Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(!(checkrights($_SESSION['rights_users'],1)))
- {
- header('location: ?page=forbidden');
- }
- if(!(checkrights($_SESSION['rights_users'],2)))
- {
- echo '<div class="alert">You cannot edit this page.</div>';
- $disableedit=1;
- }
- $allowedgroups=explode(',',$_SESSION['allowedgroups']);
- //print_r($allowedgroups);
- //echo $_SESSION['allowedgroups'];
- function isallowedgroup($group)
- {
- global $allowedgroups;
- if (in_array($group,$allowedgroups) || $_SESSION['allowedgroups']=='*')
- {return true;}
- else
- {return false;}
- }
- $isadmin=$_SESSION['admin'];
- ?>
- <h2>Users</h2>
- <table>
- <tr>
- <td><strong>ID</strong></td>
- <td><strong>Name</strong></td>
- <td><strong>Groups</strong></td>
- <td><strong>Color</strong></td>
- <td><strong>Allowed Commands</strong></td>
- <td><strong>Admin</strong></td>
- <td><strong>Can Modify World</strong></td>
- <td><strong>Ignores Restrictions</strong></td>
- <td><strong>Modify</strong></td>
- </tr>
- <?php
- $sql="SELECT * FROM `users`";
- $result=mysql_query($sql) or die("MySQL error: ".mysql_error());
- while($record=mysql_fetch_array($result))
- {
- $id = $record['id'];
- $name = $record['name'];
- $groups = $record['groups'];
- $prefix = $record['prefix'];
- $commands = $record['commands'];
- $admin = $record['admin'];
- $canmodifyworld = $record['canmodifyworld'];
- $ignoresrestrictions = $record['ignoresrestrictions'];
- // edit form
- if ($_GET['action']=='edit' && $_GET['id']==$id)
- {
- echo "
- <form name=\"edit\" action=\"?page=users&action=editsave&id=$id\" method=\"post\">
- <tr>
- <td>$id</td>
- <td><input name=\"name\" type=\"text\" value=\"$name\" / size=\"7\"></td>
- <td>
- <select name=\"groups\">";
- $zsql="SELECT * FROM `groups`";
- $zresult=mysql_query($zsql);
- while($zrecord=mysql_fetch_array($zresult))
- {
- $recname=$zrecord['name'];
- if (isallowedgroup($recname))
- {
- if ($recname==$groups)
- {
- echo "<option value=\"$recname\" selected>$recname</option>";
- }
- else
- {
- echo "<option value=\"$recname\">$recname</option>";
- }
- }
- }
- echo "
- </select>
- <td><input name=\"prefix\" type=\"text\" value=\"$prefix\" size=\"1\"/></td>
- <td><input name=\"commands\" type=\"text\" value=\"$commands\" size=\"25\"";if(!$isadmin){echo 'disabled';} echo "/></td>
- <td><input name=\"admin\" type=\"checkbox\" value=\"1\" ";if(!$isadmin){echo 'disabled';} echo " size=\"1\" "; if ($admin){ echo 'checked';} echo " /></td>
- <td><input name=\"canmodifyworld\" type=\"checkbox\" value=\"1\" size=\"1\" "; if ($canmodifyworld){ echo 'checked';} echo " /></td>
- <td><input name=\"ignoresrestrictions\" type=\"checkbox\" value=\"1\" ";if(!$isadmin){echo 'disabled';} echo " size=\"1\" "; if ($ignorerestrictions){ echo 'checked';} echo " /></td>
- <td>
- <a href=\"?page=users&action=edit&id=$id\"><img src=\"images/edit.png\" alt=\"Edit\"/></a>
- <a href=\"?page=users&action=delete&id=$id\"><img src=\"images/delete.png\" alt=\"Delete\"/></a>
- </td>
- </tr>
- ";
- }
- else
- {
- echo "
- <tr>
- <td>$id</td>
- <td>$name</td>
- <td>$groups</td>
- <td>$prefix</td>
- <td><ul>";
- $ca = explode(',', $commands);
- foreach ($ca as $out) {echo("<li>$out</li>\n");}
- echo "</ul></td>
- <td>$admin</td>
- <td>$canmodifyworld</td>
- <td>$ignoresrestrictions</td>
- <td>
- <a href=\"?page=users&action=edit&id=$id\"><img src=\"images/edit.png\" alt=\"Edit\"/></a>
- <a href=\"?page=users&action=delete&id=$id\"><img src=\"images/delete.png\" /></a>
- </td>
- </tr>
- ";
- }
- }
- ?>
- <tr><td colspan="10"><a href="?page=users&action=add">Add a new user...</a></td></tr>
- </table>
- <?php
- if(!$disableedit)
- {
- if ($_GET['action']=='edit')
- {
- echo '<input type="submit" value="Save"></form>';
- }
- if ($_GET['action']=='editsave')
- {
- $name=$_POST['name'];
- $groups=$_POST['groups'];
- if (!(isallowedgroup($groups)))
- {
- exit("You are not allowed to assign this group to a user!");
- }
- $prefix=$_POST['prefix'];
- $commands=$_POST['commands'];
- $admin=$_POST['admin'];
- $canmodifyworld=$_POST['canmodifyworld'];
- $ignoresrestrictions=$_POST['ignoresrestrictions'];
- $id=$_GET['id'];
- if ($isadmin)
- {
- $sql="UPDATE `users` SET
- `name`='$name',
- `groups`='$groups',
- `prefix`='$prefix',
- `commands`='$commands',
- `admin`='$admin',
- `canmodifyworld`='$canmodifyworld',
- `ignoresrestrictions`='$ignoresrestrictions'
- WHERE `id`='$id'";
- }
- else
- {
- $sql="UPDATE `users` SET
- `name`='$name',
- `groups`='$groups',
- `prefix`='$prefix',
- `canmodifyworld`='$canmodifyworld'
- WHERE `id`='$id'";
- }
- echo $sql;
- mysql_query($sql) or die("MySQL error: ".mysql_error());
- header('location:?page=users');
- }
- if ($_GET['action']=='add')
- {
- $sql="INSERT INTO `users` SET `name`='new'";
- $query=mysql_query($sql) or die("MySQL error: ".mysql_error());
- $id=mysql_insert_id();
- header('location: ?page=users&action=edit&id='.$id);
- }
- if ($_GET['action']=='delete')
- {
- $id=$_GET['id'];
- $sql="DELETE FROM `users` WHERE `id`='$id'";
- $query=mysql_query($sql) or die("MySQL error: ".mysql_error());
- header('location: ?page=users');
- }
- }
- ?>
- <br>
- <img src="images/colors.png" />
- <h3>Import from textfile</h3>
- Copy your users.txt content here and click 'import'
- <form method="post" action="?page=users&action=import">
- <textarea name="import" cols="60" rows="10"></textarea>
- <br>
- <input type="submit" value="Import" />
- </form>
- <br />
- <?php
- if ($_GET['action']=='import' && !($disableedit))
- {
- $import=$_POST['import'];
- $import=explode("\n",$import);
- foreach($import as $importline)
- {
- // Checks:
- if (trim($importline[0]) == '#' || !strlen($importline)) continue;
- $importline=explode(':',$importline);
- if (count($importline)<2)
- {die('<div class="alert">Invalid number of fields (2 required fields)</div>');}
- //
- $import_name=trim($importline[0]);
- $import_groups=trim($importline[1]);
- $admin_unres=trim($importline[2]);
- $import_prefix=trim($importline[3]);
- $import_commands=trim($importline[4]);
- switch($admin_unres)
- {
- case -1: $import_admin=0; $import_ignores=1; $import_canmodify=0; break;
- case 0: $import_admin=0; $import_ignores=0; $import_canmodify=1; break;
- case 1: $import_admin=0; $import_ignores=1; $import_canmodify=1; break;
- case 2: $import_admin=1; $import_ignores=1; $import_canmodify=1; break;
- }
- $sql="INSERT INTO `users` SET
- `name`='$import_name',
- `prefix`='$import_prefix',
- `commands`='$import_commands',
- `groups`='$import_groups',
- `admin`='$import_admin',
- `ignoresrestrictions`='$import_ignores',
- `canmodifyworld`='$import_canmodify'";
- //print_r($importline);
- //echo $sql.'<br>';
- $query=mysql_query($sql) or die("MySQL error: ".mysql_error());
- header('location:?page=users');
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement