Просмотр файла panel/adminchat.php

Размер файла: 5.86Kb
<?php
// by mides (Mike. O), coolcms.mobi

$title = 'AdminChat';
require_once '../system/sys.php';
require_once '../system/auth_a.php';
require_once '../system/header.php';

switch ($act) {
    default:
        echo '<div class="title"><a href="./">CP</a> &gt; AdminChat</div><div class="list">';
        $total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `adminchat`"), 0);
        if ($total > 0) {
            $pages = ceil($total / $config['onpage']);
            if ($page > $pages or $page == 0) {
                    $page = 1;
            }
            $begin = ($page - 1) * $config['onpage'];

            $book_r = mysql_query("SELECT * FROM `adminchat` ORDER BY `time` DESC LIMIT $begin, $config[onpage]");
            while ($book = mysql_fetch_assoc($book_r)) {
                if (!isset($num) ) $num = 1;  
                $num++;
                $row_class = (!($num % 2)) ? 'row1' : 'row2';	
                echo '<div class="'.$row_class.'">';

                echo '<a href="../profile.php?id='.$book['id_user'].'">'.login($book['id_user']).'</a> ';
                echo ' '.ccdate($book['time'], $book['id_user']).' <a href="?act=reply&amp;id='.$book['id'].'">'.$lang['re'].'</a>';
                if ($u['access'] > 2 or $u['id'] == $book['id_user'] and time() - $book['time'] < $config['edit_time']) echo '|<a href="?act=edit&amp;id='.$book['id'].'">'.$lang['edit'].'</a>';
                if ($u['access'] > 2) echo '|<a href="?act=del&amp;id='.$book['id'].'">DEL</a>';
                echo '<br />'.bb($book['msg']);
                if ($book['edit_by']) echo '<br />_______<br /><span style="font-size: 10px;">'.$lang['edited_by'].': '.justusername($book['edit_by']).' ('.date('d.m.y, H:i', $book['edit_time']).' )</span>';
                echo '</div>';
            }
            navig($page, '?', $pages);
        } else {
            echo $lang['nothing_yet'];
        }
        echo '</div>

        <div class="main">
        <form name="form" action="?act=add" method="post">
        <textarea name="msg" cols="" rows="3"></textarea>
        <input name="" type="submit" value="Ok">
        </form>';
        nav('./');				
    break;
	
    case 'add':
        if ($_POST['msg']) {
            if (TIME > $_SESSION['antispam']) {
                $msg = check($_POST['msg']);
                mysql_query("INSERT INTO `adminchat` SET `id_user` = '$u[id]', `msg` = '$msg', `time` = '".TIME."'");
                $_SESSION['antispam'] = TIME + $config['antispam'];
                redirect('?');
            } else {
                error($lang['antispam'].' '.$config['antispam'].' sec');
                nav('?');
            }
        } else {
            redirect('?');
        }
    break;

    case 'reply':
        $msg_r = mysql_query("SELECT `id`, `id_user` FROM `adminchat` WHERE `id` = '$id'");
        $msg = mysql_fetch_assoc($msg_r);
        if ($msg['id']) {
            if ($ok) {
                if (TIME > $_SESSION['antispam']) {
                    if ($_POST['msg_text']) {
                        $msg_text = check($_POST['msg_text']);
                        mysql_query("INSERT INTO `adminchat` SET `id_user` = '$u[id]', `msg` = '$msg_text', `time` = '".time()."'");
                        $_SESSION['antispam'] = time() + $config['antispam'];
                        header('location: ?');
                        exit;
                    } else {
                        error('Вы не заполнили поле.');
                        nav('?act=reply&amp;id='.$id);
                    }
                } else {
                    error($lang['antispam'].' '.$config['antispam'].' sec.');
                    nav('?');
                }
            } else {
                tp($lang['reply']);
                echo '<form name="form" action="?act=reply&amp;id='.$id.'&amp;ok=1" method="post">
                '.$lang['text'].'(max250):<br /><textarea name="msg_text" cols="" rows="3">[b]'.justusername($msg['id_user']).'[/b], </textarea><br />';
                echo '<input name="submit" type="submit" value="Ok" />
                </form>';
                nav('?');
            }
        } else {
            redirect('?');
        }
    break;

    case 'edit':
        $book_r = mysql_query("SELECT `id_user`, `msg`, `time` FROM `adminchat` WHERE `id` = '$id'");
        $book = mysql_fetch_assoc($book_r);
        if ($book['msg']) {
            if (access(3) or ($u['id'] == $book['id_user'] and TIME - $book['time'] < $config['edit_time']) ) {
                tp($lang['edit_msg']);
                if (empty($ok)) {
                    echo '<form name="form" action="?act=edit&amp;id='.$id.'&amp;ok=1" method="post">
                    '.$lang['text'].'(max250):<br /><textarea name="msg" cols="" rows="3">'.$book['msg'].'</textarea>
                    <input name="submit" type="submit" value="Ok" />
                    </form>';
                    nav('?');
                } else {
                    if ($_POST['msg']) {
                        $msg = check($_POST['msg']);
                        mysql_query("UPDATE `adminchat` SET `msg` = '$msg', `edit_by` = '$u[id]', `edit_time` = '".time()."' WHERE `id` = '$id'");
                        redirect('?');
                    } else {
                        redirect('?act=edit&amp;id='.$id);
                    }
                }
            } else {
                redirect('?');
            }
        } else {
            redirect('?');
        }
    break;

    case 'del':
        if (access(3)) {
            $msg_r = mysql_query("SELECT `id` FROM `adminchat` WHERE `id` = '$id'");
            if (mysql_num_rows($msg_r)) {
                mysql_query("DELETE FROM `adminchat` WHERE `id` = '$id'");
            }
        }
        redirect('?');
    break;	
}

require_once '../system/tail_p.php';
?>