Файл: admin/user_block.php
Строк: 135
<?
////////////////////////////////////////
///// Основа ApiCMS //////
///// Автор биллинга - IvanDanilov /////
///// Автор биллинга - IvanDanilov /////
///// ICQ 936545, mail: KyberID@ya.ru //
////////////////////////////////////////
/////////////////////////////////////////
$title = 'Блокировка пользователя';
require_once '../api_core/apicms_system.php';
require_once '../api_core/head.php';
/////////////////////////////////////////
if ($user['level'] < 1) header('location: ../');
if ($user['level'] == 1 or $user['level'] == 2){
/////////////////////////////////////////
if (isset($_GET['id']))$ank['id']=intval($_GET['id']);else{
header("Location: /index.php");
exit;
}
/////////////////////////////////////////
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `id` = '$ank[id]' LIMIT 1"),0)==0){
header("Location: /index.php");
exit;
}
/////////////////////////////////////////
if ($user['level'] < 1){
header("Location: /index.php");
exit;
}
$ank=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$ank[id]' LIMIT 1"));
/////////////////////////////////////////
if (isset($_GET['unset']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_ban` WHERE `ank_ban` = '$ank[id]' AND `id` = '".intval($_GET['unset'])."'"),0)){
$block_inf=mysql_fetch_assoc(mysql_query("SELECT * FROM `users_ban` WHERE `ank_ban` = '$ank[id]' AND `id` = '".intval($_GET['unset'])."'"));
$ank2=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$block_inf[ank_ban]' LIMIT 1"));
$min_block = $ank2['block_count']-1;
if ($user['level']>=1){
mysql_query("UPDATE `users_ban` SET `time` = '".time()."' WHERE `id` = '".intval($_GET['unset'])."' LIMIT 1");
mysql_query("UPDATE `users` SET `block_count` = '$min_block', `block_time` = '$time' WHERE `id` = '".intval($_GET['unset'])."' LIMIT 1");
echo '<div class="content"><center>Пользователь успешно разблокирован</center></div>';
}
else
echo '<div class="content"><center>У вас нет соответствующих прав</center></div>';
}
/////////////////////////////////////////
if (isset($_POST['ban_pr']) && isset($_POST['time']) && isset($_POST['vremja']) && $user['level']>=1){
$block_time = $time;
if ($_POST['vremja']=='min')$block_time+=intval($_POST['time'])*60;
if ($_POST['vremja']=='chas')$block_time+=intval($_POST['time'])*60*60;
if ($_POST['vremja']=='sut')$block_time+=intval($_POST['time'])*60*60*24;
if ($_POST['vremja']=='mes')$block_time+=intval($_POST['time'])*60*60*24*30;
if ($block_time < $time)$err[]='<div class="content"><center>Ошибка времени блока</center></div>';
$prich = $_POST['ban_pr'];
$prich = mysql_real_escape_string($prich);
$plus_block = $ank['block_count']+1;
mysql_query("INSERT INTO `users_ban` (`ank_ban`, `id_user`, `prich`, `time`) VALUES ('$ank[id]', '$user[id]', '".mysql_real_escape_string($prich)."', '$block_time')");
mysql_query("UPDATE `users` SET `block_time` = '$block_time', `block_count` = '$plus_block' WHERE `id` = '$ank[id]' LIMIT 1");
echo '<div class="content"><center>Пользователь успешно заблокирован</center></div>';
}
/////////////////////////////////////////
$ban_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `id` = '$ank[id]'"),0);
if ($ban_post==0)echo "<div class='content'><center>Нарушений не найдено</center></div>";
/////////////////////////////////////////
$qii=mysql_query("SELECT * FROM `users_ban` WHERE `ank_ban` = '$ank[id]' ORDER BY `time` DESC");
while ($post_ban = mysql_fetch_assoc($qii)){
$ank2=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = $post_ban[ank_ban] LIMIT 1"));
echo "<div class='subhead'>Причина: <b>".$post_ban['prich']."</b> </br></br> До ".apicms_data($post_ban['time'])." <a class = 'headbut' href='?id=$ank[id]&unset=$post_ban[id]'>Разблокировать</a></div>";
}
/////////////////////////////////////////
if ($user['level']>=1){
echo "<form action="user_block.php?id=$ank[id]&ok" method="post">n";
echo "<div class='content'><center>Причина блокировки:<br /> <textarea name="ban_pr"></textarea><br />n";
echo "Срок блокировки<br /> <input type='text' name='time' value='10' maxlength='11' size='3' />n";
echo "<select class='form' name="vremja">n";
echo "<option value='min'>Минут</option>n";
echo "<option value='chas'>Часов</option>n";
echo "<option value='sut'>Суток</option>n";
echo "<option value='mes'>Месяцев</option>n";
echo "</select><br /><input type='submit' value='Заблокировать'/></form></center></div>n";
}else{
echo "<div class='content'>Нет прав для того, чтобы забанить пользователя</div>n";
}
/////////////////////////////////////////
}
apicms_foot();
?>