Пример #1
0
function show_memberlist()
{
    cpg_db_query("DELETE FROM {$CONFIG['TABLE_USERS']} WHERE user_name = '' LIMIT 1");
    pageheader($lang_usermgr_php['title']);
    list_users();
    pagefooter();
}
Пример #2
0
function admin_tools()
{
    if (current_user_can('manage_options')) {
        ?>
		<div id="admin-tools">
			<a class="admin-tools-toggle" href="#" data-toggle="modal" data-target="#admin-tools-modal"><span aria-hidden="true" class="glyphicon glyphicon-plus"></span>Admin Tools</a>
		</div>
		<div class="modal fade" id="admin-tools-modal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
			<div class="modal-dialog modal-lg">
				<div class="modal-content">
					<div class="modal-header">
						<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
						<h4 class="modal-title">Administrator Tools</h4>
					</div>
					<div class="modal-body"><?php 
        list_users();
        ?>
</div>
					<div class="modal-footer">
						<button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
					</div>
				</div><!-- /.modal-content -->
			</div><!-- /.modal-dialog -->
		</div><!-- /.modal -->
	<?php 
    }
}
Пример #3
0
    $formData = parseRequest($_POST);
    $errors = validateFormData($formData);
    if (is_array($errors) && count($errors) > 0) {
    } else {
        $id = $formData['aid'];
        $pw = $formData['pwd'];
        setcookie("devid", $id, time() + 60 * 60 * 24 * 5);
        // 有効期限5日間
        $errors = login_new($id, $pw);
    }
} else {
    if (isset($_REQUEST['error_msg'])) {
        $errors = $_REQUEST['error_msg'];
    }
}
$users = list_users();
if (strlen($formData['aid']) > 0 && $formData['aid'] != '') {
    $id = $formData['aid'];
} else {
    $id = $_COOKIE["devid"];
    //まずクッキーを読み出して変数に格納
}
function parseRequest($lineData)
{
    $formData = array();
    $formData['aid'] = normalizeData($lineData['aid']);
    $formData['pwd'] = normalizeData($lineData['pwd']);
    return $formData;
}
/*
 * データをチェックする。
Пример #4
0
<?php

$all_users = list_users($db);
if (isset($_GET['error'])) {
    $error = $_GET['error'];
}
?>


<h2 class="sub-header">Users</h2>
<div class="table-responsive">
  <table class="table table-striped">
  <thead>
  <tr>
    <th>Username</th>
    <th>Action</th>
  </tr>
  </thead>
  <tbody>
  <?php 
foreach ($all_users as $user_row) {
    echo "<tr>";
    echo "<td>{$user_row->username}</td><td><a href=\"./includes/user_delete.php?delete={$user_row->username}\" name=\"Delete\">Delete</a> / <a href=\"./?section=user_profile&user={$user_row->username}\">Edit</a></td>";
    echo "</tr>";
}
?>
</tbody>
</table>
<?php 
if (isset($_GET['error'])) {
    $error = $_GET['error'];
Пример #5
0
 }
 $matches = CPGPluginAPI::filter('plugin_block', $matches);
 if (is_array($matches)) {
     switch ($matches[1]) {
         case 'breadcrumb':
             // Added breadcrumb as a separate listable block from config
             if (($breadcrumb != '' || count($cat_data) > 0) && $cat != 0) {
                 theme_display_breadcrumb($breadcrumb, $cat_data);
             }
             break;
         case 'catlist':
             if ($breadcrumb != '' || count($cat_data) > 0) {
                 theme_display_cat_list($breadcrumb, $cat_data, $statistics);
             }
             if (isset($cat) && $cat == USER_GAL_CAT) {
                 list_users();
             }
             break;
         case 'alblist':
             list_albums();
             break;
         case 'anycontent':
             if ($cat == 0) {
                 ob_start();
                 /**
                  * Any php code or HTML can be put in this file and will be displayed
                  */
                 include 'anycontent.php';
                 $anycontent = CPGPluginAPI::filter('anycontent', ob_get_contents());
                 ob_end_clean();
                 echo $anycontent;
Пример #6
0
<?php

require_once realpath($_SERVER['DOCUMENT_ROOT']) . '/includes/init.inc.php';
if (isset($_POST['page']) && isset($_POST['keyword'])) {
    echo list_users($_POST['page'], $_POST['keyword']);
}
Пример #7
0
	$user=new usersMenus();
	if($user->AsSambaAdministrator==false){
		$tpl=new templates();
		echo "alert('". $tpl->javascript_parse_text("{ERROR_NO_PRIVS}")."');";
		die();exit();
	}
	
	if(isset($_GET["tabs"])){popup_tabs();exit;}
	if(isset($_GET["popup"])){popup();exit;}
	if(isset($_GET["popup-acls"])){popup_acls();exit;}
	if(isset($_GET["main"])){popup_main();exit;}
	if(isset($_GET["sharedlist"])){shared_folders_list();exit;}
	if(isset($_GET["acldisks"])){acldisks();exit;}
	if(isset($_GET["aclline"])){aclsave();exit;}
	if(isset($_GET["SearchUser"])){SearchUser();exit;}
	if(isset($_GET["SearchPattern"])){list_users();exit;}
	
	if(isset($_GET["DeleteAllAcls"])){DeleteAllAcls();exit;}
	
	if(isset($_GET["AddAclUser"])){AddAclUser();exit;}
	if(isset($_GET["DeleteAclUser"])){DeleteAclUser();exit;}
	if(isset($_GET["ChangeAclUser"])){ChangeAclUser();exit;}
	
	if(isset($_GET["AddAclGroup"])){AddAclGroup();exit;}
	if(isset($_GET["DeleteAclGroup"])){DeleteAclGroup();exit;}
	if(isset($_GET["ChangeAclGroup"])){ChangeAclGroup();exit;}
	if(isset($_GET["set-recursive"])){SubitemsMode();exit;}
	
	if(isset($_GET["chmod_return_only"])){chmod_return_only();exit;}
	if(isset($_GET["chmod_save"])){chmod_save();exit;}
	if(isset($_GET["config"])){dir_status();exit;}
Пример #8
0
<?php

//List users by role
require_once '../includes/functions.inc.php';
require_once '../includes/admin.inc.php';
$rid = isset($_POST['rid']) ? $_POST['rid'] : 0;
$count = isset($_POST['count']) ? $_POST['count'] : 10;
$page = isset($_POST['page']) ? $_POST['page'] : 1;
print list_users($rid, $count, $page);
?>
<script type="text/javascript">
$("a.button.disabled").click(function(){
	openLogin();
});
$('#admin_user_section [title]').qtip({
	style: {
		padding: 7,
		background: '#404041',
		color: 'white',
		fontSize: '10px',
		textAlign: 'center',
		border: {
			width: 2,
			color: 'white'
		},
		tip: 'topLeft',
		name: 'dark' // Inherit the rest of the attributes from the preset dark style
	},
	position: {
		corner: {
		target: 'bottomMiddle',
Пример #9
0
} elseif (isset($_GET['toggle_reservation_reminder'])) {
    echo toggle_reservation_reminder();
} elseif (isset($_GET['change_user_details'])) {
    $user_name = mysql_real_escape_string(trim($_POST['user_name']));
    $user_email = mysql_real_escape_string($_POST['user_email']);
    $user_password = mysql_real_escape_string($_POST['user_password']);
    echo change_user_details($user_name, $user_email, $user_password);
} else {
    echo '<div class="box_div" id="cp_div"><div class="box_top_div"><a href="#">Start</a> &gt; Control panel</div><div class="box_body_div">';
    if ($_SESSION['user_is_admin'] == '1') {
        ?>

		<h3>User administration</h3>

		<div id="users_div"><?php 
        echo list_users();
        ?>
</div>

		<p class="center_p"><input type="button" class="small_button blue_button" id="reset_user_password_button" value="Reset password"> <input type="button" class="small_button blue_button" id="change_user_permissions_button" value="Change permissions"> <input type="button" class="small_button" id="delete_user_reservations_button" value="Delete reservations"> <input type="button" class="small_button" id="delete_user_button" value="Delete user"></p>
		<p class="center_p" id="user_administration_message_p"></p>

		<hr>

		<h3>Database administration</h3>

		<p class="smalltext_p">These will require a confirmation. Your user and reservations will not be deleted unless you delete everything.</p>

		<p><input type="button" class="small_button" id="delete_all_reservations_button" value="Delete all reservations"> <input type="button" class="small_button" id="delete_all_users_button" value="Delete all users"> <input type="button" class="small_button" id="delete_everything_button" value="Delete everything"></p>

		<p id="database_administration_message_p"></p>
Пример #10
0
                        if ($ret) {
                            echo json_encode(array("message" => "done"));
                        } else {
                            echo json_encode(array("message" => "error"));
                        }
                        return;
                    } else {
                        if ($action == "getValue") {
                            $ret = getUserVariable($user_name, $value);
                            if ($ret) {
                                echo json_encode(array("message" => "done"));
                                // value exists
                            } else {
                                echo json_encode(array("message" => "error"));
                            }
                            return;
                        } else {
                            if (!check_role("admin")) {
                                return;
                            }
                            echo json_encode(list_users());
                            return;
                        }
                    }
                }
            }
        }
    }
}
?>
 
Пример #11
0
     $_SESSION["list"] = $tmpl['mainAdmin'];
 } else {
     if ($_POST["selectoption"] == "Категории") {
         //
         list_of_categ($mysqli, $tmpl['list_categ_admin'], $tmpl['search']);
     } else {
         if ($_POST['DeleteCategory']) {
             DeleteCategory($mysqli, $_POST['select_name_category2']);
             $_SESSION["list"] = $tmpl['mainAdmin'];
         } else {
             if ($_POST['AddCategory']) {
                 AddCategory($mysqli, $_POST['new_categ'], $_POST['select_name_category1']);
                 $_SESSION["list"] = $tmpl['mainAdmin'];
             } else {
                 if ($_POST["selectoption"] == "Пользователи") {
                     list_users($mysqli, $tmpl['usersAdmin']);
                 } else {
                     if ($_POST['selectedUser']) {
                         SelectUser($mysqli, $_POST['selectuser'], $tmpl['user_admin']);
                     } else {
                         if ($_POST['DeleteUser']) {
                             DeleteUser($mysqli);
                             $_SESSION["list"] = $tmpl['mainAdmin'];
                         } else {
                             if ($_POST['ChangeUser']) {
                                 ChangeUser($mysqli, $_POST['group_user'], $_POST['block']);
                                 $_SESSION["list"] = $tmpl['mainAdmin'];
                             } else {
                                 if ($_POST["selectoption"] == "Отчеты") {
                                     //
                                     //CreatePDF($mysqli);
Пример #12
0
                list_users("users.xml", $form_attrs);
            }
        }
    } elseif ($form_attrs['action'] == "new") {
        /* Display new user form */
        $forms = make_form("newuser.xml", $form_attrs, "");
        /*
         * Make sure that the action value that led to this form being displayed
         * (action=new) is not retained
         */
        $forms[user]->setElementAttrById("action", "elemValue", "add");
        include "templates/user_table.php";
    } elseif ($forms[user]) {
        /* There was not an error with user detail form */
        include "templates/user_table.php";
    } elseif (!$form_attrs['userid'] && !$form_attrs['action']) {
        list_users("users.xml", $form_attrs);
    } elseif ($form_attrs['action'] != "modify") {
        /* && $form_attrs[action] */
        echo "Invalid action requested.<br>\n";
        list_users("users.xml", $form_attrs);
    } else {
        /* elseif( $userid ) */
        echo "Cannot find user record matching the request.<br>\n";
        list_users("users.xml", $form_attrs);
    }
    /* Else list_users() */
} else {
    /* No form type specified - just list all the users */
    list_users("users.xml", $form_attrs);
}
Пример #13
0
} elseif (isset($_GET['toggle_reservation_reminder'])) {
    echo toggle_reservation_reminder($conn);
} elseif (isset($_GET['change_user_details'])) {
    $user_name = mysqli_real_escape_string($conn, trim($_POST['user_name']));
    $user_email = mysqli_real_escape_string($conn, $_POST['user_email']);
    $user_password = mysqli_real_escape_string($conn, $_POST['user_password']);
    echo change_user_details($user_name, $user_email, $user_password, $conn);
} else {
    echo '<div class="box_div" id="cp_div"><div class="box_top_div"><a href="#">Start</a> &gt; Control panel</div><div class="box_body_div">';
    if ($_SESSION['user_is_admin'] == '1') {
        ?>

		<h3>User administration</h3>

		<div id="users_div"><?php 
        echo list_users($conn);
        ?>
</div>

		<p class="center_p"><input type="button" class="small_button blue_button" id="reset_user_password_button" value="Reset password"> <input type="button" class="small_button blue_button" id="change_user_permissions_button" value="Change permissions"> <input type="button" class="small_button" id="delete_user_reservations_button" value="Delete reservations"> <input type="button" class="small_button" id="delete_user_button" value="Delete user"></p>
		<p class="center_p" id="user_administration_message_p"></p>

		<hr>

		<h3>Database administration</h3>

		<p class="smalltext_p">These will require a confirmation. Your user and reservations will not be deleted unless you delete everything.</p>

		<p><input type="button" class="small_button" id="delete_all_reservations_button" value="Delete all reservations"> <input type="button" class="small_button" id="delete_all_users_button" value="Delete all users"> <input type="button" class="small_button" id="delete_everything_button" value="Delete everything"></p>

		<p id="database_administration_message_p"></p>
Пример #14
0
<div style="float: right" id="search_bar">
	<form action="" method="POST">
		<input id="search_user_box" type="text" name="keyword" title="Fill in your search query" size="20" placeholder="Search user.." />
	</form>
	<div style="display: none;" id="search_user_suggestion"></div>
</div>
<script type="text/javascript">
function searchUserSuggestion() {
	if ($("input#search_user_box").val() != '') {
		$("#search_user_suggestion").delay(200).load("triggers/search_user.php",{keyword:$("input#search_user_box").val()}).slideDown();
	} else {
		$("#search_user_suggestion").css("display","none");
	}
}
$("input#search_user_box").keyup(searchUserSuggestion).change(searchUserSuggestion);
if ($("input#search_user_box").val() == '') {
	$("#search_user_suggestion").css("display","none");
}
</script>
<?php 
$rid = isset($_POST['rid']) ? $_POST['rid'] : 0;
print select_role('rid', $rid);
print '<div id="admin_user_section">';
print list_users($rid, 10, 1);
print '</div>';
?>
<script type="text/javascript">
$("select#rid").change(function(){
	$("#admin_user_section").load("triggers/admin_user.php",{rid:$(this).val(),count:10,page:1});
});
</script>
Пример #15
0
<?php

session_start();
require_once '../config.php';
require_once '../database.php';
require_once '../ui.php';
show_header('../');
show_menu('../');
#Authentication:
if (!isset($_SESSION['admin'])) {
    if (!isset($_POST['pwd'])) {
        include 'login.php';
    } else {
        $user = list_users('admin');
        print_r($user);
        print_r($_POST);
        if ($user['upassword'] == $_POST['pwd']) {
            $_SESSION['admin'] = 'yes';
            print 'Access granted.';
        } else {
            print 'Wrong password!';
        }
    }
}
if (isset($_SESSION['admin'])) {
    $devices = list_secrets();
    $settings = list_settings();
    show_settings($settings);
    show_devices($devices);
}
include '../html_footer.html';
Пример #16
0
function get_parser()
{
    $conf = configurations();
    if (!$_GET) {
        return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listprojects');
    }
    if (isset($_GET['mod'])) {
        if (is_array(myfilter($_GET['mod'], 'mod'))) {
            trigger_error('potential attack using mod');
            return deconnect();
        } else {
            $mod = $_GET['mod'];
        }
    } else {
        $mod = null;
    }
    switch ($_GET['action']) {
        case 'adduser':
            if (admin(true)) {
                if ($_POST['usr_email'] && $_POST['username']) {
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'adduser', add_user(myfilter($_POST['usr_email'], 'email'), myfilter($_POST['username'], 'user'), myfilter($_POST['lvl'], 'lvl')));
                }
                return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'adduser');
            }
            break;
        case 'listusers':
            if (admin(true)) {
                $list_users = list_users(array(null));
                return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listusers', $list_users);
            }
            break;
        case 'deco':
            return deconnect();
            break;
        case 'modpass':
            if ($_POST['oldpass'] && $_POST['password1'] && $_POST['password2']) {
                $pass = array(myfilter($_POST['oldpass'], 'password'), myfilter($_POST['password1'], 'password'), myfilter($_POST['password2'], 'password'));
                if (is_string($pass[0]) && is_string($pass[1]) && is_string($pass[2])) {
                    $change = change_password($_SESSION['db_data']['_id'], $pass);
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'changepass', $change);
                }
            }
            return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'changepass', null);
            break;
        case 'resetpass':
            if (isset($_GET['user_id']) && isset($_GET['resetcode']) && !is_array($_GET['user_id']) && !is_array($_GET['resetcode'])) {
                return reset_password($_GET['user_id'], $_GET['resetcode']);
            } elseif (isset($_GET['user_id']) && !is_array($_GET['user_id']) && admin(true)) {
                return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', reset_password($_GET['user_id']));
            }
            break;
        case 'edituser':
            if (isset($_GET['user_id'])) {
                if (user(true) && $_GET['user_id'] == $_SESSION['db_data']['_id']) {
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', change_user_data($_SESSION['db_data']));
                }
                if (admin(true) && !is_array($_GET['user_id'])) {
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', change_user_data(check_user(array('_id' => new MongoID(myfilter($_GET['user_id'], '_id'))))));
                }
            }
            break;
        case 'changemail':
            if (isset($_GET['user_id']) && isset($_GET['code'])) {
                $db = check_user(array('_id' => new MongoID(myfilter($_GET['user_id'], '_id'))));
                if ($db['mail_change_id'] == $_GET['code']) {
                    return change_email_user(array('email' => $db['new_mail'], 'new_mail' => null, 'mail_change_id' => null), myfilter($_GET['user_id'], '_id'), 'postmail');
                }
            }
            break;
        case 'deluser':
            if (admin(true) && !is_array($_GET['user_id'])) {
                return delete_user(myfilter($_GET['user_id'], '_id'));
            }
            break;
        case 'addproject':
            if (admin(true)) {
                return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'add_project', addproject());
            }
            break;
        case 'project':
            if (isset($_GET['project_id'])) {
                if (!is_array(myfilter($_GET['project_id'], '_id'))) {
                    $_SESSION['currentprojet'] = myfilter($_GET['project_id'], '_id');
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'project', check_projects_mod($mod));
                }
            }
            break;
        case 'getfile':
            if (isset($_GET['file']) && isset($_GET['key']) && isset($_GET['id']) && isset($_GET['os']) && isset($_GET['arch'])) {
                if (!is_array(myfilter($_GET['file'], 'sha1')) && !is_array(myfilter($_GET['key'], 'timestamp')) && !is_array(myfilter($_GET['id'], '_id')) && !is_array($_GET['os']) && !is_array($_GET['arch'])) {
                    return down_file(myfilter($_GET['file'], 'sha1'), myfilter($_GET['key'], 'timestamp'), base64_decode(urldecode($_GET['os'])), base64_decode(urldecode($_GET['arch'])), myfilter($_GET['id'], '_id'));
                }
            }
            break;
        case 'addfile':
            if (admin(true) && isset($_GET['id'])) {
                if (!is_array(myfilter($_GET['id'], '_id'))) {
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'add_file', addfile(myfilter($_GET['id'], '_id')));
                }
            }
            break;
        case 'deletefile':
            if (admin(true) && isset($_GET['id']) && isset($_GET['key'])) {
                if (!is_array(myfilter($_GET['id'], '_id')) && !is_array(myfilter($_GET['key'], 'timestamp'))) {
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'project', delete_file(myfilter($_GET['id'], '_id'), myfilter($_GET['key'], 'timestamp')));
                }
            }
            break;
        case 'usersetting':
            if (isset($_GET['user_id'])) {
                if (user(true) && $_GET['user_id'] == $_SESSION['db_data']['_id']) {
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'setting', change_user_setting($_SESSION['db_data']['_id']));
                }
            }
            break;
        case 'bug':
            if (isset($_GET['id'])) {
                if (!is_array(myfilter($_GET['id'], '_id'))) {
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'bug', check_bug($mod));
                }
            }
            break;
        case 'submitbug':
            if (isset($_GET['id'])) {
                if (user(true) && in_array($_GET['id'], $_SESSION['db_data']['projects'])) {
                    $_SESSION['idbug'] = $_GET['id'];
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'submitbug', add_bug($_POST, $_GET['id']));
                }
                if (admin(true) || vip(true)) {
                    if (!is_array(myfilter($_GET['id'], '_id'))) {
                        $_SESSION['idbug'] = $_GET['id'];
                        return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'submitbug', add_bug($_POST, $_GET['id']));
                    }
                }
            }
            break;
        case 'listprojects':
            return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listprojects', $mod);
            break;
        case 'editbug':
            if (strlen($_POST['status']) && isset($_GET['id']) && admin(true)) {
                if (!is_array($_POST['status']) && !is_array(myfilter($_GET['id'], '_id'))) {
                    if (in_array($_POST['status'], $conf['bugs']['Open']) || in_array($_POST['status'], $conf['bugs']['Closed'])) {
                        return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'bug', edit_bug($_POST['status']));
                    }
                }
            }
            break;
        case 'resetpassmail':
            if (strlen($_POST['usr_email'])) {
                return echo_front_page(reset_password_mail(myfilter($_POST['usr_email'], 'email')));
            }
            break;
        case 'editproject':
            if (isset($_GET['id']) && admin(true)) {
                if (!is_array(myfilter($_GET['id'], '_id'))) {
                    return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_project', edit_project($_POST));
                }
            }
            break;
    }
    return echo_front_page();
}
Пример #17
0
        ?>
														</td>
														<td style="text-indent: 10px; font-family: 'Lucida Console'; font-weight: bolder;">
															<?php 
        echo $result['password'];
        ?>
														</td>
													</tr>
												</tbody>
											</table>

										<?php 
    }
}
if (isset($_POST['dept'])) {
    $users = list_users($_POST['dept']);
    ?>
									
									<div class="alert alert-info" style="text-align: center;">
										Students registered under the <strong><?php 
    echo get_collegeName($_POST['dept']);
    ?>
</strong>.
									</div>
									
									<table class="table table-hover">
									
										<thead>
											<tr>
												<th>
													Student ID