1287 lines
52 KiB
PHP
1287 lines
52 KiB
PHP
|
<?PHP
|
|||
|
if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) {
|
|||
|
die( "Hacking attempt!" );
|
|||
|
}
|
|||
|
|
|||
|
if( ! $user_group[$member_id['user_group']]['admin_editusers'] ) {
|
|||
|
msg( "error", $lang['index_denied'], $lang['index_denied'] );
|
|||
|
}
|
|||
|
|
|||
|
$id = intval( $_REQUEST['id'] );
|
|||
|
|
|||
|
// ********************************************************************************
|
|||
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
// ********************************************************************************
|
|||
|
if( $action == "list" ) {
|
|||
|
echoheader( "users", $lang['user_head'] );
|
|||
|
|
|||
|
echo '<script language="javascript">
|
|||
|
<!-- begin
|
|||
|
function popupedit(id){
|
|||
|
window.open(\'' . $PHP_SELF . '?mod=editusers&action=edituser&id=\'+id,\'User\',\'toolbar=0,location=0,status=0, left=0, top=0, menubar=0,scrollbars=yes,resizable=0,width=540,height=500\');
|
|||
|
}
|
|||
|
function confirmdelete(id, user){
|
|||
|
var agree=confirm("' . $lang['user_deluser'] . '");
|
|||
|
if (agree)
|
|||
|
document.location="' . $PHP_SELF . '?mod=editusers&user_hash=' . $dle_login_hash . '&action=dodeleteuser&id="+id+"&user="+user;
|
|||
|
}
|
|||
|
function clearform(frm){
|
|||
|
for (var i=0;i<frm.length;i++) {
|
|||
|
var el=frm.elements[i];
|
|||
|
if (el.type=="checkbox" || el.type=="radio") { el.checked=0; continue; }
|
|||
|
if ((el.type=="text") || (el.type=="textarea") || (el.type == "password")) { el.value=""; continue; }
|
|||
|
if ((el.type=="select-one") || (el.type=="select-multiple")) { el.selectedIndex=0; }
|
|||
|
}
|
|||
|
document.searchform.start_from.value="";
|
|||
|
}
|
|||
|
function list_submit(prm){
|
|||
|
document.searchform.start_from.value=prm;
|
|||
|
document.searchform.submit();
|
|||
|
return false;
|
|||
|
}
|
|||
|
// end -->
|
|||
|
</script>';
|
|||
|
|
|||
|
$grouplist = get_groups( 4 );
|
|||
|
|
|||
|
$search_name = $db->safesql( trim( htmlspecialchars( strip_tags( $_REQUEST['search_name'] ) ) ) );
|
|||
|
$search_mail = $db->safesql( trim( htmlspecialchars( strip_tags( $_REQUEST['search_mail'] ) ) ) );
|
|||
|
|
|||
|
echo <<<HTML
|
|||
|
<!-- calendar stylesheet -->
|
|||
|
<link rel="stylesheet" type="text/css" media="all" href="system/skins/calendar-blue.css" title="win2k-cold-1" />
|
|||
|
<script type="text/javascript" src="system/skins/calendar.js"></script>
|
|||
|
<form method="post" action="">
|
|||
|
<div style="padding-top:5px;padding-bottom:2px;">
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
|
|||
|
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
|
|||
|
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
|
|||
|
<td style="padding:5px;" bgcolor="#FFFFFF">
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['user_auser']}</div></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
<div class="unterline"></div>
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td width="140" style="padding:4px;">{$lang['user_name']}</td>
|
|||
|
<td><input class="edit" size="21" type="text" name="regusername"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_pass']}</td>
|
|||
|
<td><input class="edit" size="21" type="text" name="regpassword"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_mail']}</td>
|
|||
|
<td><input class="edit" size="21" type="text" name="regemail"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_acc']}</td>
|
|||
|
<td><select name="reglevel">
|
|||
|
{$grouplist}
|
|||
|
</select>
|
|||
|
</td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td> </td>
|
|||
|
<td style="padding-top:10px;"><input type="submit" class="buttons" value="{$lang['vote_new']}" style="width:100px;">
|
|||
|
<input type="hidden" name="action" value="adduser">
|
|||
|
<input type="hidden" name="user_hash" value="$dle_login_hash" />
|
|||
|
<input type="hidden" name="mod" value="editusers"></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
</td>
|
|||
|
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
|
|||
|
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
|
|||
|
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
</div></form>
|
|||
|
HTML;
|
|||
|
|
|||
|
if( $search_reglevel ) $group_list = get_groups( $search_reglevel );
|
|||
|
else $group_list = get_groups();
|
|||
|
|
|||
|
if( $search_banned == "yes" ) $ifch = "checked";
|
|||
|
|
|||
|
$search_order_user = array ('----' => '', 'asc' => '', 'desc' => '' );
|
|||
|
if( ! empty( $search_order_u ) ) {
|
|||
|
$search_order_user[$search_order_u] = 'selected';
|
|||
|
} else {
|
|||
|
$search_order_user['----'] = 'selected';
|
|||
|
}
|
|||
|
$search_order_reg = array ('----' => '', 'asc' => '', 'desc' => '' );
|
|||
|
if( ! empty( $search_order_r ) ) {
|
|||
|
$search_order_reg[$search_order_r] = 'selected';
|
|||
|
} else {
|
|||
|
$search_order_reg['----'] = 'selected';
|
|||
|
}
|
|||
|
$search_order_last = array ('----' => '', 'asc' => '', 'desc' => '' );
|
|||
|
if( ! empty( $search_order_l ) ) {
|
|||
|
$search_order_last[$search_order_l] = 'selected';
|
|||
|
} else {
|
|||
|
$search_order_last['----'] = 'selected';
|
|||
|
}
|
|||
|
$search_order_news = array ('----' => '', 'asc' => '', 'desc' => '' );
|
|||
|
if( ! empty( $search_order_n ) ) {
|
|||
|
$search_order_news[$search_order_n] = 'selected';
|
|||
|
} else {
|
|||
|
$search_order_news['----'] = 'selected';
|
|||
|
}
|
|||
|
$search_order_coms = array ('----' => '', 'asc' => '', 'desc' => '' );
|
|||
|
if( ! empty( $search_order_c ) ) {
|
|||
|
$search_order_coms[$search_order_c] = 'selected';
|
|||
|
} else {
|
|||
|
$search_order_coms['----'] = 'selected';
|
|||
|
}
|
|||
|
|
|||
|
echo <<<HTML
|
|||
|
<form name="searchform" id="searchform" method="post" action="$PHP_SELF?mod=editusers&action=list">
|
|||
|
<div style="padding-top:5px;padding-bottom:2px;">
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
|
|||
|
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
|
|||
|
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
|
|||
|
<td style="padding:5px;" bgcolor="#FFFFFF">
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['user_se']}</div></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
<div class="unterline"></div>
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td width="140" style="padding:2px;">{$lang['user_name']}</td>
|
|||
|
<td style="padding-bottom:4px;"><input size="21" class="edit" type="text" name="search_name" id="search_name" value="{$search_name}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_user]}', this, event, '300px')">[?]</a></td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_regdate']}</td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_fdate']}</td>
|
|||
|
<td><input type="text" name="fromregdate" id="fromregdate" size="17" maxlength="16" class="edit" value="{$fromregdate}">
|
|||
|
<img src="system/skins/images/img.gif" align="absmiddle" id="f_trigger_reg" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>
|
|||
|
<script type="text/javascript">
|
|||
|
Calendar.setup({
|
|||
|
inputField : "fromregdate", // id of the input field
|
|||
|
ifFormat : "%Y-%m-%d", // format of the input field
|
|||
|
button : "f_trigger_reg", // trigger for the calendar (button ID)
|
|||
|
align : "Br", // alignment
|
|||
|
timeFormat : "24",
|
|||
|
showsTime : true,
|
|||
|
singleClick : true
|
|||
|
});
|
|||
|
</script></td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_tdate']}</td>
|
|||
|
<td><input type="text" name="toregdate" id="toregdate" size="17" maxlength="16" class="edit" value="{$toregdate}">
|
|||
|
<img src="system/skins/images/img.gif" align="absmiddle" id="t_trigger_reg" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>
|
|||
|
<script type="text/javascript">
|
|||
|
Calendar.setup({
|
|||
|
inputField : "toregdate", // id of the input field
|
|||
|
ifFormat : "%Y-%m-%d", // format of the input field
|
|||
|
button : "t_trigger_reg", // trigger for the calendar (button ID)
|
|||
|
align : "Br", // alignment
|
|||
|
timeFormat : "24",
|
|||
|
showsTime : true,
|
|||
|
singleClick : true
|
|||
|
});
|
|||
|
</script></td>
|
|||
|
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:2px;">{$lang['user_mail']}</td>
|
|||
|
<td><input size="21" class="edit" type="text" name="search_mail" id="search_mail" value="{$search_mail}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_mail]}', this, event, '300px')">[?]</a></td>
|
|||
|
|
|||
|
<td style="padding-left:5px;">{$lang['edit_entedate']}</td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_fdate']}</td>
|
|||
|
<td><input type="text" name="fromentdate" id="fromentdate" size="17" maxlength="16" class="edit" value="{$fromentdate}">
|
|||
|
<img src="system/skins/images/img.gif" align="absmiddle" id="f_trigger_ent" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>
|
|||
|
<script type="text/javascript">
|
|||
|
Calendar.setup({
|
|||
|
inputField : "fromentdate", // id of the input field
|
|||
|
ifFormat : "%Y-%m-%d", // format of the input field
|
|||
|
button : "f_trigger_ent", // trigger for the calendar (button ID)
|
|||
|
align : "Br", // alignment
|
|||
|
timeFormat : "24",
|
|||
|
showsTime : true,
|
|||
|
singleClick : true
|
|||
|
});
|
|||
|
</script></td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_tdate']}</td>
|
|||
|
<td><input type="text" name="toentdate" id="toentdate" size="17" maxlength="16" class="edit" value="{$toentdate}">
|
|||
|
<img src="system/skins/images/img.gif" align="absmiddle" id="t_trigger_ent" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>
|
|||
|
<script type="text/javascript">
|
|||
|
Calendar.setup({
|
|||
|
inputField : "toentdate", // id of the input field
|
|||
|
ifFormat : "%Y-%m-%d", // format of the input field
|
|||
|
button : "t_trigger_ent", // trigger for the calendar (button ID)
|
|||
|
align : "Br", // alignment
|
|||
|
timeFormat : "24",
|
|||
|
showsTime : true,
|
|||
|
singleClick : true
|
|||
|
});
|
|||
|
</script></td>
|
|||
|
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:2px;">{$lang['user_banned']}</td>
|
|||
|
<td><input type="checkbox" name="search_banned" id="search_banned" value="yes" $ifch></td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_newsnum']}</td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_fdate']}</td>
|
|||
|
<td><input class="edit" type="text" name="search_news_f" id="search_news_f" size="8" maxlength="7" value="{$search_news_f}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_newsnum]}', this, event, '300px')">[?]</a></td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_tdate']}</td>
|
|||
|
<td><input class="edit" type="text" name="search_news_t" id="search_news_t" size="8" maxlength="7" value="{$search_news_t}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_newsnum]}', this, event, '300px')">[?]</a></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:2px;">{$lang['user_acc']}</td>
|
|||
|
<td><select name="search_reglevel" id="search_reglevel">
|
|||
|
<option selected value="0">{$lang['edit_all']}</option>
|
|||
|
{$group_list}
|
|||
|
</select>
|
|||
|
</td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_comsnum']}</td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_fdate']}</td>
|
|||
|
<td><input class="edit" type="text" name="search_coms_f" id="search_coms_f" size="8" maxlength="7" value="{$search_coms_f}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_comsnum]}', this, event, '300px')">[?]</a></td>
|
|||
|
<td style="padding-left:5px;">{$lang['edit_tdate']}</td>
|
|||
|
<td><input class="edit" type="text" name="search_coms_t" id="search_coms_t" size="8" maxlength="7" value="{$search_coms_t}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_comsnum]}', this, event, '300px')">[?]</a></td>
|
|||
|
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td colspan="7"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td colspan="7" style="padding-left:5px;">{$lang['user_order']}</td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:5px;">{$lang['user_name']}</td>
|
|||
|
<td style="padding:5px;">{$lang['user_reg']}</td>
|
|||
|
<td style="padding:5px;">{$lang['user_last']}</td>
|
|||
|
<td style="padding:5px;" colspan="2">{$lang['user_news']}</td>
|
|||
|
<td style="padding:5px;" colspan="2">{$lang['user_coms']}</td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding-left:2px;"><select name="search_order_u" id="search_order_u">
|
|||
|
<option {$search_order_user['----']} value="">{$lang['user_order_no']}</option>
|
|||
|
<option {$search_order_user['asc']} value="asc">{$lang['user_order_plus']}</option>
|
|||
|
<option {$search_order_user['desc']} value="desc">{$lang['user_order_minus']}</option>
|
|||
|
</select>
|
|||
|
</td>
|
|||
|
<td style="padding-left:2px;"><select name="search_order_r" id="search_order_r">
|
|||
|
<option {$search_order_reg['----']} value="">{$lang['user_order_no']}</option>
|
|||
|
<option {$search_order_reg['asc']} value="asc">{$lang['user_order_plus']}</option>
|
|||
|
<option {$search_order_reg['desc']} value="desc">{$lang['user_order_minus']}</option>
|
|||
|
</select>
|
|||
|
</td>
|
|||
|
<td style="padding-left:2px;"><select name="search_order_l" id="search_order_l">
|
|||
|
<option {$search_order_last['----']} value="">{$lang['user_order_no']}</option>
|
|||
|
<option {$search_order_last['asc']} value="asc">{$lang['user_order_plus']}</option>
|
|||
|
<option {$search_order_last['desc']} value="desc">{$lang['user_order_minus']}</option>
|
|||
|
</select>
|
|||
|
</td>
|
|||
|
<td style="padding-left:2px;" colspan="2"><select name="search_order_n" id="search_order_n">
|
|||
|
<option {$search_order_news['----']} value="">{$lang['user_order_no']}</option>
|
|||
|
<option {$search_order_news['asc']} value="asc">{$lang['user_order_plus']}</option>
|
|||
|
<option {$search_order_news['desc']} value="desc">{$lang['user_order_minus']}</option>
|
|||
|
</select>
|
|||
|
</td>
|
|||
|
<td style="padding-left:2px;" colspan="2"><select name="search_order_c" id="search_order_c">
|
|||
|
<option {$search_order_coms['----']} value="">{$lang['user_order_no']}</option>
|
|||
|
<option {$search_order_coms['asc']} value="asc">{$lang['user_order_plus']}</option>
|
|||
|
<option {$search_order_coms['desc']} value="desc">{$lang['user_order_minus']}</option>
|
|||
|
</select>
|
|||
|
</td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td colspan="7"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td> </td>
|
|||
|
<td style="padding-top:10px;"><input type="submit" class="buttons" value="{$lang['b_find']}" style="width:100px;">
|
|||
|
<td style="padding-top:10px;"><input type="button" class="buttons" value="{$lang['user_breset']}" onclick="javascript:clearform(document.searchform); return false;" style="width:100px;">
|
|||
|
<td colspan="4" style="padding-top:10px;"><input type="reset" class="buttons" value="{$lang['user_brestore']}" style="width:100px;">
|
|||
|
<input type="hidden" name="action" id="action" value="list">
|
|||
|
<input type="hidden" name="search" id="search" value="search">
|
|||
|
<input type="hidden" name="start_from" id="start_from" value="{$start_from}">
|
|||
|
<input type="hidden" name="mod" id="mod" value="editusers"></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
</td>
|
|||
|
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
|
|||
|
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
|
|||
|
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
</div></form>
|
|||
|
HTML;
|
|||
|
|
|||
|
$where = array ();
|
|||
|
|
|||
|
if( ! empty( $search ) ) {
|
|||
|
$where[] = "name like '$search_name%'";
|
|||
|
}
|
|||
|
if( ! empty( $search_mail ) ) {
|
|||
|
$where[] = "email='$search_mail'";
|
|||
|
}
|
|||
|
if( ! empty( $search_banned ) ) {
|
|||
|
$search_banned = $db->safesql( $search_banned );
|
|||
|
$where[] = "banned='$search_banned'";
|
|||
|
}
|
|||
|
if( ! empty( $fromregdate ) ) {
|
|||
|
$where[] = "reg_date>='" . strtotime( $fromregdate ) . "'";
|
|||
|
}
|
|||
|
if( ! empty( $toregdate ) ) {
|
|||
|
$where[] = "reg_date<='" . strtotime( $toregdate ) . "'";
|
|||
|
}
|
|||
|
if( ! empty( $fromentdate ) ) {
|
|||
|
$where[] = "lastdate>='" . strtotime( $fromentdate ) . "'";
|
|||
|
}
|
|||
|
if( ! empty( $toentdate ) ) {
|
|||
|
$where[] = "lastdate<='" . strtotime( $toentdate ) . "'";
|
|||
|
}
|
|||
|
if( ! empty( $search_news_f ) ) {
|
|||
|
$search_news_f = intval( $search_news_f );
|
|||
|
$where[] = "news_num>='$search_news_f'";
|
|||
|
}
|
|||
|
if( ! empty( $search_news_t ) ) {
|
|||
|
$search_news_t = intval( $search_news_t );
|
|||
|
$where[] = "news_num<'$search_news_t'";
|
|||
|
}
|
|||
|
if( ! empty( $search_coms_f ) ) {
|
|||
|
$search_coms_f = intval( $search_coms_f );
|
|||
|
$where[] = "comm_num>='$search_coms_f'";
|
|||
|
}
|
|||
|
if( ! empty( $search_coms_t ) ) {
|
|||
|
$search_coms_t = intval( $search_coms_t );
|
|||
|
$where[] = "comm_num<'$search_coms_t'";
|
|||
|
}
|
|||
|
if( $search_reglevel ) {
|
|||
|
$search_reglevel = intval( $search_reglevel );
|
|||
|
$where[] = "user_group='$search_reglevel'";
|
|||
|
}
|
|||
|
|
|||
|
$where = implode( " AND ", $where );
|
|||
|
if( ! $where ) $where = "user_group < '4'";
|
|||
|
|
|||
|
$order_by = array ();
|
|||
|
|
|||
|
if( ! empty( $search_order_u ) ) {
|
|||
|
$order_by[] = "name $search_order_u";
|
|||
|
}
|
|||
|
if( ! empty( $search_order_r ) ) {
|
|||
|
$order_by[] = "reg_date $search_order_r";
|
|||
|
}
|
|||
|
if( ! empty( $search_order_l ) ) {
|
|||
|
$order_by[] = "lastdate $search_order_l";
|
|||
|
}
|
|||
|
if( ! empty( $search_order_n ) ) {
|
|||
|
$order_by[] = "news_num $search_order_n";
|
|||
|
}
|
|||
|
if( ! empty( $search_order_c ) ) {
|
|||
|
$order_by[] = "comm_num $search_order_c";
|
|||
|
}
|
|||
|
|
|||
|
$order_by = implode( ", ", $order_by );
|
|||
|
if( ! $order_by ) $order_by = "reg_date asc";
|
|||
|
|
|||
|
// ------ <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD>
|
|||
|
$query_count = "SELECT COUNT(*) as count FROM " . USERPREFIX . "_users WHERE $where";
|
|||
|
$result_count = $db->super_query( $query_count );
|
|||
|
$all_count_news = $result_count['count'];
|
|||
|
|
|||
|
echo <<<HTML
|
|||
|
<script language="javascript" type="text/javascript">
|
|||
|
<!--
|
|||
|
function cdelete(id){
|
|||
|
var agree=confirm("{$lang['comm_alldelconfirm']}");
|
|||
|
if (agree)
|
|||
|
document.location='?mod=editusers&action=dodelcomments&user_hash={$dle_login_hash}&id=' + id + '';
|
|||
|
}
|
|||
|
function MenuBuild( m_id ){
|
|||
|
|
|||
|
var menu=new Array()
|
|||
|
|
|||
|
menu[0]='<a href="{$config['http_home_url']}index.php?do=lastcomments&userid=' + m_id + '" target="_blank">{$lang['comm_view']}</a>';
|
|||
|
menu[1]='<a onClick="javascript:cdelete(' + m_id + '); return(false)" href="?mod=editusers&action=dodelcomments&user_hash={$dle_login_hash}&id=' + m_id + '" >{$lang['comm_del']}</a>';
|
|||
|
|
|||
|
return menu;
|
|||
|
}
|
|||
|
|
|||
|
function ckeck_uncheck_all() {
|
|||
|
var frm = document.editusers;
|
|||
|
for (var i=0;i<frm.elements.length;i++) {
|
|||
|
var elmnt = frm.elements[i];
|
|||
|
if (elmnt.type=='checkbox') {
|
|||
|
if(frm.master_box.checked == true){ elmnt.checked=false; }
|
|||
|
else{ elmnt.checked=true; }
|
|||
|
}
|
|||
|
}
|
|||
|
if(frm.master_box.checked == true){ frm.master_box.checked = false; }
|
|||
|
else{ frm.master_box.checked = true; }
|
|||
|
}
|
|||
|
|
|||
|
//-->
|
|||
|
</script>
|
|||
|
<form action="" method="post" name="editusers">
|
|||
|
<div style="padding-top:5px;padding-bottom:2px;">
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
|
|||
|
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
|
|||
|
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
|
|||
|
<td style="padding:5px;" bgcolor="#FFFFFF">
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['user_list']} ({$all_count_news})</div></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
<div class="unterline"></div>
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td style="padding:2px;">{$lang['user_name']}</td>
|
|||
|
<td width="120">{$lang['user_reg']}</td>
|
|||
|
<td width="2"> </td>
|
|||
|
<td width="120">{$lang['user_last']}</td>
|
|||
|
<td width="2"> </td>
|
|||
|
<td width="90">{$lang['user_news']}</td>
|
|||
|
<td width="90">{$lang['user_coms']}</td>
|
|||
|
<td width="112" align="center">{$lang['user_acc']}</td>
|
|||
|
<td width="103">{$lang['user_action']}</td>
|
|||
|
<td width="10"><input type="checkbox" name="master_box" title="{$lang['edit_selall']}" onclick="javascript:ckeck_uncheck_all()"></td>
|
|||
|
</tr>
|
|||
|
<tr><td colspan="10"><div class="hr_line"></div></td></tr>
|
|||
|
HTML;
|
|||
|
|
|||
|
$news_per_page = 50;
|
|||
|
$start_from = intval( $start_from );
|
|||
|
$i = $start_from;
|
|||
|
|
|||
|
// ------ <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD>
|
|||
|
$db->query( "SELECT user_id, name, user_group, reg_date, lastdate, news_num, comm_num, banned, r_freeze FROM " . USERPREFIX . "_users WHERE {$where} ORDER BY {$order_by} LIMIT {$start_from},{$news_per_page}" );
|
|||
|
|
