Your IP : 216.73.216.40
Please furnish these information in order to host user's profile on this website. User must be assigned a specific role.
<?php
$tbl = 'webusers';
$roles = array('user','webmaster','guest');
$rowid = $_REQUEST['rowid'];
$userid = $_REQUEST['userid'];
$passwd = $_POST['passwd'];
$fullname = htmlsafe($_POST['fullname']);
$email = htmlsafe($_POST['email']);
$contact = htmlsafe($_POST['contact']);
$roll = $_POST['role'];
$status = $_POST['status'];
$submit = $_POST['submit'];
$statuss = array('online','offline');
switch ($submit) {
case "SAVE":
if (mysql_num_rows(mysql_query("select * from $tbl where webid='$webid' and userid='$userid'"))) {
if ($passwd) mysql_query("update $tbl set passwd=password('$passwd') where userid='$userid'");
mysql_query("update $tbl set fullname='$fullname',contact='$contact',email='$email',role='$roll',status='$status'
where webid='$webid' and userid='$userid'");
} else {
mysql_query("insert into $tbl(webid,userid,passwd,fullname,contact,email,role,status)
values('$webid','$userid',password('$passwd'),'$fullname','$contact','$email','$roll','online')");
}
$tbl = 'webpages';
if (mysql_num_rows(mysql_query("select * from $tbl where webid='$webid' and hypertext='$userid'"))) {
mysql_query("update $tbl set pagetitle='Profile of $fullname',status='$status',dateupdation=now()
where webid='$webid' and hypertext='$userid'");
} else {
mysql_query("insert into $tbl(webid,hypertext,parentid,pagetitle,keywords,status,datecreation,dateupdation)
values('$webid','$userid',99997,'Profile of $fullname','$fullname, $email','online',now(),now())");
}
break;
case 'DELETE':
mysql_query("delete from $tbl where webid='$webid' and userid='$userid'");
break;
}
$tbl = 'webusers';
if ($role == 'admin') {
echo "<table><tr><td>Select User<br>
<select name='userid' style='width: 200px' onchange=\"document.location.href='$PHP_SELF?conf=$conf&userid='+this.value\">
<option value=''>New</option>";
$rs = mysql_query("select * from $tbl where webid='$webid' order by userid");
while ($o = mysql_fetch_object($rs)) {
echo "<option value='$o->userid'";
if ($userid == $o->userid) echo " selected";
echo ">$o->userid</option>";
}
echo "</select></td>
<td>User Role<br><select name='role' style='width: 200px'>";
foreach ($roles as $rl){
echo "<option value='$rl'";
if ($rl == $roll) echo " selected";
echo ">$rl</option>";
}
echo "</select></td></tr></table>";
$rs = mysql_query("select * from $tbl where webid='$webid' and userid='$userid'");
} else if ($role == 'user') {
$rs = mysql_query("select * from $tbl where webid='$webid' and userid='$user'");
}
if ($rs) {
$o = mysql_fetch_object($rs);
$rowid = $o->rowid;
$passwd = $o->passwd;
$fullname = $o->fullname;
$email = $o->email;
$contact = $o->contact;
}
echo "<table>
<tr><td>User ID *</td><td><input type='text' name='userid' value='$userid' size='60'";
if ($userid) echo ' readonly';
echo "></td></tr>
<tr><td>Password *</td><td><input type='password' name='passwd' value='' size='60'></td></tr>
<tr><td>Fullname *</td><td><input type='text' name='fullname' value='$fullname' size='60'></td></tr>
<tr><td>Email *</td><td><input type='text' name='email' value='$email' size='60'></td></tr>
<tr valign='top'><td>Contact </td><td><textarea name='contact' rows='3' cols='50'>$contact</textarea></td></tr>
<tr><td>Status</td><td><select name='status' style='width: 200px'>";
foreach ($statuss as $st) {
echo "<option value='$st'";
if ($status == $st) echo ' selected';
echo ">$st</option>";
}
echo "</select> Offline users will not be able to log into the site.</td></tr>
<tr><td></td><td><input type='submit' name='submit' value='SAVE' style='width: 80px'> ";
if ($userid) {
echo "<input type='submit' name='submit' value='DELETE' style='width: 80px'> ";
$tbl = 'webpages';
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext='$userid'");
if (mysql_num_rows($rs1)) {
$q = mysql_fetch_object($rs1);
$rowid=$q->rowid;
}
$rs1 = mysql_query("select * from $tbl where pagecontent like 'webpages%'");
if ($rs1) {
$q = mysql_fetch_object($rs1);
echo "<a href='admin.php?conf=$q->rowid&rowid=$rowid'>Edit Profile</a>";
}
}
echo "</td></tr></table>";
?>