Your IP : 216.73.216.40

Current Path : /var/www/html/mmishra/irp/istore/admin/
Upload File :
Current File : /var/www/html/mmishra/irp/istore/admin/webusers.inc

<h3 align='left'>Web users</h3>

<?php

$tbl = 'webusers';
$userid = $_POST["userid"];

if ($_POST["submit"] == 'SAVE') {
	
	$role = $_POST["role"];
	$accessto = " ";
	foreach ($_POST["accessto"] as $priv)
    		$accessto .= $priv .',';

	$accessto = substr($accessto,0,strlen($accessto)-1);
	$email = $_POST["email"];
	
	if (mysql_num_rows(mysql_query("select * from $tbl where userid='$userid'"))) {
		mysql_query("update $tbl set role='$role',accessto='$accessto',
		email='$email' where userid='$userid'");
	} else {
		mysql_query("insert into $tbl(userid,role,accessto,email,datecreation) 
		values('$userid','$role','$accessto','$email',now())");
	}

} else if ($_POST["submit"] == 'DELETE') {
	mysql_query("delete from $tbl where userid='$userid'");

}

$rs = mysql_query("select userid,role,email,accessto,datecreation from $tbl order by role");
if ($rs) {
        $colHeads = mysql_num_fields($rs);

        echo "<table border='1' width='100%'>\n<tr>";

        for ($i=0; $i < $colHeads; $i++) { // Header
                $fld = ucwords(str_replace("_"," ",mysql_field_name($rs, $i)));
                echo "<th>$fld</th>";
        }

        echo "</tr>\n";

        while ($row = mysql_fetch_row($rs)) { //data
                echo '<tr><td>'.implode($row,'</td><td>')."</td></tr>\n";
        }

        echo "</table>\n";
} else {
        echo "Sorry";
}
?>

<table>
<tr><td>User ID</td>
<td><input type='text' name='userid' value='<?php echo $userid; ?>' size='35'></td>
<td><input type='submit' name='submit' value='FIND'></td></tr>

<?php
if ($_POST["submit"] == 'FIND') {

	$rs = mysql_query("select * from $tbl where userid='$userid'");
	while ($o = mysql_fetch_object($rs)) {
		$role = $o->role;
		$accessto = $o->accessto;
		$email = $o->email;
	}
        echo "<tr><td>Role</td>
        <td><input type='text' name='role' value='$role' size='35'></td></tr>";

	$sr = mysql_query("select * from students");
	$colHeads = mysql_num_fields($sr);
	$fld1 = "<option value=''>select multiple</option>";	
        for ($i=0; $i < $colHeads; $i++) { // Header
                $fld = mysql_field_name($sr, $i);
                $fld1 .= "<option value='$fld'";
		if (strpos($accessto, $fld)) $fld1 .= ' selected';
		$fld1 .= ">$fld</option>";
        }

        echo "<tr><td>AccessTo</td>
        <td><select name='accessto[]' multiple style='width:250'>$fld1</select></td></tr>";

        echo "<tr><td>Email</td>
        <td><input type='text' name='email' value='$email' size='35'></td></tr>";
        
	echo "<tr><th colspan='2'>
        <input type='submit' name='submit' value='SAVE'>
        <input type='submit' name='submit' value='DELETE'>
        </th></tr>";

}
?>

</table>