function process($form_data) { include "Helper.php"; // pretty_print_array($form_data); $a = session_id(); include "connect.php"; $conn = init($_SESSION["permission_type"]); $result = array(); if (isset($form_data["transportoffer---relation"])) { $result = deleteTransportOffer($form_data, $conn); } else { if (isset($form_data["user---relation"])) { $result = deleteUser($form_data, $conn); } else { if (isset($form_data["contract---relation"])) { $result = deleteContract($form_data, $conn); } else { if (isset($form_data["market---relation"])) { $result = deleteMarket($form_data, $conn); } else { if (isset($form_data["transportoffer---relation"])) { $result = deleteTransportOffer($form_data, $conn); } else { if (isset($form_data["immigrants---relation"])) { $result = deleteImigrants($form_data, $conn); } else { if (isset($form_data["product---relation"])) { $result = deleteProduct($form_data, $conn); } else { if (isset($form_data["transportcompany---relation"])) { $result = deleteTransportCompany($form_data, $conn); } else { if (isset($form_data["flavour---relation"])) { $result = deleteTaste($form_data, $conn); } else { if (isset($form_data["storagetype---relation"])) { $result = deleteStoragetype($form_data, $conn); } else { if (isset($form_data["country---relation"])) { $result = deleteCountry($form_data, $conn); } } } } } } } } } } } if ($result["error"] == "") { $returnedData = $conn->query($result["data"]); } if ($conn->connect_errno) { $result["error"] = $conn->connect_error; } $result["data"] = ""; echo json_encode($result); }
/** * This file is a part of MyWebSQL package * * @file: modules/usermanager.php * @author Samnan ur Rehman * @copyright (c) 2008-2014 Samnan ur Rehman * @web http://mywebsql.net * @license http://mywebsql.net/license */ function processRequest(&$db) { $action = v($_REQUEST["id"]); include BASE_PATH . "/lib/usermanager.php"; $legacyServer = Session::get('db', 'version') < 5; $editor = new userManager($db, $legacyServer); $message = ''; if ($action != '') { if ($action == "add") { $result = addUser($db, v($_REQUEST["query"]), $editor); } else { if ($action == "delete") { $result = deleteUser($db, v($_REQUEST["query"]), $editor); } else { if ($action == "update") { $result = updateUser($db, v($_REQUEST["query"]), $editor); } } } if ($result) { $db->flush('PRIVILEGES', true); $message = __('The command executed successfully'); } else { $message = __('Error occurred while executing the query'); } } displayUserForm($db, $editor, $message, $action); }
function _moduleContent(&$smarty, $module_name) { include_once "libs/paloSantoGrid.class.php"; include_once "libs/paloSantoForm.class.php"; include_once "libs/paloSantoOrganization.class.php"; //folder path for custom templates $local_templates_dir = getWebDirModule($module_name); //conexion resource $pDB = new paloDB($arrConf['elastix_dsn']["elastix"]); global $arrCredentials; $action = getAction(); $content = ""; switch ($action) { case "new_user": $content = viewFormUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "view": $content = viewFormUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "edit": $content = viewFormUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "save_new": $content = saveNewUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "save_edit": $content = saveEditUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "delete": $content = deleteUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "getGroups": $content = getGroups($pDB, $arrCredentials); break; case "getImage": $content = getImage($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "reloadAasterisk": $content = reloadAasterisk($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "reconstruct_mailbox": $content = reconstruct_mailbox($pDB, $arrConf, $arrCredentials); break; /*case "changes_email_quota": $content = changes_email_quota($smarty, $module_name, $pDB, $arrConf, $arrCredentials); break;*/ /*case "changes_email_quota": $content = changes_email_quota($smarty, $module_name, $pDB, $arrConf, $arrCredentials); break;*/ default: // report $content = reportUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; } return $content; }
function option() { if (isset($_POST['nom']) && !empty($_POST['nom']) && isset($_POST['email']) && !empty($_POST['email']) && isset($_POST['prenom']) && !empty($_POST['prenom']) && isset($_POST['pwd1']) && !empty($_POST['pwd1']) && isset($_POST['pwd2']) && !empty($_POST['pwd2'])) { deleteUser($_SESSION['uid']); saveUser($_POST['nom'], $_POST['prenom'], $_POST['pwd1'], $_POST['email'], $_SESSION['utype'], '../Ressources/Photo/face.jpg'); deconnecter(); } else { echo '<script type="text/javascript">', 'document.location.replace("../View/Options.php);', '</script>'; exit; } }
function commandRouter($action) { switch ($action) { case 'login': loginUser(); break; case 'createUser': createUser(); break; case 'getUser': getUser(); break; case 'deleteUser': deleteUser(); break; case 'updateUser': updateUser(); break; case 'addTab': addTab(); break; case 'delTab': delTab(); break; case 'editTab': editTab(); break; case 'getTabs': getTabs(); break; case 'addNote': addNote(); break; case 'delNote': delNote(); break; case 'editNote': editNote(); break; case 'getNotes': getNotes(); break; default: break; } }
function commandRouter($action) { switch ($action) { case 'login': loginUser(); break; case 'createUser': createUser(); break; case 'getUser': getUser(); break; case 'deleteUser': deleteUser(); break; case 'updateUser': updateUser(); break; case 'addInv': addToInv(); break; case 'subInv': subFromInv(); break; case 'getInv': getInventory(); break; case 'getDecks': getDecks(); break; case 'createDeck': createDeck(); break; case 'updateDeck': updateDeck(); break; case 'deleteDeck': deleteDeck(); break; default: break; } }
function mergeUsers($original, $duplicate) { set_time_limit(60); print '<br/>Merging ' . $duplicate . ' into ' . $original; $umreq = Sql_Query(sprintf('select * from %s where userid = %d', $GLOBALS["tables"]["usermessage"], $duplicate)); while ($um = Sql_Fetch_Array($umreq)) { Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s"', $GLOBALS["tables"]["usermessage"], $original, $um["entered"], $duplicate, $um["entered"]), 1); } $bncreq = Sql_Query(sprintf('select * from %s where user = %d', $GLOBALS["tables"]["user_message_bounce"], $duplicate)); while ($bnc = Sql_Fetch_Array($bncreq)) { Sql_Query(sprintf('update %s set user = %d, time = "%s" where user = %d and time = "%s"', $GLOBALS["tables"]["user_message_bounce"], $original, $bnc["time"], $duplicate, $bnc["time"]), 1); } $listreq = Sql_Query(sprintf('select * from %s where userid = %d', $GLOBALS["tables"]["listuser"], $duplicate)); while ($list = Sql_Fetch_Array($listreq)) { Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s" and listid = %d', $GLOBALS["tables"]["listuser"], $original, $list["entered"], $duplicate, $list["entered"], $list['listid']), 1); } Sql_Query(sprintf('delete from %s where userid = %d', $GLOBALS["tables"]["listuser"], $duplicate)); Sql_Query(sprintf('delete from %s where user = %d', $GLOBALS["tables"]["user_message_bounce"], $duplicate)); Sql_Query(sprintf('delete from %s where userid = %d', $GLOBALS["tables"]["usermessage"], $duplicate)); # if (MERGE_DUPLICATES_DELETE_DUPLICATE) { deleteUser($duplicate); # } flush(); }
* You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ // $Id: editUser.php,v 1.7 2006/01/29 08:15:18 atrommer Exp $ checkUser($_SESSION['USERTYPE'], 2); //if (!$_REQUEST['u_id'] && !$_REQUEST['action']){ // accessDenied("Please choose an employee first!"); //} doHeader("Edit User"); // first we check if we're doing an update // or a delete if ($_REQUEST['action'] == 'del') { deleteConfirm(); } elseif ($_POST['confirmDelete']) { deleteUser($_POST['hdUserID']); print "User deactivated sucessfully!"; } else { editUserForm(); } function deleteConfirm() { $aUserVals = getUserVals($_REQUEST['u_id']); ?> <form id="frmDelete" name="frmDelete" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?> "> <input type="hidden" name="hdUserID" value="<?php echo $_REQUEST['u_id']; ?>
<?php if (!isset($_SESSION)) { session_start(); } if (!(isset($_SESSION['login']) || isset($_SESSION['password']))) { header('Location: ../index.php'); exit; } require_once '../modeles/modele_baseadmin.php'; if (isset($_POST['email'])) { $email = $_POST['email']; try { $stmt = deleteUser($email); //echo $email; //exit(); header('Location: ../vues/vue_interface_admin.php?error=deletesuccessful'); exit; } catch (PDOException $e) { header('Location: ../vues/vue_interface_admin.php?error=errordelete'); exit; } } header('Location: ../vues/vue_interface_admin.php?error=errordelete'); exit;
function clearOutOldChatPrefs() { /* Clear out old user names */ $now = time(); $return = ''; if ($dir = @opendir(AT_CONTENT_DIR . 'chat/' . $_SESSION['course_id'] . '/users/')) { while (($file = readdir($dir)) !== false) { if (substr($file, -strlen('.prefs')) == '.prefs') { $chatName = substr($file, 0, -strlen('.prefs')); $la = @stat(AT_CONTENT_DIR . 'chat/' . $_SESSION['course_id'] . '/users/' . $file); $la = $la['mtime']; if ($admin['chatIDLifeSpan'] && $now - $la > $admin['chatIDLifeSpan']) { $return .= 'Automated Clean Up: Deleting old Chat ID ' . $chatName . '<br />'; deleteUser($chatName); } } } } return $return; }
$mode = 'batchdeleteexec'; } if (isset($_REQUEST['order'])) { $order = COM_applyFilter($_REQUEST['order'], true); } if (isset($_GET['direction'])) { $direction = COM_applyFilter($_GET['direction']); } if ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) { // delete $uid = COM_applyFilter($_POST['uid'], true); if ($uid <= 1) { COM_errorLog('Attempted to delete user uid=' . $uid); $display = COM_refresh($_CONF['site_admin_url'] . '/user.php'); } elseif (SEC_checkToken()) { $display .= deleteUser($uid); } else { COM_accessLog("User {$_USER['username']} tried to illegally delete user {$uid} and failed CSRF checks."); echo COM_refresh($_CONF['site_admin_url'] . '/index.php'); exit; } } elseif ($mode == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save']) && SEC_checkToken()) { // save $delphoto = ''; if (isset($_POST['delete_photo'])) { $delphoto = $_POST['delete_photo']; } if (!isset($_POST['oldstatus'])) { $_POST['oldstatus'] = USER_ACCOUNT_ACTIVE; } if (!isset($_POST['userstatus'])) {
$message = 'Reset Password'; mail($to, $subject, $message); header('Location: /users.php'); } //Delete user if ($_POST['action'] == 'delete') { deleteUser($_POST['userid']); header('Location: /users.php'); } //Apply Bulk Action if ($_POST['action'] == 'applyBulk') { //Delete if ($_POST['bulkAction'] == 'delete') { foreach ($_POST['chk'] as $thisUser) { echo $thisUser; deleteUser($thisUser); } header('Location: /users.php'); } } //Add User if ($_POST['action'] == 'addUser') { $result = addUser($_POST['username'], $_POST['email'], $_POST['password'], $_POST['avatar'], $_POST['steamid']); if ($result == FALSE) { //Couldn't add user echo 'nope'; } else { //Add User header('Location: /users.php'); } }
break; case 'unconfirmuser': logEvent('User ' . $userdata['email'] . ' unconfirmed by bounce rule ' . PageLink2('bouncerule&id=' . $rule['id'], $rule['id'])); Sql_Query(sprintf('update %s set confirmed = 0 where id = %d', $GLOBALS['tables']['user'], $row['user'])); $advanced_report .= 'User ' . $userdata['email'] . ' made unconfirmed by bounce rule ' . $rule['id'] . "\n"; $advanced_report .= 'User: '******'/?page=user&id=' . $userdata['id'] . "\n"; $advanced_report .= 'Rule: ' . $report_linkroot . '/?page=bouncerule&id=' . $rule['id'] . "\n"; addUserHistory($userdata['email'], s('Auto Unconfirmed'), s('Subscriber auto unconfirmed for') . " " . s('bounce rule') . ' ' . $rule['id']); addSubscriberStatistics('auto unsubscribe', 1); break; case 'deleteuserandbounce': logEvent('User ' . $userdata['email'] . ' deleted by bounce rule ' . PageLink2('bouncerule&id=' . $rule['id'], $rule['id'])); $advanced_report .= 'User ' . $userdata['email'] . ' deleted by bounce rule ' . $rule['id'] . "\n"; $advanced_report .= 'User: '******'/?page=user&id=' . $userdata['id'] . "\n"; $advanced_report .= 'Rule: ' . $report_linkroot . '/?page=bouncerule&id=' . $rule['id'] . "\n"; deleteUser($row['user']); deleteBounce($row['bounce']); break; case 'unconfirmuseranddeletebounce': logEvent('User ' . $userdata['email'] . ' unconfirmed by bounce rule ' . PageLink2('bouncerule&id=' . $rule['id'], $rule['id'])); Sql_Query(sprintf('update %s set confirmed = 0 where id = %d', $GLOBALS['tables']['user'], $row['user'])); $advanced_report .= 'User ' . $userdata['email'] . ' made unconfirmed by bounce rule ' . $rule['id'] . "\n"; $advanced_report .= 'User: '******'/?page=user&id=' . $userdata['id'] . "\n"; $advanced_report .= 'Rule: ' . $report_linkroot . '/?page=bouncerule&id=' . $rule['id'] . "\n"; addUserHistory($userdata['email'], s('Auto unconfirmed'), s('Subscriber auto unconfirmed for') . " " . $GLOBALS['I18N']->get("bounce rule") . ' ' . $rule['id']); addSubscriberStatistics('auto unsubscribe', 1); deleteBounce($row['bounce']); break; case 'blacklistuser': logEvent('User ' . $userdata['email'] . ' blacklisted by bounce rule ' . PageLink2('bouncerule&id=' . $rule['id'], $rule['id'])); addUserToBlacklist($userdata['email'], s('Subscriber auto blacklisted by bounce rule', $rule['id']));
} } } } else { if ($_GET['function'] == 'clearOldChatIDs') { $return = clearOutOldChatPrefs(); } else { if ($_POST['submit3']) { deleteUser($_POST['delName']); } else { if ($_POST['submit4']) { if ($dir = @opendir(AT_CONTENT_DIR . 'chat/' . $_SESSION['course_id'] . '/users/')) { while (($file = readdir($dir)) !== false) { if (substr($file, -strlen('.prefs')) == '.prefs') { $chatName = substr($file, 0, -strlen('.prefs')); deleteUser($chatName); } } } } } } } } //check chat directory if (!@opendir(AT_CONTENT_DIR . 'chat/')) { mkdir(AT_CONTENT_DIR . 'chat/', 0777); } if (!file_exists(AT_CONTENT_DIR . 'chat/' . $_SESSION['course_id'] . '/admin.settings')) { @mkdir(AT_CONTENT_DIR . 'chat/' . $_SESSION['course_id'], 0777); @mkdir(AT_CONTENT_DIR . 'chat/' . $_SESSION['course_id'] . '/tran/', 0776);
<?php include "adminapi.php"; $id = $_GET['id']; if (!isset($_POST["id"])) { if (!isset($_GET["id"])) { return header("Location: index.php"); } } else { $rs = deleteUser($id); echo "deleting user"; if ($rs == true) { header("Location: index.php"); } } $form = findUserById($id); $pageTitle = "Deleting User: {$form['name']}"; $pageInfo = ""; $submitPage = $_SERVER["REQUEST_URI"]; $submitLabel = "Delete User"; ?> <?php include 'header.php'; ?> <body id="edit_user" class="users"> <?php make_navbar('Users'); ?> <div id="body" class="wrap">
// ============================================================================ // Main before POST // ============================================================================ // ============================================================================ // POST Method // ============================================================================ if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Prevent editors to administrate other users. if ($Login->role() !== 'admin') { $_POST['username'] = $Login->username(); unset($_POST['role']); } if (isset($_POST['delete-user-all'])) { deleteUser($_POST, true); } elseif (isset($_POST['delete-user-associate'])) { deleteUser($_POST, false); } elseif (!empty($_POST['new-password']) && !empty($_POST['confirm-password'])) { setPassword($_POST['username'], $_POST['new-password'], $_POST['confirm-password']); } else { editUser($_POST); } } // ============================================================================ // Main after POST // ============================================================================ if ($Login->role() !== 'admin') { $layout['parameters'] = $Login->username(); } $_user = $dbUsers->getDb($layout['parameters']); // If the user doesn't exist, redirect to the users list. if ($_user === false) {
if (Sql_Affected_Rows()) { print sprintf($GLOBALS['I18N']->get('AddedToB'), $amount, $userid) . "\n"; } else { print sprintf($GLOBALS['I18N']->get('AddedToB'), $amount, $userid) . "\n"; } } if ($userid && $unconfirm) { Sql_Query(sprintf('update %s set confirmed = 0 where id = %d', $tables["user"], $userid)); print sprintf($GLOBALS['I18N']->get('MadeUnconfirmed'), $userid); } if ($userid && $maketext) { Sql_Query(sprintf('update %s set htmlemail = 0 where id = %d', $tables["user"], $userid)); print sprintf($GLOBALS['I18N']->get('MadeUserRText'), $userid); } if ($userid && $deleteuser) { deleteUser($userid); print sprintf($GLOBALS['I18N']->get('DelUser') . '\\n', $userid); } if ($deletebounce) { print sprintf($GLOBALS['I18N']->get('DeletingB') . '\\n', $id); Sql_query("delete from {$tables["bounce"]} where id = {$id}"); print $GLOBALS['I18N']->get('DoneAndLoading') . "<br /><hr><br />\n"; print PageLink2("bounces", $GLOBALS['I18N']->get('BackToBList')); $next = Sql_Fetch_Row_query(sprintf('select id from %s where id > %d', $tables["bounce"], $id)); $id = $next[0]; if (!$id) { $next = Sql_Fetch_Row_query(sprintf('select id from %s order by id desc limit 0,5', $tables["bounce"], $id)); $id = $next[0]; } } }
function mergeUser($userid) { $duplicate = Sql_Fetch_Array_Query("select * from {$GLOBALS['tables']['user']} where id = {$userid}"); printf('<br/>%s', $duplicate['email']); if (preg_match('/^duplicate[^ ]* (.*)/', $duplicate['email'], $regs)) { print '-> ' . $regs[1]; $email = $regs[1]; } elseif (preg_match("/^([^ ]+@[^ ]+) \\(\\d+\\)/", $duplicate['email'], $regs)) { print '-> ' . $regs[1]; $email = $regs[1]; } else { $email = ''; } if ($email) { $orig = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $GLOBALS['tables']['user'], $email)); if ($orig[0]) { print ' ' . $GLOBALS['I18N']->get('user found'); $umreq = Sql_Query("select * from {$GLOBALS['tables']['usermessage']} where userid = " . $duplicate['id']); while ($um = Sql_Fetch_Array($umreq)) { Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s"', $GLOBALS['tables']['usermessage'], $orig[0], $um['entered'], $duplicate['id'], $um['entered']), 1); } $bncreq = Sql_Query("select * from {$GLOBALS['tables']['user_message_bounce']} where user = "******"%s" where user = %d and time = "%s"', $GLOBALS['tables']['user_message_bounce'], $orig[0], $bnc['time'], $duplicate['id'], $bnc['time']), 1); } Sql_Query("delete from {$GLOBALS['tables']['listuser']} where userid = " . $duplicate['id']); Sql_Query("delete from {$GLOBALS['tables']['user_message_bounce']} where user = "******"delete from {$GLOBALS['tables']['usermessage']} where userid = " . $duplicate['id']); if (MERGE_DUPLICATES_DELETE_DUPLICATE) { deleteUser($duplicate['id']); } } else { print ' ' . $GLOBALS['I18N']->get('no user found'); # so it must be save to rename the original to the actual email Sql_Query(sprintf('update %s set email = "%s" where id = %d', $GLOBALS['tables']['user'], $email, $userid)); } flush(); } else { print '-> ' . $GLOBALS['I18N']->get('unable to find original email'); } }
if (!$deleted) { $msg = "Database Error: {$ax['usr_not_deleted']}"; break; } $msg = $ax['usr_deleted']; } while (false); return $msg; } //Control logic if ($privs >= 4) { //manager or admin $msg = ''; if (isset($_POST['addExe'])) { $msg = addUser($user); } elseif (isset($_POST['updExe'])) { $msg = updateUser($user); } elseif (isset($_GET['delExe'])) { $msg = deleteUser($user); } echo "<p class='error'>{$msg}</p>\n\t\t<div class='scrollBoxAd'>\n\t\t<div class='centerBox'>\n"; if (!$mode or isset($_POST["back"])) { showUsers(); //no add / no edit } else { editUser($user); //add or edit } echo "</div>\n</div>\n"; } else { echo "<p class='error'>{$ax['no_way']}</p>\n"; }
/** * Processes loading of this sample code through a web browser. * * @return void */ function runWWWVersion() { session_start(); // Note that all calls to endHTML() below end script execution! // Check to make sure that the user has set a password. $p = LOGIN_PASSWORD; if (empty($p)) { startHTML(false); displayPasswordNotSetNotice(); endHTML(); } // Grab any login credentials that might be waiting in the request if (!empty($_POST['password'])) { if ($_POST['password'] == LOGIN_PASSWORD) { $_SESSION['authenticated'] = 'true'; } else { // Invalid password. Stop and display a login screen. startHTML(false); requestUserLogin("Incorrect password."); endHTML(); } } // If the user isn't authenticated, display a login screen if (!isset($_SESSION['authenticated'])) { startHTML(false); requestUserLogin(); endHTML(); } // Try to login. If login fails, log the user out and display an // error message. try { $client = getClientLoginHttpClient(GAPPS_USERNAME . '@' . GAPPS_DOMAIN, GAPPS_PASSWORD); $gapps = new Zend_Gdata_Gapps($client, GAPPS_DOMAIN); } catch (Zend_Gdata_App_AuthException $e) { session_destroy(); startHTML(false); displayAuthenticationFailedNotice(); endHTML(); } // Success! We're logged in. // First we check for commands that can be submitted either though // POST or GET (they don't make any changes). if (!empty($_REQUEST['command'])) { switch ($_REQUEST['command']) { case 'retrieveUser': startHTML(); retrieveUser($gapps, true, $_REQUEST['user']); endHTML(true); case 'retrieveAllUsers': startHTML(); retrieveAllUsers($gapps, true); endHTML(true); case 'retrieveNickname': startHTML(); retrieveNickname($gapps, true, $_REQUEST['nickname']); endHTML(true); case 'retrieveNicknames': startHTML(); retrieveNicknames($gapps, true, $_REQUEST['user']); endHTML(true); case 'retrieveAllNicknames': startHTML(); retrieveAllNicknames($gapps, true); endHTML(true); case 'retrieveEmailLists': startHTML(); retrieveEmailLists($gapps, true, $_REQUEST['recipient']); endHTML(true); case 'retrieveAllEmailLists': startHTML(); retrieveAllEmailLists($gapps, true); endHTML(true); case 'retrieveAllRecipients': startHTML(); retrieveAllRecipients($gapps, true, $_REQUEST['emailList']); endHTML(true); } } // Now we handle the potentially destructive commands, which have to // be submitted by POST only. if (!empty($_POST['command'])) { switch ($_POST['command']) { case 'createUser': startHTML(); createUser($gapps, true, $_POST['user'], $_POST['givenName'], $_POST['familyName'], $_POST['pass']); endHTML(true); case 'updateUserName': startHTML(); updateUserName($gapps, true, $_POST['user'], $_POST['givenName'], $_POST['familyName']); endHTML(true); case 'updateUserPassword': startHTML(); updateUserPassword($gapps, true, $_POST['user'], $_POST['pass']); endHTML(true); case 'setUserSuspended': if ($_POST['mode'] == 'suspend') { startHTML(); suspendUser($gapps, true, $_POST['user']); endHTML(true); } elseif ($_POST['mode'] == 'restore') { startHTML(); restoreUser($gapps, true, $_POST['user']); endHTML(true); } else { header('HTTP/1.1 400 Bad Request'); startHTML(); echo "<h2>Invalid mode.</h2>\n"; echo "<p>Please check your request and try again.</p>"; endHTML(true); } case 'setUserAdmin': if ($_POST['mode'] == 'issue') { startHTML(); giveUserAdminRights($gapps, true, $_POST['user']); endHTML(true); } elseif ($_POST['mode'] == 'revoke') { startHTML(); revokeUserAdminRights($gapps, true, $_POST['user']); endHTML(true); } else { header('HTTP/1.1 400 Bad Request'); startHTML(); echo "<h2>Invalid mode.</h2>\n"; echo "<p>Please check your request and try again.</p>"; endHTML(true); } case 'setForceChangePassword': if ($_POST['mode'] == 'set') { startHTML(); setUserMustChangePassword($gapps, true, $_POST['user']); endHTML(true); } elseif ($_POST['mode'] == 'clear') { startHTML(); clearUserMustChangePassword($gapps, true, $_POST['user']); endHTML(true); } else { header('HTTP/1.1 400 Bad Request'); startHTML(); echo "<h2>Invalid mode.</h2>\n"; echo "<p>Please check your request and try again.</p>"; endHTML(true); } case 'deleteUser': startHTML(); deleteUser($gapps, true, $_POST['user']); endHTML(true); case 'createNickname': startHTML(); createNickname($gapps, true, $_POST['user'], $_POST['nickname']); endHTML(true); case 'deleteNickname': startHTML(); deleteNickname($gapps, true, $_POST['nickname']); endHTML(true); case 'createEmailList': startHTML(); createEmailList($gapps, true, $_POST['emailList']); endHTML(true); case 'deleteEmailList': startHTML(); deleteEmailList($gapps, true, $_POST['emailList']); endHTML(true); case 'modifySubscription': if ($_POST['mode'] == 'subscribe') { startHTML(); addRecipientToEmailList($gapps, true, $_POST['recipient'], $_POST['emailList']); endHTML(true); } elseif ($_POST['mode'] == 'unsubscribe') { startHTML(); removeRecipientFromEmailList($gapps, true, $_POST['recipient'], $_POST['emailList']); endHTML(true); } else { header('HTTP/1.1 400 Bad Request'); startHTML(); echo "<h2>Invalid mode.</h2>\n"; echo "<p>Please check your request and try again.</p>"; endHTML(true); } } } // Check for an invalid command. If so, display an error and exit. if (!empty($_REQUEST['command'])) { header('HTTP/1.1 400 Bad Request'); startHTML(); echo "<h2>Invalid command.</h2>\n"; echo "<p>Please check your request and try again.</p>"; endHTML(true); } // If a menu parameter is available, display a submenu. if (!empty($_REQUEST['menu'])) { switch ($_REQUEST['menu']) { case 'user': startHTML(); displayUserMenu(); endHTML(); case 'nickname': startHTML(); displayNicknameMenu(); endHTML(); case 'emailList': startHTML(); displayEmailListMenu(); endHTML(); case 'logout': startHTML(false); logout(); endHTML(); default: header('HTTP/1.1 400 Bad Request'); startHTML(); echo "<h2>Invalid menu selection.</h2>\n"; echo "<p>Please check your request and try again.</p>"; endHTML(true); } } // If we get this far, that means there's nothing to do. Display // the main menu. // If no command was issued and no menu was selected, display the // main menu. startHTML(); displayMenu(); endHTML(); }
<?php verifyCsrfGetToken(); if ($_GET['option'] == 'deleteinvalidemail') { $status = s("Deleting subscribers with an invalid email") . '<br/ >'; flush(); $req = Sql_Query("select id,email from {$tables["user"]}"); $c = 0; while ($row = Sql_Fetch_Array($req)) { set_time_limit(60); if (!is_email($row["email"])) { $c++; deleteUser($row["id"]); } } $status .= $c . " " . $GLOBALS['I18N']->get("subscribers deleted") . "<br/>\n"; }
<?php // controller for admin delete page... // must be logged in to view... requireLogin(); // data supporting page... include DATA . 'users.php'; // variable for page logic... $id = $_GET['id']; // page logic... if (!empty($_POST)) { if ($_POST['deleteConf'] == 'Yes') { deleteUser($id); session_destroy(); header('Location: ?page=deleteSuccess'); } elseif ($_POST['deleteConf'] == 'No') { header('Location: ?page=admin'); } } // variable... $user = getUserById($id); // views... include VIEWS . 'header.php'; include VIEWS . 'contentAdminDelete.php'; include VIEWS . 'footer.php';
<?php require_once '../../library/config.php'; require_once '../library/functions.php'; checkUser(); $action = isset($_GET['action']) ? $_GET['action'] : ''; switch ($action) { case 'add': addUser(); break; case 'modify': modifyUser(); break; case 'delete': deleteUser(); break; default: // if action is not defined or unknown // move to main user page header('Location: index.php'); } function addUser() { $userName = $_POST['txtUserName']; $password = $_POST['txtPassword']; /* // the password must be at least 6 characters long and is // a mix of alphabet & numbers if(strlen($password) < 6 || !preg_match('/[a-z]/i', $password) || !preg_match('/[0-9]/', $password)) { //bad password
} $result = dbQuery("UPDATE [db]users SET status = -1 WHERE user_id = {$uid}"); if (!$result) { $msg = "Database Error: {$ax['usr_not_deleted']}"; break; } $msg = $ax['usr_deleted']; } while (false); return $msg; } //Control logic if ($privs >= 4) { //manager or admin $msg = ''; if (isset($_POST['addExe'])) { $msg = addUser(); } elseif (isset($_POST['updExe'])) { $msg = updateUser(); } elseif (isset($_GET['delExe'])) { $msg = deleteUser(); } echo "<p class='error'>{$msg}</p>\n\t\t<div class='scrollBoxAd'>\n\t\t<div class='centerBox'>\n"; if ($editUser != 'y' or isset($_POST["back"])) { showUsers(); } else { editUser($uid); } echo "</div>\n</div>\n"; } else { echo "<p class='error'>{$ax['no_way']}</p>\n"; }
$count = Sql_query('SELECT count(*) FROM ' . $table_list . ' ' . $subselect); $unconfirmedcount = Sql_query('SELECT count(*) FROM ' . $table_list . ' where !confirmed'); } $delete_message = '<br />' . $GLOBALS['I18N']->get('Delete will delete user and all listmemberships') . '<br />'; } $totalres = Sql_fetch_Row($unconfirmedcount); $totalunconfirmed = $totalres[0]; $totalres = Sql_fetch_Row($count); $total = $totalres[0]; if ($start > $total) { $start = 0; } if (!empty($delete) && isSuperUser()) { # delete the index in delete $action_result = $GLOBALS['I18N']->get('deleting') . " {$delete} ..\n"; deleteUser($delete); $action_result .= '..' . $GLOBALS['I18N']->get('Done') . '<br/><hr/>'; $previous_search = ''; if (!$find == '') { $previous_search = "&start={$start}&find={$find}&findby={$findby}"; } $_SESSION['action_result'] = $action_result; Redirect("users{$previous_search}"); } elseif (!empty($delete)) { print ActionResult(s('Sorry, only super users can delete users')); } if (isset($add)) { if (isset($new)) { $query = 'insert into ' . $tables['user'] . " (email,entered) values(\"{$new}\",now())"; $result = Sql_query($query); $userid = Sql_insert_id();
addModerator($option, $id, $cid, 1); break; case "removemoderator": addModerator($option, $id, $cid, 0); break; case "showprofiles": showProfiles($kunena_db, $option, $order); break; case "profiles": showProfiles($kunena_db, $option, $order); break; case "logout": logout($option, $cid); break; case "deleteuser": deleteUser($option, $cid); break; case "userprofile": editUserProfile($option, $cid); break; case "userblock": userban($option, $cid, 1); break; case "userunblock": userban($option, $cid, 1); break; case "userban": userban($option, $cid, 0); break; case "userunban": userban($option, $cid, 0);
if (isset($_GET["action"])) { switch ($_GET["action"]) { case "createUser": editUser($mysqli, 0); break; case "editUser": editUser($mysqli, $_GET["id"]); break; case "updateUser": updateUser($mysqli); break; case "insertUser": insertUser($mysqli); break; case "deleteUser": deleteUser($mysqli); break; case "unsetUsername": unset($_SESSION['username']); unset($_SESSION['password']); unset($_SESSION['admin']); header("location: index.php"); break; } } showAllUsers($mysqli); ?> <form action="?action=unsetUsername" method="post"> <input type="submit" class="btn btn-block btn-primary" value="Logout <?php echo $username;
function deleteGalaxy($id) { if (is_array($id)) { $sql = "(" . join(",", $id) . ")"; if (!$sql) { return; } $user = selectsql("select uid from user where gala IN " . $sql); } else { $user = selectsql("select uid from user where gala = {$id}"); } if ($user) { #delete user from galaxy deleteUser(getArrayFromList($user, "uid")); } #delete galaxys if (is_array($id)) { $user = query("delete from galaxy where gala IN " . $sql); } else { $user = query("delete from galaxy where gala = {$id}"); } return 1; }
