diff options
author | citizenz7 <citizenz7@protonmail.com> | 2017-04-20 18:50:55 +0200 |
---|---|---|
committer | citizenz7 <citizenz7@protonmail.com> | 2017-04-20 18:50:55 +0200 |
commit | 5fd9fa480f302902328b81f912dd67ce378284f8 (patch) | |
tree | 66234843ae2857fda12442e4f7577c527d48977c /Html/admin/users.php | |
parent | ebe731862c7c741171138b1083906f391fc35aff (diff) | |
download | freetorrent-5fd9fa480f302902328b81f912dd67ce378284f8.tar.xz freetorrent-5fd9fa480f302902328b81f912dd67ce378284f8.zip |
V.1.4.6
Diffstat (limited to '')
-rw-r--r-- | Html/admin/users.php | 170 |
1 files changed, 170 insertions, 0 deletions
diff --git a/Html/admin/users.php b/Html/admin/users.php new file mode 100644 index 0000000..9e12cd9 --- /dev/null +++ b/Html/admin/users.php @@ -0,0 +1,170 @@ +<?php +//include config +require_once '../includes/config.php'; + +//Si pas connecté OU si le membre n'est pas admin, pas de connexion à l'espace d'admin --> retour sur la page login +if(!$user->is_logged_in()) { + header('Location: login.php'); +} + +if(isset($_SESSION['userid'])) { + if($_SESSION['userid'] != 1) { + header('Location: '.SITEURL); + } +} + +//show message from add / edit page +if(isset($_GET['deluser'])){ + + //if user id is 1 ignore + if($_GET['deluser'] !='1'){ + + // On supprime l'avatar du membre + $stmt = $db->prepare('SELECT avatar FROM blog_members WHERE memberID = :memberID'); + $stmt->execute(array(':memberID' => (int) $_GET['deluser'])); + $sup = $stmt->fetch(); + $file = $REP_IMAGES_AVATARS.$sup['avatar']; + if (!empty($sup['avatar'])) { + unlink($file); + } + + // on supprime le membre + $stmt = $db->prepare('DELETE FROM blog_members WHERE memberID = :memberID') ; + $stmt->execute(array(':memberID' => (int) $_GET['deluser'])); + + // on supprime les données torrent du membre + $stmt1 = $db->prepare('DELETE FROM xbt_users WHERE uid = :uid') ; + $stmt1->execute(array(':uid' => (int) $_GET['deluser'])); + + // on supprime les commentaires du membre + //$delname = html($_GET['delname']); + //$stmt2 = $db->prepare('DELETE FROM blog_posts_comments WHERE cuser = :cuser') ; + //$stmt2->execute(array(':cuser' => $delname)); + + header('Location: users.php?action=supprime'); + exit; + + } +} + +// titre de la page +$pagetitle= 'Admin : gestion des membres'; +include_once '../includes/header.php'; + +?> + +<body> + +<div id="container"> + + <?php + include_once '../includes/header-logo.php'; + include_once '../includes/nav.php'; + ?> + + + <div id="body"> + <div id="content"> + + <?php include('menu.php');?> + + <?php + //show message from add / edit user + if(isset($_GET['action']) && $_GET['action'] == 'supprime'){ + echo '<h3>Le membre a été supprimé avec succès.</h3>'; + } + if(isset($_GET['action']) && $_GET['action'] == 'ajoute'){ + echo '<h3>Le membre a été ajouté avec succès.</h3>'; + } + ?> + + <table> + <tr> + <th>ID</th> + <th>Pseudo</th> + <th>PID</th> + <th>Email</th> + <th style="text-align: center;">Inscription</th> + <th>Validé</th> + <th style="text-align: center;">Action</th> + </tr> + <?php + try { + $pages = new Paginator('10','p'); + + $stmt = $db->query('SELECT memberID FROM blog_members'); + + //pass number of records to + $pages->set_total($stmt->rowCount()); + + $stmt = $db->query('SELECT memberID,username,pid,email,memberDate,active FROM blog_members ORDER BY memberID DESC '.$pages->get_limit()); + while($row = $stmt->fetch()){ + + echo '<tr>'; + echo '<td>'.html($row['memberID']).'</td>'; + echo '<td>'.html($row['username']).'</td>'; + echo '<td style="font-size: 10px;">'.html($row['pid']).'</td>'; + echo '<td style="font-size: 11px;">'.html($row['email']).'</td>'; + + sscanf($row['memberDate'], "%4s-%2s-%2s %2s:%2s:%2s", $annee, $mois, $jour, $heure, $minute, $seconde); + echo '<td style="font-size: 10px; text-align: center;">'.$jour.'-'.$mois.'-'.$annee.'</td>'; + ?> + + <?php + echo '<td style="text-align:center;">'; + if($row['active'] == 'yes') { + echo 'oui'; + } + elseif($row['active'] != 'yes' || $row['active'] == 'no') { + echo 'non'; + } + echo '</td>'; + ?> + + <td style="text-align: center;"> + <a style="text-decoration: none;" href="edit-user.php?id=<?php echo html($row['memberID']);?>"> + <input type="button" class="button" value="Edit." /></a> + <?php if($row['memberID'] != 1){?> + | <a style="text-decoration: none;" href="javascript:deluser('<?php echo html($row['memberID']);?>','<?php echo html($row['username']);?>')"> + <input type="button" class="button" value="Supp." /></a> + <?php } ?> + </td> + + <?php + echo '</tr>'; + + } + + } catch(PDOException $e) { + echo $e->getMessage(); + } + ?> + </table> + + <br /> + + <?php + echo $pages->page_links(); + ?> + + <p style="text-align: right;"> + <a href="add-user.php" style="text-decoration: none;"><input type="button" class="button" value="Ajouter un membre" /></a> + </p> + </div> + + <?php + include_once '../sidebar.php'; + ?> + + <div class="clear"></div> + </div> +</div> + +<div id="footer"> + <?php + include_once '../includes/footer.php'; + ?> +</div> + +</body> +</html> |