Файл: panel/users.php
Строк: 156
<?php
// by Mike O. (mides), coolcms.org
require_once '../includes/sys.php';
require_once '../includes/auth_a.php';
require_once '../includes/header.php';
if (!access(3)) {
redirect(HTTPHOME);
}
switch ($act) {
default:
tp('<a href="./">АДМ</a>» Юзеры');
echo '<div class="body">';
$users = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users`"), 0);
$users_e0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `email_ver` = 0"), 0);
$users0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
echo '• <b>Все ('.$users.')</b> / <a href="?act=email_ver">Не подтвердили E-mail ('.$users_e0.')</a> / <a href="?act=nonact">Неактивир. ('.$users0.')</a> <br /><br />';
echo 'Введите логин или букву:<br /><form name="form" action="?act=sort" method="post">
<input name="q" type="text" maxlength="12" size="10" /><br />
<input name="submit" type="submit" value="Поиск" />
</form><br />';
echo '<a href="?act=sort&q=">Все</a> / <a href="?act=sort&q=1">0-9</a> / <a href="?act=sort&q=a">A</a> / <a href="?act=sort&q=b">B</a> / <a href="?act=sort&q=c">C</a> / <a href="?act=sort&q=d">D</a> / <a href="?act=sort&q=e">E</a> / <a href="?act=sort&q=f">F</a> / <a href="?act=sort&q=g">G</a> / <a href="?act=sort&q=h">H</a> / <a href="?act=sort&q=i">I</a> / <a href="?act=sort&q=j">J</a> / <a href="?act=sort&q=k">K</a> / <a href="?act=sort&q=l">L</a> / <a href="?act=sort&q=m">M</a> / <a href="?act=sort&q=n">N</a> / <a href="?act=sort&q=o">O</a> / <a href="?act=sort&q=p">P</a> / <a href="?act=sort&q=q">Q</a> / <a href="?act=sort&q=r">R</a> / <a href="?act=sort&q=s">S</a> / <a href="?act=sort&q=t">T</a> / <a href="?act=sort&q=u">U</a> / <a href="?act=sort&q=v">V</a> / <a href="?act=sort&q=w">W</a> / <a href="?act=sort&q=x">X</a> / <a href="?act=sort&q=y">Y</a> / <a href="?act=sort&q=z">Z</a><br /><br />
<a href="./">В админку</a>
</div>';
break;
case 'sort':
if (isset($_POST['q'])) {
$q = check(strtolower($_POST['q']));
} else {
$q = check(strtolower($_GET['q']));
}
if (isset($q)) {
if ($q == 1) {
$search = "RLIKE '^[-0-9]'";
} else {
$search = "LIKE '$q%'";
}
}
$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE LOWER(`username`) ".$search.";"), 0);
$pages = ceil($total / $config['onpage']);
if ($page > $pages or $page == 0) {
$page = 1;
}
$begin = ($page - 1) * $config['onpage'];
tp('<a href="./">АДМ</a>» <a href="?">Юзеры</a>');
echo '<div class="body"><form name="form" action="?act=sort" method="post">
<input name="q" type="text" maxlength="12" size="10" /><br />
<input name="submit" type="submit" value="Поиск" />
</form>';
$users_r = mysql_query("SELECT `id`, `karma` FROM `users` WHERE LOWER(`username`) ".$search." ORDER BY `karma` DESC LIMIT $begin, $config[onpage]");
while ($user = mysql_fetch_assoc($users_r)) {
echo '<a href="../other/profile.php?id='.$user['id'].'">'.username($user['id'], 2).'</a> (<a href="?act=edit&id='.$user['id'].'">ред</a>/<a href="?act=del&id='.$user['id'].'">DEL</a>)<br />';
}
navig($page, '?act=sort&', $pages);
nav('?');
break;
case 'edit':
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$id'"));
if ($user['id']) {
if ($ok) {
$email = check($_POST['email']);
$access = abs(intval($_POST['access']));
switch ($access) {
default: $access = $user['access']; break;
case '1': $access = 1; break;
case '2': $access = 2; break;
case '3': $access = 3; break;
case '4': $access = 0; break;
}
$icq = abs(intval($_POST['icq']));
$skype = check($_POST['skype']);
$name = check($_POST['name']);
$gender = abs(intval($_POST['gender']));
$from = check($_POST['from']);
$birthday = check($_POST['birthday']);
$site = check($_POST['site']);
$about = check($_POST['about']);
mysql_query("UPDATE `users` SET `email` = '$email', `access` = '$access', `icq` = '$icq', `skype` = '$skype', `name` = '$name', `gender` = '$gender', `from` = '$from', `birthday` = '$birthday', `site` = '$site', `about` = '$about' WHERE `id` = '$id'");
redirect('?act=edit&id='.$id);
} else {
echo '<div class="title"><a href="?">Юзеры</a>» Ред-ть <a href="../other/profile.php?id='.$user['id'].'">'.$user['username'].'</a></div>';
echo '<div class="body"><form name="form" action="?act=edit&id='.$id.'&ok=1" method="post">
<u>'.access2($user['id']).' </u>
<select name="access">
<option value="0">Не изменять</option>';
if ($user['access'] < 4) {
echo '<option value="4">Пользователь</option>
<option value="1">Куратор</option>
<option value="2">Модератор</option>
<option value="3">Администратор</option>';
}
echo '</select><br />
E-mail(max50):<br /><input name="email" type="text" maxlength="50" value="'.$user['email'].'" /><br />
ICQ(max9):<br /><input name="icq" type="text" maxlength="9" value="'.$user['icq'].'" /><br />
