View file ilichat/ban.php

File size: 9.4Kb
<?php
//POWERED by ILI
// ICQ : 197042
//site: ili.wab.ru
// ilichat v4.0
error_reporting(0);
require_once"./includes/functions/gzip.php";
include('start.php');
include("config.php");
include("./includes/".$ver."/banned");

list($msec, $sec) = explode(chr(32), microtime()); 
$headtime = $sec + $msec;

$nocache = rand(10000, 99999);

switch($ver)
{
////////////////////////////////////////////////////////
//WML VERSION
////////////////////////////////////////////////////////
case 'wml':
header("Content-type: text/vnd.wap.wml; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-revalidate");

//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT `level` FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");
if(mysql_num_rows($q) == 0)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"ERROR\" ontimer=\"index.php?ver=wml\"><timer value=\"15\"/><p align=\"left\">\n";
echo "<small>Ошибка авторизации!<br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>\n";
echo "</small>";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}
//END AUTH

$level = mysql_result($q, 0);

if($level < 3)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card id=\"error\" title=\"ERROR\" ontimer=\"menu.php?ver=wml&amp;".SID."\"><timer value=\"15\"/><p align=\"left\">\n";
echo "<small>Доступ запрещен<br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>\n";
echo "</small>";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}

$uid = intval($_GET['uid']);

$sql = mysql_query("SELECT `level`, `nickname` FROM `chat_users` WHERE `id` = '".$uid."';");

if(mysql_num_rows($sql) == 0)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card id=\"error\" title=\"ERROR\" ontimer=\"menu.php?ver=wml&amp;".SID."\"><timer value=\"15\"/><p align=\"left\">\n";
echo "<small>Пользователь не найден<br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>\n";
echo "</small>";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}
else
{
$lev = mysql_result($sql, 0, 'level');
$nick = mysql_result($sql, 0, 'nickname');
}

if($lev > $level or $uid == 1)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card id=\"error\" title=\"ERROR\" ontimer=\"menu.php?ver=wml&amp;".SID."\"><timer value=\"15\"/><p align=\"left\">\n";
echo "<small>Вы не можете блокировать данного пользователя. Нет прав.<br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>\n";
echo "</small>";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}

//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE

echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"$nick\"><p align=\"left\">\n";

if(isset($_GET['act']))
{
$sql = mysql_query("SELECT * FROM `chat_banned_nicknames` WHERE `nickname` = '".$nick."';");

	if(mysql_affected_rows() == 0)
	{
	mysql_query("DELETE FROM `chat_users` WHERE `nickname` = '".$nick."';");
	mysql_query("INSERT INTO `chat_banned_nicknames` SET `nickname` = '".$nick."';");

	//LOGS
	$query = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
	$moder = mysql_result($query, 0);
	$q = mysql_query("INSERT INTO `chat_logs` VALUES(0, '".$moder."', 2, '".$nick."', '', '".date("d-m-y H:i:s")."', ".time().");"); 
	
	echo "Ник ".$nick." уcпешно забанен.<br/>\n";
	}
	else
	{
	echo "Ник ".$nick." уже забанен.<br/>\n";
	}
}
else
{
echo "Вы уверены, что хотите забанить никнейм \"$nick\"?<br/>\n";
if(!empty($_GET['rid'])) echo "<a href=\"ban.php?act=ban&amp;ver=wml&amp;nocache=$nocache&amp;".SID."&amp;uid=$uid&amp;rid=".intval($_GET['rid'])."\">[Да]</a> <a href=\"room.php?".SID."&amp;ver=wml&amp;rid=".intval($_GET['rid'])."\">[Нет]</a><br/>\n";
if(!empty($_GET['key'])) echo "<a href=\"ban.php?act=ban&amp;ver=wml&amp;nocache=$nocache&amp;".SID."&amp;uid=$uid&amp;key=".$_GET['key']."\">[Да]</a> <a href=\"intim.php?".SID."&amp;ver=wml&amp;key=".$_GET['key']."\">[Нет]</a><br/>\n";
}

if(!empty($_GET['rid'])) echo "<a href=\"room.php?".SID."&amp;ver=wml&amp;rid=".intval($_GET['rid'])."\">В чат</a><br/>\n";
if(!empty($_GET['key'])) echo "<a href=\"intim.php?".SID."&amp;ver=wml&amp;key=".$_GET['key']."\">В чат</a><br/>\n";
echo "<a href=\"menu.php?".SID."&amp;ver=wml\">Меню чата</a><br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>\n";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
break;

////////////////////////////////////////////////////////
//HTML VERSION
////////////////////////////////////////////////////////
case 'html':
$my_title = "Ban";
if(!isset($_COOKIE['theme'])) $_COOKIE['theme'] = 1;
include_once "themes/".intval($_COOKIE['theme'])."/index.php";

//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT `level` FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");
if(mysql_num_rows($q) == 0)
{
echo "Ошибка авторизации!<br/>\n";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
exit();
}
//END AUTH

//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0 WHERE `id` = '".$id."';");
//END ONLINE


$level = mysql_result($q, 0);

if($level < 3)
{
echo "Доступ запрещен<br/>\n";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
exit();
}

$uid = intval($_GET['uid']);

$sql = mysql_query("SELECT `level`, `nickname` FROM `chat_users` WHERE `id` = '".$uid."';");

if(mysql_num_rows($sql) == 0)
{
echo "Пользователь не найден в базе данных.<br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>\n";
echo "</div></body></html>";
exit();
}
else
{
$lev = mysql_result($sql, 0, 'level');
$nick = mysql_result($sql, 0, 'nickname');
}

if($lev > $level or $uid == 1)
{
echo "Вы не можете блокировать данного пользователя. Нет прав.<br/>\n";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
exit();
}

//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE


if(isset($_GET['act']))
{
$sql = mysql_query("SELECT * FROM `chat_banned_nicknames` WHERE `nickname` = '".$nick."';");

	if(mysql_affected_rows() == 0)
	{
	mysql_query("DELETE FROM `chat_users` WHERE `nickname` = '".$nick."';");
	mysql_query("INSERT INTO `chat_banned_nicknames` SET `nickname` = '".$nick."';");

	//LOGS
	$query = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
	$moder = mysql_result($query, 0);
	$q = mysql_query("INSERT INTO `chat_logs` VALUES(0, '".$moder."', 2, '".$nick."', '', '".date("d-m-y H:i:s")."', ".time().");"); 
	
	echo "Ник ".$nick." уcпешно забанен.<br/>\n";
	}
	else
	{
	echo "Ник ".$nick." уже забанен.<br/>\n";
	}
}
else
{
echo "Вы уверены, что хотите забанить никнейм \"$nick\"?<br/>\n";
if(!empty($_GET['rid'])) echo "<a href=\"ban.php?act=ban&amp;ver=html&amp;nocache=$nocache&amp;".SID."&amp;uid=$uid&amp;rid=".intval($_GET['rid'])."\">[Да]</a> <a href=\"room.php?".SID."&amp;ver=html&amp;rid=".intval($_GET['rid'])."\">[Нет]</a><br/>\n";
if(!empty($_GET['key'])) echo "<a href=\"ban.php?act=ban&amp;ver=html&amp;nocache=$nocache&amp;".SID."&amp;uid=$uid&amp;key=".$_GET['key']."\">[Да]</a> <a href=\"intim.php?".SID."&amp;ver=html&amp;key=".$_GET['key']."\">[Нет]</a><br/>\n";
}

if(!empty($_GET['rid'])) echo "<a href=\"room.php?".SID."&amp;ver=html&amp;rid=".intval($_GET['rid'])."\">В чат</a><br/>\n";
if(!empty($_GET['key'])) echo "<a href=\"intim.php?".SID."&amp;ver=html&amp;key=".$_GET['key']."\">В чат</a><br/>\n";
echo "<a href=\"menu.php?".SID."&amp;ver=html\">Меню чата</a><br/>";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
break;
}
?>