Размер файла: 8.16Kb
<?php
// by Mike. O (mides), coolcms.mobi
require_once '../system/sys.php';
require_once '../system/auth_a.php';
require_once '../system/header.php';
switch ($act) {
default:
tp($lang['control_panel']);
note();
$adminchat = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `adminchat`"), 0);
echo '<a href="adminchat.php">Админ-чат</a> ('.$adminchat.')<br />';
echo '<a href="?act=kick&user=">'.$lang['kick_a_user'].'</a><br />';
if (access(2)) {
echo '<a href="loads.php">'.$lang['downloads'].'</a> | <a href="news.php">'.$lang['news'].'</a><br />';
echo '<a href="?act=ban&user=">'.$lang['ban_a_user'].'</a><br />';
$banned = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `ban` WHERE `until` > '".TIME."'"), 0);
echo '<a href="?act=banlist">Забаненные</a> ('.$banned.')<br />';
}
if (access(3)) {
echo '<a href="?act=masspm">Массовая рассылка PM</a><br />';
$users = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 1"), 0);
$users_0 = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `ok` = 0"), 0);
echo '<a href="blogs.php">'.$lang['blogs'].'</a> | <a href="forum.php">'.$lang['forum'].'</a><br />';
echo '<a href="users.php">Юзеры</a> ('.$users.', <a href="users.php?act=nonact">неакт.: '.$users_0.'</a>)<br />';
echo '<a href="ad.php">'.$lang['advert'].'</a><br />';
echo '<a href="templates.php">'.$lang['templates_editor'].'</a><br />';
echo '<a href="config.php">'.$lang['site_settings'].'</a> | <a href="smiles.php">'.$lang['smiley_faces'].'</a> <br />';
}
echo '<a href="http://coolcms.mobi">CoolCMS.mobi - оф. сайт</a>';
nav_main();
break;
case 'banlist':
tp('Забаненные');
note();
$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `ban` WHERE `until` > '".TIME."'"), 0);
if ($total > 0) {
$pages = ceil($total / $config['onpage']);
if ($page > $pages or $page == 0) {
$page = 1;
}
$begin = ($page - 1) * $config['onpage'];
$ban_r = mysql_query("SELECT * FROM `ban` WHERE `until` > '".TIME."' ORDER BY `until` DESC LIMIT $begin, $config[onpage]");
while ($ban = mysql_fetch_assoc($ban_r)) {
echo '• <a href="../profile.php?id='.$ban['id_user'].'">'.username($ban['id_user']).'</a> до '.ccdate($ban['until'], 0).' <a href="?act=ban_rm&id='.$ban['id'].'">разбан</a><br />';
}
navig($page, '?', $pages);
}
echo '<br /><a href="?act=ban&user=" class="button">Выдать бан</a></div>';
nav('./');
break;
case 'ban_rm':
mysql_query("DELETE FROM `ban` WHERE `id` = '$id'");
$_SESSION['note'] = 'Разбанен.';
redirect('?act=banlist');
break;
case 'kick':
if (access(2)) {
if ($ok) {
if ($_POST['user']) {
$user = check($_POST['user']);
if ($user != $u['username']) {
$us_r = mysql_query("SELECT `id`, `access` FROM `users` WHERE `username` = '$user'");
$us = mysql_fetch_assoc($us_r);
$id_user = $us['id'];
if ($id_user) {
if ($u['access'] > $us['access']) {
$kick_r = mysql_num_rows(mysql_query("SELECT `id` FROM `ban` WHERE `id_user` = '$id_user' and `until` > '".TIME."'"));
if (!$kick_r) {
$until = $config['kick'] + TIME;
mysql_query("INSERT INTO `ban` SET `id_user` = '$id_user', `until` = '$until', `by` = '$u[id]'");
redirect(HTTPHOME.'/profile.php?id='.$id_user);
} else {
$_SESSION['note'] = 'Этот юзер уже пнут/забанен!';
redirect('?act=kick&user=');
}
} else {
$_SESSION['note'] = 'Нельзя пнуть старшего по должности';
redirect('?act=kick&user=');
}
} else {
$_SESSION['note'] = 'Этот юзер не существует.';
redirect('?act=kick&user=');
}
} else {
$_SESSION['note'] = 'Вы не можете пнуть самого себя.';
redirect('?act=kick&user=');
}
} else {
redirect('?act=kick&user=');
}
} else {
tp('Пнуть юзера');
note();
echo '<form name="form" action="?act=kick&ok=1" method="post">
Логин(max12):<br /><input name="user" type="text" maxlength="12" value="'.$_GET['user'].'" /><br />
<input name="submit" type="submit" value="Пнуть!" />
</form>';
nav('?');
}
} else {
redirect(HTTPHOME);
}
break;
case 'ban':
if (access(2)) {
if ($ok) {
if ($_POST['user'] and $_POST['reason']) {
$user = check($_POST['user']);
if ($user != $u['username']) {
$us_r = mysql_query("SELECT `id`, `access` FROM `users` WHERE `username` = '$user'");
$us = mysql_fetch_assoc($us_r);
$id_user = $us['id'];
if ($id_user) {
if ($u['access'] > $us['access']) {
$ban_r = mysql_num_rows(mysql_query("SELECT `id` FROM `ban` WHERE `id_user` = '$id_user' and `until` > '".TIME."'"));
if (!$ban_r) {
$until = abs(intval($_POST['banned'])) + TIME;
$reason = check($_POST['reason']);
mysql_query("INSERT INTO `ban` SET `id_user` = '$id_user', `until` = '$until', `reason` = '$reason', `by` = '$u[id]'");
redirect(HTTPHOME.'/profile.php?id='.$id_user);
} else {
$_SESSION['note'] = 'Этот юзер уже забанен!';
redirect('?act=ban&user=');
}
} else {
$_SESSION['note'] = 'Нельзя забанить старшего по должности';
redirect('?act=ban&user=');
}
} else {
$_SESSION['note'] = 'Этот юзер не существует.';
redirect('?act=ban&user=');
}
} else {
$_SESSION['note'] = 'Вы не можете забанить самого себя.';
redirect('?act=ban&user=');
}
} else {
redirect('?act=ban&user=');
}
} else {
tp('Бан пользователя');
note();
echo '<form name="form" action="?act=ban&ok=1" method="post">
Пользователь(max12):<br /><input name="user" type="text" maxlength="12" value="'.$_GET['user'].'" /><br />
Причина(max250):<br /><textarea name="reason" cols="" rows="3"></textarea><br />
Срок:<br /><select name="banned">
<option value="900">15 минут</option>
<option value="1800">30 минут</option>
<option value="3600">1 час</option>
<option value="10800">3 часа</option>
<option value="21600">6 часов</option>
<option value="43200">12 часов</option>
<option value="86400">Сутки</option>
<option value="259200">Трое суток</option>
<option value="604800">Неделя</option>
<option value="2419200">Месяц</option>
</select><br />
<input name="submit" type="submit" value="Банить!" />
</form>';
nav('?');
}
} else {
redirect(HTTPHOME);
}
break;
case 'masspm':
if (access(3)) {
if ($ok) {
if (!empty($_POST['text'])) {
$text = check($_POST['text']);
$user_r = mysql_query("SELECT `id` FROM `users` WHERE `ok` = 1");
while ($user = mysql_fetch_assoc($user_r)) {
sendpm($user['id'], $text);
}
$_SESSION['note'] = 'Сделано';
redirect('?');
} else {
redirect('?act=masspm');
}
} else {
tp('Массовая рассылка PM');
echo '<form name="form" action="?act=masspm&ok=1" method="post" name="form">
Текст сообщения:<br />
<textarea name="text" cols="" rows="5"></textarea>
<input name="submit" type="submit" value="Ok" />
</form>
* Сообщения отправляются от имени System';
nav('?');
}
} else {
redirect();
}
break;
}
require_once '../system/tail_p.php';
?>