|
|
1 |
<?PHP
|
|
|
2 |
|
|
|
3 |
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permission to edit users"); }
|
|
|
4 |
// ********************************************************************************
|
|
|
5 |
// List All Available Users + Show Add User Form
|
|
|
6 |
// ********************************************************************************
|
|
|
7 |
if($action == "list")
|
|
|
8 |
{
|
|
|
9 |
echoheader("users","Manage Users");
|
|
|
10 |
|
|
|
11 |
echo'<script language="javascript">
|
|
|
12 |
<!-- begin
|
|
|
13 |
function popupedit(id){
|
|
|
14 |
window.open(\''.$PHP_SELF.'?mod=editusers&action=edituser&id=\'+id,\'User\',\'toolbar=0,location=0,status=0,menubar=0,scrollbars=0,resizable=0,width=360,height=210\');
|
|
|
15 |
}
|
|
|
16 |
function confirmdelete(id){
|
|
|
17 |
var agree=confirm("Are you sure you want to delete this user ?");
|
|
|
18 |
if (agree)
|
|
|
19 |
document.location="'.$PHP_SELF.'?mod=editusers&action=dodeleteuser&id="+id;
|
|
|
20 |
}
|
|
|
21 |
// end -->
|
|
|
22 |
</script>
|
|
|
23 |
<table border=0 cellpading=0 cellspacing=0 width=654>
|
|
|
24 |
<tr>
|
|
|
25 |
<td width=654 colspan="6">
|
|
|
26 |
<!-- Start add edit users table + info + help -->
|
|
|
27 |
<table border="0" width="657" cellspacing="0" cellpadding="0" height="81" >
|
|
|
28 |
<tr>
|
|
|
29 |
<td valign="bottom" width="311" valign="top" height="1">
|
|
|
30 |
|
|
|
31 |
<b>Add User</b>
|
|
|
32 |
|
|
|
33 |
</td>
|
|
|
34 |
<td width="5" valign="top" rowspan="3" height="81">
|
|
|
35 |
|
|
|
36 |
</td>
|
|
|
37 |
<td valign="bottom" width="330" height="1"><b>User Levels</b></td>
|
|
|
38 |
</tr>
|
|
|
39 |
|
|
|
40 |
<tr>
|
|
|
41 |
<td width="311" rowspan="2" valign="top" height="60" >
|
|
|
42 |
|
|
|
43 |
<!-- Add User Table -->
|
|
|
44 |
<table class="panel" cellspacing="0" cellpadding="0" width="100%">
|
|
|
45 |
<form method=post action="'.$PHP_SELF.'">
|
|
|
46 |
<tr>
|
|
|
47 |
<td > Username</td>
|
|
|
48 |
<td ><input size=21 type=text name=regusername></td>
|
|
|
49 |
</tr>
|
|
|
50 |
<tr>
|
|
|
51 |
<td > Password</td>
|
|
|
52 |
<td ><input size=21 type=text name=regpassword></td>
|
|
|
53 |
</tr>
|
|
|
54 |
<tr>
|
|
|
55 |
<td > Nickname</td>
|
|
|
56 |
<td ><input size=21 type=text name=regnickname></td>
|
|
|
57 |
</tr>
|
|
|
58 |
<tr>
|
|
|
59 |
<td > Email</td>
|
|
|
60 |
<td ><input size=21 type=text name=regemail></td>
|
|
|
61 |
</tr>
|
|
|
62 |
<tr>
|
|
|
63 |
<td > Access Level</td>
|
|
|
64 |
<td ><select name=reglevel>
|
|
|
65 |
<option value=4>4 (commenter)</option>
|
|
|
66 |
<option selected value=3>3 (journalist)</option>
|
|
|
67 |
<option value=2>2 (editor)</option>
|
|
|
68 |
<option value=1>1 (administrator)</option>
|
|
|
69 |
</select>
|
|
|
70 |
</td>
|
|
|
71 |
</tr>
|
|
|
72 |
<tr>
|
|
|
73 |
<td > </td>
|
|
|
74 |
<td height="35"><input type=submit value="Add User">
|
|
|
75 |
<input type=hidden name=action value=adduser>
|
|
|
