Файл: include/admin.php
Строк: 432
<?php
if($status != "admin")
{
header("Location: ".$forumdir);
} else
{
switch($_GET['mode'])
{
default:
$mforums = mysql_query("SELECT * FROM `mforums` ORDER BY `pos` ASC");
$forums = mysql_query("SELECT * FROM `forums` ORDER BY `pos` ASC");
if($version == "wml")
{
header("Content-type: text/vnd.wap.wml; charset=utf-8");
header("Cache-Control: no-cache");
echo(doctype("Админка").'
Модераторы: <br />');
$modersq = mysql_query("SELECT `status`, `id`, `username` FROM `users` WHERE `status`='moderator'");
while($moders = mysql_fetch_array($modersq))
{
echo($moders['username'].'[<a href="./?p=27&v=wml&sid='.$sid.'&mode=moder&m=0&id='.$moders['id'].'">Удалить</a>]<br />');
}
echo('- - - - <br />
Добавить подфорум:<br />
- - - - <br />
Имя: <br />
<input type="text" name="name" /><br />
Позиция: <br />
<input type="text" name="pos" format="*N" /><br />
<anchor>[Добавить]
<go href="./?p=27&v=wml&mode=add&sid='.$sid.'" method="post">
<postfield name="name" value="$(name)" />
<postfield name="pos" value="$(pos)" />
</go></anchor><br />
- - - - <br />
Удалить подфорум: <br />
<select name="id">');
while($fnames = mysql_fetch_array($forums))
{
echo('<option value="'.$fnames['id'].'">'.$fnames['name'].'</option>');
}
echo('</select><br />
<anchor>[Удалить]
<go href="./?p=27&v=wml&sid='.$sid.'&mode=del" method="post">
<postfield name="id" value="$(id)" />
</go></anchor><br />
- - - - <br />
Добавить модерский подфорум:<br />
- - - - <br />
Имя: <br />
<input type="text" name="name" /><br />
Позиция: <br />
<input type="text" name="pos" format="*N" /><br />
<anchor>[Добавить]
<go href="./?p=27&v=wml&mode=addm&sid='.$sid.'" method="post">
<postfield name="name" value="$(name)" />
<postfield name="pos" value="$(pos)" />
</go></anchor><br />
- - - - <br />
Удалить модерский подфорум: <br />
<select name="id">');
while($fnamesm = mysql_fetch_array($mforums))
{
echo('<option value="'.$fnamesm['id'].'">'.$fnamesm['name'].'</option>');
}
echo('</select><br />
<anchor>[Удалить]
<go href="./?p=27&v=wml&sid='.$sid.'&mode=delm" method="post">
<postfield name="id" value="$(id)" />
</go></anchor><br />
- - - - <br />
<a href="./?p=0&v=wml&sid='.$sid.'">В форум</a>
</p></card></wml>');
} elseif($version == "xhtml")
{
echo
"<html>rn",
"<head>rn",
"<title>Админка</title>rn",
"</head>rn",
"<body bgcolor="".$style['background']."" link="".$style['link']."" vlink="".$style['link']."" text="#000000">rn",
"<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">rn",
"<tr>rn",
"<td align="center" bgcolor="".$style['title'].""><font color="#FFFFFF"><b>Админка</b></font></td>rn",
"</tr>rn",
"<tr bgcolor="".$style['text'].""><td>rn",
"<a href="./?p=27&mode=wcab&act=menu&sid=".$sid."&v=".$version."">Управление акцией</a><br />",
"<a href="./?p=27&mode=rating&sid=".$sid."&v=".$version."">Рейтинги(+/-)</a>rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
"<b><u>Модераторы:</b></u>rn</td></tr>",
"<tr>rn<td bgcolor="".$style['text']."">rn";
$modersq = mysql_query("SELECT `status`, `id`, `username` FROM `users` WHERE `status`='moderator'");
while($moders = mysql_fetch_array($modersq))
{
echo($moders['username'].'[<a href="./?p=27&v=xhtml&sid='.$sid.'&mode=moder&m=0&id='.$moders['id'].'">Удалить</a>]<br />');
}
echo
"</td>rn",
"</tr>rn",
"<tr>rn",
"<td bgcolor="".$style['text']."">rn",
"<b><u>Добавить подфорум:</b></u><br />rn",
"<form action="./?p=27&v=xhtml&mode=add&sid=".$sid."" method="post">rn",
"Имя: <br />rn",
"<input type="text" name="name" /><br />rn",
"Позиция: <br /> rn",
"<input type="text" name="pos" format="*N" /><br />rn",
"<input type="submit" value="Добавить" />rn",
"</form>rn",
"</td>rn</tr>rn",
"<tr>rn",
"<td bgcolor="".$style['text']."">rn",
"<b><u>Удалить подфорум:</b></u>rn",
"</td>rn</tr>rn",
"<tr>rn<td bgcolor="".$style['text']."">rn",
"<form action="./?p=27&v=xhtml&mode=del&sid=".$sid."" method="post">rn",
"<select name="id">rn";
while($fnames = mysql_fetch_array($forums))
{
echo("<option value="".$fnames['id']."">".$fnames['name']."</option>rn");
}
echo
"</select><br />rn",
"<input type="submit" value="Удалить" />rn",
"</form>rn",
"</td>rn</tr>rn",
"<td bgcolor="".$style['text']."">rn",
"<b><u>Добавить модерский подфорум:</b></u><br />rn",
"<form action="./?p=27&v=xhtml&mode=addm&sid=".$sid."" method="post">rn",
"Имя: <br />rn",
"<input type="text" name="name" /><br />rn",
"Позиция: <br /> rn",
"<input type="text" name="pos" format="*N" /><br />rn",
"<input type="submit" value="Добавить" />rn",
"</form>rn",
"</td>rn</tr>rn",
"<tr>rn",
"<td bgcolor="".$style['text']."">rn",
"<b><u>Удалить модерский подфорум:</b></u>rn",
"</td>rn</tr>rn",
"<tr>rn<td bgcolor="".$style['text']."">rn",
"<form action="./?p=27&v=xhtml&mode=delm&sid=".$sid."" method="post">rn",
"<select name="id">rn";
while($fnamesm = mysql_fetch_array($mforums))
{
echo("<option value="".$fnamesm['id']."">".$fnamesm['name']."</option>rn");
}
echo
"</select><br />rn",
"<input type="submit" value="Удалить" />rn",
"</form>rn",
"</td>rn</tr>rn",
"<tr><td bgcolor="".$style['bottom']."">rn",
"<a href="./?p=0&v=xhtml&sid=".$sid."">Форумы</a> rn",
"</td>rn</tr>rn</table>rn",
"</body></html>";
}
break;
case 'wcab':
if($_GET['act'] == "menu")
{
if($version == "xhtml")
{
echo
"<html>rn",
"<head>rn",
"<title>Админка</title>rn",
"</head>rn",
"<body bgcolor="".$style['background']."" link="".$style['link']."" vlink="".$style['link']."" text="#000000">rn",
"<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">rn",
"<tr>rn",
"<td align="center" bgcolor="".$style['title'].""><font color="#FFFFFF"><b>Админка</b></font></td>rn",
"</tr>rn",
"<tr bgcolor="".$style['text'].""><td>rn",
"<a href="./?p=27&mode=wcab&act=ban&sid=".$sid."&v=".$version."">Заблокированные</a>rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
"<b><u>Набравшие минималку:</b></u>rn</td></tr>",
"<tr>rn<td bgcolor="".$style['text']."">rn";
$masq = mysql_query("SELECT * FROM `wcab` WHERE `balans`>'10' ORDER BY `balans` DESC");
while($mas = mysql_fetch_array($masq))
{
$us=mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='".$mas['id_user']."'"));
echo('<a href="./?p=24&uid='.$mas['id_user'].'&d=1&sid='.$sid.'&v='.$version.'">'.$us['username'].'</a> <b>('.$mas['balans'].')</b>');
if($mas['status'] == "0" || $mas['status'] == "1")
{
echo(' <a href="./?p=27&v='.$version.'&sid='.$sid.'&mode=wcab&m=0&id='.$mas['id'].'">[ban]</a>');
} elseif($mas['status'] == "2")
{
echo(' <a href="./?p=27&v='.$version.'&sid='.$sid.'&mode=wcab&m=3&id='.$mas['id'].'">[UNban]</a>');
}
echo(' <a href="./?p=27&v='.$version.'&sid='.$sid.'&mode=wcab&m=1&id='.$mas['id'].'">[»]</a>');
if($mas['status'] == "0")
{
echo('<br />');
} elseif($mas['status'] == "1")
{
echo('<b><font color="green">3anpoc</font></b> ');
if($mas['kuda']=="w")
{
$pay="на WMR-кош.!";
}
elseif($mas['kuda']=="m")
{
$pay="на телефон!";
}
echo($pay.'<br />');
} elseif($mas['status'] == "2")
{
echo('<b><font color="red">[BAN!]</font></b><br />');
}
}
echo
"</td>rn</tr>rn",
"<tr><td bgcolor="".$style['bottom']."">rn",
"<a href="./?p=0&v=xhtml&sid=".$sid."">Форумы</a> rn",
"</td>rn</tr>rn</table>rn",
"</body></html>";
}
}
elseif($_GET['m'] == "0")
{
if(mysql_query("UPDATE `wcab` SET `status`='2' WHERE `id`=".intval($_GET['id'])))
