Location: PHPKode > projects > Spacemarc News > spacemarc-news/admin/utenti.php
<?php

/*****************************************************************
*  Spacemarc News
*  Version: 1.2.0
*  Author and copyright (C): Marcello Vitagliano
*  Web site: http://www.spacemarc.it
*  License: GNU General Public License
*
*  This program is free software: you can redistribute it and/or
*  modify it under the terms of the GNU General Public License
*  as published by the Free Software Foundation, either version 3
*  of the License, or (at your option) any later version.
*
*  Current file: utenti.php
*****************************************************************/
session_start();
define('IN_NEWS', true);
header('Content-type: text/html; charset=ISO-8859-1');

//includo i file di configurazione
require_once (dirname(__FILE__) . '/../config.php');
require_once (dirname(__FILE__) . '/functions.php');
require_once (dirname(__FILE__) . '/../lang/lang.php');
$db = mysql_connect($db_host, $db_user, $db_password) or die("Impossibile connettersi a MySQL<br />Numero errore: " . mysql_errno() . "<br />Tipo di errore: " . mysql_error());
mysql_select_db($db_name, $db) or die("Impossibile selezionare il database $db_name<br />Numero errore: " . mysql_errno() . "<br />Tipo di errore: " . mysql_error());
check_login();

// se NON sono un amministratore e voglio visualizzare questa pagina, redirigo all'elenco news personale

if ($_SESSION['livello_id'] != 1) {
    header("Location: " . $dir_admin . "/elenco_news.php");
    exit();
}

//calcolo il tempo di generazione della pagina (1a parte)
$mtime1 = explode(" ", microtime());
$starttime = $mtime1[1] + $mtime1[0];

//estraggo alcune impostazioni
$conf = mysql_query("SELECT nome_sito, max_utenti, url_sito FROM $tab_config");
$rowconf = mysql_fetch_array($conf);
$utente_msg = NULL;
$query_utente_msg = NULL;
$utente_presente = NULL;
$email_errata = NULL;
$popup_email = NULL;

// risultati visualizzati per pagina
$rec_page = $rowconf['max_utenti'];
$query_msg = NULL;
$del_ok = NULL;
$start = (isset($_GET['start'])) ? abs(floor(intval($_GET['start']))) : 0;

if (isset($_GET['sortby'])) {
    $get_sortby = "sortby=" . addslashes($_GET['sortby']);
    
