Размер файла: 9.72Kb
<?php
error_reporting(0);
include('start.php');
include("config.php");
include("./includes/".$ver."/banned");
list($msec, $sec) = explode(chr(32), microtime());
$headtime = $sec + $msec;
$ref = rand(1000, 9999);
$ttl ="Управление игнор-листом";
switch($ver)
{
////////////////////////////////////////////////////////
//WML VERSION
////////////////////////////////////////////////////////
case 'wml':
header("Content-type: text/vnd.wap.wml; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-revalidate");
//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT `level` FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");
if(mysql_num_rows($q) == 0)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"Ошибка\" ontimer=\"index.php?ver=wml\"><timer value=\"15\"/><p align=\"left\">\n";
echo "<small>Ошибка авторизации!<br/>\n";
echo"<br/>$wmlfoot";
echo "</small></p></card></wml>";
exit();
}
//END AUTH
$level = mysql_result($q, 0);
//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"$ttl\"><p align=\"left\">\n";
if(isset($_GET['mod']))
{
$mod = $_GET['mod'];
}
else
{
$mod = "";
}
switch($mod)
{
case 'add':
if(!isset($_POST['action']) && !isset($_GET['uid']))
{
echo "Никнейм:<br/>\n";
echo "<input type=\"text\" name=\"nickname$nocache\" maxlength=\"15\"/><br/>\n";
echo "Транслитировать:<br/>\n";
echo "<select name=\"translit$nocache\" value=\"false\">\n";
echo "<option value=\"false\">Нет</option>\n";
echo "<option value=\"true\">Да</option>\n";
echo "</select><br/>\n";
echo "<anchor>[Добавить]<go href=\"ignor.php?".SID."&ver=wml&nocache=$nocache&mod=add\" method=\"post\">\n";
echo "<postfield name=\"nick\" value=\"$(nickname$nocache)\"/>\n";
echo "<postfield name=\"translit\" value=\"$(translit$nocache)\"/>\n";
echo "<postfield name=\"action\" value=\"add\"/>\n";
echo "</go></anchor><br/>\n";
}
else
{
if(isset($_POST['nick']))
{
$sql = mysql_query("SELECT `id` FROM `chat_users` WHERE `nickname` = '".mysql_escape_string($_POST['nick'])."';");
}
else
{
$uid = intval($_GET['uid']);
$sql = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$uid."';");
}
if(mysql_num_rows($sql) == 0)
{
echo "Пользователь не найден в базе данных.<br/>\n";
break;
}
if(isset($_POST['nick']))
{
$nick = $_POST['nick'];
$uid = mysql_result($sql, 0);
}
else
{
$nick = mysql_result($sql, 0);
}
$sql = mysql_query("SELECT * FROM `chat_ignor` WHERE `uid` = '".$uid."' AND `id` = '".$id."';");
if(mysql_affected_rows() != 0)
{
echo "Этот пользователь уже занесен в игнор-лист!<br/>\n";
break;
}
mysql_query("INSERT INTO `chat_ignor` VALUES('".$id."', '".$uid."');");
echo "$nick успешно добавлен в игнор-лист!<br/>\n";
}
break;
case 'del':
$uid = intval($_GET['uid']);
mysql_query("DELETE FROM `chat_ignor` WHERE `uid` = '".$uid."' AND `id` = '".$id."';");
if(mysql_affected_rows() == 0)
{
echo "Пользователь не найден в игнор-листе!<br/>\n";
}
else
{
echo "Пользователь успешно удален из Вашего игнор-листа!<br/>\n";
}
break;
case 'clear':
mysql_query("DELETE FROM `chat_ignor` WHERE `id` = '".$id."';");
if(mysql_affected_rows() == 0)
{
echo "Не найдено ни одного ника для удаления из игнор-листа.<br/>\n";
}
else
{
echo "Ваш игнор-лист успешно очищен!<br/>\n";
}
break;
default:
$sql = mysql_query("SELECT `uid` FROM `chat_ignor` WHERE `id` = '".$id."';");
if(mysql_num_rows($sql) == 0)
{
echo "Игнор-лист пуст.<br/>\n";
}
$c = 0;
while($ignor = mysql_fetch_array($sql))
{
$c++;
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$ignor['uid']."';");
echo "<a href=\"ignor.php?".SID."&ver=wml&mod=del&uid=".$ignor['uid']."\">[X]</a>".mysql_result($q, 0)." <br/>";
}
if($c != 0) echo "• <a href=\"ignor.php?".SID."&ver=wml&mod=clear\">Очистить</a><br/>\n";
break;
}
if(!empty($mod)) echo "• <a href=\"ignor.php?".SID."&ver=wml\">Игнор-лист</a><br/>\n";
echo "• <a href=\"settings/?".SID."&ver=wml\">Настройки</a><br/>\n";
echo "• <a href=\"menu.php?".SID."&ver=wml\">В прихожую</a><br/>\n";
echo"<br/>$wmlfoot";
echo "</p></card></wml>";
break;
////////////////////////////////////////////////////////
//HTML VERSION
////////////////////////////////////////////////////////
case 'html':
header("Content-type: text/html; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-revalidate");
//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT `level` FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");
if(mysql_num_rows($q) == 0)
{
echo "$css";
echo'<title>'.$ttl.'</title>';
echo'<div class="d3">Ошибка</div>';
echo "<div class=\"d5\">Ошибка авторизации!</div>\n";
echo'<div class="d3">';
echo"$sitefoot";
echo'</div>';
echo "</body></html>";
exit();
}
//END AUTH
$level = mysql_result($q, 0);
//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE
echo "$css";
echo'<title>'.$ttl.'</title>';
echo'<div class="d3">'.$ttl.'</div>';
if(isset($_GET['mod']))
{
$mod = $_GET['mod'];
}
else
{
$mod = "";
}
switch($mod)
{
case 'add':
if(!isset($_POST['action']) && !isset($_GET['uid']))
{
echo "<div class=\"form\">\n";
echo "<form action=\"ignor.php?".SID."&ver=html&nocache=$nocache&mod=add\" method=\"post\">\n";
echo "Никнейм:<br/>\n";
echo "<input type=\"text\" name=\"nick\" maxlength=\"15\" /><br/>\n";
echo "Транслитировать:\n";
echo "<input type=\"checkbox\" name=\"translit\" value=\"yes\" /><br/>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"add\" />\n";
echo "<input type=\"submit\" value=\"Добавить\" /></form></div>\n";
}
else
{
if(isset($_POST['nick']))
{
$sql = mysql_query("SELECT `id` FROM `chat_users` WHERE `nickname` = '".mysql_escape_string($_POST['nick'])."';");
}
else
{
$uid = intval($_GET['uid']);
$sql = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$uid."';");
}
if(mysql_num_rows($sql) == 0)
{
echo "Пользователь не найден в базе данных.<br/>\n";
break;
}
if(isset($_POST['nick']))
{
$nick = $_POST['nick'];
$uid = mysql_result($sql, 0);
}
else
{
$nick = mysql_result($sql, 0);
}
$sql = mysql_query("SELECT * FROM `chat_ignor` WHERE `uid` = '".$uid."' AND `id` = '".$id."';");
if(mysql_affected_rows() != 0)
{
echo "Этот пользователь уже занесен в игнор-лист!<br/>\n";
break;
}
mysql_query("INSERT INTO `chat_ignor` VALUES('".$id."', '".$uid."');");
echo "$nick успешно добавлен в игнор-лист!<br/>\n";
}
break;
case 'del':
$uid = intval($_GET['uid']);
mysql_query("DELETE FROM `chat_ignor` WHERE `uid` = '".$uid."' AND `id` = '".$id."';");
if(mysql_affected_rows() == 0)
{
echo "Пользователь не найден в игнор-листе!<br/>\n";
}
else
{
echo "<div class=\"d2\">Пользователь успешно удален из Вашего игнор-листа!</div>\n";
}
break;
case 'clear':
mysql_query("DELETE FROM `chat_ignor` WHERE `id` = '".$id."';");
if(mysql_affected_rows() == 0)
{
echo "Не найдено ни одного ника для удаления из игнор-листа.<br/>\n";
}
else
{
echo "Ваш игнор-лист успешно очищен!<br/>\n";
}
break;
default:
$sql = mysql_query("SELECT `uid` FROM `chat_ignor` WHERE `id` = '".$id."';");
if(mysql_num_rows($sql) == 0)
{
echo "Игнор-лист пуст.<br/>\n";
}
$c = 0;
while($ignor = mysql_fetch_array($sql))
{
$c++;
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$ignor['uid']."';");
echo "<a href=\"ignor.php?".SID."&ver=html&mod=del&uid=".$ignor['uid']."\">[X]</a>".mysql_result($q, 0)." <br/>";
}
if($c != 0) echo "<div class=\"d1\">• <a href=\"ignor.php?".SID."&ver=html&mod=clear\">Очистить</a></div> \n";
break;
}
if(!empty($mod)) echo "<div class=\"d1\">• <a href=\"ignor.php?".SID."&ver=html\">Игнор-лист</a></div>\n";
echo "<div class=\"d1\">• <a href=\"ignor.php?".SID."&ver=html\">Настройки</a></div>\n";
echo "<div class=\"d1\">• <a href=\"menu.php?".SID."&ver=html\">В прихожую</a></div>";
echo'<div class="d3">';
echo"$sitefoot";
echo'</div>';
echo "</body></html>";
break;
}
?>