View file admin.php

File size: 11.18Kb
<html>
 <head>
  <title>
Administration
  </title>
 </head>
 <body style="font-family:arial;">
<?php
/////////////////////////////////////////////////////
//                                                 //
//                 PHPPageProtect                  //
//                    V 1.0.0                      //
//                                                 //
//                 Copyright 2002                  //
//                  David Broker                   //
//            http://php.warpedweb.net/            //
//              All Rights Reserved                //
//                                                 //
//          In using this script you               //
//           agree to the following:               //
//                                                 //
//      This script may be used and modified       //
//              freely as long as this             //
//             copyright remains intact.           //
//                                                 //
//     You may not distibute this script, or       //
//           any modifications of it.              //
//                                                 //
//   A link must be provided on the website that   //
//             uses the script to:                 //
//          http://php.warpedweb.net/              //
//                                                 //
//      Any breaches of these conditions           //
//        will result in legal action.             //
//                                                 //
//      This script is distributed with            //
//        no warrenty, free of charge.             //
//                                                 //
/////////////////////////////////////////////////////

// Variables

// Path to the config file.

$config = "conf.php";

// End Variables

// Load config file.

require($config);

// Initial File checks to make sure the files exist before using them.

if(!file_exists($user_data)) {
 echo "<h1 align=\"center\">$user_data_file_not_exist</h1>";
 exit;
}
elseif(!is_readable($user_data)) {
 echo "<h1 align=\"center\">$user_data_file_not_readable</h1>";
 exit;
}
elseif(!is_writable($user_data)) {
 echo "<h1 align=\"center\">$user_data_file_not_writable</h1>";
 exit;
}
elseif($log_login) {
 if(!file_exists($log_file)) {
  echo "<h1 align=\"center\">$log_file_not_exist</h1>";
  exit;
 }
 elseif(!is_readable($log_file)) { 
  echo "<h1 align=\"center\">$log_file_not_readable</h1>";
  exit;
 }
 elseif(!is_writable($log_file)) { 
  echo "<h1 align=\"center\">$log_file_not_writable</h1>";
  exit;
 }
}

// Validate username and password.
// Then determine operation.

if(($username==$admin_username) && ($password==$admin_password)) {
 switch($cmd) {
  case "new_user":
   new_user($new_user, $new_name, $new_pass);
   main();
   break;
  case "delete_user":
   delete_user($duser);
   main();
   break;
  case "viewlog":
   view_log();
   break;
  case "clearlog":
   clear_log();
   main();
   break;
  case "change_pass":
   change_pass($member_name, $newpw, $confpw);
   main();
   break;
  default:
   main();
   break;
 }
}
else {
 if (!$username && !$password)
  print_login();
 else {
  echo "<h4 align=\"center\">$invalid_username_password</h4>";
  print_login($username);
 }
}

print_footer();

