<?php
header("Cache-Control: no-cache");
header("Content-type:text/vnd.wap.wml");
$ref=rand(10000,1000000);
require("inc.php");
$link = @mysql_pconnect ($MySQL_Hostname, $MySQL_Username, $MySQL_Password)
or die ("<wml>
<card id=\"error\" title=\"error\">
<do type=\"prev\" label=\"Back\"><prev/></do><p align=\"center\">Can not connect to MySQL</p>
</card>
</wml>");
@mysql_select_db($MySQLDatabasename) or die ("<wml>
<card id=\"error\" title=\"error\">
<do type=\"prev\" label=\"Back\"><prev/></do><p align=\"center\">error select the database...</p>
</card>
</wml>");
$result = @mysql_query ("Select * from users where id='".$id."'");
if (mysql_affected_rows() == 0) {
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card id=\"error\" title=\"Ошибка\" ontimer=\"index.php?ref=$ref\"><timer value=\"15\"/>\n";
echo "<p align=\"center\">\n";
echo "User was not found\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";
mysql_close($link);
exit;
}
$row = mysql_fetch_array ($result);
if ($ps !== $row["pass"]){
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card id=\"error\" title=\"Ошибка\" ontimer=\"index.php?ref=$ref\"><timer value=\"10\"/>\n";
echo "<p align=\"center\">\n";
echo "Your login failed\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";
mysql_close($link);
exit;
}
if($row["level"] < 4)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card id=\"error\" title=\"error\">\n";
echo "<p align=\"center\">\n";
echo "У вас нет прав доступа!\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";
mysql_close ($link);
exit;
}
$us=$row["user"];
$login=$row["user"];
mysql_query ("Select * from bannlist WHERE (ip = '".$REMOTE_ADDR."')and(soft = '".$HTTP_USER_AGENT."')");
if (mysql_affected_rows()!=0) {
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card id=\"error\" title=\"Забанен\" ontimer=\"index.php?ref=$ref\"><timer value=\"15\"/>\n";
echo "<p align=\"center\">\n";
echo "Вас забанили!\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";
mysql_close($link);
exit;
}
function rus_to_k($str){
$str = str_replace("Р°","a",$str);
$str = str_replace("Р±","b",$str);
$str = str_replace("РІ","v",$str);
$str = str_replace("Рі","g",$str);
$str = str_replace("Рґ","d",$str);
$str = str_replace("Рµ","e",$str);
$str = str_replace("С‘","e",$str);
$str = str_replace("Р¶","j",$str);
$str = str_replace("Р·","z",$str);
$str = str_replace("Рё","i",$str);
$str = str_replace("Р№","y",$str);
$str = str_replace("Рє","k",$str);
$str = str_replace("Р»","l",$str);
$str = str_replace("Рј","m",$str);
$str = str_replace("РЅ","n",$str);
$str = str_replace("Рѕ","o",$str);
$str = str_replace("Рї","p",$str);
$str = str_replace("СЂ","r",$str);
$str = str_replace("СЃ","s",$str);
$str = str_replace("С‚","t",$str);
$str = str_replace("Сѓ","u",$str);
$str = str_replace("С„","f",$str);
$str = str_replace("С…","h",$str);
$str = str_replace("С‡","c",$str);
$str = str_replace("С†","q",$str);//ч
$str = str_replace("С€","w",$str);
$str = str_replace("С‰",">",$str);//щ
$str = str_replace("СЊ","<",$str);//ъ
