File size: 11.18Kb
<html>
<head>
<title>
Administration
</title>
</head>
<body style="font-family:arial;">
<?php
/////////////////////////////////////////////////////
// //
// PHPPageProtect //
// V 1.0.0 //
// //
// Copyright 2002 //
// David Broker //
// http://php.warpedweb.net/ //
// All Rights Reserved //
// //
// In using this script you //
// agree to the following: //
// //
// This script may be used and modified //
// freely as long as this //
// copyright remains intact. //
// //
// You may not distibute this script, or //
// any modifications of it. //
// //
// A link must be provided on the website that //
// uses the script to: //
// http://php.warpedweb.net/ //
// //
// Any breaches of these conditions //
// will result in legal action. //
// //
// This script is distributed with //
// no warrenty, free of charge. //
// //
/////////////////////////////////////////////////////
// Variables
// Path to the config file.
$config = "conf.php";
// End Variables
// Load config file.
require($config);
// Initial File checks to make sure the files exist before using them.
if(!file_exists($user_data)) {
echo "<h1 align=\"center\">$user_data_file_not_exist</h1>";
exit;
}
elseif(!is_readable($user_data)) {
echo "<h1 align=\"center\">$user_data_file_not_readable</h1>";
exit;
}
elseif(!is_writable($user_data)) {
echo "<h1 align=\"center\">$user_data_file_not_writable</h1>";
exit;
}
elseif($log_login) {
if(!file_exists($log_file)) {
echo "<h1 align=\"center\">$log_file_not_exist</h1>";
exit;
}
elseif(!is_readable($log_file)) {
echo "<h1 align=\"center\">$log_file_not_readable</h1>";
exit;
}
elseif(!is_writable($log_file)) {
echo "<h1 align=\"center\">$log_file_not_writable</h1>";
exit;
}
}
// Validate username and password.
// Then determine operation.
if(($username==$admin_username) && ($password==$admin_password)) {
switch($cmd) {
case "new_user":
new_user($new_user, $new_name, $new_pass);
main();
break;
case "delete_user":
delete_user($duser);
main();
break;
case "viewlog":
view_log();
break;
case "clearlog":
clear_log();
main();
break;
case "change_pass":
change_pass($member_name, $newpw, $confpw);
main();
break;
default:
main();
break;
}
}
else {
if (!$username && !$password)
print_login();
else {
echo "<h4 align=\"center\">$invalid_username_password</h4>";
print_login($username);
}
}
print_footer();
function main() {
// Prints the main page.
$user_list = get_user_list();
?>
<h2 align="center"><i>Administration Options</i></h2>
<table align="center" border="0" cellpadding="0" cellpadding="0"><tr><td valign="top">
<form method="post">
<table>
<tr><td colspan="3"><h4>New User:</h4></td></tr>
<tr><td rowspan="5"> </td><td>Username: </td><td><input type="text" value="<?=$GLOBALS[new_user]?>" name="new_user"></td></tr>
<tr><td>Name: </td><td><input type="text" name="new_name" value="<?=$GLOBALS[new_name]?>"></td></tr>
<tr><td>Password: </td><td><input type="text" name="new_pass" value="<?=$GLOBALS[new_pass]?>"></td></tr>
<tr><td colspan="2">
<input type="hidden" name="cmd" value="new_user">
<input type="hidden" name="username" value="<?=$GLOBALS[username]?>">
<input type="hidden" name="password" value="<?=$GLOBALS[password]?>">
<input type="submit" value="Create">
</td></tr></table></form></td>
<td valign="top">
<form method="post">
<table><tr><td colspan="3"><h4>Change Password:</h4></td></tr>
<tr><tr><td rowspan="4"> </td><td>Username: </td><td>
<?php
if(is_array($user_list)) {
echo "<select name=\"member_name\">\n";
foreach ($user_list as $staff) {
echo "<option value=\"$staff\"> $staff </option>\n";
}
echo "</select>\n";
}
else
echo $GLOBALS[no_users];
?>
</td></tr>
<tr><td>New Password: </td><td><input type="text" name="newpw"></td></tr>
<tr><td>Confirm Password: </td><td><input type="text" name="confpw"></td></tr>
<tr><td colspan="2">
<input type="hidden" name="username" value="<?=$GLOBALS[username]?>">
<input type="hidden" name="password" value="<?=$GLOBALS[password]?>">
<input type="hidden" name="cmd" value="change_pass">
<input type="submit" value="Change"></td></tr></table></form>
</td>
</tr>
<tr><td valign="top">
<form method="post">
<table><tr><td colspan="2"><h4>Delete Users:</h4></td></tr>
<?php
if(is_array($user_list)) {
foreach($user_list as $userl) {
echo "<tr><td> <input type=\"checkbox\" name=\"duser[]\" value=\"$userl\"></td><td width=\"100%\">$userl</td></tr>\n";
}
}
else
echo "<tr><td>$GLOBALS[no_users]</td></tr>";
?>
<tr><td colspan="2">
<input type="hidden" name="cmd" value="delete_user">
<input type="hidden" name="username" value="<?=$GLOBALS[username]?>">
<input type="hidden" name="password" value="<?=$GLOBALS[password]?>">
<br><input type="submit" value="Delete">
</td></tr></table></form>
</td>
<td valign="top">
<form method="post" name="logform">
<input type="hidden" name="username" value="<?=$GLOBALS[username]?>">
<input type="hidden" name="password" value="<?=$GLOBALS[password]?>">
<input type="hidden" name="cmd">
<table><tr><td colspan="2"><h4>Logs:</h4>
<?php
if ($GLOBALS[log_login]) {
?>
<li><a href="" Onclick="document.logform.cmd.value='viewlog'; document.logform.submit(); return false;"><b>View Log</b></a><li><a href="" Onclick="document.logform.cmd.value='clearlog'; document.logform.submit(); return false;"><b>Clear Log</b></a></td></tr>
<?php
}
else echo "User logging is turned off.<br>See <a href=\"http://php.warpedweb.net/readme/pageprotect.html\">readme.html</a> for information on how to enable it";
?>
</table>
</form>
</td></tr>
<tr><td align="center" colspan="2"><a href="<?=$GLOBALS[login_page]?>">Click here to go to the login page</a>.</td></tr>
</table>
<?
