search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Nueva imagen para "puntos". Modificaciones de los mapas en general.
[ecomupi.git] / contenido / adminprocess.php
blobe5f4669ec538a9ee272b4864c5c96e6a3ed955d1
1 <?php
2 require_once("../include/sesion.php");
3 require_once("../include/database.php");
4
5 /* Make sure administrator is accessing page */
6 if($session->isAdmin()){
7
8 /* Admin submitted update user level form */
9 if(isset($_POST['subupdlevel'])){
10 procUpdateLevel();
11 }
12 /* Admin submitted delete user form */
13 else if(isset($_POST['subdeluser'])){
14 procDeleteUser();
15 }
16 /* Admin submitted delete inactive users form */
17 else if(isset($_POST['subdelinact'])){
18 procDeleteInactive();
19 }
20 /* Admin submitted ban user form */
21 else if(isset($_POST['subbanuser'])){
22 procBanUser();
23 }
24 /* Admin submitted delete banned user form */
25 else if(isset($_POST['subdelbanned'])){
26 procDeleteBannedUser();
27 }
28
29 } else {
30
31 return;
32
33 }
34
35 /**
36 * procUpdateLevel - If the submitted username is correct,
37 * their user level is updated according to the admin's
38 * request.
39 */
40 function procUpdateLevel(){
41 global $session, $database, $form;
42 /* Username error checking */
43 $subuser = checkUsername("upduser");
44
45 /* Errors exist, have user correct them */
46 if($form->num_errors > 0){
47 $_SESSION['value_array'] = $_POST;
48 $_SESSION['error_array'] = $form->getErrorArray();
49 header("Location: ../?accion=gestionar+clientes");
50 }
51 /* Update user level */
52 else{
53 $database->updateUserField($subuser, "userlevel", (int)$_POST['updlevel']);
54 header("Location: ../?accion=gestionar+clientes");
55 }
56 }
57
58 /**
59 * procDeleteUser - If the submitted username is correct,
60 * the user is deleted from the database.
61 */
62 function procDeleteUser(){
63 global $session, $database, $form;
64 /* Username error checking */
65 $subuser = checkUsername("deluser");
66
67 /* Errors exist, have user correct them */
68 if($form->num_errors > 0){
69 $_SESSION['value_array'] = $_POST;
70 $_SESSION['error_array'] = $form->getErrorArray();
71 header("Location: ../?accion=admin");
72 }
73 /* Delete user from database */
74 else{
75 $q = "DELETE FROM ".TBL_USERS." WHERE codigo = '$subuser'";
76 $database->query($q);
77 header("Location: ../?accion=admin");
78 }
79 }
80
81 /**
82 * procDeleteInactive - All inactive users are deleted from
83 * the database, not including administrators. Inactivity
84 * is defined by the number of days specified that have
85 * gone by that the user has not logged in.
86 */
87 function procDeleteInactive(){
88 global $session, $database;
89 $inact_time = $session->time - $_POST['inactdays']*24*60*60;
90 $q = "DELETE FROM ".TBL_USERS." WHERE timestamp < $inact_time "
91 ."AND userlevel != ".ADMIN_LEVEL;
92 $database->query($q);
93 header("Location: ../?accion=admin");
94 }
95
96 /**
97 * procBanUser - If the submitted username is correct,
98 * the user is banned from the member system, which entails
99 * removing the username from the users table and adding
100 * it to the banned users table.
101 */
102 function procBanUser(){
103 global $session, $database, $form;
104 /* Username error checking */
105 $subuser = checkUsername("banuser");
106
107 /* Errors exist, have user correct them */
108 if($form->num_errors > 0){
109 $_SESSION['value_array'] = $_POST;
110 $_SESSION['error_array'] = $form->getErrorArray();
111 header("Location: ../?accion=admin");
112 }
113 /* Ban user from member system */
114 else{
115 $q = "DELETE FROM ".TBL_USERS." WHERE codigo = '$subuser'";
116 $database->query($q);
117
118 $q = "INSERT INTO ".TBL_BANNED_USERS." VALUES ('$subuser', $session->time)";
119 $database->query($q);
120 header("Location: ../?accion=admin");
121 }
122 }
123
124 /**
125 * procDeleteBannedUser - If the submitted username is correct,
126 * the user is deleted from the banned users table, which
127 * enables someone to register with that username again.
128 */
129 function procDeleteBannedUser(){
130 global $session, $database, $form;
131 /* Username error checking */
132 $subuser = checkUsername("delbanuser", true);
133
134 /* Errors exist, have user correct them */
135 if($form->num_errors > 0){
136 $_SESSION['value_array'] = $_POST;
137 $_SESSION['error_array'] = $form->getErrorArray();
138 header("Location: ../?accion=admin");
139 }
140 /* Delete user from database */
141 else{
142 $q = "DELETE FROM ".TBL_BANNED_USERS." WHERE codigo = '$subuser'";
143 $database->query($q);
144 header("Location: ../?accion=admin");
145 }
146 }
147
148 /**
149 * checkUsername - Helper function for the above processing,
150 * it makes sure the submitted username is valid, if not,
151 * it adds the appropritate error to the form.
152 */
153 function checkUsername($uname, $ban=false){
154 global $database, $form;
155 /* Username error checking */
156 $subuser = $_POST[$uname];
157 $field = $uname; //Use field name for username
158 if(!$subuser || strlen($subuser = trim($subuser)) == 0){
159 $form->setError($field, "* Usuario no ingresado<br>");
160 }
161 else{
162 /* Make sure username is in database */
163 $subuser = stripslashes($subuser);
164 if(strlen($subuser) < 5 || strlen($subuser) > 30 ||
165 !eregi("^([0-9a-z])+$", $subuser) ||
166 (!$ban && !$database->codigoTaken($subuser))){
167 $form->setError($field, "* Usuario no existe<br>");
168 }
169 }
170 return $subuser;
171 }
172
173 ?>
Sistema en linea para Eco Mupis