Размер файла: 4.85Kb
<?php
/*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\//
// Sitchi CMS - Mobile Content Management System //
// The author: Nikoloz Sitchinava [sitchi] //
// Link: http://sitchicms.num.ge //
// Skype: SitchiCMS //
// License: LICENSE.txt (see attached file) //
// Version: VERSION.txt (see attached file) //
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*/
define('_SITCHICMS', 1);
$root_path='../';
require $root_path.'includes/db_connect.php';
require $root_path.'includes/start.php';
require $root_path.'includes/header.php';
require $root_path.'includes/functions.php';
require $root_path.'includes/head.php'; // თავი
$lng_a = load_lng('admin');
if($user['level']<2)
header("Location: /");
if (isset($_GET['id']))
{
$ank['id']=intval($_GET['id']);
}else{
header("Location: /");
exit;
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `id` = '$ank[id]' LIMIT 1"),0)==0)
{
header("Location: /");
exit;
}
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='".$ank['id']."' LIMIT 1"));
head(''.$lng['1_54'].' | '.$lng_a['1_66'].'');
if (isset($_GET['unset']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `ban` WHERE `id_user` = '$ank[id]' AND `id` = '".intval($_GET['unset'])."'"),0))
{
$ban_info=mysql_fetch_assoc(mysql_query("SELECT * FROM `ban` WHERE `id_user` = '$ank[id]' AND `id` = '".intval($_GET['unset'])."'"));
$ank2=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$ban_info[id_ban]' LIMIT 1"));
if (($user['level']>$ank2['level'] || $user['id']==$ank2['id']) || $user['level']==4)
{
mysql_query("UPDATE `ban` SET `time` = '$time' WHERE `id` = '".intval($_GET['unset'])."' LIMIT 1");
msg('<div class="menu">'.$lng_a['1_67'].'</div>');
}else{
$err[] = '<div class="errmenu">'.$lng_a['1_11'].'</div>';
}}
if (isset($_POST['ban_pr']) && isset($_POST['time']) && isset($_POST['tim']) && isset($user) && $user['level']>=2)
{
$timeban=$time;
if ($_POST['tim']=='min')$timeban+=intval($_POST['time'])*60;
if ($_POST['tim']=='chas')$timeban+=intval($_POST['time'])*60*60;
if ($_POST['tim']=='sut')$timeban+=intval($_POST['time'])*60*60*24;
if ($_POST['tim']=='mes')$timeban+=intval($_POST['time'])*60*60*24*30;
if ($timeban<$time)
$err[] = '<div class="errmenu">'.$lng_a['1_68'].'</div>';
if (isset($user) && $user['level']>=2)$timeban=min($timeban, $time+3600*24);
$begetter=$_POST['ban_pr'];
if (mb_strlen($begetter)>1024){
$err[] = '<div class="errmenu">'.$lng_a['1_69'].'</div>';}
if (mb_strlen($begetter)<10){
$err[] = '<div class="errmenu">'.$lng_a['1_70'].'</div>';}
$begetter=mres($begetter);
if (!isset($err)){
mysql_query("INSERT INTO `ban` (`id_user`, `id_ban`, `begetter`, `time`) VALUES ('$ank[id]', '$user[id]', '$begetter', '$timeban')");
msg('<div class="menu">'.$lng_a['1_27'].'</div>');
}}
err();
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `ban` WHERE `id_user` = '$ank[id]'"),0);
$k_page=k_page($k_post,$set['p_count']);
$page=page($k_page);
$start=$set['p_count']*$page-$set['p_count'];
if ($k_post==0)
{
echo'<div class="errmenu">' .
''.$lng_a['1_71'].'' .
'</div>';
}
$q=mysql_query("SELECT * FROM `ban` WHERE `id_user` = '$ank[id]' ORDER BY `time` DESC LIMIT $start, $set[p_count]");
while ($post = mysql_fetch_assoc($q))
{
$ank2=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = $post[id_ban] LIMIT 1"));
echo'<div class="menu">';
echo'<a href="info.php?id='.$ank2['id'].'">'.$ank2['login'].'</a>'.online($ank2['id']).': до '.timef($post['time']).'<br/>';
echo post($post['begetter']);
if ($post['time']>$time && isset($user) && $user['level']>=2)
echo'<br/><a href="?id='.$ank['id'].'&unset='.$post['id'].'">'.$lng_a['1_72'].'</a><br/>';
echo'</div>';
}
if ($k_page>1)str('?id='.$ank['id'].'&',$k_page,$page); // გვერდების გამოტანა
if(isset($user) && $user['level']>=2)
{
echo'<form action="ban.php?id='.$ank['id'].'" method="post"><div class="menu">' .
''.$lng_a['1_73'].':<br/>' .
'<textarea name="ban_pr"></textarea><br/>' .
''.$lng_a['1_74'].' '.(isset($user) && $user['level']>=2?null:'(max 1)').':<br/>' .
'<input type="text" name="time" title="'.$lng_a['1_74'].'" value="10" maxlength="11" size="3" />' .
'<select class="form" name="tim">' .
'<option value="min">'.$lng['1_10'].'</option>' .
'<option '.(($k_post>1)?"selected='selected' ":null).'value="chas">'.$lng['1_11'].'</option>' .
'<option value="sut">'.$lng['1_5'].'</option>' .
'<option value="mes"'.(isset($user) && $user['level']>=2?null:" disabled='disabled'").'>'.$lng['1_7'].'</option>' .
'</select><br/>' .
'<input type="submit" value="'.$lng_a['1_65'].'" />' .
'</div></form>';
}else{
echo'<div class="err">'.$lng_a['1_11'].'</div>';
}
echo'<a href="/apanel/">'.$lng['1_54'].'</a>';
require $root_path.'includes/end.php'; // დასასრული
?>