Location: PHPKode > projects > raSMP > rasmp/admin/index.php
<?php

/*******************************************************************

 Name		: raSMP 2.0
 Copyright	: 2002, Adam Alkins
 Website	: http://www.rasmp.com
 email		: hide@address.com

 $Id: index.php,v 1.30 2003/03/16 18:26:44 rasadam Exp $: 

*******************************************************************/

/*******************************************************************

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the 
Free Software Foundation Inc., 59 Temple Place, Suite 330,
Boston, MA  02111-1307  USA

*******************************************************************/

define('RASMP',true);
define('RASMP_ADMIN',true);
define('SCRIPT_PATH','../');
include SCRIPT_PATH.'common/extension.inc';
include SCRIPT_PATH.'common/admin_common.'.FILE_EXT;

global $sid;
global $user_data;
$query = "UPDATE ".SESSIONS_TABLE." SET session_page = 'index', session_time = ".date("U").", session_ip = '".format_ipv6($_SERVER['REMOTE_ADDR'])."' WHERE session_user_id = ".$user_data['user_id']." AND session_id = '".$sid."'";
db_query($query, 'Could not update session data');

switch($_GET['mode'])
{
	case 'password':
		if(!defined('CHANGE_PASSWORD'))
		{
			redirect_page('You do not have permission to change your own password', attach_sid("index.".FILE_EXT));
		}
		
		// if button wasn't pressed
		if(isset($_POST['dochangepassword']))
		{
			// if password wasn't entered
			if(!isset($_POST['password'])||$_POST['password']=='')
			{
				redirect_page('Invalid Password', attach_sid("index.".FILE_EXT));
			}
			else
			{
				unset($password);
				// hash password for db
				$password = md5(clean($_POST['password']));
				
				// query to change the password
				$query = "UPDATE ".ACCOUNTS_TABLE." SET user_password = '".$password."' WHERE user_id = ".$user_data['user_id'];
				db_query($query, 'Could not change password');
		
				redirect_page('Password changed Successfully', attach_sid("index.".FILE_EXT));
			}
		}
		break;
	case 'email':
		// if button was pressed
		if(isset($_POST['dochangeemail']))
		{
			// if email criteria was met.. or email address looks fake (can still be easily
			// faked..
			if(!isset($_POST['email'])||!validate_email($_POST['email']))
			{
				redirect_page('Invalid Email Address', attach_sid("index.".FILE_EXT));
			}
			else
			{
				global $user_data;
				
				// update email address
				$query = "UPDATE ".ACCOUNTS_TABLE." SET user_email = '".clean($_POST['email'])."' WHERE user_id = ".$user_data['user_id'];
				db_query($query, 'Could not change Email address');
		
				redirect_page('Email address changed Successfully', attach_sid("index.".FILE_EXT));
			}
		}
		break;
	case 'notes':
		if(defined('ALLOW_NOTES'))
		{	
			// if button was pressed
			if(isset($_POST['note']))
			{		
				if(!isset($_POST['user_notes']))
				{
					redirect_page('Note not Passed', attach_sid("index.".FILE_EXT));
				}

				$_POST['note'] = addslashes(strip_tags($_POST['note']));
				
				$query = "UPDATE ".ACCOUNTS_TABLE." SET user_notes = '".$_POST['user_notes']."' WHERE user_id = ".$user_data['user_id'];
				db_query($query, 'Could not update user notes');
		
				redirect_page('Notes Modified Successfully', attach_sid("index.".FILE_EXT));
			}
		}
		break;
	default:
		display_header('Administration Panel');

?>

<table width="98%" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td bgcolor="#0066CC">
      <div align="center"><font size="3" color="#FFFFFF">raSMP Administration Panel</font></div>
    </td>
  </tr>
</table>

<?php

display_body();

?>	

<p align="left"><blockquote>
	<strong><?php echo stripslashes($user_data['user_name']); ?></strong>, welcome to the Administration Panel. On the left are links to all the areas you have access to. You can navigate sections of these modules in the blue strip above.
</blockquote></p>
<p align="center">
<?php
		if($user_data['last_login']!=0)
		{
			echo 'Your last login was on '.date("l F jS Y \a\\t g:ia O",$user_data['last_login']).'<br />';
		}

		echo 'Your current session was started on '.date("l F jS Y \a\\t g:ia O",$user_data['this_login']);		
?>
</p>
<br />
<?php
		if(defined('CHANGE_PASSWORD'))
		{
?>
<form name="form1" method="post" action="<?php echo attach_sid("index.".FILE_EXT."?mode=password"); ?>">
  Change your Password<br /> 
      <input name="password" type="password" size="15" maxlength="255" />
      <input type="submit" name="dochangepassword" value="Change" />
  </form>
<br />
<?php
		}
		
		echo 'Current Email Address: <strong>'.$user_data['user_email'].'</strong><br /><br />';
?>
<form name="form1" method="post" action="<?php echo attach_sid("index.".FILE_EXT."?mode=email"); ?>">
  Change your Email Address<br /> 
      <input name="email" type="text" size="15" maxlength="255" />
      <input type="submit" name="dochangeemail" value="Change" />
  </form>
<?php
		if(defined('ALLOW_NOTES'))
		{
?>
<br /><form name="form1" method="post" action="<?php echo attach_sid("index.".FILE_EXT."?mode=notes"); ?>">
  Personal Notes<br /> 
      <textarea name="user_notes" cols="60" rows="20"><?php echo htmlentities(stripslashes($user_data['user_notes'])); ?></textarea><br />
      <input type="submit" name="note" value="Modify" />
  </form>

<?php
		}
}

display_footer();

?>
Return current item: raSMP