Location: PHPKode > projects > PHPEcho CMS > modules/admin/modules/adminperms.php
<?php
/*  +--------------------------------------------
*   |
*   |     Product:       PHPEchoCMS
*   |     Author:        Anas Husseini
*   |     License:       GPL
*   |     Last updated:  06.04.07
*   |     For version:   2.0  
*   |     Desc:          Admin permissions admin module
*   |        
*   +--------------------------------------------
*/

if( !ADMIN_LOAD )
{
    die( "Base not loaded!" );
}

$mlang = $core->getlang("admin_adminperms");

echo "<br><br><center><font size='4'><b><u>".$mlang['003']."</u></b></font></center><br>";
// When user name is submitted, User Data will be displayed
if (@$_POST['user'])
{
	if ($_POST['check1'])
	{	// If admin chooses to use wildcards, a selection list will be displayed
		$wilduser = str_replace('*', '%', addslashes($_POST['user']));
		$profile = query("select `username` from `".PREFIX."users` where `username` like '".$wilduser."'", 1);
		if (mysql_num_rows($profile)>0)
		{
			echo "<center><table width='50%' class='border'>";
			echo "<tr><td width='100%' class='title'>".$mlang['001']."</td></tr>";
			echo "<tr><td><center><form action='' method='post'><select name='user'>";
			while ($wuser = mysql_fetch_array($profile))
				echo "<option value='".$wuser['username']."'>".$wuser['username']."</option>";
			echo "</select>&nbsp;<input type=submit value='".$mlang['004']."'></form></center></td></tr></table><br></center>";
		}
		else
		{
			echo $mlang['005']."<br>";
		}
	}
	// Otherwise, he is guided directly to the Admin Permissions page
	else
	{
		$profile = query("select * from `".PREFIX."users` where `username` = '".addslashes($_POST['user'])."'", 4);
		if (@$profile['id'])
		{
			$perms = query("select * from `".PREFIX."admin_perms` where `id`=".$profile['id'], 4);
			$per = $perms['perms'];
			$mlang2 = $core->getlang("admin");
			$list2 = array('005', '006', '017', '007', '008', '009', '010', '011', '018', '019'); 
			echo "<form action='' method='post'>";
			echo "<table width='100%' class='border'>";
			echo "<tr><td width='100%' class='title'>".$mlang['008']."<b>".$profile['username']."</b></td></tr>";
			echo "<tr></tr>";
			for ($i=0; $i<strlen($per); $i++)
			{
				if (substr($per, $i, 1) == '1')
				{
					$s1 = "selected='selected'";
					$s2 = "";
				}
				else
				{
					$s2 = "selected='selected'";
					$s1 = "";
				}
				echo "<tr><td><table width='100%'><tr><td width='20%'>".$mlang2[$list2[$i]].":</td><td>";
				echo "<select name='sel".$i."'>";
				echo "<option value='1' ".$s1.">".$mlang['009']."</option>";
				echo "<option value='0' ".$s2.">".$mlang['010']."</option>";
				echo "</select></td></tr></table></td></tr>";
			}
			echo "</table>";
			echo "<input type=hidden name='num' value=".strlen($per).">";
			echo "<input type=hidden name='id' value=".$profile['id'].">";
			echo "<input type=submit value='".$mlang['006']."'></form><br>";
		}
		else
			echo $mlang['005']."<br>";
	}
}
elseif (@$_POST['sel0'] && $_POST['num'] && $_POST['id'])
{
	$per = "";
	$cc = 0;
	for ($j=0; $j<$_POST['num']; $j++)
	{
		$per .= $_POST['sel'.$j];
		if ($_POST['sel'.$j] == '1')
			$cc++;
	}
	if ($cc == 0)
		query ("update `".PREFIX."users` set `admin_level`=0 where `id`=".addslashes($_POST['id']), 1);
	else
		query ("update `".PREFIX."users` set `admin_level`=1 where `id`=".addslashes($_POST['id']), 1);
	query ("update `".PREFIX."admin_perms` set `perms`='".addslashes($per)."' where `id`=".addslashes($_POST['id']), 1);
	echo $mlang['011']."<br>";
}
else
{	// Displaying the main menu
	echo "<form action='' method='post'><center><table width='50%' class='border'>";
	echo "<tr><td width='100%' class='title'>".$mlang['001']."</td></tr>";
	echo "<tr><td><input type=text name='user' value=''>&nbsp;<input type=submit value='".
		$mlang['002']."'></td></tr>";
	echo "<tr><td><input type=checkbox name='check1' value='wildcards'>".$mlang['007']."</td></tr>";
	echo "</td></tr></table></center></form><br>";
}

?>
Return current item: PHPEcho CMS