Archivado/LaFactoriaVerde_Web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Muchos cambios

Browse Source 
git-svn-id: https://192.168.0.254/svn/Proyectos.LaFactoriaVerde_Web/trunk@4 017afc1c-778d-45dc-8efe-cc7a6876851a
This commit is contained in:
David Arranz 2010-10-07 14:20:22 +00:00
parent 268bbabbe4
commit 933868150c
20 changed files with 220 additions and 314 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
admin/_menu.php
View File

@ -2,7 +2,6 @@
<ul class="menu orange" style="clear: both;">
<li <?php if (($menu_activo == "inicio") || ($menu_activo == "")) { echo "class='current'"; }?> ><a href="adminpage.php" target="_self">Inicio</a></li>
<li <?php if ($menu_activo == "nuevo_usuario") { echo "class='current'"; }?>><a href="newuser.php" target="_self">Añadir usuario</a></li>
<!--<li <?php if ($menu_activo == "modificar_usuario") { echo "class='current'"; }?>><a href="adminpage.php" target="_self">Modificar usuario</a></li>-->
<li <?php if ($menu_activo == "log") { echo "class='current'"; }?>><a href="../logs/index.php" target="_self">Registro de accesos</a></li>
<li <?php if ($menu_activo == "mail_masivo") { echo "class='current'"; }?>><a href="mail_all.php" target="_self">E-mail masivo</a></li>
<li><a href="../logout.php" target="_self">Salir</a></li>

2
admin/adminpage.php
View File

@ -140,7 +140,7 @@ $result = @mysql_query($sql,$connection) or die(mysql_error());
echo "</tr>";
echo "<tr>";
echo "<td width=\"100\">";
echo "<a href=\"changeuser.php?user_det=$uname\">Modificar</a>";
echo "<a href=\"changeuser.php?username=$uname\">Modificar</a>";
echo "&nbsp;&nbsp;";
if ($uname != $_SESSION[user_name]) {
echo "<a href=\"deleteuser.php?del_user=$uname\" onclick=\"return confirm('¿Desea eliminar el usuario $uname?')\">Eliminar</a>";

