Location: PHPKode > projects > Exero CMS > upload/admin/users.php
<?
/*========================================*\
| Exero CMS                                |
|==========================================|
|          http://ecms.getox.net           |
|https://sourceforge.net/projects/exerocms/|
|==========================================|
|     Exero CMS is released under the      |
|     GNU General Public License (GPL)     |
| opensource.org/licenses/gpl-license.php  |
\*========================================*/

require("global.php");
if(!checkadminsession()) {
	print_login();
	exit;
}

if(!adminpermissions("manageusers")) {
	print_no_permission();
	exit;
}

if($_REQUEST['do'] == "") {
	print_cp_header("Manage Users");
	
	print_table_header("Users","2",'',"1");
	print_multicol_row(array("User[align:left]"=>"","Options[align:right]"=>"140"),"optiontitle");
	$getusers = $db->query("SELECT * FROM ".TABLE_PREFIX."users ORDER BY uid ASC");
	while($userinfo = $db->fetch_array($getusers)) {
		print_multicol_row(array($userinfo['username']."[align:left]"=>"","<a href=\"users.php?do=edit&user=".$userinfo['uid']."\">Edit</a>, <a href=\"users.php?do=delete&user=".$userinfo['uid']."\">Delete</a>[align:right]"=>"140"));
	}
	print_table_footer();
		
	print_cp_footer();
} else if($_REQUEST['do'] == "edit") {
	$save = 0;
	$error = array();
	if($_POST['action'] == "submit") {
		$save = 1;
		if(empty($_POST['username'])) {
			$error[] = "Username cannot be blank";
			$save = 0;
			$showerror = 1;
		} else {
			$checkusername = $db->num_rows($db->query("SELECT * FROM ".TABLE_PREFIX."users WHERE username='".$db->real_escape_string($_POST['username'])."' AND uid!='".$db->real_escape_string($_POST['userid'])."' LIMIT 1"));
			if($checkusername == "1") {
				$error[] = "Username already in use";
				$showerror = 1;
				$save = 0;
			}
		}
	}
	if(!$save) {
		print_cp_header("Edit User");
		
		if($showerror) {
			print_error($error);
		}
		if(isset($_POST['userid'])) {
			$id = $_POST['userid'];
		} else {
			$id = $_REQUEST['user'];
		}
		$userinfo = $db->query_first("SELECT * FROM ".TABLE_PREFIX."users WHERE uid='".$db->real_escape_string($id)."' LIMIT 1");
		
		print_form_header("users.php?do=edit","edit");
		print_form_hiddenfield("action","submit");
		print_form_hiddenfield("userid",$userinfo['uid']);
		print_table_header("User Information","2",'',"0");
		print_form_textbox("Username","username",$userinfo['username']);
		print_form_textbox("Email","email",$userinfo['email']);
		print_table_optiontitle("Group Settings",'',"2");
		print_form_select("User Group","groupid",'',grouparray(),$userinfo['groupid']);
		print_form_textbox("User Title","usertitle",$userinfo['usertitle']);
		print_table_optiontitle("Misc. Information",'',"2");
		print_form_textarea("Signature","signature",$userinfo['signature'],"5","5");
		print_form_submit("Submit","2","0");
		print_table_footer();
		print_form_footer();
		
		print_cp_footer();
	} else {
		$db->query("UPDATE ".TABLE_PREFIX."users SET
		username='".$db->real_escape_string($_POST['username'])."',
		email='".$db->real_escape_string($_POST['email'])."',
		groupid='".$db->real_escape_string($_POST['groupid'])."',
		usertitle='".$db->real_escape_string($_POST['usertitle'])."',
		signature='".$db->real_escape_string($_POST['signature'])."'
		WHERE uid='".$db->real_escape_string($_POST['userid'])."'
		");
		print_redirect("users.php","User Saved","User Saved.");
	}
} else if($_REQUEST['do'] == "delete") {
	$db->query("DELETE FROM ".TABLE_PREFIX."users WHERE uid='".$db->real_escape_string($_REQUEST['user'])."'");
	print_redirect("users.php","User Deleted","User Deleted.");
}
?>
Return current item: Exero CMS