Location: PHPKode > projects > eqEpic > eqEpic0.7.8/secdelete.php
<?php 
/******************************************************************************
* secdelete.php                                                               *
* Delete Users                                                                *
* See readme.txt for additional information                                   *
*******************************************************************************
* eqEpic - The Epic Raid Manager                                              *
* Open-Source Project By Ryan Christenson                                     *
* =========================================================================== *
* Software Version:           eqEpic 0.7.8                                    *
* Software by:                The RSWR Network (http://www.rswr.net)          *
* Copyright 2006-2007 by:     Ryan Christenson (http://www.rswr.net)          *
* Support, News, Updates at:  http://forum.rswr.net/                          *
*******************************************************************************
* This program is free software; you can redistribute it and/or modify        *
* it under the terms of the GNU General Public License as published by        *
* the Free Software Foundation; either version 2 of the License, or           *
* (at your option) any later version.                                         *
*                                                                             *
* This program is distributed in the hope that it will be useful,             *
* but WITHOUT ANY WARRANTY; without even the implied warranty of              *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               *
* GNU General Public License for more details.                                *
*                                                                             *
* You should have received a copy of the GNU General Public License           *
* along with DownloadCounter; if not, write to the Free Software              *
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA   *
******************************************************************************/
session_start();
ob_start();
?>
<?php
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // Always modified
header("Cache-Control: private, no-store, no-cache, must-revalidate"); // HTTP/1.1 
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache"); // HTTP/1.0
?>
<?php include ("ewconfig.php") ?>
<?php include ("db.php") ?>
<?php include ("secinfo.php") ?>
<?php include ("advsecu.php") ?>
<?php include ("phpmkrfn.php") ?>
<?php
if (!IsLoggedIn() && (@$_COOKIE[ewCookieAutoLogin] == "autologin" && @$_COOKIE[ewCookiePassword] <> "")) {
	ob_end_clean();
	header("Location: login.php");
	exit();
}
LoadUserLevel();
$ewCurSec = (IsLoggedIn())? CurrentUserLevelPriv("sec") : GetAnonymousPriv("sec");	
if (($ewCurSec & ewAllowDelete) <> ewAllowDelete) {
	ob_end_clean();
	header("Location: seclist.php");
	exit();
}
if (IsLoggedIn() && CurrentUserID() == "") {
	ob_end_clean();
	header("Location: login.php");
	exit();
}
?>
<?php

// Initialize common variables
$x_id = NULL;
$ox_id = NULL;
$z_id = NULL;
$ar_x_id = NULL;
$ari_x_id = NULL;
$x_idList = NULL;
$x_idChk = NULL;
$cbo_x_id_js = NULL;
$x_user = NULL;
$ox_user = NULL;
$z_user = NULL;
$ar_x_user = NULL;
$ari_x_user = NULL;
$x_userList = NULL;
$x_userChk = NULL;
$cbo_x_user_js = NULL;
$x_pass = NULL;
$ox_pass = NULL;
$z_pass = NULL;
$ar_x_pass = NULL;
$ari_x_pass = NULL;
$x_passList = NULL;
$x_passChk = NULL;
$cbo_x_pass_js = NULL;
$x_email = NULL;
$ox_email = NULL;
$z_email = NULL;
$ar_x_email = NULL;
$ari_x_email = NULL;
$x_emailList = NULL;
$x_emailChk = NULL;
$cbo_x_email_js = NULL;
$x_UserLevel = NULL;
$ox_UserLevel = NULL;
$z_UserLevel = NULL;
$ar_x_UserLevel = NULL;
$ari_x_UserLevel = NULL;
$x_UserLevelList = NULL;
$x_UserLevelChk = NULL;
$cbo_x_UserLevel_js = NULL;
?>
<?php
$arRecKey = NULL;

// Load key parameters
$sKey = "";
$bSingleDelete = true;
$x_id = @$_GET["id"];
if (($x_id == "") || (is_null($x_id))) {
	$bSingleDelete = false;
} else {
	if ($sKey <> "") $sKey .= ",";
	$sKey .= $x_id;
	if (!is_numeric($x_id)) {
		ob_end_clean();
		header("Location: seclist.php");
		exit();
	}
}
if (!$bSingleDelete) $sKey = @$_POST["key_d"];
if (!is_array($sKey)) {
 if (strlen($sKey) > 0) $arRecKey = split(",", $sKey);
} else {
 $sKey = implode(",", $sKey);
 $arRecKey = split(",", $sKey);
}
if (count($arRecKey) <= 0) {
	ob_end_clean();
	header("Location: seclist.php");
	exit();
}
$sKey = implode(",", $arRecKey);
$i = 0;
$sDbWhere = "";
while ($i < count($arRecKey)) {
	$sDbWhere .= "(";

	// Remove spaces
	$sRecKey = trim($arRecKey[$i+0]);
	$sRecKey = (!get_magic_quotes_gpc()) ? addslashes($sRecKey) : $sRecKey ;

	// Build the SQL
	$sDbWhere .= "`id`=" . $sRecKey . " AND ";
	if (substr($sDbWhere, -5) == " AND ") { $sDbWhere = substr($sDbWhere, 0, strlen($sDbWhere)-5) . ") OR "; }
	$i += 1;
}
if (substr($sDbWhere, -4) == " OR ") { $sDbWhere = substr($sDbWhere, 0 , strlen($sDbWhere)-4); }

// Get action
$sAction = @$_POST["a_delete"];
if (($sAction == "") || ((is_null($sAction)))) {
	$sAction = "I";	// Display record
}
$conn = phpmkr_db_connect(HOST, USER, PASS, DB, PORT);
switch ($sAction) {
	case "I": // Display
		if (LoadRecordCount($sDbWhere,$conn) <= 0) {
			phpmkr_db_close($conn);
			ob_end_clean();
			header("Location: seclist.php");
			exit();
		}
		break;
	case "D": // Delete
		if (DeleteData($sDbWhere,$conn)) {
			$_SESSION[ewSessionMessage] = "User Deleted Successfully";
			phpmkr_db_close($conn);
			ob_end_clean();
			header("Location: seclist.php");
			exit();
		}
		break;
}
?>
<?php include ("sources/header.php") ?>
<p><span class="ewmsg">Confirm Deletion</span></p>
<form action="secdelete.php" method="post">
<p>
<input type="hidden" name="a_delete" value="D" />
<?php $sKey = (get_magic_quotes_gpc()) ? stripslashes($sKey) : $sKey; ?>
<input type="hidden" name="key_d" value="<?php echo htmlspecialchars($sKey); ?>" />
<table class="ewTable">
	<tr class="ewTableHeader">
		<td valign="top">ID</td>
		<td valign="top">User</td>
		<td valign="top">Pass</td>
		<td valign="top">E-mail</td>
		<td valign="top">User Level</td>
	</tr>
<?php
$nRecCount = 0;
$i = 0;
while ($i < count($arRecKey)) {
	$nRecCount++;

	// Set row color
	$sItemRowClass = " class=\"ewTableRow\"";

	// Display alternate color for rows
	if ($nRecCount % 2 <> 0) {
		$sItemRowClass = " class=\"ewTableAltRow\"";
	}
	$sRecKey = trim($arRecKey[$i+0]);
	$sRecKey = (get_magic_quotes_gpc()) ? stripslashes($sRecKey) : $sRecKey;
	$x_id = $sRecKey;
	if (!is_numeric($x_id)) {
		ob_end_clean();
		header("Location: seclist.php");
		exit();
	}
	if (LoadData($conn)) {
?>
	<tr<?php echo $sItemRowClass;?>>
		<td><?php echo $x_id; ?></td>
		<td><?php echo $x_user; ?></td>
		<td><?php echo $x_pass; ?></td>
		<td><?php echo $x_email; ?></td>
		<td>
<?php if (($ewCurSec & ewAllowAdmin) == ewAllowAdmin) { // System admin ?>
<?php
switch ($x_UserLevel) {
	case "-1":
		$sTmp = "Administrator";
		break;
	case "0":
		$sTmp = "Anonymous";
		break;
	case "1":
		$sTmp = "Normal";
		break;
	default:
		$sTmp = "";
}
$ox_UserLevel = $x_UserLevel; // Backup original value
$x_UserLevel = $sTmp;
?>
<?php echo $x_UserLevel; ?>
<?php $x_UserLevel = $ox_UserLevel; // Restore original value ?>
<?php } else {?>
********
<?php } ?>
</td>
	</tr>
<?php
	}
	$i += 1;
}
?>
</table>
<p>
<input type="submit" name="Action" value="CONFIRM DELETE" class="button" />
</form>
<?php include ("footer.php") ?>
<?php