$str = str_replace("С‹","x",$str);//ы
$str = str_replace("СЉ",".",$str);//ь
$str = str_replace("СЌ",":",$str);//э
$str = str_replace("СЋ",";",$str);//ю
$str = str_replace("СЏ","}",$str);//я
$str = str_replace("Рђ","a",$str);
$str = str_replace("Р‘","b",$str);
$str = str_replace("Р’","v",$str);
$str = str_replace("Р“","g",$str);
$str = str_replace("Р”","d",$str);
$str = str_replace("Р•","e",$str);
$str = str_replace("РЃ","e",$str);
$str = str_replace("Р–","j",$str);
$str = str_replace("Р—","z",$str);
$str = str_replace("Р?","i",$str);
$str = str_replace("Р™","y",$str);
$str = str_replace("Рљ","k",$str);
$str = str_replace("Р›","l",$str);
$str = str_replace("Рњ","m",$str);
$str = str_replace("Рќ","n",$str);
$str = str_replace("Рћ","o",$str);
$str = str_replace("Рџ","p",$str);
$str = str_replace("Р ","r",$str);
$str = str_replace("РЎ","s",$str);
$str = str_replace("Рў","t",$str);
$str = str_replace("РЈ","u",$str);
$str = str_replace("Р¤","f",$str);
$str = str_replace("РҐ","h",$str);
$str = str_replace("Р§","c",$str);
$str = str_replace("Р¦","q",$str);
$str = str_replace("РЁ","w",$str);
$str = str_replace("Р©",">",$str);
$str = str_replace("Р¬","<",$str);
$str = str_replace("Р«","x",$str);
$str = str_replace("РЄ",".",$str);
$str = str_replace("Р",":",$str);
$str = str_replace("Р®",";",$str);
$str = str_replace("РЇ","}",$str);
return $str;
}
$fi = fopen("syst/stlog.dat", "a+");
$dat = date ("(H:i)d F");
$lst = "$us visited moderpanel $dat, his ip: $REMOTE_ADDR, user agent: $HTTP_USER_AGENT";
fwrite($fi, "$lst\n");
fwrite($fi, "************\n");
fflush($fi);
fclose($fi);
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<head><meta http-equiv=\"Cache-Control\" content=\"no-cache\" forua=\"true\"/></head>\n";
echo "<card id=\"mpanel\" title=\"MPanel\" >\n";
echo "<p align =\"left\">\n";
switch($do) {
default:
echo "Добрый день, уважаемый(ая) $us!<br/>\n";
echo "Ник юзера:<br/>\n";
echo "<input name=\"nick$ref\" title=\"nick\" emptyok=\"true\"/><br/>\n";
if ($row["level"]>5){
echo "<anchor title=\"go\">Апдейт<go href=\"mpanel.php?id=$id&ps=$ps&do=stpanel&ref=$ref\" method=\"post\">\n";
echo "<postfield name=\"nick\" value=\"$(nick$ref)\"/>\n";
echo "</go></anchor><br/>\n";
echo "*******<br/>\n";
}
echo "<b>РџРёРЅРѕРє</b><br/>\n";
echo "На сколько (мин)<br/>\n";
echo "<input name=\"wtime$ref\" maxlength=\"3\" title=\"vremya\" format=\"*N\" emptyok=\"true\"/><br/>\n";
echo "Причина<br/>\n";
echo "<input name=\"whykik$ref\" maxlength=\"200\" title=\"whykik\" emptyok=\"true\"/><br/>\n";
echo "<anchor title=\"go\">Пнуть засранца<go href=\"kick.php?go=pni&id=$id&ps=$ps&ref=$ref\" method=\"post\">\n";
echo "<postfield name=\"nick\" value=\"$(nick$ref)\"/>\n";
echo "<postfield name=\"wtime\" value=\"$(wtime$ref)\"/>\n";
echo "<postfield name=\"whykik\" value=\"$(whykik$ref)\"/>\n";
echo "</go></anchor><br/>\n";
echo "*******<br/>\n";
if ($row["level"]>4){
echo "<anchor title=\"go\">Забанить<go href=\"bann.php?id=$id&ps=$ps&ref=$ref\" method=\"post\">\n";
echo "<postfield name=\"nick\" value=\"$(nick$ref)\"/>\n";
echo "</go></anchor><br/>\n";
echo "*******<br/>\n";
echo "<a href=\"mpanel.php?id=$id&ps=$ps&do=mmeet&ref=$ref\">Добавить встречу</a><br/>";
echo "<a href=\"mpanel.php?id=$id&ps=$ps&do=dmeet&ref=$ref\">Удалить встречу</a><br/>";
echo "<a href=\"mpanel.php?id=$id&ps=$ps&do=mobi&ref=$ref\">Добавить объявление</a><br/>";
echo "<a href=\"mpanel.php?id=$id&ps=$ps&do=dobi&ref=$ref\">Удалить объявление</a><br/>";
}
break;
case 'mmeet':
$title=trim(htmlspecialchars(stripslashes($title)));
$content=trim(htmlspecialchars(stripslashes($content)));
$organizatory=trim(htmlspecialchars(stripslashes($organizatory)));
if(empty($title)) $error=$error."<u>Название не введено!</u><br/>";
if(empty($content)) $error=$error."<u>Пустое содержание встречи!</u><br/>";
if(empty($organizatory)) $error=$error."<u>Организаторов нет!</u><br/>";
if(empty($action)) {
print "Название:<br/><input name=\"title\"/><br/>
Содержание:<br/><input name=\"content\"/><br/>
Организаторы:<br/><input name=\"organizatory\"/><br/>
<anchor>Добавить<go href=\"mpanel.php?id=$id&ps=$ps&do=mmeet\" method=\"post\">
<postfield name=\"action\" value=\"add\"/>
<postfield name=\"title\" value=\"$(title)\"/>
<postfield name=\"content\" value=\"$(content)\"/>
<postfield name=\"organizatory\" value=\"$(organizatory)\"/></go></anchor><br/>";
} else { if(empty($error)) {
if($title!=$last_meet['title']) {
if(mysql_query("insert into vstrechi values(0,'$login','$title','$content','$organizatory');")) { print "<b>Ваша встреча успешно добавлена!</b><br/>"; } else { print "<b>Проблемы с базой данных!</b><br/>"; } } else { print "<b>Такая встреча уже добавлена!</b><br/>"; }
} else { print $error; } }
break;
case 'dmeet':
$q = mysql_query("select id,title from vstrechi order by id desc;");
if(empty($action)) {
while($arr=mysql_fetch_array($q)) {
print "<a href=\"mpanel.php?action=del&id=$id&ps=$ps&do=dmeet&mid=".$arr['id']."\">".$arr['title']."</a><br/>"; }
} else {
if(mysql_query("delete from vstrechi where id='$mid' limit 1;")) print "<b>Запись успешно удалена!</b><br/>";
}
break;
case 'mobi':
if(empty($title)) $error=$error."<u>Название не введено!</u><br/>";
if(empty($content)) $error=$error."<u>Пустое содержание встречи!</u><br/>";
if(empty($action)) {
print "Название:<br/><input name=\"title\"/><br/>
Содержание:<br/><input name=\"content\"/><br/>
<anchor>Добавить<go href=\"mpanel.php?id=$id&ps=$ps&do=mobi\" method=\"post\">
<postfield name=\"action\" value=\"add\"/>
<postfield name=\"title\" value=\"$(title)\"/>
<postfield name=\"content\" value=\"$(content)\"/>
</go></anchor><br/>";
} else { if(empty($error)) {
if($title!=$last_obiav['title']) {
if(mysql_query("insert into obiav values(0,'$login','$title','$content');")) { print "<b>Ваше объявление успешно добавлено!</b><br/>"; } else { print "<b>Проблемы СЃ базой данных!</b><br/>"; } } else { print "<b>Такое объявление уже добавлено</b><br/>"; }
} else { print $error; } }
break;
case 'dobi':
$q = mysql_query("select * from obiav order by id desc;");
if(empty($action)) {
while($arr=mysql_fetch_array($q)) {
print "<a href=\"mpanel.php?action=del&id=$id&ps=$ps&do=dobi&mid=".$arr['id']."\">".$arr['title']."</a><br/>"; }
} else {
if(mysql_query("delete from obiav where id='$mid' limit 1;")) print "<b>Объявление успешно удалено!</b><br/>";
}
break;
//
case 'stpanel':
if($row["level"] < 6)
{
echo "У вас нет прав доступа!\n";
break;
}
if(!isset($go))
{ if(!isset($nick))$nick=0;
$nick=trim($nick);
if($nick=="")$nick=0;
$latuser=strtolower($nick);
$ruser = rus_to_k($nick);
if($ruser==$nick){
$result = mysql_query ("Select * from users where latuser = '".$latuser."'");
} else {
$result = mysql_query ("select * from users where ruser = '".$ruser."'");
}
if (mysql_affected_rows() == 0) {
echo "Нет такого юзера<br/>\n";
break;
}
$row = mysql_fetch_array ($result);
echo "РќРёРє:<br/>\n";
echo "<input name=\"upnick$ref\" value=\"$row[user]\" title=\"nick\"/><br/>\n";
//echo "А постов та:<br/>\n";
//echo "<input name=\"posts$ref\" value=\"$row[posts]\" title=\"posts\"/><br/>\n";
echo "Статус:<br/>\n";
echo "<input name=\"status$ref\" value=\"$row[status]\" title=\"status\"/><br/>\n";
echo "Невидимость(только для ст.Модеров!):<br/>\n";
echo "<select name=\"inv$ref\">\n";
if ($row["inv"] == 0){
echo "<option value=\"0\">Отключена</option>\n";
echo "<option value=\"1\">Включена</option>\n";
} else {
echo "<option value=\"1\">Включена</option>\n";
echo "<option value=\"0\">Отключена</option>\n";
}
echo "</select><br/>\n";
echo "<anchor title=\"go\">Сохранить<go href=\"mpanel.php?go=upd&id=$id&ps=$ps&do=stpanel\" method=\"post\">\n";
echo "<postfield name=\"upid\" value=\"$row[id]\"/>\n";
echo "<postfield name=\"upnick\" value=\"$(upnick$ref)\"/>\n";
//echo "<postfield name=\"posts\" value=\"$(posts$ref)\"/>\n";
echo "<postfield name=\"status\" value=\"$(status$ref)\"/>\n";
echo "<postfield name=\"inv\" value=\"$(inv$ref)\"/>\n";
echo "</go></anchor><br/>\n";
break;
}
if(@$go=="upd")
{
$upnick=trim($upnick);
if($upnick==""){
echo "error $upnick\n";
break;
}
$latuser=strtolower($upnick);
$ruser = rus_to_k($upnick);
if($ruser==$upnick){
mysql_query ("Select * from users where (latuser = '".$latuser."')and(id != '".$upid."')");
} else {
mysql_query ("select * from users where (ruser = '".$ruser."')and(id != '".$upid."')");
}
if (mysql_affected_rows() != 0) {
echo "Пользователь с таким ником уже сушествует<br/>\n";
break;
}
if ($ruser==$upnick) $ins_str = "Update users set user='".$upnick."', status='".$status."', inv='".$inv."', ruser = '', latuser = '".$latuser."' where id ='".$upid."'";
else $ins_str = "Update users set user='".$upnick."', status='".$status."', inv='".$inv."', ruser = '".$ruser."', latuser = '' where id ='".$upid."'";
if (mysql_query ($ins_str)) {
echo "Профайл изменен<br/>\n";
} else {
echo "Database error:<br/>\n";
echo " ".mysql_error()." ";
}
}
break;
}
echo "*******<br/>\n";
if($do) {
echo "<a href=\"mpanel.php?id=$id&ps=$ps&ref=$ref\">Mpanel</a><br/>\n"; }
echo "<a href=\"enter.php?id=$id&ps=$ps&ref=$ref\">Прихожая</a><br/>\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";
mysql_close ($link);
?>