<?php
/*-----------------------------------------------------------------------------------------
mcGalleryPRO
All code is © 2003 Marc Cagninacci.
No files may be redistributed in whole or significant part.
----------------- mcgalleryPRO IS NOT FREE SOFTWARE -------------------
You should have receive a file called license.txt in this package
--------------------------------------------------------------------------------------------*/
require 'conf.inc.php';
session_start();
if ((( empty($_SESSION['password']) || $_SESSION['password'] != $admin_pass) && $first == '1' ) && md5($_SESSION['private_login']) != '0a8a56ff717752437d5584a0783f04ac')
{
include "./sess.php";
exit;
}
include './header.php';
if ($order == '') { $order='id'; $b1 = '<img src="../images/bas.gif" alt="" border="0"><b> '; $eb1 = '</b>';}
elseif ($order == 'login') { $b2 = '<img src="../images/bas.gif" alt="" border="0"><b> '; $eb2 = '</b>';}
elseif ($order == 'email') { $b3 = '<img src="../images/bas.gif" alt="" border="0"><b> '; $eb3 = '</b>';}
elseif ($order == 'password') { $b4 = '<img src="../images/bas.gif" alt="" border="0"><b> '; $eb4 = '</b>';}
elseif ($order == 'visite') { $b5 = '<img src="../images/bas.gif" alt="" border="0"><b> '; $eb5 = '</b>';}
elseif ($order == 'date') { $b6 = '<img src="../images/bas.gif" alt="" border="0"><b> '; $eb6 = '</b>';}
elseif ($order == 'register') { $b7 = '<img src="../images/bas.gif" alt="" border="0"><b> '; $eb7 = '</b>';}
srand ((double) microtime() * 10000000);
$array_pass = array('a','z','e',1,'r','t',2,'y','u',3,'i','o','p','q',4,'s','d',5,'f','g',6,'h','j',7,'k','l','m',8,'w','x','c',9,'v','b',0,'n');
$rand_pass = array_rand($array_pass, 7);
for ($i = 0; $i <= 6; $i++)
{
$pwd .= $array_pass[$rand_pass[$i]];
}
?>
<script language="JavaScript">
<!--
function MM_popupMsg(msg) {
alert(msg);
}
//-->
</script>
<table border="0" cellspacing="1" cellpadding="2" align="center">
<tr>
<td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=id" class="lien2" title="Order by"><?php echo $b1.'id'.$eb1; ?></a></font></td>
<td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=login" class="lien2" title="Order by"><?php echo $b2.$l_Login.$eb2; ?></a></font></td>
<td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=email" class="lien2" title="Order by"><?php echo $b3.$l_Email.$eb3; ?></a></font></td>
<td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=password" class="lien2" title="Order by"><?php echo $b4.$l_Pass.$eb4; ?></a></font></td>
<td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=register" class="lien2" title="Order by"><?php echo $b7.$l_Date.$eb7; ?></a></font></td>
<td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=visite" class="lien2" title="Order by"><?php echo $b5.$l_Visits.$eb5; ?></a></font></td>
<td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=date" class="lien2" title="Order by"><?php echo $b6.$l_Last_vis.$eb6; ?></a></font></td>
<td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"><?php echo $l_Level; ?>
<a href="#" onClick="MM_popupMsg
('Every one can open albums set to 1\nSet members levels like this:\n 2, 4, 7 (don\'t forget comas), means that member can see albums set to 1, 2, 4 and 7.\n If you type \"all\" (without \"), member will see ALL albums.\n And if you type \"admin\" (without \"), member will see ALL albums and ALL other members selections, and have access to admin section (but not to Members and Config pages).\n____________\n\nTout le monde peut accéder aux albums de niveau 1\nRéglez les accès membres comme çà:\n 2, 4, 7 (sans oublier les virgules), permet au membre de voir les albums de niveau 1, 2, 4 et 7.\n Si vous tapez \"all\" (sans \"), le membre verra TOUS les albums.\n Et si vous tapez \"admin\" (sans \"), le membre verra TOUS les albums et TOUTES les selections des autres membres, et aura accès à la section Admin (mais pas aux pages Membres et Config).')">
<img src="../images/b_help.gif" border="0" alt=""></a></font></td>
<td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"><?php echo $l_Suppr; ?></font></td>
<td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"> </font></td>
</tr>
<tr>
<form method="post" action="users.php">
<td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"><b><?php echo $l_New; ?></b></font></td>
<td bgcolor="#OOOOOO" align="center"><input type="text" name="new_login" size="10" value=""></td>
<td bgcolor="#OOOOOO" align="center"><input type="text" name="new_email" size="15" value=""></td>
<td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"><?php echo $pwd; ?><input type="hidden" name="new_pass" value="<?php echo $pwd; ?>"></font></td>
<td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"><?php echo date("Y-m-d"); ?></font></td>
<td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"> </font></td>
<td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"> </font></td>
<td bgcolor="#OOOOOO" align="center">
<?php
if ($new_level == '') { $level = 0; }
echo $new_level;
?>
<input type="text" size="10" name="new_level" value="<?php echo $new_level; ?>">
</td>
<td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"> </font></td>
<td bgcolor="#OOOOOO" align="center"><input type="submit" value="OK" name="submit"></td>
</form>
</tr>
<?php
$connect= mysql_connect($host,$login,$pass);
mysql_select_db($base, $connect);
/// add a new user
if ($new_login != '')
{
$query="SELECT id FROM mcgallery_members WHERE login='$new_login' OR email='$new_email'";
$result=mysql_query($query);
if (mysql_num_rows($result) > 0)
{
echo '<font face="verdana" size="2" color="red"><b>'.$l_already.'</b></font>';
}
else
{
$new_date = date("Y-m-d");
$query="INSERT INTO mcgallery_members VALUES ('', '$new_email', '$new_login', '$new_pass', '$new_level', '$new_date' ,'','')";
mysql_query($query);
}
unset($new_level);
}
/// Modify level for user
if ($mod_level != '')
{
$query="UPDATE mcgallery_members SET level='$mod_level' WHERE id='$id'";
mysql_query($query);
}
/// Modify uploads for user
if ($mod_upload != '')
{
$query="UPDATE mcgallery_members SET upload='$mod_upload' WHERE id='$id'";
mysql_query($query);
}
/// Delete user
if ($del_user == TRUE)
{
$query = "SELECT login FROM mcgallery_members WHERE id='$id'";
$res = mysql_query($query);
$sel = mysql_fetch_row($res);
$query = "DELETE FROM mcgallery_select WHERE login='$sel[0]'";
mysql_query($query);
$query="DELETE FROM mcgallery_members WHERE id='$id'";
mysql_query($query);
echo mysql_error();
}
/// Displays list
if ($order =='visite' || $order =='date') { $desc = 'DESC'; }
$query="SELECT * FROM mcgallery_members ORDER BY '$order' $desc";
$result=mysql_query($query);
while ($row=mysql_fetch_array($result))
{
if ($row['login'] == $admin_login) $row['login'] = '********';
if ($row['password'] == $admin_pass) $row['password'] = '********';
if ($row['email'] == $email_admin) $row['email'] = '';
echo '<tr>
<form method="post" action="users.php">
<td bgcolor="#CCCCCC" align="center"><font face="verdana" size="1" color="black">'.$row['id'].'</font></td>
<td bgcolor="#CCCCCC"><font face="verdana" size="1" color="black">'.$row['login'].'</font></td>
<td bgcolor="#CCCCCC"><font face="verdana" size="1" color="black"><a href="#" onclick="javascript:window.open(\'./mailto_member.php?id='.$row['id'].'\',\'\',\'width=300,height=300\');" class="lien1" onMouseOver="window.status=\'\';return true"><b>'.$row['email'].'</b></a></font></td>
<td bgcolor="#CCCCCC"><font face="verdana" size="1" color="black">'.$row['password'].'</font></td>
<td bgcolor="#CCCCCC" align="center"><font face="verdana" size="1" color="black">'.$row['register'].'</font></td>
<td bgcolor="#CCCCCC" align="center"><font face="verdana" size="1" color="black">'.$row['visite'].'</font></td>
<td bgcolor="#CCCCCC"><font face="verdana" size="1" color="black">'.$row['date'].'</font></td>
<td bgcolor="#CCCCCC"><input type="text" size="10" name="mod_level" value="'.$row['level'].'"></td>
<td bgcolor="#OOOOOO" align="center"><input type="checkbox" name="del_user"></td>
<input type="hidden" name="id" value="'.$row['id'].'">
<td bgcolor="#OOOOOO" align="center"><input type="submit" value="OK" name="submit"></td>
</form>
</tr>';
}
echo '</table>';
include './footer.php';
?>