Файл: group/to_users.php
Строк: 123
<?
require_once ("../core/cuctema/core.php");
$group=mysql_fetch_assoc(mysql_query("SELECT * FROM `group` where `id` = '".intval($_GET['id'])."' LIMIT 1"));
if (!isset($user)){
$set['title']='Внимание!';
require_once ("../core/cuctema/head.php");
aut();
echo'<div class="func">Извините, эта функция доступна только зарегистрированным пользователям. <a href="/registration/">Регистрация</a> быстрая и бесплатная.</div><br />';
require_once ("../core/cuctema/foot.php");
exit();
}
$set['title']='Участники - '.output_text($group['name']); // заголовок страницы
require_once ("../core/cuctema/head.php");
aut();
//echo "<div class="headering">$urlik / <a href="/group">Группы</a> / <a href="/group/group?id=".$group['id']."">".output_text($group['name'])."</a> / Участники </div>";
if(mysql_result(mysql_query("SELECT COUNT(`id`) FROM `group` WHERE `id` = '$group[id]'"), 0)==NULL){
msg('Такой Группы нет');
require_once ("../core/cuctema/foot.php");
exit;
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `id` = '$group[id]' AND `read` = '0'"), 0)==0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '$user[id]' AND`act` = '1'"), 0)==0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `id` = '$group[id]' AND `admin` = ''"), 0)==0 && $user[id]!=1){
echo "<div class='hide'>
Читать могут только участники!
<br/>
<a href='/group/group?id=".$group['id']."&in' class='btn btn-danger'>Вступить</a>
<a href='".htmlspecialchars($_SERVER['HTTP_REFERER'])."' class='btn'>Назад</a>
</div>";
require_once ("../core/cuctema/foot.php");
exit;
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `group_ban` WHERE `id_group` = '$group[id]' AND `id_user` = '$user[id]' AND `time` > '".time()."'"), 0)==1){
$ban=mysql_fetch_assoc(mysql_query("SELECT * FROM `group_ban` where `id_user` = '".$user['id']."' LIMIT 1"));
echo 'Вы забанены до '.vremja($ban['time']).' <br />Причина '.output_text($ban['opis']).'<br />';
require_once ("../core/cuctema/foot.php");
exit;
}
if(isset($_GET['ban'])){
$a=mysql_query("SELECT * FROM `group_user` WHERE `id_user` = '".intval($_GET['ban'])."'");
$u=mysql_query("SELECT * FROM `group_user` WHERE `id_user` = '".$user['id']."'");
if($u['level']>=$a['level']){
if(isset($_POST['save'])){
$opis=mysql_real_escape_string($_POST['opis']);
$ttime=intval(mysql_real_escape_string(htmlspecialchars($_POST['time'])));
if (!preg_match( '/^[1-9]d*$/', $ttime ))
{
msg("Не верно указано время бана!");
require_once ("../core/cuctema/foot.php");
exit();
}
$t=60*$ttime;
if(strlen2($opis)<10)$err='комментарий не менее 10 символов';
if(strlen2($ttime)<1)$err='Не менее 1 мин';
if($ttime!=intval($_POST['time']))$err='Только цифорки.';
if(!isset($err)){
if($user['id']!=intval($_GET['ban']) && isset($user) && mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".intval($_GET['ban'])."'"), 0)==1 && (mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".$user['id']."' AND `level` > '0'"), 0)==1 || mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `id` = '$group[id]' AND `admin` = '".$user['id']."'"), 0)==1)){
mysql_query("INSERT INTO `group_ban` (`id_group`, `id_user`, `opis`, `time`) values('$group[id]', '".intval($_GET['ban'])."', '".$opis."', '".(time()+$t)."')");
msg('Участник Забанен');
}
}
}
err();
echo "<form method='post' action=''>n";
echo "На:<br />n<input type='text' name='time' value='' maxlength='54' />Минут<br />n";
echo "Комментарий:<br />n<textarea name="opis"></textarea><br />n";
echo "<input type='submit' name='save' value='Забанить' />n";
echo "</form>n";
}
}
if(isset($_GET['admin'])){
$a=mysql_query("SELECT * FROM `group_user` WHERE `id_user` = '".intval($_GET['admin'])."'");
$u=mysql_query("SELECT * FROM `group_user` WHERE `id_user` = '".$user['id']."'");
if($u['level']>=$a['level']){
if($user['id']!=intval($_GET['admin']) && isset($user) && mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".intval($_GET['admin'])."'"), 0)==1 && (mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".$user['id']."' AND `level` = '2'"), 0)==1 || mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `id` = '$group[id]' AND `admin` = '".$user['id']."'"), 0)==1)){
mysql_query("UPDATE `group_user` SET `level` = '2' WHERE `id_user` = '".intval($_GET['admin'])."' AND `id_group` = '".$group['id']."' LIMIT 1");
msg('Участник назначен админом');
}
}
}
if(isset($_GET['moder'])){
$a=mysql_query("SELECT * FROM `group_user` WHERE `id_user` = '".intval($_GET['moder'])."'");
$u=mysql_query("SELECT * FROM `group_user` WHERE `id_user` = '".$user['id']."'");
if($u['level']>=$a['level']){
if($user['id']!=intval($_GET['moder']) && isset($user) && mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".intval($_GET['moder'])."'"), 0)==1 && (mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".$user['id']."' AND `level` = '2'"), 0)==1 || mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `id` = '$group[id]' AND `admin` = '".$user['id']."'"), 0)==1)){
mysql_query("UPDATE `group_user` SET `level` = '1' WHERE `id_user` = '".intval($_GET['moder'])."' AND `id_group` = '".$group['id']."' LIMIT 1");
msg('Участник назначен модератором');
}
}
}
if(isset($_GET['del'])){
$a=mysql_query("SELECT * FROM `group_user` WHERE `id_user` = '".intval($_GET['del'])."'");
$u=mysql_query("SELECT * FROM `group_user` WHERE `id_user` = '".$user['id']."'");
if($u['level']>=$a['level']){
if($user['id']!=intval($_GET['del']) && isset($user) && mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".intval($_GET['del'])."'"), 0)==1 && (mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".$user['id']."' AND `level` > '0'"), 0)==1 || mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `id` = '$group[id]' AND `admin` = '".$user['id']."'"), 0)==1)){
mysql_query("DELETE FROM `group_user` WHERE `id_user` = '".intval($_GET['del'])."' AND `id_group` = '".$group['id']."' ");
msg('Участник удалён');
}
}
}
echo " <div class='d2'>n";
echo "<b>Участники</b> | <a href='admins?id=$group[id]'>Руководство</a> | <a href='online?id=$group[id]'>Онлайн</a> | <a href='plea?id=$group[id]'>Заявки</a> (".mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group`='$group[id]' AND `act`='0'"),0).")<br />";
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group`='$group[id]' AND `act`='1'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
echo " </div>n";
if ($k_post==0)
{
echo " <div class='line'>n";
echo "Нет Участниковn";
echo " </div>n";
}
$q=mysql_query("SELECT * FROM `group_user` WHERE `id_group`='$group[id]' AND `act`='1' ORDER BY id LIMIT $start, $set[p_str]");
while ($ank = mysql_fetch_assoc($q))
{
$ank=get_user($ank['id_user']);
if ($num==0){
echo"<div class='d1'>n";
$num=1;
}
elseif ($num==1)
{
echo"<div class='d2'>n";
$num=0;
}
echo "<table><tr><td>";
avatar($ank['id']);
echo "</td>n";
echo "<td>";
echo "".online($ank['id'])." <a href='/id$ank[id]'>$ank[nick]</a><br />n";
if(($ank['id']!=$user['id'] && mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".$ank['id']."' AND `level` = '2'"), 0)==0) && (mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".$user['id']."' AND `level` = '2'"), 0)==1 || mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `id` = '$group[id]' AND `admin` = '".$user['id']."'"), 0)==1))echo "[<a href='?id=$group[id]&admin=$ank[id]'>Дать админа</a>]";
if(($ank['id']!=$user['id'] && mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".$ank['id']."' AND `level` = '1'"), 0)==0) && (mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".$user['id']."' AND `level` = '2'"), 0)==1 || mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `id` = '$group[id]' AND `admin` = '".$user['id']."'"), 0)==1))echo " [<a href='?id=$group[id]&moder=$ank[id]'>Дать модера</a>]";
if(($ank['id']!=$user['id']) && (mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".$user['id']."' AND `level` > '0'"), 0)==1 || mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `id` = '$group[id]' AND `admin` = '".$user['id']."'"), 0)==1))echo " [<a href='?id=$group[id]&del=$ank[id]'>Удалить</a>]";
if(($ank['id']!=$user['id'] && mysql_result(mysql_query("SELECT COUNT(*) FROM `group_ban` WHERE `id_group` = '$group[id]' AND `id_user` = '".$ank['id']."' AND `time` > '".time()."'"), 0)==0) && (mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user` = '".$user['id']."' AND `level` > '0'"), 0)==1 || mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `id` = '$group[id]' AND `admin` = '".$user['id']."'"), 0)==1))echo " [<a href='?id=$group[id]&ban=$ank[id]'>Бан</a>]";
echo "</td></tr></table></div></div>";
}
if ($k_page>1)str("users?id=$group[id]&",$k_page,$page); // Вывод страниц
require_once ("../core/cuctema/foot.php");
?>