_POST['mdp'])==$mdp)
{
mysqli_query($dbi, "DELETE FROM `users_ban` WHERE `id` = '$ban[id]' AND `id_comm` = '$comm[id]'");
msg("Бан успешно удален");
} else hacked_by_Killer();
}
else
{
echo "<form method='post'>n";
echo "<div class='freespace'>n";
echo "Подтвердите удаление бана <a href='/info.php?id=$ban_user[id]'>$ban_user[nick]</a><br />n";
echo "</div>n";
echo "<div class='freespace'>n";
echo "<input type='hidden' name='mdp' value='$mdp'>n";
echo "<input type='submit' name='submited' value='Удалить' />n";
echo "</div>n";
echo "</form>n";
echo "<div class='foot'>n";
echo image_back()." <a href='?act=comm&id=$comm[id]'>В сообщество</a>n";
echo "</div>n";
ex_foot();
}
}
if (isset($_GET['user']) && mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `user` WHERE `id` = '".intval($_GET['user'])."'"))!=0)$ank_act=profile(intval($_GET['user']));
echo "<form method='post' action='?act=comm_users_ban&id=$comm[id]&sort=$sort'>n";
echo "<input type='text' name='nick' value=''>n";
echo "<input type='hidden' name='mdp' value='$mdp'>n";
echo "<input type='submit' name='submited' value='Найти'>n";
if (isset($ank_act))echo "<br />nНарушения <a href='/info.php?id=$ank_act[id]'>$ank_act[nick]</a> <a href='?act=comm_users_ban&id=$comm[id]&sort=$sort'><img src='/i/site/delete.png' /></a>n";
echo "</form>";
echo "<div class='grand_h'>n";
echo "<table>n";
echo "<td>".($sort!='forum'?"<a href='?act=comm_users_ban&id=$comm[id]".(isset($ank_act)?"&user=$ank_act[id]":NULL)."&sort=forum'>":NULL)."<span class='block_l'>Форум (".mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `users_ban` WHERE `id_comm` = '$comm[id]'".(isset($ank_act)?" AND `id_user` = '$ank_act[id]'":NULL)." AND `type` = 'forum'")).")</span>".($sort!='forum'?"</a>":NULL)."</td><td>".($sort!='chat'?"<a href='?act=comm_users_ban&id=$comm[id]".(isset($ank_act)?"&user=$ank_act[id]":NULL)."&sort=chat'>":NULL)."<span class='block_l'>Чат (".mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `users_ban` WHERE `id_comm` = '$comm[id]'".(isset($ank_act)?" AND `id_user` = '$ank_act[id]'":NULL)." AND `type` = 'chat'")).")</span>".($sort!='chat'?"</a>":NULL)."</td>n";
echo "</table>n";
echo "</div>n";
$count_results=mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `users_ban` WHERE `id_comm` = '$comm[id]'".(isset($ank_act)?" AND `id_user` = '$ank_act[id]'":NULL)."$querysort"));
$count_pages=count_pages($count_results);
$page=page();
$start=start_pages();
if ($count_results==0)
{
echo "<div class='list_empty'>n";
echo "Нет нарушенийn";
echo "</div>n";
}
$query=mysqli_query($dbi, "SELECT * FROM `users_ban` WHERE `id_comm` = '$comm[id]'".(isset($ank_act)?" AND `id_user` = '$ank_act[id]'":NULL)."$querysort ORDER BY `time` DESC LIMIT $start, $config[rop]");
while($post=mysqli_fetch_array($query))
{
$ank2=profile($post['id_user']);
$ank3=profile($post['id_ank']);
$t = "<a href='/info.php?id=$ank2[id]'>$ank2[nick]</a> забанен модератором <a href='/info.php?id=$ank3[id]'>$ank3[nick]</a> на ".(($post['time_ban']-$post['time'])/3600)." ч.n<br />n<a href='?act=comm_users_ban&id=$comm[id]&ban_info=$post[id]'>Подробнее >></a>";
echo "<div class='list'>n";
echo "<div class='left'>n";
show_avatar($ank2['id'], 'small');
echo "</div>n";
echo "<div class='overfl_hid'>n";
echo $t."n<span class='right'>".vremja($post['time']).(isset($user) && $ank['id']==$user['id'] || $uinc['access']=='adm'?" <a href='?act=comm_users_ban&id=$comm[id]&delete=$post[id]".(isset($ank_act)?"&user=$ank_act[id]":NULL)."'>$config[code_delete]</a>":NULL)."</span>n";
echo "</div>n";
echo "<div class='clear'></div>n";
echo "</div>n";
}
pages_show("?act=comm_users_ban&id=$comm[id]&sort=$sort&".(isset($ank_act)?"user=$ank_act[id]&":NULL)); // Вывод страниц
echo "<div class='foot'>n";
echo image_back()." <a href='?act=comm&id=$comm[id]'>В сообщество</a>n";
echo "</div>n";
}
else{header("Location:/comm");exit;}
?>