View file chat_servis/admin.php

File size: 28.03Kb
<?
Error_Reporting(E_ALL & ~E_NOTICE);          /////////////// игнорируем ошибки

header ("Content-type:text/vnd.wap.wml; charset=utf-8");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-relative");

list($msec,$sec)=explode(chr(32),microtime()); 
$HeadTime=$sec+$msec;	

$ref=rand(10000,1000000);
require("conf.inc.php");
global $REMOTE_ADDR;
global $HTTP_USER_AGENT;

$id=@mysql_escape_string($id);
$pass=@mysql_escape_string($pass);
$login=@mysql_escape_string($login);

$connt=mysql_pconnect ($DB_HOST, $DB_USER, $DB_PASS);
mysql_select_db($DB_NAME);

if(empty($id)) {
$find_user=mysql_query("Select * from users where cid='".$cid."' AND login='".$login."' and pass='".$pass."'") or die("Querry error");
} else {
$find_user=mysql_query("Select * from users where cid='".$cid."' AND id='".$id."' and pass='".$pass."'") or die("Querry error");
}
if(mysql_affected_rows()==0)
{
echo <<<END
	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
	<wml>
		<card id="search" title="РџРѕРёСЃРє">
			<p align="center">
				&#x41B;&#x43E;&#x433;&#x438;&#x43D; &#x438;&#x43B;&#x438; &#x43F;&#x430;&#x440;&#x43E;&#x43B;&#x44C; &#x43D;&#x435;&#x432;&#x435;&#x440;&#x43D;&#x44B;, &#x43F;&#x440;&#x43E;&#x432;&#x435;&#x440;&#x44C;&#x442;&#x435; &#x432;&#x430;&#x448; &#x432;&#x432;&#x43E;&#x434;.
			</p>
		</card>
	</wml>
END;
return 0;
}
else
{
$row=mysql_fetch_array($find_user);
$login=$row['login'];
$id=$row['id'];

  			if (($row["browser"]!==$HTTP_USER_AGENT) or ($row["ip"]!==$REMOTE_ADDR))
  			{
				mysql_query("update users set browser='$HTTP_USER_AGENT', ip='$REMOTE_ADDR' where cid='".$cid."' AND id='$id';");
			}
			//Проверка, не забанен ли ip+browser:

  			if ($row["admin"]!=1)
{
echo <<<END
	<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
	<wml>
		<card id="stop" title="Fuck off">
			<p align="center">
				&#x423; &#x442;&#x435;&#x431;&#x44F; &#x43D;&#x435;&#x442; &#x441;&#x44E;&#x434;&#x430; &#x434;&#x43E;&#x441;&#x442;&#x443;&#x43F;&#x430;
			</p>
		</card>
	</wml>
END;
return 0;
}
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card title=\"&#x410;&#x434;&#x43C;&#x438;&#x43D;&#x43A;&#x430;\">\n";
echo "<p align=\"left\">\n";
if($row['fsize'] == "small") { $fsize1 = "<small>"; $fsize2 = "</small>"; }
elseif($row['fsize'] == "big") { $fsize1 = "<big>"; $fsize2 = "</big>"; }
else { $fsize1 = ""; $fsize2 = ""; }


switch($mod) {
//
case 'clroom':
if(mysql_query("delete from room where cid='$cid'") and mysql_query("OPTIMIZE TABLE `room`")) print "<b>All roomzzz was cleaned succesfully!</b><br/>";
break;

//
case 'mk':
if(empty($action)) {
?>
&#x41A;&#x43E;&#x433;&#x43E;:<br/>
<input type="text" name="who" value="<? print $who; ?>" emptyok="false"/><br/>
&#x41A;&#x435;&#x43C;?:<br/>
<select name="kem" title="РџРѕР»" value="vip">
<option value="vip">V.I.P</option>
<option value="moder">&#x41C;&#x43E;&#x434;&#x435;&#x440;</option>
<option value="smoder">&#x421;-&#x43C;&#x43E;&#x434;&#x435;&#x440;</option>
<option value="admin">&#x410;&#x434;&#x43C;&#x438;&#x43D;</option>
</select><br/>
<anchor>&#x414;&#x430;&#x442;&#x44C;<go href="admin.php?id=<? print $id; ?>&amp;pass=<? print $pass; ?>&amp;mod=mk&amp;cid=<? print $cid; ?>" method="post">
<postfield name="action" value="set"/>
<postfield name="who" value="$(who)"/>
<postfield name="kem" value="$(kem)"/></go></anchor>
<?
}
else
{
		if(mysql_query("update users set $kem=1 where cid='".$cid."' AND login='".$who."';"))
			echo "<b><u>$who</u> &#x441;&#x434;&#x435;&#x43B;&#x430;&#x43D; $kem!</b><br/>";
}
break;

