Execute($check_email_query); while ($check_email = $check_email_result->fields) { $stored_email[] = $check_email['admin_email_address']; // Move that ADOdb pointer! $check_email_result->MoveNext(); } if (in_array($_POST['admin_email_address'], $stored_email)) { oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'page=' . $nPage . 'mID=' . $_GET['mID'] . '&error=email&action=new_member')); } else { $newpass = oos_create_random_value(ENTRY_PASSWORD_MIN_LENGTH); $crypted_password = oos_encrypt_password($newpass); $sql_data_array = array('admin_groups_id' => oos_db_prepare_input($_POST['admin_groups_id']), 'admin_firstname' => oos_db_prepare_input($_POST['admin_firstname']), 'admin_lastname' => oos_db_prepare_input($_POST['admin_lastname']), 'admin_email_address' => oos_db_prepare_input($_POST['admin_email_address']), 'admin_password' => $crypted_password, 'admin_created' => 'now()'); oos_db_perform($oostable['admin'], $sql_data_array); $admin_id = $dbconn->Insert_ID(); oos_mail($_POST['admin_firstname'] . ' ' . $_POST['admin_lastname'], $_POST['admin_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $_POST['admin_firstname'], OOS_HTTPS_SERVER . OOS_SHOP . OOS_ADMIN, $_POST['admin_email_address'], $newpass, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'page=' . $nPage . '&mID=' . $admin_id)); } break; case 'member_edit': $admin_id = oos_db_prepare_input($_POST['admin_id']); $hiddenPassword = '-hidden-'; $stored_email[] = 'NONE'; $admintable = $oostable['admin']; $check_email_query = "SELECT admin_email_address FROM $admintable WHERE admin_id <> " . $admin_id . ""; $check_email_result = $dbconn->Execute($check_email_query); while ($check_email = $check_email_result->fields) { $stored_email[] = $check_email['admin_email_address']; // Move that ADOdb pointer! $check_email_result->MoveNext(); } if (in_array($_POST['admin_email_address'], $stored_email)) { oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'page=' . $nPage . 'mID=' . $_GET['mID'] . '&error=email&action=edit_member')); } else { $sql_data_array = array('admin_groups_id' => oos_db_prepare_input($_POST['admin_groups_id']), 'admin_firstname' => oos_db_prepare_input($_POST['admin_firstname']), 'admin_lastname' => oos_db_prepare_input($_POST['admin_lastname']), 'admin_email_address' => oos_db_prepare_input($_POST['admin_email_address']), 'admin_modified' => 'now()'); oos_db_perform($oostable['admin'], $sql_data_array, 'UPDATE', 'admin_id = \'' . $admin_id . '\''); oos_mail($_POST['admin_firstname'] . ' ' . $_POST['admin_lastname'], $_POST['admin_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $_POST['admin_firstname'], OOS_HTTPS_SERVER . OOS_SHOP . OOS_ADMIN, $_POST['admin_email_address'], $hiddenPassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'page=' . $nPage . '&mID=' . $admin_id)); } break; case 'member_delete': $admin_id = oos_db_prepare_input($_POST['admin_id']); $query = "DELETE FROM ". $oostable['admin'] . " WHERE admin_id = '" . intval($admin_id) . "'"; $dbconn->Execute($query); oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'page=' . $nPage)); break; case 'group_define': $selected_checkbox = oos_db_prepare_input($_POST['groups_to_boxes']); $admin_filestable = $oostable['admin_files']; $define_files_query = "SELECT admin_files_id FROM $admin_filestable ORDER BY admin_files_id"; $define_files_result = $dbconn->Execute($define_files_query); while ($define_files = $define_files_result->fields) { $admin_files_id = $define_files['admin_files_id']; if (in_array ($admin_files_id, $selected_checkbox)) { $sql_data_array = array('admin_groups_id' => oos_db_prepare_input($_POST['checked_' . $admin_files_id])); } else { $sql_data_array = array('admin_groups_id' => oos_db_prepare_input($_POST['unchecked_' . $admin_files_id])); } oos_db_perform($oostable['admin_files'], $sql_data_array, 'UPDATE', 'admin_files_id = \'' . $admin_files_id . '\''); // Move that ADOdb pointer! $define_files_result->MoveNext(); } oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'gID=' . $_POST['admin_groups_id'])); break; case 'group_delete': $set_groups_id = oos_db_prepare_input($_POST['set_groups_id']); $admin_groupstable = $oostable['admin_groups']; $query = "DELETE FROM $admin_groupstable WHERE admin_groups_id = '" . intval($_GET['gID']) . "'"; $dbconn->Execute($query); $admin_filestable = $oostable['admin_files']; $query = "alter table $admin_filestable change admin_groups_id admin_groups_id set( " . oos_db_input($set_groups_id) . " ) NOT NULL DEFAULT '1' "; $dbconn->Execute($query); $admintable = $oostable['admin']; $query = "DELETE FROM $admintable WHERE admin_groups_id = '" . intval($_GET['gID']) . "'"; $dbconn->Execute($query); oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'gID=groups')); break; case 'group_edit': $admin_groups_name = ucwords(strtolower(oos_db_prepare_input($_POST['admin_groups_name']))); $name_replace = preg_replace ("/ /", "%", $admin_groups_name); if (($admin_groups_name == '' || NULL) || (strlen($admin_groups_name) <= 5) ) { oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'gID=' . $_GET[gID] . '&gName=false&action=action=edit_group')); } else { $admin_groupstable = $oostable['admin_groups']; $check_groups_name_query = "SELECT admin_groups_name as group_name_edit FROM $admin_groupstable WHERE admin_groups_id <> " . intval($_GET['gID']) . " and admin_groups_name like '%" . oos_db_input($name_replace) . "%'"; $check_groups_name_result = $dbconn->Execute($check_groups_name_query); $check_duplicate = $check_groups_name_result->RecordCount(); if ($check_duplicate > 0){ oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'gID=' . $_GET['gID'] . '&gName=used&action=edit_group')); } else { $admin_groups_id = $_GET['gID']; $query = "UPDATE " . $oostable['admin_groups'] . " SET admin_groups_name = '" . oos_db_input($admin_groups_name) . "' WHERE admin_groups_id = '" . intval($admin_groups_id) . "'"; $dbconn->Execute($query); oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'gID=' . $admin_groups_id)); } } break; case 'group_new': $admin_groups_name = ucwords(strtolower(oos_db_prepare_input($_POST['admin_groups_name']))); $name_replace = preg_replace ("/ /", "%", $admin_groups_name); if (($admin_groups_name == '' || NULL) || (strlen($admin_groups_name) <= 5) ) { oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'gID=' . $_GET[gID] . '&gName=false&action=new_group')); } else { $check_groups_name_query = "SELECT admin_groups_name as group_name_new FROM ". $oostable['admin_groups'] . " WHERE admin_groups_name like '%" . oos_db_input($name_replace) . "%'"; $check_groups_name_result = $dbconn->Execute($check_groups_name_query); $check_duplicate = $check_groups_name_result->RecordCount(); if ($check_duplicate > 0){ oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'gID=' . $_GET['gID'] . '&gName=used&action=new_group')); } else { $sql_data_array = array('admin_groups_name' => $admin_groups_name); oos_db_perform($oostable['admin_groups'], $sql_data_array); $admin_groups_id = $dbconn->Insert_ID(); $set_groups_id = oos_db_prepare_input($_POST['set_groups_id']); $add_group_id = $set_groups_id . ',\'' . $admin_groups_id . '\''; $query = "alter table " . $oostable['admin_files'] . " change admin_groups_id admin_groups_id set( " . oos_db_input($add_group_id) . ") NOT NULL DEFAULT '1' "; $dbconn->Execute($query); oos_redirect_admin(oos_href_link_admin($aContents['admin_members'], 'gID=' . $admin_groups_id)); } } break; } } require 'includes/header.php'; require 'includes/account_check.js.php'; ?>

  1. ' . HEADER_TITLE_TOP . ''; ?>
  2. ' . BOX_HEADING_ADMINISTRATOR . ''; ?>
'' . TEXT_INFO_HEADING_NEW . ''); $contents = array('form' => oos_draw_form('id', 'newmember', $aContents['admin_members'], 'action=member_new&page=' . $nPage, 'post', FALSE, 'enctype="multipart/form-data"')); if ($_GET['error']) { $contents[] = array('text' => TEXT_INFO_ERROR); } $contents[] = array('text' => '
 ' . TEXT_INFO_FIRSTNAME . '
 ' . oos_draw_input_field('admin_firstname')); $contents[] = array('text' => '
 ' . TEXT_INFO_LASTNAME . '
 ' . oos_draw_input_field('admin_lastname')); $contents[] = array('text' => '
 ' . TEXT_INFO_EMAIL . '
 ' . oos_draw_input_field('admin_email_address')); $groups_array = array(); $groups_array = array(array('id' => '0', 'text' => TEXT_NONE)); $groups_query = "SELECT admin_groups_id, admin_groups_name FROM ". $oostable['admin_groups']; $groups_result = $dbconn->Execute($groups_query); while ($groups = $groups_result->fields) { $groups_array[] = array('id' => $groups['admin_groups_id'], 'text' => $groups['admin_groups_name']); // Move that ADOdb pointer! $groups_result->MoveNext(); } $contents[] = array('text' => '
 ' . TEXT_INFO_GROUP . '
 ' . oos_draw_pull_down_menu('admin_groups_id', $groups_array, '0')); $contents[] = array('align' => 'center', 'text' => '
' . oos_submit_button(BUTTON_INSERT) . ' ' . BUTTON_CANCEL . ''); break; case 'edit_member': $heading[] = array('text' => '' . TEXT_INFO_HEADING_NEW . ''); $contents = array('form' => oos_draw_form('id', 'newmember', $aContents['admin_members'], 'action=member_edit&page=' . $nPage . '&mID=' . $_GET['mID'], 'post', FALSE, 'enctype="multipart/form-data"')); if ($_GET['error']) { $contents[] = array('text' => TEXT_INFO_ERROR); } $contents[] = array('text' => oos_draw_hidden_field('admin_id', $mInfo->admin_id)); $contents[] = array('text' => '
 ' . TEXT_INFO_FIRSTNAME . '
 ' . oos_draw_input_field('admin_firstname', $mInfo->admin_firstname)); $contents[] = array('text' => '
 ' . TEXT_INFO_LASTNAME . '
 ' . oos_draw_input_field('admin_lastname', $mInfo->admin_lastname)); $contents[] = array('text' => '
 ' . TEXT_INFO_EMAIL . '
 ' . oos_draw_input_field('admin_email_address', $mInfo->admin_email_address)); if ($mInfo->admin_id == 1) { $contents[] = array('text' => oos_draw_hidden_field('admin_groups_id', $mInfo->admin_groups_id)); } else { $groups_array = array(); $groups_array = array(array('id' => '0', 'text' => TEXT_NONE)); $groups_query = "SELECT admin_groups_id, admin_groups_name FROM ". $oostable['admin_groups']; $groups_result = $dbconn->Execute($groups_query); while ($groups = $groups_result->fields) { $groups_array[] = array('id' => $groups['admin_groups_id'], 'text' => $groups['admin_groups_name']); // Move that ADOdb pointer! $groups_result->MoveNext(); } $contents[] = array('text' => '
 ' . TEXT_INFO_GROUP . '
 ' . oos_draw_pull_down_menu('admin_groups_id', $groups_array, $mInfo->admin_groups_id)); } $contents[] = array('align' => 'center', 'text' => '
' . oos_submit_button(BUTTON_INSERT) . ' ' . BUTTON_CANCEL . ''); break; case 'del_member': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DELETE . ''); if ($mInfo->admin_id == 1 || $mInfo->admin_email_address == STORE_OWNER_EMAIL_ADDRESS) { $contents[] = array('align' => 'center', 'text' => '
' . oos_button(IMAGE_BACK) . '
 '); } else { $contents = array('form' => oos_draw_form('id', 'edit', $aContents['admin_members'], 'action=member_delete&page=' . $nPage . '&mID=' . $admin['admin_id'], 'post', FALSE, 'enctype="multipart/form-data"')); $contents[] = array('text' => oos_draw_hidden_field('admin_id', $mInfo->admin_id)); $contents[] = array('align' => 'center', 'text' => sprintf(TEXT_INFO_DELETE_INTRO, $mInfo->admin_firstname . ' ' . $mInfo->admin_lastname)); $contents[] = array('align' => 'center', 'text' => '
' . oos_submit_button(BUTTON_DELETE) . ' ' . BUTTON_CANCEL . ''); } break; case 'new_group': $heading[] = array('text' => '' . TEXT_INFO_HEADING_GROUPS . ''); $contents = array('form' => oos_draw_form('id', 'new_group', $aContents['admin_members'], 'action=group_new&gID=' . $gInfo->admin_groups_id, 'post', FALSE, 'enctype="multipart/form-data"')); if ($_GET['gName'] == 'false') { $contents[] = array('text' => TEXT_INFO_GROUPS_NAME_FALSE . '
 '); } elseif ($_GET['gName'] == 'used') { $contents[] = array('text' => TEXT_INFO_GROUPS_NAME_USED . '
 '); } $contents[] = array('text' => oos_draw_hidden_field('set_groups_id', substr($add_groups_prepare, 4)) ); $contents[] = array('text' => TEXT_INFO_GROUPS_NAME . '
'); $contents[] = array('align' => 'center', 'text' => oos_draw_input_field('admin_groups_name')); $contents[] = array('align' => 'center', 'text' => '
' . BUTTON_CANCEL . '' . oos_submit_button(IMAGE_NEXT) ); break; case 'edit_group': $heading[] = array('text' => '' . TEXT_INFO_HEADING_EDIT_GROUP . ''); $contents = array('form' => oos_draw_form('id', 'edit_group', $aContents['admin_members'], 'action=group_edit&gID=' . $_GET['gID'], 'post', FALSE, 'enctype="multipart/form-data"')); if ($_GET['gName'] == 'false') { $contents[] = array('text' => TEXT_INFO_GROUPS_NAME_FALSE . '
 '); } elseif ($_GET['gName'] == 'used') { $contents[] = array('text' => TEXT_INFO_GROUPS_NAME_USED . '
 '); } $contents[] = array('align' => 'center', 'text' => TEXT_INFO_EDIT_GROUP_INTRO . '
 
' . oos_draw_input_field('admin_groups_name', $gInfo->admin_groups_name)); $contents[] = array('align' => 'center', 'text' => '
' . oos_submit_button(IMAGE_SAVE) . ' ' . BUTTON_CANCEL . ''); break; case 'del_group': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DELETE_GROUPS . ''); $contents = array('form' => oos_draw_form('id', 'delete_group', $aContents['admin_members'], 'action=group_delete&gID=' . $gInfo->admin_groups_id, 'post', FALSE, 'enctype="multipart/form-data"')); if ($gInfo->admin_groups_id == 1) { $contents[] = array('align' => 'center', 'text' => sprintf(TEXT_INFO_DELETE_GROUPS_INTRO_NOT, $gInfo->admin_groups_name)); $contents[] = array('align' => 'center', 'text' => '
' . oos_button(IMAGE_BACK) . '
 '); } else { $contents[] = array('text' => oos_draw_hidden_field('set_groups_id', substr($del_groups_prepare, 4)) ); $contents[] = array('align' => 'center', 'text' => sprintf(TEXT_INFO_DELETE_GROUPS_INTRO, $gInfo->admin_groups_name)); $contents[] = array('align' => 'center', 'text' => '
' . oos_submit_button(BUTTON_DELETE) . ' ' . BUTTON_CANCEL . '
 '); } break; case 'define_group': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DEFINE . ''); $contents[] = array('text' => sprintf(TEXT_INFO_DEFINE_INTRO, $group_name['admin_groups_name'])); if ($_GET['gPath'] == 1) { $contents[] = array('align' => 'center', 'text' => '' . BUTTON_CANCEL . '
'); } break; case 'show_group': $heading[] = array('text' => '' . TEXT_INFO_HEADING_EDIT_GROUP . ''); $check_email_query = "SELECT admin_email_address FROM ". $oostable['admin'] . ""; $check_email_result = $dbconn->Execute($check_email_query); //$stored_email[]; while ($check_email = $check_email_result->fields) { $stored_email[] = $check_email['admin_email_address']; // Move that ADOdb pointer! $check_email_result->MoveNext(); } if (in_array($_POST['admin_email_address'], $stored_email)) { $checkEmail = "true"; } else { $checkEmail = "false"; } $contents = array('form' => oos_draw_form('id', 'show_group', $aContents['admin_members'], 'action=show_group&gID=groups', 'post', FALSE, 'enctype="multipart/form-data"')); $contents[] = array('text' => $define_files['admin_files_name'] . oos_draw_input_field('level_edit', $checkEmail)); break; default: if (isset($mInfo) && is_object($mInfo)) { $heading[] = array('text' => ' ' . TEXT_INFO_HEADING_DEFAULT . ''); $contents[] = array('align' => 'center', 'text' => '' . oos_button(BUTTON_EDIT) . '' . oos_button(BUTTON_DELETE) . '
 '); $contents[] = array('text' => ' ' . TEXT_INFO_FULLNAME . '
 ' . $mInfo->admin_firstname . ' ' . $mInfo->admin_lastname); $contents[] = array('text' => ' ' . TEXT_INFO_EMAIL . '
 ' . $mInfo->admin_email_address); $contents[] = array('text' => ' ' . TEXT_INFO_GROUP . '' . $mInfo->admin_groups_name); $contents[] = array('text' => ' ' . TEXT_INFO_CREATED . '
 ' . $mInfo->admin_created); $contents[] = array('text' => ' ' . TEXT_INFO_MODIFIED . '
 ' . $mInfo->admin_modified); $contents[] = array('text' => ' ' . TEXT_INFO_LOGDATE . '
 ' . $mInfo->admin_logdate); $contents[] = array('text' => ' ' . TEXT_INFO_LOGNUM . '' . $mInfo->admin_lognum); $contents[] = array('text' => '
'); } elseif (isset($gInfo) && is_object($gInfo)) { $heading[] = array('text' => ' ' . TEXT_INFO_HEADING_DEFAULT_GROUPS . ''); $contents[] = array('align' => 'center', 'text' => '' . oos_button(IMAGE_FILE_PERMISSION) . '' . oos_button(BUTTON_EDIT) . '' . oos_button(BUTTON_DELETE) . ''); $contents[] = array('text' => '
' . TEXT_INFO_DEFAULT_GROUPS_INTRO . '
 '); } } if ( (oos_is_not_null($heading)) && (oos_is_not_null($contents)) ) { ?>
GetRow($group_name_query); if ($_GET['gPath'] == 1) { echo oos_draw_form('id', 'defineForm', $aContents['admin_members'], 'gID=' . $_GET['gPath'], 'post', FALSE); } elseif ($_GET['gPath'] != 1) { echo oos_draw_form('id', 'defineForm', $aContents['admin_members'], 'gID=' . $_GET['gPath'] . '&action=group_define', 'post', FALSE, 'enctype="multipart/form-data"'); echo oos_draw_hidden_field('admin_groups_id', $_GET['gPath']); } ?> Execute($db_boxes_query); while ($group_boxes = $db_boxes_result->fields) { $admin_filestable = $oostable['admin_files']; $group_boxes_files_query = "SELECT admin_files_id, admin_files_name, admin_groups_id FROM $admin_filestable WHERE admin_files_is_boxes = '0' and admin_files_to_boxes = '" . intval($group_boxes['admin_boxes_id']) . "' ORDER BY admin_files_name"; $group_boxes_files_result = $dbconn->Execute($group_boxes_files_query); $selectedGroups = $group_boxes['boxes_group_id']; $groupsArray = explode(",", $selectedGroups); if (in_array($_GET['gPath'], $groupsArray)) { $del_boxes = array($_GET['gPath']); $result = array_diff ($groupsArray, $del_boxes); sort($result); $checkedBox = $selectedGroups; $uncheckedBox = implode (",", $result); $checked = true; } else { $add_boxes = array($_GET['gPath']); $result = array_merge ($add_boxes, $groupsArray); sort($result); $checkedBox = implode (",", $result); $uncheckedBox = $selectedGroups; $checked = false; } ?> MoveNext(); } ?>
 
  fields) { $selectedGroups = $group_boxes_files['admin_groups_id']; $groupsArray = explode(",", $selectedGroups); if (in_array($_GET['gPath'], $groupsArray)) { $del_boxes = array($_GET['gPath']); $result = array_diff ($groupsArray, $del_boxes); sort($result); $checkedBox = $selectedGroups; $uncheckedBox = implode (",", $result); $checked = true; } else { $add_boxes = array($_GET['gPath']); $result = array_merge ($add_boxes, $groupsArray); sort($result); $checkedBox = implode (",", $result); $uncheckedBox = $selectedGroups; $checked = false; } ?> MoveNext(); } ?>
' . BUTTON_CANCEL . '' . oos_submit_button(BUTTON_INSERT); } else { echo oos_submit_button('back', IMAGE_BACK); } ?> 
Execute($db_groups_query); $add_groups_prepare = '\'0\'' ; $del_groups_prepare = '\'0\'' ; $count_groups = 0; while ($groups = $db_groups_result->fields) { $add_groups_prepare .= ',\'' . $groups['admin_groups_id'] . '\'' ; if (((!$_GET['gID']) || ($_GET['gID'] == $groups['admin_groups_id']) || ($_GET['gID'] == 'groups')) && (!$gInfo) ) { $gInfo = new objectInfo($groups); } if (isset($gInfo) && is_object($gInfo) && ($groups['admin_groups_id'] == $gInfo->admin_groups_id) ) { echo ' ' . "\n"; } else { echo ' ' . "\n"; $del_groups_prepare .= ',\'' . $groups['admin_groups_id'] . '\'' ; } ?> MoveNext(); } ?>
   
  admin_groups_id) ) { echo ''; } else { echo ''; } ?> 
' . oos_button(IMAGE_BACK) . ' ' . oos_button(IMAGE_NEW_GROUP) . ''; ?> 
Execute($db_admin_result_raw); while ($admin = $db_admin_result->fields) { $admin_group_query = "SELECT admin_groups_name FROM ". $oostable['admin_groups'] . " WHERE admin_groups_id = '" . intval($admin['admin_groups_id']) . "'"; $admin_group_result = $dbconn->Execute($admin_group_query); $admin_group = $admin_group_result->fields; if ((!isset($_GET['mID']) || (isset($_GET['mID']) && ($_GET['mID'] == $admin['admin_id']))) && !isset($mInfo)) { $mInfo_array = array_merge($admin, $admin_group); $mInfo = new objectInfo($mInfo_array); } if (isset($mInfo) && is_object($mInfo) && ($admin['admin_id'] == $mInfo->admin_id) ) { echo ' ' . "\n"; } else { echo ' ' . "\n"; } ?> MoveNext(); } ?>
 
   admin_id) ) { echo ''; } else { echo ''; } ?> 
display_count($db_admin_result_numrows, MAX_DISPLAY_SEARCH_RESULTS, $nPage, TEXT_DISPLAY_NUMBER_OF_MEMBERS); ?>
display_links($db_admin_result_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $nPage); ?>		 ' . oos_button(IMAGE_GROUPS) . ''; echo ' ' . oos_button(IMAGE_NEW_MEMBER) . ''; ?> 
infoBox($heading, $contents); ?>