Файл: region_clean/apanel.php
Строк: 3393
<?php
#######################################
## Mod By KoT (borispol) [76-75-072] ##
#######################################
require_once "start.php";
require_once "sid.php";
header("Cache-Control: no-cache");
if ($ver == "wml") header ("Content-type:text/vnd.wap.wml; charset=utf-8");
else header("Content-Type:text/html; charset=UTF-8");
require_once "inc.php";
if (isset($rm)) $takep="&rm=$rm&ref=$ref";
else $takep="&ref=$ref";
if (isset($rm) and !ctype_digit($rm)) { header('Location: index.php?isset=403'); }
$link = connect_db();
list($row, $id, $ps, $fsize1, $fsize2) = check_login($link);
require_once "version.php";
$fi = fopen("log/admlog.dat", "a+");
$dat = date ("~d F в H:i~");
$dat = str_replace("January","Января",$dat);
$dat = str_replace("February","Февраля",$dat);
$dat = str_replace("March","Марта",$dat);
$dat= str_replace("April","Апреля",$dat);
$dat = str_replace("May","Мая",$dat);
$dat = str_replace("June","Июня",$dat);
$dat = str_replace("July","Июля",$dat);
$dat = str_replace("August","Августа",$dat);
$dat = str_replace("September","Сентября",$dat);
$dat = str_replace("October","Октября",$dat);
$dat = str_replace("November","Ноября",$dat);
$dat = str_replace("December","Декабря",$dat);
$lst = "<b><u>".$row["user"]."</u></b> Посещал админку $dat, Его ip: ".$_SERVER['REMOTE_ADDR'].", Браузер: ".htmlspecialchars($_SERVER['HTTP_USER_AGENT'])."<br/>";
fwrite($fi, "$divide");
fwrite($fi, "$lstn");
fflush($fi);
fclose($fi);
$signs = 999;
function gettime()
{
$part_time = explode(' ', microtime());
$real_time = $part_time[1].substr($part_time[0], 1);
return $real_time;
}
if (isset($rm)) $takep="&rm=$rm&ref=$ref";
else $takep="&ref=$ref";
if ($row['level'] < 7) {
if ($ver == "wml") {
echo $xml;
echo $dtd;
echo "<wml>n
<card id="error" title="Ошибка доступа" ontimer="enter.php?$ses&ref=$ref"><timer value="15"/>
<p align="center">n";
} else {
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><link rel="stylesheet" type="text/css" href="css/$css.css"/>
<title>Ошибка доступа</title>
<META HTTP-EQUIV="Refresh" CONTENT="2; URL=enter.php?$ses$takep">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/></head><body>
<div align="center">";
}
echo $fsize1;
echo 'У тебя нет прав доступа!<br/>';
echo $fsize1;
include_once 'foot.php';
mysql_close($link);
exit;
}
$us = mysql_real_escape_string(check($row["user"]));
$login = mysql_real_escape_string(check($row["user"]));
$alltraf = mysql_real_escape_string(check($row["alltraf"]));
$adm = mysql_query("Select user from users where id='1' LIMIT 1;");
$z = mysql_fetch_array($adm);
$administration = mysql_real_escape_string(check($z['user']));
ob_start();
if ($ver == "wml") {
echo $xml;
echo $dtd;
echo "<wml>n
<head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head>n
<card id="apanel" title="Админка">n
<p mode="wrap">n";
} else {
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><link rel="stylesheet" type="text/css" href="css/$css.css"/>
<title>Админка</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/></head><body>
<div align="left">";
}
$time = date ("H:i");
$go = isset($_GET['go']) ? $_GET['go'] : NULL;
switch($go) {
default:
echo $fsize1;
echo "<b>[Система]</b>(".$time.")>здарова, ".$us."!<br/><br/>n
Ник или ID юзера:<br/>n";
echo $fsize2;
if ($ver == "wml") {
echo "<input name="nick$ref" title="nick" maxlength="12" emptyok="true"/><br/>n";
echo $fsize1;
echo "<anchor title="go">Изменить<go href="apanel.php?go=view&$ses$takep" method="post">n
<postfield name="nick" value="$(nick$ref)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<form method="POST" action="apanel.php?go=view&$ses$takep" name="auth">n
<input name="nick" title="nick" maxlength="12" emptyok="true"/><br/>n
<input type="submit" class="ibutton" value="Изменить" name="enter"><br/>n";
}
echo '<br/>';
if ($ver == "wml") {
echo $fsize1;
echo '<br/>';
echo '<b>Пинок</b><br/>
На сколько (мин)<br/>';
echo $fsize2;
echo "<input name="wtime$ref" maxlength="3" title="vremya" format="*N" emptyok="true"/><br/>n";
echo $fsize1;
echo 'Причина<br/>';
echo $fsize2;
echo "<input name="whykik$ref" maxlength="200" title="whykik" emptyok="true"/><br/>n";
echo $fsize1;
echo "<anchor title="go">Пнуть засранца<go href="kick.php?go=pni&$ses$takep" method="post">n
<postfield name="nick" value="$(nick$ref)"/>n
<postfield name="wtime" value="$(wtime$ref)"/>n
<postfield name="whykik" value="$(whykik$ref)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
echo $fsize1;
echo '<br/>';
echo $fsize2;
echo $fsize1;
echo "<anchor title="go">Забанить Huk<go href="bann.php?$ses$takep" method="post">n
<postfield name="nick" value="$(nick$ref)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
echo $fsize1;
echo "<anchor title="go">Забанить IP+SOFT<go href="bannaip.php?$ses$takep" method="post">n
<postfield name="nick" value="$(nick$ref)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
echo $fsize1;
echo "<anchor title="go">Удалить юзера<go href="deluser.php?$ses$takep" method="post">n
<postfield name="nick" value="$(nick$ref)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
}
echo $fsize1;
echo "<div class='d1'>• <a href='apanel.php?$ses&go=ukomn$takep'>Упр.Комнатами</a><br/>";
#########################################
echo "• <a href='apanel.php?$ses&go=konfig$takep'>Конфигурация</a><br/>";
#########################################
if ($row["level"] == 8) {
echo "• <a href='apanel.php?$ses&go=vakans$takep'>Упр.Вакансиями</a><br/>";
#########################################
}
echo "• <a href='apanel.php?$ses&go=forlot$takep'>Форум/Лот.</a><br/>";
#########################################
echo "• <a href='apanel.php?$ses&go=botu$takep'>Для ботов</a><br/>";
#########################################
echo "• <a href='apanel.php?$ses&go=razbnn$takep'>Нарушители</a><br/>";
#########################################
echo "• <a href='apanel.php?$ses&go=uzapis$takep'>Записки/Чистка</a><br/>";
#########################################
if ($id == 10) {
echo "• <a href='apanel.php?$ses&go=imprt$takep'>Импорт</a><br/>";
}
#########################################
echo "• <a href='apanel.php?$ses&go=vselogs$takep'>Логи</a><br/>";
#########################################
echo "• <a href='apanel.php?$ses&go=uinf$takep'>Упр.Информацией</a><br/>";
#########################################
echo "• <a href='apanel.php?$ses&go=usvdb$takep'>Упр.Свадьбами</a></div>";
#########################################
echo $fsize2;
break;
case 'ukomn':
echo "<div class='c4'>Упр.Комнатами</div><br/>
» <a href="apanel.php?$ses&go=editrooms$takep">Изм. название комнаты</a><br/>n
» <a href="apanel.php?$ses&go=editposroom$takep">Изм. позицию комнаты</a><br/>n
» <a href="apanel.php?$ses&go=vidroom$takep">Включить комнату</a><br/>n
» <a href="apanel.php?$ses&go=dvidroom$takep">Выключить комнату</a><br/>n";
break;
#***************************************#
case 'konfig':
echo "<div class='c4'>Конфигурация</div><br/>
» <a href="apanel.php?$ses&go=bank$takep">Изм.Курс банка</a><br/>n
» <a href="apanel.php?$ses&go=kurs$takep">Настройки Магазина</a><br/>n
» <a href="apanel.php?$ses&go=pop$takep">Цены рейтинга</a><br/>n";
if ($row['level'] == 8) {
echo "» <a href="apanel.php?$ses&go=setting$takep">Основные настройки</a><br/>n
» <a href="apanel.php?$ses&go=otkl$takep">Отключение модулей</a><br/>n";
echo '» <a href="mod_reg.php?'.$ses.$takep.'">Допуск новичков</a><br/>';
}
echo "» <a href="apanel.php?$ses&go=editlevels$takep">Изм. название статусов</a><br/>n
» <a href="apanel.php?$ses&go=bots$takep">Изм. настроек Ботов</a><br/>n";
if ($row['level'] == 8) {
echo "» <a href="clear.php?$ses$takep">Сбросить подаренные подарки</a><br/>";
}
echo "» <a href="present/admin.php?$ses$takep">Управление подарками</a><br/>n
» <a href="apanel.php?$ses&go=medal$takep">Наградить медалью</a><br/>n";
if ($row['level'] == 8) {
echo "» <a href="apanel.php?$ses&go=link$takep">Ссылки на главную</a><br/>";
}
break;
#***************************************#
case 'vakans':
echo "<div class='c4'>Упр.Вакансиями</div><br/>
» <a href="elections/admin.php?action=readlist&$ses&$takep">Управление админами выборов</a><br/>n
» <a href="konkurs/admin.php?action=readlist&$ses&$takep">Управление админами конкурсов</a><br/>n
» <a href="journal/admin.php?action=readlist&$ses&$takep">Управление редакторами журнала</a><br/>n
» <a href="journal/admin.php?action=readlist2&$ses&$takep">Управление журналистами</a><br/>n";
break;
#***************************************#
case 'forlot':
echo "<div class='c4'>Форум/Лот.</div><br/>
» <a href="forum/admin.php?$ses$takep">Управление форумом</a><br/>n
» <a href="loterea/admin.php?$ses$takep">Управление лотереей</a><br/>n";
break;
#***************************************#
case 'botu':
echo "<div class='c4'>Для ботов</div><br/>
» <a href="apanel.php?$ses&go=addshutki$takep">Добавить шутку</a><br/>n
» <a href="apanel.php?$ses&go=addvopr$takep">Добавить вопрос</a><br/>n";
if ($id == 10) {
echo "» <a href="apanel.php?$ses&go=bk$takep">Бойцовский клуб</a><br/>n
» <a href="apanel.php?$ses&go=bot_bartender$takep">Управление БАРом</a><br/>n";
}
break;
#***************************************#
case 'razbnn':
echo "<div class='c4'>Нарушители</div><br/>
» <a href="apanel.php?$ses&go=unban$takep">Забаненые ники</a><br/>n
» <a href="apanel.php?$ses&go=clbanip$takep">Забаненые IP+SOFT</a><br/>n
» <a href="apanel.php?$ses&go=unpin$takep">Выпнутые</a><br/>n
» <a href="apanel.php?$ses&go=fullign$takep">Полный Игнор</a><br/>n
» <a href="apanel.php?$ses&go=vozmnik$takep">Проверить возм.ники</a><br/>n";
break;
#***************************************#
case 'uzapis':
echo "<div class='c4'>Упр.Записками</div><br/>
» <a href="apanel.php?$ses&go=zapiski$takep">Чтение записок</a><br/>n
» <a href="apanel.php?$ses&go=clearzap$takep">Чистка записок</a><br/>n
» <a href="apanel.php?$ses&go=spam$takep">Paccылкa зaпиcoк</a><br/>n
» <a href="apanel.php?$ses&go=clroom$takep">Чистка комнат (немедленно)</a><br/>n
» <a href="apanel.php?$ses&go=clroomtime$takep">Чистка комнат (через 3 мин.)</a><br/>n";
break;
#***************************************#
case 'imprt':
echo "<div class='c4'>Импорт</div><br/>
» <a href="apanel.php?$ses&go=import_fraz$takep">Импорт мата</a><br/>n
» <a href="apanel.php?$ses&go=import_frazi$takep">Импорт фраз</a><br/>n
» <a href="apanel.php?$ses&go=import_vopros$takep">Импорт вопросов</a><br/>n
» <a href="apanel.php?$ses&go=import_anekdot$takep">Импорт анекдотов</a><br/>n
» <a href="apanel.php?$ses&go=import_shutki$takep">Импорт шуток</a><br/>n
» <a href="apanel.php?$ses&go=import_zag$takep">Импорт загадок</a><br/>n";
break;
#***************************************#
case 'vselogs':
echo "<div class='c4'>Логи</div><br/>
» <a href="openlog.php?$ses$takep">Логи Админки</a><br/>n
» <a href="openlogm.php?$ses$takep">Логи Модерки</a><br/>n
» <a href="apanel.php?$ses&go=log_avt$takep">Логи Авторитета</a><br/>n
» <a href="openlogr.php?$ses$takep">Логи V.I.P комнаты</a><br/>n
» <a href="openlogi.php?$ses$takep">Логи Интим-комнаты</a><br/>n
» <a href="apanel.php?$ses&go=logban$takep">Баннлист</a><br/>n
» <a href="apanel.php?$ses&go=logbanip$takep">IP+SOFT-лист</a><br/>n
» <a href="apanel.php?$ses&go=logdel$takep">Del-лист</a><br/>n
» <a href="apanel.php?$ses&go=logpin$takep">Пинлист</a><br/>n
» <a href="apanel.php?$ses&go=topic$takep">Смены топика</a><br/>n
» <a href="apanel.php?$ses&go=reklama$takep">Рекламщики</a><br/>
» <a href="apanel.php?$ses&go=clearlogs$takep">Чистка Логов</a><br/>n";
break;
#***************************************#
case 'uinf':
echo "<div class='c4'>Упр.Инфромацией</div><br/>
» <a href="apanel.php?$ses&go=tell$takep">Объявление в чат</a><br/>n
» <a href="apanel.php?$ses&go=mnews$takep">Добавить новость</a><br/>n
» <a href="apanel.php?$ses&go=dnews$takep">Удалить новость</a><br/>n
» <a href="apanel.php?$ses&go=mmeet$takep">Добавить встречу</a><br/>n
» <a href="apanel.php?$ses&go=dmeet$takep">Удалить встречу</a><br/>n
» <a href="apanel.php?$ses&go=mobi$takep">Добавить объявление</a><br/>n
» <a href="apanel.php?$ses&go=dobi$takep">Удалить объявление</a><br/>
» <a href="apanel.php?$ses&go=welcome$takep">Приветствие на главной</a><br/>n";
break;
#***************************************#
case 'usvdb':
echo "<div class='c4'>Упр.Свадьбами</div><br/>
» <a href="apanel.php?$ses&go=sertif$takep">Создать брачный сертификат</a><br/>n
» <a href="apanel.php?$ses&go=msvadbi$takep">Добавить свадьбу</a><br/>n
» <a href="apanel.php?$ses&go=dsvadbi$takep">Удалить свадьбу</a><br/>n
» <a href="apanel.php?$ses&go=razvod$takep">Развести</a><br/>";
break;
case 'pop':
if (empty($_POST['cena']) && !empty($_POST['ok']))
{
echo 'Не указана цена добавления рейтинга!<br/>';
}
elseif (empty($_POST['cenafr']) && !empty($_POST['ok']))
{
echo 'Не указана цена добавления рейтинга друзьям!<br/>';
}
elseif (empty($_POST['popcol']) && !empty($_POST['ok']))
{
echo 'Не указано кол-во рейтинга для меню!</b><br/>';
}
elseif (!is_numeric($_POST['cena']) && !empty($_POST['ok']))
{
echo 'Введены левые символы!<br/>';
}
elseif (!is_numeric($_POST['cenafr']) && !empty($_POST['ok']))
{
echo 'Введены левые символы!<br/>';
}
elseif (!is_numeric($_POST['popcol']) && !empty($_POST['ok']))
{
echo 'Введены левые символы!<br/>';
}
elseif (!empty($_POST['cenafr']) && !empty($_POST['cena']) && !empty($_POST['popcol']) && !empty($_POST['ok']))
{
mysql_query("UPDATE `setting` SET `pop_cena`='".(int)$cena."',`pop_friend`='".(int)$cenafr."', `pop_col`='".(int)$popcol."'");
echo 'Сохранения изменены!<br/>';
}
$count_c = mysql_fetch_array(mysql_query("SELECT `pop_cena`,`pop_friend`,`pop_col` FROM `setting` WHERE `klu4`='1'"));
echo '<form method="POST" action="apanel.php?'.$ses.'&go=pop&ok">
Цена добавления рейтинга за 1%:<br/>
<input type="text" name="cena" value="'.$count_c['pop_cena'].'"/><br/>
Цена добавления рейтинга друзьям за 1%:<br/>
<input type="text" name="cenafr" value="'.$count_c['pop_friend'].'"/><br/>
Кол-во % для меню привилегий:<br/>
<input type="text" name="popcol" value="'.$count_c['pop_col'].'"/><br/>
<br/><input type="submit" class="ibutton" name="ok" value="Сохранить"/>
</form>';
break;
case 'log_avt':
$p = intval($_GET['p']);
if (empty($_GET['p'])) $page = 1;
else $page = $_GET['p'];
// получаем кол во участников
$result = mysql_query("SELECT count(`id`) FROM `avtoritet`;");
$cntData = mysql_fetch_row($result);
$count_users = $cntData[0];
$max_page = ceil ($count_users / 10);
$page = ($page > $max_page) ? (($max_page == 0)? $page : $max_page) : $page;
$start = 10*($page-1); $end = 10;
$start = (int)$start;
$end = (int)$end;
$resultx = mysql_query("SELECT * FROM `avtoritet` ORDER BY `id` DESC LIMIT $start,$end;");
$count_users_on_pagex = mysql_num_rows($resultx);
for($i = 0; $i < $count_users_on_pagex; $i++)
{
$row = mysql_fetch_array($resultx);
$id_user = $row['id_user'];
$id_who = $row['id_who'];
$time_vers = $row['time'];
$colc = $row['col'];
$time_vers = date("d.m.Y / H:i",$time_vers);
$view = mysql_query("SELECT `id`,`user` FROM `users` WHERE `id`='" . $id_user . "';");
$rowd = mysql_fetch_array($view);
$id1 = $rowd[0];
$nick1 = $rowd[1];
$view2 = mysql_query("SELECT `id`,`user` FROM `users` WHERE `id`='" . $id_who . "';");
$rowd2 = mysql_fetch_array($view2);
$id2 = $rowd2[0];
$nick2 = $rowd2[1];
if ($colc == 0) { $x = "-1"; }
if ($colc == 1) { $x = "+1"; }
echo 'Кому: <a href="info.php?nk='.$id1.'&'.$ses.'">'.$nick1.'</a> ('.$x.') Кто: <a href="info.php?nk='.$id2.'&'.$ses.'">'.$nick2.'</a> ['.$time_vers.']<br/>';
}
echo '<br/>';
if ($i == 0)
{
echo 'Изменений пока нет...<br/>';
}
if ($max_page > 1)
{
$ba = ceil($count_users/10);
$ba2 = $ba * 10 - 10;
echo '<br/>Страницы:';
$asd = $start - (10 * 4);
$asd2 = $start + (10 * 5);
if ($asd < $count_users and $asd > 0) {
echo ' <a href="apanel.php?'.$ses.'&go=log_avt&p=1'.$takep.'">1</a> ... ';
}
for($i = $asd; $i < $asd2;)
{
if ($i < $count_users and $i >= 0) {
$ii = floor(1+$i/10);
if ($start == $i) {
echo ' <b>('.$ii.')</b>';
}
else
{
echo ' <a href="apanel.php?'.$ses.'&go=log_avt&p='.$ii.''.$takep.'">'.$ii.'</a>';
}
}
$i = $i + 10;
}
if ($asd2 < $count_users) {
echo ' ... <a href="apanel.php?'.$ses.'&go=log_avt&p='.$ba.''.$takep.'">'.$ba.'</a>';
}
}
break;
case 'logdel':
echo $fsize1;
echo '<div class="c4">Логи удалений</div><br/>';
$start = gettime();
$log = file("log/dellist.dat");
$log = array_reverse($log);
$text = implode('',$log);
$string = mb_substr($text, $n, $signs, 'UTF8');
$m = $n + $signs;
if (!empty($string))
{
echo $string;
} else {
echo 'Пусто...';
}
if ($string != '') {
echo "<br/><br/><a href="apanel.php?$ses&go=logdel&n=$m&ref=$ref">Далее</a>";
}
echo $fsize2;
break;
case 'logban':
echo $fsize1;
echo '<div class="c4">Баннлист</div><br/>';
$start = gettime();
$log = file("log/bannlist.dat");
$log = array_reverse($log);
$text = implode('',$log);
$string = mb_substr($text, $n, $signs, 'UTF8');
$m = $n + $signs;
if (!empty($string))
{
echo $string;
} else {
echo 'Пусто...';
}
if ($string != '') {
echo "<br/><br/><a href="apanel.php?$ses&go=logban&n=$m&ref=$ref">Далее</a>";
}
echo $fsize2;
break;
case 'logbanip':
echo $fsize1;
echo '<div class="c4">Баннлист ip+soft</div><br/>';
$start = gettime();
$log = file("log/banniplist.dat");
$log = array_reverse($log);
$text = implode('',$log);
$string = mb_substr($text, $n, $signs, 'UTF8');
$m = $n + $signs;
if (!empty($string))
{
echo $string;
} else {
echo 'Пусто...';
}
if ($string != '') {
echo "<br/><br/><a href="apanel.php?$ses&go=logbanip&n=$m&ref=$ref">Далее</a>";
}
echo $fsize2;
break;
case 'logpin':
echo $fsize1;
echo '<div class="c4">Пиннлист</div><br/>';
$start = gettime();
$log = file("log/pinlist.dat");
$log = array_reverse($log);
$text = implode('',$log);
$string = mb_substr($text, $n, $signs, 'UTF8');
$m = $n + $signs;
if (!empty($string))
{
echo $string;
} else {
echo 'Пусто...';
}
if ($string != '') {
echo "<br/><a href="apanel.php?$ses&go=logpin&n=$m&ref=$ref">Далее</a>";
}
echo $fsize2;
break;
case 'topic':
echo $fsize1;
echo '<div class="c4">Логи топиков</div><br/>';
$start = gettime();
$log = file("log/topic.dat");
$log = array_reverse($log);
$text = implode('',$log);
$string = mb_substr($text, $n, $signs, 'UTF8');
$m = $n + $signs;
if (!empty($string))
{
echo $string;
} else {
echo 'Пусто...';
}
if ($string != '') {
echo "<br/><br/><a href="apanel.php?$ses&go=topic&n=$m&ref=$ref">Далее</a>";
}
echo $fsize2;
break;
case 'reklama':
echo $fsize1;
echo '<div class="c4">Рекламщеги</div><br/>';
$start = gettime();
$log = file("log/reklama.dat");
$log = array_reverse($log);
$text = implode("",$log);
$string = mb_substr($text, $n, $signs, 'UTF8');
$m = $n + $signs;
$string = strip_tags($string);
if (!empty($string))
{
echo $string;
} else {
echo 'Пусто...';
}
if ($string != '') {
echo "<br/><br/><a href="apanel.php?$ses&go=reklama&n=$m&ref=$ref">Далее</a>";
}
echo $fsize2;
break;
case 'setob':
echo "<form method="post" action="apanel.php?$ses$takep&mid=$mid&go=setob_ok$takep">";
$row1 = mysql_fetch_array(mysql_query("Select content,title,login from obiav where id='".$mid."' LIMIT 1;"));
$nik = $row['user'];
$row1['content'] = htmlspecialchars($row1['content']);
echo "Название:<br/><input name="title" value="$row1[title]" type="text" /><br/>n
Текст:<br/><input name="content" value="$row1[content]" type="text" /><br/>n
Разместил:<br/><input name="login1" value="$row1[login]" type="text" /><br/>n
<input class="ibutton" value="Изменить" type="submit" />n
</form>n";
break;
case 'otkl':
$setting = mysql_query("Select * from setting where klu4=1");
$set = mysql_fetch_array($setting);
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?$ses&go=otkl_ok$takep" name="auth">n";
echo '<div class="c4">Выбери модуль для откл. или вкл.</div><br/>';
echo $fsize1;
echo 'Чат:<br/>';
echo $fsize2;
echo '<select name="chat">';
if ($set['chat'] == 0) {
echo '<option value="0">Вкл.</option>
<option value="1">Откл.</option>';
} else {
echo '<option value="1">Откл.</option>
<option value="0">Вкл.</option>';
}
echo '</select><br/>';
echo $fsize1;
echo 'Форум:<br/>';
echo $fsize2;
echo '<select name="forum">';
if ($set['forum'] == 0) {
echo '<option value="0">Вкл.</option>
<option value="1">Откл.</option>';
} else {
echo '<option value="1">Откл.</option>
<option value="0">Вкл.</option>';
}
echo '</select><br/>';
echo $fsize1;
echo 'Гостевая:<br/>';
echo $fsize2;
echo '<select name="guest">';
if ($set['guest'] == 0) {
echo '<option value="0">Вкл.</option>
<option value="1">Откл.</option>';
} else {
echo '<option value="1">Откл.</option>
<option value="0">Вкл.</option>';
}
echo '</select><br/>';
if ($ver == "wml") {
echo $fsize1;
echo '<anchor title="go">Сохранить<go href="apanel.php?'.$ses.'&go=otkl_ok&ref='.$ref.'" method="post">
<postfield name="site" value="$(site)"/>
<postfield name="chat" value="$(chat)"/>
<postfield name="forum" value="$(forum)"/>
<postfield name="guest" value="$(guest)"/>';
echo '</go></anchor>';
echo $fsize2;
} else {
echo '<br/><input type="submit" class="ibutton" value="Сохранить" name="enter"><br/>';
}
break;
case 'otkl_ok':
$emp = "Неправильный формат данных!";
if (!preg_match("!^[0-9]+$!i",$chat)) {
$error = $emp;
}
if (!preg_match("!^[0-9]+$!i",$forum)) {
$error = $emp;
}
if (!preg_match("!^[0-9]+$!i",$guest)) {
$error = $emp;
}
$chat = intval($chat);
$forum = intval($forum);
$guest = intval($guest);
if (!isset($error)) {
$result = mysql_query ("Select * setting where klu4 = '1'");
if (mysql_affected_rows() == 0) {
$error = "ERROR!";
} else {
if (mysql_query ("Update setting set chat='".$chat."', forum='".$forum."', guest='".$guest."' where klu4 ='1'")) {
$msg = "Настройки изменены!";
} else {
$msg = "Ошибка изменения!";
}
}
} else {
$error = mysql_error();
}
if (isset($error)) {
echo $fsize1;
echo $error;
echo $fsize2;
}
echo $fsize1;
echo $msg."<br/>n";
echo $fsize2;
break;
case 'setob_ok':
function url_replace($m) {
if (!isset($m[3])) {
return '<a href="link.php?&l=' . $m[1] . '">' . $m[2] . '</a>';
} else {
return '<a href="link.php?&l=' . $m[3] . '">' . $m[3] . '</a>';
}
}
function bb_code($message) {
$message = preg_replace('#[b](.*?)[/b]#si', '<b>1</b>', $message);
$message = preg_replace('#[i](.*?)[/i]#si', '<i>1</i>', $message);
$message = preg_replace('#[u](.*?)[/u]#si', '<u>1</u>', $message);
$message = preg_replace('#[small](.*?)[/small]#si', '<small>1</small>', $message);
$message = preg_replace('#[red](.*?)[/red]#si', '<font color="#FF0000">1</font>', $message);
$message = preg_replace('#[green](.*?)[/green]#si', '<font color="#00FF00">1</font>', $message);
$message = preg_replace('#[blue](.*?)[/blue]#si', '<font color="#0000FF">1</font>', $message);
$message = preg_replace('#[yellow](.*?)[/yellow]#si', '<font color="#FFFF00">1</font>', $message);
$message = preg_replace('#[del](.*?)[/del]#si', '<del>1</del>', $message);
$message = preg_replace_callback('~\[url=(http://.+?)\](.+?)\[/url\]|(http://(www.)?[0-9a-z.-]+.[a-z]{2,6}[0-9a-zA-Z/?.~&_=/%-:#]*)~', 'url_replace', $message);
return $message;
}
$title = htmlspecialchars(stripslashes(trim($title)));
$content = htmlspecialchars(stripslashes(trim($content)));
$login1 = htmlspecialchars(stripslashes(trim($login1)));
$content = bb_code($content);
require_once "smile.php";
$content = smiles($content);
$minpos = 500;
$nm = 500;
for ($j = 0; $j <= count($smiles)-1; $j++) {
$tmpp = strpos($content,$smiles[$j]);
if (($tmpp < $minpos) and ($tmpp !== false)) {
$minpos = $tmpp;
$nm = $j;
}
}
if ($minpos != 500) {
if ($row['translit'] != 1) {
$st1 = substr($content,0,$minpos+strlen($smiles[$nm]));
$st2 = substr($content,$minpos+strlen($smiles[$nm]),strlen($content)-strlen($st1));
$st1_wosm = $st1;
$st1 = str_replace($smiles[$nm],$replaces[$nm],$st1);
if (strpos($replaces[$nm],"smil/") !== false)
$st1_woasm = $st1_wosm;
else
$st1_woasm = $st1;
$content_woasm = $st1.$st2;
$content_wosm = $st1_wosm.$st2;
$content = $st1_woasm.$st2;
}
else
{
$st1 = substr($content,0,$minpos);
$st2 = substr($content,$minpos, strlen($smiles[$nm]));
$st3 = substr($content,$minpos+strlen($smiles[$nm]),strlen($content)-strlen($st1)-strlen($st2));
$st1 = trun_to_rus($st1);
$st2_wosm = $st2;
$st2 = $replaces[$nm];
if (strpos($replaces[$nm],"smil/") !== false)
$st2_woasm = $st2_wosm;
else
$st2_woasm = $st2;
$st3 = trun_to_rus($st3);
$content = $st1.$st2_woasm.$st3;
$content_wosm = $st1.$st2_wosm.$st3;
$content_woasm = $st1.$st2.$st3;
}
}
elseif ($row['translit'] == 1) $content = trun_to_rus($content);
unset($smiles);
unset($replaces);
if (mysql_query("Update obiav set title='".$title."', content='".$content."', login='".$login1."', dlja='".(int)$dlja."' where id ='".(int)$mid."';"))
{
echo 'Изменено!<br/>';
echo "<a href="view_obiav.php?$ses$takep&mid=$mid&ref=$rand">В обьяву</a><br/>";
}
else
{
echo 'Ошибка!<br/>';
echo "<a href="view_obiav.php?$ses$takep&mid=$mid&ref=$rand">В обьяву</a><br/>";
}
break;
case 'mnews':
$content = trim(mysql_real_escape_string(htmlspecialchars($content)));
$date = date("j.m.Y");
if (empty($content)) $error=$error."<u>Пустое содержание!</u><br/>";
if (empty($action)) {
echo $fsize1;
echo 'Новость:<br/>';
echo $fsize2;
if ($ver == "wml") {
echo $fsize1;
echo "<input name="content"/><br/>
<anchor>Добавить<go href="apanel.php?$ses&go=mnews$takep" method="post">
<postfield name="action" value="add"/>
<postfield name="content" value="$(content)"/>
<postfield name="date" value="$date"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<form method="POST" action="apanel.php?$ses&go=mnews$takep" name="auth">n
<input name="content"/><br/>
<input type="hidden" name="action" value="add"/>
<input type="hidden" name="date" value="$date"/>
<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
} else {
if (empty($error)) {
$last_news = mysql_fetch_assoc(mysql_query("SELECT `content` FROM `news` WHERE `content`='".$content."'"));
if ($content != $last_news['content']) {
if (mysql_query("insert into news values(0,'".$login."','".$content."','".$date."');")) {
echo $fsize1;
echo 'Твоя новость успешно добавлена!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка записи новости!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Такая новость уже добавлена!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
}
break;
case 'bank':
echo "<form method="post" action="apanel.php?$ses&go=bank_ok$takep">";
$row = mysql_fetch_array(mysql_query("Select kurs from bank where id='1' LIMIT 1;"));
$kurs = $row['kurs'];
echo "<div class = 'c4'>Смена курса банка чата!</div><br/>
<b>Текущий курс 1 рубль за $kurs пост(a)(ов)</b><br/><br/>
Новый курс:<br/><input name="bank" class="form" value="$kurs" type="text" /><br/>n
<input value="Изменить" class="ibutton" type="submit" />n
</form>n";
break;
case 'bank_ok':
$bank = intval($bank);
if (mysql_query("update `bank` set kurs='$bank' WHERE `id`='1';"))
{
echo "Курс банка успешно изменён!<br/>
<a href="apanel.php?$ses&go=bank$takep">Назад</a><br/>n";
}
else
{
echo 'Ошибка!<br/>';
echo "<a href="apanel.php?$ses&go=bank$takep">Назад</a><br/>n";
}
break;
case 'spam':
$msg = trim(mysql_real_escape_string(check($msg)));
$topic = trim(mysql_real_escape_string(check($topic)));
$select = mysql_query("SELECT * FROM users");
$yesus = mysql_affected_rows();
echo "<small>Paccылкa зaпиcoк вceм пoльзoвaтeлям чaтa.<br/></small><br/>";
if ($ver == "wml") {
echo "<small>Haзвaниe paccылки:</small><br/>";
echo "<input name="topic" type="text"/><br/>
<small>Teкcт paccылки:</small><br/>
<input name="msg" type="text"/><br/>
<anchor title="next">Oтпpaвить (".$yesus." пользователям)
<go href="apanel.php?$ses&go=spammsend$takep" method="post">
<postfield name="msg" value="$(msg)"/>
<postfield name="topic" value="$(topic)"/>
</go></anchor><br/>";
} else {
echo "<form method="POST" action="apanel.php?$ses&go=spammsend$takep" name="auth">n
<input type="hidden" name="action" value="add"/>n";
echo $fsize1;
echo 'Тема:<br/>';
echo $fsize2;
echo "<input type="text" name="topic" value="$topic"/><br/>n";
echo $fsize1;
echo 'Содержание:<br/>';
echo $fsize2;
echo "<input type="text" name="msg" value="$msg"/><br/>n
<input type="submit" class="ibutton" value="отправить" name="enter"><br/>n";
}
break;
/////////////////////////////////
case 'vozmnik':
echo $fsize1;
echo '<b>Кого проверить:</b><br/>';
echo $fsize2;
if ($ver == "wml") {
echo "<input name="nick$ref" title="nick" maxlength="12" emptyok="true"/><br/>n";
echo 'Проверить по:<br/>
<select name="provw">
<option value="0">UA</option>
<option value="1">IP</option>
<option value="2">IP+UA</option>
</select><br/>';
echo $fsize1;
echo "<anchor title="go">Проверить<go href="apanel.php?go=nickvozm&$ses$takep" method="post">n
<postfield name="nick" value="$(nick$ref)"/>n
<postfield name="provw" value="$(provw)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} elseif ($ver == "xhtml") {
echo "<form method="POST" action="apanel.php?go=nickvozm&$ses$takep" name="auth">n
<input name="nick" title="nick" maxlength="12" emptyok="true"/><br/>n
Проверить по:<br/>
<select name="provw">
<option value="0">UA</option>
<option value="1">IP</option>
<option value="2">IP+UA</option>
</select><br/>
<br/><input type="submit" class="ibutton" value="Проверить" name="enter"><br/>n";
}
echo '<br/>';
break;
/////////////////////////////////
case 'nickvozm':
$nick = mysql_real_escape_string(check($nick));
if (!ctype_digit($nick)) {
$nick = trim($nick);
if ($nick == "") $nick = 0;
$latuser = strtolower($nick);
$ruser = rus_to_k($nick);
if ($ruser == $nick) {
$select = mysql_query ("Select * from users where latuser = '".$latuser."'");
} else {
$select = mysql_query ("select * from users where ruser = '".$ruser."'");
}
} else {
if (!ctype_digit($nick)) { header("Location: index.php?isset=403"); die; }
$select = mysql_query ("Select * from users where id = '".$nick."'");
}
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Нет такого юзера!<br/>';
echo $fsize2;
break;
}
$inf = mysql_fetch_array($select);
$usid = $inf["id"];
$usname = $inf["user"];
$us_s = $inf["user_soft"];
$us_i = $inf["user_ip"];
$id = $row['id'];
$qq = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `user_ip`='".$us_i."' AND `id`!='$id'"));
if (mysql_affected_rows() == 0) {
echo '<div class="c4">Возмножные ники:</div><br/>
Возможные ники: только мой!<br/>';
break;
}
elseif ($_POST['provw'] == 0) {
$id = $row['id'];
echo '<div class="c4">Возмножные ники по UA:</div><br/>
Возможные ники юзера <a href="search.php?'.$ses.'&go=view'.$takep2.'&nick='.$usid.'">
<b>'.$usname.'</b></a><br/><br/>';
$q = mysql_query("SELECT * FROM `users` WHERE `user_soft`='".htmlspecialchars($us_s)."' AND `id`!='$id'");
while ($res = mysql_fetch_assoc($q)) {
echo 'Подозреваемый: <a href="search.php?'.$ses.'&go=view'.$takep2.'&nick='.$res['id'].'">'.$res['user'].'</a><br/>
его UA: <font color="#FF0000">' . $res['user_soft'] . '</font>
<br/>';
}
} elseif ($_POST['provw'] == 1) {
$id = $row['id'];
echo '<div class="c4">Возмножные ники по IP:</div><br/>
Возможные ники юзера <a href="search.php?'.$ses.'&go=view'.$takep2.'&nick='.$usid.'">
<b>'.$usname.'</b></a><br/><br/>';
$q = mysql_query("SELECT * FROM `users` WHERE `user_ip`='".$us_i."' AND `id`!='$id'");
while ($res = mysql_fetch_assoc($q)) {
echo 'Подозреваемый: <a href="search.php?'.$ses.'&go=view'.$takep2.'&nick='.$res['id'].'">'.$res['user'].'</a><br/>
его IP: <font color="#FF0000">' . $res['user_ip'] . '</font>
<br/>';
}
} elseif ($_POST['provw'] == 2) {
$id = $row['id'];
echo '<div class="c4">Возмножные ники по IP+UA:</div><br/>
Возможные ники юзера <a href="search.php?'.$ses.'&go=view'.$takep2.'&nick='.$usid.'">
<b>'.$usname.'</b></a><br/><br/>';
$q = mysql_query("SELECT * FROM `users` WHERE `user_ip`='".$us_i."' AND `user_soft`='".$us_s."' AND `id`!='$id'");
while ($res = mysql_fetch_assoc($q)) {
echo 'Подозреваемый: <a href="search.php?'.$ses.'&go=view'.$takep2.'&nick='.$res['id'].'">'.$res['user'].'</a><br/>';
echo 'его IP: <font color="#FF0000">' . $res['user_ip'] . '</font><br/>
его UA: <font color="#FF0000">' . htmlspecialchars($res['user_soft']) . '</font>
<br/>';
}
}
break;
/////////////////////////////////
case 'spammsend':
$select2 = mysql_query ("SELECT * FROM users");
while ($allu = mysql_fetch_assoc($select2))
{
$msg = trim(mysql_real_escape_string(check($msg)));
$mes = $msg . "(Это письмо сформировано автоматически службой уведомления чата, отвечать на него не нужно.)";
$topic = trim(mysql_real_escape_string(check($topic)));
$kol = rand(0,99999999);
$dataspamm = date("d-M-Y [H:i]");
$timespamm = time();
$selSYS = mysql_fetch_array(mysql_query("SELECT `user` FROM `users` WHERE `id`='1'"));
mysql_query("Insert into zapiski set klu4='".$kol."', who ='".$selSYS[0]."', idwho ='1', message = '".$mes."', towhom = '". $allu['user'] ."', idtowhom = '". $allu['id'] ."', time = '".$timespamm."', readd = '0', topic = '".$topic."', date='".$dataspamm."'");
}
echo "<small>Paccылкa ycпeшнo выпoлнeнa...</small><br/>";
break;
case 'sertif':
$userm = mysql_query ("select count(id) as num from users where sex ='М' and id !='1' and id !='2' and id !='3' and id !='4' and id !='5' and id !='6' and id !='7' and id !='8' and id !='9' and para!='';");
$usm = mysql_fetch_array($userm);
$num = $usm['num'];
if (!isset($s)) $s = 0;
$mx = round(($num/10)+0.45);
if ($s > $mx) $s = $mx;
if ($s == 0) $s = 1;
$ot = (($s - 1) * 10) + 1;
$do = $s * 10;
if ($do > $num) $do=$num;
$o = $ot - 1;
$n = $ot;
if ($do == 0) $n = $o;
echo "Показывает $n-$do из $num<br/>";
echo '<br/>';
$r = mysql_query ("select id,user,para from users where sex ='М' and para!='' and id !='1' and id !='2' and id !='3' and id !='4' and id !='5' and id !='6' and id !='7' and id !='8' and id !='9' and para!='' order by posts desc limit $o,$do");
for ($i = $ot; $i <= $do; $i++) {
$arr = mysql_fetch_array($r);
$login = $arr['user'];
$usid = $arr['id'];
$para = $arr['para'];
$o = intval($o);
$do = intval($do);
$rx = mysql_query ("select id,user from users where para!='' and id='".(int)$para."' order by posts desc limit $o,$do");
$arrx = mysql_fetch_array($rx);
$loginx = $arrx['user'];
$usidx = $arrx['id'];
echo ($i).") ".col_n($login)." + ".col_n($loginx)." <a href="apanel.php?$ses&go=gosertif&mid=$usid&fid=$usidx$takep">[+]</a><br/>";
}
$next = $s + 1;
$prev = $s - 1;
if ($num > $do) {
$ot = (($next - 1) * 10) + 1;
$do = $next * 10;
if ($do > $num) $do = $num;
echo '<br/>';
echo "<a href="apanel.php?$ses&go=sertif&s=$next$takep">>>$ot-$do>></a><br/>n";
}
if ($s > 1) {
$ot = (($prev - 1) * 10) + 1;
$do = $prev * 10;
echo "<a href="apanel.php?$ses&go=sertif&s=$prev$takep"><<$ot-$do<<</a><br/>n";
}
break;
case 'gosertif':
$mid = intval($mid);
$fid = intval($fid);
$xf = mysql_query("select * from `sertificat` where zhenih='" . $mid . "' AND nevesta='" . $fid . "';");
$df = mysql_fetch_array($xf);
if (!empty($df[id]))
{
echo 'Ошибка! Сертификат уже написан!';
include_once 'foot.php';
ob_end_flush();
exit;
}
$xf = mysql_query("select * from `users` where id='" . $mid . "';");
$df = mysql_fetch_array($xf);
if ($df['para'] != "$fid")
{
echo 'Ошибка! Пара не зарегистрирована!';
include_once 'foot.php';
ob_end_flush();
exit;
}
$xf = mysql_query("select * from `users` where id='" . $fid . "';");
$df = mysql_fetch_array($xf);
if ($df['para'] != $mid)
{
echo 'Ошибка! Пара не зарегистрирована!';
include_once 'foot.php';
ob_end_flush();
exit;
}
$mid = intval($_GET['mid']);
if (!ctype_digit($mid))
{
echo 'Попытка взлома!<br/>';
echo '<a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
if (empty($_GET['mid'])) {
echo 'Ошибка!';
include_once 'foot.php';
ob_end_flush();
exit;
}
$typ = mysql_query("select * from `users` where id='" . $mid . "';");
$ms = mysql_fetch_array($typ);
if ($ms['id'] != $mid)
{
echo 'Ошибка! Юзера не существует!<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$fid = intval($_GET['fid']);
if (!ctype_digit($fid))
{
echo 'Попытка взлома!<br/>';
echo '<a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
if (empty($_GET['fid'])) {
echo 'Ошибка!';
include_once 'foot.php';
ob_end_flush();
exit;
}
$typ = mysql_query("select * from `users` where id='" . $fid . "';");
$ms = mysql_fetch_array($typ);
if ($ms[id] != "$fid")
{
echo 'Ошибка! Юзера не существует!<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
if ($ver != "wml") {
echo '<form action="apanel.php?'.$ses.'&go=addsertif&mid='.$mid.'&fid='.$fid.$takep.'" method="post">
<b>Дата свадьбы / время:</b> <br/><input type="text" name="date"/><br/>
<b>ID свидетель жениха:</b> <br/><input type="text" name="sv_zh"/><br/>
<b>ID свидетель невесты:</b> <br/><input type="text" name="sv_nev"/><br/>
<b>Кол-во гостей на свадьбе:</b> <br/><input type="text" name="kolvo"/><br/>
<br/><input type="submit" class="ibutton" value="Создать" /></form>';
} else {
echo '<b>Дата свадьбы / время:</b> <br/><input type="text" name="date"/><br/>
<b>ID свидетель жениха:</b> <br/><input type="text" name="sv_zh"/><br/>
<b>ID свидетель невесты:</b> <br/><input type="text" name="sv_nev"/><br/>
<b>Кол-во гостей на свадьбе:</b> <br/><input type="text" name="kolvo"/><br/>
<anchor>Создать!
<go href="apanel.php?'.$ses.'&go=addsertif&mid='.$mid.'&fid='.$fid.$takep.'" method="post">
<postfield name="date" value="$(date)"/>
<postfield name="sv_zh" value="$(sv_zh)"/>
<postfield name="sv_nev" value="$(sv_nev)"/>
<postfield name="kolvo" value="$(kolvo)"/>
</go></anchor><br/>--------------------<br/>';
}
break;
case 'addsertif':
$mid = intval($mid);
$fid = intval($fid);
$xf = mysql_query("select * from `sertificat` where zhenih='" . $mid . "' AND nevesta='" . $fid . "';");
$df = mysql_fetch_array($xf);
if (!empty($df['id']))
{
echo 'Ошибка! Сертификат уже написан!<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$xf = mysql_query("select * from `users` where id='" . $mid . "';");
$df = mysql_fetch_array($xf);
if ($df['para'] != "$fid")
{
echo 'Ошибка! Пара не зарегистрирована!<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$xf = mysql_query("select * from `users` where id='" . $fid . "';");
$df = mysql_fetch_array($xf);
if ($df['para'] != "$mid")
{
echo 'Ошибка! Пара не зарегистрирована!<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$kolvo = intval($_POST['kolvo']);
if (!ctype_digit($kolvo))
{
echo 'Кол-во выражается в цифрах!<br/>';
echo '<a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
if (empty($_POST['kolvo'])) {
echo 'Ошибка! Нет гостей чтоль?<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$mid = intval($_GET['mid']);
if (!ctype_digit($mid))
{
echo 'Попытка взлома!<br/>';
echo '<a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
if (empty($_GET['mid'])) {
echo 'Ошибка! Жених потерялся!<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$typ = mysql_query("select * from `users` where id='" . $mid . "';");
$ms = mysql_fetch_array($typ);
if ($ms['id'] != "$mid")
{
echo 'Ошибка! Юзера не существует!<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$fid = intval($_GET['fid']);
if (!ctype_digit($fid))
{
echo 'Попытка взлома!<br/>';
echo '<a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
if (empty($_GET['fid'])) {
echo 'Ошибка! Невеста где?<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$typ = mysql_query("select * from `users` where id='" . $fid . "';");
$ms = mysql_fetch_array($typ);
if ($ms['id'] != "$fid")
{
echo 'Ошибка! Юзера не существует!<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$sv_zh = intval($_POST['sv_zh']);
if (!ctype_digit($sv_zh))
{
echo 'ID пишется в цифрах!<br/>';
echo '<a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
if (empty($_POST['sv_zh'])) {
echo 'Ошибка! Нет свидетеля!<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$sv_zh = intval($sv_zh);
$typ = mysql_query("select * from `users` where id='" . $sv_zh . "';");
$ms = mysql_fetch_array($typ);
if ($ms['id'] != "$sv_zh")
{
echo 'Ошибка! Юзера с ИД: ' . $sv_zh . ' несуществует!<br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
$sv_nev = intval($_POST['sv_nev']);
if (!ctype_digit($sv_nev))
{
echo 'ID пишется в цифрах!';
echo '<a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
include_once 'foot.php';
ob_end_flush();
exit;
}
if (empty($_POST['sv_nev'])) {
echo "Ошибка! СВИДЕТЕЛЯ НЕТ???";
include_once 'foot.php';
ob_end_flush();
exit;
}
$sv_nev = intval($sv_nev);
$typ = mysql_query("select * from `users` where id='" . $sv_nev . "';");
$ms = mysql_fetch_array($typ);
if ($ms['id'] != "$sv_nev")
{
echo 'Ошибка! Юзера с ИД: ' . $sv_nev . ' несуществует!';
include_once 'foot.php';
ob_end_flush();
exit;
}
$realtime = time();
$kolvo = intval($kolvo);
mysql_query("insert into `sertificat` values(0,'".$mid."','".$fid."','" . $sv_zh . "','" . $sv_nev . "','" . $kolvo . "','" . $date . "','" . $realtime . "');");
echo 'Сертификат успешно подписан!<br/>';
break;
case 'welcome':
$buff = file_get_contents("welcome.dat");
$buff = htmlspecialchars(check($buff));
echo 'Приветствие:<br/>';
if ($ver != "wml") {
echo '<form method="post" action="apanel.php?'.$ses.'&go=welcome_end'.$takep.'">
<textarea name="buffs" cols="35" rows="5">'.$buff.'</textarea><br/>
<input value="Редактировать" class="ibutton" type="submit"></form>';
} else {
echo '<input name="buffs" value="'.$buff.'"/><br/>
<anchor>Редактировать
<go href="apanel.php?'.$ses.'&go=welcome_end'.$takep.'" method="post">
<postfield name="buffs" value="$(buffs)"/>
</go></anchor><br/>--------------------<br/>';
}
break;
case 'welcome_end':
$buffs = htmlspecialchars(check($buffs));
$fp = fopen("welcome.dat","a+");
flock($fp,LOCK_EX);
ftruncate($fp,0);
fputs ($fp,$buffs);
fflush($fp);
flock($fp,LOCK_UN);
fclose ($fp);
echo 'Блок приветствия успешно отредактирован!<br/><br/>';
break;
case 'dnews':
$q = mysql_query("select id,content from news order by id desc;");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Новостей нет!!!<br/>';
echo $fsize2;
} else {
if (empty($action)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?action=del&$ses&go=dnews&mid=".$arr['id']."$takep">".$arr['id'].":</a> ".$arr['content']."<br/>";
echo $fsize2;
}
} else {
$mid = intval($mid);
if (mysql_query("delete from news where id='".$mid."' limit 1;")) {
echo $fsize1;
echo 'Запись успешно удалена!<br/>';
echo $fsize2;
}
}
}
break;
case 'mmeet':
$title = trim(mysql_real_escape_string(check($title)));
$content = trim(mysql_real_escape_string(check($content)));
$organizatory = trim(mysql_real_escape_string(check($organizatory)));
if (empty($title)) $error=$error."<u>Название не введено!</u><br/>";
if (empty($content)) $error=$error."<u>Пустое содержание встречи!</u><br/>";
if (empty($organizatory)) $error=$error."<u>Организаторов нет!</u><br/>";
if (empty($action)) {
if ($ver == "wml") {
echo $fsize1;
echo 'Название:<br/>';
echo $fsize2;
echo '<input name="title"/><br/>';
echo $fsize1;
echo 'Содержание:<br/>';
echo $fsize2;
echo '<input name="content"/><br/>';
echo $fsize1;
echo 'Организаторы:<br/>';
echo $fsize2;
echo '<input name="organizatory"/><br/>';
echo $fsize1;
echo "<anchor>Добавить<go href="apanel.php?$ses&go=mmeet$takep" method="post">
<postfield name="action" value="add"/>
<postfield name="title" value="$(title)"/>
<postfield name="content" value="$(content)"/>
<postfield name="organizatory" value="$(organizatory)"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<form method="POST" action="apanel.php?$ses&go=mmeet$takep" name="auth">n
<input type="hidden" name="action" value="add"/>n";
echo $fsize1;
echo 'Название:<br/>';
echo $fsize2;
echo "<input type="text" name="title" value="$title"/><br/>n";
echo $fsize1;
echo 'Содержание:<br/>';
echo $fsize2;
echo "<input type="text" name="content" value="$content"/><br/>n";
echo $fsize1;
echo 'Организаторы:<br/>';
echo $fsize2;
echo "<input type="text" name="organizatory" value="$organizatory"/><br/>n
<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
} else {
if (empty($error)) {
$last_meet = mysql_fetch_assoc(mysql_query("SELECT `title` FROM `vstrechi` WHERE `content`='".$content."'"));
if ($title != $last_meet['title']) {
if (mysql_query("insert into vstrechi values(0,'".$login."','".$title."','".$content."','".$organizatory."');")) {
echo $fsize1;
echo 'Твоя встреча успешно добавлена!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Проблемы с базой данных!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Такая встреча уже добавлена!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
}
break;
case 'dmeet':
$q = mysql_query("select id,title from vstrechi order by id desc;");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Встреч нет!<br/>';
echo $fsize2;
} else {
if (empty($action)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?action=del&$ses&go=dmeet&mid=".$arr['id']."$takep">".$arr['title']."</a><br/>";
echo $fsize2;
}
} else {
$mid = intval($mid);
if (mysql_query("delete from vstrechi where id='".$mid."' limit 1;")) {
echo $fsize1;
echo 'Запись успешно удалена!<br/>';
echo $fsize2;
}
}
}
break;
case 'mobi':
function url_replace($m) {
if (!isset($m[3])) {
return '<a href="link.php?&l=' . $m[1] . '">' . $m[2] . '</a>';
} else {
return '<a href="link.php?&l=' . $m[3] . '">' . $m[3] . '</a>';
}
}
function bb_code($message) {
$message = preg_replace('#[b](.*?)[/b]#si', '<b>1</b>', $message);
$message = preg_replace('#[i](.*?)[/i]#si', '<i>1</i>', $message);
$message = preg_replace('#[u](.*?)[/u]#si', '<u>1</u>', $message);
$message = preg_replace('#[small](.*?)[/small]#si', '<small>1</small>', $message);
$message = preg_replace('#[red](.*?)[/red]#si', '<font color="#FF0000">1</font>', $message);
$message = preg_replace('#[green](.*?)[/green]#si', '<font color="#00FF00">1</font>', $message);
$message = preg_replace('#[blue](.*?)[/blue]#si', '<font color="#0000FF">1</font>', $message);
$message = preg_replace('#[yellow](.*?)[/yellow]#si', '<font color="#FFFF00">1</font>', $message);
$message = preg_replace('#[del](.*?)[/del]#si', '<del>1</del>', $message);
$message = preg_replace_callback('~\[url=(http://.+?)\](.+?)\[/url\]|(http://(www.)?[0-9a-z.-]+.[a-z]{2,6}[0-9a-zA-Z/?.~&_=/%-:#]*)~', 'url_replace', $message);
return $message;
}
$title = trim(mysql_real_escape_string(check($title)));
$content = trim(mysql_real_escape_string(check($content)));
$login = trim(mysql_real_escape_string(check($login)));
$dlja = intval($dlja);
if (empty($title)) $error=$error."<u>Название не введено!</u><br/>";
if (empty($content)) $error=$error."<u>Пустое содержание встречи!</u><br/>";
if (empty($action)) {
if ($ver == "wml") {
echo $fsize1;
echo 'Название:<br/>';
echo $fsize2;
echo '<input name="title"/><br/>';
echo $fsize1;
echo 'Содержание:<br/>';
echo $fsize2;
echo '<input name="content"/><br/>';
echo $fsize1;
echo '<input type="checkbox" name="dlja" value="1"/>Для Администрации<br/>';
echo $fsize2;
echo "<anchor>Добавить<go href="apanel.php?$ses&go=mobi$takep" method="post">
<postfield name="action" value="add"/>
<postfield name="title" value="$(title)"/>
<postfield name="content" value="$(content)"/>
<postfield name="dlja" value="$(dlja)"/>
</go></anchor>";
echo $fsize1;
echo '<br/>';
} else {
echo "<form method="POST" action="apanel.php?$ses&go=mobi$takep" name="auth">n
<input type="hidden" name="action" value="add"/>n";
echo $fsize2;
echo 'Название:<br/>';
echo $fsize1;
echo '<input type="text" name="title"/><br/>';
echo $fsize2;
echo 'Содержание:<br/>';
echo $fsize1;
echo "<input type="text" name="content"/><br/>n";
echo $fsize2;
echo '<input type="checkbox" name="dlja" value="1"/>Для Администрации<br/>';
echo $fsize1;
echo "<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
} else {
if (empty($error)) {
$last_obiav = mysql_fetch_assoc(mysql_query("SELECT `id`,`title` FROM `obiav` WHERE `content`='".$content."'"));
if ($title != $last_obiav['title']) {
$content = bb_code($content);
require_once "smile.php";
$content = smiles($content);
$minpos = 500;
$nm = 500;
for ($j = 0; $j <= count($smiles)-1; $j++) {
$tmpp = strpos($content,$smiles[$j]);
if (($tmpp < $minpos) and ($tmpp !== false)) {
$minpos = $tmpp; $nm = $j;
}
}
if ($minpos != 500) {
if ($row['translit'] != 1) {
$st1 = substr($content,0,$minpos+strlen($smiles[$nm]));
$st2 = substr($content,$minpos+strlen($smiles[$nm]),strlen($content)-strlen($st1));
$st1_wosm = $st1;
$st1 = str_replace($smiles[$nm],$replaces[$nm],$st1);
if (strpos($replaces[$nm],"smil/") !== false)
$st1_woasm = $st1_wosm;
else
$st1_woasm = $st1;
$content_woasm = $st1.$st2;
$content_wosm = $st1_wosm.$st2;
$content = $st1_woasm.$st2;
}
else
{
$st1 = substr($content,0,$minpos);
$st2 = substr($content,$minpos, strlen($smiles[$nm]));
$st3 = substr($content,$minpos+strlen($smiles[$nm]),strlen($content)-strlen($st1)-strlen($st2));
$st1 = trun_to_rus($st1);
$st2_wosm = $st2;
$st2 = $replaces[$nm];
if (strpos($replaces[$nm],"smil/") !== false)
$st2_woasm = $st2_wosm;
else
$st2_woasm = $st2;
$st3 = trun_to_rus($st3);
$content = $st1.$st2_woasm.$st3;
$content_wosm = $st1.$st2_wosm.$st3;
$content_woasm = $st1.$st2.$st3;
}
}
elseif ($row['translit'] == 1) $content = trun_to_rus($content);
unset($smiles);
unset($replaces);
if (mysql_query("insert into obiav values(0,'".$login."','".$title."','".$content."','".$dlja."','');")) {
if ($_POST['dlja'] == 1) { mysql_query("UPDATE `obiav` SET `dlja`='1' WHERE `content`='".$content."'"); }
echo $fsize1;
echo 'Объявление успешно добавлено!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Проблемы с базой данных!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Такое объявление уже добавлено!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
}
break;
case 'dobi':
$q = mysql_query("select * from obiav order by id desc;");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Объявлений нет!!!<br/>';
echo $fsize2;
} else {
if (empty($action)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?action=del&$ses&go=dobi&mid=".$arr['id']."$takep">".$arr['title']."</a><br/>";
echo $fsize2;
}
} else {
$mid = intval($mid);
if (mysql_query("delete from obiav where id='".$mid."' limit 1;")) {
echo $fsize1;
echo 'Объявление успешно удалено!<br/>';
echo $fsize2;
}
}
}
break;
case 'view':
$nick = mysql_real_escape_string(check($nick));
if (!ctype_digit($nick)) {
$nick = trim($nick);
if ($nick == '') $nick = 0;
$latuser = strtolower($nick);
$ruser = rus_to_k($nick);
if ($ruser == $nick) {
$select = mysql_query ("Select * from users where latuser = '".$latuser."'");
} else {
$select = mysql_query ("select * from users where ruser = '".$ruser."'");
}
} else {
if (!ctype_digit($nick)) { header("Location: index.php?isset=403"); die; }
$select = mysql_query ("Select * from users where id = '".$nick."'");
}
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Нет такого юзера<br/>';
echo $fsize2;
break;
}
$inf = mysql_fetch_array ($select);
$usid = $inf["id"];
$us_ip = $inf["user_ip"];
$us_soft = $inf["user_soft"];
$level2 = $inf["level"];
if ($level2 > $row["level"]) {
echo $fsize1;
echo 'Запрещено редактировать вышестоящих пользователей!<br/>';
echo $fsize2;
break;
}
if (($usid == 10) and ($usid != $id)) {
echo 'Нет прав!<br/>';
break;
}
echo $fsize1;
echo '<b>ID-Номер</b>:<br/>';
echo $usid . '<br/>';
if ($row["level"] >= 7) {
echo '<b>IP-юзера</b>:<br/>
' . $us_ip . '<br/>
<b>Soft-юзера</b>:<br/>
' . htmlspecialchars($us_soft) . '<br/>';
if (opsos($us_ip) != '') echo 'Пров: ' . opsos($us_ip) . '<br/>';
else echo 'Пров: не определен<br/>';
}
if ($ver == "xhtml") {
echo "<form method="POST" action="apanel.php?go=upd&$ses$takep" name="auth">n";
if ($row["level"] != 8 and $ver != "wml") {
echo "<input type='hidden' name='gposts$re' value='$inf[gposts]' />
<input type='hidden' name='posts$re' value='$inf[posts]' />
<input type='hidden' name='forumpost$re' value='$inf[forumpost]' />
<input type='hidden' name='credits$re' value='$inf[credits]' />
<input type='hidden' name='credits2$re' value='$inf[credits2]' />
<input type='hidden' name='byeotv$re' value='$inf[byeotv]' />
<input type='hidden' name='mafcredits$re' value='$inf[mafcredits]' />
<input type='hidden' name='money$re' value='$inf[money]' />
<input type='hidden' name='votefoto$re' value='$inf[votefoto]' />
<input type='hidden' name='colkik$re' value='$inf[colkik]' />";
}
$re == '';
}
else
{
$re = $ref;
}
echo '<b>Ник</b>:<br/>';
echo $fsize2;
echo '<input name="upnick'.$re.'" maxlength="12" value="'.$inf['user'].'" title="nick"/><br/>';
echo $fsize1;
echo '<b>Пароль (заполнять только если изменять!!!)</b>:<br/>';
echo $fsize2;
echo '<input name="upass'.$re.'" maxlength="20" value="" title="upass"/><br/>';
echo $fsize1;
echo '<b>Постов</b>:<br/>';
echo $fsize2;
echo '<input name="posts'.$re.'" maxlength="10" value="'.$inf['posts'].'" title="posts"/><br/>';
echo $fsize1;
echo '<b>Постов форума</b>:<br/>';
echo $fsize2;
echo '<input name="forumpost'.$re.'" maxlength="10" value="'.$inf['forumpost'].'" title="forumpost"/><br/>';
echo $fsize1;
echo '<b>Игровой баланс</b>:<br/>';
echo $fsize2;
echo '<input name="gposts'.$re.'" maxlength="10" value="'.$inf['gposts'].'" title="gposts"/><br/>';
echo $fsize1;
echo '<b>Ответов в викторине</b>:<br/>';
echo $fsize2;
echo '<input name="credits'.$re.'" maxlength="10" value="'.$inf['credits'].'" title="credits"/><br/>';
echo $fsize1;
echo '<b>Куплено ответов</b>:<br/>';
echo $fsize2;
echo '<input name="byeotv'.$re.'" maxlength="10" value="'.$inf['byeotv'].'" title="byeotv"/><br/>';
echo $fsize1;
echo '<b>Отгадок</b>:<br/>';
echo $fsize2;
echo '<input name="credits2'.$re.'" maxlength="10" value="'.$inf['credits2'].'" title="credits2"/><br/>';
echo $fsize1;
echo '<b>Деньги</b>:<br/>';
echo $fsize2;
echo '<input name="money'.$re.'" maxlength="10" value="'.$inf['money'].'" title="money"/><br/>';
echo $fsize1;
echo '<b>Кредитов в Мафии</b>:<br/>';
echo $fsize2;
echo '<input name="mafcredits'.$re.'" maxlength="10" value="'.$inf['mafcredits'].'" title="mafcredits"/><br/>';
echo $fsize1;
echo '<b>Голосов за фото</b>:<br/>';
echo $fsize2;
echo '<input name="votefoto'.$re.'" maxlength="5" value="'.$inf['votefoto'].'" title="votefoto"/><br/>';
echo $fsize1;
echo '<b>Нарушений</b>:<br/>';
echo $fsize2;
echo '<input name="colkik'.$re.'" maxlength="10" value="'.$inf['colkik'].'" title="colkik"/><br/>';
echo $fsize1;
echo '<b>Уровень опьянения</b>:<br/>';
echo $fsize2;
echo '<input name="alcohol'.$re.'" maxlength="10" value="'.$inf['alcohol'].'" title="alcohol"/><br/>';
echo $fsize1;
echo '<b>Статус</b>:<br/>';
echo $fsize2;
echo '<input name="status'.$re.'" maxlength="20" value="'.$inf['status'].'" title="status"/><br/>';
echo $fsize1;
echo '<b>Невидимость</b>:<br/>';
echo $fsize2;
echo '<select name="inv'.$re.'">';
if ($inf["inv"] == 0) echo '<option value="0">Отключена</option>';
elseif ($inf["inv"] == 1) echo '<option value="1">Включена</option>';
elseif ($inf["inv"] == 2) echo '<option value="2">Полный игнор</option>';
if ($inf["inv"] != 0) echo '<option value="0">Отключена</option>';
if ($inf["inv"] != 1) echo '<option value="1">Включена</option>';
if ($inf["inv"] != 2) echo '<option value="2">Полный игнор</option>';
echo '</select><br/>';
echo $fsize1;
echo '<b>Уровень</b>:<br/>';
echo $fsize2;
echo '<select name="level'.$re.'">';
if ($inf["level"] != 0) {
$i = $inf["level"];
$i = intval($i);
$levelselect = mysql_query ("Select name from levels where level='".$i."'");
$levels = mysql_fetch_array($levelselect);
$levelname = $levels["name"];
echo '<option value="'.$i.'">'.$i.'-'.$levelname.'</option>';
}
if (($inf["level"] != 8) and ($row["level"] == 8)) {
for($i = 0; $i <= 8; $i++) {
$i = intval($i);
$levelselect = mysql_query ("Select name from levels where level='".$i."'");
$levels = mysql_fetch_array($levelselect);
$levelname = $levels["name"];
echo '<option value="'.$i.'">'.$i.'-'.$levelname.'</option>';
}
} else {
for($i = 0; $i <= 7; $i++) {
$i = intval($i);
$levelselect = mysql_query ("Select name from levels where level='".$i."'");
$levels = mysql_fetch_array($levelselect);
$levelname = $levels["name"];
echo '<option value="'.$i.'">'.$i.'-'.$levelname.'</option>';
}
}
echo '</select><br/>';
if ($ver == "wml") {
echo $fsize1;
echo 'Перейди на xHTML чтобы ред. анкеты!!!<br/>';
} else {
echo "<input type="hidden" name="upid" value="$usid"/>n
<input type="submit" class="ibutton" value="Сохранить" name="enter"><br/>n";
}
if ($inf['img'] != '') {
echo $fsize1;
echo '<br/>';
echo "<a href="apanel.php?go=delfoto&$ses&usid=$usid$takep">Удалить фото</a><br/>";
echo $fsize2;
}
echo "<a href="deluser.php?$ses&nk=$usid&ref=$ref">Удалить ник</a><br/>n
<a href="kick.php?$ses&nk=$usid&ref=$ref">Пнуть</a><br/>n
<a href="kick2.php?$ses&nk=$usid&ref=$ref">Пнуть+штраф</a><br/>n
<a href="bann.php?$ses&nk=$usid&ref=$ref">Забанить ник</a><br/>n
<a href="bannaip.php?$ses&nk=$usid&ref=$ref">Банн ip+soft!!!</a><br/>n";
break;
case 'delfoto':
echo $fsize1;
if (!ctype_digit($usid)) { header("Location: index.php?isset=403"); die; }
$usid = intval($usid);
$select2 = mysql_query ("Select img from users where id = '".$usid."'");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Нет такого юзера<br/>';
echo $fsize2;
break;
}
$inf2 = mysql_fetch_array ($select);
$myfotos = $inf2['img'];
$ras = explode(".", $myfotos);
$types = $ras[1];
if (!file_exists("photos/".$usid.".".$types."")) {
echo 'У юзера не установлено фото!<br/>';
} else {
if (!ctype_digit($usid)) { header("Location: index.php?isset=403"); die; }
$upid = intval($upid);
if (mysql_query ("Update users set img ='' where id ='".$usid."'")) {
unlink ("photos/".$usid.".".$types."");
echo 'Фото успешно удалено.<br/>';
} else {
echo 'Ошибка удаления фото.<br/>';
}
}
echo $fsize2;
break;
case 'upd':
if (($usid == 10) and ($usid != $id)) {
echo 'Нет прав!<br/>';
break;
}
$upnick = trim($upnick);
if ($upnick == '') {
echo $fsize1;
echo 'error<br/>';
echo $fsize2;
break;
}
if (!ctype_digit($upid)) { header("Location: index.php?isset=403"); die; }
$upid = intval($upid);
$a = mysql_query("SELECT user,level FROM users WHERE id ='".$upid."'");
$b = mysql_fetch_array ($a);
$prl = $b['level'];
$nick = $b['user'];
$latuser = strtolower($upnick);
$ruser = rus_to_k($upnick);
if ($ruser == $upnick) {
mysql_query ("Select id from users where (latuser = '".$latuser."') and (user != '".$nick."')");
} else {
mysql_query ("select id from users where (ruser = '".$ruser."') and (user != '".$nick."')");
}
$upnick = mysql_real_escape_string($upnick);
$vn = mysql_fetch_array(mysql_query("SELECT `id` FROM `users` WHERE `user`='" . $upnick . "';"));
if (preg_match('/([a-zA-Z]+)/i',$upnick) and preg_match('/([а-яА-Я]+)/i',$upnick))
{
echo 'Ошибка! Ник не должен состоять из рус. и англ. букв.<br/>';
exit();
}
if (mb_strlen($upnick, mb_detect_encoding($upnick)) > 12) {
echo 'Слишком длинный ник! Макс. 12 символов.<br/>';
exit();
}
if ($nick != $upnick) {
if (!empty($vn[0])) { echo 'Ник уже занят!!!<br/>';
echo "<a href="apanel.php?$ses$takep">Админка</a><br/>n
<a href="enter.php?$ses&ref=$ref">Прихожая</a><br/>n";
echo $fsize2;
include_once 'foot.php';
$pagesize = round((ob_get_length())/1024,1);
$alltraf = $alltraf+$pagesize;
mysql_query ("Update users set alltraf='".$alltraf."', lasttraf='".$pagesize."' where id='".$id."'");
mysql_close ($link);
ob_end_flush();
exit;
}
}
$upnick = mysql_real_escape_string(check($upnick));
$upass = mysql_real_escape_string(check($upass));
$ruser = mysql_real_escape_string($ruser);
$latuser = mysql_real_escape_string(check($latuser));
$status = mysql_real_escape_string(check($status));
$money = intval($money);
$credits = intval($credits);
$credits2 = intval($credits2);
$forumpost = intval($forumpost);
$mafcredits = intval($mafcredits);
$gposts = intval($gposts);
$votefoto = intval($votefoto);
$colkik = intval($colkik);
$alcohol = intval($alcohol);
$byeotv = intval($byeotv);
$level = intval($level);
$inv = intval($inv);
/*
if (!ctype_digit($posts)) { header("Location: index.php?"); die; }
if (!ctype_digit($votefoto)) { header("Location: index.php?"); die; }
if (!ctype_digit($byeotv)) { header("Location: index.php?"); die; }
if (!ctype_digit($colkik)) { header("Location: index.php?"); die; }
if (!ctype_digit($forumpost)) { header("Location: index.php?"); die; }
if (!ctype_digit($credits)) { header("Location: index.php?"); die; }
if (!ctype_digit($credits2)) { header("Location: index.php?"); die; }
if (!ctype_digit($alcohol)) { header("Location: index.php?"); die; }
if (!ctype_digit($gposts)) { header("Location: index.php?"); die; }
*/
if (!empty($upass)) {
$pss = md5($upass);
if ($ruser == $upnick) $ins_str = "Update users set user='".$upnick."', pass='".$pss."', posts='".$posts."', forumpost='".$forumpost."', gposts='".$gposts."', credits='".$credits."', credits2='".$credits2."', colkik='".$colkik."', mafcredits='".$mafcredits."', money='".$money."', votefoto='".$votefoto."', byeotv='".$byeotv."', status='".$status."', inv='".$inv."', level='".$level."', ruser = '', latuser = '".$latuser."', alcohol = '".$alcohol."' where id ='".$upid."'";
else $ins_str = "Update users set user='".$upnick."', pass='".$pss."', posts='".$posts."', forumpost='".$forumpost."', gposts='".$gposts."', credits='".$credits."', credits2='".$credits2."', mafcredits='".$mafcredits."', money='".$money."', votefoto='".$votefoto."', byeotv='".$byeotv."', status='".$status."', inv='".$inv."', level='".$level."', ruser = '".$ruser."', latuser = '', alcohol = '".$alcohol."' where id ='".$upid."'";
}
if (empty($upass)) {
$pss = md5($upass);
if ($ruser == $upnick) $ins_str = "Update users set user='".$upnick."', posts='".$posts."', forumpost='".$forumpost."', gposts='".$gposts."', credits='".$credits."', credits2='".$credits2."', colkik='".$colkik."', mafcredits='".$mafcredits."', money='".$money."', votefoto='".$votefoto."', byeotv='".$byeotv."', status='".$status."', inv='".$inv."', level='".$level."', ruser = '', latuser = '".$latuser."', alcohol = '".$alcohol."' where id ='".$upid."'";
else $ins_str = "Update users set user='".$upnick."', posts='".$posts."', forumpost='".$forumpost."', gposts='".$gposts."', credits='".$credits."', credits2='".$credits2."', colkik='".$colkik."', mafcredits='".$mafcredits."', money='".$money."', votefoto='".$votefoto."', byeotv='".$byeotv."', status='".$status."', inv='".$inv."', level='".$level."', ruser = '".$ruser."', latuser = '', alcohol = '".$alcohol."' where id ='".$upid."'";
}
if (mysql_query ($ins_str)) {
if ($prl != $level) {
$levelselect = mysql_query ("Select name from levels where level='".mysql_real_escape_string($level)."'");
$levels = mysql_fetch_array($levelselect);
$ur = $levels["name"];
for ($i = 0; $i <= 23; $i++) {
$st = time();
$today = date ("H:i");
$levelselect = mysql_query ("Select name from levels where level='".$row["level"]."'");
$levels = mysql_fetch_array($levelselect);
$lev = $levels["name"];
$mes = $lev . " <b>" .$us. "</b> присваивает <b>" .$nick. "</b> уровень <b>" .$ur. "</b> =)";
$rnd = rand(0,99999999);
mysql_query ("Insert into room{$i} set klu4= '".$rnd."', time='".$today."', who='".$administration."', message='".$mes."', id='".$st."', towhom='', hid='0', usid='1', komu=''");
}
$levelselect = mysql_query ("Select name from levels where level='".$row["level"]."'");
$levels = mysql_fetch_array($levelselect);
$lev = $levels["name"];
$data = date("d-M-Y [H:i]");
$kol = rand(0,99999999);
$time = time();
$topic = "Поздравляю!!!";
$message = "Приветствую <b>" .$nick. "</b>!!! и поздравляю. " .$lev. " <b>" .$us. "</b> привёл приговор в исполнение. ты получаешь уровень <b>" .$ur. "</b>.";
mysql_query("Insert into zapiski set klu4='".$kol."', who ='".$administration."', idwho ='1', message = '".$message."', towhom = '".$nick."', idtowhom = '".$upid."', time = '".$time."', readd = '0', topic = '".$topic."', date='".$data."'");
}
echo $fsize1;
echo 'Профайл изменен!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'ERROR:<br/>';
echo $fsize2;
echo mysql_error();
}
break;
case 'vidroom':
$q = mysql_query("select rm,name from rooms where vid='0'");
if (empty($act)) {
echo 'Чтобы включить комнату - нажми на нее.<br/>';
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?act=rnm&$ses$takep&go=vidroom&rms=".$arr['rm']."$takep">".$arr['rm'].". ".$arr['name']."</a><br/>";
echo $fsize2;
}
} elseif ($act == "dornm") {
if (!ctype_digit($rms)) { header("Location: index.php?isset=403"); die; }
$roomname = mysql_real_escape_string(check($roomname));
$rms = intval($rms);
mysql_query ("update rooms set name='".$roomname."',vid='1' where rm='".$rms."'");
echo $fsize1;
echo 'Комната успешно включена!<br/>';
echo "<a href="apanel.php?$ses$takep&go=vidroom$takep">Включить еще</a><br/>";
echo $fsize2;
} else {
if (!ctype_digit($rms)) { header("Location: index.php?isset=403"); die; }
$rms = intval($rms);
$q = mysql_query("select name from rooms where rm='".$rms."'");
$arr = mysql_fetch_array($q);
$name = $arr["name"];
echo $fsize1;
echo 'Название комнаты:<br/>';
echo $fsize2;
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?act=dornm&$ses$takep&go=vidroom&rms=$rms$takep" name="auth">n";
echo "<input name="roomname" maxlength="200" value="$name" title="roomname"/><br/>n";
if ($ver == "wml") {
echo $fsize1;
echo "<anchor title="go">Включить<go href="apanel.php?act=dornm&$ses$takep&go=vidroom&rms=$rms$takep" method="post">n";
echo "<postfield name="roomname" value="$(roomname)"/>n";
echo '</go></anchor>';
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Включить" name="enter"><br/>n";
}
echo $fsize1;
echo $div5;
echo "<a href="apanel.php?$ses$takep&go=vidroom$takep">Включить еще</a><br/>";
echo $fsize2;
}
break;
case 'dvidroom':
$q = mysql_query("select rm,name from rooms where vid='1'");
if (empty($act)) {
echo 'Чтобы выключить комнату нажми на нее.<br/>';
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?act=dornm&$ses$takep&go=dvidroom&rms=".$arr['rm']."$takep">".$arr['rm'].". ".$arr['name']."</a><br/>";
echo $fsize2;
}
} elseif ($act == "dornm") {
if (!ctype_digit($rms)) { header("Location: index.php?isset=403"); die; }
$roomname = check($roomname);
$roomname = mysql_real_escape_string($roomname);
$rms = intval($rms);
mysql_query ("update rooms set vid='0' where rm='".$rms."'");
echo $fsize1;
echo 'Комната успешно выключена!<br/>';
echo "<a href="apanel.php?$ses$takep&go=dvidroom$takep">Выключить еще</a><br/>";
echo $fsize2;
}
break;
case 'addshutki':
echo $fsize1;
echo 'При включенном транслите шутки транслитерируются<br/>
Шутка:<br/>
<input name="aneks" maxlength="255" title="quests"/><br/>';
echo $fsize2;
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?go=goaddshutki&$ses$takep" name="auth">n";
echo $fsize1;
echo '<br/>';
echo $fsize2;
if ($ver == "wml") {
echo $fsize1;
echo "<input name="anek" maxlength="255" title="quest"/><br/>n
<anchor title="go">Добавить<go href="apanel.php?go=goaddshutki&$ses$takep" method="post">n
<postfield name="anek" value="$(anek)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
break;
case 'goaddshutki':
if ($row["translit"] == 1)
$anek = trun_to_rus($anek);
$anek = str_replace(chr("13"), " ", $anek);
$anek = str_replace(chr("10"), " ", $anek);
$anek = trim(" $anek ");
$anek = ereg_replace(" +"," ",$anek);
$anek = substr($anek,0,400);
$anek = str_replace("n", " ", $anek);
$anek = str_replace("$", "$$", $anek);
$r = mysql_query("select * from shutki");
$k = mysql_affected_rows()+1;
$anek = mysql_real_escape_string(check($anek));
mysql_query ("Insert into shutki set klu4= '".$k."', message='".$anek."'");
if (mysql_error() == false) {
echo $fsize1;
echo 'Анекдот был добавлен в базу<br/>
Всего анекдотов: ' . $k . ' <br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка при записи!<br/>';
echo $fsize2;
echo 'ERROR ' . mysql_error();
}
break;
case 'addvopr':
echo $fsize1;
echo 'При включенном транслите вопросы и ответы транслитерируются<br/>
Вопрос:<br/>
<input name="anek" maxlength="255" title="quest"/><br/>';
echo $fsize2;
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?go=goaddvopr&$ses$takep" name="auth">n";
echo $fsize1;
echo 'Ответ:<br/>';
echo $fsize2;
echo "<input name="answ" maxlength="60" title="answ"/><br/>n";
if ($ver == "wml") {
echo $fsize1;
echo "<anchor title="go">Добавить<go href="apanel.php?go=goaddvopr&$ses$takep" method="post">n
<postfield name="vopros" value="$(vopros)"/>n
<postfield name="answ" value="$(answ)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
break;
case 'goaddvopr':
$vopros = mysql_real_escape_string(check($vopros));
$answ = mysql_real_escape_string(check($answ));
$tran = check($tran);
if ($row["translit"] == 1) {
$vopros = trun_to_rus($vopros);
$answ = trun_to_rus($answ);
}
$tran = strtr($answ,array("а"=>"a","б"=>"b","в"=>"v","г"=>"g","д"=>"d","е"=>"e","ё"=>"e","ж"=>"j","з"=>"z","и"=>"i","й"=>"i","к"=>"k","л"=>"l","м"=>"m","н"=>"n","о"=>"o","п"=>"p","р"=>"r","с"=>"s","т"=>"t","у"=>"u","ф"=>"f","х"=>"h","ш"=>"w","щ"=>"w","ц"=>"c","ч"=>"4","ь"=>".","ъ"=>".","ы"=>"y","э"=>"e","ю"=>"yu","я"=>"ya","А"=>"A","Б"=>"B","В"=>"V","Г"=>"G","Д"=>"D","Е"=>"E","Ё"=>"E","Ж"=>"J","З"=>"Z","И"=>"I","Й"=>"I","К"=>"K","Л"=>"L","М"=>"M","Н"=>"N","О"=>"O","П"=>"P","Р"=>"R","С"=>"S","Т"=>"T","У"=>"U","Ф"=>"F","Х"=>"H","Ш"=>"W","Щ"=>"W","Ц"=>"C","Ч"=>"4","Ь"=>".","Ъ"=>".","Ы"=>"Y","Э"=>"E","Ю"=>"Yu","Я"=>"Ya"));
mysql_query ("Select * from bots");
$k = mysql_affected_rows()+1;
mysql_query ("Insert into bots set number= '".$k."', vopros='".$vopros."', answer='".$answ."', tran='".$tran."'");
if (mysql_error() == false) {
echo $fsize1;
echo 'Вопрос был добавлен в базу<br/>
Всего вопросов: ' . $k . ' <br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка при записи!<br/>';
echo $fsize2;
echo 'ERROR ' . mysql_error();
}
break;
case 'tell':
echo $fsize1;
echo 'Текст:<br/>';
echo $fsize2;
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?go=gotell&$ses$takep" name="auth">n
<input name="txt" maxlength="1255" title="text"/><br/>n";
if ($ver == "wml") {
echo $fsize1;
echo "<input name="txt" maxlength="1255" title="text"/><br/>n
<anchor title="go">Ok<go href="apanel.php?go=gotell&$ses$takep" method="post">n
<postfield name="txt" value="$(txt)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Ok" name="enter"><br/>n";
}
break;
case 'gotell':
if ($row["translit"] == 1)
$txt = trun_to_rus($txt);
$rnd = rand(0,99999999);
$today = date ("H:i");
$time = time();
$txt = mysql_real_escape_string(check($txt));
$txt = $txt;
for ($num = 0; $num <= 22; $num++) {
$room = "room" . $num;
if (!ctype_digit($id)) { header("Location: index.php?isset=403"); die; }
mysql_query ("Insert into $room set klu4= '".$rnd."', time='".$today."', who='".$us."', message='".$txt."', id='".$time."', towhom='', hid='0', usid='".$id."', komu=''");
}
if (mysql_error() == false) {
echo $fsize1;
echo 'Объявление сделано!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка при записи!<br/>';
echo $fsize2;
echo 'ERROR ' . mysql_error();
}
break;
case 'fullign':
$q = mysql_query("select * from users where inv='2' order by id desc;");
if (empty($act)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?act=fullign&$ses&go=fullign&nk=".$arr['id']."$takep">".$arr['user']."</a><br/>";
echo $fsize2;
}
if (mysql_affected_rows() != 0) {
echo $fsize1;
echo '<br/>';
echo "<a href="apanel.php?$ses&go=clfullign$takep">Освободить все ники</a><br/>";
echo $fsize2;
} else {
echo $fsize1;
echo 'Игнор лист пуст!<br/>';
echo $fsize2;
}
} else {
if (!ctype_digit($nk)) { header("Location: index.php?isset=403"); die; }
if (mysql_query("update users set inv = '0' where id='".$nk."'")) {
echo $fsize1;
echo 'Ник освобожден!<br/>';
echo '<br/>';
echo "<a href="apanel.php?$ses&go=fullign$takep">Освободить ещё?</a><br/>";
echo $fsize2;
}
}
break;
case 'clfullign':
$r = mysql_query ("SELECT * from users WHERE inv = '2' ");
$a = mysql_fetch_array($r);
while ($a !== false) {
$pid = $a["id"];
if (!ctype_digit($pid)) { header("Location: index.php?isset=403"); die; }
$pid = intval($pid);
mysql_query("UPDATE users set inv = '0' WHERE id = '".$pid."'");
$a = mysql_fetch_array($r);
}
echo $fsize1;
echo 'Полный Игнор снят со всех пользователей!<br/>';
echo $fsize2;
break;
case 'clearzap':
#$time = time()-604800;
mysql_query ("DELETE FROM `zapiski`");
# WHERE time<$time");
echo $fsize1;
echo 'Удалены все записки!<br/>';
echo $fsize2;
break;
case 'clbanip':
$q = mysql_query("select klu4,ip,soft,user from bannlist order by klu4 desc;");
if (empty($act)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?act=cl&$ses&go=clbanip&nk=".$arr['klu4']."$takep">".$arr['user']." ".$arr['ip']." ".$arr['soft']."</a><br/>";
echo '<br/>';
echo $fsize2;
}
if (mysql_affected_rows() != 0) {
echo $fsize1;
echo "<a href="apanel.php?$ses&go=clbanip&act=unbannall$takep">Разбанить все IP+SOFT</a><br/>";
echo $fsize2;
} else {
echo $fsize1;
echo 'Нет забаненых по IP+SOFT!<br/>';
echo $fsize2;
}
} elseif ($act == "unbannall") {
mysql_query ("DELETE from bannlist");
echo $fsize1;
echo 'Таблица банов по ip+soft очищена<br/>';
echo $fsize2;
} else {
if (!ctype_digit($nk)) { header("Location: index.php?isset=403"); die; }
if (mysql_query("delete from bannlist where klu4='".$nk."'")) {
echo $fsize1;
echo 'IP+SOFT успешно разбаннены!<br/>';
echo '<br/>';
echo "<a href="apanel.php?$ses&go=clbanip$takep">Разбанить ещё</a><br/>";
echo $fsize2;
}
}
break;
case 'clroomtime':
echo $fsize1;
echo 'Комнаты будут автоматически очищены через 3 минуты!<br/>';
echo $fsize2;
if (isset($rm)) echo "<a href="chat.php?$ses$takep">В чат</a><br/>";
$fp = fopen("log/clear.dat", "w");
fclose($fp);
$f = fopen("log/clear.dat","a+");
flock($f,LOCK_EX);
$cleardata = time() + 180;
fwrite($f,$cleardata);
fflush($f);
flock($f,LOCK_UN);
fclose($f);
$adm = mysql_query("Select user from users where id='1' LIMIT 1;");
$z = mysql_fetch_array($adm);
$administration = $z['user'];
$administration = mysql_real_escape_string(check($administration));
$rnd = mt_rand(0,99999999);
$mes = "<b>Внимание! Через 3 минуты будет очистка комнат. И не говорите потом, что вас не предупреждали =)</b>";
$today = date("H:i");
$time = getmicrotime();
for ($num = 0; $num <= 23; $num++) {
$ranec = "room" . $num;
mysql_query ("Insert into $ranec set klu4= '".$rnd."', time='".$today."', who='".$administration."', message='".$mes."', id='".$time."', towhom='', hid='0', usid='1', komu=''");
mysql_query("ANALYZE TABLE $ranec");
}
break;
case 'clroom':
echo $fsize1;
echo 'Таблицы комнат очищены!<br/>';
echo $fsize2;
if (isset($rm)) {
echo $fsize1;
echo "<a href="chat.php?$ses$takep">в чат</a><br/>";
echo $fsize2;
}
for ($num = 0; $num <= 23; $num++) {
$room = "room".$num;
$res = mysql_query ("Select id from $room order by id desc");
$kol = mysql_affected_rows();
for ($k = 0; $k <= $kol; $k++){
$lines = mysql_fetch_array ($res);
$kl = $lines["id"];
mysql_query ("Delete from $room where id = '".$kl."'");
}
}
break;
case 'clrm':
$room = "room" . $rm;
mysql_query ("Delete from $room;");
mysql_query("ANALYZE TABLE $room");
echo $fsize1;
echo 'Комната очищена!<br/>';
echo $fsize2;
if(isset($rm)){
echo $fsize1;
echo "<a href="chat.php?$ses$takep">в чат</a><br/>";
echo $fsize2;
}
break;
case 'fullignmake':
if (!ctype_digit($nk)) { header("Location: index.php?isset=403"); die; }
$select = mysql_query ("Select * from users where id='".$nk."'");
$inf = mysql_fetch_array ($select);
$level = $inf["level"];
$fignik = $inf["user"];
$figid = $inf["id"];
if (($level == 7) or ($level == 8)) {
echo $fsize1;
echo 'Админа нельзя добавить в ПИ!!!<br/>';
echo $fsize2;
break;
}
if (!ctype_digit($figid)) { header("Location: index.php?isset=403"); die; }
$figid = intval($figid);
mysql_query ("UPDATE users SET inv = '2' WHERE id = '".$figid."'");
$rnd = rand(0,99999999);
$today = date ("H:i");
$time = time();
$room = "room" . $rm;
$txt = "<b>" .$us. "</b> Наказал юзера <b>" .$fignik. "</b> поместив его в Полный Игнор!";
mysql_query ("Insert into $room set klu4= '".$rnd."', time='".$today."', who='".$administration."', message='".$txt."', id='".$time."', towhom='', hid='0', usid='1', komu=''");
echo $fsize1;
echo $fignik . " в игноре для всех!!!<br/>n";
echo $fsize2;
break;
case 'clbanniks':
$fp = fopen("log/bannlist.dat", "w");
fclose($fp);
mysql_query ("update users set banned = '0' where banned = '1'");
echo $fsize1;
echo 'Все ники разбанены!<br/>';
echo $fsize2;
break;
case 'clpinniks':
$fp = fopen("log/pinlist.dat", "w");
fclose($fp);
mysql_query ("UPDATE users SET kik = '0', whokik = '', whykik = '' where kik != '0'");
echo $fsize1;
echo 'Все ники успешно освобождены!<br/>';
echo $fsize2;
break;
case 'clearlogs':
$fp = fopen("log/intim.dat", "w");
fclose($fp);
$fp = fopen("log/admroom.dat", "w");
fclose($fp);
$fp = fopen("log/admlog.dat", "w");
fclose($fp);
$fp = fopen("log/stlog.dat", "w");
fclose($fp);
$fp = fopen("log/bannlist.dat", "w");
fclose($fp);
$fp = fopen("log/banniplist.dat", "w");
fclose($fp);
$fp = fopen("log/pinlist.dat", "w");
fclose($fp);
$fp = fopen("log/reklama.dat", "w");
fclose($fp);
$fp = fopen("log/topic.dat", "w");
fclose($fp);
echo $fsize1;
echo 'Все лог-файлы очищены!<br/>';
echo $fsize2;
break;
case 'unban':
$q = mysql_query("select id,user from users where banned='1' order by id desc;");
if (empty($act)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?act=unbann&$ses&go=unban&nk=".$arr['id']."$takep">".$arr['user']."</a><br/>";
echo $fsize2;
}
if (mysql_affected_rows() != 0) {
echo $fsize1;
echo '<br/>';
echo "<a href="apanel.php?$ses&go=clbanniks$takep">Разбанить все ники</a><br/>";
echo $fsize2;
} else {
echo $fsize1;
echo "Нет забаненых ников!<br/>";
echo $fsize2;
}
} else {
if (!ctype_digit($nk)) { header("Location: index.php?isset=403"); die; }
if (mysql_query("update users set banned = '0' where id='".$nk."'")) {
echo $fsize1;
echo 'Ник разбанен!<br/>';
echo '<br/>';
echo "<a href="apanel.php?$ses&go=unban$takep">Разбанить ещё?</a><br/>";
echo $fsize2;
}
}
break;
case 'unpin':
$tekt = time();
$ri = mysql_query("SELECT user,id,whykik,kik from users WHERE $tekt<kik");
$i = 1;
if (mysql_affected_rows() != 0) {
echo 'Выпнутые:<br/>';
while ($ai = mysql_fetch_array($ri))
{
$totime = $ai['kik']-$tekt;
echo ($i++).") <a href="apanel.php?$ses&go=clkick&pid=".$ai['id']."">".$ai['user']."</a> ($totime сек.) причина: (".$ai['whykik'].")<br/>";
}
echo "<br/><a href="apanel.php?$ses&go=clpinniks$takep">Освободить все ники</a><br/>";
}
else
{
echo 'Нет выпнутых<br/>';
}
break;
case 'clkick':
$pid = intval($pid);
$select = mysql_query("Select user from users where id='".$pid."' LIMIT 1;");
$inf = mysql_fetch_array($select);
$fignik = $inf['user'];
mysql_query("UPDATE users set kik='0' WHERE id='".$pid."' LIMIT 1;");
$a = mysql_fetch_array($r);
echo $fignik.' освобожден от пинка!<br/>';
break;
case 'clbanip':
$q = mysql_query("select klu4,ip,soft from bannlist order by klu4 desc;");
if (empty($act)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?act=cl&$ses&go=clbanip&nk=".$arr['klu4']."$takep">".$arr['ip']." ".$arr['soft']."</a><br/>";
echo '<br/>';
echo $fsize2;
}
if (mysql_affected_rows() != 0) {
echo $fsize1;
echo "<a href="apanel.php?$ses&go=clbanip&act=unbannall$takep">Разбанить всех по IP+SOFT</a><br/>";
echo $fsize2;
} else {
echo $fsize1;
echo 'Нет забаненых по IP+SOFT!<br/>';
echo $fsize2;
}
} else if ($act == "unbannall") {
mysql_query ("DELETE from bannlist");
echo $fsize1;
echo 'Таблица банов по ip+soft очищена<br/>';
echo $fsize2;
} else {
if (!ctype_digit($nk)) { header("Location: index.php?isset=403"); die; }
if (mysql_query("delete from bannlist where klu4='".$nk."'")) {
echo $fsize1;
echo 'IP+SOFT успешно разбанены!<br/>';
echo '<br/>';
echo "<a href="apanel.php?$ses&go=clbanip$takep">Разбанить ещё?</a><br/>";
echo $fsize2;
}
}
break;
case 'editrooms':
$q = mysql_query("select rm,name from rooms");
if (empty($act)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?act=rnm&$ses&go=editrooms&rms=".$arr['rm']."$takep">".$arr['rm'].". ".$arr['name']."</a><br/>";
echo $fsize2;
}
} elseif ($act == "dornm") {
if (!ctype_digit($rms)) {header("Location: index.php?isset=403"); die;}
$roomname = mysql_real_escape_string(check($roomname));
mysql_query ("update rooms set name='".$roomname."' where rm='".$rms."'");
echo $fsize1;
echo "Комната успешно переименованна!<br/>n
<a href="apanel.php?$ses&go=editrooms$takep">Редактировать комнаты</a><br/>";
echo $fsize2;
} else {
if (!ctype_digit($rms)) { header("Location: index.php?isset=403"); die; }
$q = mysql_query("select name from rooms where rm='".$rms."'");
$arr = mysql_fetch_array($q);
$name = $arr["name"];
echo $fsize1;
echo 'Название комнаты:<br/>';
echo $fsize2;
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?act=dornm&$ses&go=editrooms&rms=$rms$takep" name="auth">n
<input name="roomname" maxlength="200" value="$name" title="roomname"/><br/>n";
if ($ver == "wml") {
echo $fsize1;
echo "<input name="roomname" maxlength="200" value="$name" title="roomname"/><br/>n
<anchor title="go">Ok<go href="apanel.php?act=dornm&$ses&go=editrooms&rms=$rms$takep" method="post">n
<postfield name="roomname" value="$(roomname)"/>n
</go></anchor>n";
echo $fsize2;
} else {
echo "<br/><input type="submit" class="ibutton" value="Ok" name="enter"><br/>n";
}
echo $fsize1;
echo '<br/>';
echo "<a href="apanel.php?$ses&go=editrooms$takep">Редактировать комнаты</a><br/>";
echo $fsize2;
}
break;
case 'editposroom':
if (empty($act)) {
echo $fsize1;
echo 'Позиция:<br/>';
echo $fsize2;
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?act=update&$ses&go=editposroom$takep" name="auth">n
<input size="2" name="pos" format="*N"/><br/>";
echo $fsize1;
echo 'Комната:<br/>';
echo $fsize2;
echo '<select name="name">';
$q = mysql_query("select * from rooms;");
while ($dbdata = mysql_fetch_array($q)) {
$rm = $dbdata["rm"];
$val1 = $dbdata["name"];
echo "<option value="".$rm."">".$val1."</option>";
}
echo '</select><br/>';
if ($ver == "wml") {
echo $fsize1;
echo "<anchor>Изменить<go href="apanel.php?act=update&$ses&go=editposroom$takep" method="post">
<postfield name="name" value="$(name)"/>
<postfield name="pos" value="$(pos)"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Изменить" name="enter"><br/>n";
}
} else {
if (!ctype_digit($pos)) { header("Location: index.php?isset=403"); die; }
if (!ctype_digit($name)) { header("Location: index.php?isset=403"); die; }
$pos = intval($pos);
$name = intval($name);
if (mysql_query("update rooms set pos='".$pos."' where rm='".$name."';")) {
echo $fsize1;
echo 'Позиция комнаты изменена!<br/>';
$fsize2;
}
}
break;
case 'bots':
$setting = mysql_query ("Select * from setting where klu4=1");
$set = mysql_fetch_array ($setting);
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?$ses&go=updbots$takep" name="auth">n";
echo $fsize1;
echo '<div class = "c4">Настройка Ботов</div><br/>
Принимать ответы с компа (викт):<br/>';
echo $fsize2;
echo '<select name="vict">';
if ($set["vict"] == 0) {
echo '<option value="0">Нет</option>
<option value="1">Да</option>';
} else {
echo '<option value="1">Да</option>
<option value="0">Нет</option>';
}
echo '</select><br/>';
echo $fsize1;
echo 'Интервал Умника (сек.):<br/>';
echo $fsize2;
echo '<select name="victint">';
if ($set["victint"] === "10") {
echo '<option value="10">10</option>';
}
elseif ($set["victint"] === "30") {
echo '<option value="30">30</option>';
}
elseif ($set["victint"] === "60") {
echo '<option value="60">60</option>';
}
elseif ($set["victint"] === "120") {
echo '<option value="120">120</option>';
}
echo '<option value="10">10</option>
<option value="30">30</option>
<option value="60">60</option>
<option value="120">120</option>
</select><br/>';
echo $fsize1;
echo 'Шутник:<br/>';
echo $fsize2;
echo '<select name="shut">';
if ($set["shut"] == 0) {
echo '<option value="0">Включен</option>
<option value="1">Отключен</option>';
} else {
echo '<option value="1">Отключен</option>
<option value="0">Включен</option>';
}
echo '</select><br/>';
echo $fsize1;
echo 'Интервал шутника (мин.):<br/>';
echo $fsize2;
echo '<select name="shutint">';
if ($set["shutint"] === "600") {
echo '<option value="600">10</option>';
}
elseif ($set["shutint"] === "1800") {
echo '<option value="1800">30</option>';
}
elseif ($set["shutint"] === "3600") {
echo '<option value="3600">60</option>';
}
elseif ($set["shutint"] === "7200") {
echo '<option value="7200">120</option>';
}
echo '<option value="600">10</option>
<option value="1800">30</option>
<option value="3600">60</option>
<option value="7200">120</option>
</select><br/>';
echo $fsize1;
echo 'Комнаты для шутника:<br/>';
echo 'С:';
echo $fsize2;
echo "<input size="2" name="roomon" maxlength="2" value="$set[roomon]" title="rmstart"/>n";
echo $fsize1;
echo 'до:';
echo $fsize2;
echo "<input size="2" name="roomoff" maxlength="2" value="$set[roomoff]" title="rmfinish"/><br/>n";
echo $fsize1;
echo 'Продавец:<br/>';
echo $fsize2;
echo '<select name="prod">';
if ($set["prod"] == 0) {
echo '<option value="0">Включен</option>
<option value="1">Отключен</option>';
} else {
echo '<option value="1">Отключен</option>
<option value="0">Включен</option>';
}
echo '</select><br/>';
echo $fsize1;
echo '<br/>
<b>Имена ботов</b><br/>
<br/>';
echo $fsize2;
$system = mysql_fetch_array(mysql_query ("Select user from users where id='1' LIMIT 1;"));
echo $fsize1;
echo 'ID-1:';
echo $fsize2;
echo "<input name="system" maxlength="12" value="$system[0]" title="System"/><br/>n";
$umnik = mysql_fetch_array(mysql_query ("Select user from users where id='2' LIMIT 1;"));
echo $fsize1;
echo 'ID-2:';
echo $fsize2;
echo "<input name="umnik" maxlength="12" value="$umnik[0]" title="Umnik"/><br/>n";
$shutnik = mysql_fetch_array(mysql_query ("Select user from users where id='3' LIMIT 1;"));
echo $fsize1;
echo 'ID-3:';
echo $fsize2;
echo "<input name="shutnik" maxlength="12" value="$shutnik[0]" title="Shutnik"/><br/>n";
$prodavec = mysql_fetch_array(mysql_query ("Select user from users where id='4' LIMIT 1;"));
echo $fsize1;
echo 'ID-4:';
echo $fsize2;
echo "<input name="prodavec" maxlength="12" value="$prodavec[0]" title="Prodavec"/><br/>n";
$mafia = mysql_fetch_array(mysql_query ("Select user from users where id='5' LIMIT 1;"));
echo $fsize1;
echo 'ID-5:';
echo $fsize2;
echo "<input name="mafia" maxlength="12" value="$mafia[0]" title="Mafia"/><br/>n";
$trahtenberg = mysql_fetch_array(mysql_query ("Select user from users where id='6' LIMIT 1;"));
echo $fsize1;
echo 'ID-6:';
echo $fsize2;
echo "<input name="trahtenberg" maxlength="12" value="$trahtenberg[0]" title="Trahtenberg"/><br/>n";
$robokop = mysql_fetch_array(mysql_query ("Select user from users where id='7' LIMIT 1;"));
echo $fsize1;
echo 'ID-7:';
echo $fsize2;
echo "<input name="robokop" maxlength="12" value="$robokop[0]" title="Robokop"/><br/>n";
$mat = mysql_fetch_array(mysql_query ("Select user from users where id='8' LIMIT 1;"));
echo $fsize1;
echo 'ID-8:';
echo $fsize2;
echo "<input name="mat" maxlength="12" value="$mat[0]" title="Mat"/><br/>n";
echo $fsize1;
echo 'ID-9:';
$zag = mysql_fetch_array(mysql_query ("Select user from users where id='9' LIMIT 1;"));
echo $fsize2;
echo "<input name="zag" maxlength="12" value="$zag[0]" title="Zag"/><br/>n";
echo $fsize1;
echo 'ID-11:';
$bar = mysql_fetch_array(mysql_query ("Select user from users where id='11' LIMIT 1;"));
echo $fsize2;
echo "<input name="bar" maxlength="12" value="$bar[0]" title="bar"/><br/>n";
echo $fsize1;
echo '<br/>';
echo $fsize2;
if ($ver == "wml") {
echo $fsize1;
echo '<anchor title="go">Обновить<go href="apanel.php?'.$ses.'&go=updbots'.$takep.'" method="post">
<postfield name="vict" value="$(vict)"/>
<postfield name="shut" value="$(shut)"/>
<postfield name="prod" value="$(prod)"/>
<postfield name="victint" value="$(victint)"/>
<postfield name="shutint" value="$(shutint)"/>
<postfield name="roomon" value="$(roomon)"/>
<postfield name="roomoff" value="$(roomoff)"/>
<postfield name="system" value="$(system)"/>
<postfield name="umnik" value="$(umnik)"/>
<postfield name="shutnik" value="$(shutnik)"/>
<postfield name="prodavec" value="$(prodavec)"/>
<postfield name="mafia" value="$(mafia)"/>
<postfield name="trahtenberg" value="$(trahtenberg)"/>
<postfield name="robokop" value="$(robokop)"/>
<postfield name="mat" value="$(mat)"/>
<postfield name="zag" value="$(zag)"/>
<postfield name="bar" value="$(bar)"/>
</go></anchor>';
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Обновить" name="enter"><br/>n";
}
break;
case 'updbots':
if (!ctype_digit($vict)) { header("Location: index.php?isset=403"); die; }
if (!ctype_digit($shut)) { header("Location: index.php?isset=403"); die; }
if (!ctype_digit($prod)) { header("Location: index.php?isset=403"); die; }
if (!ctype_digit($victint)) { header("Location: index.php?isset=403"); die; }
if (!ctype_digit($shutint)) { header("Location: index.php?isset=403"); die; }
if (!ctype_digit($roomon)) { header("Location: index.php?isset=403"); die; }
if (!ctype_digit($roomoff)) { header("Location: index.php?isset=403"); die; }
$system = mysql_real_escape_string(check($system));
$umnik = mysql_real_escape_string(check($umnik));
$shutnik = mysql_real_escape_string(check($shutnik));
$prodavec = mysql_real_escape_string(check($prodavec));
$mafia = mysql_real_escape_string(check($mafia));
$trahtenberg = mysql_real_escape_string(check($trahtenberg));
$robokop = mysql_real_escape_string(check($robokop));
$mat = mysql_real_escape_string(check($mat));
$system = mysql_real_escape_string(check($system));
$umnik = mysql_real_escape_string(check($umnik));
$shutnik = mysql_real_escape_string(check($shutnik));
$prodavec = mysql_real_escape_string(check($prodavec));
$mafia = mysql_real_escape_string(check($mafia));
$trahtenberg = mysql_real_escape_string(check($trahtenberg));
$roboko = mysql_real_escape_string(check($mat));
$zag = mysql_real_escape_string(check($zag));
$bar = mysql_real_escape_string(check($bar));
if (!isset($error)) {
$result = mysql_query ("Select * setting where klu4 = '1'");
if (mysql_affected_rows() == 0) {
$error = "ERROR!";
} else {
if (mysql_query ("Update setting set vict='".$vict."', shut='".$shut."', prod='".$prod."', victint='".$victint."', shutint='".$shutint."', roomon='".$roomon."', roomoff='".$roomoff."' where klu4 ='1'") &&
mysql_query ("Update users set user='".$system."' where id = '1'") &&
mysql_query ("Update users set user='".$umnik."' where id = '2'") &&
mysql_query ("Update users set user='".$shutnik."' where id = '3'") &&
mysql_query ("Update users set user='".$prodavec."' where id = '4'") &&
mysql_query ("Update users set user='".$mafia."' where id = '5'") &&
mysql_query ("Update users set user='".$trahtenberg."' where id = '6'") &&
mysql_query ("Update users set user='".$robokop."' where id = '7'") &&
mysql_query ("Update users set user='".$mat."' where id = '8'") &&
mysql_query ("Update users set user='".$zag."' where id = '9'") &&
mysql_query ("Update users set user='".$bar."' where id = '11'")) {
$msg = "Настройки ботов изменены!<br/>";
} else {
$msg = "Ошибка изменения!<br/>";
}
}
} else {
$error = mysql_error();
}
if (isset($error)) {
echo $fsize1;
echo $error;
echo $fsize2;
}
echo $fsize1;
echo $msg."<br/>n";
echo $fsize2;
break;
case 'setting':
if ($row['level'] != 8) {
echo 'Нет прав доступа!<br/>';
break;
}
$setting = mysql_query("Select * from setting where klu4=1");
$set = mysql_fetch_array($setting);
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?$ses$takep&go=updsetting$takep" name="auth">n";
echo $fsize1;
echo 'Регистрация в чате:<br/>';
echo $fsize2;
echo '<select name="reg">';
if ($set["reg"] == 0) {
echo '<option value="0">Запрещена</option>
<option value="1">Разрешена</option>';
} else {
echo '<option value="1">Разрешена</option>
<option value="0">Запрещена</option>';
}
echo '</select><br/>';
echo $fsize1;
echo 'Регистрация на русском:<br/>';
echo $fsize2;
echo '<select name="rus">';
if ($set["rus"] == 0) {
echo '<option value="0">Запретить</option>
<option value="1">Разрешить</option>';
} else {
echo '<option value="1">Разрешить</option>
<option value="0">Запретить</option>';
}
echo '</select><br/>';
echo $fsize1;
echo 'Функция суицида:<br/>';
echo $fsize2;
echo '<select name="suicid">';
if ($set["suicid"] == 0) {
echo '<option value="0">Выключен</option>
<option value="1">Включен</option>';
} else {
echo '<option value="1">Включен</option>
<option value="0">Выключен</option>';
}
echo '</select><br/>';
echo $fsize1;
echo 'Антиреклама:<br/>';
echo $fsize2;
echo "<input name="anti" value="$set[anti]" title="anti"/><br/>n";
echo $fsize1;
echo 'Кол-во постов для создания клана:<br/>';
echo $fsize2;
echo "<input name="postclan" value="$set[postclan]" title="postclan"/><br/>n";
echo $fsize1;
echo 'Фото на главную:<br/>';
echo '<select name="fotogavn">';
if ($set["fotogav"] == 0) {
echo '<option value="0">Нет</option>
<option value="1">Лучшее</option>
<option value="2">Случайное</option>';
} else if ($set["fotogav"] == 1) {
echo '<option value="1">Лучшее</option>
<option value="2">Случайное</option>
<option value="0">Нет</option>';
} else if($set["fotogav"] == 2) {
echo '<option value="2">Случайное</option>
<option value="1">Лучшее</option>
<option value="0">Нет</option>';
}
echo '</select><br/>';
echo $fsize2;
if ($ver == "wml") {
echo $fsize1;
echo "<anchor title="go">Сохранить<go href="apanel.php?$ses$takep&go=updsetting$takep" method="post">n
<postfield name="reg" value="$(reg)"/>n
<postfield name="rus" value="$(rus)"/>n
<postfield name="suicid" value="$(suicid)"/>n
<postfield name="anti" value="$(anti)"/>n
<postfield name="postclan" value="$(postclan)"/>n
<postfield name="fotogav" value="$(fotogavn)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Сохранить" name="enter"><br/>n";
}
break;
case 'updsetting':
$fotogavn = intval($fotogavn);
$reg = intval($reg);
$rus = intval($rus);
$suicid = intval($suicid);
$anti = mysql_real_escape_string(check($anti));
$postclan = intval($postclan);
if (!isset($error)) {
$result = mysql_query ("Select * setting where klu4 = '1'");
if (mysql_affected_rows() == 0) {
$error = "ERROR!";
} else {
if (mysql_query ("Update setting set reg='".$reg."', suicid='".$suicid."', rus='".$rus."', anti='".$anti."', postclan='".$postclan."', fotogav='".$fotogavn."' where klu4 ='1'")) {
$msg = "Настройки изменены!<br/>";
} else {
$msg = "Ошибка изменения<br/>";
}
}
} else {
$error = mysql_error();
}
if (isset($error)) {
echo $fsize1;
echo $error;
echo $fsize2;
}
echo $fsize1;
echo $msg.'<br/>';
echo $fsize2;
break;
case 'link':
$setting = mysql_query ("Select * from setting where klu4=1");
$set = mysql_fetch_array ($setting);
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?$ses&go=updlink$takep" name="auth">n";
echo $fsize1;
echo '<div class="c4">Ссылки на главную</div><br/>
<br/>
<b>Ссылка 1</b><br/>http://';
echo $fsize2;
echo "<input name="link1" maxlength="120" value="".$set["link1"]."" title="link1"/><br/>n";
echo $fsize1;
echo '<b>Название ссылки 1</b><br/>';
echo $fsize2;
echo "<input name="link1_name" maxlength="40" value="".$set["link1_name"]."" title="link1_name"/><br/>n";
echo $fsize1;
echo '<b>Ссылка 2</b><br/>http://';
echo $fsize2;
echo "<input name="link2" maxlength="120" value="".$set["link2"]."" title="link2"/><br/>n";
echo $fsize1;
echo '<b>Название ссылки 2</b><br/>';
echo $fsize2;
echo "<input name="link2_name" maxlength="40" value="".$set["link2_name"]."" title="link2_name"/><br/>n";
echo $fsize1;
echo '<b>Ссылка 3</b><br/>http://';
echo $fsize2;
echo "<input name="link3" maxlength="120" value="".$set["link3"]."" title="link3"/><br/>n";
echo $fsize1;
echo '<b>Название ссылки 3</b><br/>';
echo $fsize2;
echo "<input name="link3_name" maxlength="40" value="".$set["link3_name"]."" title="link3_name"/><br/>n";
if ($ver == "wml") {
echo $fsize1;
echo "<anchor title="go">Изменить<go href="apanel.php?$ses&go=updlink$takep" method="post">n
<postfield name="link1" value="$(link)"/>n
<postfield name="link1_name" value="$(link1_name)"/>n
<postfield name="link2" value="$(link2)"/>n
<postfield name="link2_name" value="$(link2_name)"/>n
<postfield name="link3" value="$(link3)"/>n
<postfield name="link3_name" value="$(link3_name)"/>n
</go></anchor><br/>n";
echo $fsize2;
} else {
echo "<input type="submit" class="ibutton" value="Изменить" name="enter"><br/>n";
}
break;
case 'updlink':
if (!eregi("^((([a-z0-9-]+(.[a-z0-9-]+)*(.[a-z;]{2,3}))|(([0-9]{1,3}.){3}([0-9]{1,3})))((/|?)[a-z0-9~#%&'_+=:;?.-]*)*)$", $link1)) $link1="";
if (!eregi("^((([a-z0-9-]+(.[a-z0-9-]+)*(.[a-z;]{2,3}))|(([0-9]{1,3}.){3}([0-9]{1,3})))((/|?)[a-z0-9~#%&'_+=:;?.-]*)*)$", $link2)) $link2="";
if (!eregi("^((([a-z0-9-]+(.[a-z0-9-]+)*(.[a-z;]{2,3}))|(([0-9]{1,3}.){3}([0-9]{1,3})))((/|?)[a-z0-9~#%&'_+=:;?.-]*)*)$", $link3)) $link3="";
$link1_name = mysql_real_escape_string(check($link1_name));
$link2_name = mysql_real_escape_string(check($link2_name));
$link3_name = mysql_real_escape_string(check($link3_name));
$link1 = mysql_real_escape_string(check($link1));
$link2 = mysql_real_escape_string(check($link2));
$link3 = mysql_real_escape_string(check($link3));
if (!isset($error)) {
$result = mysql_query ("Select * setting where klu4 = '1'");
if (mysql_affected_rows() == 0) {
$error = "database error...";
} else {
mysql_query ("Update setting set link1='".$link1."', link2='".$link2."', link3='".$link3."', link1_name='".$link1_name."', link2_name='".$link2_name."', link3_name='".$link3_name."' where klu4 = '1'");
$msg = "Настройки Линков сохранены";
}
} else {
$error = mysql_error();
}
if (isset($error)) {
echo $fsize1;
echo $error;
echo $fsize2;
}
echo $fsize1;
echo $msg."<br/>n";
echo $fsize2;
break;
case 'editlevels':
$lev = mysql_query("select level,name from levels");
if (empty($act)) {
while($arr = mysql_fetch_array($lev)) {
echo $fsize1;
echo "<a href="apanel.php?act=rnm&$ses&go=editlevels&level=".$arr['level']."$takep">".$arr['level'].". ".$arr['name']."</a><br/>";
echo $fsize2;
}
} elseif ($act == "dornm") {
if (!ctype_digit($level)) { header("Location: index.php?isset=403"); die; }
$levelname = mysql_escape_string(check($levelname));
settype($level, 'integer');
mysql_query ("update levels set name='".$levelname."' where level='".$level."'");
echo $fsize1;
echo 'Статус успешно переименован!<br/>';
echo "<a href="apanel.php?$ses&go=editlevels$takep">Редактировать статусы</a><br/>";
echo $fsize2;
} else {
$lev = mysql_query("select name from levels where level=$level");
$arr = mysql_fetch_array($lev);
$name = $arr["name"];
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?act=dornm&$ses&go=editlevels&level=$level$takep" name="auth">n";
echo $fsize1;
echo 'Название статуса:<br/>';
echo $fsize2;
echo "<input name="levelname" maxlength="200" value="$levels" title="levelname"/><br/>n";
if ($ver == "wml") {
echo $fsize1;
echo "<anchor title="go">Ok<go href="apanel.php?act=dornm&$ses&go=editlevels&level=$level$takep" method="post">n
<postfield name="levelname" value="$(levelname)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Ok" name="enter"><br/>n";
}
echo $fsize1;
echo $divide;
echo "<a href="apanel.php?$ses&go=editlevels$takep">Редактировать статусы</a><br/>";
echo $fsize2;
}
break;
case 'zapiski':
$z = mysql_query("Select * from zapiski where idwho!=1 AND idwho!=7 order by who desc;");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Записок в базе нет!!<br/>';
echo $fsize2;
} else {
echo $fsize1;
$zap = mysql_query ("select count(who) as num from zapiski where idwho!=1 AND idwho!=7;");
$usm = mysql_fetch_array($zap);
$num = $usm["num"];
if (!isset($s)) $s = 0;
$mx = round(($num/10)+0.45);
if ($s > $mx) $s = $mx;
if ($s == 0) $s = 1;
$ot = (($s-1) * 10)+1;
$do = $s * 10;
if ($do > $num) $do = $num;
$o = $ot-1;
$n = $ot;
if ($do == 0) $n = $o;
echo "Показывает $n-$do из $num<br/>n";
echo $divide;
$r = mysql_query ("select * from zapiski where idwho!=1&&idwho!=7 order by date desc limit $o,$do");
for ($i = $ot; $i <= $do; $i++) {
$arr = mysql_fetch_array($r);
echo "→<u>Кто: </u>".$arr["who"]."*<br/><u>Кому: </u>".$arr["towhom"]."*<br/><u>Дата: </u>".$arr["date"]."*<br/><u>Тема: </u>".$arr["topic"]."*<br/><u>Письмо: </u>".$arr["message"]."<br/><br/>";
}
$next = $s + 1;
$prev = $s - 1;
if ($num > $do) {
$ot = (($next - 1) * 10) + 1;
$do = $next * 10;
if ($do > $num) $do = $num;
echo "<a href="apanel.php?$ses&go=zapiski&s=$next&ref=$ref">>>$ot-$do>></a><br/>n";
}
if ($s > 1) {
$ot = (($prev - 1) * 10) + 1;
$do = $prev * 10;
echo "<a href="apanel.php?$ses&go=zapiski&s=$prev&ref=$ref"><<$ot-$do<<</a><br/>n";
}
echo $fsize2;
}
break;
case 'kurs':
echo "<form method="post" action="apanel.php?$ses$takep&go=kurs_ok$takep">";
$row = mysql_fetch_array(mysql_query("Select * from kurs where id='1' LIMIT 1;"));
$nik = $row["nik"];
echo "Ник(рублей):<br/><input name="nik" class="form" value="$row[nik]" type="text" /><br/>n
Статус(рублей):<br/><input name="status" class="form" value="$row[status]" type="text" /><br/>n
Обьявление(рублей):<br/><input name="obiav" class="form" value="$row[obiav]" type="text" /><br/>n
Неприкасаемость(рублей):<br/><input name="nepr" class="form" value="$row[nepr]" type="text" /><br/>n
<input value="Изменить" class="ibutton" type="submit" />n
</form>n";
break;
case 'kurs_ok':
$nik = intval($nik);
$status = intval($status);
$obiav = intval($obiav);
$nepr = intval($nepr);
if (mysql_query("Update kurs set nik='".$nik."', status='".$status."', obiav='".$obiav."', nepr='".$nepr."' where id ='1';"))
{
echo 'Изменёно!<br/>';
echo "<a href="apanel.php?$ses$takep&go=bank$takep">Назад</a><br/>n";
}
else
{
echo 'Ошибка!<br/>';
echo "<a href="apanel.php?$ses$takep&go=bank$takep">Назад</a><br/>n";
}
break;
case 'razvod':
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?$ses&go=updrazvod$takep" method="post">n";
echo $fsize1;
echo 'ID мужа:<br/>';
echo $fsize2;
echo "<input name="zhenih" maxlength="12"/><br/>";
echo $fsize1;
echo 'ID жены:<br/>';
echo $fsize2;
echo "<input name="nevesta" maxlength="12"/><br/>";
if ($ver == "wml") {
echo $fsize1;
echo "<anchor>Развести<go href="apanel.php?$ses&go=updrazvod$takep" method="post">
<postfield name="zhenih" value="$(zhenih)"/>
<postfield name="nevesta" value="$(nevesta)"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Развести" name="enter"><br/>n";
}
break;
case 'updrazvod':
$zhenih = trim(mysql_real_escape_string(check($zhenih)));
$nevesta = trim(mysql_real_escape_string(check($nevesta)));
if (empty($zhenih)) $error=$error."<u>Не заполнено поле Жених!</u><br/>";
if (empty($nevesta)) $error=$error."<u>Не заполнено поле Невеста!</u><br/>";
$result = mysql_query ("Select * from users where id = '".$zhenih."' and sex='М'");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo "<u>Парня с ID <b>".$zhenih."</b> не сущетвует.</u><br/>";
echo $fsize2;
break;
}
$raz = mysql_fetch_array($result);
$zhena = $raz['para'];
if ($zhena != $nevesta) {
echo $fsize1;
echo "<b>ID ".$nevesta."</b> не является женой для ID <b>".$zhenih."</b>.<br/>";
echo $fsize2;
break;
}
$result = mysql_query ("Select * from users where id = '".$nevesta."' and sex='Ж'");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo "<u>Девушки с ID <b>".$nevesta."</b> не сущетвует.</u><br/>";
echo $fsize2;
break;
}
$raz = mysql_fetch_array($result);
$muj = $raz['para'];
if ($muj != $zhenih) {
echo $fsize1;
echo "<b>ID ".$zhenih."</b> не является мужем для ID <b>".$nevesta."</b>.<br/>";
echo $fsize2;
break;
}
if (empty($error)) {
if ($zhenih != $last_svadbi['zhenih']) {
if (mysql_query("Update users set para='' where id ='".$zhenih."'") &&
mysql_query("Update users set para='' where id ='".$nevesta."'")) {
echo $fsize1;
echo 'Развод успешно завершён!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка! Пара не будет разведена или данные юзеры не расписаны.<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Люди уже давно разведены!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
break;
case 'msvadbi':
if ($ver == "xhtml")
echo "<form method="POST" action="apanel.php?$ses&go=updsvadbi$takep" name="auth">n";
echo $fsize1;
echo 'ID Жениха:<br/>';
echo $fsize2;
echo '<input name="zhenih" maxlength="12"/><br/>';
echo $fsize1;
echo 'ID Невесты:<br/>';
echo $fsize2;
echo '<input name="nevesta" maxlength="12"/><br/>';
echo $fsize1;
echo 'Свидетель и друзья Жениха:<br/>';
echo $fsize2;
echo '<input name="frzhenih"/><br/>';
echo $fsize1;
echo 'Свидетельница и подруги Невесты:<br/>';
echo $fsize2;
echo '<input name="frnevesta"/><br/>';
echo $fsize1;
echo 'Организатор:<br/>';
echo $fsize2;
echo '<input name="organizatory"/><br/>';
echo $fsize2;
echo 'День Свадьбы:<br/>';
echo $fsize2;
echo "<input size="2" name="day" maxlength="2" format="*N"/>.<input size="2" name="month" maxlength="2" format="*N"/>. <input size="4" name="year" maxlength="4" format="*N"/><br/>";
echo $fsize1;
echo 'Время Свадьбы:<br/>';
echo $fsize2;
echo "<input size="2" name="chs" maxlength="2" format="*N"/>:
<input size="2" name="min" maxlength="2" format="*N"/><br/>";
if ($ver == "wml") {
echo $fsize1;
echo "<anchor>Добавить<go href="apanel.php?$ses&go=updsvadbi$takep" method="post">
<postfield name="zhenih" value="$(zhenih)"/>
<postfield name="nevesta" value="$(nevesta)"/>
<postfield name="frzhenih" value="$(frzhenih)"/>
<postfield name="frnevesta" value="$(frnevesta)"/>
<postfield name="day" value="$(day)"/>
<postfield name="month" value="$(month)"/>
<postfield name="year" value="$(year)"/>
<postfield name="chs" value="$(chs)"/>
<postfield name="min" value="$(min)"/>
<postfield name="organizatory" value="$(organizatory)"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
break;
case 'updsvadbi':
$zhenih = trim(mysql_real_escape_string(check($zhenih)));
$nevesta = trim(mysql_real_escape_string(check($nevesta)));
$frzhenih = trim(mysql_real_escape_string(check($frzhenih)));
$frnevesta = trim(mysql_real_escape_string(check($frnevesta)));
$day = trim(mysql_real_escape_string(check($day)));
$month = trim(mysql_real_escape_string(check($month)));
$year = trim(mysql_real_escape_string(check($year)));
$chs = trim(mysql_real_escape_string(check($chs)));
$min = trim(mysql_real_escape_string(check($min)));
$organizatory = trim(mysql_real_escape_string(check($organizatory)));
if (empty($zhenih)) $error=$error."<u>Не заполнено поле Жених!</u><br/>";
if (empty($nevesta)) $error=$error."<u>Не заполнено поле Невеста!</u><br/>";
if (empty($frzhenih)) $error=$error."<u>Не заполнено поле свидетель Жениха!</u><br/>";
if (empty($frnevesta)) $error=$error."<u>Не заполнено поле свидетельница Жевесты!</u><br/>";
if (empty($day)) $error=$error."<u>Не заполнено поле число!</u><br/>";
if (empty($month)) $error=$error."<u>Не заполнено поле месяц!</u><br/>";
if (empty($year)) $error=$error."<u>Не заполнено поле год!</u><br/>";
if (empty($chs)) $error=$error."<u>Не заполнено поле часов!</u><br/>";
if (empty($min)) $error=$error."<u>Не заполнено поле минут!</u><br/>";
if (empty($organizatory)) $error=$error."<u>Не заполнено поле организаторов!</u><br/>";
if (!ctype_digit($zhenih))
{
echo 'Только цифры в ID жениха!!!<br/>';
echo '<br/><br/><a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
break;
}
if (!ctype_digit($nevesta))
{
echo 'Только цифры в ID невесты!!!<br/>';
echo '<br/><br/><a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
break;
}
$userm = mysql_query ("select `id` FROM `users` where `sex` = 'М' AND `id` = '".$zhenih."';");
$usm = mysql_fetch_array($userm);
$num = $usm[0];
if (empty($num)) {
echo $fsize1;
echo "Парня с ID <b>".$zhenih."</b> не существует.<br/>";
echo $fsize2;
break;
}
$usermx = mysql_query ("select `id` FROM `users` where `sex` = 'Ж' AND `id` = '".$nevesta."';");
$usmx = mysql_fetch_array($usermx);
$numx = $usmx[0];
if (empty($numx)) {
echo $fsize1;
echo "Девушки с ID <b>".$nevesta."</b> не существует.<br/>";
echo $fsize2;
break;
}
$userm = mysql_query ("select `para` FROM `users` where `para`!='' AND `id`='".$zhenih."';");
$usm = mysql_fetch_array($userm);
$num = $usm[0];
if ($num != '') {
echo $fsize1;
echo "Парень с ИД: <b>".$zhenih."</b> уже женат!!!<br/>";
echo $fsize2;
break;
}
$userm = mysql_query ("select `para` FROM `users` where `para`!='' AND `id`='".$nevesta."';");
$usm = mysql_fetch_array($userm);
$num = $usm[0];
if ($num != '') {
echo $fsize1;
echo "Девушка с ИД: <b>".$nevesta."</b> уже замужем!!!<br/>";
echo $fsize2;
break;
}
$userm = mysql_query ("select `id` FROM `svadbi` where `nevesta ` ='".$nevesta."' AND `zhenih` ='".$zhenih."';");
$usm = mysql_fetch_array($userm);
$num = $usm[0];
if ($num != '') {
echo $fsize1;
echo 'Данная пара уже зарегистрирована в браке!!!<br/>';
echo $fsize2;
break;
}
$zhenih = mysql_real_escape_string(check($zhenih));
$nevesta = mysql_real_escape_string(check($nevesta));
$frzhenih = mysql_real_escape_string(check($frzhenih));
$frnevesta = mysql_real_escape_string(check($frnevesta));
$times = mysql_real_escape_string(check($times));
$days = mysql_real_escape_string(check($days));
if (empty($error)) {
if ($zhenih != $last_svadbi['zhenih']) {
$days = "$day.$month.$year";
$times = "$chs:$min";
if (mysql_query("insert into svadbi values(0,'".$zhenih."','".$nevesta."','".$frzhenih."','".$frnevesta."','".$days."','".$times."','".$organizatory."');") &&
mysql_query("Update users set para='".$nevesta."' where `id` ='".$zhenih."'") &&
mysql_query("Update users set para='".$zhenih."' where `id` ='".$nevesta."'")) {
$fsize1;
echo 'Свадьба успешно добавлена!<br/>';
echo $fsize2;
for ($i = 0; $i <= 23; $i++) {
$print = mysql_query("select * from `svadbi`");
$arr = mysql_fetch_array($print);
$zhenih = mysql_query ("select `user` FROM `users` where `id`='".$arr['zhenih']."';");
$xc = mysql_fetch_array($zhenih);
$zhen = $xc[0];
$newesta = mysql_query ("select `user` FROM `users` where `id`='".$arr['nevesta']."';");
$xcx = mysql_fetch_array($newesta);
$nevesta = $xcx[0];
}
} else {
echo $fsize1;
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Такая свадьба уже добавлена!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
break;
case 'dsvadbi':
$q = mysql_query("select id,zhenih,nevesta,date from svadbi order by id desc;");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Свадьбы не назначены!!!<br/>';
echo $fsize2;
} else {
if (empty($action)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="apanel.php?action=del&$ses&go=dsvadbi&mid=".$arr['id']."$takep">Свадьба ".$arr['zhenih']." & ".$arr['nevesta'].". (".$arr['date'].")</a><br/>";
echo $fsize2;
}
} else {
settype($mid, 'integer');
$mid = intval($mid);
if (mysql_query("delete from svadbi where id='".$mid."' limit 1;")) {
echo $fsize1;
echo 'Свадьба успешно удалена!<br/>';
echo $fsize2;
}
}
}
break;
###############################
case 'medal':
echo $fsize1;
echo '<b>Кого наградить:</b><br/>';
echo $fsize2;
if ($ver == "wml") {
echo "<input name="nick$ref" title="nick" maxlength="12" emptyok="true"/><br/>n";
echo $fsize1;
echo "<anchor title="go">Дальше<go href="apanel.php?go=medalka&$ses$takep" method="post">n
<postfield name="nick" value="$(nick$ref)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<form method="POST" action="apanel.php?go=medalka&$ses$takep" name="auth">n
<input name="nick" title="nick" maxlength="12" emptyok="true"/><br/>n
<br/><input type="submit" class="ibutton" value="Дальше" name="enter"><br/>n";
}
break;
/////////////////////////////////
case 'medalka':
$nick = mysql_real_escape_string(check($nick));
if (!ctype_digit($nick)) {
$nick = trim($nick);
if ($nick == "") $nick = 0;
$latuser = strtolower($nick);
$ruser = rus_to_k($nick);
if ($ruser == $nick) {
$select = mysql_query ("Select * from users where latuser = '".$latuser."'");
} else {
$select = mysql_query ("select * from users where ruser = '".$ruser."'");
}
} else {
if (!ctype_digit($nick)) { header("Location: index.php?isset=403"); die; }
$select = mysql_query ("Select * from users where id = '".$nick."'");
}
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Нет такого юзера!<br/>';
echo $fsize2;
break;
}
$inf = mysql_fetch_array ($select);
$usid = $inf["id"];
if ($ver == "xhtml") {
echo "<form method="POST" action="apanel.php?go=medal_ok&$ses$takep" name="auth">n";
