Verzeichnisstruktur phpBB-1.0.0
- Veröffentlicht
- 15.12.2000
So funktioniert es
|
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
admin_users.php
001 <?php
002 /***************************************************************************
003 admin_users.php - description
004 -------------------
005 begin : Wed July 19 2000
006 copyright : (C) 2000 by James Atkinson
007 email : james@totalgeek.org
008
009 $Id: admin_users.php,v 1.19 2000/12/09 20:19:10 thefinn Exp $
010
011 ***************************************************************************/
012
013 /***************************************************************************
014 *
015 * This program is free software; you can redistribute it and/or modify
016 * it under the terms of the GNU General Public License as published by
017 * the Free Software Foundation; either version 2 of the License, or
018 * (at your option) any later version.
019 *
020 ***************************************************************************/
021 include('../extention.inc');
022 include('../functions.'.$phpEx);
023 include('../config.'.$phpEx);
024 require('../auth.'.$phpEx);
025
026 if($login) {
027 if ($username == '') {
028 die("You have to enter your username. Go back and do so.");
029 }
030 if ($password == '') {
031 die("You have to enter your password. Go back and do so.");
032 }
033 if (!check_username($username, $db)) {
034 die("Invalid username \"$username\". Go back and try again.");
035 }
036 if (!check_user_pw($username, $password, $db)) {
037 die("Invalid password. Go back and try again.");
038 }
039
040 $userdata = get_userdata($username, $db);
041 $sessid = new_session($userdata[user_id], $REMOTE_ADDR, $sesscookietime, $db);
042 set_session_cookie($sessid, $sesscookietime, $sesscookiename, $cookiepath, $cookiedomain, $cookiesecure);
043
044 header("Location: $url_admin");
045 }
046 else if(!$user_logged_in) {
047 $pagetitle = "Forum Administration";
048 $pagetype = "admin";
049 include('../page_header.'.$phpEx);
050
051 ?>
052 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="0" ALIGN="CENTER" VALIGN="TOP" WIDTH="<?php echo $TableWidth?>">
053 <TR><TD BGCOLOR="<?php echo $table_bgcolor?>">
054 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="1" WIDTH="100%">
055 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
056 <TD><P><BR><FONT FACE="<?php echo $FontFace?>" SIZE="<? echo $FontSize2?>" COLOR="<?php echo $textcolor?>">
057 Please enter your username and password to login.<BR>
058 <i>(NOTE: You MUST have cookies enabled in order to login to the administration section of this forum)</i><BR>
059 <UL>
060 <FORM ACTION="<?php echo $PHP_SELF?>" METHOD="POST">
061 <b>User Name: </b><INPUT TYPE="TEXT" NAME="username" SIZE="25" MAXLENGTH="40" VALUE="<?php echo $userdata[username]?>"><BR>
062 <b>Password: </b><INPUT TYPE="PASSWORD" NAME="password" SIZE="25" MAXLENGTH="25"><br><br>
063 <INPUT TYPE="SUBMIT" NAME="login" VALUE="Submit"> <INPUT TYPE="RESET" VALUE="Clear"></ul>
064 </FORM>
065 </TD></TR></TABLE></TD></TR></TABLE>
066 <?php
067 include('../page_tail.'.$phpEx);
068 exit();
069 }
070 else if($user_logged_in && $userdata[user_level] == 4) {
071
072 $pagetitle = "Forum Administration";
073 $pagetype = "admin";
074 include('../page_header.'.$phpEx);
075
076 switch($mode) {
077 case 'moduser':
078 if($submit && $user_id) {
079 $sql = "UPDATE users SET username = '$username', user_email = '$email', user_rank = '$rank', user_level = '$level' WHERE user_id = $user_id";
080 if(!$r = mysql_query($sql, $db))
081 die("Error could not update the database.");
082 echo "<TABLE width=\"95%\" border=\"1\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\" bordercolor=\"$table_bgcolor\">";
083 echo "<tr><td align=\"center\" width=\"100%\" bgcolor=\"$color1\"><font face=\"$FontFace\" size=\"$FontSize1\" color=\"$FontColor\"><B>User Information Updated.</B></font></td>";
084 echo "</tr><TR><TD><TABLE width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><TR>";
085 echo "<td align=\"center\" width=\"100%\" bgcolor=\"$color2\"><font face=\"$FontFace\" size=\"$FontSize1\" color=\"$FontColor\"><P><BR> Click <a href=\"$url_admin\">here</a> to return to the Administration Panel.<P>Click <a href=\"$PHP_SELF?mode=moduser\">here</a> to modify another user.</font><P><BR><P></TD>";
