Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $pg = $_GET["pg"];
- $cat = $_GET["cat"];
- $act = $_GET["act"];
- $us = $_GET["user"];
- $ke = $_GET["key"];
- if ($_SESSION["Logado"] == 0) {
- ?>
- <a href="?pg=login" style="margin-left:800px;position:relative;top:-65px;">Logue-se!</a>
- <?php
- } else {
- ?>
- <div id="top_user">
- <a href="?pg=profile"><?php echo $_SESSION["User"] ?></a>
- <a href="?pg=logout" style="margin:0;padding:0;">Logout</a>
- </div>
- <?php
- }
- if (!isset($pg)) {
- if ($_SESSION["Logado"] == 0) {
- header("Location:index.php?pg=login");
- } else {
- header("Location:index.php?pg=anuncios");
- }
- } else {
- if ($pg == 'logout') {
- if ($_SESSION["Logado"] == 1) {
- $_SESSION["Logado"] = 0;
- $_SESSION["User"] = 0;
- }
- if (($_SESSION["Admin"] == 1) ? ($_SESSION["Admin"] = 0) : (""));
- echo "<script>alert('Desconectado!');</script>";
- echo "<script>window.setTimeout(\"location.href='index.php?pg=login';\", 1000);</script>";
- }
- if ($pg == 'login') {
- if ($_SESSION["Logado"] == 1) {
- header("Location:index.php?pg=profile");
- } else {
- ?>
- <form method="post" action="?pg=vlogin" id="login-bar">
- <center>
- <p>Usuário:</p> <input class="login-campo" type="text" name="user_box" placeholder="ex: Alexandre" maxlength="30"/><br/>
- <p>Senha:</p> <input class="login-campo" type="password" name="pass_box" placeholder="ex: 1234" maxlength="40"/><br/><br/>
- <input class="login-botao" type="submit" name="subm_box" value="Logar" />
- </center></br>
- <p style="margin-left:10px;"><a href="?pg=registro">Registre-se!</a></p>
- </form>
- <?php
- }
- }
- if ($pg == 'anunciar') {
- if ($_SESSION["Logado"] == 1) {
- ?>
- <form method="post" enctype="multipart/form-data" id="login-bar" style="height:400px;width:400px;" action="upload.php?user=<?php echo $_SESSION["User"]; ?>">
- <center>
- <p style="font-size:17px;color:#4682B4;"><b>Dados do anúncio</b></p><br/>
- <p>Título:</p> <input class="login-campo" type="text" name="title_box" placeholder="ex: Casa 1002" maxlength="50"/><br/>
- <p>Preço:</p> <input class="login-campo" type="text" name="price_box" placeholder="ex: 10000" maxlength="10"/><br/>
- <p>Tipo:</p>
- <select id="type_box" name="type_box" required>
- <option value="Item">Item</option>
- <option value="Propriedade">Propriedade</option>
- </select>
- <p>Miniatura:</p> <input class="login-campo" type="file" name="file_box" /><br/>
- <p>Obs:</p> <textarea class="login-campo" name="obs_box" maxlength="150"></textarea><br/>
- <input type="submit" class="login-botao" id="sub_box" name="sub_box" value="Enviar" />
- </center>
- </form>
- <?php
- }
- }
- if ($pg == 'registro') {
- if ($_SESSION["Logado"] == 0) {
- ?>
- <form method="post" action="?pg=vregistro" id="login-bar" style="height:230px;">
- <center>
- <p>Usuário:</p> <input class="login-campo" type="text" name="user_box_re" placeholder="ex: Alexandre" maxlength="30"/><br/>
- <p>Senha:</p> <input class="login-campo" type="password" name="pass_box_re" placeholder="ex: alexandre@1" maxlength="40"/><br/>
- <p>Email:</p> <input class="login-campo" type="email" name="email_box_re" placeholder="ex: alexandre@email.com" maxlength="120"/><br/>
- <p>Nickname:</p> <input class="login-campo" type="text" name="nick_box_re" placeholder="Nick in-game" maxlength="25" /><br/><br/>
- <input class="login-botao" type="submit" id="subm_box_re" name="subm_box_re" value="Registrar" />
