View file script/admin/users.php

File size: 8.94Kb
<?php
/*-----------------------------------------------------------------------------------------
mcGalleryPRO
All code is © 2003 Marc Cagninacci.
No files may be redistributed in whole or significant part.
----------------- mcgalleryPRO IS NOT FREE SOFTWARE -------------------
You should have receive a file called license.txt in this package
--------------------------------------------------------------------------------------------*/

require 'conf.inc.php';
session_start();
if ((( empty($_SESSION['password']) || $_SESSION['password'] != $admin_pass) && $first == '1' ) &&  md5($_SESSION['private_login']) != '0a8a56ff717752437d5584a0783f04ac')
{
include "./sess.php";
exit;
}
include './header.php';
if ($order == '') { $order='id'; $b1 = '<img src="../images/bas.gif" alt="" border="0"><b>&nbsp;'; $eb1 = '</b>';}
elseif ($order == 'login') { $b2 = '<img src="../images/bas.gif" alt="" border="0"><b>&nbsp;'; $eb2 = '</b>';}
elseif ($order == 'email') { $b3 = '<img src="../images/bas.gif" alt="" border="0"><b>&nbsp;'; $eb3 = '</b>';}
elseif ($order == 'password') { $b4 = '<img src="../images/bas.gif" alt="" border="0"><b>&nbsp;'; $eb4 = '</b>';}
elseif ($order == 'visite') { $b5 = '<img src="../images/bas.gif" alt="" border="0"><b>&nbsp;'; $eb5 = '</b>';}
elseif ($order == 'date') { $b6 = '<img src="../images/bas.gif" alt="" border="0"><b>&nbsp;'; $eb6 = '</b>';}
elseif ($order == 'register') { $b7 = '<img src="../images/bas.gif" alt="" border="0"><b>&nbsp;'; $eb7 = '</b>';}

srand ((double) microtime() * 10000000);
$array_pass = array('a','z','e',1,'r','t',2,'y','u',3,'i','o','p','q',4,'s','d',5,'f','g',6,'h','j',7,'k','l','m',8,'w','x','c',9,'v','b',0,'n');
$rand_pass = array_rand($array_pass, 7);
for ($i = 0; $i <= 6; $i++)
{
$pwd .= $array_pass[$rand_pass[$i]];
}
?>
<script language="JavaScript">
<!--
function MM_popupMsg(msg) {
  alert(msg);
}
//-->
</script>
   <table border="0" cellspacing="1" cellpadding="2" align="center">
   <tr>
   <td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=id" class="lien2" title="Order by"><?php echo $b1.'id'.$eb1; ?></a></font></td>
   <td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=login" class="lien2" title="Order by"><?php echo $b2.$l_Login.$eb2; ?></a></font></td>
   <td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=email" class="lien2" title="Order by"><?php echo $b3.$l_Email.$eb3; ?></a></font></td>
   <td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=password" class="lien2" title="Order by"><?php echo $b4.$l_Pass.$eb4; ?></a></font></td>
   <td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=register" class="lien2" title="Order by"><?php echo $b7.$l_Date.$eb7; ?></a></font></td>
   <td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=visite" class="lien2" title="Order by"><?php echo $b5.$l_Visits.$eb5; ?></a></font></td>
   <td bgcolor="#OOOOOO" align="center"><font size="2"><a href="users.php?order=date" class="lien2" title="Order by"><?php echo $b6.$l_Last_vis.$eb6; ?></a></font></td>
   <td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"><?php echo $l_Level; ?>
   <a href="#" onClick="MM_popupMsg
   ('Every one can open albums set to 1\nSet members levels like this:\n 2, 4, 7 (don\'t forget comas), means that member can see albums set to 1, 2, 4 and 7.\n If you type \&quot;all\&quot; (without \&quot;), member will see ALL albums.\n And if you type \&quot;admin\&quot; (without \&quot;), member will see ALL albums and ALL other members selections, and have access to admin section (but not to Members and Config pages).\n____________\n\nTout le monde peut acc&eacute;der aux albums de niveau 1\nR&eacute;glez les acc&egrave;s membres comme &ccedil;&agrave;:\n 2, 4, 7 (sans oublier les virgules), permet au membre de voir les albums de niveau 1, 2, 4 et 7.\n Si vous tapez \&quot;all\&quot; (sans \&quot;), le membre verra TOUS les albums.\n Et si vous tapez \&quot;admin\&quot; (sans \&quot;), le membre verra TOUS les albums et TOUTES les selections des autres membres, et aura acc&egrave;s &agrave la section Admin (mais pas aux pages Membres et Config).')">
   <img src="../images/b_help.gif" border="0" alt=""></a></font></td>
   <td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"><?php echo $l_Suppr; ?></font></td>
   <td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white">&nbsp;</font></td>
   </tr>
   <tr>
   <form method="post" action="users.php">
   <td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"><b><?php echo $l_New; ?></b></font></td>
   <td bgcolor="#OOOOOO" align="center"><input type="text" name="new_login" size="10" value=""></td>
   <td bgcolor="#OOOOOO" align="center"><input type="text" name="new_email" size="15" value=""></td>
   <td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"><?php echo $pwd; ?><input type="hidden" name="new_pass" value="<?php echo $pwd; ?>"></font></td>
   <td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white"><?php echo date("Y-m-d"); ?></font></td>
   <td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white">&nbsp;</font></td>
   <td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white">&nbsp;</font></td>
   <td bgcolor="#OOOOOO" align="center">
<?php 
     if ($new_level == '') { $level = 0; }
     echo $new_level;
?>
   <input type="text" size="10" name="new_level" value="<?php echo $new_level; ?>">
   </td>
    <td bgcolor="#OOOOOO" align="center"><font face="verdana" size="2" color="white">&nbsp;</font></td>
   <td bgcolor="#OOOOOO" align="center"><input type="submit" value="OK" name="submit"></td>
   </form>
   </tr>
<?php

$connect= mysql_connect($host,$login,$pass);
mysql_select_db($base, $connect);

/// add a new user
if ($new_login != '')
{
$query="SELECT id FROM mcgallery_members WHERE login='$new_login' OR email='$new_email'";
$result=mysql_query($query);
         if (mysql_num_rows($result) > 0)
         {
          echo '<font face="verdana" size="2" color="red"><b>'.$l_already.'</b></font>';
         }
         else
         {
		 $new_date = date("Y-m-d");
         $query="INSERT INTO mcgallery_members VALUES ('', '$new_email', '$new_login', '$new_pass', '$new_level', '$new_date' ,'','')";
         mysql_query($query);
         }
unset($new_level);
}

///  Modify level for user
 if ($mod_level != '')
 {
 $query="UPDATE mcgallery_members SET level='$mod_level' WHERE id='$id'";
 mysql_query($query);
 }

///  Modify uploads for user
 if ($mod_upload != '')
 {
 $query="UPDATE mcgallery_members SET upload='$mod_upload' WHERE id='$id'";
 mysql_query($query);
 }

 /// Delete user
 if ($del_user == TRUE)
 {
 $query = "SELECT login FROM mcgallery_members WHERE id='$id'";
 $res = mysql_query($query);
 $sel = mysql_fetch_row($res);

 $query = "DELETE FROM mcgallery_select WHERE login='$sel[0]'";
 mysql_query($query);

 $query="DELETE FROM mcgallery_members WHERE id='$id'";
 mysql_query($query);
 echo mysql_error();
 }


/// Displays list
if ($order =='visite' || $order =='date')  { $desc = 'DESC'; }
$query="SELECT * FROM mcgallery_members ORDER BY '$order' $desc";
$result=mysql_query($query);
while ($row=mysql_fetch_array($result))
{
	if ($row['login'] == $admin_login) $row['login'] = '********';
	if ($row['password'] == $admin_pass) $row['password'] = '********';
	if ($row['email'] == $email_admin) $row['email'] = '';
   echo '<tr>
   <form method="post" action="users.php">
   <td bgcolor="#CCCCCC" align="center"><font face="verdana" size="1" color="black">'.$row['id'].'</font></td>
   <td bgcolor="#CCCCCC"><font face="verdana" size="1" color="black">'.$row['login'].'</font></td>
   <td bgcolor="#CCCCCC"><font face="verdana" size="1" color="black"><a href="#" onclick="javascript:window.open(\'./mailto_member.php?id='.$row['id'].'\',\'\',\'width=300,height=300\');" class="lien1" onMouseOver="window.status=\'\';return true"><b>'.$row['email'].'</b></a></font></td>
   <td bgcolor="#CCCCCC"><font face="verdana" size="1" color="black">'.$row['password'].'</font></td>
   <td bgcolor="#CCCCCC" align="center"><font face="verdana" size="1" color="black">'.$row['register'].'</font></td>
   <td bgcolor="#CCCCCC" align="center"><font face="verdana" size="1" color="black">'.$row['visite'].'</font></td>
   <td bgcolor="#CCCCCC"><font face="verdana" size="1" color="black">'.$row['date'].'</font></td>
   <td bgcolor="#CCCCCC"><input type="text" size="10" name="mod_level" value="'.$row['level'].'"></td>
   <td bgcolor="#OOOOOO" align="center"><input type="checkbox" name="del_user"></td>
   <input type="hidden" name="id" value="'.$row['id'].'">
   <td bgcolor="#OOOOOO" align="center"><input type="submit" value="OK" name="submit"></td>
   </form>
   </tr>';

}
echo '</table>';
include './footer.php';
?>