76 |
<input type=hidden name=mod value=editusers>
|
|
|
77 |
</td>
|
|
|
78 |
</tr>
|
|
|
79 |
</form>
|
|
|
80 |
</table>
|
|
|
81 |
<!-- End Add User Table -->
|
|
|
82 |
|
|
|
83 |
</td>
|
|
|
84 |
<td width="330" height="1" valign="top" >
|
|
|
85 |
|
|
|
86 |
<!-- User Levels Table -->
|
|
|
87 |
<table class="panel" cellspacing="3" cellpadding="0" width="100%">
|
|
|
88 |
<tr>
|
|
|
89 |
<td valign="top"> Administrator : have full access and privilegies<br>
|
|
|
90 |
Editor : can add news and edit others posts<br>
|
|
|
91 |
Journalist : can only add news (must be approved)<br>
|
|
|
92 |
Commenter : only post comments</td>
|
|
|
93 |
</tr>
|
|
|
94 |
</table>
|
|
|
95 |
<!-- End User Levels Table -->
|
|
|
96 |
|
|
|
97 |
</td>
|
|
|
98 |
</tr>
|
|
|
99 |
<tr>
|
|
|
100 |
<td width="330" valign="top" align=center height="70"><br>
|
|
|
101 |
|
|
|
102 |
<!-- HELP -->
|
|
|
103 |
<table height="25" cellspacing="0" cellpadding="0">
|
|
|
104 |
<tr>
|
|
|
105 |
<td width="25" align=middle><img border="0" src="skins/images/help_small.gif" width="25" height="25"></td>
|
|
|
106 |
<td > <a onClick="javascript:Help(\'users\')" href="#">Understanding user levels</a> </td>
|
|
|
107 |
</tr>
|
|
|
108 |
</table>
|
|
|
109 |
<!-- END HELP -->
|
|
|
110 |
</td>
|
|
|
111 |
</tr>
|
|
|
112 |
</table>
|
|
|
113 |
<!-- END add edit users table + info + help -->
|
|
|
114 |
|
|
|
115 |
</tr>
|
|
|
116 |
<tr>
|
|
|
117 |
<td width=654 colspan="6">
|
|
|
118 |
</tr>
|
|
|
119 |
<tr>
|
|
|
120 |
<td width=650 colspan="6">
|
|
|
121 |
<img height=20 border=0 src="skins/images/blank.gif" width=1><br>
|
|
|
122 |
<b>Edit Users</b>
|
|
|
123 |
</tr>
|
|
|
124 |
|
|
|
125 |
<tr>
|
|
|
126 |
<td width=130 bgcolor="#F7F6F4">
|
|
|
127 |
<u>Username</u>
|
|
|
128 |
<td width=197 bgcolor="#F7F6F4">
|
|
|
129 |
<u>registration date</u>
|
|
|
130 |
<td width=2 bgcolor="#F7F6F4">
|
|
|
131 |
|
|
|
132 |
<td width=83 bgcolor="#F7F6F4">
|
|
|
133 |
<u>written news</u>
|
|
|
134 |
<td width=132 bgcolor="#F7F6F4">
|
|
|
135 |
<u>Access Level</u>
|
|
|
136 |
<td width=93 bgcolor="#F7F6F4">
|
|
|
137 |
<u>action</u>
|
|
|
138 |
</tr>';
|
|
|
139 |
|
|
|
140 |
$all_users = file("./data/users.db.php");
|
|
|
141 |
$i = 1;
|
|
|
142 |
foreach($all_users as $user_line)
|
|
|
143 |
{
|
|
|
144 |
$i++; $bg = "";
|
|
|
145 |
if($i%2 == 0){ $bg = "bgcolor=\"#f7f6f4\""; }
|
|
|
146 |
if(!eregi("<\?",$user_line)){
|
|
|
147 |
$user_arr = explode("|", $user_line);
|
|
|
148 |
|
|
|
149 |
if(isset($user_arr[9]) and $user_arr[9] != ''){ $last_login = date('r',$user_arr[9]); }
|
|
|
150 |
else{ $last_login = 'never'; }
|
|
|
151 |
|
|
|
152 |
switch($user_arr[1]){
|
|
|
153 |
case 1: $user_level = "administrator"; break;
|
|
|
154 |
case 2: $user_level = "editor"; break;
|
|
|
155 |
case 3: $user_level = "journalist"; break;
|
|
|
156 |
case 4: $user_level = "commenter"; break;
|
|
|
157 |
}
|
|
|
158 |
