"Fossies" - the Fresh Open Source Software Archive

Member "proma-0.8.3/libs/admin.lib.php" (25 Oct 2007, 9000 Bytes) of package /linux/privat/old/proma-0.8.3.tar.gz:


The requested HTML page contains a <FORM> tag that is unusable on "Fossies" in "automatic" (rendered) mode so that page is shown as HTML source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file.

    1 <?php
    2 
    3 /* ProMA (ProFTPd MySQL Admin), Copyright (C) 2002-2007 Stein Magnus Jodal
    4  * ProMA comes with ABSOLUTELY NO WARRANTY.
    5  * This is free software, and you are welcome to redistribute it
    6  * under the terms of the GNU General Public License.
    7  * Read 'COPYING' for further information.
    8  */
    9 
   10 /* ProMA Admin Library
   11  * $Id: admin.lib.php,v 1.11 2007/10/25 19:13:35 jodal Exp $
   12  */
   13 
   14 function list_users()
   15 {
   16 // Prints a list of users
   17 
   18     global $users_userid, $users_name, $users_mail, $users_homedir, $users_note, $users_count, $users_admin, $users_closed, $table_users;
   19 
   20     print "<h3>User List</h3>\n\n";
   21 
   22     $query = "SELECT
   23         $users_userid,
   24         $users_name,
   25         $users_mail,
   26         $users_homedir,
   27         $users_note,
   28         $users_count,
   29         $users_admin,
   30         $users_closed
   31     FROM
   32         $table_users
   33     ORDER BY
   34         $users_count DESC,
   35         $users_userid ASC";
   36 
   37     $result = mysql_query($query) or die("Database query failed.");
   38     $num_rows = mysql_num_rows($result);
   39 
   40     if ($num_rows > 0) {
   41         print "<table>\n";
   42         print "<tr>\n";
   43         print "     <th class=\"thh\">Username</th>\n";
   44         print "     <th class=\"thh\">Name (mail)</th>\n";
   45         print "     <th class=\"thh\">Homedir</th>\n";
   46         print "     <th class=\"thh\">Logins</th>\n";
   47         print "     <th class=\"thh\" colspan=\"3\">Action</th>\n";
   48         print "</tr>\n";
   49 
   50         while ($row = mysql_fetch_assoc($result)) {
   51             $userid     = stripslashes($row[$users_userid]);
   52             $name       = stripslashes($row[$users_name]);
   53             $mail       = stripslashes($row[$users_mail]);
   54             $homedir    = stripslashes($row[$users_homedir]);
   55             $note       = stripslashes($row[$users_note]);
   56             $count      = stripslashes($row[$users_count]);
   57             $admin      = $row[$users_admin];
   58             $closed     = $row[$users_closed];
   59 
   60             if (!empty($note)) {
   61                 $note_attr = " title=\"$note\"";
   62             } else {
   63                 $note_attr = "";
   64             }
   65 
   66             if ($closed == 1) {
   67                 print "<tr class=\"closed\"$note_attr>\n";
   68             } elseif ($admin == 1) {
   69                 print "<tr class=\"admin\"$note_attr>\n";
   70             } elseif (!empty($note)) {
   71                 print "<tr class=\"note\"$note_attr>\n";
   72             } else {
   73                 print "<tr>\n";
   74             }
   75 
   76             print "     <td>$userid</td>\n";
   77             print "     <td><a href=\"mailto:$mail\">$name</a></td>\n";
   78             print "     <td>$homedir</td>\n";
   79             print "     <td align=\"right\">$count</td>\n";
   80             print "     <td><a href=\"?page=admin&amp;action=change&amp;id=$userid\">Change</a></td>\n";
   81 
   82             if ($closed == 1) {
   83                 print "     <td><a href=\"?page=admin&amp;action=open&amp;id=$userid\">Open</a></td>\n";
   84             } else {
   85                 print "     <td><a href=\"?page=admin&amp;action=close&amp;id=$userid\">Close</a></td>\n";
   86             }
   87 
   88             print "     <td><a href=\"?page=admin&amp;action=delete&amp;id=$userid\">Delete</a></td>\n";
   89             print "</tr>\n";
   90         }
   91 
   92         print "</table>\n\n";
   93 
   94         print "<br />\n\n";
   95 
   96         print "<table>\n";
   97         print "<tr>\n";
   98         print " <th class=\"thh\">Legend:</th>\n";
   99         print " <td class=\"admin\">Admin</td>\n";
  100         print " <td class=\"closed\">New/Closed</td>\n";
  101         print " <td class=\"note\">Note</td>\n";
  102         print "</tr>\n";
  103         print "</table>\n\n";
  104     } else {
  105         print "<p>No users.</p>\n\n";
  106     }
  107 }
  108 
  109 function change($userid)
  110 {
  111 // Change user details
  112 
  113     global $_POST, $link, $table_users, $users_userid, $users_name, $users_mail, $users_passwd, $users_homedir, $users_note, $users_count, $users_admin, $users_closed;
  114 
  115     print "<h3>Change Account</h3>\n\n";
  116 
  117     if ($_POST["submit"]) {
  118     // The change form is submitted and should be processed
  119 
  120         $new_userid = addslashes($_POST["userid"]);
  121         $new_name   = addslashes($_POST["name"]);
  122         $new_mail   = addslashes($_POST["mail"]);
  123         $new_passwd1    = addslashes($_POST["new_passwd1"]);
  124         $new_passwd2    = addslashes($_POST["new_passwd2"]);
  125         $new_homedir    = addslashes($_POST["homedir"]);
  126         $new_note   = addslashes($_POST["note"]);
  127 
  128         if ($_POST["admin"] == "on") {
  129             $new_admin = 1;
  130         }
  131         if ($_POST["admin"] == "off") {
  132             $new_admin = 0;
  133         }
  134 
  135         if ($_POST["closed"] == "on") {
  136             closed($userid, 1);
  137         }
  138         if ($_POST["closed"] == "off") {
  139             closed($userid, 0);
  140         }
  141 
  142         if ($new_userid == "" || $new_passwd1 != $new_passwd2) {
  143             print "<p>Old userid or password is empty, or new passwords are not identical. <a href=\"?page=admin&amp;action=change&amp;id=$userid\">Try again</a></p>\n";
  144         } else {
  145             $query = "UPDATE
  146                 $table_users
  147             SET
  148                 $users_userid   = '$new_userid',
  149                 $users_name = '$new_name',
  150                 $users_mail = '$new_mail',
  151                 $users_homedir  = '$new_homedir',
  152                 $users_note = '$new_note',
  153                 $users_admin    = '$new_admin'";
  154 
  155             if ($new_passwd1 != "") {
  156                 $query .= ", $users_passwd = PASSWORD('$new_passwd1')";
  157             }
  158 
  159             $query .= " WHERE $users_userid = '$userid'";
  160 
  161             $result = mysql_query($query) or die("Database query failed.");
  162 
  163             print "<p>Changes applied.</p>\n";
  164         }
  165 
  166     } else {
  167     // If the change form is not submitted, print it
  168 
  169         $query = "SELECT
  170             $users_name,
  171             $users_mail,
  172             $users_homedir,
  173             $users_note,
  174             $users_count,
  175             $users_admin,
  176             $users_closed
  177         FROM
  178             $table_users
  179         WHERE
  180             $users_userid = '$userid'";
  181 
  182         $result = mysql_query($query) or die("Database query failed.");
  183         $row = mysql_fetch_assoc($result);
  184 
  185         $name       = stripslashes($row[$users_name]);
  186         $mail       = stripslashes($row[$users_mail]);
  187         $homedir    = stripslashes($row[$users_homedir]);
  188         $note       = stripslashes($row[$users_note]);
  189         $count      = $row[$users_count];
  190         $admin      = $row[$users_admin];
  191         $closed     = $row[$users_closed];
  192 
  193         if ($admin) {
  194             $admin_s = "checked=\"checked\"";
  195         }
  196         if ($closed) {
  197             $closed_s = "checked=\"checked\"";
  198         }
  199 
  200 ?>
  201 
  202 <form action="?page=admin&amp;action=change&amp;<?php print "table=$table_short&amp;id=$userid"; ?>" method="post">
  203 
  204 <table>
  205     <tr>
  206         <th class="thv">Userid</th>
  207         <td><input type="text" name="userid" value="<?php print $userid; ?>" /></td>
  208     </tr>
  209     <tr>
  210         <th class="thv">Name</th>
  211         <td><input type="text" name="name" value="<?php print $name; ?>" /></td>
  212     </tr>
  213     <tr>
  214         <th class="thv">Mail</th>
  215         <td><input type="text" name="mail" value="<?php print $mail; ?>" /></td>
  216     </tr>
  217     <tr>
  218         <th class="thv">Homedir</th>
  219         <td><input type="text" name="homedir" value="<?php print $homedir; ?>" /></td>
  220     </tr>
  221     <tr>
  222         <th class="thv">New password</th>
  223         <td><input type="password" name="new_passwd1" /> Leave blank if you wont change</td>
  224     </tr>
  225     <tr>
  226         <th class="thv">New password</th>
  227         <td><input type="password" name="new_passwd2" /> Again</td>
  228     </tr>
  229     <tr>
  230         <th class="thv">Note</th>
  231         <td><textarea name="note" cols="60" rows="6"><?php print $note; ?></textarea></td>
  232     </tr>
  233     <tr>
  234         <th class="thv">Logins</th>
  235         <td><?php print $count; ?></td>
  236     </tr>
  237     <tr>
  238         <th class="thv">Admin</th>
  239         <td><input type="checkbox" name="admin" <?php print $admin_s; ?> /></td>
  240     </tr>
  241     <tr>
  242         <th class="thv">Closed</th>
  243         <td><input type="checkbox" name="closed" <?php print $closed_s; ?> /></td>
  244     </tr>
  245 </table>
  246 
  247 <p><input type="submit" name="submit" value="Change" /></p>
  248 
  249 </form>
  250 
  251 <?php
  252     }
  253 }
  254 
  255 function closed($userid, $closed)
  256 {
  257 // Opens og closes an account
  258 
  259     global $link, $table_users, $users_userid, $users_mail, $users_passwd, $users_closed, $info_host, $mail_from, $mail_notify_account_open;
  260 
  261     $query = "SELECT
  262         $users_mail,
  263         $users_passwd
  264     FROM
  265         $table_users
  266     WHERE
  267         $users_userid = '$userid'";
  268 
  269     $result = mysql_query($query) or die("Database query failed.");
  270     $row = mysql_fetch_assoc($result);
  271 
  272     $mail = stripslashes($row[$users_mail]);
  273     $newpasswd = rot13($row[$users_passwd]);
  274 
  275     $query = "UPDATE
  276         $table_users
  277     SET
  278         $users_passwd = '$newpasswd',
  279         $users_closed = $closed
  280     WHERE
  281         $users_userid = '$userid'";
  282 
  283     $result = mysql_query($query) or die("Database query failed.");
  284 
  285     if (mysql_affected_rows($link) > 0) {
  286         if ($closed) {
  287             print "<h3>Close Account</h3>\n\n";
  288 
  289             print "<p>The user account \"$userid\" was closed.</p>\n\n";
  290         } else {
  291             print "<h3>Open Account</h3>\n\n";
  292 
  293             print "<p>The user account \"$userid\" was opened.</p>\n\n";
  294 
  295             if ($mail_notify_account_open) {
  296                 mail($mail,
  297                 "ProMA - $info_host - Account opened",
  298 "Your account at $info_host with username \"$userid\" has been opened.
  299 
  300 -- 
  301 ProMA at $info_host",
  302                 "From: $mail_from\n"
  303                 ."X-Mailer: PHP/" . phpversion());
  304             }
  305         }
  306     }
  307 }
  308 
  309 function delete($userid)
  310 {
  311 // Deletes users after a confirmation 
  312 
  313     global $_POST, $table_users, $users_userid;
  314 
  315     print "<h3>Delete Account</h3>\n\n";
  316 
  317     if ($_POST["delete"] == "Yes") {
  318     // Delete the user if confirmed
  319 
  320         $query = "DELETE FROM
  321             $table_users
  322         WHERE
  323             $users_userid = '$userid'";
  324 
  325         $result = mysql_query($query) or die("Failed to query database.");
  326         $num_rows = mysql_affected_rows();
  327 
  328         if ($num_rows) {
  329             print "<p>The user \"$userid\" was deleted.</p>\n";
  330         }
  331     } elseif ($_POST["delete"] == "No") {
  332     // If the user is not to be deleted
  333 
  334         print "<p>The user \"$userid\" was NOT deleted.</p>\n";
  335     } else {
  336     // Print request for confirmation
  337 
  338         print "<p>Do you want to delete the user \"$userid\"?</p>\n";
  339         print "<form action=\"?page=admin&amp;action=delete&amp;id=$userid\" method=\"post\">\n";
  340         print "<input type=\"submit\" name=\"delete\" value=\"Yes\" />\n";
  341         print "<input type=\"submit\" name=\"delete\" value=\"No\" />\n";
  342         print "</form>\n";
  343     }
  344 }
  345 
  346 ?>