ricky/exception_handler_website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
70806096b6797e147a6127fd50c4d9048f66a8d2
exception_handler_website/user_manager.php

156 lines
4.0 KiB
PHP
Executable File
Raw Blame History

<?php
/**
User manager page
@author ricky barrette
@author Twenty Codes, LLC
*/
include("classes/auth.php");
require_once('classes/conf.php');
include_once('classes/users.php');
include("classes/header.php");
$users = new users(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);
$user = $_SESSION['username'];
if($_POST['submitted'] == 1){
$users->new_user($_POST['username'], $_POST['password'], $_POST['access'], $_POST['email']);
echo "Added new user ". $_POST['username'];
}
if($_POST['submitted'] == 2){
if($users->change_password($_POST['username'], $_POST['old_password'], $_POST['new_password']))
echo "Changed ". $_POST['username'] ."'s Password.";
else
echo"Failed to change password, check Username and Password";
}
if($_REQUEST['user'])
if($_REQUEST['email']){
$users->delete_user($_REQUEST['user'], $_REQUEST['email']);
echo "Deleted ".$_REQUEST['user'];
}
echo <<<SCRIPTS
<script type="text/javascript" src="scripts/jquery.js"></script>
<script type="text/javascript" src="scripts/jquery.sha256.js"></script>
<script type="text/javascript">
function addUser (form) {
form.password.value = $.sha256(form.password.value+form.username.value);
form.submit();
}
function changePass (form) {
form.old_password.value = $.sha256(form.old_password.value+form.username.value);
form.new_password.value = $.sha256(form.new_password.value+form.username.value);
form.submit();
}
</script>
SCRIPTS;
/**
Everythign inside this ifblock requires admin access
*/
if($_SESSION['access'] == "admin") {
echo "<a href=\"content_manager.php?pagekey=new_user_email\">Edit New User Email</a>";
echo $users->display_users();
echo <<<ADD_USER
<br/>
<form id='add_user' name='add_user' action='user_manager.php' method='POST' accept-charset='UTF-8'>
<fieldset >
<legend>Add User</legend>
<input type='hidden' name='submitted' id='submitted' value='1'/>
<div class="clearfix">
<label for='username' >UserName:</label>
<div class="input">
<input type='text' name='username' id='username' maxlength="50" />
</div>
</div>
<div class="clearfix">
<label for='password' >Password:</label>
<div class="input">
<input type='password' name='password' id='password' maxlength="50" />
</div>
</div>
<div class="clearfix">
<label for='access' >Access:</label>
<div class="input">
<input type='text' name='access' id='access' maxlength="50" />
</div>
</div>
<div class="clearfix">
<label for='email' >Email:</label>
<div class="input">
<input type='text' name='email' id='email' maxlength="50" />
</div>
</div>
<div class="actions">
<button type="submit" class="btn primary" onClick="addUser(this.form)" >Add User</button>
<button type="reset" class="btn">Cancel</button>
</div>
</fieldset>
</form>
ADD_USER;
}
echo <<<CHANGE_PASS
<form action='user_manager.php' method='POST' accept-charset='UTF-8'>
<fieldset >
<legend>Change Password</legend>
<input type='hidden' name='submitted' id='submitted' value='2'/>
CHANGE_PASS;
if($_SESSION['access'] == "admin")
echo <<<CHANGE_PASS
<div class="clearfix">
<label for='username' >UserName:</label>
<div class="input">
<input type='text' name='username' id='username' maxlength="50" value="$user"/>
</div>
</div>
CHANGE_PASS;
else
echo "<input type='hidden' name='username' id='username' value='$user'/>";
echo <<<CHANGE_PASS
<div class="clearfix">
<label for='password' >Old Password:</label>
<div class="input">
<input type='password' name='old_password' id='old_password' maxlength="50" />
</div>
</div>
<div class="clearfix">
<label for='password' >New Password:</label>
<div class="input">
<input type='password' name='new_password' id='new_password' maxlength="50" />
</div>
</div>
<div class="actions">
<button type="submit" class="btn primary" onClick="changePass(this.form)" >Change Password</button>
<button type="reset" class="btn">Cancel</button>
</div>
</fieldset>
</form>
CHANGE_PASS;
include("classes/footer.php");
?>
Reference in New Issue View Git Blame Copy Permalink