redirect("login.php", 301); exit; } else { if (isset($_POST['USERNAME']) && isset($_POST['PWD']) && isset($_POST['PWDR'])) { //TODO Clear Input if ($_POST['USERNAME'] == "" || $_POST['PWD'] == "" || $_POST['PWDR'] == "") { throw new Exception("Fields cannot be empty"); } if ($_POST['PWD'] != $_POST['PWDR']) { throw new Exception("Two passwords are different"); } $new = new User(); $new->SetID($_POST['USERNAME']); $new->SetPassword($_POST['PWD']); $new->SetAdmin(TRUE); $new->SetValid(TRUE); $new->Save(); $msg = "User added successfully"; } } } } catch (Exception $e) { $error = $e->getMessage(); } ?> <html> <head> <title>RaspiControl</title> <meta charset="utf-8"/> <meta name="viewport"
//TODO Reporting through logger throw new Exception("You have not admin permissions, this abuse will be reported"); } else { if (isset($_POST['USERNAME'])) { if ($_POST['USERNAME'] == "") { throw new Exception("You Have to Select an Username"); } $username = clearInput($_POST['USERNAME']); $usernameN = strip_tags($username); if ($usernameN != $username) { throw new Exception("Inserted Username is not valid"); } $username = strtolower($username); $new = new User($username); $new->SetAdmin(isset($_POST['ADMIN'])); $new->SetValid(isset($_POST['ACTIVE'])); $new->Save(); $msg = "User modified successfully"; } } } catch (Exception $e) { $error = $e->getMessage(); } } ?> <html> <head> <title>RaspiControl</title> <meta charset="utf-8"/>