|
|
1 |
<?PHP
|
|
|
2 |
|
|
|
3 |
if($member_db[1] == 4 and ($action != 'personal' and $action != 'options')){ msg('error', 'Error!', 'Access Denied for your user-level (commenter)'); }
|
|
|
4 |
// ********************************************************************************
|
|
|
5 |
// Options Menu
|
|
|
6 |
// ********************************************************************************
|
|
|
7 |
if($action == "options" or $action == '')
|
|
|
8 |
{
|
|
|
9 |
echoheader("options","Options");
|
|
|
10 |
|
|
|
11 |
//----------------------------------
|
|
|
12 |
// Predefine Options
|
|
|
13 |
//----------------------------------
|
|
|
14 |
|
|
|
15 |
// access means the lower level of user allowed; 1:admin, 2:editor+admin, 3:editor+admin+journalist, 4:all
|
|
|
16 |
$options = array(
|
|
|
17 |
array(
|
|
|
18 |
'name' => "Personal Options",
|
|
|
19 |
'url' => "$PHP_SELF?mod=options&action=personal",
|
|
|
20 |
'access' => "4",
|
|
|
21 |
),
|
|
|
22 |
|
|
|
23 |
array(
|
|
|
24 |
'name' => "Block IP's from posting comments",
|
|
|
25 |
'url' => "$PHP_SELF?mod=ipban",
|
|
|
26 |
'access' => "1",
|
|
|
27 |
),
|
|
|
28 |
|
|
|
29 |
|
|
|
30 |
array(
|
|
|
31 |
'name' => "System Configurations",
|
|
|
32 |
'url' => "$PHP_SELF?mod=options&action=syscon&rand=".time(),
|
|
|
33 |
'access' => "1",
|
|
|
34 |
),
|
|
|
35 |
|
|
|
36 |
|
|
|
37 |
array(
|
|
|
38 |
'name' => "Integration Wizards (News and RSS)",
|
|
|
39 |
'url' => "$PHP_SELF?mod=wizards",
|
|
|
40 |
'access' => "1",
|
|
|
41 |
),
|
|
|
42 |
|
|
|
43 |
array(
|
|
|
44 |
'name' => "Edit Templates",
|
|
|
45 |
'url' => "$PHP_SELF?mod=options&action=templates",
|
|
|
46 |
'access' => "1",
|
|
|
47 |
),
|
|
|
48 |
|
|
|
49 |
array(
|
|
|
50 |
'name' => "Add/Edit Users",
|
|
|
51 |
'url' => "$PHP_SELF?mod=editusers&action=list",
|
|
|
52 |
'access' => "1",
|
|
|
53 |
),
|
|
|
54 |
|
|
|
55 |
array(
|
|
|
56 |
'name' => "Archives Manager",
|
|
|
57 |
'url' => "$PHP_SELF?mod=tools&action=archive",
|
|
|
58 |
'access' => "1",
|
|
|
59 |
),
|
|
|
60 |
|
|
|
61 |
array(
|
|
|
62 |
'name' => "Manage Uploaded Images",
|
|
|
63 |
'url' => "$PHP_SELF?mod=images",
|
|
|
64 |
'access' => "1",
|
|
|
65 |
),
|
|
|
66 |
|
|
|
67 |
array(
|
|
|
68 |
'name' => "Backup Tool",
|
|
|
69 |
'url' => "$PHP_SELF?mod=tools&action=backup",
|
|
|
70 |
'access' => "1",
|
|
|
71 |
),
|
|
|
72 |
|
|
|
73 |
array(
|
|
|
74 |
'name' => "Edit Categories",
|
|
|
75 |
'url' => "$PHP_SELF?mod=categories",
|
|
|
76 |
'access' => "1",
|
|
|
77 |
),
|
|
|
78 |
|
|
|
79 |
|
|
|
80 |
|
|
|
81 |
);
|
|
|
82 |
|
|
|
83 |
|
|
|
84 |
//------------------------------------------------
|
|
|
85 |
// Cut the options for wich we don't have access
|
|
|
86 |
//------------------------------------------------
|
|
|
87 |
$count_options = count($options);
|
|
|
88 |
for($i=0; $i<$count_options; $i++){
|
|
|
89 |
if($member_db[1] > $options[$i]['access']){
|
|
|
90 |
unset($options[$i]);
|
|
|
91 |
}
|
|
|
92 |
}
|
|
|
93 |
echo'<table border="0" width="100%"><tr>';
