Location: PHPKode > projects > WebDebEx > webdebex/html/user_edit.php
<?php
require_once("functions.php");
DBOpen();
LoginReq();
MyHeader();


$_POST[edit] = CheckInt($_POST[edit]);

$res = DBQuery("SELECT * FROM users WHERE user_id = $_POST[edit] AND user_domain = $_REQUEST[db_session_dom]");
$user = mysql_fetch_assoc($res);

$res = DBQuery("SELECT * FROM domains WHERE dom_id = $user[user_domain]");
$domain = mysql_fetch_assoc($res);


if($user[user_id] > 0) {

if(isset($_POST[editsave])) {
	$_POST[user_full_name] = CheckString($_POST[user_full_name],32);
	//$_POST[user_password] = md5(strip_tags(trim($_POST[user_password])));
	//$_POST[user_password2] = md5(strip_tags(trim($_POST[user_password2])));
	$_POST[user_password]=trim($_POST[user_password]);
	$_POST[user_password2]=trim($_POST[user_password2]);
	
	$_POST[user_mail_enabled] = CheckInt($_POST[user_mail_enabled]);
	$_POST[user_mail_quota] = CheckDouble($_POST[user_mail_quota]);
	$_POST[user_mail_quota_size] = CheckInt($_POST[user_mail_quota_size]);
	
	$_POST[user_ftp_enabled] = CheckInt($_POST[user_ftp_enabled]);
	$_POST[user_ftp_quota] = CheckDouble($_POST[user_ftp_quota]);
	$_POST[user_ftp_quota_size] = CheckInt($_POST[user_ftp_quota_size]);
	$_POST[user_ftp_files] = CheckInt($_POST[user_ftp_files]);
	
	$_POST[user_www_enabled] = CheckInt($_POST[user_www_enabled]);
	$_POST[user_php_safemode] = CheckInt($_POST[user_php_safemode]);
	$_POST[user_php_openbasedir] = CheckInt($_POST[user_php_openbasedir]);

	$_POST[user_mail_quota2] = html2size($_POST[user_mail_quota_size],$_POST[user_mail_quota]);
	$_POST[user_ftp_quota2] = html2size($_POST[user_ftp_quota_size],$_POST[user_ftp_quota]);

	if(strlen($_POST[user_password])>0) {
		if ($_POST[user_password]==$_POST[user_password2]) {
			$query .= ",user_password=encrypt('$_POST[user_password]')";
		} else {
			echo "<BR><B><FONT COLOR=RED>Wrong Password Confirmation! Password unchanged!</FONT></B><BR>";
		}
	}


	$createuser = true;

	$res = DBQuery("SELECT count(*) as dom_count, sum(user_mail_quota) + sum(user_ftp_quota) as dom_max_space, sum(user_ftp_files) as dom_max_files FROM users WHERE user_domain = $_REQUEST[db_session_dom] AND user_id != $_POST[edit]");
	$row = mysql_fetch_assoc($res);
	$spaceleft = $domain[dom_max_space] - $row[dom_max_space];
	$filesleft = $domain[dom_max_files] - $row[dom_max_files];

	if($_POST[user_ftp_files]>$filesleft) {
		echo "<BR><B><FONT COLOR=RED>Too high files count enter: $_POST[user_ftp_files] of $filesleft</FONT></B><BR>";
		$createuser = false;
	}

	if($_POST[user_mail_quota2]+$_POST[user_ftp_quota2]>$spaceleft) {
		echo "<BR><B><FONT COLOR=RED>Out of available space: ".fsizeHR($_POST[user_mail_quota2]+$_POST[user_ftp_quota2])." of ".fsizeHR($spaceleft)."</FONT></B><BR>";
		$createuser = false;
	}

	if((strlen($_POST[user_password])>0)&&($_POST[user_password]!=$_POST[user_password2])) {
		echo "<BR><B><FONT COLOR=RED>Wrong Password confirmation</FONT></B><BR>";
		$createuser = false;
	}

	if(strlen($_POST[user_password])==0) {
		echo "<BR><B><FONT COLOR=ORANGE>Password unchanged</FONT></B><BR>";
	}


	if($createuser) {
		$query = "";
		if($_POST[user_mail_enabled]) $query .= ",user_mail_enabled='on',user_mail_quota=$_POST[user_mail_quota2]";
		else $query .= ",user_mail_enabled='off',user_mail_quota=0";
		
		if($_POST[user_ftp_enabled]) $query .= ",user_ftp_enabled='on',user_ftp_quota=$_POST[user_ftp_quota2],user_ftp_files=$_POST[user_ftp_files]";
		else $query .= ",user_ftp_enabled='off',user_ftp_quota=0,user_ftp_files=0";
		
		if($_POST[user_www_enabled]) $query .= ",user_www_enabled='on'";
		else $query .= ",user_www_enabled='off'";
	
		if(($_POST[user_php_safemode])||($domain[dom_php_safemode]=='on')) $query .= ",user_php_safemode='on'";
		else $query .= ",user_php_safemode='off'";
	
		if(($_POST[user_php_openbasedir])||($domain[dom_php_openbasedir]=='on')) $query .= ",user_php_openbasedir='on'";
		else $query .= ",user_php_openbasedir='off'";


		if((strlen($_POST[user_password])>0)&&($_POST[user_password]==$_POST[user_password2])) {
				$query .= ",user_password=encrypt('$_POST[user_password]')";
		}	
	
		DBQuery("UPDATE users SET user_full_name = '$_POST[user_full_name]'    $query WHERE user_id = $_POST[edit]");
		echo "<BR><B><FONT COLOR=GREEN>User modified!</FONT></B><BR>";
	
		$res = DBQuery("SELECT * FROM users WHERE user_id = $_POST[edit] AND user_domain = $_REQUEST[db_session_dom]");
		$user = mysql_fetch_assoc($res);
	}
}

	$tmp = size2html($user[user_mail_quota]);
	$user[user_mail_quota_size] = $tmp[0];
	$user[user_mail_quota] = $tmp[1];
	
	$tmp = size2html($user[user_ftp_quota]);
	$user[user_ftp_quota_size] = $tmp[0];
	$user[user_ftp_quota] = $tmp[1];






		echo "<BR>";
		echo "<FORM METHOD=POST STYLE='display:inline;'>";
		echo "<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3>";
			echo "<TR>";
				echo "<TD>Email</TD>";
				echo "<TD>$user[user_name]</TD>";
				echo "<TD COLSPAN=2>&nbsp;</TD>";
				echo "<TD><INPUT TYPE=HIDDEN NAME=edit VALUE=$_POST[edit]><INPUT TYPE=HIDDEN NAME=editsave VALUE=true><INPUT TYPE=image NAME=createX SRC='icons/edit.gif' STYLE='border:0px;background-color:transparent;' ALT='Create new User'></TD>";
			echo "</TR>";

			echo "<TR><TD>&nbsp;</TD></TR>";

			echo "<TR>";
				echo "<TD>Full Name</TD>";
				echo "<TD><INPUT TYPE=text NAME=user_full_name VALUE='$user[user_full_name]'></TD>";
				echo "<TD>Password</TD>";
				echo "<TD><INPUT TYPE=password NAME=user_password></TD>";
			echo "</TR>";
			echo "<TR>";
				echo "<TD COLSPAN=2>&nbsp;</TD>";
				echo "<TD>Confirm P.</TD>";
				echo "<TD><INPUT TYPE=password NAME=user_password2></TD>";
			echo "</TR>";

			echo "<TR><TD>&nbsp;</TD></TR>";
		
			echo "<TR>";
				echo "<TD>Mail Enabled</TD>";
				if($user[user_mail_enabled] == 'on') echo "<TD><INPUT TYPE=checkbox NAME=user_mail_enabled VALUE=1 CHECKED></TD>";
				else echo "<TD><INPUT TYPE=checkbox NAME=user_mail_enabled VALUE=1></TD>";
				echo "<TD>Mail Quota</TD>";
				echo "<TD><INPUT TYPE=text NAME=user_mail_quota STYLE='width:80px;' VALUE='$user[user_mail_quota]'> <SELECT NAME=user_mail_quota_size>";
					if($user[user_mail_quota_size]!=2) echo "<OPTION VALUE=1 SELCETED>MB</OPTION><OPTION VALUE=2>GB</OPTION></SELECT>";
					else echo "<OPTION VALUE=1>MB</OPTION><OPTION VALUE=2 SELECTED>GB</OPTION></SELECT>";
				echo "</TD>";
			echo "</TR>";

		
			echo "<TR><TD>&nbsp;</TD></TR>";
		
			echo "<TR>";
				echo "<TD>FTP Access</TD>";
				if($user[user_ftp_enabled] == 'on') echo "<TD><INPUT TYPE=checkbox NAME=user_ftp_enabled VALUE=1 CHECKED></TD>";
				else echo "<TD><INPUT TYPE=checkbox NAME=user_ftp_enabled VALUE=1></TD>";
				echo "<TD>FTP Quota</TD>";
				echo "<TD><INPUT TYPE=text NAME=user_ftp_quota VALUE='$user[user_ftp_quota]' STYLE='width:80px;'> <SELECT NAME=user_ftp_quota_size>";
					if($user[user_ftp_quota_size]!=2) echo "<OPTION VALUE=1 SELECTED>MB</OPTION><OPTION VALUE=2>GB</OPTION>";
					else echo "<OPTION VALUE=1>MB</OPTION><OPTION VALUE=2 SELECTED>GB</OPTION>";
				echo "</SELECT></TD>";
			echo "</TR>";
			echo "<TR>";
				echo "<TD COLSPAN=2>&nbsp;</TD>";
				echo "<TD>FTP Files</TD>";
				echo "<TD><INPUT TYPE=text NAME=user_ftp_files VALUE='$user[user_ftp_files]'></TD>";
			echo "</TR>";
		
			echo "<TR><TD>&nbsp;</TD></TR>";
		
			echo "<TR>";
				echo "<TD>WWW Enabled</TD>";
				if($user[user_www_enabled] == 'on') echo "<TD><INPUT TYPE=checkbox NAME=user_www_enabled VALUE=1 CHECKED></TD>";
				else echo "<TD><INPUT TYPE=checkbox NAME=user_www_enabled VALUE=1></TD>";
				echo "<TD>PHP Safemode</TD>";
				if($domain[dom_php_safemode]=='off') {
						if($user[user_php_safemode] == 'on') echo "<TD><INPUT TYPE=checkbox NAME=user_php_safemode VALUE=1 CHECKED></TD>";
						else echo "<TD><INPUT TYPE=checkbox NAME=user_php_safemode VALUE=1></TD>";
					} else echo "<TD>On</TD>";
			echo "</TR>";
			echo "<TR>";
				echo "<TD COLSPAN=2>&nbsp;</TD>";
				echo "<TD>PHP OpenBaseDir</TD>";
				if($domain[dom_php_openbasedir]=='off') {
						if($user[user_php_openbasedir] == 'on') echo "<TD><INPUT TYPE=checkbox NAME=user_php_openbasedir VALUE=1 CHECKED></TD>";
						else echo "<TD><INPUT TYPE=checkbox NAME=user_php_openbasedir VALUE=1></TD>";
					} else echo "<TD>On</TD>";
			echo "</TR>";
		echo "</TABLE>";
		echo "</FORM>";

} else echo "<BR><B><FONT COLOR=RED>Unknown User!</FONT></B><BR>";

DBClose();
MyFooter();
MyEnd();
?>
Return current item: WebDebEx