www.gusucode.com > 图片存储_淘宝相册_免费网盘源代码 > admin.php
<?php class usr_dir { function view($user_dat, $globalvars) { $whichdir = $globalvars->maindir . $_GET['user']; $user_dir = opendir($whichdir); require_once("display.php"); } function rename($user_dat, $globalvars) { $split_rename = explode('.', $_GET['rename']); if(@rename($globalvars->maindir . $_GET['user'] . "/" . $_GET['rename'], $globalvars->maindir . $_GET['user'] . "/" . $_GET['imgname'])) { echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\"><i>" . $_GET['rename'] . "</i> 已经成功改名为 <i>" . $_GET['imgname'] . "</i>"; echo '<br />点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.</div>'; @unlink($user_dat['usrdir'] . "/thumbnails/" . $split_rename[0] . ".gif"); } } function delete($user_dat, $globalvars) { $split_imgname = explode('.', $_GET['delete']); if(unlink("users/" . $_GET['user'] . "/" . $_GET['delete'])) { @unlink($globalvars->maindir . $_GET['user'] . "/thumbnails/" . $split_imgname[0] . ".gif"); echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\"><i>" . $_GET['delete'] . "</i> 已经被成功删除. </div>"; echo '点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.'; } else { echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">对不起, 不能删除该文件. "; echo '点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.</div>'; } } } class admin { function approve() { mysql_query("UPDATE imgup_users SET status='approved' WHERE name='" . $_GET['approve'] . "'"); echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">".$_GET['approve'] . ", 该用户的帐户已经被激活. "; echo '点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.</div>'; } function adduser($user_dat, $globalvars) { if(isset($_POST['new_submit'])) { if(!empty ($_POST['new_user']) && !empty($_POST['new_pass'])) { // check if the user exists $get_check = mysql_query("SELECT * FROM imgup_users WHERE name='" . $_POST['new_user'] . "'"); $check_user = mysql_fetch_array($get_check); umask(0); if($check_user['name'] == null) { mysql_query("INSERT INTO imgup_users(name, pass, email, user_group, displaytype, status) VALUES ('" . $_POST['new_user'] . "', '" . $_POST['new_pass'] . "', '" . $_POST['new_email'] . "', '" . $_POST['new_level'] . "', 1, 'approved')"); if(mkdir($globalvars->maindir . $_POST['new_user'], 0777)) { mkdir($globalvars->maindir . $_POST['new_user'] . "/thumbnails", 0777); echo $_POST['new_user'] . ", 该用户的帐户和目录已经被添加.<br />"; } } else { // Uh-oh...the user exists...dun dun dun...well, check if the user wants to destroy existing users if($_POST['overwrite_user'] == true) { mysql_query("DELETE FROM imgup_users WHERE name='" . $_POST['new_user'] . "'"); mysql_query("INSERT INTO imgup_users(name, pass, email, user_group)VALUES('" . $_POST['new_user'] . "', '" . $_POST['new_pass'] . "', '" . $_POST['new_email'] . "', '" . $_POST['new_level'] . "')"); // Clear all files, then destroy and remake the directory $openthumbnails = opendir($globalvars->maindir . $_POST['new_user'] . "/thumbnails"); while($filename = readdir($openthumbnails)) { if($filename != "." && $filename != "..") { unlink($globalvars->maindir . $_POST['new_user'] . "/thumbnails/" . $filename); } } rmdir($globalvars->maindir . $_POST['new_user'] . "/thumbnails"); $open_dir = opendir($globalvars->maindir . $_POST['new_user']); while($file_name = readdir($open_dir)) { if(($file_name != ".") && ($file_name != "..")) { unlink($globalvars->maindir . $_POST['new_user'] . "/" . $file_name); } } rmdir($globalvars->maindir . $_POST['new_user']); if(mkdir($globalvars->maindir . $_POST['new_user'], 0777)) { mkdir($globalvars->maindir . $_POST['new_user'] . "/thumbnails", 0777); echo $_POST['new_user'] . ", 该用户的帐户和目录已经被添加.<br />"; } } else { echo "您正试图添加的用户已存在!<br />请确定替换目前已存在用户, 或者改换其他用户名."; } } } else { echo "您没有填写完整对话框."; } } echo '<p><form action="' . $_SERVER['PHP_SELF'] . '?admin=newuser" method="post"> 用户名: <input type="text" name="new_user" /><br /> 密 码 : <input type="password" name="new_pass" /><br /> E-Mail(可选): <input type="text" name="new_email" /><br /> 用户级别: <select name="new_level"> <option value="normal">普通用户</option> <option value="admin">管理员</option> </select><br />覆盖已存在用户? <input type="checkbox" value="true" name="overwrite_user" /><br /><br /> <input type="submit" name="new_submit" value="Add User" /><br /></p>'; } function edituser($user_dat, $globalvars) { $obtain_user = mysql_query("SELECT * FROM imgup_users WHERE name='" . $_GET['edituser'] . "'"); $user_array = mysql_fetch_array($obtain_user); if($user_array['name'] != null) { // check that someone is not trying to edit the main admin $get_editor = mysql_query("SELECT * FROM imgup_users WHERE name='" . $user_dat['name'] . "'"); $editor = mysql_fetch_array($get_editor); if($editor['id'] != 1 && $user_array['id'] == 1) { echo "您没有编辑主管理员帐户."; $exitp = new template(); $exitp->exitp($user_dat, $globalvars); } if(isset ($_POST['edit_final'])) { if($_POST['edit_deleteuser'] == true) { mysql_query("DELETE FROM imgup_users WHERE name='" . $_POST['olduser'] . "'"); $open_dir = opendir($globalvars->maindir . $_POST['olduser']); $openthumbnails = opendir($globalvars->maindir . $_POST['olduser'] . "/thumbnails"); while($filename = readdir($openthumbnails)) { if($filename != "." && $filename != "..") { unlink($globalvars->maindir . $_POST['olduser'] . "/thumbnails/" . $filename); } } rmdir($globalvars->maindir . $_POST['olduser'] . "/thumbnails"); while($file_name = readdir($open_dir)) { if(($file_name != ".") && ($file_name != "..")) { unlink($_POST['olduser'] . "/" . $file_name); } } rmdir($globalvars->maindir . $_POST['olduser']); echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">".$_POST['olduser'] . ", 该用户的帐户和目录已经被删除.<br />"; echo '点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.</div>'; $exitp = new template(); $exitp->exitp($user_dat, $globalvars); } elseif ($_POST['edit_password'] != null) { mysql_query("UPDATE imgup_users SET pass='" . $_POST['edit_password'] . "' WHERE name='" . $_POST['olduser'] . "'"); echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">".$_POST['olduser'] . ", 该用户的密码已经被更新.<br /></div>"; } mysql_query("UPDATE imgup_users SET name='" . $_POST['edit_username'] . "' WHERE name='" . $_POST['olduser'] . "'"); mysql_query("UPDATE imgup_users SET email='" . $_POST['edit_emailaddr'] . "' WHERE name='" . $_POST['olduser'] . "'"); mysql_query("UPDATE imgup_users SET user_group='" . $_POST['edit_userlvl'] . "' WHERE name='" . $_POST['olduser'] . "'"); if($_POST['suspenduser'] == true) { $suspendusr = "suspended"; } else { $suspendusr = "approved"; } mysql_query("UPDATE imgup_users SET status='" . $suspendusr . "' WHERE name='" . $_POST['olduser'] . "'"); rename($globalvars->maindir . $_POST['olduser'], $globalvars->maindir . $_POST['edit_username']); echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">".$_POST['olduser'] . "'s 用户资料已经成功更新. "; echo '点击 <a href="' . $_SERVER['PHP_SELF'] . '?admin=displayusers">这里</a> 返回.</div>'; $exitp = new template(); $exitp->exitp($user_dat, $globalvars); } echo '<p><form action="' . $_SERVER['PHP_SELF'] . '?admin=edituser&edituser=' . $_GET['edituser'] . '" method="post"> 用户名: <input type="post" name="edit_username" value="' . $user_array['name'] . '" /><br /> E-mail: <input type="post" name="edit_emailaddr" value="' . $user_array['email'] . '" /><br /> <input type="hidden" name="olduser" value="' . $_GET['edituser'] . '" /><br /> 级别: <select name="edit_userlvl">'; switch($user_array['user_group']) { case admin: echo '<option value="' . $user_array['user_group'] . '">' . $user_array['user_group'] . '</option> <option value="normal">normal</option>'; break; case normal: echo '<option value="' . $user_array['user_group'] . '">' . $user_array['user_group'] . '</option> <option value="admin">admin</option>'; break; } echo '</select></p><p>如想使用初始密码, 请把下面留空.<br /> 新密码: <input type="password" name="edit_password" /><br /><br /> 如不想删除该用户, 请把下面留空.<br /> 删除用户: <input type="checkbox" name="edit_deleteuser" /><br /> 暂时禁止用户: '; switch($user_array['status']) { case suspended: echo '<input type="checkbox" name="suspenduser" checked>'; break; case approved: echo '<input type="checkbox" name="suspenduser" />'; break; case notapproved: echo '<input type="checkbox" name="suspenduser" />'; break; } echo '<br /><br /><input type="submit" name="edit_final" value="Finish Edit" /></form></p>'; } } function viewusers($user_dat, $globalvars) { $get_all = mysql_query("SELECT * FROM imgup_users"); while($users = mysql_fetch_array($get_all)) { $used_space = 0; $total_files = 0; $get_files = mysql_query("SELECT * FROM imgup_imgs where userid=".$users['id']); while($files = mysql_fetch_array($get_files)) { $used_space = $used_space + $files['filesize']; $total_files++; } echo "<div style='width:500'><b>" . $users['name'] . "</b><br /><p align='left'><i>E-mail:</i> "; if($users['email'] == null) { echo "No e-mail provided"; } else { echo $users['email']; } echo "<br /><i>Level:</i> " . $users['user_group'] . "<br /><i>已上传文件:</i> " . $total_files . "<br /><i>已用空间:</i>"; $get_mbkb = new functions(); $get_mbkb->size_check($used_space); echo "<br/>总空间:".$users['maxspace']."MB."; echo '<br /><i>帐户统计:</i> '; if($users['status'] == "suspended") { echo '<font color="crimson">暂时禁止</font>'; } elseif($users['status'] != "approved") { echo '<font color="crimson">未审核/已通过</font>'; } else { echo '<font color="green">未审核/已通过</font>'; } echo '</p><a href="' . $_SERVER['PHP_SELF'] . '?admin=edituser&edituser=' . $users['name'] . '">编辑帐户</a> | <a href="' . $_SERVER['PHP_SELF'] . '?usrdir=view&user=' . $users['name'] . '">浏览目录</a>'; if($users['status'] != "approved" && $users['status'] != "suspended") { echo ' | <a href="' . $_SERVER['PHP_SELF'] . '?admin=approve&approve=' . $users['name'] . '">批准帐户</a>'; } echo '</div>'; unset($get_mbkb); unset($used_space); unset($total_files); } } function extdata($user_dat, $globalvars) { $ext_arr = mysql_query("SELECT * FROM imgup_config"); $ext_arr_n = mysql_fetch_array($ext_arr); switch($_GET['act']) { case rmv: $split_ext = explode(',', $ext_arr_n['allowed_ext']); $countext = count($split_ext); for($i=0;$i<$countext;$i++) { $split_val = explode(':', $split_ext[$i]); if($split_val[0] == $_GET['ext']) { $split_ext[$i] = null; // You are nulled! } if($split_ext[$i] != null) // "If so null you are, GTFO!" - Master Null, PHP Wars 4 { if($i == 0) { $query = $split_val[0] . ":" . $split_val[1]; } else { $query .= "," . $split_val[0] . ":" . $split_val[1]; } } } if(mysql_query("UPDATE imgup_config SET allowed_ext='" . $query . "'")) { echo "扩展名删除成功."; } break; case add: if(mysql_query("UPDATE imgup_config SET allowed_ext='" . $ext_arr_n['allowed_ext'] . "," . $_GET['ext'] . ":allow'")) { echo "新扩展名添加成功."; } break; } } function settings($user_dat, $globalvars) { if(isset($_POST['editset'])) { if(!empty ($_POST['dirupload']) && !empty($_POST['imgsize_limit']) && !empty($_POST['admin_email'])) { mysql_query("UPDATE imgup_config SET directory_limit='" . $_POST['dirupload'] . ":" . $_POST['mb_gb_dir'] . "'"); mysql_query("UPDATE imgup_config SET max_upload='" . $_POST['imgsize_limit'] . ":" . $_POST['mb_gb_imgsize'] . "'"); mysql_query("UPDATE imgup_config SET useext='" . $_POST['use_ext'] . "'"); mysql_query("UPDATE imgup_config SET allowed_ext='" . $_POST['allowedext'] . "'"); mysql_query("UPDATE imgup_config SET admin_email='" . $_POST['admin_email'] . "'"); mysql_query("UPDATE imgup_config SET allow_edit='" . $_POST['allow_edit'] . "'"); mysql_query("UPDATE imgup_config SET allow_register='" . $_POST['allow_register'] . "'"); mysql_query("UPDATE imgup_config SET header='" . $_POST['header'] . "'"); mysql_query("UPDATE imgup_config SET footer='" . $_POST['footer'] . "'"); mysql_query("UPDATE imgup_config SET display_login='" . $_POST['display_login'] . "'"); mysql_query("UPDATE imgup_config SET guest_custom_message='" . $_POST['guest_message'] . "'"); mysql_query("UPDATE imgup_config SET global_message='" . $_POST['global_message'] . "'"); mysql_query("UPDATE imgup_config SET usethumbnail='" . $_POST['usethumbnail'] . "'"); mysql_query("UPDATE imgup_config SET displaycode='" . $_POST['displaycode'] . "'"); mysql_query("UPDATE imgup_config SET anonymousup='" . $_POST['anonymousup'] . "'"); mysql_query("UPDATE imgup_config SET validateuser='" . $_POST['activatetype'] . "'"); $guest_message = str_replace("\n", "<br />", $_POST['guest_message']); $global_message = str_replace("\n", "<br />", $_POST['global_message']); mysql_query("UPDATE imgup_config SET final_guest_message='" . $guest_message . "'"); mysql_query("UPDATE imgup_config SET final_global_message='" . $global_message . "'"); $imgtypes = explode(',', $globalvars->settings['allowed_ext']); $count_imgtypes = count($imgtypes); $imgtype_query = "UPDATE imgup_config SET allowed_ext='"; for($i=0;$i<$count_imgtypes;$i++) { $imgtype_dat = explode(':', $imgtypes[$i]); if($i != 0) { $imgtype_query .= ','; } $imgtype_query .= $imgtype_dat[0]; if($_POST[$imgtype_dat[0]] == true) { $imgtype_query .= ":allow"; } else { $imgtype_query .= ":invalid"; } } $imgtype_query .= "'"; mysql_query($imgtype_query); echo "<div style=\"padding:5px;border:#6600FF 1px solid;background-color:#CAE0EA;width:600px;\">设置更新成功! 点击 " . '<a href="' . $_SERVER['PHP_SELF'] . '?admin=settings">这里</a> 返回.</div>'; $exitp = new template(); $exitp->exitp($user_dat, $globalvars); } else { echo "有必须的对话框没有被添写.<br />"; } } echo '<script> function addext() { var addext = prompt("Enter the new extension in the textarea below.", "") if(addext != "" && addext != null) { var url = "' . $_SERVER['PHP_SELF'] . '?admin=ext&ext=" + addext + "&act=add" window.location = url } } function rmvext() { var deleteext = prompt("在下面填写您想删除的扩展名.", "") if(deleteext != "" && deleteext != null) { var url = "' . $_SERVER['PHP_SELF'] . '?admin=ext&ext=" + deleteext + "&act=rmv" window.location = url } } </script>'; echo '<form action="' . $_SERVER['PHP_SELF'] . '?admin=settings" method="post">'; echo "<p align=\"left\"> <u>上传设置:</u></p>"; echo "<p>允许上传的扩展名:<br />"; $ext_array = explode(',', $globalvars->settings['allowed_ext']); $count_exts = count($ext_array); for($i=0;$i<$count_exts;$i++) { $ext_values = explode(':', $ext_array[$i]); $subone = $count_exts - 1; echo $ext_values[0]; switch($ext_values[1]) { case allow: if($ext_values[0] != null) { if($subone == $i) { echo '<input type="checkbox" name="' . $ext_values[0] . '" checked>'; } else { echo '<input type="checkbox" name="' . $ext_values[0] . '" checked> | '; } } break; case invalid: if($ext_values[0] != null) { if($subone == $i) { echo '<input type="checkbox" name="' . $ext_values[0] . '">'; } else { echo '<input type="checkbox" name="' . $ext_values[0] . '"> | '; } } break; } echo ""; } echo '<br /><input type="button" value="New extension" onclick="addext()" /> <input type="button" value="Delete extension" onclick="rmvext()" /></p><p>'; $dir_limit = explode(':', $globalvars->settings['directory_limit']); $img_size = explode(':', $globalvars->settings['max_upload']); echo '<p>目录限制: <input type="text" name="dirupload" value="' . $dir_limit[0] . '" /> '; switch($dir_limit[1]) { case KB: echo '<select name="mb_gb_dir"> <option value="KB">KB</option> <option value="MB">MB</option> </select>'; break; case MB: echo '<select name="mb_gb_dir"> <option value="MB">MB</option> <option value="KB">KB</option> </select>'; break; } echo '<br />图片大小限制: <input type="text" name="imgsize_limit" value="' . $img_size[0] . '" /> '; switch($img_size[1]) { case KB: echo '<select name="mb_gb_imgsize"> <option value="KB">KB</option> <option value="MB">MB</option> </select>'; break; case MB: echo '<select name="mb_gb_imgsize"> <option value="MB">MB</option> <option value="KB">KB</option> </select>'; break; } echo '</p><p>展示: '; switch($globalvars->settings['usethumbnail']) { case yes: echo 'Yes<input type="radio" name="usethumbnail" value="yes" checked> No<input type="radio" name="usethumbnail" value="no" />'; break; case no: echo 'Yes<input type="radio" name="usethumbnail" value="yes" /> No<input type="radio" name="usethumbnail" value="no" checked>'; break; } echo '<br />允许匿名上传: '; switch($globalvars->settings['anonymousup']) { case yes: echo 'Yes<input type="radio" name="anonymousup" value="yes" checked> No<input type="radio" name="anonymousup" value="no" />'; break; case no: echo 'Yes<input type="radio" name="anonymousup" value="yes" /> No<input type="radio" name="anonymousup" value="no" checked>'; break; } echo "</p>"; echo '<p align="left"><u>用户和游客设置:</u></p><p>'; echo '管理员 E-mail: <input type="text" size="45" name="admin_email" value="' . $globalvars->settings['admin_email'] . '" /><br />'; echo '允许用户编辑资料: '; switch($globalvars->settings['allow_edit']) { case yes: echo 'Yes<input type="radio" name="allow_edit" value="yes" checked> No<input type="radio" name="allow_edit" value="no" />'; break; case no: echo 'Yes<input type="radio" name="allow_edit" value="yes" /> No<input type="radio" name="allow_edit" value="no" checked>'; break; } echo "<br />"; echo '帐户和激活: <select name="activatetype">'; switch($globalvars->settings['validateuser']) { case auto: echo '<option value="auto">自动</option> <option value="emailconfirm">e-mail 确认</option> <option value="adminapprove">管理员批准</option></select><br />'; break; case emailconfirm: echo '<option value="emailconfirm">e-mail 确认</option> <option value="auto">自动</option> <option value="adminapprove">管理员批准</option></select><br />'; break; case adminapprove: echo '<option value="adminapprove">管理员批准</option> <option value="emailconfirm">e-mail 确认</option> <option value="auto">自动</option></select><br />'; break; default: echo '<option value="auto">自动</option> <option value="emailconfirm">e-mail 确认</option> <option value="adminapprove">管理员批准</option></select><br />'; break; } echo '允许注册: '; switch($globalvars->settings['allow_register']) { case yes: echo 'Yes<input type="radio" name="allow_register" value="yes" checked> No<input type="radio" name="allow_register" value="no" />'; break; case no: echo 'Yes<input type="radio" name="allow_register" value="yes" /> No<input type="radio" name="allow_register" value="no" checked>'; break; } echo "</p>"; echo '<p align="left"><u>显示设置:</u></p><p>'; echo "<br />"; echo '显示登陆信息: '; switch($globalvars->settings['display_login']) { case yes: echo 'Yes<input type="radio" name="display_login" value="yes" checked> No<input type="radio" name="display_login" value="no" />'; break; case no: echo 'Yes<input type="radio" name="display_login" value="yes" /> No<input type="radio" name="display_login" value="no" checked>'; break; } echo '<br /><p>游客欢迎信息:<br />'; echo '<textarea name="guest_message" rows="3" cols="40">' . $globalvars->settings['guest_custom_message'] . '</textarea></p>'; echo '<p>用户欢迎信息:<br />'; echo '<textarea name="global_message" rows="3" cols="40">' . $globalvars->settings['global_message'] . '</textarea></p>'; echo '<p>模板 header:<br /><textarea name="header" rows="3" cols="40">' . $globalvars->settings['header'] . '</textarea></p>'; echo '<p>模板 footer:<br /><textarea name="footer" rows="3" cols="40">' . $globalvars->settings['footer'] . '</textarea><br /><br />'; echo '<input type="submit" name="editset" value="Save settings" /></p></form>'; } } ?>