Файл: AdminPanel/userban.php
Строк: 66
<?php
if(isset($_GET['izg']) && ($user['id']==1 || $user['admin']==1 || $user['admin']==2) && $user['id']!=$userq['id'])
{
if(isset($_POST['msg']))
{
if(strlen2($_POST['msg'])<1)err_game("Введите причину");
else
{
mysql_query("INSERT INTO `mystyle_ban` SET `id_user` = '$post[id]', `id_who` = '$user[id]', `msg` = '".my_esc($_POST['msg'])."', `izg` = '1'");
header("Location:?Profile=$post[id]");
exit;
}
}
echo "<div class='btnp'><h1>$post[nick]</h1></div>";
echo '<div class="btnp"><div class="block">';
echo "<form class='btnp' method='post'>";
echo "Причина:<br />n";
echo "<textarea class='btnp' name="msg"></textarea><br />n";
echo "<input class='btnp' type='submit' value='Забанить' />n";
echo "</form>n";
echo "</div></div>";
}
elseif(isset($_GET['ban']) && ($user['id']==1 || $user['admin']>0) && $user['id']!=$userq['id'])
{
if(isset($_POST['msg']))
{
$timeban=$time;
if ($_POST['time']=='min')$timeban+=intval($_POST['timec'])*60;
if ($_POST['time']=='chas')$timeban+=intval($_POST['timec'])*60*60;
if ($_POST['time']=='sut')$timeban+=intval($_POST['timec'])*60*60*24;
if ($_POST['time']=='mes')$timeban+=intval($_POST['timec'])*60*60*24*30;
if ($timeban<$time)err_game('Ошибка времени бана');
elseif(strlen2($_POST['msg'])<1)err_game("Введите причину");
else
{
mysql_query("INSERT INTO `mystyle_ban` SET `id_user` = '$post[id]', `id_who` = '$user[id]', `msg` = '".my_esc($_POST['msg'])."', `izg` = '0', `time` = '$timeban'");
header("Location:?Profile=$post[id]");
exit;
}
}
echo "<div class='portrait'><h1>$post[nick]</h1></div>";
echo '<div class="portrait"><div class="block">';
echo "<form method='post'>";
echo "Причина:<br />n";
echo "<textarea class='btnp' name="msg"></textarea><br />n";
echo "Время бана:<br />n";
echo "<input class='btnp' type='text' name='timec' title='Время бана' value='1' maxlength='11' size='3' />n";
echo "<select class='btnp' name="time">n";
echo "<option value='min'>Минуты</option>n";
echo "<option value='chas'>Часы</option>n";
echo "<option value='sut'>Сутки</option>n";
echo "<option value='mes'>Месяцы</option>n";
echo "</select><br />n";
echo "<input class='btnp' type='submit' value='Забанить' />n";
echo "</form>";
echo "</div>";
}
?>