edit_member.php

Login Manager V3.0(LM3.0) is an authentication system which can integrate with any existing website

<?
//Login Manager
//
//Member Management System, Version 3.0
//Easebay Resources, 2002-2004.
//Website: www.easebayresources.com
//Email: services@easebayresources.com


    require_once ('auth.php');
    require_once ('authconfig.php');
    require_once ('check.php');

	$droot=$_SERVER['DOCUMENT_ROOT'];
	if ($check["uname"] != 'admin')
	{

		print "<font face=\"Arial, Helvetica, sans-serif\" size=\"5\" color=\"#FF0000\">";
		print "<b>Illegal Access</b>";
		print "</font><br>";
  		print "<font face=\"Verdana, Arial, Helvetica, sans-serif\" size=\"2\" color=\"#000000\">";
		print "<b>You do not have permission to view this page.</b></font>";
		exit; 
	}	
?>
<html>
<head>
<title>Login Manager Admin Panel</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.style10 {
	font-family: Arial;
	font-size: 12pt;
	font-weight: bold;
	color: #FF6633;
}
.style21 {
	font-family: Arial;
	font-size: 12pt;
	font-weight: bold;
	color: #660000;
}
.style22 {font-family: Arial}
.style23 {
	font-size: 10pt;
	color: #000099;
}
.style25 {font-family: Arial; font-size: 10pt; }
.style27 {
	font-size: 10px;
	color: #999999;
}
a:link       { color: #0000cc }
a:visited    { color: #0000cc }
a:hover      { color: #ff0000 }
a:active     { color: #00CC99 }
a            { color: #F4f4f4; text-decoration: none;  font-style: bold;  font-family: arial; 
               font-size: 12 }
.style35 {font-family: Arial; color: #000099; font-size: 10pt; font-weight: bold; }
.style29 {color: #000099}
.style30 {
	font-family: Verdana;
	font-size: 8pt;
	color: #000099;
}
.style33 {font-size: 8pt; color: #000099; }
.style36 {	font-family: Verdana;
	font-size: 8pt;
	color: #666666;
}
</style>
</head>

<body bgcolor="#FFFFFF" text="#000000">
 <form name="form1" method="post" action="edit_member.php">
<table width="743" align="center" cellpadding="0" cellspacing="0" bordercolor="#111111" id="AutoNumber1" style="border-collapse: collapse; border: 1px solid #666699; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1">
      <tr>
<td width="164" height="299" valign="top" bgcolor="#FFFFCC"><table width="164" border="0" cellspacing="0" cellpadding="3">
          <tr>
            <td width="158" height="60" bgcolor="#FFFFCC"><div align="center"><span class="style10"><br>
                  <img src="lmlogo.jpg" width="137" height="43"><br> 
            </span></div></td>
          </tr>
          <tr>
            <td height="7" bgcolor="#FFFFCC"><div align="center"><img src=line.gif width=158 height="1" border=0></div></td>
          </tr>
          <tr>
            <td height="32" bgcolor="#FFFFCC"><div align="left"><span class="style35">&nbsp;<img src="bullet.gif" width="11" height="10"><a href="index.php">View Status</a> </span></div></td>
          </tr>
          <tr>
            <td height="32" bgcolor="#FFFFCC"><div align="left"><span class="style35">&nbsp;<img src="bullet.gif" width="11" height="10"><a href="group.php">Protected Directory</a></span></div></td>
          </tr>
          <tr>
            <td height="32" bgcolor="#FFFFCC"><div align="left"><span class="style35">&nbsp;<img src="bullet.gif" width="11" height="10"><a href="search.php">Member Search</a></span></div></td>
          </tr>
          <tr>
            <td height="32" bgcolor="#FFFFCC"><div align="left"><span class="style35">&nbsp;<img src="bullet.gif" width="11" height="10"><a href="add_member.php">Add New Member</a></span></div></td>
          </tr>
          <tr>
            <td height="32" bgcolor="#FFFFCC"><div align="left"><span class="style35">&nbsp;<img src="bullet.gif" width="11" height="10"><a href="register_access.php">Signup Access</a></span></div></td>
          </tr>
          <tr>
            <td height="32" bgcolor="#FFFFCC"><div align="left"><span class="style35">&nbsp;<img src="bullet.gif" width="11" height="10"><a href="mailnotify.php">Mail Notification</a></span></div></td>
          </tr>
          <tr>
            <td height="32" bgcolor="#FFFFCC"><div align="left"><span class="style35">&nbsp;<img src="bullet.gif" width="11" height="10"><a href="emailtemplates.php">Email Templates</a></span></div></td>
          </tr>
          <tr>
            <td height="32" bgcolor="#FFFFCC"><div align="left"><span class="style35">&nbsp;<img src="bullet.gif" width="11" height="10"><a href="changepwd.php">Change Password</a></span></div></td>
          </tr>
          <tr>
            <td height="32" bgcolor="#FFFFCC"><div align="left"><span class="style35">&nbsp;<img src="bullet.gif" width="11" height="10"><a href="backup.php">Backup/Restore DB</a></span></div></td>
          </tr>
          <tr>
            <td height="32" bgcolor="#FFFFCC"><div align="left"><span class="style35">&nbsp;<img src="bullet.gif" width="11" height="10"><a href="<? echo $alogout; ?>">Logout</a></span></div></td>
          </tr>
        </table></td>
        <td valign="top"><img src="vert_line.gif" border="0" width="2" height="800"></td>
        <td width="577" valign="top"><table width="577" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td width="577" height="795" align="center" valign="top"><p align="center"><br>
                <span class="style21">Edit Member Account </span></p>

              <?
              	

				  $v_sbm=$_POST['sbm'];
				  $v_username=$_GET['username'];
				  $connection = mysql_connect($dbhost, $dbusername, $dbpass);
				  $SelectedDB = mysql_select_db($dbname);
				  
				  $result = mysql_query("select name,passwd,email,address,city,state,zip,country,phone,signup,reg_validate from authuser where uname='$v_username'");				  
					while($row = mysql_fetch_array($result, MYSQL_NUM)) {
					$v_name=$row[0];
					$v_pass=$row[1];
					$v_email=$row[2];
					$v_address=$row[3];
					$v_city=$row[4];
					$v_state=$row[5];
					$v_zip=$row[6];
					$v_country=$row[7];
					$v_phone=$row[8];
					$v_signup=$row[9];
					$v_reg_validate=$row[10];
					}

				  $result1 = mysql_query("select access_name from memberaccess where uname='$v_username'"); //get access_name for this username
				  	$p=0;
					while($row1 = mysql_fetch_array($result1, MYSQL_NUM)) {
					$s_accessname[$p]=$row1[0];
					$p++;
					}
				  				  
				  if($v_sbm=='Submit') {
				  $v_username=$_POST['username'];
				  $v_password=$_POST['password'];
				  $v_password1=$_POST['password1'];
				  $v_pass1=$_POST['pass1'];
				  $v_name=$_POST['name'];
				  $v_email=$_POST['email'];
				  $v_address=$_POST['address'];
				  $v_city=$_POST['city'];
				  $v_state=$_POST['state'];
				  $v_zip=$_POST['zip'];
				  $v_country=$_POST['country'];
				  $v_phone=$_POST['phone'];
				  $v_semail=$_POST['semail'];
				  $v_access=$_POST['access'];
				  $v_accessck=$_POST['accessck'];
				  $v_anum=$_POST['access_num'];
				  $v_signup=$_POST['signup'];
				  $v_reg_validate=$_POST['reg_validate'];
				  
				  $validemail=verifyemailaddress($v_email);			
				  $g=0;

				  if((trim($v_password)<>'')&&(strlen($v_password)) < 6 ){   
				  $err=$err.'Password is less than 6 characters.<br>';
				  $g=1;					  
				  }
				  elseif((trim($v_password)<>'')&&(ereg('[^A-Za-z0-9]', $v_password))){
				  $err=$err.'Password contains special characters.<br>';
				  $g=1;				  
				  }    
				  elseif($v_password<>$v_password1) {
				  $err=$err.'Confirm password doesn\'t match.<br>';
				  $g=1;
				  }
				  if(trim($v_name)=='') {
				  $err=$err.'Name field is blank.<br>';
				  $g=1;
				  }
				  if(trim($v_email)=='') {
				  $err=$err.'Email field is blank.<br>';
				  $g=1;
				  }
				  elseif($validemail<>1) {
				  $err=$err.'Not a valid email address.<br>';
				  $g=1;
				  }  
				  //check if email already exists
				  $result=mysql_query("select distinct email from authuser where uname='$v_username'");
				  while($row = mysql_fetch_array($result, MYSQL_NUM)) {
				  $v_cemail=$row[0];
				  }
				  $result=mysql_query("select email from authuser");
					while($row = mysql_fetch_array($result, MYSQL_NUM)) {
					if((strtolower($row[0])==strtolower($v_email))&&(trim($v_email)<>'')&&(strtolower($row[0])<>strtolower($v_cemail))) {$err_email="This email address(<font color=red>$v_email</font>) already exists, please use different one.<br>"; $g=1; }
					}
				  $err=$err.$err_email;
				  
				  if ($g==1) {
				  print "<table width=421 border=1 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse; border: 3px solid #FF0000; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1\" bordercolor=#111111 id=\"AutoNumber1\">
						<tr><td width=50 align=center><img src=error.jpg border=0></td><td><font color=blue><font face=arial><font size=2>$err</font></font></font>";
				  print "</td></tr></table>";
				  }
				  else {	
				  	$updatepass='';
				    if ((trim($v_password) <> '')&&($v_password==$v_password1)) {
						$newenpass=base64_encode($v_password);
						$updatepass="passwd='$newenpass',";
					}
					mysql_query("update authuser set $updatepass name='$v_name',email='$v_email',address='$v_address',city='$v_city',state='$v_state',zip='$v_zip',country='$v_country',phone='$v_phone' where uname='$v_username'");
				
					if($v_signup <> '1') {
					mysql_query("delete from memberaccess where uname='$v_username'");
					$active=0;
					for($j=0;$j<$v_anum;$j++) {
					if(strtolower($v_accessck[$j])=='on') {					
					mysql_query("insert into memberaccess (uname,access_name) values ('$v_username','$v_access[$j]')");
					$active=1;
					}
					}//end of FOR statement
					mysql_query("update authuser set status=$active where uname='$v_username'");