Location: PHPKode > scripts > Particle Gallery > admin.php
<?php
define("IN_SCRIPT", true);

require("includes/global.php");
$pagetitle = "Admin Panel";

// authorise the user
$usr->Auth(3);

// check for actions
if ($_POST["do"] == "updateconfig"){
	$errormsg = updateconfig();
} elseif ($_POST["do"] == "clearcache"){
	$errormsg = clearcache();
} elseif ($_POST["do"] == "resetstats"){
	$errormsg = resetstats();
} elseif ($_POST["do"] == "flushreports"){
	$errormsg = flushreports();
} elseif ($_POST["do"] == "destroyeverything"){
	$errormsg = destroyeverything();
} elseif ($_POST["do"] == "edituser"){
	$errormsg = edituser($_GET["edit"], $_POST["username"], $_POST["email"], $_POST["password"], $_POST["password2"], $_POST["level"]);
} elseif ($_POST["do"] == "deleteuser"){
	$errormsg = deleteuser($_POST["userid"], $_POST["images"], $_POST["comments"]);
} elseif ($_POST["do"] == "createuser"){
	$errormsg = createuser($_POST["username"], $_POST["email"], $_POST["password"], $_POST["password2"], $_POST["level"]);
}

// work out breadcrumbs
$bread = breadcrumbs("admin");

// work out the page
if ($_GET["page"] == "config"){
	$pagesect = 1;
	$pagetitle .= " - Edit Config";
} elseif ($_GET["page"] == "maintenance"){
	$pagesect = 2;
	$pagetitle .= " - Maintenance";
} elseif ($_GET["page"] == "users"){
	$pagesect = 3;
	$pagetitle .= " - Manage Users";
	
	// editing or deleting a user?
	if ($_REQUEST["edit"] <> "" || $_REQUEST["delete"] <> ""){
		$userid = ($_REQUEST["edit"] <> "") ? $_REQUEST["edit"] : $_REQUEST["delete"];
		$sql = "SELECT * FROM " . $dbprefix . "users WHERE userid = " . dbSecure(intval($userid));
		$mem = $db->execute($sql);
		if ($mem->rows < 1){
			$sql = "SELECT * FROM " . $dbprefix . "users WHERE username = '" . dbSecure($userid) . "'";
			$mem = $db->execute($sql);
			if ($mem->rows < 1){ die("User could not be found"); }
		}
	}
	
	// work out sub sect
	if ($_REQUEST["edit"] <> ""){
		$subsect = 1;
	} elseif ($_REQUEST["delete"] <> ""){
		$subsect = 2;
	} elseif ($_GET["act"] == "create"){
		$subsect = 3;
	}
}

include("includes/page_header.php");

// work out the page
if ($pagesect == 1){
	$t->set_file("configrow", "admin_configrow");
	$sql = "SELECT * FROM " . $dbprefix . "config WHERE config_help <> '' ORDER BY config_name ASC";
	$cng = $db->execute($sql);
	do {
		$t->set_var("CONFIG_NAME", $cng->fields["config_name"]);
		$t->set_var("CONFIG_HELP", $cng->fields["config_help"]);
		$t->set_var("CONFIG_VALUE", htmlspecialchars($cng->fields["config_value"]));
		$t->parse("CONFIG_ROWS", "configrow", true);
	} while ($cng->loop());
	
	$t->set_var("FORM_LINK", "admin.php?page=config");
	$t->set_file("page_content", "admin_config");
	
} elseif ($pagesect == 2){
	$t->set_var("FORM_LINK", "admin.php?page=maintenance");
	$t->set_file("page_content", "admin_maintenance");
	
} elseif ($pagesect == 3){
	
	if ($subsect == 1){
		if ($_POST["do"] == "edituser"){
			$t->set_var("DEFAULT_USERNAME", un($_POST["username"]));
			$t->set_var("DEFAULT_EMAIL", un($_POST["email"]));
			$t->set_var("DEFAULT_PASSWORD", un($_POST["password"]));
			$t->set_var("DEFAULT_CONFIRM", un($_POST["password2"]));
			$level = un($_POST["level"]);
			
			if ($level == "admin"){
				$t->set_var("LEVEL_3", " selected");
			} elseif ($level == "moderator"){
				$t->set_var("LEVEL_2", " selected");
			} elseif ($level == "user"){
				$t->set_var("LEVEL_1", " selected");
			} else {
				$t->set_var("LEVEL_0", " selected");
			}
		
		} else {
			$t->set_var("DEFAULT_USERNAME", $mem->fields["username"]);
			$t->set_var("DEFAULT_EMAIL", $mem->fields["email"]);
			$level = $mem->fields["status"];
			
			if ($level == 3){
			$t->set_var("LEVEL_3", " selected");
			} elseif ($level == 2){
				$t->set_var("LEVEL_2", " selected");
			} elseif ($level == 1){
				$t->set_var("LEVEL_1", " selected");
			} else {
				$t->set_var("LEVEL_0", " selected");
			}
		}
		
		$t->set_var("USERLIST_LINK", "admin.php?page=users");
		$t->set_var("JOB_TYPE", "Edit");
		$t->set_var("FORM_TYPE", "edituser");
		$t->set_var("FORM_LINK", "admin.php?page=users&amp;edit=" . $mem->fields["userid"]);
		$t->set_file("page_content", "admin_users_edit");
		
	} elseif ($subsect == 2){
		$t->set_var("TARGET_USERNAME", $mem->fields["username"]);
		$t->set_var("TARGET_USERID", $mem->fields["userid"]);
		$t->set_var("USERLIST_LINK", "admin.php?page=users");
		$t->set_var("FORM_LINK", "admin.php?page=users");
		$t->set_file("page_content", "admin_users_delete");
	
	} elseif ($subsect == 3){
		if ($_POST["do"] == "createuser"){
			if ($_POST["level"] == "admin"){
				$t->set_var("LEVEL_3", " selected");
			} elseif ($_POST["level"] == "moderator"){
				$t->set_var("LEVEL_2", " selected");
			} elseif ($_POST["level"] == "user"){
				$t->set_var("LEVEL_1", " selected");
			} else {
				$t->set_var("LEVEL_0", " selected");
			}
		} else {
			$t->set_var("LEVEL_1", " selected");
		}
		
		$t->set_var("USERLIST_LINK", "admin.php?page=users");
		$t->set_var("JOB_TYPE", "Create");
		$t->set_var("FORM_TYPE", "createuser");
		$t->set_var("FORM_LINK", "admin.php?page=users&amp;act=create");
		$t->set_file("page_content", "admin_users_edit");
	
	} else {
		$t->set_file("userrow", "admin_users_row");
		$sql = "SELECT * FROM " . $dbprefix . "users ORDER BY username ASC";
		$mex = $db->execute($sql);
		
		// work out the page
		if(!isset($_GET["pn"])){
		    $pn = 1;
		} else {
		    $pn = intval($_GET["pn"]);
			if ($pn < 0){ $pn = 1; }
		}
		
		// set up the page
		$maxitems = 25;
		$from = (($pn * $maxitems) - $maxitems);
		$total_pages = ceil($mex->rows / $maxitems);
		$t->set_var("PAGING", dopaging($total_pages, $pn, "admin.php?page=users", "pn"));
		
		// actual recordset
		$sql .= " LIMIT " . $from . ", " . $maxitems;
		$use  = $db->execute($sql);
		do {
			$t->set_var("USER_USERNAME", $use->fields["username"]);
			$t->set_var("USER_EMAIL", $use->fields["email"]);
			$t->set_var("USER_IP", $use->fields["ipaddress"]);
			$t->set_var("USER_LEVEL", getlevel($use->fields["status"]));
			$t->set_var("USER_JOINDATE", date("j F Y", $use->fields["joindate"]));
			$t->set_var("USER_EDIT", "admin.php?page=users&amp;edit=" . $use->fields["userid"]);
			$t->set_var("USER_DELETE", "admin.php?page=users&amp;delete=" . $use->fields["userid"]);
			$t->parse("USER_ROWS", "userrow", true);
		} while ($use->loop());
		
		$t->set_var("REGISTER_LINK", "admin.php?page=users&amp;act=create");
		$t->set_file("page_content", "admin_users");
	}
	
} else {
	$t->set_var("LINK_SKINEDITOR", "skineditor.php");
	$t->set_var("VERSION_INFO", versioninfo());
	$t->set_file("page_content", "admin_mainpage");
}

// parse admin menu
$t->set_file("adminmenu", "admin_menu");
$t->set_var("ADMIN_L_HOME", "admin.php");
$t->set_var("ADMIN_L_CONFIG", "admin.php?page=config");
$t->set_var("ADMIN_L_MAINTENANCE", "admin.php?page=maintenance");
$t->set_var("ADMIN_L_USERS", "admin.php?page=users");
$t->parse("ADMIN_MENU", "adminmenu");

// parse in error message?
if ($errormsg <> ""){
	$t->set_file("noticebox", "errorbox");
	$t->set_var("MESSAGE", $errormsg);
	$t->parse("ERRORMSG", "noticebox");
}

// parse it in
$t->parse("page_all", "page_content", true);

include("includes/page_footer.php");
?>
Web-based Email Marketing Software for sending email newsletters
Return current item: Particle Gallery