4 * Admin area for NP_SecurityEnforcer
8 * if your 'plugin' directory is not in the default location,
9 * edit this variable to point to your site directory
10 * (where config.php is)
12 $strRel = '../../../';
14 include($strRel . 'config.php');
15 if (!$member->isAdmin())
17 doError('Insufficient Permissions.');
20 include_libs('PLUGINADMIN.php');
23 function SE_unlockLogin($login)
25 sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE login='".sql_real_escape_string($login)."'");
28 // create the admin area page
29 $oPluginAdmin = new PluginAdmin('SecurityEnforcer');
30 // add styles to the <HEAD>
31 $oPluginAdmin->start('');
33 // if form to unlock is posted
34 if ( postVar('action') == 'unlock' )
36 if ( !$manager->checkTicket() )
38 doError('Invalid Ticket');
40 $logins = postVar('unlock');
42 if( is_array($logins) )
44 foreach ( $logins as $entity )
46 SE_unlockLogin($entity);
47 $message .= '<br />' . $entity . _SECURITYENFORCER_ADMIN_UNLOCKED;
51 $plug =& $oPluginAdmin->plugin;
54 echo '<h2>'._SECURITYENFORCER_ADMIN_TITLE.'</h2>';
57 if ( isset($message) )
59 echo "<p><strong>{$message}</strong></p>\n";
62 // generate table from all entries in the database
63 echo '<h3>'._SECURITYENFORCER_LOCKED_ENTITIES.'</h3>';
64 echo '<form action="' . $oPluginAdmin->plugin->getAdminURL() . '" method="POST">';
65 echo '<input type="hidden" name="action" value="unlock" />';
66 $manager->addTicketHidden();
68 echo '<tr><th>'._SECURITYENFORCER_ENTITY.'</th><th>'._SECURITYENFORCER_UNLOCK.'?</th></tr>';
69 echo '<tr><td colspan="2" class="submit"><input type="submit" value="'._SECURITYENFORCER_UNLOCK.'" /></td></tr>';
70 // do query to get all entries, loop
71 $result = sql_query("SELECT * FROM ".sql_table("plug_securityenforcer")." WHERE fails >= ".$plug->max_failed_login);
72 if ( sql_num_rows($result) )
74 while( $row = sql_fetch_assoc($result) )
77 echo '<td>'.ENTITY::hsc($row['login']).'</td>';
78 echo '<td><input type="checkbox" name="unlock[]" value="'.ENTITY::hsc($row['login']).'" />'._SECURITYENFORCER_UNLOCK.'</td>';
84 echo '<tr><td colspan="2"><strong>'._SECURITYENFORCER_ADMIN_NONE_LOCKED.'</strong></td></tr>';
86 echo '<tr><td colspan="2" class="submit"><input type="submit" value="'._SECURITYENFORCER_UNLOCK.'" /></td></tr>';