function main() {
 // Prints the main page.
 $user_list = get_user_list();
?>
<h2 align="center"><i>Administration Options</i></h2>
<table align="center" border="0" cellpadding="0" cellpadding="0"><tr><td valign="top">
<form method="post">
<table>
<tr><td colspan="3"><h4>New User:</h4></td></tr>
<tr><td rowspan="5">&nbsp;&nbsp;</td><td>Username: </td><td><input type="text" value="<?=$GLOBALS[new_user]?>" name="new_user"></td></tr>
<tr><td>Name: </td><td><input type="text" name="new_name" value="<?=$GLOBALS[new_name]?>"></td></tr>
<tr><td>Password: </td><td><input type="text" name="new_pass" value="<?=$GLOBALS[new_pass]?>"></td></tr>
<tr><td colspan="2">
<input type="hidden" name="cmd" value="new_user">
<input type="hidden" name="username" value="<?=$GLOBALS[username]?>">
<input type="hidden" name="password" value="<?=$GLOBALS[password]?>">
<input type="submit" value="Create">
</td></tr></table></form></td>
<td valign="top">
<form method="post">
<table><tr><td colspan="3"><h4>Change Password:</h4></td></tr>
<tr><tr><td rowspan="4">&nbsp;&nbsp;</td><td>Username: </td><td>
<?php
if(is_array($user_list)) {
 echo "<select name=\"member_name\">\n";
 foreach ($user_list as $staff) {
  echo "<option value=\"$staff\">&nbsp;$staff&nbsp;&nbsp;</option>\n";
 }
 echo "</select>\n";
}
else 
 echo $GLOBALS[no_users];
?>
</td></tr>
<tr><td>New Password: </td><td><input type="text" name="newpw"></td></tr>
<tr><td>Confirm Password: </td><td><input type="text" name="confpw"></td></tr>
<tr><td colspan="2">
<input type="hidden" name="username" value="<?=$GLOBALS[username]?>">
<input type="hidden" name="password" value="<?=$GLOBALS[password]?>">
<input type="hidden" name="cmd" value="change_pass">
<input type="submit" value="Change"></td></tr></table></form>
</td>
</tr>
<tr><td valign="top">
<form method="post">
<table><tr><td colspan="2"><h4>Delete Users:</h4></td></tr>
<?php
if(is_array($user_list)) {
 foreach($user_list as $userl) {
  echo "<tr><td>&nbsp;&nbsp;<input type=\"checkbox\" name=\"duser[]\" value=\"$userl\"></td><td width=\"100%\">$userl</td></tr>\n";
 }
}
else
 echo "<tr><td>$GLOBALS[no_users]</td></tr>";
?>
<tr><td colspan="2">
<input type="hidden" name="cmd" value="delete_user">
<input type="hidden" name="username" value="<?=$GLOBALS[username]?>">
<input type="hidden" name="password" value="<?=$GLOBALS[password]?>">
<br><input type="submit" value="Delete">
</td></tr></table></form>
</td>
<td valign="top">
<form method="post" name="logform">
<input type="hidden" name="username" value="<?=$GLOBALS[username]?>">
<input type="hidden" name="password" value="<?=$GLOBALS[password]?>">
<input type="hidden" name="cmd">
<table><tr><td colspan="2"><h4>Logs:</h4>
<?php
if ($GLOBALS[log_login]) {
?>
<li><a href="" Onclick="document.logform.cmd.value='viewlog'; document.logform.submit(); return false;"><b>View Log</b></a><li><a href="" Onclick="document.logform.cmd.value='clearlog'; document.logform.submit(); return false;"><b>Clear Log</b></a></td></tr>
<?php
}
else echo "User logging is turned off.<br>See <a href=\"http://php.warpedweb.net/readme/pageprotect.html\">readme.html</a> for information on how to enable it";
?>
</table>
</form>
</td></tr>
<tr><td align="center" colspan="2"><a href="<?=$GLOBALS[login_page]?>">Click here to go to the login page</a>.</td></tr>
</table>
<?
}

function print_footer() {
 // Prints the footer of the page.
echo "<div align=\"center\">
<br><font size=\"+1\"><b>PHPPageProtect</b></font>
<br>A script by <a href=\"mailto:[email protected]\">David Broker</a>
<br><a href=\"http://php.warpedweb.net/\"><i>http://php.warpedweb.net/</i></a>
<br>Version $GLOBALS[version]</div></body></html>";
}

function new_user($nuser,$nname, $npass) {
 // Creates a new user.
 echo "<h4 align=\"center\">";
 if ($nuser=="") echo "$GLOBALS[enter_username]";
 elseif ($nname=="") echo "$GLOBALS[enter_name]";
 elseif ($npass=="") echo "$GLOBALS[enter_password]";
 else {
  if(!user_exists($nuser)) {
   $npass = strtolower($npass);
   $fd = @fopen($GLOBALS[user_data],"a");
   fputs($fd, "$nuser|$nname|".md5($npass)."\n");
   fclose($fd);
   echo "<h4>$GLOBALS[username_created]</h4>";
  }
  else echo "<h4>$GLOBALS[username_exists]</h4>";
 }
 echo "</h4>";
}

