redirect("login.php", 301);
exit;
} else {
if (isset($_POST['USERNAME']) && isset($_POST['PWD']) && isset($_POST['PWDR'])) {
//TODO Clear Input
if ($_POST['USERNAME'] == "" || $_POST['PWD'] == "" || $_POST['PWDR'] == "") {
throw new Exception("Fields cannot be empty");
}
if ($_POST['PWD'] != $_POST['PWDR']) {
throw new Exception("Two passwords are different");
}
$new = new User();
$new->SetID($_POST['USERNAME']);
$new->SetPassword($_POST['PWD']);
$new->SetAdmin(TRUE);
$new->SetValid(TRUE);
$new->Save();
$msg = "User added successfully";
}
}
}
} catch (Exception $e) {
$error = $e->getMessage();
}
?>
<html>
<head>
<title>RaspiControl</title>
<meta charset="utf-8"/>
<meta name="viewport"
//TODO Reporting through logger
throw new Exception("You have not admin permissions, this abuse will be reported");
} else {
if (isset($_POST['USERNAME'])) {
if ($_POST['USERNAME'] == "") {
throw new Exception("You Have to Select an Username");
}
$username = clearInput($_POST['USERNAME']);
$usernameN = strip_tags($username);
if ($usernameN != $username) {
throw new Exception("Inserted Username is not valid");
}
$username = strtolower($username);
$new = new User($username);
$new->SetAdmin(isset($_POST['ADMIN']));
$new->SetValid(isset($_POST['ACTIVE']));
$new->Save();
$msg = "User modified successfully";
}
}
} catch (Exception $e) {
$error = $e->getMessage();
}
}
?>
<html>
<head>
<title>RaspiControl</title>
<meta charset="utf-8"/>
