Просмотр файла NuclearCMS_v.1.0.0/admin/forum.php

Размер файла: 17.54Kb
  1. <?php
  2. if($status != "admin")
  3. {
  4. header("Location: ".$forumdir);
  5. } else
  6. {
  7. switch($_GET['mode'])
  8. {
  9. default:
  10. $mforums = mysql_query("SELECT * FROM `mforums` ORDER BY `pos` ASC");
  11. $forums = mysql_query("SELECT * FROM `forums` ORDER BY `pos` ASC");
  12. if($version == "wml")
  13. {
  14. header("Content-type: text/vnd.wap.wml; charset=utf-8");
  15. header("Cache-Control: no-cache");
  16. echo(doctype("Админка").'
  17. Модераторы: <br />');
  18. $modersq = mysql_query("SELECT `status`, `id`, `username` FROM `users` WHERE `status`='moderator'");
  19. while($moders = mysql_fetch_array($modersq))
  20. {
  21. echo($moders['username'].'[<a href="./?p=27&amp;v=wml&amp;sid='.$sid.'&amp;mode=moder&amp;m=0&amp;id='.$moders['id'].'">Удалить</a>]<br />');
  22. }
  23.  
  24. echo('- - - - <br />
  25. Добавить подфорум:<br />
  26. - - - - <br />
  27. Имя: <br />
  28. <input type="text" name="name" /><br />
  29. Позиция: <br />
  30. <input type="text" name="pos" format="*N" /><br />
  31. <anchor>[Добавить]
  32. <go href="./?p=27&amp;v=wml&amp;mode=add&amp;sid='.$sid.'" method="post">
  33. <postfield name="name" value="$(name)" />
  34. <postfield name="pos" value="$(pos)" />
  35. </go></anchor><br />
  36. - - - - <br />
  37. Удалить подфорум: <br />
  38. <select name="id">');
  39. while($fnames = mysql_fetch_array($forums))
  40. {
  41. echo('<option value="'.$fnames['id'].'">'.$fnames['name'].'</option>');
  42. }
  43. echo('</select><br />
  44. <anchor>[Удалить]
  45. <go href="./?p=27&amp;v=wml&amp;sid='.$sid.'&amp;mode=del" method="post">
  46. <postfield name="id" value="$(id)" />
  47. </go></anchor><br />
  48. - - - - <br />
  49. Добавить модерский подфорум:<br />
  50. - - - - <br />
  51. Имя: <br />
  52. <input type="text" name="name" /><br />
  53. Позиция: <br />
  54. <input type="text" name="pos" format="*N" /><br />
  55. <anchor>[Добавить]
  56. <go href="./?p=27&amp;v=wml&amp;mode=addm&amp;sid='.$sid.'" method="post">
  57. <postfield name="name" value="$(name)" />
  58. <postfield name="pos" value="$(pos)" />
  59. </go></anchor><br />
  60. - - - - <br />
  61. Удалить модерский подфорум: <br />
  62. <select name="id">');
  63. while($fnamesm = mysql_fetch_array($mforums))
  64. {
  65. echo('<option value="'.$fnamesm['id'].'">'.$fnamesm['name'].'</option>');
  66. }
  67. echo('</select><br />
  68. <anchor>[Удалить]
  69. <go href="./?p=27&amp;v=wml&amp;sid='.$sid.'&amp;mode=delm" method="post">
  70. <postfield name="id" value="$(id)" />
  71. </go></anchor><br />
  72. - - - - <br />
  73. <a href="./?p=0&amp;v=wml&amp;sid='.$sid.'">В форум</a>
  74. </p></card></wml>');
  75. } elseif($version == "xhtml")
  76. {
  77. echo
  78. "<html>\r\n",
  79. "<head>\r\n",
  80. "<title>Админка</title>\r\n",
  81. "</head>\r\n",
  82. "<body bgcolor=\"".$style['background']."\" link=\"".$style['link']."\" vlink=\"".$style['link']."\" text=\"#000000\">\r\n",
  83. "<table align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\" width=\"350\">\r\n",
  84. "<tr>\r\n",
  85. "<td align=\"center\" bgcolor=\"".$style['title']."\"><font color=\"#FFFFFF\"><b>Админка</b></font></td>\r\n",
  86. "</tr>\r\n",
