View file panel/index.php

File size: 8.16Kb
<?php
// by Mike. O (mides), coolcms.mobi

require_once '../system/sys.php';
require_once '../system/auth_a.php';
require_once '../system/header.php';

switch ($act) {
    default:
        tp($lang['control_panel']);
        note();
        $adminchat = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `adminchat`"), 0);
        echo '<a href="adminchat.php">Админ-чат</a> ('.$adminchat.')<br />';
        echo '<a href="?act=kick&amp;user=">'.$lang['kick_a_user'].'</a><br />';
        if (access(2)) {
            echo '<a href="loads.php">'.$lang['downloads'].'</a> | <a href="news.php">'.$lang['news'].'</a><br />';
			echo '<a href="?act=ban&amp;user=">'.$lang['ban_a_user'].'</a><br />';
			$banned = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `ban` WHERE `until` > '".TIME."'"), 0);
			echo '<a href="?act=banlist">Забаненные</a> ('.$banned.')<br />';
        }
        if (access(3)) {
			echo '<a href="?act=masspm">Массовая рассылка PM</a><br />';
			$users = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 1"), 0);
			$users_0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
            echo '<a href="blogs.php">'.$lang['blogs'].'</a> | <a href="forum.php">'.$lang['forum'].'</a><br />';
            echo '<a href="users.php">Юзеры</a> ('.$users.', <a href="users.php?act=nonact">неакт.: '.$users_0.'</a>)<br />';
            echo '<a href="ad.php">'.$lang['advert'].'</a><br />';
            echo '<a href="templates.php">'.$lang['templates_editor'].'</a><br />';
            echo '<a href="config.php">'.$lang['site_settings'].'</a> | <a href="smiles.php">'.$lang['smiley_faces'].'</a> <br />';
        }
        echo '<a href="http://coolcms.mobi">CoolCMS.mobi - оф. сайт</a>';
        nav_main();
    break;
	
	case 'banlist':
		tp('Забаненные');
		note();
        $total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `ban` WHERE `until` > '".TIME."'"), 0);
        if ($total > 0) {
			$pages = ceil($total / $config['onpage']);
            if ($page > $pages or $page == 0) {
                $page = 1;
            }
            $begin = ($page - 1) * $config['onpage'];

            $ban_r = mysql_query("SELECT * FROM `ban` WHERE `until` > '".TIME."' ORDER BY `until` DESC LIMIT $begin, $config[onpage]");
            while ($ban = mysql_fetch_assoc($ban_r)) {
                echo '&bull; <a href="../profile.php?id='.$ban['id_user'].'">'.username($ban['id_user']).'</a> до '.ccdate($ban['until'], 0).' <a href="?act=ban_rm&amp;id='.$ban['id'].'">разбан</a><br />';
            }
            navig($page, '?', $pages);
        }
        echo '<br /><a href="?act=ban&amp;user=" class="button">Выдать бан</a></div>';
        nav('./');
	break;
	
	case 'ban_rm':
		mysql_query("DELETE FROM `ban` WHERE `id` = '$id'");
		$_SESSION['note'] = 'Разбанен.';
		redirect('?act=banlist');
	break;
	
    case 'kick':
		if (access(2)) {
			if ($ok) {
				if ($_POST['user']) {
					$user = check($_POST['user']);
					if ($user != $u['username']) {
						$us_r = mysql_query("SELECT `id`, `access` FROM `users` WHERE `username` = '$user'");
						$us = mysql_fetch_assoc($us_r);
						$id_user = $us['id'];
						if ($id_user) {
							if ($u['access'] > $us['access']) {
								$kick_r = mysql_num_rows(mysql_query("SELECT `id` FROM `ban` WHERE `id_user` = '$id_user' and `until` > '".TIME."'"));
								if (!$kick_r) {
									$until = $config['kick'] + TIME;
									mysql_query("INSERT INTO `ban` SET `id_user` = '$id_user', `until` = '$until', `by` = '$u[id]'");
									redirect(HTTPHOME.'/profile.php?id='.$id_user);
								} else {
									$_SESSION['note'] = 'Этот юзер уже пнут/забанен!';
									redirect('?act=kick&user=');
								}
							} else {
								$_SESSION['note'] = 'Нельзя пнуть старшего по должности';
								redirect('?act=kick&user=');
							}
						} else {
							$_SESSION['note'] = 'Этот юзер не существует.';
							redirect('?act=kick&user=');
						}
					} else {
						$_SESSION['note'] = 'Вы не можете пнуть самого себя.';
						redirect('?act=kick&user=');
					}
				} else {
					redirect('?act=kick&user=');
				}
			} else {
				tp('Пнуть юзера');
				note();
				echo '<form name="form" action="?act=kick&amp;ok=1" method="post">
				Логин(max12):<br /><input name="user" type="text" maxlength="12" value="'.$_GET['user'].'" /><br />
				<input name="submit" type="submit" value="Пнуть!" />
				</form>';
				nav('?');
			}
		} else {
			redirect(HTTPHOME);
		}
    break;

    case 'ban':
		if (access(2)) {
			if ($ok) {
				if ($_POST['user'] and $_POST['reason']) {
					$user = check($_POST['user']);
					if ($user != $u['username']) {
						$us_r = mysql_query("SELECT `id`, `access` FROM `users` WHERE `username` = '$user'");
						$us = mysql_fetch_assoc($us_r);
						$id_user = $us['id'];
						if ($id_user) {
							if ($u['access'] > $us['access']) {
								$ban_r = mysql_num_rows(mysql_query("SELECT `id` FROM `ban` WHERE `id_user` = '$id_user' and `until` > '".TIME."'"));
								if (!$ban_r) {
									$until = abs(intval($_POST['banned'])) + TIME;
									$reason = check($_POST['reason']);
									mysql_query("INSERT INTO `ban` SET `id_user` = '$id_user', `until` = '$until', `reason` = '$reason', `by` = '$u[id]'");
									redirect(HTTPHOME.'/profile.php?id='.$id_user);
								} else {
									$_SESSION['note'] = 'Этот юзер уже забанен!';
									redirect('?act=ban&user=');
								}
							} else {
								$_SESSION['note'] = 'Нельзя забанить старшего по должности';
								redirect('?act=ban&user=');
							}
						} else {
							$_SESSION['note'] = 'Этот юзер не существует.';
							redirect('?act=ban&user=');
						}
					} else {
						$_SESSION['note'] = 'Вы не можете забанить самого себя.';
						redirect('?act=ban&user=');
					}
				} else {
					redirect('?act=ban&user=');
				}
			} else {
				tp('Бан пользователя');
				note();
				echo '<form name="form" action="?act=ban&amp;ok=1" method="post">
				Пользователь(max12):<br /><input name="user" type="text" maxlength="12" value="'.$_GET['user'].'" /><br />
				Причина(max250):<br /><textarea name="reason" cols="" rows="3"></textarea><br />
				Срок:<br /><select name="banned">
				<option value="900">15 минут</option>
				<option value="1800">30 минут</option>
				<option value="3600">1 час</option>
				<option value="10800">3 часа</option>
				<option value="21600">6 часов</option>
				<option value="43200">12 часов</option>
				<option value="86400">Сутки</option>
				<option value="259200">Трое суток</option>
				<option value="604800">Неделя</option>
				<option value="2419200">Месяц</option>
				</select><br />
				<input name="submit" type="submit" value="Банить!" />
				</form>';
				nav('?');
			}
		} else {
			redirect(HTTPHOME);
		}
    break;		
	
	case 'masspm':
		if (access(3)) {
			if ($ok) {
				if (!empty($_POST['text'])) {
					$text = check($_POST['text']);
					$user_r = mysql_query("SELECT `id` FROM `users` WHERE `ok` = 1");
					while ($user = mysql_fetch_assoc($user_r)) {
						sendpm($user['id'], $text);
					}
					$_SESSION['note'] = 'Сделано';
					redirect('?');
				} else {
					redirect('?act=masspm');
				}
			} else {
				tp('Массовая рассылка PM');
				echo '<form name="form" action="?act=masspm&amp;ok=1" method="post" name="form">
				Текст сообщения:<br />
				<textarea name="text" cols="" rows="5"></textarea>
				<input name="submit" type="submit" value="Ok" />			
				</form>
				* Сообщения отправляются от имени System';
				nav('?');
			}
		} else {
			redirect();
		}
	break;
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
}

require_once '../system/tail_p.php';
?>