📄 admin-search.php
字号:
<?php /* ------------------------- */
$OMNILOG = 1;
include("_include-config.php");
if(! check_login()) {
header("Location: login.php");
exit;
}
if(! ($data->level >= 50))
exit;
mysql_query("UPDATE `[users]` SET `online`=NOW() WHERE `login`='{$data->login}'");
/* ------------------------- */ ?>
<html>
<head>
<title>[( Elite Avengers )]</title>
<link rel="stylesheet" type="text/css" href="css-v1.css">
<style type="text/css" media="screen">
#obmessage #message {top:120px; border:1px solid black;
width:200px;background-color:lime;padding:4px;
position:absolute;}
</style>
<script language="JavaScript">
var left = 0;
function movein(){
if (document.layers) {
document.layers['message'].pageX = window.pageXOffset + left;
left+=step;
if(left<moveto){ setTimeout('movein()',speed); }
else { setTimeout('closemessage()',hide); }
}
else{
document.getElementById('message').style.left=left+'px';
left+=step;
if(left<moveto){ setTimeout('movein()',speed); }
else { setTimeout('closemessage()',hide); }
}
}
function closemessage(){
if (document.layers) {document.layers['message'].visibility='hidden';}
else{document.getElementById('message').style.visibility='hidden';}
}
</script>
</head>
<body onLoad="movein()">
<table width=100%>
<?php /* ------------------------- */
if($_GET['p'] == "search") {
if(isset($_GET['x']) && $_GET['t'] == "users") {
$begin = ($_GET['b'] >= 0) ? $_GET['b']*30 : 0;
$field = "IP";
if($_GET['f'] == "login")
$field = "login";
$x = preg_replace('/\*/','%',$_GET['x']);
$x = preg_replace('/_/','\_',$x);
$dbres = mysql_query("SELECT `id` FROM `[users]` WHERE `$field` LIKE '$x%'");
$total = mysql_num_rows($dbres);
$x = preg_replace('/%/','*',$x);
print "Aantal resultaten: <b>$total</b><br>\n";
print <<<ENDHTML
<tr><td width=15></td> <td width=100></td>
<td class="subTitle" style="letter-spacing: normal;"><a href="admin.php?p=search&f=$field&t=users&s=login&x=$x"><b>Login</b></a></td>
<td class="subTitle" style="letter-spacing: normal;" width=110><b><a href="admin.php?p=search&f=$field&t=users&s=ip&x=$x"><b>IP</b></a></b></td></tr>
ENDHTML;
$x = preg_replace('/\*/','%',$x);
if($_GET['s'] == "login")
$dbres = mysql_query("SELECT `login`,`IP`,`email` FROM `[users]` WHERE `$field` LIKE '$x%' ORDER BY `login` LIMIT $begin,30");
else if($_GET['s'] == "ip")
$dbres = mysql_query("SELECT `login`,`IP`,`email` FROM `[users]` WHERE `$field` LIKE '$x%' ORDER BY `ip` LIMIT $begin,30");
else
$dbres = mysql_query("SELECT `login`,`IP`,`email` FROM `[users]` WHERE `$field` LIKE '$x%' ORDER BY `$field` LIMIT $begin,30");
for($j=$begin+1; $member = mysql_fetch_object($dbres); $j++) {
print <<<ENDHTML
<tr><td align="center" class="mainTxt" width=15>$j</td>
<td class="mainTxt" width=100><a href="javascript://" onClick="window.open('admin.php?p=reset&x={$member->login}','','width=400,height=105,toolbar=no,status=no')">[R]</a>
ENDHTML;
if($data->level > 50)
echo "<a href=\"javascript://\" onClick=\"window.open('admin.php?p=del&x={$member->login}','','width=400,height=105,toolbar=no,status=no')\">[D]</a>";
print <<<ENDHTML
