File: /home/httpd/html/xdudes.com/admin/users.php
<?php
require "header.php";
$users_processed = 0;
$content_processed = 0;
$messages = array();
$errors = array();
if (count($errors) === 0 && isset($_POST['list']) && count($_POST['list']) > 0) {
foreach ($_POST['list'] as $i) {
if (is_numeric($i)) {
$user = dbQuery("SELECT `record_num`, `username` FROM `users` WHERE `record_num` = '$i'", false);
$user = $user[0];
if (is_numeric($user['record_num'])) {
switch ($_POST['action']) {
case 'delete':
dbQuery("DELETE FROM `users` WHERE `record_num` = '$i'");
dbQuery("DELETE FROM `comments` WHERE `userid` = '$i'");
$users_processed++;
break;
case 'block':
dbQuery("UPDATE `users` SET `enabled` = 0 WHERE `record_num` = '$i'");
$users_processed++;
break;
case 'unblock':
dbQuery("UPDATE `users` SET `enabled` = 1 WHERE `record_num` = '$i'");
$users_processed++;
break;
case 'verify':
dbQuery("UPDATE `users` SET `enabled` = 1, `validate` = '', `email_verified` = 1 WHERE `record_num` = '$i'");
$users_processed++;
break;
}
} else {
$errors[] = "User with ID: $i not found!";
}
}
}
}
if (isset($_POST['action']) && $users_processed > 0) {
if ($_POST['action'] === 'delete') {
$messages[] = "<div>$users_processed users deleted</div>";
} else if ($_POST['action'] === 'block') {
$messages[] = "<div>$users_processed users blocked</div>";
} else if ($_POST['action'] === 'unblock') {
$messages[] = "<div>$users_processed users unblocked</div>";
} else if ($_POST['action'] === 'verify') {
$messages[] = "<div>$users_processed users verified</div>";
}
}
$page = (isset($_GET['page']) && is_numeric($_GET['page'])) ? (int) $_GET['page'] : 1;
$max_results = (isset($_GET['setmax']) && $_GET['setmax'] > 0) ? (int) $_GET['setmax'] : 100;
$from = ($page * $max_results) - $max_results;
?>
<div class="content-page">
<div class="header-area">
<div class="breadcrumbs">
<a href="index.php">Admin Home</a>
<?php
$usersTitle = "Users";
$usersLink = "";
if ($_GET['level'] && $_GET['level'] == 2) {
$usersTitle = "Partners";
$usersLink = "?level=2";
}
?>
<span><a href="users.php<?php echo $usersLink; ?>">Manage <?php echo $usersTitle; ?></a></span>
</div>
</div>
<div class="content-outer">
<h2>Manage<strong>Users</strong></h2>
<div class="notification info">To find the user you are looking for faster, you can enter either a whole or partial username or email address into the search box below.</div>
<?php if (count($errors) > 0) { ?>
<div class="notification error"><?php echo implode('<br>', $errors); ?></div>
<?php } ?>
<?php if (count($messages) > 0) { ?>
<div class="notification success"><?php echo implode('<br>', $messages); ?></div>
<?php } ?>
<?php echo getMessages(); ?>
<div class="content-inner">
<form method="POST" action="" class="form" novalidate autocomplete="off">
<table class="pagetable">
<thead>
<tr>
<th colspan="2">Search Users</th>
</tr>
</thead>
<tbody>
<tr>
<td>Username/Email</td>
<td><input type="text" name="q" /></td>
</tr>
<tr class="item submit">
<td colspan="2">
<button type="submit" class="btn action-search">Search</button>
</td>
</tr>
</tbody>
</table>
</form>
<form method="POST" action="" class="form" novalidate autocomplete="off">
<table class="pagetable">
<thead>
<tr>
<th class="thumb">Username</th>
<th>Email Address</th>
<th></th>
<th style="width:50px">
<label for="check-select-all-1" class="checkbox">
<input type="checkbox" name="select_all" value="1" data-items="list[]" id="check-select-all-1">
<i></i>
</label>
</th>
</tr>
</thead>
<?php
$where = '';
if ($_POST['q'] != "") {
$q = mysqli_real_escape_string($dbconn, $_POST['q']);
$where .= "AND (`users`.`username` LIKE '%$q%' OR `users`.`email` LIKE '%$q%')";
}
if (is_numeric($_GET['level']) && $_GET['level'] == 3) {
$where .= "AND `users`.`is_admin` = 1";
}
$result = dbQuery("SELECT * FROM `users` WHERE 1=1 $where ORDER BY `users`.`username` ASC LIMIT $from,$max_results", false);
$total_results = dbValue("SELECT COUNT(*) AS `count` FROM users WHERE 1=1 $where", 'count');
$total_pages = ceil($total_results / $max_results);
?>
<tbody>
<?php if (!is_array($result) || count($result) == 0) { ?>
<tr><td colspan="4"><div class="notification alert">No users found</div></td></tr>
<?php } else { ?>
<?php foreach ($result as $row) { ?>
<tr>
<td><?php echo $row['username']; ?></td>
<td><?php echo $row['email']; ?></td>
<td class="options">
<a href='takeoverUser.php?id=<?php echo $row['record_num']; ?>' title="Login As User" class="btn btn-xs btn-success"><i class="ion ion-key icon-login-as"></i></a>
<a href='user_comments.php?id=<?php echo $row['record_num']; ?>' title="User Comments" class="btn btn-xs btn-seablue"><i class="ion ion-chatbox icon-comments"></i></a>
<a href='login_log.php?q=<?php echo $row['username']; ?>' title="User Login History" class="btn btn-xs btn-seablue"><i class="ion ion-calendar"></i></a>
<a href="edit_user.php?id=<?php echo $row['record_num']; ?>" title="Edit" class="btn btn-xs btn-orange"><i class="ion ion-edit icon-edit"></i></a>
</td>
<td>
<label class="checkbox">
<input type="checkbox" name="list[]" value="<?php echo $row['record_num']; ?>" id="ids-<?php echo $row['record_num']; ?>"><i></i>
</label>
</td>
</tr>
<?php } ?>
<?php } ?>
<tr class="item submit">
<td colspan="4">
<?php if (is_array($result) && count($result) > 0) { ?>
<div class="processing-option short">
<select name="action" data-items="list[]" data-select-toggle="action-submit" class="processing-option short">
<option value="delete">Delete</option>
<option value="block">Block</option>
<option value="unblock">Unblock</option>
<option value="verify">Verify</option>
</select>
</div>
<button type="submit" class="btn action-process">Process Selected</button>
<?php } ?>
</td>
</tr>
</tbody>
</table>
</form>
<div id="adminPagination"><?php echo showAdminPagination($total_pages); ?></div>
</div>
</div>
</div>
<?php require "footer.php"; ?>