//
case 'dk':
if(empty($action)) {
?>
C &#x41A;&#x43E;&#x433;&#x43E;:<br/>
<input type="text" name="who" value="<? print $who; ?>" emptyok="false"/><br/>
&#x427;&#x442;&#x43E; &#x441;&#x43D;&#x438;&#x43C;&#x430;&#x435;&#x43C;?:<br/>
<select name="kem" title="РџРѕР»" value="vip">
<option value="vip">V.I.P</option>
<option value="moder">&#x41C;&#x43E;&#x434;&#x435;&#x440;</option>
<option value="smoder">&#x421;-&#x43C;&#x43E;&#x434;&#x435;&#x440;</option>
<option value="admin">&#x410;&#x434;&#x43C;&#x438;&#x43D;</option>
</select><br/>
<anchor>&#x421;&#x43D;&#x44F;&#x442;&#x44C;<go href="admin.php?id=<? print $id; ?>&amp;pass=<? print $pass; ?>&amp;mod=dk&amp;cid=<? print $cid; ?>" method="post">
<postfield name="action" value="set"/>
<postfield name="who" value="$(who)"/>
<postfield name="kem" value="$(kem)"/></go></anchor>
<?
}
else
{
		if(mysql_query("update users set $kem=0 where cid='".$cid."' AND login='".$who."';"))
			echo "<b><u>$who</u> &#x441;&#x43D;&#x44F;&#x442; &#x441; &#x434;&#x43E;&#x43B;&#x436;&#x43D;&#x43E;&#x441;&#x442;&#x438; $kem!</b><br/>";
}
break;


//
case 'stats':
	if(empty($action)) {
print "&#x41A;&#x43E;&#x43C;&#x443;:<br/><input name=\"who\"/><br/>
&#x421;&#x442;&#x430;&#x442;&#x443;&#x441;:<br/><input name=\"status\" value=\"\"/><br/>
<anchor>&#x418;&#x437;&#x43C;&#x435;&#x43D;&#x438;&#x442;&#x44C;<go href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=stats&amp;cid=$cid\" method=\"post\">
<postfield name=\"action\" value=\"add\"/>
<postfield name=\"who\" value=\"$(who)\"/>
<postfield name=\"status\" value=\"$(status)\"/>
</go></anchor>"; 
} else {
if(mysql_query("update users set status='$status' where cid='$cid' AND login='$who'")) print "<b>&#x421;&#x442;&#x430;&#x442;&#x443;&#x441; &#x438;&#x437;&#x43C;&#x435;&#x43D;&#x451;&#x43D;!</b>";
}
break;
//
case 'deluser':
	if(empty($action)) {
print "&#x41A;&#x43E;&#x433;&#x43E;:<br/><input name=\"who\"/><br/>
<anchor>&#x423;&#x434;&#x430;&#x43B;&#x438;&#x442;&#x44C;
<go href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=deluser&amp;cid=$cid\" method=\"post\">
<postfield name=\"action\" value=\"add\"/>
<postfield name=\"who\" value=\"$(who)\"/>
</go></anchor>"; } else {
		if(mysql_query("delete from users where cid='$cid' AND login='$who';"))
			print "<b><u>$who</u> &#x443;&#x434;&#x430;&#x43B;&#x451;&#x43D;!</b><br/>";}
break;
case 'kick':
	if(empty($action)) {
print "&#x41A;&#x43E;&#x433;&#x43E;:<br/><input name=\"who\" value=\"$who\" emptyok=\"false\"/><br/>
&#x41D;&#x430; &#x441;&#x43A;&#x43E;&#x43B;&#x44C;&#x43A;&#x43E; (&#x441;&#x435;&#x43A;.):<br/><input name=\"banf\" maxlength=\"6\" format=\"*N\" emptyok=\"false\"/><br/>
&#x41F;&#x440;&#x438;&#x447;&#x438;&#x43D;&#x430;:<br/><input name=\"banw\" maxlength=\"255\" type=\"text\" emptyok=\"false\"/><br/>
<anchor>&#x412;&#x440;&#x435;&#x43C;&#x435;&#x43D;&#x43D;&#x43E; &#x443;&#x434;&#x430;&#x43B;&#x438;&#x442;&#x44C;
<go href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=kick&amp;cid=$cid\" method=\"post\">
<postfield name=\"action\" value=\"kick\"/>
<postfield name=\"who\" value=\"$(who)\"/>
<postfield name=\"banf\" value=\"$(banf)\"/>
<postfield name=\"banw\" value=\"$(banw)\"/>
</go></anchor>"; } else {
		if(mysql_query("update users set ban='1.".time()."', banf='".$banf."', banw='".$banw."', banb='".$login."' where cid='".$cid."' AND login='".$who."';"))
			print "<b><u>$who</u> &#x432;&#x44B;&#x43F;&#x43D;&#x443;&#x442; &#x438;&#x437; &#x447;&#x430;&#x442;&#x430; &#x43D;&#x430; $banf sec.!</b><br/>";
}

break;
case 'clogin':
	if(empty($action)) {
print "&#x41B;&#x43E;&#x433;&#x438;&#x43D;:<br/><input name=\"who\"/><br/>
&#x41D;&#x43E;&#x432;&#x44B;&#x439; &#x43B;&#x43E;&#x433;&#x438;&#x43D;:<br/><input name=\"nlon\" value=\"\"/><br/>
<anchor>&#x418;&#x437;&#x43C;&#x435;&#x43D;&#x438;&#x442;&#x44C;
<go href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=clogin&amp;cid=$cid\" method=\"post\">
<postfield name=\"action\" value=\"add\"/>
<postfield name=\"who\" value=\"$(who)\"/>
<postfield name=\"nlon\" value=\"$(nlon)\"/>
</go></anchor>"; } else {
$q_u_l=@mysql_query("select * from users where cid='".$cid."' AND login='".$nlon."';");

		if (@MySQL_Num_rows($q_u_l)==0)
		{

if(mysql_query("update users set login='$nlon' where cid='".$cid."' AND login='$who'")) print "<b>Операция успешно завершена!</b>";
		} else
		{
		print "&#x42D;&#x442;&#x43E;&#x442; &#x43B;&#x43E;&#x433;&#x438;&#x43D; &#x443;&#x436;&#x435; &#x437;&#x430;&#x43D;&#x44F;&#x442;!!!";
		}
}
break;

case 'posts':
	if(empty($action)) {
print "&#x41B;&#x43E;&#x433;&#x438;&#x43D;:<br/><input name=\"who\"/><br/>
&#x421;&#x43A;&#x43E;&#x43B;&#x44C;&#x43A;&#x43E; &#x43F;&#x43E;&#x441;&#x442;&#x43E;&#x432;:<br/><input name=\"num\" format=\"*N\" value=\"\"/><br/>
<anchor>&#x418;&#x437;&#x43C;&#x435;&#x43D;&#x438;&#x442;&#x44C;<go href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=posts&amp;cid=$cid\" method=\"post\">
<postfield name=\"action\" value=\"add\"/>
<postfield name=\"who\" value=\"$(who)\"/>
<postfield name=\"num\" value=\"$(num)\"/>
</go></anchor>"; } else {
if(mysql_query("update users set posts='$num' where cid='$cid' AND login='$who'")) print "<b>&#x41A;&#x43E;&#x43B;-&#x432;&#x43E; &#x43F;&#x43E;&#x441;&#x442;&#x43E;&#x432; &#x438;&#x437;&#x43C;&#x435;&#x43D;&#x435;&#x43D;&#x43E;!</b>";
}
break;

case 'pass':
	if(empty($action)) {
print "&#x427;&#x435;&#x439; &#x43F;&#x430;&#x440;&#x43E;&#x43B;&#x44C; &#x441;&#x43C;&#x43E;&#x442;&#x440;&#x438;&#x43C;?:<br/><input name=\"who\"/><br/>
<anchor>&#x421;&#x43C;&#x43E;&#x442;&#x440;&#x435;&#x442;&#x44C;<go href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=pass&amp;cid=$cid\" method=\"post\">
<postfield name=\"action\" value=\"search\"/>
<postfield name=\"who\" value=\"$(who)\"/>
</go></anchor>"; 
} else {
$query_users = mysql_query("select * from users where cid='".$cid."' AND login='".$who."';");
$query_login = mysql_query("select * from users where cid='".$cid."' AND (id='".$id."' or login='".$login."');");
if (MySQL_Num_rows($query_users)==0) {print "&#x442;&#x430;&#x43A;&#x43E;&#x433;&#x43E; &#x44E;&#x437;&#x435;&#x440;&#x430; &#x43D;&#x435; &#x441;&#x443;&#x449;&#x435;&#x441;&#x442;&#x432;&#x443;&#x435;&#x442;!<br/>"; 
} else {
$data = mysql_fetch_array($query_users);
$must = mysql_fetch_array($query_login);
$id = $must['id'];
$login = $must['login'];
$moder=$must['moder'];
$user_moder=$data['moder'];
$admin=$must['admin'];
$to=$data['email'];
$from=$must['email'];
$photo=$data['photo'];
$status=$data['status'];
if($data['sex']=="m") { $sex = "&#x41C;&#x443;&#x436;&#x441;&#x43A;&#x43E;&#x439;"; } else { $sex = "&#x416;&#x435;&#x43D;&#x441;&#x43A;&#x438;&#x439;"; }
if(!empty($photo)) { print "&#x424;&#x43E;&#x442;&#x43E;: <a href=\"$photo\">".$data['login']."</a><br/>"; } else {
print "&#x41B;&#x43E;&#x433;&#x438;&#x43D;: ".$data['login']." <br/>"; }
print "<u>&#x41F;&#x430;&#x440;&#x43E;&#x43B;&#x44C;: ".$data['pass']." <br/></u>";
print "e-mail: ".$to." <br/>";
print "&#x41F;&#x43E;&#x441;&#x442;&#x43E;&#x432;: ".$data['posts']." <br/>";
}
}
break;

case 'ipb':
	if(empty($action)) {
print "&#x427;&#x435;&#x439; ip u browser &#x43F;&#x440;&#x43E;&#x431;&#x438;&#x432;&#x430;&#x435;&#x43C;?:<br/><input name=\"who\"/><br/>
<anchor>&#x421;&#x43C;&#x43E;&#x442;&#x440;&#x435;&#x442;&#x44C;<go href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=ipb&amp;cid=$cid\" method=\"post\">
<postfield name=\"action\" value=\"search\"/>
<postfield name=\"who\" value=\"$(who)\"/>
</go></anchor>"; 
} else {
$query_users = mysql_query("select * from users where cid='".$cid."' AND login='".$who."';");
$query_login = mysql_query("select * from users where cid='".$cid."' AND (id='".$id."' or login='".$login."');");
if (MySQL_Num_rows($query_users)==0) {print "&#x442;&#x430;&#x43A;&#x43E;&#x433;&#x43E; &#x44E;&#x437;&#x435;&#x440;&#x430; &#x43D;&#x435; &#x441;&#x443;&#x449;&#x435;&#x441;&#x442;&#x432;&#x443;&#x435;&#x442;!<br/>"; 
} else {
$data = mysql_fetch_array($query_users);
$must = mysql_fetch_array($query_login);
$id = $must['id'];
$login = $must['login'];
$moder=$must['moder'];
$user_moder=$data['moder'];
$admin=$must['admin'];
$to=$data['email'];
$from=$must['email'];
$photo=$data['photo'];
$status=$data['status'];
$ip=$data['ip'];
$browser=$data['browser'];
print "&#x41B;&#x43E;&#x433;&#x438;&#x43D;: ".$data['login']." <br/>"; }
print "&#x41F;&#x430;&#x440;&#x43E;&#x43B;&#x44C;: ".$data['pass']." <br/>";
print "ip: ".$ip." <br/>";
print "Browser: ".$browser." <br/>";
$browser = UrlEncode($browser);
			echo "<br/><a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=banip&amp;action=add&amp;ip=$ip&amp;brows=$browser&amp;cid=$cid\">&#x417;&#x430;&#x431;&#x430;&#x43D;&#x438;&#x442;&#x44C; ip+browser</a><br/>";
}
break;

case 'banip':
	if(empty($action)) {
print "Ip:<br/><input name=\"ip\"/><br/>
Browser:<br/><input name=\"brows\"/><br/>
<anchor>&#x417;&#x430;&#x431;&#x430;&#x43D;&#x438;&#x442;&#x44C;<go href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=banip&amp;cid=$cid\" method=\"post\">
<postfield name=\"action\" value=\"add\"/>
<postfield name=\"ip\" value=\"$(ip)\"/>
<postfield name=\"brows\" value=\"$(brows)\"/>
</go></anchor>"; 
} else {
$browser = UrlDecode($browser);
if(mysql_query("insert into bannedib values(0,'$ip','$brows','$login','$cid');")) print "<b>Ip $ip &#x438; browser $brows &#x434;&#x43E;&#x431;&#x430;&#x432;&#x43B;&#x435;&#x43D;&#x44B; &#x432; &#x431;&#x43B;&#x44D;&#x43A; &#x43B;&#x438;&#x441;&#x442;!</b>";
}
break;

case 'razip':
$q = mysql_query("select * from bannedib where cid='".$cid."' order by mid desc;");
if(empty($action)) {
while($arr=mysql_fetch_array($q)) {
print "<a href=\"admin.php?action=del&amp;id=$id&amp;pass=$pass&amp;mod=razip&amp;mid=".$arr['mid']."&amp;cid=$cid\">".$arr['ip'].",".$arr['browser']."</a><br/>";  
}
} else {
if(mysql_query("delete from bannedib where cid='$cid' AND mid='$mid' limit 1;")) print "<b>IP+BROWSER &#x443;&#x441;&#x43F;&#x435;&#x448;&#x43D;&#x43E; &#x440;&#x430;&#x437;&#x431;&#x430;&#x43D;&#x435;&#x43D;!!</b><br/>";
}
break;
case 'mmeet':
$title=trim(htmlspecialchars(stripslashes($title)));
$content=trim(htmlspecialchars(stripslashes($content)));
$organizatory=trim(htmlspecialchars(stripslashes($organizatory)));
if(empty($title)) $error=$error."<u>&#x41D;&#x435;&#x442; &#x43D;&#x430;&#x437;&#x432;&#x430;&#x43D;&#x438;&#x44F;!</u><br/>";
if(empty($content)) $error=$error."<u>&#x41D;&#x435;&#x442; &#x41A;&#x43E;&#x43C;&#x435;&#x43D;&#x442;&#x430;&#x440;&#x438;&#x44F;!</u><br/>";
if(empty($organizatory)) $error=$error."<u>&#x41D;&#x435;&#x442; &#x43E;&#x440;&#x433;&#x430;&#x43D;&#x438;&#x437;&#x430;&#x442;&#x43E;&#x440;&#x43E;&#x432;!</u><br/>";
		if(empty($action)) {
			print "&#x41D;&#x430;&#x437;&#x432;&#x430;&#x43D;&#x438;&#x435;:<br/><input name=\"title\"/><br/>
				&#x41A;&#x43E;&#x43C;&#x435;&#x43D;&#x442;&#x430;&#x440;&#x438;&#x439;:<br/><input name=\"content\"/><br/>
				&#x41E;&#x440;&#x433;&#x430;&#x43D;&#x438;&#x437;&#x430;&#x442;&#x43E;&#x440;&#x44B;:<br/><input name=\"organizatory\"/><br/>
				<anchor>&#x414;&#x43E;&#x431;&#x430;&#x432;&#x438;&#x442;&#x44C;<go href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=mmeet&amp;cid=$cid\" method=\"post\">
				<postfield name=\"action\" value=\"add\"/>
				<postfield name=\"title\" value=\"$(title)\"/>
				<postfield name=\"content\" value=\"$(content)\"/>
				<postfield name=\"organizatory\" value=\"$(organizatory)\"/></go></anchor>";
		} else { if(empty($error)) {
		if($title!=$last_meet['title']) {
		if(mysql_query("insert into vstrechi values(0,'$login','$title','$content','$organizatory','$cid');")) { print "<b>&#x412;&#x441;&#x442;&#x440;&#x435;&#x447;&#x430; &#x434;&#x43E;&#x431;&#x430;&#x432;&#x43B;&#x435;&#x43D;&#x430;!</b>"; } else { print "<b>1!</b>"; } } else { print "<b>12!</b>"; }
		} else { print $error; } }

