<div style="min-width: <?php
echo 230 + $settings['column_width_folder'];
?>
px;">
<!-- Menu starts here. -->
<div id="menu">
<h2 class="nav">Bookmarks</h2>
<ul class="nav">
<li><a href="./index.php">My Bookmarks</a></li>
<li><a href="./shared.php">Shared Bookmarks</a></li>
</ul>
<h2 class="nav">Tools</h2>
<ul class="nav">
<?php
if (admin_only()) {
?>
<li><a href="./admin.php">Admin</a></li>
<?php
}
?>
<li><a href="./import.php">Import</a></li>
<li><a href="./export.php">Export</a></li>
<li><a href="./sidebar.php">View as Sidebar</a></li>
<li><a href="./settings.php">Settings</a></li>
<li><a href="./index.php?logout=1">Logout</a></li>
</ul>
<!-- Menu ends here. -->
</div>
<!-- Main content starts here. -->
<?php
require_once 'engine/init.php';
include 'layout/overall/header.php';
protect_page();
admin_only($user_data);
// Declare as int
$view = isset($_GET['view']) && (int) $_GET['view'] > 0 ? (int) $_GET['view'] : false;
if ($view !== false) {
if (!empty($_POST['reply_text'])) {
sanitize($_POST['reply_text']);
// Save ticket reply on database
$query = array('tid' => $view, 'username' => getValue($_POST['username']), 'message' => getValue($_POST['reply_text']), 'created' => time());
$fields = '`' . implode('`, `', array_keys($query)) . '`';
$data = '\'' . implode('\', \'', $query) . '\'';
mysql_insert("INSERT INTO `znote_tickets_replies` ({$fields}) VALUES ({$data})");
mysql_update("UPDATE `znote_tickets` SET `status`='Staff-Reply' WHERE `id`='{$view}' LIMIT 1;");
}
$ticketData = mysql_select_single("SELECT * FROM znote_tickets WHERE id='{$view}' LIMIT 1;");
?>
<h1>View Ticket #<?php
echo $ticketData['id'];
?>
</h1>
<table class="znoteTable ThreadTable table table-striped">
<tr class="yellow">
<th>
<?php
echo getClock($ticketData['creation'], true);
?>
- Created by:
}
?>
<li><a href="./import.php">Import</a></li>
<li><a href="./export.php">Export</a></li>
<li><a href="./sidebar.php">View as Sidebar</a></li>
<li><a href="./settings.php">Settings</a></li>
<li><a href="./index.php?logout=1">Logout</a></li>
</ul>
<!-- Menu ends here. -->
</div>
<!-- Main content starts here. -->
<div id="main">
<?php
if (!admin_only()) {
message("You are not an Admin.");
}
if ($create == 'Create') {
if ($new_username == '' || $new_password == '') {
$message1 = 'Username and Password fields must not be empty.';
} else {
if (check_username($new_username)) {
$message1 = 'User already exists.';
} else {
$query = sprintf("INSERT INTO user (username, password, admin) VALUES ('%s', md5('%s'), '%d')", $mysql->escape($new_username), $mysql->escape($new_password), $mysql->escape($new_admin));
if ($mysql->query($query)) {
$message1 = "User {$new_username} created.";
} else {
message($mysql->error);
}
<?php
session_start();
include_once 'php/inc/functions.php';
admin_only();
?>
<!DOCTYPE html>
<!--[if lt IE 7 ]><html class="ie ie6" lang="en"> <![endif]-->
<!--[if IE 7 ]><html class="ie ie7" lang="en"> <![endif]-->
<!--[if IE 8 ]><html class="ie ie8" lang="en"> <![endif]-->
<!--[if (gte IE 9)|!(IE)]><!-->
<html lang="en">
<!--<![endif]-->
<head>
<?php
include "php/inc/head.php";
?>
</head>
<body>
<?php
include "php/inc/entete.php";
?>
<?php
include "php/main/navigation.php";
?>
<?php
include "php/gestion/g_membre.php";
public function users()
{
admin_only();
$user_model = M('Users');
//从session中读取搜索条件
if (isset($_SESSION['admin_users_condition']) && !isset($_GET['clear'])) {
$admin_users_condition = $_SESSION['admin_users_condition'];
if (isset($_GET['hold_page']) && !isset($_GET['p'])) {
$_GET['p'] = $admin_users_condition['p'];
}
} else {
$admin_users_condition = array('type' => 'all', 'check' => 'all');
}
//用传入的搜索条件覆盖现有的搜索条件
//XXX: sql injection prevention relies on PHP settings. see get_magic_quotes_gpc()
foreach ($_GET as $key => $value) {
$admin_users_condition[$key] = $value;
}
if ($_GET['q'] == 'all' || $_GET['q'] === '') {
$admin_users_condition['q'] = '';
}
//保存搜索条件
$_SESSION['admin_users_condition'] = $admin_users_condition;
extract($admin_users_condition);
//筛选
$where_clause = array();
if ($type != 'all') {
$where_clause['type'] = $type;
}
if ($check == 'deleted') {
$where_clause['enabled'] = 0;
} else {
if ($check == 'pending') {
$where_clause['is_checked'] = 0;
$where_clause['enabled'] = 1;
} else {
if ($check == 'checked') {
$where_clause['is_checked'] = 1;
$where_clause['enabled'] = 1;
} else {
$where_clause['enabled'] = 1;
}
}
}
if (!empty($q)) {
$where_clause['name'] = array('like', "%{$q}%");
}
import("ORG.Util.TBPage");
$listRows = C('ADMIN_ROW_LIST');
$user_count = $user_model->where($where_clause)->count();
$Page = new TBPage($user_count, $listRows);
$user_result = $user_model->where($where_clause)->order('create_time desc')->limit($Page->firstRow . ',' . $listRows)->select();
$page_bar = $Page->show();
$this->assign('q', $q);
$this->assign('check', $check);
$this->assign('type', $type);
$this->assign('user_result', $user_result);
$this->assign('page', $page_bar);
$this->display();
}
