View file panel/ban.php

File size: 3.91Kb
<?php
// by Mike O. (mides), coolcms.org
require_once '../includes/sys.php';
require_once '../includes/auth_a.php';
require_once '../includes/header.php';

switch ($act) {
    default:
		tp('<a href="./">АДМ</a>&raquo; Забанить юзера');
		echo '<div class="body">';
		note();
		echo '<form name="form" action="?act=ban" method="post">
		Логин(max12):<br /><input name="user" type="text" maxlength="12" value="'.$_GET['user'].'" /><br />
		<form action="?act=ban&amp;type=1&amp;ok=1" method="post" name="form">
		Причина(max250):<br /><textarea name="reason" cols="" rows="3"></textarea><br />
		Срок:<br /><select name="banned">
		<option value="900">15 минут</option>
		<option value="1800">30 минут</option>
		<option value="3600">1 час</option>
		<option value="10800">3 часа</option>
		<option value="21600">6 часов</option>
		<option value="43200">12 часов</option>
		<option value="86400">Сутки</option>
		<option value="259200">Трое суток</option>
		<option value="604800">Неделя</option>
		<option value="2419200">Месяц</option>
		</select><br />
		<input name="submit" type="submit" value="Ok!" />
		</form>
		<br />
		<a href="?act=banlist">Забаненные</a><br />
		<a href="./">В админку</a>
		</div>';
	break;
	
	case 'ban':
		$user = check($_POST['user']);
		$us_r = mysql_query("SELECT `id`, `access` FROM `users` WHERE `username` = '$user'");
		$us = mysql_fetch_assoc($us_r);
		if ($us['id']) {
			if (($u['access'] > $us['access']) or $u['id'] == 1) {
				$ban_r = mysql_num_rows(mysql_query("SELECT `id` FROM `ban` WHERE `id_user` = '$us[id]' and `until` > '".TIME."'"));
				if (!$ban_r) {
					if ($_POST['reason'] and $_POST['banned']) {
						$reason = check($_POST['reason']);
						$until = abs(intval($_POST['banned'])) + TIME;
						mysql_query("INSERT INTO `ban` SET `id_user` = '$us[id]', `until` = '$until', `reason` = '$reason', `by` = '$u[id]'");
						redirect(HTTPHOME.'/other/profile.php?id='.$us[id]);
					} else {
						$_SESSION['note'] = 'Не указана причина';
						redirect('?');
					}
				} else {
					$_SESSION['note'] = 'Этот юзер уже пнут/забанен!';
					redirect('?');
				}
			} else {
				$_SESSION['note'] = 'Нельзя банить старшего по должности';
				redirect('?');
			}
		} else {
			$_SESSION['note'] = 'Юзер не существует';
			redirect('?');
		}
		
	break;
	
	case 'banlist':
		tp('<a href="?">Бан</a>&raquo; Забаненные');
		echo '<div class="body">';
		note();
        $total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `ban` WHERE `until` > '".TIME."'"), 0);
        if ($total > 0) {
			$pages = ceil($total / $config['onpage']);
            if ($page > $pages or $page == 0) {
                $page = 1;
            }
            $begin = ($page - 1) * $config['onpage'];

            $ban_r = mysql_query("SELECT * FROM `ban` WHERE `until` > '".TIME."' ORDER BY `until` DESC LIMIT $begin, $config[onpage]");
            while ($ban = mysql_fetch_assoc($ban_r)) {
                echo '&bull; <a href="../other/profile.php?id='.$ban['id_user'].'">'.username($ban['id_user'], 2).'</a> до '.ccdate($ban['until'], 0);
				if (access(2)) {
					echo ' <a href="?act=ban_rm&amp;id='.$ban['id'].'">разбан</a><br />';
				}
			}
            navig($page, '?', $pages);
        }
        echo '<br />
		<a href="?">Забанить юзера</a><br /><a href="./">В админку</a>
		</div>';
	break;
	
	case 'ban_rm':
		if (access(2)) {
			mysql_query("DELETE FROM `ban` WHERE `id` = '$id'");
			$_SESSION['note'] = 'Разбанен';
		} else {
			$_SESSION['note'] = 'Нет доступа';
		}
		redirect('?act=banlist');
	break;
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
}

require_once '../includes/tail.php';
?>