Просмотр файла me.set.php

БИРЖА РЕКЛАМЫ С ПРЯМЫМИ ССЫЛКАМИ
Размер файла: 5Kb 
<?php
session_name('SID');
session_start();
include_once('data/mysql.cfg');
$tex = addslashes($_GET['t']);
switch($_GET['set'])
{
	default:
	break;
	case 'block':
	$isql = mysql_query("
		INSERT INTO
		`movecontroll`(`texture`)
		VALUES('$tex')");
	if(!$isql) die('Error:'.mysql_error());
	break;
	case 'unblock':
	$isql = mysql_query("
		DELETE FROM	`movecontroll`
		WHERE `texture`='$tex'");
	if(!$isql) die('Error:'.mysql_error());
	break;
	case 'add_tip':
	if(empty($_POST['map_x']) OR empty($_POST['map_y']))
	{
		echo '<script>alert("Type position \"X\" and position \"Y\"");location = "me.php";</script>';
		exit;
	}
	include_once('inc/top.php');
	echo '<h1>Adding tip</h1><br>';
	echo LNG_ME_CAPT_TIP.' <b>'.$_POST['map'].'</b>
	<br><form method="post" action="me.set.php?set=tip">
	<input name="map" type="hidden" value="'.$_POST['map'].'"><br>
	x<input class="px" name="map_x" type="number" value="'.$_POST['map_x'].'">
	y<input class="px" name="map_y" type="number" value="'.$_POST['map_y'].'"><br>
	<input name="tip" type="text" placeholder="'.LNG_ME_CAPT_NAME.'"><br>
	<input name="tip_desc" type="text" placeholder="'.LNG_ME_CAPT_DESC.'"><br>
	'.LNG_ME_CAPT_AUTO.'
	<select name="auto">
	<option value="yes">'.LNG_YES.'</option>
	<option value="no">'.LNG_NO.'</option>
	</select><br>
	<input name="script" type="text" placeholder="'.LNG_ME_CAPT_SCRIPT.'"><br>
	<input type="submit" value="'.LNG_ADD.'">
	</form>';
	include_once('inc/bottom.php');
	exit;
	break;
	case 'tip':
	$tsql = mysql_query("
		SELECT *
		FROM `map_tips`
		WHERE `map_x`='".$_POST['map_x']."'
		AND `map_y`='".$_POST['map_y']."'
		AND `map`='".$_POST['map']."'");
	if(!$tsql)
	{
		die('Error: '.mysql_error());
	}
	else
	{
		if(mysql_num_rows($tsql) !== 0)
		{
			$utsql = mysql_query("
				UPDATE `map_tips`
				SET `tip`='".$_POST['tip']."',
				`tip_desc`='".$_POST['tip_desc']."',
				`auto`='".$_POST['auto']."',
				`script`='".$_POST['script']."'
				WHERE `map_x`='".$_POST['map_x']."'
				AND `map_y`='".$_POST['map_y']."'
				AND `map`='".$_POST['map']."'");
		}
		else
		{
			$utsql = mysql_query("
				INSERT INTO
				`map_tips`(`map`,`map_x`,`map_y`,`tip`,`tip_desc`,`auto`,`script`)
				VALUES('".$_POST['map']."','".$_POST['map_x']."','".$_POST['map_y']."','".$_POST['tip']."','".$_POST['tip_desc']."','".$_POST['auto']."','".$_POST['script']."')");
		}
	}
	break;
	case 'add_redirect':
	if(empty($_POST['map_x']) OR empty($_POST['map_y']))
	{
		echo '<script>alert("Type position \"X\" and position \"Y\"");location = "me.php";</script>';
		exit;
	}
	include_once('inc/top.php');
	echo '<h1>Adding Redirect</h1><br>';
	echo LNG_ME_CAPT_REDIRECT.' <br>
	<form method="post" action="me.set.php?set=redirect">
	'.LNG_ME_CAPT_REDIRECT_START.'<br>
	<input name="map" type="text" value="'.$_POST['map'].'"><br>
	x<input class="px" name="map_x" type="number" value="'.$_POST['map_x'].'">
	y<input class="px" name="map_y" type="number" value="'.$_POST['map_y'].'"><br>
	'.LNG_ME_CAPT_REDIRECT_DESTINATION.'<br>
	<input name="destination" type="text" value="'.$_POST['map'].'"><br>
	x<input class="px" name="destination_x" type="number" value="'.$_POST['map_x'].'">
	y<input class="px" name="destination_y" type="number" value="'.$_POST['map_y'].'"><br>
	<input name="desc" type="text" placeholder="'.LNG_ME_CAPT_NAME.'"><br>
	'.LNG_ME_CAPT_AUTO.'
	<select name="auto">
	<option value="yes">'.LNG_YES.'</option>
	<option value="no">'.LNG_NO.'</option>
	</select><br>
	<input name="script" type="text" placeholder="'.LNG_ME_CAPT_SCRIPT.'"><br>
	<input type="submit" value="'.LNG_ADD.'">
	</form>';
	include_once('inc/bottom.php');
	exit;
	break;
	case 'redirect':
	$tsql = mysql_query("
		SELECT *
		FROM `map_forwarding`
		WHERE `map_x`='".$_POST['map_x']."'
		AND `map_y`='".$_POST['map_y']."'
		AND `map`='".$_POST['map']."'
		AND `destination_x`='".$_POST['destination_x']."'
		AND `destination_y`='".$_POST['destination_y']."'
		AND `destination`='".$_POST['destination']."'");
	if(!$tsql)
	{
		die('Error: '.mysql_error());
	}
	else
	{
		if(mysql_num_rows($tsql) !== 0)
		{
			$utsql = mysql_query("
				UPDATE `map_forwarding`
				SET `desc`='".$_POST['desc']."',
				`auto`='".$_POST['auto']."',
				`script`='".$_POST['script']."'
				WHERE `map_x`='".$_POST['map_x']."'
				AND `map_y`='".$_POST['map_y']."'
				AND `map`='".$_POST['map']."'
				AND `destination_x`='".$_POST['destination_x']."'
				AND `destination_y`='".$_POST['destination_y']."'
				AND `destination`='".$_POST['destination']."'");
		}
		else
		{
			$utsql = mysql_query("
				INSERT INTO
				`map_forwarding`(`map`,`map_x`,`map_y`,`destination`,`destination_x`,`destination_y`,`desc`,`auto`,`script`)
				VALUES('".$_POST['map']."','".$_POST['map_x']."','".$_POST['map_y']."','".$_POST['destination']."','".$_POST['destination_x']."','".$_POST['destination_y']."','".$_POST['desc']."','".$_POST['auto']."','".$_POST['script']."')");
		}
	}
	break;
}
echo '<script>location = "me.php";</script>';