- </center></br>
- </form>
- <?php
- }
- }
- if ($pg == 'vregistro') {
- if ($_SESSION["Logado"] == 0) {
- if (isset($_POST['subm_box_re'])) {
- $user = mysql_real_escape_string($_POST["user_box_re"]);
- $pass = mysql_real_escape_string($_POST["pass_box_re"]);
- $email = mysql_real_escape_string($_POST["email_box_re"]);
- $nick = mysql_real_escape_string($_POST["nick_box_re"]);
- $date = date("F j, Y, g:i a");
- $products = 0;
- $active = 0;
- $ads = -1;
- include('connect.php');
- $squery = mysql_query("insert into users values ('$user','$pass','$email','$nick',$active,'$date',$products,$ads)");
- if ($squery) {
- ?>
- <p style="text-align:center;font-family:Trebuchet MS, Sans-Serif;color:#4682B4;font:small-caption;font-size:20px;">Sua conta foi cadastrada com sucesso.</p>
- <p style="text-align:center;font-family:Trebuchet MS, Sans-Serif;color:black;font:small-caption;">Agora é necessário que sua conta seja ativada por um administrador.</p>
- <?php
- } else {
- die('Error: '.mysql_errno($connect));
- }
- }
- }
- }
- if ($pg == 'anuncios') {
- if ($_SESSION["Logado"] == 1) {
- include ('connect.php');
- if (isset($ke)) {
- $q = mysql_query("select * from ads where adsid = '$ke' and active=1");
- if ($q) {
- if (mysql_num_rows($q)) {
- $r = mysql_fetch_array($q);
- $img = $r["image"];
- $ky = $r["adsid"];
- ?>
- <div id="getAn">
- <img src="ads/thumbs/<?php echo $img; ?>" alt="" />
- <strong><?php echo utf8_encode($r["title"]); ?></strong><br>
- <b>Tipo:</b> <small><?php echo utf8_encode($r["type"]); ?></small><br>
- <b>Preço: </b> <small><?php echo utf8_encode($r["price"]); ?></small><br>
- <b>Proprietário: </b> <small><?php echo utf8_encode($r["owner"]); ?></small><br>
- <b>Status: </b> <small><?php echo utf8_encode($r["status"]); ?></small><br>
- <b>Observação: </b> <small><?php echo utf8_encode($r["obs"]); ?></small><br>
- <b>Interessados: </b> <small><a href="names.php?l=<?php echo $ky; ?>" target="_blank"><?php echo utf8_encode($r["ints"]); ?> (clique para exibir os nomes)</a></small>
- </div>
- <?php
- }
- }
- } else {
- $query = mysql_query("select * from ads where active = 1 order by adsid asc limit 20");
- if ($query) {
- if (mysql_num_rows($query)) {
- echo "<br><br>";
- echo "<script>redimensionar_div('page');</script>";
- while ($result = mysql_fetch_array($query)) {
- $img = $result["image"];
- $kyy = $result["adsid"];
- ?>
- <div id="exAds">
- <div class="imgAds"><img src="ads/thumbs/<?php echo $img;?>"></div>
- <div class="infoAds">
- <strong><a href="index.php?pg=anuncios&key=<?php echo $kyy; ?>" target="_blank"><?php echo utf8_encode($result["title"]); ?></a></strong><br>
- <b>Tipo: </b><small><?php echo utf8_encode($result["type"]); ?></small><br>
- <b>Valor: </b><small><?php echo utf8_encode($result["price"]); ?></small><br>
- <b>Dono: </b><small><?php echo utf8_encode($result["owner"]); ?></small><br>
- <b>Status: </b><small><?php echo utf8_encode($result["status"]); ?></small>
- <form class="formAds" method="post" action="index.php?pg=decint&key=<?php echo $kyy;?>">
- <input type="submit" value="Estou interessado" name="decInteresse" class="buttonAds" />
- </form>
- </div>
- </div>
- <?php
- }
- }
- }
- }
- }
- }
- if ($pg == 'decint') {
- if ($_SESSION["Logado"] == 1) {
- if (isset($ke)) {
- $name = $_SESSION["User"];
- include ('connect.php');
- $q = mysql_query("select ints, intsnames from ads where adsid = '$ke'");
- if ($q) {
- if (mysql_num_rows($q)) {
- $r = mysql_fetch_array($q);
- $itsnames = $r["intsnames"];
- if (strlen($itsnames) ? ($itsnames.= ", ".$name) : ($itsnames.=" ".$name));
- $query = mysql_query("update ads set ints = ints + 1, intsnames = '$itsnames' where adsid = '$ke'");
- if ($query) {
- header("Location: index.php?pg=anuncios&key=$ke");
- }
- }
- }
- }
- }
- }
- if ($pg == 'editan') {
- if ($_SESSION["Logado"] == 1) {
- if (isset($ke)) {
- include ('connect.php');
- $q = mysql_query("select status from ads where adsid='$ke'");
- if ($q) {
- if (mysql_num_rows($q)) {
- $r = mysql_fetch_array($q);
- $status = $r["status"];
- ?>
- <form method="post" action="changestatus.php?key=<?=$ke;?>" id="login-bar" style="height:140px;">
- <center>
- <p style="color:black;font-weight:bold;font-size:15px;">Alterando status...</p>
- <select class="login-campo" id="type_box" name="type_box" required>
- <option value="À venda">À venda</option>
- <option value="Em negociação">Em negociação</option>
- <option value="Vendido">Vendido</option>
- </select>
- <input class="login-botao" style="width:120px;" type="submit" value="Salvar"/>
- </center>
- </form>
- <?php
- }
- }
- }
- }
- }
- if ($pg == 'profile') {
- if ($_SESSION["Logado"] == 1) {
- if (!isset($user)) {
- $name = $_SESSION["User"];
- include ('connect.php');
- $q = mysql_query("select * from users where username = '$name'");
- if ($q) {
- if (mysql_num_rows($q)) {
- $r = mysql_fetch_array($q);
- $nick = $r["nickname"];
- $date = $r["date"];
- $prod = $r["products"];
- $adid = $r["adsid"];
- }
- ?>
- <div id="getProfile">
- <strong><?php echo $nick; ?></strong><br>
- <b>Data de inscrição no CLS: </b><br><small><?php echo $date; ?></small><br>
- <b>Total de produtos anunciados: </b><br><small><?php echo $prod; ?></small><br>
- <b>Último anúncio feito: </b><br><small><a href="?pg=anuncios&key=<?php echo $adid; ?>"><?php echo $adid; ?></a> -
- <a href="?pg=editan&key=<?=$adid;?>">(editar status)</a></small><br>
- </div>
- <?php
- }
- } else {
- include('connect.php');
- $q = mysql_query("select * from users where username = '$us'");
- if ($q) {
- if (mysql_num_rows($q)) {
- $r = mysql_fetch_array($q);
- $img = $r["avatar"];
- $nick = $r["nickname"];
- $date = $r["date"];
- $prod = $r["products"];
- }
- ?>
- <div id="getProfile">
- <img src="avatars/<?php echo $img; ?>" alt="Avatar de <?php echo $user; ?>" />
- <strong><?php echo $nick; ?></strong><br>
- <b>Data de inscrição no CLS: </b><br><small><?php echo $date; ?></small><br>
- <b>Total de produtos anunciados: </b><br><small><?php echo $prod; ?></small><br>
- </div>
- <?php
- }
- }
- }
- }
- if ($pg == 'vlogin') {
- if (isset($_POST["subm_box"])) {
- $user = mysql_real_escape_string($_POST["user_box"]);
- $pass = mysql_real_escape_string($_POST["pass_box"]);
- include('connect.php');
- $query = mysql_query("select username, password, active from users where username='$user' and password='$pass'");
- if ($query) {
- if (mysql_num_rows($query)) {
- $result = mysql_fetch_array($query);
- if ($result["active"] == 0) {
- echo "<script>alert('Sua conta ainda não foi ativada por um administrador.');</script>";
- echo "<script>window.setTimeout(\"location.href='index.php?pg=login';\", 1000);</script>";
- } else {
- $_SESSION["Logado"] = 1;
