Location: PHPKode > projects > SHOUTcast Management Interface > smi-0.3.4/manageusers.php
<?
////////////////////////////////////////////////////////////////////////
/*SMI - SHOUTcast Management Interface
A web based shoutcast server management program
Founding Author: Scott D. Harvanek <hide@address.com>

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.*/
////////////////////////////////////////////////////////////////////////

if(useraccess($_SESSION['username']) < "5") {
  echo "ACCESS DENIED - INCIDENT REPORTED";
  $event = " Attempted to access the restricted user management section.";
  addevent($_SESSION['username'], $event);
} else {
  $db = dbConnect();  

/////////////////////////////////////
//
// Handle the post if we are adding a new user
//
/////////////////////////////////////
  if(isset($_POST['newuser'])) {
    $username = $_POST['username'];
    $password = md5($_POST['password']);
    $email = $_POST['email'];
    $fname = $_POST['fname'];
    $lname = $_POST['lname'];
    $access = $_POST['access'];
    adduser($username, $password, $fname, $lname, $email, $access);
  }

/////////////////////////////////////
//
// Handle the post if we are deleting a user
//
/////////////////////////////////////
if(isset($_REQUEST['delete'])) {
  $id = $_REQUEST['id'];
  $username = $_REQUEST['username'];
  deluser($id, $username);
}

/////////////////////////////////////
//
// Handle the post if we are editing a user
//
/////////////////////////////////////
if(isset($_POST['edituser'])) {
  $usrname = $_POST['username'];
  $origpass = $_POST['origpass'];
  $password = md5($_POST['password']);
  if($origpass == $_POST['password']) {
    $password = $origpass;
  }
  $email = $_POST['email'];
  $fname = $_POST['fname'];
  $lname = $_POST['lname'];
  $id = $_POST['id'];
  $access = $_POST['access'];
  edituser($id, $usrname, $password, $fname, $lname, $email, $access);
}

/////////////////////////////////////
//
// Create our header table, we do this outside the query.
//
/////////////////////////////////////
?>
<table border="0" width="100%">
  <tr>
    <td align="left">
      <b>User List</b><br>
    </td>
  </tr>
</table>

<table border="0" width="600px" cellspacing="0">
<tr bgcolor="#828282">
  <td align="left">
    <b>Id</b>
  </td>
  <td align="left">
    <b>Username</b>
  </td>
  <td align="left">
    <b>First Name</b>
  </td>
  <td align="left">
    <b>Last Name</b>
  </td>
  <td align="left">
    <b>Email Address</b>
  </td>
  <td align="left">
    <b></b>
  </td>
  <td align="left">
    <b>Action</b>
  </td>
</tr>

<?

/////////////////////////////////////
//
// Run our query and create alternating colors on the rows
//
/////////////////////////////////////
$i = "0";
$members = $db->getRows('members');
foreach ($members as $row) {
  $bgcolor = ($i++ & 1) ? '#FFFFFF' : '#bcbcbc';
  echo "<tr bgcolor='$bgcolor'>\n";
?>
		<td align="left">
                <?echo $row[0];?>
                </td>
		<td align="left">
                <?echo $row[1];?>
                </td>
		<td align="left">
                <?echo $row[3];?>
                </td>
                <td align="left">
                <?echo $row[4];?>
                </td>
		<td align="left">
                <?echo $row[5];?>
                </td>
                <td align="left">
                </td>
                <td align="left">
                <?echo "<a href=\"users.php?edit=yes&userid=$row[0]\">Edit</a>";?>
		 / <a href="users.php?delete=yes&id=<?echo $row[0];?>&username=<?echo $row[1];?>" onclick="javascript:return confirm('Are you sure you want to delete this user?')">Delete</a>
		</td>
	</tr>
<?
}
if(isset($_REQUEST['edit'])) {
  $userid = $_REQUEST['userid'];
  $members = $db->getRows('members', array('user_id' => $userid));
  foreach ($members as $row) {
?>
</table>
<br><br>
<b>Edit User</b>
<form method="post" action="">
        <table border="0">
                <tr>
                        <td>
                                Username:
                        </td>
                        <td>
                                <input type="text" name="username" value="<?echo $row[1];?>">
                        </td>
                </tr>
                <tr>
                        <td>
                                Password:
                        </td>
                        <td>
				<input type="hidden" name="origpass" value="<?echo $row[2];?>">
                                <input type="password" name="password" value="<?echo $row[2];?>">
                        </td>
                </tr>
                <tr>
                        <td>
                                First Name:
                        </td>
                        <td>
                                <input type="text" name="fname" value="<?echo $row[3];?>">
                        </td>
                </tr>
                <tr>
                        <td>
                                Last Name:
                        </td>
                        <td>
                                <input type="text" name="lname" value="<?echo $row[4];?>">
                        </td>
                </tr>
                <tr>
                        <td>
                                Email:
                        </td>
                        <td>
                                <input type="text" name="email" value="<?echo $row[5];?>">
                        </td>
                </tr>
                <tr>
                        <td>
                                Access Level:
                        </td>
                        <td>
                                <select name="access">
                                <option value="5" <? if ($row[6] == "5") { echo "selected"; } ?>>Administrator</option>
                                <option value="4" <? if ($row[6] == "4") { echo "selected"; } ?>>Technician</option>
                                <option value="3" <? if ($row[6] == "3") { echo "selected"; } ?>>Helper</option>
                                <option value="2" <? if ($row[6] == "2") { echo "selected"; } ?>>Read Only</option>
                                <option value="1" <? if ($row[6] == "1") { echo "selected"; } ?>>User</option>
                                <option value="0" <? if ($row[6] == "0") { echo "selected"; } ?>>Disabled</option>
                                </select>
                        </td>
                </tr>
                <tr>
                        <td>
				<input type="hidden" name="id" value="<? echo $row['0'];?>">
                                <input type="hidden" name="edituser" value="yes">
                                <input type="submit" name="go" value="Update User">
                        </td>
                </tr>
        </table>
</form>
<?
}
}else{
?>
</table>
<br><br>
<b>Add New User</b>
<form method="post" action="">
	<table border="0">
		<tr>
			<td>
				Username:
			</td>
			<td>
				<input type="text" name="username">
			</td>
		</tr>
		<tr>
			<td>
				Password:
			</td>
			<td>
				<input type="password" name="password">
			</td>
		</tr>
		<tr>
			<td>
				First Name:
			</td>
			<td>		
				<input type="text" name="fname">
			</td>
		</tr>
		<tr>
			<td>
				Last Name:
			</td>
			<td>
				<input type="text" name="lname">
			</td>
		</tr>
		<tr>
			<td>		
				Email:
			</td>
			<td>
				<input type="text" name="email">
			</td>
		</tr>
		<tr>
			<td>
				Access Level:
			</td>
			<td>
				<select name="access">
				<option value="5">Administrator</option>
				<option value="4">Technician</option>
				<option value="3">Helper</option>
				<option value="2">Read Only</option>
				<option value="1">User</option>
				<option value="0">Disabled</option>
				</select>
			</td>
		</tr>
		<tr>
			<td>	
				<input type="hidden" name="newuser" value="yes">
				<input type="submit" name="go" value="Add User">
			</td>
		</tr>
	</table>
</form>
<?
}
}
?>
Return current item: SHOUTcast Management Interface