Просмотр файла znwap/admin.php

Размер файла: 8.44Kb
<?php
if (!in_array($login, $adminlogin)) {exit;}

// админка
if ($mode=='adminka') {
echo "<a href=\"$workdir/?mode=adminnews\">Новости</a><br/>
<a href=\"$workdir/?mode=adminrooms\">Комнаты чата</a><br/>
<a href=\"$workdir/?mode=adminrazbanl\">Разбан юзарей</a><br/>
<a href=\"$workdir/?mode=adminrazbanip\">Разбан ip</a><br/>";
echo "Управление юзерами:<br/>
<form action=\"$workdir/\" method=\"get\">
<input type=\"hidden\" name=\"mode\" value=\"showanket\"/>
<input type=\"text\" name=\"l\" value=\"\"/>
<input type=\"submit\" value=\"OK\"/><br/>
</form>
&#187; <a href=\"$workdir/?mode=menu\">Меню</a>";
echo "<br/><!-- UpTime Button Srart -->
<a href='http://uptime.ru/downtime.php?host_id=8777'><img src=http://uptime.ru/but.php?t=0&i=8777 width=88 height=31 border=0 alt='Мониторинг сервера осуществляется системой UpTime.Ru'></a>
<!-- UpTime Button End -->";
}
//------------------------------------------------------------------------------------
// разбан юзарей
if ($mode=='adminrazbanl') {
	if (isset($_REQUEST['l'])) {
		$l=delhtml($_REQUEST['l']);
		mysql_query("UPDATE zn_anket SET banned=0, bandate=NULL WHERE login='$l'");
	}
	$r=mysql_query("SELECT login, DATE_FORMAT(bandate, '%d.%m.%y %H:%i') AS date FROM zn_anket WHERE banned=1");
	while ($ar=mysql_fetch_array($r)) {
		echo "$ar[login] $ar[date] <a href=\"$workdir/?mode=adminrazbanl&amp;l=$ar[login]\">x</a><br/>";
	}
	echo "&#187; <a href=\"$workdir/?mode=adminka\"><b>Админка</b></a><br/>";
	echo "&#187; <a href=\"$workdir/?mode=menu\"><b>Меню</b></a>";
}
//------------------------------------------------------------------------------------
// разбан ip
if ($mode=='adminrazbanip') {
	if (isset($_REQUEST['bip'])) {
		$bip=delhtml($_REQUEST['bip']);
		$bua=delhtml($_REQUEST['bua']);
		mysql_query("DELETE FROM zn_ban WHERE ip='$bip' AND ua='$bua'");
	}
	$r=mysql_query("SELECT *, DATE_FORMAT(bandate, '%d.%m.%y %H:%i') AS date FROM zn_ban");
	while ($ar=mysql_fetch_array($r)) {
		echo "$ar[ip] $ar[ua] $ar[date] <a href=\"$workdir/?mode=adminrazbanip&amp;bip=".urlencode($ar['ip'])."&amp;bua=".urlencode($ar['ua'])."\">x</a><br/>";
	}
	echo "&#187; <a href=\"$workdir/?mode=adminka\"><b>Админка</b></a><br/>";
	echo "&#187; <a href=\"$workdir/?mode=menu\"><b>Меню</b></a>";
}
//------------------------------------------------------------------------------------
// управление комнатами
if ($mode=='adminrooms') {
	if (!empty($_REQUEST['roomname'])) {$roomname=delhtml($_REQUEST['roomname']);} else {$roomname="";}
	if (!empty($_REQUEST['a'])) {$a=delhtml($_REQUEST['a']);} else {$a=false;}
	if (!empty($_REQUEST['r'])) {$r=delhtml($_REQUEST['r']);} else {$r=false;}
	if (($a=='add') and (!$r)) {
		if (mysql_num_rows(mysql_query("SELECT * FROM zn_rooms WHERE title='$roomname'"))==0) {
			mysql_query("INSERT INTO zn_rooms SET title='$roomname'");
		}
	}
	if (($a=='add') and $r) {
		mysql_query("UPDATE zn_rooms SET title='$roomname' WHERE id='$r'");
	}
	if ($a=='del') {
		mysql_query("DELETE FROM zn_rooms WHERE id='$r'");
	}
	if (($a=='up') and ($r>=0)) {
		$nr=$r-1;
		while ($nr>0) {
			if (mysql_num_rows(mysql_query("SELECT * FROM zn_rooms WHERE id='$nr'"))!=0) {
				break;
			}
			$nr--;
		}
		mysql_query("UPDATE zn_rooms SET id='-1' WHERE id='$r'");
		mysql_query("UPDATE zn_rooms SET id='$r' WHERE id='$nr'");
		mysql_query("UPDATE zn_rooms SET id='$nr' WHERE id='-1'");
	}
	if ($a=='down') {
		$rk=mysql_fetch_array(mysql_query("SELECT MAX(id) as m FROM zn_rooms"));
		$m=$rk['m'];
		$nr=$r+1;
		while ($nr<=$m) {
			if (mysql_num_rows(mysql_query("SELECT * FROM zn_rooms WHERE id='$nr'"))!=0) {
				break;
			}
			$nr++;
		}
		mysql_query("UPDATE zn_rooms SET id='-1' WHERE id='$r'");
		mysql_query("UPDATE zn_rooms SET id='$r' WHERE id='$nr'");
		mysql_query("UPDATE zn_rooms SET id='$nr' WHERE id='-1'");
	}
	$res=mysql_query("SELECT * FROM zn_rooms ORDER BY id");
	while ($ra=mysql_fetch_array($res)) {
		echo "$ra[title]&nbsp;";
		echo "[<a href=\"$workdir/?mode=adminrooms&amp;a=up&amp;r=$ra[id]\">вверх</a>]&nbsp;";
		echo "[<a href=\"$workdir/?mode=adminrooms&amp;a=down&amp;r=$ra[id]\">вниз</a>]&nbsp;";
		echo "[<a href=\"$workdir/?mode=adminrooms&amp;a=edit&amp;r=$ra[id]\">изм</a>]&nbsp;";
		echo "[<a href=\"$workdir/?mode=adminrooms&amp;a=del&amp;r=$ra[id]\">удал</a>]<br/>";
	}
	echo "Добавить комнату:<br/>
<form action=\"$workdir/\" method=\"get\">
<input type=\"hidden\" name=\"mode\" value=\"adminrooms\"/>
<input type=\"hidden\" name=\"a\" value=\"add\"/>";
if ($a=='edit') {
	echo "<input type=\"hidden\" name=\"r\" value=\"$r\"/>";
	$rd=mysql_fetch_array(mysql_query("SELECT * FROM zn_rooms WHERE id='$r'"));
	$roomname=$rd['title'];
}
echo "<input type=\"text\" name=\"roomname\" value=\"$roomname\"/>
<input type=\"submit\" value=\"OK\"/><br/>
</form>";
echo "&#187; <a href=\"$workdir/?mode=adminka\"><b>Админка</b></a><br/>";
echo "&#187; <a href=\"$workdir/?mode=menu\"><b>Меню</b></a>";
}
//------------------------------------------------------------------------------------
// adminmode - удаление аккаунта
if ($mode=='admindel') {
	$l=delhtml($_REQUEST['l']);
	mysql_query("DELETE FROM zn_anket WHERE login='$l'");
	echo "Удалено!<br/>";
	$mode='menu';
}
//------------------------------------------------------------------------------------
// adminmode - бан
if ($mode=='adminban') {
	$l=delhtml($_REQUEST['l']);
	echo "<form action=\"$workdir/\" method=\"post\">
<input type=\"hidden\" name=\"mode\" value=\"adminbanok\"/>
<input type=\"hidden\" name=\"l\" value=\"$l\"/>
Банить ник (часов):<br/>
<input type=\"text\" name=\"lh\" value=\"24\"/><br/>
Банить ip+ua (часов):<br/>
<input type=\"text\" name=\"iph\" value=\"0\"/><br/>
<input type=\"submit\" name=\"submit\" value=\"Забанить\"/><br/>
</form>";
	echo "&#187; <a href=\"$workdir/?mode=adminka\"><b>Админка</b></a><br/>";
	echo "&#187; <a href=\"$workdir/?mode=menu\"><b>Меню</b></a>";
}
//------------------------------------------------------------------------------------
// adminmode - бан
if ($mode=='adminbanok') {
	$l=delhtml($_REQUEST['l']);
	$lh=intval($_REQUEST['lh']);
	$iph=intval($_REQUEST['iph']);
	$res=mysql_query("SELECT * FROM zn_anket WHERE login='$l'");
	$a=mysql_fetch_array($res);
	$bip=$a['ip'];
	$bua=$a['ua'];
	if (!empty($iph)) {
		mysql_query("INSERT INTO zn_ban VALUES('$bip', '$bua', CURRENT_TIMESTAMP()+INTERVAL $iph HOUR)");
	}
	if (!empty($lh)) {
		mysql_query("UPDATE zn_anket SET banned=1, bandate=CURRENT_TIMESTAMP()+INTERVAL $lh HOUR WHERE login='$l'");
	}
	echo "Успешно!<br/>";
	$mode='menu';
}
//------------------------------------------------------------------------------------
// adminmode - удаление из чата
if ($mode=='adminchatdel') {
	$id=delhtml($_REQUEST['id']);
	mysql_query("DELETE FROM zn_chat WHERE id='$id'");
	echo "Удалено<br/>";
	$mode='chat';
}
//------------------------------------------------------------------------------------
// добавление новостей
if ($mode=='adminnews') {
if (isset($_POST['submit']) and (!empty($_POST['text']))) {
    mysql_query("INSERT INTO zn_news SET date=NOW(), text='$_POST[text]'");
    header("Location: $workdir/?mode=adminnews");
    }

// выводим список новостей
$a = mysql_query("SELECT *, DATE_FORMAT(date, '%d.%m.%y') AS sdate FROM zn_news ORDER BY date DESC");
while($news = mysql_fetch_array($a))
{
$id = $news['id'];
$date = $news['sdate'];
$text = $news['text'];
echo "$date<br/>$text <a href=\"$workdir/?mode=adminnewsdel&amp;id=$id\">(del)</a><br/>\n";
}

echo "<form action=\"$workdir/?mode=adminnews\" method=\"post\">
Новость:<br>
<input type=\"text\" name=\"text\"/><br>
<input type=\"submit\" name=\"submit\" value=\"Создать\"><br/>
</form>";

echo "&#187; <a href=\"$workdir/?mode=adminka\"><b>Админка</b></a><br/>";
echo "&#187; <a href=\"$workdir/?mode=menu\"><b>Меню</b></a>";
}
//--------------------------------------------------------------------------------------
// удаление новостей
if ($mode=='adminnewsdel') {
$id=delhtml($_REQUEST['id']);
mysql_query("DELETE FROM zn_news WHERE id='$id'");
header("Location: $workdir/?mode=adminnews");
}


?>