Файл: panel.php
Строк: 180
<?
include 'inc/config.php';
include 'inc/func.php';
include 'inc/conn.php';
include 'inc/header.php';
include 'inc/ent.php';
include 'inc/zapros.php';
include 'inc/ban.php';
################### Переадресация на mode=enter
if (isset($_GET['login']) and isset($_GET['password']))
{
header('Location: panel.php'.$_zapros.'mode=enter&'.SID);
}
####################
If (!isset($_GET['mode']) || !ereg("^[a-z0-9_-]{1,15}$",$_GET['mode'])) $mode=false; else $mode=$_GET['mode'];
switch ($mode){
################ CASE ENTER ############
case 'enter':
mysql_query("update `".prefix."users` set `mesto`='Входит в систему', `online`='".time()."' where `id` = '".$_USER['id']."';");
$_SESSION['codes']=rand(0001,9999);
//$_SESSION['code']=rand(0001,9999); [<font color="#f00000"><b>'.$_SESSION['code'].'</b></font>]
echo '<form method="post" action="panel.php">
Введите код с картинки <br /><img src="img.php" width="100" height="30" alt="img"/><br />
<input name="img_code" type="text" size="4" maxlength="'.strlen($_SESSION['codes']).'" />
<input value="Войти" name="do" type="submit"/></form>';
###############
//echo '<a href="panel.php">Войти</a><br/>'; //
echo 'Последний вход:<br>
Время: <b>'.$_USER[enterdata].'</b><br />
IP: <b>'.$_USER[enterip].'</b><br />
Soft: <b>'.$_USER[enter].'</b><br />
Браузер: <b>'.$_USER[enterb].'</b><br />';
echo 'Baш aвтoлoгин:<br/><input type="text" value="'.adress.'/panel.php?login='.$_USER['login'].'&password='.$_USER['password'].'"/><br/>';
$ips=mysql_real_escape_string($_SERVER['REMOTE_ADDR']);
$arbuz=mysql_real_escape_string($_SERVER['HTTP_USER_AGENT']);
$enterdata = date("d.m.y H:i:s");
mysql_query("UPDATE `".prefix."users` SET `enterdata`='$enterdata', `enterip`='$ips', `enter`='$arbuz', `enterb`='$brow' WHERE login='".$_USER['login']."'") or die('err');
break;
##################################################################
case false:
default:
mysql_query("update `".prefix."users` set `mesto`='В кабинете', `online`='".time()."' where `id` = '".$_USER['id']."';");
$_SESSION[login]=$_USER[login];
$_SESSION[password]=$_USER[password];
####################
if (mysql_num_rows(mysql_query("SELECT `id` FROM `".prefix."birzha` WHERE `id_user`='".$_USER['id']."'"))==0)
mysql_query("INSERT INTO `".prefix."birzha` values(0,'".$_USER['id']."','".$_USER['login']."','0','0','0','')");
If ($_USER['admin'])
echo '<div class="menu1"><div class="menu3"><a href="odm/admin.php?">Админка</a> <a href="odm/admin.php?mode=mod"><font color=red>['.$urlm.']</font></a></div></div>';
If ($_USER['moder'])
echo '<div class="menu1"><div class="menu3"><a href="odm/moder.php?">Модерка</a></div></div>';
$q=mysql_fetch_array(mysql_query("select * from ".prefix."birzha where login='$_USER[login]';"));
echo '<div class="copy" align="center"><b>О Вас</b></div>
<div class="menu1"><div class="menu3"><b><a href="editprofile.php">['.$_USER['login'].']</a> [ID: '.$_USER['id'].']</b><br/>
Статус: <b>['.$status.']</b><br/>
Кредитов: <b>['.round(($_USER['cfrom']-$_USER['cto']),1).'] | ['.round($_USER['bank'],1).']</b><br/>
Баланс: <b>'.$q['money'].' руб</b><br/></div></div>
<div class="copy" align="center"><b>Новости</b></div>';
echo '<div class="menu1"><div class="menu3"> <a href="news.php'.$_zapros.'">Новости ['.$data.']</a></div></div>';
$resul=mysql_query("SELECT * from `".prefix."news` ORDER by `ts` desc LIMIT 1");
$field=mysql_fetch_array($resul);
$text=$field['text'];
echo '<div class="in" align="center">'.bbcode(smiles(sub_str($text,95,'....<a style="color:red" href="news.php'.$_zapros.'">далее</a>'))).'</div>';
/*
$result22=mysql_num_rows(mysql_query("SELECT * FROM `".prefix."users` as `u`, `".prefix."url` as `l` WHERE u.cfrom > u.cto and l.id_user = u.id and $ttype and (l.activ = 0 or l.activ = 1) and l.moder = 0 and l.id_user <> '$_USER[id]' and l.id not in (SELECT `to` FROM `".prefix."clicks` WHERE `who`='$_USER[id]' ) "));
*/
$th = mysql_query("SELECT * FROM `".prefix."themes`");
$ths = mysql_num_rows($th);
$pt = mysql_query("SELECT * FROM `".prefix."posts`");
$pts = mysql_num_rows($pt);
$vkl=mysql_fetch_assoc(mysql_query("SELECT * FROM `".prefix."actia` ORDER BY `id` DESC LIMIT 1"));
$ts_actia=$vkl['ts']+604800;
if($ts_actia > time()){
$new_act=' <font color="red">new</font>';
}
echo '<div class="copy" align="center"><b>Операции с кредитами</b></div>
<div class="menu1"><div class="menu3"> <a href="surf.php">Переход по ссылкам</a></div></div>
<div class="menu1"><div class="menu3"> <a href="perevod.php">Перевод кредитов</a></div></div>
<div class="menu1"><div class="menu3"> <a href="url.php">Площадки</a> ['.$url.'/'.$sett['ploshadki'].']</div></div>
<div class="menu1"><div class="menu3"> <a href="bank.php">Банк кредитов</a> ['.$_USER['bank'].']</div></div>
<div class="menu1"><div class="menu3"> <a href="birzha.php">Биржа кредитов</a></div></div>
<div class="copy" align="center"><b>Общение</b></div>
<div class="menu1"><div class="menu3"> <a href="support.php">Поддержка</a> ['.$sup.']</div></div>
<div class="menu1"><div class="menu3"> <a href="forum.php">Форум</a> (<b>'.$ths.'/'.$pts.'</b>)</div></div>
<div class="menu1"><div class="menu3"> <a href="pm.php">Личка</a> ['.$vho.''.$new.'] </div></div>
<div class="copy" align="center"><b>Информация</b></div>
<div class="menu1"><div class="menu3"> <a href="/infa.php?mode=rules"><font color="red">Правила проекта!</font></a></div></div>
<div class="menu1"><div class="menu3"> <a href="info.php">О юзере</a></div></div>
<div class="menu1"><div class="menu3"> <a href="act.php">Акции</a> ['.$ac.']'.$new_act.'</div></div>
<div class="menu1"><div class="menu3"> <a href="infa.php">Различная информация</a></div></div>
<div class="menu1"><div class="menu3"> <a href="ref.php">Партнёрская программа</a></div></div>
<div class="copy" align="center"><b>Настройки и статистика</b></div>
<div class="menu1"><div class="menu3"> <a href="stat.php">Статистика клуба</a></div></div>
<div class="menu1"><div class="menu3"> <a/><a href="user_stat.php">Ваша статистика</a></div></div>
<div class="menu1"><div class="menu3"> <a href="exit.php">Выход</a></div></div>
';
break;
}
include 'inc/foot.php';
?>