if ($row["level"] < 7 and $ver != "wml") {
echo "<input type='hidden' name='medal".$re."' value='".$inf['medal']."'/>";
}
$re == "";
}
else
{
$re = $ref;
}
echo $fsize1;
echo 'Медаль:<br/>';
echo $fsize2;
echo "<select name="medal$re">n";
echo '<option value="1">Золотая</option>
<option value="2">Серебрянная</option>
<option value="3">Бронзовая</option>
</select><br/>
За что:<br/>
<input type="text" name="za" value=""/><br/>';
if ($ver == "wml") {
echo $fsize1;
echo "<anchor title="go">Сохранить<go href="apanel.php?go=medal_ok&$ses$takep" method="post">n
<postfield name="upid" value="$usid"/>n
<postfield name="medal" value="$medal"/>n
<postfield name="za" value="$za"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="hidden" name="upid" value="$usid"/>n
<br/><input type="submit" class="ibutton" value="Сохранить" name="enter"><br/>n";
}
echo '<a href="apanel.php?'.$ses.'&go=del_medal&upid='.$usid.'">Удалить медаль</a><br/>';
break;
///////////////////////////////
case 'del_medal':
$ins_str = "Update users set zolot='', sereb='', bronz='', za='' where id ='$upid'";
if (mysql_query($ins_str)) {
echo 'Медаль успешно удалена!<br/>';
} else {
echo 'Ошибка при удалении медали!<br/>';
}
$whom2 = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='$id'"));
$mwho2 = $whom2['user'];
$adm = mysql_query("Select * from users where user='$upid';");
$z = mysql_fetch_array ($adm);
$data = date("d-M-Y [H:i]");
$kol = rand(0,99999999);
$time = time();
$topic = "Награда!";
$message = "Админ <b>".$mwho2."</b> удаляет твою медаль.";
mysql_query("Insert into zapiski set klu4='".$kol."', idwho ='1', message = '".$message."', towhom = '$id', idtowhom = '$upid', time = '".$time."', readd = '0', topic = '".$topic."', date='".$data."'");
break;
case 'medal_ok';
$medal = intval($medal);
$za = mysql_real_escape_string(check($za));
$pr = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='$upid'"));
$m1 = $pr['zolot'];
$m2 = $pr['sereb'];
$m3 = $pr['bronz'];
$whom = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='$upid'"));
$mwho = $whom['user'];
if ($upid == !empty($m3) or $upid == !empty($m2) or $upid == !empty($m3)) {
echo 'Юзер <b>'.col_n($mwho).'</b> уже награждался!<br/>';
break;
}
if ($medal == 1) {
$ins_str = "Update users set whom='".$us."', zolot='".$medal."', za='".$za."' where id ='$upid';";
}
if ($medal == 2) {
$ins_str = "Update users set whom='".$us."', sereb='".$medal."', za='".$za."' where id ='$upid';";
}
if ($medal == 3) {
$ins_str = "Update users set whom='".$us."', bronz='".$medal."', za='".$za."' where id ='$upid';";
}
$whom2 = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='$id'"));
$mwho2 = $whom2['user'];
if (empty($za)) {
echo 'Ошибка! Укажи за что <b>'.col_n($mwho).'</b> награждается!<br/>';
break;
}
if (mysql_query ($ins_str)) {
echo $fsize1;
if ($medal == 1) {
echo 'Юзер <b>'.$mwho.'</b> награжден <b>золотой</b> медалью за: <b>'.$za.'</b>!<br/>';
} elseif ($medal == 2) {
echo 'Юзер <b>'.$mwho.'</b> награжден <b>серебянной</b> медалью за: <b>'.$za.'</b>!<br/>';
} elseif ($medal == 3) {
echo 'Юзер <b>'.$mwho.'</b> награжден <b>бронзовой</b> медалью за: <b>'.$za.'</b>!<br/>';
}
echo $fsize2;
} else {
echo $fsize1;
echo 'ERROR:<br/>';
echo $fsize2;
echo mysql_error();
}
$adm = mysql_query ("Select * from users where user='$upid';");
$z = mysql_fetch_array ($adm);
$data = date("d-M-Y [H:i]");
$kol = rand(0,99999999);
$time = time();
$topic = "Награда!";
$message = "Админ <b>".$mwho2."</b> награждает тебя медалью :)";
mysql_query("Insert into zapiski set klu4='".$kol."', idwho ='1', message = '".$message."', towhom = '".$id."', idtowhom = '".$upid."', time = '".$time."', readd = '0', topic = '".$topic."', date='".$data."'");
break;
###############################
case 'import_fraz':
if ($id != 10) {
echo 'Нет прав доступа!<br/>';
exit;
}
mysql_query("truncate table `bot_dialog`");
$file = file("import/bot_dialog.txt");
for($i = 0; $i < count($file); $i++) {
mysql_query("insert into `bot_dialog` values(0,'".$file[$i]."');");
$count = count($file);
}
echo $fsize1;
echo 'В базу залито ' . $count . ' Фраз для Клазнета знатоков!<br/>';
echo $fsize2;
break;
case 'import_frazi':
if ($id != 10) {
echo 'Нет прав доступа!<br/>';
break;
}
mysql_query("truncate table `frazi`");
$file = file("import/frazi.txt");
for($i = 0; $i < count($file); $i++) {
mysql_query("insert into `frazi` values(0,'".$file[$i]."');");
$count = count($file);
}
echo $fsize1;
echo 'В базу залито ' . $count . ' Фраз для Клазнета знатоков!<br/>';
echo $fsize2;
break;
case 'import_shutki':
if ($id != 10) {
echo 'Нет прав доступа!<br/>';
break;
}
mysql_query("truncate table `shutki`");
$file = file("import/shutki.txt");
for($i=0; $i < count($file); $i++) {
mysql_query("insert into `shutki` values(0,'".trim($file[$i])."');");
$count = count($file);
}
echo $fsize1;
echo 'В базу залито ' . $count . ' шуток!<br/>';
echo $fsize2;
break;
case 'import_vopros':
if ($id != 10) {
echo 'Нет прав доступа!<br/>';
break;
}
mysql_query("truncate table `bots`");
$file = file("import/vopros.txt");
for($i=0; $i < count($file); $i++) {
$ex=explode("::",$file[$i]);
$tran=strtr(trim($ex[1]),array("а"=>"a","б"=>"b","в"=>"v","г"=>"g","д"=>"d","е"=>"e","ё"=>"e","ж"=>"j","з"=>"z","и"=>"i","й"=>"i","к"=>"k","л"=>"l","м"=>"m","н"=>"n","о"=>"o","п"=>"p","р"=>"r","с"=>"s","т"=>"t","у"=>"u","ф"=>"f","х"=>"h","ш"=>"w","щ"=>"w","ц"=>"c","ч"=>"4","ь"=>".","ъ"=>".","ы"=>"y","э"=>"e","ю"=>"yu","я"=>"ya","А"=>"A","Б"=>"B","В"=>"V","Г"=>"G","Д"=>"D","Е"=>"E","Ё"=>"E","Ж"=>"J","З"=>"Z","И"=>"I","Й"=>"I","К"=>"K","Л"=>"L","М"=>"M","Н"=>"N","О"=>"O","П"=>"P","Р"=>"R","С"=>"S","Т"=>"T","У"=>"U","Ф"=>"F","Х"=>"H","Ш"=>"W","Щ"=>"W","Ц"=>"C","Ч"=>"4","Ь"=>".","Ъ"=>".","Ы"=>"Y","Э"=>"E","Ю"=>"Yu","Я"=>"Ya"));
mysql_query ("Select * from bots");
$k = mysql_affected_rows()+1;
mysql_query ("Insert into bots set number= '".$k."', vopros='".trim($ex[0])."', answer='".trim($ex[1])."', tran='".$tran."'");
$count = count($file);
}
echo $fsize1;
echo 'В базу залито ' . $count . ' вопросов!<br/>';
echo $fsize2;
break;
case 'import_zag':
if ($id != 10) {
echo 'Нет прав доступа!<br/>';
break;
}
mysql_query("truncate table `botg`");
$file = file("import/zagadki.txt");
for($i = 0; $i < count($file); $i++) {
$ex = explode("::",$file[$i]);
$tran = strtr(trim($ex[1]),array("а"=>"a","б"=>"b","в"=>"v","г"=>"g","д"=>"d","е"=>"e","ё"=>"e","ж"=>"j","з"=>"z","и"=>"i","й"=>"i","к"=>"k","л"=>"l","м"=>"m","н"=>"n","о"=>"o","п"=>"p","р"=>"r","с"=>"s","т"=>"t","у"=>"u","ф"=>"f","х"=>"h","ш"=>"w","щ"=>"w","ц"=>"c","ч"=>"4","ь"=>".","ъ"=>".","ы"=>"y","э"=>"e","ю"=>"yu","я"=>"ya","А"=>"A","Б"=>"B","В"=>"V","Г"=>"G","Д"=>"D","Е"=>"E","Ё"=>"E","Ж"=>"J","З"=>"Z","И"=>"I","Й"=>"I","К"=>"K","Л"=>"L","М"=>"M","Н"=>"N","О"=>"O","П"=>"P","Р"=>"R","С"=>"S","Т"=>"T","У"=>"U","Ф"=>"F","Х"=>"H","Ш"=>"W","Щ"=>"W","Ц"=>"C","Ч"=>"4","Ь"=>".","Ъ"=>".","Ы"=>"Y","Э"=>"E","Ю"=>"Yu","Я"=>"Ya"));
@mysql_query ("Select * from botg");
$k = mysql_affected_rows()+1;
mysql_query ("Insert into botg set number= '".$k."', vopros='".trim($ex[0])."', answer='".trim($ex[1])."', tran='".$tran."'");
$count = count($file);
}
echo $fsize1;
echo 'В базу залито ' . $count . ' загадок!<br/>';
echo $fsize2;
break;
case 'import_anekdot':
if ($id != 10) {
echo 'Нет прав доступа!<br/>';
break;
}
mysql_query("truncate table `anekdot`");
$file = file("import/anekdot.txt");
for($i = 0; $i < count($file); $i++) {
mysql_query("insert into `anekdot` values(0,'".trim($file[$i])."','6');");
$count = count($file);
}
echo $fsize1;
echo 'В базу залито ' . $count . ' анекдотов!<br/>';
echo $fsize2;
break;
case 'import_anekdot':
if ($id != 10) {
echo 'Нет прав доступа!<br/>';
break;
}
mysql_query("truncate table `anekdot`");
$file = file("import/anekdot.txt");
for($i = 0; $i < count($file); $i++) {
mysql_query("insert into `anekdot` values(0,'".trim($file[$i])."','6');");
$count = count($file);
}
echo $fsize1;
echo 'В базу залито ' . $count . ' анекдотов!<br/>';
echo $fsize2;
break;
//Toasts
case 'toast':
if ($id != 10) { echo 'А ты шо тут забыло? Пшло нах!'; }
//Сохранение
if (!empty($_POST['toast'])) {
file_put_contents('data/bot_bartender/toast.dat', htmlspecialchars($_POST['toast']));
echo '<font color="#FF0000">Успешно добавлено!</font><br />';
}
//Формы
if ($ver == "xhtml") {
$tpl = '
<form action="apanel.php?go=toast&%s" method="post">
<div>
Тосты:<br />
<textarea name="toast" rows="10" cols="40">%s</textarea><br/>
<input type="submit" class="ibutton" value="Сохранить" />
</div>
</form>';
} else {
$tpl = '
Тосты:<br />
<textarea name="toast" rows="10" cols="40" title="toast" emptyok="false">%2$s</textarea><br/>
<anchor title="go">Бот наливайко
<go href="apanel.php?go=bot_bartender&%1$s" method="post">
<postfield name="toast" value="$(toast)"/>
</go>
</anchor>';
}
echo sprintf($tpl, $ses.$takep, file_get_contents('data/bot_bartender/toast.dat'));
break;
/////////////////////////////Бот наливайко//////////////////////////////////////
case 'bot_bartender':
if ($id != 10) { echo 'А ты шо тут забыло? Пшло нах!'; }
if (isset($_GET['ok'])) echo '<b style="color:red">Готово</b><br/>';
echo '<a href="apanel.php?go=strip&'.$ses.'">Управление стриптизом</a><br/>
<a href="apanel.php?go=toast&'.$ses.'">Управление тостами</a><hr/>';
/* * * * * * * * * * * * * * Разделы * * * * * * * * * * * * */
//Удаление раздела
if (isset($_GET['del_cat'])) {
$_GET['del_cat'] =(int)$_GET['del_cat'];
mysql_query("DELETE FROM bot_bartender_cat WHERE id = '".$_GET['del_cat']."'");
$sql = mysql_query("SELECT id FROM bot_bartender_product WHERE cat_id = '".$_GET['del_cat']."'");
while(false != ($res = mysql_fetch_assoc($sql))) {
if (is_file('upload/bot_bartender/'.$res['id'].'.img')) unlink('upload/bot_bartender/'.$res['id'].'.img');
}
mysql_query("DELETE FROM bot_bartender_product WHERE cat_id = '".$_GET['del_cat']."'");
header('Location: apanel.php?go=bot_bartender&ok&'.$ses);
}
//Добавление раздела
if (isset($_GET['new_cat']) && !empty($_POST['name'])) {
$_POST['name'] = mysql_real_escape_string(check($_POST['name'], 'UTF-8'));
mysql_query("INSERT INTO bot_bartender_cat SET name = '".$_POST['name']."'");
header('Location: apanel.php?go=bot_bartender&ok&'.$ses);
}
echo '
<form action="apanel.php?go=bot_bartender&new_cat&'.$ses.$takep.'" method="post">
<div>
Имя:<br />
<input name="name" type="text" value="" />
<input type="submit" class="ibutton" value="Добавить раздел" />
</div>
</form>';
//Список разделов
$sql = mysql_query("SELECT *,(SELECT COUNT(*) FROM bot_bartender_product WHERE bot_bartender_product.cat_id = bot_bartender_cat.id ) AS count FROM bot_bartender_cat");
$cat = '';
echo '<b><small>Разделы:</small></b><br/><br/>';
while(false != ($res = mysql_fetch_assoc($sql))) {
$cat .= '<option value="'.$res['id'].'">'.$res['name'].'</option>';
echo '<b>» '.$res['name'].'</b> ('.$res['count'].') <a href="apanel.php?go=bot_bartender&del_cat='.$res['id'].'&'.$ses.$takep.'">[x]</a><br />';
//Список напитков
$p_sql = mysql_query("SELECT * FROM bot_bartender_product WHERE cat_id = '".$res['id']."'");
while(false != ($p_res = mysql_fetch_assoc($p_sql))) {
echo ' ';
if (is_file('upload/bot_bartender/'.$p_res['id'].'.img')) {
echo '<img src="utils/resize.php?img=upload/bot_bartender/'.$p_res['id'].'.img&width=32&height=0" alt="" /> ';
}
echo $p_res['name'].' | '.$p_res['alcohol'].'%| '.$p_res['price'].'$ |<a href="apanel.php?go=bot_bartender&del_product='.$p_res['id'].'&'.$ses.$takep.'">[x]</a><br />';
}
}
/* * * * * * * * * * * Продукты * * * * * * * * * * * * */
//Удаление продукта
if (isset($_GET['del_product'])) {
$_GET['del_product'] =(int)$_GET['del_product'];
mysql_query("DELETE FROM bot_bartender_product WHERE id = '".$_GET['del_product']."'");
//Удаление картинки
if (is_file('upload/bot_bartender/'.$_GET['del_product'].'.img')) unlink('upload/bot_bartender/'.$_GET['del_product'].'.img');
header('Location: apanel.php?go=bot_bartender&ok&'.$ses);
}
//Добавление продукта
if (isset($_GET['new_product']) && !empty($_POST['name']) && !empty($_POST['alcohol']) && !empty($_POST['price']) && !empty($_POST['cat_id'])) {
$_POST['name'] = mysql_real_escape_string(check($_POST['name']));
$_POST['alcohol'] = (int)$_POST['alcohol'];
$_POST['price'] = (int)$_POST['price'];
$_POST['cat_id'] = (int)$_POST['cat_id'];
mysql_query("INSERT INTO bot_bartender_product SET name = '".$_POST['name']."', alcohol = '".$_POST['alcohol']."', price = '".$_POST['price']."', cat_id = '".$_POST['cat_id']."'");
$lastId = mysql_insert_id();
if (isset($_FILES['file']['tmp_name']) && preg_match('/(jpeg|jpg|png|gif)$/i', $_FILES['file']['name'])) {
$save = 'upload/bot_bartender/'.$lastId.'.img';
copy($_FILES['file']['tmp_name'], $save);
chmod($save, 0666);
}
header('Location: apanel.php?go=bot_bartender&ok&'.$ses);
}
echo '
<hr />
<form action="apanel.php?go=bot_bartender&new_product&'.$ses.$takep.'" method="post" enctype="multipart/form-data">
<div>
Имя:<br />
<input name="name" type="text" value="" /><br />
Картинка:<br />
<input type="file" name="file" /><br />
Процент алкоголя<br />
<input name="alcohol" type="text" value="" /><br />
Цена:<br />
<input name="price" type="text" value="" /><br />
Раздел:<br />
<select size="1" name="cat_id">
<option value="0">Не выбран</option>
'.$cat.'
</select><br />
<input type="submit" class="ibutton" value="Добавить продукт" />
</div>
</form>';
break;
/*Управление стриптизом*/
case 'strip':
if ($id != 10) { echo 'А ты шо тут забыло? Пшло нах!'; }
if (isset($_GET['ok'])) echo '<b style="color:red">Готово</b><br/>';
echo '<a href="apanel.php?go=strip&reset_tmp&'.$ses.'">Обновить кеш</a><hr />';
//Обновление кеша
if (isset($_GET['reset_tmp'])) {
$glob = glob("upload/bot_bartender/strip/*");
if (!is_array($glob)) $glob = array();
file_put_contents('data/bot_bartender/strip.dat', serialize($glob));
}
//Загрузка файла
if (isset($_FILES['file']['tmp_name']) && preg_match('/(jpeg|jpg|png|gif)$/i', $_FILES['file']['name'])) {
$save = 'upload/bot_bartender/strip/'.time().'.'.mb_strtolower(pathInfo($_FILES['file']['name'], PATHINFO_EXTENSION), 'UTF-8');
copy($_FILES['file']['tmp_name'], $save);
chmod($save, 0666);
header('Location: apanel.php?go=strip&ok&reset_tmp&last&'.$ses);
}
//Удаление файла
if (isset($_GET['del_file']) && preg_match('/^([0-9]+).(jpeg|jpg|png|gif)$/i', $_GET['del_file'])) {
unlink('upload/bot_bartender/strip/'.$_GET['del_file']);
header('Location: apanel.php?go=strip&ok&reset_tmp&page='.(int)$_GET['page'].'&'.$ses);
}
echo '
<form action="apanel.php?go=strip&'.$ses.$takep.'" method="post" enctype="multipart/form-data">
<div>
<input type="file" name="file" /><br /> <input type="submit" class="ibutton" value="Добавить фото" />
</div>
</form><hr />
<b>Список фото:</b><br />
';
$data = unSerialize(file_get_contents('data/bot_bartender/strip.dat'));
if (($count = count($data))) {
include 'class/navigator.php';
$n = new navigator($count, 5, 'apanel.php?go=strip&'.$ses.$takep.'&');
for($i = $n->start; $i<$n->end; $i++) {
echo '<img src="utils/resize.php?img='.$data[$i].'&width=50&height=0" alt="" /> <a href="apanel.php?go=strip&del_file='.basename($data[$i]).'&page='.$n->page.'&'.$ses.$takep.'">[x]</a><br />';
}
echo '<br />'.$n->navi();
}
else echo 'Пусто...<br />';
break;
////////////////////////////////////////////////////////////////////////////////
case 'bk':
echo '<div class="c4">Управление бойцовским клубом</div><br/>';
if ($id != 10) { echo 'А ты шо тут забыло? Пшло нах!'; }
$urlStart = 'apanel.php?go=bk&'.$ses.$takep;
$urlEnd = '';
include_once "bk/admin.php";
break;
}
echo $fsize1;
echo '<br/>';
if ($go) echo "<div class = 'd1'><a href="apanel.php?$ses$takep">← Админка</a></div>n";
if (isset($rm)) echo "<div class = 'd1'><a href="chat.php?$ses&rm=$rm&ref=$ref">← В чат</a></div>n";
echo "<div class='d1'><a href="enter.php?$ses&ref=$ref">← Прихожая</a></div>n";
echo $fsize2;
include_once 'foot.php';
mysql_close($link);
ob_end_flush();
?>