Файл: modules/padmin/change-dest.php
Строк: 71
<?php
/**
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) 2013, Taras Chornyi, Sergiy Mazurenko, Ivan Kotliar
* @link http://perf-engine.net
* @package PerfEngine
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
$locate = 'in_padmin';
$user_id = abs(intval($_GET['id']));
if(isset($user) && $user['level'] >= 5 && isset($_GET['id']) && $user['id'] != $_GET['id'] && $db->query("SELECT level FROM `users` WHERE `id` = '". $_GET['id'] ."'")->fetchColumn() != 7) {
$user_level = $db->query("SELECT level FROM `users` WHERE `id` = '".abs(intval($_GET['id'])) ."'")->fetchColumn();
$title = _t('change_dest');
include_header($title);
$tpl->div('title', _t('change_dest').' '.tnick($_GET['id']));
if(isset($_POST['save']) && $_GET['act']== 'save') {
$level = abs(intval($_POST['level']));
$db->query("UPDATE `users` SET `level` = '". $level."' WHERE `id` = '".abs(intval($_GET['id'])) ."'");
$tpl->div('menu', _t('succ_save'));
$tpl->div('block', img('nav.png') . '<a href="/user/profile/'.abs(intval($_GET['id'])) .'/">'._t('back').'</a><br/>'. img('admin.png') .'<a href="/padmin/">'. _t('padmin') .'</a><br/>'. HICO .'<a href="/">'. _t('home') .'</a>');
include_footer();
exit;
}
echo '<div class="post">
<form action="/padmin/change-dest/'.$user_id.'/?act=save" method="post">
<b>'. _t('change_dest') .'</b>:<br/>
<select name="level">';
echo '<option value="1" '.($user_level==1 ? 'selected="selected"':NULL).'>'. level(1).'</option>';
echo '<option value="2" '.($user_level==2 ? 'selected="selected"':NULL).'>'. level(2).'</option>';
echo '<option value="3" '.($user_level==3 ? 'selected="selected"':NULL).'>'. level(3).'</option>';
echo '<option value="4" '.($user_level==4 ? 'selected="selected"':NULL).'>'. level(4).'</option>';
echo '<option value="5" '.($user_level==5 ? 'selected="selected"':NULL).'>'. level(5).'</option>';
echo '<option value="6" '.($user_level==6 ? 'selected="selected"':NULL).'>'. level(6).'</option>';
echo '</select><br/>
<input type="submit" name="save" value="'. _t('save').'" />
</form>
</div>';
$tpl->div('block', img('admin.png') .'<a href="/padmin/">'. _t('padmin') .'</a><br/>'. HICO .'<a href="/">'. _t('home') .'</a>');
include_footer();
} else { header('Location: /'); }
?>