Просмотр файла click/admin/index.php

Размер файла: 20.18Kb
<?
session_start();
$title="Админка\n";
include ("../header.php");
if (empty($_SESSION['passw'])) $_SESSION['passw']=$pass;
if ($_SESSION['passw']!=$passadmin)
{
$title="ОШИБКА!\n";
echo $div["ten"];
echo "Доступ запрещен!";
echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">Войти</a><br/>";
echo $div["end"];
include ("../footer.php");
exit();
}

echo $div["header"];
$q = mysql_query("select * from uzvers;");
$reg=mysql_num_rows($q);
echo "Всего сайтов: <b>$reg</b>";
$q = mysql_query("select * from uzvers where `all`>'0';");
$reg=mysql_num_rows($q);
           while ($field=mysql_fetch_array($q))
           {
           $w=$field['all'];
           $all=$all+$w;
           }
echo ", из них активных: <b>$reg</b><br/>";
echo $div["end"];
if (empty($op)) $op="index";
switch ($op) {
  case "index":
    echo $div["ten"];
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?op=news&amp;".session_name()."=".session_id()."\">Новости</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?op=ticketplus&amp;".session_name()."=".session_id()."\">Тикетс(+)</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?op=ticketmin&amp;".session_name()."=".session_id()."\">Тикетс(-)</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?op=allsite&amp;".session_name()."=".session_id()."\">Все сайты</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?op=siteready&amp;".session_name()."=".session_id()."\">Готовые к выплатам</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"../index.php?".session_name()."=".session_id()."\">Выход</a><br/>";
    break;
  case "news":
    if ($mod=="add")
{
           if (empty($message))
           {
                      if ($_SESSION['wap']=="xml")
           {

           echo "<form action=\"index.php?op=news&amp;mod=add&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo $div["ten"];
           echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "Новость: <br/>";
           echo "<input name=\"message\" maxlength=\"250\" value=\"$msg_db\" title=\"Text\"/><br/>";
           echo "<select multiple=\"multiple\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><br/>";
           echo "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
           echo $div["end"];
           echo "</form>";
           }
           else
           {
           echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "Новость: <br/>";
           echo "</small><input name=\"message".$ref."\" value=\"$msg_db\" maxlength=\"250\" title=\"Text\"/><br/><small>";
           echo "</small><select multiple=\"true\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><small><br/>";
           echo "<anchor title=\"send\">Отправить<go href=\"index.php?op=news&amp;mod=add&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<postfield name=\"message\" value=\"$(message".$ref.")\"/>";
           echo "<postfield name=\"translit\" value=\"$(translit)\"/>";
           echo "</go></anchor><br/>";
           }
           }
           else
           {
           echo $div["ten"];
           if($translit==1) $message=latrus($message);
           @mysql_query("insert into `news` values(0,'$date','$message');")or die ("FUCK");
           echo "Новость добавлена!<br/>";
           echo "<img src=\"pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?op=news&amp;".session_name()."=".session_id()."\">Новости</a><br/>";
           echo "<img src=\"pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
           echo $div["end"];
           }
           include ("../footer.php");
           exit();
}
echo $div["ten"];
if(empty($startan)) $startan = 0;
$startan=intval($startan);
if($startan<0) $startan=0; $num_msgs_an=5;
$arr = mysql_query("select * from `news`");
$qi = mysql_query("select * from `news` order by `id` desc limit $startan,$num_msgs_an;;");
           if (mysql_affected_rows()==0)
           {
           echo "Нет новостей";
           }
           else
           {
while($row=mysql_fetch_array($qi))
{
echo "".$row['date']." |
".$row['msg']." <a href=\"index.php?op=editnews&amp;postid=".$row['id']."&amp;".session_name()."=".session_id()."\">ред</a> <a href=\"index.php?op=delnews&amp;id=".$row['id']."&amp;".session_name()."=".session_id()."\">удал</a><br/>";
}
           }
$i = @mysql_num_rows($arr);
if($startan!=0)
echo "<a href=\"index.php?op=news".session_name()."=".session_id()."&amp;startan=".($startan-$num_msgs_an)."\">".htmlspecialchars("<<--")."</a>] ";
if($i>$startan+$num_msgs_an)
echo "[<a href=\"index.php?op=news".session_name()."=".session_id()."&amp;startan=".($startan+$num_msgs_an)."\">".htmlspecialchars("-->>")."</a>";;
echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?op=news&amp;mod=add&amp;".session_name()."=".session_id()."\">Добавить Новость</a><br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;






    case "editnews":
    if (empty($go))
           {
           $q_msg = mysql_query("select * from `news` where (`id`='$postid');");
           $row_msg=mysql_fetch_array($q_msg);
           $msg_db=$row_msg['msg'];
                      if ($_SESSION['wap']=="xml")
           {

           echo "<form action=\"index.php?op=editnews&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<div>";
           echo "Сообщение: <br/>";
           echo "<input name=\"message\" maxlength=\"250\" value=\"$msg_db\" title=\"Text\"/><br/>";
           echo "<select multiple=\"multiple\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><br/>";
           echo "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
           echo "</div>";
           echo "</form>";
           }
           else
           {
           echo "Сообщение: <br/>";
           echo "</small><input name=\"message".$ref."\" value=\"$msg_db\" maxlength=\"250\" title=\"Text\"/><br/><small>";
           echo "</small><select multiple=\"true\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><small><br/>";
           echo "<anchor title=\"send\">Отправить<go href=\"index.php?op=editnews&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<postfield name=\"message\" value=\"$(message".$ref.")\"/>";
           echo "<postfield name=\"translit\" value=\"$(translit)\"/>";
           echo "</go></anchor><br/>";
           }
           echo $div["div"];
           if ($_SESSION['wap']!="xml") {echo "---<br/>";}
           echo $div["end"];
           include ("../footer.php");
           exit();
           }
           else
           {
           @mysql_query("UPDATE `news` SET `msg`='$message' WHERE (`id`='$postid')");
           echo "Новость изменена!<br/>";
           echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
           }
    break;






    case "delnews":
    echo $div["ten"];
    @mysql_query("delete from `news` where `id`='$id'");
    echo "Новость удалена!<br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;





    case "ticketplus":
    echo $div["ten"];
if(empty($startan)) $startan = 0;
$startan=intval($startan);
if($startan<0) $startan=0; $num_msgs_an=5;
$arr = mysql_query("select * from `support`");
$qi = mysql_query("select * from `support` where `ans`!='' order by `id` desc limit $startan,$num_msgs_an;;");
           if (mysql_affected_rows()==0)
           {
           echo "Нет тикетов";
           }
           else
           {
while($row=mysql_fetch_array($qi))
{
echo "#".$row['id']." | ".$row['date']." | ID:".$row['idc']." |
".$row['msg']." |<b>
".$row['ans']."</b> <a href=\"index.php?op=editticket&amp;postid=".$row['id']."&amp;".session_name()."=".session_id()."\">ред</a> <a href=\"index.php?op=deltick&amp;id=".$row['id']."&amp;".session_name()."=".session_id()."\">удал</a><br/>";
}
           }
$i = @mysql_num_rows($arr);
if($startan!=0)
echo "<a href=\"index.php?op=news".session_name()."=".session_id()."&amp;startan=".($startan-$num_msgs_an)."\">".htmlspecialchars("<<--")."</a>] ";
if($i>$startan+$num_msgs_an)
echo "[<a href=\"index.php?op=news".session_name()."=".session_id()."&amp;startan=".($startan+$num_msgs_an)."\">".htmlspecialchars("-->>")."</a>";;
    echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;


    ###
    case "ticketmin":
    echo $div["ten"];
if(empty($startan)) $startan = 0;
$startan=intval($startan);
if($startan<0) $startan=0; $num_msgs_an=5;
$arr = mysql_query("select * from `support`");
$qi = mysql_query("select * from `support` where `ans`='' order by `id` desc limit $startan,$num_msgs_an;;");
           if (mysql_affected_rows()==0)
           {
           echo "Нет тикетов";
           }
           else
           {
while($row=mysql_fetch_array($qi))
{
echo "#".$row['id']." | ".$row['date']." |
".$row['msg']."  <a href=\"index.php?op=answ&amp;postid=".$row['id']."&amp;".session_name()."=".session_id()."\">отв</a> <a href=\"index.php?op=deltick&amp;id=".$row['id']."&amp;".session_name()."=".session_id()."\">удал</a><br/>";
}
           }
$i = @mysql_num_rows($arr);
if($startan!=0)
echo "<a href=\"index.php?op=news".session_name()."=".session_id()."&amp;startan=".($startan-$num_msgs_an)."\">".htmlspecialchars("<<--")."</a>] ";
if($i>$startan+$num_msgs_an)
echo "[<a href=\"index.php?op=news".session_name()."=".session_id()."&amp;startan=".($startan+$num_msgs_an)."\">".htmlspecialchars("-->>")."</a>";;
    echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;




