File size: 3.82Kb
<?php
include 'guestbook/mylib.php';
include 'config.php';
if (!checkagent($_SERVER['HTTP_USER_AGENT'])) { noemul(); exit; }
session_start();
$agent=$_SERVER['HTTP_USER_AGENT'];
$uid=0;
$lang=$_GET['lang'];
$r=$_GET['r'];
if (!$r) $r=$_POST['r'];
$id=$_GET['id'];
$kick=htmlspecialchars(trim($_GET['kick']),ENT_QUOTES)*60;
if (!$kick) $kick=htmlspecialchars(trim($_POST['kick']),ENT_QUOTES)*60;
if (!$id) $id=$_POST['id'];
if (!$id) exit;
if ((trim($_COOKIE['Login'])!='')&&(trim($_COOKIE['Password'])!='')) {
$login=htmlspecialchars(trim($_COOKIE['Login']),ENT_QUOTES);
$pass=htmlspecialchars(trim($_COOKIE['Password']),ENT_QUOTES);
} else {
$login=htmlspecialchars(trim($_POST['login']),ENT_QUOTES);
$pass=htmlspecialchars(trim($_POST['pass']),ENT_QUOTES);
$nocookie=1;
}
if (!($conn=pg_connect("host=$dbhost port=$dbport dbname=$dbname user=$dbuser password=$dbpass"))) exit;
if ((isset($_SESSION['id']))&&(isset($_SESSION['access']))) {
$uid=$_SESSION['id'];
$access=$_SESSION['access'];
} else {
$res=pg_query($conn,"select id,access from users where login='$login' and passwd='$pass' and moder=0;");
$rows=pg_numrows($res);
if (!$rows) {
header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="Login" title="Login">
<p align="center">
Login:
<input type="text" name="login" title="Login" maxlength="10"/><br/>
Password:
<input type="password" name="pass" title="Password" maxlength="15"/><br/>
<anchor title="Ban">BAN<go href="user_ban.php" method="post">
<postfield name="login" value="$(login)"/>
<postfield name="pass" value="$(pass)"/>
<?php print "<postfield name=\"lang\" value=\"".$_GET['lang']."\"/>\n";
print "<postfield name=\"id\" value=\"".$id."\"/>\n";
print "<postfield name=\"kick\" value=\"".$kick."\"/>\n";
print "<postfield name=\"r\" value=\"".$r."\"/>\n"; ?>
</go></anchor>
</p>
</card>
</wml>
<?php
pg_close($conn);
exit;
}
$uid=pg_result($res,0,0);
$access=pg_result($res,0,1);
$_SESSION['id']=$uid;
$_SESSION['access']=$access;
}
if ($access < 2) {
pg_close($conn);
header("Location: /");
}
$res=pg_query($conn, "select access,moder,login from users where id='$id';");
if (!pg_numrows($res)) {
pg_close($conn);
header("Location: /");
exit;
}
if ((pg_result($res,0,0) > 1)||(pg_result($res,0,1))) {
pg_close($conn);
header("Location: /");
exit;
}
$login=uconv(pg_result($res,0,2));
$res=pg_query($conn,"select id from user_agent where uid='$uid' and agent='$agent';");
if (pg_numrows($res)!=1) {
pg_close($conn);
header("Content-type: text/vnd.wap.wml"); ?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="NoOK" title="Error">
<p align="center">
BAN failed.
</p>
</card>
</wml>
<?php
exit;
}
pg_query($conn,"begin;");
if ($kick>0) {
$timex=time()+$kick;
$res=pg_query($conn,"update users set temp_ban='$timex',kmoder='$uid' where id='$id';");
} else {
$res=pg_query($conn,"update users set moder='$uid' where id='$id';");
pg_query($conn,"delete from users_ignore where uid='$id' or who='$id';");
pg_query($conn,"delete from wapgbk where uid='$id';");
}
pg_query($conn,"delete from chat where fr_u='$id';");
pg_query($conn,"delete from chat_tet where fr_u='$id';");
pg_query($conn,"end;");
pg_close($conn);
if (!$res) exit;
header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<?php print "<card id=\"BanOk\" title=\"BANNED\" ontimer=\"chat.php?r=".$r."&".SID."\">\n"; ?>
<timer value="10"/>
<p align="center">
<?php print "User ".$login." banned on your request\n"; ?>
</p>
</card>
</wml>