home *** CD-ROM | disk | FTP | other *** search
Wrap
<?PHP ###################################################################### # PHP-NUKE: Web Portal System # =========================== # # Copyright (c) 2000 by Francisco Burzi (fburzi@ncc.org.ve) # http://phpnuke.org # # This modules is the main administration part # # This program is free software. You can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License. ###################################################################### if (!eregi("admin.php", $PHP_SELF)) { die ("Access Denied"); } $hlpfile = "manual/users.html"; $result = mysql_query("select radminuser, radminsuper from authors where aid='$aid'"); list($radminuser, $radminsuper) = mysql_fetch_row($result); if (($radminuser==1) OR ($radminsuper==1)) { /*********************************************************/ /* Users Functions */ /*********************************************************/ function displayUsers() { global $hlpfile, $admin; include("header.php"); GraphicAdmin($hlpfile); OpenTable(); echo " <font size=4><b><center>".translate("Edit Users")."<br><br></b></font></center>"; echo "<form method=post action=\"admin.php\">"; echo "<b>".translate("Handle/UserID").": </b> <input class=textbox type=text name=\"chng_uid\" size=10>\n"; echo "<select class=textbox name=\"op\">"; echo "<option value=\"modifyUser\">".translate("Modify User")."</option>\n"; echo "<option value=\"delUser\">".translate("Delete User")."</option></select>\n"; echo "<input type=\"submit\" value=\"".translate("Go!")."\"></form>"; ?> <form action="admin.php" method="post"> <table cols=2 border=0 width=100%> <tr><td width=100><?php echo ""; ?><?php echo translate("Handle");?>*</td> <td><?php echo ""; ?> <input class=textbox type="text" name="add_uname" size=30 maxlength=25></td></tr> <tr><td><?php echo ""; ?><?php echo translate("Name");?></td> <td><?php echo ""; ?><input class=textbox type="text" name="add_name" size=30 maxlength=50></td></tr> <tr><td><?php echo ""; ?><?php echo translate("Email");?>*</td> <td><?php echo ""; ?> <input class=textbox type="text" name="add_email" size=30 maxlength=60></td></tr> <tr><td><?php echo ""; ?><?php echo translate("Fake Email");?></td> <td><?php echo ""; ?> <input class=textbox type="text" name="add_femail" size=30 maxlength=60></td></tr> <tr><td><?php echo ""; ?><?php echo translate("URL");?></td> <td><?php echo ""; ?> <input class=textbox type="text" name="add_url" size=30 maxlength=60></td></tr> <tr><td><?php echo ""; ?><?php echo translate("Password");?>*</td> <td><?php echo ""; ?> <input class=textbox type="text" name="add_pass" size=12 maxlength=12></td></tr> <input type="hidden" name="op" value="addUser"> <tr><td colspan=2><?php echo ""; ?><input type=submit value="<?php echo translate("Add User");?>"></form></td></tr> </table> <?php echo "<center><font color=Red> ".translate("* indicates compulsory fields")." "; ?></font> </td></tr></table></td></tr></table> <?php include("footer.php"); } function modifyUser($chng_user) { include("header.php"); GraphicAdmin($hlpfile); $result = mysql_query("select uid, uname, name, url, email, femail, pass from users where uid='$chng_user' or uname='$chng_user'"); if(mysql_num_rows($result) > 0) { while(list($chng_uid, $chng_uname, $chng_name, $chng_url, $chng_email, $chng_femail, $chng_pass) = mysql_fetch_row($result)) { echo " <b><center> ".translate("Update User").": $chng_uname <br><br></b></center>"; OpenTable(); ?> <form action="admin.php" method="get"> <table border=0> <tr><td><?php echo ""; ?><?php echo translate("User ID");?></td> <td><?php echo ""; ?><?php echo $chng_uid ?></td></tr> <tr><td><?php echo ""; ?><?php echo translate("Handle");?>*</td> <td><?php echo ""; ?><input class=textbox type="text" name="chng_uname" value="<?php echo $chng_uname ?>"></td></tr> <tr><td width=100><?php echo ""; ?><?php echo translate("Name");?></td> <td><?php echo ""; ?><input class=textbox type="text" name="chng_name" value="<?php echo $chng_name ?>"></td></tr> <tr><td><?php echo ""; ?><?php echo translate("URL");?></td> <td><?php echo ""; ?> <input class=textbox type="text" name="chng_url" value="<?php echo $chng_url ?>" size=30 maxlength=60></td></tr> <tr><td><?php echo ""; ?><?php echo translate("Email");?>*</td> <td><?php echo ""; ?> <input class=textbox type="text" name="chng_email" value="<?php echo $chng_email ?>" size=30 maxlength=60></td></tr> <tr><td><?php echo ""; ?><?php echo translate("Fake Email");?></td> <td><?php echo ""; ?> <input class=textbox type="text" name="chng_femail" value="<?php echo $chng_femail ?>" size=30 maxlength=60></td></tr> <tr><td><?php echo ""; ?><?php echo translate("Password")?></td> <td><?php echo ""; ?> <input class=textbox type="password" name="chng_pass" size=12 maxlength=12></td></tr> <tr><td><?php echo ""; ?><?php echo translate("Retype Password");?></td> <td><?php echo ""; ?> <input class=textbox type="password" name="chng_pass2" size=12 maxlength=12> <?php echo translate("(for changes only)");?></td></tr> <input type="hidden" name="chng_uid" value="<?php echo $chng_uid; ?>"> <input type="hidden" name="op" value="updateUser"> <tr><td colspan=2><?php echo ""; ?><input type="submit" value="<?php echo translate("Update User");?>"></form></td></tr> </table> <?php } echo "<center><font color=Red>".translate("* indicates compulsory fields")."</font>"; echo "</td></tr></table></td></tr></table>"; } else { echo "<center>"; echo translate("User doesn't exist!"); echo "</center>"; } include("footer.php"); } function updateUser($chng_uid, $chng_uname, $chng_name, $chng_url, $chng_email, $chng_femail, $chng_pass, $chng_pass2) { global $system; $tmp = 0; if ($chng_pass2 != "") { if($chng_pass != $chng_pass2) { $titlebar = "<b>".translate("bad pass")."</b>"; include("header.php"); GraphicAdmin($hlpfile); echo " <center>".translate("Sorry, the new passwords do not match. Click back and try again")."</center>"; include("footer.php"); exit; } $tmp = 1; } if ($tmp == 0) { mysql_query("update users set uname='$chng_uname', name='$chng_name', email='$chng_email', femail='$chng_femail', url='$chng_url' where uid='$chng_uid'"); } if ($tmp == 1) { if (!$system) { $cpass = crypt($chng_pass); } else { $cpass = $chng_pass; } mysql_query("update users set uname='$chng_uname', name='$chng_name', email='$chng_email', femail='$chng_femail', url='$chng_url', pass='$cpass' where uid='$chng_uid'"); } header("Location: admin.php?op=adminMain"); } switch($op) { case "mod_users": displayUsers(); break; case "modifyUser": modifyUser($chng_uid); break; case "updateUser": updateUser($chng_uid, $chng_uname, $chng_name, $chng_url, $chng_email, $chng_femail, $chng_pass, $chng_pass2); break; case "delUser": include("header.php"); $titlebar = "<h3>".translate("Delete User")."</h3>"; echo $titlebar; echo translate("Are you sure you want to delete") . " " . translate("user") . " $chng_uid? "; echo "[ <a href=\"admin.php?op=delUserConf&del_uid=$chng_uid\">".translate("Yes")."</a> | <a href=\"admin.php?op=adminMain\">".translate("No")."</a> ]"; include("footer.php"); break; case "delUserConf": mysql_query("delete from users where uid='$del_uid' or uname='$del_uid'"); Header("Location: admin.php?op=adminMain"); echo mysql_error(); break; case "addUser": if ($system==1) { } else { $add_pass = crypt($add_pass); } if (!($add_uname && $add_email && $add_pass)) { echo translate("You must complete all compulsory fields"); return; } $sql = "insert into users "; $sql .= "(uid,name,uname,email,femail,url,pass) "; $sql .= "values (NULL,'$add_name','$add_uname','$add_email','$add_femail','$add_url','$add_pass')"; $result = mysql_query($sql); if (!$result) { echo mysql_errno(). ": ".mysql_error(). "<br>"; return; } Header("Location: admin.php?op=adminMain"); break; } } else { echo "Access Denied"; } ?>