086 echo "</TR></table></TD></TR></TABLE>";
087 }
088 else {
089 if(!$user_id) {
090 $sql = "SELECT username, user_id FROM users ORDER BY username";
091 if(!$r = mysql_query($sql, $db))
092 die("Error connecting to the database. Please check your config.$phpEx file.");
093 if(!$m = mysql_fetch_array($r))
094 die("No users in the database.");
095 ?>
096 <FORM ACTION="<?php echo $PHP_SELF?>" METHOD="POST">
097 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="0" ALIGN="CENTER" VALIGN="TOP" WIDTH="95%"><TR><TD BGCOLOR="<?php echo $table_bgcolor?>">
098 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="1" WIDTH="100%">
099 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
100 <TD ALIGN="CENTER" COLSPAN="2"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>"><B>Select a User to Modify</B></FONT></TD>
101 </TR>
102 <TR BGCOLOR="<?php echo $color2?>" ALIGN="LEFT">
103 <TD align="right"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">User:</FONT></TD>
104 <TD><SELECT NAME="user_id">
105 <?php
106 do {
107 echo "<OPTION VALUE=\"$m[user_id]\">$m[username]</OPTION>\n";
108 } while($m = mysql_fetch_array($r));
109 ?>
110 </SELECT>
111 </TD>
112 </TR>
113 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
114 <TD ALIGN="CENTER" COLSPAN="2">
115 <INPUT TYPE="HIDDEN" NAME="mode" VALUE="moduser">
116 <INPUT TYPE="SUBMIT" NAME="modify" VALUE="Modify User">
117 <INPUT TYPE="RESET" VALUE="Clear">
118 </TD>
119 </TR>
120 </TR>
121 </TABLE></TD></TR></TABLE>
122 <?php
123 }
124 else {
125 $moduserdata = get_userdata_from_id($user_id, $db);
126 if($moduserdata[user_rank] != 0) {
127 $sql = "SELECT rank_id, rank_title FROM ranks WHERE rank_min < " . $moduserdata[user_posts] . " AND rank_max > " . $moduserdata[user_posts] . " AND rank_special = 0";
128 if(!$r = mysql_query($sql, $db))
129 die("Error connecting to the database. Please check your config.$phpEx file.");
130 list($rank_id, $rank) = @mysql_fetch_array($r);
131 }
132 else {
133 $sql = "SELECT rank_title FROM ranks WHERE rank_id = '$moduserdata[user_rank]'";
134 if(!$r = mysql_query($sql, $db))
135 die("Error connecting to the database. Please check your config.$phpEx file.");
136 list($rank) = @mysql_fetch_array($r);
137 }
138 ?>
139 <FORM ACTION="<?php echo $PHP_SELF?>" METHOD="POST">
140 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="0" ALIGN="CENTER" VALIGN="TOP" WIDTH="95%"><TR><TD BGCOLOR="<?php echo $table_bgcolor?>">
141 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="1" WIDTH="100%">
142 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
143 <TD ALIGN="CENTER" COLSPAN="2"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Modifying <b><?php echo $moduserdata[username]?></b></FONT></TD>
144 </TR>
145 <TR ALIGN="LEFT">
146 <TD ALIGN="LEFT" BGCOLOR="<?php echo $color1?>"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">User Name:</FONT></TD>
147 <TD BGCOLOR="<?php echo $color2?>"><INPUT TYPE="TEXT" NAME="username" VALUE="<?php echo $moduserdata[username]?>" MAXLENGTH=40 SIZE=25></TD>
148 </TR>
149 <TR ALIGN="LEFT">
150 <TD BGCOLOR="<?php echo $color1?>"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Email Address:</FONT></TD>
151 <TD BGCOLOR="<?php echo $color2?>"><INPUT TYPE="TEXT" NAME="email" VALUE="<?php echo $moduserdata[user_email]?>" MAXLENGTH=50 SIZE=30></TD>
152 </TR>
153 <TR ALIGN="LEFT">
154 <TD BGCOLOR="<?php echo $color1?>"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Rank:</FONT></TD>
155 <TD BGCOLOR="<?php echo $color2?>"><SELECT NAME="rank">
156 <?php
157 $sql = "SELECT rank_id, rank_title FROM ranks WHERE rank_special = 1";
158 $r = mysql_query($sql, $db);
159 if($m = mysql_fetch_array($r)) {
160 echo "<OPTION VALUE=\"0\">No Special Rank Assigned</OPTION>";
161 echo "<OPTION VALUE=\"0\">------------------------</OPTION>";
162 do {
163 unset($selected);
164 if($moduserdata[user_rank] == $m[rank_id])
165 $selected = "SELECTED";
166 echo "<OPTION VALUE=\"$m[rank_id]\" $selected>$m[rank_title]</OPTION>\n";
167 } while($m = mysql_fetch_array($r));
168 echo "</SELECT>\n";
169 }
170 else {
171 echo "<OPTION VALUE=\"0\">No Special Ranks in Database</OPTION></SELECT>\n";
172 echo "<BR><FONT FACE=\"$FontFace\" SIZE=\"$FontSize2\" COLOR=\"$textcolor\">Click <a href=\"admin_board.$phpEx?mode=rankadmin\">here</a> to add Ranks.</FONT>";
173 }
174 ?>
175 </TD>
176 </TR>
177 <TR ALIGN="LEFT">
178 <TD BGCOLOR="<?php echo $color1?>"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">User Level:</FONT></TD>
179 <TD BGCOLOR="<?php echo $color2?>"><SELECT NAME="level">
180 <?php
181 $sql = "SELECT access_id, access_title FROM access ORDER BY access_id";
182 $r = mysql_query($sql, $db);
183 if($m = mysql_fetch_array($r)) {
184 do {
185 unset($selected);
186 if($moduserdata[user_level] == $m[access_id])
187 $selected = "SELECTED";
188 echo "<OPTION VALUE=\"$m[access_id]\" $selected>$m[access_title]</OPTION>\n";
189 } while($m = mysql_fetch_array($r));
190 }
191 ?>
192 </SELECT>
193 </TD>
194 </TR>
195 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
196 <TD ALIGN="CENTER" COLSPAN="2">
197 <INPUT TYPE="HIDDEN" NAME="mode" VALUE="moduser">
198 <INPUT TYPE="HIDDEN" NAME="user_id" VALUE="<?php echo $user_id?>">
199 <INPUT TYPE="SUBMIT" NAME="submit" VALUE="Modify User">
200 <INPUT TYPE="RESET" VALUE="Clear">
201 </TD>
202 </TR>
203 </TR>
204 </TABLE></TD></TR></TABLE>
205
206
207 <?php
208 }
209 }
210 break;
211 case 'badwords':
212 if($action) {
213 switch($action) {
214 case 'Add':
215 if($word != '' && $replacement != '') {
216 $word = addslashes($word);
217 $replacement = addslashes($replacement);
218 $sql = "INSERT INTO words (word, replacement) VALUES ('$word', '$replacement')";
219 if(!$r = mysql_query($sql, $db)) {
220 echo "<CENTER><FONT FACE=\"$FontFace\" SIZE=\"$FontSize4\" COLOR=\"$textcolor\">Error. Could not insert into the DB</FONT></CENTER><BR>";
221 break;
222 }
223 else {
224 echo "<CENTER><FONT FACE=\"$FontFace\" SIZE=\"$FontSize4\" COLOR=\"$textcolor\">Word Censor Added!</FONT></CENTER><BR>";
225 }
226 }
227 else {
228 echo "<CENTER><FONT FACE=\"$FontFace\" SIZE=\"$FontSize4\" COLOR=\"$textcolor\">Error. You did not fill out all areas of the form!</CENTER><BR>";
229 }
230 break;
231 case 'Delete':
232 $sql = "DELETE FROM words WHERE word_id = '$word_id'";
233 if(!$r = mysql_query($sql, $db)) {
234 echo "<CENTER><FONT FACE=\"$FontFace\" SIZE=\"$FontSize4\" COLOR=\"$textcolor\">Error. Could not delete from the DB</FONT></CENTER><BR>";
235 break;
236 }
237 else {
238 echo "<CENTER><FONT FACE=\"$FontFace\" SIZE=\"$FontSize4\" COLOR=\"$textcolor\">Word Censor Removed!</FONT></CENTER><BR>";
239 }
240 break;
241 case 'Edit':
242 $word = addslashes($word);
243 $replacement = addslashes($replacement);
244 $sql = "UPDATE words SET word = '$word', replacement = '$replacement' WHERE word_id = '$word_id'";
245 if(!$r = mysql_query($sql, $db)) {
246 echo "<CENTER><FONT FACE=\"$FontFace\" SIZE=\"$FontSize4\" COLOR=\"$textcolor\">Error. Could not update the DB</FONT></CENTER><BR>";
247 break;
248 }
249 else {
250 echo "<CENTER><FONT FACE=\"$FontFace\" SIZE=\"$FontSize4\" COLOR=\"$textcolor\">Word Censor Updated!</FONT></CENTER><BR>";
251 }
252 break;
253 }
254 }
255 ?>
256 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="0" ALIGN="CENTER" VALIGN="TOP" WIDTH="95%"><TR><TD BGCOLOR="<?php echo $table_bgcolor?>">
257 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="1" WIDTH="100%">
258 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
259 <TD ALIGN="CENTER" COLSPAN="4"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Current Word Censors<BR>To modify a word and/or its replacement text simply change the values in the text boxes and click the Edit button.<BR>
260 To remove a censored word simply click on the 'Delete' button next to the word.</FONT></TD>
261 </TR>
262 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
263 <TD ALIGN="CENTER"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Word</FONT></TD>
264 <TD ALIGN="CENTER"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Replacement</FONT></TD>
265 <TD ALIGN="CENTER"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Edit</FONT></TD>
266 <TD ALIGN="CENTER"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Delete</FONT></TD>
267 </TR>
268 <?php
269 $sql = "SELECT * FROM words";
270 if(!$r = mysql_query($sql, $db)) {
271 echo "<TD ALIGN=\"CENTER\" COLSPAN=\"6\"><FONT FACE=\"$FontFace\" SIZE=\"$FontSize\" COLOR=\"$textcolor\">Error connecting to the database.</FONT></TD></TR></TABLE></TABLE>";
272 include('../page_tail.'.$phpEx);
273 exit();
274 }
275 if($m = mysql_fetch_array($r)) {
276 do {
277 echo "<FORM ACTION=\"$PHP_SELF\" METHOD=\"POST\">\n";
278 echo "<TR BGCOLOR=\"$color2\" ALIGN=\"CENTER\">\n";
279 echo "<TD><INPUT TYPE=\"TEXT\" NAME=\"word\" VALUE=\"" . stripslashes($m[word]) . "\" MAXLENGTH=\"50\" SIZE=\"25\"></TD>\n";
280 echo "<TD><INPUT TYPE=\"TEXT\" NAME=\"replacement\" VALUE=\"" . stripslashes($m[replacement]) . "\" MAXLENGTH=\"50\" SIZE=\"25\"></TD>\n";
281 echo "<TD><INPUT TYPE=\"HIDDEN\" NAME=\"word_id\" VALUE=\"$m[word_id]\">\n";
282 echo "<INPUT TYPE=\"HIDDEN\" NAME=\"mode\" VALUE=\"$mode\">\n";
283 echo "<INPUT TYPE=\"SUBMIT\" NAME=\"action\" VALUE=\"Edit\"></TD>\n";
284 echo "<TD><BR><INPUT TYPE=\"SUBMIT\" NAME=\"action\" VALUE=\"Delete\"></FORM></TD>\n";
285 echo "</TR>";
286 } while($m = mysql_fetch_array($r));
287 }
288 else {
289 echo "<TR BGCOLOR=\"$color1\" ALIGN=\"CENTER\"><TD COLSPAN=\"4\"><FONT FACE=\"$FontFace\" SIZE=\"$FontSize\" COLOR=\"$textcolor\">No censored words in the database. You can enter one using the form below</FONT></TD></TR>";
290 }
291 ?>
292 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
293 <TD ALIGN="CENTER" COLSPAN="4"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Add a Word<BR>Use this form to add a word censor to the database.</FONT>
294 </TD><FORM ACTION="<?php echo $PHP_SELF?>" METHOD="POST">
295 </TR>
296 <TR BGCOLOR="<?php echo $color1?>" ALIGN="CENTER">
297 <TD colspan="2"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Word</font></TD>
298 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Replacement</font></TD>
299 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Action</font></TD>
300 </TR>
301 <TR BGCOLOR="<?php echo $color2?>" ALIGN="CENTER">
302 <TD colspan="2"><INPUT TYPE="TEXT" NAME="word" MAXLENGTH="50" SIZE="25"></TD>
303 <TD><INPUT TYPE="TEXT" NAME="replacement" MAXLENGTH="50" SIZE="25"></TD>
304 <TD><INPUT TYPE="HIDDEN" NAME="mode" VALUE="<?php echo $mode?>">
305 <INPUT TYPE="SUBMIT" NAME="action" VALUE="Add"></TD>
306 </FORM>
307 </TR>
308 <?php
309 echo "</TABLE></TABLE>\n";
310 break;
311 case 'badusernames':
312 if($edit || $add || $delete) {
313 if($add) {
314 $username = addslashes($username);
315 $sql = "INSERT INTO disallow (disallow_username) VALUES ('$username')";
316 if(!$r = mysql_query($sql, $db))
317 echo "<CENTER><font size=+1>Error - Could not add username. Please try again.</font></center>";
318 else
319 echo "<CENTER><font size=+1>Username Added</font></center>";
320 }
321 else if($delete) {
322 $sql = "DELETE FROM disallow WHERE disallow_id = '$id'";
323 if(!$$r = mysql_query($sql, $db))
324 echo "<CENTER><font size=+1>Error - Could not remove username. Please try again.</font></center>";
325 else
326 echo "<CENTER><font size=+1>Username Removed</font></center>";
327 }
328 else if($edit) {
329 $username = addslashes($username);
330 $sql = "UPDATE disallow SET disallow_username = '$username' WHERE disallow_id = '$id'";
331 if(!$r = mysql_query($sql, $db))
332 echo "<CENTER><font size=+1>Error - Could not update the database. Please try again.</font></center>";
333 else
334 echo "<CENTER><font size=+1>Username Updated</font></center>";
335 }
336 }
337 ?>
338 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="0" ALIGN="CENTER" VALIGN="TOP" WIDTH="95%"><TR><TD BGCOLOR="<?php echo $table_bgcolor?>">
339 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="1" WIDTH="100%">
340 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
341 <TD ALIGN="CENTER" COLSPAN="3"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Current Disallowed Usernames<BR>You can edit an entry by altering the text in the boxes and pressing the 'Edit' button
342 <BR>You can remove an entry by clicking its 'Delete' button.</FONT></TD>
343 </TR>
344 <TR BGCOLOR="<?php echo $color1?>" ALIGN="CENTER">
345 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Disallowed Username</FONT></TD>
346 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Edit</FONT></TD>
347 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Delete</FONT></TD>
348 </TR>
349 <?php
350 $sql = "SELECT disallow_id, disallow_username FROM disallow";
351 if(!$r = mysql_query($sql, $db)) {
352 echo "<TR BGCOLOR=\"$color1\" ALIGN=\"LEFT\"><TD COLSPAN=\"3\">Error - Could not query the database. Please check your config.$phpEx file.</TD></TR></TABLE></TABLE>";
353 include('../page_tail.'.$phpEx);
354 exit();
355 }
356 if($m = mysql_fetch_array($r)) {
357 do {
358 echo "<TR BGCOLOR=\"$color2\" ALIGN=\"CENTER\">\n";
359 echo "<TD><FORM ACTION=\"$PHP_SELF\" METHOD=\"POST\"><INPUT TYPE=\"TEXT\" NAME=\"username\" VALUE=\"" . stripslashes($m[disallow_username]) . "\" MAXLENGTH=\"40\" SIZE=\"25\"></TD>\n";
360 echo "<TD><INPUT TYPE=\"HIDDEN\" NAME=\"mode\" VALUE=\"$mode\"><INPUT TYPE=\"HIDDEN\" NAME=\"id\" VALUE=\"$m[disallow_id]\">";
361 echo "<INPUT TYPE=\"SUBMIT\" NAME=\"edit\" VALUE=\"Edit\"></TD>\n";
362 echo "<TD><INPUT TYPE=\"SUBMIT\" NAME=\"delete\" VALUE=\"Delete\"></FORM></TD></TR>\n";
363 } while($m = mysql_fetch_array($r));
364 }
365 else
366 echo "<TR BGCOLOR=\"$color2\" ALIGN=\"CENTER\"><TD COLSPAN=\"3\">No Disallowed usernames in the database, use the form below to add one.</TD></TR>";
367 ?>
368 <TR BGCOLOR="<?php echo $color1?>" ALIGN="CENTER">
369 <TD COLSPAN="3"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Disallow a Username<BR>Use the following form to add usernames to the disallowed list.</FONT></TD>
370 </TR>
371 <TR BGCOLOR="<?php echo $color2?>" ALIGN="CENTER">
372 <TD><FORM ACTION="<?php echo $PHP_SELF?>" METHOD="POST">
373 <INPUT TYPE="TEXT" NAME="username" MAXLENGTH="50" SIZE="25">
374 </TD>
375 <TD COLSPAN="2"><INPUT TYPE="HIDDEN" NAME="mode" VALUE="<?php echo $mode?>">
376 <INPUT TYPE="SUBMIT" NAME="add" VALUE="Add Username"></FORM>
377 </TD>
378 </TR>
379 </TABLE>
380 </TABLE>
381 <?php
382 break;
383 case 'remuser':
384 if($submit) {
385 if($type == "hard") {
386 $deluserdata = get_userdata_from_id($user_id, $db);
387 if($deluserdata[user_posts] > 0) {
388 echo "Error. This use has posted messages on the forums, therefor he/she cannot be hard deleted. Please go back and 'soft delete' this user if you want to remove them.";
389 include('../page_tail.'.$phpEx);
390 exit();
391 }
392 $sql = "DELETE FROM users WHERE user_id = '$user_id'";
393 }
394 else
395 $sql = "UPDATE users SET user_level = -1 WHERE user_id = '$user_id'";
396 if(!$r = mysql_query($sql, $db)) {
397 echo "Error - Could not remove user from the database.";
398 include('../page_tail.'.$phpEx);
399 exit();
400 }
401 $sql = "DELETE FROM forum_mods WHERE user_id = '$user_id'";
402 if(!$r = mysql_query($sql, $db)) {
403 echo "Error - Could not remove user from the database.";
404 include('../page_tail.'.$phpEx);
405 exit();
406 }
407 echo "<TABLE width=\"95%\" border=\"1\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\" bordercolor=\"$table_bgcolor\">";
408 echo "<tr><td align=\"center\" width=\"100%\" bgcolor=\"$color1\"><font face=\"$FontFace\" size=\"$FontSize1\" color=\"$FontColor\"><B>User Removed.</B></font></td>";
409 echo "</tr><TR><TD><TABLE width=\"100%\" cellspacing=\"0\" cellpadding=\"0\"><TR>";
410 echo "<td align=\"center\" width=\"100%\" bgcolor=\"$color2\"><font face=\"$FontFace\" size=\"$FontSize1\" color=\"$FontColor\"><P><BR> Click <a href=\"$url_admin\">here</a> to return to the Administration Panel.<P>Click <a href=\"$url_phpbb\">here</a> to return to the forum index.</font><P><BR><P></TD>";
411 echo "</TR></table></TD></TR></TABLE>";
412 }
413 else {
414
415 $sql = "SELECT username, user_id FROM users WHERE user_id != -1 ORDER BY username";
416 if(!$r = mysql_query($sql, $db))
417 die("Error connecting to the database. Please check your config.$phpEx file.");
418 if(!$m = mysql_fetch_array($r))
419 die("No users in the database.");
420 ?>
421 <FORM ACTION="<?php echo $PHP_SELF?>" METHOD="POST">
422 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="0" ALIGN="CENTER" VALIGN="TOP" WIDTH="95%"><TR><TD BGCOLOR="<?php echo $table_bgcolor?>">
