| 6 |
kaklik |
1 |
<?php
|
|
|
2 |
session_start();
|
|
|
3 |
include 'shoutoptions.php';
|
|
|
4 |
#used for the database variables
|
|
|
5 |
|
|
|
6 |
include 'shoutfunctions.php';
|
|
|
7 |
#used for lefts() cuts down on the message if over 400.
|
|
|
8 |
#Just in case people decide to let the limit be higher than that
|
|
|
9 |
?>
|
|
|
10 |
<html><head>
|
|
|
11 |
<title>Admin Section</title>
|
|
|
12 |
<link href="shout.css" rel="stylesheet" type="text/css" />
|
|
|
13 |
</head>
|
|
|
14 |
<body>
|
|
|
15 |
<?php
|
|
|
16 |
if($_SESSION['level']=='Admin'){
|
|
|
17 |
#if the session variable level is set to Admin
|
|
|
18 |
|
|
|
19 |
echo '<a href="logout.php">Logout?</a><br />';
|
|
|
20 |
|
|
|
21 |
$db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die("Unable to connect!");
|
|
|
22 |
#connect to the database
|
|
|
23 |
|
|
|
24 |
mysql_select_db($dbname,$db);
|
|
|
25 |
#select the database
|
|
|
26 |
|
|
|
27 |
if ($_GET['ban']!=NULL)
|
|
|
28 |
#if the variable Ban is not null
|
|
|
29 |
{
|
|
|
30 |
|
|
|
31 |
$IP = $_GET['ban'];
|
|
|
32 |
#since we sent an IP we're calling our variable $IP
|
|
|
33 |
|
|
|
34 |
echo 'Banned, <br />';
|
|
|
35 |
$i=0;
|
|
|
36 |
|
|
|
37 |
$requete = "SELECT IP FROM ShoutBoxBanned WHERE IP='$IP'";
|
|
|
38 |
$result = mysql_query ($requete,$db);
|
|
|
39 |
if ($pollart = mysql_fetch_object($result)!=NULL)
|
|
|
40 |
{
|
|
|
41 |
#If he's already been banned, let's not add him again
|
|
|
42 |
$i=1;
|
|
|
43 |
}
|
|
|
44 |
if($i==0){
|
|
|
45 |
$sql="INSERT INTO ShoutBoxBanned (IP) VALUES ('$IP')";
|
|
|
46 |
#insert the guy into the shoutbox banned table
|
|
|
47 |
|
|
|
48 |
mysql_query($sql, $db);
|
|
|
49 |
#our query
|
|
|
50 |
}
|
|
|
51 |
}
|
|
|
52 |
|
|
|
53 |
if ($_GET['unban']!=NULL)
|
|
|
54 |
#if the variable unban is not null
|
|
|
55 |
{
|
|
|
56 |
|
|
|
57 |
$unban = $_GET['unban'];
|
|
|
58 |
#get the unban, it's an IP, but I called it unban
|
|
|
59 |
|
|
|
60 |
$requete2 = "DELETE FROM ShoutBoxBanned WHERE ID='$unban'";
|
|
|
61 |
#our query to delete him from the database
|
|
|
62 |
|
|
|
63 |
mysql_query ($requete2,$db);
|
|
|
64 |
#executing query
|
|
|
65 |
}
|
|
|
66 |
if ($_GET['del']!=NULL)
|
|
|
67 |
#if del does no equal null
|
|
|
68 |
{
|
|
|
69 |
|
|
|
70 |
$del = $_GET['del'];
|
|
|
71 |
#get our variable
|
|
|
72 |
|
|
|
73 |
$requete2 = "DELETE FROM ShoutBox WHERE ID='$del'";
|
|
|
74 |
#our query to delete the message
|
|
|
75 |
|
|
|
76 |
mysql_query ($requete2,$db);
|
|
|
77 |
#executing it
|
|
|
78 |
}
|
|
|
79 |
|
|
|
80 |
$db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die("Unable to connect!");
|
|
|
81 |
#connecting to database
|
|
|
82 |
|
|
|
83 |
mysql_select_db($dbname,$db);
|
|
|
84 |
#select the database
|
|
|
85 |
|
|
|
86 |
$requete = "SELECT ID, Name, Message, IP FROM ShoutBox ORDER BY Date DESC";
|
|
|
87 |
#our query
|
|
|
88 |
|
|
|
89 |
$result = mysql_query ($requete,$db);
|
|
|
90 |
#executing the query
|
|
|
91 |
|
|
|
92 |
echo '<h4>Messages</h4>';
|
|
|
93 |
$i=0;
|
|
|
94 |
#we're using it as a switch
|
|
|
95 |
|
|
|
96 |
while ($pollart = mysql_fetch_object($result))
|
|
|
97 |
#while there are rows
|
|
|
98 |
{
|
|
|
99 |
|
|
|
100 |
if (($Alternate==1)&&($i==0))
|
|
|
101 |
#will only display if i is 0 and alternate mode, set in shoutoptions, is on
|
|
|
102 |
{
|
|
|
103 |
echo '<div class="shoutentry2">';
|
|
|
104 |
echo $pollart->Name.' - <a href="'.$_SERVER['SCRIPT_NAME'].'?del='.$pollart->ID.'">Delete Message</a> - <a href="'.$_SERVER['SCRIPT_NAME'].'?ban='.$pollart->IP.'">Ban User</a><br />'.lefts($pollart->Message, 400).'<br /></div>';
|
|
|
105 |
$i=1;
|
|
|
106 |
}
|
|
|
107 |
else {
|
|
|
108 |
echo '<div class="shoutentry">';
|
|
|
109 |
echo $pollart->Name.' - <a href="'.$_SERVER['SCRIPT_NAME'].'?del='.$pollart->ID.'">Delete Message</a> - <a href="'.$_SERVER['SCRIPT_NAME'].'?ban='.$pollart->IP.'">Ban User</a><br />'.lefts($pollart->Message, 400).'<br /></div>';
|
|
|
110 |
$i=0;
|
|
|
111 |
}
|
|
|
112 |
}
|
|
|
113 |
mysql_free_result($result);
|
|
|
114 |
#free the result... sometimes I forget this... it's not needed, when it finishes it frees it anyhow
|
|
|
115 |
|
|
|
116 |
$requete = "SELECT ID,IP FROM ShoutBoxBanned ORDER BY IP DESC";
|
|
|
117 |
#query to select the IP and IDs of who has been banned
|
|
|
118 |
|
|
|
119 |
$result = mysql_query ($requete,$db);
|
|
|
120 |
#query that query
|
|
|
121 |
|
|
|
122 |
echo '<h4>Current Banned IPs</h4>';
|
|
|
123 |
while ($pollart = mysql_fetch_object($result))
|
|
|
124 |
{
|
|
|
125 |
echo $pollart->IP.' <a href="'.$_SERVER['SCRIPT_NAME'].'?unban='.$pollart->ID.'">Unban</a><br />';
|
|
|
126 |
}
|
|
|
127 |
mysql_free_result($result);
|
|
|
128 |
}
|
|
|
129 |
else
|
|
|
130 |
{
|
|
|
131 |
echo 'Sorry, you don\'t have clearance to view this page.';
|
|
|
132 |
#if they're not logged in
|
|
|
133 |
}
|
|
|
134 |
?>
|
|
|
135 |
</body>
|
|
|
136 |
</html>
|