accmanage.php

You can find the source code of MonoCMS online. All the files are sorted alphabetically on the list to the left. You can choose chronollogical sorting, in order to get the updated files that you have missed.

File Type: php File Location: monofiles/ File name: accmanage.php
<?php

    
// Manage user accounts
    
include_once 'data_connect.php';
    include 
'log.php';
    
    if (
get_account($_SESSION['userID'])['rights'] != 'administrator'){
        
header('Location:panel.php');
        exit();
    }
    
    
$log 'filesinfo/log.xml';
    
$sett = new SimpleXMLElement('filesinfo/settings.xml',null,true);
    
$wowner $sett->general->ownername;
    
$ownerid $sett->general->ownerid;
    
    if (isset(
$_GET['userid'])) {
        
        if (
$ownerid == $_GET['userid']) {

            
$_SESSION['account'] = '<div id="error-confirm"><span>Owner account cannot be deleted.</span></div>';
            
header('Location:accmanage.php');
            exit();
        }
            
        if (
update_account($_GET['userid'],'delete') !== false) {
            
$_SESSION['account'] = '<div id="action-confirm"><span>Account deleted</span></div>';

            
header('Location:accmanage.php');
            exit();
        }
        
    }
    
    if (isset(
$_GET['uto'])){
        
        
$newow $_GET['uto'];
        
$newowacc get_account($newow);
        
        if (
$newowacc['rights'] == 'administrator'){
        
        
$sett->general->ownerid $newow;
        
$sett->general->ownername $newowacc['name'];
        
$sett->asXML('filesinfo/settings.xml');
        
        
$_SESSION['account'] = '<div id="action-confirm"><span>Account set to owner</span></div>';
        }
        
        else
        
$_SESSION['account'] = '<div id="error-confirm"><span>Cannot set account. Authors are not allowed to become owners</span></div>';
        
        
header('Location:accmanage.php');
        exit();
        
    }

?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Users</title>
<link rel="stylesheet" type="text/css" href="cmstyle.css">
<?php include 'csstheme.php' ?>
<script type="text/javascript">
function conf(){return confirm('Delete this account?');}
function confs(){return confirm('Make this user website owner?');}
</script>
</head>
<body>
<?php
    
include 'mypanel.php';

    if (isset(
$_SESSION['account'])) {
        echo 
$_SESSION['account'];
        unset (
$_SESSION['account']);
    }
?>
<div class="main">

    <h1>Users</h1>
    
    <div class="headpages">
        <a href="account.php" class="addnew" title="Create a new User">+</a>
    </div>
    
    <div id="main-container">
     
        <div class="results" style="margin-top:22px">
            
            <div class="pbar pbaraccounts">
                <span style="width:61%;padding-left: 10px;text-align:left;float:left">User</span>
                <span style="width:100px;text-align:right;padding-right:30px">Last seen</span>
                <span style="width:74px">Type</span>
            </div>
                <?php
                
                $logfile 
simplexml_load_file($log);
                include 
'dateform.php';
                
$c=0;
                foreach(
$logfile->user as $user){
                        
                        
$name $user->name;
                        
$rights $user->rights;
                        
$login $user->login// formatted string
                        
$img $user->icon;
                        
$userid $user->userID;
                        
                        
// Make owner
                        
if (((string)$name == $wowner) || ($rights != 'administrator'))
                            
$cto '<span class="options-button option-off">Make owner</span>';
                        else 
                            
$cto '<a href="accmanage.php?uto='.$userid.'" class="options-button" title="Make owner" onclick="return confs(this)">Make owner</a>';
                        
                        
// Delete user
                        
if ((string)$name != $wowner) {
                            
$delacc '<a href="accmanage.php?userid='.$userid.'" class="options-button" title="Delete account" onclick="return conf(this)">Delete</a>';
                            
$ownericon '';
                        }
                        else {
                            
$delacc '<span href="#" class="options-button option-off" title="Owner account cannot be deleted">Delete</span>';
                            
                            
// Owner icon
                            
$ownericon '<img class="ownericon" title="Owner" src="images/owner.gif">';
                        }
                        
                        
$ftime strtotime($login);
                        
$ftime date_form($ftime);
                        
                        
$cssbg = (($c 2) == 1) ? ' -bg' '';
                        if (
$img != '-')
                            
                        echo 
'<div class="savedfile'.$cssbg.'">
                        <span class="account-username"><img src="'
.$img.'">'.$name.'</span>
                        <div class="post-options">
                        <a href="account.php?userid='
.$userid.'" title="Edit account" class="options-button">Edit account</a>
                        '
.$delacc.PHP_EOL.$cto.'
                        </div>
                        <div class="last-login" title="last login">'
.$ftime.'</div>
                        <div class="type" style="margin-right:40px">
                        <span>'
.$rights.'</span>
                        </div>
                        '
.$ownericon.'
                        
                        </div>'
;
                        
$c++;
                }
                
?>
        </div>
    </div>
</div>
</body>
</html>