$query = mysql_query("INSERT INTO users (username, password, type) VALUES( '{$_POST['username']}', '" . md5($_POST[password]) . "', '{$_POST['type']}')") or die("ManageUsers.php: Unable to insert new user - " . mysql_error()); } // Edit the user if one is being edited // if ($_POST["edituser"] == 1 && $_POST["password"] != "" && $_POST["type"] != "") { if ($_POST["password"] != "") { $query = mysql_query("UPDATE `users` SET `username`='{$_POST['username']}', `password`='" . md5($_POST["password"]) . "', `type`='{$_POST['type']}' WHERE `userid`='{$_POST['userid']}' LIMIT 1") or die("ManageUsers.php: Unable to update the user information (password) - " . mysql_error()); } else { $query = mysql_query("UPDATE `users` SET `username`='{$_POST['username']}', `type`='{$_POST['type']}' WHERE `userid`='{$_POST['userid']}' LIMIT 1") or die("ManageUsers.php: Unable to update the user information (no password) - " . mysql_error()); } } // Delete the user(s) that the user has requested as well as the classes belonging to those users // if ($_POST["deleteuser"] == 1) { require_once "DeleteFunctions.php"; $delete = $_POST["delete"]; for ($i = 0; $i < sizeof($delete); $i++) { deleteUser($delete[$i]); } } print "<script language='JavaScript'>\n\n // Function to make sure the user wants to delete the user(s) //\n function validate()\n {\n if( document.users.selectuser.value > 0 )\n {\n\tvar confirmed = confirm(\"Deleting a user will also delete that student/teacher/parent from the database.\\n\\nAre you sure you want to delete this user?\");\n\n\tif( confirmed == true )\n\t{\n\t document.users.submit();\n\t}\n }\n else\n {\n\talert('You must select a user to delete.');\n }\n }\n\n\n // Function to make sure only one checkbox has been selected //\n function checkboxes()\n {\n if( document.users.selectuser.value == 1 )\n {\n\tdocument.users.submit();\n }\n else\n {\n\tif( document.users.selectuser.value > 1 )\n\t{\n\t alert('You can only edit one user at a time.');\n\t}\n\telse\n\t{\n\t alert('You must select a user to edit.');\n\t}\n }\n }\n\n\n // Function to keep track of how many checkboxes are checked //\n function updateboxes(row)\n {\n row = row + 2;\n if(document.users.elements[row].checked)\n {\n\tdocument.users.selectuser.value = Math.round(document.users.selectuser.value) + 1;\n }\n else\n {\n\tdocument.users.selectuser.value = Math.round(document.users.selectuser.value) - 1;\n }\n }\n </script>\n\n <h1>Manage Users</h1>\n <br><br>\n <table align='center' width='250' cellspacing='0' cellpadding='0' border='0'>\n <tr>\n <td>\n <form name='users' action='./index.php' method='POST'>\n <input type='button' value='Add' onClick='document.users.page2.value=14;document.users.submit();'>\n <input type='button' value='Edit' onClick='document.users.page2.value=15;checkboxes();'>\n <input type='button' value='Delete' onClick='document.users.deleteuser.value=1;validate();'>\n <br><br>\n <table cellspacing='0' width='250' cellpadding='8' class='dynamiclist'>\n <tr class='header'>\n\t<td> </td>\n\t<th>Username</th>\n\t<th>Type</th>\n </tr>"; // Get the total number of users to know how many pages to have // $query = mysql_query("SELECT COUNT(*) FROM users") or die("ManageUsers.php: Unable to retrieve total number of users - " . mysql_error()); $numrows = mysql_result($query, 0); $numpages = ceil($numrows / 25); if ($_POST["onpage"] == "") { $_POST["onpage"] = 1; } // Get and display the users // $query = mysql_query("SELECT userid,username,type FROM users") or die("ManageUsers.php: Unable to retrieve user information - " . mysql_error()); $row = 0; $actualrow = 0; while ($user = mysql_fetch_row($query)) {
<?php session_start(); require_once "util.php"; $action = $_POST["action"]; switch ($action) { case 'deleteUser': $userId = $_POST['userId']; deleteUser($userId); break; case 'deleteChild': $CURP = $_POST['CURP']; deleteChild($CURP); break; case 'deleteInstitution': $institutionId = $_POST['institutionId']; deleteInstitution($institutionId); break; case 'deleteReportCard': $CURP = $_POST["CURP"]; $gradeId = $_POST["gradeId"]; deleteReportCard($CURP, $gradeId); break; } function deleteUser($userId) { $conn = connectToDatabase(); mysqli_begin_transaction($conn, MYSQLI_TRANS_START_READ_WRITE); $sql = "DELETE FROM HasRole WHERE userName = '******';" . "DELETE FROM WorksInInstitution WHERE userName = '******';" . "DELETE FROM User WHERE userName = '******';"; if (mysqli_multi_query($conn, $sql)) { echo "1";