<?php
/**
* PHP versions 4 and 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license. If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @category Forum
* @package QuickTalk
* @author Philippe Vandenberghe <hide@address.com>
* @copyright 2008-2012 The PHP Group
* @version 2.5 build:20100924
* @since File available since Release 1.0.0
* @deprecated File deprecated in Release 3.0.0
*/
session_start();
require_once('bin/qtf_init.php');
include(Translate('qtf_adm.php'));
include(Translate('qtf_reg.php'));
if ( $oVIP->role!='A' ) die($L['E_admin']);
// INITIALISE
include('bin/qtf_fn_sql.php');
$strGroups='';
$oVIP->selfurl = 'qtf_adm_users.php';
$oVIP->selfname = '<span class="upper">'.$L['Adm_content'].'</span><br/>'.$L['Members'];
$oVIP->exitname = '« '.$L['Members'];
// --------
// SUBMITTED
// --------
if ( isset($_POST['del']) )
{
if ( $_POST['cat']=='FM' ) $oDB->Query('DELETE FROM '.TABUSER.' WHERE firstdate=lastdate AND id>1');
if ( $_POST['cat']=='SC' ) $oDB->Query('DELETE FROM '.TABUSER.' WHERE children="2" AND id>1');
if ( $_POST['cat']=='SM' )
{
switch(substr($oDB->type,0,5))
{
case 'mysql': $oDB->Query('DELETE FROM '.TABUSER.' WHERE LEFT(lastdate,8)<'.DateAdd(date('Ymd'),-1,'year').' AND id>1'); break;
case 'mssql': $oDB->Query('DELETE FROM '.TABUSER.' WHERE LEFT(lastdate,8)<'.DateAdd(date('Ymd'),-1,'year').' AND id>1'); break;
case 'pg': $oDB->Query('DELETE FROM '.TABUSER.' WHERE SUBSTRING(lastdate,1,8)<'.DateAdd(date('Ymd'),-1,'year').' AND id>1'); break;
case 'ibase': $oDB->Query('DELETE FROM '.TABUSER.' WHERE SUBSTRING(lastdate FROM 1 FOR 8)<'.DateAdd(date('Ymd'),-1,'year').' AND id>1'); break;
case 'sqlit': $oDB->Query('DELETE FROM '.TABUSER.' WHERE SUBSTR(lastdate,1,8)<'.DateAdd(date('Ymd'),-1,'year').' AND id>1'); break;
case 'db2': $oDB->Query('DELETE FROM '.TABUSER.' WHERE SUBSTR(lastdate,1,8)<'.DateAdd(date('Ymd'),-1,'year').' AND id>1'); break;
case 'oci': $oDB->Query('DELETE FROM '.TABUSER.' WHERE SUBSTR(lastdate,1,8)<'.DateAdd(date('Ymd'),-1,'year').' AND id>1'); break;
default: die('Unknown db type '.$oDB->type);
}
}
echo '« <a href="qtf_adm_users.php">',$L['Members'],'</a>',N;
echo '<meta http-equiv="REFRESH" content="3;url=qtf_adm_users.php">',N;
exit;
}
if ( isset($_POST['add']) )
{
// check
if ( empty($error) )
{
$str = $_POST['title']; if ( get_magic_quotes_gpc() ) $str = stripslashes($str);
$str = QTconv($str,'U');
if ( !QTislogin($str) ) $error = $L['Username'].S.$L['E_invalid'];
$strTitle = $str;
}
if ( empty($error) )
{
$oDB->Query('SELECT count(id) as countid FROM '.TABUSER.' WHERE name="'.htmlspecialchars($strTitle,ENT_QUOTES).'"');
$row = $oDB->Getrow();
if ($row['countid']!=0) $error=$L['Username'].S.$L['E_already_used'];
}
if ( empty($error) )
{
$str = $_POST['pass']; if ( get_magic_quotes_gpc() ) $str = stripslashes($str);
$str = QTconv($str,'U');
if ( !QTispassword($str) ) $error = $L['Password'].S.$L['E_invalid'];
$strNewpwd = $str;
}
if ( empty($error) )
{
$str = $_POST['mail']; if ( get_magic_quotes_gpc() ) $str = stripslashes($str);
$str = QTconv($str,'U');
if ( !QTismail($str) ) $error = $L['Email'].S.$L['E_invalid'];
$strMail = $str;
}
if ( empty($error) )
{
include('bin/qt_lib_smtp.php');
$id = $oDB->Nextid(TABUSER);
$oDB->Query( 'INSERT INTO '.TABUSER.' (id,name,pwd,closed,role,mail,privacy,firstdate,lastdate,numpost,children,parentmail,picture) VALUES ('.$id.',"'.htmlspecialchars($strTitle,ENT_QUOTES).'","'.sha1($strNewpwd).'","0","'.$_POST['role'].'","'.$strMail.'","1","'.date('Ymd His').'","'.date('Ymd His').'",0,"0","","0")' );
// send email
if ( isset($_POST['notify']) )
{
$strSubject='Welcome';
$strMessage="Please find here after your login and password to access the board {$_SESSION[QT]['site_name']}.\nLogin: %s\nPassword: %s";
$strFile = GetLang().'mail_registred.php';
if ( file_exists($strFile) ) include($strFile);
$strMessage = sprintf($strMessage,$strTitle,$strNewpwd);
QTmail($strMail,$strSubject,$strMessage,QTF_HTML_CHAR);
}
// exit
unset($_POST['title']);
unset($_POST['pass']);
$strInfo = $L['Register_completed'];
}
}
// INITIALISE
$strGroup = 'all';
$intLimit = 0;
$intPage = 1;
$strOrder = 'name';
$strDirec = 'ASC';
$strInver = 'DESC';
$strCateg = 'all';
// --------
// HTML START
// --------
$strHeadScript = '
<script type="text/javascript" src="bin/qt_jquery.js"></script>
<script type="text/javascript">
<!--
function ValidateForm(theForm)
{
if (theForm.title.value.length==0) { alert(qtHtmldecode("'.$L['E_mandatory'].': '.$L['Username'].'")); return false; }
if (theForm.pass.value.length==0) { alert(qtHtmldecode("'.$L['E_mandatory'].': '.$L['Password'].'")); return false; }
if (theForm.mail.value.length==0) { alert(qtHtmldecode("'.$L['E_mandatory'].': '.$L['Email'].'")); return false; }
return null;
}
$(function() {
$("#title").blur(function() {
$.post("qtf_j_exists.php",
{f:"name",v:$("#title").val(),e1:"'.$L['E_min_4_char'].'",e2:"'.$L['E_already_used'].'"},
function(data) { if ( data.length>0 ) document.getElementById("title_err").innerHTML=data; });
});
});
-->
</script>
';
$bJava=true;
include('qtf_adm_p_header.php');
// --------
// CONTENT
// --------
if ( isset($_GET['group']) ) { $strGroup = substr($_GET['group'],0,3); }
if ( isset($_GET['page']) ) { $intLimit = (intval($_GET['page'])-1)*$_SESSION[QT]['topics_per_page']; $intPage = intval($_GET['page']); }
if ( isset($_GET['cat']) ) { $strCateg = $_GET['cat']; }
if ( isset($_GET['order']) ) { $strOrder = strip_tags(substr($_GET['order'],0,15)); } // protection against injection
if ( isset($_GET['dir']) ) { if ( $_GET['dir']=='DESC' ) $strDirec = 'DESC'; } // protection against injection
if ( $strDirec=='DESC' ) $strInver='ASC';
// Global statistics (count users)
$oDB->Query('SELECT count(id) as countid FROM '.TABUSER);
$row = $oDB->Getrow();
$intUsers = $row['countid'];
// Global statistics (count users without post)
$oDB->Query('SELECT count(id) as countid FROM '.TABUSER.' WHERE id>1 AND firstdate=lastdate');
$row = $oDB->Getrow();
$intFalse = $row['countid'];
if ( $intFalse>0 )
{
$strFalse = '<a href="qtf_adm_users.php?cat=FM">[»]</a>';
}else{
$strFalse = S;
}
// Global statistics (count users sleeping 1 year)
$oDB->Query('SELECT count(id) as numuser FROM '.TABUSER.' WHERE id>1 AND lastdate<"'.DateAdd(date('Ymd His'),-1,'year').'"');
$row = $oDB->Getrow();
$intSleeping = $row['numuser'];
if ( $intSleeping>0 )
{
$strSleeping = '<a href="qtf_adm_users.php?cat=SM">[»]</a>';
}else{
$strSleeping = S;
}
// Global statistics (children and children without agreement)
if ( $_SESSION[QT]['register_coppa']=='1' )
{
// children (all)
$oDB->Query('SELECT count(id) as numuser FROM '.TABUSER.' WHERE id>1 AND children<>\'0\'');
$row = $oDB->Getrow();
$intChild = $row['numuser'];
if ( $intChild>0 )
{
$strChild = '<a href="qtf_adm_users.php?cat=CH">[»]</a>';
}
else
{
$strChild = S;
}
// children (without agreement only)
$oDB->Query('SELECT count(id) as numuser FROM '.TABUSER.' WHERE id>1 AND children="2"');
$row = $oDB->Getrow();
$intSleepchild = $row['numuser'];
if ( $intSleepchild>0 )
{
$strSleepChild = '<a href="qtf_adm_users.php?cat=SC">[»]</a>';
}
else
{
$strSleepChild = S;
}
}
echo '
<table class="hidden" cellspacing="0" summary="users">
<tr class="hidden">
<td class="hidden" style="width:500px;">
';
echo '
<table class="data_o" cellspacing="0" summary="users">
<tr class="data_o">
<td class="colgroup">',$L['Members'],'</td>
<td class="colgroup"> </td>
<td class="colgroup"><b>',$intUsers,'</b></td>
<td class="colgroup"><a href="qtf_adm_users.php">[»]</a></td>
</tr>
';
echo '<tr class="data_o">
<td class="colct">',$L['Members_FM'],'</td>
<td class="colct"><span class="small">',$L['H_Members_FM'],'</span></td>
<td class="colct"><b>',$intFalse,'</b></td>
<td class="colct">',$strFalse,'</td>
</tr>
';
echo '<tr class="data_o">
<td class="colct">',$L['Members_SM'],'</td>
<td class="colct"><span class="small">',$L['H_Members_SM'],'</span></td>
<td class="colct"><b>',$intSleeping,'</b></td>
<td class="colct">',$strSleeping,'</td>
</tr>
';
if ( $_SESSION[QT]['register_coppa']=='1' )
{
echo '<tr class="data_o">
<td class="colct">',$L['Members_CH'],'</td>
<td class="colct"><span class="small">',$L['H_Members_CH'],'</span></td>
<td class="colct"><b>',$intChild,'</b></td>
<td class="colct">',$strChild,'</td>
</tr>
';
echo '<tr class="data_o">
<td class="colct">',$L['Members_SC'],'</td>
<td class="colct"><span class="small">',$L['H_Members_SC'],'</span></td>
<td class="colct"><b>',$intSleepchild,'</b></td>
<td class="colct">',$strSleepChild,'</td>
</tr>
';
}
echo '</table>
</td>
<td class="hidden"> </td>
<td class="hidden" id="zone_topparticipants">
',$L['Top_participants'],'<br/>
<table class="hidden" cellspacing="0" summary="top participants">
';
// Top 5 participants
$strState = 'name, id, numpost FROM '.TABUSER.' WHERE id>0';
$oDB->Query( LimitSQL($strState,'numpost DESC',0,5) );
For ($i=0;$i<5;$i++)
{
$row = $oDB->Getrow();
if ( !$row ) break;
echo '<tr><td><a href="qtf_user.php?id=',$row['id'],'">',$row['name'],'</a></td><td style="text-align:right">',$row['numpost'],'<td></tr>';
}
echo '
</table>
</td>
</tr>
</table>
';
// --------
// Category subform
// --------
if ( $strCateg!='all' )
{
echo '<h1>',$L['Members_'.$strCateg],' (',$L['H_Members_'.$strCateg],')</h1>',N;
if ( $strCateg!='CH' )
{
echo '<form method="post" action="qtf_adm_users.php">';
$intCount = $intFalse;
if ( $strCateg=='SM' ) $intCount = $intSleeping;
if ( $strCateg=='SC' ) $intCount = $intSleepchild;
echo $L['Delete'],' ',$intCount,' ',$L['Members_'.$strCateg],' <input type="hidden" name="cat" value="',$strCateg,'"/><input type="submit" name="del" value="',$L['Delete'],' !"/></form>',N;
}
}
// --------
// Button line and pager
// --------
if ( $strCateg=='all' ) $strGroups = HtmlLettres($strGroup,$L['All']);
// refine query
Switch ($strGroup)
{
Case 'all': $strWhere = ' WHERE id>=0'; Break;
Case '0': $strWhere = ' WHERE '.FirstCharCase('name','a-z'); Break;
Default: $strWhere = ' WHERE '.FirstCharCase('name','u').'="'.$strGroup.'"'; Break;
}
// refine query by category
if ( $strCateg=='FM' ) $strWhere .= ' AND id>1 AND firstdate=lastdate'; //false members
if ( $strCateg=='SM' ) $strWhere .= ' AND id>1 AND lastdate<"'.DateAdd(date('Ymd His'),-1,'year').'"'; //sleeping members
if ( $strCateg=='CH' ) $strWhere .= ' AND id>1 AND children<>"0"'; //children
if ( $strCateg=='SC' ) $strWhere .= ' AND id>1 AND children="2"'; //sleeping children
// count query
$oDB->Query('SELECT count(id) as countid FROM '.TABUSER.$strWhere);
$row = $oDB->Getrow();
$intCount = $row['countid'];
// -- build pager --
$strPager = MakePager("qtf_adm_users.php?cat=$strCateg&group=$strGroup&order=$strOrder&dir=$strDirec",$intCount,$_SESSION[QT]['topics_per_page'],$intPage);
if ( !empty($strPager) ) { $strPager = $L['Page'].$strPager; } else { $strPager=S; }
if ( $intCount<$intUsers ) $strPager = '<span class="small">'.$intCount.' '.$L['Selected_from'].' '.$intUsers.' '.strtolower($L['Members']).'</span>'.($strPager==S ? '' : ' | '.$strPager);
// -- Display button line and pager --
if ( $intCount>$_SESSION[QT]['topics_per_page'] || $strGroup!='all' ) echo '<br/><table class="button" cellspacing="0"><tr>',N,$strGroups,N,'</tr></table>',N;
echo '<table class="hidden" cellspacing="0" summary="pages"><tr><td id="pager_zt">',$strPager,'</td></tr></table>',N;
// end if no result
if ( $intCount==0 )
{
echo $L['None'];
include('qtf_adm_p_footer.php');
exit;
}
// --------
// Memberlist
// --------
if ( $intCount!=0 )
{
$img['NO']='';
$img['ASC']= ' <img class="ico i_sort" src="admin/sort_asc.gif" alt="+"/>';
$img['DESC']= ' <img class="ico i_sort" src="admin/sort_desc.gif" alt="-"/>';
$sort['ASC']= 'DESC';
$sort['DESC']= 'ASC';