<a href="profile.php?x={$member->login}">[P]</a> <a href="admin.php?p=stats&f=login&x={$member->login}">[I]</a></td>
<td class="mainTxt">{$member->login}</td>
<td class="mainTxt" width=110 align="right"><a href="admin.php?p=search&t=users&f=bothIP&x={$member->IP}">{$member->IP}</a></td></tr>
ENDHTML;
}
$dbres = mysql_query("SELECT `id` FROM `[users]` WHERE `$field` LIKE '$x' ORDER BY `$field`");
print "</table>\n\n<table width=100%>\n <tr><td class=\"mainTxt\" align=\"center\">";
if(mysql_num_rows($dbres) <= 30)
print "< 1 ></td></tr></table>\n";
else {
$x = preg_replace('/%/','*',$x);
if($begin/30 == 0)
print "<< ";
else
print "<a href=\"admin.php?p=search&f=$field&t=users&x=$x&b=". ($begin/30-1) ."\"><<</a> ";
for($i=0; $i<mysql_num_rows($dbres)/30; $i++) {
print "<a href=\"admin.php?p=search&f=$field&t=users&x=$x&b=$i\">". ($i+1) ."</a> ";
}
if($begin+30 >= mysql_num_rows($dbres))
print ">> ";
else
print "<a href=\"admin.php?p=search&f=$field&t=users&x=$x&b=". ($begin/30+1) ."\">>></a>";
}
}
else if(isset($_GET['x']) && $_GET['t'] == "hqLogs") {
$begin = ($_GET['b'] >= 0) ? $_GET['b']*30 : 0;
$x = preg_replace('/\*/','%',$_GET['x']);
$x = preg_replace('/_/','\_',$x);
if($_GET['s'] == "ip")
$sort = "ORDER BY `IP`";
else if($_GET['s'] == "fIP")
$sort = "ORDER BY `forwardedFor`";
else if($_GET['s'] == "online")
$sort = "ORDER BY `online`";
else
$sort = "ORDER BY `login`";
if($_GET['f'] == "bothIP")
$dbres = mysql_query("SELECT `login`,`IP`,`forwardedFor`,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `[logs]` WHERE (`IP` LIKE '$x' OR `forwardedFor` LIKE '$x') AND `area`='hqIP' $sort LIMIT $begin,30");
else if($_GET['f'] == "ip")
$dbres = mysql_query("SELECT `login`,`IP`,`forwardedFor`,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `[logs]` WHERE `IP` LIKE '$x' AND `area`='hqIP' $sort LIMIT $begin,30");
else if($_GET['f'] == "fIP")
$dbres = mysql_query("SELECT `login`,`IP`,`forwardedFor`,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `[logs]` WHERE `forwardedFor` LIKE '$x' AND `area`='hqIP' $sort LIMIT $begin,30");
else
$dbres = mysql_query("SELECT `login`,`IP`,`forwardedFor`,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `[logs]` WHERE `login` LIKE '$x' AND `area`='hqIP' $sort LIMIT $begin,30");
$total = mysql_num_rows($dbres);
$x = preg_replace('/%/','*',$x);
print "Aantal resultaten: <b>$total</b><br>\n";
print <<<ENDHTML
<tr><td width=15></td> <td width=100></td>
<td class="subTitle" style="letter-spacing: normal;"><a href="admin.php?p=search&f={$_GET['f']}&t=hqLogs&s=login&x=$x"><b>Login</b></a></td>
<td class="subTitle" style="letter-spacing: normal;" width=110><a href="admin.php?p=search&f={$_GET['f']}&t=hqLogs&s=ip&x=$x"><b>IP</b></a></td>
<td class="subTitle" style="letter-spacing: normal;" width=110><a href="admin.php?p=search&f={$_GET['f']}&t=hqLogs&s=fIP&x=$x"><b>Forwarded</b></a></td>
<td class="subTitle" style="letter-spacing: normal;" width=125><a href="admin.php?p=search&f={$_GET['f']}&t=hqLogs&s=online&x=$x"><b>Online:</b></a></td></tr>
ENDHTML;