|
|
|
94 |
$i = 0;
|
|
|
95 |
foreach($options as $option){
|
|
|
96 |
if($i%2 == 0){ echo"</tr>\n<tr>\n<td width='47%'> <a href='".$option['url']."'><b>".$option['name']."</b></a></td>\n"; }
|
|
|
97 |
else{ echo"\n<td width='53%'><a href='".$option['url']."'><b>".$option['name']."</b></a></td>\n"; }
|
|
|
98 |
$i++;
|
|
|
99 |
}
|
|
|
100 |
|
|
|
101 |
echo'</tr></table>';
|
|
|
102 |
echofooter();
|
|
|
103 |
}
|
|
|
104 |
// ********************************************************************************
|
|
|
105 |
// Show Personal Options
|
|
|
106 |
// ********************************************************************************
|
|
|
107 |
elseif($action == "personal")
|
|
|
108 |
{
|
|
|
109 |
echoheader("user","Personal Options");
|
|
|
110 |
|
|
|
111 |
$registrationdate = date("D, d F Y",$member_db[0]); //registration date
|
|
|
112 |
if($member_db[7] == 1){ $ifchecked = "Checked"; } //if user wants to hide his e-mail
|
|
|
113 |
|
|
|
114 |
foreach($member_db as $key=>$value){
|
|
|
115 |
$member_db[$key] = stripslashes(preg_replace(array("'\"'", "'\''"), array(""", "'"),$member_db[$key]));
|
|
|
116 |
}
|
|
|
117 |
|
|
|
118 |
echo"
|
|
|
119 |
<table border=0 height=1 width=617 cellspacing=\"0\" cellpadding=\"0\">
|
|
|
120 |
<form method=POST action=\"$PHP_SELF\" name=personal>
|
|
|
121 |
<td height=\"21\" width=\"99\" bgcolor=#F7F6F4 >
|
|
|
122 |
Username
|
|
|
123 |
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>
|
|
|
124 |
$member_db[2]
|
|
|
125 |
<tr>
|
|
|
126 |
<td height=\"21\" width=\"200\">
|
|
|
127 |
New Password
|
|
|
128 |
<td height=\"21\" width=\"400\" colspan=2>
|
|
|
129 |
<input name=editpassword > Only if you want to change the current
|
|
|
130 |
</tr>
|
|
|
131 |
|
|
|
132 |
<tr>
|
|
|
133 |
<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>
|
|
|
134 |
Nickname
|
|
|
135 |
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>
|
|
|
136 |
<input type=text name=editnickname value=\"$member_db[4]\">
|
|
|
137 |
</tr>
|
|
|
138 |
|
|
|
139 |
<tr>
|
|
|
140 |
<td height=\"21\" width=\"200\" >
|
|
|
141 |
Email
|
|
|
142 |
<td height=\"21\" width=\"400\" colspan=2>
|
|
|
143 |
<input type=text name=editmail value=\"$member_db[5]\"> <input type=checkbox name=edithidemail $ifchecked> Hide my e-mail from visitors
|
|
|
144 |
</tr>";
|
|
|
145 |
|
|
|
146 |
if($member_db[1] != 4){echo"<tr>
|
|
|
147 |
<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>
|
|
|
148 |
Default Avatar URL
|
|
|
149 |
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 >
|
|
|
150 |
<input type=text name=change_avatar value=\"$member_db[8]\"> will appear on 'Add News' page
|
|
|
151 |
</tr>"; }else{ $bg = "bgcolor=#F7F6F4"; }
|
|
|
152 |
|
|
|
153 |
echo"<tr>
|
|
|
154 |
<td height=\"21\" width=\"200\" $bg>
|
|
|
155 |
Access Level
|
|
|
156 |
<td height=\"21\" width=\"400\" $bg colspan=2>";
|
|
|
157 |
|
|
|
158 |
if ($member_db[1] == 4){ echo "commenter"; }
|
|
|
159 |
elseif ($member_db[1] == 3){ echo "journalist"; }
|
|
|
160 |
