. */ function ListAdmins() { global $db; $result = $db->Query("SELECT `user_id`, `username`, `level` FROM `bayonet_users` ORDER BY `level` DESC, `username` ASC"); $admins = $db->fetch($result); $num = 1; OpenTable("300px"); echo "UsernameLevel"; foreach($admins as $admin) { if($admin['level'] != $level){ $level = $admin['level']; echo "
"; } echo "{$num}.{$admin['username']}{$admin['level']}"; $num++; } CloseTable(); } function NewAdmin() { global $db; $maxLevel = $_SESSION['level']; if(isset($_POST['processed'])){ $username = addslashes($_POST['username']); $email = addslashes($_POST['email']); $first = addslashes($_POST['first']); $last = addslashes($_POST['last']); $level = $_POST['level']; $all = $_POST['all']; $squadleader = $_POST['squadleader']; $adjutant = $_POST['adjutant']; $quartermaster = $_POST['quartermaster']; $level = (int)$level; $all = (int)$all; $squadleader = (int)$squadleader; $adjutant = (int)$adjutant; $quartermaster = (int)$quartermaster; $password = GeneratePassword(8); $cryptpassword = crypt(md5($password),'iamnotadirtywhorebitch'); if(empty($username)) { ReportError("This user must have a username to continue."); return; } $result = $db->Query("SELECT `level` FROM `bayonet_users` WHERE `username` = '$username' OR `email` = '$email'"); if($db->Rows($result) > 0){ ReportError("The email and or username you entered is already in use."); return; } EmailPassword($username, $password, $email); $db->Query("INSERT INTO `bayonet_users` (`user_id` ,`username` ,`password` ,`lastname` ,`firstname` ,`email` ,`joined` ,`level` ,`all` ,`squadleader` ,`adjutant` ,`quartermaster`) VALUES (NULL, '$username', '$cryptpassword', '$last', '$first', '$email', CURRENT_TIMESTAMP, $level, $all, $squadleader, $adjutant, $quartermaster)"); echo "Admin, '$username' level '$level' has been added. An email has been sent to him with his username and password.\n

Please wait while you are redirected.

Click here if you don't feel like waiting."; // 3 second redirect to go back to the edit page PageRedirect(2, "?op=admins"); return; } ?>
Cancel
Username:*
First Name:
Last Name:
Email Address:*
Level:

\r\n"; //optional headerfields $mail_body = "Do not respond to this email.\n\n------------------------------\nUsername: ".$username."\nPassword: ".$password."\n------------------------------\n\nTo login click on this link. ".Bayonet_Config::$ini['site']['url']."admin/ \n\nIt is recommended that you change your password once you login. To do so, click on Account Settings>Change Password."; $sent = mail($email, $subject, $mail_body, $header); if(!$sent){ ReportError("Error validating email. This user was not saved."); return false; } return true; } function GetPermissions($user = NULL) { ?>
Everything elseSquad LeaderAdjutantQuartermaster
"; else echo ""; ?> "; else echo ""; ?> "; else echo ""; ?> "; else echo ""; ?>

Show/Hide Permissions

Query("UPDATE `bayonet_users` SET `username` = '$username', `level` = '$level', `all` = '$all', `squadleader` = '$squadleader', `adjutant` = '$adjutant', `quartermaster` = '$quartermaster' WHERE `user_id` = '$user_id' LIMIT 1"); echo "Admin, '$username' level '$level' has been edited.\n

Please wait while you are redirected.

Click here if you don't feel like waiting."; // 3 second redirect to go back to the edit page PageRedirect(2, "?op=admins&edit={$user_id}"); return; } $result = $db->Query("SELECT * FROM `bayonet_users` WHERE `user_id` = '$user_id' LIMIT 1"); $admin = $db->FetchRow($result); if($maxLevel < $admin['level']){ ReportError("You do not have permission to access this user."); return; } ?>
Edit the attributes of this administrator.
Username: = 2): ?>
Level:

Query("SELECT `username` FROM `bayonet_users` WHERE `user_id` = '$user_id' LIMIT 1"); $admin = $db->FetchRow($result); if(isset($_POST['proceed'])) { echo "Admin '{$admin['username']}', was deleted."; $db->Query("DELETE FROM `bayonet_users` WHERE `user_id` = '$user_id' LIMIT 1"); PageRedirect(3,"?op=admins"); return; } if(isset($_POST['cancel'])) { echo "User cancelled deletion of admin: '{$admin['username']}'"; PageRedirect(1,"?op=admins"); return; } ?>
Are you SURE you want to delete the administrative user: ''?
   
Query("SELECT `username`, `email` FROM `bayonet_users` WHERE `user_id` = '$user_id' LIMIT 1"); $admin = $db->FetchRow($result); decho($admin); if(isset($_POST['proceed'])) { $password = GeneratePassword(8); $cryptpassword = crypt(md5($password),'iamnotadirtywhorebitch'); $status = EmailPassword($admin['username'], $password, $admin['email']); if($status) { $db->Query("UPDATE `bayonet_users` SET `password` = '$cryptpassword' WHERE `user_id` = '$user_id' LIMIT 1"); echo "Password has been reset and emailed to '{$admin['username']}'"; PageRedirect(3, "?op=admins"); } else { ReportError("An error has occured emailing the new password. It will not take effect."); } return; } if(isset($_POST['cancel'])) { echo "The password WILL NOT be reset for '{$admin['username']}'"; PageRedirect(3, "?op=admins"); return; } ?>
Are you SURE you want to reset this user's password: ''?