<?php
########################################################
#-- Powered by blud --#
#-- http://saratov-x.ru --#
########################################################
/*
ВЫ НЕ ИМЕЕТЕ ПРАВО ВНОСИТЬ ИЗМЕНЕНИЯ В КОД СКРИПТА!
по всем вопросам обращаться к автору скрипта
с уважением blud
*/
include_once 'panel/db.php';
if (isset($_GET['nom'])) { $nom = $_GET['nom']; } else { $nom = ''; }
if (isset($_GET['pass'])) { $pass = $_GET['pass']; } else { $pass = ''; }
if ($pass != $adminpass) { header('Refresh: 3; URL=index.php'); $title='Доступ Запрещен!';
include_once 'h.php';
echo $head.$class_1; echo '<center>Доступ запрещён.</center><br/>';
echo $class_div;
echo $class_1.'<a href="http://'.$site.'">'.$site.'</a>';
echo $end;
exit;}
else {
$edit=$_GET['edit'];
$edit = htmlspecialchars(trim(mysql_escape_string(addslashes(trim($edit)))));
$row=mysql_fetch_array(mysql_query("SELECT * FROM user WHERE id='".$nom."'"));
if($edit=='act'){ $title='Редактирование данных';
include_once 'h.php';
echo $head;
echo '
<form action="form.php?nom='.$nom.'&edit=ok&pass='.$pass.'" method="post">
'.$class_1.'
Имя*:<br/>
<input name="login" type="text" value="'.$row['login'].'"/><br/>'.$class_div.'
'.$class_1.'
Браузер:<br/>
<input name="browser" type="text" value="'.$row['browser'].'"/><br/>'.$class_div.'
'.$class_1.'
Сообщение*:<br/>
<textarea name="msg" cols="15" rows="3">'.$row['msg'].'</textarea><br/>'.$class_div.'
'.$class_1.'
Ответ:<br/>
<textarea name="new_mes" cols="15" rows="3">'.trim($row['otvet']).'</textarea><br/>'.$class_div.'
'.$class_2.'
<input name="send" type="submit" value="Изменить"/><br/>'.$class_div.'
</form>
'.$class_1.'
faq <a href="form.php?nom='.$nom.'&edit=sm&pass='.$pass.'">Смайлам</a><br/>'.$class_div.'
'.$class_1.'
<a href="index.php?pass='.$pass.'">В гостевую</a><br/>'.$class_div.'
'.$class_1.'<center>
<a href="http://'.$site.'">'.$site.'</a><br/></center>'.$class_div.'
'.$end;exit;
}
if($edit=='ok')
{$login=$_POST['login'];
$msg=$_POST['msg'];
$new_mes=$_POST['new_mes'];
$browser=$_POST['browser'];
$login = htmlspecialchars(addslashes(trim(mysql_real_escape_string($login))));
$msg = htmlspecialchars(addslashes(trim(mysql_real_escape_string($msg))));
$new_mes = htmlspecialchars(trim(mysql_real_escape_string($new_mes)));
$new_mes = str_ireplace('<','<',$new_mes);
$new_mes = str_ireplace('>','>',$new_mes);
$new_mes = str_ireplace('_','',$new_mes);
$new_mes = str_ireplace('%','',$new_mes);
$new_mes = str_ireplace('*','',$new_mes);
$new_mes = str_ireplace('+','',$new_mes);
$new_mes = str_ireplace('?','',$new_mes);
$new_mes = str_ireplace('|','',$new_mes);
$new_mes = str_ireplace('$','',$new_mes);
$new_mes = preg_replace('/<img/i','<img',$new_mes);
$new_mes = preg_replace('/"/i','"',$new_mes);
$new_mes = preg_replace('/\/>/i','/>',$new_mes);
$browser = htmlspecialchars(addslashes(trim(mysql_real_escape_string($browser))));
$msg = str_replace('.любовь.','<img src="/gb/sm/l.bmp" alt="+" height="15" width="15" />',$msg);
$msg = str_replace('.вопрос.','<img src="/gb/sm/v.bmp" alt="+" height="15" width="15" />',$msg);
$msg = str_replace('.говно.','<img src="/gb/sm/g.bmp" alt="+" height="15" width="15" />',$msg);
$msg = str_replace('.бухло.','<img src="/gb/sm/b.bmp" alt="+" height="15" width="15" />',$msg);
$msg = str_replace('.круто.','<img src="/gb/sm/k.bmp" alt="+" height="15" width="15" />',$msg);
$new_mes = str_replace('.любовь.','<img src="/gb/sm/l.bmp" alt="+" height="15" width="15" />', $new_mes);
$new_mes = str_replace('.вопрос.','<img src="/gb/sm/v.bmp" alt="+" height="15" width="15" />', $new_mes);
$new_mes = str_replace('.говно.','<img src="/gb/sm/g.bmp" alt="+" height="15" width="15" />', $new_mes);
$new_mes = str_replace('.бухло.','<img src="/gb/sm/b.bmp" alt="+" height="15" width="15" />', $new_mes);
$new_mes = str_replace('.круто.','<img src="/gb/sm/k.bmp" alt="+" height="15" width="15" />', $new_mes);
if(mysql_query("UPDATE `user` SET `login` = '".$login."', `msg` = '".$msg."', `otvet` = '".$new_mes."', `browser` = '".$browser."' WHERE `id` = '".abs(intval($nom))."';"))
{ header('Refresh: 2; URL=index.php?pass='.$pass.'');
echo 'Данные успешно изменены!<br/>';
echo '<a href="index.php?pass='.$pass.'">Вернуться</a>';
exit;}else {echo 'Ошибка';}
}
if($edit=='sm')
{ $title='Смайлы';
include_once 'h.php';
echo $head;
echo '
'.$class_2.'<center>faq По смайлам</center> '.$class_div.'
'.$class_1.'.любовь. <img src="/gb/sm/l.bmp" alt="+" height="15" width="15" /><br/>'.$class_div.'
'.$class_1.'.вопрос. <img src="/gb/sm/v.bmp" alt="+" height="15" width="15" /><br/>'.$class_div.'
'.$class_1.'.говно. <img src="/gb/sm/g.bmp" alt="+" height="15" width="15" /><br/>'.$class_div.'
'.$class_1.'.бухло. <img src="/gb/sm/b.bmp" alt="+" height="15" width="15" /><br/>'.$class_div.'
'.$class_1.'.круто. <img src="/gb/sm/k.bmp" alt="+" height="15" width="15" /><br/>'.$class_div.'
'.$class_1.'<a href="form.php?nom='.$nom.'&edit=act&pass='.$pass.'">Назад</a><br/>'.$class_div.'
'.$class_1.'<center><a href="http://'.$site.'">'.$site.'</a><br/></center>'.$class_div.'
'.$end;
exit;
}
}
?>