"User", 50 => "Devel", 100 => "Admin" ); // // 'account_header()' - Show standard account page header... // function account_header($title) { html_header("$title"); html_start_links(1); html_link("$title", "$PHP_SELF?L"); html_link("Manage Accounts", "$PHP_SELF?A"); html_link("Manage Comments", "comment.php?l"); html_link("Change Password", "$PHP_SELF?P"); html_link("Logout", "$PHP_SELF?X"); html_end_links(); print("
Account added successfully!
\n"); html_start_links(1); html_link("Return to Manage Accounts", "$PHP_SELF?A"); html_end_links(); } else { $name = htmlspecialchars($name, ENT_QUOTES); $email = htmlspecialchars($email, ENT_QUOTES); print("\n"); } html_footer(); } else if ($data == "disable") { // Disable accounts... if ($REQUEST_METHOD == "POST") { db_query("BEGIN TRANSACTION"); reset($_POST); while (list($key, $val) = each($_POST)) if (substr($key, 0, 3) == "ID_") { $id = (int)substr($key, 3); db_query("UPDATE users SET is_published = 0 WHERE id = $id"); } db_query("COMMIT TRANSACTION"); } header("Location: $PHP_SELF?A"); } else if ($data == "modify") { // Modify account... if ($argc != 2 || $argv[1] == "") { header("Location: $PHP_SELF?A"); exit(); } $name = $argv[1]; if ($REQUEST_METHOD == "POST") { // Get data from form... if (array_key_exists("IS_PUBLISHED", $_POST)) $is_published = (int)$_POST["IS_PUBLISHED"]; else $is_published = 1; if (array_key_exists("EMAIL", $_POST)) $email = $_POST["EMAIL"]; else $email = ""; if (array_key_exists("PASSWORD", $_POST)) $password = $_POST["PASSWORD"]; else $password = ""; if (array_key_exists("PASSWORD2", $_POST)) $password2 = $_POST["PASSWORD2"]; else $password2 = ""; if (array_key_exists("LEVEL", $_POST)) $level = (int)$_POST["LEVEL"]; else $level = 0; if ($email != "" && (($password == "" && $password2 == "") || $password == $password2)) $havedata = 1; else $havedata = 0; } else { // Get data from existing account... $result = db_query("SELECT * FROM users WHERE " ."name='" . db_escape($name) ."'"); if (db_count($result) != 1) { header("Location: $PHP_SELF?A"); exit(); } $row = db_next($result); $is_published = $row["is_published"]; $email = $row["email"]; $level = $row["level"]; $password = ""; $password2 = ""; $havedata = 0; db_free($result); } account_header("Manage Accounts"); if ($havedata) { // Store new data... if ($password != "") $hash = ", hash='" . md5("$name:$password") . "'"; else $hash = ""; $name = db_escape($name); $email = db_escape($email); $date = time(); db_query("UPDATE users SET " ."email='$email'$hash, level='$level', " ."is_published=$is_published, modify_user='$LOGIN_USER', " ."modify_date = $date WHERE name='$name'"); print("Account modified successfully!
\n"); html_start_links(1); html_link("Return to Manage Accounts", "$PHP_SELF?A"); html_end_links(); } else { $name = htmlspecialchars($name, ENT_QUOTES); $email = htmlspecialchars($email, ENT_QUOTES); print("\n"); } html_footer(); } else { // List accounts... account_header("Manage Accounts"); $result = db_query("SELECT * FROM users ORDER BY name"); print("\n"); } html_footer(); break; } // // End of "$Id: account.php,v 1.7 2004/05/19 02:57:18 mike Exp $". // ?>