<?php
session_start();
require "config.php";
if(isset($_POST[adminuser]))
{
if($_POST[adminuser] != $adminuser)
{
header('Location: error.php');
}
elseif($_POST[adminpass] != $adminpass)
{
header('Location: error.php');
}
else
{
$_SESSION[login] = true;
}
}
elseif($_SESSION[login] != true)
{
header('Location: index.php');
}
if($_GET[id] == cerrar)
{
session_unset();
session_destroy();
header('Location: index.php');
}
if($_GET[form] == agregar)
{
$adddep = mysql_query("INSERT into departamentos(id,departamento,staff) VALUES ('','$_POST[departamentoagrega]','')");
header('Location: admin.php?id=departamento&from=complete');
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<script>
function enviar()
{
document.departamentoselect.submit();
}
function mostrar(name) {
div = document.getElementById(name);
div.style.display = '';
if(typeof (actual) != "undefined")
{
cerrar(actual);
}
}
function cerrar(name) {
div = document.getElementById(name);
if(div.style.display != 'none')
{
div.style.display='none';
}
}
</script>
<title>Support Center - <?php echo $titulo; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><!-- default stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="index_files/index.css">
<style type="text/css">
<!--
body {
background-image: url();
margin-top: 0px;
margin-bottom: 0px;
}
-->
</style>
<link rel="stylesheet" href="index_files/style.css" type="text/css">
<!-- default javascript -->
<script language="Javascript">
</script>
<script language="Javascript" src="index_files/basejs.js" type="text/javascript"></script>
<style type="text/css">
<!--
.Estilo1 {
color: #006600;
font-style: italic;
font-weight: bold;
}
.Estilo3 {font-weight: bold; color: #006600;}
.Estilo15 {font-size: 9}
.Estilo16 {font-size: 9px}
.Estilo20 {color: #FF0000}
.Estilo18 {color: #FF0000; font-weight: bold; }
.Estilo21 {color: #000000}
.Estilo22 {font-size: 12px}
.Estilo23 {color: #000099}
-->
</style>
</head>
</html>
<html>
<head>
</head>
<body>
<center>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="780">
<tbody>
<tr>
<td style="background-image: url();" valign="top"><table align="center" border="0" cellpadding="0" cellspacing="0" width="750">
<tbody>
<tr>
<td><table width="750" border="0" align="center" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td><table width="100%" border="0" cellpadding="3" cellspacing="0" background="index_files/button-right.jpg">
<tbody>
<tr>
<td class="smalltext" align="left" valign="top"><b><font color="#707070"><a href="index.php" id="navlink"></a>Support Center <img src="login_files/blueblockarrow.gif" width="8" height="8"> Administration <img src="login_files/blueblockarrow.gif" width="8" height="8"> <a href="admin.php">Panel</a> </font></b></td>
</tr>
</tbody>
</table></td>
</tr>
</tbody>
</table></td>
</tr>
<tr>
<td><table width="748">
<tr>
<td><div align="center">
<p><img src="panel.png" width="128" height="128"></p>
<p><span class="Estilo1">Welcome to the Administration Panel </span><span class="Estilo3"></span> (<a href="admin.php?id=cerrar">Close Session</a>) </p>
</div></td>
</tr></table>
<table width="210" height="50" border="0" align="center">
<tr>
<td width="49"><div align="center"><a href="admin.php?id=users"><img src="user.png" width="32" height="32" border="0"></a></div></td>
<td width="49"><div align="center"><a href="admin.php?id=staff"><img src="staff.png" width="32" height="32" border="0"></a></div></td>
<td width="49"><div align="center"><a href="admin.php?id=articulo"><img src="note_edit.jpg" width="32" height="32" border="0"></a></div></td>
<td width="49"><div align="center"><a href="admin.php?id=departamentos"><img src="note_edit.jpg" width="32" height="32" border="0"></a></div></td>
</tr>
<tr>
<td><div align="center"><a href="admin.php?id=users">Users</a></div></td>
<td><div align="center"><a href="admin.php?id=staff">Staff</a></div></td>
<td><div align="center"><a href="admin.php?id=articulo">Articles</a></div></td>
<td><div align="center"><a href="admin.php?id=departamentos">Depart.</a></div></td>
</tr>
</table>
<?php
if($_GET[id] == "users")
{
?>
<table width="661" height="208">
<tr>
<td width="97" height="204">
<table width="101" height="126">
<tr>
<td height="34"><div align="center"><img src="seach.png" width="32" height="32"><br>
<a href="javascript:mostrar('seach');var actual = 'seach';">Find User </a> </div></td>
</tr>
<tr>
<td height="41"><div align="center"><img src="no.png" width="32" height="32"><br>
<a href="javascript:mostrar('baneoip');var actual = 'baneoip';">Delete User </a></div></td>
</tr>
</table> </td>
<td width="552">
<label>
<div align="center" id="seach" style="display:none;">
<table width="441" height="126">
<tr>
<td height="34"><div align="center"><img src="seach.png"></div></td>
</tr>
<tr> </tr>
</table>
<table class="tborder" border="0" cellpadding="0" cellspacing="0" width="100%">
<!-- BEGIN LOGIN BOX -->
<tbody>
<tr class="tcat"> </tr>
</tbody>
<!-- BEGIN LOGIN BOX -->
<tbody>
<tr class="tcat">
<td align="left" width="1"><img src="index_files/space.gif" height="21" width="1"></td>
<td align="left" width="8"><img src="index_files/blockarrow.gif" height="8" width="8"></td>
<td align="right" width="25"> </td>
</tr>
<tr>
<td colspan="4" bgcolor="#f5f5f5"><table border="0" cellpadding="2" cellspacing="1" width="100%">
<tbody>
<tr>
<td class="smalltext" width="46%">
<label>
</label> </td>
</tr>
</tbody>
</table>
<script language="Javascript">
document.loginform.loginemail.focus();
</script></td>
</tr>
<!-- END LOGIN BOX -->
<tr class="borderrow1">
<td colspan="4" align="left" height="1"><img src="index_files/space.gif" height="1" width="1"></td>
</tr>
<tr> </tr>
</tbody>
<tbody>
<tr class="tcat">
<td align="left" width="1"><img src="index_files/space.gif" height="21" width="1"></td>
<td align="left" width="8"><img src="index_files/blockarrow.gif" height="8" width="8"></td>
<td width="169" align="left" valign="middle"> <img src="clipboard.gif" width="16" height="16"> Mostrar Tickets </td>
<td align="right" width="25"> </td>
</tr>
<tr>
<td colspan="4" bgcolor="#f5f5f5"><table border="0" cellpadding="2" cellspacing="1" width="100%">
<tbody>
<tr>
<td class="smalltext" width="46%"><label>
</label></td>
</tr>
</tbody>
</table>
<script language="Javascript">
document.loginform.loginemail.focus();
</script></td>
</tr>
<!-- END LOGIN BOX -->
<tr class="borderrow1">
<td colspan="4" align="left" height="1"><img src="index_files/space.gif" height="1" width="1"></td>
</tr>
<tr> </tr>
</tbody>
</table>
<table width="441" height="126">
<tr>
<td height="41"><p align="center"><strong>Find User:
</strong></p>
<form name="form1" method="post" action="busca.php">
<div align="center">
<input name="usuariobusca" type="text" id="usuariobusca">
</p>
<label>
*<br><input type="submit" name="Submit2" value="Buscar">
</label>
</div>
</form></td>
</tr>
<tr>
<td height="41"><p>Find information about an user (name, correo, tickets). </p>
<p>*Users's Email. </p></td>
</tr>
</table>
</div>
<div align="center" id="baneoip" style="display:none;">
<table width="441" height="126">
<tr>
<td height="34"><div align="center"><img src="no.png"></div></td>
</tr>
<tr>
<td height="41"><p align="center"><strong>Delete User: </strong></p>
<form name="form1" method="post" action="borrar.php">
<div align="center">
<input type="text" name="borrar">
*<br>
</p>
<input type="submit" name="Submit" value="Buscar">
</div>
</form></td>
</tr>
<tr>
<td height="41"><p></p>
<p>*User's Email.</p></td>
</tr>
</table>
</div>
<p> </p>
<p> </p></td>
</tr>
</table>
<p>
<?php } ?>
</p>
<p>
<?php
if($_GET[id] == "staff")
{
?>
</p>
<table width="759" height="208">
<tr>
<td width="97" height="204"><table width="101" height="90">
<tr>
<td height="34"><div align="center"><img src="seach.png" width="32" height="32"><br>
<a href="javascript:mostrar('listado');var actual = 'listado';">List Staff Users </a> </div></td>
</tr>
<tr>
<td height="41"><div align="center"><img src="si.png" width="32" height="32"><br>
<a href="javascript:mostrar('agregarstaff');var actual = 'agregarstaff';">Add Staff User </a></div></td>
</tr>
<tr>
<td height="41"><div align="center"><img src="no.png" width="32" height="32"><br>
<a href="javascript:mostrar('borrarstaff');var actual = 'borrarstaff';">Delete Staff User </a></div></td>
</tr>
</table></td>
<td width="552"><label>
<div id="agregarstaff" style="display:none">
<table width="441" height="126" align="center">
<tr>
<td height="34"><div align="center"><img src="si.png" width="32" height="32"></div></td>
</tr>
<tr>
<td height="41"><p align="center"><strong>Add new Staff User: </strong></p>
<form name="form1" method="post" action="staffadmin.php?id=agregar">
<div align="center">
<p>Name:
<input type="text" name="nombre">
*<br>
E-Mail:
<input type="text" name="email">
* <br>
<input type="checkbox" name="articulos" value="checkbox">
Allow articles publication<br>
<input type="checkbox" name="baneo" value="checkbox">
Allow Delete Users <br>
<strong>Allowed departments:</strong>
<br>
<?php
$busquedadepartamentos=mysql_query("SELECT * FROM departamentos");
while($departamento=mysql_fetch_array($busquedadepartamentos))
{
?><input type="checkbox" name="<?php echo $departamento[departamento]; ?>">
<?php echo $departamento[departamento]; ?>
<?php
}
?> </p>
<input type="submit" name="Submit4" value="Agregar">
</p>
</div>
</form></td>
</tr>
<tr>
<td height="41"><p></p>
<p align="center">*Complete all the fields. The user and password will be generate automatically. </p></td>
</tr>
</table></div>
<div id="borrarstaff" style="display:none"><table width="441" height="126" align="center">
<tr>
<td height="34"><div align="center"><img src="no.png" width="32" height="32"></div></td>
</tr>
<tr>
<td height="41"><p align="center"><strong>Delete Staff Users: </strong></p>
<form name="form1" method="post" action="staffadmin.php?id=borrar">
<div align="center">
<p>Username:
<input type="text" name="nombre">
* </p>
<input type="submit" name="Submit4" value="Borrar">
</p>
</div>
</form></td>
</tr>
<tr>
<td height="41"><p></p>
<p align="center">*Write the staff username. (Like: staff32) </p></td>
</tr>
</table></div>
<div id="listado" style="display:none"><table width="718" height="69" border="0" align="center" cellpadding="3" cellspacing="1">
<tbody>
<tr class="tabletitlerow" title="" onMouseOver="" onMouseOut="" onClick="" id="" style="" height="">
<td width="107" height="19" colspan="" align="center" valign="middle" class="tabletitlerow">Last connection </td>
<td width="147" colspan="" align="center" valign="middle" class="tabletitlerow">Name </td>
<td width="205" colspan="" align="center" valign="middle" class="tabletitlerow">Email</td>
<td width="129" align="center" valign="middle" class="tabletitlerow">User</td>
<td width="129" align="center" valign="middle" class="tabletitlerow">Password</td>
</tr>
<?php
$buscarstaff=mysql_query("select * from staff");
while ($staff=mysql_fetch_array($buscarstaff))
{
?>
<tr class="row1" onMouseOver="this.className='rowhighlight';" onMouseOut="this.className='row1';">
<td height="47" align="center" valign="middle"><span class="Estilo15"><?php echo $staff['ultima']; ?></span></td>
<td align="center" valign="middle"><span class="Estilo16"><?php echo $staff['name']; ?></span></td>
<td align="center" valign="middle"><span class="Estilo16"><?php echo $staff['email']; ?></span></td>
<td align="center" valign="middle"><span class="Estilo16"><?php echo $staff['user']; ?></span></td>
<td align="center" valign="middle"><span class="Estilo16"><?php echo $staff['pass']; ?></span></td>
</tr>
<?php
}
?>
</tbody>
</table></div></td>
</tr>
</table>
<p>
<?php } ?>
</p>
<p>
<?php
if($_GET[id] == articulo)
{
?>
</p>
<p align="center" class="redtext Estilo22">Publish Article </p>
<form action="admin.php" method="post" enctype='multipart/form-data' name="articulopost" id="articulopost">
<table width="475" height="152" align="center">
<tr>
<td width="71" height="25" class="swiftfieldset">Title:</td>
<td width="392"><label>
<input name="asunto" type="text" id="asunto">
</label></td>
</tr>
<tr>
<td height="45" class="swiftfieldset">Content:</td>
<td>
<textarea name="text_content" cols="60" rows="10" id="text_content"></textarea></td>
</tr>
<tr>
<td height="36" class="swiftfieldset">File: <span class="Estilo20">(optional)</span></td>
<td><input name='fileuploader' type=file class='bginput' id="fileuploader" value="">
(Max.:
<?php $valorutilizado = $filemax / 1048576; echo $valorutilizado;?>
Mb )<span class="Estilo18">*</span></td>
</tr>
<tr>
<td height="34" class="swiftfieldset"><input name="Submit22" type="submit" value="Publish Article" onClick=""></td>
<td><span class="Estilo18">*</span><span class="Estilo21">If you add a file, the article can latest more. </span></td>
</tr>
</table>
</form>
<form name="form2" method="post" action="admin.php">
Delete Article:
<input name="borrararticuloid" type="text" value="Write article id">
<input type="submit" name="Submit5" value="Delete">
</form>
<p>
<?php
}
elseif(isset($_POST[borrararticuloid]))
{
if(@mysql_query("SELECT * from guias where id='$_POST[borrararticuloid]'"))
{
mysql_query("delete from guias where id='$_POST[borrararticuloid]'");
echo "Article has been deleted<br>";
}
else
{
echo "Article was not found<br>";
}
}
elseif(isset($_POST['asunto']))
{
if (strlen($_POST[asunto]) < 4)
{
?>
<span class="Estilo18">Error:</span><span class="Estilo20"> Title is very short </span>
<?php
}
elseif (strlen($_POST[text_content]) < 10)
{
?>
<span class="Estilo18">Error:</span><span class="Estilo20"> Content is very short </span>
<?php
}
else
{
//INICIA UPLOAD FILE
if($_FILES['fileuploader']['name'] != "")
{
if($_FILES['fileuploader']['size'] < $filemax)
{
do{
$filename = rand(1,1000000) . "_" . $_FILES['fileuploader']['name'];
$filename=str_replace(" ","_",$filename);
}while(@mysql_num_rows("SELECT file FORM guias where file LIKE '%$filename%'") == 1);
$add = "../files/$filename";
copy($_FILES['fileuploader']['tmp_name'], $add);
chmod("$add",0777);
echo "
<span class='Estilo19'><strong>Success.</strong> The article has been published.</span>";
//Termina
$publcararticulo = mysql_query("INSERT into guias(id,user,file,asunto,contenido,fecha) values ('','$_SESSION[user]','$filename','$_POST[asunto]','$_POST[text_content]','$date')");
}
else
{
?>
<span class="Estilo18">Error:</span><span class="Estilo20"> The file couldn't be upload .</span>
<?php
}
}
else
{
$filename = "";
//Termina
$publcararticulo = mysql_query("INSERT into guias(id,user,file,asunto,contenido,fecha) values ('','$_SESSION[user]','$filename','$_POST[asunto]','$_POST[text_content]','$date')");
echo "
<span class='Estilo19'><strong>Success.</strong> The article has been published.</span>";
}
?>
<?php
}
}
elseif($_GET[id] == departamentos)
{?>
</p>
<p>
<?php
if($_GET[form] == eliminar)
{
mysql_query("delete from departamentos where departamento='$_POST[depborrar]'");
echo "You've deleted: " . $_POST[depborrar];
}
?>
</p>
<p>
</p>
<p>Add department :</p>
<form action="admin.php?id=departamentos&form=agregar" method="post">
<p>
Name:
<input name="departamentoagrega" type="text" id="departamentoagrega">
</p>
<p>
<input type="submit" name="Submit32" value="Add">
</p>
</form>
<p>Delete department :</p>
<form action="admin.php?id=departamentos&form=eliminar" method="post">
<p>
<select name="depborrar" id="depborrar">
<?php
$busquedadepartamentos=mysql_query("SELECT * FROM departamentos");
while($departamento=mysql_fetch_array($busquedadepartamentos))
{
?>
<option value="<?php echo $departamento[departamento]; ?>"><?php echo $departamento[departamento]; ?> </option>
<?php echo $departamento[departamento]; ?>
<?php
}
?>
</select>
</p>
<p>
<input type="submit" name="Submit3" value="Delete">
</p>
</form>
<p>
<?php } ?>
</p>
<hr>
<p align="center">*Select on the up bar an area to admin. </p></td>
</tr>
<tr>
<td colspan="2" height="15"><div align="center"><?php echo $titulo; echo "©"; echo $fecha = date("Y"); ?>. All rights Reserved - Power by <a href="http://www.opensupports.com" class="Estilo23">OpenSupports</a></div></td>
</tr>
</tbody>
</table></td>
</tr>
</tbody>
</table>
</center>
</body>
</html>