<?php
include 'header.php';
if (login_check($mysqli) == false) {
header("Location: login.php");
}
?>
<div id="container">
<div id="content">
<?php
if (login_check($mysqli) == true) {
?>
<?php
if (admin_check($mysqli) == true) {
?>
<table class="kommun-meny">
<tr><td class="kommun-val-header" ><a href="registerAsAdmin.php">Lägg till användare </a></td><td class="kommun-val-header"><a href="deleteMeny.php">Ta bort användare</a></td><td class="kommun-val-header"><a href="listUsers.php">Sök användare</a></td></tr>
<tr><td class="kommun-val">Här kan du lägga till nya användare.</td><td class="kommun-val">Här kan du ta bort en användare</td><td class="kommun-val">Lista användarna i databasen</td></tr>
</table>
<?php
} else {
?>
<p>
Du är ingen admin. Var god och logga in på ett konto med användarrättigheter för att se denna sida.
</p>
}
?>
</div>
<div class="blog">
<h1><?php
echo $lang['comment'];
?>
</h1>
<?php
// display comment list
if ($comments) {
for ($i = 0, $size = count($comments); $i < $size; $i++) {
?>
<p>
<?php
if (admin_check()) {
?>
[
<a href="index.php?ac=11&b=<?php
echo $blog['serial'];
?>
&c=<?php
echo urlencode($blog['category']);
?>
&bc=<?php
echo urlencode($comments[$i]['serial']);
?>
">
<?php
echo $lang['delete'];
?>
<?php
require "admin_check.php";
admin_check();
?>
<html>
<head>
<title>Admin Home</title>
<script src="//code.jquery.com/jquery-1.10.2.js"></script>
<style>
.clearfix:after {
content: "";
display: table;
clear: both;
}
#container {
width: 80%;
margin: auto;
text-align: center;
}
#info {
width: 49%;
float: left;
}
#table {
width: 49%;
float: right;
}
#option {
width: 80%;
<?php
require "www2-admin.php";
admin_check("editbrd");
if (isset($_POST["oldfilename"])) {
$boardname = $_POST["oldfilename"];
$filename = $_POST["filename"];
$bm = $_POST["bm"];
$chinesebname = $_POST["title"];
$secnum = $_POST["secnum"];
$btype = $_POST["btype"];
$innflag = $_POST["innflag"];
$title = sprintf("%-1.1s[%-4.4s]%-6.6s%s", constant("BBS_SECCODE{$secnum}"), $btype, $innflag, $chinesebname);
$des = $_POST["des"];
$flag = $_POST["flag"];
if (@$_POST["anony"] == "o") {
$flag |= BBS_BOARD_ANONY;
} else {
$flag &= ~BBS_BOARD_ANONY;
}
if (@$_POST["notjunk"] == "o") {
$flag &= ~BBS_BOARD_JUNK;
} else {
$flag |= BBS_BOARD_JUNK;
}
if (@$_POST["notpoststat"] == "o") {
$flag &= ~BBS_BOARD_POSTSTAT;
} else {
$flag |= BBS_BOARD_POSTSTAT;
}
if (@$_POST["group"] == "o") {
function event_non_ajax($f3, $params)
{
admin_check(FALSE);
try {
$event = new Event($params["id"], isset($params["year"]) ? "slug" : "id");
} catch (Exception $e) {
$f3->error(404);
}
$f3->set('nav', ["title" => "Event", "prev" => ["title" => "More events in " . $event->startdt->format("F Y"), "url" => "/events/" . strtolower($event->startdt->format("Y/M"))]]);
$f3->set("event", $event);
echo Template::instance()->render("event.html");
}
<?php
require "www2-admin.php";
admin_check("info");
if (isset($_POST["modifyuserid"])) {
$userid = $_POST["modifyuserid"];
$username = $_POST["username"];
$realname = $_POST["realname"];
$address = $_POST["address"];
$email = $_POST["email"];
if ($_POST["gender"] == "M") {
$gender = 77;
} else {
$gender = 70;
}
$birthyear = $_POST["birthyear"];
$birthmonth = $_POST["birthmonth"];
$birthday = $_POST["birthday"];
$title = $_POST["title"];
$realemail = $_POST["realemail"];
$numlogins = $_POST["numlogins"];
$numposts = $_POST["numposts"];
if (@$_POST["firstlogin"] == "yes") {
$firstlogin = 1;
} else {
$firstlogin = 0;
}
if (@$_POST["lastlogin"] == "yes") {
$lastlogin = 1;
} else {
$lastlogin = 0;
<?php
require "www2-admin.php";
admin_check("reg");
$reglist = array();
$count = bbs_admin_getnewreg($reglist);
if ($count == -1) {
html_error_quit("无法读取注册单文件。");
}
admin_header("批注册单", "设定使用者注册资料");
if ($count == 0) {
print "目前没有需要审批的注册单。";
} else {
print "共有 {$count} 个用户等待审批。";
print "<table align=\"center\" cellpadding=\"3\" border=\"1\"><tr><th>编号和时间</th><th>用户名</th><th>真实姓名</th><th>服务单位</th></tr>";
for ($i = 0; $i < $count; $i++) {
print "<tr><td>{$reglist[$i]["usernum"]}</td><td>{$reglist[$i]["userid"]}</td><td>{$reglist[$i]["realname"]}</td><td>{$reglist[$i]["career"]}</td></tr>";
}
print "</table><br>";
}
page_footer();
<?php
require "www2-admin.php";
admin_check("newbrd");
if (isset($_POST["boardname"])) {
$boardname = $_POST["boardname"];
$ret = bbs_admin_newboard($boardname);
switch ($ret) {
case 0:
html_success_quit("版面 {$boardname} 开设成功,请点击下面的连接设定版面属性。", array("<a href=\"admeditbrd.php?board={$boardname}\">设定 {$boardname} 的版面属性</a>"));
break;
case -1:
html_error_quit("版面名称不能为空。", array("<a href=\"admnewbrd.php\">返回版面开设界面</a>"));
break;
case -2:
html_error_quit("版面名称不符合规定。", array("<a href=\"admnewbrd.php\">返回版面开设界面</a>"));
break;
case -3:
html_error_quit("同名版面已经存在,请更换一个名称。", array("<a href=\"admnewbrd.php\">返回版面开设界面</a>"));
break;
case -4:
html_error_quit("无法添加版面,也许已经达到系统设定的版面数量上限。", array("<a href=\"admnewbrd.php\">返回版面开设界面</a>"));
break;
case -5:
html_error_quit("系统错误,请联系技术人员。", array("<a href=\"admnewbrd.php\">返回版面开设界面</a>"));
break;
default:
}
}
admin_header("开版", "开启一个新的讨论区");
?>
include_once $esiblog_root . '/secret.php';
function admin_check()
{
global $admin_name;
global $admin_pwd;
if (!isset($_SESSION[$_SERVER['HTTP_HOST']]['admin_name']) || !isset($_SESSION[$_SERVER['HTTP_HOST']]['admin_pwd'])) {
return false;
} else {
if ($_SESSION[$_SERVER['HTTP_HOST']]['admin_name'] != $admin_name || $_SESSION[$_SERVER['HTTP_HOST']]['admin_pwd'] != $admin_pwd) {
return false;
} else {
return true;
}
}
}
if (!admin_check()) {
header("HTTP/1.0 403 Non-administrative access not allowed");
exit;
}
// Set timezone using ESiBlog config
date_default_timezone_set($your_tz);
// Laguage maps from ESiBlog
$esiblog_lang = array('en' => 'en_EN', 'zh-cn' => 'zh_CN');
/** // */
/*
|--------------------------------------------------------------------------
| Optional security
|--------------------------------------------------------------------------
|
| if set to true only those will access RF whose url contains the access key(akey) like:
| <input type="button" href="../filemanager/dialog.php?field_id=imgField&lang=en_EN&akey=myPrivateKey" value="Files">
<?php
require "www2-admin.php";
admin_check("perm");
$ret = 1;
if (isset($_POST["modifyuserid"])) {
$userid = $_POST["modifyuserid"];
$perm = 0;
for ($i = 0; $i < 30; $i++) {
if (@$_POST["p{$i}"] == "o") {
$perm |= 1 << $i;
}
}
$ret = bbs_admin_setuserperm($userid, $perm);
html_success_quit("修改用户权限成功。", array("<a href=\"admperm.php?userid={$userid}\">返回权限更改页面</a>"));
}
if (isset($_POST["userid"])) {
$userid = $_POST["userid"];
} else {
if (isset($_GET["userid"])) {
$userid = $_GET["userid"];
} else {
$userid = $currentuser["userid"];
}
}
$perm = bbs_admin_getuserperm($userid);
if ($perm == -1 || $ret == -1) {
html_error_quit("不存在的用户。");
} else {
$giveupperm = bbs_admin_getgiveupperm($userid);
admin_header("改别人权限", "更改使用者的权限");
