Cutenews.1.4.1 - Cutenews / Inc / Editusers.mdu

Editusers.mdu:

<?PHP

if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permission to edit users"); }
// ********************************************************************************
// List All Available Users + Show Add User Form
// ********************************************************************************
if($action == "list")
{
echoheader("users", "Manage Users");

echo'<script language="javascript">

</script>
<table border=0 cellpading=0 cellspacing=0 width=654>
<tr>
<td width=654 colspan="6">

<table border="0" width="657" cellspacing="0" cellpadding="0" height="81" >
<tr>
<td valign="bottom" width="311" valign="top" height="1">

<b>Add User</b>

</td>
<td width="5" valign="top" rowspan="3" height="81">

</td>
<td valign="bottom" width="330" height="1"><b>User Levels</b></td>
</tr>

<tr>
<td width="311" rowspan="2" valign="top" height="60" >


<table class="panel" cellspacing="0" cellpadding="0" width="100%">
<form method=post action="'.$PHP_SELF.'">
<tr>
<td > Username</td>
<td ><input size=21 type=text name=regusername></td>
</tr>
<tr>
<td > Password</td>
<td ><input size=21 type=text name=regpassword></td>
</tr>
<tr>
<td > Nickname</td>
<td ><input size=21 type=text name=regnickname></td>
</tr>
<tr>
<td > Email</td>
<td ><input size=21 type=text name=regemail></td>
</tr>
<tr>
<td > Access Level</td>
<td ><select name=reglevel>
<option value=4>4 (commenter)</option>
<option selected value=3>3 (journalist)</option>
<option value=2>2 (editor)</option>
<option value=1>1 (administrator)</option>
</select>
</td>
</tr>
<tr>
<td > </td>
<td height="35"><input type=submit value="Add User">
<input type=hidden name=action value=adduser>
<input type=hidden name=mod value=editusers>
</td>
</tr>
</form>
</table>


</td>
<td width="330" height="1" valign="top" >


<table class="panel" cellspacing="3" cellpadding="0" width="100%">
<tr>
<td valign="top"> Administrator : have full access and privilegies<br>
 Editor : can add news and edit others posts<br>
 Journalist : can only add news (must be approved)<br>
 Commenter : only post comments</td>
</tr>
</table>


</td>
</tr>
<tr>
<td width="330" valign="top" align=center height="70"><br>


<table height="25" cellspacing="0" cellpadding="0">
<tr>
<td width="25" align=middle><img border="0" src="skins/images/help_small.gif" width="25" height="25"></td>
<td > <a onClick="javascript:Help(\'users\')" href="#">Understanding user levels</a> </td>
</tr>
</table>

</td>
</tr>
</table>


</tr>
<tr>
<td width=654 colspan="6">
</tr>
<tr>
<td width=650 colspan="6">
<img height=20 border=0 src="skins/images/blank.gif" width=1><br>
<b>Edit Users</b>
</tr>

<tr>
<td width=130 bgcolor="#F7F6F4">
 <u>Username</u>
<td width=197 bgcolor="#F7F6F4">
<u>registration date</u>
<td width=2 bgcolor="#F7F6F4">
 
<td width=83 bgcolor="#F7F6F4">
<u>written news</u>
<td width=132 bgcolor="#F7F6F4">
<u>Access Level</u>
<td width=93 bgcolor="#F7F6F4">
<u>action</u>
</tr>';

$all_users = file("./data/users.db.php");
$i = 1;
foreach($all_users as $user_line)
{
$i++; $bg = "";
if($i%2 == 0){ $bg = "bgcolor=\"#f7f6f4\""; }
if(!eregi("<\?", $user_line)){
$user_arr = explode("|", $user_line);

if(isset($user_arr[9]) and $user_arr[9] != ''){ $last_login = date('r', $user_arr[9]); }
else{ $last_login = 'never'; }

switch($user_arr[1]){
case 1: $user_level = "administrator"; break;
case 2: $user_level = "editor"; break;
case 3: $user_level = "journalist"; break;
case 4: $user_level = "commenter"; break;
}
echo"<tr $bg title='$user_arr[2]'s last login was on: $last_login'>
<td width=143>
 $user_arr[2]
<td width=197>";
echo( date("F, d Y @ H:i a", $user_arr[0]) );
echo"<td width=2>
<td width=83 >
  $user_arr[6]
<td width=122>
 $user_level
<td width=80 title=''>
<a onClick=\"javascript:popupedit('$user_arr[0]'); return(false)\" href=#>[edit]</a> <a onClick=\"javascript:confirmdelete('$user_arr[0]'); return(false)\" href=\"$PHP_SELF?mod=editusers&action=dodeleteuser&id=$user_arr[0]\">[delete]</a>
</tr>";
}
}

echo"</table>";

echofooter();
}
// ********************************************************************************
// Add User
// ********************************************************************************
elseif($action == "adduser")
{
if(!$regusername){ msg("error", "Error !!!", "Username can not be blank", "javascript:history.go(-1)"); }
if(!$regpassword){ msg("error", "Error !!!", "Password can not be blank", "javascript:history.go(-1)"); }

$all_users = file("./data/users.db.php");
foreach($all_users as $user_line)
{
$user_arr = explode("|", $user_line);
if($user_arr[2] == $regusername){ msg("error", "Error !!!", "Sory but user with this username already exist", "javascript:history.go(-1)"); }
}

$add_time = time()+($config_date_adjust*60);
$regpassword = md5($regpassword);

$old_users_file = file("./data/users.db.php");
$new_users_file = fopen("./data/users.db.php", "a");

fwrite($new_users_file, "$add_time|$reglevel|$regusername|$regpassword|$regnickname|$regemail|0|0||||\n");

fclose($new_users_file);

switch($reglevel){
case "1": $level = "administrator"; break;
case "2": $level = "editor"; break;
case "3": $level = "journalist"; break;
case "4": $level = "commenter"; break;
}
msg("info", "User Added", "The user <b>$regusername</b> was successfully added as <b>$level</b>", "$PHP_SELF?mod=editusers&action=list");
}
// ********************************************************************************
// Edit User Details
// ********************************************************************************
elseif($action == "edituser")
{

$users_file = file("./data/users.db.php");
foreach($users_file as $user_line){
$user_arr = explode("|", $user_line);
if($id == $user_arr[0]){
break;
}
}

if(isset($user_arr[9]) and $user_arr[9] != ''){ $last_login = date('r', $user_arr[9]); }
else{ $last_login = 'never'; }

echo"<html><head>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">
<title>Edit Users</title>
<style type=\"text/css\">

</style>
</head>
<body>
<form action=\"$PHP_SELF\" method=post><table width=\"828\" cellspacing=\"0\" cellpadding=\"0\" height=\"13\">
<td width=\"826\" height=\"21\" colspan=\"2\"><div class=header>$user_arr[2] <font size=\"2\">($user_arr[4])</font></div>

<tr>
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">written news
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
$user_arr[6]
</tr>

<tr>
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">last login date
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
$last_login
</tr>

<tr>
<td width=\"126\" height=\"20\">
registration date
<td height=\"20\" width=\"698\">";
echo date("r", $user_arr[0]);
echo"
</tr>

<tr>
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">
Email
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
$user_arr[5]
</tr>

<tr>
<td width=\"126\" height=\"20\">
New Password
<td height=\"20\" width=\"698\">
<input size=\"20\" name=\"editpassword\" >
</tr>

<tr>
<td width=\"126\" height=\"20\" bgcolor=\"#f7f6f4\">
Access Level
<td height=\"20\" bgcolor=\"#f7f6f4\" width=\"698\">
<select name=editlevel>";

if($user_arr[1] == 4){echo" <option value=4 selected>4 (commenter)</option>";} else {echo" <option value=4>4 (commenter)</option>";}
if($user_arr[1] == 3){echo" <option value=3 selected>3 (journalist)</option>";} else {echo" <option value=3>3 (journalist)</option>";}
if($user_arr[1] == 2){echo" <option value=2 selected>2 (editor)</option>";} else {echo" <option value=2>2 (editor)</option>";}
if($user_arr[1] == 1){echo" <option value=1 selected>1 (administrator)</option>";}else {echo" <option value=1>1 (administrator)</option>";}

echo"</select>
</tr>
<tr>
<td width=\"826\" height=\"7\" colspan=\"2\">
<br />
<input type=submit value=\"Save Changes\"> <input type=button value=\"Cancel\" onClick=\"window.close();\">
<input type=hidden name=id value=$id>
<input type=hidden name=mod value=editusers>
<input type=hidden name=action value=doedituser>
</tr>
</table></form>
</body>
</html>";

}
// ********************************************************************************
// Do Edit User
// ********************************************************************************
elseif($action == "doedituser")
{
if(!$id){ die("This is not a valid user."); }

$old_db = file("./data/users.db.php");
$new_db = fopen("./data/users.db.php", "w");
foreach($old_db as $old_db_line){
$old_db_arr = explode("|", $old_db_line);
if($id != $old_db_arr[0]){
fwrite($new_db, "$old_db_line");
}else{
if($editpassword != ""){
$old_db_arr[3] = md5($editpassword);
if($old_db_arr[2] == $username){setcookie("md5_password", $old_db_arr[3]); }
}
fwrite($new_db, "$old_db_arr[0]|$editlevel|$old_db_arr[2]|$old_db_arr[3]|$old_db_arr[4]|$old_db_arr[5]|$old_db_arr[6]|$old_db_arr[7]|$old_db_arr[8]|$old_db_arr[9]||\n");
}
}
fclose($new_db);
$result = "Changes Saved";

echo"<html>
<head>
<title>Edit Users</title>
</head>
<body bgcolor=#FFFFFF>
<table border=0 cellpading=0 cellspacing=0 width=100% height=100% >
<tr><td align=middle width=154>
<p align=right><img border=0 src=\"skins/images/info.gif\" width=60 height=57>
</td><td align=middle width=558>
<p align=left>$result
</td></tr>
</table>
</body>
</html>";

}
// ********************************************************************************
// Delete User
// ********************************************************************************
elseif($action == "dodeleteuser")
{
if(!$id){ die("This is not a valid user."); }

$old_users_file = file("./data/users.db.php");
$new_users_file = fopen("./data/users.db.php", "w");
foreach($old_users_file as $old_user_line){
$old_user_line_arr = explode("|", $old_user_line);
if($id != $old_user_line_arr[0]){
fwrite($new_users_file, $old_user_line);
}else{
$deleted = TRUE; $user = $old_user_line_arr[2];
}
}
fclose($new_users_file);

msg("info", "User Deleted", "The user $user was successfully deleted.", "$PHP_SELF?mod=editusers&action=list");
}
?>

Cutenews.1.4.1 > Cutenews / Inc / Editusers.mdu

Archive Content:

Editusers.mdu:

Other News Publishing Scripts: