Просмотр файла moder/index.php

Размер файла: 20.56Kb
<?
///////////////////////////////////////////////////
$title="Модерка\n";
///////////////////////////////////////////////////
$yes=0;
$id = $_GET['id'];
$pass = $_GET['pass'];
include ("../header.php");
include ("ids.php");
include ("pass.php");
$pa = file("pass.php");
$pa[1] = trim($pa[1]);
$pa[1] = str_replace('"', '', $pa[1]);
$pa[1] = str_replace(';', '', $pa[1]);
$ids = file("ids.php");
for($i=0; $i<count($ids); $i++)
{
$ids[$i] = trim($ids[$i]);
$ids[$i] = str_replace('"', '', $ids[$i]);
$ids[$i] = str_replace(';', '', $ids[$i]);
if(isset($ids[$i]))
{
if($id == $ids[$i] && $pass==$pa[1])
{
$yes=1;
}
}
}
///////////////////////////////////////////////////
///////////////////////////////////////////////////
if($yes==0)
{
echo $div["ten"];
echo "<form action=\"index.php\" method=\"get\">";
echo "ID: <br/>";
echo "<input name=\"id\" maxlength=\"20\" type=\"id\"/><br/>";
echo "Пароль: <br/>";
echo "<input name=\"pass\" maxlength=\"20\" type=\"password\"/><br/>";
echo "<input class=\"ibutton\" type=\"submit\" value=\"Войти\"/>";
echo "</form>";
echo $div["end"];
include ("../footer.php");
exit();
///////////////////////////////////////////////////
}
if($yes==1)
{
echo $div["header"];
$q = mysql_query("select * from uzvers;");
$reg=mysql_num_rows($q);
echo "Всего сайтов: <b>$reg</b>";
$q = mysql_query("select * from uzvers where `allmonth`>'0';");
$reg=mysql_num_rows($q);
           while ($field=mysql_fetch_array($q))
           {
           $w=$field['all'];
           $all=$all+$w;
           }
echo ", из них активных: <b>$reg</b><br/>";
echo $div["end"];
if (empty($op)) $op="index";
switch ($op) {
///////////////////////////////////////////////////
case "index":
    echo $div["ten"];
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=news&amp;".session_name()."=".session_id()."\">Новости</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=ticketmin&amp;".session_name()."=".session_id()."\">Тикетс</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=siteready&amp;".session_name()."=".session_id()."\">Готовые к выплатам</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=sitehelp&amp;".session_name()."=".session_id()."\">Просят выплат</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=about&amp;".session_name()."=".session_id()."\">О участнике</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=logs&amp;".session_name()."=".session_id()."\">Логи</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=stats&amp;".session_name()."=".session_id()."\">Статистика</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"../index.php?".session_name()."=".session_id()."\">Выход</a><br/>";
    break;
///////////////////////////////////////////////////
case "news":
echo $div["ten"];
if(empty($startan)) $startan = 0;
$startan=intval($startan);
if($startan<0) $startan=0; $num_msgs_an=5;
$arr = mysql_query("select * from `news`");
$qi = mysql_query("select * from `news` order by `id` desc limit $startan,$num_msgs_an;;");
           if (mysql_affected_rows()==0)
           {
           echo "Нет новостей";
           }
           else
           {
while($row=mysql_fetch_array($qi))
{
echo "".$row['date']." |
".$row['msg']." <a href=\"index.php?id=$id&amp;pass=$pass&amp;op=editnews&amp;postid=".$row['id']."&amp;".session_name()."=".session_id()."\">ред</a><br/>";
}
           }
$i = @mysql_num_rows($arr);
if($startan!=0)
echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=news&amp;".session_name()."=".session_id()."&amp;startan=".($startan-$num_msgs_an)."\">".htmlspecialchars("<<--")."</a>] ";
if($i>$startan+$num_msgs_an)
echo "[<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=news&amp;".session_name()."=".session_id()."&amp;startan=".($startan+$num_msgs_an)."\">".htmlspecialchars("-->>")."</a>";;
    echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;
///////////////////////////////////////////////////
    case "editnews":
    if (empty($go))
           {
           $q_msg = mysql_query("select * from `news` where (`id`='$postid');");
           $row_msg=mysql_fetch_array($q_msg);
           $msg_db=$row_msg['msg'];
                      if ($_SESSION['wap']=="xml")
           {

           echo "<form action=\"index.php?id=$id&amp;pass=$pass&amp;op=editnews&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<div>";
           echo "Сообщение: <br/>";
           echo "<input name=\"message\" maxlength=\"250\" value=\"$msg_db\" title=\"Text\"/><br/>";
           echo "<select multiple=\"multiple\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><br/>";
           echo "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
           echo "</div>";
           echo "</form>";
           }
           else
           {
           echo "Сообщение: <br/>";
           echo "</small><input name=\"message".$ref."\" value=\"$msg_db\" maxlength=\"250\" title=\"Text\"/><br/><small>";
           echo "</small><select multiple=\"true\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><small><br/>";
           echo "<anchor title=\"send\">Отправить<go href=\"index.php?id=$id&amp;pass=$pass&amp;op=editnews&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<postfield name=\"message\" value=\"$(message".$ref.")\"/>";
           echo "<postfield name=\"translit\" value=\"$(translit)\"/>";
           echo "</go></anchor><br/>";
           }
           echo $div["div"];
           if ($_SESSION['wap']!="xml") {echo "---<br/>";}
           echo $div["end"];
           include ("../footer.php");
           exit();
           }
           else
           {
           @mysql_query("UPDATE `news` SET `msg`='$message' WHERE (`id`='$postid')");
           echo "Новость изменена!<br/>";
           echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;".session_name()."=".session_id()."\">АдминПанель</a><br/>";
           }
    break;
///////////////////////////////////////////////////
    case "ticketmin":
    echo $div["ten"];
if(empty($startan)) $startan = 0;
$startan=intval($startan);
if($startan<0) $startan=0; $num_msgs_an=5;
$arr = mysql_query("select * from `support` where `ans`=''");
$qi = mysql_query("select * from `support` where `ans`='' order by `id` desc limit $startan,$num_msgs_an;;");
           if (mysql_affected_rows()==0)
           {
           echo "Нет тикетов";
           }
           else
           {
while($row=mysql_fetch_array($qi))
{
$row['msg']=htmlspecialchars(stripslashes(trim($row['msg'])));
$row['msg']=str_replace("&","&amp;",$row['msg']);
echo "#".$row['id']." | ".$row['date']." | ID:".$row['idc']." |
".$row['msg']."  <a href=\"index.php?id=$id&amp;pass=$pass&amp;op=answ&amp;postid=".$row['id']."&amp;".session_name()."=".session_id()."\">отв</a><br/>";
}
           }
$i = @mysql_num_rows($arr);
if($startan!=0)
echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=ticketmin&amp;".session_name()."=".session_id()."&amp;startan=".($startan-$num_msgs_an)."\">".htmlspecialchars("<<--")."</a>] ";
if($i>$startan+$num_msgs_an)
echo "[<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=ticketmin&amp;".session_name()."=".session_id()."&amp;startan=".($startan+$num_msgs_an)."\">".htmlspecialchars("-->>")."</a>";;
    echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;
///////////////////////////////////////////////////
    case "editticket":
    if (empty($go))
           {
           $q_msg = mysql_query("select * from `support` where (`id`='$postid');");
           $row_msg=mysql_fetch_array($q_msg);
           $msg_db=$row_msg['ans'];
                      if ($_SESSION['wap']=="xml")
           {

           echo "<form action=\"index.php?id=$id&amp;pass=$pass&amp;op=editticket&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<div>";
           echo "Сообщение: <br/>";
           echo "<input name=\"message\" maxlength=\"250\" value=\"$msg_db\" title=\"Text\"/><br/>";
           echo "<select multiple=\"multiple\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><br/>";
           echo "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
           echo "</div>";
           echo "</form>";
           }
           else
           {
           echo "Сообщение: <br/>";
           echo "</small><input name=\"message".$ref."\" value=\"$msg_db\" maxlength=\"250\" title=\"Text\"/><br/><small>";
           echo "</small><select multiple=\"true\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><small><br/>";
           echo "<anchor title=\"send\">Отправить<go href=\"index.php?id=$id&amp;pass=$pass&amp;op=editticket&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<postfield name=\"message\" value=\"$(message".$ref.")\"/>";
           echo "<postfield name=\"translit\" value=\"$(translit)\"/>";
           echo "</go></anchor><br/>";
           }
           echo $div["div"];
           if ($_SESSION['wap']!="xml") {echo "---<br/>";}
           echo $div["end"];
           include ("../footer.php");
           exit();
           }
           else
           {
           echo $div["div"];
           @mysql_query("UPDATE `support` SET `ans`='$message' WHERE (`id`='$postid')");
           echo "Ответ изменен!<br/>";
           echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;".session_name()."=".session_id()."\">АдминПанель</a><br/>";
           }
    break;
///////////////////////////////////////////////////
        case "answ":
    if (empty($go))
           {
           $q_msg = mysql_query("select * from `support` where (`id`='$postid');");
           $row_msg=mysql_fetch_array($q_msg);
           $msg_db=$row_msg['ans'];
                      if ($_SESSION['wap']=="xml")
           {

           echo "<form action=\"index.php?id=$id&amp;pass=$pass&amp;op=answ&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<div>";
           echo "Сообщение: <br/>";
           echo "<input name=\"message\" maxlength=\"250\" value=\"$msg_db\" title=\"Text\"/><br/>";
           echo "<select multiple=\"multiple\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><br/>";
           echo "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
           echo "</div>";
           echo "</form>";
           }
           else
           {
           echo "Сообщение: <br/>";
           echo "</small><input name=\"message".$ref."\" value=\"$msg_db\" maxlength=\"250\" title=\"Text\"/><br/><small>";
           echo "</small><select multiple=\"true\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><small><br/>";
           echo "<anchor title=\"send\">Отправить<go href=\"index.php?id=$id&amp;pass=$pass&amp;op=answ&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<postfield name=\"message\" value=\"$(message".$ref.")\"/>";
           echo "<postfield name=\"translit\" value=\"$(translit)\"/>";
           echo "</go></anchor><br/>";
           }
           echo $div["div"];
           if ($_SESSION['wap']!="xml") {echo "---<br/>";}
           echo $div["end"];
           include ("../footer.php");
           exit();
           }
           else
           {
           echo $div["div"];
           @mysql_query("UPDATE `support` SET `ans`='$message' WHERE (`id`='$postid')");
           echo "Ответ добавлен!<br/>";
           echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;".session_name()."=".session_id()."\">АдминПанель</a><br/>";
           }
    break;
///////////////////////////////////////////////////
case "siteready":
echo $div["ten"];
if(empty($startan)) $startan = 0;
$startan=intval($startan);
if($startan<0) $startan=0; $num_msgs_an=20;
$arr = mysql_query("select * from `uzvers` where `allmonth`>'$mincost'");
$qi = mysql_query("select * from `uzvers` where `allmonth`>'$mincost' order by `allmonth` desc limit $startan,$num_msgs_an;;");
           if (mysql_affected_rows()==0)
           {
           echo "Нет сайтов!";
           }
           else
           {
while($row=mysql_fetch_array($qi))
{
echo "".$row['id']." | ".$row['wm']." |
<a href=\"".$row['site']."\">".$row['site']."</a> ".$row['allmonth']."<br/>";
}
           }
$i = @mysql_num_rows($arr);
if($startan!=0)
echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=siteready&amp;".session_name()."=".session_id()."&amp;startan=".($startan-$num_msgs_an)."\">".htmlspecialchars("<<--")."</a>] ";
if($i>$startan+$num_msgs_an)
echo "[<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=siteready&amp;".session_name()."=".session_id()."&amp;startan=".($startan+$num_msgs_an)."\">".htmlspecialchars("-->>")."</a>";;
    echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;
///////////////////////////////////////////////////
    case "logs":
    if (empty($ida))
    {
           if ($_SESSION['wap']=="xml")
           {
           echo "<form action=\"index.php?id=$id&amp;pass=$pass&amp;op=logs&amp;".session_name()."=".session_id()."\" method=\"post\">";
           echo "<div>";
           echo "ID: <br/>";
           echo "<input name=\"id\" maxlength=\"250\" title=\"Text\"/><br/>";
           echo "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
           echo "</div>";
           echo "</form>";
           }
           else
           {
           echo "ID: <br/>";
           echo "</small><input name=\"id".$ref."\" maxlength=\"250\" title=\"Text\"/><br/><small>";
           echo "<anchor title=\"send\">Отправить<go href=\"index.php?id=$id&amp;pass=$pass&amp;op=logs&amp;".session_name()."=".session_id()."\" method=\"post\">";
           echo "<postfield name=\"id\" value=\"$(id".$ref.")\"/>";
           echo "</go></anchor><br/>";
           }

    }
    else
    {
    $file_name = "../logs/$ida.log"; //file with links
$sim=10; //how much links on page
if(!isset($_GET['p']))$p=0; else $p = $_GET['p'];
$file=file($file_name);
$all=count($file);
$obsum = $all - $p * $sim;
$nasum = $obsum - $sim;
$end='0';
for($i=$obsum; $i>$nasum; $i--)
{
if(!isset($file[$i])) {$end='1';} else {$file[$i]=str_replace("\n","<br/>",$file[$i]);
$read.=$file[$i]; }

}
if($end=='1') $read.="<br/>";
$read=str_replace("&","&amp;",$read);//$read=iconv("Windows-1251", "UTF-8", $read); echo $read;
$echo .="---";
$echo .= '<br/><a href="'.$PHP_SELF.'?id='.$id.'&amp;pass='.$pass.'&amp;'.session_name().'='.session_id().'&amp;p='.($p+1).'&amp;ida='.$ida.'&amp;op=logs">След</a>';$echo .= ' ';
$echo .= '<br/><a href="'.$PHP_SELF.'?id='.$id.'&amp;pass='.$pass.'&amp;'.session_name().'='.session_id().'&amp;p='.($p-1).'&amp;ida='.$ida.'&amp;op=logs">Пред</a>';
echo $read;
echo $echo;
}
echo $div["div"];
echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;".session_name()."=".session_id()."\">АдминПанель</a><br/>";
break;
///////////////////////////////////////////////////
    case "stats":
    echo $div["div"];
    echo "<b>Дата</b> - Опсосов | Всего<br/>";
$arr = mysql_query("select * from `stats`");
$qi = mysql_query("select * from `stats` order by `id` desc;");
           if (mysql_affected_rows()==0)
           {
           echo "Нет статы !!!";
           }
           else
           {
while($row=mysql_fetch_array($qi))
{
echo "<b>".$row['data']."</b> -
".$row['OP']." |
".$row['ALL']."<br/>";
}
}
echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;".session_name()."=".session_id()."\">АдминПанель</a><br/>";
break;
///////////////////////////////////////////////////
    case "about":
    if (empty($go))
           {
                      if ($_SESSION['wap']=="xml")
           {
           echo "<form action=\"index.php?id=$id&amp;pass=$pass&amp;op=about&amp;go=go&amp;".session_name()."=".session_id()."\" method=\"post\">";
           echo "<div>";
           echo "ID: <br/>";
           echo "<input name=\"id\" maxlength=\"250\" title=\"Text\"/><br/>";
           echo "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
           echo "</div>";
           echo "</form>";
           }
           else
           {
           echo "ID: <br/>";
           echo "</small><input name=\"id".$ref."\" maxlength=\"250\" title=\"Text\"/><br/><small>";
           echo "<anchor title=\"send\">Отправить<go href=\"index.php?id=$id&amp;pass=$pass&amp;op=about&amp;go=go&amp;".session_name()."=".session_id()."\" method=\"post\">";
           echo "<postfield name=\"id\" value=\"$(id".$ref.")\"/>";
           echo "</go></anchor><br/>";
           }
           echo $div["div"];
           if ($_SESSION['wap']!="xml") {echo "---<br/>";}
           echo $div["end"];
           include ("../footer.php");
           exit();
           }
           else
           {
           echo $div["div"];
           $qi = mysql_query("select * from `uzvers` where `id`='$id';");
           if (mysql_affected_rows()==0)
           {
           echo "Нет такого ID !!!";
           }
           else
           {
$row=mysql_fetch_array($qi);
echo "<b>".$row['ID']."</b> <br/>
Логин: ".$row['log']." <br/>
WMZ: ".$row['wm']." <br/>
Мыло: ".$row['email']." <br/>
Сайт: ".$row['site']." <br/>
ICQ: ".$row['icq']." <br/>
Баланс ".$row['allmonth']." <br/>";
}
}
echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;".session_name()."=".session_id()."\">АдминПанель</a><br/>";
break;
///////////////////////////////////////////////////
case "sitehelp":
echo $div["ten"];
if(empty($startan)) $startan = 0;
$startan=intval($startan);
if($startan<0) $startan=0; $num_msgs_an=20;
$arr = mysql_query("select * from `uzvers` where `help`='1'");
$qi = mysql_query("select * from `uzvers` where `help`='1' order by `allmonth` desc limit $startan,$num_msgs_an;;");
           if (mysql_affected_rows()==0)
           {
           echo "Нет сайтов!";
           }
           else
           {
while($row=mysql_fetch_array($qi))
{
echo "".$row['id']." | ".$row['wm']." |
<a href=\"".$row['site']."\">".$row['site']."</a> ".$row['allmonth']." <br/>";
}
           }
$i = @mysql_num_rows($arr);
if($startan!=0)
echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=sitehelp&amp;".session_name()."=".session_id()."&amp;startan=".($startan-$num_msgs_an)."\">".htmlspecialchars("<<--")."</a>] ";
if($i>$startan+$num_msgs_an)
echo "[<a href=\"index.php?id=$id&amp;pass=$pass&amp;op=sitehelp&amp;".session_name()."=".session_id()."&amp;startan=".($startan+$num_msgs_an)."\">".htmlspecialchars("-->>")."</a>";;
    echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?id=$id&amp;pass=$pass&amp;".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;
}

echo $div["end"];
include ("../footer.php");
}
?>