$email = strtolower(trim($_POST['email']));
try {
$config = new \NRG\Configuration(CONFIG_FILE);
$dbconf = $config->Database;
//Make sure the username is registered with this application
$db = new Database($dbconf['host'], $dbconf['user'], $dbconf['pass'], $dbconf['name'], $dbconf['port']);
$user = $db->searchUser($email);
if (!empty($user)) {
if ($user['requested'] == 1) {
ajax_error('Your access request is pending approval.');
}
if ($user['roleID']) {
ajax_error('Your username has been enabled, please log in.');
} else {
ajax_error('Your access request is currently being reviewed.');
}
}
//Looks like there is nothing else left to do, except add the user to the Acl table with
//NULL privileges
$db->createUser($email);
$ur = $config->UserRegistration;
//Prepare an e-mail message
$message = "User {$email} requested access to " . $_SERVER['HTTP_HOST'] . " from " . $_SERVER['REMOTE_ADDR'] . ".";
//Send e-mail
$result = mail($ur['to'], $ur['subject'], $message, get_mail_headers($config));
//Send the result back to the server
ajax_result(array("success" => 1, "mail" => $result));
} catch (Exception $e) {
error_log($e->getMessage(), 0);
ajax_error("Internal server error. Please try again later");
}
private function create()
{
$hasher = new PasswordHash(8, false);
$hashedPwd = $hasher->HashPassword($this->password);
if (strlen($hashedPwd) < 20) {
$this->errno = 5;
$this->error = 'Beim Speichern des Passwortes ist ein unbekannter Fehler aufgetreten.';
$this->fail();
}
$success = Database::createUser($this->user, $this->email, $hashedPwd);
if ($success === TIPPSPIEL_USER_SUCCESS) {
$this->success();
} else {
if ($success === TIPPSPIEL_USER_EXIST) {
$this->errno = 6;
$this->error = 'Ein Benutzer mit diesem Namen existiert bereits.';
$this->fail();
} else {
if ($success === TIPPSPIEL_USER_UNKNOWN_ERROR) {
$this->errno = 7;
$this->error = 'Beim Erstellen des Benutzers ist ein unbekannter Fehler aufgetreten. ' . 'Sollte dieser Fehler weiterhin auftreten, wenden Sie sich bitte an einen Administrator.';
$this->fail();
}
}
}
}
}
$courseInfo = Database::getCourseByID($_POST['course']);
if (!isset($courseInfo['id'])) {
$message = urlencode("The course provided is not valid.");
header("Location: error.php?error={$message}");
exit;
}
$myAcc = Database::getAccount(Database::getUserId(Session::user()), $courseInfo['id']);
if ($myAcc === NULL || !$myAcc->canPromote()) {
$message = urlencode("You do not have permission to add uploaders for this course.");
header("Location: error.php?error={$message}");
exit;
}
$id = Database::getUserId($_POST['user']);
if ($id === -1) {
$id = Database::createUser($_POST['user']);
}
$acc = Database::getAccount($id, $_POST['course']);
if ($acc !== NULL && $acc->canUpload()) {
$message = urlencode("The uploader you want to add is already an uploader.");
header("Location: error.php?error={$message}");
exit;
}
Database::createAccount($id, $_POST['course'], Uploader::getName());
header("Location: admin.php?course={$courseInfo['id']}");
exit;
} else {
if (isset($_POST['remove']) && isset($_POST['removed']) && isset($_POST['token'])) {
if (!Session::verifyToken($_POST['token'])) {
$message = urlencode("The token provided does not match.");
header("Location: error.php?error={$message}");