elseif ($member_db[1] == 2){ echo "editor"; }
|
|
|
161 |
elseif ($member_db[1] == 1){ echo "administrator"; }
|
|
|
162 |
|
|
|
163 |
if($member_db[1] != 4){ echo"</tr>
|
|
|
164 |
<tr>
|
|
|
165 |
<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>
|
|
|
166 |
written news
|
|
|
167 |
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>
|
|
|
168 |
$member_db[6]
|
|
|
169 |
</tr>"; }
|
|
|
170 |
|
|
|
171 |
echo"<tr>
|
|
|
172 |
<td height=\"21\" width=\"200\" >
|
|
|
173 |
registration date
|
|
|
174 |
<td height=\"21\" width=\"400\" colspan=2>
|
|
|
175 |
$registrationdate
|
|
|
176 |
</tr>
|
|
|
177 |
<tr>
|
|
|
178 |
<td height=\"1\" width=\"611\" colspan=\"2\" colspan=3>
|
|
|
179 |
<br /><input type=submit value=\"Save Changes\" accesskey=\"s\">
|
|
|
180 |
</tr>
|
|
|
181 |
<input type=hidden name=mod value=options><input type=hidden name=action value=dosavepersonal>
|
|
|
182 |
</form>
|
|
|
183 |
</table>";
|
|
|
184 |
|
|
|
185 |
echofooter();
|
|
|
186 |
}
|
|
|
187 |
// ********************************************************************************
|
|
|
188 |
// Save Personal Options
|
|
|
189 |
// ********************************************************************************
|
|
|
190 |
elseif($action == "dosavepersonal")
|
|
|
191 |
{
|
|
|
192 |
|
|
|
193 |
if($editpassword != "" and ($oldpassword == "" or !$oldpassword)){
|
|
|
194 |
msg("info", "Old Password Verification", "<form method=POST action=\"$PHP_SELF\"> You have requested to change your password.<br>In order to complete this action you must enter your old password: <input type=text name=oldpassword> <input type=submit value='Submit'><input type=hidden name=mod value=options><input type=hidden name=action value=dosavepersonal><input type=hidden name=editpassword value='$editpassword'><input type=hidden name=editnickname value='$editnickname'><input type=hidden name=editmail value='$editmail'><input type=hidden name=edithidemail value='$edithidemail'><input type=hidden name=change_avatar value='$change_avatar'></form>");
|
|
|
195 |
}elseif($editpassword != "" and (md5($oldpassword) != $member_db[3])){
|
|
|
196 |
msg("error","Error!","You did not enter correctly your old password.");
|
|
|
197 |
}
|
|
|
198 |
|
|
|
199 |
|
|
|
200 |
|
|
|
201 |
|
|
|
202 |
$editnickname = replace_comment("add",$editnickname);
|
|
|
203 |
$editmail = replace_comment("add",$editmail);
|
|
|
204 |
$edithidemail = replace_comment("add",$edithidemail);
|
|
|
205 |
$change_avatar = replace_comment("add",$change_avatar);
|
|
|
206 |
|
|
|
207 |
if($editpassword != "" and !preg_match("/^[\.A-z0-9_\-]{1,15}$/i", $editpassword)){ msg("error","Error !!!", "Your password must conatain only valid characters and numbers"); }
|
|
|
208 |
|
|
|
209 |
if($edithidemail){ $edithidemail = 1;}else{ $edithidemail = 0; }
|
|
|
210 |
|
|
|
211 |
$avatars = preg_replace(array("'\|'","'\n'","' '"), array("","","_"), $avatars);
|
|
|
212 |
|
|
|
213 |
$old_user_db = file("./data/users.db.php");
|
|
|
214 |
$new_user_db = fopen("./data/user |