<?PHP
|
<?PHP
|
|
|
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permission to edit users"); }
|
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permission to edit users"); }
|
// ********************************************************************************
|
// ********************************************************************************
|
// List All Available Users + Show Add User Form
|
// List All Available Users + Show Add User Form
|
// ********************************************************************************
|
// ********************************************************************************
|
if($action == "list")
|
if($action == "list")
|
{
|
{
|
echoheader("users","Manage Users");
|
echoheader("users","Manage Users");
|
|
|
echo'<script language="javascript">
|
echo'<script language="javascript">
|
<!-- begin
|
<!-- begin
|
function popupedit(id){
|
function popupedit(id){
|
window.open(\''.$PHP_SELF.'?mod=editusers&action=edituser&id=\'+id,\'User\',\'toolbar=0,location=0,status=0,menubar=0,scrollbars=0,resizable=0,width=360,height=210\');
|
window.open(\''.$PHP_SELF.'?mod=editusers&action=edituser&id=\'+id,\'User\',\'toolbar=0,location=0,status=0,menubar=0,scrollbars=0,resizable=0,width=360,height=210\');
|
}
|
}
|
function confirmdelete(id){
|
function confirmdelete(id){
|
var agree=confirm("Are you sure you want to delete this user ?");
|
var agree=confirm("Are you sure you want to delete this user ?");
|
if (agree)
|
if (agree)
|
document.location="'.$PHP_SELF.'?mod=editusers&action=dodeleteuser&id="+id;
|
document.location="'.$PHP_SELF.'?mod=editusers&action=dodeleteuser&id="+id;
|
}
|
}
|
// end -->
|
// end -->
|
</script>
|
</script>
|
<table border=0 cellpading=0 cellspacing=0 width=654>
|
<table border=0 cellpading=0 cellspacing=0 width=654>
|
<tr>
|
<tr>
|
<td width=654 colspan="6">
|
<td width=654 colspan="6">
|
<!-- Start add edit users table + info + help -->
|
<!-- Start add edit users table + info + help -->
|
<table border="0" width="657" cellspacing="0" cellpadding="0" height="81" >
|
<table border="0" width="657" cellspacing="0" cellpadding="0" height="81" >
|
<tr>
|
<tr>
|
<td valign="bottom" width="311" valign="top" height="1">
|
<td valign="bottom" width="311" valign="top" height="1">
|
|
|
<b>Add User</b>
|
<b>Add User</b>
|
|
|
</td>
|
</td>
|
<td width="5" valign="top" rowspan="3" height="81">
|
<td width="5" valign="top" rowspan="3" height="81">
|
|
|
</td>
|
</td>
|
<td valign="bottom" width="330" height="1"><b>User Levels</b></td>
|
<td valign="bottom" width="330" height="1"><b>User Levels</b></td>
|
</tr>
|
</tr>
|
|
|
<tr>
|
<tr>
|
<td width="311" rowspan="2" valign="top" height="60" >
|
<td width="311" rowspan="2" valign="top" height="60" >
|
|
|
<!-- Add User Table -->
|
<!-- Add User Table -->
|
<table class="panel" cellspacing="0" cellpadding="0" width="100%">
|
<table class="panel" cellspacing="0" cellpadding="0" width="100%">
|
<form method=post action="'.$PHP_SELF.'">
|
<form method=post action="'.$PHP_SELF.'">
|
<tr>
|
<tr>
|
<td > Username</td>
|
<td > Username</td>
|
<td ><input size=21 type=text name=regusername></td>
|
<td ><input size=21 type=text name=regusername></td>
|
</tr>
|
</tr>
|
<tr>
|
<tr>
|
<td > Password</td>
|
<td > Password</td>
|
<td ><input size=21 type=text name=regpassword></td>
|
<td ><input size=21 type=text name=regpassword></td>
|
</tr>
|
</tr>
|
<tr>
|
<tr>
|
<td > Nickname</td>
|
<td > Nickname</td>
|
<td ><input size=21 type=text name=regnickname></td>
|
<td ><input size=21 type=text name=regnickname></td>
|
</tr>
|
</tr>
|
<tr>
|
<tr>
|
<td > Email</td>
|
<td > Email</td>
|
<td ><input size=21 type=text name=regemail></td>
|
<td ><input size=21 type=text name=regemail></td>
|
</tr>
|
</tr>
|
<tr>
|
<tr>
|
<td > Access Level</td>
|
<td > Access Level</td>
|
<td ><select name=reglevel>
|
<td ><select name=reglevel>
|
<option value=4>4 (commenter)</option>
|
<option value=4>4 (commenter)</option>
|
<option selected value=3>3 (journalist)</option>
|
<option selected value=3>3 (journalist)</option>
|
<option value=2>2 (editor)</option>
|
<option value=2>2 (editor)</option>
|
<option value=1>1 (administrator)</option>
|
<option value=1>1 (administrator)</option>
|
</select>
|
</select>
|
</td>
|
</td>
|
</tr>
|
</tr>
|
<tr>
|
<tr>
|
<td > </td>
|
<td > </td>
|
<td height="35"><input type=submit value="Add User">
|
<td height="35"><input type=submit value="Add User">
|
<input type=hidden name=action value=adduser>
|
<input type=hidden name=action value=adduser>
|
<input type=hidden name=mod value=editusers>
|
<input type=hidden name=mod value=editusers>
|
</td>
|
</td>
|
</tr>
|
</tr>
|
</form>
|
</form>
|
</table>
|
</table>
|
<!-- End Add User Table -->
|
<!-- End Add User Table -->
|
|
|
</td>
|
</td>
|
<td width="330" height="1" valign="top" >
|
<td width="330" height="1" valign="top" >
|
|
|
<!-- User Levels Table -->
|
<!-- User Levels Table -->
|
<table class="panel" cellspacing="3" cellpadding="0" width="100%">
|
<table class="panel" cellspacing="3" cellpadding="0" width="100%">
|
<tr>
|
<tr>
|
<td valign="top"> Administrator : have full access and privilegies<br>
|
<td valign="top"> Administrator : have full access and privilegies<br>
|
Editor : can add news and edit others posts<br>
|
Editor : can add news and edit others posts<br>
|
Journalist : can only add news (must be approved)<br>
|
Journalist : can only add news (must be approved)<br>
|
Commenter : only post comments</td>
|
Commenter : only post comments</td>
|
</tr>
|
</tr>
|
</table>
|
</table>
|
<!-- End User Levels Table -->
|
<!-- End User Levels Table -->
|
|
|
</td>
|
</td>
|
</tr>
|
</tr>
|
<tr>
|
<tr>
|
<td width="330" valign="top" align=center height="70"><br>
|
<td width="330" valign="top" align=center height="70"><br>
|
|
|
<!-- HELP -->
|
<!-- HELP -->
|
<table height="25" cellspacing="0" cellpadding="0">
|
<table height="25" cellspacing="0" cellpadding="0">
|
<tr>
|
<tr>
|
<td width="25" align=middle><img border="0" src="skins/images/help_small.gif" width="25" height="25"></td>
|
<td width="25" align=middle><img border="0" src="skins/images/help_small.gif" width="25" height="25"></td>
|
<td > <a onClick="javascript:Help(\'users\')" href="#">Understanding user levels</a> </td>
|
<td > <a onClick="javascript:Help(\'users\')" href="#">Understanding user levels</a> </td>
|
</tr>
|
</tr>
|
</table>
|
</table>
|
<!-- END HELP -->
|
<!-- END HELP -->
|
</td>
|
</td>
|
</tr>
|
</tr>
|
</table>
|
</table>
|
<!-- END add edit users table + info + help -->
|
<!-- END add edit users table + info + help -->
|
|
|
</tr>
|
</tr>
|
<tr>
|
<tr>
|
<td width=654 colspan="6">
|
<td width=654 colspan="6">
|
</tr>
|
</tr>
|
<tr>
|
<tr>
|
<td width=650 colspan="6">
|
<td width=650 colspan="6">
|
<img height=20 border=0 src="skins/images/blank.gif" width=1><br>
|
<img height=20 border=0 src="skins/images/blank.gif" width=1><br>
|
<b>Edit Users</b>
|
<b>Edit Users</b>
|
</tr>
|
</tr>
|
|
|
<tr>
|
<tr>
|
<td width=130 bgcolor="#F7F6F4">
|
<td width=130 bgcolor="#F7F6F4">
|
<u>Username</u>
|
<u>Username</u>
|
<td width=197 bgcolor="#F7F6F4">
|
<td width=197 bgcolor="#F7F6F4">
|
<u>registration date</u>
|
<u>registration date</u>
|
<td width=2 bgcolor="#F7F6F4">
|
<td width=2 bgcolor="#F7F6F4">
|
|
|
<td width=83 bgcolor="#F7F6F4">
|
<td width=83 bgcolor="#F7F6F4">
|
<u>written news</u>
|
<u>written news</u>
|
<td width=132 bgcolor="#F7F6F4">
|
<td width=132 bgcolor="#F7F6F4">
|
<u>Access Level</u>
|
<u>Access Level</u>
|
<td width=93 bgcolor="#F7F6F4">
|
<td width=93 bgcolor="#F7F6F4">
|
<u>action</u>
|
<u>action</u>
|
</tr>';
|
</tr>';
|
|
|
$all_users = file("./data/users.db.php");
|
$all_users = file("./data/users.db.php");
|
$i = 1;
|
$i = 1;
|
foreach($all_users as $user_line)
|
foreach($all_users as $user_line)
|
{
|
{
|
$i++; $bg = "";
|
$i++; $bg = "";
|
