'user_name ASC', 'name_d' => 'user_name DESC', 'group_a' => 'group_name ASC', 'group_d' => 'group_name DESC', 'reg_a' => 'user_regdate ASC', 'reg_d' => 'user_regdate DESC', 'pic_a' => 'pic_count ASC', 'pic_d' => 'pic_count DESC', 'disku_a' => 'disk_usage ASC', 'disku_d' => 'disk_usage DESC', 'lv_a' => 'user_lastvisit ASC', 'lv_d' => 'user_lastvisit DESC', ); $sort = (!isset($HTTP_GET_VARS['sort']) || !isset($sort_codes[$HTTP_GET_VARS['sort']])) ? 'reg_d' : $HTTP_GET_VARS['sort']; $tab_tmpl = array('left_text' => '' . $lang_usermgr_php['u_user_on_p_pages'] . '' . "\n", 'tab_header' => '', 'tab_trailer' => '', 'active_tab' => '' . "\n" . '%d', 'inactive_tab' => '' . "\n" . '%d' . "\n" ); $result = db_query("SELECT count(*) FROM {$CONFIG['TABLE_USERS']} WHERE 1"); $nbEnr = mysql_fetch_array($result); $user_count = $nbEnr[0]; mysql_free_result($result); if (!$user_count) cpg_die(CRITICAL_ERROR, $lang_usermgr_php['err_no_users'], __FILE__, __LINE__); $user_per_page = 25; $page = isset($HTTP_GET_VARS['page']) ? (int)$HTTP_GET_VARS['page'] : 1; $lower_limit = ($page-1) * $user_per_page; $total_pages = ceil($user_count / $user_per_page); $sql = "SELECT user_id, user_name, UNIX_TIMESTAMP(user_regdate) as user_regdate, UNIX_TIMESTAMP(user_lastvisit) as user_lastvisit, user_active, ". "COUNT(pid) as pic_count, ROUND(SUM(total_filesize)/1024) as disk_usage, group_name, group_quota ". "FROM {$CONFIG['TABLE_USERS']} AS u ". "INNER JOIN {$CONFIG['TABLE_USERGROUPS']} AS g ON user_group = group_id ". "LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p ON p.owner_id = u.user_id ". "GROUP BY user_id ". "ORDER BY " . $sort_codes[$sort] . " ". "LIMIT $lower_limit, $user_per_page;"; $result = db_query($sql); $tabs = create_tabs($user_count, $page, $total_pages, $tab_tmpl); starttable('100%'); if (!$lim_user) { echo <<< EOT {$lang_usermgr_php['name']} {$lang_usermgr_php['group']} {$lang_usermgr_php['registered_on']} {$lang_usermgr_php['last_visit']} {$lang_usermgr_php['operations']} {$lang_usermgr_php['pictures']} {$lang_usermgr_php['disk_space']} EOT; } else { echo <<< EOT {$lang_usermgr_php['name']} {$lang_usermgr_php['group']} {$lang_usermgr_php['registered_on']} {$lang_usermgr_php['last_visit']} {$lang_usermgr_php['pictures']} {$lang_usermgr_php['disk_space']} EOT; } while ($user = mysql_fetch_array($result)) { if ($user['user_active'] == 'NO') $user['group_name'] = '' . $lang_usermgr_php['inactive'] . ''; $user['user_regdate'] = localised_date($user['user_regdate'], $register_date_fmt); if ($user['user_lastvisit']) { $user['user_lastvisit'] = localised_date($user['user_lastvisit'], $register_date_fmt); } else { $user['user_lastvisit'] = $lang_usermgr_php['never']; } $usr_link = '' . $user['user_name']; if ($user['pic_count']) { $usr_link .= ' (' . $lang_usermgr_php['latest_upload'] . ')'; } else { $usr_link .= ''; } if (!$lim_user) { echo <<< EOT $usr_link {$user['group_name']} {$user['user_regdate']} {$user['user_lastvisit']}

{$lang_usermgr_php['edit']}

{$lang_usermgr_php['delete']}

{$user['pic_count']} {$user['disk_usage']} {$lang_byte_units[1]} {$user['group_quota']} {$lang_byte_units[1]} EOT; } else { echo <<< EOT $usr_link {$user['group_name']} {$user['user_regdate']} {$user['user_lastvisit']} {$user['pic_count']} {$user['disk_usage']} {$lang_byte_units[1]} {$user['group_quota']} {$lang_byte_units[1]} EOT; } } // while mysql_free_result($result); $lb = "\n"; foreach($sort_codes as $key => $value) { $selected = ($key == $sort) ? "SELECTED" : ""; $lb .= " " . $lang_usermgr_php[$key] . "\n"; } $lb .= "\n"; if (!$lim_user) { echo <<

{$lang_usermgr_php['sort_by']}

$lb

EOT; } echo << $tabs EOT; endtable(); } function edit_user($user_id) { global $CONFIG, $PHP_SELF; global $lang_usermgr_php, $lang_yes, $lang_no; $form_data = array( array('input', 'user_name', $lang_usermgr_php['name'], 25), array('password', 'user_password', $lang_usermgr_php['password'], 25), array('yesno', 'user_active', $lang_usermgr_php['user_active']), array('group_list', 'user_group', $lang_usermgr_php['user_group']), array('input', 'user_email', $lang_usermgr_php['user_email'], 255), array('input', 'user_location', $lang_usermgr_php['user_location'], 255), array('input', 'user_interests', $lang_usermgr_php['user_interests'], 255), array('input', 'user_website', $lang_usermgr_php['user_web_site'], 255), array('input', 'user_occupation', $lang_usermgr_php['user_occupation'], 255) ); $sql = "SELECT * FROM {$CONFIG['TABLE_USERS']} WHERE user_id = '$user_id'"; $result = db_query($sql); if (!mysql_num_rows($result)) cpg_die(CRITICAL_ERROR, $lang_usermgr_php['err_unknown_user'], __FILE__, __LINE__); $user_data = mysql_fetch_array($result); mysql_free_result($result); starttable(500, $lang_usermgr_php['modify_user'], 2); echo << EOT; foreach ($form_data as $element) switch ($element[0]) { case 'input' : $user_data[$element[1]] = $user_data[$element[1]]; echo << {$element[2]} EOT; break; case 'password' : echo << {$element[2]} EOT; break; case 'yesno' : $value = $user_data[$element[1]]; $yes_selected = ($value == 'YES') ? 'selected' : ''; $no_selected = ($value == 'NO') ? 'selected' : ''; echo <<< EOT {$element[2]} $lang_yes $lang_no EOT; break; case 'group_list' : $sql = "SELECT group_id, group_name FROM {$CONFIG['TABLE_USERGROUPS']} ORDER BY group_name"; $result = db_query($sql); $group_list = db_fetch_rowset($result); mysql_free_result($result); $sel_group = $user_data[$element[1]]; $user_group_list = ($user_data['user_group_list'] == '') ? ',' . $sel_group . ',' : ',' . $user_data['user_group_list'] . ',' . $sel_group . ','; echo << {$element[2]} EOT; $group_cb = ''; foreach($group_list as $group) { echo ' ' . $group['group_name'] . "\n"; $checked = strpos(' ' . $user_group_list, ',' . $group['group_id'] . ',') ? 'checked' : ''; $group_cb .= '' . $group['group_name'] . "
\n"; } echo <<
$group_cb EOT; break; default: cpg_die(CRITICAL_ERROR, 'Invalid action for form creation ' . $element[0], __FILE__, __LINE__); } echo << {$lang_usermgr_php['notes']}

{$lang_usermgr_php['note_list']}

EOT; endtable(); } function update_user($user_id) { global $CONFIG, $PHP_SELF, $HTTP_POST_VARS; global $lang_usermgr_php, $lang_register_php; $user_name = addslashes(trim($HTTP_POST_VARS['user_name'])); $user_password = addslashes(trim($HTTP_POST_VARS['user_password'])); $user_email = addslashes(trim($HTTP_POST_VARS['user_email'])); $user_location = addslashes($HTTP_POST_VARS['user_location']); $user_interests = addslashes($HTTP_POST_VARS['user_interests']); $user_website = addslashes($HTTP_POST_VARS['user_website']); $user_occupation = addslashes($HTTP_POST_VARS['user_occupation']); $user_active = $HTTP_POST_VARS['user_active']; $user_group = $HTTP_POST_VARS['user_group']; $group_list = isset($HTTP_POST_VARS['group_list']) ? $HTTP_POST_VARS['group_list'] : ''; $sql = "SELECT user_id " . "FROM {$CONFIG['TABLE_USERS']} " . "WHERE user_name = '" . addslashes($user_name) . "' AND user_id != $user_id"; $result = db_query($sql); if (mysql_num_rows($result)) { cpg_die(ERROR, $lang_register_php['err_user_exists'], __FILE__, __LINE__); return false; } mysql_free_result($result); if (strlen($user_name) < 2) cpg_die(ERROR, $lang_register_php['err_uname_short'], __FILE__, __LINE__); if (strlen($user_password) && strlen($user_password) < 2) cpg_die(ERROR, $lang_register_php['err_password_short'], __FILE__, __LINE__); if (is_array($group_list)) { $user_group_list = ''; foreach($group_list as $group) $user_group_list .= ($group != $user_group) ? $group . ',' : ''; $user_group_list = substr($user_group_list, 0, -1); } else { $user_group_list = ''; } $sql_update = "UPDATE {$CONFIG['TABLE_USERS']} " . "SET " . "user_name = '$user_name', " . "user_email = '$user_email', " . "user_active = '$user_active', " . "user_group = '$user_group', " . "user_location = '$user_location', " . "user_interests = '$user_interests', " . "user_website = '$user_website', " . "user_occupation= '$user_occupation', " . "user_group_list = '$user_group_list'"; if (strlen($user_password)) $sql_update .= ", user_password = '$user_password'"; $sql_update .= " WHERE user_id = '$user_id'"; db_query($sql_update); } $op = isset($HTTP_GET_VARS['op']) ? $HTTP_GET_VARS['op'] : ''; switch ($op) { case 'edit' : $user_id = isset($HTTP_GET_VARS['user_id']) ? (int)$HTTP_GET_VARS['user_id'] : -1; if (USER_ID == $user_id) cpg_die(ERROR, $lang_usermgr_php['err_edit_self'], __FILE__, __LINE__); pageheader($lang_usermgr_php['title']); edit_user($user_id); pagefooter(); ob_end_flush(); break; case 'update' : $user_id = isset($HTTP_GET_VARS['user_id']) ? (int)$HTTP_GET_VARS['user_id'] : -1; update_user($user_id); db_query("DELETE FROM {$CONFIG['TABLE_USERS']} WHERE user_name = '' LIMIT 1"); pageheader($lang_usermgr_php['title']); list_users(); pagefooter(); ob_end_flush(); break; case 'new_user' : db_query("INSERT INTO {$CONFIG['TABLE_USERS']}(user_regdate, user_active) VALUES (NOW(), 'YES')"); $user_id = mysql_insert_id(); pageheader($lang_usermgr_php['title']); edit_user($user_id); pagefooter(); ob_end_flush(); break; default : db_query("DELETE FROM {$CONFIG['TABLE_USERS']} WHERE user_name = '' LIMIT 1"); pageheader($lang_usermgr_php['title']); list_users(); pagefooter(); ob_end_flush(); break; } ?>