Untitled

<?header('Content-type:text/html;charset=utf-8');?>
<?php
$db_user = "vsftpd";
	$db_pass = "vsftpd";
	$db_name = "vsftpd";
	$db_host = "localhost";

	$connect = @mysql_connect($db_host, $db_user, $db_pass) or die("error db");
	mysql_select_db($db_name) or die(mysql_error());

session_start();
if(!($_SESSION['admin'] == true)) { header('Location: index.php'); }

?>


<html>
<head>
<title>Панель администрирования</title>
</head>
<body>
<form action="admin.php" method="post">
<input type="submit" name="exit" value="Выход" style="position:absolute; top:10px; right:10px;">
<table>
<caption>Редактирование юзеров</caption>
	<tr>
		<td>Login</td>
		<td>Passwd</td>
	</tr>
	<tr>
		<td><input type="text" name="user" value=""></td>
		<td><input type="text" name="pass" value=""></td>
		<td><input type="submit" name="edit" value="Изменить пароль"></td>
		<td><input type="submit" name="add" value="Добавить аккаунт"></td>
		<td><input type="submit" name="delete" value="Удалить аккаунт"></td>
	</tr>
</table>
<hr>
</form>
<?php
if(isset($_POST['edit']))
{
	$result = mysql_query("UPDATE `user` SET `pass`='{$_POST[pass]}' WHERE `login`='{$_POST['user']}'");
	unset($_POST['edit']);
}
if(isset($_POST['add']))
{

$pass = md5($_POST['pass']);

	$result = mysql_query("INSERT INTO `user` VALUES ('','{$_POST['user']}','{$pass}')");
	unset($_POST['add']);
}

if(isset($_POST['delete']))
{
	$result = mysql_query("DELETE FROM `user` WHERE `login`='{$_POST['user']}'");
	unset($_POST['delete']);
}

if(isset($_POST['exit'])) { session_destroy(); header('Location: index.php'); }
?>

<?php
{
	$result = mysql_query("SELECT * FROM `user`");
	echo "<center><table border=1>
		<caption>Все юзеры</caption>
		<tr>
			<td>№</td>
			<td>Login</td>
			<td>Password</td>
		</tr>";
	$i=0;
	while($row = mysql_fetch_array($result))
	{
		$i++;
		echo "<tr>
				<td>{$row['id']}</td>
				<td>{$row['login']}</td>
				<td>{$row['pass']}</td>
			</tr>";
	}
	echo "<table></center>";
}
?>