관리-도구

편집 파일: userEdit.php

<?php include("../connect.php"); if ($_GET['baseTask'] == 'EditUser') { $sql = "select * from emailUsers where username='" . $_GET['memberID'] . "'"; $res = mysql_query($sql); $row = mysql_fetch_row($res); } if ($_GET['baseTask'] == 'ChangePassword') { $sql = "select * from emailUsers where username='" . $_GET['memberID'] . "'"; $res = mysql_query($sql); $row = mysql_fetch_row($res); } if ($_GET['baseTask'] == 'DeleteUser') { $sql = "Delete from emailUsers where username='" . $_GET['memberID'] . "'"; $res = mysql_query($sql); header("location:membersList.php?actionname=deleteSuccess"); } if ($_POST['SubmitCreate']) { $sql = "insert into emailUsers values ('" . $_POST['txtusername'] . "','" . $_POST['txtpassword'] . "','Active','" . $_POST['usertype'] . "')"; $res = mysql_query($sql); $mailcon = ''; $mailcon = $mailcon . '<html xmlns="http://www.w3.org/1999/xhtml">'; $mailcon = $mailcon . '<head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /></head>'; $mailcon = $mailcon . '<body><table width="100%" border="0" cellpadding="0" cellspacing="0" bgcolor="#000000"><tr><td><table width="100%" border="0" cellspacing="1" cellpadding="4"><tr>'; $mailcon = $mailcon . '<td align="left" valign="middle" bgcolor="#FFFFFF" style="font:Verdana, Arial, Helvetica, sans-serif; font-size:12px"><span style="color:#990000; font-weight:bold">Congratulations! Your New User Account has been created for FinestWeddingSites.com </span><br /><br />'; $mailcon = $mailcon . 'Please refer to the below URL and Login Credentials to access the Application and Enjoy the benefits of setting up Auto-Reply for Inquiries.<br />'; $mailcon = $mailcon . '<br /></p>'; $mailcon = $mailcon . '<strong>URL - </strong><a href="http://www.finestweddingsites.com/emailAdmin/">Finest Wedding Sites - Email Management Tool</a><br />'; $mailcon = $mailcon . '<strong>User Name - </strong>' . $_POST['txtusername'] . '<br />'; $mailcon = $mailcon . '<strong>Password - </strong>' . $_POST['txtpassword'] . '<br />'; $mailcon = $mailcon . '<br />Should you have any question regarding your free membership, please send an email to <a href="mailto:info@finestweddingwebsites.com">info@finestweddingwebsites.com</a><br /><br />Please do not reply to this email. Emails sent to this address will not be answered. </p></td></tr></table></td></tr></table></body></html>'; $to = $_POST['txtusername']; $subject = "FinestWeddingSites - User Registration Confirmation"; $from = "no-reply@finestweddingsites.com"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= "Cc: lisa@mungias.com\r\n"; $headers .= "BCc: anshulbhaigupta@yahoo.co.in\r\n"; $headers .= "From: $from"; $message = $mailcon; mail($to,$subject,$message,$headers); header("location:membersList.php?actionname=addSuccess"); } if ($_POST['SubmitEdit']) { $sql = "Update emailUsers set password='" . $_POST['txtpassword'] . "', status='" . $_POST['userstatus'] . "', usertype='" . $_POST['usertype'] . "' where username='" . $_POST['txtusername'] . "'"; $res = mysql_query($sql); header("location:membersList.php?actionname=editSuccess"); } if ($_POST['SubmitPasswordChange']) { $sql = "Update emailUsers set password='" . $_POST['txtpassword'] . "' where username='" . $_POST['txtusername'] . "'"; $res = mysql_query($sql); header("location:userEdit.php?action=Success&baseTask=ChangePassword&memberID=" . $_POST['txtusername']); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <style type="text/css"> <!-- .style1 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; } .style3 {font-size: 24px; font-family: Georgia, "Times New Roman", Times, serif;} --> </style> <script language="javascript"> function validateForm() { if (document.getElementById('txtusername').value == '') { alert("User Name can not be left blank."); document.getElementById('txtusername').focus(); return false; } if (document.getElementById('txtpassword').value == '') { alert("Password can not be left blank."); document.getElementById('txtpassword').focus(); return false; } if (echeck(document.getElementById('txtusername').value)==false) { document.getElementById('txtusername').focus() return false; } } function echeck(str) { var at="@" var dot="." var lat=str.indexOf(at) var lstr=str.length var ldot=str.indexOf(dot) if (str.indexOf(at)==-1) { alert("Invalid E-mail ID") return false } if (str.indexOf(at)==-1 || str.indexOf(at)==0 || str.indexOf(at)==lstr) { alert("Invalid E-mail ID") return false } if (str.indexOf(dot)==-1 || str.indexOf(dot)==0 || str.indexOf(dot)==lstr) { alert("Invalid E-mail ID") return false } if (str.indexOf(at,(lat+1))!=-1) { alert("Invalid E-mail ID") return false } if (str.substring(lat-1,lat)==dot || str.substring(lat+1,lat+2)==dot) { alert("Invalid E-mail ID") return false } if (str.indexOf(dot,(lat+2))==-1) { alert("Invalid E-mail ID") return false } if (str.indexOf(" ")!=-1) { alert("Invalid E-mail ID") return false } return true } </script> </head> <body> <form id="frmuser" name="frmuser" method="post" action="userEdit.php" onsubmit="return validateForm()"> <table width="100%" border="0" cellpadding="0" cellspacing="0" bgcolor="#999999"> <tr> <td><table width="100%" border="0" cellspacing="1" cellpadding="4"> <?php if ($_GET['action'] == 'Success') {?> <tr> <td height="40" colspan="2" bgcolor="#F8F8F8"><div align="center"><span class="style1">Your Password has been changed Successfully. </span></div></td> </tr> <?php } ?> <tr> <td height="48" colspan="2" align="center" valign="middle" bgcolor="#F0F0F0" class="style3">User Details <input name="userID" type="hidden" id="userID" size="25" value="<?php echo $_GET['memberID']; ?>" /> <input name="baseTask" type="hidden" id="baseTask" size="25" value="<?php echo $_GET['baseTask']; ?>" /> </td> </tr> <tr> <td width="40%" align="right" valign="top" bgcolor="#F9F9F9"><span class="style1">User Name/Email Address : </span></td> <td width="60%" align="left" valign="top" bgcolor="#FFFFFF"><input name="txtusername" type="text" id="txtusername" size="25" value="<?php echo $row[0]; ?>" <?php if ($_GET['baseTask'] == 'EditUser') { ?> readonly="true" <?php } ?> <?php if ($_GET['baseTask'] == 'ChangePassword') { ?> readonly="true" <?php } ?> /></td> </tr> <tr> <td align="right" valign="top" bgcolor="#F9F9F9" class="style1">Password : </td> <td align="left" valign="top" bgcolor="#FFFFFF"><input name="txtpassword" type="password" id="txtpassword" size="25" value="<?php echo $row[1]; ?>" /></td> </tr> <tr> <td align="right" valign="top" bgcolor="#F9F9F9" class="style1">User Type : </td> <td align="left" valign="top" bgcolor="#FFFFFF"><label> <select name="usertype" id="usertype" <?php if ($_GET['baseTask'] == 'ChangePassword') { ?> readonly="true" <?php } ?>> <option value="Venue" <?php if ($row[3] == 'Venue') { ?> selected="selected" <?php } ?>>Venue</option> <option value="Vendor" <?php if ($row[3] == 'Vendor') { ?> selected="selected" <?php } ?>>Vendor</option> </select> </label></td> </tr> <?php if ($_GET['baseTask'] == 'EditUser') { ?> <tr> <td align="right" valign="top" bgcolor="#F9F9F9" class="style1">User Status : </td> <td align="left" valign="top" bgcolor="#FFFFFF"><label> <select name="userstatus" id="userstatus"> <option value="Active" <?php if ($row[2] == 'Active') { ?> selected="selected" <?php } ?>>Active</option> <option value="InActive" <?php if ($row[2] == 'InActive') { ?> selected="selected" <?php } ?>>InActive</option> </select> </label></td> </tr> <?php } ?> <?php if ($_GET['baseTask'] == 'EditUser') { $buttonName = "SubmitEdit"; $buttonValue = "Edit User Details"; } if ($_GET['baseTask'] == 'CreateUser') { $buttonName = "SubmitCreate"; $buttonValue = "Create New User"; } if ($_GET['baseTask'] == 'ChangePassword') { $buttonName = "SubmitPasswordChange"; $buttonValue = "Update Password"; }?> <tr> <td height="41" colspan="2" align="center" valign="middle" bgcolor="#F0F0F0"><input type="submit" name="<?php echo $buttonName; ?>" value="<?php echo $buttonValue; ?>" /></td> </tr> </table></td> </tr> </table> </form> </body> </html>