        case "deltick":
    echo $div["ten"];
    @mysql_query("delete from `support` where `id`='$id'");
    echo "Тикет удалён!<br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;


    case "editticket":
    if (empty($go))
           {
           $q_msg = mysql_query("select * from `support` where (`id`='$postid');");
           $row_msg=mysql_fetch_array($q_msg);
           $msg_db=$row_msg['ans'];
                      if ($_SESSION['wap']=="xml")
           {

           echo "<form action=\"index.php?op=editticket&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<div>";
           echo "Сообщение: <br/>";
           echo "<input name=\"message\" maxlength=\"250\" value=\"$msg_db\" title=\"Text\"/><br/>";
           echo "<select multiple=\"multiple\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><br/>";
           echo "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
           echo "</div>";
           echo "</form>";
           }
           else
           {
           echo "Сообщение: <br/>";
           echo "</small><input name=\"message".$ref."\" value=\"$msg_db\" maxlength=\"250\" title=\"Text\"/><br/><small>";
           echo "</small><select multiple=\"true\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><small><br/>";
           echo "<anchor title=\"send\">Отправить<go href=\"index.php?op=editticket&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<postfield name=\"message\" value=\"$(message".$ref.")\"/>";
           echo "<postfield name=\"translit\" value=\"$(translit)\"/>";
           echo "</go></anchor><br/>";
           }
           echo $div["div"];
           if ($_SESSION['wap']!="xml") {echo "---<br/>";}
           echo $div["end"];
           include ("../footer.php");
           exit();
           }
           else
           {
           @mysql_query("UPDATE `support` SET `ans`='$message' WHERE (`id`='$postid')");
           echo "Ответ изменен!<br/>";
           echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
           }
    break;




        case "answ":
    if (empty($go))
           {
           $q_msg = mysql_query("select * from `support` where (`id`='$postid');");
           $row_msg=mysql_fetch_array($q_msg);
           $msg_db=$row_msg['ans'];
                      if ($_SESSION['wap']=="xml")
           {

           echo "<form action=\"index.php?op=answ&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<div>";
           echo "Сообщение: <br/>";
           echo "<input name=\"message\" maxlength=\"250\" value=\"$msg_db\" title=\"Text\"/><br/>";
           echo "<select multiple=\"multiple\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><br/>";
           echo "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
           echo "</div>";
           echo "</form>";
           }
           else
           {
           echo "Сообщение: <br/>";
           echo "</small><input name=\"message".$ref."\" value=\"$msg_db\" maxlength=\"250\" title=\"Text\"/><br/><small>";
           echo "</small><select multiple=\"true\" name=\"translit\">
           <option value=\"1\">Транслит</option></select><small><br/>";
           echo "<anchor title=\"send\">Отправить<go href=\"index.php?op=answ&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<postfield name=\"message\" value=\"$(message".$ref.")\"/>";
           echo "<postfield name=\"translit\" value=\"$(translit)\"/>";
           echo "</go></anchor><br/>";
           }
           echo $div["div"];
           if ($_SESSION['wap']!="xml") {echo "---<br/>";}
           echo $div["end"];
           include ("../footer.php");
           exit();
           }
           else
           {
           @mysql_query("UPDATE `support` SET `ans`='$message' WHERE (`id`='$postid')");
           echo "Ответ добавлен!<br/>";
           echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
           }
    break;








