Viewing file:  index.php (61.5 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
/********************************************************************************
- MemHT Portal -
Copyright (C) 2007-2008 by Miltenovik Manojlo
http://www.memht.com
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your opinion) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, see <http://www.gnu.org/licenses/> (GPLv2)
or write to the Free Software Foundation, Inc., 51 Franklin Street,
Fifth Floor, Boston, MA02110-1301, USA.
********************************************************************************/
if (!defined("_LOAD_PAGE_")) {
die("<table style='padding: 2px; border: 1px solid #999; background-color: #EEE; font-family: Verdana; font-size: 10px;' align='center'><tr><td><b>Error:</b> This file cannot be opened directly!</td></tr></table>");
}
if (isset($_REQUEST['id'])) { $id = inCode($_REQUEST['id']); } else { $id = 0; }
if (isset($_REQUEST['op'])) { $op = inCode($_REQUEST['op']); } else { $op = ""; }
if (isset($_REQUEST['adm_user'])) { $adm_user = inCode($_REQUEST['adm_user']); } else { $adm_user = ""; }
if (isset($_REQUEST['ok'])) { $ok = inCode($_REQUEST['ok']); } else { $ok = false; }
if (isset($_GET['olduser'])) { $olduser = inCode($_GET['olduser']); } else { $olduser = ""; }
if (isset($_REQUEST['username'])) { $username = inCode($_REQUEST['username']); } else { $username = ""; }
if (isset($_POST['domain'])) { $domain = inCode($_POST['domain']); } else { $domain = ""; }
if (isset($_POST['name'])) { $name = strtolower(inCode($_POST['name'])); } else { $name = ""; }
if (isset($_POST['title'])) { $title = inCode($_POST['title']); } else { $title = ""; }
if (isset($_POST['type'])) { $type = intval($_POST['type']); } else { $type = 0; }
if (isset($_POST['showinforum'])) { $showinforum = intval($_POST['showinforum']); } else { $showinforum = 0; }
if (isset($_GET['pg'])) { $pg = intval($_GET['pg']); } else { $pg = 1; }
if (isset($_GET['subop'])) { $subop = incode($_GET['subop']); } else { $subop = ""; }
$ofsppg = 50; //Items per page
$ofsbgn = ($pg*$ofsppg)-$ofsppg;
function userMenu() {
global $dblink;
$last_user = $dblink->get_row("SELECT * FROM memht_utenti ORDER BY id DESC LIMIT 1");
$last_user = outCode($last_user['user']);
$num_users_waiting = $dblink->get_num("SELECT * FROM memht_utenti_attesa");
$num_users = $dblink->get_num("SELECT * FROM memht_utenti");
echo "<table align='center' class='borders'>";
echo "<tr><td width='50%'>"._TOTUSERS_."</td><td width='50%'>$num_users</td></tr>\n";
echo "<tr><td>"._ACCWAITINGACTIVATION_."</td><td>$num_users_waiting</td></tr>\n";
echo "<tr><td>"._LASTUSER_."</td><td>$last_user</td></tr>\n";
echo "<form name='qfu' method='post' action='admin.php?page=users'>\n";
echo "<tr><td><input type='text' name='adm_user' size='20' maxlength='255'></td><td><input type='submit' name='find' value='"._FIND_."'> <input type='submit' name='match' value='"._EXACT_MATCH_."'></td></tr>\n";
echo "<input type='hidden' name='op' value='findUser'>";
echo "</form>\n";
echo "<form name='admin_cfg' method='post' action='admin.php?page=users'>\n";
echo "<tr><td><input type='text' name='adm_user' size='20' maxlength='255'></td><td><input type='submit' name='Submit' value='"._ADDUSER_."'></td></tr>\n";
echo "<input type='hidden' name='op' value='addUser'>";
echo "</form>\n";
echo "</table>";
}
function findUser() {
global $dblink;
if (!isset($_POST['find']) AND !isset($_POST['match'])) {
echo "<table align='center' border='0'>";
echo "<form name='findUser' method='post' action='admin.php?page=users&op=findUser'>\n";
echo "<tr><td><b>ID</b></td><td><input type='text' name='adm_id' size='10' maxlength='255'></td></tr>\n";
echo "<tr><td><b>"._USERNAME_."</b></td><td><input type='text' name='adm_user' size='20' maxlength='255'></td></tr>\n";
echo "<tr><td><b>"._EMAIL_."</b></td><td><input type='text' name='adm_email' size='30' maxlength='255'></td></tr>\n";
echo "<tr><td><b>"._SITE_."</b></td><td><input type='text' name='adm_sito' size='30' maxlength='255'></td></tr>\n";
echo "<tr><td><b>"._ICQ_."</b></td><td><input type='text' name='adm_icq' size='20' maxlength='255'></td></tr>\n";
echo "<tr><td><b>"._MSN_."</b></td><td><input type='text' name='adm_msn' size='20' maxlength='255'></td></tr>\n";
echo "<tr><td><b>"._AOL_."</b></td><td><input type='text' name='adm_aol' size='20' maxlength='255'></td></tr>\n";
echo "<tr><td><b>"._YAHOO_."</b></td><td><input type='text' name='adm_yahoo' size='20' maxlength='255'></td></tr>\n";
echo "<tr><td colspan='2'><input type='submit' name='find' value='"._FIND_."'> <input type='submit' name='match' value='"._EXACT_MATCH_."'></td></tr>\n";
echo "</form>\n";
echo "</table>\n";
} else {
if (isset($_POST['adm_id'])) { $adm_id = intval($_POST['adm_id']); } else { $adm_id = 0; }
if (isset($_POST['adm_user'])) { $adm_user = inCode($_POST['adm_user']); } else { $adm_user = ""; }
if (isset($_POST['adm_email'])) { $adm_email = inCode($_POST['adm_email']); } else { $adm_email = ""; }
if (isset($_POST['adm_sito'])) { $adm_sito = inCode($_POST['adm_sito']); } else { $adm_sito = ""; }
if (isset($_POST['adm_icq'])) { $adm_icq = inCode($_POST['adm_icq']); } else { $adm_icq = ""; }
if (isset($_POST['adm_msn'])) { $adm_msn = inCode($_POST['adm_msn']); } else { $adm_msn = ""; }
if (isset($_POST['adm_aol'])) { $adm_aol = inCode($_POST['adm_aol']); } else { $adm_aol = ""; }
if (isset($_POST['adm_yahoo'])) { $adm_yahoo = inCode($_POST['adm_yahoo']); } else { $adm_yahoo = ""; }
$queryp = array();
$proceed = false;
if (isset($_POST['find'])) {
if (!empty($adm_id)) { $queryp[] = "(id LIKE '%$adm_id%')"; $proceed = true; }
if (!empty($adm_user)) { $queryp[] = "(user LIKE '%$adm_user%')"; $proceed = true; }
if (!empty($adm_email)) { $queryp[] = "(email LIKE '%$adm_email%')"; $proceed = true; }
if (!empty($adm_sito)) { $queryp[] = "(sito LIKE '%$adm_sito%')"; $proceed = true; }
if (!empty($adm_icq)) { $queryp[] = "(icq LIKE '%$adm_icq%')"; $proceed = true; }
if (!empty($adm_msn)) { $queryp[] = "(msn LIKE '%$adm_msn%')"; $proceed = true; }
if (!empty($adm_aol)) { $queryp[] = "(aol LIKE '%$adm_aol%')"; $proceed = true; }
if (!empty($adm_yahoo)) { $queryp[] = "(yahoo LIKE '%$adm_yahoo%')"; $proceed = true; }
} else if (isset($_POST['match'])) {
if (!empty($adm_id)) { $queryp[] = "(id='$adm_id')"; $proceed = true; }
if (!empty($adm_user)) { $queryp[] = "(user='$adm_user')"; $proceed = true; }
if (!empty($adm_email)) { $queryp[] = "(email='$adm_email')"; $proceed = true; }
if (!empty($adm_sito)) { $queryp[] = "(sito='$adm_sito')"; $proceed = true; }
if (!empty($adm_icq)) { $queryp[] = "(icq='$adm_icq')"; $proceed = true; }
if (!empty($adm_msn)) { $queryp[] = "(msn='$adm_msn')"; $proceed = true; }
if (!empty($adm_aol)) { $queryp[] = "(aol='$adm_aol')"; $proceed = true; }
if (!empty($adm_yahoo)) { $queryp[] = "(yahoo='$adm_yahoo')"; $proceed = true; }
}
if ($proceed) {
$query = " WHERE ".implode(" OR ",$queryp);
usersList($query,0,30,1);
} else {
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=findUser'>";
}
}
}
