<?php
if(file_exists('handler/stay.php') == TRUE) {
require('handler/stay.php');
}else{
echo '<p class="red_span" align="center">Error - Fehler</p>';
exit;
}
?>
<?php define('INCLUDE_CHECK',1); define('MYSQL_CHECK',1); ?>
<?php require('../framework/config.php'); ?>
<?php require('../framework/mysql.php'); ?>
<?php require('../framework/constants.php'); ?>
<?php require('../framework/class/cache_class.php'); no_cache(); ?>
<?php require('../framework/security.php'); ?>
<?php require('handler/language.php'); ?>
<?php require('structure/header.inc.php'); ?>
<div class="menu">
<div class="menu_left">
<ul id="admin_navi">
<li class="active"><a href="index.php"><?php echo $lang['blank_admin_area']; ?></a></li>
<li><a href="members.php"><?php echo $lang['admin_members']; ?></a></li>
<li><a href="discussions.php"><?php echo $lang['discussions']; ?></a></li>
<li><a href="topics.php"><?php echo $lang['blank_topics']; ?></a></li>
<li><a href="news.php"><?php echo $lang['news']; ?></a></li>
<li><a href="events.php"><?php echo $lang['events']; ?></a></li>
<li><a href="newsletter.php"><?php echo $lang['newsletter']; ?></a></li>
<li><a href="statistic.php"><?php echo $lang['statistic']; ?></a></li>
</ul>
</div>
<div class="menu_right">
<?php
if(isset($_SESSION['admin']) && $_SESSION['admin'] == TRUE) {
echo '<div class="admin_settings">
<a class="admin_account"><span>' . $lang['blank_navigation'] . '</span></a>
<div class="admin_submenu" style="display: none;">
<ul class="root">
<li><a href="' . $url . '" target="_blank">' . $lang['goto_network'] . '</a></li>
<li><a href="signout.php">' . $lang['signout'] . '</a></li>
</ul>
</div>
</div>';
}
?>
</div>
</div>
</div>
<div class="clear"></div>
<div id="content_wrapper">
<div class="content">
<?php
echo '<h1 class="p_space">' . $lang['create_an_admin'] . '</h1>';
if($_SERVER['REQUEST_METHOD'] != 'POST') {
echo '<form method="post" action="">
<p><input type="text" name="name" size="40" required class="textfields"> ' . $lang['re_name'] . '</p>
<p><input type="password" name="password" size="40" required class="textfields"> ' . $lang['password'] . '</p>
<p><input type="password" name="pass_check" size="40" required class="textfields"> ' . $lang['repeat_passwort'] . '</p>
<p><input type="email" name="email" size="40" required class="textfields"> ' . $lang['e_mail_adress'] . '</p>
<p><input type="submit" name="' . $lang['new_admin_create'] . '" id="' . $lang['new_admin_create'] . '" value="' . $lang['new_admin_create'] . '" class="buttons"></p>
</form>';
}else{
$errors = array();
if(isset($_POST['name'])) {
if(strlen($_POST['name']) > 30) {
$errors[] = $lang['not_be_longer'];
}
}else{
$errors[] = $lang['name_must_be_filled'];
}
if(isset($_POST['password'])) {
if(trim($_POST['password']) == "") {
$errors[] = $lang['enter_a_password'];
}
if($_POST['password'] != $_POST['pass_check']) {
$errors[] = $lang['repetition_does_not_match'];
}
}else{
$errors[] = $lang['pw_must_be_filled'];
}
if(isset($_POST['email'])) {
$email = mysql_escape_string($_POST['email']);
if(!preg_match("/^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $email)) {
$errors[] = $lang['invalid_syntax'];
}
}else{
$errors[] = $lang['email_must_be_filled'];
}
if(!empty($errors)) {
echo '<p class="false">' . $lang['not_filled_in_all_fields'] . ' - <a href="javascript:history.back();" class="false_link">' . $lang['back'] . '</a></p>';
echo '<ul>';
foreach($errors as $key => $value) {
echo '<li>• ' . $value . '</li>';
}
echo '</ul>';
}else{
$hash = mt_rand(0, 1000);
$sql = "INSERT INTO
members(name, password, email, date, level, active, hash)
VALUES('" . mysql_real_escape_string($_POST['name']) . "',
'" . mysql_real_escape_string(sha1($_POST['password'])) . "',
'" . mysql_real_escape_string($_POST['email']) . "',
NOW(),
'1',
'1',
'" . mysql_real_escape_string($hash) . "')";
$result = mysql_query($sql) OR die(mysql_error());
if(!$result) {
echo '<p class="false">' . $lang['couldnot_admin_account'] . '</p>';
}else{
echo '<p class="success">' . $lang['success_admin_account'] . '</p>';
}
}
}
echo '<div id="pr_line"></div>';
echo '<h1 class="p_space">' . $lang['view_all_admins'] . '</h1>';
$count = mysql_query("SELECT id FROM members WHERE level = '1'");
include('../framework/pagination.php');
$query = "SELECT id, name, email, level FROM members WHERE level = '1' ORDER BY id DESC LIMIT $start,$entries";
$result = mysql_query($query) OR die(mysql_error());
if($result) {
echo '<table width="100%" class="tables">
<tr>
<td width="5%"><strong>ID</strong></td>
<td width="27%"><strong>' . $lang['re_name'] . '</strong></td>
<td width="33%"><strong>' . $lang['e_mail_adress'] . '</strong></td>
<td width="15%"><strong>' . $lang['admin_rank'] . '</strong></td>
<td width="10%" align="center"><strong>' . $lang['admin_delete'] . '</strong></td>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '<tr>
<td width="5%">' . (int)$row['id'] . '</td>
<td width="27%"><span class="blue">' . htmlentities($row['name'], ENT_QUOTES) . '</span></td>
<td width="33%"><a href="mailto:' . htmlentities($row['email'], ENT_QUOTES) . '">' . htmlentities($row['email'], ENT_QUOTES) . '</a></td>
<td width="15%">';
if($row['level'] == 0) { echo $lang['admin_member']; }elseif ($row['level'] == 1) { echo $lang['admin_admin']; }
echo '</td>
<td width="10%" align="center"><a href="delete.php?id=' . (int)$row['id'] . '"><img src="../style/icons/delete.png" alt="' . $lang['admin_delete'] . '" title="' . $lang['admin_delete'] . '" border="0"></a></td>
</tr>';
}
echo '</table>
<div class="clear_long"></div>';
}else{
echo '<p class="false">' . $lang['no_informations'] . '</p>';
}
echo '<div id="pagi">
<span class="pages">' . $lang['admin_page'] . ' ' . $page . ' ' . $lang['admin_by'] . ' ' . $allsites . '</span>';
echo $link_string;
echo '</div>';
echo '<div class="clear"></div>';
?>
<?php require('structure/footer.inc.php'); ?>