if($i%2 == 0){ $bg = "bgcolor=\"#f7f6f4\""; }
|
if($i%2 == 0){ $bg = "bgcolor=\"#f7f6f4\""; }
|
if(!eregi("<\?",$user_line)){
|
if(!eregi("<\?",$user_line)){
|
$user_arr = explode("|", $user_line);
|
$user_arr = explode("|", $user_line);
|
|
|
if(isset($user_arr[9]) and $user_arr[9] != ''){ $last_login = date('r',$user_arr[9]); }
|
if(isset($user_arr[9]) and $user_arr[9] != ''){ $last_login = date('r',$user_arr[9]); }
|
else{ $last_login = 'never'; }
|
else{ $last_login = 'never'; }
|
|
|
switch($user_arr[1]){
|
switch($user_arr[1]){
|
case 1: $user_level = "administrator"; break;
|
case 1: $user_level = "administrator"; break;
|
case 2: $user_level = "editor"; break;
|
case 2: $user_level = "editor"; break;
|
case 3: $user_level = "journalist"; break;
|
case 3: $user_level = "journalist"; break;
|
case 4: $user_level = "commenter"; break;
|
case 4: $user_level = "commenter"; break;
|
}
|
}
|
echo"<tr $bg title='$user_arr[2]'s last login was on: $last_login'>
|
echo"<tr $bg title='$user_arr[2]'s last login was on: $last_login'>
|
<td width=143>
|
<td width=143>
|
$user_arr[2]
|
$user_arr[2]
|
<td width=197>";
|
<td width=197>";
|
echo( date("F, d Y @ H:i a",$user_arr[0]) );
|
echo( date("F, d Y @ H:i a",$user_arr[0]) );
|
echo"<td width=2>
|
echo"<td width=2>
|
<td width=83 >
|
<td width=83 >
|
$user_arr[6]
|
$user_arr[6]
|
<td width=122>
|
<td width=122>
|
$user_level
|
$user_level
|
<td width=80 title=''>
|
<td width=80 title=''>
|
<a onClick=\"javascript:popupedit('$user_arr[0]'); return(false)\" href=#>[edit]</a> <a onClick=\"javascript:confirmdelete('$user_arr[0]'); return(false)\" href=\"$PHP_SELF?mod=editusers&action=dodeleteuser&id=$user_arr[0]\">[delete]</a>
|
<a onClick=\"javascript:popupedit('$user_arr[0]'); return(false)\" href=#>[edit]</a> <a onClick=\"javascript:confirmdelete('$user_arr[0]'); return(false)\" href=\"$PHP_SELF?mod=editusers&action=dodeleteuser&id=$user_arr[0]\">[delete]</a>
|
</tr>";
|
</tr>";
|
}
|
}
|
}
|
}
|
|
|
echo"</table>";
|
echo"</table>";
|
|
|
echofooter();
|
echofooter();
|
}
|
}
|
// ********************************************************************************
|
// ********************************************************************************
|
// Add User
|
// Add User
|
// ********************************************************************************
|
// ********************************************************************************
|
elseif($action == "adduser")
|
elseif($action == "adduser")
|
{
|
{
|
if(!$regusername){ msg("error","Error !!!", "Username can not be blank", "javascript:history.go(-1)"); }
|
if(!$regusername){ msg("error","Error !!!", "Username can not be blank", "javascript:history.go(-1)"); }
|
if(!$regpassword){ msg("error","Error !!!", "Password can not be blank", "javascript:history.go(-1)"); }
|
if(!$regpassword){ msg("error","Error !!!", "Password can not be blank", "javascript:history.go(-1)"); }
|
|
|
$all_users = file("./data/users.db.php");
|
$all_users = file("./data/users.db.php");
|
foreach($all_users as $user_line)
|
foreach($all_users as $user_line)
|
{
|
{
|
$user_arr = explode("|", $user_line);
|
$user_arr = explode("|", $user_line);
|
if($user_arr[2] == $regusername){ msg("error", "Error !!!", "Sory but user with this username already exist", "javascript:history.go(-1)"); }
|
if($user_arr[2] == $regusername){ msg("error", "Error !!!", "Sory but user with this username already exist", "javascript:history.go(-1)"); }
|
}
|
}
|
|
|
$add_time = time()+($config_date_adjust*60);
|
$add_time = time()+($config_date_adjust*60);
|
$regpassword = md5($regpassword);
|
$regpassword = md5($regpassword);
|
|
|
$old_users_file = file("./data/users.db.php");
|
$old_users_file = file("./data/users.db.php");
|
$new_users_file = fopen("./data/users.db.php", "a");
|
$new_users_file = fopen("./data/users.db.php", "a");
|
|
|
fwrite($new_users_file, "$add_time|$reglevel|$regusername|$regpassword|$regnickname|$regemail|0|0||||\n");
|
fwrite($new_users_file, "$add_time|$reglevel|$regusername|$regpassword|$regnickname|$regemail|0|0||||\n");
|
|
|
fclose($new_users_file);
|
fclose($new_users_file);
|
|
|
switch($reglevel){
|
switch($reglevel){
|
case "1": $level = "administrator"; break;
|
case "1": $level = "administrator"; break;
|
case "2": $level = "editor"; break;
|
case "2": $level = "editor"; break;
|
case "3": $level = "journalist"; break;
|
case "3": $level = "journalist"; break;
|
case "4": $level = "commenter"; break;
|
case "4": $level = "commenter"; break;
|
}
|
}
|
msg("info","User Added","The user <b>$regusername</b> was successfully added as <b>$level</b>", "$PHP_SELF?mod=editusers&action=list");
|
msg("info","User Added","The user <b>$regusername</b> was successfully added as <b>$level</b>", "$PHP_SELF?mod=editusers&action=list");
|
}
|
}
|
// ********************************************************************************
|
// ********************************************************************************
|
// Edit User Details
|
// Edit User Details
|
// ********************************************************************************
|
// ********************************************************************************
|
elseif($action == "edituser")
|
elseif($action == "edituser")
|
{
|
{
|
|
|
$users_file = file("./data/users.db.php");
|
$users_file = file("./data/users.db.php");
|
foreach($users_file as $user_line){
|
foreach($users_file as $user_line){
|
$user_arr = explode("|", $user_line);
|
$user_arr = explode("|", $user_line);
|
if($id == $user_arr[0]){
|
if($id == $user_arr[0]){
|
break;
|
break;
|
}
|
}
|
}
|
}
|
|
|
if(isset($user_arr[9]) and $user_arr[9] != ''){ $last_login = date('r',$user_arr[9]); }
|
if(isset($user_arr[9]) and $user_arr[9] != ''){ $last_login = date('r',$user_arr[9]); }
|
else{ $last_login = 'never'; }
|
else{ $last_login = 'never'; }
|
|
|
echo"<html><head>
|
echo"<html><head>
|
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">
|
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">
|
<title>Edit Users</title>
|
<title>Edit Users</title>
|
<style type=\"text/css\">
|
<style type=\"text/css\">
|
<!--
|
<!--
|
select, option, textarea, input {
|
select, option, textarea, input {
|
BORDER-RIGHT: #808080 1px solid;
|
BORDER-RIGHT: #808080 1px solid;
|
BORDER-TOP: #808080 1px solid;
|
BORDER-TOP: #808080 1px solid;
|
BORDER-BOTTOM: #808080 1px solid;
|
BORDER-BOTTOM: #808080 1px solid;
|
BORDER-LEFT: #808080 1px solid;
|
BORDER-LEFT: #808080 1px solid;
|
COLOR: #000000;
|
COLOR: #000000;
|
FONT-SIZE: 11px;
|
FONT-SIZE: 11px;
|
FONT-FAMILY: Verdana; BACKGROUND-COLOR: #ffffff }
|
FONT-FAMILY: Verdana; BACKGROUND-COLOR: #ffffff }
|
TD {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
|
TD {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 8pt;}
|
BODY {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 3pt;}
|
BODY {text-decoration: none; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 3pt;}
|
.header { font-size : 16px; font-weight: bold; color: #808080; font-family: verdana; text-decoration: none; }
|
.header { font-size : 16px; font-weight: bold; color: #808080; font-family: verdana; text-decoration: none; }
|
-->
|
-->
|
</style>
|
</style>
|
</head>
|
</head>
|
<body>
|
<body>
|
<form action=\"$PHP_SELF\" method=post><table width=\"828\" cellspacing=\"0\" cellpadding=\"0\" height=\"13\">
|
<form action=\"$PHP_SELF\" method=post><table width=\"828\" cellspacing=\"0\" cellpadding=\"0\" height=\"13\">
|
<td width=\"826\" height=\"21\" colspan=\"2\"><div class=header>$user_arr[2] <font size=\"2\">($user_arr[4])</font></div>
|
<td width=\"826\" height=\"21\" colspan=\"2\"><div class=header>$user_arr[2] <font size=\"2\">($user_arr[4])</font></div>
|
|
|
<tr>
|
<tr>
|
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">written news
|
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">written news
|
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
|
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
|
$user_arr[6]
|
$user_arr[6]
|
</tr>
|
</tr>
|
|
|
<tr>
|
<tr>
|
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">last login date
|
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">last login date
|
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
|
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
|
$last_login
|
$last_login
|
</tr>
|
</tr>
|
|
|
<tr>
|
<tr>
|
<td width=\"126\" height=\"20\">
|
<td width=\"126\" height=\"20\">
|
registration date
|
registration date
|
<td height=\"20\" width=\"698\">";
|
<td height=\"20\" width=\"698\">";
|
echo date("r", $user_arr[0]);
|
echo date("r", $user_arr[0]);
|
echo"
|
echo"
|
</tr>
|
</tr>
|
|
|
<tr>
|
<tr>
|
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">
|
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">
|
Email
|
Email
|
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
|
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
|
$user_arr[5]
|
$user_arr[5]
|
</tr>
|
</tr>
|
|
|
<tr>
|
<tr>
|
<td width=\"126\" height=\"20\">
|
<td width=\"126\" height=\"20\">
|
New Password
|
New Password
|
<td height=\"20\" width=\"698\">
|
<td height=\"20\" width=\"698\">
|
<input size=\"20\" name=\"editpassword\" >
|
<input size=\"20\" name=\"editpassword\" >
|
</tr>
|
</tr>
|
|
|
<tr>
|
<tr>
|
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">
|
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">
|
Access Level
|
Access Level
|
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
|
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
|
<select name=editlevel>";
|
<select name=editlevel>";
|
|
|
if($user_arr[1] == 4){echo" <option value=4 selected>4 (commenter)</option>";} else {echo" <option value=4>4 (commenter)</option>";}
|
if($user_arr[1] == 4){echo" <option value=4 selected>4 (commenter)</option>";} else {echo" <option value=4>4 (commenter)</option>";}
|
if($user_arr[1] == 3){echo" <option value=3 selected>3 (journalist)</option>";} else {echo" <option value=3>3 (journalist)</option>";}
|
if($user_arr[1] == 3){echo" <option value=3 selected>3 (journalist)</option>";} else {echo" <option value=3>3 (journalist)</option>";}
|
if($user_arr[1] == 2){echo" <option value=2 selected>2 (editor)</option>";} else {echo" <option value=2>2 (editor)</option>";}
|
if($user_arr[1] == 2){echo" <option value=2 selected>2 (editor)</option>";} else {echo" <option value=2>2 (editor)</option>";}
|
if($user_arr[1] == 1){echo" <option value=1 selected>1 (administrator)</option>";}else {echo" <option value=1>1 (administrator)</option>";}
|
if($user_arr[1] == 1){echo" <option value=1 selected>1 (administrator)</option>";}else {echo" <option value=1>1 (administrator)</option>";}
|
|
|
echo"</select>
|
echo"</select>
|
</tr>
|
</tr>
|
<tr>
|
<tr>
|
<td width=\"826\" height=\"7\" colspan=\"2\">
|
<td width=\"826\" height=\"7\" colspan=\"2\">
|
<br />
|
<br />
|
<input type=submit value=\"Save Changes\"> <input type=button value=\"Cancel\" onClick=\"window.close();\">
|
<input type=submit value=\"Save Changes\"> <input type=button value=\"Cancel\" onClick=\"window.close();\">
|
<input type=hidden name=id value=$id>
|
<input type=hidden name=id value=$id>
|
<input type=hidden name=mod value=editusers>
|
<input type=hidden name=mod value=editusers>
|
<input type=hidden name=action value=doedituser>
|
<input type=hidden name=action value=doedituser>
|
</tr>
|
</tr>
|
</table></form>
|
</table></form>
|
</body>
|
</body>
|
</html>";
|
</html>";
|
|
|
|
|
}
|
}
|
// ********************************************************************************
|
// ********************************************************************************
|
// Do Edit User
|
// Do Edit User
|
// ********************************************************************************
|
// ********************************************** |