Go to most recent revision | Blame | Last modification | View Log | Download
<?php
session_start();
include 'shoutoptions.php';
#used for the database variables
include 'shoutfunctions.php';
#used for lefts() cuts down on the message if over 400.
#Just in case people decide to let the limit be higher than that
?>
<html><head>
<title>Admin Section</title>
<link href="shout.css" rel="stylesheet" type="text/css" />
</head>
<body>
<?php
if($_SESSION['level']=='Admin'){
#if the session variable level is set to Admin
echo '<a href="logout.php">Logout?</a><br />';
$db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die("Unable to connect!");
#connect to the database
mysql_select_db($dbname,$db);
#select the database
if ($_GET['ban']!=NULL)
#if the variable Ban is not null
{
$IP = $_GET['ban'];
#since we sent an IP we're calling our variable $IP
echo 'Banned, <br />';
$i=0;
$requete = "SELECT IP FROM ShoutBoxBanned WHERE IP='$IP'";
$result = mysql_query ($requete,$db);
if ($pollart = mysql_fetch_object($result)!=NULL)
{
#If he's already been banned, let's not add him again
$i=1;
}
if($i==0){
$sql="INSERT INTO ShoutBoxBanned (IP) VALUES ('$IP')";
#insert the guy into the shoutbox banned table
mysql_query($sql, $db);
#our query
}
}
if ($_GET['unban']!=NULL)
#if the variable unban is not null
{
$unban = $_GET['unban'];
#get the unban, it's an IP, but I called it unban
$requete2 = "DELETE FROM ShoutBoxBanned WHERE ID='$unban'";
#our query to delete him from the database
mysql_query ($requete2,$db);
#executing query
}
if ($_GET['del']!=NULL)
#if del does no equal null
{
$del = $_GET['del'];
#get our variable
$requete2 = "DELETE FROM ShoutBox WHERE ID='$del'";
#our query to delete the message
mysql_query ($requete2,$db);
#executing it
}
$db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die("Unable to connect!");
#connecting to database
mysql_select_db($dbname,$db);
#select the database
$requete = "SELECT ID, Name, Message, IP FROM ShoutBox ORDER BY Date DESC";
#our query
$result = mysql_query ($requete,$db);
#executing the query
echo '<h4>Messages</h4>';
$i=0;
#we're using it as a switch
while ($pollart = mysql_fetch_object($result))
#while there are rows
{
if (($Alternate==1)&&($i==0))
#will only display if i is 0 and alternate mode, set in shoutoptions, is on
{
echo '<div class="shoutentry2">';
echo $pollart->Name.' - <a href="'.$_SERVER['SCRIPT_NAME'].'?del='.$pollart->ID.'">Delete Message</a> - <a href="'.$_SERVER['SCRIPT_NAME'].'?ban='.$pollart->IP.'">Ban User</a><br />'.lefts($pollart->Message, 400).'<br /></div>';
$i=1;
}
else {
echo '<div class="shoutentry">';
echo $pollart->Name.' - <a href="'.$_SERVER['SCRIPT_NAME'].'?del='.$pollart->ID.'">Delete Message</a> - <a href="'.$_SERVER['SCRIPT_NAME'].'?ban='.$pollart->IP.'">Ban User</a><br />'.lefts($pollart->Message, 400).'<br /></div>';
$i=0;
}
}
mysql_free_result($result);
#free the result... sometimes I forget this... it's not needed, when it finishes it frees it anyhow
$requete = "SELECT ID,IP FROM ShoutBoxBanned ORDER BY IP DESC";
#query to select the IP and IDs of who has been banned
$result = mysql_query ($requete,$db);
#query that query
echo '<h4>Current Banned IPs</h4>';
while ($pollart = mysql_fetch_object($result))
{
echo $pollart->IP.' <a href="'.$_SERVER['SCRIPT_NAME'].'?unban='.$pollart->ID.'">Unban</a><br />';
}
mysql_free_result($result);
}
else
{
echo 'Sorry, you don\'t have clearance to view this page.';
#if they're not logged in
}
?>
</body>
</html>