【php开源代码栏目提醒】:网学会员鉴于大家对php开源代码十分关注,论文会员在此为大家搜集整理了“user_admin.php”一文,供大家参考学习
<?
/******************************************************************************\
* Copyright (C) 2002 B Squared (b^2) by Josh Sherman <josh@cleancode.org> *
* *
* This script displays the contents for the 'User Administration' page. *
* Don't forget the 12 space indent for all content pages. *
* *
* Last modified : September 13th, 2002 (JJS) *
\******************************************************************************/
/* Redirect the would-be haX0rz */
$file_name = "user_admin.php";
/* Get the negative length of $file_name */
$file_name_length = -(strlen($file_name));
/* Check if the values match, if so, redirect */
if (substr($_SERVER['SCRIPT_NAME'], $file_name_length) == $file_name)
header("Location: ../index.php");
/* Grab the veriables held by superglobals */
$user_id = GetVars("user_id");
$old_name = GetVars("old_name");
$email = GetVars("email");
$old_email = GetVars("old_email");
$acct_name = GetVars("acct_name");
$acct_pass = GetVars("acct_pass");
$confirm_password = GetVars("confirm_pass
word");
$location = GetVars("location");
$occupation = GetVars("occupation");
$homepage = GetVars("homepage");
$picture = GetVars("picture");
$interests = GetVars("interests");
$aim = GetVars("aim");
$icq = GetVars("icq");
$yahoo = GetVars("yahoo");
$signature = GetVars("signature");
$include_sig = GetVars("include_sig");
$query = GetVars("query");
$moderated = GetVars("moderated");
$moderated_forums = GetVars("moderated_forums");
$admin_acct = GetVars("admin_acct");
$action = GetVars("action");
$step = GetVars("step");
$forum_index = GetVars("forum_index");
/* Start off the array */
//$mod_array[] = "";
/* Loop through the forums and grab the variables */
for ($i = 0; $i < $forum_index; $i++)
{
$thiss = "mod_" . $i;
$mod_array[] = GetVars($thiss);
}
/* Parse any user input */
CheckVars(&$step, 1);
CheckVars(&$user_id, 10);
CheckVars(&$acct_name, 64);
CheckVars(&$old_name, 64);
CheckVars(&$acct_pass, 64);
CheckVars(&$acct_confirm_pass, 64);
CheckVars(&$email, 128);
CheckVars(&$old_email, 128);
CheckVars(&$location, 128);
CheckVars(&$occupation, 64);
CheckVars(&$homepage, 128);
CheckVars(&$picture, 128);
CheckVars(&$interests, 255);
CheckVars(&$aim, 16);
CheckVars(&$icq, 16);
CheckVars(&$yahoo, 32);
CheckVars(&$signature, 255);
CheckVars(&$include_sig, 1);
CheckVars(&$admin_acct, 1);
/* Check that the user isn't trying to mess with the $step variable */
if ( $step == "" || ( $step != 1 && $step != 2 && $step != 3 && $step != 4 && $step != 5 && $step != 6 && $step != 7 ) )
$step = 1;
/* Make sure the user isn't feeding information via the query string, thwart all attempts!! */
if ( ( ( $acct_name == "" || $email == "" || $user_id == "" ) && ( $step == 4 || $step == 5 ) ) ||
( ( $step == 1 && $QUERY_STRING != "pid=user_admin" ) ||
( $step == 2 && $QUERY_STRING != "pid=user_admin" ) ||
( $step == 3 && $QUERY_STRING != "pid=user_admin" ) ||
( $step == 4 && $QUERY_STRING != "pid=user_admin" ) ||
( $step == 5 && $QUERY_STRING != "pid=user_admin&step=5" ) ||
( $step == 6 && $QUERY_STRING != "pid=user_admin" ) ||
( $step == 7 && $QUERY_STRING != "pid=user_admin" ) ) ||
( ( $step != 1 && $step != 2 ) &&
( strlen(trim($acct_name)) == 0 || strlen(trim($email)) == 0 ) ) )
{
/* Bitch them out if they are f-ing around */
echo " <CENTER class=\"error_message\">Malformed request detected!</CENTER><BR>\n";
$step = 1;
}
/* Determine the active step */
if ($action == "Search")
$step = 2;
else if ($action == "Edit")
$step = 3;
else if ($action == "Edit Account")
$step = 4;
else if ($action == "Preview Information")
$step = 5;
else if ($action == "Submit Account")
$step = 6;
else if ($action == "Delete")
$step = 7;
/* Parse some of the variables to ensure accurate values */
if ( $step == 4 && $homepage == "" )
$homepage = "http://";
if ( $step == 4 && $picture == "" )
$picture = "http://";
/* Strip out all escape characters */
if ($step == 4)
{
$acct_name = stripslashes(strip_tags($acct_name));
$acct_pass = stripslashes(strip_tags($acct_pass));
$email = stripslashes(strip_tags($email));
$location = stripslashes(strip_tags($location));
$occupation = stripslashes(strip_tags