|||
|
while ( $row = $db->get_row() ) {
|
|||
|
$i ++;
|
|||
|
|
|||
|
$last_login = langdate( 'd/m/Y - H:i', $row['lastdate'] );
|
|||
|
$user_name = "<a href=\"{$config['http_home_url']}index.php?subaction=userinfo&user=" . urlencode( $row['name'] ) . "\" target=\"_blank\">" . $row[name] . "</a>";
|
|||
|
if( $row[news_num] == 0 ) {
|
|||
|
$news_link = "$row[news_num]";
|
|||
|
} else {
|
|||
|
$news_link = "[<a href=\"{$config['http_home_url']}index.php?subaction=allnews&user=" . urlencode( $row['name'] ) . "\" target=\"_blank\">" . $row[news_num] . "</a>]";
|
|||
|
}
|
|||
|
if( $row[comm_num] == 0 ) {
|
|||
|
$comms_link = $row['comm_num'];
|
|||
|
} else {
|
|||
|
$comms_link = "[<a onClick=\"return dropdownmenu(this, event, MenuBuild('" . $row['user_id'] . "'), '150px')\" href=\"#\" >" . $row[comm_num] . "</a>]";
|
|||
|
}
|
|||
|
$user_delete = "[<a class=maintitle onClick=\"javascript:confirmdelete('" . $row[user_id] . "', '" . $row[name] . "'); return(false)\" href=\"" . $PHP_SELF . "?mod=editusers&user_hash={$dle_login_hash}&action=dodeleteuser&id=" . $row[user_id] . "&user=" . $row[name] . "\">" . $lang[user_del] . "</a>]";
|
|||
|
|
|||
|
if( $row['banned'] == 'yes' ) $user_level = "<font color=\"red\">" . $lang['user_ban'] . "</font>";
|
|||
|
else $user_level = $user_group[$row['user_group']]['group_name'];
|
|||
|
|
|||
|
if( $row['user_group'] == 1 ) $user_delete = "";
|
|||
|
|
|||
|
echo "<tr>
|
|||
|
<td width=130 height=22>
|
|||
|
$user_name</td>
|
|||
|
<td width=120 nowrap='nowrap'>";
|
|||
|
echo (langdate( "d/m/Y - H:i", $row['reg_date'] ));
|
|||
|
echo "</td><td width=2> </td>
|
|||
|
<td width=120 nowrap='nowrap'>
|
|||
|
$last_login</td><td width=2> </td>
|
|||
|
<td width=90 align=\"center\">
|
|||
|
$news_link</td>
|
|||
|
<td width=90 align=\"center\">
|
|||
|
$comms_link</td>
|
|||
|
<td width=112 align=\"center\">
|
|||
|
$user_level</td>
|
|||
|
<td width=133 title='' class='list' nowrap='nowrap'><nobr>
|
|||
|
[<a class=maintitle onClick=\"javascript:popupedit('$row[user_id]'); return(false)\" href=#>$lang[user_edit]</a>] $user_delete [<a class=maintitle href=\"{$config['http_home_url']}index.php?do=feedback&user=$row[user_id]\" target=\"_blank\">$lang[bb_b_mail]</a>] [<a class=maintitle href=\"{$config['http_home_url']}index.php?do=pm&doaction=newpm&user=$row[user_id]\" target=\"_blank\">$lang[nl_pm]</a>]
|
|||
|
</nobr></td><td width=\"10\"><input name=\"selected_users[]\" value=\"{$row['user_id']}\" type='checkbox'></td>
|
|||
|
</tr><tr><td background=\"system/skins/images/mline.gif\" height=1 colspan=10></td></tr>";
|
|||
|
}
|
|||
|
$db->free();
|
|||
|
|
|||
|
$npp_nav = "";
|
|||
|
|
|||
|
if( $start_from > 0 ) {
|
|||
|
$previous = $start_from - $news_per_page;
|
|||
|
$npp_nav .= "<a onClick=\"javascript:list_submit($previous); return(false)\" href=#><< $lang[edit_prev]</a>";
|
|||
|
}
|
|||
|
|
|||
|
// pagination
|
|||
|
|
|||
|
|
|||
|
if( $all_count_news > $news_per_page ) {
|
|||
|
$npp_nav .= " [ ";
|
|||
|
$enpages_count = @ceil( $all_count_news / $news_per_page );
|
|||
|
$enpages_start_from = 0;
|
|||
|
$enpages = "";
|
|||
|
for($j = 1; $j <= $enpages_count; $j ++) {
|
|||
|
if( $enpages_start_from != $start_from ) {
|
|||
|
$enpages .= "<a class=maintitle onClick=\"javascript:list_submit($enpages_start_from); return(false)\" href=#>$j</a> ";
|
|||
|
} else {
|
|||
|
$enpages .= "<span class=navigation> $j </span>";
|
|||
|
}
|
|||
|
$enpages_start_from += $news_per_page;
|
|||
|
}
|
|||
|
$npp_nav .= $enpages;
|
|||
|
$npp_nav .= " ] ";
|
|||
|
}
|
|||
|
|
|||
|
// pagination
|
|||
|
|
|||
|
|
|||
|
if( $all_count_news > $i ) {
|
|||
|
$how_next = $all_count_news - $i;
|
|||
|
if( $how_next > $news_per_page ) {
|
|||
|
$how_next = $news_per_page;
|
|||
|
}
|
|||
|
$npp_nav .= "<a onClick=\"javascript:list_submit($i); return(false)\" href=#>$lang[edit_next] $how_next >></a>";
|
|||
|
}
|
|||
|
|
|||
|
echo <<<HTML
|
|||
|
<tr><td colspan="10">{$npp_nav}</td></tr>
|
|||
|
<tr><td colspan="10" align="right" valign="top">
|
|||
|
<div style="margin-bottom:5px; margin-top:5px;">
|
|||
|
<select name=action>
|
|||
|
<option value="">{$lang['edit_selact']}</option>
|
|||
|
<option value="mass_move_to_group">{$lang['massusers_group']}</option>
|
|||
|
<option value="mass_move_to_ban">{$lang['massusers_banned']}</option>
|
|||
|
<option value="mass_delete_comments">{$lang['massusers_comments']}</option>
|
|||
|
<option value="mass_delete">{$lang['massusers_delete']}</option>
|
|||
|
</select>
|
|||
|
<input type=hidden name=mod value="mass_user_actions">
|
|||
|
<input type="hidden" name="user_hash" value="$dle_login_hash" />
|
|||
|
<input class="edit" type="submit" value="{$lang['b_start']}">
|
|||
|
</div></td></tr>
|
|||
|
</table>
|
|||
|
</td>
|
|||
|
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
|
|||
|
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
|
|||
|
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
</div></form>
|
|||
|
HTML;
|
|||
|
|
|||
|
echofooter();
|
|||
|
}
|
|||
|
// ********************************************************************************
|
|||
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
// ********************************************************************************
|
|||
|
elseif( $action == "adduser" ) {
|
|||
|
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {die( "Hacking attempt! User not found" );}
|
|||
|
|
|||
|
if( ! $_POST['regusername'] ) {msg( "error", $lang['user_err'], $lang['user_err_1'], "javascript:history.go(-1)" );}
|
|||
|
|
|||
|
if( preg_match( "/[\||\'|\<|\>|\"|\!|\$|\@|\&\~\*\+]/", $_POST['regusername'] ) ) msg( "error", $lang['user_err'], $lang['user_err_1'], "javascript:history.go(-1)" );
|
|||
|
|
|||
|
if( ! $_POST['regpassword'] ) {msg( "error", $lang['user_err'], $lang['user_err_2'], "javascript:history.go(-1)" );}
|
|||
|
if( empty( $_POST['regemail'] ) OR @count(explode("@", $_POST['regemail'])) != 2) {msg( "error", $lang['user_err_1'], $lang['user_err_1'], "javascript:history.go(-1)" );}
|
|||
|
|
|||
|
$not_allow_symbol = array ("\x22", "\x60", "\t", '\n', '\r', "\n", "\r", '\\', ",", "/", "<EFBFBD>", "#", ";", ":", "~", "[", "]", "{", "}", ")", "(", "*", "^", "%", "$", "<", ">", "?", "!", '"', "'", " " );
|
|||
|
$regemail = $db->safesql(trim( str_replace( $not_allow_symbol, '', strip_tags( stripslashes( $_POST['regemail'] ) ) ) ) );
|
|||
|
|
|||
|
$row = $db->super_query( "SELECT name, email FROM " . USERPREFIX . "_users WHERE name = '$regusername' OR email = '$regemail'" );
|
|||
|
|
|||
|
if( $row['name'] ) {msg( "error", $lang['user_err'], $lang['user_err_3'], "javascript:history.go(-1)" );}
|
|||
|
if( $row['email'] ) {msg( "error", $lang['user_err'], $lang['user_err_4'], "javascript:history.go(-1)" );}
|
|||
|
|
|||
|
$add_time = time() + ($config['date_adjust'] * 60);
|
|||
|
$regpassword = md5( md5( $_POST['regpassword'] ) );
|
|||
|
|
|||
|
$reglevel = intval( $_POST['reglevel'] );
|
|||
|
|
|||
|
if ( $member_id['user_group'] != 1 AND $reglevel < 2 ) $reglevel = 4;
|
|||
|
|
|||
|
$db->query( "INSERT INTO " . USERPREFIX . "_users (name, password, email, user_group, reg_date, lastdate, info, signature, favorites) values ('$regusername', '$regpassword', '$regemail', '$reglevel', '$add_time', '$add_time','','','')" );
|
|||
|
|
|||
|
msg( "info", $lang['user_addok'], "$lang[user_ok] <b>$regusername</b> $lang[user_ok_1] <b>{$user_group[$reglevel]['group_name']}</b>", "$PHP_SELF?mod=editusers&action=list" );
|
|||
|
}
|
|||
|
// ********************************************************************************
|
|||
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
// ********************************************************************************
|
|||
|
elseif( $action == "edituser" ) {
|
|||
|
|
|||
|
if( isset( $_REQUEST['user'] ) ) {
|
|||
|
$user = $db->safesql( strip_tags( urldecode( $_GET['user'] ) ) );
|
|||
|
|
|||
|
if( $user != "" ) {
|
|||
|
$row = $db->super_query( "SELECT user_id FROM " . USERPREFIX . "_users WHERE name = '$user'" );
|
|||
|
if( ! $row['user_id'] ) die( "User not found" );
|
|||
|
header( "Location: ?mod=editusers&action=edituser&id=" . $row['user_id'] );
|
|||
|
die( "User not found" );
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
$row = $db->super_query( "SELECT " . USERPREFIX . "_users.*, " . USERPREFIX . "_banned.days, " . USERPREFIX . "_banned.descr, " . USERPREFIX . "_banned.date as banned_date FROM " . USERPREFIX . "_users LEFT JOIN " . USERPREFIX . "_banned ON " . USERPREFIX . "_users.user_id=" . USERPREFIX . "_banned.users_id WHERE user_id = '$id'" );
|
|||
|
|
|||
|
if( ! $row['user_id'] ) die( "User not found" );
|
|||
|
|
|||
|
if ($row['user_id'] != 1) $delete_link = "<input onClick=\"confirmDelete('$PHP_SELF?mod=editusers&action=dodeleteuser&popup=yes&id={$id}&user_hash={$dle_login_hash}')\" type=\"button\" class=\"buttons\" value=\"{$lang['edit_dnews']}\" style=\"width:100px;\">"; else $delete_link = "";
|
|||
|
|
|||
|
if ($member_id['user_group'] != 1 AND $row['user_group'] == 1 )
|
|||
|
die( $lang['edit_not_admin'] );
|
|||
|
|
|||
|
include_once SYSTEM_DIR . '/classes/parse.class.php';
|
|||
|
|
|||
|
$parse = new ParseFilter( );
|
|||
|
|
|||
|
$row['fullname'] = $parse->decodeBBCodes( $row['fullname'], false );
|
|||
|
$row['icq'] = $parse->decodeBBCodes( $row['icq'], false );
|
|||
|
$row['skype'] = $parse->decodeBBCodes( $row['skype'], false );
|
|||
|
$row['land'] = $parse->decodeBBCodes( $row['land'], false );
|
|||
|
$row['info'] = $parse->decodeBBCodes( $row['info'], false );
|
|||
|
$row['signature'] = $parse->decodeBBCodes( $row['signature'], false );
|
|||
|
$row['descr'] = $parse->decodeBBCodes( $row['descr'], false );
|
|||
|
$row['status'] = $parse->decodeBBCodes( $row['status'], false );
|
|||
|
|
|||
|
echo <<<HTML
|
|||
|
<html>
|
|||
|
<head>
|
|||
|
<meta content="text/html; charset={$config['charset']}" http-equiv="content-type" />
|
|||
|
<title>{$lang['user_edhead']}</title>
|
|||
|
<style type="text/css">
|
|||
|
html,body{
|
|||
|
height:100%;
|
|||
|
margin:0px;
|
|||
|
padding: 0px;
|
|||
|
background: #F4F3EE;
|
|||
|
}
|
|||
|
input,
|
|||
|
select,
|
|||
|
textarea {
|
|||
|
outline:none;
|
|||
|
}
|
|||
|
form {
|
|||
|
margin:0px;
|
|||
|
padding: 0px;
|
|||
|
}
|
|||
|
|
|||
|
table{
|
|||
|
border:0px;
|
|||
|
border-collapse:collapse;
|
|||
|
}
|
|||
|
|
|||
|
table td{
|
|||
|
padding:0px;
|
|||
|
font-size: 11px;
|
|||
|
font-family: verdana;
|
|||
|
}
|
|||
|
|
|||
|
a:active,
|
|||
|
a:visited,
|
|||
|
a:link {
|
|||
|
color: #4b719e;
|
|||
|
text-decoration:none;
|
|||
|
}
|
|||
|
|
|||
|
a:hover {
|
|||
|
color: #4b719e;
|
|||
|
text-decoration: underline;
|
|||
|
}
|
|||
|
|
|||
|
.navigation {
|
|||
|
color: #999898;
|
|||
|
font-size: 11px;
|
|||
|
font-family: tahoma;
|
|||
|
}
|
|||
|
.unterline {
|
|||
|
background: url(system/skins/images/line_bg.gif);
|
|||
|
width: 100%;
|
|||
|
height: 9px;
|
|||
|
font-size: 3px;
|
|||
|
font-family: tahoma;
|
|||
|
margin-bottom: 4px;
|
|||
|
}
|
|||
|
.hr_line {
|
|||
|
background: url(system/skins/images/line.gif);
|
|||
|
width: 100%;
|
|||
|
height: 7px;
|
|||
|
font-size: 3px;
|
|||
|
font-family: tahoma;
|
|||
|
margin-top: 4px;
|
|||
|
margin-bottom: 4px;
|
|||
|
}
|
|||
|
.edit {
|
|||
|
border:1px solid #9E9E9E;
|
|||
|
color: #000000;
|
|||
|
font-size: 11px;
|
|||
|
font-family: Verdana; BACKGROUND-COLOR: #ffffff
|
|||
|
}
|
|||
|
.buttons {
|
|||
|
background: #FFF;
|
|||
|
border: 1px solid #9E9E9E;
|
|||
|
color: #666666;
|
|||
|
font-family: Verdana, Tahoma, helvetica, sans-serif;
|
|||
|
padding: 0px;
|
|||
|
vertical-align: absmiddle;
|
|||
|
font-size: 11px;
|
|||
|
height: 21px;
|
|||
|
}
|
|||
|
select {
|
|||
|
color: #000000;
|
|||
|
font-size: 11px;
|
|||
|
font-family: Verdana;
|
|||
|
border:1px solid #9E9E9E;
|
|||
|
}
|
|||
|
|
|||
|
textarea {
|
|||
|
border: #9E9E9E 1px solid;
|
|||
|
color: #000000;
|
|||
|
font-size: 11px;
|
|||
|
font-family: Verdana;
|
|||
|
background-color: #ffffff
|
|||
|
}
|
|||
|
#hintbox{ /*CSS for pop up hint box */
|
|||
|
position:absolute;
|
|||
|
top: 0;
|
|||
|
background-color: lightyellow;
|
|||
|
width: 150px; /*Default width of hint.*/
|
|||
|
padding: 3px;
|
|||
|
border:1px solid #787878;
|
|||
|
font:normal 11px Verdana;
|
|||
|
line-height:18px;
|
|||
|
z-index:100;
|
|||
|
border-right: 2px solid #787878;
|
|||
|
border-bottom: 2px solid #787878;
|
|||
|
visibility: hidden;
|
|||
|
}
|
|||
|
|
|||
|
.xprofile textarea {
|
|||
|
width:100%; height:90px; font-family:verdana; font-size:11px; border:1px solid #9E9E9E;
|
|||
|
}
|
|||
|
.xprofile input {
|
|||
|
width:250px; height:18px; font-family:verdana; font-size:11px; border:1px solid #9E9E9E;
|
|||
|
}
|
|||
|
|
|||
|
.hintanchor{
|
|||
|
padding-left: 8px;
|
|||
|
}
|
|||
|
</style>
|
|||
|
<!-- calendar stylesheet -->
|
|||
|
<link rel="stylesheet" type="text/css" media="all" href="system/skins/calendar-blue.css" title="win2k-cold-1" />
|
|||
|
|
|||
|
<!-- main calendar program -->
|
|||
|
<script type="text/javascript" src="system/skins/calendar.js"></script>
|
|||
|
|
|||
|
<script type="text/javascript" src="system/skins/default.js"></script>
|
|||
|
</head>
|
|||
|
<body>
|
|||
|
<script language="javascript" type="text/javascript">
|
|||
|
<!--
|
|||
|
|
|||
|
function confirmDelete(url){
|
|||
|
var agree=confirm("{$lang['user_deluser']}");
|
|||
|
|
|||
|
if (agree) {
|
|||
|
document.location=url;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
//-->
|
|||
|
</script>
|
|||
|
<table align="center" width="97%">
|
|||
|
<tr>
|
|||
|
<td width="4" height="16"><img src="system/skins/images/tb_left.gif" width="4" height="16" border="0" /></td>
|
|||
|
<td background="system/skins/images/tb_top.gif"><img src="system/skins/images/tb_top.gif" width="1" height="16" border="0" /></td>
|
|||
|
<td width="4"><img src="system/skins/images/tb_right.gif" width="3" height="16" border="0" /></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td width="4" background="system/skins/images/tb_lt.gif"><img src="system/skins/images/tb_lt.gif" width="4" height="1" border="0" /></td>
|
|||
|
<td valign="top" style="padding-top:8px; padding-left:8px; padding-right:8px;" bgcolor="#FFFFFF">
|
|||
|
HTML;
|
|||
|
|
|||
|
$last_date = langdate( "j F Y - H:i", $row['lastdate'] );
|
|||
|
$reg_date = langdate( "j F Y - H:i", $row['reg_date'] );
|
|||
|
|
|||
|
if( $row['foto'] ) {
|
|||
|
$avatar = $config['http_home_url'] . "uploads/fotos/" . $row['foto'];
|
|||
|
} else {
|
|||
|
$avatar = 'http://gravatar.com/avatar/' . md5( stripslashes( $row['email'] ) ) . "?s=100&r=g&d=" . $config['http_home_url'] . 'templates/' . $config['skin'] . '/images/noavatar.png';
|
|||
|
}
|
|||
|
|
|||
|
echo <<<HTML
|
|||
|
<form action="" method="post" enctype="multipart/form-data">
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$row['name']}</div></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
<div class="unterline"></div>
|
|||
|
<table width="100%">
|
|||
|
<tr>
|
|||
|
<td width="150" style="padding:4px;">IP:</td>
|
|||
|
<td><a href="#" onclick="window.opener.document.location='?mod=iptools&ip={$row['logged_ip']}'; return false;">{$row['logged_ip']}</a></td>
|
|||
|
<td rowspan="5" valign="top" align="right"><img src="{$avatar}" border="0" /></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_news']}</td>
|
|||
|
<td>{$row['news_num']}</td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_last']}</td>
|
|||
|
<td>{$last_date}</td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_reg']}</td>
|
|||
|
<td>{$reg_date}</td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_mail']}</td>
|
|||
|
<td><input size="20" class="edit" name="editmail" value="{$row['email']}" /></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td colspan="3"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_newlogin']}</td>
|
|||
|
<td colspan="2"><input size="20" name="editlogin" class="edit"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_newpass']}</td>
|
|||
|
<td colspan="2"><input size="20" name="editpass" class="edit"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td colspan="3"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;"><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD></td>
|
|||
|
<td><input size="20" class="edit" name="editstatus" value="{$row['status']}" /></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_acc']}</td>
|
|||
|
<td colspan="2"><select name="editlevel">
|
|||
|
HTML;
|
|||
|
|
|||
|
echo get_groups( $row[user_group] );
|
|||
|
|
|||
|
if($row['r_freeze'] == "yes") $ifcb = "checked";
|
|||
|
|
|||
|
if( $row['banned'] == "yes" ) $ifch = "checked";
|
|||
|
$row['days'] = intval( $row['days'] );
|
|||
|
|
|||
|
if( $row['banned'] == "yes" and $row['days'] ) $endban = $lang['ban_edate'] . " " . langdate( "j M Y H:i", $row['banned_date'] );
|
|||
|
else $endban = "";
|
|||
|
|
|||
|
$restricted_selected = array (0 => '', 1 => '', 2 => '', 3 => '' );
|
|||
|
$restricted_selected[$row['restricted']] = 'selected';
|
|||
|
|
|||
|
if( $row['restricted'] and $row['restricted_days'] ) $end_restricted = $lang['edit_tdate'] . " " . langdate( "j M Y H:i", $row['restricted_date'] );
|
|||
|
else $end_restricted = "";
|
|||
|
|
|||
|
if( $row['restricted'] ) $lang['restricted_none'] = $lang['restricted_clear'];
|
|||
|
|
|||
|
echo <<<HTML
|
|||
|
</select></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td colspan="3"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_banned']}</td>
|
|||
|
<td colspan="2"><input type="checkbox" name="banned" value="yes" $ifch><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_banned]}', this, event, '250px')">[?]</a></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['ban_date']}</td>
|
|||
|
<td colspan="2"><input size="5" name="banned_date" class="edit" value="{$row['days']}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_bandescr]}', this, event, '250px')">[?]</a> {$endban}</td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['ban_descr']}</td>
|
|||
|
<td colspan="2"><textarea style="width:100%; height:60px;" name="banned_descr">{$row['descr']}</textarea></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td colspan="3"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['restricted']}</td>
|
|||
|
<td colspan="2"><select name="restricted"><option value="0" $restricted_selected[0]>{$lang['restricted_none']}</option>
|
|||
|
<option value="1" $restricted_selected[1]>{$lang['restricted_news']}</option>
|
|||
|
<option value="2" $restricted_selected[2]>{$lang['restricted_comm']}</option>
|
|||
|
<option value="3" $restricted_selected[3]>{$lang['restricted_all']}</option>
|
|||
|
</select></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['restricted_date']}</td>
|
|||
|
<td colspan="2"><input size="5" name="restricted_days" class="edit" value="{$row['restricted_days']}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_restricted]}', this, event, '250px')">[?]</a> {$end_restricted}</td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td colspan="3"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_del_comments']}</td>
|
|||
|
<td colspan="2"><input type="checkbox" name="del_comments" value="yes" /></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td colspan="3"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['opt_fullname']}</td>
|
|||
|
<td colspan="2"><input size="20" name="editfullname" value="{$row['fullname']}" class="edit"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['opt_icq']}</td>
|
|||
|
<td colspan="2"><input size="20" name="editicq" value="{$row['icq']}" class="edit"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;"><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> Skype:</td>
|
|||
|
<td colspan="2"><input size="20" name="editskype" value="{$row['skype']}" class="edit"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['opt_land']}</td>
|
|||
|
<td colspan="2"><input size="20" name="editland" value="{$row['land']}" class="edit"></td>
|
|||
|
</tr>
|
|||
|
|
|||
|
<tr>
|
|||
|
<td colspan="3"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['repa_value']}</td>
|
|||
|
<td colspan="2"><input size="20" name="editrepa" value="{$row['repa']}" class="edit"></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['repa_do_freeze']}</td>
|
|||
|
<td colspan="2"><input type="checkbox" name="r_freeze" value="yes" $ifcb><a href="#" class="hintanchor" onMouseover="showhint('{$lang[freeze_info]}', this, event, '250px')">[?]</a></td>
|
|||
|
</tr>
|
|||
|
|
|||
|
<tr>
|
|||
|
<td colspan="3"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_avatar']}</td>
|
|||
|
<td colspan="2"><input type="file" name="image" style="width:304px;" class="edit" /></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['user_del_avatar']}</td>
|
|||
|
<td colspan="2"><input type="checkbox" name="del_foto" value="yes" /></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td colspan="3"><div class="hr_line"></div></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['extra_minfo']}</td>
|
|||
|
<td colspan="2" style="padding-bottom:4px;"><textarea style="width:100%; height:70px;" name="editinfo">{$row['info']}</textarea></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td style="padding:4px;">{$lang['extra_signature']}</td>
|
|||
|
<td colspan="2"><textarea style="width:100%; height:70px;" name="editsignature">{$row['signature']}</textarea></td>
|
|||
|
</tr>
|
|||
|
{$output}
|
|||
|
<tr>
|
|||
|
<td colspan="3" style="padding-top:10px;padding-bottom:10px;"><input type="submit" value="{$lang['user_save']}" class="buttons" style="width:100px;" /> <input type="button" value="{$lang['user_can']}" onClick="window.close();" class="buttons" style="width:100px;" /> {$delete_link}
|
|||
|
<input type="hidden" name="id" value="{$id}">
|
|||
|
<input type="hidden" name="mod" value="editusers">
|
|||
|
<input type="hidden" name="user_hash" value="$dle_login_hash">
|
|||
|
<input type="hidden" name="action" value="doedituser">
|
|||
|
<input type="hidden" name="prev_restricted" value="{$row['restricted_days']}"></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
</form>
|
|||
|
HTML;
|
|||
|
|
|||
|
echo <<<HTML
|
|||
|
</td>
|
|||
|
<td width="4" background="system/skins/images/tb_rt.gif"><img src="system/skins/images/tb_rt.gif" width="4" height="1" border="0" /></td>
|
|||
|
</tr>
|
|||
|
<tr>
|
|||
|
<td height="16" background="system/skins/images/tb_lb.gif"></td>
|
|||
|
<td background="system/skins/images/tb_tb.gif"></td>
|
|||
|
<td background="system/skins/images/tb_rb.gif"></td>
|
|||
|
</tr>
|
|||
|
</table>
|
|||
|
</body>
|
|||
|
|
|||
|
</html>
|
|||
|
HTML;
|
|||
|
|
|||
|
}
|
|||
|
// ********************************************************************************
|
|||
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
// ********************************************************************************
|
|||
|
elseif( $action == "doedituser" ) {
|
|||
|
|
|||
|
if( ! $id ) {die( $lang['user_nouser'] );}
|
|||
|
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {die( "Hacking attempt! User not found" );}
|
|||
|
|
|||
|
$row = $db->super_query( "SELECT user_id, user_group FROM " . USERPREFIX . "_users WHERE user_id = '$id'" );
|
|||
|
|
|||
|
if( ! $row['user_id'] ) die( "User not found" );
|
|||
|
|
|||
|
if ($member_id['user_group'] != 1 AND $row['user_group'] == 1 )
|
|||
|
die( $lang['edit_not_admin'] );
|
|||
|
|
|||
|
$editlevel = intval( $_POST['editlevel'] );
|
|||
|
|
|||
|
if ($member_id['user_group'] != 1 AND $editlevel < 2 )
|
|||
|
die( $lang['admin_not_access'] );
|
|||
|
|
|||
|
include_once SYSTEM_DIR . '/classes/parse.class.php';
|
|||
|
|
|||
|
$parse = new ParseFilter( );
|
|||
|
|
|||
|
$editlogin = $db->safesql( $parse->process( $_POST['editlogin'] ) );
|
|||
|
$editfullname = $db->safesql( $parse->process( $_POST['editfullname'] ) );
|
|||
|
|
|||
|
if ($_POST['editicq']) $editicq = intval( $_POST['editicq'] ); else $editicq = "";
|
|||
|
$editskype = $db->safesql( $parse->process( $_POST['editskype'] ) );
|
|||
|
|
|||
|
$editland = $db->safesql( $parse->process( $_POST['editland'] ) );
|
|||
|
$editrepa = $db->safesql($parse->process($_POST['editrepa']));
|
|||
|
$editinfo = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['editinfo'] ), false ) );
|
|||
|
$editsignature = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['editsignature'] ), false ) );
|
|||
|
$editmail = $db->safesql( $parse->process( $_POST['editmail'] ) );
|
|||
|
$editstatus = $db->safesql( $parse->process( $_POST['editstatus'] ) );
|
|||
|
|
|||
|
if ( $_POST['banned'] ) $banned = "yes";
|
|||
|
|
|||
|
$image = $_FILES['image']['tmp_name'];
|
|||
|
$image_name = $_FILES['image']['name'];
|
|||
|
$image_size = $_FILES['image']['size'];
|
|||
|
$img_name_arr = explode( ".", $image_name );
|
|||
|
$type = end( $img_name_arr );
|
|||
|
|
|||
|
if( $image_name != "" ) $image_name = totranslit( stripslashes( $img_name_arr[0] ) ) . "." . totranslit( $type );
|
|||
|
|
|||
|
if( is_uploaded_file( $image ) ) {
|
|||
|
|
|||
|
if( $image_size < 100000 ) {
|
|||
|
|
|||
|
$allowed_extensions = array ("jpg", "png", "jpe", "jpeg", "gif" );
|
|||
|
|
|||
|
if( (in_array( $type, $allowed_extensions ) or in_array( strtolower( $type ), $allowed_extensions )) and $image_name ) {
|
|||
|
include_once SYSTEM_DIR . '/classes/thumb.class.php';
|
|||
|
|
|||
|
$res = @move_uploaded_file( $image, ROOT_DIR . "/uploads/fotos/" . $id . "." . $type );
|
|||
|
|
|||
|
if( $res ) {
|
|||
|
|
|||
|
@chmod( ROOT_DIR . "/uploads/fotos/" . $id . "." . $type, 0666 );
|
|||
|
$thumb = new thumbnail( ROOT_DIR . "/uploads/fotos/" . $id . "." . $type );
|
|||
|
|
|||
|
if( $thumb->size_auto( $user_group[$member_id['user_group']]['max_foto'] ) ) {
|
|||
|
$thumb->jpeg_quality( $config['jpeg_quality'] );
|
|||
|
$thumb->save( ROOT_DIR . "/uploads/fotos/foto_" . $id . "." . $type );
|
|||
|
} else {
|
|||
|
@rename( ROOT_DIR . "/uploads/fotos/" . $id . "." . $type, ROOT_DIR . "/uploads/fotos/foto_" . $id . "." . $type );
|
|||
|
}
|
|||
|
|
|||
|
@chmod( ROOT_DIR . "/uploads/fotos/foto_" . $id . "." . $type, 0666 );
|
|||
|
$foto_name = "foto_" . $id . "." . $type;
|
|||
|
|
|||
|
$db->query( "UPDATE " . USERPREFIX . "_users set foto='$foto_name' WHERE user_id='$id'" );
|
|||
|
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
@unlink( ROOT_DIR . "/uploads/fotos/" . $id . "." . $type );
|
|||
|
}
|
|||
|
|
|||
|
if( $_POST['del_foto'] == "yes" ) {
|
|||
|
$row = $db->super_query( "SELECT foto FROM " . USERPREFIX . "_users WHERE user_id='$id'" );
|
|||
|
$db->query( "UPDATE " . USERPREFIX . "_users set foto='' WHERE user_id='$id'" );
|
|||
|
|
|||
|
@unlink( ROOT_DIR . "/uploads/fotos/" . $row['foto'] );
|
|||
|
}
|
|||
|
|
|||
|
$sql_update = "UPDATE " . USERPREFIX . "_users set user_group='$editlevel', status='$editstatus', banned='$banned', r_freeze='$r_freeze', icq='$editicq', skype='$editskype', repa=$editrepa, land='$editland', info='$editinfo', signature='$editsignature', email='$editmail', fullname='$editfullname'";
|
|||
|
|
|||
|
if ($row['user_group'] != $editlevel)
|
|||
|
{
|
|||
|
$cache->delete('user_color.php');
|
|||
|
}
|
|||
|
|
|||
|
if( trim( $editlogin ) != "" ) {
|
|||
|
|
|||
|
$row = $db->super_query( "SELECT user_id FROM " . USERPREFIX . "_users WHERE name='$editlogin'" );
|
|||
|
|
|||
|
if( ! $row['user_id'] ) {
|
|||
|
|
|||
|
$row = $db->super_query( "SELECT name FROM " . USERPREFIX . "_users WHERE user_id='$id'" );
|
|||
|
$db->query( "UPDATE " . PREFIX . "_post SET autor='$editlogin' WHERE autor='{$row['name']}'" );
|
|||
|
$db->query( "UPDATE " . PREFIX . "_comments SET autor='$editlogin' WHERE autor='{$row['name']}' AND is_register='1'" );
|
|||
|
$db->query( "UPDATE " . USERPREFIX . "_pm SET user_from='$editlogin' WHERE user_from='{$row['name']}'" );
|
|||
|
$db->query( "UPDATE " . PREFIX . "_images SET author='$editlogin' WHERE author='{$row['name']}'" );
|
|||
|
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_files SET file_author='$editlogin' WHERE file_author='{$row['name']}'");
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_forums SET f_last_poster_name='$editlogin' WHERE f_last_poster_name='{$row['name']}'");
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_poll_log SET member='$editlogin' WHERE member='{$row['name']}'");
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_posts SET post_author='$editlogin' WHERE post_author='{$row['name']}'");
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_sessions SET member_name='$editlogin' WHERE member_name='{$row['name']}'");
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_topics SET author_topic='$editlogin' WHERE author_topic='{$row['name']}'");
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_topics SET last_poster_name='$editlogin' WHERE last_poster_name='{$row['name']}'");
|
|||
|
|
|||
|
$db->query("UPDATE " . USERPREFIX . "_reputation set author='$editlogin' WHERE author='{$row['name']}'");
|
|||
|
$db->query("UPDATE " . USERPREFIX . "_reputation set komu='$editlogin' WHERE komu='{$row['name']}'");
|
|||
|
|
|||
|
$sql_update .= ", name='$editlogin'";
|
|||
|
} else
|
|||
|
msg( "error", $lang['addnews_error'], $lang['user_edit_found'], "javascript:history.go(-1)" );
|
|||
|
}
|
|||
|
|
|||
|
if( $_POST['restricted'] ) {
|
|||
|
|
|||
|
$restricted = intval( $_POST['restricted'] );
|
|||
|
$restricted_days = intval( $_POST['restricted_days'] );
|
|||
|
|
|||
|
$sql_update .= ", restricted='$restricted'";
|
|||
|
|
|||
|
if( $restricted_days != $_POST['prev_restricted'] ) {
|
|||
|
|
|||
|
$restricted_date = time() + ($config['date_adjust'] * 60);
|
|||
|
$restricted_date = $restricted_days ? $restricted_date + ($restricted_days * 60 * 60 * 24) : '';
|
|||
|
|
|||
|
$sql_update .= ", restricted_days='$restricted_days', restricted_date='$restricted_date'";
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
} else {
|
|||
|
|
|||
|
$sql_update .= ", restricted='0', restricted_days='0', restricted_date=''";
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
if( trim( $editpass ) != "" ) {
|
|||
|
$editpass = md5( md5( $_POST['editpass'] ) );
|
|||
|
$sql_update .= ", password='$editpass'";
|
|||
|
}
|
|||
|
|
|||
|
$sql_update .= " WHERE user_id='$id'";
|
|||
|
|
|||
|
$db->query( $sql_update );
|
|||
|
|
|||
|
if( $banned ) {
|
|||
|
$banned_descr = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['banned_descr'] ), false ) );
|
|||
|
$this_time = time() + ($config['date_adjust'] * 60);
|
|||
|
$banned_date = intval( $_POST['banned_date'] );
|
|||
|
$this_time = $banned_date ? $this_time + ($banned_date * 60 * 60 * 24) : 0;
|
|||
|
|
|||
|
$row = $db->super_query( "SELECT users_id, days FROM " . USERPREFIX . "_banned WHERE users_id = '$id'" );
|
|||
|
|
|||
|
if( ! $row['users_id'] ) $db->query( "INSERT INTO " . USERPREFIX . "_banned (users_id, descr, date, days) values ('$id', '$banned_descr', '$this_time', '$banned_date')" );
|
|||
|
else {
|
|||
|
|
|||
|
if( $row['days'] != $banned_date ) $db->query( "UPDATE " . USERPREFIX . "_banned set descr='$banned_descr', days='$banned_date', date='$this_time' WHERE users_id = '$id'" );
|
|||
|
else $db->query( "UPDATE " . USERPREFIX . "_banned set descr='$banned_descr' WHERE users_id = '$id'" );
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
$cache->delete('banned.php' );
|
|||
|
|
|||
|
} else {
|
|||
|
|
|||
|
$db->query( "DELETE FROM " . USERPREFIX . "_banned WHERE users_id = '$id'" );
|
|||
|
$cache->delete('banned.php' );
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
if( $_POST['del_comments'] ) {
|
|||
|
|
|||
|
$result = $db->query( "SELECT COUNT(*) as count, post_id FROM " . PREFIX . "_comments WHERE user_id='$id' AND is_register='1' GROUP BY post_id" );
|
|||
|
|
|||
|
while ( $row = $db->get_array( $result ) ) {
|
|||
|
|
|||
|
$db->query( "UPDATE " . PREFIX . "_post SET comm_num=comm_num-{$row['count']} where id='{$row['post_id']}'" );
|
|||
|
|
|||
|
}
|
|||
|
$db->free( $result );
|
|||
|
|
|||
|
$db->query( "UPDATE " . USERPREFIX . "_users set comm_num='0' where user_id ='$id'" );
|
|||
|
$db->query( "DELETE FROM " . PREFIX . "_comments WHERE user_id='$id' AND is_register='1'" );
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
header( "Location: {$_SERVER['REQUEST_URI']}" );
|
|||
|
|
|||
|
}
|
|||
|
// ********************************************************************************
|
|||
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
// ********************************************************************************
|
|||
|
elseif( $action == "dodeleteuser" ) {
|
|||
|
|
|||
|
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
|
|||
|
|
|||
|
die( "Hacking attempt! User not found" );
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
if( ! $id ) {
|
|||
|
die( $lang['user_nouser'] );
|
|||
|
}
|
|||
|
|
|||
|
if( $id == 1 ) {
|
|||
|
die( $lang['user_undel'] );
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
$row = $db->super_query( "SELECT user_id, user_group, name, foto FROM " . USERPREFIX . "_users WHERE user_id='$id'" );
|
|||
|
|
|||
|
if( ! $row['user_id'] ) die( "User not found" );
|
|||
|
|
|||
|
if ($member_id['user_group'] != 1 AND $row['user_group'] == 1 )
|
|||
|
die( $lang['user_undel'] );
|
|||
|
|
|||
|
|
|||
|
$db->query( "DELETE FROM " . USERPREFIX . "_pm WHERE user_from = '{$row['name']}' AND folder = 'outbox'" );
|
|||
|
|
|||
|
@unlink( ROOT_DIR . "/uploads/fotos/" . $row['foto'] );
|
|||
|
|
|||
|
$db->query( "delete FROM " . USERPREFIX . "_users WHERE user_id='$id'" );
|
|||
|
$db->query( "delete FROM " . USERPREFIX . "_banned WHERE users_id='$id'" );
|
|||
|
$db->query( "delete FROM " . USERPREFIX . "_pm WHERE user='$id'" );
|
|||
|
|
|||
|
if ($_GET['popup'] == "yes") {
|
|||
|
|
|||
|
die( "<body><script type=\"text/javascript\">window.close();</script>".$lang[user_ok]." ".$lang[user_delok_1]."</body>" );
|
|||
|
|
|||
|
} else {
|
|||
|
|
|||
|
msg( "info", $lang['user_delok'], "$lang[user_ok] $user $lang[user_delok_1]", "$PHP_SELF?mod=editusers&action=list" );
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
} elseif( $action == "dodelcomments" ) {
|
|||
|
if( ! $id ) {
|
|||
|
die( $lang['user_nouser'] );
|
|||
|
}
|
|||
|
|
|||
|
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
|
|||
|
|
|||
|
die( "Hacking attempt! User not found" );
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
$result = $db->query( "SELECT COUNT(*) as count, post_id FROM " . PREFIX . "_comments WHERE user_id='$id' AND is_register='1' GROUP BY post_id" );
|
|||
|
|
|||
|
while ( $row = $db->get_array( $result ) ) {
|
|||
|
|
|||
|
$db->query( "UPDATE " . PREFIX . "_post set comm_num=comm_num-{$row['count']} where id='{$row['post_id']}'" );
|
|||
|
|
|||
|
}
|
|||
|
$db->free( $result );
|
|||
|
|
|||
|
$db->query( "UPDATE " . USERPREFIX . "_users set comm_num='0' where user_id ='$id'" );
|
|||
|
$db->query( "DELETE FROM " . PREFIX . "_comments WHERE user_id='$id' AND is_register='1'" );
|
|||
|
|
|||
|
msg( "info", $lang['user_delok'], $lang['comm_alldel'], "$PHP_SELF?mod=editusers&action=list" );
|
|||
|
}
|
|||
|
?>
|