Location: PHPKode > projects > Sound PHP Engine > s-p-e-0.3.0/s-p-e-0.3.0/data/muser.php
<?php
// ===================================================== 
// 
// s-p-e - Content management system. 
// Copyright (C) 2004, 2005, 2010, 2011 Vladimir B. Tsarkov
// 
// This file is part of s-p-e. 
// 
// s-p-e is free software; you can redistribute it and/or modify 
// it under the terms of the GNU General Public License as published by 
// the Free Software Foundation, either version 3 of the License, or 
// (at your option) any later version. 
// 
// s-p-e is distributed in the hope that it will be useful, 
// but WITHOUT ANY WARRANTY; without even the implied warranty of 
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 
// GNU General Public License for more details. 
// 
// You should have received a copy of the GNU General Public License 
// along with s-p-e. If not, see <http://www.gnu.org/licenses/>.
//
// ------
//
//  You can contact me via e-mail: lipetsk-gnu-lug at bk period ru
//
//  muser.php
//
//  Abstract: Management of users' entries.
//  
//  Revision History:
// 
//	1  2004-03-27 - 2005-07-02  vbt
//	2  2005-08-01  vbt
//	3  2010-06-24  vbt
//	4  2011-01-22  vbt
//
// =====================================================
header("Content-Type: text/html; charset=UTF-8");

include("configure/specfg.php"); 
include("../include/functions.php");

cache();

session_set_save_handler("open", "close", "read", "write", "destroy", "gc");
session_start();
gc();

redirect(read(session_id()));

if(read(session_id()) == "administrator")
{
	language($cfg["deflangadmin"]);
	echo "<HTML>
	<HEAD>
	<TITLE>".(_("s-p-e Administrator's Panel"))."</TITLE>
	<LINK rel='stylesheet' type='text/css' href='../skin/".($cfg["skin"])."/style.css'>
	</HEAD>
	<BODY>";
	
	if(isset($_POST['del']))
	{
		$del = $_POST['del'];
	}
	if(isset($_POST['use']))
	{
		$use = $_POST['use'];
	}
	if(isset($_POST['add']))
	{
		$add = $_POST['add'];
	}
	if(isset($_POST['cuser']))
	{
		$user = $_POST['cuser'];
		$user = trim($user);
	}	
	if(isset($_POST['upwd']))
	{
		$pwd = $_POST['upwd'];
	}
	if(isset($_POST['umail']))
	{
		$umail = $_POST['umail'];
	}
		
	if(isset($use))
	{
		if($use == 0)
		{
			$status = "".(_("user"))."";
			$nogtext = "user";
		} 
		if($use == 1)
		{
			$status = "".(_("editor"))."";
			$nogtext = "editor";
		}
		
		connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
		
		$result = mysql_query("select login, pwd 
			from ".($cfg["prefix"])."security 
			where login='$user' and addk='$nogtext'", $connector) 
			or die("error #102-1");
		
		if(isset($add))
		{
			if(mysql_num_rows($result) < 1)
			{
				
				$umail = trim($umail);
				
				if($user == "admin")
				{
					echo "<font class='negative'>
					".(_("Administrator's information can only be updated!"))."
					</font>";
				} 
				else if($user == false)
				{
				  echo "<font class='negative'>".(_("Please, specify the new user's name."))."</font>";
				} 
				else if(pwdlength($pwd) == false)
				{
				  echo "<font class='negative'>
				  ".(_("Your new password is too short. It must contain at least 8 characters."))."
				  </font>
				  <p>".(_("To be secure a password should contain a random set of characters."))."</p>";
				} 
				else 
				{
				  mysql_query("insert into ".($cfg["prefix"])."security 
				    (login, pwd, mail, date, addk) 
				    values ('$user', '".(crypt($pwd))."', '$umail', 
				        '".(date("Y-m-d"))."', '$nogtext')", $connector) 
				    or die("error #102-2");
				    echo "<font class='positive'>
				    ".(ucfirst($status))."</font>&nbsp;$user&nbsp;
				    <font class='positive'>".(_("created successfully."))."</font>";
				}
			} 
			else 
			{
				echo "<font class='negative'>".(_("User"))."</font>
				&nbsp;$user&nbsp;
				<font class='negative'>".(_("already exists."))."</font>";
			}
			mysql_free_result($result);
		}
	
		if(isset($del))
		{
			if($user == "admin")
			{
			  echo "<font class='negative'>
			  ".(_("Administrator's information can only be updated!"))."
			  </font>";
			} 
			else if($user == false)
			{
				echo "<font class='negative'>".(_("Please, specify the user's name."))."</font>";
			} 
			else 
			{
			  if($row = mysql_fetch_array($result))
			  {
				mysql_query("delete from ".($cfg[prefix])."security 
				    where login='$user' and addk='$nogtext'", $connector) 
				    or die("error #102-3");
	  			mysql_query("delete from ".($cfg[prefix])."lines 
					where login='$user'", $connector) 
					or die("error #102-4");
				echo "<font class='positive'>".(ucfirst($status))."</font>
				&nbsp;$user&nbsp;
				<font class='positive'>".(_("and all his bindings are removed successfully."))."</font>";
		   	   } 
			   else 
			   {
			    	echo "<font class='negative'>
				".(_("Check the type of the user that you are going to delete."))."
				</font>";
			   }
			   mysql_free_result($result);
			}
		} 
		mysql_close($connector);
		
		echo "<p>
		<font class='s-normal'>
		".(_("Back to the"))."&nbsp;<a href='admin.php'>".(_("s-p-e Administrator's Page"))."</a>
		</font>
		</p>";
	}  
	echo "</BODY>
	</HTML>";
}
?>
Return current item: Sound PHP Engine