query('SELECT * FROM users'); while ($line = $DatabaseQuery->fetchArray()) { if ($line['username'] == htmlspecialchars($_SESSION['username']) && htmlspecialchars($_SESSION['username']) != "" && $line['password'] == htmlspecialchars($_SESSION['password']) && htmlspecialchars($_SESSION['password']) != "" && $line['usertype'] == 2) { $Authorized = 1; $Primary = $line['primaryadmin']; break; } } // not authorized if ($Authorized != 1) { header('Location: /'); die(); } $html = ""; $html = printHeader($html, 0); $html .= "\t\t\t

Administrator panel

\n"; $html .= "\t\t\t\t

\n"; $html .= "\t\t\t\t\t\n"; if ($Action == "users") { $html .= "\t\t\t\t\t\tUsers\n"; } else { $html .= "\t\t\t\t\t\tUsers\n"; } if ($Action == "comments") { $html .= "\t\t\t\t\t\tComments\n"; } else { $html .= "\t\t\t\t\t\tComments\n"; } if ($Action == "create") { $html .= "\t\t\t\t\t\tCreate\n"; } else { $html .= "\t\t\t\t\t\tCreate\n"; } $html .= "\t\t\t\t\t\n"; $html .= "\t\t\t\t

\n"; if ($Action == "comments") { $DatabaseQuery = $Database->query('SELECT * FROM comments'); $html .= "\t\t\t\t\n"; $html .= "\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\n"; while ($line = $DatabaseQuery->fetchArray()) { $ID = $line['id']; $commentDate = $line['date']; $Username = $line['username']; $usertypeID = $line['usertype']; $Page = $line['page']; if ($line['usertype'] == 1) { $userType = "User"; } else if ($line['usertype'] == 2) { $userType = "Administrator"; } else { $userType = "Unknown"; } $html .= "\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\n"; } $html .= "\t\t\t\t

ID	Poster	Comment date	User type	Page
$ID	$Username	$commentDate	$userType	$Page	Remove

\n"; } else if ($Action == "create") { $html .= "\t\t\t\t\n"; // handle errors if ($Error == "data") { $html .= "\t\t\t\t

Invalid user.

\n"; } else if ($Error == "type") { $html .= "\t\t\t\t

Invalid type.

\n"; } else if ($Error == "denied") { $html .= "\t\t\t\t

You don't have permission to create a user of this type.

\n"; } else if ($Error == "exists") { $html .= "\t\t\t\t

This user already exists.

\n"; } else if ($Error == "username") { $html .= "\t\t\t\t

You must specify a username.

\n"; } } else if ($Action == "users") { if ($Primary != 1) { $html .= "\t\t\t\t

Administrator users are not visible.

\n"; } $html .= "\t\t\t\t\n"; $html .= "\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\n"; $DatabaseQuery = $Database->query('SELECT * FROM users'); while ($line = $DatabaseQuery->fetchArray()) { if ($line['id'] != $filterID && $filterID != -1) { continue; } if ($line['usertype'] == 2 && $Primary != 1) { continue; } $ID = $line['id']; $Username = $line['username']; $NumberOfComments = $line['numberofcomments']; $LastUsed = $line['lastused']; $Created = $line['created']; $IP = $line['ip']; $UserAgent = $line['useragent']; $userType = "User"; if ($line['usertype'] == 2) { $userType = "Moderator"; if ($line['primaryadmin'] == 1) { $userType = "Administrator"; } } $html .= "\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; if ($Primary == 1 && $line['primaryadmin'] != 1) { // primary admins cannot be removed $html .= "\t\t\t\t\t\t\n"; $html .= "\t\t\t\t\t\t\n"; } $html .= "\t\t\t\t\t\n"; } $html .= "\t\t\t\t

ID	User	Comments	Last used	Created	IP	User agent	User type
$ID	$Username	$NumberOfComments	$LastUsed	$Created	$IP	$UserAgent	$userType	Remove	Edit

\n"; } $html = printFooter($html); print "$html"; ?>