423 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="1" WIDTH="100%">
424 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
425 <TD ALIGN="CENTER" COLSPAN="2"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>"><B>Select a User to Remove from the Database</B></FONT></TD>
426 </TR>
427 <TR BGCOLOR="<?php echo $color2?>" ALIGN="LEFT">
428 <TD align="right"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">User:</FONT></TD>
429 <TD><SELECT NAME="user_id">
430 <?php
431 do {
432 echo "<OPTION VALUE=\"$m[user_id]\">$m[username]</OPTION>\n";
433 } while($m = mysql_fetch_array($r));
434 ?>
435 </SELECT>
436 </TD>
437 </TR>
438 <TR BGCOLOR="<?php echo $color2?>" ALIGN="LEFT">
439 <TD ALIGN="right"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Deletion Type:</FONT></TD>
440 <TD><INPUT TYPE="RADIO" NAME="type" VALUE="hard"> Hard Delete <i>(Remove the users record from the users database, you may not hard delete users who have posted messages!)</i><BR>
441 <INPUT TYPE="RADIO" NAME="type" VALUE="soft" CHECKED> Soft Delete <i>(The users record remains but they cannot login, post, reply etc etc. This is safer)</i></TD>
442 </TR>
443 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
444 <TD ALIGN="CENTER" COLSPAN="2">
445 <INPUT TYPE="HIDDEN" NAME="mode" VALUE="remuser">
446 <INPUT TYPE="SUBMIT" NAME="submit" VALUE="Delete User">
447 <INPUT TYPE="RESET" VALUE="Clear">
448 </TD>
449 </TR>
450 </TR>
451 </TABLE></TD></TR></TABLE>
452
453 <?php
454 }
455 break;
456 case 'banuser':
457 if($add) {
458 $starttime = mktime (date("H"), date("i"), date("s"), date("m"), date("d"), date("Y"));
459 switch($durtype) {
460 case 1:
461 $type = 1;
462 break;
463 case 2:
464 $type = 60;
465 break;
466 case 3:
467 $type = 3600;
468 break;
469 case 4:
470 $type = 86400;
471 break;
472 case 5:
473 $type = 31536000;
474 break;
475 }
476 if(!isset($duration))
477 $duration = 0;
478
479 if($duration != 0)
480 $endtime = $starttime + ($duration * $type);
481 else
482 $endtime = 0;
483
484 if($banby == 1) {
485 $sql = "INSERT INTO banlist (ban_ip, ban_start, ban_end, ban_time_type) VALUES ('$ipuser', '$starttime', '$endtime', '$durtype')";
486 if(!$r = mysql_query($sql, $db))
487 echo "<font size=\"$FontSize4\"><center>Error. Could not add ban!</center></font><br>";
488 echo "<font size=\"$FontSize4\"><center>Ban Added</center></font><br>";
489 }
490 else {
491 $banuserdata = get_userdata($ipuser, $db);
492 if($banuserdata[user_id]) {
493 $sql = "INSERT INTO banlist (ban_userid, ban_start, ban_end, ban_time_type) VALUES ('$banuserdata[user_id]', '$starttime', '$endtime', '$durtype')";
494
495 if(!$r = mysql_query($sql, $db))
496 echo "<font size=\"$FontSize4\"><center>Error. Could not add ban!</center></font><br>";
497 echo "<font size=\"$FontSize4\"><center>Ban Added</center></font><br>";
498 }
499 else
500 echo "<font size=\"$FontSize4\"><center>Error. No such user!</center></font>";
501 }
502 }
503 else if($del) {
504 $sql = "DELETE FROM banlist WHERE ban_id = '$ban_id'";
505 if(!$r = mysql_query($sql, $db))
506 echo "<font size=\"$FontSize4\"><center>Error. Could not remove ban!</center></font><br>";
507 echo "<font size=\"$FontSize4\"><center>Ban Removed</center></font><br>";
508
509 }
510 else if($edit) {
511 $starttime = mktime (date("H"), date("i"), date("s"), date("m"), date("d"), date("Y"));
512 switch($unit) {
513 case 1:
514 $type = 1;
515 break;
516 case 2:
517 $type = 60;
518 break;
519 case 3:
520 $type = 3600;
521 break;
522 case 4:
523 $type = 86400;
524 break;
525 case 5:
526 $type = 31536000;
527 break;
528 }
529 if(!isset($dur))
530 $dur = 0;
531
532 if($dur != 0)
533 $endtime = $starttime + ($dur * $type);
534 else
535 $endtime = 0;
536 if(isset($ipaddy))
537 $sql = "UPDATE banlist SET ban_ip = '$ipaddy', ban_start = '$starttime', ban_end = '$endtime', ban_time_type = '$unit' WHERE ban_id = '$ban_id'";
538 else {
539 $banneduserdata = get_userdata($user_name, $db);
540 $sql = "UPDATE banlist SET ban_userid = '$banneduserdata[user_id]', ban_start = '$starttime', ban_end = '$endtime', ban_time_type = '$unit' WHERE ban_id = '$ban_id'";
541 }
542
543 if(!$r = mysql_query($sql, $db))
544 echo "<font size=\"$FontSize4\"><center>Error. Ban could not be updated</center></font>";