{
header("Location: ".str_replace("?", "", $forumdir).'?p=27&mode=wcab&act=menu&v='.$version.'&sid='.$sid);
}
}
elseif($_GET['m'] == "1")
{
if($version == "xhtml")
{
$id = intval($_GET['id']);
$qs = mysql_fetch_assoc(mysql_query("SELECT * FROM wcab WHERE id=".$id));
echo
"<html>rn",
"<head>rn",
"<title>Админка</title>rn",
"</head>rn",
"<body bgcolor="".$style['background']."" link="".$style['link']."" vlink="".$style['link']."" text="#000000">rn",
"<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">rn",
"<tr>rn",
"<td align="center" bgcolor="".$style['title'].""><font color="#FFFFFF"><b>Админка</b></font></td>rn",
"</tr>rn",
"<tr bgcolor="".$style['text'].""><td>rn",
"<b><u>Баланс:</u></b>rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
$qs['balans']."rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
"<b><u>Выплата прошлая/всего:</u></b>rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
$qs['viplata'].'/'.$qs['vsego']."rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
"<b><u>Последняя выплата:</u></b>rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
$qs['vdate']."rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
"<b><u>Номер телефона:</u></b>rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
"+".$qs['telefon']." (".$qs['operator'].")rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
"<b><u>WMR - кошелек:</u></b>rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
"R".$qs['wmr']."rn</td></tr>";
if($qs['balans'] > 10)
{
echo
"<tr bgcolor="".$style['text'].""><td>rn",
"<a href="./?p=27&mode=wcab&m=2&id=$id&sid=".$sid."&v=".$version."">Выплатить</a>rn</td></tr>";
}
echo
"<tr><td bgcolor="".$style['bottom']."">rn",
"<a href="./?p=0&v=xhtml&sid=".$sid."">Форумы</a> rn",
"</td>rn</tr>rn</table>rn",
"</body></html>";
}
}
elseif($_GET['m'] == "2")
{
$id = intval($_GET['id']);
$mas = mysql_fetch_assoc(mysql_query("SELECT * FROM wcab WHERE id=".$id));
mysql_query("UPDATE `wcab` SET `status`='0', `balans`='0.00', `vsego`=`vsego`+'".$mas['balans']."', `viplata`='".$mas['balans']."', `otvet`='Выплачено', `vdate`='".date("d/m H:i")."' WHERE `id`='$id'");
header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid.'&mode=wcab&m=1&id='.$id);
}
elseif($_GET['m'] == "3")
{
mysql_query("UPDATE `wcab` SET `status`='0' WHERE `id`=".intval($_GET['id']));
header("Location: ".str_replace("?", "", $forumdir).'?p=27&mode=wcab&act=menu&v='.$version.'&sid='.$sid);
}
elseif($_GET['act'] == "ban")
{
if($version == "xhtml")
{
echo
"<html>rn",
"<head>rn",
"<title>Админка</title>rn",
"</head>rn",
"<body bgcolor="".$style['background']."" link="".$style['link']."" vlink="".$style['link']."" text="#000000">rn",
"<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">rn",
"<tr>rn",
"<td align="center" bgcolor="".$style['title'].""><font color="#FFFFFF"><b>Админка</b></font></td>rn",
"</tr>rn",
"<tr bgcolor="".$style['text'].""><td>rn",
"<a href="./?p=27&mode=wcab&act=menu&sid=".$sid."&v=".$version."">Незаблокированные</a>rn</td></tr>",
"<tr bgcolor="".$style['text'].""><td>rn",
"<b><u>Заблокированные:</b></u>rn</td></tr>",
"<tr>rn<td bgcolor="".$style['text']."">rn";
$masq = mysql_query("SELECT * FROM `wcab` WHERE `status`='2' ORDER BY `balans` DESC");
while($mas = mysql_fetch_array($masq))
{
$us=mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='".$mas['id_user']."'"));
echo('<a href="./?p=24&uid='.$mas['id_user'].'&d=1&sid='.$sid.'&v='.$version.'">'.$us['username'].'</a> <b>('.$mas['balans'].')</b>');
echo(' <a href="./?p=27&v='.$version.'&sid='.$sid.'&mode=wcab&m=3&id='.$mas['id'].'">[UNban]</a>');
echo(' <a href="./?p=27&v='.$version.'&sid='.$sid.'&mode=wcab&m=1&id='.$mas['id'].'">[»]</a>');
}
echo
"</td>rn</tr>rn",
"<tr><td bgcolor="".$style['bottom']."">rn",
"<a href="./?p=0&v=xhtml&sid=".$sid."">Форумы</a> rn",
"</td>rn</tr>rn</table>rn",
"</body></html>";
}
}
break;
case 'rating':
if($version == "xhtml")
{
echo
"<html>rn",
"<head>rn",
"<title>Админка</title>rn",
"</head>rn",
"<body bgcolor="".$style['background']."" link="".$style['link']."" vlink="".$style['link']."" text="#000000">rn",
"<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">rn",
"<tr>rn",
"<td align="center" bgcolor="".$style['title'].""><font color="#FFFFFF"><b>Админка</b></font></td>rn",
"</tr>rn",
"<tr>rn",
"<td bgcolor="".$style['text']."">rn",
"<b><u>Рейтинг пользователей:</b></u>rn",
"</td>rn</tr>rn",
"";
if ( !empty($_GET['moder']) )
{
$idmod = abs ( intval ( $_GET['moder'] ) );
$sq = "WHERE `moder`=".$idmod.' ';
}
else if ( !empty($_GET['us']) )
{
$idus = abs ( intval ( $_GET['us'] ) );
$sq = "WHERE `rat_user`=".$idus.' ';
}
$qr = mysql_query("SELECT * FROM `rating` ".$sq."ORDER BY `time` DESC");
while ($ar = mysql_fetch_assoc($qr) )
{
$name_us = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id`='".$ar['rat_user']."'"));
if ( $ar['descript'] == "+" )
{
$rat = "<font color="green">плюс</font>";
}
else if ( $ar['descript'] == "-" )
{
$rat = "<font color="red">минус</font>";
}
if ( !empty($ar['time']) )
{
$time = "(".date("d/m/y H:i", $ar['time']).")";
}
echo
"<tr>rn<td bgcolor="".$style['text']."">rn",
$time."<a href="./?p=24&d=1&uid=".UserName2id($ar['moder'])."&t=".$p."&v=".$version."&sid=".$sid.""><b>".$ar['moder']."</b></a> поставил <b>".$rat."</b> <a href="./?p=24&d=1&uid=".$ar['rat_user']."&t=".$p."&v=".$version."&sid=".$sid.""><u>".$name_us['username']."</u></a>rn",
"</td>rn</tr>rn";
}
echo
"<tr><td bgcolor="".$style['bottom']."">rn",
"<a href="./?p=0&v=xhtml&sid=".$sid."">Форумы</a> rn",
"</td>rn</tr>rn</table>rn",
"</body></html>";
}
break;
case 'del':
mysql_query("DELETE posts.*
FROM posts
LEFT JOIN themes
ON posts.id_theme=themes.id
WHERE id_forum=".intval($_POST['id']));
mysql_query("DELETE FROM `themes` WHERE `id_forum`=".intval($_POST['id']));
mysql_query("DELETE FROM `forums` WHERE `id`=".intval($_POST['id']));
header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
break;
case 'kick':
$uss = mysql_fetch_array(mysql_query("SELECT username FROM users WHERE id=".intval($_GET['ids'])));
mysql_query("DELETE
FROM session
WHERE nickname='".$uss['username']."'");
header("Location: ".str_replace("?", "", $forumdir).'?p=12&v='.$version.'&sid='.$sid);
break;
case 'delm':
mysql_query("DELETE mposts.*
FROM mposts
LEFT JOIN mthemes
ON mposts.id_theme=mthemes.id
WHERE id_forum=".intval($_POST['id']));
mysql_query("DELETE FROM `mthemes` WHERE `id_forum`=".intval($_POST['id']));
mysql_query("DELETE FROM `mforums` WHERE `id`=".intval($_POST['id']));
header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
break;
case 'add':
mysql_query("INSERT INTO `forums` VALUES(0, '".htmlspecialchars(sql($_POST['name']))."', ".intval($_POST['pos']).")");
header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
break;
case 'addm':
mysql_query("INSERT INTO `mforums` VALUES(0, '".htmlspecialchars(sql($_POST['name']))."', ".intval($_POST['pos']).")");
header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
break;
case 'moder':
if($_GET['m'] == "0")
{
mysql_query("UPDATE `users` SET `status`='user' WHERE `id`=".intval($_GET['id']));
} else
{
mysql_query("UPDATE `users` SET `status`='moderator' WHERE `id`=".intval($_GET['id']));
}
header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
break;
}
}
?>