echo '<table class="data_t" cellspacing="0" summary="users">',N;
echo '<tr class="data_t">',N;
if ( $intCount>2 )
{
echo '<td class="colhd" style="width:40px"><a href="qtf_adm_users.php?cat=',$strCateg,'&group=',$strGroup,'&page=1&order=id&dir=' , $sort[$strDirec] , '">Id</a>' , ($strOrder=='id' ? $img[$strDirec] : $img['NO']) , '</td>',N;
echo '<td class="colhd"><a href="qtf_adm_users.php?cat=',$strCateg,'&group=',$strGroup,'&page=1&order=name&dir=' , $sort[$strDirec] , '">' , $L['Member'] , '</a>' , ($strOrder=='name' ? $img[$strDirec] : $img['NO']) , '</td>',N;
echo '<td class="colhd"><a href="qtf_adm_users.php?cat=',$strCateg,'&group=',$strGroup,'&page=1&order=closed&dir=' , $sort[$strDirec] , '">' , $L['Ban'] , '</a>' , ($strOrder=='closed' ? $img[$strDirec] : $img['NO']) , '</td>',N;
echo '<td class="colhd"><a href="qtf_adm_users.php?cat=',$strCateg,'&group=',$strGroup,'&page=1&order=role&dir=' , $sort[$strDirec] , '">' , $L['Role'] , '</a>' , ($strOrder=='role' ? $img[$strDirec] : $img['NO']) , '</td>',N;
echo '<td class="colhd">',$L['Action'],'</td>',N;
echo '<td class="colhd"><a href="qtf_adm_users.php?cat=',$strCateg,'&group=',$strGroup,'&page=1&order=numpost&dir=' , $sort[$strDirec] , '">' , $L['Messages'] , '</a>' , ($strOrder=='numpost' ? $img[$strDirec] : $img['NO']) , '</td>',N;
if ( $strCateg=='FM' || $strCateg=='SC' )
{
echo '<td class="colhd"><a href="qtf_adm_users.php?cat=',$strCateg,'&group=',$strGroup,'&page=1&order=firstdate&dir=' , $sort[$strDirec] , '">' , $L['Joined'] , '</a>' , ($strOrder=='firstdate' ? $img[$strDirec] : $img['NO']) , '</td>',N;
}
else
{
echo '<td class="colhd"><a href="qtf_adm_users.php?cat=',$strCateg,'&group=',$strGroup,'&page=1&order=lastdate&dir=' , $sort[$strDirec] , '">' , $L['Last_message'] , '</a>' , ($strOrder=='lastdate' ? $img[$strDirec] : $img['NO']) , ' (ip)</td>',N;
}
}
else
{
echo '<td class="colhd" style="width:40px">Id</td>',N;
echo '<td class="colhd">',$L['Member'],'</td>',N;
echo '<td class="colhd">',$L['Ban'],'</td>',N;
echo '<td class="colhd">',$L['Role'],'</td>',N;
echo '<td class="colhd">',$L['Action'],'</td>',N;
echo '<td class="colhd">',$L['Messages'],'</td>',N;
if ( $strCateg=='FM' || $strCateg=='SC' )
{
echo '<td class="colhd">',$L['Joined'],'</td>',N;
}
else
{
echo '<td class="colhd">',$L['Last_message'],' (ip)</td>',N;
}
}
echo '</tr>',N;
//-- LIMIT QUERY --
$strState = 'id,name,closed,role,numpost,firstdate,lastdate,ip FROM '.TABUSER.$strWhere;
$oDB->Query( LimitSQL($strState,$strOrder.' '.$strDirec,$intLimit,$_SESSION[QT]['topics_per_page'],$intCount) );
// --------
For ($i=0;$i<$_SESSION[QT]['topics_per_page'];$i++)
{
$row = $oDB->Getrow();
if ( !$row ) break;
$strBan = $L['N'];
if ( $row['closed']=='1' ) $strBan = '1';
if ( $row['closed']=='2' ) $strBan = '10';
if ( $row['closed']=='3' ) $strBan = '20';
if ( $row['closed']=='4' ) $strBan = '30';
echo '<tr class="data_t rowlight">',N;
