Файл: include/ban.php
Строк: 144
<?php
if( !in_array($status, array('admin', 'moderator')) )
{
header("Location: index.php");
}
else
{
if( !isset($_REQUEST['ban']) )
{
if($version == "wml")
{
header("content-type: text/vnd.wap.wml; charset=utf-8");
header("Cache-Control: no-cache");
echo(doctype("Бан-панель") . $tag);
echo("Имя пользователя:");
if( isset($_REQUEST['username']) )
{
echo(translatenick(htmlspecialchars($_REQUEST['username'])) . "<br />rn");
}
else
{
echo("<input type='text' name='username' /><br />rn");
}
echo('Время: <select name="time">' .
'<option value="3600">1 час.</option>' .
'<option value="21600">6 час.</option>' .
'<option value="86400">1 день</option>' .
'<option value="604800">1 неделя</option>' .
'<option value="2592000">1 месяц</option>' .
'</select><br />');
printf("<a href='./?p=26&ban=1&back=" . $_REQUEST['back'] . "&username=%s&time=$(time)&sid=$sid&v=wml'>Заблокировать</a><br />rn",
isset($_REQUEST['username']) ? translatenick(htmlspecialchars($_REQUEST['username'])) : '$(username)');
echo("- - - -<br />rn" .
"<a href='" . base64_decode($_REQUEST['back']) . "'>Назад</a>" .
$tagC . "</p></card></wml>");
} else
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Бан-панель</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<form action="./?p=26&ban=1&back=' . $_REQUEST['back'] . '&sid=' . $sid . '&v=xhtml" method="post">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'" colspan="2">
<font color="#FFFFFF"><b>Бан-панель</b></font>
</td></tr>');
echo('<tr><td bgcolor="'.$style['bottom'].'" colspan="2">'.$tag.'
' . $tagC . '</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag);
if( isset($_REQUEST['username']) )
{
echo("Имя пользователя: </td><td>" . translatenick(htmlspecialchars($_REQUEST['username'])) . "</td></tr>");
echo("<input type='hidden' name='username' value='" . translatenick(htmlspecialchars($_REQUEST['username'])) . "' />rn");
}
else
{
echo("Имя пользователя: </td><td>" .
"<input type='text' name='username' /></td></tr>rn");
}
echo('<tr bgcolor="'.$style['text'].'"> <td>
Время:</td><td>
<select name="time">
<option value="3600">1 час.</option>
<option value="21600">6 час.</option>
<option value="86400">1 день</option>
<option value="604800">1 неделя</option>
<option value="2592000">1 месяц</option>
</select></td></tr>');
echo("<tr bgcolor='" . $style['text'] . "'><td align='center' colspan='2'>rn" .
"<input type='submit' value='Заблокировать' />rn" .
"</td></tr>rn" .
"<tr bgcolor='" . $style['bottom'] . "'><td colspan='2'>rn" .
"<a href='" . base64_decode($_REQUEST['back']) . "'>Назад</a>rn" .
"</td></tr>rn" .
"</table></form></body></html>");
}
}
else
{
$bUser = translatenick(sql($_REQUEST['username']));
$time = (int)$_REQUEST['time'];
$sql = mysql_query("SELECT id, username, status FROM users WHERE username = '$bUser'");
$rows = mysql_fetch_assoc($sql);
$result = mysql_num_rows($sql);
if( !$result )
{
$print = 'Пользователь не найден!';
}
else if($rows['status'] == 'admin')
{
$print = 'Недостаточно прав!';
}
else
{
mysql_query("INSERT INTO ban VALUES(0, '', '', '$bUser', $time + UNIX_TIMESTAMP(), '', '$username')");
$print = 'Пользователь заблокирован!';
}
if($version == "wml")
{
header("content-type: text/vnd.wap.wml; charset=utf-8");
header("Cache-Control: no-cache");
echo(doctype("Бан-панель") . $tag);
echo($print);
echo("<br />- - - -<br />rn" .
"<a href='" . base64_decode($_REQUEST['back']) . "'>Назад</a>" .
$tagC . "</p></card></wml>");
} else
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Бан-панель</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Бан-панель</b></font>
</td></tr>');
echo('<tr><td bgcolor="'.$style['bottom'].'">'.$tag.'
' . $tagC . '</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag);
echo($print);
echo("</td></tr>rn" .
"<tr bgcolor='" . $style['bottom'] . "'><td>rn" .
"<a href='" . base64_decode($_REQUEST['back']) . "'>Назад</a>rn" .
"</td></tr>rn" .
"</table></body></html>");
}
}
}
?>