File size: 2.92Kb
<?php
require_once "../system/connect.php";
require_once "../system/config.php";
require_once "../system/functions.php";
require_once "../system/dannuser.php";
require_once "../system/start.php";
echo '<title>управление гостевой</title>';
if((isset($_SESSION['slogin'])!='') && ($_SESSION['spass']!='') && ($ddostup!=0) && ($ddostup==1)) {
if(empty($_GET['act'])) { $_GET['act']="index"; }
if($_GET['act']=="index") {
if(empty($_GET['start'])) { $start=0; } else { $start=$_GET['start']; }
$skolko_guest=mysql_query("SELECT COUNT(*) FROM `guest`");
$count_guest=mysql_result($skolko_guest,0);
$select_guest=mysql_query("SELECT * FROM `guest` ORDER BY `id` DESC LIMIT $start,$num;");
while($arr_guest=mysql_fetch_array($select_guest)) {
echo "<b>".$arr_guest['login']."</b> ".$arr_guest['time']."<br>";
echo "".$arr_guest['msg']."<br>
".$arr_guest['agent'].",".$arr_guest['ip']."<br>";
echo '<a href="../'.admdir.'/editguest.php?act=editguest&id='.$arr_guest['id'].'">[edit]</a> <a href="../'.admdir.'/editguest.php?act=delguest&id='.$arr_guest['id'].'">[del]</a><br><br>'; }
if($start!=0) { echo '<a href="editguest.php?start='.($start-$num).'">назад</a>'; } else { echo 'назад'; }
echo ' | ';
if($count_guest>$start+$num) { echo '<a href="editguest.php?start='.($start+$num).'">далее</a>'; } else { echo 'далее'; }}
if($_GET['act']=="editguest") {
$id=intval($_GET['id']);
$select_edit_post=mysql_query("SELECT * FROM `guest` WHERE `id`='".$id."' LIMIT 1;");
$eedit=mysql_fetch_array($select_edit_post);
echo '<form action="editguest.php?act=edit&id='.$id.'" method="post">
Сообщение:<br><input type="text" name="emsg" value="'.$eedit['msg'].'" maxlength="1024"><br>
Ответ:<br><input type="text" name="eotvet" value="'.$eedit['otvet'].'" maxlength="1024"><br>
<input type="submit" name="sub" value="изменить"></form><br>'; }
if($_GET['act']=="edit") {
$id=intval($_GET['id']);
$emsg=check($_POST['emsg']);
$eotvet=check($_POST['eotvet']);
if(empty($emsg)) die("сообщение не должно быть пустым!");
if((strlen($emsg)<3) || (strlen($emsg)>1024)) die("не верное количество символов!");
$update_eguest=mysql_query("UPDATE `guest` SET `msg`='".mysql_escape_string($emsg)."', `otvet`='".mysql_escape_string($eotvet)."' WHERE `id`='".$id."';");
if($update_eguest) { echo "Сообщение измененно!<br>"; } }
if($_GET['act']=="delguest") {
$id=intval($_GET['id']);
echo 'Вы уверены?<br><a href="../'.admdir.'/editguest.php?act=del&id='.$id.'">Да</a> | <a href="../'.admdir.'/editguest.php">Нет</a><br>'; }
if($_GET['act']=="del") {
$id=intval($_GET['id']);
$delete_guest=mysql_query("DELETE FROM `guest` WHERE `id`='".$id."' LIMIT 1;");
if($delete_guest) { echo "пост удален!<br>"; } }
} else { echo "У вас нет прав для этого!<br>"; }
require_once "../foot.php";
?>