File: /home/panama/public_html_old/managesite/admin_user_edit.php
<?
include("../include/config.php");
include("../include/opner_admin.php");
if(strlen(trim($_GET['edit_id'])) > 0)
{ $edit_id = base64_decode($functions->anti_injection($_GET['edit_id'])); }
if(strlen(trim($_POST['btnUpdate'])) > 0)
{
$selnew = new database();
$selnew->where("email ='".$functions->anti_injection($_POST['email'])."' and id !=".$edit_id );
$selnew->selectstmt("admin_users");
if($selnew->row_count > 0)
{ $err = 1; $err_email = "The Email address already exists."; }
if($err <> 1)
{
$firstname = $functions->anti_injection($_POST['txtFirstname']);
$lastname = $functions->anti_injection($_POST['txtLastname']);
$email = $functions->anti_injection($_POST['email']);
$db = new database();
$db->where("id=".$edit_id);
$db->data("firstname",$firstname);
$db->data("lastname",$lastname);
$db->data("email",$email);
$db->update("admin_users");
$_SESSION['msg'] = "Admin user updated successfully";
header("location:admin_user_list.php");
}
}
if(strlen(trim($_POST['btnchgpwd'])) > 0)
{
$seldb = new database();
$seldb->where("username='".$functions->anti_injection(base64_encode($_POST['username']))."' and password='".$functions->anti_injection(base64_encode($_POST['Password']))."' and id =".$edit_id );
$seldb->selectstmt("admin_users");
if($seldb->row_count == 0)
{ $err = 1; $err_user = "Please provide vailid username & password."; }
$selnew = new database();
$selnew->where("email ='".$functions->anti_injection($_POST['email'])."' and id !=".$edit_id );
$selnew->selectstmt("admin_users");
if($selnew->row_count > 0)
{ $err = 1; $err_email = "The Email address already exists."; }
if($err <> 1)
{
$firstname = $functions->anti_injection($_POST['txtFirstname']);
$lastname = $functions->anti_injection($_POST['txtLastname']);
$email = $functions->anti_injection($_POST['email']);
$username = $functions->anti_injection($_POST['txtusername']);
$password = $functions->anti_injection($_POST['txtPassword']);
$db = new database();
$db->where("id=".$edit_id);
$db->data("firstname",$firstname);
$db->data("lastname",$lastname);
$db->data("email",$email);
$db->data("username",trim(base64_encode($username)));
$db->data("password",trim(base64_encode($password)));
$db->update("admin_users");
$err_msg = "Password Change Successfully";
$file_path ="../mail/admin_pwd.html";
$message = file_get_contents($file_path);
$message = str_replace("[[firstname]]",$firstname, $message);
$message = str_replace("[[username]]",$username, $message);
$message = str_replace("[[password]]",$password, $message);
$message = str_replace("[[support]]",SUPPORT, $message);
$message = str_replace("[[sitename]]",SITE_NAME, $message);
$message = str_replace("[[siteurl]]",SITE_URL, $message);
$message = str_replace("[[text]]",Updated, $message);
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: '.SITE_ADMIN_TITLE. "\r\n";
@mail($email, $err_msg, $message, $headers);
}
}
if($edit_id)
{
$db_sel = new database();
$db_sel->where("id=".$edit_id);
$db_sel->selectstmt("admin_users");
$firstname = $db_sel->f_firstname;
$lastname = $db_sel->f_lastname;
$email = $db_sel->f_email;
}
?>
<html>
<head>
<title><?=SITE_ADMIN_TITLE?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="description" content="<?=META_DESCRIPTION?>" />
<meta name="keywords" content="<?=META_KEYWORD?>" />
<link href="css.css" rel="stylesheet" type="text/css">
<link rel="stylesheet" type="text/css" href="js/style.css" />
<script type="text/javascript" src="js/lib/prototype.js"></script>
<script type="text/javascript" src="js/src/effects.js"></script>
<script type="text/javascript" src="js/validation.js"></script>
<script src="js/MyFunctions.js"></script>
<script language="javascript">
function newhide(id)
{
if(document.getElementById(id).style.display == 'none')
{
document.getElementById(id).style.display = 'block';
document.getElementById('Update').style.display = 'none';
document.getElementById('newUpdate').style.display = 'block';
}
else
{
document.getElementById(id).style.display = 'none';
document.getElementById('Update').style.display = 'block';
document.getElementById('newUpdate').style.display = 'none';
}
}
</script>
</head>
<body onLoad="javascript:showhide('admin');">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="100%"><? include("header.php")?></td>
</tr>
<tr>
<td align="right" valign="top" width="100%">
<form name="frmuseredit" id="frmuseredit" action="#" method="post">
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="inertable">
<tr>
<td class="inertr" style="padding-left:7px"><img src="images/bullet_new.png" align="absmiddle" /> Update Admin user Details</td>
</tr>
<tr>
<td>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="center"><table width="100%" border="0" cellpadding="1" cellspacing="3" class="normalText">
<tr><td class="textbold" colspan="3" style="padding-left:80px;">(<i> All fields are mandatory</i> )</td></tr>
<tr>
<td> </td>
<td height="20" colspan="2" align="left">
<? if($err_user !="") ?><span class="error"><?=$err_user?></span>
</td>
</tr>
<tr>
<td width="34%" align="right" class="textbold" valign="top">First name </td>
<td><input name="txtFirstname" id="txtFirstname" type="text" class="required" value="<?=$firstname?>" size="30" /></td>
</tr>
<tr>
<td align="right" class="textbold" valign="top">Last name </td>
<td><input name="txtLastname" id="txtLastname" type="text" class="required" value="<?=$lastname?>" size="30" /></td>
</tr>
<tr>
<td align="right" class="textbold" valign="top">Email Address </td>
<td>
<input name="email" id="email" type="text" class="required validate-email" value="<?=$email?>" size="30" />
<br><span class="error"><?=$err_email?></td>
</tr>
<tr>
<td align="right" class="textbold" valign="top"> </td>
<td><a href="#" class="chgpwd" onClick="javascript:newhide('chgpwd');">Change Password</a></td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td id="chgpwd" style="display:none;">
<table width="100%" border="0" cellspacing="0" cellpadding="0" >
<tr>
<td align="center">
<table width="100%" border="0" cellpadding="1" cellspacing="3" class="normalText">
<tr>
<td align="right" class="textbold" valign="top" width="34%">Old User name </td>
<td align="left"><input type="text" name="username" id="username" class="required" size="30"></td>
</tr>
<tr>
<td align="right" class="textbold" valign="top">Old Password </td>
<td align="left"><input type="password" name="Password" id="Password" class="required" size="30" /><span class="error"><?=$err_name?></td>
</tr>
<tr>
<td align="right" class="textbold" valign="top">New User name </td>
<td align="left" class="td"><input type="text" name="txtusername" id="txtusername" class="required" size="30"></td>
</tr>
<tr>
<td align="right" class="textbold" valign="top">New Password </td>
<td align="left"><input type="password" name="txtPassword" id="txtPassword" class="required validate-password" size="30"></td>
</tr>
<tr>
<td align="right" class="textbold" valign="top">Confirm Password </td>
<td align="left"><input type="password" name="confirmPassword" id="confirmPassword" class="required validate-password-confirm" size="30"></td>
</tr>
<tr>
<td align="right" class="textbold" valign="top"> </td>
<td align="left">
<table class="normalText" id="newUpdate" style="display:none;">
<tr>
<td><input name="btnchgpwd" type="submit" class="btn" value="Update" style="border:none;"/> <input type="button" name="btnback" value="Back to List" class="btn" onClick="javascript:location.href='admin_user_list.php'" style="border:none;"/></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table width="100%" border="0" cellspacing="0" cellpadding="0" >
<tr>
<td align="center" id="Update" style="display:block;">
<table width="100%" border="0" cellpadding="1" cellspacing="3" class="normalText">
<tr>
<td align="right" class="bold_black" width="34%"> </td>
<td><input name="btnUpdate" type="submit" class="btn" value="Update" style="border:none;"/> <input type="button" name="btnback" value="Back to List" class="btn" onClick="javascript:location.href='admin_user_list.php'" style="border:none;"/></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td height="10" id="page"></td>
</tr>
</table>
</form>
<script type="text/javascript">
function formCallback(result, form) {
window.status = "valiation callback for form '" + form.id + "': result = " + result;
}
var valid = new Validation('frmuseredit', {immediate : true, onFormValidate : formCallback});
Validation.addAllThese
([
['validate-password', 'Your password must be more than 6 characters and not be \'password\' or the same as your User name', {
minLength : 7,
notOneOf : ['password','PASSWORD','1234567','0123456'],
notEqualToField : 'txtusername'
}],
['validate-password-confirm', 'Your confirmation password does not match your new password, please try again.', {
equalToField : 'txtPassword'
}]
]);
</script>
<script type="text/javascript" src="js/change_backcolor.js"></script>
</td>
</tr>
</table>
</body>
</html>