www.ensbilgisayar.tr.gg

Sorry, this page is for administrators only"; } else { echo "

Member Administration Page

Logged in as ".$_SESSION[$sess_name]." | Logout

"; if(!isset($_GET[action])) { echo "

Below are all the users that have registered for this website

Add new user "; $result = @mysql_query("SELECT * FROM $users_table ORDER BY id"); while($row = mysql_fetch_array($result)) { if($row[priv] < 10) { $priv = "User"; } else if($row[priv] >= 10) { $priv = "Admin"; } echo ""; } echo "

User ID	Username	Name	Email	Privilege	User Added	Edit
".$row[id]."	".$row[username]."	".$row[fname]." ".$row[lname]."	".$row[email]."	$priv	".date("n/j/Y",$row[time])."	Edit

Add new user"; } else if($_GET[action] == "add") { echo "

Add a new Member

"; if(!isset($_POST[submit])) { echo "

Please fill out the form below to register for this site.

First Name
Last Name
Username
Password
Retype Password
Email Address
User Type

"; } else if(isset($_POST[submit]) && empty($_POST[fname]) or empty($_POST[lname]) or empty($_POST[username]) or empty($_POST[password]) or empty($_POST[verify]) or empty($_POST[email])) { echo "Please enter all fields in the form"; } else if(isset($_POST[submit]) && !empty($_POST[fname]) && !empty($_POST[lname]) && !empty($_POST[username]) && !empty($_POST[password]) && !empty($_POST[verify]) && !empty($_POST[email])) { if(db_num("$users_table","username='".$_POST[username]."'") == "1") { $error[] = "This username already exists"; } if(!checkEmail($_POST[email])) { $error[] = "Please enter a valid email address"; } if(strlen($_POST[username]) < 6 || strlen($_POST[username]) > 15) { $error[] = "The username must be between 6 and 15 characters in length"; } if(strlen($_POST[password]) <

{ $error[] = "The password needs to be at least 8 charactres in length"; } if($_POST[password] != $_POST[verify]) { $error[] = "The passwords you entered don't match"; } if(count($error) > 0) { echo "

The following errors have occured while processing your member registration:

".$error[$x]."

Please try again

"; } else if(count($error) < 1) { //constraints met, add user to database $result = @mysql_query("INSERT INTO $users_table VALUES ('','".$_POST[username]."','".md5($_POST[password])."','".$_POST[fname]."','".$_POST[lname]."','".$_POST[email]."','".$_POST[user_type]."','".time()."')"); echo "

Username successfully added!

Thank you for signing up with the username $_POST[username]."; } } } else if($_GET[action] == "edit" && isset($_GET[id])) { echo "

Edit user

"; if(!isset($_POST[submit])) { $result = @mysql_query("SELECT * FROM $users_table WHERE id='".$_GET[id]."'"); $row = mysql_fetch_array($result); if(($row[id]==1) || ($row[username] == $_SESSION[$sess_name])) { // default admin account, cannot delete $disable = " disabled"; $show_del = "This account cannot be deleted"; } else { $disable = ""; $show_del = " I wish to delete this account"; } echo "

Please fill out the form below to edit this user. ** NOTE: Password Not required--only if changing it

First Name
Last Name
Username
Password
Retype Password
Email Address
User Type
$show_del

"; } else if(isset($_POST[submit]) && empty($_POST[fname]) or empty($_POST[lname]) or empty($_POST[email])) { echo "Please enter all fields in the form"; } else if(isset($_POST[submit]) && !empty($_POST[fname]) && !empty($_POST[lname]) && !empty($_POST[email])) { if($_POST[delete] == "yes") { $delete = @mysql_query("DELETE FROM $users_table WHERE id='".$_GET[id]."'"); echo "You successfully deleted this user account"; } else { if(!checkEmail($_POST[email])) { $error = "Please enter a valid email address"; } if($error != "") { echo "

The following errors have occured while processing your member registration:

".$error."

Please try again

"; } else if($error == "") { if(!empty($_POST[password])) { if((strlen($_POST[password]) <

|| ($_POST[password] != $_POST[verify])) { echo "Make certain the passwords match and are at least 8 characters in length"; $continue = 0; } else { $continue = 1; $update = @mysql_query("UPDATE $users_table SET password='".md5($_POST[password])."' WHERE id='".$_GET[id]."'"); } } else { $continue = 1; } if($continue) { if($_GET[id] == "1") { $add_priv = "10"; } else { $add_priv = $_POST[user_type]; } $update = @mysql_query("UPDATE $users_table SET fname='".$_POST[fname]."', lname='".$_POST[lname]."', email='".$_POST[email]."', priv='$add_priv' WHERE id='".$_GET[id]."'"); echo "

Username successfully updated!

You successfully updated this user account."; } } } } } else if($_GET[action] == "logout") { unset($_SESSION[$sess_name]); session_destroy(); echo "

You have successfully logged out

"; } } } if(isset($_GET[action])) { echo "

Return"; } ?>