Location: PHPKode > scripts > WH Social > wh_social/admin/admin.php
<?php

    if(file_exists('handler/stay.php') == TRUE) {

        require('handler/stay.php');

        }else{

        echo '<p class="red_span" align="center">Error - Fehler</p>';
        exit;
        }

?>

<?php define('INCLUDE_CHECK',1); define('MYSQL_CHECK',1); ?>

<?php require('../framework/config.php'); ?>
<?php require('../framework/mysql.php'); ?>
<?php require('../framework/constants.php'); ?>
<?php require('../framework/class/cache_class.php'); no_cache(); ?>
<?php require('../framework/security.php'); ?>
<?php require('handler/language.php'); ?>

<?php require('structure/header.inc.php'); ?>

    <div class="menu">
        <div class="menu_left">
            <ul id="admin_navi">
                <li class="active"><a href="index.php"><?php echo $lang['blank_admin_area']; ?></a></li>
                <li><a href="members.php"><?php echo $lang['admin_members']; ?></a></li>
                <li><a href="discussions.php"><?php echo $lang['discussions']; ?></a></li>
                <li><a href="topics.php"><?php echo $lang['blank_topics']; ?></a></li>
                <li><a href="news.php"><?php echo $lang['news']; ?></a></li>
                <li><a href="events.php"><?php echo $lang['events']; ?></a></li>
                <li><a href="newsletter.php"><?php echo $lang['newsletter']; ?></a></li>
                <li><a href="statistic.php"><?php echo $lang['statistic']; ?></a></li>
            </ul>
        </div>
        <div class="menu_right">
            <?php

            if(isset($_SESSION['admin']) && $_SESSION['admin'] == TRUE) {

            echo '<div class="admin_settings">
            <a class="admin_account"><span>' . $lang['blank_navigation'] . '</span></a>
            <div class="admin_submenu" style="display: none;">
                <ul class="root">
                    <li><a href="' . $url . '" target="_blank">' . $lang['goto_network'] . '</a></li>
                    <li><a href="signout.php">' . $lang['signout'] . '</a></li>
                </ul>
            </div>
            </div>';
            }

            ?>
        </div>
    </div>
</div>

<div class="clear"></div>

<div id="content_wrapper">
    <div class="content">

    <?php

        echo '<h1 class="p_space">' . $lang['create_an_admin'] . '</h1>';

        if($_SERVER['REQUEST_METHOD'] != 'POST') {

        echo '<form method="post" action="">
        <p><input type="text" name="name" size="40" required class="textfields"> ' . $lang['re_name'] . '</p>
        <p><input type="password" name="password" size="40" required class="textfields"> ' . $lang['password'] . '</p>
        <p><input type="password" name="pass_check" size="40" required class="textfields"> ' . $lang['repeat_passwort'] . '</p>
        <p><input type="email" name="email" size="40" required class="textfields"> ' . $lang['e_mail_adress'] . '</p>
        <p><input type="submit" name="' . $lang['new_admin_create'] . '" id="' . $lang['new_admin_create'] . '" value="' . $lang['new_admin_create'] . '" class="buttons"></p>
        </form>';

            }else{

            $errors = array();

            if(isset($_POST['name'])) {
    		if(strlen($_POST['name']) > 30) {
    		$errors[] = $lang['not_be_longer'];
    		}

    			}else{
    			$errors[] = $lang['name_must_be_filled'];
                }

            if(isset($_POST['password'])) {
    		if(trim($_POST['password']) == "") {
    		$errors[] = $lang['enter_a_password'];
    		}

    		if($_POST['password'] != $_POST['pass_check']) {
    		$errors[] = $lang['repetition_does_not_match'];
    		}

    			}else{
    			$errors[] = $lang['pw_must_be_filled'];
    			}

            if(isset($_POST['email'])) {
    		$email = mysql_escape_string($_POST['email']);

    		if(!preg_match("/^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $email)) {
    		$errors[] = $lang['invalid_syntax'];
    		}

    			}else{
    			$errors[] = $lang['email_must_be_filled'];
    			}

            if(!empty($errors)) {

    		echo '<p class="false">' . $lang['not_filled_in_all_fields'] . ' - <a href="javascript:history.back();" class="false_link">' . $lang['back'] . '</a></p>';
    		echo '<ul>';

    		foreach($errors as $key => $value) {
    		echo '<li>&#8226; ' . $value . '</li>';
    		}
    		echo '</ul>';

        }else{

        $hash = mt_rand(0, 1000);

        $sql = "INSERT INTO
                    members(name, password, email, date, level, active, hash)
                VALUES('" . mysql_real_escape_string($_POST['name']) . "',
                    '" . mysql_real_escape_string(sha1($_POST['password'])) . "',
                    '" . mysql_real_escape_string($_POST['email']) . "',
                    NOW(),
                    '1',
                    '1',
                    '" . mysql_real_escape_string($hash) . "')";

        $result = mysql_query($sql) OR die(mysql_error());

        if(!$result) {

            echo '<p class="false">' . $lang['couldnot_admin_account'] . '</p>';

                }else{

                echo '<p class="success">' . $lang['success_admin_account'] . '</p>';
                }
            }
        }

        echo '<div id="pr_line"></div>';

        echo '<h1 class="p_space">' . $lang['view_all_admins'] . '</h1>';

        $count = mysql_query("SELECT id FROM members WHERE level = '1'");
        include('../framework/pagination.php');

        $query = "SELECT id, name, email, level FROM members WHERE level = '1' ORDER BY id DESC LIMIT $start,$entries";
        $result = mysql_query($query) OR die(mysql_error());

        if($result) {

        echo '<table width="100%" class="tables">
        <tr>
        <td width="5%"><strong>ID</strong></td>
        <td width="27%"><strong>' . $lang['re_name'] . '</strong></td>
        <td width="33%"><strong>' . $lang['e_mail_adress'] . '</strong></td>
        <td width="15%"><strong>' . $lang['admin_rank'] . '</strong></td>
        <td width="10%" align="center"><strong>' . $lang['admin_delete'] . '</strong></td>
        </tr>';

        while($row = mysql_fetch_assoc($result)) {

            echo '<tr>
            <td width="5%">' . (int)$row['id'] . '</td>
            <td width="27%"><span class="blue">' . htmlentities($row['name'], ENT_QUOTES) . '</span></td>
            <td width="33%"><a href="mailto:' . htmlentities($row['email'], ENT_QUOTES) . '">' . htmlentities($row['email'], ENT_QUOTES) . '</a></td>
            <td width="15%">';
            if($row['level'] == 0) { echo $lang['admin_member']; }elseif ($row['level'] == 1) { echo $lang['admin_admin']; }
            echo '</td>
            <td width="10%" align="center"><a href="delete.php?id=' . (int)$row['id'] . '"><img src="../style/icons/delete.png" alt="' . $lang['admin_delete'] . '" title="' . $lang['admin_delete'] . '" border="0"></a></td>
            </tr>';
            }

        echo '</table>
        <div class="clear_long"></div>';

        }else{

        echo '<p class="false">' . $lang['no_informations'] . '</p>';
        }

        echo '<div id="pagi">
        <span class="pages">' . $lang['admin_page'] . ' ' . $page . ' ' . $lang['admin_by'] . ' ' . $allsites . '</span>';
        echo $link_string;
        echo '</div>';

        echo '<div class="clear"></div>';

    ?>

<?php require('structure/footer.inc.php'); ?>
Return current item: WH Social