case "allsite":
echo $div["ten"];
if(empty($startan)) $startan = 0;
$startan=intval($startan);
if($startan<0) $startan=0; $num_msgs_an=20;
$arr = mysql_query("select * from `uzvers`");
$qi = mysql_query("select * from `uzvers` order by `allmonth` desc limit $startan,$num_msgs_an;;");
           if (mysql_affected_rows()==0)
           {
           echo "Нет сайтов!";
           }
           else
           {
while($row=mysql_fetch_array($qi))
{
echo "".$row['id']." | ".$row['wm']." |
<a href=\"".$row['site']."\">".$row['site']."</a> ".$row['allmonth']."   <a href=\"index.php?op=opl&amp;postid=".$row['id']."&amp;".session_name()."=".session_id()."\">опл</a><br/>";
}
           }
$i = @mysql_num_rows($arr);
if($startan!=0)
echo "<a href=\"index.php?op=news".session_name()."=".session_id()."&amp;startan=".($startan-$num_msgs_an)."\">".htmlspecialchars("<<--")."</a>] ";
if($i>$startan+$num_msgs_an)
echo "[<a href=\"index.php?op=news".session_name()."=".session_id()."&amp;startan=".($startan+$num_msgs_an)."\">".htmlspecialchars("-->>")."</a>";;
    echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;


case "siteready":
echo $div["ten"];
if(empty($startan)) $startan = 0;
$startan=intval($startan);
if($startan<0) $startan=0; $num_msgs_an=20;
$arr = mysql_query("select * from `uzvers` where `allmonth`>'$mincost'");
$qi = mysql_query("select * from `uzvers` where `allmonth`>'$mincost' order by `allmonth` desc limit $startan,$num_msgs_an;;");
           if (mysql_affected_rows()==0)
           {
           echo "Нет сайтов!";
           }
           else
           {
while($row=mysql_fetch_array($qi))
{
echo "".$row['id']." | ".$row['wm']." |
<a href=\"".$row['site']."\">".$row['site']."</a> ".$row['allmonth']."   <a href=\"index.php?op=opl&amp;postid=".$row['id']."&amp;".session_name()."=".session_id()."\">опл</a><br/>";
}
           }
$i = @mysql_num_rows($arr);
if($startan!=0)
echo "<a href=\"index.php?op=news".session_name()."=".session_id()."&amp;startan=".($startan-$num_msgs_an)."\">".htmlspecialchars("<<--")."</a>] ";
if($i>$startan+$num_msgs_an)
echo "[<a href=\"index.php?op=news".session_name()."=".session_id()."&amp;startan=".($startan+$num_msgs_an)."\">".htmlspecialchars("-->>")."</a>";;
    echo "<br/><img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;






            case "delsite":
    echo $div["ten"];
    @mysql_query("delete from `uzvers` where `id`='$id'");
    echo "Сайт удалён!<br/>";
    echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
    break;



       case "opl":
    if (empty($go))
           {
           $q_msg = mysql_query("select * from `uzvers` where (`id`='$postid');");
           $row_msg=mysql_fetch_array($q_msg);
           $msg_db=$row_msg['allmonth'];
                      if ($_SESSION['wap']=="xml")
           {

           echo "<form action=\"index.php?op=opl&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<div>";
           echo "Сколько платим?: <br/>";
           echo "<input name=\"sum\" maxlength=\"250\" value=\"$msg_db\" title=\"Text\"/><br/>";
           echo "<input class=\"ibutton\" type=\"submit\" value=\"Платить\"/>";
           echo "</div>";
           echo "</form>";
           }
           else
           {
           echo "Сколько платим?: <br/>";
           echo "</small><input name=\"sum".$ref."\" value=\"$msg_db\" maxlength=\"250\" title=\"Text\"/><br/><small>";
           echo "<anchor title=\"send\">Платить<go href=\"index.php?op=opl&amp;go=edit&amp;postid=$postid&amp;".session_name()."=".session_id()."&amp;go=post\" method=\"post\">";
           echo "<postfield name=\"sum\" value=\"$(sum".$ref.")\"/>";
           echo "</go></anchor><br/>";
           }
           echo $div["div"];
           if ($_SESSION['wap']!="xml") {echo "---<br/>";}
           echo $div["end"];
           include ("../footer.php");
           exit();
           }
           else
           {
           @mysql_query("UPDATE `uzvers` SET `allmonth`=`allmonth`-'$sum' WHERE (`id`='$postid')");
           echo "Оплаченно!<br/>";
           echo "<img src=\"../pics/st.gif\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">АдминПанель</a><br/>";
           }
    break;
}

echo $div["end"];
include ("../footer.php");
?>