function edit($id,$ok=false) {
global $dblink,$siteConfig,$userid;
if(!$ok) {
$search_user = $dblink->get_row("SELECT * FROM memht_utenti WHERE id=$id");
if ($search_user) {
$user = outCode($search_user['user']);
$pass = outCode($search_user['pass']);
$email = outCode($search_user['email']);
$sito = outCode($search_user['sito']);
$icq = outCode($search_user['icq']);
$msn = outCode($search_user['msn']);
$aol = outCode($search_user['aol']);
$yahoo = outCode($search_user['yahoo']);
$avatar = outCode($search_user['avatar']);
$gender = intval($search_user['gender']);
$title_enabled = intval($search_user['title_enabled']);
$title_text = outCode($search_user['title_text']);
$signature = outCode($search_user['signature']);
$feedurl = outCode($search_user['feed']);
$lastip = outCode($search_user['lastip']);
$enabled = outCode($search_user['enabled']);
echo "<table align='center' border='0'>";
echo "<form name='form' method='post' action='admin.php?page=users&id=$id&ok=true' enctype='multipart/form-data'>\n";
echo "<tr><td>"._USERNAME_."</td><td><input type='text' name='adm_user' value=\"$user\" size='20' maxlength='255'></td></tr>\n";
echo "<tr><td>"._ENABLED_."</td><td>\n";
echo "<select name='adm_enabled'>\n";
if ($enabled==1) {
echo "<option value='1' selected>"._YES_."</option>\n";
echo "<option value='0'>"._NO_."</option>\n";
} else {
echo "<option value='1'>"._YES_."</option>\n";
echo "<option value='0' selected>"._NO_."</option>\n";
}
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><td>"._EMAIL_."</td><td><input type='text' name='adm_email' value=\"$email\" size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._SITE_."</td><td><input type='text' name='adm_sito' value=\"$sito\" size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._ICQ_."</td><td><input type='text' name='adm_icq' value=\"$icq\" size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._MSN_."</td><td><input type='text' name='adm_msn' value=\"$msn\" size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._AOL_."</td><td><input type='text' name='adm_aol' value=\"$aol\" size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._YAHOO_."</td><td><input type='text' name='adm_yahoo' value=\"$yahoo\" size='30' maxlength='255'></td></tr>\n";
echo "<tr><td valign='top'>"._AVATAR_.":</td><td><img name='chgavapro' src='images/avatar/$avatar' border='0' title='$user'>";
echo "<div style='padding:2px 0 0 0;'><select name='adm_avatar' onChange=\"document.form.chgavapro.src = 'images/avatar/'+this.options[this.selectedIndex].value;\">\n";
unset($filearray);
$handle = opendir('images/avatar/');
while (false !== ($file = readdir($handle))) {
if ($file != "." AND $file != ".." AND $file!="blank.png" AND $file!="nosel.png" AND $file!="Thumbs.db" AND $file!="uploaded") {
$filearray[] = "<option value='$file'>$file</option>\n";
}
}
closedir($handle);
sort($filearray);
reset($filearray);
echo "<option value='blank.png'>- "._NOAVATAR_." -</option>\n";
echo "<option value='$avatar' selected>- "._DO_NOT_CHANGE_." -</option>\n";
echo "<option value='$avatar'>----------------</option>\n";
foreach($filearray as $line) {
echo $line;
}
echo "</select></div>\n";
echo "<div style='padding:2px 0 0 0;'><input type='file' name='avatar' size='25'></div>";
echo "</td></tr>\n";
echo "<tr><td>"._GENDER_."</td><td>\n";
echo "<select name='adm_gender'>\n";
if ($gender==0) {
echo "<option value='0' selected>"._NEUTRAL_."</option>\n";
echo "<option value='1'>"._MALE_."</option>\n";
echo "<option value='2'>"._FEMALE_."</option>\n";
} else if ($gender==1) {
echo "<option value='0'>"._NEUTRAL_."</option>\n";
echo "<option value='1' selected>"._MALE_."</option>\n";
echo "<option value='2'>"._FEMALE_."</option>\n";
} else {
echo "<option value='0'>"._NEUTRAL_."</option>\n";
echo "<option value='1'>"._MALE_."</option>\n";
echo "<option value='2' selected>"._FEMALE_."</option>\n";
}
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><td>"._TITLEENABLED_."</td><td>";
echo "<select name='adm_title_enabled'>\n";
if ($title_enabled==1) {
echo "<option value='1' selected>"._YES_."</option>\n";
echo "<option value='0'>"._NO_."</option>\n";
} else {
echo "<option value='1'>"._YES_."</option>\n";
echo "<option value='0' selected>"._NO_."</option>\n";
}
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><td>"._TITLETEXT_."</td><td><input type='text' name='adm_title_text' value=\"$title_text\" size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._RSS_FEEDS_.":</td><td><select name='feedurl'>";
$result = $dblink->get_list("SELECT title,link FROM memht_rssreader_links ORDER BY title");
foreach ($result as $row) {
$title = outCode($row['title']);
$link = outCode($row['link']);
$selected = ($feedurl==$link) ? " selected" : "" ;
echo "<option value=\"$link\"$selected>$title</option>\n";
}
echo "</select></td></tr>\n";
echo "<tr><td valign='top'>"._SIGNATURE_.":</td><td>";
bbcodeToolbar("adm_user","adm_signature","public");
echo "<br><textarea name='adm_signature' cols='30' rows='4'>$signature</textarea></td></tr>\n";
//Customized profile
//3.9.0
if ($result = $dblink->get_list("SELECT * FROM memht_utenti_profile ORDER BY id ASC")) {
echo "<tr><td colspan='2'> </td></tr>\n";
$n = 0;
foreach ($result as $row) {
$pid = intval($row['id']);
$name = strtolower(outCode($row['name']));
$title = outCode($row['title']);
$type = outCode($row['type']);
$rows = $dblink->get_row("SELECT content FROM memht_utenti_profile_data WHERE pid=$pid AND uid=$id");
$value = outCode($rows['content']);
switch ($type) {
case 0 : $type = "<input type='text' name='cp_{$name}' value=\"$value\" size='30' maxlength='255'>\n"; break;
case 1 : $type = "<textarea name='cp_{$name}' cols='30' rows='5'>$value</textarea>\n"; break;
}
echo "<tr><td valign='top'>$title:</td><td>$type</td></tr>\n";
}
echo "<tr><td colspan='2'> </td></tr>\n";
}
echo "<tr><td colspan='2' class='small'>"._COMPILEONLYIFCHANGEPASS_.":</td></tr>\n";
echo "<tr><td>"._PASSWORD_."</td><td><input type='password' name='adm_pass' size='20' maxlength='255'></td></tr>\n";
echo "<tr><td>"._REPASSWORD_."</td><td><input type='password' name='adm_pass2' size='20' maxlength='255'></td></tr>\n";
echo "<input type='hidden' name='op' value='editUser'>";
echo "<tr><td><input type='submit' name='Submit' value='"._MODIFY_."'></form></td>";
echo "<td><form name='adm_user2' method='post' action='admin.php?page=users&adm_user=$user'>\n";
echo "<input type='hidden' name='op' value='deleteUser'>";
echo "<input type='submit' name='Submit' value='"._DELETE_."'></form></td></tr>\n";
echo "<form name='admin_cfg2' method='post' action='admin.php?page=security&op=banip&ip=$lastip&user=$user'>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._BANUSER_."'></td></tr>\n";
echo "</form>\n";
echo "</table>\n";
} else {
echo "<div align='center' id='errorText'><b>"._USERNOTFOUND_."</b></div>";
}
} else {
if ($id>1 OR $userid==$id) {
if (isset($_POST['adm_user'])) { $adm_user = inCode($_POST['adm_user']); } else { $adm_user = ""; }
if (isset($_POST['adm_enabled'])) { $adm_enabled = inCode($_POST['adm_enabled']); } else { $adm_enabled = ""; }
if (isset($_POST['adm_email'])) { $adm_email = inCode($_POST['adm_email']); } else { $adm_email = ""; }
if (isset($_POST['adm_sito'])) { $adm_sito = inCode($_POST['adm_sito']); } else { $adm_sito = ""; }
if (isset($_POST['adm_icq'])) { $adm_icq = inCode($_POST['adm_icq']); } else { $adm_icq = ""; }
if (isset($_POST['adm_msn'])) { $adm_msn = inCode($_POST['adm_msn']); } else { $adm_msn = ""; }
if (isset($_POST['adm_aol'])) { $adm_aol = inCode($_POST['adm_aol']); } else { $adm_aol = ""; }
if (isset($_POST['adm_yahoo'])) { $adm_yahoo = inCode($_POST['adm_yahoo']); } else { $adm_yahoo = ""; }
if (isset($_POST['adm_avatar'])) { $adm_avatar = inCode($_POST['adm_avatar']); } else { $adm_avatar = ""; }
if (isset($_POST['adm_gender'])) { $adm_gender = inCode($_POST['adm_gender']); } else { $adm_gender = ""; }
if (isset($_POST['adm_title_enabled'])) { $adm_title_enabled = inCode($_POST['adm_title_enabled']); } else { $adm_title_enabled = ""; }
if (isset($_POST['adm_title_text'])) { $adm_title_text = inCode($_POST['adm_title_text']); } else { $adm_title_text = ""; }
if (isset($_POST['adm_signature'])) { $adm_signature = inCode($_POST['adm_signature']); } else { $adm_signature = ""; }
if (isset($_POST['adm_pass'])) { $adm_pass = inCode($_POST['adm_pass']); } else { $adm_pass = ""; }
if (isset($_POST['adm_pass2'])) { $adm_pass2 = inCode($_POST['adm_pass2']); } else { $adm_pass2 = ""; }
$feedurl = (isset($_POST['feedurl'])) ? inCode($_POST['feedurl']) : "" ;
$change = true;
if (!validUser($adm_user)) { $change = false; $msg = _INVALIDUSER_; }
if (!validEmail($adm_email)) { $change = false; $msg = _MAILNOTVALID_; }
require_once("inc/class/uploadFile.class.php");
$upload = new uploadFile();
$upload->show_errors = false;
$upload->path = "images/avatar/uploaded/";
$upload->mime = array('image/gif','image/pjpeg','image/jpeg','image/png','image/tiff','image/bmp');
$upload->max_width = $siteConfig['avatar_max_w'];
$upload->max_height = $siteConfig['avatar_max_h'];
$upload->field = "avatar";
if ($avatar = $upload->upload()) {
$adm_avatar = "uploaded/".$avatar;
} else if ($upload->selected) {
$change = false;
$msg = $upload->error;
}
if ($adm_pass!="" AND $adm_pass2!="") {
if (validPass($adm_pass) && $adm_pass==$adm_pass2) {
$passquery = ",pass='".md5($adm_pass)."'";
} else {
$change = false;
$msg = _PASSNOTVALID_;
}
} else { $passquery = ""; }
if ($change) {
//Customized profile
//3.9.0
if ($result = $dblink->get_list("SELECT * FROM memht_utenti_profile ORDER BY id ASC")) {
foreach ($result as $row) {
$pid = intval($row['id']);
$name = strtolower(outCode($row['name']));
$title = outCode($row['title']);
$type = outCode($row['type']);
if (isset($_POST['cp_'.$name])) { $val = inCode($_POST['cp_'.$name]); } else { $val = ""; }
if ($val=="") {
$dblink->query("DELETE FROM memht_utenti_profile_data WHERE pid=$pid AND uid=$id");
} else {
if ($dblink->get_num_noerr("SELECT id FROM memht_utenti_profile_data WHERE pid=$pid AND uid=$id")>0) {
$dblink->query("UPDATE memht_utenti_profile_data SET content='$val' WHERE pid=$pid AND uid=$id");
} else {
$dblink->query("INSERT INTO memht_utenti_profile_data (id,uid,pid,content)
VALUES (null,'$id','$pid','$val')");
}
}
}
}
$dblink->query("UPDATE memht_utenti SET user='$adm_user',email='$adm_email',sito='$adm_sito',icq='$adm_icq',msn='$adm_msn',aol='$adm_aol',yahoo='$adm_yahoo',avatar='$adm_avatar',gender='$adm_gender',title_enabled='$adm_title_enabled',title_text='$adm_title_text',signature='$adm_signature',feed='$feedurl',enabled='$adm_enabled'".$passquery." WHERE id=$id");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users'>";
} else {
echo "<div align='center' id='errorText'><b>"._FIELDINVALID_."</b><br>$msg</div>";
}
} else {
echo "<div align='center' id='errorText'><b>"._LOCKED_."</b></div>";
}
}
}
function delete($adm_user,$ok=false) {
global $dblink,$userid;
if ($ok) {
$row = $dblink->get_row("SELECT id FROM memht_utenti WHERE user='$adm_user'");
$uid = intval($row['id']);
if ($uid>1 OR $userid==$uid) {
$dblink->query("DELETE FROM memht_utenti WHERE user='$adm_user'");
$dblink->query("DELETE FROM memht_utenti_profile_data WHERE uid=$uid");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users'>";
} else {
echo "<div align='center' id='errorText'><b>"._LOCKED_."</b></div>";
}
} else {
echo "<div align='center'><b>"._SUREDELETEUSER_."</b><br><a href='admin.php?page=users&op=deleteUser&adm_user=$adm_user&ok=true' title='"._YES_."'>"._YES_."</a> - <a href='admin.php?page=users' title='"._NO_."'>"._NO_."</a></div>";
}
}
function add($adm_user,$ok=false) {
global $dblink,$siteConfig,$tzNOW;
if (isset($_POST['adm_enabled'])) { $adm_enabled = inCode($_POST['adm_enabled']); } else { $adm_enabled = ""; }
if (isset($_POST['adm_email'])) { $adm_email = inCode($_POST['adm_email']); } else { $adm_email = ""; }
if (isset($_POST['adm_sito'])) { $adm_sito = inCode($_POST['adm_sito']); } else { $adm_sito = ""; }
if (isset($_POST['adm_icq'])) { $adm_icq = inCode($_POST['adm_icq']); } else { $adm_icq = ""; }
if (isset($_POST['adm_msn'])) { $adm_msn = inCode($_POST['adm_msn']); } else { $adm_msn = ""; }
if (isset($_POST['adm_aol'])) { $adm_aol = inCode($_POST['adm_aol']); } else { $adm_aol = ""; }
if (isset($_POST['adm_yahoo'])) { $adm_yahoo = inCode($_POST['adm_yahoo']); } else { $adm_yahoo = ""; }
if (isset($_POST['adm_avatar'])) { $adm_avatar = inCode($_POST['adm_avatar']); } else { $adm_avatar = ""; }
if (isset($_POST['adm_gender'])) { $adm_gender = inCode($_POST['adm_gender']); } else { $adm_gender = ""; }
if (isset($_POST['adm_title_enabled'])) { $adm_title_enabled = inCode($_POST['adm_title_enabled']); } else { $adm_title_enabled = ""; }
if (isset($_POST['adm_title_text'])) { $adm_title_text = inCode($_POST['adm_title_text']); } else { $adm_title_text = ""; }
if (isset($_POST['adm_signature'])) { $adm_signature = inCode($_POST['adm_signature']); } else { $adm_signature = ""; }
if (isset($_POST['adm_pass'])) { $adm_pass = inCode($_POST['adm_pass']); } else { $adm_pass = ""; }
if (isset($_POST['adm_pass2'])) { $adm_pass2 = inCode($_POST['adm_pass2']); } else { $adm_pass2 = ""; }
if (!$ok) {
if ($dblink->get_num("SELECT * FROM memht_utenti WHERE user='$adm_user'")>0) {
echo "<div align='center' id='errorText'><b>"._USERALREADYEXISTS_."</b></div>";
} else if (strlen($adm_user)<4) {
echo "<div align='center' id='errorText'><b>"._USERNAMETOOSHORT_."</b></div>";
} else if (strlen($adm_user)>$siteConfig['user_max_lunghezza']) {
echo "<div align='center' id='errorText'><b>"._USERNAMETOOLONG_."</b></div>";
} else {
echo "<table align='center' border='0'>";
echo "<form name='form' method='post' action='admin.php?page=users' enctype='multipart/form-data'>\n";
echo "<tr><td>"._USERNAME_."</td><td>$adm_user</td></tr>\n";
echo "<tr><td>"._ENABLED_."</td><td>\n";
echo "<select name='adm_enabled'>\n";
echo "<option value='1'>"._YES_."</option>\n";
echo "<option value='0' selected>"._NO_."</option>\n";
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><td>"._EMAIL_."</td><td><input type='text' name='adm_email' size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._SITE_."</td><td><input type='text' name='adm_sito' size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._ICQ_."</td><td><input type='text' name='adm_icq' size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._MSN_."</td><td><input type='text' name='adm_msn' size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._AOL_."</td><td><input type='text' name='adm_aol' size='30' maxlength='255'></td></tr>\n";
echo "<tr><td>"._YAHOO_."</td><td><input type='text' name='adm_yahoo' size='30' maxlength='255'></td></tr>\n";
echo "<tr><td valign='top'>"._AVATAR_.":</td><td><img name='chgavapro' src='images/avatar/blank.png' border='0' title='$adm_user'>";
echo "<div style='padding:2px 0 0 0;'><select name='adm_avatar' onChange=\"document.form.chgavapro.src = 'images/avatar/'+this.options[this.selectedIndex].value;\">\n";
unset($filearray);
$handle = opendir('images/avatar/');
while (false !== ($file = readdir($handle))) {
if ($file != "." AND $file != ".." AND $file!="blank.png" AND $file!="nosel.png" AND $file!="Thumbs.db" AND $file!="uploaded") {
$filearray[] = "<option value='$file'>$file</option>\n";
}
}
closedir($handle);
sort($filearray);
reset($filearray);
echo "<option value='blank.png' selected>- "._NOAVATAR_." -</option>\n";
foreach($filearray as $line) {
echo $line;
}
echo "</select></div>\n";
echo "<div style='padding:2px 0 0 0;'><input type='file' name='avatar' size='25'></div>";
echo "</td></tr>\n";
echo "<tr><td>"._GENDER_."</td><td>\n";
echo "<select name='adm_gender'>\n";
echo "<option value='0' selected>"._NEUTRAL_."</option>\n";
echo "<option value='1'>"._MALE_."</option>\n";
echo "<option value='2'>"._FEMALE_."</option>\n";
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><td>"._TITLEENABLED_."</td><td>";
echo "<select name='adm_title_enabled'>\n";
echo "<option value='1'>"._YES_."</option>\n";
echo "<option value='0' selected>"._NO_."</option>\n";
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><td>"._TITLETEXT_."</td><td><input type='text' name='adm_title_text' size='30' maxlength='255'></td></tr>\n";
echo "<tr><td valign='top'>"._SIGNATURE_."</td><td><textarea name='adm_signature' cols='30' rows='3'></textarea></td></tr>\n";
echo "<tr><td>"._PASSWORD_."</td><td><input type='password' name='adm_pass' size='20' maxlength='255'></td></tr>\n";
echo "<tr><td>"._REPASSWORD_."</td><td><input type='password' name='adm_pass2' size='20' maxlength='255'></td></tr>\n";
echo "<input type='hidden' name='op' value='addUser'>";
echo "<input type='hidden' name='ok' value='true'>";
echo "<input type='hidden' name='adm_user' value='$adm_user'>";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._ADDUSER_."'></td></tr>\n";
echo "</form>\n";
echo "</table>\n";
}
} else {
//Add to db
$add = true;
$search_user = $dblink->get_num("SELECT * FROM memht_utenti WHERE user='$adm_user'");
if ($search_user>0) { $add = false; $msg = _USERALREADYEXISTS_; }
if (!validUser($adm_user)) { $add = false; $msg = _INVALIDUSER_; }
if (strlen($adm_user)>$siteConfig['user_max_lunghezza']) { $add = false; $msg = _USERNAMETOOLONG_; }
if (strlen($adm_pass)>$siteConfig['pass_max_lunghezza']) { $add = false; $msg = _PASSWORDTOOLONG_; }
if (strlen($adm_user)<4) { $add = false; $msg = _USERNAMETOOSHORT_; }
if (strlen($adm_pass)<4) { $add = false; $msg = _PASSWORDTOOSHORT_; }
if (!validPass($adm_pass)) { $add = false; $msg = _PASSNOTVALID_; }
if ($adm_pass!=$adm_pass2) { $add = false; $msg = _DIFFERENTPASS_; }
$search_email = $dblink->get_num("SELECT * FROM memht_utenti WHERE email='$adm_email'");
if ($search_email>0) { $add = false; $msg = _EMAILALREADYEXISTS_; }
if (!validEmail($adm_email)) { $add = false; $msg = _MAILNOTVALID_; }
require_once("inc/class/uploadFile.class.php");
$upload = new uploadFile();
$upload->show_errors = false;
$upload->path = "images/avatar/uploaded/";
$upload->mime = array('image/gif','image/pjpeg','image/jpeg','image/png','image/tiff','image/bmp');
$upload->max_width = $siteConfig['avatar_max_w'];
$upload->max_height = $siteConfig['avatar_max_h'];
$upload->field = "avatar";
if ($avatar = $upload->upload()) {
$adm_avatar = "uploaded/".$avatar;
} else if ($upload->selected) {
$change = false;
$msg = $upload->error;
}
if ($add) {
if (memRunHooks('AddUserByAdmin',array($adm_user,$adm_pass,$adm_email))) {
$dblink->query("INSERT INTO memht_utenti (id,user,pass,email,regdate,sito,icq,msn,aol,yahoo,avatar,gender,title_enabled,title_text,signature,enabled)
VALUES (null,'$adm_user','".md5($adm_pass)."','$adm_email',$tzNOW,'$adm_sito','$adm_icq','$adm_msn','$adm_aol','$adm_yahoo','$adm_avatar','$adm_gender','$adm_title_enabled','$adm_title_text','$adm_signature','$adm_enabled')");
memRunHooks('AddUserByAdminEnd',array($adm_user,$adm_pass,$adm_email));
}
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users'>";
} else {
echo "<div align='center' id='errorText'><b>"._FIELDINVALID_."</b><br>$msg</div>";
}
}
}
function showProhibitedUsers() {
global $dblink;
openTable();
echo "<div align='center' class='box'>";
echo "<a href='admin.php?page=users&op=showProhibitedUsers' title='"._PROHIBITED_USERS_."'><img src='admin/icons/users_red.png' border='0' title='"._PROHIBITED_USERS_."' align='top'> "._PROHIBITED_USERS_."</a>";
echo " - <a href='admin.php?page=users&op=addProhibitedUsers' title='"._ADD_PROHIBITED_USERS_."'><img src='admin/icons/add.png' border='0' title='"._ADD_PROHIBITED_USERS_."' align='top'> "._ADD_PROHIBITED_USERS_."</a>";
echo "</div>";
closeTable();
$n = 0;
echo "<table width='100%' align='center' cellspacing='1' cellpadding='0' class='std_nicetable'>";
echo "<thead>\n";
echo "<tr><td>"._USERNAME_."</td><td width='1%'> </td></tr>\n";
echo "</thead>\n";
echo "<tbody>\n";
$result = $dblink->get_list("SELECT * FROM memht_utenti_vietati ORDER BY user");
foreach ($result as $row) {
$dbuser = outCode($row['user']);
$class = (($n++%2)!=0) ? "hlight" : "clean" ;
echo "<tr><td class='$class'><b>$dbuser</b></td><td class='$class' nowrap><a href='admin.php?page=users&op=editProhibitedUsers&username=$dbuser' title='"._MODIFY_."'><img src='images/edit.gif' alt='Edit' border='0'></a> <a href='admin.php?page=users&op=deleteProhibitedUsers&username=$dbuser' title='"._DELETE_."'><img src='images/delete.gif' alt='Delete' border='0'></a></td></tr>\n";
}
echo "</tbody>\n";
echo "</table>";
}
function addProhibitedUsers($username,$ok=false) {
global $dblink;
if (!$ok) {
echo "<table width='100%' align='center' cellspacing='0' cellpadding='1'>\n";
echo "<form name='form_arg' method='post' action='admin.php?page=users&op=addProhibitedUsers&ok=true'>";
echo "<tr><td width='25%'><b>"._USERNAME_."</b><td><input type='text' name='username' size='40' maxlength='255'>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._ADD_."'>\n";
echo "</form>\n";
echo "</table>\n";
} else {
$save = true;
if (!validUser($username)) { $save = false; }
if ($save) {
$dblink->query("INSERT INTO memht_utenti_vietati (user)
VALUES ('$username')");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=showProhibitedUsers'>";
} else {
echo "<div align='center' id='errorText'><b>"._FIELDINVALID_."</b></div>";
}
}
}
function editProhibitedUsers($olduser,$username,$ok=false) {
global $dblink;
if (!$ok) {
echo "<table width='100%' align='center' cellspacing='0' cellpadding='1'>\n";
echo "<form name='form_arg' method='post' action='admin.php?page=users&op=editProhibitedUsers&olduser=$username&ok=true'>";
echo "<tr><td width='25%'><b>"._USERNAME_."</b><td><input type='text' name='username' value=\"$username\" size='40' maxlength='255'>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._MODIFY_."'>\n";
echo "</form>\n";
echo "</table>\n";
} else {
$save = true;
if (!validUser($username)) { $save = false; }
if ($save) {
$dblink->query("UPDATE memht_utenti_vietati SET user='$username' WHERE user='$olduser'");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=showProhibitedUsers'>";
} else {
echo "<div align='center' id='errorText'><b>"._FIELDINVALID_."</b></div>";
}
}
}
function deleteProhibitedUsers($username,$ok=false) {
global $dblink;
if ($ok) {
$dblink->query("DELETE FROM memht_utenti_vietati WHERE user='$username'");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=showProhibitedUsers'>";
} else {
echo "<div align='center'><b>"._SUREDELETEUSER_."</b><br><a href='admin.php?page=users&op=deleteProhibitedUsers&username=$username&ok=true' title='"._YES_."'>"._YES_."</a> - <a href='admin.php?page=users&op=showProhibitedUsers' title='"._NO_."'>"._NO_."</a></div>";
}
}
function sendEmailToUser($adm_user) {
global $dblink,$siteConfig,$userInfo;
if (isset($_POST['form_recipient'])) { $form_recipient = inCode($_POST['form_recipient']); } else { $form_recipient = ""; }
if (isset($_POST['form_object'])) { $form_object = inCode($_POST['form_object']); } else { $form_object = ""; }
if (isset($_POST['form_message'])) { $form_message = inCode($_POST['form_message']); } else { $form_message = ""; }
if (isset($_POST['check_form'])) { $check_form = inCode($_POST['check_form']); } else { $check_form = false; }
$send = "yes";
if ($form_object=="") { $send = "no"; }
if ($form_message=="") { $send = "no"; }
if ($send!="no") {
if ($rrow = $dblink->get_row("SELECT * FROM memht_utenti WHERE user='$form_recipient'")) {
$recipientemail = outCode($rrow['email']);
$subject = $form_object;
$msg = "$subject\n\n";
$msg .= _NAME_.": ".$userInfo['user']."\n";
$msg .= _EMAIL_.": ".$userInfo['email']."\n";
$msg .= _OBJECT_.": $form_object\n";
$msg .= _MESSAGE_.": $form_message\n";
$msg .= _DATE_.": ".@date(Y.".".m.".".d)."-".@date(H.".".i)."\n\n";
sendEmail($recipientemail,$subject,$msg,$userInfo['user'],$userInfo['email'],0);
echo "<center><b>"._MAILSENT_."</b></center>";
} else {
echo "<div align='center' id='errorText'><b>"._USERNOTFOUND_."</b></div>";
}
} else {
if ($check_form) {
echo "<div align='center' style='font-weight:bold;' id='errorText'>"._FIELDINVALID_."</div>";
}
?>
<form name="contact" id="contact" method="post" action="admin.php?page=users&op=sendEmail">
<table align="center">
<?php
echo "<tr><td align='right'><b>"._RECIPIENT_."</b></td><td><input type='text' name='form_recipient' size=20 value=\"$adm_user\"> <input type='button' value='"._FIND_."' onClick=\"openPopup('inc/popwin/finduser.php?form=contact&element=form_recipient&username='+document.forms['contact'].elements['form_recipient'].value+'','350','400');\"></td></tr>\n";
?>
<tr><td align="right"><b><?php echo _OBJECT_; ?></b></td><td><input type="text" name="form_object" size=40></td></tr>
<tr><td align="right" valign="top"><b><?php echo _MESSAGE_; ?></b></td><td><textarea name="form_message" cols=30 rows=5 wrap=virtual></textarea></td></tr>
<tr><td align="right"><b><?php echo _DATE_; ?></b></td><td><?php echo @date(Y.".".m.".".d)."-".@date(H.".".i); ?></td></tr>
<input type="hidden" name="check_form" value=true>
<tr><td colspan="2"><center><input type="submit" name="submit" value="<?php echo _SEND_; ?>" class="button"> <input type="reset" name="Submit" value="<?php echo _DELETE_; ?>" class="button"></center></td></tr>
</table>
</form>
<?php
}
}
function usersList($query,$ofsbgn,$ofsppg,$pg) {
global $dblink,$siteConfig;
$n = 0;
echo "<table width='100%' align='center' cellspacing='1' cellpadding='0' class='std_nicetable'>";
echo "<thead>\n";
echo "<tr><td width='20%'>"._USERNAME_."</a></td><td width='30%'>"._EMAIL_."</td><td width='20%'>"._REGISTERED_."</td><td width='10%' align='center'><b>"._SITE_."</b></td><td width='10%' align='center'><b>"._POSTS_."</b></td><td width='1%'> </td></tr>\n";
echo "</thead>\n";
echo "<tbody>\n";
if ($result = $dblink->get_list("SELECT * FROM memht_utenti{$query} ORDER BY user LIMIT $ofsbgn,$ofsppg")) {
foreach ($result as $row) {
$list_id = intval($row['id']);
$list_user = outCode($row['user']);
$list_email = outCode($row['email']);
$list_reg = $row['regdate'];
$list_site = outCode($row['sito']);
$list_post = intval($row['post']);
if ($list_site!="") { $list_site = "<a href='$list_site' target='_blank' title='header=["._SITE_."] body=[$list_site]'><img src='admin/icons/mylinks.png' alt='URL' border='0'></a>"; } else { $list_site = "-"; }
$class = (($n++%2)!=0) ? "hlight" : "clean" ;
echo "<tr><td class='$class'><a href='index.php?page=users&op=userInfo&uid=$list_id' title='$list_user'><b>$list_user</b></a></td><td class='$class'>$list_email</td><td class='$class'>$list_reg</td><td class='$class' align='center'>$list_site</td><td class='$class' align='center'>$list_post</td><td width='1%' class='$class'>";
echo "<form name='admin_cfg' method='post' action='admin.php?page=users'>\n";
echo "<input type='hidden' name='id' value='$list_id'>";
echo "<input type='hidden' name='op' value='editUser'>";
echo "<input type='submit' name='Submit' value='"._MODIFY_."'>\n";
echo "</form>\n";
echo "</td></tr>\n";
}
} else {
echo "<tr><td class='clean' colspan='6' id='errorText' align='center'><b>"._EMPTY_."</b></td></tr>\n";
}
echo "</tbody>\n";
echo "</table>";
if ($query=="") {
//Pages
include_once("inc/class/paginationSystem.class.php");
$ps = new paginationSystem();
$ps->items = $ofsppg;
$ps->actpg = $pg;
$ps->query = "SELECT id FROM memht_utenti";
$ps->url = "admin.php?page=users&op=usersList&pg={{N}}";
$ps->show();
}
}
function rssFeeds($id,$subop,$ok=false) {
global $dblink;
$id = intval($id);
$title = (isset($_POST['title'])) ? inCode($_POST['title']) : "" ;
$feedurl = (isset($_POST['feedurl'])) ? inCode($_POST['feedurl']) : "" ;
echo "<div align='center' class='box'>";
echo "<a href='admin.php?page=users&op=rssFeeds' title='"._LIST_."'><img src='admin/icons/list.png' border='0' title='"._LIST_."' align='top'> "._LIST_."</a>";
echo " - <a href='admin.php?page=users&op=rssFeeds&subop=addFeed' title='"._ADD_."'><img src='admin/icons/add.png' border='0' title='"._ADD_."' align='top'> "._ADD_."</a>";
echo "</div>";
switch ($subop) {
case "addFeed":
if (!$ok) {
echo "<table width='100%' align='center' cellspacing='0' cellpadding='1'>\n";
echo "<form name='rssfeedadd' method='post' action='admin.php?page=users&op=rssFeeds&subop=addFeed&ok=true'>";
echo "<tr><td width='25%'><b>"._TITLE_."</b><td><input type='text' name='title' size='30' maxlength='255'>\n";
echo "<tr><td><b>"._URL_."</b></td><td><input type='text' name='feedurl' size='40' maxlength='255'></td></tr>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._ADD_."'>\n";
echo "</form>\n";
echo "</table>\n";
} else {
$save = true;
if ($title=="") { $save = false; $msg = "<b>"._EMPTY_."</b>: "._TITLE_; }
if ($feedurl=="") { $save = false; $msg = "<b>"._EMPTY_."</b>: "._URL_; }
if ($save) {
$dblink->query("INSERT INTO memht_rssreader_links (id,title,link)
VALUES (null,'$title','$feedurl')");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=rssFeeds'>";
} else {
echo "<div align='center' id='errorText'><b>"._FIELDINVALID_."</b><br>$msg</div>";
}
}
break;
case "editFeed":
if (!$ok) {
$row = $dblink->get_row("SELECT * FROM memht_rssreader_links WHERE id=$id");
$title = outCode($row['title']);
$link = outCode($row['link']);
echo "<table width='100%' align='center' cellspacing='0' cellpadding='1'>\n";
echo "<form name='rssfeededit' method='post' action='admin.php?page=users&op=rssFeeds&subop=editFeed&id=$id&ok=true'>";
echo "<tr><td width='25%'><b>"._TITLE_."</b><td><input type='text' name='title' value=\"$title\" size='30' maxlength='255'>\n";
echo "<tr><td><b>"._URL_."</b></td><td><input type='text' name='feedurl' value=\"$link\" size='40' maxlength='255'></td></tr>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._MODIFY_."'>\n";
echo "</form>\n";
echo "</table>\n";
} else {
$save = true;
if ($title=="") { $save = false; $msg = "<b>"._EMPTY_."</b>: "._TITLE_; }
if ($feedurl=="") { $save = false; $msg = "<b>"._EMPTY_."</b>: "._URL_; }
if ($save) {
$dblink->query("UPDATE memht_rssreader_links SET title='$title',link='$feedurl' WHERE id=$id");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=rssFeeds'>";
} else {
echo "<div align='center' id='errorText'><b>"._FIELDINVALID_."</b><br>$msg</div>";
}
}
break;
case "deleteFeed":
if ($ok) {
$dblink->query("DELETE FROM memht_rssreader_links WHERE id=$id");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=rssFeeds'>";
} else {
echo "<div align='center'><b>"._SUREDELETE_."</b><br><a href='admin.php?page=users&op=rssFeeds&subop=deleteFeed&id=$id&ok=true' title='"._YES_."'>"._YES_."</a> - <a href='admin.php?page=users&op=rssFeeds' title='"._NO_."'>"._NO_."</a></div>";
}
break;
default:
$n = 0;
echo "<table width='100%' align='center' cellspacing='1' cellpadding='0' class='std_nicetable'>";
echo "<thead>\n";
echo "<tr><td>"._NAME_."</td><td width='1%'>"._URL_."</td><td width='1%'> </td></tr>";
echo "</thead>\n";
echo "<tbody>\n";
if ($result = $dblink->get_list("SELECT * FROM memht_rssreader_links ORDER BY title")) {
foreach ($result as $row) {
$id = intval($row['id']);
$title = outCode($row['title']);
$link = outCode($row['link']);
$class = (($n++%2)!=0) ? "hlight" : "clean" ;
echo "<tr><td class='$class'><b>$title</b></td><td class='$class' align='right' nowrap><input type='text' value=\"$link\" size='40' disabled></td><td align='right' class='$class' nowrap><a href=\"$link\" title=\"$title\" target='_blank'><img src='images/rss-syndicate_box.gif' alt='RSS' border='0' title=\"$title\"></a> <a href='admin.php?page=users&op=rssFeeds&subop=editFeed&id=$id' title='"._MODIFY_."'><img src='images/edit.gif' alt='Edit' border='0'></a> <a href='admin.php?page=users&op=rssFeeds&subop=deleteFeed&id=$id' title='"._DELETE_."'><img src='images/delete.gif' alt='Delete' border='0'></a></td></tr>\n";
}
} else {
echo "<tr><td align='center' id='errorText' class='clean'>"._EMPTY_."</td></tr>";
}
echo "</tbody>\n";
echo "</table>";
break;
}
}
function approveUser($id,$ok=false) {
global $dblink,$siteConfig,$tzNOW;
$id = intval($id);
$decision = intval($_GET['decision']);
if ($ok) {
if ($decision==1) {
$row = $dblink->get_row("SELECT * FROM memht_utenti_attesa WHERE id=$id");
$wa_user = outCode($row['user']);
$wa_pass = outCode($row['pass']);
$wa_email = outCode($row['email']);
$wa_newsletter = intval($row['newsletter']);
$wa_lastip = outCode($row['lastip']);
$wa_data = outCode($row['data']);
$dblink->query("DELETE FROM memht_utenti_attesa WHERE user='$wa_user'");
if (memRunHooks('ApproveUser',array($wa_user,$wa_pass,$wa_email))) {
$dblink->query("INSERT INTO memht_utenti (id,user,pass,email,regdate,lastip,lastlogin,enabled)
VALUES (null,'$wa_user','$wa_pass','$wa_email',$tzNOW,'$wa_lastip',$tzNOW,1)");
memRunHooks('ApproveUserEnd',array($wa_user,$wa_pass,$wa_email));
}
if ($siteConfig['welcome_pm']!="") {
$dblink->query("INSERT INTO memht_pvtmsg (id,recipient,author,name,text,date,smiles,new)
VALUES (null,'$wa_user','".$siteConfig['welcome_pm_author']."','".$siteConfig['welcome_pm_title']."','".$siteConfig['welcome_pm']."',$tzNOW,'1','1')");
}
if ($wa_newsletter==1 AND $dblink->get_num("SELECT email FROM memht_newsletter WHERE email='$wa_email'")==0) {
if (memRunHooks('AddEmailToNewsletter',array($wa_email))) {
$dblink->query("INSERT INTO memht_newsletter (email,ip) VALUES ('$wa_email','$wa_lastip')");
memRunHooks('AddEmailToNewsletterEnd',array($wa_email));
}
}
//Email
$subject = $siteConfig['site_name']." - "._ACCACTIVATED_;
$msg = "$subject\n\n";
$msg .= _HI_." $wa_user, "._WELCOMETO_." ".$siteConfig['site_name']."!\n\n";
$msg .= _ACCACTIVATED_."\n";
$msg .= _NOWUCANEDITANDENTER_."\n";
$msg .= $siteConfig['site_url']."/index.php?page=users\n";
sendEmail($wa_email,$subject,$msg,$siteConfig['site_name'],$siteConfig['webmaster_mail'],0);
echo "<div align='center'><b>"._ACCACTIVATED_."</b</div>";
echo "<meta http-equiv='refresh' content='3;URL=admin.php?page=users'>";
} else {
$dblink->query("DELETE FROM memht_utenti_attesa WHERE id=$id");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users'>";
}
} else {
echo "<div align='center' class='box'><b>"._AREYOUSURE_."</b><br><a href='admin.php?page=users&op=approvation&id=$id&decision=$decision&ok=true' title='"._YES_."'>"._YES_."</a> - <a href='admin.php?page=users' title='"._NO_."'>"._NO_."</a></div>";
}
}
function showProhibitedEmailDomains() {
global $dblink;
openTable();
echo "<div align='center' class='box'>";
echo "<a href='admin.php?page=users&op=showProhibitedEmailDomains' title='"._LIST_."'><img src='admin/icons/list.png' border='0' title='"._LIST_."' align='top'> "._LIST_."</a>";
echo " - <a href='admin.php?page=users&op=addProhibitedEmailDomains' title='"._ADD_."'><img src='admin/icons/add.png' border='0' title='"._ADD_."' align='top'> "._ADD_."</a>";
echo "</div>";
closeTable();
openTable();
$n = 0;
echo "<table width='100%' align='center' cellspacing='1' cellpadding='0' class='std_nicetable'>";
echo "<thead>\n";
echo "<tr><td>"._DOMAINS_."</td><td width='1%'> </td></tr>\n";
echo "</thead>\n";
echo "<tbody>\n";
$result = $dblink->get_list("SELECT id,domain FROM memht_email_nodomain ORDER BY domain");
foreach ($result as $row) {
$id = intval($row['id']);
$domain = outCode($row['domain']);
$class = (($n++%2)!=0) ? "hlight" : "clean" ;
echo "<tr><td class='$class'><b>$domain</b></td><td class='$class' nowrap><a href='admin.php?page=users&op=editProhibitedEmailDomains&id=$id' title='"._MODIFY_."'><img src='images/edit.gif' alt='Edit' border='0'></a> <a href='admin.php?page=users&op=deleteProhibitedEmailDomains&id=$id' title='"._DELETE_."'><img src='images/delete.gif' alt='Delete' border='0'></a></td></tr>\n";
}
echo "</tbody>\n";
echo "</table>";
}
function addProhibitedEmailDomains($domain,$ok=false) {
global $dblink;
if (!$ok) {
echo "<table width='100%' align='center' cellspacing='0' cellpadding='1'>\n";
echo "<form name='form_arg' method='post' action='admin.php?page=users&op=addProhibitedEmailDomains&ok=true'>";
echo "<tr><td width='25%'><b>"._DOMAINS_."</b><td><input type='text' name='domain' size='40' maxlength='255'>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._ADD_."'>\n";
echo "</form>\n";
echo "</table>\n";
} else {
$save = true;
if ($domain=="") { $save = false; $msg = _FIELD_." <b>"._DOMAINS_."</b> "._REQUIRED_; }
if ($save) {
$dblink->query("INSERT INTO memht_email_nodomain (domain)
VALUES ('$domain')");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=showProhibitedEmailDomains'>";
} else {
echo "<div align='center' id='errorText'><b>$msg</b></div>";
}
}
}
function editProhibitedEmailDomains($id,$domain,$ok=false) {
global $dblink;
if (!$ok) {
$row = $dblink->get_row("SELECT domain FROM memht_email_nodomain WHERE id=$id");
$domain = outCode($row['domain']);
echo "<table width='100%' align='center' cellspacing='0' cellpadding='1'>\n";
echo "<form name='form_arg' method='post' action='admin.php?page=users&op=editProhibitedEmailDomains&id=$id&ok=true'>";
echo "<tr><td width='25%'><b>"._DOMAINS_."</b><td><input type='text' name='domain' value=\"$domain\" size='40' maxlength='255'>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._MODIFY_."'>\n";
echo "</form>\n";
echo "</table>\n";
} else {
$save = true;
if ($domain=="") { $save = false; $msg = _FIELD_." <b>"._DOMAINS_."</b> "._REQUIRED_; }
if ($save) {
$dblink->query("UPDATE memht_email_nodomain SET domain='$domain' WHERE id=$id");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=showProhibitedEmailDomains'>";
} else {
echo "<div align='center' id='errorText'><b>"._FIELDINVALID_."</b></div>";
}
}
}
function deleteProhibitedEmailDomains($id,$ok=false) {
global $dblink;
if ($ok) {
$dblink->query("DELETE FROM memht_email_nodomain WHERE id=$id");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=showProhibitedEmailDomains'>";
} else {
echo "<div align='center'><b>"._SUREDELETEUSER_."</b><br><a href='admin.php?page=users&op=deleteProhibitedEmailDomains&id=$id&ok=true' title='"._YES_."'>"._YES_."</a> - <a href='admin.php?page=users&op=showProhibitedEmailDomains' title='"._NO_."'>"._NO_."</a></div>";
}
}
function profile($id,$name,$title,$type,$showinforum,$subop,$ok=false) {
global $dblink;
echo "<div align='center' class='box'>";
echo "<a href='admin.php?page=users&op=profile' title='"._LIST_."'><img src='admin/icons/list.png' border='0' title='"._LIST_."' align='top'> "._LIST_."</a>";
echo " - <a href='admin.php?page=users&op=profile&subop=add' title='"._ADD_."'><img src='admin/icons/add.png' border='0' title='"._ADD_."' align='top'> "._ADD_."</a>";
echo "</div>";
switch ($subop) {
case "add":
if (!$ok) {
echo "<table width='100%' align='center' cellspacing='0' cellpadding='1'>\n";
echo "<form name='rssfeedadd' method='post' action='admin.php?page=users&op=profile&subop=add&ok=true'>";
echo "<tr><td width='25%'><b>"._NAME_."</b> <img src='images/info.gif' title=\"header=["._INFORMATIONS_."] body=["._CLEAN_NAME_."]\"></td><td><input type='text' name='name' size='40' maxlength='255'></td></tr>\n";
echo "<tr><td><b>"._TITLE_."</b><td><input type='text' name='title' size='30' maxlength='255'>\n";
echo "<tr><td><b>"._TYPE_."</b></td><td>";
echo "<select name='type'>\n";
echo "<option value='0' selected>Input</option>\n";
echo "<option value='1'>Textarea</option>\n";
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><td><b>"._SHOWINFORUM_."</b></td><td>";
echo "<select name='showinforum'>\n";
echo "<option value='1' selected>"._YES_."</option>\n";
echo "<option value='0'>"._NO_."</option>\n";
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._ADD_."'>\n";
echo "</form>\n";
echo "</table>\n";
} else {
$save = true;
if ($name=="") { $save = false; $msg = _NAME_." ".strtolower(_FIELD_)." ".strtolower(_REQUIRED_); }
if ($title=="") { $save = false; $msg = _TITLE_." ".strtolower(_FIELD_)." ".strtolower(_REQUIRED_); }
if ($save) {
$dblink->query("INSERT INTO memht_utenti_profile (id,name,title,type,showinforum)
VALUES (null,'$name','$title','$type','$showinforum')");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=profile'>";
} else {
echo "<div align='center' id='errorText'><b>$msg</b></div>";
}
}
break;
case "edit":
if (!$ok) {
$row = $dblink->get_row("SELECT * FROM memht_utenti_profile WHERE id=$id");
$name = outCode($row['name']);
$title = outCode($row['title']);
$type = intval($row['type']);
$showinforum = intval($row['showinforum']);
echo "<table width='100%' align='center' cellspacing='0' cellpadding='1'>\n";
echo "<form name='rssfeededit' method='post' action='admin.php?page=users&op=profile&subop=edit&id=$id&ok=true'>";
echo "<tr><td width='25%'><b>"._NAME_."</b> <img src='images/info.gif' title=\"header=["._INFORMATIONS_."] body=["._CLEAN_NAME_."]\"></td><td><input type='text' name='name' value=\"$name\" size='40' maxlength='255'></td></tr>\n";
echo "<tr><td><b>"._TITLE_."</b><td><input type='text' name='title' value=\"$title\" size='30' maxlength='255'>\n";
echo "<tr><td><b>"._TYPE_."</b></td><td>";
echo "<select name='type'>\n";
if ($type==0) {
echo "<option value='0' selected>Input</option>\n";
echo "<option value='1'>Textarea</option>\n";
} else {
echo "<option value='0'>Input</option>\n";
echo "<option value='1' selected>Textarea</option>\n";
}
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><td><b>"._SHOWINFORUM_."</b></td><td>";
echo "<select name='showinforum'>\n";
if ($showinforum==1) {
echo "<option value='1' selected>"._YES_."</option>\n";
echo "<option value='0'>"._NO_."</option>\n";
} else {
echo "<option value='1'>"._YES_."</option>\n";
echo "<option value='0' selected>"._NO_."</option>\n";
}
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._MODIFY_."'>\n";
echo "</form>\n";
echo "</table>\n";
} else {
$save = true;
if ($name=="") { $save = false; $msg = _NAME_." ".strtolower(_FIELD_)." ".strtolower(_REQUIRED_); }
if ($title=="") { $save = false; $msg = _TITLE_." ".strtolower(_FIELD_)." ".strtolower(_REQUIRED_); }
if ($save) {
$dblink->query("UPDATE memht_utenti_profile SET name='$name',title='$title',type='$type',showinforum='$showinforum' WHERE id=$id");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=profile'>";
} else {
echo "<div align='center' id='errorText'><b>$msg</b></div>";
}
}
break;
case "delete":
if ($ok) {
$dblink->query("DELETE FROM memht_utenti_profile WHERE id=$id");
$dblink->query("DELETE FROM memht_utenti_profile_data WHERE pid=$id");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=users&op=profile'>";
} else {