echo"<tr $bg title='$user_arr[2]'s last login was on: $last_login'>
|
|
|
159 |
<td width=143>
|
|
|
160 |
$user_arr[2]
|
|
|
161 |
<td width=197>";
|
|
|
162 |
echo( date("F, d Y @ H:i a",$user_arr[0]) );
|
|
|
163 |
echo"<td width=2>
|
|
|
164 |
<td width=83 >
|
|
|
165 |
$user_arr[6]
|
|
|
166 |
<td width=122>
|
|
|
167 |
$user_level
|
|
|
168 |
<td width=80 title=''>
|
|
|
169 |
<a onClick=\"javascript:popupedit('$user_arr[0]'); return(false)\" href=#>[edit]</a> <a onClick=\"javascript:confirmdelete('$user_arr[0]'); return(false)\" href=\"$PHP_SELF?mod=editusers&action=dodeleteuser&id=$user_arr[0]\">[delete]</a>
|
|
|
170 |
</tr>";
|
|
|
171 |
}
|
|
|
172 |
}
|
|
|
173 |
|
|
|
174 |
echo"</table>";
|
|
|
175 |
|
|
|
176 |
echofooter();
|
|
|
177 |
}
|
|
|
178 |
// ********************************************************************************
|
|
|
179 |
// Add User
|
|
|
180 |
// ********************************************************************************
|
|
|
181 |
elseif($action == "adduser")
|
|
|
182 |
{
|
|
|
183 |
if(!$regusername){ msg("error","Error !!!", "Username can not be blank", "javascript:history.go(-1)"); }
|
|
|
184 |
if(!$regpassword){ msg("error","Error !!!", "Password can not be blank", "javascript:history.go(-1)"); }
|
|
|
185 |
|
|
|
186 |
$all_users = file("./data/users.db.php");
|
|
|
187 |
foreach($all_users as $user_line)
|
|
|
188 |
{
|
|
|
189 |
$user_arr = explode("|", $user_line);
|
|
|
190 |
if($user_arr[2] == $regusername){ msg("error", "Error !!!", "Sory but user with this username already exist", "javascript:history.go(-1)"); }
|
|
|
191 |
}
|
|
|
192 |
|
|
|
193 |
$add_time = time()+($config_date_adjust*60);
|
|
|
194 |
$regpassword = md5($regpassword);
|
|
|
195 |
|
|
|
196 |
$old_users_file = file("./data/users.db.php");
|
|
|
197 |
$new_users_file = fopen("./data/users.db.php", "a");
|
|
|
198 |
|
|
|
199 |
fwrite($new_users_file, "$add_time|$reglevel|$regusername|$regpassword|$regnickname|$regemail|0|0||||\n");
|
|
|
200 |
|
|
|
201 |
fclose($new_users_file);
|
|
|
202 |
|
|
|
203 |
switch($reglevel){
|
|
|
204 |
case "1": $level = "administrator"; break;
|
|
|
205 |
case "2": $level = "editor"; break;
|
|
|
206 |
case "3": $level = "journalist"; break;
|
|
|
207 |
case "4": $level = "commenter"; break;
|
|
|
208 |
}
|
|
|
209 |
msg("info","User Added","The user <b>$regusername</b> was successfully added as <b>$level</b>", "$PHP_SELF?mod=editusers&action=list");
|
|
|
210 |
}
|
|
|
211 |
// ********************************************************************************
|
|
|
212 |
// Edit User Details
|
|
|
213 |
// ********************************************************************************
|
|
|
214 |
elseif($action == "edituser")
|
|
|
215 |
{
|
|
|
216 |
|
|
|
217 |
$users_file = file("./data/users.db.php");
|
|
|
218 |
foreach($users_file as $user_line){
|
|
|
219 |
$user_arr = explode("|", $user_line);
|
|
|
220 |
if($id == $user_arr[0]){
|
|
|
221 |
break;
|