Initial commit Change-Id: I0000000000000000000000000000000000000000
This commit is contained in:
155
user_manager.php
Executable file
155
user_manager.php
Executable file
@@ -0,0 +1,155 @@
|
||||
<?php
|
||||
/**
|
||||
User manager page
|
||||
@author ricky barrette
|
||||
@author Twenty Codes, LLC
|
||||
*/
|
||||
include("classes/auth.php");
|
||||
require_once('classes/conf.php');
|
||||
include_once('classes/users.php');
|
||||
include("classes/header.php");
|
||||
$users = new users(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);
|
||||
|
||||
$user = $_SESSION['username'];
|
||||
|
||||
|
||||
if($_POST['submitted'] == 1){
|
||||
$users->new_user($_POST['username'], $_POST['password'], $_POST['access'], $_POST['email']);
|
||||
echo "Added new user ". $_POST['username'];
|
||||
}
|
||||
|
||||
if($_POST['submitted'] == 2){
|
||||
if($users->change_password($_POST['username'], $_POST['old_password'], $_POST['new_password']))
|
||||
echo "Changed ". $_POST['username'] ."'s Password.";
|
||||
else
|
||||
echo"Failed to change password, check Username and Password";
|
||||
}
|
||||
|
||||
if($_REQUEST['user'])
|
||||
if($_REQUEST['email']){
|
||||
$users->delete_user($_REQUEST['user'], $_REQUEST['email']);
|
||||
echo "Deleted ".$_REQUEST['user'];
|
||||
}
|
||||
|
||||
|
||||
echo <<<SCRIPTS
|
||||
<script type="text/javascript" src="scripts/jquery.js"></script>
|
||||
<script type="text/javascript" src="scripts/jquery.sha256.js"></script>
|
||||
<script type="text/javascript">
|
||||
function addUser (form) {
|
||||
form.password.value = $.sha256(form.password.value+form.username.value);
|
||||
form.submit();
|
||||
}
|
||||
|
||||
function changePass (form) {
|
||||
form.old_password.value = $.sha256(form.old_password.value+form.username.value);
|
||||
form.new_password.value = $.sha256(form.new_password.value+form.username.value);
|
||||
form.submit();
|
||||
}
|
||||
</script>
|
||||
SCRIPTS;
|
||||
|
||||
/**
|
||||
Everythign inside this ifblock requires admin access
|
||||
*/
|
||||
if($_SESSION['access'] == "admin") {
|
||||
|
||||
echo "<a href=\"content_manager.php?pagekey=new_user_email\">Edit New User Email</a>";
|
||||
|
||||
echo $users->display_users();
|
||||
echo <<<ADD_USER
|
||||
<br/>
|
||||
|
||||
<form id='add_user' name='add_user' action='user_manager.php' method='POST' accept-charset='UTF-8'>
|
||||
<fieldset >
|
||||
<legend>Add User</legend>
|
||||
<input type='hidden' name='submitted' id='submitted' value='1'/>
|
||||
|
||||
<div class="clearfix">
|
||||
<label for='username' >UserName:</label>
|
||||
<div class="input">
|
||||
<input type='text' name='username' id='username' maxlength="50" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
<div class="clearfix">
|
||||
<label for='password' >Password:</label>
|
||||
<div class="input">
|
||||
<input type='password' name='password' id='password' maxlength="50" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="clearfix">
|
||||
<label for='access' >Access:</label>
|
||||
<div class="input">
|
||||
<input type='text' name='access' id='access' maxlength="50" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="clearfix">
|
||||
<label for='email' >Email:</label>
|
||||
<div class="input">
|
||||
<input type='text' name='email' id='email' maxlength="50" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="actions">
|
||||
<button type="submit" class="btn primary" onClick="addUser(this.form)" >Add User</button>
|
||||
<button type="reset" class="btn">Cancel</button>
|
||||
</div>
|
||||
|
||||
</fieldset>
|
||||
</form>
|
||||
ADD_USER;
|
||||
}
|
||||
|
||||
|
||||
echo <<<CHANGE_PASS
|
||||
<form action='user_manager.php' method='POST' accept-charset='UTF-8'>
|
||||
<fieldset >
|
||||
<legend>Change Password</legend>
|
||||
<input type='hidden' name='submitted' id='submitted' value='2'/>
|
||||
|
||||
CHANGE_PASS;
|
||||
|
||||
|
||||
if($_SESSION['access'] == "admin")
|
||||
echo <<<CHANGE_PASS
|
||||
<div class="clearfix">
|
||||
<label for='username' >UserName:</label>
|
||||
<div class="input">
|
||||
<input type='text' name='username' id='username' maxlength="50" value="$user"/>
|
||||
</div>
|
||||
</div>
|
||||
CHANGE_PASS;
|
||||
else
|
||||
echo "<input type='hidden' name='username' id='username' value='$user'/>";
|
||||
|
||||
|
||||
echo <<<CHANGE_PASS
|
||||
<div class="clearfix">
|
||||
<label for='password' >Old Password:</label>
|
||||
<div class="input">
|
||||
<input type='password' name='old_password' id='old_password' maxlength="50" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="clearfix">
|
||||
<label for='password' >New Password:</label>
|
||||
<div class="input">
|
||||
<input type='password' name='new_password' id='new_password' maxlength="50" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="actions">
|
||||
<button type="submit" class="btn primary" onClick="changePass(this.form)" >Change Password</button>
|
||||
<button type="reset" class="btn">Cancel</button>
|
||||
</div>
|
||||
|
||||
</fieldset>
|
||||
</form>
|
||||
CHANGE_PASS;
|
||||
|
||||
include("classes/footer.php");
|
||||
?>
|
||||
Reference in New Issue
Block a user