echo "<div align='center'><b>"._SUREDELETE_."</b><br><a href='admin.php?page=users&op=profile&subop=delete&id=$id&ok=true' title='"._YES_."'>"._YES_."</a> - <a href='admin.php?page=users&op=profile' title='"._NO_."'>"._NO_."</a></div>";
}
break;
default:
$n = 0;
echo "<table width='100%' align='center' cellspacing='1' cellpadding='0' class='std_nicetable'>";
echo "<thead>\n";
echo "<tr><td width='25%'>"._TITLE_."</td><td width='25%'>"._NAME_."</td><td width='25%'>"._TYPE_."</td><td width='25%' align='center'>"._SHOWINFORUM_."</td><td width='1%'> </td></tr>";
echo "</thead>\n";
echo "<tbody>\n";
if ($result = $dblink->get_list("SELECT * FROM memht_utenti_profile ORDER BY id")) {
foreach ($result as $row) {
$id = intval($row['id']);
$name = outCode($row['name']);
$title = outCode($row['title']);
$type = intval($row['type']);
$showinforum = intval($row['showinforum']);
switch($type) {
case 0: $type = "Input"; break;
case 1: $type = "Textarea"; break;
}
switch($showinforum) {
case 0: $showinforum = _NO_; break;
case 1: $showinforum = _YES_; break;
}
$class = (($n++%2)!=0) ? "hlight" : "clean" ;
echo "<tr><td class='$class'><b>$title</b></td><td class='$class'>$name</td><td class='$class'>$type</td><td class='$class' align='center'>$showinforum</td><td align='right' class='$class' nowrap><a href='admin.php?page=users&op=profile&subop=edit&id=$id' title='"._MODIFY_."'><img src='images/edit.gif' alt='Edit' border='0'></a> <a href='admin.php?page=users&op=profile&subop=delete&id=$id' title='"._DELETE_."'><img src='images/delete.gif' alt='Delete' border='0'></a></td></tr>\n";
}
} else {
echo "<tr><td align='center' id='errorText' class='clean' colspan='5'><b>"._EMPTY_."</b></td></tr>";
}
echo "</tbody>\n";
echo "</table>";
break;
}
}
function pmEditor($ok=false) {
global $dblink;
if (!$ok) {
$row = $dblink->get_row("SELECT welcome_pm,welcome_pm_title,welcome_pm_author FROM memht_config");
$dbwelcome_pm = outCode($row['welcome_pm']);
$dbwelcome_pm_title = outCode($row['welcome_pm_title']);
$dbwelcome_pm_author = outCode($row['welcome_pm_author']);
$message_current = bb2smile(bb2html(outCode($row['welcome_pm'],0),0));
if ($message_current=="") { $message_current = _EMPTY_; }
echo "<div title='Current Message' class='box' style=\"padding: 5px;\">$message_current</div>";
echo "<table width='100%' align='center' cellspacing='2' cellpadding='0'>";
echo "<form name='pmeditor' method='post' action='admin.php?page=users&op=pmEditor&ok=true'>";
echo "<tr>";
echo "<th>"._TITLE_."</th><td><input type='text' name='pm_title' value=\"$dbwelcome_pm_title\" size='46' maxlength='100'></td>";
echo "</tr>";
echo "<tr>";
echo "<th>"._MESSAGE_."</th><td>";
bbcodeToolbar("pmeditor","pm_message");
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td width='20%' valign='top'>";
smileBox("pmeditor","pm_message");
echo "</td>";
echo "<td><textarea name='pm_message' style='width:99%; height:172px;'>$dbwelcome_pm</textarea></td>";
echo "</tr>";
echo "<tr>";
echo "<th>"._AUTHOR_."</th><td><input type='text' name='pm_author' value=\"$dbwelcome_pm_author\" size='46' maxlength='30'></td>";
echo "</tr>";
echo "<tr>";
echo "<td></td><td><input type='submit' name='Submit' value='"._SAVE_."'></td>";
echo "</tr>";
echo "</form>";
echo "</table>";
}else{
$save = true;
if (isset($_POST['pm_title'])) { $pm_title = inCode($_POST['pm_title']); } else { $pm_title=""; }
if (isset($_POST['pm_message'])) { $pm_message = inCode($_POST['pm_message']); } else { $pm_message=""; }
if (isset($_POST['pm_author'])) { $pm_author = inCode($_POST['pm_author']); } else { $pm_author=""; }
if ($save) {
echo "<div align='center'><b>"._SAVINGCONFIGURATION_."</b></div>";
$dblink->query("UPDATE memht_config SET welcome_pm='$pm_message',welcome_pm_title='$pm_title',welcome_pm_author='$pm_author'");
echo "<meta http-equiv='refresh' content='3;URL=admin.php?page=users&op=pmEditor'>";
} else {
echo "<div align='center' id='errorText'><b>$msg</b></div>";
}
}
}
require_once("admin/inc/inc_header.php");
admin_page_title($page);
openTable();
echo "<div align='center' class='box'>";
echo "<a href='admin.php?page=users' title='"._MAIN_."'><img src='admin/icons/users.png' border='0' title='"._MAIN_."' align='top'> "._MAIN_."</a>";
echo " - <a href='admin.php?page=users&op=usersList' title='"._LIST_."'><img src='admin/icons/list.png' border='0' title='"._LIST_."' align='top'> "._LIST_."</a>";
echo " - <a href='admin.php?page=users&op=findUser' title='"._FINDUSER_."'><img src='admin/icons/search.png' border='0' title='"._FINDUSER_."' align='top'> "._FINDUSER_."</a>";
echo " - <a href='admin.php?page=users&op=profile' title='"._USERS_PROFILE_."'><img src='admin/icons/range.png' border='0' title='"._USERS_PROFILE_."' align='top'> "._USERS_PROFILE_."</a>";
echo " - <a href='admin.php?page=users&op=showProhibitedUsers' title='"._PROHIBITED_USERS_."'><img src='admin/icons/users_red.png' border='0' title='"._PROHIBITED_USERS_."' align='top'> "._PROHIBITED_USERS_."</a>";
echo " - <a href='admin.php?page=users&op=showProhibitedEmailDomains' title='"._PROHIBITED_EMAIL_DOMAINS_."'><img src='admin/icons/newsletter.png' border='0' title='"._PROHIBITED_EMAIL_DOMAINS_."' align='top'> "._PROHIBITED_EMAIL_DOMAINS_."</a>";
echo "<br><a href='admin.php?page=users&op=sendEmail' title='"._SEND_." "._EMAIL_."'><img src='admin/icons/newsletter.png' border='0' title='"._SEND_." "._EMAIL_."' align='top'> "._SEND_." "._EMAIL_."</a>";
echo " - <a href='admin.php?page=users&op=rssFeeds' title='"._RSS_FEEDS_."'><img src='images/rss-syndicate_box.gif' border='0' title='"._RSS_FEEDS_."' align='top'> "._RSS_FEEDS_."</a>";
echo " - <a href='admin.php?page=users&op=pmEditor' title='"._WELCOME_PM_EDITOR_."'><img src='admin/icons/config.png' border='0' title='"._WELCOME_PM_EDITOR_."' align='top'> "._WELCOME_PM_EDITOR_."</a>";
echo "</div>";
closeTable();
openTable();
switch($op) {
case "findUser":
findUser($ofsbgn,$ofsppg,$pg);
break;
case "editUser":
edit($id,$ok);
break;
case "deleteUser":
delete($adm_user,$ok);
break;
case "addUser":
add($adm_user,$ok);
break;
case "showProhibitedUsers":
showProhibitedUsers();
break;
case "addProhibitedUsers":
addProhibitedUsers($username,$ok);
break;
case "editProhibitedUsers":
editProhibitedUsers($olduser,$username,$ok);
break;
case "deleteProhibitedUsers":
deleteProhibitedUsers($username,$ok);
break;
case "showProhibitedEmailDomains":
showProhibitedEmailDomains();
break;
case "addProhibitedEmailDomains":
addProhibitedEmailDomains($domain,$ok);
break;
case "editProhibitedEmailDomains":
editProhibitedEmailDomains($id,$domain,$ok);
break;
case "deleteProhibitedEmailDomains":
deleteProhibitedEmailDomains($id,$ok);
break;
case "sendEmail":
sendEmailToUser($adm_user);
break;
case "usersList":
usersList($query="",$ofsbgn,$ofsppg,$pg);
break;
case "rssFeeds":
rssFeeds($id,$subop,$ok);
break;
case "approvation":
approveUser($id,$ok);
break;
case "profile":
profile($id,$name,$title,$type,$showinforum,$subop,$ok);
break;
case "pmEditor":
pmEditor($ok);
break;
default:
userMenu();
break;
}
closeTable();
require_once("admin/inc/inc_footer.php");
?>
|