Skype(max32):<br /><input name="skype" type="text" maxlength="32" value="'.$user['skype'].'" /><br />
Имя(max20):<br /><input name="name" type="text" maxlength="20" value="'.$user['name'].'" /><br />
Пол: ';
switch ($user['gender']) {
case '1': echo 'муж<input name="gender" type="radio" value="1" checked /> <input name="gender" type="radio" value="2" />жен'; break;
case '2': echo 'муж<input name="gender" type="radio" value="1" /> <input name="gender" type="radio" value="2" checked />жен'; break;
default: echo 'муж<input name="gender" type="radio" value="1" /> <input name="gender" type="radio" value="2" />жен'; break;
}
echo '<br />
Откуда(max25):<br /><input name="from" type="text" maxlength="25" value="'.$user['from'].'" /><br />
Дата рождения (дд.мм.гггг):<br /><input name="birthday" type="text" maxlength="25" value="'.$user['birthday'].'" /><br />
Wap-сайт(<del>http://</del>, max20):<br /><input name="site" type="text" maxlength="20" value="'.$user['site'].'" /><br />
О себе(max250):<br /><textarea name="about" cols="" rows="3">'.$user['about'].'</textarea><br />
<input name="submit" type="submit" value="Ok" />
</form>';
nav('?');
}
} else {
redirect('?');
}
break;
case 'del':
if ($id !== 1) {
if ($ok) {
mysql_query("DELETE FROM `voting` WHERE `type` = 'profile' and `id_for` = '$id'");
mysql_query("DELETE FROM `users` WHERE `id` = '$id'");
$_SESSION['note'] = 'Юзер удален';
redirect('?');
} else {
tp('Подтвердите, пожалуйста');
echo '<div class="body">
Вы действительно хотите удалить <b>'.username($id, 2).'</b>?
<form name="form" action="?act=del&id='.$id.'&ok=1" method="post">
<input name="submit" type="submit" value="Да" />
</form>';
nav('?');
}
} else {
$_SESSION['note'] = 'Нельзя удалить создателя';
redirect('?');
}
break;
case 'email_ver':
$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
$pages = ceil($total / $config['onpage']);
if ($page > $pages or $page == 0) {
$page = 1;
}
$begin = ($page - 1) * $config['onpage'];
tp('<a href="./">АДМ</a>» Юзеры</a>');
echo '<div class="body">';
$users = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users`"), 0);
$users_e0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `email_ver` = 0"), 0);
$users0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
echo '• <a href="?">Все ('.$users.')</a> / <b>Не подтвердили E-mail ('.$users_e0.')</b> / <a href="?Act=nonact">Неактивир. ('.$users0.')</a> <br /><br />';
note();
$users_r = mysql_query("SELECT `id`, `karma` FROM `users` WHERE `email_ver` = 0 ORDER BY `regtime` LIMIT $begin, $config[onpage]");
while ($user = mysql_fetch_assoc($users_r)) {
echo '<a href="../other/profile.php?id='.$user['id'].'">'.username($user['id'], 2).'</a> (<a href="?act=email_ver&id='.$user['id'].'">Подтв.</a>/<a href="?act=del&id='.$user['id'].'">DEL</a>)<br />';
}
navig($page, '?act=nonact&', $pages);
echo '<br /><a href="?act=prove_all">Подтвердить E-mail всем</a><br /><a href="./">В админку</a>
</div>';
if ($id) {
mysql_query("UPDATE `users` SET `email_ver` = 1 WHERE `id` = '$id'");
redirect('?act=email_ver');
}
if ($_GET['prove_all']) {
mysql_query("UPDATE `users` SET `email_ver` = 1 WHERE `email_ver` != 1");
}
break;
case 'nonact':
$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
$pages = ceil($total / $config['onpage']);
if ($page > $pages or $page == 0) {
$page = 1;
}
$begin = ($page - 1) * $config['onpage'];
tp('<a href="./">АДМ</a>» Юзеры</a>');
echo '<div class="body">';
$users = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users`"), 0);
$users_e0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `email_ver` = 0"), 0);
$users0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
echo '• <a href="?">Все ('.$users.')</a> / <a href="?act=email_ver">Не подтвердили E-mail ('.$users_e0.')</a> / <b>Неактивир. ('.$users0.')</b> <br /><br />';
note();
$users_r = mysql_query("SELECT `id`, `karma` FROM `users` WHERE `ok` = 0 ORDER BY `regtime` LIMIT $begin, $config[onpage]");
while ($user = mysql_fetch_assoc($users_r)) {
echo '<a href="../other/profile.php?id='.$user['id'].'">'.username($user['id'], 2).'</a> (<a href="?act=useract&id='.$user['id'].'">Акт</a>/<a href="?act=del&id='.$user['id'].'">DEL</a>)<br />';
}
navig($page, '?act=nonact&', $pages);
echo '<br /><a href="?act=useract_all">Актив. всех</a><br /><a href="./">В админку</a>
</div>';
break;
case 'useract':
mysql_query("UPDATE `users` SET `ok` = 1 WHERE `id` = '$id'");
$_SESSION['note'] = 'Активирован.';
redirect('?act=nonact');
break;
case 'useract_all':
mysql_query("UPDATE `users` SET `ok` = 1");
$_SESSION['note'] = 'Все были активированы.';
redirect('?act=nonact');
break;
}
require_once '../includes/tail.php';
?>