View file panel/ban.php

File size: 4.77Kb
<?php
include '../sys/db.php';
include '../sys/conf.php';
include '../sys/start.php';
include '../sys/functions.php';
$config_title_name = "Бан / Разбан";
include '../style/head.php';
echo "<div class=title>Бан / Разбан</div>\n";

if(isset($user['login'])){
if( isset($user['level']) || $user['level']=='1'  || $user['level']=='2'  || $user['level']=='3'){

$act = isset($_GET['act']) ? $_GET['act'] : '';
switch($act){
default:
if (intval($_GET['id'])){
echo "<div class=content>\n";
if ($_GET['isset']==timesmall) {echo "Вы не ввели &quot;Время бана&quot;!\n<br><br>";}
if ($_GET['isset']==timebig) {echo "И нахуя на столько банить?\n<br><br>";}
if ($_GET['isset']==reasonsmall) {echo "В причине должно быть не меньше 5 символов!\n<br><br>";}
if ($_GET['isset']==reasonbig) {echo "Слишком большая причина! max500 символов\n<br><br>";}
echo "<form action='ban.php?act=ban&id=".intval($_GET['id'])."&' method='post' name='reg'>\n";
echo "Время бана:<br><input name='time' maxlength='2'><br><br>\n";
if(isset($user['level']) && $user['level']=='1'){
echo "<input name='range' type='radio' value='1' checked> Минут |\n";
echo "<input name='range' type='radio' value='2'> Часов | \n";
echo "<input name='range' type='radio' value='3'> Суток <br><br>\n";}
if(isset($user['level']) && $user['level']=='2'){
echo "<input name='range' type='radio' value='1' checked> Минут | \n";
echo "<input name='range' type='radio' value='2'> Часов<br><br>\n";}
if(isset($user['level']) && $user['level']=='3'){
echo "<input name='range' type='radio' value='1' checked> Часов<br><br>\n";}
echo "<textarea name='reason' cols='30' rows='5'></textarea><br><br>\n";
echo "<input type='submit' value='Забанить'></form>\n";
echo "</div>\n";
echo "<div class=stat><a href='index.php'>Админка</a></div>";
echo "<div class=stat><a href='../index.php'>Прихожая</a></div>";
}else{
echo "<div class=content>\n";
if ($_GET['isset']==yes) {echo "Юзер успешно забанен!\n<br><br>";}
echo "<form action='ban.php' method='get'>\n";
echo "Введите id юзера:<br>\n";
echo "<input type='text' name='id'><br>\n";
echo "<input type='submit' value='Изменить' ></form>\n";
echo "</div>\n";
echo "<div class=stat><a href='index.php'>Админка</a></div>";
echo "<div class=stat><a href='../index.php'>Прихожая</a></div>";}
break;


case('ban'):
$id = intval($_GET['id']);
if(strlen($_POST['time']) < '1'){ header ("Location: ban.php?id=$id&isset=timesmall");  exit;}
if(strlen($_POST['time']) > '2'){ header ("Location: ban.php?id=$id&isset=timebig");  exit;}
if(strlen($_POST['reason']) < '5'){ header ("Location: ban.php?id=$id&isset=reasonsmall");  exit;}
if(strlen($_POST['reason']) > '500'){ header ("Location: ban.php?id=$id&isset=reasonbig");  exit;}

$userlevels = mysql_query("SELECT * FROM `users` WHERE `id` = '$id'");
$userlevel = mysql_fetch_array($userlevels);
$sitetime = time()+(0*3600);
if (isset($userlevel['level']) && $userlevel['level'] !='1'  && $userlevel['level'] !='2'  && $userlevel['level'] !='3'){
$range = intval($_POST['range']);
$time = intval($_POST['time']);
if(isset($user['level']) && $user['level']=='1'){
if($range=="1"){$ban_time = $sitetime + $time*60;}
if($range=="2"){$ban_time = $sitetime + $time*60*60;}
if($range=="3"){$ban_time = $sitetime + $time*60*60*24;}}
if(isset($user['level']) && $user['level']=='2'){
if($range=="1"){$ban_time = $sitetime + $time*60;}
if($range=="2"){$ban_time = $sitetime + $time*60*60;}}
if(isset($user['level']) && $user['level']=='1'){
if($range=="1"){$ban_time = $sitetime + $time*60;}}
$reason = htmlspecialchars(stripslashes(trim($_POST['reason'])));
$reason = str_replace("'",'&#39;',$reason);
$reason = str_replace("\$",'&#36;',$reason);
$reason = str_replace("$",'&#36;',$reason);
mysql_query("UPDATE `users` SET `ban` = '$ban_time' WHERE `id` = '$id'");
mysql_query("UPDATE `users` SET `ban_reason` = '$reason' WHERE `id` = '$id'");
mysql_query("UPDATE `users` SET `ban_login` = '$user[login]' WHERE `id` = '$id'");
header ("Location: ban.php?isset=yes");  exit;
}else{
echo "<div class=content>\n";
echo "<img src='../img/error.gif' alt=''> Вы не можете забанить данного юзера, т.к он находится в группе Администраторы!\n";
echo "</div>\n";
echo "<div class=stat>\n<a href='ban.php?'>Назад</a>\n</div>\n";
echo "<div class=stat>\n<a href='index.php'>Админка</a>\n</div>\n";
echo "<div class=stat>\n<a href='../index.php'>Прихожая</a>\n</div>\n";
}

break;
}}
if(isset($user['level']) && $user['level']=='0'){
header ("Location: ../index.php");  exit;}
} else {header ("Location: ../index.php");  exit;}
include '../style/foot.php';
?>