Location: PHPKode > projects > PHPEcho CMS > modules/admin/modules/usermanage.php
<?php
/*  +--------------------------------------------
*   |
*   |     Product:       PHPEchoCMS
*   |     Author:        Anas Husseini
*   |     License:       GPL
*   |     Last updated:  30.03.07
*   |     For version:   2.0  
*   |     Desc:          User management admin module
*   |        
*   +--------------------------------------------
*/

if( !ADMIN_LOAD )
{
    die( "Base not loaded!" );
}

$mlang = $core->getlang("admin_usermanage");

echo "<br><br><center><font size='4'><b><u>".$mlang['003']."</u></b></font></center><br>";
// When user name is submitted, User Data will be displayed
if (@$_POST['user'])
{
	if ($_POST['check1'])
	{	// If admin chooses to use wildcards, a selection list will be displayed
		$wilduser = str_replace('*', '%', addslashes($_POST['user']));
		$profile = query("select `username` from `".PREFIX."users` where `username` like '".$wilduser."'", 1);
		if (mysql_num_rows($profile)>0)
		{
			echo "<center><table width='50%' class='border'>";
			echo "<tr><td width='100%' class='title'>".$mlang['001']."</td></tr>";
			echo "<tr><td><center><form action='' method='post'><select name='user'>";
			while ($wuser = mysql_fetch_array($profile))
				echo "<option value='".$wuser['username']."'>".$wuser['username']."</option>";
			echo "</select>&nbsp;<input type=submit value='".$mlang['016']."'></form></center></td></tr></table><br></center>";
		}
		else
		{
			echo $mlang['005']."<br>";
		}
	}
	// Otherwise, he is guided directly to the User Data page
	else
	{
		$profile = query("select * from `".PREFIX."users` where `username` = '".addslashes($_POST['user'])."'", 1);
		if (mysql_num_rows($profile)==0)
			echo $mlang['005']."<br>";
		else
		{	// Displaying User Data
			$profile = mysql_fetch_array($profile);
			echo "<form action='' method='post'><table width='100%'><tr><td width='13%'>";
			echo "<input type=hidden name='uid' value=".$profile['id'].">";
			echo $mlang['006']."</td><td><input type=text name='username' value='".$profile['username']."' size=40></td></tr><tr><td>";
			echo $mlang['007']."</td><td><input type=password name='password' size=40></td></tr><tr><td></td><td>".$mlang['012']."</td></tr><tr><td>";
			echo $mlang['008']."</td><td><input type=text name='email' value='".$profile['email']."' size=40></td></tr><tr><td>";
			echo $mlang['009']."</td><td><select name=stheme>";
			$themes = query ("select `tdir`,`tname` from `".PREFIX."themes`", 1);
			while ($theme = mysql_fetch_array($themes))
			{
				if ($profile['theme'] == $theme['tdir'])
					echo "<option value='".$theme['tdir']."' selected='selected'>".$theme['tname']."</option>";
				else
					echo "<option value='".$theme['tdir']."'>".$theme['tname']."</option>";
			}
			echo "</select></td></tr><tr><td>";
			echo $mlang['010']."</td><td><select name=slang>";
			$languages = query ("select `lang_dir`,`lang_name` from `".PREFIX."languages`", 1);
			while ($language = mysql_fetch_array($languages))
			{
				if ($profile['language'] == $language['lang_dir'])
					echo "<option value='".$language['lang_dir']."' selected='selected'>".$language['lang_name']."</option>";
				else
					echo "<option value='".$language['lang_dir']."'>".$language['lang_name']."</option>";
			}
			echo "</select></td></tr></table>";
			echo "<br><input type=checkbox name='checkdel' value='delete'>".$mlang['013']."<br><br>";
			echo "<input type=submit name='submit_edit' value='".$mlang['004']."'></form><br>";
		}
	}
}
elseif (@$_POST['submit_edit'] && $_POST['checkdel'] && $_POST['uid'])
{	// Deleting the user (when checking the corresponding checkbox)
	query ("delete from `".PREFIX."users` where `id`=".addslashes($_POST['uid']), 1);
	echo $mlang['014'];
}
elseif (@$_POST['username'] && $_POST['email'] && $_POST['slang'] && $_POST['stheme'] && $_POST['uid'])
{	// Editing the user data
	if ($_POST['password'])
		query ("update `".PREFIX."users` set `username`='".addslashes($_POST['username'])."', `password`='".md5(addslashes($_POST['password']))."', `email`='".addslashes($_POST['email'])."', `theme`='".addslashes($_POST['stheme'])."', `language`='".addslashes($_POST['slang'])."' where `id`=".addslashes($_POST['uid']), 1);
	else
		query ("update `".PREFIX."users` set `username`='".addslashes($_POST['username'])."', `email`='".addslashes($_POST['email'])."', `theme`='".addslashes($_POST['stheme'])."', `language`='".addslashes($_POST['slang'])."' where `id`=".addslashes($_POST['uid']), 1);
	echo $mlang['011'];
}
else
{	// Displaying the main menu
	echo "<form action='' method='post'><center><table width='50%' class='border'>";
	echo "<tr><td width='100%' class='title'>".$mlang['001']."</td></tr>";
	echo "<tr><td><input type=text name='user' value=''>&nbsp;<input type=submit value='".
		$mlang['002']."'></td></tr>";
	echo "<tr><td><input type=checkbox name='check1' value='wildcards'>".$mlang['015']."</td></tr>";
	echo "</td></tr></table></center></form><br>";
}

?>
Return current item: PHPEcho CMS