    switch ($_GET['sortby']) {
        case "nome_asc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.nome_cognome ASC LIMIT $start,$rec_page";
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a> <img src="' . $img_path . '/asc.gif" alt="ASC" title="ASC" />';
            $link_email = '<a href="utenti.php?sortby=email_desc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_status = '<a href="utenti.php?sortby=status_desc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_news = '<a href="utenti.php?sortby=news_desc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a>';
        break;
        case "nome_desc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.nome_cognome DESC LIMIT $start,$rec_page";
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_asc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a> <img src="' . $img_path . '/desc.gif" alt="DESC" title="DESC" />';
            $link_email = '<a href="utenti.php?sortby=email_desc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_status = '<a href="utenti.php?sortby=status_desc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_news = '<a href="utenti.php?sortby=news_desc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a>';
        break;
        case "email_asc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.email ASC LIMIT $start,$rec_page";
            $link_email = '<a href="utenti.php?sortby=email_desc&amp;start=' . $start . '" title="Ordina per...">Email</a> <img src="' . $img_path . '/asc.gif" alt="ASC" title="ASC" />';
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_status = '<a href="utenti.php?sortby=status_desc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_news = '<a href="utenti.php?sortby=news_desc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a>';
        break;
        case "email_desc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.email DESC LIMIT $start,$rec_page";
            $link_email = '<a href="utenti.php?sortby=email_asc&amp;start=' . $start . '" title="Ordina per...">Email</a> <img src="' . $img_path . '/desc.gif" alt="DESC" title="DESC" />';
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_status = '<a href="utenti.php?sortby=status_desc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_news = '<a href="utenti.php?sortby=news_desc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a>';
        break;
        case "status_asc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.attivo ASC LIMIT $start,$rec_page";
            $link_status = '<a href="utenti.php?sortby=status_desc&amp;start=' . $start . '" title="Ordina per...">Status</a> <img src="' . $img_path . '/asc.gif" alt="ASC" title="ASC" />';
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_email = '<a href="utenti.php?sortby=email_asc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_news = '<a href="utenti.php?sortby=news_desc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a>';
        break;
        case "status_desc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.attivo DESC LIMIT $start,$rec_page";
            $link_status = '<a href="utenti.php?sortby=status_asc&amp;start=' . $start . '" title="Ordina per...">Status</a> <img src="' . $img_path . '/desc.gif" alt="DESC" title="DESC" />';
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_email = '<a href="utenti.php?sortby=email_asc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_news = '<a href="utenti.php?sortby=news_desc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a>';
        break;
        case "news_asc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY TotaleNews ASC LIMIT $start,$rec_page";
            $link_news = '<a href="utenti.php?sortby=news_desc&amp;start=' . $start . '" title="Ordina per...">News</a> <img src="' . $img_path . '/asc.gif" alt="ASC" title="ASC" />';
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_email = '<a href="utenti.php?sortby=email_asc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_status = '<a href="utenti.php?sortby=status_asc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a>';
        break;
        case "news_desc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY TotaleNews DESC LIMIT $start,$rec_page";
            $link_news = '<a href="utenti.php?sortby=news_asc&amp;start=' . $start . '" title="Ordina per...">News</a> <img src="' . $img_path . '/desc.gif" alt="DESC" title="DESC" />';
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_email = '<a href="utenti.php?sortby=email_asc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_status = '<a href="utenti.php?sortby=status_asc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a>';
        break;
        case "permessi_asc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.permessi ASC LIMIT $start,$rec_page";
            $link_news = '<a href="utenti.php?sortby=news_desc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_email = '<a href="utenti.php?sortby=email_asc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_status = '<a href="utenti.php?sortby=status_asc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a> <img src="' . $img_path . '/asc.gif" alt="ASC" title="ASC" />';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a>';
        break;
        case "permessi_desc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.permessi DESC LIMIT $start,$rec_page";
            $link_news = '<a href="utenti.php?sortby=news_asc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_email = '<a href="utenti.php?sortby=email_asc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_status = '<a href="utenti.php?sortby=status_asc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_asc&amp;start=' . $start . '" title="Ordina per...">Permessi</a> <img src="' . $img_path . '/desc.gif" alt="DESC" title="DESC" />';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a>';
        break;
        case "data_asc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.data_registrazione ASC LIMIT $start,$rec_page";
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a> <img src="' . $img_path . '/asc.gif" alt="ASC" title="ASC" />';
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_email = '<a href="utenti.php?sortby=mail_asc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_status = '<a href="utenti.php?sortby=status_asc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_news = '<a href="utenti.php?sortby=news_asc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
        break;
        case "data_desc":
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.data_registrazione DESC LIMIT $start,$rec_page";
            $link_data_registrazione = '<a href="utenti.php?sortby=data_asc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a> <img src="' . $img_path . '/desc.gif" alt="DESC" title="DESC" />';
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_email = '<a href="utenti.php?sortby=email_asc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_status = '<a href="utenti.php?sortby=status_asc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_news = '<a href="utenti.php?sortby=news_asc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
        break;
        default:
            $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.data_registrazione DESC LIMIT $start,$rec_page";
            $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
            $link_email = '<a href="utenti.php?sortby=email_desc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
            $link_status = '<a href="utenti.php?sortby=status_desc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
            $link_news = '<a href="utenti.php?sortby=news_desc&amp;start=' . $start . '" title="Ordina per...">News</a>';
            $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
            $link_data_registrazione = '<a href="utenti.php?sortby=data_desc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a> <img src="' . $img_path . '/desc.gif" alt="DESC" title="DESC" />';
    }
}
else {
    $get_sortby = NULL;
    $order_query = "SELECT nu.user_id, nu.nome_cognome, nu.email, nu.nome_livello, nu.attivo, nu.permessi, nu.data_registrazione, COUNT( nt.user_id ) AS TotaleNews FROM $tab_utenti nu LEFT JOIN $tab_news nt ON nt.user_id = nu.user_id GROUP BY nu.user_id ORDER BY nu.data_registrazione DESC LIMIT $start,$rec_page";
    $link_nome_cognome = '<a href="utenti.php?sortby=nome_desc&amp;start=' . $start . '" title="Ordina per...">Nome e cognome</a>';
    $link_email = '<a href="utenti.php?sortby=email_desc&amp;start=' . $start . '" title="Ordina per...">Email</a>';
    $link_status = '<a href="utenti.php?sortby=status_desc&amp;start=' . $start . '" title="Ordina per...">Status</a>';
    $link_news = '<a href="utenti.php?sortby=news_desc&amp;start=' . $start . '" title="Ordina per...">News</a>';
    $link_permessi = '<a href="utenti.php?sortby=permessi_desc&amp;start=' . $start . '" title="Ordina per...">Permessi</a>';
    $link_data_registrazione = '<a href="utenti.php?sortby=data_asc&amp;start=' . $start . '" title="Ordina per...">Data registrazione</a> <img src="' . $img_path . '/desc.gif" alt="DESC" title="DESC" />';
}

if (isset($_POST['submit_sel'])) {
    
    if (isset($_POST['cb_id'])) {
        $uid = implode(",", $_POST['cb_id']);
        
        if ($_POST['submit_sel'] == 'elimina_news') {
            
            if (mysql_query("DELETE FROM $tab_news WHERE user_id IN ($uid) AND user_id <>" . $_SESSION['user_id'])) {
                $query_msg = "<div id=\"success\">" . $lang['canc_news_user_ok'] . "</div><br />";
            }
            else {
                $query_msg = "<div id=\"error\">" . $lang['canc_news_user_error'] . "</div><br /><span class=\"text2\">" . mysql_error() . "</span><br /><br />";
            }
        }
        elseif ($_POST['submit_sel'] == 'attiva_utenti') {
            
            if (mysql_query("UPDATE $tab_utenti SET attivo=1 WHERE user_id IN ($uid) AND attivo=0 AND user_id <>" . $_SESSION['user_id'])) {
                $query_msg = "<div id=\"success\">" . $lang['utenti_attivati_ok'] . "</div><br />";
            }
            else {
                $query_msg = "<div id=\"error\">" . $lang['utenti_attivati_error'] . "</div><br /><span class=\"text2\">" . mysql_error() . "</span><br /><br />";
            }
        }
        elseif ($_POST['submit_sel'] == 'disattiva_utenti') {
            
            if (mysql_query("UPDATE $tab_utenti SET attivo=0, mostra_link='nome', token=NULL, cookie=0, new_pwd=NULL, key_pwd=NULL WHERE user_id IN ($uid) AND attivo=1 AND user_id <>" . $_SESSION['user_id'] . " AND livello_id>1")) {
                $query_msg = "<div id=\"success\">" . $lang['utenti_disattivati_ok'] . "</div><br />";
            }
            else {
                $query_msg = "<div id=\"error\">" . $lang['utenti_disattivati_error'] . "</div><br /><span class=\"text2\">" . mysql_error() . "</span><br /><br />";
            }
        }
        elseif ($_POST['submit_sel'] == 'upload') {
            
            if (mysql_query("UPDATE $tab_utenti SET permessi='upload' WHERE user_id IN ($uid) AND user_id <>" . $_SESSION['user_id'] . " AND livello_id>1")) {
                $query_msg = "<div id=\"success\">" . $lang['edit_permessi_ok'] . "</div><br />";
            }
            else {
                $query_msg = "<div id=\"error\">" . $lang['edit_permessi_error'] . "</div><br /><span class=\"text2\">" . mysql_error() . "</span><br /><br />";
            }
        }
        elseif ($_POST['submit_sel'] == 'letturestampe') {
            
            if (mysql_query("UPDATE $tab_utenti SET permessi='letturestampe' WHERE user_id IN ($uid) AND user_id <>" . $_SESSION['user_id'] . " AND livello_id>1")) {
                $query_msg = "<div id=\"success\">" . $lang['edit_permessi_ok'] . "</div><br />";
            }
            else {
                $query_msg = "<div id=\"error\">" . $lang['edit_permessi_error'] . "</div><br /><span class=\"text2\">" . mysql_error() . "</span><br /><br />";
            }
        }
        elseif ($_POST['submit_sel'] == 'tutto') {
            
            if (mysql_query("UPDATE $tab_utenti SET permessi='tutto' WHERE user_id IN ($uid) AND user_id <>" . $_SESSION['user_id'] . " AND livello_id>1")) {
                $query_msg = "<div id=\"success\">" . $lang['edit_permessi_ok'] . "</div><br />";
            }
            else {
                $query_msg = "<div id=\"error\">" . $lang['edit_permessi_error'] . "</div><br /><span class=\"text2\">" . mysql_error() . "</span><br /><br />";
            }
        }
        elseif ($_POST['submit_sel'] == 'nessuno') {
            
            if (mysql_query("UPDATE $tab_utenti SET permessi='nessuno' WHERE user_id IN ($uid) AND user_id <>" . $_SESSION['user_id'] . " AND livello_id>1")) {
                $query_msg = "<div id=\"success\">" . $lang['edit_permessi_ok'] . "</div><br />";
            }
            else {
                $query_msg = "<div id=\"error\">" . $lang['edit_permessi_error'] . "</div><br /><span class=\"text2\">" . mysql_error() . "</span><br /><br />";
            }
        }
        elseif ($_POST['submit_sel'] == 'rimuovi_file') {
            $dirs = explode(",", $uid);
            
            foreach($dirs as $del_dirs => $val) {
                
                if (!preg_match('/^[0-9]{1,4}$/', $val)) {
                    unset($dirs[$del_dirs]);
                }
                else {
                    full_rmdir("../" . $file_dir . "/" . $val);
                }
            }
        }
        elseif ($_POST['submit_sel'] == 'invia_email') {
            $popup_email = "\n
									<script language=\"javascript\" type=\"text/JavaScript\">
									<!--
									var test = window.open('invia_email_utenti.php?user_id=" . $uid . "', 'popup','width=420px, height=450px, resizable=1, scrollbars=1, location=1, status=1');
									if (!test) {
									alert('Per inviare le email devi abilitare i popup!');
									} 
									//-->
									</script>\n";
        }
    }
    else {
        $uid = NULL;
        $query_msg = "<div id=\"error\">" . $lang['selez_utente'] . "</div><br />";
    }
}

//creazione nuovo utente

if (isset($_POST['submit'])) {
    
    if (trim($_POST['nome_cognome']) == '' || trim($_POST['email']) == '') {
        $utente_msg = "<br /><div id=\"error2\">" . $lang['campi_obbligatori'] . "</div>";
    }
    else {
        $utente_msg = NULL;
        
        if (!preg_match('/^[.a-z0-9_-]+@[.a-z0-9_-]+\.[a-z]{2,4}$/', $_POST['email'])) {
            $email_errata = "<br /><div id=\"error2\">" . $lang['wrong_email'] . "</div>";
        }
        else {
            $email_errata = NULL;
            define('SALT', '0123456789abcdefghij>-+*/%!=[$');
            $pwd_random = NewPassword();
            $password_utente = md5(SALT . $pwd_random);
            $nome_cognome_utente = (!get_magic_quotes_gpc() ? mysql_real_escape_string(trim($_POST['nome_cognome'])) : trim($_POST['nome_cognome']));
            $email_utente = (!get_magic_quotes_gpc() ? mysql_real_escape_string($_POST['email']) : $_POST['email']);

            //vedo se l'email del nuovo utente è già presente in tabella
            $check_utente = mysql_query("SELECT email FROM $tab_utenti WHERE email='$email_utente' LIMIT 1");
            
            if (mysql_num_rows($check_utente) > 0) {
                $utente_presente = "<br /><div id=\"error2\"><b>" . $lang['user_email_exists'] . "</b></div>";
            }
            else {
                
                if (mysql_query("INSERT INTO $tab_utenti (nome_cognome, email, livello_id, nome_livello, attivo, user_password, permessi, mostra_link, email_nascosta, ultimo_accesso, data_registrazione) 
																				VALUES ('" . htmlspecialchars($nome_cognome_utente, ENT_QUOTES) . "', '$email_utente', 3, 'Redattore', 1, '$password_utente', 'tutto', 'nome', 1, 0, " . mktime() . " )")) {
                    $query_utente_msg = "<br /><span class=\"text2\"><b>" . $lang['utente_ok'] . "</b></span>";
                    $header = "From: " . $_SERVER['SERVER_ADMIN'] . "\n";
                    $header.= "Reply-To: " . $_SERVER['SERVER_ADMIN'] . "\n";
                    $header.= "Return-Path: " . $_SERVER['SERVER_ADMIN'] . "\n";
                    $header.= "X-Mailer: PHP/" . phpversion() . "\n";
                    $header.= "MIME-Version: 1.0\n";
                    $header.= "Content-type: text/plain; charset=ISO-8859-1\n";
                    $header.= "Content-Transfer-encoding: 7bit\n";
                    mail($email_utente, "" . $rowconf['nome_sito'] . " - Account Redattore attivato", "Ciao " . stripslashes($nome_cognome_utente) . ",\nl'amministratore ha appena creato il tuo nuovo account come Redattore.\nAccedi al tuo pannello di controllo: $dir_admin/login.php \n\nI dati di accesso sono i seguenti:\n\nEmail: $email_utente\nPassword: $pwd_random\n\n-- \n" . $rowconf['url_sito'] . "", $header);
                }
                else {
                    $query_utente_msg = "<br /><div id=\"error\">" . $lang['utente_error'] . "</div><br /><span class=\"text2\">" . mysql_error() . "</span><br /><br />";
                }
                $utente_presente = NULL;
            }
            $utente_msg = NULL;
        }
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">  
  <head>    
    <title>Amministrazione news - Gestione utenti
    </title>    
    <link rel="stylesheet" href="../style.css" type="text/css" />		
<script language="JavaScript" src="../javascript.js" type="text/JavaScript"></script>  
  </head>  
  <body>
<?php
include ("menu.php");
echo $popup_email;
echo $query_msg;
echo $del_ok;
echo "<form name=\"admin\" action=\"utenti.php\" method=\"post\">";
echo "<table width=\"100%\" style=\"border: 3px solid #DDDDDD;\" cellpadding=\"2\" cellspacing=\"2\" bgcolor=\"#FFFFFF\" align=\"center\">
<tr><td bgcolor=\"#EEEEEE\">&nbsp;</td>
<td class=\"text\" align=\"center\" bgcolor=\"#EEEEEE\">$link_nome_cognome</td>
<td class=\"text\" align=\"center\" bgcolor=\"#EEEEEE\">$link_email</td>
<td class=\"text\" align=\"center\" bgcolor=\"#EEEEEE\">$link_status</td>
<td class=\"text\" align=\"center\" bgcolor=\"#EEEEEE\">$link_news</td>
<td class=\"text\" align=\"center\" bgcolor=\"#EEEEEE\">$link_permessi</td>
<td class=\"text\" align=\"center\" bgcolor=\"#EEEEEE\">Files</td>
<td class=\"text\" align=\"center\" bgcolor=\"#EEEEEE\">$link_data_registrazione</td>
</tr>";
$q_utenti = mysql_query("$order_query");

for ($i = 1;$q_riga = mysql_fetch_assoc($q_utenti);$i++) {
    $nome_livello = ($q_riga['nome_livello'] == 'Amministratore') ? '<br />(<b>Amministratore</b>)' : NULL;
    $TotaleNews = ($q_riga['TotaleNews'] > 0) ? "<a href=\"gestione_news.php?user_id=" . $q_riga['user_id'] . "\" title=\"Visualizza le news\">" . $q_riga['TotaleNews'] . "</a>" : $q_riga['TotaleNews'];
    $attivo = ($q_riga['attivo'] == 1) ? 'attivo' : "<span style=\"color: #FF0000\">disattivo</span>";
    $permessi = ($q_riga['permessi'] == 'nessuno') ? "<span style=\"color: #FF0000\">" . $q_riga['permessi'] . "</span>" : $q_riga['permessi'];
    $checkbox = ($q_riga['user_id'] == 1) ? NULL : "<input type=\"checkbox\" name=\"cb_id[]\" value=\"" . $q_riga['user_id'] . "\" id=\"id_" . $q_riga['user_id'] . "\" />";

    //conto quanti file ha ogni utente
    $files = 0;
    
    if ($aprodir = @opendir("../" . $file_dir . "/" . $q_riga['user_id'])) {
        
        while (false !== ($ifile = readdir($aprodir))) {
            
            if ($ifile != "." && $ifile != "..") {
                $files++;
            }
        }
        closedir($aprodir);
    }
    $files = ($files == 0) ? 0 : --$files;
    echo "<tr onmouseover=\"this.bgColor='#F1F9FF'\" onmouseout=\"this.bgColor='#FFFFFF'\">
                      <td width=\"2%\" align=\"center\">$checkbox</td>
                      <td width=\"18%\" align=\"left\" class=\"text\"><a href=\"profilo_admin.php?user_id=" . $q_riga['user_id'] . "\" title=\"Visualizza il profilo\">" . $q_riga['nome_cognome'] . "</a>$nome_livello</td>
                      <td width=\"11%\" align=\"left\" class=\"text\">" . $q_riga['email'] . "</td>
                      <td width=\"8%\" align=\"center\" class=\"text\">$attivo</td>
                      <td width=\"7%\" align=\"center\" class=\"text\">$TotaleNews</td>
                      <td width=\"10%\" align=\"center\" class=\"text\">$permessi</td>
                      <td width=\"6%\" align=\"center\" class=\"text\">$files</td>
                      <td width=\"17%\" align=\"center\" class=\"text\">" . strftime("%d %b %Y %H:%M", $q_riga['data_registrazione']) . "</td>
                      </tr>";
}
echo "<tr>
  	<td colspan=\"4\" bgcolor=\"#EEEEEE\" class=\"text2\" align=\"left\">Seleziona:  
		<a href=\"javascript:onClick=checkTutti()\" class=\"piccolo\">tutti</a>, <a href=\"javascript:onClick=uncheckTutti()\" class=\"piccolo\">nessuno</a>&nbsp;
		<select name=\"submit_sel\" onchange=\"return dropdown(this);\">
    <option selected=\"selected\">- OPERAZIONI -</option>
    <option value=\"attiva_utenti\">Attiva utenti</option>
    <option value=\"disattiva_utenti\">Disattiva utenti</option>
    <option value=\"elimina_news\">Elimina news</option>
    <option value=\"rimuovi_file\">Rimuovi file</option>
    <option value=\"upload\">Permessi upload</option>
    <option value=\"letturestampe\">Permessi stampe/letture</option>
    <option value=\"tutto\">Tutti i permessi</option>
    <option value=\"nessuno\">Nessun permesso</option>
    <option value=\"invia_email\">Invia Email [Popup]</option>
</select></td>";
echo "<td colspan=\"4\" bgcolor=\"#EEEEEE\" class=\"text2\" align=\"right\">";

//paginazione
$num_totale = mysql_result(mysql_query("SELECT COUNT(user_id) FROM $tab_utenti") , 0);
$numero_pagine = ceil($num_totale / $rec_page);
$pagina_attuale = ceil(($start / $rec_page) + 1);
echo "<b>(Totale: $num_totale)</b> " . page_bar("utenti.php?$get_sortby", $pagina_attuale, $numero_pagine, $rec_page);
echo "</td></tr></table>";
?>    
    </form><br />    
    <table width="100%" border="0" cellpadding="0" cellspacing="0" align="center">      
      <tr>        
        <td class="text2" align="center">          
          <form name="crea_utenti" action="utenti.php" method="post">            
            <fieldset>              
              <legend><b>Inserisci un nuovo utente</b>
              </legend>							Nome e cognome 
              <input type="text" name="nome_cognome" size="25" maxlength="30" /> &nbsp;  							Indirizzo email valido 
              <input type="text" name="email" size="25" maxlength="30" /> &nbsp;  				               
              <input type="submit" name="submit" value="Inserisci" style="font-weight: bold;" /><br />				               
              <?php echo $utente_msg;
echo $query_utente_msg;
echo $utente_presente;
echo $email_errata; ?>             
            </fieldset>                   
          </form></td>      
      </tr>    
    </table><br />    
    <?php include ("footer.php"); ?>  
  </body>
</html>
Return current item: Spacemarc News