545 echo "<center><font size=\"$FontSize4\">Ban Modified</font></center>";
546 }
547
548
549 ?>
550 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="0" ALIGN="CENTER" VALIGN="TOP" WIDTH="95%"><TR><TD BGCOLOR="<?php echo $table_bgcolor?>">
551 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="1" WIDTH="100%">
552 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
553 <TD ALIGN="CENTER" COLSPAN="4"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Current Banned IPs<BR>You can edit an entry by altering the text in the boxes and pressing the 'Edit' button
554 <BR>You can remove an entry by clicking its 'Delete' button.</FONT></TD>
555 </TR>
556 <TR BGCOLOR="<?php echo $color1?>" ALIGN="CENTER">
557 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">IP Address</FONT></TD>
558 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Duration</FONT></TD>
559 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Edit</FONT></TD>
560 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Delete</FONT></TD>
561 </TR>
562 <?php
563 $sql = "SELECT * FROM banlist WHERE ban_ip";
564 if(!$r = mysql_query($sql, $db))
565 echo "<tr bgcolor=\"$color2\" align=\"center\"><td colspan=\"4\"><b>Error quering the database!</b></td></tr>";
566 while($banlist = mysql_fetch_array($r)) {
567 unset($dur);
568 unset($unit);
569 echo "<tr bgcolor=\"$color2\" align=\"center\"><td><form action=\"$PHP_SELF\" method=\"POST\"><input type=\"text\" name=\"ipaddy\" value=\"$banlist[ban_ip]\" size=\"32\"></td>\n";
570 $type = $banlist[ban_time_type];
571 if($banlist[ban_end] == 0) {
572 $dur = "Parmanent";
573 $unit = "Ban";
574 }
575 else {
576 switch($type) {
577 case 1:
578 $dur = ($banlist[ban_end] - $banlist[ban_start]);
579 $unit = "Seconds";
580 $s = "SELECTED";
581 break;
582 case 2:
583 $dur = ($banlist[ban_end] - $banlist[ban_start]) / 60;
584 $unit = "Minutes";
585 $m = "SELECTED";
586 break;
587 case 3:
588 $dur = ($banlist[ban_end] - $banlist[ban_start]) / 3600;
589 $unit = "Hours";
590 $h = "SELECTED";
591 break;
592 case 4:
593 $dur = ($banlist[ban_end] - $banlist[ban_start]) / 86400;
594 $unit = "Days";
595 $d = "SELECTED";
596 break;
597 case 5:
598 $dur = ($banlist[ban_end] - $banlist[ban_start]) / 31536000;
599 $unit = "Years";
600 $y = "SELECTED";
601 break;
602 }
603 }
604
605 if($unit != "Ban") {
606 echo "<td align=\"center\"><input type=\"text\" name=\"dur\" size=\"".strlen($dur)."\" maxlengh=\"25\" value=\"$dur\">\n";
607 echo "<select name=\"unit\"><option value=\"1\" $s>Seconds</option>
608 <option value=\"2\" $m>Minutes</option>
609 <option value=\"3\" $h>Hours</option>
610 <option value=\"4\" $d>Days</option>
611 <option value=\"5\" $y>Years</option></select></td>";
612 }
613 else {
614 echo "<td align=\"center\">$dur $unit</td>";
615 }
616 echo "<td><input type=\"HIDDEN\" name=\"ban_id\" value=\"$banlist[ban_id]\">";
617 echo "<input type=\"hidden\" name=\"mode\" value=\"$mode\">";
618 echo "<input type=\"submit\" name=\"edit\" value=\"Edit\"></td>";
619 echo "<td><br><input type=\"submit\" name=\"del\" value=\"Delete\"></form></td>";
620 echo "</tr>";
621 }
622 ?>
623 <TR BGCOLOR="<?php echo $color1?>" ALIGN="LEFT">
624 <TD ALIGN="CENTER" COLSPAN="4"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Current Banned Usernames<BR>You can edit an entry by altering the text in the boxes and pressing the 'Edit' button
625 <BR>You can remove an entry by clicking its 'Delete' button.</FONT></TD>
626 </TR>
627 <TR BGCOLOR="<?php echo $color1?>" ALIGN="CENTER">
628 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Username</FONT></TD>
629 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Duration</FONT></TD>
630 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Edit</FONT></TD>
631 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Delete</FONT></TD>
632 </TR>
633 <?php
634 unset($banlist);
635 unset($dur);
636 unset($unit);
637 $sql = "SELECT * FROM banlist WHERE ban_userid";
638 if(!$r = mysql_query($sql, $db))
639 echo "<tr bgcolor=\"$color2\"><td colspan=\"4\"><b>Error quering the database!</b></td></tr>";
640 while($banlist = mysql_fetch_array($r)) {
641 $banuserdata = get_userdata_from_id($banlist[ban_userid], $db);
642 echo "<tr bgcolor=\"$color2\" align=\"center\"><td align=\"center\"><form action=\"$PHP_SELF\" method=\"POST\"><input type=\"text\" name=\"user_name\" value=\"$banuserdata[username]\" maxlenght=\"35\" size=\"25\"></td>\n";
643 $type = $banlist[ban_time_type];
644 if($banlist[ban_end] == 0) {
645 $dur = "Permanent";
646 $unit = "Ban";
647 }
648 else {
649 switch($type) {
650 case 1:
651 $dur = ($banlist[ban_end] - $banlist[ban_start]);
652 $unit = "Seconds";
653 $s = "SELECTED";
654 break;
655 case 2:
656 $dur = ($banlist[ban_end] - $banlist[ban_start]) / 60;
657 $unit = "Minutes";
658 $m = "SELECTED";
659 break;
660 case 3:
661 $dur = ($banlist[ban_end] - $banlist[ban_start]) / 3600;
662 $unit = "Hours";
663 $h = "SELECTED";
664 break;
665 case 4:
666 $dur = ($banlist[ban_end] - $banlist[ban_start]) / 86400;
667 $unit = "Days";
668 $d = "SELECTED";
669 break;
670 case 5:
671 $dur = ($banlist[ban_end] - $banlist[ban_start]) / 31536000;
672 $unit = "Years";
673 $y = "SELECTED";
674 break;
675 }
676 }
677 if($unit != "Ban") {
678 echo "<td align=\"center\"><input type=\"text\" name=\"dur\" size=\"".strlen($dur)."\" maxlengh=\"25\" value=\"$dur\">\n";
679 echo "<select name=\"unit\"><option value=\"1\" $s>Seconds</option>
680 <option value=\"2\" $m>Minutes</option>
681 <option value=\"3\" $h>Hours</option>
682 <option value=\"4\" $d>Days</option>
683 <option value=\"5\" $y>Years</option></select></td>";
684 }
685 else {
686 echo "<td align=\"center\">$dur $unit</td>";
687 }
688 echo "<td align=\"center\"><input type=\"HIDDEN\" name=\"ban_id\" value=\"$banlist[ban_id]\">";
689 echo "<input type=\"submit\" name=\"edit\" value=\"Edit\"></td>";
690 echo "<input type=\"hidden\" name=\"mode\" value=\"$mode\">";
691 echo "<td align=\"center\"><br><input type=\"submit\" name=\"del\" value=\"Delete\"></form></td>";
692 echo "</tr>";
693 }
694 ?>
695
696
697 <TR BGCOLOR="<?php echo $color1?>" ALIGN="CENTER">
698 <TD COLSPAN="4"><FONT FACE="<?php echo $FontFace?>" SIZE="<?php echo $FontSize2?>" COLOR="<?php echo $textcolor?>">Add a ban<BR>Use the following form to add IPs or Usernames to the banlist.<br>
699 To ban a range of IPs simply do not enter the final IP number ie: 192.168.1. Will ban 192.168.1.0-255<br>
700 Bans will be automaticly removed from the database when they expire, to create a perminant ban simply enter nothing in the duration field.</FONT></TD>
701 </TR>
702 <tr bgcolor="<?php echo $color1?>" ALIGN="CENTER">
703 <td>IP/Username</td>
704 <td>Duration</td>
705 <td colspan="2">Add</td>
706 </tr>
707 <TR BGCOLOR="<?php echo $color2?>" ALIGN="CENTER">
708 <TD><FORM ACTION="<?php echo $PHP_SELF?>" METHOD="POST">
709 <INPUT TYPE="TEXT" NAME="ipuser" MAXLENGTH="50" SIZE="25">
710 <select name="banby"><option value="1">IP address</option><option value="2">Username</option></select>
711 </TD>
712 <td><input type="text" name="duration" maxlength="32" size="15">
713 <select name="durtype"><option value="1">Seconds</option>
714 <option value="2">Minutes</option>
715 <option value="3">Hours</option>
716 <option value="4">Days</option>
717 <option value="5">Years</option></select>
718 </td>
719 <TD COLSPAN="2"><INPUT TYPE="HIDDEN" NAME="mode" VALUE="<?php echo $mode?>">
720 <br><INPUT TYPE="SUBMIT" NAME="add" VALUE="Add Ban"></FORM>
721 </TD>
722 </TR>
723 </TABLE>
724 </TABLE>
725
726
727
728
729 <?php
730 break;
731 }
732 }
733 else {
734 $pagetype = "admin";
735 $pagetitle = "Access Denied!";
736
737 include('../page_header.'.$phpEx);
738 ?>
739 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="0" ALIGN="CENTER" VALIGN="TOP" WIDTH="<?php echo $TableWidth?>">
740 <TR><TD BGCOLOR="<?php echo $table_bgcolor?>">
741 <TABLE BORDER="0" CELLPADDING="1" CELLSPACING="1" WIDTH="100%">
742 <TR BGCOLOR="<?php echo $color1?>" ALIGN="center" VALIGN="TOP">
743 <TD><FONT FACE="<?php echo $FontFace?>" SIZE="<? echo $FontSize2?>" COLOR="<?php echo $textcolor?>">
744 <B>You do not have acess to this area!</b><BR>
745 Go <a href="<?php echo $url_phpbb?>">Back</a>
746 </TD></TR></TABLE></TD></TR></TABLE>
747 <?php
748 }
749
750
751 include('../page_tail.'.$phpEx);
752 ?>
753