<?php
$nickname = trim(mysql_escape_string(htmlspecialchars($_POST['nickname'])));
$nickname = str_replace('$', '$$', $nickname);


$sql = mysql_query("SELECT * FROM `chat_banned_nicknames` WHERE `nickname` = '".$nickname."';");

if(mysql_affected_rows() != 0)
{
echo "Nick ".$nickname." already banned.<br/>\n";
break;
}

$q = mysql_query("SELECT `id` FROM `chat_users` WHERE `nickname` = '".$nickname."';");

if(mysql_num_rows($q) == 0)
{
echo "user  not Found.<br/>\n";
break;
}
else
{
$uid = mysql_result($q, 0);
}

if($uid == 1 && $id != 1)
{
echo "This user is the main  administrator.<br/>\n";
echo "Dnt hav previlage to do this.<br/>\n";
break;
}

mysql_query("DELETE FROM `chat_users` WHERE `nickname` = '".$nickname."';");
mysql_query("INSERT INTO `chat_banned_nicknames` SET `nickname` = '".$nickname."';");

//LOGS
$query = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
$moder = mysql_result($query, 0);
$q = mysql_query("INSERT INTO `chat_logs` VALUES(0, '".$moder."', 2, '".$nickname."', '', '".date("d-m-y H:i:s")."', ".time().");"); 

echo "NIckname <u>".$nickname."</u> banned.<br/>\n";
?>