-
Notifications
You must be signed in to change notification settings - Fork 1
/
account.php
executable file
·92 lines (92 loc) · 4.03 KB
/
account.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<?php
if(!defined('CORE_ROOT')) exit();
require_once CORE_ROOT.'include/admin.inc.php';
if($get_action == 'changepassword') {
if(isset($get_submit)) {
if(!isset($post_oldpassword) || !isset($post_newpassword) || !isset($post_newpassword2)) adminmsg($lan['passwordempty'], 'back', 3, 1);
if($post_newpassword != $post_newpassword2) adminmsg($lan['repeatpassworderror'], 'back', 3, 1);
if($user = $db->get_by('*', 'admins', "editor='$admin_id'")) {
if($user['password'] != ak_md5($post_oldpassword, 0, 2)) adminmsg($lan['oldpassworderror'], 'back', 3, 1);
$newpassword = ak_md5($post_newpassword, 0, 2);
$db->update('admins', array('password' => $newpassword), "editor='$admin_id'");
adminmsg($lan['operatesuccess']);
} else {
adminmsg($lan['nothisuser'], 'back', 3, 1);
}
} else {
displaytemplate('admincp_changepass.htm');
}
} elseif($get_action == 'manageaccounts') {
checkcreator();
if(!isset($get_job)) {
$query = $db->query_by('*', 'admins', '', 'id');
$str_users = '';
while($user = $db->fetch_array($query)) {
if($user['editor'] != 'admin') {
$status = empty($user['freeze']) ? available($lan['active']) : disabled($lan['frozen']);
$changestatus = empty($user['freeze']) ? "<a href=\"index.php?file=account&action=manageaccounts&vc={$vc}&job=freeze&id={$user['id']}\">{$lan['freeze']}</a>" : "<a href=\"index.php?file=account&action=manageaccounts&vc={$vc}&job=active&id={$user['id']}\">{$lan['activate']}</a>";
$reset = "<a href=\"index.php?file=account&action=manageaccounts&vc={$vc}&job=reset&id={$user['id']}\">".alert($lan['reset'])."</a>";
if($user['items'] == 0) {
$delete = "<a href=\"index.php?file=account&action=manageaccounts&job=delete&vc={$vc}&editor={$user['editor']}\">".alert($lan['delete'])."</a>";
} else {
$delete = "-";
}
} else {
$status = available($lan['active']);
$changestatus = '-';
$reset = '-';
$delete = "-";
}
$str_users .= "<tr>
<td>{$user['editor']}</td>
<td>{$delete}</td>
<td>{$status}</td>
<td>{$changestatus}</td>
<td>{$reset}</td>
<td class=\"mininum\">{$user['items']}</td>
</tr>";
}
displaytemplate('admincp_manageaccounts.htm', array('users' => $str_users));
} elseif($get_job == 'newaccount') {
if(empty($post_account) || empty($post_password)) adminmsg($lan['accountorpasswordempty'], 'back', 3, 1);
if($db->get_by('*', 'admins', "editor='$post_account'")) adminmsg($lan['accountexist'], 'back', 3, 1);
$value = array(
'editor' => $post_account,
'password' => ak_md5($post_password, 0, 2)
);
$db->insert('admins', $value);
adminmsg($lan['accoundpassword']."{$post_account}/{$post_password}<br>".$lan['operatesuccess'], 'index.php?file=account&action=manageaccounts');
} elseif($get_job == 'freeze' || $get_job == 'active') {
vc();
$array_admins_status = array(
'freeze' => 1,
'active' => 0
);
if(empty($get_id) || $get_id == 1) adminmsg($lan['parameterwrong'], 'back', 3, 1);
$db->update('admins', array('freeze' => $array_admins_status[$get_job]), "id='$get_id'");
adminmsg($lan['operatesuccess'], 'index.php?file=account&action=manageaccounts');
} elseif($get_job == 'delete') {
vc();
if(empty($get_editor) || $get_editor == 'admin') adminmsg($lan['parameterwrong'], 'back', 3, 1);
if($db->get_by('*', 'items', "author='$get_editor'")) adminmsg($lan['accounthasitems'], 'back', 3, 1);
$db->delete('admins', "editor='$get_editor'");
adminmsg($lan['operatesuccess'], 'index.php?file=account&action=manageaccounts');
} elseif($get_job == 'reset') {
vc();
$default_password = 'akcms';
if(empty($get_id) || $get_id == 1) adminmsg($lan['parameterwrong'], 'back', 3, 1);
$password = ak_md5($default_password, 0, 2);
$db->update('admins', array('password' => $password), "id='$get_id'");
adminmsg($lan['passwordreset'], 'index.php?file=account&action=manageaccounts');
}
}elseif($get_action == 'logout') {
vc();
setcookie('auth', '');
aksetcookie('auth', '');
adminmsg($lan['logout_success'], 'index.php?file=login');
} else {
adminmsg($lan['nodefined'], '', 0, 1);
}
runinfo();
aexit();
?>