<?php/** * @author Lawrence * @copyright 2009 */ session_start();

1. <?php
2.  
3. /**
4. * @author Lawrence
5. * @copyright 2009
6. */
7. session_start();
8. include 'dbconnect.php';
9.  
10. function showregister(){
11. $register = "<form action=\"adduser.php\" method=\"POST\">";
12. $register .= "User:<input type=\"text\" name=\"user\" /><br />";
13. $register .= "Pass:<input type=\"password\" name=\"pass\" /><br />";
14. $register .= "Email:<input type=\"text\" name=\"email\" /><br />";
15. $register .= "First Name:<input type=\"text\" name=\"fname\" /><br />";
16. $register .= "Last Name:<input type=\"text\" name=\"lname\" /><br />";
17. $register .= "<input type=\"submit\" value=\"Register\" />";
18. echo $register;
19. }
20. function showadmin(){
21. $admin = "<fieldset>";
22. $admin .= "<legend>Administrator Options</legend>";
23. $admin .= "<a href=\"index.php?action=users\">Users</a> | <a href=\"index.php?action=edit\">Edit My Settings</a> | <a href=\"index.php?action=logout\">logout</a>";
24. $admin .= "</fieldset>";
25. echo $admin;
26. }
27. function showlogin(){
28. $output = "<form action=\"checkuser.php\" method=\"POST\">";
29. $output .= "User:<input type=\"text\" name=\"user\" /><br />";
30. $output .= "Pass:<input type=\"password\" name=\"pass\" /><br />";
31. $output .= "<input type=\"submit\" value=\"Login Now\" />/<form>";
32. $output .= "<form action=\"index.php?action=register\"><input type=\"button\" value=\"Register Now!\" /></form>";
33. echo $output;
34. }
35.  
36. function error($error, $errortime){
37.  
38. }
39.  
40. function checklogin($user, $pass){
41. $sql = "SELECT * FROM users WHERE user = '$user' AND pass = '$pass'";
42. $result = mysql_query($sql);
43. $count = mysql_num_rows($result);
44. if($count = 1){
45. $_SESSION['admin'] = $user['admin'];
46. $_SESSION['user'] = $user['user'];
47. }else{
48. error();
49. }
50. }
51.  
52. function showusers(){
53. $sql = "SELECT * FROM users";
54. $result = mysql_query($sql);
55. $user = mysql_fetch_assoc($result);
56. $admin = "<fieldset>";
57. $admin .= "<legend>Administrator Options</legend>";
58. $admin .= "<a href=\"index.php?action=users\">Users</a> | <a href=\"index.php?action=edit\">Edit My Settings</a> | <a href=\"index.php?action=logout\">logout</a>";
59. $admin .= "</fieldset>";
60. $admin .= "<fieldset>";
61. $admin .= "<legend>Users</legend>";
62. $admin .= "<table>";
63. $admin .= "<tr>";
64. $admin .= "<td>ID</td>";
65. $admin .= "<td>User</td>";
66. $admin .= "<td>Email</td>";
67. $admin .= "<td>First Name</td>";
68. $admin .= "<td>Last Name</td>";
69. $admin .= "<td>Delete User</td>";
70. $admin .= "</tr><tr>";
71. $admin .= "<td>" .$user['id']. "</td>";
72. $admin .= "<td>" .$user['user']. "</td>";
73. $admin .= "<td>" .$user['email']. "</td>";
74. $admin .= "<td>" .$user['fname']. "</td>";
75. $admin .= "<td>" .$user['lname']. "</td>";
76. $admin .= "<td><form action=\"deluser.php?id=" .$user['id']. "\"><input type=\"submit\" value=\"Delete User\"</form></td>";
77. $admin .= "</tr></table>";
78. $admin .= "</fieldset>";
79. echo $admin;
80. }
81.  
82. function delete($_GET['id']){
83.  
84. }
85. if(isset($_GET['action'])){
86. $action = $_GET['action'];
87. }else{
88. $action = "default";
89. }
90.  
91. switch ($action)
92. {
93. case "register":
94. showregister();
95. break;
96. case "admin":
97. showadmin();
98. break;
99. case "checklogin":
100. checklogin($user, $pass);
101. break;
102. case "showusers":
103. showusers();
104. break;
105. case "delete":
106. deleteuser($_GET['id']);
107. break;
108. default:
109. showlogin();
110. }
111.  
112. ?>