Файл: region_clean/mpanel.php
Строк: 1051
<?php
#######################################
## Mod By KoT (borispol) [76-75-072] ##
#######################################
require_once "start.php";
require_once "sid.php";
header("Cache-Control: no-cache");
if ($ver == "wml") header ("Content-type:text/vnd.wap.wml; charset=utf-8");
else header("Content-Type:text/html; charset=UTF-8");
require_once "inc.php";
$link = connect_db();
list($row, $id, $ps, $fsize1, $fsize2) = check_login($link);
require_once "version.php";
if ($row['level'] < 4) {
if ($ver == "wml") {
echo $xml;
echo $dtd;
echo "<wml>n
<card id="error" title="Ошибка доступа" ontimer="enter.php?$ses&ref=$ref"><timer value="15"/>
<p align="center">n";
} else {
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><link rel="stylesheet" type="text/css" href="css/$css.css"/>
<title>Ошибка доступа</title>
<META HTTP-EQUIV="Refresh" CONTENT="2; URL=enter.php?$ses&ref=$ref">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/></head><body>
<div align="center">";
}
echo $fsize1;
echo 'У тебя нет прав доступа!';
echo $fsize1;
include_once "foot.php";
exit;
}
$fi = fopen("log/stlog.dat", "a+");
$dat = date ("~d F в H:i~");
$dat = str_replace("January","Января",$dat);
$dat = str_replace("February","Февраля",$dat);
$dat = str_replace("March","Марта",$dat);
$dat= str_replace("April","Апреля",$dat);
$dat = str_replace("May","Мая",$dat);
$dat = str_replace("June","Июня",$dat);
$dat = str_replace("July","Июля",$dat);
$dat = str_replace("August","Августа",$dat);
$dat = str_replace("September","Сентября",$dat);
$dat = str_replace("October","Октября",$dat);
$dat = str_replace("November","Ноября",$dat);
$dat = str_replace("December","Декабря",$dat);
$lst = "<b><u>".$row["user"]."</u></b> Посещал модерку $dat, Его ip: $REMOTE_ADDR, Браузер: $HTTP_USER_AGENT<br/>";
fwrite($fi, "$divide");
fwrite($fi, "$lstn");
fflush($fi);
fclose($fi);
$us = $row['user'];
$idd = $row['id'];
$login = $row['user'];
$alltraf = $row['alltraf'];
ob_start();
if ($ver == "wml") {
echo $xml;
echo $dtd;
echo "<wml>n
<head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head>n
<card id="mpanel" title="Модерка">n
<p mode="wrap">n";
} else {
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><link rel="stylesheet" type="text/css" href="css/$css.css"/>
<title>Модерка</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/></head><body>
<div align="left">";
}
$go = isset($_GET['go']) ? $_GET['go'] : NULL;
switch($go) {
default:
echo $fsize1;
echo "Привет <b>".col_n($us)."</b>!<br/>n";
echo 'Ник или ID юзера:<br/>';
echo $fsize2;
if ($ver != "wml") echo "<form method="POST" action="mpanel.php?$ses&go=stpanel&ref=$ref" name="auth">n";
echo "<input name="nick" title="nick" maxlength="13" emptyok="true"/><br/>n";
if ($ver != "wml") echo "<input type="submit" class="ibutton" value="Изменить" name="enter"><br/>n";
if ($ver == "wml") {
if ($row['level'] > 5) {
echo $fsize1;
echo "<anchor title="go">Изменить<go href="mpanel.php?$ses&go=stpanel&ref=$ref" method="post">n
<postfield name="nick" value="$(nick)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
echo $fsize1;
echo $divide;
echo $fsize2;
}
echo $fsize1;
echo '<b>Пинок</b><br/>
На сколько (мин)<br/>';
echo $fsize2;
echo "<input name="wtime" maxlength="3" title="vremya" format="*N" emptyok="true"/><br/>n";
echo $fsize1;
echo 'Причина<br/>';
echo $fsize2;
echo "<input name="whykik" maxlength="200" title="whykik" emptyok="true"/><br/>n";
echo $fsize1;
echo "<anchor title="go">Пнуть засранца<go href="kick.php?go=pni&$ses&ref=$ref" method="post">n
<postfield name="nick" value="$(nick)"/>n
<postfield name="wtime" value="$(wtime)"/>n
<postfield name="whykik" value="$(whykik)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
echo $fsize1;
echo $divide;
echo $fsize2;
if ($row['level'] > 5) {
echo $fsize1;
echo "<anchor title="go">Забанить IP+SOFT<go href="bannaip.php?$ses&ref=$ref" method="post">n
<postfield name="nick" value="$(nick)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
}
if ($row['level'] > 4) {
echo $fsize1;
echo "<anchor title="go">Забанить Huk<go href="bann.php?$ses&ref=$ref" method="post">n
<postfield name="nick" value="$(nick$ref)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
}
}
if ($row['level'] > 4) {
echo $fsize1;
echo $divide;
echo "<div class='d1'>Объявы:</div>
<a href="mpanel.php?$ses&go=mobi&ref=$ref">Добавить объявление</a><br/>
<a href="mpanel.php?$ses&go=dobi&ref=$ref">Удалить объявление</a><br/>
<a href="mpanel.php?$ses&go=tell$takep">Объявление в чат</a><br/>";
echo $fsize2;
}
if ($row['level'] > 3) {
echo $fsize1;
echo $divide;
echo "<div class='d1'>Встречи:</div>
<a href="mpanel.php?$ses&go=mmeet&ref=$ref">Добавить встречу</a><br/>
<a href="mpanel.php?$ses&go=dmeet&ref=$ref">Удалить встречу</a><br/>
<a href="mpanel.php?$ses&go=addshutki$takep">Добавить шутку</a><br/>n
<a href="mpanel.php?$ses&go=addvopr$takep">Добавить вопрос</a><br/>n";
echo $fsize2;
}
if ($row['level'] > 4) {
echo $fsize1;
echo $divide;
echo "<div class='d1'>Новости:</div>
<a href="mpanel.php?$ses&go=mnews&ref=$ref">Добавить новость</a><br/>
<a href="mpanel.php?$ses&go=dnews&ref=$ref">Удалить новость</a><br/>";
echo $fsize2;
}
if ($row['level'] > 5) {
echo $fsize1;
echo $divide;
echo "<div class='d1'>Свадьбы:</div>
<a href="mpanel.php?$ses&go=msvadbi&ref=$ref">Добавить свадьбу</a><br/>
<a href="mpanel.php?$ses&go=dsvadbi&ref=$ref">Удалить свадьбу</a><br/>
<a href="mpanel.php?$ses&go=razvod&ref=$ref">Развести</a><br/>";
echo $divide;
echo "<div class='d1'>Разбан:</div>
<a href="mpanel.php?$ses&go=unban$takep">Разбанить Ники</a><br/>n
<a href="mpanel.php?$ses&go=clbanip$takep">Разбанить IP+SOFT</a><br/>n
<a href="mpanel.php?$ses&go=unpin$takep">Выпнутые</a><br/>n";
echo $divide;
echo "<a href="mpanel.php?$ses&go=clroom&ref=$ref">Чистка комнат</a><br/>n";
echo $fsize2;
}
break;
case 'unban':
$q = mysql_query("select id,user from users where banned='1' order by id desc;");
if (empty($act)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="mpanel.php?act=unbann&$ses&go=unban&nk=".$arr['id']."$takep">".$arr['user']."</a><br/>";
echo $fsize2;
}
if (mysql_affected_rows() != 0) {
echo $fsize1;
echo '<br/>';
echo "<a href="mpanel.php?$ses&go=clbanniks$takep">Разбанить все ники</a><br/>";
echo $fsize2;
} else {
echo $fsize1;
echo 'Нет забаненых ников!<br/>';
echo $fsize2;
}
} else {
if (!is_numeric($nk)) { header("Location: index.php?isset=403"); die; }
if (mysql_query("update users set banned = '0' where id='".(int)$nk."'")) {
echo $fsize1;
echo 'Ник разбанен!<br/>';
echo '<br/>';
echo "<a href="mpanel.php?$ses&go=unban$takep">Разбанить ещё?</a><br/>";
echo $fsize2;
}
}
break;
case 'unpin':
$tekt = time();
$ri = mysql_query("SELECT user,id,whykik,kik from users WHERE $tekt<kik");
$i = 1;
if (mysql_affected_rows() != 0) {
echo 'Выпнутые:<br/>';
while ($ai = mysql_fetch_assoc($ri))
{
$totime = $ai['kik']-$tekt;
echo ($i++).") <a href="mpanel.php?$ses&go=clkick&pid=".$ai['id']."">".$ai['user']."</a> ($totime сек.) причина: (".$ai['whykik'].")<br/>";
}
echo "<br/><a href="mpanel.php?$ses&go=clpinniks$takep">Освободить все ники</a><br/>";
}
else
{
echo 'Нет выпнутых<br/>';
}
break;
case 'clkick':
$pid = intval($pid);
$select = mysql_query("Select user from users where id='".$pid."' LIMIT 1;");
$inf = mysql_fetch_array($select);
$fignik = $inf['user'];
mysql_query("UPDATE users set kik='0' WHERE id='".$pid."' LIMIT 1;");
$a = mysql_fetch_array($r);
echo $fignik . ' освобожден от пинка!<br/>';
break;
case 'clbanip':
$q = mysql_query("select klu4,ip,soft from bannlist order by klu4 desc;");
if (empty($act)) {
while($arr = mysql_fetch_assoc($q)) {
echo $fsize1;
echo "<a href="mpanel.php?act=cl&$ses&go=clbanip&nk=".$arr['klu4']."$takep">".$arr['ip']." ".$arr['soft']."</a><br/>";
echo '<br/>';
echo $fsize2;
}
if (mysql_affected_rows() != 0) {
echo $fsize1;
echo "<a href="mpanel.php?$ses&go=clbanip&act=unbannall$takep">Разбанить всех по IP+SOFT</a><br/>";
echo $fsize2;
} else {
echo $fsize1;
echo 'Нет забаненых по IP+SOFT!<br/>';
echo $fsize2;
}
} elseif ($act == "unbannall") {
mysql_query ("DELETE from bannlist");
echo $fsize1;
echo 'Таблица банов по ip+soft очищена<br/>';
echo $fsize2;
} else {
if (!is_numeric($nk)) { header("Location: index.php?isset=403"); die; }
if (mysql_query("delete from bannlist where klu4='".(int)$nk."'")) {
echo $fsize1;
echo 'IP+SOFT успешно разбанены!<br/>';
echo '<br/>';
echo "<a href="mpanel.php?$ses&go=clbanip$takep">Разбанить ещё?</a><br/>";
echo $fsize2;
}
}
break;
case 'addshutki':
echo $fsize1;
echo 'При включенном транслите шутки транслитерируются<br/>
Шутка:<br/>
<input name="aneks" maxlength="255" title="quests"/><br/>';
echo $fsize2;
if ($ver == "xhtml")
echo "<form method="POST" action="mpanel.php?go=goaddshutki&$ses$takep" name="auth">n";
echo $fsize1;
echo '<br/>';
echo $fsize2;
if ($ver == "wml") {
echo $fsize1;
echo "<input name="anek" maxlength="255" title="quest"/><br/>
<anchor title="go">Добавить<go href="mpanel.php?go=goaddshutki&$ses$takep" method="post">n
<postfield name="anek" value="$(anek)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
break;
case 'goaddshutki':
if ($row['translit'] == 1)
$anek = trun_to_rus($anek);
$anek = str_replace(chr("13"), " ", $anek);
$anek = str_replace(chr("10"), " ", $anek);
$anek = trim(" $anek ");
$anek = ereg_replace(" +"," ",$anek);
$anek = substr($anek,0,400);
$anek = str_replace("n", " ", $anek);
$anek = str_replace("$", "$$", $anek);
$anek = mysql_real_escape_string(check($anek));
$r = mysql_query("select * from shutki");
$k = mysql_affected_rows() + 1;
mysql_query ("Insert into shutki set klu4='".(int)$k."', message='".$anek."'");
if (mysql_error() == false) {
echo $fsize1;
echo 'Анекдот был добавлен в базу<br/>';
echo 'Всего анекдотов: ' . $k . ' <br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка при записи!<br/>';
echo $fsize2;
echo mysql_error();
}
break;
case 'addvopr':
echo $fsize1;
echo 'При включенном транслите вопросы и ответы транслитерируются<br/>
Вопрос:<br/>
<input name="anek" maxlength="255" title="quest"/><br/>';
echo $fsize2;
echo "<form method="POST" action="mpanel.php?go=goaddvopr&$ses$takep" name="auth">n";
echo $fsize1;
echo 'Ответ:<br/>';
echo $fsize2;
echo "<input name="answ" maxlength="60" title="answ"/><br/>n";
if ($ver == "wml") {
echo $fsize1;
echo "<anchor title="go">Добавить<go href="mpanel.php?go=goaddvopr&$ses$takep" method="post">n
<postfield name="vopros" value="$(vopros)"/>n
<postfield name="answ" value="$(answ)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
break;
case 'goaddvopr':
$vopros = mysql_real_escape_string(check($vopros));
$answ = mysql_real_escape_string(check($answ));
if ($row['translit'] == 1) {
$vopros = trun_to_rus($vopros);
$answ = trun_to_rus($answ);
}
$tran = strtr($answ,array("а"=>"a","б"=>"b","в"=>"v","г"=>"g","д"=>"d","е"=>"e","ё"=>"e","ж"=>"j","з"=>"z","и"=>"i","й"=>"i","к"=>"k","л"=>"l","м"=>"m","н"=>"n","о"=>"o","п"=>"p","р"=>"r","с"=>"s","т"=>"t","у"=>"u","ф"=>"f","х"=>"h","ш"=>"w","щ"=>"w","ц"=>"c","ч"=>"4","ь"=>".","ъ"=>".","ы"=>"y","э"=>"e","ю"=>"yu","я"=>"ya","А"=>"A","Б"=>"B","В"=>"V","Г"=>"G","Д"=>"D","Е"=>"E","Ё"=>"E","Ж"=>"J","З"=>"Z","И"=>"I","Й"=>"I","К"=>"K","Л"=>"L","М"=>"M","Н"=>"N","О"=>"O","П"=>"P","Р"=>"R","С"=>"S","Т"=>"T","У"=>"U","Ф"=>"F","Х"=>"H","Ш"=>"W","Щ"=>"W","Ц"=>"C","Ч"=>"4","Ь"=>".","Ъ"=>".","Ы"=>"Y","Э"=>"E","Ю"=>"Yu","Я"=>"Ya"));
mysql_query ("Select * from bots");
$k = mysql_affected_rows()+1;
mysql_query ("Insert into bots set number= '".(int)$k."', vopros='".$vopros."', answer='".$answ."', tran='".$tran."'");
if (mysql_error() == false) {
echo $fsize1;
echo 'Вопрос был добавлен в базу!<br/>
Всего вопросов: ' . $k . ' <br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка при записи!<br/>';
echo $fsize2;
echo mysql_error();
}
break;
case 'tell':
echo $fsize1;
echo 'Текст:<br/>';
echo $fsize2;
if ($ver == "xhtml")
echo "<form method="POST" action="mpanel.php?go=gotell&$ses$takep" name="auth">n
<input name="txt" maxlength="400" title="text"/><br/>n";
if ($ver == "wml") {
echo $fsize1;
echo "<input name="txt" maxlength="400" title="text"/><br/>n
<anchor title="go">Ok<go href="mpanel.php?go=gotell&$ses$takep" method="post">n
<postfield name="txt" value="$(txt)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Ok" name="enter"><br/>n";
}
break;
case 'gotell':
if ($row['translit'] == 1) $txt = trun_to_rus($txt);
$rnd = mt_rand(0,99999999);
$today = date ("H:i");
$time = time();
$txt = mysql_real_escape_string(check($txt));
$txt = "<b>".$txt."</b>";
for ($num = 0; $num <= 22; $num++) {
$room = "room".$num;
if (!is_numeric($id)) { header("Location: index.php?isset=403"); die; }
mysql_query ("Insert into $room set klu4= '".$rnd."', time='".$today."', who='".$us."', message='".$txt."', id='".$time."', towhom='', hid='0', usid='".$id."', komu=''");
}
if (mysql_error() == false) {
echo $fsize1;
echo 'Объявление сделано!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка при записи!<br/>';
echo $fsize2;
echo mysql_error();
}
break;
case 'mnews':
$content = trim(mysql_real_escape_string(check($content)));
$date = date("j.m.Y");
if (empty($content)) $error=$error."<u>Пустое содержание встречи!</u><br/>";
if (empty($action)) {
echo $fsize1;
echo 'Новость:<br/>';
echo $fsize2;
echo $fsize1;
if ($ver == "wml") {
echo "<anchor>Добавить<go href="mpanel.php?$ses&go=mnews" method="post">
<postfield name="action" value="add"/>
<postfield name="content" value="$(content)"/>
<postfield name="date" value="$date"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<form method="POST" action="mpanel.php?$ses&go=mnews" name="auth">n
<input name="content"/><br/>
<input type="hidden" name="action" value="add"/>
<input type="hidden" name="date" value="$date"/>
<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
} else {
if (empty($error)) {
$last_news = mysql_fetch_assoc(mysql_query("SELECT `content` FROM `news` WHERE `content`='".$content."'"));
if ($content != $last_news['content']) {
if (mysql_query("insert into news values(0,'$login','$content','$date');")) {
echo $fsize1;
echo 'Твоя новость успешно добавлена!<br/>';
} else {
echo $fsize1;
echo 'Ошибка записи новости!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Такая новость уже добавлена!<br/>';
}
echo $fsize2;
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
}
break;
case 'dnews':
$q = mysql_query("select id,content from news order by id desc;");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Новостей нет!!!<br/>';
echo $fsize2;
} else {
if (empty($action)) {
while($arr = mysql_fetch_assoc($q)) {
echo $fsize1;
echo "<a href="mpanel.php?action=del&$ses&go=dnews&mid=".$arr['id']."">".$arr['id'].":</a> ".$arr['content']."<br/>";
echo $fsize2;
}
} else {
if (mysql_query("delete from news where id='".(int)$mid."' limit 1;")) {
echo $fsize1;
echo 'Запись успешно удалена!<br/>';
echo $fsize2;
}
}
}
break;
case 'mmeet':
$title = trim(mysql_real_escape_string(check($title)));
$content = trim(mysql_real_escape_string(check($content)));
$organizatory = trim(mysql_real_escape_string(check($organizatory)));
if (empty($title)) $error=$error."<u>Название не введено!</u><br/>";
if (empty($content)) $error=$error."<u>Пустое содержание встречи!</u><br/>";
if (empty($organizatory)) $error=$error."<u>Организаторов нет!</u><br/>";
if (empty($action)) {
if ($ver == "wml") {
echo $fsize1;
echo 'Название:<br/>';
echo $fsize2;
echo '<input name="title"/><br/>';
echo $fsize1;
echo 'Содержание:<br/>';
echo $fsize2;
echo '<input name="content"/><br/>';
echo $fsize1;
echo 'Организаторы:<br/>';
echo $fsize2;
echo '<input name="organizatory"/><br/>';
echo $fsize1;
echo "<anchor>Добавить<go href="mpanel.php?$ses&go=mmeet$takep" method="post">
<postfield name="action" value="add"/>
<postfield name="title" value="$(title)"/>
<postfield name="content" value="$(content)"/>
<postfield name="organizatory" value="$(organizatory)"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<form method="POST" action="mpanel.php?$ses&go=mmeet$takep" name="auth">n
<input type="hidden" name="action" value="add"/>n";
echo $fsize1;
echo 'Название:<br/>';
echo $fsize2;
echo "<input type="text" name="title" value="$title"/><br/>n";
echo $fsize1;
echo 'Содержание:<br/>';
echo $fsize2;
echo "<input type="text" name="content" value="$content"/><br/>n";
echo $fsize1;
echo 'Организаторы:<br/>';
echo $fsize2;
echo "<input type="text" name="organizatory" value="$organizatory"/><br/>n
<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
} else {
if (empty($error)) {
if ($title != $last_meet['title']) {
if (mysql_query("insert into vstrechi values(0,'".$login."','".$title."','".$content."','".$organizatory."');")) {
echo $fsize1;
echo 'Твоя встреча успешно добавлена!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Проблемы с базой данных!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Такая встреча уже добавлена!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
}
break;
case 'dmeet':
$q = mysql_query("select id,title from vstrechi order by id desc;");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Встреч нет!!!<br/>';
echo $fsize2;
} else {
if (empty($action)) {
while($arr = mysql_fetch_assoc($q)) {
echo $fsize1;
echo "<a href="mpanel.php?action=del&$ses&go=dmeet&mid=".$arr['id']."">".$arr['title']."</a><br/>";
echo $fsize2;
}
} else {
if (mysql_query("delete from vstrechi where id='".(int)$mid."' limit 1;")) {
echo $fsize1;
echo 'Запись успешно удалена!<br/>';
echo $fsize2;
}
}
}
break;
case 'mobi':
function url_replace($m) {
if (!isset($m[3])) {
return '<a href="link.php?&l=' . $m[1] . '">' . $m[2] . '</a>';
} else {
return '<a href="link.php?&l=' . $m[3] . '">' . $m[3] . '</a>';
}
}
function bb_code($message) {
$message = preg_replace('#[b](.*?)[/b]#si', '<b>1</b>', $message);
$message = preg_replace('#[i](.*?)[/i]#si', '<i>1</i>', $message);
$message = preg_replace('#[u](.*?)[/u]#si', '<u>1</u>', $message);
$message = preg_replace('#[small](.*?)[/small]#si', '<small>1</small>', $message);
$message = preg_replace('#[red](.*?)[/red]#si', '<font color="#FF0000">1</font>', $message);
$message = preg_replace('#[green](.*?)[/green]#si', '<font color="#00FF00">1</font>', $message);
$message = preg_replace('#[blue](.*?)[/blue]#si', '<font color="#0000FF">1</font>', $message);
$message = preg_replace('#[yellow](.*?)[/yellow]#si', '<font color="#FFFF00">1</font>', $message);
$message = preg_replace('#[del](.*?)[/del]#si', '<del>1</del>', $message);
$message = preg_replace_callback('~\[url=(http://.+?)\](.+?)\[/url\]|(http://(www.)?[0-9a-z.-]+.[a-z]{2,6}[0-9a-zA-Z/?.~&_=/%-:#]*)~', 'url_replace', $message);
return $message;
}
$title = trim(mysql_real_escape_string(check($title)));
$content = trim(mysql_real_escape_string(check($content)));
$login = trim(mysql_real_escape_string(check($login)));
if (empty($title)) $error=$error."<u>Название не введено!</u><br/>";
if (empty($content)) $error=$error."<u>Пустое содержание встречи!</u><br/>";
if (empty($action)) {
if ($ver == "wml") {
echo $fsize1;
echo 'Название:<br/>';
echo $fsize2;
echo '<input name="title"/><br/>';
echo $fsize1;
echo 'Содержание:<br/>';
echo $fsize2;
echo '<input name="content"/><br/>';
echo $fsize1;
echo "<anchor>Добавить<go href="mpanel.php?$ses&go=mobi$takep" method="post">
<postfield name="action" value="add"/>
<postfield name="title" value="$(title)"/>
<postfield name="content" value="$(content)"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<form method="POST" action="mpanel.php?$ses&go=mobi$takep" name="auth">n
<input type="hidden" name="action" value="add"/>n";
echo $fsize1;
echo 'Название:<br/>';
echo $fsize2;
echo '<input type="text" name="title"/><br/>';
echo $fsize1;
echo 'Содержание:<br/>';
echo $fsize2;
echo "<input type="text" name="content"/><br/>n
<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
} else {
if (empty($error)) {
$last_obiav = mysql_fetch_assoc(mysql_query("SELECT `id`,`title` FROM `obiav` WHERE `content`='".$content."'"));
if ($title != $last_obiav['title']) {
$content = bb_code($content);
require_once "smile.php";
$content = smiles($content);
$minpos = 500;
$nm = 500;
for ($j = 0; $j <= count($smiles)-1; $j++) {
$tmpp = strpos($content,$smiles[$j]);
if (($tmpp < $minpos) and ($tmpp !== false)) {
$minpos = $tmpp; $nm = $j;
}
}
if ($minpos != 500) {
if ($row['translit'] != 1) {
$st1 = substr($content,0,$minpos+strlen($smiles[$nm]));
$st2 = substr($content,$minpos+strlen($smiles[$nm]),strlen($content)-strlen($st1));
$st1_wosm = $st1;
$st1 = str_replace($smiles[$nm],$replaces[$nm],$st1);
if (strpos($replaces[$nm],"smil/") !== false)
$st1_woasm = $st1_wosm;
else
$st1_woasm = $st1;
$content_woasm = $st1.$st2;
$content_wosm = $st1_wosm.$st2;
$content = $st1_woasm.$st2;
}
else
{
$st1 = substr($content,0,$minpos);
$st2 = substr($content,$minpos, strlen($smiles[$nm]));
$st3 = substr($content,$minpos+strlen($smiles[$nm]),strlen($content)-strlen($st1)-strlen($st2));
$st1 = trun_to_rus($st1);
$st2_wosm = $st2;
$st2 = $replaces[$nm];
if (strpos($replaces[$nm],"smil/") !== false)
$st2_woasm = $st2_wosm;
else
$st2_woasm = $st2;
$st3 = trun_to_rus($st3);
$content = $st1.$st2_woasm.$st3;
$content_wosm = $st1.$st2_wosm.$st3;
$content_woasm = $st1.$st2.$st3;}}
elseif ($row['translit'] == 1) $content = trun_to_rus($content);
unset($smiles);
unset($replaces);
if (mysql_query("insert into obiav values(0,'".$login."','".$title."','".$content."','','');")) {
echo $fsize1;
echo 'Объявление успешно добавлено!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Проблемы с базой данных!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Такое объявление уже добавлено!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
}
break;
case 'dobi':
$q = mysql_query("select * from obiav order by id desc;");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Объявлений нет!!!<br/>';
echo $fsize2;
} else {
if (empty($action)) {
while($arr = mysql_fetch_assoc($q)) {
echo $fsize1;
echo "<a href="mpanel.php?action=del&$ses&go=dobi&mid=".$arr['id']."">".$arr['title']."</a><br/>";
echo $fsize2;
}
} else {
if (!is_numeric($mid)) { header("Location: index.php?isset=403"); die; }
if (mysql_query("delete from obiav where id='".(int)$mid."' limit 1;")) {
echo $fsize1;
echo 'Объявление успешно удалено!<br/>';
echo $fsize2;
}
}
}
break;
case 'clroom':
echo $fsize1;
echo 'Комнаты будут автоматически очищены через 3 минуты!<br/>';
echo $fsize2;
if (isset($rm)) echo "<a href="chat.php?$ses&rm=$rm&ref=$ref">В чат</a><br/>";
$fp = fopen("log/clear.dat", "w");
fclose($fp);
$f = fopen("log/clear.dat","a+");
flock($f,LOCK_EX);
$cleardata = time() + 200;
fwrite($f,$cleardata);
fflush($f);
flock($f,LOCK_UN);
fclose($f);
$rnd = mt_rand(0,99999999);
$mes = "<b>Внимание! Через 3 минуты будет очистка комнат. И не говорите потом, что вас не предупреждали =)</b>";
$today = date("H:i");
$time = getmicrotime();
for ($num = 0; $num <= 23; $num++) {
$ranec = "room".$num;
mysql_query ("Insert into $ranec set klu4= '".$rnd."', time='".$today."', who='".$us."', message='".$mes."', id='".$time."', towhom='', hid='".$idd."', usid='".$idd."', komu=''");
mysql_query("ANALYZE TABLE $ranec");
}
break;
case 'stpanel':
if ($row['level'] < 6) {
echo 'У тебя нет прав доступа!<br/>';
break;
}
$nick = mysql_real_escape_string(check($nick));
if (!is_numeric($nick)) {
if (!isset($nick)) $nick=0;
$nick = trim($nick);
if ($nick == '') $nick=0;
$latuser = strtolower($nick);
$ruser = rus_to_k($nick);
if ($ruser == $nick) {
$select = mysql_query ("Select * from users where latuser = '".$latuser."'");
} else {
$select = mysql_query ("select * from users where ruser = '".$ruser."'");
}
} else {
$select = mysql_query ("select * from users where id = '".$nick."'");
}
if (mysql_affected_rows() == 0) {
echo 'Нет такого юзера<br/>';
break;
}
$inf = mysql_fetch_array($select);
$level1 = $row['level'];
$level2 = $inf['level'];
$upid = $inf['id'];
if ($level1 >= $level2) {
echo $fsize1;
if ($ver != "wml") echo "<form method="POST" action="mpanel.php?$ses&go=upd&ref=$ref" name="go">n";
echo 'ID-Номер:<br/>';
echo '<b>' . $upid . '</b><br/>';
echo 'Ник:<br/>';
echo $fsize2;
echo "<input name="upnick" maxlength="13" value="$inf[user]" title="nick"/><br/>n";
echo $fsize1;
echo 'Статус:<br/>';
echo $fsize2;
echo "<input name="status" maxlength="20" value="$inf[status]" title="status"/><br/>n";
echo $fsize1;
echo 'Невидимость(только для Модеров!):<br/>';
echo $fsize2;
echo '<select name="inv">';
if ($row['inv'] == 0) {
echo '<option value="0">Отключена</option>
<option value="1">Включена</option>';
} else {
echo '<option value="1">Включена</option>
<option value="0">Отключена</option>';
}
echo '</select><br/>';
if ($ver == "wml") {
echo $fsize1;
echo "<anchor title="go">Сохранить<go href="mpanel.php?$ses&go=upd&ref=$ref" method="post">n
<postfield name="upid" value="$upid"/>n
<postfield name="upnick" value="$(upnick)"/>n
<postfield name="status" value="$(status)"/>n
<postfield name="inv" value="$(inv)"/>n
</go></anchor>n";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="hidden" name="upid" value="$inf[id]"/>n
<input type="submit" class="ibutton" value="Сохранить" name="enter"><br/>n";
}
echo $fsize1;
echo $divide;
echo "<a href="mpanel.php?$ses&go=1000&upid=$upid&ref=$ref">Дать 1000 постов</a><br/>";
echo $fsize2;
} else {
echo $fsize1;
echo 'Ты не можешь просматривать и изменять инфо Админа или юзера выше тебя по статусу.<br/>';
echo $fsize2;
}
break;
case 'upd':
$upnick = mysql_real_escape_string(check($upnick));
$upnick = trim($upnick);
if ($upnick == '') {
echo $fsize1;
echo 'Ошибка '.$upnick.'!<br/>';
echo $fsize2;
break;
}
if (!is_numeric($upid)) { header("Location: index.php?isset=403"); die; }
$latuser = strtolower($upnick);
$ruser = rus_to_k($upnick);
if ($ruser == $upnick) {
mysql_query ("Select * from users where (latuser = '".$latuser."') and (id != '".$upid."')");
} else {
mysql_query ("select * from users where (ruser = '".$ruser."') and (id != '".$upid."')");
}
if (preg_match('/([a-zA-Z]+)/i',$upnick) and preg_match('/([а-яА-Я]+)/i',$upnick))
{
echo 'Ошибка! Ник не должен состоять из рус. и англ. букв.<br/>';
exit;
}
if (mb_strlen($upnick,'UTF8') > 12) {
echo 'Слишком длинный ник! Макс. 12 символов.<br/>';
break;
}
if (mysql_affected_rows() != 0) {
echo $fsize1;
echo 'Пользователь с таким ником уже сушествует<br/>';
echo $fsize2;
break;
}
$upnick = mysql_real_escape_string(check($upnick));
$ruser = mysql_real_escape_string($ruser);
$latuser = mysql_real_escape_string(check($latuser));
$status = mysql_real_escape_string(check($status));
$upnick = mysql_real_escape_string(check($upnick));
$latuser = mysql_real_escape_string(check($latuser));
$status = mysql_real_escape_string(check($status));
$inv = intval($inv);
if (!is_numeric($inv)) { header("Location: index.php?isset=403"); die; }
if (!is_numeric($upid)) { header("Location: index.php?isset=403"); die; }
if ($ruser == $upnick) $ins_str = "Update users set user='".$upnick."', status='".$status."', inv='".$inv."', ruser = '', latuser = '".$latuser."' where id ='".$upid."'";
else $ins_str = "Update users set user='".$upnick."', status='".$status."', inv='".$inv."', ruser = '".$ruser."', latuser = '' where id ='".$upid."'";
if (mysql_query ($ins_str)) {
echo $fsize1;
echo 'Профиль изменен!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка!<br/>';
echo $fsize2;
}
break;
case '1000':
if ($row['level'] < 6) {
echo $fsize1;
echo 'У тебя нет прав доступа!';
echo $fsize2;
break;
}
if (!is_numeric($upid)) { header("Location: index.php?isset=403"); die; }
$result = mysql_query ("select * from users where id = '".(int)$upid."'");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Нет такого юзера!<br/>';
echo $fsize2;
break;
}
$row = mysql_fetch_array($result);
echo $fsize1;
echo "Ты можешь поставить юзеру 1000 постов. Это сделано для того, чтобы он тянул в чат новых людей! Посты не плюсуются!<br/>
Ник: <b>$row[user]</b><br/>n
<a href="mpanel.php?$ses&go=upd1&upid=$upid&ref=$ref">Дать 1000 постов</a><br/>";
echo $fsize2;
echo '<br/>';
break;
case 'upd1':
if (mysql_query ("Update users set posts='1000' where id ='".(int)$upid."'")) {
echo $fsize1;
echo 'Профиль изменен!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка!<br/>';
echo $fsize2;
}
break;
case 'razvod':
if ($ver == "xhtml")
echo "<form method="POST" action="mpanel.php?$ses&go=updrazvod$takep" method="post">n";
echo $fsize1;
echo 'ID мужа:<br/>';
echo $fsize2;
echo "<input name="zhenih" maxlength="12"/><br/>";
echo $fsize1;
echo 'ID жены:<br/>';
echo $fsize2;
echo "<input name="nevesta" maxlength="12"/><br/>";
if ($ver == "wml") {
echo $fsize1;
echo "<anchor>Развести<go href="mpanel.php?$ses&go=updrazvod$takep" method="post">
<postfield name="zhenih" value="$(zhenih)"/>
<postfield name="nevesta" value="$(nevesta)"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Развести" name="enter"><br/>n";
}
break;
case 'updrazvod':
$zhenih = trim(mysql_real_escape_string(check($zhenih)));
$nevesta = trim(mysql_real_escape_string(check($nevesta)));
if (empty($zhenih)) $error=$error."<u>Не заполнено поле Жених!</u><br/>";
if (empty($nevesta)) $error=$error."<u>Не заполнено поле Невеста!</u><br/>";
$result = mysql_query ("Select * from users where id = '".$zhenih."' and sex='М'");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo "Парня с ID <b>".$zhenih."</b> не сущетвует.<br/>";
echo $fsize2;
break;
}
$raz = mysql_fetch_array($result);
$zhena = $raz['para'];
if ($zhena != $nevesta) {
echo $fsize1;
echo "<b>ID ".$nevesta."</b> не является женой для ID <b>".$zhenih."</b>.<br/>";
echo $fsize2;
break;
}
$result = mysql_query ("Select * from users where id = '".$nevesta."' and sex='Ж'");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo "Девушки с ID <b>".$nevesta."</b> не сущетвует.<br/>";
echo $fsize2;
break;
}
$raz = mysql_fetch_array($result);
$muj = $raz['para'];
if ($muj != $zhenih) {
echo $fsize1;
echo "<b>ID ".$zhenih."</b> не является мужем для ID <b>".$nevesta."</b>.<br/>";
echo $fsize2;
break;
}
if (empty($error)) {
$last_svadbi = mysql_fetch_assoc(mysql_query("SELECT `zhenih` FROM `svadbi` WHERE para=''"));
if ($zhenih != $last_svadbi['zhenih']) {
if (mysql_query("Update users set para='' where id ='".$zhenih."'") &&
mysql_query("Update users set para='' where id ='".$nevesta."'")) {
echo $fsize1;
echo 'Развод успешно завершён!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка! Пара не будет разведена или данные юзеры не расписаны.<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Люди уже давно разведены!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
break;
case 'msvadbi':
if ($ver == "xhtml")
echo "<form method="POST" action="mpanel.php?$ses&go=updsvadbi$takep" name="auth">n";
echo $fsize1;
echo 'ID Жениха:<br/>';
echo $fsize2;
echo '<input name="zhenih" maxlength="12"/><br/>';
echo $fsize1;
echo 'ID Невесты:<br/>';
echo $fsize2;
echo '<input name="nevesta" maxlength="12"/><br/>';
echo $fsize1;
echo 'Свидетель и друзья Жениха:<br/>';
echo $fsize2;
echo '<input name="frzhenih"/><br/>';
echo $fsize1;
echo 'Свидетельница и подруги Невесты:<br/>';
echo $fsize2;
echo '<input name="frnevesta"/><br/>';
echo $fsize1;
echo 'Организатор:<br/>';
echo $fsize2;
echo '<input name="organizatory"/><br/>';
echo $fsize2;
echo 'День Свадьбы:<br/>';
echo $fsize2;
echo "<input size="2" name="day" maxlength="2" format="*N"/>.<input size="2" name="month" maxlength="2" format="*N"/>. <input size="4" name="year" maxlength="4" format="*N"/><br/>";
echo $fsize1;
echo 'Время Свадьбы:<br/>';
echo $fsize2;
echo "<input size="2" name="chs" maxlength="2" format="*N"/>:<input size="2" name="min" maxlength="2" format="*N"/><br/>";
if ($ver == "wml") {
echo $fsize1;
echo "<anchor>Добавить<go href="mpanel.php?$ses&go=updsvadbi$takep" method="post">
<postfield name="zhenih" value="$(zhenih)"/>
<postfield name="nevesta" value="$(nevesta)"/>
<postfield name="frzhenih" value="$(frzhenih)"/>
<postfield name="frnevesta" value="$(frnevesta)"/>
<postfield name="day" value="$(day)"/>
<postfield name="month" value="$(month)"/>
<postfield name="year" value="$(year)"/>
<postfield name="chs" value="$(chs)"/>
<postfield name="min" value="$(min)"/>
<postfield name="organizatory" value="$(organizatory)"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>n";
}
break;
case 'updsvadbi':
$zhenih = trim(mysql_real_escape_string(check($zhenih)));
$nevesta = trim(mysql_real_escape_string(check($nevesta)));
$frzhenih = trim(mysql_real_escape_string(check($frzhenih)));
$frnevesta = trim(mysql_real_escape_string(check($frnevesta)));
$day = (int)$day;
$month = (int)$month;
$year = (int)$year;
$chs = (int)$chs;
$min = (int)$min;
$organizatory = trim(mysql_real_escape_string(check($organizatory)));
if (empty($zhenih)) $error=$error."<u>Не заполнено поле Жених!</u><br/>";
if (empty($nevesta)) $error=$error."<u>Не заполнено поле Невеста!</u><br/>";
if (empty($frzhenih)) $error=$error."<u>Не заполнено поле свидетель Жениха!</u><br/>";
if (empty($frnevesta)) $error=$error."<u>Не заполнено поле свидетельница Жевесты!</u><br/>";
if (empty($day)) $error=$error."<u>Не заполнено поле число!</u><br/>";
if (empty($month)) $error=$error."<u>Не заполнено поле месяц!</u><br/>";
if (empty($year)) $error=$error."<u>Не заполнено поле год!</u><br/>";
if (empty($chs)) $error=$error."<u>Не заполнено поле часов!</u><br/>";
if (empty($min)) $error=$error."<u>Не заполнено поле минут!</u><br/>";
if (empty($organizatory)) $error=$error."<u>Не заполнено поле организаторов!</u><br/>";
if (!is_numeric($zhenih))
{
echo 'Только цыфры в ID жениха<br/>';
echo' <br/><br/><a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
exit;
}
if (!is_numeric($nevesta))
{
echo 'Только цыфры в ID невесты!<br/>';
echo '<br/><br/><a href="../enter.php?'.$ses.'&ref='.$ref.'">В прихожую</a><br/>';
exit;
}
$userm = mysql_query ("select `id` FROM `users` where `sex` = 'М' AND `id` = '".$zhenih."';");
$usm = mysql_fetch_array($userm);
$num = $usm[0];
if (empty($num)) {
echo $fsize1;
echo "Парня с ID <b>".$zhenih."</b> не существует.<br/>";
echo $fsize2;
break;
}
$usermx = mysql_query ("select `id` FROM `users` where `sex` = 'Ж' AND `id` = '".$nevesta."';");
$usmx = mysql_fetch_array($usermx);
$numx = $usmx[0];
if (empty($numx)) {
echo $fsize1;
echo "Девушки с ID <b>".$nevesta."</b> не существует.<br/>";
echo $fsize2;
break;
}
$userm = mysql_query ("select `para` FROM `users` where `para`!='' AND `id`='".$zhenih."';");
$usm = mysql_fetch_array($userm);
$num = $usm[0];
if ($num != '') {
echo $fsize1;
echo "Парень с ID: <b>".$zhenih."</b> уже женат!!!<br/>";
echo $fsize2;
break;
}
$userm = mysql_query ("select `para` FROM `users` where `para`!='' AND `id`='".$nevesta."';");
$usm = mysql_fetch_array($userm);
$num = $usm[0];
if ($num != '') {
echo $fsize1;
echo "Девушка с ID: <b>".$nevesta."</b> уже замужем!!!<br/>";
echo $fsize2;
break;
}
$userm = mysql_query ("select `id` FROM `svadbi` where `nevesta ` ='".$nevesta."' AND `zhenih` ='".$zhenih."';");
$usm = mysql_fetch_array($userm);
$num = $usm[0];
if ($num != '') {
echo $fsize1;
echo 'Данная пара уже зарегистрирована в браке!!!<br/>';
echo $fsize2;
break;
}
if (empty($error)) {
$last_svadbi = mysql_fetch_assoc(mysql_query("SELECT `zhenih` FROM `svadbi` WHERE `zhenih`='".$zhenih."'"));
if ($zhenih != $last_svadbi['zhenih']) {
$days = "$day.$month.$year";
$times = "$chs:$min";
if (mysql_query ("insert into svadbi values(0,'".$zhenih."','".$nevesta."','".$frzhenih."','".$frnevesta."','".$days."','".$times."','".$organizatory."');")&&
mysql_query("Update users set para='".$nevesta."' where `id` ='".$zhenih."'")&&
mysql_query("Update users set para='".$zhenih."' where `id` ='".$nevesta."'")) {
echo $fsize1;
echo 'Свадьба успешно добавлена!<br/>';
echo $fsize2;
for ($i = 0; $i <= 23; $i++) {
$print = mysql_query("select * from `svadbi`");
$arr = mysql_fetch_array($print);
$zhenih = mysql_query ("select `user` FROM `users` where `id`='".(int)$arr['zhenih']."';");
$xc = mysql_fetch_array($zhenih);
$zhen = $xc[0];
$newesta = mysql_query ("select `user` FROM `users` where `id`='".(int)$arr['nevesta']."';");
$xcx = mysql_fetch_array($newesta);
$nevesta = $xcx[0];
}
} else {
echo $fsize1;
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Такая свадьба уже добавлена!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
break;
case 'dsvadbi':
$q = mysql_query("select id,zhenih,nevesta,date from svadbi order by id desc;");
if (mysql_affected_rows() == 0) {
echo $fsize1;
echo 'Свадьбы не назначены!!!<br/>';
echo $fsize2;
} else {
if (empty($action)) {
while($arr = mysql_fetch_array($q)) {
echo $fsize1;
echo "<a href="mpanel.php?action=del&$ses&go=dsvadbi&mid=".$arr['id']."$takep">Свадьба ".$arr['zhenih']." & ".$arr['nevesta'].". (".$arr['date'].")</a><br/>";
echo $fsize2;
}
} else {
settype($mid, 'integer');
if (mysql_query("delete from svadbi where id='".(int)$mid."' limit 1;")) {
echo $fsize1;
echo 'Свадьба успешно удалена!<br/>';
echo $fsize2;
}
}
}
break;
}
echo $fsize1;
echo $divide;
echo '<div class = "d1">';
if ($go) echo "<a href="mpanel.php?$ses&ref=$ref">Модерка</a><br/>n";
echo "<a href="enter.php?$ses&ref=$ref">Прихожая</a>n";
echo '</div>';
echo $fsize2;
include_once "foot.php";
ob_end_flush();
?>