for($j=$begin+1; $member = mysql_fetch_object($dbres); $j++) {
print <<<ENDHTML
<tr><td align="center" class="mainTxt" width=15>$j</td>
<td class="mainTxt" width=100><a href="javascript://" onClick="window.open('admin.php?p=reset&x={$member->login}','','width=400,height=105,toolbar=no,status=no')">[R]</a> <a href="javascript://" onClick="window.open('admin.php?p=del&x={$member->login}','','width=400,height=105,toolbar=no,status=no')">[D]</a> <a href="profile.php?x={$member->login}">[P]</a> <a href="admin.php?p=stats&f=login&x={$member->login}">[I]</a></td>
<td class="mainTxt"><a href="admin.php?p=search&t=hqLogs&f=login&x={$member->login}">{$member->login}</a></td>
<td class="mainTxt" width=110><a href="admin.php?p=search&t=hqLogs&f=bothIP&x={$member->IP}">{$member->IP}</a></td>
<td class="mainTxt" width=110><a href="admin.php?p=search&t=hqLogs&f=bothIP&x={$member->forwardedFor}">{$member->forwardedFor}</a></td>
<td class="mainTxt" width=125 align="right">{$member->time}</td></tr>
ENDHTML;
}
print "</table>\n\n<table width=100%>\n <tr><td class=\"mainTxt\" align=\"center\">";
if($total <= 30)
print "< 1 ></td></tr></table>\n";
else {
$x = preg_replace('/%/','*',$x);
if($begin/30 == 0)
print "<< ";
else
print "<a href=\"admin.php?p=search&f={$_GET['f']}&t=hqLogs&x=$x&b=". ($begin/30-1) ."\"><<</a> ";
for($i=0; $i<$total/30; $i++) {
print "<a href=\"admin.php?p=search&f={$_GET['f']}&t=hqLogs&x=$x&b=$i\">". ($i+1) ."</a> ";
}
if($begin+30 >= mysql_num_rows($dbres))
print ">> ";
else
print "<a href=\"admin.php?p=search&f={$_GET['f']}&t=hqLogs&x=$x&b=". ($begin/30+1) ."\">>></a>";
}
}
else {
print <<<ENDHTML
<tr><td class="subTitle"><b>Search - Users</b></td></tr>
<tr><td class="mainTxt" align="center">
<form method="get">
<input type="hidden" name="p" value="search">
<input type="hidden" name="t" value="users">
<table>
<tr><td valign="top">Search at:</td>
<td><input type="radio" name="f" value="login" class="normalRadio" checked> Username<br>
<input type="radio" name="f" value="ip" class="normalRadio"> IP</td></tr>
</table><br>
Use <b>*</b> as wildcard<br>
<input type="text" name="x"> <input type="submit" value="Search!" style="width: 75px;">
</form>
</td></tr>
<tr><td><br></td></tr>
<tr><td class="subTitle"><b>Search - HeadQuarter Logs</b></td></tr>
<tr><td class="mainTxt" align="center">
<form method="get">
<input type="hidden" name="p" value="search">
<input type="hidden" name="t" value="hqLogs">
<table>
<tr><td valign="top">Search at:</td>
<td><input type="radio" name="f" value="login" class="normalRadio" checked> Username<br>
<input type="radio" name="f" value="ip" class="normalRadio"> IP<br>
<input type="radio" name="f" value="fIP" class="normalRadio"> X-Forwarded-For<br>
<input type="radio" name="f" value="bothIP" class="normalRadio"> IP & X-Forwarded-For</td></tr>
</table><br>
Use <b>*</b> as wildcard<br>
<input type="text" name="x"> <input type="submit" value="Search!" style="width: 75px;">
</form>
</td></tr>
<tr><td><br></td></tr>
ENDHTML;
}
}
/* ------------------------- */ ?>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -