Archivado/LaFactoriaVerde_Web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Muchos cambios

Browse Source 
git-svn-id: https://192.168.0.254/svn/Proyectos.LaFactoriaVerde_Web/trunk@2 017afc1c-778d-45dc-8efe-cc7a6876851a
This commit is contained in:
David Arranz 2010-10-06 15:53:49 +00:00
parent 15a736b810
commit 48a5e3f7f0
58 changed files with 3356 additions and 2077 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
activate.html
View File

@ -1,19 +1,33 @@
<HTML>
<HEAD>
<TITLE>Activar cuenta</TITLE>
</HEAD>
<BODY>
<H1><font face="Verdana" size="4" color="#2852A8">Activar tu cuenta</font></H1>
<FORM METHOD="POST" ACTION="redirect.php">
<P><font face="Verdana" size="2" color="#2852A8"><STRONG>Usuario:</STRONG><BR>
</font><font color="#2852A8" face="Verdana">
<INPUT TYPE="text" NAME="username" SIZE=25 MAXLENGTH=25></font></p>
<P><font face="Verdana" size="2" color="#2852A8"><STRONG>Contraseña:</STRONG><BR>
</font><font color="#2852A8" face="Verdana">
<INPUT TYPE="password" NAME="password" SIZE=25 MAXLENGTH=25></font></p>
<input type="hidden" name="activate" value="Yes"></p>
<P><font color="#2852A8">
<INPUT TYPE="submit" NAME="submit" VALUE="Activar" style="font-family: Verdana"></font></P>
</FORM>
</BODY>
</HTML>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Activar cuenta</title>
<style type="text/css">
/*<![CDATA[*/
p.c5 {color: #2852A8}
input.c4 {font-family: Verdana}
span.c3 {color: #2852A8; font-family: Verdana}
span.c2 {color: #2852A8; font-family: Verdana; font-size: 80%}
h1.c1 {color: #2852A8; font-family: Verdana; font-size: 120%}
/*]]>*/
</style>
</head>
<body>
<h1 class="c1">Activar tu cuenta</h1>
<form method="post" action="redirect.php">
<p><span class="c2"><strong>Usuario:</strong><br /></span> <span class=
"c3"><input type="text" name="username" size="25" maxlength="25" /></span></p>
<p><span class="c2"><strong>Contraseña:</strong><br /></span> <span class=
"c3"><input type="password" name="password" size="25" maxlength=
"25" /></span></p><input type="hidden" name="activate" value="Yes" />
<p class="c5"><input type="submit" name="submit" value="Activar" class="c4" /></p>
</form>
</body>
</html>

9
admin/_menu.php Normal file
View File

@ -0,0 +1,9 @@
<ul class="menu orange" style="clear: both;">
<li <?php if (($menu_activo == "inicio") || ($menu_activo == "")) { echo "class='current'"; }?> ><a href="adminpage.php" target="_self">Inicio</a></li>
<li <?php if ($menu_activo == "nuevo_usuario") { echo "class='current'"; }?>><a href="newuser.php" target="_self">Añadir usuario</a></li>
<!--<li <?php if ($menu_activo == "modificar_usuario") { echo "class='current'"; }?>><a href="adminpage.php" target="_self">Modificar usuario</a></li>-->
<li <?php if ($menu_activo == "log") { echo "class='current'"; }?>><a href="../logs/index.php" target="_self">Registro de accesos</a></li>
<li <?php if ($menu_activo == "mail_masivo") { echo "class='current'"; }?>><a href="mail_all.php" target="_self">E-mail masivo</a></li>
<li><a href="../logout.php" target="_self">Salir</a></li>
</ul>

335
admin/adduser.php
View File

@ -1,160 +1,175 @@
<?
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
//require the config file
require ("../config.php");
require ("../functions.php");
if ($page == ""){$page = 1;}
if ($max_results == ""){$max_results = 5;}
//check required fields
if (($_POST[username] == ""))
{
echo "The Username Field can not be left blank. Please <a href=\"adminpage.php?page=$page&max_results=$max_results\">Go Back</a> and re-enter the information";
exit;
}
//check the password length
$pass_len = password_check($min_pass, $max_pass, $_POST[password]);
if ($pass_len == "no")
{
echo "<p>You must use a password between $min_pass and $max_pass characters in length, please <a href=\"adminpage.php?page=$page&max_results=$max_results\">Go Back </a>and try again.</p>";
exit;
}
//check for authority to view this page
if (allow_access(Administrators) != "yes")
{
echo "not authorized to perform this function";
}
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//make query to database
$sql ="SELECT * FROM $table_name WHERE username= '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
//get the number of rows in the result set
$num = mysql_num_rows($result);
//check if that username already exists
if ($num != 0){
echo "<P>Sorry, that username already exists.</P>";
echo "<P><a href=\"#\" onClick=\"history.go(-1)\">Try Another Username.</a></p>";
echo "$_POST[username]";
exit;
}else{
//or add it to the database
$sql_add = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES
('$_POST[firstname]', '$_POST[lastname]', '$_POST[username]', password('$_POST[password]'),
'$_POST[group1]', '$_POST[group2]', '$_POST[group3]', '$_POST[pchange]', '$_POST[email]',
'$_POST[redirect]', '1', 'last_login()')";
$result = @mysql_query($sql_add,$connection) or die(mysql_error());
}
if ($_POST[email_user] == "Yes")
{
$mailheaders = "From: $domain\n";
$mailheaders .= "Dear $_POST[firstname] $_POST[lastname],\n";
$mailheaders .= "\n";
$mailheaders .= "An account has been created for you at $domain.\n";
$mailheaders .= "Please log in with the following account information:\n";
$mailheaders .= "Username: $_POST[username]\n";
$mailheaders .= "Password: $_POST[password]\n";
$mailheaders .= "\n";
$mailheaders .= "Please login at:\n";
$mailheaders .= "$base_dir/login.html\n";
$mailheaders .= "Should you have any complications, please email the System Administrator at:\n";
$mailheaders .= "$adminemail\n";
$to = "$_POST[email]";
$subject = "Your account has been created !!";
mail($to, $subject, $mailheaders, "From: No Reply <$adminemail>\n");
}
?>
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<link rel="stylesheet" type="text/css" href="adminpage.css">
<meta http-equiv="refresh" content="5; url=adminpage.php">
<title>Add User</title>
</head>
<body>
<p><b><font face="Tahoma">User Added:</font></b></p>
<table border="1" id="table1">
<tr>
<td width="154"><font face="Tahoma" size="2">First Name:</td>
<td><?php echo $_POST[firstname]; ?></font></td>
</tr>
<tr>
<td width="154"><font face="Tahoma" size="2">Last Name:</td>
<td><?php echo $_POST[lastname]; ?></font></td>
</tr>
<tr>
<td width="154"><font face="Tahoma" size="2">Username:</td>
<td><?php echo $_POST[username]; ?></font></td>
</tr>
<tr>
<td width="154"><font face="Tahoma" size="2">Password:</td>
<td><?php echo $_POST[password]; ?></font></td>
</tr>
<tr>
<tr>
<td width="154"><font face="Tahoma" size="2">E-Mail:</td>
<td><?php echo $_POST[email]; ?></font></td>
</tr>
<td width="154"><font face="Tahoma" size="2">Group Memberships:</td>
<td><?php echo $_POST[group1]; ?>&nbsp;</td>
</tr>
<tr>
<td width="154">&nbsp;</td>
<td><?php echo $_POST[group2]; ?>&nbsp;</td>
</tr>
<tr>
<td width="154">&nbsp;</td>
<td><?php echo $_POST[group3]; ?>&nbsp;</font></td>
</tr>
<tr>
<td width="154"><font face="Tahoma" size="2">Redirect to:</font></td>
<td><?php echo $_POST[redirect]; ?></font></td>
</tr>
<tr>
<td width="154"><font face="Tahoma" size="2">Password Change Req'd:</td>
<td><?php if($_POST[pchange] == "1"){$ans1="Yes";}else{$ans1="No";} echo $ans1; ?></td>
</tr>
<tr>
<td width="154"><font face="Tahoma" size="2">User E-Mailed:</td>
<td><?php echo $_POST[email_user]; ?></font></td>
</tr>
</table>
</body>
</html>
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
require('../config.php');
require('../functions.php');
//check for administrative rights
if (allow_access(Administrators) != "yes")
{
include ('../check_login.php');
exit;
}
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword)
or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)
or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM $table_name";
$result = @mysql_query($sql,$connection) or die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Añadir nuevo usuario - La Factoría Verde</title>
<link rel="stylesheet" type="text/css" href="estilos.css">
</head>
<body>
<div id="layout">
<div id="header"> <img src="../img/lafactoriaverde.gif" alt="La Factoría Verde" />
<div style="float: right;">Sesión iciada como <?php echo $_SESSION[user_name]; ?></div>
<?php include('_menu.php'); ?>
</div>
<div id="content">
<?php
//check for authority to view this page
if (allow_access(Administrators) != "yes")
{
echo "<br/><br/><br/><center><p class='error'>No tienes autorización para esta función.</p></center>";
}
//check required fields
if (($_POST[username] == ""))
{
echo "<br/><br/><br/><center><p class='error'>El campo 'Usuario' no puede estar en blanco. <a href=\"#\" onClick=\"history.go(-1)\">Vuelve atrás</a> y cámbialo.</p></center>";
exit;
}
//check the password length
$pass_len = password_check($min_pass, $max_pass, $_POST[password]);
if ($pass_len == "no")
{
echo "<br/><br/><br/><center><p class='error'>La contraseña debe tener una longitud entre $min_pass y $max_pass caracteres. <a href=\"#\" onClick=\"history.go(-1)\">Vuelve atrás</a> y cámbiala.</p></center>";
exit;
}
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//make query to database
$sql ="SELECT * FROM $table_name WHERE username= '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
//get the number of rows in the result set
$num = mysql_num_rows($result);
//check if that username already exists
if ($num != 0) {
echo "<p>El usuario '".$_POST[username]."'ya existe.</p>";
echo "<p><a href=\"#\" onClick=\"history.go(-1)\">Prueba con otro nombre de usuario.</a></p>";
echo "$_POST[username]";
exit;
} else {
//or add it to the database
$sql_add = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES
('$_POST[firstname]', '$_POST[lastname]', '$_POST[username]', password('$_POST[password]'),
'$_POST[group1]', '$_POST[group2]', '$_POST[group3]', '$_POST[pchange]', '$_POST[email]',
'$_POST[redirect]', '1', 'last_login()')";
$result = @mysql_query($sql_add,$connection) or die(mysql_error());
}
/*if ($_POST[email_user] == "Yes")
{
$mailheaders = "From: $domain\n";
$mailheaders .= "Dear $_POST[firstname] $_POST[lastname],\n";
$mailheaders .= "\n";
$mailheaders .= "An account has been created for you at $domain.\n";
$mailheaders .= "Please log in with the following account information:\n";
$mailheaders .= "Username: $_POST[username]\n";
$mailheaders .= "Password: $_POST[password]\n";
$mailheaders .= "\n";
$mailheaders .= "Please login at:\n";
$mailheaders .= "$base_dir/login.html\n";
$mailheaders .= "Should you have any complications, please email the System Administrator at:\n";
$mailheaders .= "$adminemail\n";
$to = "$_POST[email]";
$subject = "Your account has been created !!";
mail($to, $subject, $mailheaders, "From: No Reply <$adminemail>\n");
}*/
?>
<h2>Usuario añadido correctamente</h2>
<br/>
<table id="table1" width="100%" >
<tr>
<td width="177">Nombre:</td>
<td><?php echo $_POST[firstname]; ?></td>
</tr>
<tr>
<td width="177">Apellidos:</td>
<td><?php echo $_POST[lastname]; ?></td>
</tr>
<tr>
<td width="177">Usuario:</td>
<td><?php echo $_POST[username]; ?></td>
</tr>
<tr>
<td width="177">Contraseña:</td>
<td><?php echo $_POST[password]; ?></td>
</tr>
<tr>
<tr>
<td width="177">E-Mail:</td>
<td><?php echo $_POST[email]; ?></td>
</tr>
<td width="177">Grupo:</td>
<td><?php echo $_POST[group1]; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">&nbsp;</td>
<td><?php echo $_POST[group2]; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">&nbsp;</td>
<td><?php echo $_POST[group3]; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">Redirigir a:</td>
<td><?php echo $_POST[redirect]; ?></td>
</tr>
<tr>
<td width="177">Cambio de contraseña:</td>
<td><?php if($_POST[pchange] == "1"){ $ans1="Si"; } else { $ans1="No"; } echo $ans1; ?></td>
</tr>
<tr>
<td width="177">Enviar e-mail al usuario:</td>
<td><?php echo $_POST[email_user]; ?></td>
</tr>
</table>
<br/>
<center>
<a href="<?php echo "adminpage.php"; ?>">Volver a la lista</a>
</center>
</div>
<div id="footer"> </div>
</div>
</body>
</html>

1101
admin/adminpage.php
View File

File diff suppressed because it is too large Load Diff

993
admin/adminpage2.php Normal file
View File

@ -0,0 +1,993 @@
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
require('../config.php');
require('../functions.php');
//check for administrative rights
if (allow_access(Administrators) != "yes")
{
include ('../check_login.php');
exit;
}
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword)
or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)
or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM $table_name";
$result = @mysql_query($sql,$connection) or die(mysql_error());
?>
<head>
<meta http-equiv="Content-Language" content="en-us">
<link rel="stylesheet" type="text/css" href="adminpage.css">
</head>
<body topmargin="0" leftmargin="0" rightmargin="0" bottommargin="0">
<table border="0" width="100%" id="table1">
<tr>
<td align="center">
<table border="0" width="800" id="table2" cellspacing="0" cellpadding="0">
<tr>
<td width="280">&nbsp;</td>
<td>&nbsp;</td>
</tr>
<tr>
<td width="280"><b><font size="2">Panel de control</font></b></td>
<td align="right"><i><a href="../logs/index.php">Ver el registro de accesos</a></i></td>
</tr>
<tr>
<td width="280">Sesión iniciada como <?php echo $_SESSION[user_name]; ?></td>
<td align="right"><i><a href="../logout.php">Salir</a></i></td>
</tr>
<tr>
<td width="280">&nbsp;</td>
<td>
<p align="right"><i><a href="mail_all.htm">Mandar e-mail a todos los usuarios</a></i></td>
</tr>
<tr>
<td width="280" valign="top">
<table border="0" width="100%" id="table3" cellspacing="0" cellpadding="0">
<tr>
<td width="38%" valign="top">
<table border="0" width="100%" id="table38" cellspacing="0" cellpadding="0">
<tr>
<td>
<?php
if ($_POST[alter2] == "add")
{
?>
<form method="POST" action="<?php $PHP_SELF; ?>">
<p><input type="hidden" name="alterup2" value="up"><input type="image" img src="admin_add_up.gif" ></p>
</form>
<?php
}else
{
?>
<form method="POST" action="<?php $PHP_SELF; ?>">
<p><input type="hidden" name="alter2" value="add"><input type="image" img src="admin_add.gif" ></p>
</form>
<?php
}
?>
</td>
</tr>
<tr>
<td>
<?php
if ($_POST[alter2] == "add")
{
?>
<form method="POST" action="<? echo "adduser.php?page=$page&max_results=$max_results"; ?>">
<font size="1" face="Tahoma">
<table border="1" width="100%" id="table44" bordercolorlight="#C0C0C0" bordercolordark="#FFFFFF">
<tr>
<td width="140">Nombre:</td>
<td><font size="1" face="Tahoma">
<input type="text" name="firstname" size="20"></font></td>
</tr>
<tr>
<td width="140">Apellidos:</td>
<td><font size="1" face="Tahoma">
<input type="text" name="lastname" size="20"></font></td>
</tr>
<tr>
<td width="140">Usuario:</td>
<td><font size="1" face="Tahoma">
<input type="text" name="username" size="20"></font></td>
</tr>
<tr>
<td width="140">Contraseña:</td>
<td><font size="1" face="Tahoma">
<input type="text" name="password" size="20" maxlength="667"></font></td>
</tr>
<tr>
<td width="140">E-Mail:</td>
<td><font size="1" face="Tahoma">
<input type="text" name="email" size="20"></font></td>
</tr>
<tr>
<td width="140">Grupo:</td>
<td><font size="1" face="Tahoma">
<select size="1" name="group1">
<?php
echo "<option>Usuarios</option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">&nbsp;</td>
<td><font size="1" face="Tahoma">
<select size="1" name="group2">
<?php
echo "<option></option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">&nbsp;</td>
<td><font size="1" face="Tahoma">
<select size="1" name="group3">
<?php
echo "<option></option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">Redirigir a:</td>
<td><font size="1" face="Tahoma">
<input type="text" name="redirect" size="20" value="http://"></font></td>
</tr>
<tr>
<td width="140">Obligar a cambiar la contraseña en el siguiente inicio de sesión:</td>
<td><font size="1" face="Tahoma">
<select size="1" name="pchange">
<option value="0" selected>No</option>
<option value="1">Si</option>
</select></font></td>
</tr>
<tr>
<td width="140">E-Mail User Account
Information:</td>
<td><font size="1" face="Tahoma">
<select size="1" name="email_user">
<option value="No" selected>No</option>
<option value="Yes">Si</option>
</select></font></td>
</tr>
<tr>
<td width="140"><font size="1" face="Tahoma">
<input type="submit" value="Submit" name="B4"></font></td>
<td>&nbsp;</td>
</tr>
</table>
</font>
</td>
</tr>
<tr>
</form>
<?php
}
?>
</tr>
<tr>
<td><font size="1" face="Tahoma">
<?php
if ($_POST[alter1] == "modify" || $_POST[username] != "")
{
?>
<form method="POST" action="<? $PHP_SELF; ?>">
<p>
<input type="hidden" name="alter1" size="20" value="up"><input type="image" img src="admin_mod_up.gif" value="Enviar" alt="Enviar"></p>
</form>
<?php
}
else{
?>
<form method="POST" action="<? $PHP_SELF; ?>">
<p>
<input type="hidden" name="alter1" size="20" value="modify"><input type="image" img src="admin_mod.gif" value="Enviar" alt="Enviar"></p>
</form>
<?php
}
?>
</td>
<?
if (($_POST[alter1] == "modify") || ($_POST[username] != ""))
{
?>
<tr>
<td>
<font size="1" face="Tahoma">
<form name="myform" id="myform" action="<? $PHP_SELF; ?>" method="POST">
<table border="1" width="100%" id="table41" cellspacing="0" cellpadding="0" bordercolorlight="#C0C0C0" bordercolordark="#FFFFFF">
<tr>
<td width="140">Username:</td>
<td><font size="1" face="Tahoma">
<select size="1" name="username" onChange="document.myform.submit()">
<?
if ($_POST[username] != "")
{
echo "<option>$_POST[username]</option>";
echo "<option value=\"\"></option>";
}
else
{
echo "<option></option>";
}
//require the config file
require ("../config.php");
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM $table_name";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$uname = $sql -> username;
echo "<option value=\"$uname\">$uname</option>";
}
?>
</select></font></td>
</tr>
</table>
</form>
</font>
</td>
</tr>
<?php
if ($_POST[username] != "")
{
//require the config file
require ("../config.php");
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$m_first = $sql -> firstname;
$m_last = $sql -> lastname;
$g_1 = $sql -> group1;
$g_2 = $sql -> group2;
$g_3 = $sql -> group3;
$chng = $sql -> pchange;
$m_email = $sql -> email;
$direct = $sql -> redirect;
}
?>
<tr>
<td>
<form method="POST" action="mod_user.php">
<font size="1" face="Tahoma">
<table border="1" width="100%" id="table1" cellspacing="0" cellpadding="0" bordercolorlight="#C0C0C0" bordercolordark="#FFFFFF">
<tr>
<td width="140">Nombre:</td>
<td><font size="1" face="Tahoma">
<input type="hidden" name="username" value="<? echo $_POST[username]; ?>">
<input type="text" name="mod_first" value="<? echo $m_first; ?>" size="20"></font></td>
</tr>
<tr>
<td width="140">Apellidos:</td>
<td><font size="1" face="Tahoma">
<input type="text" name="mod_last" value="<? echo $m_last; ?>" size="20"></font></td>
</tr>
<tr>
<td width="140">
Contraseña:</td>
<td><font size="1" face="Tahoma">
<input type="text" name="mod_pass" size="20" value="Same as Old"></font></td>
</tr>
<tr>
<td width="140">
E-Mail:</td>
<td><font size="1" face="Tahoma">
<input type="text" name="mod_email" value="<? echo $m_email; ?>" size="20"></font></td>
</tr>
<tr>
<td width="140">
Grupo:</td>
<td><font size="1" face="Tahoma">
<select size="1" name="mod_group1">
<?php
echo "<option>$g_1</option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">&nbsp;
</td>
<td><font size="1" face="Tahoma">
<select size="1" name="mod_group2">
<?php
echo "<option>$g_2</option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">&nbsp;
</td>
<td><font size="1" face="Tahoma">
<select size="1" name="mod_group3">
<?php
echo "<option>$g_3</option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">
Redirigir a:</td>
<td><font size="1" face="Tahoma">
<input type="text" name="mod_redirect" value="<? echo $direct; ?>" size="20"></font></td>
</tr>
<tr>
<td width="140">
Obligar a cambiar la contraseña en el siguiente inicio de sesión:</td>
<td><font size="1" face="Tahoma">
<select size="1" name="mod_chng">
<option value="0" selected>No</option>
<option value="1">Yes</option>
</select></font></td>
</tr>
<tr>
<td width="140">
E-Mail User Account Information:</td>
<td><font size="1" face="Tahoma">
<select size="1" name="mod_send">
<option value="No" selected>No</option>
<option value="Yes">Yes</option>
</select></font></td>
</tr>
<tr>
<td width="140">
<font size="1" face="Tahoma">
<input type="submit" value="Enviar" name="B5"></font></td>
<td>&nbsp;</td>
</tr>
</table>
</font>
</form>
</td>
</tr>
<?php
}
?>
<?
}
?>
</td>
</tr>
<tr>
<td width="38%">
<?php
if ($_POST[alter] == "options")
{
?>
<form method="POST" action="<?php $PHP_SELF; ?>">
<p>
<input type="hidden" name="alter" value="up">
<input type="image" src="admin_options_up.gif" value="Enviar" alt="Enviar"></p>
</form>
<?php
}
else
{
?>
<form method="POST" action="<?php $PHP_SELF; ?>">
<p>
<input type="hidden" name="alter" value="options">
<input type="image" src="admin_options.gif" value="Enviar" alt="Enviar"></p>
</form>
<?php
}
?>
</td>
</tr>
<tr>
<td width="33%" valign="top" height="0">
<?php
if ($_POST[alter] == "options")
{
?>
<form method="POST" action="mod_user.php">
<table border="1" width="100%" id="table43" cellspacing="0" cellpadding="0" bordercolorlight="#C0C0C0" bordercolordark="#FFFFFF">
<tr>
<td width="140">Borrar usuario</td>
<td>
<font size="1" face="Tahoma">
<select size="1" name="del_user">
<option></option>
<?php
//require the config file
require ("../config.php");
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="SELECT username FROM $table_name ORDER BY username";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$uname = $sql -> username;
if ($uname != $_SESSION[user_name])
{
echo "<option value=\"$uname\">$uname</option>";
}
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">Restaurar usuario</td>
<td>
<font size="1" face="Tahoma">
<select size="1" name="restore">
<option></option>
<?php
//require the config file
require ("../config.php");
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="SELECT username FROM trash ORDER BY username";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$uname = $sql -> username;
if ($uname != $_SESSION[user_name])
{
echo "<option value=\"$uname\">$uname</option>";
}
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">Banear usuario</td>
<td>
<font size="1" face="Tahoma">
<select size="1" name="ban_user">
<option></option>
<?php
//require the config file
require ("../config.php");
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="SELECT username FROM $table_name ORDER BY username";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$uname = $sql -> username;
if ($uname != $_SESSION[user_name])
{
echo "<option value=\"$uname\">$uname</option>";
}
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">Bloquear dirección IP</td>
<td>
<font size="1" face="Tahoma">
<input type="text" name="oct1" size="3" maxlength="3"></font>.<font size="1" face="Tahoma"><input type="text" name="oct2" size="3" maxlength="3"></font><font face="Tahoma">.</font><font size="1" face="Tahoma"><input type="text" name="oct3" size="3" maxlength="3"><font face="Tahoma">.</font><input type="text" name="oct4" size="3" maxlength="3"></font></td>
</tr>
<tr>
<td width="140">Lift User Ban</td>
<td>
<font size="1" face="Tahoma">
<select size="1" name="lift_user_ban">
<option></option>
<?php
//require the config file
require ("../config.php");
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM banned WHERE type = 'user'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$banned = $sql -> no_access;
echo "<option value=\"$banned\">$banned</option>";
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">Lift IP Ban</td>
<td>
<font size="1" face="Tahoma">
<select size="1" name="lift_ip_ban">
<option></option>
<?php
//require the config file
require ("../config.php");
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM banned WHERE type = 'ip'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$banned = $sql -> no_access;
echo "<option value=\"$banned\">$banned</option>";
}
?>
</select></font></td>
</tr>
<tr>
<td width="140">Vaciar la papelera</td>
<td><font size="1" face="Tahoma">
<select size="1" name="empt_trash">
<option></option>
<option value="yes">Si</option>
</select></font></td>
</tr>
<tr>
<td width="140">Purgar cuentas inactivas desde</td>
<td><select size="1" name="amt_time">
<option></option>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select><font size="1" face="Tahoma"><select size="1" name="incr_time">
<option></option>
<option value="DAY">días</option>
<option value="MONTH">meses</option>
<option value="YEAR">años</option>
</select></font></td>
</tr>
<tr>
<td width="140"><font size="1" face="Tahoma">
<input type="submit" value="Enviar" name="B6"></font></td>
<td>&nbsp;</td>
</tr>
</table>
</form>
<?php
}
?>
</td>
</tr>
<tr>
<td width="38%">&nbsp;
</td>
</tr>
<tr>
<td width="38%">&nbsp;
</td>
</tr>
<tr>
<td width="38%">&nbsp;
</td>
</tr>
<tr>
<td width="38%">&nbsp;
</td>
</tr>
<tr>
<td width="38%">&nbsp;
</td>
</tr>
<tr>
<td width="38%">&nbsp;
</td>
</tr>
<tr>
<td width="38%">&nbsp;
</td>
</tr>
<tr>
<td width="38%">&nbsp;
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
<td valign="top">
<?
if ($user_det == "")
{
if (!isset($_GET['max_results']))
{
$max_results = 5;
}else{
$max_results = $_GET['max_results'];
}
if(!isset($_GET['page'])){
$page = 1;
} else {
$page = $_GET['page'];
}
if (isset($_GET['search']))
{
$s_string = $_GET['search'];
$explodeit = explode(" ", "$s_string");
$c = count($explodeit);
if ($c > 1)
{
for ($i=0; $i<$c; $i++)
{
$search = $explodeit[$i]."+";
}
}else{
$search = $s_string;
}
}
echo "Show Number of Results Per Page: <a href=\"".$_SERVER['PHP_SELF']."?page=$page&max_results=5&search=$search\">5</a>";
echo " <a href=\"".$_SERVER['PHP_SELF']."?page=$page&max_results=10&search=$search\">10</a><br>";
// Figure out the limit for the query based
// on the current page number.
$from = (($page * $max_results) - $max_results);
// Perform MySQL query on only the current page number's results
if (!isset($_GET['search']))
{
$set_lim = "SELECT * FROM $table_name ORDER BY username LIMIT $from, $max_results";
}else{
$search = $_GET['search'];
$set_lim = "SELECT * FROM $table_name WHERE username LIKE '%$search%' || firstname LIKE '%$search%'
|| lastname LIKE '%$search%' || group1 LIKE '%$search%' || group2 LIKE '%$search%' || group3 LIKE '%$search%'
|| email LIKE '%$search%' ORDER BY username LIMIT $from, $max_results";
}
$set_res = @mysql_query($set_lim,$connection) or die(mysql_error());
while ($set_lim = mysql_fetch_object($set_res))
{
$fname = $set_lim -> firstname;
$lname = $set_lim -> lastname;
$uname = $set_lim -> username;
$p_change = $set_lim -> pchange;
$verif_d = $set_lim -> verified;
$last = $set_lim -> last_login;
$re_direct = $set_lim -> redirect;
$groupA = $set_lim -> group1;
$groupB = $set_lim -> group2;
$groupC = $set_lim -> group3;
$e_mail = $set_lim -> email;
if ($p_change == 1)
{$p_change = "Yes";}else{$p_change = "No";}
if ($verif_d == "0")
{$verif_d= "No";}else{$verif_d= "Yes";}
echo "<table border=\"1\" width=\"100%\" id=\"table5\">";
echo "<tr>";
echo "<td width=\"100\"><b><a href=\"".$SERVER['PHP_SELF']."?user_det=$uname&ret_page=$page&ret_max=$max_results&search=$search\">$uname</a></b></td>";
echo "<td width=\"80\">E-Mail:</font></td>";
echo "<td><a href=\"mailto:$e_mail\">$e_mail</a></td>";
echo "</tr>";
echo "<tr>";
echo "<td width=\"100\">&nbsp;</td>";
echo "<td width=\"100\">Name:</td>";
echo "<td>$fname $lname</td>";
echo "</tr>";
echo "<tr>";
echo "<td width=\"100\">&nbsp;</td>";
echo "<td width=\"100\">Last Login:</td>";
echo "<td>$last</td>";
echo "</tr>";
echo "</table>";
}
// Figure out the total number of results in DB:
if (!isset($_GET['search']))
{
$total_results = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM authorize"),0);
}else{
$total_results = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM authorize
WHERE username LIKE '%$search%' || firstname LIKE '%$search%'
|| lastname LIKE '%$search%' || group1 LIKE '%$search%' || group2 LIKE '%$search%' || group3 LIKE '%$search%'
|| email LIKE '%$search%'"),0);
}
// Figure out the total number of pages. Always round up using ceil()
$total_pages = ceil($total_results / $max_results);
// Build Page Number Hyperlinks
echo "<center>Select a Page<br />";
// Build Previous Link
if($page > 1){
$prev = ($page - 1);
echo "<a href=\"".$_SERVER['PHP_SELF']."?page=$prev&max_results=$max_results&search=$search\">&lt;&lt;&nbsp;&nbsp; </a> ";
}
for($i = 1; $i <= $total_pages; $i++){
if(($page) == $i){
echo "$i ";
} else {
echo "<a href=\"".$_SERVER['PHP_SELF']."?page=$i&max_results=$max_results&search=$search\">$i</a> ";
}
}
// Build Next Link
if($page < $total_pages){
$next = ($page + 1);
echo "<a href=\"".$_SERVER['PHP_SELF']."?page=$next&max_results=$max_results&search=$search\">&nbsp;&nbsp; &gt;&gt;</a>";
}
echo "</center>";
}else{
echo "<b>Details for $user_det</b><br>";
$dsql = "SELECT * FROM $table_name WHERE username = '$user_det'";
$dresults = @mysql_query($dsql,$connection) or die(mysql_error());
while ($dsql = mysql_fetch_object($dresults))
{
$fname = $dsql -> firstname;
$lname = $dsql -> lastname;
$uname = $dsql -> username;
$p_change = $dsql -> pchange;
$verif_d = $dsql -> verified;
$last = $dsql -> last_login;
$re_direct = $dsql -> redirect;
$groupA = $dsql -> group1;
$groupB = $dsql -> group2;
$groupC = $dsql -> group3;
$e_mail = $dsql -> email;
if ($p_change == "0")
{
$p_change = "No";
}else{
$p_change = "Yes";
}
if ($verif_d == "0")
{
$verif_d = "No";
}else{
$verif_d = "Yes";
}
?>
<table border="1" width="100%" id="table1" bordercolorlight="#FFFFFF" bordercolordark="#C0C0C0">
<tr>
<td width="100" rowspan="10" valign="top"><? echo $uname; ?></td>
<td colspan="2">&nbsp;</td>
</tr>
<tr>
<td width="177">E-Mail:</td>
<td><a href="<? echo $e_mail; ?>"><? echo $e_mail; ?></a></td>
</tr>
<tr>
<td width="177">Real Name:</td>
<td><? echo "$fname $lname &nbsp;"; ?></td>
</tr>
<tr>
<td width="177">Last Login:</td>
<td><? echo $last; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">Password Change Required:</td>
<td><? echo $p_change; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">Verified Through E-Mail:</td>
<td><? echo $verif_d; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">Group Memberships:</td>
<td><? echo $groupA; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">&nbsp;</td>
<td><? echo $groupB; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">&nbsp;</td>
<td><? echo $groupC; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">Redirect to:</td>
<td><? echo $re_direct; ?></td>
</tr>
</table>
<center><a href="<? echo $_SERVER['PHP_SELF']."?page=$ret_page&max_results=$ret_max&search=$search"; ?>">Back to List</a></center>
<?
}}
if ($search != "")
{
if ($ret_max)
{ $page=$ret_page; $max_results=$ret_max; }
echo "<center><a href=\"".$_SERVER['PHP_SELF']."?page=$page&max_results=$max_results\">Exit Search</a>";
}else{
echo "<br><br>";
}
?>
<center>
<form method="GET" action="<? echo $_SERVER['PHP_SELF']."?page=$page&max_results=$max_results&search="; ?>"><p>Search
<input type="text" name="search" size="20"><input type="submit" value="Submit" name="B1"></p>
</form>
</center>
</td>
</tr>
</table>

146
admin/changeuser.php Normal file
View File

@ -0,0 +1,146 @@
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
require('../config.php');
require('../functions.php');
//check for administrative rights
if (allow_access(Administrators) != "yes")
{
include ('../check_login.php');
exit;
}
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword)
or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)
or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM $table_name";
$result = @mysql_query($sql,$connection) or die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Modificar usuario - La Factoría Verde</title>
<link rel="stylesheet" type="text/css" href="estilos.css">
</head>
<body>
<div id="layout">
<div id="header"> <img src="../img/lafactoriaverde.gif" alt="La Factoría Verde" />
<div style="float: right;">Sesión iniciada como <?php echo $_SESSION[user_name]; ?></div>
<?php
$menu_activo='nuevo_usuario';
include('_menu.php');
?>
</div>
<div id="content">
<h2>Dar de alta un nuevo usuario</h2>
<br/>
<form method="POST" action="<?php echo "adduser.php";?>">
<table width="100%" id="table44">
<tr>
<td width="200px">Nombre:</td>
<td><input type="text" name="firstname" size="20"></td>
</tr>
<tr>
<td width="200px">Apellidos:</td>
<td><input type="text" name="lastname" size="20"></td>
</tr>
<tr>
<td width="200px">Usuario:</td>
<td><input type="text" name="username" size="20"></td>
</tr>
<tr>
<td width="200px">Contraseña:</td>
<td><input type="text" name="password" size="20" maxlength="667"></td>
</tr>
<tr>
<td width="200px">E-Mail:</td>
<td><input type="text" name="email" size="20"></td>
</tr>
<tr>
<td width="200px">Grupo:</td>
<td><select size="1" name="group1">
<?php
echo "<option>Usuarios</option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></td>
</tr>
<tr>
<td width="200px">&nbsp;</td>
<td><select size="1" name="group2">
<?php
echo "<option></option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></td>
</tr>
<tr>
<td width="200px">&nbsp;</td>
<td><select size="1" name="group3">
<?php
echo "<option></option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></td>
</tr>
<tr>
<td width="200px">Redirigir a:</td>
<td><input type="text" name="redirect" size="50" value="http://"></td>
</tr>
<tr>
<td width="200px">Obligar a cambiar la contraseña en el siguiente inicio de sesión:</td>
<td><select size="1" name="pchange">
<option value="0" selected>No</option>
<option value="1">Si</option>
</select></td>
</tr>
<tr>
<td width="200px">Enviar un e-mail al usuario con su nueva cuenta:</td>
<td><select size="1" name="email_user">
<option value="No" selected>No</option>
<option value="Yes">Si</option>
</select></td>
</tr>
<tr>
<td width="200px"><input type="submit" value="Guardar" name="B4"></td>
<td>&nbsp;</td>
</tr>
</table>
</td>
</tr>
<tr>
</form>
</div>
<div id="footer"> </div>
</div>
</body>
</html>

107
admin/deleteuser.php Normal file
View File

@ -0,0 +1,107 @@
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
include ('../config.php');
include ('../functions.php');
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection) or die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Eliminar usuario - La Factoría Verde</title>
<link rel="stylesheet" type="text/css" href="estilos.css">
</head>
<body>
<div id="layout">
<div id="header"> <img src="../img/lafactoriaverde.gif" alt="La Factoría Verde" />
<div style="float: right;">Sesión iniciada como <?php echo $_SESSION[user_name]; ?></div>
<?php
$menu_activo='nuevo_usuario';
include('_menu.php');
?>
</div>
<div id="content">
<?php
//check for authority to view this page
if (allow_access(Administrators) != "yes")
{
echo "<br/><br/><br/><center><p class='error'>No tienes autorización para esta función.</p></center>";
}
if (isset($_GET['del_user'])) {
$s_string = $_GET['del_user'];
$explodeit = explode(" ", "$s_string");
$c = count($explodeit);
if ($c > 1) {
for ($i = 0; $i < $c; $i++) {
$del_user = $explodeit[$i] . "+";
}
}
else {
$del_user = $s_string;
}
}
if (($del_user != $_SESSION[user_name]) && ($del_user != ""))
{
$sql = "SELECT * FROM $table_name WHERE username = '$del_user'";
$result = @mysql_query($sql, $connection) or die(mysql_error());
//get the number of rows in the result set
$num = mysql_num_rows($result);
//set session variables if there is a match
if ($num != 0)
{
while ($sql = mysql_fetch_object($result))
{
$first = $sql -> firstname;
$last = $sql -> lastname;
$uname = $sql -> username;
$pass = $sql -> password;
$gr1 = $sql -> group1;
$gr2 = $sql -> group2;
$gr3 = $sql -> group3;
$change = $sql -> pchange;
$e_mail = $sql -> email;
$re_direct = $sql -> redirect;
$ver_d = $sql -> verified;
$last_log = $sql -> last_login;
$del_dat = last_login();
}
$trash_user = "INSERT INTO trash (firstname, lastname, username, password, group1, group2, group3, pchange, email, redirect, verified, last_login, del_date) VALUES ('$first', '$last', '$uname', '$pass', '$gr1', '$gr2', '$gr3', '$change', '$e_mail', '$re_direct', '$ver_d', '$last_log', '$del_dat')";
$del = "DELETE FROM $table_name WHERE username = '$del_user'";
$result = @mysql_query($del,$connection) or die(mysql_error());
$result1 = @mysql_query($trash_user,$connection) or die(mysql_error());
$msg .= "El usuario '$del_user' ha sido eliminado.<br/>";
} else {
$msg .= "No se encuentra el usuario '$del_user'.<br/>";
}
$del_banned = "DELETE FROM banned WHERE no_access = '$del_user'";
$result = @mysql_query($del_banned,$connection) or die(mysql_error());
echo $msg;
}
?>
<br/>
<center>
<a href="<?php echo "adminpage.php"; ?>">Volver a la lista</a>
</center>
</div>
<div id="footer"> </div>
</div>
</body>
</html>

56
admin/estilos.css Normal file
View File

@ -0,0 +1,56 @@
/* CSS Document */
@import url("../reset.css");
@import url("menu_style.css");
@import url("table_style.css");
html, body {
height: 100%;
font-family: Verdana, Geneva, sans-serif;
font-size: 12px;
}
body {
text-align: center;
}
a:link {
color: #718ABE;
text-decoration: none;
}
a:visited {
color: #718ABE;
text-decoration: none;
}
a:hover {
color: #718ABE;
text-decoration: underline !important;
}
input {
font-family: Verdana, Geneva, sans-serif;
}
#layout {
margin: 10px auto;
width: 800px;
text-align: left;
color: #333;
}
#header {
width: 100%;
}
#content {
text-align: left;
}
.error {
color: #F00;
font-weight: bold;
}

BIN
admin/images/bg.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 229 B

24
admin/mail_all.htm
View File

@ -1,24 +0,0 @@
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>E-Mail Subject</title>
<link rel="stylesheet" type="text/css" href="adminpage.css">
</head>
<body>
<form method="POST" action="mail_all.php">
<p>E-Mail Subject:<br>
<input type="text" name="e_subject" size="20"><br>
From Line to Read:<br>
<input type="text" name="e_from" size="20"><br>
Message:<br>
<textarea rows="15" name="e_message" cols="76"></textarea><br>
<input type="submit" value="Submit" name="B1"><input type="reset" value="Reset" name="B2"></p>
</form>
</body>
</html>

80
admin/mail_all.php
View File

@ -1,40 +1,40 @@
<?
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
//require config and functions files
require('../config.php');
require('../functions.php');
//check for administrative rights
if (allow_access(Administrators) != "yes")
{
include ('../no_access.html');
exit;
}
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//make the dbase query selecting only email address
$sql ="SELECT * FROM $table_name";
$result = @mysql_query($sql,$connection) or die(mysql_error());
echo "Your Message Has Been Sent to the Following Users:<br><br>";
while ($sql = mysql_fetch_object($result))
{
$e_addr = $sql -> email;
$e_user = $sql -> username;
$subject = $_POST[e_subject];
$mailheaders = $_POST[e_message];
mail($e_addr, $subject, $mailheaders, "From: No Reply <$adminemail>\n");
echo "$e_user<br>";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Enviar e-mail masivo a todos los cliente - La Factoría Verde</title>
<link rel="stylesheet" type="text/css" href="adminpage.css">
<link rel="stylesheet" type="text/css" href="estilos.css">
</head>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<body>
<div id="layout">
<div id="header">
<img src="../img/lafactoriaverde.gif" alt="La Factoría Verde" />
<?php
$menu_activo='mail_masivo';
include('_menu.php');
?>
</div>
<div id="content">
<form method="post" action="mail_all_process.php">
<p>Asunto:<br />
<input type="text" name="e_subject" size="20" /><br />
Remitente:<br />
<input type="text" name="e_from" size="20" /><br />
Mensaje:<br />
<textarea rows="15" name="e_message" cols="76">
</textarea><br />
<input type="submit" value="Enviar" name="B1" /><input type="reset" value="Borrar"
name="B2" /></p>
</form>
</div>
<div id="footer">
</div>
</div>
</body>
</html>

38
admin/mail_all_process.php Normal file
View File

@ -0,0 +1,38 @@
<?
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
//require config and functions files
require('../config.php');
require('../functions.php');
//check for administrative rights
if (allow_access(Administrators) != "yes")
{
include ('../check_login.php');
exit;
}
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//make the dbase query selecting only email address
$sql ="SELECT * FROM $table_name";
$result = @mysql_query($sql,$connection) or die(mysql_error());
echo "Tu mensaje ha sido enviado a los siguientes usuarios:<br/><br/>";
while ($sql = mysql_fetch_object($result))
{
$e_addr = $sql -> email;
$e_user = $sql -> username;
$subject = $_POST[e_subject];
$mailheaders = $_POST[e_message];
mail($e_addr, $subject, $mailheaders, "From: No Reply <$adminemail>\n");
echo "$e_user<br>";
}
?>

48
admin/menu_style.css Normal file
View File

@ -0,0 +1,48 @@
ul.menu {
list-style-type:none;
width:auto;
position:relative;
display:block;
height:33px;
background:url(images/bg.png) repeat-x top left;
font-family:Verdana,Helvetica,Arial,sans-serif;
border:1px solid #000;
margin:0 0 10px 0;
padding:0;
}
ul.menu li {
display:block;
float:left;
margin:0;
padding:0;
}
ul.menu li a {
float:left;
color:#d0b9a2;
text-decoration:none;
height:24px;
padding:9px 15px 0;
font-weight:normal;
}
ul.menu li a:hover,.current {
color:#fff;
background:url(images/bg.png) repeat-x top left;
text-decoration:none;
}
ul.menu .current a {
color:#fff;
font-weight:700;
}
/*ORANGE*/
ul.menu.orange{
background-color:#DC4900;
}
ul.menu.orange li a:hover, .menu.orange li.current {
background-color:#F46D00;
}

520
admin/mod_user.php
View File

@ -1,264 +1,256 @@
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
include ('../config.php');
include ('../functions.php');
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword)
or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)
or die(mysql_error());
if ($_POST[del_user] != "")
{
$sql = "SELECT * FROM $table_name WHERE username = '$_POST[del_user]'";
$result = @mysql_query($sql, $connection) or die(mysql_error());
//get the number of rows in the result set
$num = mysql_num_rows($result);
//set session variables if there is a match
if ($num != 0)
{
while ($sql = mysql_fetch_object($result))
{
$first = $sql -> firstname;
$last = $sql -> lastname;
$uname = $sql -> username;
$pass = $sql -> password;
$gr1 = $sql -> group1;
$gr2 = $sql -> group2;
$gr3 = $sql -> group3;
$change = $sql -> pchange;
$e_mail = $sql -> email;
$re_direct = $sql -> redirect;
$ver_d = $sql -> verified;
$last_log = $sql -> last_login;
$del_dat = last_login();
}
$trash_user = "INSERT INTO trash (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login, del_date)VALUES
('$first', '$last', '$uname', '$pass', '$gr1', '$gr2', '$gr3',
'$change', '$e_mail', '$re_direct', '$ver_d', '$last_log', '$del_dat')";
$del = "DELETE FROM $table_name WHERE username = '$_POST[del_user]'";
$result = @mysql_query($del,$connection) or die(mysql_error());
$result1 = @mysql_query($trash_user,$connection) or die(mysql_error());
$msg .= "User $_POST[del_user] has been trashed from the database.<br>";
}else{
$msg .= "User $_POST[del_user] could not be located in the database.<br>";
}
$del_banned = "DELETE FROM banned WHERE no_access = '$_POST[del_user]'";
$result = @mysql_query($del_banned,$connection) or die(mysql_error());
}
if (($_POST[username] != "") && ($_POST[mod_pass] == "Same as Old"))
{
$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$pass = $sql -> password;
$last = $sql -> last_login;
}
$sql = "DELETE FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$sql = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES ('$_POST[mod_first]', '$_POST[mod_last]',
'$_POST[username]', '$pass', '$_POST[mod_group1]', '$_POST[mod_group2]',
'$_POST[mod_group3]', '$_POST[mod_chng]', '$_POST[mod_email]', '$_POST[mod_redirect]',
'1', '$last')";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$msg .= "The information for $_POST[username] has been changed updated.<br>";
}
if (($_POST[username] != "") && ($_POST[mod_pass] != "Same as Old"))
{
$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$pass = $sql -> password;
$last = $sql -> last_login;
}
$sql = "DELETE FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$sql = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES ('$_POST[mod_first]', '$_POST[mod_last]',
'$_POST[username]', password('$_POST[mod_pass]'), '$_POST[mod_group1]', '$_POST[mod_group2]',
'$_POST[mod_group3]', '$_POST[mod_chng]', '$_POST[mod_email]', '$_POST[mod_redirect]',
'1', '$last')";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$msg .= "The information for $_POST[username] has been changed updated.<br>";
}
if ($_POST[ban_user] != "")
{
$ban = "INSERT INTO banned (no_access, type) VALUES ('$_POST[ban_user]', 'user')";
$result = @mysql_query($ban,$connection) or die(mysql_error());
$msg .= "User $_POST[ban_user] has been banned.<br>";
}
$ip_addr = "$_POST[oct1].$_POST[oct2].$_POST[oct3].$_POST[oct4]";
if ($ip_addr != "...")
{
$ban_ip = "INSERT INTO banned (no_access, type) VALUES ('$ip_addr', 'ip')";
$result = @mysql_query($ban_ip,$connection) or die(mysql_error());
$msg .= "IP Address $ip_addr has been banned.<br>";
}
if ($_POST[lift_user_ban] != "")
{
$lift_user = "DELETE FROM banned (no_access, type) WHERE no_access = '$_POST[lift_user_ban]'";
$result = @mysql_query($lift_user,$connection) or die(mysql_error());
$msg .= "The Ban for user $_POST[lift_user_ban] has been lifted.<br>";
}
if ($_POST[lift_ip_ban] != "")
{
$lift_ip = "DELETE FROM banned (no_access, type) WHERE no_access = '$_POST[lift_ip_ban]'";
$result = @mysql_query($lift_ip,$connection) or die(mysql_error());
$msg .= "The Ban for IP Address $_POST[lift_ip_ban] has been lifted.<br>";
}
if ($_POST[restore] != "")
{
$ruser = "SELECT * FROM trash WHERE username = '$_POST[restore]'";
$result0 = @mysql_query($ruser, $connection) or die(mysql_error());
//get the number of rows in the result set
$num = mysql_num_rows($result0);
//set session variables if there is a match
if ($num != 0)
{
while ($ruser = mysql_fetch_object($result0))
{
$rfirst = $ruser -> firstname;
$rlast = $ruser -> lastname;
$runame = $ruser -> username;
$rpass = $ruser -> password;
$rgr1 = $ruser -> group1;
$rgr2 = $ruser -> group2;
$rgr3 = $ruser -> group3;
$rchange = $ruser -> pchange;
$re_mail = $ruser -> email;
$rre_direct = $ruser -> redirect;
$rver_d = $ruser -> verified;
$rlast_log = $ruser -> last_login;
}
$r_user = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES
('$rfirst', '$rlast', '$runame', '$rpass', '$rgr1', '$rgr2', '$rgr3',
'$rchange', '$re_mail', '$rre_direct', '$rver_d', '$rlast_log')";
$del = "DELETE FROM trash WHERE username = '$_POST[restore]'";
$result = @mysql_query($del,$connection) or die(mysql_error());
$result1 = @mysql_query($r_user,$connection) or die(mysql_error());
$msg .= "User $_POST[restore] has been restored.<br>";
}else{
$msg .= "User $_POST[restore] could not be located in the database.<br>";
}
}
if ($_POST[empt_trash] == "yes")
{
$empty = "DELETE FROM trash";
$gone = @mysql_query($empty, $connection) or die(mysql_error());
$msg .= "The trash has been emptied.<br>";
}
if ($_POST[amt_time] != "" && $_POST[incr_time] != "")
{
$msg .= "The following accounts were inactive for $amt_time $incr_time or more and have been moved to the trash.<br><br>";
$killtime = "NOW() - INTERVAL $_POST[amt_time] $_POST[incr_time]";
$xfer = "SELECT * FROM $table_name WHERE last_login < $killtime";
$resultp1 = @mysql_query($xfer, $connection) or die(mysql_error());
while ($xfer = mysql_fetch_object($resultp1))
{
$pfirst = $xfer -> firstname;
$plast = $xfer -> lastname;
$puname = $xfer -> username;
$ppass = $xfer -> password;
$pgr1 = $xfer -> group1;
$pgr2 = $xfer -> group2;
$pgr3 = $xfer -> group3;
$ppchange = $xfer -> pchange;
$pe_mail = $xfer -> email;
$pre_direct = $xfer -> redirect;
$pver_d = $xfer -> verified;
$plast_log = $xfer -> last_login;
$pdel_date = last_login();
$msg .= "$puname<br>";
$xfer2 = "INSERT INTO trash (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login, del_date) VALUES ('$pfirst', ' $plast', '$puname',
'$ppass', '$pgr1', '$pgr2', '$pgr3', '$ppchange', '$pe_mail', '$pre_direct', '$pver_d', '$plast_log', '$pdel_date')";
$resultp2 = @mysql_query($xfer2, $connection) or die(mysql_error());
}
$purge = "DELETE FROM $table_name WHERE last_login < $killtime";
$resultp3 = @mysql_query($purge, $connection) or die(mysql_error());
}
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"adminpage.css\">";
echo $msg;
if ($_POST[username] == $_SESSION[user_name])
{
session_destroy();
echo "<html>";
echo "<head>";
echo "<meta http-equiv=\"refresh\" content=\"3; url=../login.html\">";
echo "<title>New Page 2</title>";
echo "</head>";
exit;
}
?>
<html>
<head>
<meta http-equiv="refresh" content="3; url=adminpage.php">
<title>Modify User</title>
</head>
<body>
</body>
</html>
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
include ('../config.php');
include ('../functions.php');
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection) or die(mysql_error());
if ($_POST[del_user] != "")
{
$sql = "SELECT * FROM $table_name WHERE username = '$_POST[del_user]'";
$result = @mysql_query($sql, $connection) or die(mysql_error());
//get the number of rows in the result set
$num = mysql_num_rows($result);
//set session variables if there is a match
if ($num != 0)
{
while ($sql = mysql_fetch_object($result))
{
$first = $sql -> firstname;
$last = $sql -> lastname;
$uname = $sql -> username;
$pass = $sql -> password;
$gr1 = $sql -> group1;
$gr2 = $sql -> group2;
$gr3 = $sql -> group3;
$change = $sql -> pchange;
$e_mail = $sql -> email;
$re_direct = $sql -> redirect;
$ver_d = $sql -> verified;
$last_log = $sql -> last_login;
$del_dat = last_login();
}
$trash_user = "INSERT INTO trash (firstname, lastname, username, password, group1, group2, group3, pchange, email, redirect, verified, last_login, del_date) VALUES ('$first', '$last', '$uname', '$pass', '$gr1', '$gr2', '$gr3', '$change', '$e_mail', '$re_direct', '$ver_d', '$last_log', '$del_dat')";
$del = "DELETE FROM $table_name WHERE username = '$_POST[del_user]'";
$result = @mysql_query($del,$connection) or die(mysql_error());
$result1 = @mysql_query($trash_user,$connection) or die(mysql_error());
$msg .= "El usuario '$_POST[del_user]' ha sido eliminado.<br/>";
} else {
$msg .= "No se encuentra el usuario '$_POST[del_user]'.<br/>";
}
$del_banned = "DELETE FROM banned WHERE no_access = '$_POST[del_user]'";
$result = @mysql_query($del_banned,$connection) or die(mysql_error());
}
if (($_POST[username] != "") && ($_POST[mod_pass] == "Same as Old"))
{
$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$pass = $sql -> password;
$last = $sql -> last_login;
}
$sql = "DELETE FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$sql = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES ('$_POST[mod_first]', '$_POST[mod_last]',
'$_POST[username]', '$pass', '$_POST[mod_group1]', '$_POST[mod_group2]',
'$_POST[mod_group3]', '$_POST[mod_chng]', '$_POST[mod_email]', '$_POST[mod_redirect]',
'1', '$last')";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$msg .= "The information for $_POST[username] has been changed updated.<br>";
}
if (($_POST[username] != "") && ($_POST[mod_pass] != "Same as Old"))
{
$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$pass = $sql -> password;
$last = $sql -> last_login;
}
$sql = "DELETE FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$sql = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES ('$_POST[mod_first]', '$_POST[mod_last]',
'$_POST[username]', password('$_POST[mod_pass]'), '$_POST[mod_group1]', '$_POST[mod_group2]',
'$_POST[mod_group3]', '$_POST[mod_chng]', '$_POST[mod_email]', '$_POST[mod_redirect]',
'1', '$last')";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$msg .= "The information for $_POST[username] has been changed updated.<br>";
}
if ($_POST[ban_user] != "")
{
$ban = "INSERT INTO banned (no_access, type) VALUES ('$_POST[ban_user]', 'user')";
$result = @mysql_query($ban,$connection) or die(mysql_error());
$msg .= "User $_POST[ban_user] has been banned.<br>";
}
$ip_addr = "$_POST[oct1].$_POST[oct2].$_POST[oct3].$_POST[oct4]";
if ($ip_addr != "...")
{
$ban_ip = "INSERT INTO banned (no_access, type) VALUES ('$ip_addr', 'ip')";
$result = @mysql_query($ban_ip,$connection) or die(mysql_error());
$msg .= "IP Address $ip_addr has been banned.<br>";
}
if ($_POST[lift_user_ban] != "")
{
$lift_user = "DELETE FROM banned (no_access, type) WHERE no_access = '$_POST[lift_user_ban]'";
$result = @mysql_query($lift_user,$connection) or die(mysql_error());
$msg .= "The Ban for user $_POST[lift_user_ban] has been lifted.<br>";
}
if ($_POST[lift_ip_ban] != "")
{
$lift_ip = "DELETE FROM banned (no_access, type) WHERE no_access = '$_POST[lift_ip_ban]'";
$result = @mysql_query($lift_ip,$connection) or die(mysql_error());
$msg .= "The Ban for IP Address $_POST[lift_ip_ban] has been lifted.<br>";
}
if ($_POST[restore] != "")
{
$ruser = "SELECT * FROM trash WHERE username = '$_POST[restore]'";
$result0 = @mysql_query($ruser, $connection) or die(mysql_error());
//get the number of rows in the result set
$num = mysql_num_rows($result0);
//set session variables if there is a match
if ($num != 0)
{
while ($ruser = mysql_fetch_object($result0))
{
$rfirst = $ruser -> firstname;
$rlast = $ruser -> lastname;
$runame = $ruser -> username;
$rpass = $ruser -> password;
$rgr1 = $ruser -> group1;
$rgr2 = $ruser -> group2;
$rgr3 = $ruser -> group3;
$rchange = $ruser -> pchange;
$re_mail = $ruser -> email;
$rre_direct = $ruser -> redirect;
$rver_d = $ruser -> verified;
$rlast_log = $ruser -> last_login;
}
$r_user = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES
('$rfirst', '$rlast', '$runame', '$rpass', '$rgr1', '$rgr2', '$rgr3',
'$rchange', '$re_mail', '$rre_direct', '$rver_d', '$rlast_log')";
$del = "DELETE FROM trash WHERE username = '$_POST[restore]'";
$result = @mysql_query($del,$connection) or die(mysql_error());
$result1 = @mysql_query($r_user,$connection) or die(mysql_error());
$msg .= "User $_POST[restore] has been restored.<br>";
} else {
$msg .= "User $_POST[restore] could not be located in the database.<br>";
}
}
if ($_POST[empt_trash] == "yes")
{
$empty = "DELETE FROM trash";
$gone = @mysql_query($empty, $connection) or die(mysql_error());
$msg .= "The trash has been emptied.<br>";
}
if ($_POST[amt_time] != "" && $_POST[incr_time] != "")
{
$msg .= "The following accounts were inactive for $amt_time $incr_time or more and have been moved to the trash.<br><br>";
$killtime = "NOW() - INTERVAL $_POST[amt_time] $_POST[incr_time]";
$xfer = "SELECT * FROM $table_name WHERE last_login < $killtime";
$resultp1 = @mysql_query($xfer, $connection) or die(mysql_error());
while ($xfer = mysql_fetch_object($resultp1))
{
$pfirst = $xfer -> firstname;
$plast = $xfer -> lastname;
$puname = $xfer -> username;
$ppass = $xfer -> password;
$pgr1 = $xfer -> group1;
$pgr2 = $xfer -> group2;
$pgr3 = $xfer -> group3;
$ppchange = $xfer -> pchange;
$pe_mail = $xfer -> email;
$pre_direct = $xfer -> redirect;
$pver_d = $xfer -> verified;
$plast_log = $xfer -> last_login;
$pdel_date = last_login();
$msg .= "$puname<br>";
$xfer2 = "INSERT INTO trash (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login, del_date) VALUES ('$pfirst', ' $plast', '$puname',
'$ppass', '$pgr1', '$pgr2', '$pgr3', '$ppchange', '$pe_mail', '$pre_direct', '$pver_d', '$plast_log', '$pdel_date')";
$resultp2 = @mysql_query($xfer2, $connection) or die(mysql_error());
}
$purge = "DELETE FROM $table_name WHERE last_login < $killtime";
$resultp3 = @mysql_query($purge, $connection) or die(mysql_error());
}
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"adminpage.css\">";
echo $msg;
if ($_POST[username] == $_SESSION[user_name])
{
session_destroy();
echo "<html>";
echo "<head>";
echo "<meta http-equiv=\"refresh\" content=\"3; url=../login.html\">";
echo "<title>New Page 2</title>";
echo "</head>";
exit;
}
?>
<html>
<head>
<meta http-equiv="refresh" content="3; url=adminpage.php">
<title>Modify User</title>
</head>
<body>
</body>
</html>

147
admin/newuser.php Normal file
View File

@ -0,0 +1,147 @@
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
require('../config.php');
require('../functions.php');
//check for administrative rights
if (allow_access(Administrators) != "yes")
{
include ('../check_login.php');
exit;
}
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword)
or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)
or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM $table_name";
$result = @mysql_query($sql,$connection) or die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Añadir nuevo usuario - La Factoría Verde</title>
<link rel="stylesheet" type="text/css" href="estilos.css">
</head>
<body>
<div id="layout">
<div id="header"> <img src="../img/lafactoriaverde.gif" alt="La Factoría Verde" />
<div style="float: right;">Sesión iniciada como <?php echo $_SESSION[user_name]; ?></div>
<?php
$menu_activo='nuevo_usuario';
include('_menu.php');
?>
</div>
<div id="content">
<h2>Dar de alta un nuevo usuario</h2>
<br/>
<form method="POST" action="<?php echo "adduser.php";?>">
<table width="100%" id="table44">
<tr>
<td width="200px">Nombre:</td>
<td><input type="text" name="firstname" size="20"></td>
</tr>
<tr>
<td width="200px">Apellidos:</td>
<td><input type="text" name="lastname" size="20"></td>
</tr>
<tr>
<td width="200px">Usuario:</td>
<td><input type="text" name="username" size="20"></td>
</tr>
<tr>
<td width="200px">Contraseña:</td>
<td><input type="text" name="password" size="20" maxlength="667"><br/><?php echo "La contraseña debe tener una longitud entre $min_pass y $max_pass caracteres."; ?></td>
</tr>
<tr>
<td width="200px">E-Mail:</td>
<td><input type="text" name="email" size="50"></td>
</tr>
<tr>
<td width="200px">Grupo:</td>
<td><select size="1" name="group1">
<?php
echo "<option>Usuarios</option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></td>
</tr>
<tr>
<td width="200px">&nbsp;</td>
<td><select size="1" name="group2">
<?php
echo "<option></option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></td>
</tr>
<tr>
<td width="200px">&nbsp;</td>
<td><select size="1" name="group3">
<?php
echo "<option></option>";
$i = 0;
while ($i < $num_groups)
{
echo "<option value=\"$group_array[$i]\">$group_array[$i]</option>";
$i++;
}
?>
</select></td>
</tr>
<tr>
<td width="200px">Redirigir a:</td>
<td><input type="text" name="redirect" size="50" value="/jardines/"><br/>
Por ejemplo: /jardines/casonadesuesa</td>
</tr>
<tr>
<td width="200px">Obligar a cambiar la contraseña en el siguiente inicio de sesión:</td>
<td><select size="1" name="pchange">
<option value="0" selected>No</option>
<option value="1">Si</option>
</select></td>
</tr>
<tr>
<td width="200px">Enviar un e-mail al usuario con su nueva cuenta:</td>
<td><select size="1" name="email_user">
<option value="No" selected>No</option>
<option value="Yes">Si</option>
</select></td>
</tr>
<tr>
<td width="200px"><input type="submit" value="Guardar" name="B4"></td>
<td>&nbsp;</td>
</tr>
</table>
</td>
</tr>
<tr>
</form>
</div>
<div id="footer"> </div>
</div>
</body>
</html>

41
admin/table_style.css Normal file
View File

@ -0,0 +1,41 @@
/*
Cusco Sky table styles
written by Braulio Soncco http://www.buayacorp.com
*/
table, th, td {
border: 1px solid #D4E0EE;
border-collapse: collapse;
font-family: "Trebuchet MS", Arial, sans-serif;
color: #555;
}
caption {
font-size: 150%;
font-weight: bold;
margin: 5px;
}
td, th {
padding: 4px;
}
thead th {
text-align: center;
background: #E6EDF5;
color: #4F76A3;
font-size: 100% !important;
}
tbody th {
font-weight: bold;
}
tbody tr { background: #FCFDFE; }
tbody tr.odd { background: #F7F9FC; }
tfoot th, tfoot td {
font-size: 85%;
}

149
admin/userinfo.php Normal file
View File

@ -0,0 +1,149 @@
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
require('../config.php');
require('../functions.php');
//check for administrative rights
if (allow_access(Administrators) != "yes")
{
include ('../check_login.php');
exit;
}
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword)
or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)
or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM $table_name";
$result = @mysql_query($sql,$connection) or die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Información de usuario - La Factoría Verde</title>
<link rel="stylesheet" type="text/css" href="estilos.css">
</head>
<body>
<div id="layout">
<div id="header"> <img src="../img/lafactoriaverde.gif" alt="La Factoría Verde" />
<div style="float: right;">Sesión iniciada como <?php echo $_SESSION[user_name]; ?></div>
<?php include('_menu.php'); ?>
</div>
<div id="content">
<?php
if (isset($_GET['user_det'])) {
$s_string = $_GET['user_det'];
$explodeit = explode(" ", "$s_string");
$c = count($explodeit);
if ($c > 1) {
for ($i = 0; $i < $c; $i++) {
$user_det = $explodeit[$i] . "+";
}
}
else {
$user_det = $s_string;
}
}
if ($user_det != "") {
echo "<h2>Detalles del usuario '".$user_det."'</h2>";
$dsql = "SELECT * FROM $table_name WHERE username = '$user_det'";
$dresults = @mysql_query($dsql, $connection) or die(mysql_error());
while ($dsql = mysql_fetch_object($dresults)) {
$fname = $dsql->firstname;
$lname = $dsql->lastname;
$uname = $dsql->username;
$p_change = $dsql->pchange;
$verif_d = $dsql->verified;
$last = $dsql->last_login;
$re_direct = $dsql->redirect;
$groupA = $dsql->group1;
$groupB = $dsql->group2;
$groupC = $dsql->group3;
$e_mail = $dsql->email;
if ($p_change == "0") {
$p_change = "No";
}
else {
$p_change = "Yes";
}
if ($verif_d == "0") {
$verif_d = "No";
}
else {
$verif_d = "Yes";
}
?>
<br/>
<table width="100%" id="table1">
<tr>
<td width="100" rowspan="10" valign="top"><?php echo $uname; ?></td>
<td colspan="2">&nbsp;</td>
</tr>
<tr>
<td width="177">E-Mail:</td>
<td><a href="<?php echo $e_mail; ?>"><?php echo $e_mail; ?></a></td>
</tr>
<tr>
<td width="177">Nombre completo:</td>
<td><?php echo "$fname $lname &nbsp;"; ?></td>
</tr>
<tr>
<td width="177">Última sesión:</td>
<td><?php echo $last; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">Solicitud de cambio de contraseña:</td>
<td><?php echo $p_change; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">Verificar e-mail:</td>
<td><?php echo $verif_d; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">Miembro del grupo:</td>
<td><?php echo $groupA; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">&nbsp;</td>
<td><?php echo $groupB; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">&nbsp;</td>
<td><?php echo $groupC; ?>&nbsp;</td>
</tr>
<tr>
<td width="177">Redirigir a:</td>
<td><?php echo $re_direct; ?></td>
</tr>
</table>
<br/>
<center>
<a href="<?php echo "adminpage.php"; ?>">Volver a la lista</a>
</center>
<?php }
}?>
</div>
<div id="footer"> </div>
</div>
</body>
</html>

30
banned.html
View File

@ -1,15 +1,15 @@
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Unauthorized</title>
</head>
<body>
<p><b><font size="7">YOU'VE BEEN BANNED</font></b></p>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>No autorizado</title>
</head>
<body>
<p><b><font size="7">TU CUENTA ESTÁ BANEADA</font></b></p>
</body>
</html>

43
check_login.php
View File

@ -1,23 +1,20 @@
<?
session_start();
//check to see if the user already has an open session
if (($_SESSION[user_name] != "") && ($_SESSION[password] != ""))
{
header("Location:$_SESSION[redirect]");
exit;
}
//check to see if cookies have been set previously
if(($lr_user != "") && ($lr_pass != ""))
{
header("Location:redirect.php");
exit;
}
//if neither is true, redirect to login
header("Location:login.html");
?>
<?php
session_start();
//check to see if the user already has an open session
if (($_SESSION[user_name] != "") && ($_SESSION[password] != ""))
{
header("Location:$_SESSION[redirect]");
exit;
}
//check to see if cookies have been set previously
if(($lr_user != "") && ($lr_pass != ""))
{
header("Location:redirect.php");
exit;
}
//if neither is true, redirect to login
header("Location:login.php");
?>

14
config.php
View File

@ -1,22 +1,22 @@
<?
<?php
//set up the names of the database and table
$db_name ="dqxjaadh_factoriaverde";
$db_name ="factoria";
$table_name ="authorize";
//connect to the server and select the database
$server = "localhost";
$dbusername = "dqxjaadh_factori";
$dbpassword = "q3gm78v69f";
$dbusername = "factoria";
$dbpassword = "123";
//domain information
$domain = ".lafactoriaverde.es";
$domain = "localhost";
//Change to "0" to turn off the login log
$log_login = "1";
//base_dir is the location of the files, ie http://www.yourdomain/login
$base_dir = "http://www.rodax-software.net/lafactoriaverde.es/";
$base_dir = "http://localhost";
//length of time the cookie is good for - 7 is the days and 24 is the hours
//if you would like the time to be short, say 1 hour, change to 60*60*1
@ -33,7 +33,7 @@ $zone=3600*+1;
$verify = "0";
//default redirect, this is the URL that all self-registered users will be redirected to
$default_url = "http://www.rodax-software.net/lafactoriaverde.es/";
$default_url = "http://localhost/";
//minimum and maximum password lengths
$min_pass = 4;

67
email_change.html
View File

@ -1,34 +1,33 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Chane E-Mail Address</title>
<script Language="JavaScript">
<!--
function Form1_Validator(theForm)
{
if (theForm.email.value == "")
{
alert("The \"E-Mail Address\" field cannot be left blank.");
theForm.email.focus();
return (false);
}
}
//--></script>
</head>
<body>
<form method="POST" action="email_change.php" onsubmit="return Form1_Validator(this)" language="JavaScript" name="Form1">
<p><b><font face="Tahoma">E-Mail Address Change</font></b></p>
<p><font face="Tahoma"><font size="2">New E-Mail Address:<br>
</font><input name="email" size="20"><font size="2"><br>
<br>
</font><input type="submit" value="Submit" name="B1"></font></p>
</form>
&nbsp;</body>
</html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Cambiar dirección de e-mail</title>
<script language="JavaScript" type="text/javascript">
//<![CDATA[
<!--
function Form1_Validator(theForm)
{
if (theForm.email.value == "")
{
alert("Debe indicar una nueva dirección de e-mail.");
theForm.email.focus();
return (false);
}
}
//-->
//]]>
</script>
</head>
<body>
<form method="post" action="email_change.php" onsubmit="return Form1_Validator(this)"
language="JavaScript" name="Form1">
<p><b><font face="Tahoma">Cambio de dirección de e-mail</font></b></p>
<p><font face="Tahoma"><font size="2">Nuevo e-mail:<br /></font> <input name=
"email" size="20" /><font size="2"><br />
<br /></font> <input type="submit" value="Cambiar" name="B1" /></font></p>
</form>&nbsp;
</body>
</html>

53
emailpass.html
View File

@ -1,17 +1,36 @@
<HTML>
<HEAD>
<TITLE>Username and Password Request</TITLE>
</HEAD>
<BODY>
<H1><font face="Verdana" size="4" color="#0080C0">Request Your Username &amp; Password</font></H1>
<FORM METHOD="POST" ACTION="emailpass.php">
<P><font color="#0080C0"><strong><font size="2" face="Verdana">Email Address</font></strong><font face="Verdana"><STRONG><font size="2">:</font></STRONG><BR>
</font></font><font color="#0080C0" face="Verdana">
<INPUT TYPE="text" NAME="email" SIZE=25 MAXLENGTH=50></font></p>
<P>
<font color="#0080C0">
<INPUT TYPE="submit" NAME="submit" VALUE="Submit" style="font-family: Verdana"></font></P>
</FORM>
</BODY>
</HTML>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Recuperación de usuario y contraseña</title>
<style type="text/css">
/*<![CDATA[*/
p.c8 {color: #0080C0}
input.c7 {font-family: Verdana}
span.c6 {color: #0080C0; font-family: Verdana}
span.c5 {color: #0080C0}
span.c4 {font-family: Verdana}
span.c3 {font-size: 80%}
span.c2 {font-family: Verdana; font-size: 80%}
h1.c1 {color: #0080C0; font-family: Verdana; font-size: 120%}
/*]]>*/
</style>
</head>
<body>
<h1 class="c1">Recuperar usuario y contraseña</h1>
<form method="post" action="emailpass.php">
<p><span class="c5"><strong><span class="c2">Dirección de
e-mail</span></strong><span class="c4"><strong><span class=
"c3">:</span></strong><br /></span></span> <span class="c6"><input type="text" name=
"email" size="25" maxlength="50" /></span></p>
<p class="c8"><input type="submit" name="submit" value="Enviar" class="c7" /></p>
</form>
</body>
</html>

25
errorlogin.html
View File

@ -1,25 +0,0 @@
<HTML>
<HEAD>
<TITLE>Error Login</TITLE>
</HEAD>
<BODY>
<h1><font face="Verdana" size="4" color="#2852A8">There was an error logging you
in, please try again...</font></h1>
<FORM METHOD="POST" ACTION="redirect.php">
<P><font face="Verdana" size="2" color="#2852A8"><STRONG>Username:</STRONG><BR>
</font><font color="#2852A8" face="Verdana">
<INPUT TYPE="text" NAME="username" SIZE=25 MAXLENGTH=25></font></p>
<P><font face="Verdana" size="2" color="#2852A8"><STRONG>Password:</STRONG><BR>
</font><font color="#2852A8" face="Verdana">
<INPUT TYPE="password" NAME="password" SIZE=25 MAXLENGTH=25></font></p>
<P><font face="Verdana"><font color="#2852A8">
<input type="checkbox" name="remember" value="Yes"></font><font size="2" color="#2852A8">Remember
me from this computer</font></font></p>
<P><font color="#2852A8">
<INPUT TYPE="submit" NAME="submit" VALUE="Login" style="font-family: Verdana"></font></P>
</FORM>
<p><font color="#2852A8" face="Verdana" size="2"><a href="../../loginredir/emailpass.html">
<font color="#2852A8">Click here if would like your username and password to be
e-mailed to the address we have on file.</font></a></font></p>
</BODY>
</HTML>

196
estilos.css Normal file
View File

@ -0,0 +1,196 @@
/* CSS Document */
@import url("reset.css");
html, body {
height: 100%;
font-family: Verdana, Geneva, sans-serif;
}
input {
font-family: Verdana, Geneva, sans-serif;
}
#layout {
width: 1024px;
height: 550px;
text-align: left;
position: absolute;
left: 50%;
top: 50%;
margin-left: -512px;
margin-top: -275px;
background: #fff url("img/inicio-factoria.gif") no-repeat;
color: #fff;
}
#header {
width: 100%;
height: 30px;
}
#header h2 {
margin-top: 6px;
margin-left: 18px;
background: url("img/texto-mantenimiento.gif") no-repeat;
width: 640px;
height: 0;
padding: 22px 0 0 0;
overflow: hidden;
}
#header h3 {
position: absolute;
right: 74px;
top: 7px;
background: url("img/texto-telefono.gif") no-repeat;
width: 125px;
height: 0;
padding: 17px 0 0 0;
overflow: hidden;
}
#footer {
width: 260px;
position: absolute;
bottom: 0;
right: 0;
text-align: center;
padding: 0 0 6px 0;
}
#aside {
position: absolute;
right: 0;
top: 31px;
height: 485px;
width: 260px;
}
#content {
position: absolute;
left: 0;
top: 32px;
width: 762px;
height: 518px;
}
#menu {
margin-top: 100px;
margin-left: 30px;
width: 200px;
}
#menu ul {
}
#menu li {
margin: 5px 0;
}
#menu span {
visibility: hidden;
padding: 0 20px 0 0;
}
#menu a {
text-decoration: none;
width: 100%;
}
#menu a.presentacion {
background: url('img/menu-presentacion.gif') 0 0 no-repeat;
}
#menu a.presentacion:hover {
background: url('img/menu-presentacion-hot.gif') 0 0 no-repeat;
}
#menu a.servicios {
background: url('img/menu-servicios.gif') 0 0 no-repeat;
}
#menu a.servicios:hover {
background: url('img/menu-servicios-hot.gif') 0 0 no-repeat;
}
#menu a.galeria {
background: url('img/menu-galeria.gif') 0 0 no-repeat;
}
#menu a.galeria:hover {
background: url('img/menu-galeria-hot.gif') 0 0 no-repeat;
}
#menu a.blog {
background: url('img/menu-blog-consultas.gif') 0 0 no-repeat;
}
#menu a.blog:hover {
background: url('img/menu-blog-consultas-hot.gif') 0 0 no-repeat;
}
#modulos {
margin-top: 8px;
margin-left: 30px;
width: 200px;
width: 200px;
font-size: 11px;
font-variant:small-caps;
line-height: 140%;
}
#login {
margin-top: 20px;
margin-left: 30px;
width: 200px;
background: url('img/texto-login.gif') 0 0 no-repeat;
height: 165px;
width: 200px;
}
#login h2 {
visibility: hidden;
}
#login p.texto-pass {
height: 20px;
margin: 0;
padding: 0;
border: 0;
background: url('img/texto-olvidaste-pass.gif') 0 0 no-repeat;
text-indent: -1000em;
}
form.login-inicio label {
line-height: 20px;
}
form.login-inicio .campo {
background-color: #c1bfbf;
border: 0;
}
form.login-inicio .entrar {
background: none;
display:block;
width: 80px;
height: 20px;
margin: 5px 0 0 0;
padding: 0;
border: 0;
cursor: pointer;
cursor: hand;
}
form.login-inicio span {
visibility: hidden;
}
#content.inicio {
background: #fff url('img/fondo-inicio.jpg') no-repeat;
}
.error {
color: #F00;
font-weight: bold;
}

149
functions.php
View File

@ -1,80 +1,71 @@
<?php
//function to get the date
function last_login()
{
$date = gmdate("Y-m-d");
return $date;
}
//function that sets the session variable
function sess_vars($base_dir, $server, $dbusername, $dbpassword, $db_name, $table_name, $user, $pass)
{
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword)
or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)
or die(mysql_error());
$sql = "SELECT * FROM $table_name WHERE username = '$user' and password = password('$pass')";
$result = @mysql_query($sql, $connection) or die(mysql_error());
//get the number of rows in the result set
$num = mysql_num_rows($result);
//set session variables if there is a match
if ($num != 0)
{
while ($sql = mysql_fetch_object($result))
{
$_SESSION[first_name] = $sql -> firstname;
$_SESSION[last_name] = $sql -> lastname;
$_SESSION[user_name] = $sql -> username;
$_SESSION[password] = $sql -> password;
$_SESSION[group1] = $sql -> group1;
$_SESSION[group2] = $sql -> group2;
$_SESSION[group3] = $sql -> group3;
$_SESSION[pchange] = $sql -> pchange;
$_SESSION[email] = $sql -> email;
$_SESSION[redirect] = $sql -> redirect;
$_SESSION[verified] = $sql -> verified;
$_SESSION[last_login] = $sql -> last_login;
}
}else{
$_SESSION[redirect] = "$base_dir/errorlogin.html";
}
}
//functions that will determine if access is allowed
function allow_access($group)
{
if ($_SESSION[group1] == "$group" || $_SESSION[group2] == "$group" || $_SESSION[group3] == "$group" ||
$_SESSION[group1] == "Administrators" || $_SESSION[group2] == "Administrators" || $_SESSION[group3] == "Administrators" ||
$_SESSION[user_name] == "$group")
{
$allowed = "yes";
}else{
$allowed = "no";
}
return $allowed;
}
//function to check the length of the requested password
function password_check($min_pass, $max_pass, $pass)
{
$valid = "yes";
if ($min_pass > strlen($pass) || $max_pass < strlen($pass))
{
$valid = "no";
}
return $valid;
}
<?php
//function to get the date
function last_login()
{
$date = gmdate("Y-m-d");
return $date;
}
//function that sets the session variable
function sess_vars($base_dir, $server, $dbusername, $dbpassword, $db_name, $table_name, $user, $pass)
{
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword)
or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)
or die(mysql_error());
$sql = "SELECT * FROM $table_name WHERE username = '$user' and password = password('$pass')";
$result = @mysql_query($sql, $connection) or die(mysql_error());
//get the number of rows in the result set
$num = mysql_num_rows($result);
//set session variables if there is a match
if ($num != 0)
{
while ($sql = mysql_fetch_object($result))
{
$_SESSION[first_name] = $sql -> firstname;
$_SESSION[last_name] = $sql -> lastname;
$_SESSION[user_name] = $sql -> username;
$_SESSION[password] = $sql -> password;
$_SESSION[group1] = $sql -> group1;
$_SESSION[group2] = $sql -> group2;
$_SESSION[group3] = $sql -> group3;
$_SESSION[pchange] = $sql -> pchange;
$_SESSION[email] = $sql -> email;
$_SESSION[redirect] = $sql -> redirect;
$_SESSION[verified] = $sql -> verified;
$_SESSION[last_login] = $sql -> last_login;
}
}else{
$_SESSION[redirect] = "$base_dir/login.php?errorlogin=1";
}
}
//functions that will determine if access is allowed
function allow_access($group)
{
if ($_SESSION[group1] == "$group" || $_SESSION[group2] == "$group" || $_SESSION[group3] == "$group" ||
$_SESSION[group1] == "Administradores" || $_SESSION[group2] == "Administradores" || $_SESSION[group3] == "Administradores" ||
$_SESSION[group1] == "Administrators" || $_SESSION[group2] == "Administrators" || $_SESSION[group3] == "Administrators" ||
$_SESSION[user_name] == "$group")
{
$allowed = "yes";
}else{
$allowed = "no";
}
return $allowed;
}
//function to check the length of the requested password
function password_check($min_pass, $max_pass, $pass)
{
$valid = "yes";
if ($min_pass > strlen($pass) || $max_pass < strlen($pass))
{
$valid = "no";
}
return $valid;
}
?>

BIN
img/fondo-inicio.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 84 KiB

BIN
img/inicio-factoria.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

BIN
img/lafactoriaverde.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.8 KiB

BIN
img/menu-blog-consultas-hot.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 691 B

BIN
img/menu-blog-consultas.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 691 B

BIN
img/menu-galeria-hot.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 414 B

BIN
img/menu-galeria.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 414 B

BIN
img/menu-presentacion-hot.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 587 B

BIN
img/menu-presentacion.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 591 B

BIN
img/menu-servicios-hot.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 508 B

BIN
img/menu-servicios.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 508 B

BIN
img/texto-email.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
img/texto-entrar-hot.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 430 B

BIN
img/texto-entrar.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 430 B

BIN
img/texto-login.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
img/texto-mantenimiento.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.1 KiB

BIN
img/texto-olvidaste-pass.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.6 KiB

BIN
img/texto-pincha-aqui.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 442 B

BIN
img/texto-telefono.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 738 B

4
index.php Normal file
View File

@ -0,0 +1,4 @@
<?php
header("Location:check_login.php");
?>

24
login.html
View File

@ -1,24 +0,0 @@
<HTML>
<HEAD>
<TITLE>Login</TITLE>
</HEAD>
<BODY>
<H1><font face="Verdana" size="4" color="#2852A8">Login to Secure Area</font></H1>
<FORM METHOD="POST" ACTION="redirect.php">
<P><font face="Verdana" size="2" color="#2852A8"><STRONG>Username:</STRONG><BR>
</font><font color="#2852A8" face="Verdana">
<INPUT TYPE="text" NAME="username" SIZE=25 MAXLENGTH=25></font></p>
<P><font face="Verdana" size="2" color="#2852A8"><STRONG>Password:</STRONG><BR>
</font><font color="#2852A8" face="Verdana">
<INPUT TYPE="password" NAME="password" SIZE=25 MAXLENGTH=25></font></p>
<P><font face="Verdana"><font color="#2852A8">
<input type="checkbox" name="remember" value="Yes"></font><font size="2" color="#2852A8">Remember
me from this computer</font></font></p>
<P><font color="#2852A8">
<INPUT TYPE="submit" NAME="submit" VALUE="Login" style="font-family: Verdana"></font></P>
</FORM>
<p><font color="#2852A8" face="Verdana" size="2"><a href="emailpass.html">
<font color="#2852A8">Click here if would like your username and password to be
e-mailed to the address we have on file.</font></a></font></p>
</BODY>
</HTML>

60
login.php Normal file
View File

@ -0,0 +1,60 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>La Factoría Verde</title>
<link rel="stylesheet" href="estilos.css" type="text/css" media="all" />
</head>
<body>
<div id="layout">
<div id="header">
<h2>Mantenimiento de jardines, podas, diseño y riego en Cantabria</h2>
<h3>Teléfono: 678 71 72 85</h3>
</div>
<div id="aside">
<div id="menu">
<ul>
<li><a class="presentacion" href="presentacion.html"><span>Presentación</span></a></li>
<li><a class="servicios" href="servicios.html"><span>Servicios</span></a></li>
<li><a class="galeria" href="galeria.html"><span>Galería</span></a></li>
<li><a class="blog" href="blog"><span>Blog, consultas</span></a></li>
</ul>
</div>
<div id="login">
<h2>Acceso de clientes</h2>
<form class="login-inicio" method="post" action="redirect.php">
<fieldset>
<label for="username"><span>Usuario:</span></label>
<input class="campo" type="text" name="username" size="25" maxlength="25" />
<label for="password"><span>Contraseña:</span></label>
<input class="campo" type="password" name="password" size="25" maxlength="25" />
<!--<input type="checkbox" name="remember" value="Yes" />-->
<button type="submit" class="entrar">
<img src="img/texto-entrar.gif" alt="Entrar" />
</button>
<!--<input class="entrar" type="submit" name="submit" value="Entrar" src="img/texto-entrar.gif"/>-->
</fieldset>
</form>
<br/>
<p class="texto-pass">¿Olvidaste tu contraseña?</p>
<a href="emailpass.html"><img src="img/texto-pincha-aqui.gif" alt="Pincha aqui" /></a>
</div>
<div id="modulos">
<?php
if (($_GET["errorlogin"] != "")) {
?>
<p class="error">Por favor, vuelve a introducir tus datos de acceso otra vez...</p>
<?php } ?>
</div>
</div>
<div id="content" class="inicio"></div>
<div id="footer">
<a href="mailto:agapanto@lafactoriaverde.es"><img src="img/texto-email.gif" alt="agapanto@lafactoriaverde.es"/></a>
</div>
</div>
</body>
</html>

27
logout.php
View File

@ -1,13 +1,14 @@
<?
include ("config.php");
//destroys the session, the variables are not longer set
session_start();
session_destroy();
?>
<html>
<meta http-equiv="refresh" content="0;url=http://www<?php echo $domain; ?>">
</html>
<?
include ("config.php");
//destroys the session, the variables are not longer set
session_start();
session_destroy();
?>
<html>
<meta http-equiv="refresh" content="0;url=http://www<?php echo $domain; ?>">
</html>

10
logs/log.html
View File

@ -1,9 +1,9 @@
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>New Page 2</title>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Registro de accesos</title>
<base target="main">
</head>
@ -15,7 +15,7 @@
<select size="1" id="id1" name="D1" style="font-family: Tahoma; font-size: 8pt">
<option value="username">Usuario</option>
<option value="date">Fecha</option>
<option value="ip_addr">Dirección IP</option>
<option value="ip_addr">Dirección IP</option>
<option value="oper_sys">Sistema operativo</option>
<option value="brow">Navegador</option>
</select><br>
@ -39,7 +39,7 @@
<p align="left"><br>
<i><b><font face="Tahoma" size="2">
<a target="_top" href="../admin/adminpage.php">Volver a la página de administración</a></font></b></i></p>
<a target="_top" href="../admin/adminpage.php">Volver a la página de administración</a></font></b></i></p>
</body>

72
no_access.html
View File

@ -1,29 +1,43 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>NO ACCESS ALLOWED</title>
</head>
<body>
<b><font size="6">Access Denied!!!</font></b><p>Please login with proper
credentials:</p>
<FORM METHOD="POST" ACTION="redirect.php">
<P><font face="Verdana" size="2" color="#2852A8"><STRONG>Username:</STRONG><BR>
</font><font color="#2852A8" face="Verdana">
<INPUT TYPE="text" NAME="username" SIZE=25 MAXLENGTH=25></font></p>
<P><font face="Verdana" size="2" color="#2852A8"><STRONG>Password:</STRONG><BR>
</font><font color="#2852A8" face="Verdana">
<INPUT TYPE="password" NAME="password" SIZE=25 MAXLENGTH=25></font></p>
<P><font face="Verdana"><font color="#2852A8">
<input type="checkbox" name="remember" value="Yes"></font><font size="2" color="#2852A8">Remember
me from this computer</font></font></p>
<P><font color="#2852A8">
<INPUT TYPE="submit" NAME="submit" VALUE="Login" style="font-family: Verdana"></font></P>
</FORM>
<p>&nbsp;</p>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Acceso no permitido</title>
<style type="text/css">
/*<![CDATA[*/
p.c8 {color: #2852A8}
input.c7 {font-family: Verdana}
p.c6 {font-family: Verdana}
span.c5 {color: #2852A8; font-size: 80%}
span.c4 {color: #2852A8}
span.c3 {color: #2852A8; font-family: Verdana}
span.c2 {color: #2852A8; font-family: Verdana; font-size: 80%}
span.c1 {font-size: 200%}
/*]]>*/
</style>
</head>
<body>
<b><span class="c1">Acceso no permitido</span></b>
<p>Por favor, introduce tus datos de acceso correctos:</p>
<form method="post" action="redirect.php">
<p><span class="c2"><strong>Usuario:</strong><br /></span> <span class=
"c3"><input type="text" name="username" size="25" maxlength="25" /></span></p>
<p><span class="c2"><strong>Contraseña:</strong><br /></span> <span class=
"c3"><input type="password" name="password" size="25" maxlength="25" /></span></p>
<p class="c6"><span class="c4"><input type="checkbox" name="remember" value=
"Yes" /></span><span class="c5">No cerrar sesión</span></p>
<p class="c8"><input type="submit" name="submit" value="Entrar" class="c7" /></p>
</form>
<p>&nbsp;</p>
</body>
</html>

29
not_activated.html
View File

@ -1,15 +1,14 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Account Not Activated</title>
</head>
<body>
<p>Your account must be activated before you can log in, please visit the
activation page that was included in the email we sent you.</p>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Cuenta sin activar</title>
</head>
<body>
<p>Tu cuenta debe ser activada antes de que puedas entrar. Por favor, visita la página de activación que se indica en el e-mail que has recibido.</p>
</body>
</html>

80
pass_change.html
View File

@ -1,36 +1,44 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Password Change</title>
<script Language="JavaScript">
<!--
function Form1_Validator(theForm)
{
if (theForm.p_word.value != theForm.password2.value)
{
alert("The two passwords are not the same.");
theForm.password2.focus();
return (false);
}
}
//--></script>
</head>
<body>
<form method="POST" action="pass_change.php" onsubmit="return Form1_Validator(this)" language="JavaScript" name="Form1">
<p><b><font face="Tahoma">Password Change </font></b></p>
<p><font face="Tahoma"><font size="2">New Password:<br>
</font><input type="password" name="p_word" size="20"><font size="2"><br>
Confirm Password:<br>
</font><input type="password" name="password2" size="20"></font></p>
<p><font face="Tahoma"><input type="submit" value="Submit" name="B1"></font></p>
</form>
&nbsp;</body>
</html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Cambiar la contraseña</title>
<script language="JavaScript" type="text/javascript">
//<![CDATA[
<!--
function Form1_Validator(theForm)
{
if (theForm.p_word.value != theForm.password2.value)
{
alert("The two passwords are not the same.");
theForm.password2.focus();
return (false);
}
}
//-->
//]]>
</script>
<style type="text/css">
/*<![CDATA[*/
p.c4 {font-family: Tahoma}
span.c3 {font-size: 80%}
p.c2 {font-weight: bold}
span.c1 {font-family: Tahoma}
/*]]>*/
</style>
</head>
<body>
<form method="post" action="pass_change.php" onsubmit="return Form1_Validator(this)"
language="JavaScript" name="Form1">
<p class="c2"><span class="c1">Cambio de contraseña</span></p>
<p class="c4"><span class="c3">Nueva contraseña:<br /></span> <input type="password"
name="p_word" size="20" /><span class="c3"><br />
Confirmar contraseña:<br /></span> <input type="password" name="password2" size=
"20" /></p>
<p class="c4"><input type="submit" value="Enviar" name="B1" /></p>
</form>&nbsp;
</body>
</html>

0
index.html → readme.html
View File

210
redirect.php
View File

@ -1,108 +1,102 @@
<?
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
//clear session variables
session_unset();
//require the functions file
require ("config.php");
require ("functions.php");
//check to see if cookies are already set, remember me
if ((!$lr_user) || (!$lr_pass))
{
$username = $_POST[username];
$password = $_POST[password];
}else{
$username = $lr_user;
$password = $lr_pass;
}
//if username or password is blank, send to errorlogin.html
if ((!$username) || (!$password))
{
header("Location:$base_dir/errorlogin.html");
exit;
}
//sets cookies to remember this computer if the user asks to
if ($_POST[remember] == "Yes")
{
setcookie("lr_user", $username, $duration, "/", $domain);
setcookie("lr_pass", $password, $duration, "/", $domain);
}
if ($_POST[activate] == "Yes")
{
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="UPDATE $table_name SET verified = '1' WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
}
//sets session variables
sess_vars($base_dir, $server, $dbusername, $dbpassword, $db_name, $table_name, $username, $password);
//check to see if the user has to change their password
if ($_SESSION[pchange] == "1")
{
$_SESSION[redirect] = "$base_dir/pass_change.html";
}
//check to see if the user has activated the account
if ($_SESSION[verified] == "0")
{
$_SESSION[redirect] = "$base_dir/not_activated.html";
}
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM banned";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$banned = $sql -> no_access;
if ($username == $banned || $REMOTE_ADDR == $banned)
{
include ('banned.html');
exit;
}
}
$last_log = last_login();
//updates table with last log as now
$sql = "UPDATE $table_name SET last_login = '$last_log' WHERE username = '$_SESSION[user_name]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
if (($_SESSION[redirect] != "$base_dir/errorlogin.html") && ($log_login == "1"))
{
include('loglogin.php');
}
//redirects the user
header("Location:$_SESSION[redirect]");
?>
<head><title>Redirect</title></head>
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
//clear session variables
session_unset();
//require the functions file
require ("config.php");
require ("functions.php");
//check to see if cookies are already set, remember me
if ((!$lr_user) || (!$lr_pass))
{
$username = $_POST[username];
$password = $_POST[password];
} else {
$username = $lr_user;
$password = $lr_pass;
}
//if username or password is blank, send to login again
if ((strlen($username) == 0) || (strlen($password) == 0))
{
header("Location:$base_dir/login.php?errorlogin=1");
exit;
}
//sets cookies to remember this computer if the user asks to
if ($_POST[remember] == "Yes")
{
setcookie("lr_user", $username, $duration, "/", $domain);
setcookie("lr_pass", $password, $duration, "/", $domain);
}
if ($_POST[activate] == "Yes")
{
echo $server.' '.$dbusername.' '.$dbpassword;
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="UPDATE $table_name SET verified = '1' WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
}
//sets session variables
sess_vars($base_dir, $server, $dbusername, $dbpassword, $db_name, $table_name, $username, $password);
//check to see if the user has to change their password
if ($_SESSION[pchange] == "1")
{
$_SESSION[redirect] = "$base_dir/pass_change.html";
}
//check to see if the user has activated the account
if ($_SESSION[verified] == "0")
{
$_SESSION[redirect] = "$base_dir/not_activated.html";
}
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM banned";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$banned = $sql -> no_access;
if ($username == $banned || $REMOTE_ADDR == $banned)
{
include ('banned.html');
exit;
}
}
$last_log = last_login();
//updates table with last log as now
$sql = "UPDATE $table_name SET last_login = '$last_log' WHERE username = '$_SESSION[user_name]'";
$result = @mysql_query($sql, $connection) or die(mysql_error());
if (($_SESSION[redirect] != "$base_dir/login.php") && ($log_login == "1"))
{
include('loglogin.php');
}
//redirects the user
header("Location:$_SESSION[redirect]");
?>
<html>
<head><title>Redirect</title></head>
<body></body>
</html>

212
register.html
View File

@ -1,79 +1,133 @@
<HTML>
<HEAD>
<TITLE>Registration</TITLE>
<script Language="JavaScript">
<!--
function Form1_Validator(theForm)
{
if (theForm.firstname.value == "")
{
alert("Please enter a value for the \"firstname\" field.");
theForm.firstname.focus();
return (false);
}
if (theForm.lastname.value == "")
{
alert("Please enter a value for the \"lastname\" field.");
theForm.firstname.focus();
return (false);
}
if (theForm.username.value == "")
{
alert("Please enter a value for the \"username\" field.");
theForm.firstname.focus();
return (false);
}
if (theForm.email.value == "")
{
alert("Please enter a value for the \"email\" field.");
theForm.email.focus();
return (false);
}
if (theForm.password.value == "")
{
alert("Please enter a value for the \"password\" field.");
theForm.email.focus();
return (false);
}
if (theForm.password.value != theForm.confirm.value)
{
alert("The two passwords are not the same.");
theForm.confirm.focus();
return (false);
}
}
//--></script>
</head>
<BODY>
<H1 style="margin-top: 0; margin-bottom: 0"><font face="Tahoma" size="4">
Register</font></H1>
<FORM METHOD="POST" ACTION="register.php" onsubmit="return Form1_Validator(this)" language="JavaScript" name="Form1">
<P style="margin-top: 0; margin-bottom: 0"><font face="Tahoma">
<strong style="font-weight: 400"><font size="2">First Name:</font></strong><font size="2"><BR>
</font><font face="Tahoma" size="1">
<INPUT NAME="firstname" SIZE=25 MAXLENGTH=50></font></font></p>
<P style="margin-top: 0; margin-bottom: 0"><font face="Tahoma">
<strong style="font-weight: 400"><font size="2">Last Name:</font></strong><font size="2"><BR>
</font><font face="Tahoma" size="1">
<INPUT NAME="lastname" SIZE=25 MAXLENGTH=50><br>
</font><font face="Tahoma" size="2">
Username:</font><font face="Tahoma" size="1"><br>
<INPUT NAME="username" SIZE=25 MAXLENGTH=50></font></font></p>
<P style="margin-top: 0; margin-bottom: 0"><font face="Tahoma">
<strong style="font-weight: 400"><font size="2">Password:</font></strong><font size="2"><BR>
</font><font face="Tahoma" size="1">
<INPUT TYPE="password" NAME="password" SIZE=25 MAXLENGTH=25><br>
</font><font size="2"><strong style="font-weight: 400">Confirm Password:</strong></font><font face="Tahoma" size="1"><br>
<INPUT TYPE="password" NAME="confirm" SIZE=25 MAXLENGTH=25></font></font></p>
<P style="margin-top: 0; margin-bottom: 0"><strong style="font-weight: 400">
<font face="Tahoma" size="2">E-Mail Address</font></strong><font face="Tahoma"><strong style="font-weight: 400"><font size="2">:</font></strong><font size="2"><BR>
</font><font face="Tahoma" size="1">
<INPUT TYPE="text" NAME="email" SIZE=25 MAXLENGTH=100></font></font></p>
<P style="margin-top: 0; margin-bottom: 0">
<INPUT TYPE="submit" NAME="submit" VALUE="Submit" style="font-family: Tahoma"></p>
</FORM>
</BODY>
</HTML>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Página de registro</title>
<script language="JavaScript" type="text/javascript">
//<![CDATA[
<!--
function Form1_Validator(theForm)
{
if (theForm.firstname.value == "")
{
alert("Por favor, indica tu nombre.");
theForm.firstname.focus();
return (false);
}
if (theForm.lastname.value == "")
{
alert("Por favor, indica tus apellidos.");
theForm.lastname.focus();
return (false);
}
if (theForm.username.value == "")
{
alert("Por favor, indica un nombre de usuario.");
theForm.username.focus();
return (false);
}
if (theForm.email.value == "")
{
alert("Por favor, indica una dirección de correo electrónico correcta.");
theForm.email.focus();
return (false);
}
if (theForm.password.value == "")
{
alert("Por favor, indica una contraseña.");
theForm.password.focus();
return (false);
}
if (theForm.password.value != theForm.confirm.value)
{
alert("Las contraseñas no coinciden. Asegúrate que introduces dos veces la misma contraseña correctamente.");
theForm.confirm.focus();
return (false);
}
}
//-->
//]]>
</script>
<style type="text/css">
/*<![CDATA[*/
input.c9 {
font-family: Tahoma
}
p.c8 {
margin-top: 0;
margin-bottom: 0
}
span.c7 {
font-family: Tahoma
}
span.c6 {
font-family: Tahoma;
font-size: 80%
}
p.c5 {
font-family: Tahoma;
margin-bottom: 0;
margin-top: 0
}
span.c4 {
font-family: Tahoma;
font-size: 70%
}
strong.c3 {
font-weight: 400
}
span.c2 {
font-size: 80%
}
h1.c1 {
font-family: Tahoma;
font-size: 120%;
margin-bottom: 0;
margin-top: 0
}
/*]]>*/
</style>
</head>
<body>
<h1 class="c1">Registro</h1>
<form method="post" action="register.php" onsubmit="return Form1_Validator(this)"
language="JavaScript" name="Form1">
<p class="c5"><strong class="c3"><span class="c2">Nombre:</span></strong><span class="c2"><br />
</span> <span class="c4">
<input name=
"firstname" size="25" maxlength="50" />
</span></p>
<p class="c5"><strong class="c3"><span class="c2">Apellidos:</span></strong><span class="c2"><br />
</span> <span class="c4">
<input name=
"lastname" size="25" maxlength="50" />
<br />
</span> <span class=
"c6">Usuario:</span><span class="c4"><br />
<input name="username" size="25" maxlength="50" />
</span></p>
<p class="c5"><strong class="c3"><span class=
"c2">Contraseña:</span></strong><span class="c2"><br />
</span> <span class=
"c4">
<input type="password" name="password" size="25" maxlength="25" />
<br />
</span> <span class="c2"><strong class="c3">Confirmar la contraseña:</strong></span><span class=
"c4"><br />
<input type="password" name="confirm" size="25" maxlength="25" />
</span></p>
<p class="c8"><strong class="c3"><span class="c6">Dirección de e-mail</span></strong><span class="c7"><strong class="c3"><span class=
"c2">:</span></strong><span class="c2"><br />
</span> <span class="c4">
<input type=
"text" name="email" size="25" maxlength="100" />
</span></span></p>
<p class="c8">
<input type="submit" name="submit" value="Enviar" class="c9" />
</p>
</form>
</body>
</html>

53
reset.css Normal file
View File

@ -0,0 +1,53 @@
/* http://meyerweb.com/eric/tools/css/reset/ */
/* v1.0 | 20080212 */
html, body, div, span, applet, object, iframe,
h1, h2, h3, h4, h5, h6, p, blockquote, pre,
a, abbr, acronym, address, big, cite, code,
del, dfn, em, font, img, ins, kbd, q, s, samp,
small, strike, strong, sub, sup, tt, var,
b, u, i, center,
dl, dt, dd, ol, ul, li,
fieldset, form, label, legend,
table, caption, tbody, tfoot, thead, tr, th, td {
margin: 0;
padding: 0;
border: 0;
outline: 0;
font-size: 100%;
vertical-align: baseline;
background: transparent;
}
body {
line-height: 1;
}
ol, ul {
list-style: none;
}
blockquote, q {
quotes: none;
}
blockquote:before, blockquote:after,
q:before, q:after {
content: '';
content: none;
}
/* remember to define focus styles! */
:focus {
outline: 0;
}
/* remember to highlight inserts somehow! */
ins {
text-decoration: none;
}
del {
text-decoration: line-through;
}
/* tables still need 'cellspacing="0"' in the markup */
table {
border-collapse: collapse;
border-spacing: 0;
}

100
smpl_sec_header.php
View File

@ -1,51 +1,49 @@
<?php
$abs = getcwd();
$viewer = $HTTP_USER_AGENT;
echo "&lt;?php<br><br>
//prevents caching<br>
header(\"Expires: Sat, 01 Jan 2000 00:00:00 GMT\");<br>
header(\"Last-Modified: \".gmdate(\"D, d M Y H:i:s\").\" GMT\");<br>
header(\"Cache-Control: post-check=0, pre-check=0\",false);<br>
session_cache_limiter();<br>
session_start();<br>
<br>";
if (preg_match("/Windows NT/", $viewer))
{
echo "require('$abs\config.php');<br>
<br>
require('$abs\functions.php'); <br>
<br>";
}
else
{
echo "require('$abs/config.php');<br>
<br>
require('$abs/functions.php'); <br>
<br>";
}
echo "
//this is group name or username of the group or person that you wish to allow access to<br>
// - please be advise that the Administrators Groups has access to all pages.<br>
if (allow_access(Administrators) != \"yes\")<br>
{ <br>
";
if (preg_match("/Windows NT/", $viewer))
{
echo "
include ('$abs\\no_access.html'); <br>
";
}
else
{
echo "include ('$abs/no_access.html'); <br>";
}
echo "
exit;<br>
}<br>
?>";
?>
<?php
$abs = getcwd();
$viewer = $HTTP_USER_AGENT;
echo "&lt;?php<br><br>
//prevents caching<br>
header(\"Expires: Sat, 01 Jan 2000 00:00:00 GMT\");<br>
header(\"Last-Modified: \".gmdate(\"D, d M Y H:i:s\").\" GMT\");<br>
header(\"Cache-Control: post-check=0, pre-check=0\",false);<br>
session_cache_limiter();<br>
session_start();<br>
<br>";
if (preg_match("/Windows NT/", $viewer))
{
echo "require('$abs\config.php');<br>
<br>
require('$abs\functions.php'); <br>
<br>";
}
else
{
echo "require('$abs/config.php');<br>
<br>
require('$abs/functions.php'); <br>
<br>";
}
echo "
//this is group name or username of the group or person that you wish to allow access to<br>
// - please be advise that the Administrators Groups has access to all pages.<br>
if (allow_access(Administrators) != \"yes\")<br>
{ <br>
";
if (preg_match("/Windows NT/", $viewer))
{
echo "
include ('$abs\\check_login.php'); <br>
";
}
else
{
echo "include ('$abs/check_login.php'); <br>";
}
echo "
exit;<br>
}<br>
?>";
?>

129
style.css
View File

@ -1,72 +1,57 @@
body {
font-family: Verdana;
font-size: 11px;
}
a:hover {
color: #0000ff;
font-family: Tahoma;
text-decoration: underline overline;
}
a:visited, a:active {
color: #0000ff;
font-family: Tahoma;
text-decoration: none;
}
a:link {
color: #0000ff;
font-family: Tahoma;
text-decoration: overline underline;
}
td {
font-family: Verdana;
font-size: 8pt;
}
a {
font-family: Tahoma;
}
h1 {
font-family: Tahoma;
}
h2 {
font-family: Tahoma;
}
h3 {
font-family: Tahoma;
}
h4 {
font-family: Tahoma;
}
h5 {
font-family: Tahoma;
}
h6 {
font-family: Tahoma;
}
p {
font-family: Tahoma;
}
tr {
font-family: Tahoma;
}
<form> {
font-family: Verdana;
}
<input> {
color: #0080ff;
font-family: Verdana;
}
body {
font-family: Verdana;
font-size: 11px;
}
a:hover {
color: #0000ff;
font-family: Tahoma;
text-decoration: underline overline;
}
a:visited, a:active {
color: #0000ff;
font-family: Tahoma;
text-decoration: none;
}
a:link {
color: #0000ff;
font-family: Tahoma;
text-decoration: overline underline;
}
td {
font-family: Verdana;
font-size: 8pt;
}
a {
font-family: Tahoma;
}
h1 {
font-family: Tahoma;
}
h2 {
font-family: Tahoma;
}
h3 {
font-family: Tahoma;
}
h4 {
font-family: Tahoma;
}
h5 {
font-family: Tahoma;
}
h6 {
font-family: Tahoma;
}
p {
font-family: Tahoma;
}
tr {
font-family: Tahoma;
}
<form> {
font-family: Verdana;
}
<input> {
color: #0080ff;
font-family: Verdana;
}