File size: 4.91Kb
<?
////////////////////////////////////////
///// Kyber ApiCMS 2013 apicms.ru //////
///// Запрещается продажа данной CMS ///
///// Автор Евгений Медянкин Kyber /////
///// ICQ 626-000-895 или 37-22-47 /////
////////////////////////////////////////
/////////////////////////////////////////
$title = 'Блокировка пользователя';
require_once '../api_core/apicms_system.php';
require_once '../api_core/head.php';
/////////////////////////////////////////
if ($user['level'] < 1) header('location: ../');
if ($user['level'] == 1 or $user['level'] == 2){
/////////////////////////////////////////
if (isset($_GET['id']))$ank['id']=intval($_GET['id']);else{
header("Location: /index.php");
exit;
}
/////////////////////////////////////////
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `id` = '$ank[id]' LIMIT 1"),0)==0){
header("Location: /index.php");
exit;
}
/////////////////////////////////////////
if ($user['level'] < 1){
header("Location: /index.php");
exit;
}
$ank=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$ank[id]' LIMIT 1"));
/////////////////////////////////////////
if (isset($_GET['unset']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_ban` WHERE `ank_ban` = '$ank[id]' AND `id` = '".intval($_GET['unset'])."'"),0)){
$block_inf=mysql_fetch_assoc(mysql_query("SELECT * FROM `users_ban` WHERE `ank_ban` = '$ank[id]' AND `id` = '".intval($_GET['unset'])."'"));
$ank2=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$block_inf[ank_ban]' LIMIT 1"));
$min_block = $ank2['block_count']-1;
if ($user['level']>=1){
mysql_query("UPDATE `users_ban` SET `time` = '".time()."' WHERE `id` = '".intval($_GET['unset'])."' LIMIT 1");
mysql_query("UPDATE `users` SET `block_count` = '$min_block', `block_time` = '$time' WHERE `id` = '".intval($_GET['unset'])."' LIMIT 1");
echo '<div class="content"><center>Пользователь успешно разблокирован</center></div>';
}
else
echo '<div class="content"><center>У вас нет соответствующих прав</center></div>';
}
/////////////////////////////////////////
if (isset($_POST['ban_pr']) && isset($_POST['time']) && isset($_POST['vremja']) && $user['level']>=1){
$block_time = $time;
if ($_POST['vremja']=='min')$block_time+=intval($_POST['time'])*60;
if ($_POST['vremja']=='chas')$block_time+=intval($_POST['time'])*60*60;
if ($_POST['vremja']=='sut')$block_time+=intval($_POST['time'])*60*60*24;
if ($_POST['vremja']=='mes')$block_time+=intval($_POST['time'])*60*60*24*30;
if ($block_time < $time)$err[]='<div class="content"><center>Ошибка времени блока</center></div>';
$prich = $_POST['ban_pr'];
$prich = mysql_real_escape_string($prich);
$plus_block = $ank['block_count']+1;
mysql_query("INSERT INTO `users_ban` (`ank_ban`, `id_user`, `prich`, `time`) VALUES ('$ank[id]', '$user[id]', '".mysql_real_escape_string($prich)."', '$block_time')");
mysql_query("UPDATE `users` SET `block_time` = '$block_time', `block_count` = '$plus_block' WHERE `id` = '$ank[id]' LIMIT 1");
echo '<div class="content"><center>Пользователь успешно заблокирован</center></div>';
}
/////////////////////////////////////////
$ban_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `id` = '$ank[id]'"),0);
if ($ban_post==0)echo "<div class='content'><center>Нарушений не найдено</center></div>";
/////////////////////////////////////////
$qii=mysql_query("SELECT * FROM `users_ban` WHERE `ank_ban` = '$ank[id]' ORDER BY `time` DESC");
while ($post_ban = mysql_fetch_assoc($qii)){
$ank2=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = $post_ban[ank_ban] LIMIT 1"));
echo "<div class='subhead'>Причина: <b>".$post_ban['prich']."</b> </br></br> До ".apicms_data($post_ban['time'])." <a class = 'headbut' href='?id=$ank[id]&unset=$post_ban[id]'>Разблокировать</a></div>";
}
/////////////////////////////////////////
if ($user['level']>=1){
echo "<form action=\"user_block.php?id=$ank[id]&ok\" method=\"post\">\n";
echo "<div class='content'><center>Причина блокировки:<br /> <textarea name=\"ban_pr\"></textarea><br />\n";
echo "Срок блокировки<br /> <input type='text' name='time' value='10' maxlength='11' size='3' />\n";
echo "<select class='form' name=\"vremja\">\n";
echo "<option value='min'>Минут</option>\n";
echo "<option value='chas'>Часов</option>\n";
echo "<option value='sut'>Суток</option>\n";
echo "<option value='mes'>Месяцев</option>\n";
echo "</select><br /><input type='submit' value='Заблокировать'/></form></center></div>\n";
}else{
echo "<div class='content'>Нет прав для того, чтобы забанить пользователя</div>\n";
}
/////////////////////////////////////////
}
apicms_foot();
?>