View file include/admin.php

File size: 17.54Kb
<?php
	if($status != "admin")
	{
		header("Location: ".$forumdir);
	} else
	{
		switch($_GET['mode'])
		{
			default:
			$mforums = mysql_query("SELECT * FROM `mforums` ORDER BY `pos` ASC");
			$forums = mysql_query("SELECT * FROM `forums` ORDER BY `pos` ASC");
			if($version == "wml")
			{
				header("Content-type: text/vnd.wap.wml; charset=utf-8");
				header("Cache-Control: no-cache");
				echo(doctype("Админка").'
Модераторы: <br />');
$modersq = mysql_query("SELECT `status`, `id`, `username` FROM `users` WHERE `status`='moderator'");
	while($moders = mysql_fetch_array($modersq))
	{
		echo($moders['username'].'[<a href="./?p=27&amp;v=wml&amp;sid='.$sid.'&amp;mode=moder&amp;m=0&amp;id='.$moders['id'].'">Удалить</a>]<br />');
	}

echo('- - - - <br />
Добавить подфорум:<br />
- - - - <br />
Имя: <br />
<input type="text" name="name" /><br />
Позиция: <br />
<input type="text" name="pos" format="*N" /><br />
<anchor>[Добавить]
<go href="./?p=27&amp;v=wml&amp;mode=add&amp;sid='.$sid.'" method="post">
<postfield name="name" value="$(name)" />
<postfield name="pos" value="$(pos)" />
</go></anchor><br />
- - - - <br />
Удалить подфорум: <br />
<select name="id">');
	while($fnames = mysql_fetch_array($forums))
	{
		echo('<option value="'.$fnames['id'].'">'.$fnames['name'].'</option>');
	}
echo('</select><br />
<anchor>[Удалить]
<go href="./?p=27&amp;v=wml&amp;sid='.$sid.'&amp;mode=del" method="post">
<postfield name="id" value="$(id)" />
</go></anchor><br />
- - - - <br />
Добавить модерский подфорум:<br />
- - - - <br />
Имя: <br />
<input type="text" name="name" /><br />
Позиция: <br />
<input type="text" name="pos" format="*N" /><br />
<anchor>[Добавить]
<go href="./?p=27&amp;v=wml&amp;mode=addm&amp;sid='.$sid.'" method="post">
<postfield name="name" value="$(name)" />
<postfield name="pos" value="$(pos)" />
</go></anchor><br />
- - - - <br />
Удалить модерский подфорум: <br />
<select name="id">');
	while($fnamesm = mysql_fetch_array($mforums))
	{
		echo('<option value="'.$fnamesm['id'].'">'.$fnamesm['name'].'</option>');
	}
echo('</select><br />
<anchor>[Удалить]
<go href="./?p=27&amp;v=wml&amp;sid='.$sid.'&amp;mode=delm" method="post">
<postfield name="id" value="$(id)" />
</go></anchor><br />
- - - - <br />
<a href="./?p=0&amp;v=wml&amp;sid='.$sid.'">В форум</a>
</p></card></wml>');
			} elseif($version == "xhtml")
			{
				echo
				"<html>\r\n",
				"<head>\r\n",
				"<title>Админка</title>\r\n",
				"</head>\r\n",
				"<body bgcolor=\"".$style['background']."\" link=\"".$style['link']."\" vlink=\"".$style['link']."\" text=\"#000000\">\r\n",
				"<table align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\" width=\"350\">\r\n",
				"<tr>\r\n",
				"<td align=\"center\" bgcolor=\"".$style['title']."\"><font color=\"#FFFFFF\"><b>Админка</b></font></td>\r\n",
				"</tr>\r\n",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<a href=\"./?p=27&amp;mode=wcab&amp;act=menu&amp;sid=".$sid."&amp;v=".$version."\">Управление акцией</a><br />",
				"<a href=\"./?p=27&amp;mode=rating&amp;sid=".$sid."&amp;v=".$version."\">Рейтинги(+/-)</a>\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<b><u>Модераторы:</b></u>\r\n</td></tr>",
				"<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n";
				$modersq = mysql_query("SELECT `status`, `id`, `username` FROM `users` WHERE `status`='moderator'");
				while($moders = mysql_fetch_array($modersq))
				{
					echo($moders['username'].'[<a href="./?p=27&amp;v=xhtml&amp;sid='.$sid.'&amp;mode=moder&amp;m=0&amp;id='.$moders['id'].'">Удалить</a>]<br />');
				}
				echo
				"</td>\r\n",
				"</tr>\r\n",
				"<tr>\r\n",
				"<td bgcolor=\"".$style['text']."\">\r\n",
				"<b><u>Добавить подфорум:</b></u><br />\r\n",
				"<form action=\"./?p=27&amp;v=xhtml&amp;mode=add&amp;sid=".$sid."\" method=\"post\">\r\n",
				"Имя: <br />\r\n",
				"<input type=\"text\" name=\"name\" /><br />\r\n",
				"Позиция: <br /> \r\n",
				"<input type=\"text\" name=\"pos\" format=\"*N\" /><br />\r\n",
				"<input type=\"submit\" value=\"Добавить\" />\r\n",
				"</form>\r\n",
				"</td>\r\n</tr>\r\n",
				"<tr>\r\n",
				"<td bgcolor=\"".$style['text']."\">\r\n",
				"<b><u>Удалить подфорум:</b></u>\r\n",
				"</td>\r\n</tr>\r\n",
				"<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n",
				"<form action=\"./?p=27&amp;v=xhtml&amp;mode=del&amp;sid=".$sid."\" method=\"post\">\r\n",
				"<select name=\"id\">\r\n";
				while($fnames = mysql_fetch_array($forums))
				{
					echo("<option value=\"".$fnames['id']."\">".$fnames['name']."</option>\r\n");
				}
				echo
				"</select><br />\r\n",
				"<input type=\"submit\" value=\"Удалить\" />\r\n",
				"</form>\r\n",
				"</td>\r\n</tr>\r\n",
				"<td bgcolor=\"".$style['text']."\">\r\n",
				"<b><u>Добавить  модерский подфорум:</b></u><br />\r\n",
				"<form action=\"./?p=27&amp;v=xhtml&amp;mode=addm&amp;sid=".$sid."\" method=\"post\">\r\n",
				"Имя: <br />\r\n",
				"<input type=\"text\" name=\"name\" /><br />\r\n",
				"Позиция: <br /> \r\n",
				"<input type=\"text\" name=\"pos\" format=\"*N\" /><br />\r\n",
				"<input type=\"submit\" value=\"Добавить\" />\r\n",
				"</form>\r\n",
				"</td>\r\n</tr>\r\n",
				"<tr>\r\n",
				"<td bgcolor=\"".$style['text']."\">\r\n",
				"<b><u>Удалить модерский подфорум:</b></u>\r\n",
				"</td>\r\n</tr>\r\n",
				"<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n",
				"<form action=\"./?p=27&amp;v=xhtml&amp;mode=delm&amp;sid=".$sid."\" method=\"post\">\r\n",
				"<select name=\"id\">\r\n";
				while($fnamesm = mysql_fetch_array($mforums))
				{
					echo("<option value=\"".$fnamesm['id']."\">".$fnamesm['name']."</option>\r\n");
				}
				echo
				"</select><br />\r\n",
				"<input type=\"submit\" value=\"Удалить\" />\r\n",
				"</form>\r\n",
				"</td>\r\n</tr>\r\n",
				"<tr><td bgcolor=\"".$style['bottom']."\">\r\n",
				"<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">Форумы</a> \r\n",
				"</td>\r\n</tr>\r\n</table>\r\n",
				"</body></html>";
			}
break;

case 'wcab':
		if($_GET['act'] == "menu")
		{
			if($version == "xhtml")
			{
				echo
				"<html>\r\n",
				"<head>\r\n",
				"<title>Админка</title>\r\n",
				"</head>\r\n",
				"<body bgcolor=\"".$style['background']."\" link=\"".$style['link']."\" vlink=\"".$style['link']."\" text=\"#000000\">\r\n",
				"<table align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\" width=\"350\">\r\n",
				"<tr>\r\n",
				"<td align=\"center\" bgcolor=\"".$style['title']."\"><font color=\"#FFFFFF\"><b>Админка</b></font></td>\r\n",
				"</tr>\r\n",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<a href=\"./?p=27&amp;mode=wcab&amp;act=ban&amp;sid=".$sid."&amp;v=".$version."\">Заблокированные</a>\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<b><u>Набравшие минималку:</b></u>\r\n</td></tr>",
				"<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n";
				$masq = mysql_query("SELECT * FROM `wcab` WHERE `balans`>'10' ORDER BY `balans` DESC");
	while($mas = mysql_fetch_array($masq))
	{
	$us=mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='".$mas['id_user']."'"));
		echo('<a href="./?p=24&amp;uid='.$mas['id_user'].'&amp;d=1&amp;sid='.$sid.'&amp;v='.$version.'">'.$us['username'].'</a> <b>('.$mas['balans'].')</b>');
		if($mas['status'] == "0" || $mas['status'] == "1")
		{
		echo(' <a href="./?p=27&amp;v='.$version.'&amp;sid='.$sid.'&amp;mode=wcab&amp;m=0&amp;id='.$mas['id'].'">[ban]</a>');
		} elseif($mas['status'] == "2")
		{
		echo(' <a href="./?p=27&amp;v='.$version.'&amp;sid='.$sid.'&amp;mode=wcab&amp;m=3&amp;id='.$mas['id'].'">[UNban]</a>');
		}
		echo(' <a href="./?p=27&amp;v='.$version.'&amp;sid='.$sid.'&amp;mode=wcab&amp;m=1&amp;id='.$mas['id'].'">[&#187;]</a>');
		if($mas['status'] == "0")
		{
		echo('<br />');
		} elseif($mas['status'] == "1")
		{
		echo('<b><font color="green">3anpoc</font></b> ');
		if($mas['kuda']=="w")
		{
		$pay="на WMR-кош.!";
		}
		elseif($mas['kuda']=="m")
		{
		$pay="на телефон!";
		}
		echo($pay.'<br />');
		} elseif($mas['status'] == "2")
		{
		echo('<b><font color="red">[BAN!]</font></b><br />');
		}
	}
				echo
				"</td>\r\n</tr>\r\n",
				"<tr><td bgcolor=\"".$style['bottom']."\">\r\n",
				"<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">Форумы</a> \r\n",
				"</td>\r\n</tr>\r\n</table>\r\n",
				"</body></html>";
			}
	}
	elseif($_GET['m'] == "0")
	{
		if(mysql_query("UPDATE `wcab` SET `status`='2' WHERE `id`=".intval($_GET['id'])))
		{
			header("Location: ".str_replace("?", "", $forumdir).'?p=27&mode=wcab&act=menu&v='.$version.'&sid='.$sid);
		}
	}
	elseif($_GET['m'] == "1")
	{
	if($version == "xhtml")
			{
			$id = intval($_GET['id']);
			$qs = mysql_fetch_assoc(mysql_query("SELECT * FROM wcab WHERE id=".$id));
				echo
				"<html>\r\n",
				"<head>\r\n",
				"<title>Админка</title>\r\n",
				"</head>\r\n",
				"<body bgcolor=\"".$style['background']."\" link=\"".$style['link']."\" vlink=\"".$style['link']."\" text=\"#000000\">\r\n",
				"<table align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\" width=\"350\">\r\n",
				"<tr>\r\n",
				"<td align=\"center\" bgcolor=\"".$style['title']."\"><font color=\"#FFFFFF\"><b>Админка</b></font></td>\r\n",
				"</tr>\r\n",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<b><u>Баланс:</u></b>\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				$qs['balans']."\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<b><u>Выплата прошлая/всего:</u></b>\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				$qs['viplata'].'/'.$qs['vsego']."\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<b><u>Последняя выплата:</u></b>\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				$qs['vdate']."\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<b><u>Номер телефона:</u></b>\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"+".$qs['telefon']." (".$qs['operator'].")\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<b><u>WMR - кошелек:</u></b>\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"R".$qs['wmr']."\r\n</td></tr>";
				if($qs['balans'] > 10)
				{
				echo
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<a href=\"./?p=27&amp;mode=wcab&amp;m=2&amp;id=$id&amp;sid=".$sid."&amp;v=".$version."\">Выплатить</a>\r\n</td></tr>";
				}
				echo
				"<tr><td bgcolor=\"".$style['bottom']."\">\r\n",
				"<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">Форумы</a> \r\n",
				"</td>\r\n</tr>\r\n</table>\r\n",
				"</body></html>";
			}
	}
	elseif($_GET['m'] == "2")
	{
	$id = intval($_GET['id']);
	$mas = mysql_fetch_assoc(mysql_query("SELECT * FROM wcab WHERE id=".$id));
		mysql_query("UPDATE `wcab` SET `status`='0', `balans`='0.00', `vsego`=`vsego`+'".$mas['balans']."', `viplata`='".$mas['balans']."', `otvet`='Выплачено', `vdate`='".date("d/m H:i")."' WHERE `id`='$id'");
		header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid.'&mode=wcab&m=1&id='.$id);
	}
	elseif($_GET['m'] == "3")
	{
		mysql_query("UPDATE `wcab` SET `status`='0' WHERE `id`=".intval($_GET['id']));
		header("Location: ".str_replace("?", "", $forumdir).'?p=27&mode=wcab&act=menu&v='.$version.'&sid='.$sid);
	}
	elseif($_GET['act'] == "ban")
		{
			if($version == "xhtml")
			{
				echo
				"<html>\r\n",
				"<head>\r\n",
				"<title>Админка</title>\r\n",
				"</head>\r\n",
				"<body bgcolor=\"".$style['background']."\" link=\"".$style['link']."\" vlink=\"".$style['link']."\" text=\"#000000\">\r\n",
				"<table align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\" width=\"350\">\r\n",
				"<tr>\r\n",
				"<td align=\"center\" bgcolor=\"".$style['title']."\"><font color=\"#FFFFFF\"><b>Админка</b></font></td>\r\n",
				"</tr>\r\n",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<a href=\"./?p=27&amp;mode=wcab&amp;act=menu&amp;sid=".$sid."&amp;v=".$version."\">Незаблокированные</a>\r\n</td></tr>",
				"<tr bgcolor=\"".$style['text']."\"><td>\r\n",
				"<b><u>Заблокированные:</b></u>\r\n</td></tr>",
				"<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n";
				$masq = mysql_query("SELECT * FROM `wcab` WHERE `status`='2' ORDER BY `balans` DESC");
	while($mas = mysql_fetch_array($masq))
	{
	$us=mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='".$mas['id_user']."'"));
		echo('<a href="./?p=24&amp;uid='.$mas['id_user'].'&amp;d=1&amp;sid='.$sid.'&amp;v='.$version.'">'.$us['username'].'</a> <b>('.$mas['balans'].')</b>');
		echo(' <a href="./?p=27&amp;v='.$version.'&amp;sid='.$sid.'&amp;mode=wcab&amp;m=3&amp;id='.$mas['id'].'">[UNban]</a>');
		echo(' <a href="./?p=27&amp;v='.$version.'&amp;sid='.$sid.'&amp;mode=wcab&amp;m=1&amp;id='.$mas['id'].'">[&#187;]</a>');
	}
				echo
				"</td>\r\n</tr>\r\n",
				"<tr><td bgcolor=\"".$style['bottom']."\">\r\n",
				"<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">Форумы</a> \r\n",
				"</td>\r\n</tr>\r\n</table>\r\n",
				"</body></html>";
			}
	}
	
break;

case 'rating':
if($version == "xhtml")
			{
				echo
				"<html>\r\n",
				"<head>\r\n",
				"<title>Админка</title>\r\n",
				"</head>\r\n",
				"<body bgcolor=\"".$style['background']."\" link=\"".$style['link']."\" vlink=\"".$style['link']."\" text=\"#000000\">\r\n",
				"<table align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"5\" width=\"350\">\r\n",
				"<tr>\r\n",
				"<td align=\"center\" bgcolor=\"".$style['title']."\"><font color=\"#FFFFFF\"><b>Админка</b></font></td>\r\n",
				"</tr>\r\n",
				"<tr>\r\n",
				"<td bgcolor=\"".$style['text']."\">\r\n",
				"<b><u>Рейтинг пользователей:</b></u>\r\n",
				"</td>\r\n</tr>\r\n",
				"";
if ( !empty($_GET['moder']) )
{
$idmod = abs ( intval ( $_GET['moder'] ) );
$sq = "WHERE `moder`=".$idmod.' ';
}
else if ( !empty($_GET['us']) )
{
$idus = abs ( intval ( $_GET['us'] ) );
$sq = "WHERE `rat_user`=".$idus.' ';
}
$qr = mysql_query("SELECT * FROM `rating` ".$sq."ORDER BY `time` DESC");
		while ($ar = mysql_fetch_assoc($qr) )
		{
		$name_us = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id`='".$ar['rat_user']."'"));
		if ( $ar['descript'] == "+" )
		{
		$rat = "<font color=\"green\">плюс</font>";
		}
		else if ( $ar['descript'] == "-" )
		{
		$rat = "<font color=\"red\">минус</font>";
		}
		if ( !empty($ar['time']) )
		{
		$time = "(".date("d/m/y H:i", $ar['time']).")";
		}
				echo
				"<tr>\r\n<td bgcolor=\"".$style['text']."\">\r\n",
				$time."<a href=\"./?p=24&amp;d=1&amp;uid=".UserName2id($ar['moder'])."&amp;t=".$p."&amp;v=".$version."&amp;sid=".$sid."\"><b>".$ar['moder']."</b></a> поставил <b>".$rat."</b> <a href=\"./?p=24&amp;d=1&amp;uid=".$ar['rat_user']."&amp;t=".$p."&amp;v=".$version."&amp;sid=".$sid."\"><u>".$name_us['username']."</u></a>\r\n",
				"</td>\r\n</tr>\r\n";
		}
				echo
				"<tr><td bgcolor=\"".$style['bottom']."\">\r\n",
				"<a href=\"./?p=0&amp;v=xhtml&amp;sid=".$sid."\">Форумы</a> \r\n",
				"</td>\r\n</tr>\r\n</table>\r\n",
				"</body></html>";
			}
break;

case 'del':
	mysql_query("DELETE posts.*
	FROM posts
	LEFT JOIN themes
	ON posts.id_theme=themes.id
	WHERE id_forum=".intval($_POST['id']));
	mysql_query("DELETE FROM `themes` WHERE `id_forum`=".intval($_POST['id']));
	mysql_query("DELETE FROM `forums` WHERE `id`=".intval($_POST['id']));
	header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
break;

case 'kick':
$uss = mysql_fetch_array(mysql_query("SELECT username FROM users WHERE id=".intval($_GET['ids'])));
mysql_query("DELETE
	FROM session
	WHERE nickname='".$uss['username']."'");
	header("Location: ".str_replace("?", "", $forumdir).'?p=12&v='.$version.'&sid='.$sid);
break;

case 'delm':
	mysql_query("DELETE mposts.*
	FROM mposts
	LEFT JOIN mthemes
	ON mposts.id_theme=mthemes.id
	WHERE id_forum=".intval($_POST['id']));
	mysql_query("DELETE FROM `mthemes` WHERE `id_forum`=".intval($_POST['id']));
	mysql_query("DELETE FROM `mforums` WHERE `id`=".intval($_POST['id']));
	header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
break;
case 'add':
	mysql_query("INSERT INTO `forums` VALUES(0, '".htmlspecialchars(sql($_POST['name']))."', ".intval($_POST['pos']).")");
	header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
break;
case 'addm':
	mysql_query("INSERT INTO `mforums` VALUES(0, '".htmlspecialchars(sql($_POST['name']))."', ".intval($_POST['pos']).")");
	header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
break;
case 'moder':
	if($_GET['m'] == "0")
	{
		mysql_query("UPDATE `users` SET `status`='user' WHERE `id`=".intval($_GET['id']));
	} else
	{
		mysql_query("UPDATE `users` SET `status`='moderator' WHERE `id`=".intval($_GET['id']));
	}
	header("Location: ".str_replace("?", "", $forumdir).'?p=27&v='.$version.'&sid='.$sid);
break;


		}
	}
?>