}
function print_footer() {
// Prints the footer of the page.
echo "<div align=\"center\">
<br><font size=\"+1\"><b>PHPPageProtect</b></font>
<br>A script by <a href=\"mailto:[email protected]\">David Broker</a>
<br><a href=\"http://php.warpedweb.net/\"><i>http://php.warpedweb.net/</i></a>
<br>Version $GLOBALS[version]</div></body></html>";
}
function new_user($nuser,$nname, $npass) {
// Creates a new user.
echo "<h4 align=\"center\">";
if ($nuser=="") echo "$GLOBALS[enter_username]";
elseif ($nname=="") echo "$GLOBALS[enter_name]";
elseif ($npass=="") echo "$GLOBALS[enter_password]";
else {
if(!user_exists($nuser)) {
$npass = strtolower($npass);
$fd = @fopen($GLOBALS[user_data],"a");
fputs($fd, "$nuser|$nname|".md5($npass)."\n");
fclose($fd);
echo "<h4>$GLOBALS[username_created]</h4>";
}
else echo "<h4>$GLOBALS[username_exists]</h4>";
}
echo "</h4>";
}
function delete_user($username) {
// Deletion of user(s)
if($username) {
$file = file($GLOBALS[user_data]);
foreach($file as $u) {
$data = explode("|", $u);
if (!in_array($data[0], $username))
$new_user_list[] = $u;
}
$fd = fopen($GLOBALS[user_data], "w");
if (count($new_user_list) >= 1) {
foreach ($new_user_list as $users)
fputs($fd, $users);
}
fclose($fd);
echo "<h4 align=\"center\">$GLOBALS[username_deleted]</h4>";
}
else {
echo "<h4 align=\"center\">$GLOBALS[no_username_selected]</h4>";
}
}
function user_exists($user) {
// Retures true if $user exists.
$exists = false;
$data = file($GLOBALS[user_data]);
if(is_array($data)) {
foreach($data as $u) {
$data = explode("|", $u);
if ($user == $data[0])
$exists = true;
}
}
return $exists;
}
function get_user_list() {
// Returns an array of usernames.
$data = @file($GLOBALS[user_data]);
if(is_array($data)) {
foreach($data as $user) {
$data = explode("|", $user);
$list[] = $data[0];
}
return $list;
}
else return NULL;
}
function change_pass($username, $npass, $npass2) {
// Changes the password of $username
if($username!="") {
$npass = strtolower($npass);
$npass2 = strtolower($npass2);
if ($npass2!=""||$npass!="") {
if($npass == $npass2) {
$file = file($GLOBALS[user_data]);
$fd = @fopen($GLOBALS[user_data], "w");
foreach ($file as $user) {
$exp = explode("|", $user);
if ($exp[0] == $username)
fputs($fd, $exp[0]."|".md5($npass)."\n");
else
fputs($fd, $user);
}
fclose($fd);
echo "<h4 align=\"center\">$GLOBALS[password_changed]</h4>";
}
else echo "<h4 align=\"center\">$GLOBALS[password_not_confirmed]</h4>";
}
else echo "<h4 align=\"center\">$GLOBALS[enter_password]</h4>";
}
else echo "<h4 align=\"center\">$GLOBALS[no_username_selected]</h4>";
}
function view_log() {
// Displays the log file.
$file = @file($GLOBALS[log_file]);
if(count($file)>0) {
echo "<h2 align=\"center\"><i>Log File</i></h2><table align=\"center\" border=\"1\" bordercolor=\"black\" cellpadding=\"2\" cellspacing=\"0\"><tr><td align=\"center\"><b>Date/Time</b></td><td align=\"center\"><b>Name</b></td><td align=\"center\"><b>Username</b></td></tr>";
foreach($file as $log) {
$log = explode("|", $log);
echo "<tr><td align=\"center\">".date("H:i:s d/m/Y",$log[0])."</td><td align=\"center\">$log[1]</td><td align=\"center\">$log[2]</td></tr>";
}
} else echo "<h2 align=\"center\">$GLOBALS[log_file_empty]</h2>";
echo "</table><form method=\"post\" name=\"back\"><input type=\"hidden\" name=\"username\" value=\"$GLOBALS[username]\">
<input type=\"hidden\" name=\"password\" value=\"$GLOBALS[password]\">
<input type=\"hidden\" name=\"cmd\">
<h3 align=\"center\"><a href=\"\" Onclick=\"document.back.submit(); return false;\">Back</a></h3></form>";
}
function clear_log() {
// Clears the log file.
$fd = @fopen($GLOBALS[log_file], "w");
fclose($fd);
echo "<h4 align=\"center\"><i>$GLOBALS[log_file_cleared]</i></h4>";
}
function print_login($username='') {
// Prints the logon.
echo "
<h2 align=\"center\"><i>User Administration</i></h2>
<form method=\"post\" action=\"$GLOBALS[SCRIPT_NAME]\">
<table align=\"center\">
<tr><td>Username:</td><td><input type=\"text\" name=\"username\" value=\"$username\"></td></tr>
<tr><td>Password:</td><td><input type=\"password\" name=\"password\"></td></tr>
<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"Login\"></td></tr>
</table>
</form>";
}
?>
</body>
</html>