function delete_user($username) {
 // Deletion of user(s)
 if($username) {
  $file = file($GLOBALS[user_data]);
  foreach($file as $u) {    
   $data = explode("|", $u);
   if (!in_array($data[0], $username))
    $new_user_list[] = $u;
  }
  $fd = fopen($GLOBALS[user_data], "w");
  if (count($new_user_list) >= 1) {
   foreach ($new_user_list as $users)
    fputs($fd, $users);
  }
  fclose($fd);
  echo "<h4 align=\"center\">$GLOBALS[username_deleted]</h4>";
 }
 else {
  echo "<h4 align=\"center\">$GLOBALS[no_username_selected]</h4>";
 }
}

function user_exists($user) {
 // Retures true if $user exists.
 $exists = false;
 $data = file($GLOBALS[user_data]);
 if(is_array($data)) {
  foreach($data as $u) {
   $data = explode("|", $u);
   if ($user == $data[0])
    $exists = true;
  }
 }
 return $exists;
}

function get_user_list() {
 // Returns an array of usernames.
 $data = @file($GLOBALS[user_data]);
 if(is_array($data)) {
  foreach($data as $user) {
   $data = explode("|", $user);
   $list[] = $data[0];
  }
  return $list;
 }
 else return NULL;
}

function change_pass($username, $npass, $npass2) {
 // Changes the password of $username
 if($username!="") {
  $npass = strtolower($npass);
  $npass2 = strtolower($npass2);
  if ($npass2!=""||$npass!="") {
   if($npass == $npass2) {
    $file = file($GLOBALS[user_data]);
    $fd = @fopen($GLOBALS[user_data], "w");
    foreach ($file as $user) {
     $exp = explode("|", $user);
     if ($exp[0] == $username)
      fputs($fd, $exp[0]."|".md5($npass)."\n");
     else
      fputs($fd, $user);
    }
    fclose($fd);
    echo "<h4 align=\"center\">$GLOBALS[password_changed]</h4>";
   }
   else  echo "<h4 align=\"center\">$GLOBALS[password_not_confirmed]</h4>";
  }
  else  echo "<h4 align=\"center\">$GLOBALS[enter_password]</h4>";
 }
 else  echo "<h4 align=\"center\">$GLOBALS[no_username_selected]</h4>";
}

function view_log() {
 // Displays the log file.
 $file = @file($GLOBALS[log_file]);
 if(count($file)>0) {
  echo "<h2 align=\"center\"><i>Log File</i></h2><table align=\"center\" border=\"1\" bordercolor=\"black\" cellpadding=\"2\" cellspacing=\"0\"><tr><td align=\"center\"><b>Date/Time</b></td><td align=\"center\"><b>Name</b></td><td align=\"center\"><b>Username</b></td></tr>";
  foreach($file as $log) {
   $log = explode("|", $log);
   echo "<tr><td align=\"center\">".date("H:i:s d/m/Y",$log[0])."</td><td align=\"center\">$log[1]</td><td align=\"center\">$log[2]</td></tr>";
  }
 } else echo "<h2 align=\"center\">$GLOBALS[log_file_empty]</h2>";
 echo "</table><form method=\"post\" name=\"back\"><input type=\"hidden\" name=\"username\" value=\"$GLOBALS[username]\">
 <input type=\"hidden\" name=\"password\" value=\"$GLOBALS[password]\">
 <input type=\"hidden\" name=\"cmd\">
 <h3 align=\"center\"><a href=\"\" Onclick=\"document.back.submit(); return false;\">Back</a></h3></form>";
}

function clear_log() {
 // Clears the log file.
 $fd = @fopen($GLOBALS[log_file], "w");
 fclose($fd);
 echo "<h4 align=\"center\"><i>$GLOBALS[log_file_cleared]</i></h4>";
}

function print_login($username='') {
 // Prints the logon.
 echo "
<h2 align=\"center\"><i>User Administration</i></h2>
<form method=\"post\" action=\"$GLOBALS[SCRIPT_NAME]\">
<table align=\"center\">
<tr><td>Username:</td><td><input type=\"text\" name=\"username\" value=\"$username\"></td></tr>
<tr><td>Password:</td><td><input type=\"password\" name=\"password\"></td></tr>
<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"Login\"></td></tr>
</table>
</form>";
}
?>
 </body>
</html>