Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- error_reporting(-1);
- include 'connect.php';
- if (!isset($_SESSION['username'])) {
- die( ' <form action="login.php" method="post">
- <label for="username">username: </label>
- <input type="text" name="username" maxlength="255" value="">
- <label for="password">password: </label>
- <input type="password" name="password" maxlength="255" value="">
- <input type="submit" value="login">
- </form>'); }
- else {
- if($_SESSION['signed_in'] == false | $_SESSION['user_level'] != 1 )
- {
- //the user is not an admin
- die ('Sorry, you do not have sufficient rights to access this page.');
- }
- else
- {
- $sql = "select * from users where users.id = " . $_GET['user_id'];
- $result = mysqli_query($link,$sql);
- if(!$result)
- {
- die ('The applicant profile could not be displayed, please try again later.') . mysqli_error($link);
- }
- else
- {
- if(mysqli_num_rows($result) == 0)
- {
- die ('This applicant profile does not exist.');
- }
- else
- {
- while($row = mysqli_fetch_assoc($result)) {
- if ($row['user_level'] == -1) { echo ('Well, what can i say? this user has aleady been banned, you need to take pills old man'); }
- if ($row['user_level'] == 2 || $_SESSION['user_level'] == 3) { $regsql = "UPDATE `dead_echo`.`users` SET `user_level` = '-1' WHERE `users`.`id` =".$_GET['user_id'];
- mysqli_query($link,$regsql); }
- if ($row['user_level'] == 3) { die ('Nice try pal, but this user is god! oh and by the way, he will be notified that you tried to ban him :)'); }
- if ($row['user_level'] == 2) { die ('Nice try pal, but this user is an admin :)'); }
- if ($row['user_level'] == 0) {
- $regsql = "UPDATE `dead_echo`.`users` SET `user_level` = '-1' WHERE `users`.`id` =".$_GET['user_id'];
- mysqli_query($link,$regsql); }
- } } } } }
- die ('Put down yo guns penguins, all went according to plan!');
- ?>
Add Comment
Please, Sign In to add comment