  87. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  88. "<a href=\"./?p=27&amp;mode=wcab&amp;act=menu&amp;sid=".$sid."&amp;v=".$version."\">Управление акцией</a><br />",
  89. "<a href=\"./?p=27&amp;mode=rating&amp;sid=".$sid."&amp;v=".$version."\">Рейтинги(+/-)</a>\r\n</td></tr>",
  90. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  91. "<b><u>Модераторы:</b></u>\r\n</td></tr>",
  92. "<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n";
  93. $modersq = mysql_query("SELECT `status`, `id`, `username` FROM `users` WHERE `status`='moderator'");
  94. while($moders = mysql_fetch_array($modersq))
  95. {
  96. echo($moders['username'].'[<a href="./?p=27&amp;v=xhtml&amp;sid='.$sid.'&amp;mode=moder&amp;m=0&amp;id='.$moders['id'].'">Удалить</a>]<br />');
  97. }
  98. echo
  99. "</td>\r\n",
  100. "</tr>\r\n",
  101. "<tr>\r\n",
  102. "<td bgcolor=\"".$style['text']."\">\r\n",
  103. "<b><u>Добавить подфорум:</b></u><br />\r\n",
  104. "<form action=\"./?p=27&amp;v=xhtml&amp;mode=add&amp;sid=".$sid."\" method=\"post\">\r\n",
  105. "Имя: <br />\r\n",
  106. "<input type=\"text\" name=\"name\" /><br />\r\n",
  107. "Позиция: <br /> \r\n",
  108. "<input type=\"text\" name=\"pos\" format=\"*N\" /><br />\r\n",
  109. "<input type=\"submit\" value=\"Добавить\" />\r\n",
  110. "</form>\r\n",
  111. "</td>\r\n</tr>\r\n",
  112. "<tr>\r\n",
  113. "<td bgcolor=\"".$style['text']."\">\r\n",
  114. "<b><u>Удалить подфорум:</b></u>\r\n",
  115. "</td>\r\n</tr>\r\n",
  116. "<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n",
  117. "<form action=\"./?p=27&amp;v=xhtml&amp;mode=del&amp;sid=".$sid."\" method=\"post\">\r\n",
  118. "<select name=\"id\">\r\n";
  119. while($fnames = mysql_fetch_array($forums))
  120. {
  121. echo("<option value=\"".$fnames['id']."\">".$fnames['name']."</option>\r\n");
  122. }
  123. echo
  124. "</select><br />\r\n",
  125. "<input type=\"submit\" value=\"Удалить\" />\r\n",
  126. "</form>\r\n",
  127. "</td>\r\n</tr>\r\n",
  128. "<td bgcolor=\"".$style['text']."\">\r\n",
  129. "<b><u>Добавить модерский подфорум:</b></u><br />\r\n",
  130. "<form action=\"./?p=27&amp;v=xhtml&amp;mode=addm&amp;sid=".$sid."\" method=\"post\">\r\n",
  131. "Имя: <br />\r\n",
  132. "<input type=\"text\" name=\"name\" /><br />\r\n",
  133. "Позиция: <br /> \r\n",
  134. "<input type=\"text\" name=\"pos\" format=\"*N\" /><br />\r\n",
  135. "<input type=\"submit\" value=\"Добавить\" />\r\n",
  136. "</form>\r\n",
  137. "</td>\r\n</tr>\r\n",
  138. "<tr>\r\n",
  139. "<td bgcolor=\"".$style['text']."\">\r\n",
  140. "<b><u>Удалить модерский подфорум:</b></u>\r\n",
  141. "</td>\r\n</tr>\r\n",
  142. "<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n",
  143. "<form action=\"./?p=27&amp;v=xhtml&amp;mode=delm&amp;sid=".$sid."\" method=\"post\">\r\n",
  144. "<select name=\"id\">\r\n";
  145. while($fnamesm = mysql_fetch_array($mforums))
  146. {
  147. echo("<option value=\"".$fnamesm['id']."\">".$fnamesm['name']."</option>\r\n");
  148. }
  149. echo
  150. "</select><br />\r\n",
  151. "<input type=\"submit\" value=\"Удалить\" />\r\n",
  152. "</form>\r\n",
  153. "</td>\r\n</tr>\r\n",
  154. "<tr><td bgcolor=\"".$style['bottom']."\">\r\n",
  155. "<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">Форумы</a> \r\n",
  156. "</td>\r\n</tr>\r\n</table>\r\n",
  157. "</body></html>";
  158. }
  159. break;
  160.  
  161. case 'wcab':
  162. if($_GET['act'] == "menu")
  163. {
  164. if($version == "xhtml")
  165. {
  166. echo
  167. "<html>\r\n",
  168. "<head>\r\n",
  169. "<title>Админка</title>\r\n",
  170. "</head>\r\n",
  171. "<body bgcolor=\"".$style['background']."\" link=\"".$style['link']."\" vlink=\"".$style['link']."\" text=\"#000000\">\r\n",
  172. "<table align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\" width=\"350\">\r\n",
  173. "<tr>\r\n",
  174. "<td align=\"center\" bgcolor=\"".$style['title']."\"><font color=\"#FFFFFF\"><b>Админка</b></font></td>\r\n",
  175. "</tr>\r\n",
  176. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  177. "<a href=\"./?p=27&amp;mode=wcab&amp;act=ban&amp;sid=".$sid."&amp;v=".$version."\">Заблокированные</a>\r\n</td></tr>",
  178. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  179. "<b><u>Набравшие минималку:</b></u>\r\n</td></tr>",
  180. "<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n";
  181. $masq = mysql_query("SELECT * FROM `wcab` WHERE `balans`>'10' ORDER BY `balans` DESC");
  182. while($mas = mysql_fetch_array($masq))
  183. {
  184. $us=mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='".$mas['id_user']."'"));
  185. echo('<a href="./?p=24&amp;uid='.$mas['id_user'].'&amp;d=1&amp;sid='.$sid.'&amp;v='.$version.'">'.$us['username'].'</a> <b>('.$mas['balans'].')</b>');
  186. if($mas['status'] == "0" || $mas['status'] == "1")
  187. {
  188. echo(' <a href="./?p=27&amp;v='.$version.'&amp;sid='.$sid.'&amp;mode=wcab&amp;m=0&amp;id='.$mas['id'].'">[ban]</a>');
  189. } elseif($mas['status'] == "2")
  190. {
  191. echo(' <a href="./?p=27&amp;v='.$version.'&amp;sid='.$sid.'&amp;mode=wcab&amp;m=3&amp;id='.$mas['id'].'">[UNban]</a>');
  192. }
  193. echo(' <a href="./?p=27&amp;v='.$version.'&amp;sid='.$sid.'&amp;mode=wcab&amp;m=1&amp;id='.$mas['id'].'">[&#187;]</a>');
  194. if($mas['status'] == "0")
  195. {
  196. echo('<br />');
  197. } elseif($mas['status'] == "1")
  198. {
  199. echo('<b><font color="green">3anpoc</font></b> ');
  200. if($mas['kuda']=="w")
  201. {
  202. $pay="на WMR-кош.!";
  203. }
  204. elseif($mas['kuda']=="m")
  205. {
  206. $pay="на телефон!";
  207. }
  208. echo($pay.'<br />');
  209. } elseif($mas['status'] == "2")
  210. {
  211. echo('<b><font color="red">[BAN!]</font></b><br />');
  212. }
  213. }
  214. echo
  215. "</td>\r\n</tr>\r\n",
  216. "<tr><td bgcolor=\"".$style['bottom']."\">\r\n",
  217. "<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">Форумы</a> \r\n",
  218. "</td>\r\n</tr>\r\n</table>\r\n",
  219. "</body></html>";
  220. }
  221. }
  222. elseif($_GET['m'] == "0")
  223. {
  224. if(mysql_query("UPDATE `wcab` SET `status`='2' WHERE `id`=".intval($_GET['id'])))
  225. {
  226. header("Location: ".str_replace("?", "", $forumdir).'?p=27&mode=wcab&act=menu&v='.$version.'&sid='.$sid);
  227. }
  228. }
  229. elseif($_GET['m'] == "1")
  230. {
  231. if($version == "xhtml")
  232. {
  233. $id = intval($_GET['id']);
