Location: PHPKode > scripts > Exercise Tip Email Buddy > exercise-tip-email-buddy/admin-home.php
<?php 
	include('functions/functions_general.php');
	include('config.php');
	
	$custom_vars = getCustomVars();
	
	if (!checkAdminLogin($_SESSION['exercise_tip_buddy_admin_username'],$_SESSION['exercise_tip_buddy_admin_password'])) {
		header('Location:admin-login.php');
	}

	// ACTIONS
	$i = 0;
	
	// Delete Issue
	if ($_POST['action'] == 'delete_issue') {
		$delete = mysql_query('
			DELETE FROM exercise_tip_buddy_mailing_list_archive
			WHERE mailing_list_archive_id = "' . $_POST['mailing_list_archive_id'] . '"');
		$result_div .= getResultDiv('The issue has been deleted','success');
	}
	// Add Issue
	if ($_POST['action'] == 'add_issue') {
		$insert = mysql_query('
			INSERT INTO exercise_tip_buddy_mailing_list_archive
			SET mailing_list_archive_content_html = "' . magic_quote_alter($_POST['mailing_list_archive_content_html'],'"') . '",
				mailing_list_archive_subject = "' . magic_quote_alter($_POST['mailing_list_archive_subject'],'"') . '"');
		$result_div .= getResultDiv('The issue has been added','success');
	}
	
	
	// Delete Subscriber
	if ($_POST['action'] == 'delete_subscriber') {
		$delete = mysql_query('
			DELETE FROM exercise_tip_buddy_mailing_list_subscribers
			WHERE mailing_list_subscribers_id = "' . $_POST['mailing_list_subscribers_id'] . '"');
		$result_div .= getResultDiv('The subscriber has been deleted','success');
	}
	
	
	// Save Settings
	if ($_POST['action'] == 'save_settings') {
		updateCustomSetting('email_queue_custom_duration',$_POST['email_queue_custom_duration']);
		updateCustomSetting('email_queue_max_per_day',$_POST['email_queue_max_per_day']);
		updateCustomSetting('email_header',$_POST['email_header']);
		updateCustomSetting('email_footer',$_POST['email_footer']);
		updateCustomSetting('subject_prefix',$_POST['subject_prefix']);
		updateCustomSetting('email_queue_custom_duration_max',$_POST['email_queue_custom_duration_max']);
		$result_div .= getResultDiv('The settings have been saved','success');
		$custom_vars = getCustomVars();
	}

	// Add administrator
	if ($_POST['action'] == 'add_admin') {
		$i = 0;
		if (strlen($_POST['administrators_username']) < '6') {
			$error[$i] = 'Please enter a longer username (over 6 characters)';
			$i++;
		}
		if (strlen($_POST['administrators_password']) < '6') {
			$error[$i] = 'Please enter a longer password (over 6 characters)';
			$i++;
		}
		if (strlen($_POST['administrators_email']) < '1') {
			$error[$i] = 'Please enter an email address for the administrator';
			$i++;
		}
		$duplicate_check = mysql_query('
			SELECT *
			FROM exercise_tip_buddy_administrators
			WHERE administrators_username = "' . $_POST['administrators_username'] . '"');
		if (mysql_num_rows($duplicate_check) > 0) {
			$error[$i] = 'That username is already being used, please use another';
			$i++;
		}
		$error_div = getResultDiv($error);
		$result_div .= $error_div;
		if ($error_div == '') {
			$insert = mysql_query('
				INSERT INTO exercise_tip_buddy_administrators
				SET administrators_username = "' . $_POST['administrators_username'] . '",
					administrators_pass = PASSWORD("' . $_POST['administrators_password'] . '"),
					administrators_email = "' . $_POST['administrators_email'] . '",
					administrators_level = "' . $_POST['administrators_level'] . '"');
				echo mysql_error();
			$result_div .= getResultDiv('The administrator was added','success');
		}
	}
	
	// Change Password
	if ($_POST['action'] == 'change_password') {
		if (strlen($_POST['administrators_password']) < 6) {
			$result_div .= getResultDiv('Please choose a longer password (at least 6 characters)');	
		} else {
			if ($update = mysql_query('
				UPDATE exercise_tip_buddy_administrators
				SET administrators_pass = PASSWORD("' . $_POST['administrators_password'] . '")
				WHERE administrators_id = "' . $_POST['administrators_id'] . '"')) {
				$result_div .= getResultDiv('The administrators password was changed','success');
			} else {
				$result_div .= getMysqlError();
			}
		}
	}
	
	// Deleted Admin
	if ($_POST['action'] == 'delete_admin') {
		if ($_POST['administrators_id'] == $_SESSION['exercise_tip_buddy_admin_id']) {
			$result_div = getResultDiv('<strong>You cannot remove your own administrator account.</strong>');
		} else {
			if ($delete = mysql_query('
				DELETE FROM exercise_tip_buddy_administrators
				WHERE administrators_id = "' . $_POST['administrators_id'] . '"')) {
				$result_div .= getResultDiv('<strong>The administrator was deleted</strong>','success');
			} else{
				$result_div .= getResultDiv(getMysqlError());
			}
		}
	}
	
	// END ACTIONS
	
	if ($_SESSION['exercise_tip_buddy_admin_level'] == 1) {
		$result = mysql_query('
			SELECT *
			FROM exercise_tip_buddy_administrators
			ORDER BY administrators_id ASC');
		while ($row = mysql_fetch_array($result)) {
			if ($row_style == 'account-row-1') {
				$row_style = 'account-row-2';
			} else {
				$row_style = 'account-row-1';
			}
			if ($row['administrators_level'] == 1) {
				$level = 'Chief Admin';
			} elseif ($row['administrators_level'] == 2) {
				$level = 'Normal Admin';
			}
			$admin_block .= '
				<tr>
					<td class="' . $row_style . '">' . $row['administrators_id'] . '</td>
					<td class="' . $row_style . '">' . $row['administrators_username'] . '</td>
					<td class="' . $row_style . '">' . $level . '</td>
					<td class="' . $row_style . '"><a href="mailto:' . $row['administrators_email'] . '">' . $row['administrators_email'] . '</a></td>
					<td class="' . $row_style . '">
						<a onClick="switchImage (\'images/plus.gif\',\'images/minus.gif\',\'admin_image_' . $row['administrators_id'] . '\')" href="javascript:toggleLayer(\'edit-' . $row['administrators_id'] . '\');"><img src="images/plus.gif" name="admin_image_' . $row['administrators_id'] . '"  id="admin_image_' . $row['administrators_id'] . '" /></a>
	
						<div class="hidden highlighted-border" id="edit-' . $row['administrators_id'] . '">
						
						<form action="admin-home.php" method="post">
							<input type="hidden" name="action" value="change_password" />
							<input type="hidden" name="administrators_id" value="' . $row['administrators_id'] . '" />
							New Pass: <input type="text" size="10" name="administrators_password" /> 
							<input type="submit" value="Change Pass &gt;" />
						</form>
						</div>
					</td>
					<td class="' . $row_style . ' nowrap">
						<form action="admin-home.php" method="post">
							<input type="hidden" name="action" value="delete_admin" />
							<input type="hidden" name="administrators_id" value="' . $row['administrators_id'] . '" />
							<input type="submit" value="Delete" onclick="return confirm(\'Are you sure you want to delete the following administrator: ' . $row['administrators_username'] . '?\')"  />
						</form>
					</td>
				</tr>';
		}
	
	$admin_block = '
		<table cellspacing="1" class="account-table wide">
			<tr>
				<th>ID</th>
				<th>Username</th>
				<th>Level</th>
				<th>E-Mail</th>
				<th>Change Password</th>
				<th>Delete</th>
			</tr>' . $admin_block . '</table>';
	}
	
	// Generate issue entries
		$result = mysql_query('
			SELECT *
			FROM exercise_tip_buddy_mailing_list_archive
			ORDER BY mailing_list_archive_id DESC');
		while ($row = mysql_fetch_array($result)) {
			if ($row_style == 'account-row-1') {
				$row_style = 'account-row-2';
			} else {
				$row_style = 'account-row-1';
			}
			$issues_block .= '
				<tr>
					<td class="' . $row_style . '">' . $row['mailing_list_archive_id'] . '</td>
					<td class="' . $row_style . '">' . $row['mailing_list_archive_subject'] . '</td>
					<td class="' . $row_style . '">' . $row['mailing_list_archive_content_html'] . '</td>
					<td class="' . $row_style . ' nowrap">
						<form action="admin-home.php" method="post">
							<input type="hidden" name="action" value="delete_issue" />
							<input type="hidden" name="mailing_list_archive_id" value="' . $row['mailing_list_archive_id'] . '" />
							<input type="submit" value="Delete" onclick="return confirm(\'Are you sure you want to delete this issue?\')"  />
						</form>
					</td>
				</tr>';
		}
	
	$issues_block = '
		<table cellspacing="1" class="account-table wide">
			<tr>
				<th>ID</th>
				<th>Subject</th>
				<th>Content</th>
				<th>Delete</th>
			</tr>' . $issues_block . '</table>';
			
	// Generate Subscriber List
		$result = mysql_query('
			SELECT *
			FROM exercise_tip_buddy_mailing_list_subscribers
			ORDER BY mailing_list_subscribers_id DESC');
		while ($row = mysql_fetch_array($result)) {
			if ($row_style == 'account-row-1') {
				$row_style = 'account-row-2';
			} else {
				$row_style = 'account-row-1';
			}
			$subscribers_block .= '
				<tr>
					<td class="' . $row_style . '">' . $row['mailing_list_subscribers_id'] . '</td>
					<td class="' . $row_style . '">' . $row['mailing_list_subscribers_email'] . '</td>
					<td class="' . $row_style . ' nowrap">
						<form action="admin-home.php" method="post">
							<input type="hidden" name="action" value="delete_subscriber" />
							<input type="hidden" name="mailing_list_subscribers_id" value="' . $row['mailing_list_subscribers_id'] . '" />
							<input type="submit" value="Delete" onclick="return confirm(\'Are you sure you want to remove this subscriber?\')"  />
						</form>
					</td>
				</tr>';
		}
	
	$subscribers_block = '
		<table cellspacing="1" class="account-table wide">
			<tr>
				<th>ID</th>
				<th>Email</th>
				<th>Delete</th>
			</tr>' . $subscribers_block . '</table>';

?>
<head>
	<link href="styles/admin.css" rel="stylesheet" type="text/css"></link>
	<script language="javascript">
		image1 = new Image();
		image1.src = "images/white-arrow-down.gif";
		image2 = new Image();
		image2.src = "images/plus.gif";
		image3 = new Image();
		image3.src = "images/minus.gif";
	</script>
	<script type="text/javascript" src="javascript/toggle_div.js"></script>

<title>Admin Home</title>
</head>
<body>
		
	<div class="main">
	<h1>Admin Home</h1>				
<p><a href="admin-login.php?action=logout">Log Out</a></p>
	<?php echo $result_div; ?>

<?php echo startOptionDiv('my_pass','Change My Password'); ?>
	<form action="admin-home.php" method="post">
		<input type="hidden" name="action" value="change_password" />
		<input type="hidden" name="administrators_id" value="<?php echo $_SESSION['microcms_admin_id']; ?>" />
		New Pass: <input type="text" size="30" name="administrators_password" /> &nbsp;
		<input type="submit" value="Replace Password &gt;&gt;" />
	</form>
<?php echo endOptionDiv(); ?>
<?php echo startOptionDiv('settings','Settings'); ?>
			<form action="admin-home.php" method="post">
				<input type="hidden" name="action" value="save_settings" />
				<input type="hidden" name="administrators_id" value="<?php echo $_SESSION['exercise_tip_buddy_admin_id']; ?>" />
				<table>
					<tr>
						<td>Custom Duration:</td>
						<td><input type="text" size="5" name="email_queue_custom_duration" value="<?php echo $custom_vars['email_queue_custom_duration']; ?>" />
						<td><i>The time limit (in seconds) for sending the number of emails listed in the "Custom Maximum E-mails"</i></td>
					</tr>
					<tr>
						<td>Custom Maximum E-mails:</td>
						<td><input type="text" size="5" name="email_queue_custom_duration_max" value="<?php echo $custom_vars['email_queue_custom_duration_max']; ?>" />
						<td><i>The maximum number of e-mails that can be sent within the time period set by "Custom Duration"</i></td>
					</tr>
					<tr>
						<td>Max E-mails Per Day:</td>
						<td><input type="text" size="5" name="email_queue_max_per_day" value="<?php echo $custom_vars['email_queue_max_per_day']; ?>" />
						<td><i>The maximum number of e-mails that can be sent in a 24 hour period</i></td>
					</tr>
					<tr>
						<td>Subject Prefix:</td>
						<td><input type="text" size="40" name="subject_prefix" value="<?php echo $custom_vars['subject_prefix']; ?>" />
						<td><i>This is added to the beginning of the e-mail subject line</i></td>
					</tr>
					<tr>
						<td>Custom Header:</td>
						<td><textarea cols="40" rows="5" name="email_header"><?php echo stripslashes($custom_vars['email_header']); ?></textarea></td>
						<td><i>An HTML header that will be added to the beginning of an e-mail</i></td>
					</tr>
					<tr>
						<td>Custom Footer:</td>
						<td><textarea cols="40" rows="5" name="email_footer"><?php echo stripslashes($custom_vars['email_footer']); ?></textarea></td>
						<td><i>An HTML header that will be added to the end of an e-mail</i></td>
					</tr>
				</table>
				
				<input type="submit" value="Save Settings &gt;&gt;" />
			</form>
	<?php echo endOptionDiv(); ?>
		

		<?php echo startOptionDiv('add_issue','Add an Issue'); ?>
			<form action="admin-home.php" method="post">
				<input type="hidden" name="action" value="add_issue" />
				<table>
					<tr>
						<td>Subject: </td>
						<td><input type="text" name="mailing_list_archive_subject" size="40" value="<?php echo $form['administrators_username']; ?>" /></td>
					</tr>
					<tr>
						<td>Content (HTML is accepted): </td>
						<td><textarea name="mailing_list_archive_content_html" cols="40" rows="5"></textarea></td>
					</tr>
					<tr>
						<td colspan="2"><p class="align-center"><input type="submit" value="Add Issue" /></p></td>
					</tr>
				</table>
			</form>
		<?php echo endOptionDiv(); ?>
		<?php echo startOptionDiv('manage_issues','Manage Issues'); ?>
			<?php echo $issues_block; ?>
		<?php echo endOptionDiv(); ?>
		<?php echo startOptionDiv('manage_subscribers','Manage Subscribers'); ?>
			<?php echo $subscribers_block; ?>
		<?php echo endOptionDiv(); ?>
	
						
<?php if ($_SESSION['exercise_tip_buddy_admin_level'] == 1)  { ?>
		
<?php echo startOptionDiv('add_administrator','Add an Administrator'); ?>
			<form action="admin-home.php" method="post">
				<input type="hidden" name="action" value="add_admin" />
				<table>
					<tr>
						<td>Username: </td>
						<td><input type="text" name="administrators_username" size="40" value="<?php echo $form['administrators_username']; ?>" /></td>
					</tr>
					<tr>
						<td>Password: </td>
						<td><input type="text" name="administrators_password" size="40" value="<?php echo $form['administrators_password']; ?>" /></td>
					</tr>
					<tr>
						<td>E-mail: </td>
						<td><input type="text" name="administrators_email" size="40" value="<?php echo $form['administrators_email']; ?>" /></td>
					</tr>
					<tr>
						<td>Administrator Level: </td>
						<td>
							<select name="administrators_level">
								<option value=""></option>
								<option value="1">Chief Admin (can add other admins)</option>
								<option value="2">Normal Administrator</option>
							</select>
						</td>
					</tr>
					<tr>
						<td colspan="2"><p class="align-center"><input type="submit" value="Add Administrator" /></p></td>
					</tr>
				</table>
			</form>
		<?php echo endOptionDiv(); ?>
		
			
		

		<?php echo startOptionDiv('manage_administrators','Manage Administrators'); ?>
			<?php echo $admin_block; ?>
		<?php echo endOptionDiv(); ?>
		</div>
	</div>
	
			
<?php } ?>
	</div>
</body>
Return current item: Exercise Tip Email Buddy