<?PHP
require "login.php";
// if ($currentgroup != "admin") { Header ("Location:index.php"); }

$currentPage = "STD->admin";
$confirmStr = "Are you sure you want to delete this user and all thier data?";
require "header.php";
?>
<center>
<?PHP
 if ($error) {
      if ($error == 1) { $errorStr = "That username already exists!";}
  elseif ($error == 2) { $errorStr = "The passwords do not match!";}
  elseif (($error == 3) && ($auth)) { $errorStr = "You cannot delete the logged in user!";}
  elseif ($error == 3) { $errorStr = "You cannot delete this user";}
  elseif ($error == 4) { $errorStr = "You cannot have singlequotes ('), doublequotes (\"), or colons (:) in your username!";}
  elseif ($error == 5) { $errorStr = "Please enter a username!";}
?>
  <font face="<?PHP echo $pageFont ?>" color="<?PHP echo $errorForeCol ?>" size="+<?PHP echo $pageFontsize+2 ?>">
  <strong><?PHP echo $errorStr ?></strong>
  </font>
<?PHP } ?>
<font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize ?>">
<?PHP if (($currentgroup == "admin") && (!($print))) {
   $dateSortURL = "<a href=\"admin.php?usersortup=created_date\">";
   $userSortURL = "<a href=\"admin.php?usersortup=username\">";
   $classSortURL = "<a href=\"admin.php?usersortup=usergroup\">";
   $lliSortURL = "<a href=\"admin.php?usersortup=last_logged_in\">";
?>
<?PHP if (!($print)) { ?>
<form method="post" name="adduser" action="admin.php">
 <table border=0 cellpadding=0 cellspacing=0 width="1">
  <tr vlign=center>
   <td align=left>
     <font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize+1 ?>"><strong>Username:</strong></font>
   </td><td align=left>
    <font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize+1 ?>"><strong>Password:</strong></font>
   </td><td align=left>
    <font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize+1 ?>"><strong>Password again:</strong></font>
   </td><td align=left>
    <font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize+1 ?>"><strong>Theme:</strong></font>
   </td><td align=left>
    <font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize+1 ?>"><strong>Group:</strong></font>
   </td>
  </tr>
  <tr valign=center>
   <td align=left width="1">
    <input type="text" size="16" maxlength="15" name="addusername">
   </td><td align=left width="1">
    <input type="password" size="16" maxlength="15" name="newpassword">
  </td><td align=left width="1">
    <input type="password" size="16" maxlength="15" name="newpassword2">
  </td><td align=left width="1">
   <select name="themeid">
<?PHP    
 $r = qDB("SELECT id,theme FROM $themetable");
 for ($x = 1; $x <= mysql_num_rows($r); $x++) {
  $d = mysql_fetch_array($r);
  if ($theme == $d[0]) { $SEL = "SELECTED"; } else { $SEL = ""; }
  echo "<option $SEL value=\"".$d[0]."\">".$d[1]."\n";
 }
?>
   </select>
   </td><td width="100%" colspan="3">
    <select name="newusergroup">
     <option value="user">user
     <option value="admin">admin
    </select>
   </td>
  </tr>
  <tr>
   <td colspan="6" align="right">
    <input type="submit" value="+ add +">
   </td>
  </tr>
 </table>
</form>
<?PHP if (!($changepass)) { ?>
<script>
 document.adduser.addusername.focus()
</script>
<?PHP
  }
 }
}
 ?>
</center>
<?PHP
if (!($currentgroup == "admin")) { $userSEL = "WHERE username=\"$currentuser\""; } else { $userSEL = "ORDER BY $user_sortby"; }

$userR = qDB("SELECT username,password,usergroup,DATE_FORMAT(created_date, '%m.%d.%y') AS created_date,DATE_FORMAT(last_logged_in, '%m.%d.%y %h:%i:%s %p') AS last_logged_in FROM $usertable $userSEL");
?>
<form method="post" name="changepass" action="admin.php">
<table width="90%" border="0" align="center">
 <tr>
  <td align="center"><strong><font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize ?>"><?PHP echo $dateSortURL ?>Created date</a></font></strong></td>
  <td align="center"><strong><font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize ?>"><?PHP echo $userSortURL ?>Username</a></font></strong></td>
  <td align="center"><strong><font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize ?>">Password</font></strong></td>
<?PHP if ($changepass) { $editpw = 1; ?>
  <td align="center"><strong><font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize ?>">Password again</font></strong></td>
<?PHP } ?>
  <td align="center"><strong><font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize ?>"><?PHP echo $classSortURL ?>Class</a></font></strong></td>
  <td align="center"><strong><font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize ?>"><?PHP echo $lliSortURL ?>Last logged in</a></font></strong></td>
<?PHP if (!($print)) { ?>
  <td align="center"><strong><font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize ?>">Change password</font></strong></td>
  <td align="center"><strong><font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize ?>">Modify</font></strong></td>
<?PHP if ($currentgroup == "admin") { ?>
  <td align="center"><strong><font face="<?PHP echo $pageFont ?>" size="<?PHP echo $pageFontsize ?>">Delete</font></strong></td>
<?PHP }
   }
 ?>
 </tr>
<?PHP
while ($userD = mysql_fetch_array($userR)) {

 if ($changepass == $userD["username"]) {
  $passwordURL = "<input type=\"password\" size=\"16\" name=\"userpass\" maxlength=\"15\">";
  $password2URL = "<input type=\"password\" size=\"16\" name=\"userpass2\" maxlength=\"15\">";
  $modifyURL = "<td bgcolor=\"$categoryBackCol\" align=\"center\"><font face=\"$pageFont\" color=\"$categoryForeCol\" size=\"$pageFontsize\"><input type=\"hidden\" name=\"updatepass\" value=\"".$userD["username"]."\"><input type=\"submit\" value=\"Update\"></font></td>";
  if ($userD["username"] == "admin") { $adminSEL = "SELECTED"; } else { $adminSEL = ""; } 
} else {
$modifyURL = "  <td bgcolor=\"$categoryBackCol\" align=\"center\"><font face=\"$pageFont\" color=\"$categoryForeCol\" size=\"$pageFontsize\"><a href=\"admin.php?changepass=".$userD["username"]."\">Change</font></td>";
$passwordURL = "***************";
$password2URL = "";
}

?>
<tr>
<td bgcolor="<?PHP echo $categoryBackCol ?>" align="center"><font face="<?PHP echo $pageFont ?>" color="<?PHP echo $categoryForeCol ?>" size="<?PHP echo $pageFontsize ?>"><nobr><?PHP echo substr($userD["created_date"],0,10) ?></nobr></font></td>

<td bgcolor="<?PHP echo $categoryBackCol ?>" align="center"><font face="<?PHP echo $pageFont ?>" color="<?PHP echo $categoryForeCol ?>" size="<?PHP echo $pageFontsize ?>"><nobr><?PHP echo $userD["username"] ?></nobr></font></td>

<td bgcolor="<?PHP echo $categoryBackCol ?>" align="center"><font face="<?PHP echo $pageFont ?>" color="<?PHP echo $categoryForeCol ?>" size="<?PHP echo $pageFontsize ?>"><?PHP echo $passwordURL ?></font></td>

<?PHP if ($editpw) { ?>
<td bgcolor="<?PHP echo $categoryBackCol ?>" align="center"><font face="<?PHP echo $pageFont ?>" color="<?PHP echo $categoryForeCol ?>" size="<?PHP echo $pageFontsize ?>"><?PHP echo $password2URL ?></font></td>
<?PHP } ?>

  <td bgcolor="<?PHP echo $categoryBackCol ?>" align="center"><font face="<?PHP echo $pageFont ?>" color="<?PHP echo $categoryForeCol ?>" size="<?PHP echo $pageFontsize ?>"><?PHP echo $userD["usergroup"] ?></font></td>

  <td bgcolor="<?PHP echo $categoryBackCol ?>" align="center"><font face="<?PHP echo $pageFont ?>" color="<?PHP echo $categoryForeCol ?>" size="<?PHP echo $pageFontsize ?>"><?PHP echo $userD["last_logged_in"] ?></font></td>
</td>
<?PHP if (!($print)) { ?>
<?PHP echo $modifyURL ?>

  <td bgcolor="<?PHP echo $categoryBackCol ?>" align="center"><font face="<?PHP echo $pageFont ?>" color="<?PHP echo $categoryForeCol ?>" size="<?PHP echo $pageFontsize ?>"><a href="edituser.php?edituser=<?PHP echo $userD["username"] ?>">Modify</a></font></td>
<?PHP if ($currentgroup == "admin") { ?>
  <td bgcolor="<?PHP echo $categoryBackCol ?>" align="center"><font face="<?PHP echo $pageFont ?>" color="<?PHP echo $categoryForeCol ?>" size="<?PHP echo $pageFontsize ?>"><a href="javascript:if(doublecheck()){ document.location.href='admin.php?deleteuser=<?PHP echo $userD["username"] ?>';}">Delete</font></td>
<?PHP }
   }
 ?>
</tr>

<?PHP
 }
?>
</table>
</form>
<?PHP if ($changepass) { ?>
<script>
 document.changepass.userpass.focus()
</script>
<?PHP } ?>
</center>
</center>

<?PHP
 if (($currentgroup == "admin") && (!($print))) {
  echo "<br><p></p>\n";
  echo "<a href=\"tabledump.php\">Table Dump</a>";
 }

 $footerURL = $HTTP_REFERER;
 require "footer.php";
?>