www.gusucode.com > 图片存储_淘宝相册_免费网盘源代码 > admin.php
<?php
class usr_dir
{
function view($user_dat, $globalvars)
{
$whichdir = $globalvars->maindir . $_GET['user'];
$user_dir = opendir($whichdir);
require_once("display.php");
}
function rename($user_dat, $globalvars)
{
$split_rename = explode('.', $_GET['rename']);
if(@rename($globalvars->maindir . $_GET['user'] . "/" . $_GET['rename'], $globalvars->maindir . $_GET['user'] . "/" . $_GET['imgname']))
{
echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\"><i>" . $_GET['rename'] . "</i> 已经成功改名为 <i>" . $_GET['imgname'] . "</i>";
echo '<br />点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.</div>';
@unlink($user_dat['usrdir'] . "/thumbnails/" . $split_rename[0] . ".gif");
}
}
function delete($user_dat, $globalvars)
{
$split_imgname = explode('.', $_GET['delete']);
if(unlink("users/" . $_GET['user'] . "/" . $_GET['delete']))
{
@unlink($globalvars->maindir . $_GET['user'] . "/thumbnails/" . $split_imgname[0] . ".gif");
echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\"><i>" . $_GET['delete'] . "</i> 已经被成功删除. </div>";
echo '点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.';
} else {
echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">对不起, 不能删除该文件. ";
echo '点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.</div>';
}
}
}
class admin
{
function approve()
{
mysql_query("UPDATE imgup_users SET status='approved' WHERE name='" . $_GET['approve'] . "'");
echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">".$_GET['approve'] . ", 该用户的帐户已经被激活. ";
echo '点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.</div>';
}
function adduser($user_dat, $globalvars)
{
if(isset($_POST['new_submit']))
{
if(!empty ($_POST['new_user']) && !empty($_POST['new_pass']))
{
// check if the user exists
$get_check = mysql_query("SELECT * FROM imgup_users WHERE name='" . $_POST['new_user'] . "'");
$check_user = mysql_fetch_array($get_check);
umask(0);
if($check_user['name'] == null)
{
mysql_query("INSERT INTO imgup_users(name, pass, email, user_group, displaytype, status) VALUES ('" . $_POST['new_user'] . "', '" . $_POST['new_pass'] . "', '" . $_POST['new_email'] . "', '" . $_POST['new_level'] . "', 1, 'approved')");
if(mkdir($globalvars->maindir . $_POST['new_user'], 0777))
{
mkdir($globalvars->maindir . $_POST['new_user'] . "/thumbnails", 0777);
echo $_POST['new_user'] . ", 该用户的帐户和目录已经被添加.<br />";
}
} else {
// Uh-oh...the user exists...dun dun dun...well, check if the user wants to destroy existing users
if($_POST['overwrite_user'] == true)
{
mysql_query("DELETE FROM imgup_users WHERE name='" . $_POST['new_user'] . "'");
mysql_query("INSERT INTO imgup_users(name, pass, email, user_group)VALUES('" . $_POST['new_user'] . "', '" . $_POST['new_pass'] . "', '" . $_POST['new_email'] . "', '" . $_POST['new_level'] . "')");
// Clear all files, then destroy and remake the directory
$openthumbnails = opendir($globalvars->maindir . $_POST['new_user'] . "/thumbnails");
while($filename = readdir($openthumbnails))
{
if($filename != "." && $filename != "..")
{
unlink($globalvars->maindir . $_POST['new_user'] . "/thumbnails/" . $filename);
}
}
rmdir($globalvars->maindir . $_POST['new_user'] . "/thumbnails");
$open_dir = opendir($globalvars->maindir . $_POST['new_user']);
while($file_name = readdir($open_dir))
{
if(($file_name != ".") && ($file_name != ".."))
{
unlink($globalvars->maindir . $_POST['new_user'] . "/" . $file_name);
}
}
rmdir($globalvars->maindir . $_POST['new_user']);
if(mkdir($globalvars->maindir . $_POST['new_user'], 0777))
{
mkdir($globalvars->maindir . $_POST['new_user'] . "/thumbnails", 0777);
echo $_POST['new_user'] . ", 该用户的帐户和目录已经被添加.<br />";
}
} else {
echo "您正试图添加的用户已存在!<br />请确定替换目前已存在用户, 或者改换其他用户名.";
}
}
} else {
echo "您没有填写完整对话框.";
}
}
echo '<p><form action="' . $_SERVER['PHP_SELF'] . '?admin=newuser" method="post">
用户名: <input type="text" name="new_user" /><br />
密 码 : <input type="password" name="new_pass" /><br />
E-Mail(可选): <input type="text" name="new_email" /><br />
用户级别: <select name="new_level">
<option value="normal">普通用户</option>
<option value="admin">管理员</option>
</select><br />覆盖已存在用户? <input type="checkbox" value="true" name="overwrite_user" /><br /><br />
<input type="submit" name="new_submit" value="Add User" /><br /></p>';
}
function edituser($user_dat, $globalvars)
{
$obtain_user = mysql_query("SELECT * FROM imgup_users WHERE name='" . $_GET['edituser'] . "'");
$user_array = mysql_fetch_array($obtain_user);
if($user_array['name'] != null)
{
// check that someone is not trying to edit the main admin
$get_editor = mysql_query("SELECT * FROM imgup_users WHERE name='" . $user_dat['name'] . "'");
$editor = mysql_fetch_array($get_editor);
if($editor['id'] != 1 && $user_array['id'] == 1)
{
echo "您没有编辑主管理员帐户.";
$exitp = new template();
$exitp->exitp($user_dat, $globalvars);
}
if(isset ($_POST['edit_final']))
{
if($_POST['edit_deleteuser'] == true)
{
mysql_query("DELETE FROM imgup_users WHERE name='" . $_POST['olduser'] . "'");
$open_dir = opendir($globalvars->maindir . $_POST['olduser']);
$openthumbnails = opendir($globalvars->maindir . $_POST['olduser'] . "/thumbnails");
while($filename = readdir($openthumbnails))
{
if($filename != "." && $filename != "..")
{
unlink($globalvars->maindir . $_POST['olduser'] . "/thumbnails/" . $filename);
}
}
rmdir($globalvars->maindir . $_POST['olduser'] . "/thumbnails");
while($file_name = readdir($open_dir))
{
if(($file_name != ".") && ($file_name != ".."))
{
unlink($_POST['olduser'] . "/" . $file_name);
}
}
rmdir($globalvars->maindir . $_POST['olduser']);
echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">".$_POST['olduser'] . ", 该用户的帐户和目录已经被删除.<br />";
echo '点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.</div>';
$exitp = new template();
$exitp->exitp($user_dat, $globalvars);
} elseif ($_POST['edit_password'] != null)
{
mysql_query("UPDATE imgup_users SET pass='" . $_POST['edit_password'] . "' WHERE name='" . $_POST['olduser'] . "'");
echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">".$_POST['olduser'] . ", 该用户的密码已经被更新.<br /></div>";
}
mysql_query("UPDATE imgup_users SET name='" . $_POST['edit_username'] . "' WHERE name='" . $_POST['olduser'] . "'");
mysql_query("UPDATE imgup_users SET email='" . $_POST['edit_emailaddr'] . "' WHERE name='" . $_POST['olduser'] . "'");
mysql_query("UPDATE imgup_users SET user_group='" . $_POST['edit_userlvl'] . "' WHERE name='" . $_POST['olduser'] . "'");
if($_POST['suspenduser'] == true)
{
$suspendusr = "suspended";
} else {
$suspendusr = "approved";
}
mysql_query("UPDATE imgup_users SET status='" . $suspendusr . "' WHERE name='" . $_POST['olduser'] . "'");
rename($globalvars->maindir . $_POST['olduser'], $globalvars->maindir . $_POST['edit_username']);
echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">".$_POST['olduser'] . "'s 用户资料已经成功更新. ";
echo '点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.</div>';
$exitp = new template();
$exitp->exitp($user_dat, $globalvars);
}
echo '<p><form action="' . $_SERVER['PHP_SELF'] . '?admin=edituser&edituser=' . $_GET['edituser'] . '" method="post">
用户名: <input type="post" name="edit_username" value="' . $user_array['name'] . '" /><br />
E-mail: <input type="post" name="edit_emailaddr" value="' . $user_array['email'] . '" /><br />
<input type="hidden" name="olduser" value="' . $_GET['edituser'] . '" /><br />
级别: <select name="edit_userlvl">';
switch($user_array['user_group'])
{
case admin:
echo '<option value="' . $user_array['user_group'] . '">' . $user_array['user_group'] . '</option>
<option value="normal">normal</option>';
break;
case normal:
echo '<option value="' . $user_array['user_group'] . '">' . $user_array['user_group'] . '</option>
<option value="admin">admin</option>';
break;
}
echo '</select></p><p>如想使用初始密码, 请把下面留空.<br />
新密码: <input type="password" name="edit_password" /><br /><br />
如不想删除该用户, 请把下面留空.<br />
删除用户: <input type="checkbox" name="edit_deleteuser" /><br />
暂时禁止用户: ';
switch($user_array['status'])
{
case suspended:
echo '<input type="checkbox" name="suspenduser" checked>';
break;
case approved:
echo '<input type="checkbox" name="suspenduser" />';
break;
case notapproved:
echo '<input type="checkbox" name="suspenduser" />';
break;
}
echo '<br /><br /><input type="submit" name="edit_final" value="Finish Edit" /></form></p>';
}
}
function viewusers($user_dat, $globalvars)
{
$get_all = mysql_query("SELECT * FROM imgup_users");
while($users = mysql_fetch_array($get_all))
{
$used_space = 0;
$total_files = 0;
$get_files = mysql_query("SELECT * FROM imgup_imgs where userid=".$users['id']);
while($files = mysql_fetch_array($get_files))
{
$used_space = $used_space + $files['filesize'];
$total_files++;
}
echo "<div style='width:500'><b>" . $users['name'] . "</b><br /><p align='left'><i>E-mail:</i> ";
if($users['email'] == null)
{
echo "No e-mail provided";
} else {
echo $users['email'];
}
echo "<br /><i>Level:</i> " . $users['user_group'] . "<br /><i>已上传文件:</i> " . $total_files . "<br /><i>已用空间:</i>";
$get_mbkb = new functions();
$get_mbkb->size_check($used_space);
echo "<br/>总空间:".$users['maxspace']."MB.";
echo '<br /><i>帐户统计:</i> ';
if($users['status'] == "suspended")
{
echo '<font color="crimson">暂时禁止</font>';
} elseif($users['status'] != "approved")
{
echo '<font color="crimson">未审核/已通过</font>';
} else {
echo '<font color="green">未审核/已通过</font>';
}
echo '</p><a href="' . $_SERVER['PHP_SELF'] . '?admin=edituser&edituser=' . $users['name'] . '">编辑帐户</a> | <a href="' . $_SERVER['PHP_SELF'] . '?usrdir=view&user=' . $users['name'] . '">浏览目录</a>';
if($users['status'] != "approved" && $users['status'] != "suspended")
{
echo ' | <a href="' . $_SERVER['PHP_SELF'] . '?admin=approve&approve=' . $users['name'] . '">批准帐户</a>';
}
echo '</div>';
unset($get_mbkb);
unset($used_space);
unset($total_files);
}
}
function extdata($user_dat, $globalvars)
{
$ext_arr = mysql_query("SELECT * FROM imgup_config");
$ext_arr_n = mysql_fetch_array($ext_arr);
switch($_GET['act'])
{
case rmv:
$split_ext = explode(',', $ext_arr_n['allowed_ext']);
$countext = count($split_ext);
for($i=0;$i<$countext;$i++)
{
$split_val = explode(':', $split_ext[$i]);
if($split_val[0] == $_GET['ext'])
{
$split_ext[$i] = null; // You are nulled!
}
if($split_ext[$i] != null) // "If so null you are, GTFO!" - Master Null, PHP Wars 4
{
if($i == 0)
{
$query = $split_val[0] . ":" . $split_val[1];
} else {
$query .= "," . $split_val[0] . ":" . $split_val[1];
}
}
}
if(mysql_query("UPDATE imgup_config SET allowed_ext='" . $query . "'"))
{
echo "扩展名删除成功.";
}
break;
case add:
if(mysql_query("UPDATE imgup_config SET allowed_ext='" . $ext_arr_n['allowed_ext'] . "," . $_GET['ext'] . ":allow'"))
{
echo "新扩展名添加成功.";
}
break;
}
}
function settings($user_dat, $globalvars)
{
if(isset($_POST['editset']))
{
if(!empty ($_POST['dirupload']) && !empty($_POST['imgsize_limit']) && !empty($_POST['admin_email']))
{
mysql_query("UPDATE imgup_config SET directory_limit='" . $_POST['dirupload'] . ":" . $_POST['mb_gb_dir'] . "'");
mysql_query("UPDATE imgup_config SET max_upload='" . $_POST['imgsize_limit'] . ":" . $_POST['mb_gb_imgsize'] . "'");
mysql_query("UPDATE imgup_config SET useext='" . $_POST['use_ext'] . "'");
mysql_query("UPDATE imgup_config SET allowed_ext='" . $_POST['allowedext'] . "'");
mysql_query("UPDATE imgup_config SET admin_email='" . $_POST['admin_email'] . "'");
mysql_query("UPDATE imgup_config SET allow_edit='" . $_POST['allow_edit'] . "'");
mysql_query("UPDATE imgup_config SET allow_register='" . $_POST['allow_register'] . "'");
mysql_query("UPDATE imgup_config SET header='" . $_POST['header'] . "'");
mysql_query("UPDATE imgup_config SET footer='" . $_POST['footer'] . "'");
mysql_query("UPDATE imgup_config SET display_login='" . $_POST['display_login'] . "'");
mysql_query("UPDATE imgup_config SET guest_custom_message='" . $_POST['guest_message'] . "'");
mysql_query("UPDATE imgup_config SET global_message='" . $_POST['global_message'] . "'");
mysql_query("UPDATE imgup_config SET usethumbnail='" . $_POST['usethumbnail'] . "'");
mysql_query("UPDATE imgup_config SET displaycode='" . $_POST['displaycode'] . "'");
mysql_query("UPDATE imgup_config SET anonymousup='" . $_POST['anonymousup'] . "'");
mysql_query("UPDATE imgup_config SET validateuser='" . $_POST['activatetype'] . "'");
$guest_message = str_replace("\n", "<br />", $_POST['guest_message']);
$global_message = str_replace("\n", "<br />", $_POST['global_message']);
mysql_query("UPDATE imgup_config SET final_guest_message='" . $guest_message . "'");
mysql_query("UPDATE imgup_config SET final_global_message='" . $global_message . "'");
$imgtypes = explode(',', $globalvars->settings['allowed_ext']);
$count_imgtypes = count($imgtypes);
$imgtype_query = "UPDATE imgup_config SET allowed_ext='";
for($i=0;$i<$count_imgtypes;$i++)
{
$imgtype_dat = explode(':', $imgtypes[$i]);
if($i != 0)
{
$imgtype_query .= ',';
}
$imgtype_query .= $imgtype_dat[0];
if($_POST[$imgtype_dat[0]] == true)
{
$imgtype_query .= ":allow";
} else {
$imgtype_query .= ":invalid";
}
}
$imgtype_query .= "'";
mysql_query($imgtype_query);
echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">设置更新成功! 点击 " . '<a href="' . $_SERVER['PHP_SELF'] . '?admin=settings">这里</a> 返回.</div>';
$exitp = new template();
$exitp->exitp($user_dat, $globalvars);
} else {
echo "有必须的对话框没有被添写.<br />";
}
}
echo '<script>
function addext()
{
var addext = prompt("Enter the new extension in the textarea below.", "")
if(addext != "" && addext != null)
{
var url = "' . $_SERVER['PHP_SELF'] . '?admin=ext&ext=" + addext + "&act=add"
window.location = url
}
}
function rmvext()
{
var deleteext = prompt("在下面填写您想删除的扩展名.", "")
if(deleteext != "" && deleteext != null)
{
var url = "' . $_SERVER['PHP_SELF'] . '?admin=ext&ext=" + deleteext + "&act=rmv"
window.location = url
}
}
</script>';
echo '<form action="' . $_SERVER['PHP_SELF'] . '?admin=settings" method="post">';
echo "<p align=\"left\">
<u>上传设置:</u></p>";
echo "<p>允许上传的扩展名:<br />";
$ext_array = explode(',', $globalvars->settings['allowed_ext']);
$count_exts = count($ext_array);
for($i=0;$i<$count_exts;$i++)
{
$ext_values = explode(':', $ext_array[$i]);
$subone = $count_exts - 1;
echo $ext_values[0];
switch($ext_values[1])
{
case allow:
if($ext_values[0] != null)
{
if($subone == $i)
{
echo '<input type="checkbox" name="' . $ext_values[0] . '" checked>';
} else {
echo '<input type="checkbox" name="' . $ext_values[0] . '" checked> | ';
}
}
break;
case invalid:
if($ext_values[0] != null)
{
if($subone == $i)
{
echo '<input type="checkbox" name="' . $ext_values[0] . '">';
} else {
echo '<input type="checkbox" name="' . $ext_values[0] . '"> | ';
}
}
break;
}
echo "";
}
echo '<br /><input type="button" value="New extension" onclick="addext()" /> <input type="button" value="Delete extension" onclick="rmvext()" /></p><p>';
$dir_limit = explode(':', $globalvars->settings['directory_limit']);
$img_size = explode(':', $globalvars->settings['max_upload']);
echo '<p>目录限制: <input type="text" name="dirupload" value="' . $dir_limit[0] . '" /> ';
switch($dir_limit[1])
{
case KB:
echo '<select name="mb_gb_dir">
<option value="KB">KB</option>
<option value="MB">MB</option>
</select>';
break;
case MB:
echo '<select name="mb_gb_dir">
<option value="MB">MB</option>
<option value="KB">KB</option>
</select>';
break;
}
echo '<br />图片大小限制: <input type="text" name="imgsize_limit" value="' . $img_size[0] . '" /> ';
switch($img_size[1])
{
case KB:
echo '<select name="mb_gb_imgsize">
<option value="KB">KB</option>
<option value="MB">MB</option>
</select>';
break;
case MB:
echo '<select name="mb_gb_imgsize">
<option value="MB">MB</option>
<option value="KB">KB</option>
</select>';
break;
}
echo '</p><p>展示: ';
switch($globalvars->settings['usethumbnail'])
{
case yes:
echo 'Yes<input type="radio" name="usethumbnail" value="yes" checked>
No<input type="radio" name="usethumbnail" value="no" />';
break;
case no:
echo 'Yes<input type="radio" name="usethumbnail" value="yes" />
No<input type="radio" name="usethumbnail" value="no" checked>';
break;
}
echo '<br />允许匿名上传: ';
switch($globalvars->settings['anonymousup'])
{
case yes:
echo 'Yes<input type="radio" name="anonymousup" value="yes" checked>
No<input type="radio" name="anonymousup" value="no" />';
break;
case no:
echo 'Yes<input type="radio" name="anonymousup" value="yes" />
No<input type="radio" name="anonymousup" value="no" checked>';
break;
}
echo "</p>";
echo '<p align="left"><u>用户和游客设置:</u></p><p>';
echo '管理员 E-mail: <input type="text" size="45" name="admin_email" value="' . $globalvars->settings['admin_email'] . '" /><br />';
echo '允许用户编辑资料: ';
switch($globalvars->settings['allow_edit'])
{
case yes:
echo 'Yes<input type="radio" name="allow_edit" value="yes" checked>
No<input type="radio" name="allow_edit" value="no" />';
break;
case no:
echo 'Yes<input type="radio" name="allow_edit" value="yes" />
No<input type="radio" name="allow_edit" value="no" checked>';
break;
}
echo "<br />";
echo '帐户和激活: <select name="activatetype">';
switch($globalvars->settings['validateuser'])
{
case auto:
echo '<option value="auto">自动</option>
<option value="emailconfirm">e-mail 确认</option>
<option value="adminapprove">管理员批准</option></select><br />';
break;
case emailconfirm:
echo '<option value="emailconfirm">e-mail 确认</option>
<option value="auto">自动</option>
<option value="adminapprove">管理员批准</option></select><br />';
break;
case adminapprove:
echo '<option value="adminapprove">管理员批准</option>
<option value="emailconfirm">e-mail 确认</option>
<option value="auto">自动</option></select><br />';
break;
default:
echo '<option value="auto">自动</option>
<option value="emailconfirm">e-mail 确认</option>
<option value="adminapprove">管理员批准</option></select><br />';
break;
}
echo '允许注册: ';
switch($globalvars->settings['allow_register'])
{
case yes:
echo 'Yes<input type="radio" name="allow_register" value="yes" checked>
No<input type="radio" name="allow_register" value="no" />';
break;
case no:
echo 'Yes<input type="radio" name="allow_register" value="yes" />
No<input type="radio" name="allow_register" value="no" checked>';
break;
}
echo "</p>";
echo '<p align="left"><u>显示设置:</u></p><p>';
echo "<br />";
echo '显示登陆信息: ';
switch($globalvars->settings['display_login'])
{
case yes:
echo 'Yes<input type="radio" name="display_login" value="yes" checked>
No<input type="radio" name="display_login" value="no" />';
break;
case no:
echo 'Yes<input type="radio" name="display_login" value="yes" />
No<input type="radio" name="display_login" value="no" checked>';
break;
}
echo '<br /><p>游客欢迎信息:<br />';
echo '<textarea name="guest_message" rows="3" cols="40">' . $globalvars->settings['guest_custom_message'] . '</textarea></p>';
echo '<p>用户欢迎信息:<br />';
echo '<textarea name="global_message" rows="3" cols="40">' . $globalvars->settings['global_message'] . '</textarea></p>';
echo '<p>模板 header:<br /><textarea name="header" rows="3" cols="40">' . $globalvars->settings['header'] . '</textarea></p>';
echo '<p>模板 footer:<br /><textarea name="footer" rows="3" cols="40">' . $globalvars->settings['footer'] . '</textarea><br /><br />';
echo '<input type="submit" name="editset" value="Save settings" /></p></form>';
}
}
?>