<?php
require 'include/functions.php';
include 'include/head.html';
//we can only view the user if we get the id in the url and the id is stored in db
if (isset($_GET['id']) && userIsValid($_GET['id'])) {
$user = viewUser($_GET['id']);
} else {
header('Location:index.php?error=1');
}
?>
<h2>View</h2>
<table border="1" width="400">
<tr><th>Name</th><td><?php
echo $user['name'];
?>
</td></tr>
<tr><th>Email address</th><td><?php
echo $user['email'];
?>
</td></tr>
<tr><th>Phone</th><td><?php
echo $user['phone'];
?>
</td></tr>
</table>
function go2page($view, $param = null)
{
if ($view === 'user') {
return viewUser($param);
}
return viewList();
}
* @url http://www.mosets.com/tree/
*/
defined('_JEXEC') or die('Restricted access');
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_mtree' . DS . 'spy.mtree.html.php';
$id = JRequest::getInt('id', 0);
$owner = JRequest::getVar('owner', '');
$cid = JRequest::getVar('cid', array());
$task2 = strval(JRequest::getCmd('task2', ''));
JArrayHelper::toInteger($cid, array());
HTML_mtspy::printStartMenu($option, $task2);
switch ($task2) {
case 'users':
viewUsers($option);
break;
case 'viewuser':
viewUser($option, $id);
break;
case 'viewclone':
viewClone($option, $id);
break;
case 'listings':
viewListings($option);
break;
case 'viewlisting':
viewListing($option, $id);
break;
case 'clones':
viewClones($option);
break;
case 'removelogs':
removeLogs($option, $cid);
<?php
session_start();
viewUser();
function viewUser()
{
$con = mysqli_connect("localhost", "root", "root", "eshop");
// Check connection
if (!isset($_SESSION['U_ID'])) {
echo "404";
} else {
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$user = mysqli_query($con, "SELECT * FROM User WHERE ID='{$_SESSION['U_ID']}'");
$user_info = array();
while ($row = mysqli_fetch_array($user)) {
$user_row = array("first_name" => $row['first_name'], "last_name" => $row['last_name'], "email" => $row['email'], 'avatar' => $row['avatar']);
array_push($user_info, $user_row);
}
echo json_encode($user_info);
mysqli_close($con);
}
}
function deleteUser()
{
global $_GET, $_SESSION;
global $user_admin;
$OUTPUT = "";
if (isset($_GET["key"]) && isset($_GET["id"])) {
$id = $_GET["id"];
$key = $_GET["key"];
// first make sure it is this person's contact, or that the user is root
if (!$user_admin) {
$rslt = db_exec("SELECT * FROM usradd WHERE id='{$id}' AND\r\n\t\t\t\t( by='{$_SESSION['USER_NAME']}' )");
if (pg_num_rows($rslt) <= 0) {
return "You are not allowed to delete this user entry!";
}
}
//two butons
// check if a confirmation or deletion should occur (confirm_delete let's the cofirmation display)
if ($key == "confirm_delete") {
$Sl = "SELECT * FROM usradd WHERE id='{$id}'";
$Ri = db_exec($Sl) or errDie("Unable to get user details.");
$cdata = pg_fetch_array($Ri);
$OUTPUT .= "<font size=2><b>Are you sure you want to delete this user:</b></font><br>";
$OUTPUT .= viewUser();
$OUTPUT .= "\r\n\t\t\t\t<table><tr><td align=center>\r\n\t\t\t\t\t<form method=post action='" . SELF . "'>\r\n\t\t\t\t\t\t<input type=hidden name=key value='delete'>\r\n\t\t\t\t\t\t<input type=hidden name=id value='{$id}'>\r\n\t\t\t\t\t\t<input type=submit value=yes>\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</td></tr></table>";
} else {
if ($key == "delete") {
// delete it !!!!!!!
$Ri = db_exec("DELETE FROM usradd WHERE id='{$id}' ");
if (pg_cmdtuples($Ri) <= 0) {
$OUTPUT .= "Error Deleting Entry<br> Please check that it exists, else contact Cubit<br>";
} else {
$OUTPUT .= "<script> window.opener.parent.mainframe.location.reload(); window.close(); </script>";
}
}
}
} else {
$OUTPUT .= "<script> window.opener.parent.mainframe.location.reload(); window.close(); </script>";
}
$link = "<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "'>\r\n\t\r\n\t<tr><th>Quick Links</th></tr>\r\n\t<tr class='bg-odd'><td><a href='docman-index.php'>Document Management</a></td></tr>";
print $link;
return $OUTPUT;
}