  234. $qs = mysql_fetch_assoc(mysql_query("SELECT * FROM wcab WHERE id=".$id));
  235. echo
  236. "<html>\r\n",
  237. "<head>\r\n",
  238. "<title>Админка</title>\r\n",
  239. "</head>\r\n",
  240. "<body bgcolor=\"".$style['background']."\" link=\"".$style['link']."\" vlink=\"".$style['link']."\" text=\"#000000\">\r\n",
  241. "<table align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\" width=\"350\">\r\n",
  242. "<tr>\r\n",
  243. "<td align=\"center\" bgcolor=\"".$style['title']."\"><font color=\"#FFFFFF\"><b>Админка</b></font></td>\r\n",
  244. "</tr>\r\n",
  245. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  246. "<b><u>Баланс:</u></b>\r\n</td></tr>",
  247. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  248. $qs['balans']."\r\n</td></tr>",
  249. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  250. "<b><u>Выплата прошлая/всего:</u></b>\r\n</td></tr>",
  251. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  252. $qs['viplata'].'/'.$qs['vsego']."\r\n</td></tr>",
  253. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  254. "<b><u>Последняя выплата:</u></b>\r\n</td></tr>",
  255. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  256. $qs['vdate']."\r\n</td></tr>",
  257. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  258. "<b><u>Номер телефона:</u></b>\r\n</td></tr>",
  259. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  260. "+".$qs['telefon']." (".$qs['operator'].")\r\n</td></tr>",
  261. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  262. "<b><u>WMR - кошелек:</u></b>\r\n</td></tr>",
  263. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  264. "R".$qs['wmr']."\r\n</td></tr>";
  265. if($qs['balans'] > 10)
  266. {
  267. echo
  268. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  269. "<a href=\"./?p=27&amp;mode=wcab&amp;m=2&amp;id=$id&amp;sid=".$sid."&amp;v=".$version."\">Выплатить</a>\r\n</td></tr>";
  270. }
  271. echo
  272. "<tr><td bgcolor=\"".$style['bottom']."\">\r\n",
  273. "<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">Форумы</a> \r\n",
  274. "</td>\r\n</tr>\r\n</table>\r\n",
  275. "</body></html>";
  276. }
  277. }
  278. elseif($_GET['m'] == "2")
  279. {
  280. $id = intval($_GET['id']);
  281. $mas = mysql_fetch_assoc(mysql_query("SELECT * FROM wcab WHERE id=".$id));
  282. mysql_query("UPDATE `wcab` SET `status`='0', `balans`='0.00', `vsego`=`vsego`+'".$mas['balans']."', `viplata`='".$mas['balans']."', `otvet`='Выплачено', `vdate`='".date("d/m H:i")."' WHERE `id`='$id'");
  283. header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid.'&mode=wcab&m=1&id='.$id);
  284. }
  285. elseif($_GET['m'] == "3")
  286. {
  287. mysql_query("UPDATE `wcab` SET `status`='0' WHERE `id`=".intval($_GET['id']));
  288. header("Location: ".str_replace("?", "", $forumdir).'?p=27&mode=wcab&act=menu&v='.$version.'&sid='.$sid);
  289. }
  290. elseif($_GET['act'] == "ban")
  291. {
  292. if($version == "xhtml")
  293. {
  294. echo
  295. "<html>\r\n",
  296. "<head>\r\n",
  297. "<title>Админка</title>\r\n",
