Location: PHPKode > projects > Open ShareLive > F3-OSL-pre_alpha-2005_05_30/users.php
<?php 
/******************************************************************************
*
*    Open ShareLive (main site code)
*    Copyright (C) 2002-2005  ShareLive
*
*    This program is free software; you can redistribute it and/or
*    modify it under the terms of the GNU General Public License
*    as published by the Free Software Foundation; either version 2
*    of the License, or (at your option) any later version.
*
*    This program is distributed in the hope that it will be useful,
*    but WITHOUT ANY WARRANTY; without even the implied warranty of
*    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*    GNU General Public License for more details.
*
*    You should have received a copy of the GNU General Public License
*    along with this program; if not, write to the Free Software
*    Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
*
******************************************************************************/

include('tmpl_top.php'); 
if (!$is_admin) {
		echo "<h2>Permission Denied</h2>\nno permission... please log in as admin";
		include('tmpl_foot.php');
		exit();
	}
?>
<h1>User Management</h1>
<b>Search for a user:</b><br>
<form method="POST" action="users.php">
  <p><input type="text" name="T1" size="20"><input type="submit" value="Submit" name="B1"></p>
  <input type="hidden" name="action" value="search">
</form>
<br>
<?php

// EDIT
if($_GET['action']=="edit"){
echo "<hr><br>";

$r=mysql_query("SELECT * FROM `sl_users` WHERE `username` = '".$_GET['username']."'");


$row = mysql_fetch_array($r);
		
if (mysql_num_rows($r)) {
?>
<form method="POST" action="users.php">
<?
echo "<b>Username:</b> <input type=\"text\" name=\"username2\" size=\"20\" value=\"".$row[1]."\"><br>";
echo "<b>Password:</b> <input type=\"password\" name=\"password\" size=\"20\"><br>";
echo "<b>E-mail Address:</b> <input type=\"text\" name=\"e-mail_address\" size=\"20\" value=\"".$row[5]."\"><br>";
echo "<b>Website:</b> <input type=\"text\" name=\"website\" size=\"20\" value=\"".$row[6]."\"><br>";
if ($row[18]=="1"){
$tote="CHECKED";
} else {
$tote="";
}
echo "<input type=\"checkbox\" name=\"C1\" value=\"ON\" ".$tote."> <b>Verified User</b>";
echo "<input type=\"hidden\" name=\"username\" value=\"".$_GET['username']."\">";
?>
<input type="hidden" name="action" value="update">
<input type="submit" value="Submit" name="B1">
</form>
<?
//password=2
//email=address5
//website=6
//verified_user=18

} else {
echo "No such user...<br>";
}
}
// UPDATE
if($_POST['action']=="update"){
echo "<hr><br>";
echo "Updated:<Br><br>";
$sqlstring="UPDATE sl_users SET ";
if($_POST['username2']!=""){
	echo "Username = ".$_POST['username2']."<br>";
	$sqlstring=$sqlstring."username='".$_POST['username2']."', ";
}
echo "Username = ".$_POST['username']."<br>";

if($_POST['password']!=""){
	echo "Password = ".$_POST['password']."<br>";
	$sqlstring=$sqlstring."password=MD5('".$_POST['password']."'), ";
}
if($_POST['email_address']!=""){
	echo "E-mail address = ".$_POST['e-mail_address']."<br>";
	$sqlstring=$sqlstring."email_address='".$_POST['email_address']."', ";
}
if($_POST['website']!=""){

echo "Website = ".$_POST['website']."<br>";
	$sqlstring=$sqlstring."website='".$_POST['website']."', ";
}
if ($_POST['C1']) {
echo "Verified = Yes<br><br>";
$sqlstring=$sqlstring."verified_user='1'";
} else {
$sqlstring=$sqlstring."verified_user='1'";
echo "Verified = No<br><br>";
}
$sqlstring=$sqlstring." WHERE username = '".$_POST['username']."'";
$r=mysql_query($sqlstring);
$j=mysql_affected_rows();
echo $j." rows altered.";

}


// SEARCH

if($_POST['action']=="search"){
echo "<hr><br>";
$r=mysql_query("SELECT * FROM `sl_users` WHERE `username` = '".$_POST['T1']."' ORDER BY `username` ASC LIMIT 0, 100");
$q=mysql_query("SELECT * FROM `sl_users` WHERE `username` LIKE '%".$_POST['T1']."%' ORDER BY `username` ASC LIMIT 0, 100");
if ($q && mysql_num_rows($q)) {
if (mysql_num_rows($q)==100) {
echo "More than 100 results were returned! Please restrict your search.<br><br>";
}
while ($row = mysql_fetch_array($r)) {
		
	echo $row[1]; 
	if ($is_super_admin) {
		
		?> - [<a href="users.php?action=edit&username=<?php echo $row[1]; ?>">Edit</a>]<br>
	
    <?php	} else {
	echo "<br>";
	}
  			}
		while ($row = mysql_fetch_array($q)) {
		
	echo $row[1]; 
	if ($is_super_admin) {
		
		?> - [<a href="users.php?action=edit&username=<?php echo $row[1]; ?>">Edit</a>]<br>
	
    <?php	} else {
	echo "<br>";
	}
  			}
		} else {
		echo "No matches.";
}
echo "<br>";
}
?>
<?php include('tmpl_foot.php'); ?>
Return current item: Open ShareLive