setHTMLTitle("Kein Zugriff"); $HTML->SetSeitenInhalt("Dazu hast du keine Rechte!"); $HTML->build(); echo $HTML->ausgabe(); die(); } $HTML->setHTMLTitle("Benutzer"); $HTML->importSeitenInhalt("pages/HTML/users.html"); if(@$_REQUEST['action'] == 'genpw' && @$_REQUEST['userid'] != '') { $SALT = md5(rand(1111, 9999)); $NEWPW = generateRandomString(10); $statement = $RUNTIME['PDO']->prepare('UPDATE auth SET passwordHash = :PasswordHash WHERE UUID = :PrincipalID'); $statement->execute(['PasswordHash' => md5(md5($NEWPW).":".$SALT), 'PrincipalID' => $_REQUEST['userid']]); $statement = $RUNTIME['PDO']->prepare('UPDATE auth SET passwordSalt = :passwordSalt WHERE UUID = :PrincipalID'); $statement->execute(['passwordSalt' => $SALT, 'PrincipalID' => $_REQUEST['userid']]); $HTML->ReplaceSeitenInhalt("%%MESSAGE%%", ''); } $statement = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS `InviteCodes` (`InviteCode` VARCHAR(64) NOT NULL, PRIMARY KEY (`InviteCode`))"); $statement->execute(); if(isset($_REQUEST['generateLink']) || @$_REQUEST['generateLink'] != "") { $inviteID = md5(time().$_SESSION['UUID'].rand(11111, 9999999)); $link = "https://".$_SERVER['SERVER_NAME']."/index.php?page=register&code=".$inviteID; $statement = $RUNTIME['PDO']->prepare('INSERT INTO `InviteCodes` (`InviteCode`) VALUES (:InviteCode)'); $statement->execute(['InviteCode' => $inviteID]); $HTML->ReplaceSeitenInhalt("%%link%%", $link); } $table = '%%ENTRY%%
VornameNachnameStatusAktionen
'; $statement = $RUNTIME['PDO']->prepare("SELECT FirstName,LastName,UserLevel,PrincipalID FROM UserAccounts ORDER BY Created ASC"); $statement->execute(); while($row = $statement->fetch()) { $entry = ''.$row['FirstName'].''.$row['LastName'].''.$row['UserLevel'].'PASSWORT ÄNDERN'; $table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table); } $table = str_replace("%%ENTRY%%", "", $table); $HTML->ReplaceSeitenInhalt("%%USER-LIST%%", $table); $HTML->ReplaceSeitenInhalt("%%link%%", ' '); $HTML->ReplaceSeitenInhalt("%%MESSAGE%%", ' '); $HTML->build(); echo $HTML->ausgabe(); ?>