[ Index ]

PHP Cross Reference of osCMax 2.0.4

title

Body

[close]

/admin/ -> admin_members.php (source)

   1  <?php
   2  /*

   3  $Id: admin_members.php 3 2006-05-27 04:59:07Z user $

   4  

   5    osCMax Power E-Commerce

   6    http://oscdox.com

   7  

   8    Copyright 2009 osCMax

   9  

  10    Released under the GNU General Public License

  11  */
  12  
  13    require ('includes/application_top.php');
  14  
  15    $current_boxes = DIR_FS_ADMIN . DIR_WS_BOXES;
  16  
  17    if ($HTTP_GET_VARS['action']) {
  18      switch ($HTTP_GET_VARS['action']) {
  19        case 'member_new':
  20          $check_email_query = tep_db_query("select admin_email_address from " . TABLE_ADMIN . "");
  21          while ($check_email = tep_db_fetch_array($check_email_query)) {
  22            $stored_email[] = $check_email['admin_email_address'];
  23          }
  24  
  25          if (in_array($HTTP_POST_VARS['admin_email_address'], $stored_email)) {
  26            tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . 'mID=' . $HTTP_GET_VARS['mID'] . '&error=email&action=new_member'));
  27          } else {
  28            function randomize() {
  29              $salt = "abchefghjkmnpqrstuvwxyz0123456789";
  30              srand((double)microtime()*1000000);
  31              $i = 0;
  32                while ($i <= 7) {
  33                $num = rand() % 33;
  34                $tmp = substr($salt, $num, 1);
  35                $pass = $pass . $tmp;
  36                $i++;
  37              }
  38              return $pass;
  39            }
  40            $makePassword = randomize();
  41  
  42            $sql_data_array = array('admin_groups_id' => tep_db_prepare_input($HTTP_POST_VARS['admin_groups_id']),
  43                                    'admin_username' => tep_db_prepare_input($HTTP_POST_VARS['admin_username']),
  44                                    'admin_firstname' => tep_db_prepare_input($HTTP_POST_VARS['admin_firstname']),
  45                                    'admin_lastname' => tep_db_prepare_input($HTTP_POST_VARS['admin_lastname']),
  46                                    'admin_email_address' => tep_db_prepare_input($HTTP_POST_VARS['admin_email_address']),
  47                                    'admin_password' => tep_encrypt_password($makePassword),
  48                                    'admin_created' => 'now()');
  49  
  50            tep_db_perform(TABLE_ADMIN, $sql_data_array);
  51            $admin_id = tep_db_insert_id();
  52  
  53            tep_mail($HTTP_POST_VARS['admin_firstname'] . ' ' . $HTTP_POST_VARS['admin_lastname'], $HTTP_POST_VARS['admin_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $HTTP_POST_VARS['admin_username'], HTTP_SERVER . DIR_WS_ADMIN, $HTTP_POST_VARS['admin_email_address'], $makePassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  54  
  55            tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $admin_id));
  56          }
  57          break;
  58  
  59        case 'member_edit':
  60          $admin_id = tep_db_prepare_input($HTTP_POST_VARS['admin_id']);
  61          $hiddenPassword = '-hidden-';
  62          $stored_email[] = 'NONE';
  63  
  64          $check_email_query = tep_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . "");
  65          while ($check_email = tep_db_fetch_array($check_email_query)) {
  66            $stored_email[] = $check_email['admin_email_address'];
  67          }
  68  
  69          if (in_array($HTTP_POST_VARS['admin_email_address'], $stored_email)) {
  70            tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . 'mID=' . $HTTP_GET_VARS['mID'] . '&error=email&action=edit_member'));
  71          } else {
  72            $sql_data_array = array('admin_groups_id' => tep_db_prepare_input($HTTP_POST_VARS['admin_groups_id']),
  73                                    'admin_username' => tep_db_prepare_input($HTTP_POST_VARS['admin_username']),
  74                                    'admin_firstname' => tep_db_prepare_input($HTTP_POST_VARS['admin_firstname']),
  75                                    'admin_lastname' => tep_db_prepare_input($HTTP_POST_VARS['admin_lastname']),
  76                                    'admin_email_address' => tep_db_prepare_input($HTTP_POST_VARS['admin_email_address']),
  77                                    'admin_modified' => 'now()');
  78  
  79            tep_db_perform(TABLE_ADMIN, $sql_data_array, 'update', 'admin_id = \'' . $admin_id . '\'');
  80  
  81            tep_mail($HTTP_POST_VARS['admin_username'] . ' ' . $HTTP_POST_VARS['admin_lastname'], $HTTP_POST_VARS['admin_email_address'], ADMIN_EMAIL_EDIT_SUBJECT, sprintf(ADMIN_EMAIL_EDIT_TEXT, $HTTP_POST_VARS['admin_username'], HTTP_SERVER . DIR_WS_ADMIN, $HTTP_POST_VARS['admin_email_address'], $hiddenPassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  82  
  83            tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $admin_id));
  84          }
  85          break;
  86  
  87        case 'member_delete':
  88          $admin_id = tep_db_prepare_input($HTTP_POST_VARS['admin_id']);
  89          tep_db_query("delete from " . TABLE_ADMIN . " where admin_id = '" . $admin_id . "'");
  90  
  91          tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page']));
  92          break;
  93  
  94        case 'group_define':
  95          $selected_checkbox = $HTTP_POST_VARS['groups_to_boxes'];
  96  
  97          $define_files_query = tep_db_query("select admin_files_id from " . TABLE_ADMIN_FILES . " order by admin_files_id");
  98          while ($define_files = tep_db_fetch_array($define_files_query)) {
  99            $admin_files_id = $define_files['admin_files_id'];
 100  
 101            if (in_array ($admin_files_id, $selected_checkbox)) {
 102              $sql_data_array = array('admin_groups_id' => tep_db_prepare_input($HTTP_POST_VARS['checked_' . $admin_files_id]));
 103              //$set_group_id = $HTTP_POST_VARS['checked_' . $admin_files_id];

 104            } else {
 105              $sql_data_array = array('admin_groups_id' => tep_db_prepare_input($HTTP_POST_VARS['unchecked_' . $admin_files_id]));
 106              //$set_group_id = $HTTP_POST_VARS['unchecked_' . $admin_files_id];

 107            }
 108            tep_db_perform(TABLE_ADMIN_FILES, $sql_data_array, 'update', 'admin_files_id = \'' . $admin_files_id . '\'');
 109          }
 110  
 111          tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_POST_VARS['admin_groups_id']));
 112          break;
 113  
 114        case 'group_delete':
 115          $set_groups_id = tep_db_prepare_input($HTTP_POST_VARS['set_groups_id']);
 116  
 117          tep_db_query("delete from " . TABLE_ADMIN_GROUPS . " where admin_groups_id = '" . $HTTP_GET_VARS['gID'] . "'");
 118          tep_db_query("alter table " . TABLE_ADMIN_FILES . " change admin_groups_id admin_groups_id set( " . $set_groups_id . " ) NOT NULL DEFAULT '1' ");
 119          tep_db_query("delete from " . TABLE_ADMIN . " where admin_groups_id = '" . $HTTP_GET_VARS['gID'] . "'");
 120  
 121          tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=groups'));
 122          break;
 123  
 124        case 'group_edit':
 125          $admin_groups_name = ucwords(strtolower(tep_db_prepare_input($HTTP_POST_VARS['admin_groups_name'])));
 126          $name_replace = ereg_replace (" ", "%", $admin_groups_name);
 127  
 128          if (($admin_groups_name == '' || NULL) || (strlen($admin_groups_name) <= 5) ) {
 129            tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_GET_VARS[gID] . '&gName=false&action=action=edit_group'));
 130          } else {
 131            $check_groups_name_query = tep_db_query("select admin_groups_name as group_name_edit from " . TABLE_ADMIN_GROUPS . " where admin_groups_id <> " . $HTTP_GET_VARS['gID'] . " and admin_groups_name like '%" . $name_replace . "%'");
 132            $check_duplicate = tep_db_num_rows($check_groups_name_query);
 133            if ($check_duplicate > 0){
 134              tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_GET_VARS['gID'] . '&gName=used&action=edit_group'));
 135            } else {
 136              $admin_groups_id = $HTTP_GET_VARS['gID'];
 137              tep_db_query("update " . TABLE_ADMIN_GROUPS . " set admin_groups_name = '" . $admin_groups_name . "' where admin_groups_id = '" . $admin_groups_id . "'");
 138              tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $admin_groups_id));
 139            }
 140          }
 141          break;
 142  
 143        case 'group_new':
 144          $admin_groups_name = ucwords(strtolower(tep_db_prepare_input($HTTP_POST_VARS['admin_groups_name'])));
 145          $name_replace = ereg_replace (" ", "%", $admin_groups_name);
 146  
 147          if (($admin_groups_name == '' || NULL) || (strlen($admin_groups_name) <= 5) ) {
 148            tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_GET_VARS[gID] . '&gName=false&action=new_group'));
 149          } else {
 150            $check_groups_name_query = tep_db_query("select admin_groups_name as group_name_new from " . TABLE_ADMIN_GROUPS . " where admin_groups_name like '%" . $name_replace . "%'");
 151            $check_duplicate = tep_db_num_rows($check_groups_name_query);
 152            if ($check_duplicate > 0){
 153              tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_GET_VARS['gID'] . '&gName=used&action=new_group'));
 154            } else {
 155              $sql_data_array = array('admin_groups_name' => $admin_groups_name);
 156              tep_db_perform(TABLE_ADMIN_GROUPS, $sql_data_array);
 157              $admin_groups_id = tep_db_insert_id();
 158  
 159              $set_groups_id = tep_db_prepare_input($HTTP_POST_VARS['set_groups_id']);
 160              $add_group_id = $set_groups_id . ',\'' . $admin_groups_id . '\'';
 161              tep_db_query("alter table " . TABLE_ADMIN_FILES . " change admin_groups_id admin_groups_id set( " . $add_group_id . ") NOT NULL DEFAULT '1' ");
 162  
 163              tep_redirect(tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $admin_groups_id));
 164            }
 165          }
 166          break;
 167      }
 168    }
 169  
 170  ?>
 171  <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
 172  <html <?php echo HTML_PARAMS; ?>>
 173  <head>
 174  <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
 175  <title><?php echo TITLE; ?></title>
 176  <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
 177  <script language="javascript" src="includes/general.js"></script>
 178  <?php require ('includes/account_check.js.php'); ?>
 179  </head>
 180  <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF" onload="SetFocus();">
 181  <!-- header //-->
 182  <?php require (DIR_WS_INCLUDES . 'header.php'); ?>
 183  <!-- header_eof //-->
 184  
 185  <!-- body //-->
 186  <table border="0" width="100%" cellspacing="2" cellpadding="2">
 187    <tr>
 188      <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
 189  <!-- left_navigation //-->
 190  <?php require (DIR_WS_INCLUDES . 'column_left.php'); ?>
 191  <!-- left_navigation_eof //-->
 192      </table></td>
 193  <!-- body_text //-->
 194      <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
 195        <tr>
 196          <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
 197            <tr>
 198              <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
 199              <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>
 200            </tr>
 201          </table></td>
 202        </tr>
 203        <tr>
 204          <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
 205            <tr>
 206              <td valign="top">
 207  <?php
 208   if ($HTTP_GET_VARS['gPath']) {
 209     $group_name_query = tep_db_query("select admin_groups_name from " . TABLE_ADMIN_GROUPS . " where admin_groups_id = " . $HTTP_GET_VARS['gPath']);
 210     $group_name = tep_db_fetch_array($group_name_query);
 211  
 212     if ($HTTP_GET_VARS['gPath'] == 1) {
 213       echo tep_draw_form('defineForm', FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_GET_VARS['gPath']);
 214     } elseif ($HTTP_GET_VARS['gPath'] != 1) {
 215       echo tep_draw_form('defineForm', FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_GET_VARS['gPath'] . '&action=group_define', 'post', 'enctype="multipart/form-data"');
 216       echo tep_draw_hidden_field('admin_groups_id', $HTTP_GET_VARS['gPath']);
 217     }
 218  ?>
 219              <table border="0" width="100%" cellspacing="0" cellpadding="2">
 220                <tr class="dataTableHeadingRow">
 221                  <td colspan=2 class="dataTableHeadingContent">&nbsp;<?php echo TABLE_HEADING_GROUPS_DEFINE; ?></td>
 222                </tr>
 223  <?php
 224    $db_boxes_query = tep_db_query("select admin_files_id as admin_boxes_id, admin_files_name as admin_boxes_name, admin_groups_id as boxes_group_id from " . TABLE_ADMIN_FILES . " where admin_files_is_boxes = '1' order by admin_files_name");
 225    while ($group_boxes = tep_db_fetch_array($db_boxes_query)) {
 226      $group_boxes_files_query = tep_db_query("select admin_files_id, admin_files_name, admin_groups_id from " . TABLE_ADMIN_FILES . " where admin_files_is_boxes = '0' and admin_files_to_boxes = '" . $group_boxes['admin_boxes_id'] . "' order by admin_files_name");
 227  
 228      $selectedGroups = $group_boxes['boxes_group_id'];
 229      $groupsArray = explode(",", $selectedGroups);
 230  
 231      if (in_array($HTTP_GET_VARS['gPath'], $groupsArray)) {
 232        $del_boxes = array($HTTP_GET_VARS['gPath']);
 233        $result = array_diff ($groupsArray, $del_boxes);
 234        sort($result);
 235        $checkedBox = $selectedGroups;
 236        $uncheckedBox = implode (",", $result);
 237        $checked = true;
 238      } else {
 239        $add_boxes = array($HTTP_GET_VARS['gPath']);
 240        $result = array_merge ($add_boxes, $groupsArray);
 241        sort($result);
 242        $checkedBox = implode (",", $result);
 243        $uncheckedBox = $selectedGroups;
 244        $checked = false;
 245      }
 246  ?>
 247                <tr class="dataTableRowBoxes">
 248                  <td class="dataTableContent" width="23"><?php echo tep_draw_checkbox_field('groups_to_boxes[]', $group_boxes['admin_boxes_id'], $checked, '', 'id="groups_' . $group_boxes['admin_boxes_id'] . '" onClick="checkGroups(this)"'); ?></td>
 249                  <td class="dataTableContent"><b><?php echo ucwords(substr_replace ($group_boxes['admin_boxes_name'], '', -4)) . ' ' . tep_draw_hidden_field('checked_' . $group_boxes['admin_boxes_id'], $checkedBox) . tep_draw_hidden_field('unchecked_' . $group_boxes['admin_boxes_id'], $uncheckedBox); ?></b></td>
 250                </tr>
 251                <tr class="dataTableRow">
 252                  <td class="dataTableContent">&nbsp;</td>
 253                  <td class="dataTableContent">
 254                    <table border="0" cellspacing="0" cellpadding="0">
 255  <?php
 256       //$group_boxes_files_query = tep_db_query("select admin_files_id, admin_files_name, admin_groups_id from " . TABLE_ADMIN_FILES . " where admin_files_is_boxes = '0' and admin_files_to_boxes = '" . $group_boxes['admin_boxes_id'] . "' order by admin_files_name");

 257       while($group_boxes_files = tep_db_fetch_array($group_boxes_files_query)) {
 258         $selectedGroups = $group_boxes_files['admin_groups_id'];
 259         $groupsArray = explode(",", $selectedGroups);
 260  
 261         if (in_array($HTTP_GET_VARS['gPath'], $groupsArray)) {
 262           $del_boxes = array($HTTP_GET_VARS['gPath']);
 263           $result = array_diff ($groupsArray, $del_boxes);
 264           sort($result);
 265           $checkedBox = $selectedGroups;
 266           $uncheckedBox = implode (",", $result);
 267           $checked = true;
 268         } else {
 269           $add_boxes = array($HTTP_GET_VARS['gPath']);
 270           $result = array_merge ($add_boxes, $groupsArray);
 271           sort($result);
 272           $checkedBox = implode (",", $result);
 273           $uncheckedBox = $selectedGroups;
 274           $checked = false;
 275         }
 276  ?>
 277  
 278                      <tr>
 279                        <td width="20"><?php echo tep_draw_checkbox_field('groups_to_boxes[]', $group_boxes_files['admin_files_id'], $checked, '', 'id="subgroups_' . $group_boxes['admin_boxes_id'] . '" onClick="checkSub(this)"'); ?></td>
 280                        <td class="dataTableContent"><?php echo $group_boxes_files['admin_files_name'] . ' ' . tep_draw_hidden_field('checked_' . $group_boxes_files['admin_files_id'], $checkedBox) . tep_draw_hidden_field('unchecked_' . $group_boxes_files['admin_files_id'], $uncheckedBox);?></td>
 281                      </tr>
 282  <?php
 283       }
 284  ?>
 285                    </table>
 286                  </td>
 287                </tr>
 288  <?php
 289    }
 290  ?>
 291                <tr class="dataTableRowBoxes">
 292                  <td colspan=2 class="dataTableContent" valign="top" align="right"><?php if ($HTTP_GET_VARS['gPath'] != 1) { echo  '<a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_GET_VARS['gPath']) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a> ' . tep_image_submit('button_save.gif', IMAGE_INSERT); } else { echo tep_image_submit('button_back.gif', IMAGE_BACK); } ?>&nbsp;</td>
 293                </tr>
 294              </table></form>
 295  <?php
 296   } elseif ($HTTP_GET_VARS['gID']) {
 297  ?>
 298              <table border="0" width="100%" cellspacing="0" cellpadding="2">
 299                <tr class="dataTableHeadingRow">
 300                  <td class="dataTableHeadingContent">&nbsp;<?php echo TABLE_HEADING_GROUPS_NAME; ?></td>
 301                  <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?>&nbsp;</td>
 302                </tr>
 303  <?php
 304    $db_groups_query = tep_db_query("select * from " . TABLE_ADMIN_GROUPS . " order by admin_groups_id");
 305  
 306    $add_groups_prepare = '\'0\'' ;
 307    $del_groups_prepare = '\'0\'' ;
 308    $count_groups = 0;
 309    while ($groups = tep_db_fetch_array($db_groups_query)) {
 310      $add_groups_prepare .= ',\'' . $groups['admin_groups_id'] . '\'' ;
 311      if (((!$HTTP_GET_VARS['gID']) || ($HTTP_GET_VARS['gID'] == $groups['admin_groups_id']) || ($HTTP_GET_VARS['gID'] == 'groups')) && (!$gInfo) ) {
 312        $gInfo = new objectInfo($groups);
 313      }
 314  
 315      if ( (is_object($gInfo)) && ($groups['admin_groups_id'] == $gInfo->admin_groups_id) ) {
 316        echo '                <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="document.location.href=\'' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $groups['admin_groups_id'] . '&action=edit_group') . '\'">' . "\n";
 317      } else {
 318        echo '                <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="document.location.href=\'' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $groups['admin_groups_id']) . '\'">' . "\n";
 319        $del_groups_prepare .= ',\'' . $groups['admin_groups_id'] . '\'' ;
 320      }
 321  ?>
 322                  <td class="dataTableContent">&nbsp;<b><?php echo $groups['admin_groups_name']; ?></b></td>
 323                  <td class="dataTableContent" align="right"><?php if ( (is_object($gInfo)) && ($groups['admin_groups_id'] == $gInfo->admin_groups_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '<a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $groups['admin_groups_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?>&nbsp;</td>
 324                </tr>
 325  <?php
 326      $count_groups++;
 327    }
 328  ?>
 329                <tr>
 330                  <td colspan="2"><table border="0" width="100%" cellspacing="0" cellpadding="2">
 331                    <tr>
 332                      <td class="smallText" valign="top"><?php echo TEXT_COUNT_GROUPS . $count_groups; ?></td>
 333                      <td class="smallText" valign="top" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $gInfo->admin_groups_id . '&action=new_group') . '">' . tep_image_button('button_admin_group.gif', IMAGE_NEW_GROUP) . '</a>'; ?>&nbsp;</td>
 334                    </tr>
 335                  </table></td>
 336                </tr>
 337              </table>
 338  <?php
 339   } else {
 340  ?>
 341              <table border="0" width="100%" cellspacing="0" cellpadding="2">
 342                <tr class="dataTableHeadingRow">
 343                  <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_USERNAME; ?></td>
 344                  <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_NAME; ?></td>
 345                  <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_EMAIL; ?></td>
 346                  <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_GROUPS; ?></td>
 347                  <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_LOGNUM; ?></td>
 348                  <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?>&nbsp;</td>
 349                </tr>
 350  <?php
 351    $db_admin_query_raw = "select * from " . TABLE_ADMIN . " order by admin_username";
 352  
 353    $db_admin_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $db_admin_query_raw, $db_admin_query_numrows);
 354    $db_admin_query = tep_db_query($db_admin_query_raw);
 355    //$db_admin_num_row = tep_db_num_rows($db_admin_query);

 356  
 357    while ($admin = tep_db_fetch_array($db_admin_query)) {
 358      $admin_group_query = tep_db_query("select admin_groups_name from " . TABLE_ADMIN_GROUPS . " where admin_groups_id = '" . $admin['admin_groups_id'] . "'");
 359      $admin_group = tep_db_fetch_array ($admin_group_query);
 360      if (((!$HTTP_GET_VARS['mID']) || ($HTTP_GET_VARS['mID'] == $admin['admin_id'])) && (!$mInfo) ) {
 361        $mInfo_array = array_merge($admin, $admin_group);
 362        $mInfo = new objectInfo($mInfo_array);
 363      }
 364  
 365      if ( (is_object($mInfo)) && ($admin['admin_id'] == $mInfo->admin_id) ) {
 366        echo '                  <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="document.location.href=\'' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $admin['admin_id'] . '&action=edit_member') . '\'">' . "\n";
 367      } else {
 368        echo '                  <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="document.location.href=\'' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $admin['admin_id']) . '\'">' . "\n";
 369      }
 370  ?>
 371                  <td class="dataTableContent">&nbsp;<?php echo $admin['admin_username']; ?></td>
 372                  <td class="dataTableContent">&nbsp;<?php echo $admin['admin_firstname']; ?>&nbsp;<?php echo $admin['admin_lastname']; ?></td>
 373                  <td class="dataTableContent"><?php echo $admin['admin_email_address']; ?></td>
 374                  <td class="dataTableContent" align="center"><?php echo $admin_group['admin_groups_name']; ?></td>
 375                  <td class="dataTableContent" align="center"><?php echo $admin['admin_lognum']; ?></td>
 376                  <td class="dataTableContent" align="right"><?php if ( (is_object($mInfo)) && ($admin['admin_id'] == $mInfo->admin_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '<a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $admin['admin_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?>&nbsp;</td>
 377                </tr>
 378  <?php
 379    }
 380  ?>
 381                <tr>
 382                  <td colspan="5"><table border="0" width="100%" cellspacing="0" cellpadding="2">
 383                    <tr>
 384                      <td class="smallText" valign="top"><?php echo $db_admin_split->display_count($db_admin_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_MEMBERS); ?><br><?php echo $db_admin_split->display_links($db_admin_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?></td>
 385                      <td class="smallText" valign="top" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=groups') . '">' . tep_image_button('button_admin_groups.gif', IMAGE_GROUPS) . '</a>'; echo ' <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $mInfo->admin_id . '&action=new_member') . '">' . tep_image_button('button_admin_member.gif', IMAGE_NEW_MEMBER) . '</a>'; ?>&nbsp;</td>
 386                    </tr>
 387                  </table></td>
 388                </tr>
 389              </table>
 390  <?php
 391   }
 392  ?>
 393              </td>
 394  <?php
 395    $heading = array();
 396    $contents = array();
 397    switch ($HTTP_GET_VARS['action']) {
 398  
 399      case 'new_member':
 400        $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_NEW . '</b>');
 401  
 402        $contents = array('form' => tep_draw_form('newmember', FILENAME_ADMIN_MEMBERS, 'action=member_new&page=' . $page . 'mID=' . $HTTP_GET_VARS['mID'], 'post', 'enctype="multipart/form-data"'));
 403        if ($HTTP_GET_VARS['error']) {
 404          $contents[] = array('text' => TEXT_INFO_ERROR);
 405        }
 406        $contents[] = array('text' => '<br>&nbsp;' . TEXT_INFO_USERNAME . '<br>&nbsp;' . tep_draw_input_field('admin_username'));
 407        $contents[] = array('text' => '<br>&nbsp;' . TEXT_INFO_FIRSTNAME . '<br>&nbsp;' . tep_draw_input_field('admin_firstname'));
 408        $contents[] = array('text' => '<br>&nbsp;' . TEXT_INFO_LASTNAME . '<br>&nbsp;' . tep_draw_input_field('admin_lastname'));
 409        $contents[] = array('text' => '<br>&nbsp;' . TEXT_INFO_EMAIL . '<br>&nbsp;' . tep_draw_input_field('admin_email_address'));
 410  
 411        $groups_array = array(array('id' => '0', 'text' => TEXT_NONE));
 412        $groups_query = tep_db_query("select admin_groups_id, admin_groups_name from " . TABLE_ADMIN_GROUPS);
 413        while ($groups = tep_db_fetch_array($groups_query)) {
 414          $groups_array[] = array('id' => $groups['admin_groups_id'],
 415                                  'text' => $groups['admin_groups_name']);
 416        }
 417        $contents[] = array('text' => '<br>&nbsp;' . TEXT_INFO_GROUP . '<br>&nbsp;' . tep_draw_pull_down_menu('admin_groups_id', $groups_array, '0'));
 418        $contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_insert.gif', IMAGE_INSERT, 'onClick="validateForm();return document.returnValue"') . ' <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $HTTP_GET_VARS['mID']) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
 419        break;
 420  
 421      case 'edit_member':
 422        $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_NEW . '</b>');
 423  
 424        $contents = array('form' => tep_draw_form('newmember', FILENAME_ADMIN_MEMBERS, 'action=member_edit&page=' . $page . '&mID=' . $HTTP_GET_VARS['mID'], 'post', 'enctype="multipart/form-data"'));
 425        if ($HTTP_GET_VARS['error']) {
 426          $contents[] = array('text' => TEXT_INFO_ERROR);
 427        }
 428  
 429        $contents[] = array('text' => tep_draw_hidden_field('admin_id', $mInfo->admin_id));
 430        $contents[] = array('text' => '<br>&nbsp;' . TEXT_INFO_USERNAME . '<br>&nbsp;' . tep_draw_input_field('admin_username', $mInfo->admin_username));
 431        $contents[] = array('text' => '<br>&nbsp;' . TEXT_INFO_FIRSTNAME . '<br>&nbsp;' . tep_draw_input_field('admin_firstname', $mInfo->admin_firstname));
 432        $contents[] = array('text' => '<br>&nbsp;' . TEXT_INFO_LASTNAME . '<br>&nbsp;' . tep_draw_input_field('admin_lastname', $mInfo->admin_lastname));
 433        $contents[] = array('text' => '<br>&nbsp;' . TEXT_INFO_EMAIL . '<br>&nbsp;' . tep_draw_input_field('admin_email_address', $mInfo->admin_email_address));
 434        if ($mInfo->admin_id == 1) {
 435          $contents[] = array('text' => tep_draw_hidden_field('admin_groups_id', $mInfo->admin_groups_id));
 436        } else {
 437          $groups_array = array(array('id' => '0', 'text' => TEXT_NONE));
 438          $groups_query = tep_db_query("select admin_groups_id, admin_groups_name from " . TABLE_ADMIN_GROUPS);
 439          while ($groups = tep_db_fetch_array($groups_query)) {
 440            $groups_array[] = array('id' => $groups['admin_groups_id'],
 441                                    'text' => $groups['admin_groups_name']);
 442          }
 443          $contents[] = array('text' => '<br>&nbsp;' . TEXT_INFO_GROUP . '<br>&nbsp;' . tep_draw_pull_down_menu('admin_groups_id', $groups_array, $mInfo->admin_groups_id));
 444        }
 445        $contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_insert.gif', IMAGE_INSERT, 'onClick="validateForm();return document.returnValue"') . ' <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $HTTP_GET_VARS['mID']) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
 446        break;
 447  
 448      case 'del_member':
 449        $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_DELETE . '</b>');
 450        if ($mInfo->admin_id == 1 || $mInfo->admin_email_address == STORE_OWNER_EMAIL_ADDRESS) {
 451          $contents[] = array('align' => 'center', 'text' => '<br><a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $mInfo->admin_id) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a><br>&nbsp;');
 452        } else {
 453          $contents = array('form' => tep_draw_form('edit', FILENAME_ADMIN_MEMBERS, 'action=member_delete&page=' . $page . '&mID=' . $admin['admin_id'], 'post', 'enctype="multipart/form-data"'));
 454          $contents[] = array('text' => tep_draw_hidden_field('admin_id', $mInfo->admin_id));
 455          $contents[] = array('align' => 'center', 'text' =>  sprintf(TEXT_INFO_DELETE_INTRO, $mInfo->admin_username));
 456          $contents[] = array('align' => 'center', 'text' =>  sprintf(TEXT_INFO_DELETE_INTRO, $mInfo->admin_firstname . ' ' . $mInfo->admin_lastname));
 457          $contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_delete.gif', IMAGE_DELETE) . ' <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $HTTP_GET_VARS['mID']) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
 458        }
 459        break;
 460  
 461      case 'new_group':
 462        $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_GROUPS . '</b>');
 463  
 464        $contents = array('form' => tep_draw_form('new_group', FILENAME_ADMIN_MEMBERS, 'action=group_new&gID=' . $gInfo->admin_groups_id, 'post', 'enctype="multipart/form-data"'));
 465        if ($HTTP_GET_VARS['gName'] == 'false') {
 466          $contents[] = array('text' => TEXT_INFO_GROUPS_NAME_FALSE . '<br>&nbsp;');
 467        } elseif ($HTTP_GET_VARS['gName'] == 'used') {
 468          $contents[] = array('text' => TEXT_INFO_GROUPS_NAME_USED . '<br>&nbsp;');
 469        }
 470        $contents[] = array('text' => tep_draw_hidden_field('set_groups_id', substr($add_groups_prepare, 4)) );
 471        $contents[] = array('text' => TEXT_INFO_GROUPS_NAME . '<br>');
 472        $contents[] = array('align' => 'center', 'text' => tep_draw_input_field('admin_groups_name'));
 473        $contents[] = array('align' => 'center', 'text' => '<br><a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $gInfo->admin_groups_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a> ' . tep_image_submit('button_save.gif', IMAGE_SAVE) );
 474        break;
 475  
 476      case 'edit_group':
 477        $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_EDIT_GROUP . '</b>');
 478  
 479        $contents = array('form' => tep_draw_form('edit_group', FILENAME_ADMIN_MEMBERS, 'action=group_edit&gID=' . $HTTP_GET_VARS['gID'], 'post', 'enctype="multipart/form-data"'));
 480        if ($HTTP_GET_VARS['gName'] == 'false') {
 481          $contents[] = array('text' => TEXT_INFO_GROUPS_NAME_FALSE . '<br>&nbsp;');
 482        } elseif ($HTTP_GET_VARS['gName'] == 'used') {
 483          $contents[] = array('text' => TEXT_INFO_GROUPS_NAME_USED . '<br>&nbsp;');
 484        }
 485        $contents[] = array('align' => 'center', 'text' => TEXT_INFO_EDIT_GROUPS_INTRO . '<br>&nbsp;<br>' . tep_draw_input_field('admin_groups_name', $gInfo->admin_groups_name));
 486        $contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_save.gif', IMAGE_SAVE) . ' <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $gInfo->admin_groups_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
 487        break;
 488      case 'del_group':
 489        $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_DELETE_GROUPS . '</b>');
 490  
 491        $contents = array('form' => tep_draw_form('delete_group', FILENAME_ADMIN_MEMBERS, 'action=group_delete&gID=' . $gInfo->admin_groups_id, 'post', 'enctype="multipart/form-data"'));
 492        if ($gInfo->admin_groups_id == 1) {
 493          $contents[] = array('align' => 'center', 'text' => sprintf(TEXT_INFO_DELETE_GROUPS_INTRO_NOT, $gInfo->admin_groups_name));
 494          $contents[] = array('align' => 'center', 'text' => '<br><a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_GET_VARS['gID']) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a><br>&nbsp;');
 495        } else {
 496          $contents[] = array('text' => tep_draw_hidden_field('set_groups_id', substr($del_groups_prepare, 4)) );
 497          $contents[] = array('align' => 'center', 'text' => sprintf(TEXT_INFO_DELETE_GROUPS_INTRO, $gInfo->admin_groups_name));
 498          $contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_delete.gif', IMAGE_DELETE) . ' <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_GET_VARS['gID']) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a><br>&nbsp;');
 499        }
 500        break;
 501  
 502      case 'define_group':
 503        $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_DEFINE . '</b>');
 504  
 505        $contents[] = array('text' => sprintf(TEXT_INFO_DEFINE_INTRO, $group_name['admin_groups_name']));
 506        if ($HTTP_GET_VARS['gPath'] == 1) {
 507          $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $HTTP_GET_VARS['gPath']) . '">' . tep_image_button('button_back.gif', IMAGE_CANCEL) . '</a><br>');
 508        }
 509        break;
 510      case 'show_group':
 511        $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_EDIT_GROUP . '</b>');
 512          $check_email_query = tep_db_query("select admin_email_address from " . TABLE_ADMIN . "");
 513          //$stored_email[];

 514          while ($check_email = tep_db_fetch_array($check_email_query)) {
 515            $stored_email[] = $check_email['admin_email_address'];
 516          }
 517  
 518          if (in_array($HTTP_POST_VARS['admin_email_address'], $stored_email)) {
 519            $checkEmail = "true";
 520          } else {
 521            $checkEmail = "false";
 522          }
 523        $contents = array('form' => tep_draw_form('show_group', FILENAME_ADMIN_MEMBERS, 'action=show_group&gID=groups', 'post', 'enctype="multipart/form-data"'));
 524        $contents[] = array('text' => $define_files['admin_files_name'] . tep_draw_input_field('level_edit', $checkEmail));
 525        //$contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_insert.gif', IMAGE_INSERT) . ' <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $gInfo->admin_groups_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');

 526        break;
 527  
 528      default:
 529        if (is_object($mInfo)) {
 530          $heading[] = array('text' => '<b>&nbsp;' . TEXT_INFO_HEADING_DEFAULT . '</b>');
 531          $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $mInfo->admin_id . '&action=edit_member') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $mInfo->admin_id . '&action=del_member') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a><br>&nbsp;');
 532          $contents[] = array('text' => '&nbsp;<b>' . TEXT_INFO_USERNAME . '</b><br>&nbsp;' . $mInfo->admin_username);
 533          $contents[] = array('text' => '&nbsp;<b>' . TEXT_INFO_FULLNAME . '</b><br>&nbsp;' . $mInfo->admin_firstname . ' ' . $mInfo->admin_lastname);
 534          $contents[] = array('text' => '&nbsp;<b>' . TEXT_INFO_EMAIL . '</b><br>&nbsp;' . $mInfo->admin_email_address);
 535          $contents[] = array('text' => '&nbsp;<b>' . TEXT_INFO_GROUP . '</b>' . $mInfo->admin_groups_name);
 536          $contents[] = array('text' => '&nbsp;<b>' . TEXT_INFO_CREATED . '</b><br>&nbsp;' . $mInfo->admin_created);
 537          $contents[] = array('text' => '&nbsp;<b>' . TEXT_INFO_MODIFIED . '</b><br>&nbsp;' . $mInfo->admin_modified);
 538          $contents[] = array('text' => '&nbsp;<b>' . TEXT_INFO_LOGDATE . '</b><br>&nbsp;' . $mInfo->admin_logdate);
 539          $contents[] = array('text' => '&nbsp;<b>' . TEXT_INFO_LOGNUM . '</b>' . $mInfo->admin_lognum);
 540          $contents[] = array('text' => '<br>');
 541        } elseif (is_object($gInfo)) {
 542          $heading[] = array('text' => '<b>&nbsp;' . TEXT_INFO_HEADING_DEFAULT_GROUPS . '</b>');
 543  
 544          $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gPath=' . $gInfo->admin_groups_id . '&action=define_group') . '">' . tep_image_button('button_admin_permission.gif', IMAGE_FILE_PERMISSION) . '</a> <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $gInfo->admin_groups_id . '&action=edit_group') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $gInfo->admin_groups_id . '&action=del_group') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
 545          $contents[] = array('text' => '<br>' . TEXT_INFO_DEFAULT_GROUPS_INTRO . '<br>&nbsp');
 546        }
 547    }
 548  
 549    if ( (tep_not_null($heading)) && (tep_not_null($contents)) ) {
 550      echo '            <td width="25%" valign="top">' . "\n";
 551  
 552      $box = new box;
 553      echo $box->infoBox($heading, $contents);
 554  
 555      echo '            </td>' . "\n";
 556    }
 557  ?>
 558            </tr>
 559          </table></td>
 560        </tr>
 561      </table></td>
 562  <!-- body_text_eof //-->
 563    </tr>
 564  </table>
 565  <!-- body_eof //-->
 566  
 567  <!-- footer //-->
 568  <?php require (DIR_WS_INCLUDES . 'footer.php'); ?>
 569  <!-- footer_eof //-->
 570  <br>
 571  </body>
 572  </html>
 573  <?php require (DIR_WS_INCLUDES . 'application_bottom.php'); ?>


Generated: Fri Jan 1 13:43:16 2010 Cross-referenced by PHPXref 0.7