Файл: modules/acp/users.php
Строк: 131
<?php
switch ($act) {
case 'users';
$total = DB::run()->querySingle("select count(`id`) from `users`;");
if ($total)
{
require_once 'core/navsetvars.php';
$query = DB::run()->query("select * from `users` order by `id` DESC limit $start, $config[ipp];");
}
$config['newtitle'] = $lang['User_List'];
$tpl['title'] = '<a href="/acp">'.$lang['ACP'].'</a> » '.$lang['User_List'];
$tpl['file'] = 'acp_users';
require_once 'core/header.php';
break;
case 'users_edituser':
$user = DB::run()->queryFetch("select * from `users` where `id` = ?;", array($id));
if ($user)
{
$name = isset($_POST['name']) ? check($_POST['name']) : FALSE;
$gender = isset($_POST['gender']) ? abs(intval($_POST['gender'])) : FALSE;
$location = isset($_POST['location']) ? check($_POST['location']) : FALSE;
$website = isset($_POST['website']) ? check($_POST['website']) : FALSE;
$skype = isset($_POST['skype']) ? check($_POST['skype']) : FALSE;
$icq = isset($_POST['icq']) ? check($_POST['icq']) : FALSE;
$jabber = isset($_POST['jabber']) ? check($_POST['jabber']) : FALSE;
if ($name or $gender or $location or $website or $skype or $icq or $jabber)
{
if (!in_array($gender, array(0, 1, 2)))
{
$gender = 0;
}
DB::run()->query("update `users` set
`name` = ?,
`gender` = ?,
`location` = ?,
`website` = ?,
`skype` = ?,
`icq` = ?,
`jabber` = ?
where `id` = ?;", array(
$name,
$gender,
$location,
$website,
$skype,
$icq,
$jabber,
$user['id']
));
$_SESSION['note'] = $lang['All_Changes_Saved'];
redirect('/acp/users/edituser'.$user['id']);
}
$config['newtitle'] = $lang['User_List'];
$tpl['title'] = '<a href="/acp">'.$lang['ACP'].'</a> » '.$lang['User_List'];
$tpl['file'] = 'acp_users_edituser';
require_once 'core/header.php';
}
else
{
redirect('/acp/users');
}
break;
case 'users_edituserlevels':
$user = DB::run()->queryFetch("select * from `users` where `id` = ?;", array($id));
if ($user)
{
$access = isset($_POST['access']) ? check($_POST['access']) : FALSE;
$f_select_all = isset($_POST['f_select_all']) ? 1 : FALSE;
$fcategid = isset($_POST['fcategid']) ? check($_POST['fcategid']) : FALSE;
if ($access or $f_select_all or $fcategid)
{
$accessString = FALSE;
foreach ($access as $value)
{
$accessString .= $value.',';
}
if ($f_select_all)
{
$queryfcategs = DB::run()->query("select `id` from `forum_categs`;");
while ($fcateg = $queryfcategs->Fetch())
{
$accessString .= 'forum'.$fcateg['id'].',';
}
}
else
{
foreach ($fcategid as $value)
{
$accessString .= 'forum'.$value.',';
}
}
DB::run()->query("update `users` set `access` = ? where `id` = ?;", array($accessString, $user['id']));
$_SESSION['note'] = $lang['All_Changes_Saved'];
redirect('/acp/users/edituser'.$user['id'].'/levels');
}
$config['newtitle'] = $user['username'];
$tpl['title'] = '<a href="/acp">'.$lang['ACP'].'</a> » '.$lang['User_List'];
$tpl['file'] = 'acp_users_edituser_levels';
require_once 'core/header.php';
}
else
{
redirect('/acp/users');
}
break;
case 'users_banuser':
$user = DB::run()->queryFetch("select * from `users` where `id` = ?;", array($id));
if ($user && $user['id'] != $u['id'] && $user['id'] != 1)
{
$ban = DB::run()->queryFetch("select `id` from `bans` where `userid` = ? and `active` = 1;", array($user['id']));
if (!$ban)
{
$reason = isset($_POST['reason']) ? check($_POST['reason']) : FALSE;
$until = isset($_POST['until']) ? abs(intval($_POST['until'])) : 1;
if ($reason && $until)
{
$until = TIME + $until * 86400;
DB::run()->query("insert into `bans` set `userid` = ?, `userid_by` = ?, `reason` = ?, `time` = ?, `exp` = ?, `active` = ?;", array($user['id'], $u['id'], $reason, TIME, $until, 1));
redirect('/user'.$user['id']);
}
}
$config['newtitle'] = $lang['Ban_a_user'];
$tpl['title'] = '<a href="/acp">'.$lang['ACP'].'</a> » '.$lang['Ban_a_user'];
$tpl['file'] = 'acp_users_banuser';
require_once 'core/header.php';
}
else
{
redirect('/acp/users');
}
break;
case 'users_unbanuser':
$user = DB::run()->queryFetch("select * from `users` where `id` = ?;", array($id));
if ($user && $user['id'] != $u['id'] && $user['id'] != 1)
{
$ban = DB::run()->queryFetch("select `id` from `bans` where `userid` = ? and `active` = 1;", array($user['id']));
if ($ban)
{
DB::run()->query("update `bans` set `active` = 0;");
redirect('/user'.$user['id']);
}
}
else
{
redirect('/acp/users');
}
break;
case 'users_deluser':
$user = DB::run()->queryFetch("select * from `users` where `id` = ?;", array($id));
if ($user && $user['id'] != $u['id'] && $user['id'] != 1)
{
$confirm = isset($_POST['confirm']) ? 1 : FALSE;
if ($confirm)
{
DB::run()->query("delete from `bans` where `userid` = ?;", array($user['id']));
DB::run()->query("delete from `forum_threads_visits` where `userid` = ?;", array($user['id']));
DB::run()->query("delete from `online` where `userid` = ?;", array($user['id']));
$users_querypm = DB::run()->query("select * from `pm` where `recipientid` = ? or `senderid` = ?;", array($user['id'], $user['id']));
while ($users_pm = $users_querypm->Fetch())
{
DB::run()->query("delete from `pm_posts` where `pmid` = ?;", array($users_pm['id']));
DB::run()->query("delete from `pm` where `id` = ?;", array($users_pm['id']));
}
DB::run()->query("delete from `users` where `id` = ?;", array($user['id']));
}
$config['newtitle'] = $lang['Confirm_deletion'];
$tpl['file'] = 'confirm';
require_once 'core/header.php';
}
else
{
redirect('/acp/users');
}
break;
}