- $_SESSION["User"] = $user;
- header("Location: index.php?pg=anuncios");
- }
- } else {
- header("Location: index.php?pg=login");
- }
- }
- }
- }
- if ($pg == 'admin') {
- if ($_SESSION["Admin"] == 0) {
- $_SESSION["Logado"] = 0;
- ?>
- <form method="post" action="index.php?pg=acp" id="login-bar" style="height:140px;">
- <center><p style="color:red;font-weight:bold;font-size:15px;">ACESSO RESTRITO</p>
- <p>Senha:</p> <input class="login-campo" type="password" name="pass_box_acp" placeholder="" /><br/><br/>
- <input class="login-botao" type="submit" name="subm_box_acp" value="Logar" />
- </form></center>
- <?php
- } else {
- header("Location: index.php?pg=acp");
- }
- }
- if ($pg == 'acp') {
- if ($_SESSION["Admin"] == 0) {
- if (isset($_POST["subm_box_acp"])) {
- $acpass = mysql_real_escape_string($_POST["pass_box_acp"]);
- include('connect.php');
- $query = mysql_query("select * from passwords");
- while ($result = mysql_fetch_array($query)) {
- if ($result["password"] == $acpass) {
- $_SESSION["Admin"] = 1;
- header("Location: index.php?pg=acp");
- } else {
- ?>
- <p style="text-align:center;">Senha não encontrada no banco de dados.</p>
- <?php
- }
- }
- }
- } else {
- if (isset($act)) {
- include('connect.php');
- if ($act == 'delan' && isset($ke) && isset($cat)) {
- $q = mysql_query("delete from ads where adsid = '$ke'");
- if ($q) {
- $l = "ads/thumbs/".$cat;
- unlink($l);
- echo "<script>alert('O anúncio $ke foi deletado com sucesso.');</script>";
- echo "<script>window.setTimeout(\"location.href='index.php?pg=acp';\", 1000);</script>";
- }
- } else {
- $jquery = mysql_query("update users set active=1 where username='$act'");
- if($jquery) {
- echo "<script>alert('A conta foi ativada com sucesso.');</script>";
- echo "<script>window.setTimeout(\"location.href='index.php?pg=acp';\", 1000);</script>";
- } else {
- echo "Houve um erro.".mysql_error()." ):";
- }
- }
- }
- if (isset($cat)) {
- if ($cat == 'home') {
- ?>
- <form id="login-bar" style="height:200px;">
- <center><p>O que você deseja fazer?</p><br/>
- <input class="login-botao" style="width:120px;" type="button" value="Ativar anuncios" onclick="location.href='index.php?pg=acp&cat=atan'"/>
- <input class="login-botao" style="width:120px;" type="button" value="Ativar contas" onclick="location.href='index.php?pg=acp&cat=atcc'"/>
- <input class="login-botao" style="width:120px;" type="button" value="Deletar conta" onclick="location.href='index.php?pg=acp&cat=delacc'"/>
- <input class="login-botao" style="width:120px;" type="button" value="Excluir anúncio" onclick="location.href='index.php?pg=acp&cat=exan'"/></center>
- <a href="index.php?pg=logout">Logout</a>
- </form>
- <?php
- }
- if ($cat == 'atcc') {
- ?>
- <div id="table_atcc">
- <table border="0" cellpadding="0" cellspacing="0" width="100%" class="display" id="tabela1">
- <thead>
- <tr style="background-color:#4682B4;">
- <th>username</th>
- <th>email</th>
- <th>nickname</th>
- <th>join date</th>
- <th>ativar</th>
- </tr>
- </thead>
- <tbody>
- <?php
- include('connect.php');
- $query = mysql_query("select * from users where active = 0");
- while ($result = mysql_fetch_array($query)) {
- $usuario = $result["username"];
- $email = $result["email"];
- $nick = $result["nickname"];
- $date = $result["date"];
- ?>
- <tr style="background-color:#eee;">
- <td><?php echo $usuario ?></td>
- <td><?php echo $email ?></td>
- <td><?php echo $nick ?></td>
- <td><?php echo $date ?></td>
- <td><a href="index.php?pg=acp&act=<?=$usuario ?>&cat=delaccv">Ativar</a></td>
- </tr>
- <?php
- }
- echo "</tbody></table></div>";
- }
- if ($cat == 'atan') {
- ?>
- <div id="table_atcc">
- <table border="0" cellpadding="0" cellspacing="0" width="100%" class="display" id="tabela1">
- <thead>
- <tr style="background-color:#4682B4;">
- <th>adsid</th>
- <th>title</th>
- <th>owner</th>
- <th>type</th>
- <th>img</th>
- <th>delete</th>
- </tr>
- </thead>
- <tbody>
- <?php
- include ('connect.php');
- $q = mysql_query("select * from ads where active=0");
- while ($r = mysql_fetch_array($q)) {
- $id = $r["adsid"];
- $title = $r["title"];
- $owner = $r["owner"];
- $img = $r["image"];
- $type = $r["type"];
- ?>
- <tr style="background-color:#eee;">
- <td><?php echo $id ?></td>
- <td><?php echo $title ?></td>
- <td><?php echo $owner ?></td>
- <td><?php echo $type ?></td>
- <td><img src="ads/thumbs/<?=$img; ?>" alt="" style="width:50px;height:50px;" /></td>
- <td><a href="index.php?pg=acp&cat=atan2&key=<?=$id;?>">Ativar</a></td>
- </tr>
- <?php
- }
- }
- if ($cat == 'atan2') {
- if (isset($ke)) {
- include ('connect.php');
- $q = mysql_query("update ads set active=1 where adsid=$ke");
- if ($q) {
- echo "<script>alert('O anúncio foi ativado com sucesso.');</script>";
- echo "<script>window.setTimeout(\"location.href='index.php?pg=acp';\", 1000);</script>";
- }
- }
- }
- if($cat == 'delacc') {
- ?>
- <form method="post" action="index.php?pg=acp&cat=delaccv" id="login-bar" style="height:120px;">
- <center><p>Usuário:</p> <input class="login-campo" type="text" name="user_box_delacc" placeholder="Ex: Alexandre" maxlength="30"/><br/><br/>
- <input class="login-botao" style="width:120px;" type="submit" name="botao_box_delacc" value="Deletar conta"/></center>
- </form>
- <?php
- }
- if ($cat == 'exan') {
- ?>
- <div id="table_atcc">
- <table border="0" cellpadding="0" cellspacing="0" width="100%" class="display" id="tabela1">
- <thead>
- <tr style="background-color:#4682B4;">
- <th>adsid</th>
- <th>title</th>
- <th>owner</th>
- <th>type</th>
- <th>img</th>
- <th>delete</th>
- </tr>
- </thead>
- <tbody>
- <?php
- include ('connect.php');
- $q = mysql_query("select * from ads");
- while ($r = mysql_fetch_array($q)) {
- $id = $r["adsid"];
- $title = $r["title"];
- $owner = $r["owner"];
- $img = $r["image"];
- $type = $r["type"];
- ?>
- <tr style="background-color:#eee;">
- <td><?php echo $id ?></td>
- <td><?php echo $title ?></td>
- <td><?php echo $owner ?></td>
- <td><?php echo $type ?></td>
- <td><img src="ads/thumbs/<?=$img; ?>" alt="" style="width:50px;height:50px;" /></td>
- <td><a href="index.php?pg=acp&act=delan&key=<?=$id;?>&cat=<?=$img;?>">Deletar</a></td>
- </tr>
- <?php
- }
- }
- if ($cat == 'delaccv') {
- if (isset($_POST["botao_box_delacc"])) {
- if (!is_null($_POST["user_box_delacc"])) {
- $name = mysql_real_escape_string($_POST["user_box_delacc"]);
- include('connect.php');
- $jquery = mysql_query("delete from users where username='$name'");
- if ($jquery) {
- echo "<script>alert('A conta foi deletada com sucesso.');</script>";
- echo "<script>window.setTimeout(\"location.href='index.php?pg=acp';\", 1000);</script>";
- }
- }
- }
- }
- } else {
- header("Location: index.php?pg=acp&cat=home");
- }
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement