firstname;
$last = $sql -> lastname;
$uname = $sql -> username;
$pass = $sql -> password;
$gr1 = $sql -> group1;
$gr2 = $sql -> group2;
$gr3 = $sql -> group3;
$change = $sql -> pchange;
$e_mail = $sql -> email;
$re_direct = $sql -> redirect;
$ver_d = $sql -> verified;
$last_log = $sql -> last_login;
$del_dat = last_login();
}
$trash_user = "INSERT INTO trash (firstname, lastname, username, password, group1, group2, group3, pchange, email, redirect, verified, last_login, del_date) VALUES ('$first', '$last', '$uname', '$pass', '$gr1', '$gr2', '$gr3', '$change', '$e_mail', '$re_direct', '$ver_d', '$last_log', '$del_dat')";
$del = "DELETE FROM $table_name WHERE username = '$_POST[del_user]'";
$result = @mysql_query($del,$connection) or die(mysql_error());
$result1 = @mysql_query($trash_user,$connection) or die(mysql_error());
$msg .= "El usuario '$_POST[del_user]' ha sido eliminado.
";
} else {
$msg .= "No se encuentra el usuario '$_POST[del_user]'.
";
}
$del_banned = "DELETE FROM banned WHERE no_access = '$_POST[del_user]'";
$result = @mysql_query($del_banned,$connection) or die(mysql_error());
}
if (($_POST[username] != "") && ($_POST[mod_pass] == "Same as Old"))
{
$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$pass = $sql -> password;
$last = $sql -> last_login;
}
$sql = "DELETE FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$sql = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES ('$_POST[mod_first]', '$_POST[mod_last]',
'$_POST[username]', '$pass', '$_POST[mod_group1]', '$_POST[mod_group2]',
'$_POST[mod_group3]', '$_POST[mod_chng]', '$_POST[mod_email]', '$_POST[mod_redirect]',
'1', '$last')";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$msg .= "The information for $_POST[username] has been changed updated.
";
}
if (($_POST[username] != "") && ($_POST[mod_pass] != "Same as Old"))
{
$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
while ($sql = mysql_fetch_object($result))
{
$pass = $sql -> password;
$last = $sql -> last_login;
}
$sql = "DELETE FROM $table_name WHERE username = '$_POST[username]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$sql = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES ('$_POST[mod_first]', '$_POST[mod_last]',
'$_POST[username]', password('$_POST[mod_pass]'), '$_POST[mod_group1]', '$_POST[mod_group2]',
'$_POST[mod_group3]', '$_POST[mod_chng]', '$_POST[mod_email]', '$_POST[mod_redirect]',
'1', '$last')";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$msg .= "The information for $_POST[username] has been changed updated.
";
}
if ($_POST[ban_user] != "")
{
$ban = "INSERT INTO banned (no_access, type) VALUES ('$_POST[ban_user]', 'user')";
$result = @mysql_query($ban,$connection) or die(mysql_error());
$msg .= "User $_POST[ban_user] has been banned.
";
}
$ip_addr = "$_POST[oct1].$_POST[oct2].$_POST[oct3].$_POST[oct4]";
if ($ip_addr != "...")
{
$ban_ip = "INSERT INTO banned (no_access, type) VALUES ('$ip_addr', 'ip')";
$result = @mysql_query($ban_ip,$connection) or die(mysql_error());
$msg .= "IP Address $ip_addr has been banned.
";
}
if ($_POST[lift_user_ban] != "")
{
$lift_user = "DELETE FROM banned (no_access, type) WHERE no_access = '$_POST[lift_user_ban]'";
$result = @mysql_query($lift_user,$connection) or die(mysql_error());
$msg .= "The Ban for user $_POST[lift_user_ban] has been lifted.
";
}
if ($_POST[lift_ip_ban] != "")
{
$lift_ip = "DELETE FROM banned (no_access, type) WHERE no_access = '$_POST[lift_ip_ban]'";
$result = @mysql_query($lift_ip,$connection) or die(mysql_error());
$msg .= "The Ban for IP Address $_POST[lift_ip_ban] has been lifted.
";
}
if ($_POST[restore] != "")
{
$ruser = "SELECT * FROM trash WHERE username = '$_POST[restore]'";
$result0 = @mysql_query($ruser, $connection) or die(mysql_error());
//get the number of rows in the result set
$num = mysql_num_rows($result0);
//set session variables if there is a match
if ($num != 0)
{
while ($ruser = mysql_fetch_object($result0))
{
$rfirst = $ruser -> firstname;
$rlast = $ruser -> lastname;
$runame = $ruser -> username;
$rpass = $ruser -> password;
$rgr1 = $ruser -> group1;
$rgr2 = $ruser -> group2;
$rgr3 = $ruser -> group3;
$rchange = $ruser -> pchange;
$re_mail = $ruser -> email;
$rre_direct = $ruser -> redirect;
$rver_d = $ruser -> verified;
$rlast_log = $ruser -> last_login;
}
$r_user = "INSERT INTO $table_name (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login) VALUES
('$rfirst', '$rlast', '$runame', '$rpass', '$rgr1', '$rgr2', '$rgr3',
'$rchange', '$re_mail', '$rre_direct', '$rver_d', '$rlast_log')";
$del = "DELETE FROM trash WHERE username = '$_POST[restore]'";
$result = @mysql_query($del,$connection) or die(mysql_error());
$result1 = @mysql_query($r_user,$connection) or die(mysql_error());
$msg .= "User $_POST[restore] has been restored.
";
} else {
$msg .= "User $_POST[restore] could not be located in the database.
";
}
}
if ($_POST[empt_trash] == "yes")
{
$empty = "DELETE FROM trash";
$gone = @mysql_query($empty, $connection) or die(mysql_error());
$msg .= "The trash has been emptied.
";
}
if ($_POST[amt_time] != "" && $_POST[incr_time] != "")
{
$msg .= "The following accounts were inactive for $amt_time $incr_time or more and have been moved to the trash.
";
$killtime = "NOW() - INTERVAL $_POST[amt_time] $_POST[incr_time]";
$xfer = "SELECT * FROM $table_name WHERE last_login < $killtime";
$resultp1 = @mysql_query($xfer, $connection) or die(mysql_error());
while ($xfer = mysql_fetch_object($resultp1))
{
$pfirst = $xfer -> firstname;
$plast = $xfer -> lastname;
$puname = $xfer -> username;
$ppass = $xfer -> password;
$pgr1 = $xfer -> group1;
$pgr2 = $xfer -> group2;
$pgr3 = $xfer -> group3;
$ppchange = $xfer -> pchange;
$pe_mail = $xfer -> email;
$pre_direct = $xfer -> redirect;
$pver_d = $xfer -> verified;
$plast_log = $xfer -> last_login;
$pdel_date = last_login();
$msg .= "$puname
";
$xfer2 = "INSERT INTO trash (firstname, lastname, username, password, group1, group2, group3,
pchange, email, redirect, verified, last_login, del_date) VALUES ('$pfirst', ' $plast', '$puname',
'$ppass', '$pgr1', '$pgr2', '$pgr3', '$ppchange', '$pe_mail', '$pre_direct', '$pver_d', '$plast_log', '$pdel_date')";
$resultp2 = @mysql_query($xfer2, $connection) or die(mysql_error());
}
$purge = "DELETE FROM $table_name WHERE last_login < $killtime";
$resultp3 = @mysql_query($purge, $connection) or die(mysql_error());
}
echo "";
echo $msg;
if ($_POST[username] == $_SESSION[user_name])
{
session_destroy();
echo "";
echo "";
echo "";
echo "New Page 2";
echo "";
exit;
}
?>
Modify User