break;

case 'dmeet':
$q = mysql_query("select * from vstrechi where cid='$cid' order by id desc;");
if(empty($action)) {
while($arr=mysql_fetch_array($q)) {
print "<a href=\"admin.php?action=del&amp;id=$id&amp;pass=$pass&amp;mod=dmeet&amp;mid=".$arr['id']."&amp;cid=$cid\">".$arr['title']."</a><br/>";  }
} else {
if(mysql_query("delete from vstrechi where cid='$cid' AND id='$mid' limit 1;")) print "<b>&#x412;&#x441;&#x442;&#x440;&#x435;&#x447;&#x430; &#x443;&#x434;&#x430;&#x43B;&#x435;&#x43D;&#x430;!</b><br/>";
}
break;

case 'dlet':
if(mysql_query("delete from letters where cid='$cid';") and mysql_query("OPTIMIZE TABLE `letters`")) print "<b>Письма очищены!</b><br/>";
break;

	  case 'editnameroom':
        if(empty($act)) {
        echo '&#x41D;&#x430;&#x437;&#x432;&#x430;&#x43D;&#x438;&#x435;<br/><input type="text" name="t"/><br/>&#x41A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x430;<br/><select name="name">';
        $q = @mysql_query("select * from setts where cid='$cid' AND mod='room';");
        while ($dbdata = @mysql_fetch_array($q)) {
        echo '<option value="'.$dbdata['var'].'">'.$dbdata['val1'].'</option>'; }
        echo '</select><br/><anchor>Ok<go href="admin.php?act=update&amp;id='.$id.'&amp;pass='.$pass.'&amp;cid='.$cid.'&amp;mod=editnameroom" method="post"><postfield name="name" value="$(name)"/><postfield name="t" value="$(t)"/></go></anchor>';
        } else {
        $t=htmlspecialchars(stripslashes(trim(substr($t,0,50))));
        if(@mysql_query("update setts set val1='$t' where cid='$cid' AND var='$name' and mod='room';")) echo '&#x41D;&#x430;&#x437;&#x432;&#x430;&#x43D;&#x438;&#x435; &#x443;&#x441;&#x43F;&#x435;&#x448;&#x43D;&#x43E; &#x441;&#x43C;&#x435;&#x43D;&#x435;&#x43D;&#x43E;';
        }
        break;

        case 'editposroom':
        if(empty($act)) {
        echo '&#x41F;&#x43E;&#x437;&#x438;&#x446;&#x438;&#x44F;<br/><input size="2" name="pos" format="*N"/>';
        echo '<br/>&#x41D;&#x430;&#x437;&#x432;&#x430;&#x43D;&#x438;&#x435;<br/><select name="name">';
        $q = @mysql_query("select * from setts where cid='$cid' AND mod='room';");
        while ($dbdata = @mysql_fetch_array($q)) {
        echo '<option value="'.$dbdata['var'].'">'.$dbdata['val1'].'</option>'; }
        echo '</select><br/>';
        echo '<anchor>Ok<go href="admin.php?act=update&amp;id='.$id.'&amp;pass='.$pass.'&amp;cid='.$cid.'&amp;mod=editposroom" method="post"><postfield name="name" value="$(name)"/><postfield name="pos" value="$(pos)"/></go></anchor>';
        } else {
        $pos=htmlspecialchars(stripslashes(trim(substr($pos,0,50))));
        if(@mysql_query("update setts set val3='$pos' where cid='$cid' AND var='$name' and mod='room';")) echo '&#x41F;&#x43E;&#x437;&#x438;&#x446;&#x438;&#x44F; &#x441;&#x43C;&#x435;&#x43D;&#x435;&#x43D;&#x430;';
        }
        break;

        case 'createroom':
        if(empty($act)) {
        echo '&#x41D;&#x430;&#x437;&#x432;&#x430;&#x43D;&#x438;&#x435;<br/><input type="text" name="name"/><br/>';
        echo '&#x41F;&#x43E;&#x43B;&#x43E;&#x436;&#x435;&#x43D;&#x438;&#x435;<br/><input size="2" name="pos" format="*N"/><br/>';         
	  echo '<anchor>Ok<go href="admin.php?act=update&amp;id='.$id.'&amp;pass='.$pass.'&amp;cid='.$cid.'&amp;mod=createroom" method="post"><postfield name="name" value="$(name)"/><postfield name="pos" value="$(pos)"/></go></anchor>';
        } else {
        $query = @mysql_query("select * from setts where cid='$cid' AND mod='room' order by id desc;");
        $db = @mysql_fetch_array($query);
        $ex = intval(substr($db['var'], 4));
        $i = $ex + 1;
        $name=htmlspecialchars(stripslashes(trim(substr($name,0,50))));
        $pos=htmlspecialchars(stripslashes(trim(substr($pos,0,10))));
        if(@mysql_query("insert into setts values(0, 'room', 'room".$i."', '$name', '$name', '$pos', '$cid');")) echo '&#x41A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x430; &#x441;&#x43E;&#x437;&#x434;&#x430;&#x43D;&#x430;';
        }
        break;

        case 'delroom':
        if(empty($act)) {
        echo '&#x41A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x430;<br/><select name="name">';
        $q = @mysql_query("select * from setts where cid='$cid' AND mod='room';");
        while ($dbdata = @mysql_fetch_array($q)) {
        echo '<option value="'.$dbdata['var'].'">'.$dbdata['val1'].'</option>'; }
        echo '</select><br/><anchor>&#x423;&#x434;&#x430;&#x43B;&#x438;&#x442;&#x44C;<go href="admin.php?act=del&amp;id='.$id.'&amp;pass='.$pass.'&amp;cid='.$cid.'&amp;mod=delroom" method="post"><postfield name="name" value="$(name)"/></go></anchor>';
        } else {
        if(@mysql_query("delete from setts where cid='$cid' AND var='$name' and mod='room';")) echo '&#x41A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x430; &#x443;&#x434;&#x430;&#x43B;&#x435;&#x43D;&#x430;!';
        }
        break;

	case 'title':
	if(empty($act)) {
	echo '&#x417;&#x430;&#x433;&#x43E;&#x43B;&#x43E;&#x432;&#x43E;&#x43A;<br/><input type="text" name="t"/><br/>&#x41A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x430;<br/><select name="name">';
	$q = @mysql_query("select * from setts where cid='$cid' AND mod='room';");
	while ($dbdata = @mysql_fetch_array($q)) {
	echo '<option value="'.$dbdata['var'].'">'.$dbdata['val1'].'</option>'; }
	echo '</select><br/><anchor>&#x418;&#x437;&#x43C;&#x435;&#x43D;&#x438;&#x442;&#x44C;<go href="admin.php?act=update&amp;id='.$id.'&amp;pass='.$pass.'&amp;cid='.$cid.'&amp;mod=title" method="post"><postfield name="name" value="$(name)"/><postfield name="t" value="$(t)"/></go></anchor>';
	} else {
	$t=htmlspecialchars(stripslashes(trim(substr($t,0,25))));
	if(@mysql_query("update setts set val2='$t' where cid='$cid' AND var='$name' and mod='room';")) echo '&#x417;&#x430;&#x433;&#x43E;&#x43B;&#x43E;&#x432;&#x43E;&#x43A; &#x438;&#x437;&#x43C;&#x435;&#x43D;&#x451;&#x43D;!';
	}
	break;


//
default:
echo "[&#x41A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x44B;]:<br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=clroom&amp;cid=$cid&amp;ref=$ref\">&#x41E;&#x447;&#x438;&#x441;&#x442;&#x438;&#x442;&#x44C; &#x43A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x44B;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=editnameroom&amp;cid=$cid&amp;ref=$ref\">&#x418;&#x437;&#x43C;&#x435;&#x43D;&#x438;&#x442;&#x44C; &#x438;&#x43C;&#x44F; &#x43A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x44B;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=editposroom&amp;cid=$cid&amp;ref=$ref\">&#x418;&#x437;&#x43C;&#x435;&#x43D;&#x438;&#x442;&#x44C; &#x440;&#x430;&#x441;&#x43E;&#x43F;&#x43E;&#x43B;&#x43E;&#x436;&#x435;&#x43D;&#x438;&#x435; &#x43A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x44B;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=createroom&amp;cid=$cid&amp;ref=$ref\">&#x421;&#x43E;&#x437;&#x434;&#x430;&#x442;&#x44C; &#x43D;&#x43E;&#x432;&#x443;&#x44E; &#x43A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x443;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=delroom&amp;cid=$cid&amp;ref=$ref\">&#x423;&#x434;&#x430;&#x43B;&#x438;&#x442;&#x44C; &#x43A;&#x43E;&#x43C;&#x43D;&#x430;&#x442;&#x443;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=title&amp;cid=$cid&amp;ref=$ref\">&#x418;&#x437;&#x43C;&#x435;&#x43D;&#x438;&#x442;&#x44C; &#x437;&#x430;&#x433;&#x43E;&#x43B;&#x43E;&#x432;&#x43E;&#x43A;</a><br/>";

echo "<br/>[&#x41F;&#x43E;&#x43B;&#x44C;&#x437;&#x43E;&#x432;&#x430;&#x442;&#x435;&#x43B;&#x438;]:<br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=mk&amp;cid=$cid&amp;ref=$ref\">&#x414;&#x430;&#x442;&#x44C;...</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=dk&amp;cid=$cid&amp;ref=$ref\">&#x421;&#x43D;&#x44F;&#x442;&#x44C;...</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=stats&amp;cid=$cid&amp;ref=$ref\">&#x418;&#x437;&#x43C;&#x435;&#x43D;&#x438;&#x442;&#x44C; &#x441;&#x442;&#x430;&#x442;&#x443;&#x441;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=deluser&amp;cid=$cid&amp;ref=$ref\">&#x423;&#x434;&#x430;&#x43B;&#x438;&#x442;&#x44C; &#x44E;&#x437;&#x435;&#x440;&#x430;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=kick&amp;cid=$cid&amp;ref=$ref\">&#x41F;&#x43D;&#x443;&#x442;&#x44C;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=clogin&amp;cid=$cid&amp;ref=$ref\">&#x418;&#x437;&#x43C;&#x435;&#x43D;&#x438;&#x442;&#x44C; &#x43B;&#x43E;&#x433;&#x438;&#x43D;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=posts&amp;cid=$cid&amp;ref=$ref\">&#x418;&#x437;&#x43C;&#x435;&#x43D;&#x438;&#x442;&#x44C; &#x43A;&#x43E;&#x43B;-&#x432;&#x43E; &#x43F;&#x43E;&#x441;&#x442;&#x43E;&#x432;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=pass&amp;cid=$cid&amp;ref=$ref\">&#x423;&#x437;&#x43D;&#x430;&#x442;&#x44C; &#x43F;&#x430;&#x440;&#x43E;&#x43B;&#x44C;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=ipb&amp;cid=$cid&amp;ref=$ref\">&#x423;&#x437;&#x43D;&#x430;&#x442;&#x44C; ip + browser (ban)</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=razip&amp;cid=$cid&amp;ref=$ref\">&#x420;&#x430;&#x437;&#x431;&#x430;&#x43D;&#x438;&#x442;&#x44C; ip + browser</a><br/><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=mmeet&amp;cid=$cid&amp;ref=$ref\">&#x414;&#x43E;&#x431;&#x430;&#x432;&#x438;&#x442;&#x44C; &#x432;&#x441;&#x442;&#x440;&#x435;&#x447;&#x443;</a><br/>";
echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;mod=dmeet&amp;cid=$cid&amp;ref=$ref\">&#x423;&#x434;&#x430;&#x43B;&#x438;&#x442;&#x44C; &#x432;&#x441;&#x442;&#x440;&#x435;&#x447;&#x443;</a><br/><br/>";
echo "<a href=\"enter.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;ref=$ref\">.:&#x41F;&#x440;&#x438;&#x445;&#x43E;&#x436;&#x430;&#x44F;</a><br/>";
list($msec,$sec)=explode(chr(32),microtime());
echo "[".round(($sec+$msec)-$HeadTime,4)."]";
break;
}
if($mod) {
			echo "<br/><a href=\"admin.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;ref=$ref\">&#x410;&#x434;&#x43C;&#x438;&#x43D;&#x43A;&#x430;</a><br/>";
			echo "<a href=\"enter.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;ref=$ref\">&#x41F;&#x440;&#x438;&#x445;&#x43E;&#x436;&#x430;&#x44F;</a><br/>";
list($msec,$sec)=explode(chr(32),microtime());
echo "[".round(($sec+$msec)-$HeadTime,4)."]";
}
}
?>
</p>
</card>
</wml>
<?
mysql_close($connt);
?>