//-------------------------------------------------------------------------------
// Function LoadData
// - Variables setup: field variables

function LoadData($conn)
{
	global $x_id;
	$sFilter = ewSqlKeyWhere;
	if (!is_numeric($x_id)) return false;
	$x_id =  (get_magic_quotes_gpc()) ? stripslashes($x_id) : $x_id;
	$sFilter = str_replace("@id", AdjustSql($x_id), $sFilter); // Replace key value
	if ((CurrentUserID() <> "-1") && (CurrentUserID() <> "")) {

	//$sFilter .= " AND " . str_replace("#UserID", AdjustSql(CurrentuserID()), ewSqlUserIDFilter);
	$sFilter .= " AND " . ewSqlUserIDFilter;
	$sFilter = str_replace("#Key", "`user`", $sFilter);
	$sFilter = str_replace("#UserID", AdjustSql(CurrentUserID()), $sFilter);
	}
	$sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, $sFilter, "");
	$rs = phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br />SQL: ' . $sSql);
	if (phpmkr_num_rows($rs) == 0) {
		$bLoadData = false;
	} else {
		$bLoadData = true;
		$row = phpmkr_fetch_array($rs);

		// Get the field contents
		$GLOBALS["x_id"] = $row["id"];
		$GLOBALS["x_user"] = $row["user"];
		$GLOBALS["x_pass"] = $row["pass"];
		$GLOBALS["x_email"] = $row["email"];
		$GLOBALS["x_UserLevel"] = $row["UserLevel"];
	}
	phpmkr_free_result($rs);
	return $bLoadData;
}
?>
<?php

//-------------------------------------------------------------------------------
// Function LoadRecordCount
// - Load Record Count based on input sql criteria sqlKey

function LoadRecordCount($sqlKey, $conn)
{
	global $x_id;
	$sFilter = $sqlKey;
	if ((CurrentUserID() <> -1) && (CurrentUserID() <> "")) { // Non system admin

		//$sFilter .= " AND " . str_replace("#UserID", AdjustSql(CurrentUserID()), ewSqlUserIDFilter);
		$sFilter .= " AND " . ewSqlUserIDFilter;
		$sFilter = str_replace("#Key", "`user`", $sFilter);
		$sFilter = str_replace("#UserID", AdjustSql(CurrentUserID()), $sFilter);
	}
	$sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, $sFilter, "");	
	$rs = phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br />SQL: ' . $sSql);
	return phpmkr_num_rows($rs);
	phpmkr_free_result($rs);
}

//-------------------------------------------------------------------------------
// Function DeleteData
// - Delete Records based on input sql criteria sqlKey

function DeleteData($sqlKey, $conn)
{
	global $x_id;
	$sFilter = $sqlKey;
	if ((CurrentUserID() <> "-1") && (CurrentUserID() <> "")) { // Non system admin

	//$sFilter .= " AND " . str_replace("#UserID", AdjustSql(CurrentUserID()), ewSqlUserIDFilter);
	$sFilter .= " AND " . ewSqlUserIDFilter;
	$sFilter = str_replace("#Key", "`user`", $sFilter);
	$sFilter = str_replace("#UserID", AdjustSql(CurrentUserID()), $sFilter);
	}

	// Backup the record before delete
	$sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, $sFilter, "");
	$query = phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br />SQL: ' . $sSql);
	while ($temp = phpmkr_fetch_array($query)) {
		$oldrs[] = $temp;
	}

	// Delete
	$sSql = "DELETE FROM `sec`";
	$sWhere = "";
	if ($sFilter <> "") {
		if ($sWhere <> "") $sWhere .= " AND ";
		$sWhere .= $sFilter;
	}
	if ($sWhere <> "") {
		$sSql .= " WHERE " . $sWhere;
	}

	// Deleting event
	if (Recordset_Deleting($oldrs)) {
		phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br />SQL: ' . $sSql);
		$result = (phpmkr_affected_rows($conn) > 0);

		// Deleted event
		if ($result) Recordset_Deleted($oldrs);
	} else {
		$result = false;
	}
	return $result;
}

// Deleting event
function Recordset_Deleting($oldrs)
{

	// Enter your customized codes here
	return true;
}

// Deleted event
function Recordset_Deleted($oldrs)
{
	$table = "sec";
}
?>
Return current item: eqEpic