<?php
// YANG HACK JANGAN HILANGKAN LISENSI INI
// HTTP://INDWAP.COM
// DAMAI SELALU TAK PERNAH JAIL KARENA TIDAK BISA APA-APA
// SCRIPT BY ULOKI.COM
// REMODIF BY ANTOQ
// HTTP://FACEBOOK.COM/WWW.INDWAP.ORG
require("../include/init.php");
if($group[$user->groupid]['type'] < 3)
{
forward("index.php");
}
include "../include/header.php";
echo '<div class="phdr">Users management</div>';
?>
<?php
if(isset($_GET['do']))
$do=$_GET['do'];
else
$do="";
if($do=="edit")
{
$uid=$_GET['uid'];
$userd=$db->get_row("SELECT * FROM b_users WHERE userid='$uid'");
if($group[$userd->groupid]['type'] > $group[$user->groupid]['type'])
{
err_msg("Admin CP","You cannot edit somebody who has higher position than you or of same position.","</td></tr></table>");
}
else if($group[$userd->groupid]['type'] == $group[$user->groupid]['type'] && $group[$userd->groupid]['sort'] >= $group[$user->groupid]['sort'] && $uid != $user->userid)
{
err_msg("Admin CP","You cannot edit somebody who has higher position than you or of same position.","</td></tr></table>");
}
if(isset($_POST['save']))
{
$username=trim($_POST['username']);
if(strlen($username) < 4)
{
err_msg("Admin CP","Username can not have less than 4 letters.","</td></tr></table>");
}
$password=trim($_POST['pass']);
unset($_POST['pass']);
if(strlen($password) > 0)
{
$password=md5($password);
$q1=", password='$password' ";
}else{ $q1=""; }
$email=$_POST['email'];
if(strlen($email) < 6)
{
err_msg("Admin CP","Provide correct email address. It is needed if when user forgets his password.","</td></tr></table>");
}
$groupselected=$_POST['groupselected'];
$rank=strip_tags(trim($_POST['rank']));
$mb=strip_tags(trim($_POST['mb']));
$location=strip_tags(trim($_POST['location']));
if($group[$user->groupid]['type'] == 4)
{
$posts=$_POST['posts'];
$validated=$_POST['validated'];
$thanks=$_POST['thanks'];
$reputes=$_POST['reputes'];
$q2=", posts='$posts', validated='$validated', thanks='$thanks', reputes='$reputes' ";
}else{ $q2=""; }
$checkuser=$db->count_rows("SELECT userid FROM b_users WHERE username='$username' AND userid<>'$userd->userid'");
if($checkuser > 0)
{
err_msg("Admin CP","Username is already used by some other user.","</td></tr></table>");
}
$checkemail=$db->count_rows("SELECT userid FROM b_users WHERE email='$email' AND userid<>'$userd->userid'");
if($checkemail > 0)
{
err_msg("Admin CP","Email is already used by some other user.","</td></tr></table>");
}
$db->update_data("UPDATE b_users SET username='$username', groupid='$groupselected',rank='$rank',mb='$mb',location='$location', email='$email' $q1 $q2 WHERE userid='$uid'");
err_msg("Admin CP","User info updated. <a href=\"usermn.php\">Click here</a>","</td></tr></table>");
}
else
{
?>
<form action="usermn.php?do=edit&uid=<?php echo $uid; ?>" method="POST">
<table class="smalltable" style="width:550;">
<tr><td>Username: </td> <td> <input type="text" name="username" value="<?php echo $userd->username; ?>"/> </td> </tr>
<tr><td>Password: </td> <td> <input type="text" name="pass" value=""/> </td> </tr>
<tr><td></td> <td> <font color="red"><small>If you dont want to change password keep it blank.</small></font> </td> </tr>
<tr><td>Email: </td> <td> <input type="text" name="email" value="<?php echo $userd->email; ?>"/> </td> </tr>
<tr><td>Group: </td> <td>
<select name="groupselected">
<?php
foreach($group as $key => $val)
{
if($group[$userid]['type'] == "4")
{
$sel="";
if($key == $userd->groupid){ $sel="selected=\"selected\""; }
if($key!="1")
print "<option value=\"".$key."\" $sel>".$val['name']."</option>";
}
else
{
if($val['type'] != "4")
{
$sel="";
if($key == $userd->groupid){ $sel="selected=\"selected\""; }
if($key != "1")
print "<option value=\"".$key."\" $sel>".$val['name']."</option>";
}
}
}
?>
</select>
</td> </tr>
<tr><td>Rank: </td> <td> <input type="text" name="rank" value="<?php echo $userd->rank; ?>"/> </td> </tr>
<tr><td></td> <td> <font color="red"><small>Keep 0 if you want to give system rank OR you may<br/>give custom rank whatever you want.</small></font> </td> </tr>
<?php
if($group[$user->groupid]['type'] == 4)
{
?>
<tr><td>Posts: </td> <td> <input type="text" name="posts" size="5" value="<?php echo $userd->posts; ?>"/> </td> </tr>
<tr><td>Validated: </td> <td> <input type="text" name="validated" size="5" value="<?php echo $userd->validated; ?>"/> </td> </tr>
<tr><td></td> <td> <font color="red"><small>Put 1 for validated and 0 for unvalidated.</small></font> </td> </tr>
<tr><td>Thanks: </td> <td> <input type="text" name="thanks" size="5" value="<?php echo $userd->thanks; ?>"/> </td> </tr>
<tr><td>Reputes: </td> <td> <input type="text" name="reputes" size="5" value="<?php echo $userd->reputes; ?>"/> </td> </tr>
<?php
}
?>
<tr><td>Location: </td> <td> <input type="text" name="location" value="<?php echo $userd->location; ?>"/> </td> </tr>
<tr><td>MB: </td> <td> <input type="text" name="mb" value="<?php echo $userd->mb; ?>"/> </td> </tr>
<tr><td></td><td> <input type="submit" name="save" value="Save"/> </td> </tr>
</table>
</form>
<?php
}
}
else if($do=="delete")
{
$uid=$_GET['uid'];
$userd=$db->get_row("SELECT * FROM b_users WHERE userid='$uid'");
if($group[$userd->groupid]['type'] > $group[$user->groupid]['type'])
{
err_msg("Admin CP","You cannot delete somebody who has higher position than you or of same position.","</td></tr></table>");
}
else if($group[$userd->groupid]['type'] == $group[$user->groupid]['type'] && $group[$userd->groupid]['sort'] >= $group[$user->groupid]['sort'] && $uid != $user->userid)
{
err_msg("Admin CP","You cannot delete somebody who has higher position than you or of same position.","</td></tr></table>");
}
if(isset($_POST['yes1']))
{
$db->delete_data("DELETE FROM b_users WHERE userid='$uid'");
$db->delete_data("DELETE FROM b_threads WHERE author='$uid'");
$db->delete_data("DELETE FROM b_posts WHERE author='$uid'");
$db->delete_data("DELETE FROM b_attahcments WHERE userid='$uid'");
$db->update_data("UPDATE b_forums SET lastpostuser='0' WHERE lastpostuser='$uid'");
$db->update_data("UPDATE b_threads SET lastpostuser='0' WHERE lastpostuser='$uid'");
$db->delete_data("DELETE FROM b_pms WHERE recid='$uid' OR sendid='$uid'");
$db->delete_data("DELETE FROM b_reputes WHERE touser='$uid' ");
$db->delete_data("DELETE FROM b_thanks WHERE touser='$uid' ");
$db->delete_data("DELETE FROM b_banned WHERE bany='$uid' OR userid='$uid'");
$db->delete_data("UPDATE b_reputes SET byuser='$user->userid' WHERE byuser='$uid' ");
$db->delete_data("UPDATE b_thanks SET byuser='$user->userid' WHERE byuser='$uid' ");
err_msg("Admin CP","User deleted. <a href=\"usermn.php\">Click here</a>","</td></tr></table>");
}
else if(isset($_POST['yes2']))
{
$db->delete_data("DELETE FROM b_users WHERE userid='$uid'");
$db->update_data("UPDATE b_threads SET author='$user->userid' WHERE author='$uid'");
$db->update_data("UPDATE b_posts SET author='$user->userid' WHERE author='$uid'");
$db->update_data("UPDATE b_forums SET lastpostuser='$user->userid' WHERE lastpostuser='$uid'");
$db->update_data("UPDATE b_threads SET lastpostuser='$user->userid' WHERE lastpostuser='$uid'");
$db->update_data("UPDATE b_attachments SET userid='$user->userid' WHERE userid='$uid'");
$db->delete_data("DELETE FROM b_pms WHERE recid='$uid' OR sendid='$uid'");
$db->delete_data("DELETE FROM b_reputes WHERE touser='$uid' ");
$db->delete_data("DELETE FROM b_thanks WHERE touser='$uid' ");
$db->delete_data("UPDATE b_reputes SET byuser='$user->userid' WHERE byuser='$uid' ");
$db->delete_data("UPDATE b_thanks SET byuser='$user->userid' WHERE byuser='$uid' ");
$db->delete_data("UPDATE b_banned SET banby='$user->userid' WHERE banby='$uid' ");
$db->delete_data("DELETE FROM b_banned WHERE userid='$uid'");
err_msg("Admin CP","User deleted. <a href=\"usermn.php\">Click here</a>","</td></tr></table>");
}
else
{
?>
<form action="usermn.php?do=delete&uid=<?php echo $uid; ?>" method="POST">
This user may have posted some threads / posts. Choose any action from below and click on it.
<br/>
<input type="submit" name="yes1" value="Delete all posts and this user"/><br/>
<input type="submit" name="yes2" value="Delete this user and move his post to my id."/><br/>
</form>
<?php
}
}
else if($do=="search")
{
?>
<table class="smalltable" style="width:600;">
<?php
if(isset($_GET['p'])){ $p=$_GET['p']; }else{ $p=1; }
if(isset($_GET['term'])){ $term=$_GET['term']; }else{ $term=""; }
$perpage=20;
$start=($p-1)*$perpage;
$userlist=$db->select("SELECT * FROM b_users WHERE username like '$term%' ORDER BY username ASC LIMIT $start, $perpage");
$totalrecords=0;
if($userlist)
{
$totalrecords=$db->get_row("SELECT count(*) AS count FROM b_users WHERE username like '$term%' ORDER BY username ASC");
$totalrecords=$totalrecords->count;
print "<tr style=\"background-color:#cccccc;\"><td><b>Username</b></td><td><b>Group</b></td><td><b>Banned</b></td></tr>";
print "<tr><td> </td></tr>";
foreach($userlist as $userd)
print "<tr style=\"background-color:#cccccc;\"><td>".$userd->username."</td><td>".$group[$userd->groupid]['name']."</td><td>".$userd->banned."</td><td> <a href=\"usermn.php?do=edit&uid=".$userd->userid."\">Edit</a> | <a href=\"usermn.php?do=delete&uid=".$userd->userid."\">Delete</a></td></tr>";
}
?>
<tr>
<td colspan="4">
<?php
$pages=pagination($totalrecords,$p,$perpage);
if(is_array($pages))
{
print "<b>Pages: ";
foreach($pages as $key => $val)
{
if($val == $p)
{ print $key." "; }
else{ print "<a href=\"usermn.php?do=search&p=".$val."&term=$term\">".$key."</a> "; }
}
print "</b>";
}
?>
</td>
</tr>
</table>
<?php
}
else
{
?>
<form action="usermn.php?do=search" method="GET">
Search UserName:<br/>
<input type="hidden" name="do" value="search"/>
<input type="text" name="term" value=""/> <input type="submit" name="s" value="Search"/>
</form>
<?php
}
echo'<div class="phdr"><a href="index.php">Admin Panel</a> | <a href="usermn.php">Kembali</a></div>';
include "../include/footer.php";
?>