Location: PHPKode > scripts > HostBuilder > hostbuilder/admin.php
<?php
/*
	HostBuilder
	Free Edition
	(C) 2007-2008 Data Components Software Development

	Administration
*/

include "functions.php";
include "templates.php";
include "admin.functions.php";
$commname = getconfig(0);

if ($_POST['funcbtn'] == "Login") {
	// If the password equals the administrative password...
	if (trim(getconfig(8)) == md5($_POST['password'])) {
		setcookie("th_admin", md5($_POST['password']));
	} else {
		$t['title'] = $commname." - Administration Login";
		$t['page'] = showerror("Incorrect Password");
		echo parse_tpl("html", $t);
		exit;
	}
}

if ($_COOKIE['th_admin'] != getconfig(8)) {
	$t['title'] = $commname." - Administration Login";
	$t['page'] = showadminlogin($commname);
	echo parse_tpl("html", $t);
	exit;
}

switch (strtolower($_GET['p'])) {
  case "adedit":
    if ($_POST['funcbtn'] == "<< Back") {
      header("Location: admin.php?p=ads");
    } elseif ($_POST['funcbtn'] == "Edit Ad") {
    	switch ($_POST['file']) {
        case "header.inc":
		      $a['message'] = "Forced Header Ad edited successfully!";
		      $globalmsg = parse_tpl("message", $a);
		      break;
        case "footer.inc":
          $a['message'] = "Forced Footer Ad edited successfully!";
		      $globalmsg = parse_tpl("message", $a);
          break;
        case "header.txt":
          $a['message'] = "Header Ad in Manager edited successfully!";
		      $globalmsg = parse_tpl("message", $a);
          break;
        case "footer.txt":
          $a['message'] = "Footer Ad in Manager edited successfully!";
		      $globalmsg = parse_tpl("message", $a);
          break;
		    default:
		      die("Invalid file");
	    }
	    $hnd = fopen(getcwd()."/".$_POST['file'], "w");
		  fwrite($hnd, stripslashes($_POST['contents']));
	    fclose($hnd);
    }
    switch (strtolower($_GET['id'])) {
      case "forcedheader":
        $out = showadedit(getcwd()."/header.inc", "Forced Header Ad");
        break;
      case "forcedfooter":
        $out = showadedit(getcwd()."/footer.inc", "Forced Footer Ad");
        break;
      case "header":
        $out = showadedit(getcwd()."/header.txt", "Header Ad in Manager");
        break;
      case "footer":
        $out = showadedit(getcwd()."/footer.txt", "Footer Ad in Manager");
        break;
    }
    $t['title'] = $commname." - Administration";
    $t['page'] = $globalmsg.$out;
    echo parse_tpl("html", $t);
    break;
  case "ads":
    if ($_POST['funcbtn'] == "<< Back") {
      header("Location: admin.php");
    }
    if ($_POST['funcbtn'] == "Edit Selected Ad") {
    	if (!isset($_POST['adtype'])) {
    		starthtml($commname." - Administration");
    		$a['message'] = "You must select an ad you wish to edit!";
     		$globalmsg = parse_tpl("message", $a);
    	} else {
    		header("Location: admin.php?p=adedit&id=".$_POST['adtype']);
	    }
    }
    $t['title'] = $commname." - Administration";
    $t['page'] = $globalmsg.showadspanel();
    echo parse_tpl("html", $t);
    break;
  case "config":
    if ($_POST['funcbtn'] == "<< Back") {
      header("Location: admin.php");
    }
    if ($_POST['funcbtn'] == "Edit Config") {
      $p = getconfig(8);
      if ($_POST['config8'] != NULL) {
        $p = md5($_POST['config8']);
      }
      $ct = $_POST['config0'];
      for ($i=1;$i<=9;$i++) {
        if ($i==8) {
          $ct .= "::".$p;
        } else {
          $ct .= "::".$_POST['config'.$i];
        }
      }
      $h = fopen(getcwd()."/config.inc", "w");
      fwrite($h, $ct);
      fclose($h);
      $a['message'] = "Configuration edited successfully!";
      $globalmsg = parse_tpl("message", $a);
    }
    $t['title'] = $commname." - Administration";
    $t['page'] = $globalmsg.showconfigpanel();
    echo parse_tpl("html", $t);
    break;
  case "exts":
    if ($_POST['funcbtn'] == "<< Back") {
      header("Location: admin.php");
    }
    if ($_POST['extbtn2'] == "Add") {
    	$addx = split(",", $_POST['extspace']);
	    $nx = split(",", getconfig(4));
    	foreach ($addx as $ax) {
    	  $ax = trim(strtolower($ax));
    	  $exist = 0;
    	  foreach ($nx as $ext) {
    	    $ext = trim(strtolower($ext));
    	    if ($ax == $ext) {
    	      $exist = 1;
    	    }
    	  }
    	  if ($exist == 0) {
    	    $ox[] = $ax;
    	  }
    	}
    	foreach ($ox as $ext) {
    	  if ($outx == NULL) {
    	    $outx = $ext;
    	  } else {
    	    $outx .= ",".$ext;
    	  }
    	}
    	changeconfig(4, $outx);
	    $a['message'] = "File extensions added successfully!";
	    $globalmsg = parse_tpl("message", $a);
    }
    if (isset($_GET['rem'])) {
	    $acct = $_POST['account'];
	    $rx = $_GET['rem'];
    	$nx = split(",", getconfig(4));
    	foreach ($nx as $ext) {
    	  if (strtolower(trim($ext)) != strtolower(trim($rx))) {
    	    if ($outx == NULL) {
    	      $outx = $ext;
    	    } else {
    	      $outx .= ",".$ext;
    	    }
    	  }
    	}
	    changeconfig(4, $outx);
	    $a['message'] = "File extension removed successfully!";
	    $globalmsg = parse_tpl("message", $a);
    }
    $t['title'] = $commname." - Administration";
    $t['page'] = $globalmsg.showfiletypespanel(getconfig(4));
    echo parse_tpl("html", $t);
    break;
  case "groups":
    if ($_POST['grpbtn'] == "Add") {
	    $grps = $_POST['grpspace'];
	    $h = fopen(getcwd()."/groups.db", "a");
	    fwrite($h, ",".$grps);
	    fclose($h);
	    $a['message'] = "Group added successfully!";
      $globalmsg = parse_tpl("message", $a);
    }

    if (isset($_GET['rem'])) {
      $rg = $_GET['rem'];
	    $f = file(getcwd()."/groups.db");
	    foreach ($f as $l) {
	      $fout .= trim($l);
	    }
	    $g = split(",", $fout);
	    foreach ($g as $grp) {
	      if ($outg == NULL) {
	        if (trim($grp) != trim($rg)) {
            $outg = $grp;
          }
	      } else {
	        if (trim($grp) != trim($rg)) {
  	        $outg .= ",".$grp;
	        }
        }
	    }
      $h = fopen(getcwd()."/groups.db", "w");
	    fwrite($h, $outg);
	    fclose($h);
	    $a['message'] = "Group removed successfully!";
	    $globalmsg = parse_tpl("message", $a);
    }
    $t['title'] = $commname." - Administration";
    $t['page'] = $globalmsg.showgroupspanel(null);
    echo parse_tpl("html", $t);
    break;
  case "email":
    if ($_POST['funcbtn'] == "<< Back") {
      header("Location: admin.php");
    }
    if ($_POST['funcbtn'] == "E-Mail All") {
      $subject = stripslashes($_POST['subject']);
	    $from = getconfig(9);
	    $content = stripslashes($_POST['content']);
    	if ($subject == NULL || $content == NULL) {
	  	  $a['message'] = "You must enter a subject and content!";
		    $globalmsg = parse_tpl("message", $a);
	    } else {
    		emailallusers ($subject, $from, $content);
		    $a['message'] = "All users e-mailed successfully!";
		    $globalmsg = parse_tpl("message", $a);
	    }
    }
    $t['title'] = $commname." - Administration";
    $t['page'] = $globalmsg.showemailall(getconfig(9), $subject, $content);
    echo parse_tpl("html", $t);
    break;
  case "accounts":
    if ($_POST['funcbtn'] == "<< Back") {
      header("Location: admin.php");
    }
    if ($_GET['msg'] == "1") {
      $a['message'] = "Account removed successfully!";
      $globalmsg = parse_tpl("message", $a);
    }
    if ($_POST['funcbtn'] == "Delete All Inactive Accounts") {
      deleteallinactive();
      $a['message'] = "All inactive accounts removed successfully!";
      $globalmsg = parse_tpl("message", $a);
    } elseif ($_POST['funcbtn'] == "Delete Accounts") {
      deleteaccounts($_POST['accts']);
      $a['message'] = "Accounts removed successfully!";
      $globalmsg = parse_tpl("message", $a);
    }
    $t['title'] = $commname." - Administration";
    $t['page'] = $globalmsg.showallaccounts();
    echo parse_tpl("html", $t);
    break;
  case "viewacct":
    include_once "functions.php";
    if ($_POST['accbtn'] == "Add") {
	    $space = $_POST['accspace'];
	    $acct = $_POST['account'];
	    $accquota = getmemberspace($acct)/1024;
	    changedata($acct, 2, intval($accquota)+intval($space));
	    $a['message'] = "Account space modified successfully!";
      $globalmsg = parse_tpl("message", $a);
    } elseif ($_POST['accbtn'] == "Remove") {
	    $space = $_POST['accspace'];
    	$acct = $_POST['account'];
	    $accquota = getmemberspace($acct);
    	$accspace = getmemberusedspace($acct);
    	if ((intval($accquota)-(intval($space)*1024)) < intval($accspace)) {
    		$outmsg = "Your web space removal must be equal to or above the member's used webspace!";
    	} else {
    		changedata($acct, 2, (intval($accquota)/1024)-intval($space));
    		$outmsg = "Account space modified successfully!";
    	}
    	$a['message'] = $outmsg;
    	$globalmsg = parse_tpl("message", $a);
    } elseif ($_POST['accbtn'] == "Toggle Forced Ads") {
    	$acct = $_POST['account'];
    	if (trim(getaccountinfo($acct, 11)) == "1") {
    		$val = "0\n";
    	} else {
    		$val = "1\n";
    	}
    	changedata($acct, 11, $val);
    	$a['message'] = "Ads have been toggled successfully!";
    	$globalmsg = parse_tpl("message", $a);
    }
    if ($_POST['extbtn'] == "Add") {
    	$acct = $_POST['account'];
    	$exts = $_POST['extspace'];
    	$nx = getaccountinfo($acct, 4);
    	$x1 = split(",", $nx);
    	$x2 = split(",", $exts);
    	foreach ($x2 as $ext) {
    	  $bad = 0;
    	  foreach ($x1 as $ax) {        // Check for exts which exist
    	    if (strtolower(trim($ax)) == strtolower(trim($ext))) {
    	      $bad = 1;
    	    }
    	  }
    	  if ($bad == 0) {
    	    $ox[] = $ext;
    	  }
    	}
    	foreach ($ox as $ext) {
    	  if ($outx == NULL) {
    	    $outx = $ext;
    	  } else {
    	    $outx .= ",".$ext;
    	  }
    	}
    	changedata($acct, 4, $outx);
    	$a['message'] = "File extensions added successfully!";
    	$globalmsg = parse_tpl("message", $a);
    } elseif ($_POST['extbtn'] == "Remove") {
    	$acct = $_POST['account'];
      $exts = $_POST['extspace'];
    	$nx = getaccountinfo($acct, 4);
    	$x1 = split(",", $nx);
    	$x2 = split(",", $exts);
    	foreach ($x2 as $ext) {
    	  $exist = 0;
    	  foreach ($x1 as $ex2) {
    	    if (strtolower(trim($ex2)) == strtolower(trim($ext))) {
    	      $exist = 1;
    	    }
    	  }
    	  if ($exist == 0) {
    	    $ox[] = $ext;
    	  }
    	}
    	foreach ($ox as $ext) {
    	  if ($outx == NULL) {
    	    $outx = $ext;
    	  } else {
    	    $outx .= ",".$ext;
    	  }
    	}
    	changedata($acct, 4, $outx);
    	$a['message'] = "File extensions removed successfully!";
    	$globalmsg = parse_tpl("message", $a);
    }
    if ($_POST['fsbtn'] == "Add") {
    	$space = $_POST['fsspace'];
    	$acct = $_POST['account'];
    	$accquota = getaccountinfo($acct, 3);
    	if (intval($space) < 0) {
		    $a['message'] = "Your file size limit must be 0 or above!";
	    } else {
    	  changedata($acct, 3, intval($accquota)+intval($space));
    	  $a['message'] = "File size limit modified successfully!";
  	  }
    	$globalmsg = parse_tpl("message", $a);
    } elseif ($_POST['fsbtn'] == "Remove") {
    	$space = $_POST['fsspace'];
	    $acct = $_POST['account'];
	    $accquota = getaccountinfo($acct, 3);
	    if ((intval($accquota)-intval($space)) < 0) {
		    $a['message'] = "Your file size limit must be 0 or above!";
	    } else {
    		changedata($acct, 3, intval($accquota)-intval($space));
    		$a['message'] = "File size limit modified successfully!";
	    }
	    $globalmsg = parse_tpl("message", $a);
    }
    if (isset($_POST['funcbtn'])) {
      switch ($_POST['funcbtn']) {
        case "Back to All Accounts":
          header("Location: admin.php?p=accounts");
          break;
        case "Remove Account":
          deleteaccounts($_POST['account']);
          header("Location: admin.php?p=accounts&msg=1");
          break;
      }
    }
    $t['title'] = $commname." - Administration";
    $t['page'] = $globalmsg.showaccount($_GET['id']);
    echo parse_tpl("html", $t);
    break;
  default:
    if (isset($_POST['funcbtn'])) {
      switch ($_POST['funcbtn']) {
        case "E-Mail All Users":
	        header("Location: admin.php?p=email");
          break;
        case "View All Accounts":
          header("Location: admin.php?p=accounts");
          break;
        case "Add/Remove Illegal File Types":
          header("Location: admin.php?p=exts");
          break;
        case "Add/Remove Groups":
          header("Location: admin.php?p=groups");
          break;
        case "Edit Configuration":
          header("Location: admin.php?p=config");
          break;
        case "Edit Forced Ads":
          header("Location: admin.php?p=ads");
          break;
        default:
          header("Location: admin.php");
          break;
      }
    }
    $t['title'] = $commname." - Administration";
    if ($globalmsg != NULL) {
      $t['page'] = $globalmsg;
    }
    $t['page'] .= showadminmain();
    echo parse_tpl("html", $t);
    break;
}

?>
Return current item: HostBuilder