echo '<td class="colct"><span class="small">',$row['id'].'</span></td>',N;
echo '<td class="colct"><a href="qtf_user.php?id=',$row['id'],'">',$row['name'],'</a></td>',N;
echo '<td class="colct"><span class="small',($strBan==$L['N'] ? ' disabled' : ''),'">',$strBan,'</span></td>',N;
echo '<td class="colct"><span class="small">',$L['Userrole'][$row['role']],'</span></td>',N;
echo '<td class="colct">',($row['id']>1 ? '<a class="small" href="qtf_change.php?a=user_ban&p='.$row['id'].'&v=adm">'.$L['Banish'].'</a> · <a class="small" href="qtf_change.php?a=user_del&p='.$row['id'].'&v=adm">'.$L['Delete'].'</a>' : S),'</td>',N;
echo '<td class="colct">',$row['numpost'],'</td>',N;
echo '<td class="colct">';
if ( $strCateg=='FM' || $strCateg=='SC' )
{
echo '<span class="small">',QTdatestr($row['firstdate'],'$','$',true);
}
else
{
if ( $row['numpost']>0 )
{
echo '<span class="small">',QTdatestr($row['lastdate'],'$','$',true),' (',$row['ip'],')';
}
else
{
echo '<span class="disabled">',$L['None'];
}
}
echo '</span></td>',N,'</tr>',N;
}
echo '</table>',N;
}
else
{
echo $L['None'];
}
// -- Display pager --
echo '<table class="hidden" cellspacing="0" summary="pages"><tr class="hidden"><td id="pager_zb">',$strPager,'</td></tr></table>',N,N;
// FORM
echo '
<h2>',$L['Member_add'],'</h2>
<form method="post" action="',$oVIP->selfurl,'" onsubmit="return ValidateForm(this);">
<table class="data_t" cellspacing="0" summary="add user">
<tr class="data_t">
<td class="colhd">',$L['Role'],'</td>
<td class="colhd">',$L['Username'],'</td>
<td class="colhd">',$L['Password'],'</td>
<td class="colhd">',$L['Email'],'</td>
</tr>
<tr class="data_t">
<td class="colct"><select name="role" size="1">
<option value="A">',$L['Userrole']['A'],'</option>
<option value="M">',$L['Userrole']['M'],'</option>
<option value="U"',QSEL,'>',$L['Userrole']['U'],'</option>
</select></td>
<td class="colct"><input id="title" name="title" type="text" size="20" maxlength="24" value="',(isset($_POST['title']) ? $_POST['title'] : ''),'" onfocus="document.getElementById(\'title_err\').innerHTML=\'\';"/></td>
<td class="colct"><input id="pass" name="pass" type="text" size="20" maxlength="24" value="',(isset($_POST['pass']) ? $_POST['pass'] : ''),'"/></td>
<td class="colct"><input id="mail" name="mail" type="text" size="30" maxlength="64" value="',(isset($_POST['mail']) ? $_POST['mail'] : ''),'"/></td>
</tr>
<tr class="data_t">
<td colspan="4" class="colgroup" style="text-align:right"><span id="title_err" class="error"></span> <input id="notify" name="notify" type="checkbox"/><label for="notify">'.$L['Send'].' '.strtolower($L['Email']).'</label> <input id="add" name="add" type="submit" value="',$L['Add'],'"/></td>
</tr>
</table>
</form>
';
if ( !empty($error) ) echo '<span class="error">',$error,'</span>',N,N;
echo '<p><a href="qtf_adm_users_imp.php">',$L['Users_import_csv'],'</a></p>';
// HTML END
include('qtf_adm_p_footer.php');
?>