70
admin/changeuser.php
View File

@ -22,10 +22,6 @@ $connection = @mysql_connect($server, $dbusername, $dbpassword)
$db = @mysql_select_db($db_name,$connection)
or die(mysql_error());
//build and issue the query
$sql ="SELECT * FROM $table_name";
$result = @mysql_query($sql,$connection) or die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
@ -41,40 +37,56 @@ $result = @mysql_query($sql,$connection) or die(mysql_error());
<div id="header"> <img src="../img/lafactoriaverde.gif" alt="La Factoría Verde" />
<div style="float: right;">Sesión iniciada como <?php echo $_SESSION[user_name]; ?></div>
<?php
$menu_activo='nuevo_usuario';
$menu_activo='';
include('_menu.php');
?>
</div>
<div id="content">
<h2>Dar de alta un nuevo usuario</h2>
<h2>Modificación de usuario</h2>
<br/>
<form method="POST" action="<?php echo "adduser.php";?>">
<table width="100%" id="table44">
<?php
if ($_GET[username] != "")
{
//build and issue the query
$sql ="SELECT * FROM $table_name WHERE username = '$_GET[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$m_first = $sql -> firstname;
$m_last = $sql -> lastname;
$g_1 = $sql -> group1;
$g_2 = $sql -> group2;
$g_3 = $sql -> group3;
$chng = $sql -> pchange;
$m_email = $sql -> email;
$direct = $sql -> redirect;
}
?>
<form method="POST" action="<?php echo 'modifyuser.php?username='.$_GET[username];?>">
<table width="100%">
<tr>
<td width="200px">Nombre:</td>
<td><input type="text" name="firstname" size="20"></td>
<td><input type="text" name="mod_first" size="20" value="<?php echo $m_first; ?>"></td>
</tr>
<tr>
<td width="200px">Apellidos:</td>
<td><input type="text" name="lastname" size="20"></td>
</tr>
<tr>
<td width="200px">Usuario:</td>
<td><input type="text" name="username" size="20"></td>
<td><input type="text" name="mod_last" size="20" value="<?php echo $m_last; ?>"></td>
</tr>
<tr>
<td width="200px">Contraseña:</td>
<td><input type="text" name="password" size="20" maxlength="667"></td>
<td><input type="text" name="mod_pass" size="20" value="Same as Old"></td>
</tr>
<tr>
<td width="200px">E-Mail:</td>
<td><input type="text" name="email" size="20"></td>
<td><input type="text" name="mod_email" size="20" value="<?php echo $m_email; ?>"></td>
</tr>
<tr>
<td width="200px">Grupo:</td>
<td><select size="1" name="group1">
<td><select size="1" name="mod_group1">
<?php
echo "<option>Usuarios</option>";
echo "<option>$g_1</option>";
$i = 0;
while ($i < $num_groups)
{
@ -86,9 +98,9 @@ $result = @mysql_query($sql,$connection) or die(mysql_error());
</tr>
<tr>
<td width="200px">&nbsp;</td>
<td><select size="1" name="group2">
<td><select size="1" name="mod_group2">
<?php
echo "<option></option>";
echo "<option>$g_2</option>";
$i = 0;
while ($i < $num_groups)
{
@ -100,9 +112,9 @@ $result = @mysql_query($sql,$connection) or die(mysql_error());
</tr>
<tr>
<td width="200px">&nbsp;</td>
<td><select size="1" name="group3">
<td><select size="1" name="mod_group3">
<?php
echo "<option></option>";
echo "<option>$g_3</option>";
$i = 0;
while ($i < $num_groups)
{
@ -114,24 +126,24 @@ $result = @mysql_query($sql,$connection) or die(mysql_error());
</tr>
<tr>
<td width="200px">Redirigir a:</td>
<td><input type="text" name="redirect" size="50" value="http://"></td>
<td><input type="text" name="mod_redirect" size="50" value="<?php echo $direct; ?>"></td>
</tr>
<tr>
<td width="200px">Obligar a cambiar la contraseña en el siguiente inicio de sesión:</td>
<td><select size="1" name="pchange">
<td><select size="1" name="mod_chng">
<option value="0" selected>No</option>
<option value="1">Si</option>
</select></td>
</tr>
<tr>
<td width="200px">Enviar un e-mail al usuario con su nueva cuenta:</td>
<td><select size="1" name="email_user">
<td><select size="1" name="mod_send">
<option value="No" selected>No</option>
<option value="Yes">Si</option>
</select></td>
</tr>
<tr>
<td width="200px"><input type="submit" value="Guardar" name="B4"></td>
<td width="200px"><input type="submit" value="Guardar"></td>
<td>&nbsp;</td>
</tr>
</table>
@ -139,6 +151,12 @@ $result = @mysql_query($sql,$connection) or die(mysql_error());
</tr>
<tr>
</form>
<?php
}
else {
echo "<p>No se ha encontrado el usuario $_GET[username]</p>";
}
?>
</div>
<div id="footer"> </div>
</div>

2
admin/deleteuser.php
View File

@ -27,7 +27,7 @@ $db = @mysql_select_db($db_name,$connection) or die(mysql_error());
<div id="header"> <img src="../img/lafactoriaverde.gif" alt="La Factoría Verde" />
<div style="float: right;">Sesión iniciada como <?php echo $_SESSION[user_name]; ?></div>
<?php
$menu_activo='nuevo_usuario';
$menu_activo='';
include('_menu.php');
?>
</div>

3
admin/index.php Normal file
View File

@ -0,0 +1,3 @@
<?php
header("Location:adminpage.php");
?>

20
admin/mod_user.php
View File

@ -12,7 +12,8 @@ include ('../functions.php');
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection) or die(mysql_error());
if ($_POST[del_user] != "")
{
$sql = "SELECT * FROM $table_name WHERE username = '$_POST[del_user]'";
@ -229,25 +230,14 @@ if ($_POST[username] == $_SESSION[user_name])
?>
<html>
<head>
<meta http-equiv="refresh" content="3; url=adminpage.php">
<!--<meta http-equiv="refresh" content="3; url=adminpage.php">-->
<title>Modify User</title>
</head>
<body>
<?php echo "$_POST[username] ".$_POST[username];
?>
</body>
</html>

115
admin/modifyuser.php Normal file
View File

@ -0,0 +1,115 @@
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
include ('../config.php');
include ('../functions.php');
//make connection to dbase
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection) or die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="es-ES" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Modificar usuario - La Factoría Verde</title>
<link rel="stylesheet" type="text/css" href="estilos.css">
</head>
<body>
<div id="layout">
<div id="header"> <img src="../img/lafactoriaverde.gif" alt="La Factoría Verde" />
<div style="float: right;">Sesión iniciada como <?php echo $_SESSION[user_name]; ?></div>
<?php
$menu_activo='';
include('_menu.php');
?>
</div>
<div id="content">
<?php
//check for authority to view this page
if (allow_access(Administrators) != "yes")
{
echo "<br/><br/><br/><center><p class='error'>No tienes autorización para esta función.</p></center>";
}
$mod_user = '';
if (isset($_GET['username'])) {
$s_string = $_GET['username'];
$explodeit = explode(" ", "$s_string");
$c = count($explodeit);
if ($c > 1) {
for ($i = 0; $i < $c; $i++) {
$mod_user = $explodeit[$i] . "+";
}
}
else {
$mod_user = $s_string;
}
}
else {
$msg .= "No ha indicado el usuario.<br/>";
}
if ((mod_user != "") && ($_POST[mod_pass] == "Same as Old"))
{
$sql = "SELECT * FROM $table_name WHERE username = '$mod_user'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$pass = $sql -> password;
$last = $sql -> last_login;
}
$sql = "DELETE FROM $table_name WHERE username = '$mod_user'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$sql = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES ('$_POST[mod_first]', '$_POST[mod_last]',
'$mod_user', '$pass', '$_POST[mod_group1]', '$_POST[mod_group2]',
'$_POST[mod_group3]', '$_POST[mod_chng]', '$_POST[mod_email]', '$_POST[mod_redirect]',
'1', '$last')";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$msg .= "La información del usuario $mod_user ha sido actualizada.<br/>";
}
if (($mod_user != "") && ($_POST[mod_pass] != "Same as Old"))
{
$sql = "SELECT * FROM $table_name WHERE username = '$mod_user'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$pass = $sql -> password;
$last = $sql -> last_login;
}
$sql = "DELETE FROM $table_name WHERE username = '$mod_user'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$sql = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES ('$_POST[mod_first]', '$_POST[mod_last]',
'$mod_user', password('$_POST[mod_pass]'), '$_POST[mod_group1]', '$_POST[mod_group2]',
'$_POST[mod_group3]', '$_POST[mod_chng]', '$_POST[mod_email]', '$_POST[mod_redirect]',
'1', '$last')";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$msg .= "La información del usuario $mod_user ha sido actualizada.<br/>";
}
echo $msg;
?>
<br/>
<center>
<a href="<?php echo "adminpage.php"; ?>">Volver a la lista</a>
</center>
</div>
<div id="footer"> </div>
</div>
</body>
</html>

6
check_login.php
View File

@ -1,4 +1,6 @@
<?php
require ("config.php");
session_start();
//check to see if the user already has an open session
if (($_SESSION[user_name] != "") && ($_SESSION[password] != ""))
@ -10,11 +12,11 @@ if (($_SESSION[user_name] != "") && ($_SESSION[password] != ""))
//check to see if cookies have been set previously
if(($lr_user != "") && ($lr_pass != ""))
{
header("Location:redirect.php");
header("Location:$base_dir/redirect.php");
exit;
}
//if neither is true, redirect to login
header("Location:login.php");
header("Location:$base_dir/login.php");
?>

16
estilos.css
View File

@ -142,13 +142,9 @@ input {
#login {
margin-top: 20px;
margin-left: 30px;
width: 200px;
background: url('img/texto-login.gif') 0 0 no-repeat;
height: 165px;
width: 200px;
}
#login h2 {
visibility: hidden;
}
#login p.texto-pass {
@ -160,6 +156,10 @@ input {
text-indent: -1000em;
}
form {
width: 200px;
}
form.login-inicio label {
line-height: 20px;
}
@ -181,9 +181,6 @@ input {
cursor: hand;
}
form.login-inicio span {
visibility: hidden;
}
#content.inicio {
@ -193,4 +190,7 @@ input {
.error {
color: #F00;
font-weight: bold;
font-size: 11px;
font-variant:small-caps;
line-height: 140%;
}

86
favorites/edit_links.php
View File

@ -1,86 +0,0 @@
<?php
//prevent caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
//start session
session_start();
//include config and functions files
include ("../config.php");
include ("../functions.php");
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//make query to database
$sql ="SELECT * FROM favorites WHERE username= '$_SESSION[user_name]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$result1 = @mysql_query($sql,$connection) or die(mysql_error());
?>
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Edit Favorites</title>
</head>
<body>
<form method="POST" action="edit_links_2.php">
<p><font face="Tahoma" size="2"><u><b><font color="#000080">Add a Favorite:</font></b></u><br>
Nickname: <br>
</font><font face="Tahoma">
<input type="text" name="nick" size="20" style="font-family: Tahoma; font-size: 10pt"><br>
<font size="2">URL: <br>
</font>
<input type="text" name="link" size="20" value="http://" style="font-family: Tahoma; font-size: 10pt"></font></p>
<p><font face="Tahoma" size="2"><u><b><font color="#000080">Delete a
Favorite:</font></b></u>
<br>
<select size="1" name="del_fav" style="font-family: Tahoma; font-size: 10pt">
<option></option>
<?php
while ($sql = mysql_fetch_object($result))
{
$_nickname = $sql -> nickname;
echo "<option value=\"$_nickname\">$_nickname</option>";
}
?>
</select></font></p>
<p><font face="Tahoma" size="2"><u><font color="#000080"><b>Edit a Favorite:</b></font></u><br>
Edit this Favorite:<br>
<select size="1" name="this_fav" style="font-family: Tahoma; font-size: 10pt">
<option></option>
<?php
while ($sql = mysql_fetch_object($result1))
{
$_nick = $sql -> nickname;
echo "<option value=\"$_nick\">$_nick</option>";
}
?>
</select><br>
To this Nickname: <br>
</font><font face="Tahoma">
<input type="text" name="new_nick" size="20" style="font-family: Tahoma; font-size: 10pt"><br>
<font size="2">And this URL: <br>
</font>
<input type="text" name="new_link" size="20" value="http://" style="font-family: Tahoma; font-size: 10pt"><br>
<br>
</font>
<input type="submit" value="Submit" name="B1" style="font-family: Tahoma; font-size: 10pt"></p>
</form>
</body>
</html>

49
favorites/edit_links_2.php
View File

@ -1,49 +0,0 @@
<?php
//prevent caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
//start session
session_start();
//include config and functions files
include ("../config.php");
include ("../functions.php");
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//make query to database
$sql ="SELECT * FROM favorites WHERE username= '$_SESSION[user_name]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
if ($_POST[nick] != "")
{
//make query to database
$sql ="INSERT INTO favorites VALUES ('$_SESSION[user_name]', '$_POST[nick]', '$_POST[link]')";
$result = @mysql_query($sql,$connection) or die(mysql_error());
}
if ($_POST[del_fav] != "")
{
//make query to database
$sql ="DELETE FROM favorites WHERE username = '$_SESSION[user_name]' AND nickname = '$_POST[del_fav]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
}
if ($_POST[this_fav] != "")
{
//make query to database
$sql ="DELETE FROM favorites WHERE username = '$_SESSION[user_name]' AND nickname = '$_POST[this_fav]'";
$sql2 = "INSERT INTO favorites VALUES ('$_SESSION[user_name]', '$_POST[new_nick]', '$_POST[new_link]')";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$result2 = @mysql_query($sql2,$connection) or die(mysql_error());
}
header("Location:links.php");
?>

16
favorites/index.htm
View File

@ -1,16 +0,0 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>New Page 1</title>
</head>
<body>
<p><iframe name="I1" src="links.php" width="187" height="517">
Your browser does not support inline frames or is currently configured not to display inline frames.
</iframe></p>
</body>
</html>

27
favorites/links.php
View File

@ -1,27 +0,0 @@
<?php
//start session
session_start();
//include config and functions files
include ("../config.php");
include ("../functions.php");
echo "<p><b><font face=\"Tahoma\" size=\"2\"><a href=\"edit_links.php\">Add/Change Favorites</a></font></b></p>";
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//make query to database
$sql ="SELECT * FROM favorites WHERE username= '$_SESSION[user_name]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$_link = $sql -> link;
$_nickname = $sql -> nickname;
echo "<font face=\"Tahoma\" size=\"2\"><a target=\"_blank\" href=\"$_link\">$_nickname</a></font><br>";
}
?>

37
favorites/make_favorites.php
View File

@ -1,37 +0,0 @@
<?php
//prevent caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
//start session
session_start();
//include config and functions files
include ("../config.php");
include ("../functions.php");
//make the connection to the database
$connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error());
$db = @mysql_select_db($db_name,$connection)or die(mysql_error());
//make query to database
$sql ="CREATE TABLE IF NOT EXISTS favorites
(
username VARCHAR(20),
nickname VARCHAR(20),
link VARCHAR(100)
)";
$result = @mysql_query($sql,$connection) or die(mysql_error());
if ($result)
{
echo "<font face=\"Tahoma\" size=\"2\">Your Favorites table has been created.</font><br>";
}
?>
<html>
<meta http-equiv="refresh" content="3; url=index.htm">
</html>

BIN
img/titulo-clientes.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 399 B

BIN
img/titulo-contrasena.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 463 B

BIN
img/titulo-usuario.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 359 B

6
index.php
View File

@ -1,4 +1,4 @@
<?php
header("Location:check_login.php");
<?php
require ("config.php");
header("Location:$base_dir/check_login.php");
?>

17
login.php
View File

@ -24,12 +24,18 @@
</ul>
</div>
<div id="login">
<h2>Acceso de clientes</h2>
<h2><img src="img/titulo-clientes.gif" alt="Acceso de clientes" /></h2>
<?php
if (($_GET["errorlogin"] != "")) {
?>
<p class="error">Por favor, vuelve a introducir tus datos de acceso otra vez...</p>
<?php } ?>
<form class="login-inicio" method="post" action="redirect.php">
<fieldset>
<label for="username"><span>Usuario:</span></label>
<label for="username"><img src="img/titulo-usuario.gif" alt="Usuario:" /></label>
<input class="campo" type="text" name="username" size="25" maxlength="25" />
<label for="password"><span>Contraseña:</span></label>
<label for="password"><img src="img/titulo-contrasena.gif" alt="Contraseña:" /></label>
<input class="campo" type="password" name="password" size="25" maxlength="25" />
<!--<input type="checkbox" name="remember" value="Yes" />-->
@ -44,11 +50,6 @@
<a href="emailpass.html"><img src="img/texto-pincha-aqui.gif" alt="Pincha aqui" /></a>
</div>
<div id="modulos">
<?php
if (($_GET["errorlogin"] != "")) {
?>
<p class="error">Por favor, vuelve a introducir tus datos de acceso otra vez...</p>
<?php } ?>
</div>
</div>
<div id="content" class="inicio"></div>

61
logs/index.php
View File

@ -1,34 +1,27 @@
<?php
session_start();
include("../config.php");
include("../functions.php");
if (allow_access(Administrators) != "yes")
{
header("Location:../login.html");
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Log Viewer</title>
</head>
<frameset cols="170,*">
<frame name="contents" target="main" src="log.html">
<frame name="main" src="log.php">
<noframes>
<body>
<p>This page uses frames, but your browser doesn't support them.</p>
</body>
</noframes>
</frameset>
</html>
<?php
session_start();
include("../config.php");
include("../functions.php");
if (allow_access(Administrators) != "yes")
{
header("Location:$base_dir/index.php");
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Registro de accesos - La Factoría Verde</title>
</head>
<frameset cols="170,*">
<frame name="contents" target="main" src="log.html">
<frame name="main" src="log.php">
<noframes>
<body>
<p>This page uses frames, but your browser doesn't support them.</p>
</body>
</noframes>
</frameset>
</html>