<?php
// *** Safety line ***
if (!defined('ADMIN_PAGE')){ exit; }
echo '<h1 align=center>'.$language["user_name"].'</h1>';
if (isset($_POST['wijzig'])){
$usersql="SELECT * FROM humo_users ORDER BY user_name";
$user=mysql_query($usersql,$db);
while ($userDb=mysql_fetch_object($user)){
$username=$_POST[$userDb->user_id."username"];
//if (!$_POST[$userDb->user_id."username"]){
if ($_POST[$userDb->user_id."username"]==""){
$username='GEEN NAAM / NO NAME';
}
$sql="UPDATE humo_users SET user_name='".$username;
if (isset($_POST[$userDb->user_id."password"]) AND $_POST[$userDb->user_id."password"]){
$sql=$sql."', user_password='".MD5($_POST[$userDb->user_id."password"]);
}
$sql=$sql."', user_group_id='".$_POST[$userDb->user_id."group_id"];
$sql=$sql."' WHERE user_id=".$_POST[$userDb->user_id."user_id"];
$result=mysql_query($sql) or die(mysql_error());
}
}
if (isset($_POST['voegtoe'])){
$sql="INSERT INTO humo_users SET user_name='".$_POST["add_username"];
$sql=$sql."' , user_password='".MD5($_POST["add_password"]);
$sql=$sql."' , user_group_id='".$_POST["add_group_id"];
$sql=$sql."';";
$result=mysql_query($sql) or die(mysql_error());
}
// *** Gebruikers ***
echo $language["user_dutchwords_explanation"];
echo "<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."\">\n";
echo '<input type="hidden" name="page" value="'.$page.'">';
echo '<br><table class="humo standaard" border="1">';
echo '<tr class="tabel_kop"><th>'.$language["user_user"].'</th>';
echo '<th>'.$language["user_changepassw"].'</th>';
echo '<th>'.$language["user_usergroup"].'</th>';
echo '<th>'.$language["admin_change"].'</th></tr>';
$usersql="SELECT * FROM humo_users ORDER BY user_name";
$user=mysql_query($usersql,$db);
while ($userDb=mysql_fetch_object($user)){
print '<tr align="center"><td>';
print '<input type="hidden" name="'.$userDb->user_id.'user_id" value="'.$userDb->user_id.'">';
//username "gast" mag niet gewijzigd worden.
if ($userDb->user_name=='gast'){
print '<input type="hidden" name="'.$userDb->user_id.'username" value="'.$userDb->user_name.'">';
echo '<b>'.$userDb->user_name.'</b></td>';
print '<td><b>'.$language["user_noneedtolog"].'</b>';
}
else{
print '<input type="text" name="'.$userDb->user_id.'username" value="'.$userDb->user_name.'" size="20"></td>';
print '<td><input type="password" name="'.$userDb->user_id.'password" size="20">';
}
echo '</td>';
//*** Gebruikersgroepen ***
if ($userDb->user_id=='1'){ //1e gebruiker MOET beheerder zijn.
print '<td><input type="hidden" name="'.$userDb->user_id.'group_id" value="1"><b>beheer</b></td>';
}
else{
$groepsql="SELECT * FROM humo_groups";
$groepresult=mysql_query($groepsql,$db);
print '<td><select size="1" name="'.$userDb->user_id.'group_id">';
while ($groepDb=mysql_fetch_object($groepresult)){
if ($userDb->user_group_id==$groepDb->group_id){
echo "<option value='".$groepDb->group_id."' SELECTED>".$groepDb->group_name."</option>";
}
else{
echo "<option value='".$groepDb->group_id."'>".$groepDb->group_name."</option>";
}
}
print "</select></td>";
}
print '<td><input type="Submit" name="wijzig" value="'.$language["admin_change"].'"></td>';
print "</tr>\n";
}
// *** Add user ***
print '<tr align="center" bgcolor="green"><td>';
echo '<input type="text" name="add_username" size="10"></td>';
print '<td><input type="password" name="add_password" size="20"></td>';
// *** Select group for new user ***
$groepsql="SELECT * FROM humo_groups";
$groepresult=mysql_query($groepsql,$db);
print "<td><select size='1' name='add_group_id'>";
while ($groepDb=mysql_fetch_object($groepresult)){
echo "<option value='".$groepDb->group_id."'>".$groepDb->group_name."</option>";
}
print "</select></td>";
print '<td><input type="Submit" name="voegtoe" value="'.$language["admin_add"].'"></td>';
print '</tr>';
echo '</table>';
print '</form>';
?>