<?php
$nickname = trim(mysql_escape_string(htmlspecialchars($_POST['nickname'])));
$nickname = str_replace('$', '$$', $nickname);


$q = mysql_query("SELECT `ip`, `ua`, `id` FROM `chat_users` WHERE `nickname` = '".$nickname."';");
if(mysql_affected_rows() == 0)
{
echo "user  not Found.<br/>\n";
break;
}
$ip = mysql_result($q, 0, 'ip');
$ua = mysql_result($q, 0, 'ua');
$uid = mysql_result($q, 0, 'id');

if($uid == 1 && $id != 1)
{
echo "This user is the main  administrator.<br/>\n";
echo "Dnt hav previlage to do this.<br/>\n";
break;
}

$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
$moder = mysql_result($q, 0);
$q = mysql_query("INSERT INTO `chat_banned` VALUES(0, '".$ip."', '".$ua."');");
if($q)
{
echo "$nickname banned  IP+UA!<br/>\n";
echo "IP: <u>$ip</u><br/>\n";
echo "UserAgent: <u>$ua</u><br/>\n";

$date = date("d-m-y H:i:s");
$query = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
$moder = mysql_result($query, 0);
mysql_query("INSERT INTO `chat_logs` VALUES(0, '".$moder."', 3, '".$nickname."', '', '".$date."', ".time().");"); 
}
else
{
echo "Error.<br/>\n";
echo mysql_error()."<br/>\n";
}
?>