Файл: www/forum2/admin.php
Строк: 269
<?
require_once"../system/start.php";
require_once"../system/sid.php";
require("../config.php");
$tyu="left";
$title="Форум";
head();
function no_br($message,$replace=""){
$message=preg_replace ("|[r]+|si",$replace,$message);
return $message;
}
list($row, $myid, $ps, $fs1, $fs2) = check_login($link);
$id = check($id);
$id = check($id);
$m = check($m);
$s = check($s);
$wap = check($wap);
$tm = time()-300;
$f_count = @mysql_query("SELECT id,user FROM users WHERE onl> '".$tm ."' AND room='forum' group by user order by onl desc;");
$asnumspr = mysql_affected_rows();
@$kolf = $kolf + $asnumspr;
echo "$div1<b>Форум</b>$div9";
if($row['level'] > 3 )
{
$time = getmicrotime();
$tm = time()-300;
if($autorize) mysql_query ("Update users set onl='".$time."', room='forum' where id ='".$myid."'");
switch ($mod)
{
case "f4" :
echo $fs1;
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
break;
}
else
{
mysql_query( "delete from forum_message where section='{$id}';" );
mysql_query( "delete from forum_sections where id='{$id}' limit 1;" );
mysql_query( "delete from forum_topic where section='{$id}';" );
mysql_query( "delete from forum_subfor where section='{$id}';" );
echo "<div>форум удален!</div>";
header("Location: ".F."");
echo $fs2;
}
case "f3" :
echo $fs1;
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
}
else
{
$q = mysql_query( "select * from `forum_sections` where `id`='".$id."' ;" );
$sect = mysql_fetch_array( $q );
if ($wap==2||$wap==3) echo "<form action="" method="post">";
echo "Переименовать Форум:<br/>";
echo "<input type="text" name="for" maxlength="150" value="{$sect['name']}"/><br/>";
if ( $row['trans'] == 1 )
{
echo "<input name="tr" type="checkbox" value="1">Транслит<br/>";
}
echo "Положение:<br/>";
echo "<input type="text" name="pos" maxlength="150" value="{$sect['pos']}"/><br/>";
echo "<input type="hidden" name="f" value="$id"/>";
echo "<input type="hidden" name="mod" value="f23"/>";
if ($wap=="1"){
echo $fs1;
echo "<anchor title="go">Изменить<go href="" method="post">";
echo "<postfield name="for" value="$(for)"/>";
echo "<postfield name="pos" value="$(pos)"/>";
echo "<postfield name="f" value="$id"/>";
echo "<postfield name="mod" value="f23"/>";
echo "</go></anchor>";
echo $fs2;
echo "<br/>";
}else{
echo "<input type="submit" class="ibutton" value="Изменить" class="cp"><br /><br />";
}
echo "<img src="".H2."img/fd.gif" alt="[MODER]"/> <a href="".F."admin/f4/$id">Удалить форум</a><br /><br />"; }
echo $fs2;
break;
case "f23" :
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
break;
}
else
{
$for = check($for);
$pos = check($pos);
$for = substr( $for, 0, 50 );
if ($row["translit"]==1) $for = translit($for);
$q = @mysql_query( @"select `name` from `forum_sections` where name='$for' limit 1;" );
$prev = @mysql_fetch_array( @$q );
if ( empty( $for ) )
{ echo $fs1;
echo "<div>Вы не заполнили форум!</div>";
echo $fs2;
break;
}
else
{
$add = "UPDATE `forum_sections` SET name='".$for."', topic=0, time='".time( )."',pos='".$pos."' where id='".$id."';";
if ( mysql_query( $add ) )
{ echo $fs1;
echo "<div>Форум успешно изменен!</div>";
header("Location: ".F."");
mysql_query( "update `forum_sections` set time='".time( )."' where id='".$id."';" ); echo $fs2;
break;
}
else
{ echo $fs1;
$msg = "<div>Произошла ошибка...</div>";
echo $fs2;
break;
}
}
}
break;
case "f1" :
echo $fs1;
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
break;
}
else
{
$q = mysql_query( "select name from `forum_sections` where `id`='".$id."' ;" );
$sect = mysql_fetch_array( $q );
if ($wap==2||$wap==3) echo "<form action="" method="post">";
echo "Форум:<br/>";
echo "<input type="text" name="for" maxlength="150"/><br/>";
if ( $row['trans'] == 1 )
{
echo "<input name="tr" type="checkbox" value="1">Транслит<br/>";
}
echo "Положение:<br/>";
echo "<input type="text" name="pos" maxlength="150" value="{$sect['pos']}"/><br/>";
echo "<input type="hidden" name="f" value="$id"/>";
echo "<input type="hidden" name="mod" value="f2"/>";
if ($wap=="1"){
echo $fs1;
echo "<anchor title="go">Добавить<go href="" method="post">";
echo "<postfield name="for" value="$(for)"/>";
echo "<postfield name="pos" value="$(pos)"/>";
echo "<postfield name="f" value="$id"/>";
echo "<postfield name="mod" value="f2"/>";
echo "</go></anchor>";
echo $fs2;
echo "<br/>";
}else{
echo "<input type="submit" class="ibutton" value="Добавить" class="cp">";
} }
echo $fs2;
break;
case "f2" :
echo $fs1;
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
break;
}
else
{
$for = check($for);
$pos = check($pos);
$que = @mysql_query( "select * from `forum_sections` order by id;" );
$dtm = @mysql_fetch_array( @$que );
$id = $dtm['id'];
$f_name = $dtm['name'];
$nick = $row['user'];
$for = substr( $for, 0, 50 );
if ($row["translit"]==1) $for = translit($for);
$q = @mysql_query( @"select `name` from `forum_sections` where name='$for' limit 1;" );
$prev = @mysql_fetch_array( @$q );
if ( empty( $for ) )
{
echo "<div>Вы не заполнили форум!</div>";
break;
}
else
{
if ( $for == $prev['name'] )
{
echo "<div>Такой форум уже есть!</div>";
echo $fs2;
break;
}
else
{
$add = "Insert into forum_sections set name='".$for."', topic=0, time='".time( )."',pos='".$pos."'";
if ( mysql_query( $add ) )
{
echo "<div>Форум успешно добавленн!</div>";
header("Location: ".F."");
mysql_query( "update `forum_sections` set time='".time( )."' where id='".$id."';" ); echo $fs2;
break;
}
else
{
$msg = "<div>Произошла ошибка...</div>";
echo $fs2;
break;
}
}
}}
echo $fs2;
break;
/////////////////////
case "sf1" :
echo $fs1;
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
break;
}
else
{
if ($wap==2||$wap==3) echo "<form action="" method="post">";
echo "Раздел:<br/>";
echo "<input type="text" name="for" maxlength="150"/><br/>";
if ( $row['trans'] == 1 )
{
echo "<input name="tr" type="checkbox" value="1">Транслит<br/>";
}
echo "Положение:<br/>";
echo "<input type="text" name="pos" maxlength="150" value="{$sect['pos']}"/><br/>";
echo "<input type="hidden" name="f" value="$id"/>";
echo "<input type="hidden" name="mod" value="sf2"/>";
if ($wap=="1"){
echo $fs1;
echo "<anchor title="go">Добавить<go href="" method="post">";
echo "<postfield name="for" value="$(for)"/>";
echo "<postfield name="pos" value="$(pos)"/>";
echo "<postfield name="f" value="$id"/>";
echo "<postfield name="mod" value="sf2"/>";
echo "</go></anchor>";
echo $fs2;
echo "<br/>";
}else{
echo "<input type="submit" class="ibutton" value="Добавить" class="cp">";
} }
echo $fs2;
break;
case "sf2" :
echo $fs1;
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
break;
}
else
{
$for = check($for);
$pos = check($pos);
$que = @mysql_query( "select * from `forum_subfor` order by id;" );
$dtm = @mysql_fetch_array( @$que );
$f_name = $dtm['name'];
$nick = $row['user'];
$for = substr( $for, 0, 50 );
if ($row["translit"]==1) $for = translit($for);
$q = @mysql_query( @"select `name` from `forum_subfor` where name='$for' and section='$id' limit 1;" );
$prev = @mysql_fetch_array( @$q );
if ( empty( $for ) )
{
echo "<div>Вы не заполнили раздел!</div>";
break;
}
else
{
if ( $for == $prev['name'] )
{
echo "<div>Такой раздел уже есть!$id</div>";
echo $fs2;
break;
}
else
{
$add = "Insert into forum_subfor set name='".$for."', section='".$id."',pos='".$pos."'";
if ( mysql_query( $add ) )
{
echo "Раздел успешно добавленн!";
header("Location: ".F."subfs/$id/end");
mysql_query( "update `forum_sections` set time='".time( )."' where id='".$id."';" ); echo $fs2;
break;
}
else
{
$msg = "<div>Произошла ошибка...</div>";
echo $fs2;
break;
}
}
}}
echo $fs2;
break;
case "sf3" :
echo $fs1;
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
}
else
{
$q = mysql_query( "select * from `forum_subfor` where `id`='".$id."' ;" );
$sect = mysql_fetch_array( $q );
if ($wap==2||$wap==3) echo "<form action="" method="post">";
echo "Переименовать раздел:<br/>";
echo "<input type="text" name="for" maxlength="150" value="{$sect['name']}"/><br/>";
if ( $row['trans'] == 1 )
{
echo "<input name="tr" type="checkbox" value="1">Транслит<br/>";
}
echo "Положение:<br/>";
echo "<input type="text" name="pos" maxlength="150" value="{$sect['pos']}"/><br/>";
echo "<input type="hidden" name="f" value="$id"/>";
echo "<input type="hidden" name="sf" value="$id"/>";
echo "<input type="hidden" name="mod" value="sf23"/>";
if ($wap=="1"){
echo $fs1;
echo "<anchor title="go">Изменить<go href="" method="post">";
echo "<postfield name="for" value="$(for)"/>";
echo "<postfield name="pos" value="$(pos)"/>";
echo "<postfield name="f" value="$id"/>";
echo "<postfield name="sf" value="$id"/>";
echo "<postfield name="mod" value="sf23"/>";
echo "</go></anchor>";
echo $fs2;
echo "<br/>";
}else{
echo "<input type="submit" class="ibutton" value="Изменить" class="cp"><br /><br />";
}
echo "<img src="".H2."img/fd.gif" alt="[MODER]"/> <a href="".F."admin/sf4/$id">Удалить раздел</a><br /><br />"; }
echo $fs2;
break;
case "sf23" :
$que = @mysql_query( "select * from `forum_subfor` where id='$id';" );
$dtm = @mysql_fetch_array( @$que );
$s_name = $dtm['name'];
$f = $dtm['section'];
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
break;
}
else
{
$for = check( $for );
$for = substr( $for, 0, 50 );
if ($row["translit"]==1) $for = translit($for);
$q = @mysql_query( @"select `name` from `forum_subfor` where name='$for' limit 1;" );
$prev = @mysql_fetch_array( @$q );
if ( empty( $for ) )
{ echo $fs1;
echo "<div>Вы не заполнили раздел!</div>";
echo $fs2;
break;
}
else
{
$add = "UPDATE `forum_subfor` SET name='".$for."',pos='".$pos."' where id='".$id."';";
if ( mysql_query( $add ) )
{ echo $fs1;
echo "<div>Форум успешно изменен!</div>";
header("Location: ".F."subfs/".$f."");
mysql_query( "update `forum_sections` set time='".time( )."' where id='".$id."';" ); echo $fs2;
break;
}
else
{ echo $fs1;
$msg = "<div>Произошла ошибка...</div>";
echo $fs2;
break;
}
}
}
break;
case "sf4" :
$que = @mysql_query( "select * from `forum_subfor` where id='$id';" );
$dtm = @mysql_fetch_array( @$que );
$s_name = $dtm['name'];
$f = $dtm['section'];
echo $fs1;
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
}
else
{
mysql_query( "delete from forum_message where subfor='{$id}';" );
mysql_query( "delete from forum_topic where subfor='{$id}';" );
mysql_query( "delete from forum_subfor where id='{$id}';" );
echo "<div>Раздел удален!</div>";
header("Location: ".F."subfs/".$f."");
echo $fs2;
}
break;
//////////////////
case "s7" :
$q1 = @mysql_query( @"select * from `forum_topic` where `id`='".$id."' ;" );
$topic = @mysql_fetch_array(@$q1);
$t_name = $topic ['name'];
$f = $topic ['section'];
$sf = $topic ['subfor'];
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
break;
}
else
{
$q1 = @mysql_query( @"select * from `forum_topic` where `id`='".$id."' ;" );
$topic = @mysql_fetch_array( @$q1 );
if ($topic['close'] == 1)
{
echo "<a href="".F."admin/o2/$id/end">Открыть</a>|";
}
else
{
echo "<a href="".F."admin/o1/$id/end">Закрыть</a>|";
}
if ($topic['zak'] == 0)
{
echo "<a href="".F."admin/zak1/and">Закрепить</a>|";
}else{
echo "<a href="".F."admin/zak2/$id/end">Открепить</a>|"; }
echo "<a href="".F."admin/d2/$id/end">Удалить</a><br/><br />";
if ($wap==2||$wap==3){echo "<form method="post" action="".F."admin/s9/$id" name="auth">"; }
echo "Переименовать:<br />";
echo "<input type="text" name="name" maxlength="150" value="".$topic['name'].""/><br/>";
echo "<input class="ibutton" value="Переименовать" type="submit" /><br /><br />";
if ($wap==2||$wap==3){echo "</form><form method="post" action="".F."admin/s8/$id" name="auth">"; }
echo "Переместить тему <b>".$topic['name']."</b> в раздел:<br />";
echo "<select name="razdel">";
$q = mysql_query("SELECT * FROM `forum_subfor` ORDER BY `pos` ASC");
while ($forums = mysql_fetch_array($q))
{$q2 = mysql_query("SELECT * FROM `forum_sections` where id='".$forums['section']."'");
$forums2 = mysql_fetch_array($q2);
echo "<option value="$forums[id]">$forums2[name]/$forums[name]</option>";
}
echo "</select><br/>";
echo "<input class="ibutton" value="Переместить" type="submit" /></form><br />";
}
break;
case "s8" :
$q1 = @mysql_query( @"select * from `forum_topic` where `id`='".$id."' ;" );
$topic = @mysql_fetch_array(@$q1);
$t_name = $topic ['name'];
$f = $topic ['section'];
$sf = $topic ['subfor'];
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
break;
}
else
{
$q = mysql_query("SELECT * FROM `forum_subfor` where id='".$razdel."'");
$forums = mysql_fetch_array($q);
$q2 = mysql_query("SELECT * FROM `forum_sections` where id='".$forums['section']."'");
$forums2 = mysql_fetch_array($q2);
if (mysql_query("Update forum_topic set subfor='".$razdel."', section='".$forums2['id']."' where id ='".$id."'"))
{$posts = @mysql_query("SELECT * FROM forum_message WHERE `topic` = '".$id."';");
while($post = mysql_fetch_array($posts))
{
mysql_query("Update forum_message set subfor='".$razdel."', section='".$forums2['id']."' where id ='".$post['id']."'");
}
echo $fs1;
$msg = "Тема перемещена в <a href="".F."admin/".$razdel."&f=".$forums2['id']."&mod=temes">".$forums2['name']."/".$forums['name']."</a><br/>";
header("Location: ".F."temes/".$razdel."");
echo $fs2;
}
else
{ echo $fs1;
$msg = "Произошла ошибка...<br />";
echo $fs2;
}
echo "<div>{$msg}</div>";
}
break;
case "s9" :
$q1 = @mysql_query( @"select * from `forum_topic` where `id`='".$id."' ;" );
$topic = @mysql_fetch_array(@$q1);
$t_name = $topic ['name'];
$f = $topic ['section'];
$sf = $topic ['subfor'];
if ( $row['level'] < 7 )
{
echo "<div>Доступ закрыт!</div>";
break;
}
else
{
$q = mysql_query("SELECT * FROM `forum_sections` where id='".$razdel."'");
$forums = mysql_fetch_array($q);
if (mysql_query("Update forum_topic set name='".$name."' where id ='".$id."'"))
{
echo $fs1;
$msg = "Тема переименована!</a><br/>";
echo $fs2;
}
echo "<div>{$msg}</div>";
header("Location: ".F."temes/$sf");
}
break;
case "zak1" :
$q1 = @mysql_query( @"select * from `forum_topic` where `id`='".$id."' ;" );
$topic = @mysql_fetch_array(@$q1);
$t_name = $topic ['name'];
$f = $topic ['section'];
$sf = $topic ['subfor'];
if ( mysql_query( "Update forum_topic set zak='1' where id ='".$id."'" ) )
{ echo $fs1;
$msg = "Тема закреплена!<br /><br/>";
header("Location: ".F."tema/$id/$page");
echo $fs2;
}
else
{ echo $fs1;
$msg = "Произошла ошибка...<br /><a href="./?f={$id}&t={$id}&mod=tema">В Тему</a><br/>";
echo $fs2;
}
echo "<div>{$msg}</div>";
break;
case "zak2" :
$q1 = @mysql_query( @"select * from `forum_topic` where `id`='".$id."' ;" );
$topic = @mysql_fetch_array(@$q1);
$t_name = $topic ['name'];
$f = $topic ['section'];
$sf = $topic ['subfor'];
if ( mysql_query( "Update forum_topic set zak='0' where id ='".$id."'" ) )
{ echo $fs1;
$msg = "Тема откреплена!<br /><a href="./?f={$id}&t={$id}&mod=tema">В Тему</a><br/>";
header("Location: ".F."tema/$id/$page");
echo $fs2;
}
else
{ echo $fs1;
$msg = "Произошла ошибка...<br /><a href="./?f={$id}&t={$id}&mod=tema">В Тему</a><br/>";
echo $fs2;
}
echo "<div>{$msg}</div>";
break;
case "d2" :
$q1 = @mysql_query( @"select * from `forum_topic` where `id`='".$id."' ;" );
$topic = @mysql_fetch_array(@$q1);
$t_name = $topic ['name'];
$f = $topic ['section'];
$sf = $topic ['subfor'];
if ( $row['level'] < 6 )
{ echo $fs1;
echo "<div>Доступ закрыт!<br /><a href="./?f={$id}&t={$id}&mod=tema">В Тему</a><br/></div>";
echo $fs2;
break;
}
else
{
if ( mysql_query( "delete from forum_message where topic='{$id}';" ) )
{ echo $fs1;
echo "<div>Все сообщения удалены!</div>";
if ( mysql_query( "delete from forum_topic where id='{$id}';" ) )
{
echo "<div>Тема удалена!<br /><br/></div>";
header("Location: ".F."temes/$sf/$page");
echo $fs2;
break;
}
else
{ echo $fs1;
echo "<div>Невозможно удалить тему...<br /><a href="./?f={$id}&t={$id}&mod=tema">В Тему</a><br/></div>";
echo $fs2;
break;
}
}
else
{ echo $fs1;
echo "<div>Невозможно удалить сообщения в теме...<br /><a href="./?f={$id}&t={$id}&mod=tema">В Тему</a><br/></div>";
echo $fs2;
break;
}
}
case "o1" :
$q1 = @mysql_query( @"select * from `forum_topic` where `id`='".$id."' ;" );
$topic = @mysql_fetch_array(@$q1);
$t_name = $topic ['name'];
$f = $topic ['section'];
$sf = $topic ['subfor'];
if ( mysql_query( "Update forum_topic set close='1' where id ='".$id."'" ) )
{ echo $fs1;
$msg = ".temazakr. Тема закрыта для обсуждения!";
echo $fs2;
$add = "Insert into forum_message set topic='".$id."', login ='".$row['id']."', msg='".$msg."',time='".time()."', section='".$f."', subfor = '".$sf."'";
if (mysql_query($add))
{ }
}
echo "<div>{$msg}</div>";
header("Location: ".F."tema/$id/$page");
break;
case "o2" :
$q1 = @mysql_query( @"select * from `forum_topic` where `id`='".$id."' ;" );
$topic = @mysql_fetch_array(@$q1);
$t_name = $topic ['name'];
$f = $topic ['section'];
$sf = $topic ['subfor'];
echo $fs1;
if ( mysql_query( "Update forum_topic set close='0' where id ='".$id."'" ) )
{$msg = ".temaotkr. Тема открыта для обсуждения!";
echo $fs2;
$add = "Insert into forum_message set topic='".$id."', login ='".$row['id']."', msg='".$msg."',time='".time()."', section='".$f."', subfor = '".$sf."'";
if (mysql_query($add))
{ }
$msg = "Тема открыта!<br /><a href="./?f={$id}&t={$id}&mod=tema">В Тему</a><br/>";
}
else
{
$msg = "Произошла ошибка...<br /><a href="./?f={$id}&t={$id}&mod=tema">В Тему</a><br/>";
}
echo "<div>{$msg}</div>";
header("Location: ".F."tema/$id/$page");
echo $fs2;
break;
}
}else{echo "Доступ закрыт!";
}
echo $fs1;
if($mod) {echo "<br />$div1<img src="".H2."img/naz.gif" alt="[N]"/> <a href="".F."">Форумы</a>$div9";}
echo "$div1<img src="".H2."img/naz.gif" alt="[N]"/> <a href="".H2."enter.php">На Главную</a>$div9";
foot();
exit;
?>