' . $heading . '

  Username Full Name Status Action '; while($a=mysql_fetch_assoc($admins)) { $a = stripslashes_array($a); if($a['AdminName'] == '') $a['AdminName'] = 'N/A'; $AdTb .= ' ' . $a["Username"] . ' ' . $a["AdminName"] . ' '; if($a["Manager"]==1) { $AdTb.="All Lists"; } if($a["Root"]==1) { if($a["Manager"] == 1) $AdTb .= " / All Actions"; else $AdTb .= "All Actions"; } if($a["Manager"] == 0 && $a["Root"] == 0) $AdTb .= "Normal User"; $AdTb .= ''; $AdTb .= ''; if ($Action != 'DelUsers') { $AdTb .= MakeLink("admins?Action=Edit&AdminID=".$a["AdminID"],"Edit") . '   '; } $AdTb .= MakeConfirmBox("admins?Action=Delete&AdminID=".$a["AdminID"],"Delete","Are you sure you wish to delete this user?") . ''; } $AdTb .= ''; $form = 'Use the form below to manage your user accounts.'; if ($Action != 'DelUsers') { $form .= ' You can add a user by clicking on the \'Create User Account\' button below.

'; } $form .= '

' . $AdTb; $OUTPUT.=MakeBox("Manage Users", $form); } } if ($Action == 'Add' || $Action == 'Edit') { if ($Action == 'Edit') { $AdminID = (int)$_GET['AdminID']; $qry = "SELECT * FROM " . $TABLEPREFIX . "admins WHERE AdminID='" . addslashes($AdminID) . "'"; $admin_result = mysql_query($qry); $admin = mysql_fetch_assoc($admin_result); $admin['Password'] = '********'; } else { $admin = array( 'Username' => '', 'Password' => '', 'AdminName' => '', 'Email' => '', 'Status' => 1, 'Root' => 1, 'Manager' => 1, 'Attachments' => 1, 'DisplaySummaries' => 1, 'MaxLists' => 0, 'PerHour' => 0, 'PerMonth' => 0, 'EmailServer' => '', 'EmailServerPort' => '' ); $AdminID = 0; } $show_edit = true; if ($Action == 'Add') { if(!ss9024kwehbehb()) { $error = "Your license key does not allow you to create more users."; if ($CURRENTADMIN['Root'] && $CURRENTADMIN['Manager']) $error .= "Click here to update your license key, or you can Delete some users."; $OUTPUT = MakeErrorBox("Invalid License Key", $error); $show_edit = false; } } if ($show_edit) { $FORM_ITEMS[$FORM_REQUIRED_ITEM . "Username"]="textfield|Username:40:44:".$admin['Username']; $HELP_ITEMS['Username']['Title'] = "Username"; $HELP_ITEMS['Username']['Content'] = "The username for this user to enter when logging in."; $FORM_ITEMS[$FORM_REQUIRED_ITEM . "Password"]="password|Password:40:44:" . $admin['Password']; $HELP_ITEMS['Password']['Title'] = "Password"; $HELP_ITEMS['Password']['Content'] = "The password for this user to enter when logging in."; $FORM_ITEMS[$FORM_NOT_REQUIRED_ITEM . "Full Name"]="textfield|AdminName:40:44:".$admin['AdminName']; $HELP_ITEMS['AdminName']['Title'] = "Full Name"; $HELP_ITEMS['AdminName']['Content'] = "The full name of the user who will be using this account."; $FORM_ITEMS[$FORM_NOT_REQUIRED_ITEM . "Email"]="textfield|Email:40:44:".$admin['Email']; $HELP_ITEMS['Email']['Title'] = "Email Address"; $HELP_ITEMS['Email']['Content'] = "The email address of the user who will be using this account."; $FORM_ITEMS[$FORM_REQUIRED_ITEM . "Status"]="select|Status:1:0->Inactive;1->Active:".$admin['Status']; $HELP_ITEMS['Status']['Title'] = "Status"; $HELP_ITEMS['Status']['Content'] = "Should this user account be set to active? If yes, this user will be able to login."; $rootuser = ($admin['Root']) ? 1 : 0; $manager = ($admin['Manager']) ? 1 : 0; if ($rootuser) $admin['Attachments'] = 1; $FORM_ITEMS[$FORM_REQUIRED_ITEM . "Attachments"]="select|Attachments:1:0->No;1->Yes:".$admin['Attachments']; $HELP_ITEMS['Attachments']['Title'] = "Attachments"; $HELP_ITEMS['Attachments']['Content'] = "Can this user send attachments?"; $FORM_ITEMS[$FORM_NOT_REQUIRED_ITEM . "Max Lists"]="textfield|MaxLists:5:5:".$admin['MaxLists']; $HELP_ITEMS['MaxLists']['Title'] = "Maximum Lists"; $HELP_ITEMS['MaxLists']['Content'] = "How many lists can this user create? Enter 0 for unlimited."; $FORM_ITEMS[$FORM_NOT_REQUIRED_ITEM . "Emails per Hour"]="textfield|PerHour:10:10:".$admin['PerHour']; $HELP_ITEMS['PerHour']['Title'] = "Emails per Hour"; $HELP_ITEMS['PerHour']['Content'] = "How many emails can this user send per hour? Enter 0 for unlimited."; $FORM_ITEMS[$FORM_NOT_REQUIRED_ITEM . "Emails per Month"]="textfield|PerMonth:10:10:".$admin['PerMonth']; $HELP_ITEMS['PerMonth']['Title'] = "Emails per Month"; $HELP_ITEMS['PerMonth']['Content'] = "How many emails can this user send per month? Enter 0 for unlimited."; $FORM_ITEMS[$FORM_NOT_REQUIRED_ITEM . "SMTP Server"]="textfield|EmailServer:80:44:".$admin['EmailServer']; $HELP_ITEMS['EmailServer']['Title'] = "SMTP Server"; $HELP_ITEMS['EmailServer']['Content'] = "Which email server should we use?
Leave blank for local (webserver).

If your SMTP server requires authentication, separate the values by a semicolon.
For example:
servername; username; password"; $FORM_ITEMS[$FORM_NOT_REQUIRED_ITEM . "SMTP Server Port"]="textfield|EmailServerPort:5:5:".$admin['EmailServerPort']; $HELP_ITEMS['EmailServerPort']['Title'] = "Email Server Port"; $HELP_ITEMS['EmailServerPort']['Content'] = "Which email server port should we use?
Leave blank for default (25)."; $summaries = ($admin['DisplaySummaries']) ? 1 : 0; $FORM_ITEMS[$FORM_REQUIRED_ITEM . "Display Summaries?"]="select|DisplaySummaries:1:0->No;1->Yes:".$summaries; $HELP_ITEMS["DisplaySummaries"]["Title"] = "Display Summaries?"; $HELP_ITEMS["DisplaySummaries"]["Content"] = "If selected, SendStudio will display summary information (number of subscribers) for each mailing list when you manage subscribers, export users, import users.
This may slow down SendStudio as your list grows over 100,000 subscribers or if you manage a number of large lists. Turn this off if you are experiencing delays when viewing lists, users etc"; $FORM_ITEMS["-100"]="spacer|

Access Permissions

"; $FORM_ITEMS[$FORM_REQUIRED_ITEM . "Administrator"]="select|Root:1:0->No;1->Yes:".$rootuser . ":onChange=\"if(this.selectedIndex==1) { chooseAllFunctions(); } else { unchooseAllFunctions(); }\""; $HELP_ITEMS['Root']['Title'] = "Administrator"; $HELP_ITEMS['Root']['Content'] = "If yes, this user will have complete access to every part of the control panel, including all functions."; if (!$rootuser) { $style = ''; } else { $style = 'none'; } $FORM_ITEMS["-99"]="raw|

"; ksort($SECTIONS); foreach($SECTIONS AS $key=>$info){ if(!$rootuser) { if(mysql_num_rows(mysql_query("SELECT * FROM " . $TABLEPREFIX . "allow_functions WHERE AdminID='".addslashes($AdminID)."' && SectionID='".addslashes($info['SectionID'])."'"))>0) { $sel='CHECKED'; } else { $sel=''; } } else { $sel = 'CHECKED'; } $FORM_ITEMS["   " . $info['Name']]="checkbox|AllowFunction[".$info['SectionID']."]:1:Yes:".$sel; if (isset($SECTIONS[$key]['HelpTip'])) { $HELP_ITEMS['AllowFunction['.$info['SectionID'].']']['Title'] = $info['Name']; $HELP_ITEMS['AllowFunction['.$info['SectionID'].']']['Content'] = $info['HelpTip']; } } $FORM_ITEMS["-200"]="spacer|

Mailing List Permissions

"; $FORM_ITEMS[$FORM_REQUIRED_ITEM . " All Current and New Lists"]="select|Manager:1:0->No;1->Yes:".$manager . ":onChange=\"if(this.selectedIndex==1) { chooseAllLists(); } else { unchooseAllLists(); } \""; $HELP_ITEMS['Manager']['Title'] = "All Current and New Lists"; $HELP_ITEMS['Manager']['Content'] = "If yes, this user will be able to perform tasks on every mailing list, including current lists and those created at a future date and time."; if (!$manager) { $style = ''; } else { $style = 'none'; } $FORM_ITEMS["-103"]="raw|

"; $lists=mysql_query("SELECT * FROM " . $TABLEPREFIX . "lists ORDER BY ListName ASC"); while($l=mysql_fetch_assoc($lists)){ $l = stripslashes_array($l); $sel=''; if ($admin['Manager'] == 1 || mysql_num_rows(mysql_query("SELECT * FROM " . $TABLEPREFIX . "allow_lists WHERE AdminID='".addslashes($AdminID)."' && ListID='".addslashes($l['ListID'])."'"))>0) { $sel='CHECKED'; } $FORM_ITEMS["    " . $l["ListName"]]="checkbox|AllowList[".$l["ListID"]."]:1:Yes:".$sel; } $FORM_ITEMS["-104"]="raw|

"; $FORM_ITEMS[-2]="hidden|AdminID:".$AdminID; $FORM_ITEMS[-1]="submit|Save:1-admins"; $FORM=new AdminForm; $FORM->title="EditAdmin"; $FORM->items=$FORM_ITEMS; $FORM->action=MakeAdminLink("admins?Action=UpdateAdmin"); $FORM->MakeForm("User Account Details"); if ($Action == 'Add') { $FORM->output = "Complete the form below to create a new user account. When you are done, click on the 'Save' button." . $FORM->output; $OUTPUT =MakeBox("Create User", $FORM->output); } else { $FORM->output = "Complete the form below to edit a user account. When you are done, click on the 'Save' button." . $FORM->output; $OUTPUT =MakeBox("Edit User", $FORM->output); } $OUTPUT .= ' '; } } if ($Action == 'UpdateAdmin') { $qry = "SELECT COUNT(*) FROM " . $TABLEPREFIX . "admins WHERE Username='" . addslashes($_POST['Username']) . "' AND AdminID != '" . addslashes($_POST['AdminID']) . "'"; $username_check = mysql_result(mysql_query($qry), 0, 0); if ($username_check > 0) { $OUTPUT = MakeErrorBox("Duplicate Account Username", "The account username that you entered is already in use. Please choose another username."); } else { $AdminID = $_POST['AdminID']; $do = true; if ($AdminID > 0) { // check to make sure that we're not the only user left that's active. if ($_POST['Status'] != 1) { $qry = "SELECT COUNT(*) FROM " . $TABLEPREFIX . "admins WHERE AdminID != '" . addslashes($AdminID) . "' AND Status='1'"; $result = mysql_result(mysql_query($qry), 0, 0); if ($result <= 0) { $OUTPUT = MakeErrorBox("Last Active User", "If you disable this admin account, there will be no active users left."); $do = false; } } // check to make sure that we're not the only user left that's active. if ($_POST['Root'] != 1) { $qry = "SELECT COUNT(*) FROM " . $TABLEPREFIX . "admins WHERE AdminID != '" . addslashes($AdminID) . "' AND Root='1'"; $result = mysql_result(mysql_query($qry), 0, 0); if ($result <= 0) { $OUTPUT = MakeErrorBox("Last All Access User", "If you remove 'All Access' from this admin account, there will be no users left with access to all functionality (including this page)."); $do = false; } } // check to make sure that we're not the only user left that's active. if ($_POST['Manager'] != 1) { $qry = "SELECT COUNT(*) FROM " . $TABLEPREFIX . "admins WHERE AdminID != '" . addslashes($AdminID) . "' AND Manager='1'"; $result = mysql_result(mysql_query($qry), 0, 0); if ($result <= 0) { $OUTPUT = MakeErrorBox("Last All Lists User", "If you remove 'All Lists' from this admin account, there will be no users left with access to all lists."); $do = false; } } if ($do) { $qry = "UPDATE " . $TABLEPREFIX . "admins SET Username='" . addslashes($_POST['Username']) . "', "; if (trim($_POST['Password']) != '********') $qry .= " Password='" . addslashes(md5($_POST['Password'])) . "', "; $qry .= " AdminName='" . addslashes($_POST['AdminName']) . "', Email='" . addslashes($_POST['Email']) . "', Status='" . (int)addslashes($_POST['Status']) . "', Root='" . (int)addslashes($_POST['Root']) . "', Manager='" . (int)addslashes($_POST['Manager']) . "', Attachments='" . (int)addslashes($_POST['Attachments']) . "', MaxLists='" . addslashes($_POST['MaxLists']) . "', PerHour='" . (int)str_replace(array(' ', ','), '', addslashes($_POST['PerHour'])) . "', PerMonth='" . (int)str_replace(array(' ', ','), '', addslashes($_POST['PerMonth'])) . "', EmailServer='" . addslashes($_POST['EmailServer']) . "', EmailServerPort='" . (int)addslashes($_POST['EmailServerPort']) . "', DisplaySummaries='" . (int)addslashes($_POST['DisplaySummaries']) . "' WHERE AdminID='" . addslashes($AdminID)."'"; mysql_query($qry); } } else { $qry = "INSERT INTO " . $TABLEPREFIX . "admins (Username, Password, AdminName, Email, Status, Root, Manager, Attachments, MaxLists, PerHour, PerMonth, EmailServer, EmailServerPort, DisplaySummaries) VALUES ('" . addslashes($_POST['Username']) . "', '" . addslashes(md5($_POST['Password'])) . "', '" . addslashes($_POST['AdminName']) . "', '" . addslashes($_POST['Email']) . "', '" . (int)addslashes($_POST['Status']) . "', '" . (int)addslashes($_POST['Root']) . "', '" . (int)addslashes($_POST['Manager']) . "', '" . (int)addslashes($_POST['Attachments']) . "', '" . (int)addslashes($_POST['MaxLists']) . "', '" . (int)addslashes($_POST['PerHour']) . "', '" . (int)addslashes($_POST['PerMonth']) . "', '" . addslashes($_POST['EmailServer']) . "', '" . (int)addslashes($_POST['EmailServerPort']) . "', '" . (int)addslashes($_POST['DisplaySummaries']) . "')"; mysql_query($qry); $AdminID = mysql_insert_id(); } if ($do) { mysql_query("DELETE FROM " . $TABLEPREFIX . "allow_functions WHERE AdminID='".addslashes($AdminID)."'"); if(isset($_POST['AllowFunction'])) { foreach($_POST['AllowFunction'] as $functionid=>$val) { mysql_query("INSERT INTO " . $TABLEPREFIX . "allow_functions SET AdminID='".addslashes($AdminID)."', SectionID='".addslashes($functionid)."'"); } } //allowed lists mysql_query("DELETE FROM " . $TABLEPREFIX . "allow_lists WHERE AdminID='".addslashes($AdminID)."'"); if(isset($_POST['AllowList'])) { foreach($_POST['AllowList'] as $listid=>$val) { mysql_query("INSERT INTO " . $TABLEPREFIX . "allow_lists SET AdminID='".addslashes($AdminID)."', ListID='".addslashes($listid)."'"); } } if ($_POST['AdminID'] > 0) { $OUTPUT = MakeSuccessBox("User Account Updated Successfully", "The selected user account has been updated successfully.", MakeAdminLink("admins")); } else { $OUTPUT = MakeSuccessBox("User Account Created Successfully", "A new user account has been created successfully.", MakeAdminLink("admins")); } } } } ?>