Location: PHPKode > projects > wawp > wawp/administration/users.php
<?php
/********************** WEB AUTHENTICATION with PHP **************************
This package provide a set of tools for web authentication with php and mysql.


GNU GENERAL PUBLIC LICENSE
Version 2, June 1991

WEB AUTHENTICATION with PHP

Copyright (C) 2005-2006  Naldi Stefano

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA


CONTACT

Please send any question, bug or communication to the author:


Naldi Stefano


ITALY

e-mail: hide@address.com

*****************************************************************************/

$infi = str_replace ("\\", "/", get_included_files());
if(!in_array(stripslashes(dirname($_SERVER['DOCUMENT_ROOT'])."/wawp_admin/admin.php"), $infi)
   || !in_array(stripslashes(dirname($_SERVER['DOCUMENT_ROOT'])."/wawp_admin/config.php"), $infi))
  {
    require (dirname($_SERVER['DOCUMENT_ROOT'])."/wawp_admin/php_pages_header.php");
  }

$currentPage = $_SERVER["PHP_SELF"];

$maxRows_Recordset1 = 5;
$pageNum_Recordset1 = 0;
if (isset($_GET['pageNum_Recordset1'])) {
  $pageNum_Recordset1 = $_GET['pageNum_Recordset1'];
}
$startRow_Recordset1 = $pageNum_Recordset1 * $maxRows_Recordset1;

$field_Recordset1 = "name";
if (isset($_POST['fn'])) {
  $field_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['fn'] : addslashes($_POST['fn']);
}
$txt_Recordset1 = "%";
if (isset($_POST['tx'])) {
  $txt_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['tx'] : addslashes($_POST['tx']);
}
mysql_select_db($mydbname, $mylink);
$query_Recordset1 = sprintf("SELECT * FROM users_and_groups WHERE %s LIKE '%s%%' AND ntype='U' ORDER BY name ASC", $field_Recordset1,$txt_Recordset1);
$query_limit_Recordset1 = sprintf("%s LIMIT %d, %d", $query_Recordset1, $startRow_Recordset1, $maxRows_Recordset1);
$Recordset1 = mysql_query($query_limit_Recordset1, $mylink) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);

if (isset($_GET['totalRows_Recordset1'])) {
  $totalRows_Recordset1 = $_GET['totalRows_Recordset1'];
} else {
  $all_Recordset1 = mysql_query($query_Recordset1);
  $totalRows_Recordset1 = mysql_num_rows($all_Recordset1);
}
$totalPages_Recordset1 = ceil($totalRows_Recordset1/$maxRows_Recordset1)-1;

$queryString_Recordset1 = "";
if (!empty($_SERVER['QUERY_STRING'])) {
  $params = explode("&", $_SERVER['QUERY_STRING']);
  $newParams = array();
  foreach ($params as $param) {
    if (stristr($param, "pageNum_Recordset1") == false &&
        stristr($param, "totalRows_Recordset1") == false) {
      array_push($newParams, $param);
    }
  }
  if (count($newParams) != 0) {
    $queryString_Recordset1 = "&" . htmlentities(implode("&", $newParams));
  }
}
$queryString_Recordset1 = sprintf("&totalRows_Recordset1=%d%s", $totalRows_Recordset1, $queryString_Recordset1);
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Web Authentication with PHP</title>
<style type="text/css">
<!--
.style4 {
	color: #FFFF00;
	font-weight: bold;
}
.style5 {color: #FF0000}
.style6 {font-size: small}
.style7 {color: #FFFF00}
-->
</style>
</head>

<body>

<table width="100%" border="0" cellpadding="0" cellspacing="0">
  <!--DWLayoutTable-->
  <tr>
    <td width="100%" height="50" align="center" valign="middle" bgcolor="#0000FF"><div align="center" class="style4">Web Authentication with PHP  &nbsp;    v. 1.1<br>
    <small><small style="font-style: italic;">
	<span style="color: rgb(255, 255, 0);">Released under the GNU General Public License</span></small></small><br>
	  </div></td>
  </tr>
  <tr>
    <td height="50" align="center" valign="middle" bgcolor="#FFCC33"><div align="center" class="style5">
      <table width="80%" cellspacing="1" bgcolor="#0000FF">
        <tr align="center" bgcolor="#FFCC33">
          <td width="20%"><a href="../index.php">Administration</a></td>
          <td width="20%"><a href="../setup/setup.php">Setup</a></td>
          <td width="20%" bgcolor="#FFFFFF"><a href="users.php">Users</a></td>
          <td width="20%"><a href="groups.php">Groups</a></td>
          <td width="20%"><a href="locations.php">Locations</a></td>
        </tr>
      </table>
    </div></td>
  </tr>
  <tr>
    <td height="300" align="center" valign="top">      <br>
        <table width="80%" align="center" cellspacing="1" bgcolor="#0000FF">
          <tr bgcolor="#CCCCCC">
            <td colspan="7"><table>
              <tr valign="middle">
                <td width="15%" valign="top" bgcolor="#0000FF"><div align="left" class="style7">Users's table </div></td>
                <td width="45%" valign="top"><span class="style6">
                  </span>
                  <table border="0" width="100%" align="center">
                    <tr>
                      <td width="23%" align="center" class="style6"><?php if ($pageNum_Recordset1 > 0) { // Show if not first page ?>
                        <a href="<?php printf("%s?pageNum_Recordset1=%d%s", $currentPage, 0, $queryString_Recordset1); ?>">First</a>
                        <?php } // Show if not first page ?>
                      </td>
                      <td width="31%" align="center" class="style6"><?php if ($pageNum_Recordset1 > 0) { // Show if not first page ?>
                        <a href="<?php printf("%s?pageNum_Recordset1=%d%s", $currentPage, max(0, $pageNum_Recordset1 - 1), $queryString_Recordset1); ?>">Previous</a>
                        <?php } // Show if not first page ?>
                      </td>
                      <td width="23%" align="center" class="style6"><?php if ($pageNum_Recordset1 < $totalPages_Recordset1) { // Show if not last page ?>
                        <a href="<?php printf("%s?pageNum_Recordset1=%d%s", $currentPage, min($totalPages_Recordset1, $pageNum_Recordset1 + 1), $queryString_Recordset1); ?>">Next</a>
                        <?php } // Show if not last page ?>
                      </td>
                      <td width="23%" align="center" class="style6"><?php if ($pageNum_Recordset1 < $totalPages_Recordset1) { // Show if not last page ?>
                        <a href="<?php printf("%s?pageNum_Recordset1=%d%s", $currentPage, $totalPages_Recordset1, $queryString_Recordset1); ?>">Last</a>
                        <?php } // Show if not last page ?>
                      </td>
                    </tr>
                </table></td>
                <td width="40%"><div align="center"><span class="style6">&nbsp; Records <?php echo ($startRow_Recordset1 + 1) ?> to <?php echo min($startRow_Recordset1 + $maxRows_Recordset1, $totalRows_Recordset1) ?> of &nbsp;<?php echo $totalRows_Recordset1 ?> </span></div></td>
              </tr>
            </table></td>
          </tr>
          <tr bgcolor="#CCCCCC">
            <td valign="middle"><form action="users.insert.php" method="post" enctype="multipart/form-data" name="form1" class="style6">
              <input type="submit" name="Submit" value="New user">
</form></td>
            <td colspan="6" valign="middle" bgcolor="#FFFFFF"><form action="users.php" method="post" enctype="multipart/form-data" name="form2" class="style6">
              <span class="style6">&nbsp;&nbsp;&nbsp;Search for&nbsp;&nbsp;
              <input name="tx" type="text" id="tx" value="<?php if(isset($_POST['tx'])) {echo $_POST['tx'];} ?>">
&nbsp;&nbsp;in the field&nbsp;
<select name="fn" id="fn">
  <option value="name" selected>name</option>
  <option value="email">email</option>
  <option value="nstatus">status</option>
  <option value="fullname">fullname</option>
  <option value="tel">tel</option>
</select>
&nbsp;&nbsp;&nbsp;
<input type="submit" name="Submit" value="Search">
</span>
            </form>
            </td>
          </tr>
          <tr bgcolor="#CCCCCC">
            <td width="10%" align="center"><div align="center" class="style6">
              <div align="center">update</div>
            </div></td>
            <td><div align="center"><span class="style6">username</span></div></td>
            <td><div align="center"><span class="style6">email</span></div></td>
            <td><div align="center"><span class="style6">nstatus</span></div></td>
            <td><div align="center"><span class="style6">fullname</span></div></td>
            <td><div align="center"><span class="style6">tel</span></div></td>
            <td width="10%"><div align="center"><span class="style6">Delete</span></div></td>
          </tr>
          <?php do { ?>
          <tr valign="top" bgcolor="#FFFFFF">
            <td width="10%" align="center" nowrap><form action="users.update.php" method="post" enctype="multipart/form-data" name="form1" class="style6">
                <input type="submit" name="Submit" value="update">
                <input name="un" type="hidden" value="<?php echo $row_Recordset1['name']; ?>">
            </form></td>
            <td nowrap><div align="left"><span class="style6"><?php echo $row_Recordset1['name']; ?></span></div></td>
            <td nowrap><span class="style6"><?php echo $row_Recordset1['email']; ?></span></td>
            <td nowrap><div align="center"><span class="style6"><?php echo $row_Recordset1['nstatus']; ?></span></div></td>
            <td nowrap><span class="style6"><?php echo $row_Recordset1['fullname']; ?></span></td>
            <td nowrap><span class="style6"><?php echo $row_Recordset1['tel']; ?></span></td>
            <td width="10%" align="center" nowrap><form action="users.delete.php" method="post" enctype="multipart/form-data" name="form1" class="style6">
              <input type="submit" name="Submit" value="delete !">
&nbsp;
  <input name="dun" type="hidden" id="dun" value="<?php echo $row_Recordset1['name']; ?>">
            </form></td>
          </tr>
          <?php } while ($row_Recordset1 = mysql_fetch_assoc($Recordset1)); ?>
      </table></td>
  </tr>
</table>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Return current item: wawp