Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (get_magic_quotes_gpc()){
- $_GET = array_map('stripslashes', $_GET);
- $_POST = array_map('stripslashes', $_POST);
- $_COOKIE = array_map('stripslashes', $_COOKIE);
- }
- /*************************************************
- * © 2009 InterByte IT - All rights reserved *
- *************************************************/
- class mainFunctions {
- var $username;
- var $password;
- var $result;
- var $row;
- var $sql;
- var $ID;
- var $email;
- var $firstname;
- var $lastname;
- var $street;
- var $housenmbr;
- var $postcode;
- var $city;
- var $old_pass;
- var $password1;
- var $content;
- var $title;
- var $author;
- function db_connect() {
- $this->username = 'interbyte_pp';
- $this->password = 'homofiel35';
- try {
- $this->connect = new PDO('mysql:host=localhost;dbname=interbyte_pp', $this->username, $this->password);
- }
- catch (PDOException $e) {
- print ("Could not connect to server.\n");
- print ("getMessage(): " . $e->getMessage () . "\n");
- }
- }
- function db_close() {
- if ($this->connect) {
- mysql_close($this->connect);
- }
- }
- function plogin() {
- if(isset($_POST['login'])) {
- /* Check if all fields are filled in */
- if (!empty($_POST['username']) && !empty($_POST['password'])) {
- /* Define variables to use */
- $this->username = trim(strip_tags($_POST['username']));
- $this->password = md5(trim(strip_tags($_POST['password'])));
- /* Select to user ID to login with */
- $this->result = mysql_query ("SELECT ID, username, level FROM admins WHERE username='$username' AND password='$password'");
- if (mysql_num_rows($result) == 1) {
- $this->row = mysql_fetch_assoc($this->result);
- /* Making the sessions */
- $_SESSION['level'] = $this->row['level'];
- $_SESSION['username'] = $this->row['username'];
- $_SESSION['login'] = true;
- $_SESSION['ID'] = $this->row['ID'];
- header('Location: index.php');
- } else {
- /* Or display error if username or password incorrect */
- echo '<div id="fail" class="info_div"><span class="ico_cancel">Gebruikersnaam of/en wachtwoord verkeerd!</span></div>';
- }
- } else {
- echo '<div id="fail" class="info_div"><span class="ico_cancel">Alle velden zijn verplicht!</span></div>';
- }
- }
- }
- function changeDetails() {
- if (isset($_POST['update'])) {
- $this->ID;
- $this->email = mysql_real_escape_string($_POST['email']);
- $this->firstname = mysql_real_escape_string($_POST['firstname']);
- $this->lastname = mysql_real_escape_string($_POST['lastname']);
- $this->street = mysql_real_escape_string($_POST['street']);
- $this->housenmbr = mysql_real_escape_string($_POST['housenmbr']);
- $this->postcode = mysql_real_escape_string($_POST['postalcode']);
- $this->city = mysql_real_escape_string($_POST['city']);
- $this->sql = "UPDATE `admins` SET email='$email', firstname='$firstname',
- lastname='$lastname', street='$street', housenmbr='$housenmbr',
- postalcode='$postcode', city='$city'
- WHERE ID='".$_SESSION['ID']."'";
- $this->result = mysql_query($this->sql) or die (mysql_error());
- if ($this->result) {
- echo ('Success');
- } else {
- echo $this->result;
- }
- }
- $this->sql = "SELECT * FROM `admins` WHERE ID='".$_SESSION['ID']."'";
- $this->result = mysql_query($this->sql) or die (mysql_error());
- while ($this->row = mysql_fetch_assoc($this->result)) {
- echo ('<p style="color:white; background-color:SteelBlue;"><code><b>Uw persoonlijke gegevens updaten</b></code></p>');
- echo ('<form action="member.php" method="POST">');
- echo ('<table><tr><td>Email adress: </td><td><input type="text" name="email" value="'.$this->row['email'].'" style="border:1px solid #CCCCCC;"></td></tr>
- <tr><td>Voornaam:
- </td><td><input type="text" name="firstname" value="'.$this->row['firstname'].'" style="border:1px solid #CCCCCC;"></td></tr>
- <tr><td>Achternaam: </td><td><input type="text" name="lastname" value="'.$this->row['lastname'].'" style="border:1px solid #CCCCCC;"></td></tr>
- <tr><td>Straat: </td><td><input type="text" name="street" value="'.$this->row['street'].'" tyle="border:1px solid #CCCCCC;"></td> <td></td><td><input size="3" type="text" name="housenmbr" value="'.$this->row['housenmbr'].'" tyle="border:1px solid #CCCCCC;"></td></tr>
- <tr><td>Postcode: </td><td><input type="text" name="postalcode" value="'.$this->row['postalcode'].'" tyle="border:1px solid #CCCCCC;"></td></tr>
- <tr><td>Stad: </td><td><input type="text" name="city" value="'.$this->row['city'].'" tyle="border:1px solid #CCCCCC;"></td></tr>
- <tr><td></td><td><input type="submit" name="update" value="Opslaan" style="border:1px solid #162635;"></td></tr>
- </table>
- </form>');
- }
- }
- function changePass() {
- if (isset($_POST['chpass'])) {
- $this->ID;
- $this0>old_pass = md5($_POST['old_pass']);
- $this->password = md5($_POST['password']);
- $this->password1 = md5($_POST['password1']);
- $this->sql = "SELECT password FROM `admins` WHERE ID='".$_SESSION['ID']."'";
- $this->result = mysql_query($this->sql) or die (mysql_error());
- if ($this->password != $this->password1) {
- echo ('Wachtwoorden zijn niet gelijk');
- } else {
- if($this->old_pass != mysql_result($this->result, 0)) {
- echo ('Uw oude wachtwoord is onjuist!');
- } else {
- $this->sql = "UPDATE `admins` SET password='$password'
- WHERE ID='".$_SESSION['ID']."'";
- $this->result = mysql_query($this->sql) or die (mysql_error());
- if ($this->result) {
- echo ('<div id="fail" class="info_div"><span class="ico_cancel">Gebruikersnaam of/en wachtwoord verkeerd!</span></div>');
- } else {
- echo $this->result;
- }
- }
- }
- }
- }
- function adminsControl() {
- if (isset($_GET['users_id'])) {
- if (is_numeric($_GET['users_id'])) {
- $this->sql = "SELECT * FROM `admins` WHERE ID='".$_GET['users_id']."'";
- $this->result = mysql_query($this-sql);
- $this->row = mysql_fetch_assoc($this->result);
- if (isset($_POST['update_user'])) {
- $this->email = mysql_real_escape_string($_POST['email']);
- $this->firstname = mysql_real_escape_string($_POST['firstname']);
- $this->lastname = mysql_real_escape_string($_POST['lastname']);
- $this->street = mysql_real_escape_string($_POST['street']);
- $this->housenmbr = mysql_real_escape_string($_POST['housenmbr']);
- $this->postcode = mysql_real_escape_string($_POST['postalcode']);
- $this->city = mysql_real_escape_string($_POST['city']);
- $this->sql = "UPDATE `admins` SET email='$email', firstname='$firstname',
- lastname='$lastname', street='$street', housenmbr='$housenmbr',
- postalcode='$postcode', city='$city'
- WHERE ID='".$_GET['users_id']."'";
- $this->result = mysql_query($this->sql);
- header('Location: ?users_id='.$this->row['ID'].'');
- ob_end_clean();
- exit;
- }
- echo ('');
- echo ('<form action="?users_id='.$this->row['ID'].'" method="POST">');
- echo ('<table><tr><td>Email adress: </td><td><input type="text" name="email" value="'.$this->row['email'].'" style="border:1px solid #CCCCCC;"></td></tr>
- <tr><td>Voornaam:
- </td><td><input type="text" name="firstname" value="'.$this->row['firstname'].'" style="border:1px solid #CCCCCC;"></td></tr>
- <tr><td>Achternaam: </td><td><input type="text" name="lastname" value="'.$this->row['lastname'].'" style="border:1px solid #CCCCCC;"></td></tr>
- <tr><td>Straat: </td><td><input type="text" name="street" value="'.$this->row['street'].'" tyle="border:1px solid #CCCCCC;"></td> <td></td><td><input size="3" type="text" name="housenmbr" value="'.$this->row['housenmbr'].'" tyle="border:1px solid #CCCCCC;"></td></tr>
- <tr><td>Postcode: </td><td><input type="text" name="postalcode" value="'.$this->row['postalcode'].'" tyle="border:1px solid #CCCCCC;"></td></tr>
- <tr><td>Stad: </td><td><input type="text" name="city" value="'.$this->row['city'].'" tyle="border:1px solid #CCCCCC;"></td></tr>
- <tr><td></td><td><input type="submit" name="update_user" value="Opslaan" style="border:1px solid #162635;"></td></tr>
- </table>
- </form>');
- }
- } else {
- echo
- ('
- <div id="tabledata" class="section">
- <h2 class="ico_mug">Gebruikersoverzicht</h2>
- <table id="table">
- <thead>
- <tr>
- <th>ID </th>
- <th>Voornaam </th>
- <th>Achternaam</th>
- <th>Email</th>
- <th>Gebruikersnaam</th>
- <th>Beheer</th>
- </tr>
- </thead>
- <tbody>
- ');
- $this->result = mysql_query("SELECT * FROM `admins`");
- while ($this->row = mysql_fetch_assoc($this->result)) {
- echo ('
- <tr>
- <td class="table_check">'.$this->row['ID'].'</td>
- <td class="table_date">'.$this->row['firstname'].'</td>
- <td class="table_title">'.$this->row['lastname'].'</a></td>
- <td><a href="#">'.$this->row['email'].'</a></td>
- <td>'.$this->row['username'].'</td>
- <td><span class="approved"></a><a href="?delete_u='.$this->row['ID'].'"><img src="img/cancel.jpg" alt="cancel"/></a><a href="?users_id='.$this->row['ID'].'"><img src="img/edit.jpg" alt="edit"/></span></td>
- </tr>
- ');
- }
- echo
- ('
- </tbody>
- </table>
- </div>
- ');
- }
- }
- function frontUpdate() {
- $this->sql = "SELECT * FROM `pages` WHERE ID='1'";
- $this->result = mysql_query($this->sql) or die(mysql_error());
- $this->row = mysql_fetch_assoc($this->result);
- if(isset($_POST['submit_fr'])){
- $this->content = $_POST['editor1'];
- $this->title = mysql_real_escape_string($_POST['title']);
- $this->author = $_SESSION['username'];
- $this->sql = "UPDATE pages SET title='$this->title', content='$this->content' WHERE ID='1'";
- $this->result = mysql_query($this->sql) or die(mysql_error());
- if($this->result){
- header('location: index.php');
- ob_end_clean();
- exit;
- }
- }
- }
- function deleteUser() {
- if (isset($_GET['delete_u'])) {
- if (is_numeric($_GET['delete_u'])) {
- $this->sql = "DELETE FROM `admins` WHERE ID='".$_GET['delete_u']."'";
- $this->result = mysql_query($this->sql) or die (mysql_error());
- echo ('Gebruiker successvol verwijdered. Pagina wordt over 2 seconden opnieuw geladen!');
- ?>
- <meta http-equiv="Refresh" content="2; url='usercontrol.php'">
- <?php
- }
- } else {
- }
- }
- }
- ?>v
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement