is_logged(); if ($logged) { $is_adm = $_SESSION["admin"]; } if(isset($_POST["username"]) && isset($_POST["password"]) && !isset($_POST["usr_id"])) { $usr = $_POST["username"]; $pwd = $_POST["password"]; $log = new login($usr, $pwd); $log->mdb_connect(); $test = $log->do_login(); $log->mdb_disconnect(); if($test) { header("Location: /"); exit(); } else { $not = 'Username o password non validi, prova ancora.'; } } if((isset($_GET["act"]) && $_GET["act"] == "log" && isset($_SESSION['username']) && isset($_SESSION["password"])) || !isset($_GET["act"])) { header("Location: /"); exit(); } else if(isset($_GET["act"]) && $_GET["act"] == "log") { $mInp = "

Username:

Password:

"; $aInp = "
  • Login
  • "; $ttl = "Login"; $usr = "null"; $pwd = "null"; } else if(isset($_GET["act"]) && $_GET["act"] == "pst" && isset($_SESSION['username']) && isset($_SESSION["password"])) { $mInp = "
    Carica Immagini
    Carica Documenti
    "; $aInp = "
  • Invia
  • "; $ttl = "Post"; $not = "La dimensione massima delle singole immagini è di 10mb. Quelle più grandi, se presenti nella lista, saranno ignorate.
    I formati accettati per i documenti sono 'txt', 'rtf', 'doc', 'odt', 'ppt', 'odp' e 'pdf'."; } else if(isset($_GET["act"]) && $_GET["act"] == "edt" && isset($_SESSION['username']) && isset($_SESSION["password"]) && isset($_POST["tgt_id"]) && isset($_POST["tgt_title"]) && isset($_POST["tgt_body"])) { $id = $_POST["tgt_id"]; $title = $_POST["tgt_title"]; $body = $_POST["tgt_body"]; $tags = $_POST["tgt_tags"]; $links = $_POST["tgt_links"]; $lArr = explode(",", $links); $tArr = explode(", ", $tags); $len = count($tArr); $len2 = count($lArr); $imgs = ""; $lnks = ""; $path = "/images/uploads/"; if($len > 0) { $imgs = "
    "; foreach($tArr as $img) { $imgs .= "
    $img
    "; } $imgs .= "
    "; } if($len2 > 0) { foreach($lArr as $link) { $split = explode("=", $link); $lN = $split[0]; $lP = $split[1]; if(strlen($lN) > 0) { $lnks .= ""; } } } $mInp = "
    $imgs
    Carica Immagini
    Carica Documenti
    "; $aInp = "
  • Invia
  • "; $ttl = "Edit"; } else if(isset($_GET["act"]) && $_GET["act"] == "usr" && isset($_SESSION['username']) && isset($_SESSION["password"]) && isset($_SESSION["admin"]) && $_SESSION["admin"] == "y" ) { $log = new login($_SESSION['username'], $_SESSION['password']); $log->mdb_connect(); if(isset($_POST["username"]) && isset($_POST["password"]) && isset($_POST["usr_id"]) && isset($_POST["admin"])) { $usr = $_POST["username"]; $pwd = $_POST["password"]; $adm = $_POST["admin"]; $uid = $_POST["usr_id"]; if($uid == "delete") { $del = $log->del_user($usr); if($del == true) { $log->mdb_disconnect(); $log = new data_mgr(); $log->mdb_connect(); $log->del_data($usr); $log->mdb_disconnect(); if($usr == $_SESSION["username"]) { header("Location: /php/logout.php"); } else { header("Location: /util.php?act=usr"); } exit(); } else { $not = "Impossibile eliminare l'utente, prova ancora."; } } else if($uid == "new") { $add = $log->add_user($usr, $pwd, $adm); if($add) { $log->mdb_disconnect(); header("Location: /util.php?act=usr"); exit(); } else { $not = "Errore nella creazione di un nuovo utente, prova più tardi."; } } else { $edit = $log->edit_user($usr, $pwd, $adm, $uid); if($edit == false) { $not = "Impossibile modificare l'utente, prova ancora."; } else if ($edit == 1) { echo "true"; $log->mdb_disconnect(); if ($edit == $_SESSION["username"]) { $_SESSION["admin"] = $adm; } header("Location: /util.php?act=usr"); exit(); } else { if($edit == $_SESSION["username"]) { $_SESSION["username"] = $usr; $_SESSION["admin"] = $adm; } $posts = new p_manager(); $posts->mdb_connect(); $a_edit = $posts->update_post_author($edit, $usr); if($a_edit == true) { $log->mdb_disconnect(); $posts->mdb_disconnect(); header("Location: /util.php?act=usr"); exit(); } else { $posts->mdb_disconnect(); $not = "Qualcosa è andato storto durante l'aggiornamento del nome utente, ripetere l'operazione."; } } } } $mInp = $log->admin_panel(); $log->mdb_disconnect(); $aInp = "
  • Ricarica
  • "; $ttl = "Users"; } else if (isset($_GET["act"]) && $_GET["act"] == "udata" && isset($_SESSION['username'])) { $log = new login($_SESSION['username'], $_SESSION['password']); $log->mdb_connect(); $usr_id = $log->get_uid(); $usr_names = $log->get_names(); $log->mdb_disconnect(); if (isset($_POST["uact"]) && $_POST["uact"] == "edit") { $t_uid = $_POST["usr_id"]; $name = $_POST["name"]; $surname = $_POST["surname"]; $mail = $_POST["mail"]; $phone = $_POST["phone"]; $dataMgr = new data_mgr(); $dataMgr->mdb_connect(); $in_db = $dataMgr->check_usr($t_uid); if ($in_db) { $dataMgr->edit_data($t_uid, $name, $surname, $mail, $phone); } else { $dataMgr->add_data($t_uid, $name, $surname, $mail, $phone); } $dataMgr->mdb_disconnect(); } $tLines = ""; if ($usr_names != NULL) { $dataMgr = new data_mgr(); $dataMgr->mdb_connect(); $add_data = $dataMgr->get_data($tgt, $usr_id); $dataMgr->mdb_disconnect(); $count = $usr_names->num_rows; foreach ($usr_names as $unm) { if ($unm != "Falk689") { $last_rows = ""; $add_r = "$last_rows"; if (array_key_exists($unm, $add_data)) { $t_nm = $add_data[$unm]["name"]; $t_sr = $add_data[$unm]["surn"]; $t_ml = $add_data[$unm]["mail"]; $t_ph = $add_data[$unm]["phone"]; if ($t_ml != "" && $t_ml != "null") { $last_rows = ""; } $add_r = "$t_nm$t_sr$t_ml$t_ph$last_rows"; } $tLines .= "$unm$add_r"; } } $mInp = "$tLines
    IDNomeCognomeMailTelefonoUtilInvia
    "; $aInp = "
  • Modifica
  • Mail
  • "; $ttl = "User Data"; } } else { header("Location: /"); exit(); } $tgt = $_SERVER["PHP_SELF"]."?act=".$_GET["act"]; ?>

    Avis Garessio