1<?php 2require_once dirname(__FILE__).'/accesscheck.php'; 3 4if (isset($_GET['remember_find'])) { 5 $remember_find = (string) $_GET['remember_find']; 6} else { 7 $remember_find = ''; 8} 9 10$external = $require_login && !is_a($GLOBALS['admin_auth'], 'phpListAdminAuthentication'); 11$start = isset($_GET['start']) ? sprintf('%d', $_GET['start']) : 0; 12$listid = isset($_GET['id']) ? sprintf('%d', $_GET['id']) : 0; 13$find = isset($_REQUEST['find']) ? $_REQUEST['find'] : ''; 14 15if (!empty($find)) { 16 $remember_find = '&find='.urlencode($find); 17} else { 18 $remember_find = ''; 19} 20 21// with external admins we simply display information 22if ($external) { 23 $admins = $GLOBALS['admin_auth']->listAdmins(); 24 $total = count($admins); 25 $found = $total; 26 $ls = new WebblerListing(s('Administrators')); 27 foreach ($admins as $adminid => $adminname) { 28 $ls->addElement($adminname); //,PageUrl2("admin",s('Show'),"id=".$adminid)); 29 } 30 echo $ls->display(); 31 32 return; 33} 34 35echo '<div class="button">'.PageLink2('importadmin', s('Import list of admins')).'</div>'; 36echo '<div class="pull-right fright">'.PageLinkActionButton('admin', s('Add new admin'), "start=$start".$remember_find).'</div><div class="clearfix"></div>'; 37 38if (isset($_GET['delete']) && $_GET['delete']) { 39 // delete the index in delete 40 if ($_GET['delete'] == $_SESSION['logindetails']['id']) { 41 echo s('You cannot delete yourself')."\n"; 42 } else { 43 echo s('Deleting')." $delete ..\n"; 44 Sql_query(sprintf('delete from %s where id = %d', $GLOBALS['tables']['admin'], $_GET['delete'])); 45 Sql_query(sprintf('delete from %s where adminid = %d', $GLOBALS['tables']['admin_attribute'], 46 $_GET['delete'])); 47 Sql_query(sprintf('delete from %s where adminid = %d', $GLOBALS['tables']['admin_task'], $_GET['delete'])); 48 echo '..'.s('Done')."<br /><hr><br />\n"; 49 Redirect("admins&start=$start"); 50 } 51} 52 53ob_end_flush(); 54 55if (isset($add)) { 56 if (isset($new)) { 57 $query = 'insert into '.$tables['admin']." (email,entered) values(\"$new\",now())"; 58 $result = Sql_query($query); 59 $userid = Sql_insert_id(); 60 $query = 'insert into '.$tables['listuser']." (userid,listid,entered) values($userid,$id,now())"; 61 $result = Sql_query($query); 62 } 63 echo '<br/>'.s('Admin added').'<br/>'; 64} 65 66if (!$find) { 67 $result = Sql_query('SELECT count(*) FROM '.$tables['admin']); 68} else { 69 $result = Sql_query('SELECT count(*) FROM '.$tables['admin']." where loginname like \"%$find%\" or email like \"%$find%\""); 70} 71$totalres = Sql_fetch_Row($result); 72$total = $totalres[0]; 73 74echo '<p class="info">'.$total.' '.s('Administrators'); 75echo $find ? ' '.s('found').'</p>' : '</p>'; 76 77$paging = ''; 78$limit = ''; 79 80if ($total > MAX_USER_PP) { 81 $paging = simplePaging("admins$remember_find", $start, $total, MAX_USER_PP, s('Administrators')); 82 $limit = "limit $start,".MAX_USER_PP; 83} 84if ($find) { 85 $result = Sql_query('SELECT id,loginname,email, superuser, disabled FROM '.$tables['admin'].' where loginname like "%'.sql_escape($find).'%" or email like "%'.sql_escape($find)."%\" order by loginname $limit"); 86} else { 87 $result = Sql_query('SELECT id,loginname,email, superuser, disabled FROM '.$tables['admin']." order by loginname $limit"); 88} 89 90?> 91<table> 92 <tr> 93 <td colspan=4><?php echo formStart('action=""') ?><input type="hidden" name="id" value="<?php echo $listid ?>"> 94 <?php echo s('Find an admin') ?>: <input type=text name="find" 95 value="<?php echo htmlentities($find) ?>" 96 size="40"><input type="submit" 97 value="<?php echo s('Go') ?>"> 98 </form></td> 99 </tr> 100</table> 101<?php 102$ls = new WebblerListing(s('Administrators')); 103$ls->usePanel($paging); 104$ls->setElementHeading('Login name'); 105while ($admin = Sql_fetch_array($result)) { 106 $delete_url = sprintf("<a href=\"javascript:deleteRec('%s');\">".s('del').'</a>', 107 PageURL2('admins', 'Delete', "start=$start&delete=".$admin['id'])); 108 $ls->addElement(htmlentities($admin['loginname']), 109 PageUrl2('admin', s('Show'), "start=$start&id=".$admin['id'].$remember_find)); 110 $ls->addColumn($admin['loginname'], s('Id'), $admin['id']); 111 $ls->addColumn($admin['loginname'], s('email'), htmlspecialchars($admin['email'])); 112 $ls->addColumn($admin['loginname'], s('Super Admin'), $admin['superuser'] ? s('Yes') : s('No')); 113 $ls->addColumn($admin['loginname'], s('Disabled'), $admin['disabled'] ? s('Yes') : s('No')); 114 if ($_SESSION['logindetails']['superuser'] && $admin['id'] != $_SESSION['logindetails']['id']) { 115 $ls->addColumn($admin['loginname'], s('Del'), $delete_url); 116 } 117} 118echo $ls->display(); 119echo '<br/><hr class="hidden-lg hidden-md hidden-sm hidden-xs" />'; 120