Просмотр файла admin.php

Размер файла: 11.91Kb
<?php
// MyForum - Сервис форумов 
// Copyright © A'lex и KO. All Rights Reserved
// По всем вопросам обращайтесь на email [email protected] или в асю 376920428

include 'config.php';

$date = date('j.n G:i');
$rdate = date('j.m.Y');

function displayHTML($caption, $title, $body, $end)
{
header('Content-Type: text/html; charset=utf-8');
$caption = ereg_replace("&#39;","'",$caption);
$title = ereg_replace("&#39;","'",$title);
$body = ereg_replace("&#39;","'",$body);
$end = ereg_replace("&#39;","'",$end);

$title = ereg_replace('&','&amp;',$title);
$body = ereg_replace('&','&amp;',$body);
$end = ereg_replace('&','&amp;',$end);

$caption = ereg_replace("&amp;nbsp;","&nbsp;",$caption);
$title = ereg_replace("&amp;nbsp;","&nbsp;",$title);
$body = ereg_replace("&amp;nbsp;","&nbsp;",$body);
$end = ereg_replace("&amp;nbsp;","&nbsp;",$end);

$res=<<<END
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/><title>$caption</title></head>
<body bgcolor="#0598AD" link="#917E35" vlink="#917E35" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="500">
<tr><td bgcolor="#023339" align="center"><font color="#ffffff"><b>$caption</b></font></td></tr>
<tr><td bgcolor="#79EBFB">$title</td></tr>
<tr><td bgcolor="#C3F6FD">$body</td></tr>
<tr><td bgcolor="#79EBFB">$end</td></tr></table>
</body></html>
END;
echo $res;
}
function randstr($length = 8) { 
$a = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; 
for($i=0; $i<$length; $i++) $ret .= substr($a, rand(0, strlen($a)), 1); 
return $ret; 
}

//-----------------------------------------------------------------------------------------------


if (($login==$AdminName) && ($password==$AdminPassword)) {
$formhtml=<<<END
<form action="admin.php" method="post">
</td></tr>
<tr><td bgcolor="#C3F6FD">
<input type="hidden" name="mode" value="forumlist"/>
<input type="hidden" name="login" value="$login"/>
<input type="hidden" name="password" value="$password"/>
<input type="submit" name="submit" value="Forums"/>
</form><br/>
<form action="admin.php" method="post">
<input type="hidden" name="mode" value="bannerlist"/>
<input type="hidden" name="login" value="$login"/>
<input type="hidden" name="password" value="$password"/>
<input type="submit" name="submit" value="Banners"/>
</form>
END;
	if ($mode=='main') {
		displayHTML('Admin panel', "", $formhtml, "<a href=\"http://zagruz.org\">ZAGRUZ.ORG</a>");
	}
	if ($mode=='forumlist') {
		$r = mysql_query("SELECT * FROM {$table}forums");
		for($i=0; $i<mysql_numrows($r); $i++) {
			$a=mysql_fetch_array($r);
			$ForumID = $a['ID'];
			$ForumTitle = $a['Title'];
			$ForumEmail = $a['AdminEmail'];
			$r1 = mysql_query("SELECT * FROM {$table}{$ForumID}_messages");
			$mn=mysql_numrows($r1);
			$body=$body."$ForumID ($mn) $ForumEmail <a href=\"login.php?f=$ForumID&mode=login&nick=$AdminName&pass=$AdminPassword&size=10000\">$ForumTitle</a>".
			"<form action=\"admin.php\" method=\"post\"><input type=\"hidden\" name=\"mode\" value=\"forumdel\"/><input type=\"hidden\" name=\"login\" value=\"$login\"/><input type=\"hidden\" name=\"password\" value=\"$password\"/><input type=\"hidden\" name=\"fid\" value=\"$ForumID\"/><input type=\"submit\" name=\"submit\" value=\"Delete\"/></form><br/>";
		}
		$body.="<form action=\"admin.php\" method=\"post\"><input type=\"hidden\" name=\"mode\" value=\"forumnew\"/><input type=\"hidden\" name=\"login\" value=\"$login\"/><input type=\"hidden\" name=\"password\" value=\"$password\"/><input type=\"submit\" name=\"submit\" value=\"New\"/></form><br/>";
		displayHTML('Admin panel', "", $body . $formhtml, "<a href=\"http://zagruz.org\">ZAGRUZ.ORG</a>");
	}
	if ($mode=='forumdel') {
		mysql_query("DELETE FROM {$table}forums WHERE ID='$fid'");
		displayHTML('Admin panel', "", 'Deleted!<br/>'.$formhtml, "<a href=\"http://zagruz.org\">ZAGRUZ.ORG</a>");
	}
	if ($mode=='forumnew') {
		$label=randstr(10);
		mysql_query("INSERT INTO {$table}forums VALUES (NULL, '$label', '$email', '<a href='/'>ZAGRUZ.ORG</a>', 1, 0, 'rules.txt')");
		$r = mysql_query("SELECT * FROM {$table}forums WHERE Title='$label'");
		$a=mysql_fetch_array($r);
		$id=$a['ID'];
		mysql_query("UPDATE {$table}forums SET Title='MyForum' WHERE ID='$id'");
		mysql_query("DROP TABLE `{$table}{$id}_banip`, `{$table}{$id}_bannick`, `{$table}{$id}_forums`, `{$table}{$id}_messages`, `{$table}{$id}topiks`, `{$table}{$id}_users`");
		mysql_query("CREATE TABLE `{$table}{$id}_users` (`Nick` VARCHAR( 50 ) NOT NULL ,`Password` VARCHAR( 50 ) NULL DEFAULT NULL ,`BSID` VARCHAR( 8 ) NULL DEFAULT '00000000',`FSID` VARCHAR( 16 ) NULL DEFAULT '0000000000000000',`GoDate` VARCHAR( 15 ) NULL DEFAULT NULL ,`Lever` INT( 1 ) NULL DEFAULT '1',`RegisterDate` VARCHAR( 15 ) NULL DEFAULT NULL ,`PhotoURL` VARCHAR( 100 ) NULL DEFAULT NULL ,`RealName` VARCHAR( 50 ) NULL DEFAULT NULL ,`Sex` INT( 1 ) NULL DEFAULT '0',`City` VARCHAR( 30 ) NULL DEFAULT NULL ,`Mail` VARCHAR( 50 ) NULL DEFAULT NULL ,`ICQ` VARCHAR( 50 ) NULL DEFAULT NULL ,`Site` VARCHAR( 50 ) NULL DEFAULT NULL ,`Info` TEXT NULL DEFAULT NULL ,INDEX ( `Nick` ) ) TYPE = MYISAM ");
		mysql_query("CREATE TABLE `{$table}{$id}_forums` (`ID` INT NOT NULL AUTO_INCREMENT ,`Title` VARCHAR( 50 ) NULL DEFAULT NULL ,`Info` TEXT NULL DEFAULT NULL ,INDEX ( `ID` ) ) TYPE = MYISAM ");
		mysql_query("CREATE TABLE `{$table}{$id}_topiks` (`ID` INT( 10 ) NOT NULL AUTO_INCREMENT ,`Cop` VARCHAR( 50 ) NULL DEFAULT NULL ,`Title` VARCHAR( 255 ) NULL DEFAULT NULL ,`ForumID` INT( 10 ) NULL DEFAULT NULL ,`Date` VARCHAR( 15 ) NULL DEFAULT NULL ,`Visible` BOOL NULL DEFAULT '1',`Enabled` BOOL NULL DEFAULT '1',INDEX ( `ID` ) ) TYPE = MYISAM ");
		mysql_query("CREATE TABLE `{$table}{$id}_messages` (`ID` INT( 10 ) NOT NULL AUTO_INCREMENT ,`Cop` VARCHAR( 50 ) NULL DEFAULT NULL ,`Body` TEXT NULL DEFAULT NULL ,`ForumID` INT( 10 ) NULL DEFAULT NULL ,`TopikID` INT( 10 ) NULL DEFAULT NULL ,`Date` VARCHAR( 15 ) NULL DEFAULT NULL ,`Visible` BOOL NULL DEFAULT '1',`IP` VARCHAR( 50 ) NULL DEFAULT 'no',`UserAgent` VARCHAR( 150 ) NULL DEFAULT 'all',INDEX ( `ID` ) ) TYPE = MYISAM ");
		mysql_query("CREATE TABLE `{$table}{$id}_banip` (`IP` VARCHAR( 50 ) NULL DEFAULT 'no',`UserAgent` VARCHAR( 150 ) NULL DEFAULT 'all',`Date` VARCHAR( 15 ) NOT NULL ) TYPE = MYISAM ");
		mysql_query("CREATE TABLE `{$table}{$id}_bannick` (`Nick` VARCHAR( 50 ) NOT NULL ,`Date` VARCHAR( 15 ) NOT NULL ,`Comment` TEXT NULL ,INDEX ( `Nick` ) ) TYPE = MYISAM ");
		mysql_query("INSERT INTO {$table}{$id}_users VALUES ('$AdminName', '$AdminPassword', 'no', 'no', '$date', 5, '$rdate', NULL,  NULL, NULL, NULL, NULL, NULL, NULL, NULL)");
		displayHTML('Admin panel', "", 'Ok!<br/>'.$formhtml, "<a href=\"http://zagruz.org\">ZAGRUZ.ORG</a>");
	}
	if ($mode=='bannerlist') {
		$r = mysql_query("SELECT * FROM {$table}banners");
		for($i=0; $i<mysql_numrows($r); $i++) {
			$a=mysql_fetch_array($r);
			$BannerID = $a['ID'];
			$BannerCode = $a['BannerCode'];
			$body=$body."$BannerCode".
			"<form action=\"admin.php\" method=\"post\"><input type=\"hidden\" name=\"mode\" value=\"bannerdel\"/><input type=\"hidden\" name=\"login\" value=\"$login\"/><input type=\"hidden\" name=\"password\" value=\"$password\"/><input type=\"hidden\" name=\"bid\" value=\"$BannerID\"/><input type=\"submit\" name=\"submit\" value=\"Delete\"/></form><br/>";
		}
		$body.="<form action=\"admin.php\" method=\"post\"><input type=\"hidden\" name=\"mode\" value=\"bannernew\"/><input type=\"text\" name=\"bc\"/><input type=\"hidden\" name=\"login\" value=\"$login\"/><input type=\"hidden\" name=\"password\" value=\"$password\"/><input type=\"submit\" name=\"submit\" value=\"New\"/></form><br/>";
		displayHTML('Admin panel', "", $body . $formhtml, "<a href=\"http://zagruz.org\">ZAGRUZ.ORG</a>");
	}
	if ($mode=='bannerdel') {
		mysql_query("DELETE FROM {$table}banners WHERE ID='$bid'");
		displayHTML('Admin panel', "", 'Deleted!<br/>'.$formhtml, "<a href=\"http://zagruz.org\">ZAGRUZ.ORG</a>");
	}
	if ($mode=='bannernew') {
		$r = mysql_query("SELECT * FROM {$table}banners");
		$bn=mysql_numrows($r);
		mysql_query("INSERT INTO {$table}banners VALUES ($bn, '$bc')");
		displayHTML('Admin panel', "", 'Ok!<br/>'.$formhtml, "<a href=\"http://zagruz.org\">ZAGRUZ.ORG</a>");
	}
	if ($mode=='install') {
		$id=1;
		mysql_query("DROP TABLE `{$table}1_banip`, `{$table}1_bannick`, `{$table}1_forums`, `{$table}1_messages`, `{$table}1_topiks`, `{$table}1_users`, `{$table}banners`, `{$table}forums`");
		mysql_query("CREATE TABLE `{$table}forums` (`ID` INT( 10 ) NOT NULL AUTO_INCREMENT ,`Title` VARCHAR( 50 ) NULL DEFAULT 'MyForum',`AdminEmail` VARCHAR( 100 ) NULL DEFAULT '[email protected]',`BackLink` VARCHAR( 250 ) NULL DEFAULT '<a href=\"/\">ZAGRUZ.ORG</a><br/>©Alex i KO',`RegisterOnly` BOOL NULL DEFAULT '1',`ShowModers` BOOL NULL DEFAULT '0',`RulesFile` VARCHAR( 100 ) NULL DEFAULT '/myforum/rules.txt',INDEX ( `ID` ) ) TYPE = MYISAM ;");
		mysql_query("CREATE TABLE `{$table}banners` (`ID` INT( 10 ) NOT NULL AUTO_INCREMENT ,`BannerCode` VARCHAR( 255 ) NOT NULL ,INDEX ( `ID` ) ) TYPE = MYISAM ;");
		mysql_query("CREATE TABLE `{$table}{$id}_users` (`Nick` VARCHAR( 50 ) NOT NULL ,`Password` VARCHAR( 50 ) NULL DEFAULT NULL ,`BSID` VARCHAR( 8 ) NULL DEFAULT '00000000',`FSID` VARCHAR( 16 ) NULL DEFAULT '0000000000000000',`GoDate` VARCHAR( 15 ) NULL DEFAULT NULL ,`Lever` INT( 1 ) NULL DEFAULT '1',`RegisterDate` VARCHAR( 15 ) NULL DEFAULT NULL ,`PhotoURL` VARCHAR( 100 ) NULL DEFAULT NULL ,`RealName` VARCHAR( 50 ) NULL DEFAULT NULL ,`Sex` INT( 1 ) NULL DEFAULT '0',`City` VARCHAR( 30 ) NULL DEFAULT NULL ,`Mail` VARCHAR( 50 ) NULL DEFAULT NULL ,`ICQ` VARCHAR( 50 ) NULL DEFAULT NULL ,`Site` VARCHAR( 50 ) NULL DEFAULT NULL ,`Info` TEXT NULL DEFAULT NULL ,INDEX ( `Nick` ) ) TYPE = MYISAM ");
		mysql_query("CREATE TABLE `{$table}{$id}_forums` (`ID` INT NOT NULL AUTO_INCREMENT ,`Title` VARCHAR( 50 ) NULL DEFAULT NULL ,`Info` TEXT NULL DEFAULT NULL ,INDEX ( `ID` ) ) TYPE = MYISAM ");
		mysql_query("CREATE TABLE `{$table}{$id}_topiks` (`ID` INT( 10 ) NOT NULL AUTO_INCREMENT ,`Cop` VARCHAR( 50 ) NULL DEFAULT NULL ,`Title` VARCHAR( 255 ) NULL DEFAULT NULL ,`ForumID` INT( 10 ) NULL DEFAULT NULL ,`Date` VARCHAR( 15 ) NULL DEFAULT NULL ,`Visible` BOOL NULL DEFAULT '1',`Enabled` BOOL NULL DEFAULT '1',INDEX ( `ID` ) ) TYPE = MYISAM ");
		mysql_query("CREATE TABLE `{$table}{$id}_messages` (`ID` INT( 10 ) NOT NULL AUTO_INCREMENT ,`Cop` VARCHAR( 50 ) NULL DEFAULT NULL ,`Body` TEXT NULL DEFAULT NULL ,`ForumID` INT( 10 ) NULL DEFAULT NULL ,`TopikID` INT( 10 ) NULL DEFAULT NULL ,`Date` VARCHAR( 15 ) NULL DEFAULT NULL ,`Visible` BOOL NULL DEFAULT '1',`IP` VARCHAR( 50 ) NULL DEFAULT 'no',`UserAgent` VARCHAR( 150 ) NULL DEFAULT 'all',INDEX ( `ID` ) ) TYPE = MYISAM ");
		mysql_query("CREATE TABLE `{$table}{$id}_banip` (`IP` VARCHAR( 50 ) NULL DEFAULT 'no',`UserAgent` VARCHAR( 150 ) NULL DEFAULT 'all',`Date` VARCHAR( 15 ) NOT NULL ) TYPE = MYISAM ");
		mysql_query("CREATE TABLE `{$table}{$id}_bannick` (`Nick` VARCHAR( 50 ) NOT NULL ,`Date` VARCHAR( 15 ) NOT NULL ,`Comment` TEXT NULL ,INDEX ( `Nick` ) ) TYPE = MYISAM ");
		mysql_query("INSERT INTO  `{$table}forums` VALUES (NULL, 'MyForum', '[email protected]', '<a href=\"/\">ZAGRUZ.ORG</a>', 1, 0, 'rules.txt')");
		mysql_query("INSERT INTO  `{$table}{$id}_users` VALUES ('$AdminName', '$AdminPassword', 'no', 'no', '$date', 5, '$rdate', NULL,  NULL, NULL, NULL, NULL, NULL, NULL, NULL)");
		echo 'Ok!';
	}
} else {
$formhtml=<<<END
<form action="admin.php" method="post">
<input type="hidden" name="mode" value="main"/>
Login:<input type="text" name="login" cols="60"/></td></tr>
<tr><td bgcolor="#C3F6FD">
Password:&nbsp;<input type="password" name="password" cols="60"/></td></tr>
<tr><td bgcolor="#79EBFB"><p align="center">
<input type="submit" name="submit" value="Login"/></p>
</form>
END;
displayHTML('Admin panel', "", $formhtml, "<a href=\"http://zagruz.org\">ZAGRUZ.ORG</a>");
}

mysql_close($lnk);
?>