Файл: id2759/PHP Version/fileman/users.php
Строк: 491
<?php
/* vim: set expandtab tabstop=4 shiftwidth=4: */
// +----------------------------------------------------------------------+
// | Aquonics File Manager |
// +----------------------------------------------------------------------+
// | Copyright (c) 2001 Aquonics Scripting |
// +----------------------------------------------------------------------+
// | You may not remove the copyright or redistribute the script in any |
// | form. This program is Freeware, please read the license at |
// | http://www.aquonics.com/license.php |
// | |
// | Visit www.aquonics.com for more top scripts, free and custom. |
// +----------------------------------------------------------------------+
// | Authors: Stephen Ball <stephen@aquonics.com> |
// +----------------------------------------------------------------------+
//
// $Id$
error_reporting(0); /* Turn off ugly error messages */
set_time_limit(60); /* Ensure the script doesn't time out */
// Try to include important files
// or die with an error message
if (!(include("./common.lib.php"))) {
die("<html><head><title>Error!</title></head><body bgcolor="#FFFFFF"><font size="2" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000"><center><b>There was an error loading the library file.</b></center></font></body></html>");
}
if (!(include("./settings.inc.php"))) {
die("<html><head><title>Error!</title></head><body bgcolor="#FFFFFF"><font size="2" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000"><center><b>There was an error loading the settings file.</b></center></font></body></html>");
}
$username = $HTTP_COOKIE_VARS["username"];
$password = $HTTP_COOKIE_VARS["password"];
// Find out the starttime
$starttime = starttime();
// Ensure the user is valid
if (validate_user($username, $password) == 0) {
header("Location: ./" . $login_script . "");
exit;
}
else if (user_level($username, $password) != 1) {
header("Location: ./" . $main_script . "?m=29");
exit;
}
function userlist()
{
global $script_dir;
$usercheck = file($script_dir . "userlist.cgi");
$list = "";
while(list(,$value) = each ($usercheck)) {
list($username, $password, $value) = split("[|]", $value);
$list .= "<option name="$username">$username</option>";
}
return $list;
}
if (empty($op)) {
$op = "";
}
if ($op == "add") {
$title = "Add user";
$pagecode = " <form action="$PHP_SELF" method="post" style="margin: 0" name="user">rn";
$pagecode .= " <input type="hidden" name="op" value="newuser">rn";
$pagecode .= " <table border="0" width="100%">rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="left" bgcolor="#F5F5F5" valign="middle" colspan="2"><font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000">Please enter the new users details below.</font></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <th align="left" bgcolor="#F5F5F5" valign="middle" width="10%" nowrap="nowrap"><font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000">Username</font></th>rn";
$pagecode .= " <td align="left" bgcolor="#F5F5F5" valign="middle" width="90%"><input type="text" name="newusername" size="45"></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <th align="left" bgcolor="#F5F5F5" valign="middle" width="10%" nowrap="nowrap"><font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000">Password</font></th>rn";
$pagecode .= " <td align="left" bgcolor="#F5F5F5" valign="middle" width="90%"><input type="password" name="newpassword" size="45"></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <th align="left" bgcolor="#F5F5F5" valign="middle" width="10%" nowrap="nowrap"><font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000">Access value</font></th>rn";
$pagecode .= " <td align="left" bgcolor="#F5F5F5" valign="middle" width="90%"><select name="newlevel"><option value="1">Admin</option><option value="2">Super User</option><option value="3">User</option></select></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="center" bgcolor="#F5F5F5" valign="middle" colspan="2"><input type="submit" value="Add User" onclick="return checkdetails()"></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " </table>rn";
$pagecode .= " </form>rn";
}
else if ($op == "edit") {
$title = "Edit user";
$list = userlist();
$pagecode = " <form action="$PHP_SELF" method="post" style="margin: 0">rn";
$pagecode .= " <input type="hidden" name="op" value="edituser">rn";
$pagecode .= " <table border="0" width="100%">rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="left" bgcolor="#F5F5F5" valign="middle"><font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000">Please select the user to edit below.</font></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="center" bgcolor="#F5F5F5" valign="middle"><select name="user">$list</select></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="center" bgcolor="#F5F5F5" valign="middle"> </td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="center" bgcolor="#F5F5F5" valign="middle"><input type="submit" value="Edit User"></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " </table>rn";
$pagecode .= " </form>rn";
}
else if ($op == "remove") {
$title = "Remove user";
$list = userlist();
$pagecode = " <form action="$PHP_SELF" method="post" style="margin: 0" name="remove">rn";
$pagecode .= " <input type="hidden" name="op" value="removeuser">rn";
$pagecode .= " <table border="0" width="100%">rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="left" bgcolor="#F5F5F5" valign="middle"><font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000">Please select the user to delete below.</font></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="center" bgcolor="#F5F5F5" valign="middle"><select name="user">$list</select></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="center" bgcolor="#F5F5F5" valign="middle"> </td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="center" bgcolor="#F5F5F5" valign="middle"><input type="submit" value="Delete User" onclick="return deluser()"></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " </table>rn";
$pagecode .= " </form>rn";
}
else if ($op == "newuser") {
$newusername = trim($newusername);
$newpassword = trim($newpassword);
$usercheck = file($script_dir . "userlist.cgi");
while(list(,$value) = each ($usercheck)) {
list($user, $pass, $level) = split("[|]", $value);
$user = trim($user);
$pass = trim($pass);
if ($newusername == $user) {
header("Location: ./" . $main_script . "?m=21");
exit;
}
}
if($fp = fopen($script_dir . "userlist.cgi", "a")) {
$newpassword = md5($newpassword);
if (filesize($script_dir . "userlist.cgi") == 0) {
$filedata = "$newusername|$newpassword|$newlevel";
}
else {
$filedata = "rn" . "$newusername|$newpassword|$newlevel";
}
fwrite($fp, $filedata);
fclose($fp);
header("Location: ./" . $main_script . "?m=22");
exit;
}
else {
header("Location: ./" . $main_script . "?m=23");
exit;
}
}
else if ($op == "removeuser") {
$userfile = file($script_dir . "userlist.cgi");
$filecontent = "";
$found = 0;
while(list(,$value) = each ($userfile)) {
list($username, $password, $level) = split("[|]", $value);
if($user != $username) {
$filecontent .= "$username|$password|$level";
}
else {
$found = 1;
}
}
if ($found == 0) {
header("Location: ./" . $main_script . "?m=24");
exit;
}
else if($fp = fopen($script_dir . "userlist.cgi", "w")) {
$filecontent = trim($filecontent);
fwrite($fp, $filecontent);
fclose($fp);
header("Location: ./" . $main_script . "?m=25");
exit;
}
else {
header("Location: ./" . $main_script . "?m=26");
exit;
}
}
else if ($op == "edituser") {
$userfile = file($script_dir . "userlist.cgi");
$filecontent = "";
$found = 0;
while(list(,$value) = each ($userfile)) {
list($username, $password, $level) = split("[|]", $value);
if($user == $username) {
$curname = trim($username);
$curlevel = trim($level);
$found = 1;
}
}
if ($found == 0) {
header("Location: ./" . $main_script . "?m=24");
exit;
}
else {
$title = "Edit user";
if ($curlevel == 1) {
$levelhtml = "<option value="1" selected="selected">Admin</option>";
$levelhtml .= "<option value="2">Super Admin</option>";
$levelhtml .= "<option value="3">User</option>";
}
else if ($curlevel == 2) {
$levelhtml = "<option value="1">Admin</option>";
$levelhtml .= "<option value="2" selected="selected">Super Admin</option>";
$levelhtml .= "<option value="3">User</option>";
}
else {
$levelhtml = "<option value="1">Admin</option>";
$levelhtml .= "<option value="2">Super Admin</option>";
$levelhtml .= "<option value="3" selected="selected">User</option>";
}
$pagecode = " <form action="$PHP_SELF" method="post" style="margin: 0" name="user">rn";
$pagecode .= " <input type="hidden" name="op" value="editteduser">rn";
$pagecode .= " <table border="0" width="100%">rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="left" bgcolor="#F5F5F5" valign="middle" colspan="2"><font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000">Please edit the users details below.<br /><b>Note</b>: You will need to enter a password.</font></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <th align="left" bgcolor="#F5F5F5" valign="middle" width="10%" nowrap="nowrap"><font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000">Username</font></th>rn";
$pagecode .= " <td align="left" bgcolor="#F5F5F5" valign="middle" width="90%"><input type="text" name="newusername" value="$curname" readonly="readonly" size="45" onfocus="window.document.edit.newusername.blur()"></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <th align="left" bgcolor="#F5F5F5" valign="middle" width="10%" nowrap="nowrap"><font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000">Password</font></th>rn";
$pagecode .= " <td align="left" bgcolor="#F5F5F5" valign="middle" width="90%"><input type="password" name="newpassword" size="45"></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <th align="left" bgcolor="#F5F5F5" valign="middle" width="10%" nowrap="nowrap"><font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#000000">Access value</font></th>rn";
$pagecode .= " <td align="left" bgcolor="#F5F5F5" valign="middle" width="90%"><select name="newlevel">$levelhtml</select></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " <tr>rn";
$pagecode .= " <td align="center" bgcolor="#F5F5F5" valign="middle" colspan="2"><input type="submit" value="Edit User" onclick="return checkdetails()"></td>rn";
$pagecode .= " </tr>rn";
$pagecode .= " </table>rn";
$pagecode .= " </form>rn";
}
}
else if ($op == "editteduser") {
$userfile = file($script_dir . "userlist.cgi");
$filecontent = "";
$found = 0;
while(list(,$value) = each ($userfile)) {
list($username, $password, $level) = split("[|]", $value);
if($newusername != $username) {
$filecontent .= "$username|$password|$level";
}
else {
$found = 1;
$newpassword = md5($newpassword);
$filecontent .= "$newusername|$newpassword|$newlevelrn";
}
}
$filecontent = trim($filecontent);
if ($found == 0) {
header("Location: ./" . $main_script . "?m=24");
exit;
}
else if($fp = fopen($script_dir . "userlist.cgi", "w")) {
$filecontent = trim($filecontent);
fwrite($fp, $filecontent);
fclose($fp);
header("Location: ./" . $main_script . "?m=27");
exit;
}
else {
header("Location: ./" . $main_script . "?m=28");
exit;
}
}
else {
header("Location: ./" . $main_script . "");
exit;
}
// Print the page header
html_header("User Manager");
?>
<tr>
<td align="left" bgcolor="#4682B4">
<table border="0" width="100%">
<tr>
<th align="left" bgcolor="#4682B4" valign="middle" width="99%"><img src="images/text.gif" alt="User Management" border="0" /> <font size="1" face="Verdana, Geneva, Arial, Helvetica, Sans-Serif" color="#FFFFFF"><?=$title;?></font></th>
<td align="right" bgcolor="#4682B4" valign="middle" width="1%" nowrap="nowrap"><a href="<?=$main_script;?>"><img src="images/home.gif" alt="Home" border="0" /></a> <a href="<?=$space_script;?>"><img src="images/space.gif" alt="Server Space" border="0" /></a> <a href="<?=$login_script;?>?op=out"><img src="images/logout.gif" alt="Logout" border="0" /></a></td>
</tr>
</table>
</td>
</tr>
<tr>
<td align="left" bgcolor="#F5F5F5">
<?=$pagecode;?>
</td>
</tr>
<?php
// Print out the page footer
html_footer($starttime);
?>