Файл: modules/user/rank.php
Строк: 95
<?php
/****
* @package LiveCMS
* @link livecms.org
* @author MyZik
* @version See attached file VERSION.txt
* @license See attached file LICENSE.txt
* @copyright Copyright (C) LiveCMS Development Team
****/
$lang_pe = load_lng('profile_edit'); // Подключаем файл языка
$title = $lang_pe['rank']; // Заголовок страницы
$module = 'edit'; // Модуль
/**
* Проверка наличия авторизации
**/
if (!isset($user)) {
require_once(HOME .'/incfiles/header.php');
echo '<div class="error">' . $lang['only_users'] . '</div>';
echo '<div class="home">' .
'<img src="/design/themes/' . $set_user['theme'] . '/images/back.png" alt="" /> <a href="/index.php">' . $lang['back'] . '</a>' .
'</div>';
require_once(HOME .'/incfiles/footer.php');
}
/**
* Проверяем, верен ли заданный параметр
**/
if (!is_numeric($_GET['id'])) {
require_once(HOME .'/incfiles/header.php');
echo '<div class="error">' . $lang['error_parameter'] . '</div>';
echo '<div class="home">' .
'<img src="/design/themes/' . $set_user['theme'] . '/images/back.png" alt="" /> <a href="/index.php">' . $lang['back'] . '</a>' .
'</div>';
require_once(HOME .'/incfiles/footer.php');
}
$ID = num($_GET['id']);
/**
* Проверяем, существует ли юзер
**/
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `id` = '$ID'"), 0) == 0) {
require_once(HOME .'/incfiles/header.php');
echo '<div class="error">' . $lang_pe['user_not_exists'] . '</div>';
echo '<div class="home">' .
'<img src="/design/themes/' . $set_user['theme'] . '/images/back.png" alt="" /> <a href="/index.php">' . $lang['back'] . '</a>' .
'</div>';
require_once(HOME .'/incfiles/footer.php');
}
/**
* Проверяем, чей профиль редактируем
**/
if ($ID == $user['id']) {
require_once(HOME .'/incfiles/header.php');
echo '<div class="error">' . $lang_pe['error_user'] . '</div>';
echo '<div class="home">' .
'<img src="/design/themes/' . $set_user['theme'] . '/images/back.png" alt="" /> <a href="/index.php">' . $lang['back'] . '</a>' .
'</div>';
require_once(HOME .'/incfiles/footer.php');
}
$profile = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '" . $ID . "'")); // получаем данные пользователя
/**
* Если пытаемся редактировать чужой профиль, проверяем права доступа
**/
if (($user['rights'] < 9) || ($user['rights'] >= 9 && $user['rights'] <= $profile['rights'])) {
require_once(HOME .'/incfiles/header.php');
echo '<div class="error">' . $lang_pe['error_rights'] . '</div>';
require_once(HOME .'/incfiles/footer.php');
}
require_once(HOME .'/incfiles/header.php'); // Подключаем шапку
/**
* Небольшая панель навигации
**/
echo '<div class="title"><a href="edit.php' . ($ID != $user['id'] ? '&id=' . $ID . '' : '') . '">' . $lang_pe['edit_profile'] . ($ID != $user['id'] ? ' "' . $profile['login'] . '"' : '') . '</a> | <b>' . $lang_pe['rank'] . '</b></div>';
/**
* Сохраняем данные
**/
if (isset($_POST['save'])) {
$profile['rights'] = (isset($_POST['rights']) ? intval($_POST['rights']) : 0);
mysql_query("UPDATE `users` SET `rights` = '" . $profile['rights'] . "' WHERE `id` = '$ID' LIMIT 1");
echo display_message($lang_pe['set_rights_success']);
}
/**
* Форма
**/
echo '<div class="main"><form method="post" action="rank.php?id=' . $ID . '">' .
$lang_pe['select_rights'] . ':<br />' .
'<input type="radio" name="rights" value="0" ' . ($profile['rights'] == 0 ? 'checked="checked" ' : '') . '/> ' . $lang_pe['rank_0'] . '<br />' .
'<input type="radio" name="rights" value="2" ' . ($profile['rights'] == 2 ? 'checked="checked" ' : '') . '/> ' . $lang_pe['rank_2'] . '<br />' .
'<input type="radio" name="rights" value="3" ' . ($profile['rights'] == 3 ? 'checked="checked" ' : '') . '/> ' . $lang_pe['rank_3'] . '<br />' .
'<input type="radio" name="rights" value="7" ' . ($profile['rights'] == 7 ? 'checked="checked" ' : '') . '/> ' . $lang_pe['rank_7'] . '<br />';
if ($user['rights'] > 8)
echo '<input type="radio" name="rights" value="8" ' . ($profile['rights'] == 8 ? 'checked="checked" ' : '') . '/> ' . $lang_pe['rank_8'] . '<br />';
if ($user['rights'] == 10)
echo '<input type="radio" name="rights" value="10" ' . ($profile['rights'] == 10 ? 'checked="checked" ' : '') . '/> ' . $lang_pe['rank_10'] . '<br />';
echo '<input type="submit" name="save" value="' . $lang['save'] . '" />' .
'</form></div>';
require_once(HOME .'/incfiles/footer.php'); // Подключаем ноги
?>