File size: 18.64Kb
<?php
//=============================
#Version WapuS_ToP_final
#Script By: Black1992
#Email: skyangel15@inbox.lv
#Icq: 414454754
#Url: http://WaPuS.pp.Ru
//=============================
include '../config.php';
include '../inc/config.inc.php';
include '../inc/functions.inc.php';
//---------------------------------------------------------------
ini_set ('session.use_cookies', 0);
ini_set ('session.use_trans_sid', 1);
session_name('sid');
connect_to_db();
//---------------------------------------------------------------
if (empty($_GET['login']) or empty($_GET['p']))
{
$result = mysql_query("SELECT count(*) FROM `superadmin` WHERE 1");
$row=mysql_fetch_row($result);
$button = "Войти";
$input_type = "password";
$title='Вход в зону супер админа!';
include_once '../head.php';
if ($row[0] == 0)
{
echo "<div class=\"main\">В базе не обнаруженно суперадминов!</div>";
echo "<div class=\"rek3\">\n";
echo "Сейчас Вы можете создать учетную запись, и использовать ее в дальнейшем для управления рейтингом!<br/>\n";
$button = "Создать";
$input_type = "text";
}
else
{
echo "<div class=\"main\">Управление рейтингом</div>";
echo "<div class=\"rek3\">\n";
}
echo "<form action='index.php'>";
echo "<div class=\"ifield\">Логин:</div><input type='text' name='login' id='login'/>\n";
echo "<div class=\"ifield\">Пароль:</div><input type='$input_type' name='p' id='p' /><br/>\n";
echo "<input class=\"btn\" type='submit' value='$button' />";
echo "</form>";
echo "</small>";
echo "</body></html>";
echo "</div>\n";
echo "
<div class=\"news\">
<a href=\"" . $rating_url. "index.php\">$rating_name</a>
<img src=\"./../img/gt.gif\" alt=\">\" />Админка
</div>
";
include("./../foot_code.php");
exit;
}
$login = $_GET['login'];
$pass = $_GET['p'];
$result = mysql_query("SELECT count(*) FROM `superadmin` WHERE 1");
$row=mysql_fetch_row($result);
if($row[0] == 0)
{
$pass = md5($pass);
$sql="INSERT INTO `superadmin` VALUES ('','$login','$pass')";
@mysql_query($sql);
$uid = mysql_insert_id();
if ($uid == 0)
{
$title='Вход в зону супер админа!';
include_once '../head.php';
echo "<div class=\"main\">Управление рейтингом</div>";
echo "<div class=\"rek3\">\n";
echo "Не созданно!<br/>";
echo "<a href='index.php'>« назад</a><br/>\n";
echo "</div>\n";
echo "
<div class=\"news\">
<a href=\"" . $rating_url. "index.php\">$rating_name</a>
<img src=\"./../img/gt.gif\" alt=\">\" />Админка
</div>";
include("./../foot_code.php");
exit;
}
$title='Вход в зону супер админа!';
include_once '../head.php';
echo "<div class=\"main\">Управление рейтингом</div>";
echo "<div class=\"rek3\">\n";
echo "Учетная запись созданна!<br/>";
echo "<a href='index.php'>« назад</a><br/>\n";
echo "</div>\n";
echo "
<div class=\"news\">
<a href=\"" . $rating_url. "index.php\">$rating_name</a>
<img src=\"./../img/gt.gif\" alt=\">\" />Админка
</div>";
include("./../foot_code.php");
exit;
}
$result = mysql_query("SELECT `pass` FROM `superadmin` WHERE `login`='$login';");
$row=mysql_fetch_row($result);
if(!empty($row))
{
$truepass = $row[0];
if ($truepass == $pass || $truepass == md5($pass))
{
// вход осуществлен
$today = date("Ymd");
//проверка ввода act
if (empty($_GET['act']))
$action = "";
else
$action=$_GET['act'];
switch ($action)
{
case "del":
if (empty($_GET['uid']))
{
$title='Админка';
include_once '../head.php';
echo "<div class=\"main\">Удаление</div>";
echo "<div class=\"rek3\">\n";
echo "Не указан пользователь!<br/>";
echo "<a href='index.php?login=$login&p=$truepass'>« назад</a><br/>\n";
echo "</div>\n";
echo "
<div class=\"news\">
<a href=\"" . $rating_url. "index.php\">$rating_name</a>
<img src=\"./../img/gt.gif\" alt=\">\" />Админка
</div>";
include("./../foot_code.php");
exit;
}
$uid = (int)$_GET['uid'];
// проверка существования учетной записи
$result = mysql_query("SELECT * FROM `users` WHERE `uid`=$uid");
$row = mysql_fetch_array($result);
if (empty($row))
{
$title='Админка';
include_once '../head.php';
echo "<div class=\"main\">Удаление</div>";
echo "<div class=\"rek3\">\n";
echo "Отсутствует пользователь!<br/>";
echo "<a href='index.php?login=$login&p=$truepass'>« назад</a><br/>\n";
echo "</div>\n";
echo "
<div class=\"news\">
<a href=\"" . $rating_url. "index.php\">$rating_name</a>
<img src=\"./../img/gt.gif\" alt=\">\" />Админка
</div>";
include("./../foot_code.php");
exit;
}
if (!empty($_GET['ban']))
{
// баним пользователя
$ban_link = parse_url($row['link']);
$ban_link = $ban_link['host'];
@mysql_query("INSERT INTO `ban_user` VALUES ('$uid','$ban_link');");
}
// удаляем данные
@mysql_query("DELETE FROM `users` WHERE `uid` = $uid LIMIT 1");
@mysql_query("DELETE FROM `hits_ip` WHERE `uid` = $uid;");
@mysql_query("DELETE FROM `hits_time` WHERE `uid` = $uid;");
@mysql_query("DELETE FROM `months` WHERE `uid` = $uid;");
@mysql_query("DELETE FROM `online_ip` WHERE `uid` = $uid;");
@mysql_query("DELETE FROM `online_time` WHERE `uid` = $uid;");
@mysql_query("DELETE FROM `weeks` WHERE `uid` = $uid;");
@mysql_query("DELETE FROM `count_24` WHERE `uid` = $uid;");
$title='Админка';
include_once '../head.php';
echo "<div class=\"main\">Удаление</div>";
echo "<div class=\"rek3\">\n";
echo "Сайт был Удалён из рейтинга!<br/>";
echo "<a href='index.php?login=$login&p=$truepass'>« назад</a><br/>\n";
echo "</div>\n";
echo "
<div class=\"news\">
<a href=\"" . $rating_url. "index.php\">$rating_name</a>
<img src=\"./../img/gt.gif\" alt=\">\" />Админка
</div>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
case 'editname':
$uid = htmlspecialchars(stripslashes(trim($_GET['uid'])));
$qt = @mysql_query("select * from `users` where `uid`='$uid';");
$qa = @mysql_fetch_array($qt);
include("./../head.php");
print "<div class=main>Изменить название:</div><div class=rek3>";
print "<form method=\"post\" action=\"index.php?login=$login&p=$truepass&act=editnamego&uid=$uid\">
<input name=\"name\" class=\"do_button\" maxlength=\"40\" value=\"".$qa['site_name']."\"><br>
<input value=\"Изменить\" name=\"do\" class=\"button\" type=\"submit\"></form>";
print "</div><div class=news>[<a href=\"index.php?login=$login&p=$truepass\">Назад</a>]<br/></div>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
case 'editnamego':
$name = htmlspecialchars(stripslashes(trim($_POST['name'])));
$uid = htmlspecialchars(stripslashes(trim($_GET['uid'])));
include("./../head.php");
if(@mysql_query("update `users` set `site_name`='$name' where `uid`='$uid';"))
print "<div class=rek3><font color=\"#FF0000\">Название сайта успешно отредактирована!</font><br/></div>";
echo "<meta http-equiv=\"refresh\" content=\"1;url=index.php?login=$login&p=$truepass\"/>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
////////////////////////////////////////////////
case 'edithost':
$uid = htmlspecialchars(stripslashes(trim($_GET['uid'])));
$qt = @mysql_query("select * from `weeks` where `uid`='$uid';");
$qa = @mysql_fetch_array($qt);
include("./../head.php");
print "<div class=main>Изменить хосты:</div><div class=rek3>";
print "<form method=\"post\" action=\"index.php?login=$login&p=$pass&act=edithostgo&uid=$uid\">
<input name=\"name\" class=\"do_button\" maxlength=\"40\" value=\"".$qa['host']."\"><br>
<input value=\"Изменить\" name=\"do\" class=\"button\" type=\"submit\"></form>";
print "</div><div class=news>[<a href=\"index.php?login=$login&p=$pass\">Назад</a>]<br/></div>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
case 'edithostgo':
$name = htmlspecialchars(stripslashes(trim($_POST['name'])));
$uid = htmlspecialchars(stripslashes(trim($_GET['uid'])));
include("./../head.php");
if(@mysql_query("update `weeks` set `host`='$name' where `uid`='$uid';"))
print "<div class=rek3><font color=\"#FF0000\">Хосты сайта успешно отредактирована!</font><br/></div>";
echo "<meta http-equiv=\"refresh\" content=\"1;url=index.php?login=$login&p=$pass\"/>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
case 'edithit':
$uid = htmlspecialchars(stripslashes(trim($_GET['uid'])));
$qt = @mysql_query("select * from `weeks` where `uid`='$uid';");
$qa = @mysql_fetch_array($qt);
include("./../head.php");
print "<div class=main>Изменить хиты:</div><div class=rek3>";
print "<form method=\"post\" action=\"index.php?login=$login&p=$pass&act=edithitgo&uid=$uid\">
<input name=\"name\" class=\"do_button\" maxlength=\"40\" value=\"".$qa['count']."\"><br>
<input value=\"Изменить\" name=\"do\" class=\"button\" type=\"submit\"></form>";
print "</div><div class=news>[<a href=\"index.php?login=$login&p=$pass\">Назад</a>]<br/></div>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
case 'edithitgo':
$name = htmlspecialchars(stripslashes(trim($_POST['name'])));
$uid = htmlspecialchars(stripslashes(trim($_GET['uid'])));
include("./../head.php");
if(@mysql_query("update `weeks` set `count`='$name' where `uid`='$uid';"))
print "<div class=rek3><font color=\"#FF0000\">Хиты сайта успешно отредактирована!</font><br/></div>";
echo "<meta http-equiv=\"refresh\" content=\"1;url=index.php?login=$login&p=$pass\"/>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
case 'editopis':
$uid = htmlspecialchars(stripslashes(trim($_GET['uid'])));
$qt = @mysql_query("select * from `users` where `uid`='$uid';");
$qa = @mysql_fetch_array($qt);
include("./../head.php");
print "<div class=main>Изменить описание:</div><div class=rek3>";
print "<form method=\"post\" action=\"index.php?login=$login&p=$truepass&act=editopisgo&uid=$uid\">
<input name=\"name\" class=\"do_button\" maxlength=\"40\" value=\"".$qa['info']."\"><br>
<input value=\"Изменить\" name=\"do\" class=\"button\" type=\"submit\"></form>";
print "</div><div class=news>[<a href=\"index.php?login=$login&p=$truepass\">Назад</a>]<br/></div>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
case 'editopisgo':
$name = htmlspecialchars(stripslashes(trim($_POST['name'])));
$uid = htmlspecialchars(stripslashes(trim($_GET['uid'])));
include("./../head.php");
if(@mysql_query("update `users` set `info`='$name' where `uid`='$uid';"))
print "<div class=rek3><font color=\"#FF0000\">Описание сайта успешно отредактирована!</font><br/></div>";
echo "<meta http-equiv=\"refresh\" content=\"1;url=index.php?login=$login&p=$truepass\"/>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
case 'editlink':
$uid = htmlspecialchars(stripslashes(trim($_GET['uid'])));
$qt = @mysql_query("select * from `users` where `uid`='$uid';");
$qa = @mysql_fetch_array($qt);
include("./../head.php");
print "<div class=main>Изменить адрес:</div><div class=rek3>";
print "<form method=\"post\" action=\"index.php?login=$login&p=$truepass&act=editlinkgo&uid=$uid\">
<input name=\"link\" class=\"do_button\" maxlength=\"40\" value=\"".$qa['link']."\"><br>
<input value=\"Изменить\" name=\"do\" class=\"button\" type=\"submit\"></form>";
print "</div><div class=news>[<a href=\"index.php?login=$login&p=$truepass\">Назад</a>]<br/></div>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
case 'editlinkgo':
$link = htmlspecialchars(stripslashes(trim($_POST['link'])));
$uid = htmlspecialchars(stripslashes(trim($_GET['uid'])));
include("./../head.php");
if(@mysql_query("update `users` set `link`='$link' where `uid`='$uid';"))
print "<div class=rek3><font color=\"#FF0000\">Адрес сайта успешно отредактирована!</font><br/></div>";
echo "<meta http-equiv=\"refresh\" content=\"1;url=index.php?login=$login&p=$truepass\"/>";
include("./../foot_code.php");
break;
////////////////////////////////////////////////
default:
//проверка ввода page
if (empty($_GET['page']))
$page = 1;
else
$page = (int)$_GET['page'];
// получаем кол во участников
$result=mysql_query("SELECT count(`uid`) FROM `users` WHERE 1");
$cntData = mysql_fetch_row($result);
$count_users = $cntData[0];
// максимальная страница
$max_page = ceil($count_users/$count_top);
// проверка правильности страницы
if ($page > $max_page)
$page = $max_page;
if ($page <= 0)
$page = 1;
$start=$count_top*($page-1);
$end=$count_top;
// получаем uid участников
$result=mysql_query("SELECT * FROM `users` WHERE 1 ORDER BY `uid` ASC LIMIT $start,$end");
$count_users_on_page = mysql_num_rows($result);
$title='Админка';
include_once '../head.php';
echo "
<div class=\"rek3\">
Ваш автологин:
<br />
<input type=\"text\" value=\"$rating_url/admin/index.php?login=$login&p=$truepass\" />
</div>
<div class=\"rek3\">
<a href=\"../view_news_inc.php?login=$login&p=$truepass\">Управление новостями</a><br />
</div>
<div class=\"rek3\">
<a href=\"new_recl.php?login=$login&p=$truepass\">Добавить рекламу</a>
<br />
<a href=\"del_recl.php?login=$login&p=$truepass\">Удалить рекламу</a>
<br />
<a href=\"edit_recl.php?login=$login&p=$truepass\">Редактировать рекламу</a>
</div>
";
for($i = 0;$i < $count_users_on_page;$i++)
{
$user_data_row = mysql_fetch_array($result);
// данные участника
$uid = $user_data_row['uid'];
$site_name = $user_data_row['site_name'];
$link = $user_data_row['link'];
$info = $user_data_row['info'];
// посещения сегодня
$count_result=mysql_query("SELECT `count`,`host` FROM `weeks` WHERE `uid`=$uid AND `date`=$today LIMIT 1");
$count_data_row = mysql_fetch_array($count_result);
$count = $count_data_row['count'];
$host = $count_data_row['host'];
$in = $count_data_row['in']; $out = $count_data_row['out'];
$q=@mysql_query("select * from rat where uid='$uid'");
if($r=@mysql_fetch_assoc($q)){
$rt=round($r['rt'],1);
$allrt=$r['allrt'];
} else {
$rt=0;
$allrt=0; }
$q=mysql_query("select id from komms where uid=$uid");
$ckomms=(int)@mysql_num_rows($q);
// ============ ВЫВОД =============
echo "<div class=\"rek3\">";
echo "<b>$site_name [<a href=\"index.php?login=$login&p=$truepass&uid=$uid&act=editname\"><font color='red'><b>Edit</b></font></a></a>]<br/></b>";
echo"<b>ID=$uid <br/>".$user_data_row['email']." <br/></b>";
echo "<b><a href=\"$link\">$link</a> [<a href=\"index.php?login=$login&p=$truepass&uid=$uid&act=editlink\"><font color='red'><b>Edit</b></font></a>]<br/></b>\n";
echo "<b>$info [<a href=\"index.php?login=$login&p=$truepass&uid=$uid&act=editopis\"><font color='red'><b>Edit</b></font></a>]<br/></b>\n";
echo "Хосты $host [<a href=\"index.php?login=$login&p=$pass&uid=$uid&act=edithost\"><font color='red'><b>Edit</b></font></a>]<br/>\n";
echo "Хиты $count [<a href=\"index.php?login=$login&p=$pass&uid=$uid&act=edithit\"><font color='red'><b>Edit</b></font></a>]<br/></div>\n";
echo "<div class=\"rek3\"><a href=\"komms.php?login=$login&p=$truepass&uid=$uid\">Комментарии:</a> $ckomms<br>";
echo "<a href=\"rating.php?login=$login&p=$truepass&uid=$uid\">Оценка:</a> $rt / $allrt<br>";
echo "<a href=\"index.php?login=$login&p=$truepass&uid=$uid&act=del\">Удалить!</a> <br/>\n";
echo "<a href=\"index.php?login=$login&p=$truepass&uid=$uid&act=del&ban=1\">Удалить и банить!</a> <br/>\n";
echo "</div>\n";
}
// навигатор страниц
$next_p = $page + 1;
$prev_p = $page -1;
if ($prev_p > 0)
echo "<div class=rek3><a href=\"index.php?login=$login&p=$truepass&page=$prev_p\">Пред.</a>";
else
echo "<div class=rek3>Пред.";
echo " | ";
if ($next_p <= $max_page)
echo "<a href=\"index.php?login=$login&p=$truepass&page=$next_p\">След.</a></div>";
else
echo "След.</div>";
echo "
<div class=\"news\">
<a href=\"" . $rating_url. "index.php\">$rating_name</a>
<img src=\"./../img/gt.gif\" alt=\">\" />Админка
</div>";
include("./../foot_code.php");
}
}
else
{
$title='Вход в зону супер админа!';
include_once '../head.php';
echo "<div class=\"main\">Ошибка</div>";
echo "<div class=\"rek3\">\n";
echo "Пароль неверный!<br/>";
echo "<a href='index.php'>« назад</a><br/>\n";
echo "</div>\n";
echo "
<div class=\"news\">
<a href=\"" . $rating_url. "index.php\">$rating_name</a>
<img src=\"./../img/gt.gif\" alt=\">\" />Админка
</div>";
include("./../foot_code.php");
exit;
}
}
else
{
$title='Вход в зону супер админа!';
include_once '../head.php';
echo "<div class=\"main\">Ошибка</div>";
echo "<div class=\"rek3\">\n";
echo "Пароль неверный!<br/>";
echo "<a href='index.php'>« назад</a><br/>\n";
echo "</div>\n";
echo "
<div class=\"news\">
<a href=\"" . $rating_url. "index.php\">$rating_name</a>
<img src=\"./../img/gt.gif\" alt=\">\" />Админка
</div>";
include("./../foot_code.php");
exit;
}
?>