<%
'#################################################################################
'## Copyright (C) 2003 Rick Eastes
'##
'## This program is free software; you can redistribute it and/or
'## modify it under the terms of the GNU General Public License
'## as published by the Free Software Foundation; either version 2
'## of the License, or any later version.
'##
'## All copyright notices regarding EzyEdit
'## must remain intact in the scripts and in the outputted HTML
'## The "powered by" text/logo with a link back to
'## http://www.ezyedit.com in the footer of the pages MUST
'## remain visible when the pages are viewed on the internet or intranet.
'##
'## This program is distributed in the hope that it will be useful,
'## but WITHOUT ANY WARRANTY; without even the implied warranty of
'## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
'## GNU General Public License for more details.
'##
'## You should have received a copy of the GNU General Public License
'## along with this program; if not, write to the Free Software
'## Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
'##
'## Support can be obtained from support forums at:
'## http://www.ezyedit.com/forum
'##
'## Correspondence and Marketing Questions can be sent to:
'## rick@ezyedit.com
'## 191 Dorville Rd Carseldine.
'## Brisbane, Australia. 4034
'##
'#################################################################################
response.buffer = true
permissions = "DENY$R$"
response.Expires = -1
pagename = "utilities/useradmin.asp"
%>
<!--#include file="../includes/inc_sha256.asp"-->
<!--#include file="../includes/inc_main.asp"-->
<script language=javascript>
var SelectedImageName;
var ImageLibWindow;
function insertImage()
{
ImageLibWindow = window.open('InplaceEdit/imageLib.asp','ImageLibrary','toolbar=no,width=600,height=400,directories=no,status=yes,resizable=yes,scrollbars=yes,menubar=no');
ImageLibWindow.location.href = 'imageLib.asp?init=true';
if (ImageLibWindow.opener == null) ImageLibWindow.opener = self;
if(SelectedImageName!=null)
{
document.frmUser.photo.value = SelectedImageName.slice(3);
}
}
function ConfirmDelete(formToSubmit)
{
if (window.confirm("Are you sure you wish to DELETE this User?\n"))
{
formToSubmit.submit();
}
}
function CheckPassword(frm){
if(frm.password.value != frm.confirmpassword.value){
alert('Your password and its confirmation do no match');
document.MM_returnValue = false;
frm.confirmpassword.select();
}
}
</script>
<%
message = request("message")
action = request("action")
menuid = request("id")
parentid = rsPage("parent")
'###############################################################
if (action="deleteDB") then
DeleteFromTable "tblUsers", "userid=" & request("thisuserid")
message= "User Deleted successfully"
DeleteCache
Response.Redirect "useradmin.asp?message=" & message
end if
'###############################################################
if (action="addDB") then
InsertIntoTable "tblUsers", _
"[password],email,groupid,username,photo", _
"'" & SHA256(request("password")) & "','" & request("email") & "'," & request("groupid") & ",'" & request("username") & "','" & request("photo") & "'"
message = "New User, <b>" & request("email") & "</b> added successfully."
DeleteCache
Response.Redirect "useradmin.asp?message=" & message
end if
'###############################################################
if (action="editDB") then
if(len(request("password"))>0)then
names = "[password],email,groupid,username,photo"
values = "'" & SHA256(request("password")) & "','" & request("email") & "'," & request("groupid") & ",'" & request("username") & "','" & request("photo") & "'"
else
names = "email,groupid,nickname,photo"
values = "'" & request("email") & "'," & request("groupid") & ",'" & request("username") & "','" & request("photo") & "'"
end if
UpdateTable "tblUsers",names,values,"userid=" & request("thisuserid")
message = "User, <b>" & request("email") & "</b> Updated successfully."
DeleteCache
Response.Redirect "useradmin.asp?message=" & message
end if
WriteHeader "",""%>
<!-- MAIN CONTENT -->
<table border=0 cellspacing=0 cellpadding=8 width=600>
<tr>
<td class=normal valign=top>
<%=message%>
</td>
</tr>
<tr>
<td class=normal valign=top>
<p>
<%
'###################################################################
if (action="newuser") then%>
<form name=frmUser method=post action=useradmin.asp>
<input type=hidden name=action value="addDB">
<table border=0 cellpadding=4 cellspacing=0>
<tr><td class=tableheader colspan=2 width=500>
<b>Please enter new user details<br></b>
Fields marked with a <b>*</b> are required.<br>
</td>
</tr>
<tr>
<td class=normal>
<b>Full Name</b> eg (Rick Eastes)<br>
</td>
<td class=normal>
<input type=text name=username class=textfield size=30 ID="Text1">
</td>
</tr>
<tr>
<td class=normal>
<b>*Valid Email</b> eg (rick@eastes.net)<br>
This will be used to login
</td>
<td class=normal>
<input type=text name=email class=textfield size=30>
</td>
</tr>
<tr>
<td class=normal>
<b>*Password</b> eg (mypassword)
</td>
<td class=normal>
<input type=password name=password class=textfield size=10>
</td>
</tr>
<tr>
<td class=normal>
<b>*Password Confirmation</b>
</td>
<td class=normal>
<input type=password name=confirmpassword class=textfield size=10>
</td>
</tr>
<tr>
<td class=normal>
<b>*Group</b><br>Which group will this user belong?
</td>
<td class=normal>
<select name="groupid" class="selectfield">
<% WriteDropDown "tblGroups","name","groupid","","" %>
</select>
</td>
</tr>
<tr><td colspan=2 class=normal>
<br><b>Photo</b> (please keep to minimal size and dimensions)
</td></tr>
<tr><td colspan=2 class=normal>
<input type=text name=photo class=textfield> <input type=button onClick=insertImage() class=smallbutton value="Select Photo" id=button1 name=button1><br><br>
</td></tr>
<tr><td colspan=2 class=normal>
<br>
<input type=button value="Cancel" onClick="location.href='useradmin.asp'">
<input type=submit value="Add User >>" id=submit1 name=submit1 onClick="MM_validateForm('username','','R','password','','R','confirmpassword','','R','email','','RisEmail');CheckPassword(document.frmUser); return document.MM_returnValue;">
</td></tr>
</table>
</form>
<%
'###################################################################
elseif (action="edituser") then
set rsUsers = db.execute("SELECT * FROM tblUsers WHERE userid = " & request("thisuserid"))
%>
<form name=frmUser method=post action=useradmin.asp>
<input type=hidden name=action value="editDB">
<input type=hidden name=thisuserid value="<%=request("thisuserid")%>">
<table border=0 cellpadding=4 cellspacing=0>
<tr><td class=tableheader colspan=2 width=500>
<b>Update details<br></b>
Fields marked with a <b>*</b> are required.<br>
</td>
</tr>
<tr>
<td class=normal>
<b>Full Name</b> eg (Rick Eastes)<br>
</td>
<td class=normal>
<input type=text name=username class=textfield size=30 value="<%=rsUsers("username")%>" ID="Text2">
</td>
</tr>
<tr>
<td class=normal>
<b>*Valid Email</b> eg (rick@eastes.net)<br>
This will be used to login
</td>
<td class=normal>
<input type=text name=email class=textfield size=30 value="<%=rsUsers("email")%>">
</td>
</tr>
<tr>
<td class=normal>
<b>New Password</b> eg (secret)
</td>
<td class=normal>
<input type=text name=password class=textfield size=10>
</td>
</tr>
<tr>
<td class=normal>
<b>Confirm New Password</b>
</td>
<td class=normal>
<input type=text name=confirmpassword class=textfield size=10>
</td>
</tr>
<tr>
<td class=normal>
<b>*Group</b><br>Which group does this user belong?
</td>
<td class=normal>
<select name="groupid" class="selectfield">
<% WriteDropDown "tblGroups","name","groupid",rsUsers("groupid"),"" %>
</select>
</td>
</tr>
<tr><td colspan=2 class=normal>
<br><b>Photo</b> (please keep to minimal size and dimensions)
</td></tr>
<tr><td colspan=2 class=normal>
<input type=text name=photo class=textfield value="<%=rsUsers("photo")%>"> <input type=button onClick=insertImage() class=smallbutton value="Select Photo"><br><br>
</td></tr>
<tr><td colspan=2 class=normal>
<br>
<input type=button value="Cancel" onClick="location.href='useradmin.asp'" id=button2 name=button2>
<input type=submit value="Update User >>" name=submit1 onClick="MM_validateForm('username','','R','email','','RisEmail');CheckPassword(document.frmUser); return document.MM_returnValue; ">
</td></tr>
</table></form>
<%
rsUsers.close
set rsUsers = nothing
else
'show list of users.
set rsUsers = db.execute("SELECT * FROM tblUsers")
Response.Write "<table border=0 cellpadding=4 cellspacing=1 width=550><tr><td class=tableheader colspan=7><img src=""" & site & "gfx/icon-user.gif"" align=absmiddle hspace=3><B><font size=3>User Administration</b> <br><input type=button value='Create New User' class=smallbutton onClick=location.href='useradmin.asp?action=newuser'></td></tr>"
%>
<form name="frmUser" action="useradmin.asp" method=post>
<input type=hidden name=thisuserid value="">
<input type=hidden name=action value="">
<td class=tableheader>Photo</td>
<td class=tableheader>User Name</td>
<td class=tableheader>Email</td>
<td class=tableheader>Group</td>
<td class=tableheader>Date Created</td>
<td class=tableheader>Edit</td>
<td class=tableheader>Delete</td>
</tr>
<%
while(not rsUsers.EOF and not rsUsers.BOF)
%>
<tr>
<td class=normal><%if( len(rsUsers("photo")) > 0 )then
Response.Write "<a href=""../" & rsUsers("photo") & """><img src=""../" & rsUsers("photo") & """ border=0 width=32 height=32></a>"
else
Response.Write "<img src=""../gfx/unknown.gif"" border=0 width=32 height=32>"
end if
%></td>
<td class=normal><%=rsUsers("username")%></td>
<td class=normal><a href="mailto:<%=rsUsers("email")%>"><%=rsUsers("email")%></a></td>
<td class=normal><%=GetData("tblGroups","name","groupid = " & rsUsers("groupid"))%></td>
<td class=normal><%=FormatDate(rsUsers("dtCreated"))%></td>
<td class=normal>
<a href="javascript:document.frmUser.thisuserid.value='<%=rsUsers("userid") %>';document.frmUser.action.value='edituser';document.frmUser.submit();" class=linkdark><img src="../gfx\icon-edit.gif" border=0 align=top></a>
</td>
<td class=normal>
<a href="javascript:document.frmUser.thisuserid.value='<%=rsUsers("userid") %>';document.frmUser.action.value='deleteDB';ConfirmDelete(document.frmUser);" class=linkdark><img src="../gfx\icon-delete.gif" border=0 align=top></a>
</td>
</tr>
<%
rsUsers.movenext
wend
rsUsers.Close()
set rsUsers = nothing
response.Write "<tr><td class=tableheader colspan=7><input type=button value='Create New User' class=smallbutton onClick=location.href='useradmin.asp?action=newuser'></td></tr>"
response.Write "</table>"
end if %>
</form>
</td></tr></table>
<% WriteFooter "", rsPage("count")
set rsPage = nothing
%>