  298. "</head>\r\n",
  299. "<body bgcolor=\"".$style['background']."\" link=\"".$style['link']."\" vlink=\"".$style['link']."\" text=\"#000000\">\r\n",
  300. "<table align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\" width=\"350\">\r\n",
  301. "<tr>\r\n",
  302. "<td align=\"center\" bgcolor=\"".$style['title']."\"><font color=\"#FFFFFF\"><b>Админка</b></font></td>\r\n",
  303. "</tr>\r\n",
  304. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  305. "<a href=\"./?p=27&amp;mode=wcab&amp;act=menu&amp;sid=".$sid."&amp;v=".$version."\">Незаблокированные</a>\r\n</td></tr>",
  306. "<tr bgcolor=\"".$style['text']."\"><td>\r\n",
  307. "<b><u>Заблокированные:</b></u>\r\n</td></tr>",
  308. "<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n";
  309. $masq = mysql_query("SELECT * FROM `wcab` WHERE `status`='2' ORDER BY `balans` DESC");
  310. while($mas = mysql_fetch_array($masq))
  311. {
  312. $us=mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='".$mas['id_user']."'"));
  313. echo('<a href="./?p=24&amp;uid='.$mas['id_user'].'&amp;d=1&amp;sid='.$sid.'&amp;v='.$version.'">'.$us['username'].'</a> <b>('.$mas['balans'].')</b>');
  314. echo(' <a href="./?p=27&amp;v='.$version.'&amp;sid='.$sid.'&amp;mode=wcab&amp;m=3&amp;id='.$mas['id'].'">[UNban]</a>');
  315. echo(' <a href="./?p=27&amp;v='.$version.'&amp;sid='.$sid.'&amp;mode=wcab&amp;m=1&amp;id='.$mas['id'].'">[&#187;]</a>');
  316. }
  317. echo
  318. "</td>\r\n</tr>\r\n",
  319. "<tr><td bgcolor=\"".$style['bottom']."\">\r\n",
  320. "<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">Форумы</a> \r\n",
  321. "</td>\r\n</tr>\r\n</table>\r\n",
  322. "</body></html>";
  323. }
  324. }
  325. break;
  326.  
  327. case 'rating':
  328. if($version == "xhtml")
  329. {
  330. echo
  331. "<html>\r\n",
  332. "<head>\r\n",
  333. "<title>Админка</title>\r\n",
  334. "</head>\r\n",
  335. "<body bgcolor=\"".$style['background']."\" link=\"".$style['link']."\" vlink=\"".$style['link']."\" text=\"#000000\">\r\n",
  336. "<table align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\" width=\"350\">\r\n",
  337. "<tr>\r\n",
  338. "<td align=\"center\" bgcolor=\"".$style['title']."\"><font color=\"#FFFFFF\"><b>Админка</b></font></td>\r\n",
  339. "</tr>\r\n",
  340. "<tr>\r\n",
  341. "<td bgcolor=\"".$style['text']."\">\r\n",
  342. "<b><u>Рейтинг пользователей:</b></u>\r\n",
  343. "</td>\r\n</tr>\r\n",
  344. "";
  345. if ( !empty($_GET['moder']) )
  346. {
  347. $idmod = abs ( intval ( $_GET['moder'] ) );
  348. $sq = "WHERE `moder`=".$idmod.' ';
  349. }
  350. else if ( !empty($_GET['us']) )
  351. {
  352. $idus = abs ( intval ( $_GET['us'] ) );
  353. $sq = "WHERE `rat_user`=".$idus.' ';
  354. }
  355. $qr = mysql_query("SELECT * FROM `rating` ".$sq."ORDER BY `time` DESC");
  356. while ($ar = mysql_fetch_assoc($qr) )
  357. {
  358. $name_us = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id`='".$ar['rat_user']."'"));
  359. if ( $ar['descript'] == "+" )
  360. {
  361. $rat = "<font color=\"green\">плюс</font>";
  362. }
  363. else if ( $ar['descript'] == "-" )
  364. {
  365. $rat = "<font color=\"red\">минус</font>";
  366. }
  367. if ( !empty($ar['time']) )
  368. {
  369. $time = "(".date("d/m/y H:i", $ar['time']).")";
  370. }
  371. echo
  372. "<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n",
  373. $time."<a href=\"./?p=24&amp;d=1&amp;uid=".UserName2id($ar['moder'])."&amp;t=".$p."&amp;v=".$version."&amp;sid=".$sid."\"><b>".$ar['moder']."</b></a> поставил <b>".$rat."</b> <a href=\"./?p=24&amp;d=1&amp;uid=".$ar['rat_user']."&amp;t=".$p."&amp;v=".$version."&amp;sid=".$sid."\"><u>".$name_us['username']."</u></a>\r\n",
  374. "</td>\r\n</tr>\r\n";
  375. }
  376. echo
  377. "<tr><td bgcolor=\"".$style['bottom']."\">\r\n",
  378. "<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">Форумы</a> \r\n",
  379. "</td>\r\n</tr>\r\n</table>\r\n",
  380. "</body></html>";
  381. }
  382. break;
  383.  
  384. case 'del':
  385. mysql_query("DELETE posts.*
  386. FROM posts
  387. LEFT JOIN themes
  388. ON posts.id_theme=themes.id
  389. WHERE id_forum=".intval($_POST['id']));
  390. mysql_query("DELETE FROM `themes` WHERE `id_forum`=".intval($_POST['id']));
  391. mysql_query("DELETE FROM `forums` WHERE `id`=".intval($_POST['id']));
  392. header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
  393. break;
  394.  
  395. case 'kick':
  396. $uss = mysql_fetch_array(mysql_query("SELECT username FROM users WHERE id=".intval($_GET['ids'])));
  397. mysql_query("DELETE
  398. FROM session
  399. WHERE nickname='".$uss['username']."'");
  400. header("Location: ".str_replace("?", "", $forumdir).'?p=12&v='.$version.'&sid='.$sid);
  401. break;
  402.  
  403. case 'delm':
  404. mysql_query("DELETE mposts.*
  405. FROM mposts
  406. LEFT JOIN mthemes
  407. ON mposts.id_theme=mthemes.id
  408. WHERE id_forum=".intval($_POST['id']));
  409. mysql_query("DELETE FROM `mthemes` WHERE `id_forum`=".intval($_POST['id']));
  410. mysql_query("DELETE FROM `mforums` WHERE `id`=".intval($_POST['id']));
  411. header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
  412. break;
  413. case 'add':
  414. mysql_query("INSERT INTO `forums` VALUES(0, '".htmlspecialchars(sql($_POST['name']))."', ".intval($_POST['pos']).")");
  415. header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
  416. break;
  417. case 'addm':
  418. mysql_query("INSERT INTO `mforums` VALUES(0, '".htmlspecialchars(sql($_POST['name']))."', ".intval($_POST['pos']).")");
  419. header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
  420. break;
  421. case 'moder':
  422. if($_GET['m'] == "0")
  423. {
  424. mysql_query("UPDATE `users` SET `status`='user' WHERE `id`=".intval($_GET['id']));
  425. } else
  426. {
  427. mysql_query("UPDATE `users` SET `status`='moderator' WHERE `id`=".intval($_GET['id']));
  428. }
  429. header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
  430. break;
  431.  
  432.  
  433. }
  434. }
  435. ?>
  436.  
  437.