public static function NewUser($name, $surname, $email, $password, $nickname) { $instance = new User(); $query = 'INSERT INTO users (`name`) VALUES (:input)'; $instance->HandlerDB->query($query); $instance->HandlerDB->bind(':input', $name); try { $instance->HandlerDB->execute(); $instance->success = true; $instance->id = $instance->getValidId(); } catch (PDOException $e) { echo $e; } if ($instance->id != null && $instance->id != 0) { $instance->saveData('surname', $surname); $instance->saveData('email', $email); $instance->saveData('password', $password); $instance->saveData('nickname', $nickname); } return $instance; }
if (check_email($mail)) { $emails .= $mail . ","; } } $emails = preg_replace('/,$/', '', $emails); if (!empty($login)) { if (empty($password)) { $password = $User->randomPass(); } $prenom = ""; if (isset($_POST['prenom'])) { $prenom = $_POST['prenom']; } $user_data = array("id_user" => $_POST['id_user'], "login" => $login, "first_name" => $prenom, "last_name" => $_POST['nom'], "password" => $_POST['password'], "email" => $emails, "role" => array("client"), "disabled" => "off", "admin" => "off"); if ($User->exists($id_user)) { $User->saveData($user_data); } else { $id_user = $User->createUser($user_data); } } $q = sprintf("UPDATE webfinance_clients SET " . "nom='%s',\n addr1='%s',\n addr2='%s',\n addr3='%s',\n cp='%s',\n\t ville='%s',\n rcs='%s',\n vat='%s',\n capital='%s',\n pays='%s',\n tel='%s',\n fax='%s',\n web='%s',\n\t email='%s',\n\t vat_number='%s',\n siren='%s',\n id_company_type='%d',\n id_user=%d,\n password='******',\n rib_titulaire='%s',\n id_mantis='%d',\n id_toggl='%d',\n supportHoursIncludedInContract='%s',\n language='%s',\n id_business_entity=%d,\n contract_signer = '%s',\n id_contract_signer_role = %d,\n invoice_delivery = '%s'\n WHERE id_client=%d", mysql_real_escape_string($nom), mysql_real_escape_string($addr1), mysql_real_escape_string($addr2), mysql_real_escape_string($addr3), mysql_real_escape_string($cp), mysql_real_escape_string($ville), mysql_real_escape_string($rcs), mysql_real_escape_string($vat), mysql_real_escape_string($capital), mysql_real_escape_string($pays), mysql_real_escape_string(removeSpace($tel)), mysql_real_escape_string(removeSpace($fax)), mysql_real_escape_string($web), mysql_real_escape_string($emails), mysql_real_escape_string($vat_number), mysql_real_escape_string($siren), mysql_real_escape_string($id_company_type), mysql_real_escape_string($_POST['id_user']), mysql_real_escape_string($password), mysql_real_escape_string($rib_titulaire), mysql_real_escape_string($id_mantis), mysql_real_escape_string($id_toggl), mysql_real_escape_string($supportHoursIncludedInContract), mysql_real_escape_string($clt_language), mysql_real_escape_string($id_business_entity), mysql_real_escape_string($contract_signer), mysql_real_escape_string($id_contract_signer_role), mysql_real_escape_string($invoice_delivery), mysql_real_escape_string($id_client)); mysql_query($q) or die(mysql_error()); // Check if we have to rename clients if ($_POST['nom'] != $Client->nom) { // Rename Mantis project $mantis_project = array('name' => $nom, 'view_state' => array('id' => 50)); $mantis = new WebfinanceMantis(); $mantis->updateProject($id_mantis, $mantis_project); // Rename Toggl client $toggl = new WebfinanceToggl(); $toggl->renameClient($id_client, $nom);
if (isset($_GET['action']) && $_GET['action'] == "cancel") { $_POST = ""; $_GET = ""; } else { $User = new User(); if (isset($_GET['action']) && $_GET['action'] == "delete") { $User->delete($_GET['id']); header("Location: index.php"); die; } if (isset($_POST['id_user']) && !is_numeric($_POST['id_user'])) { header("Location: index.php"); die; } if (isset($_POST['id_user']) && $_POST['id_user'] > 0) { $User->saveData($_POST); // header("Location: fiche_user.php?id=".$_POST['id_user']); } else { $User->createUser($_POST); // header("Location: fiche_user.php?id=$id"); } } ?> <script> popup = window.parent.document.getElementById('inpage_popup'); popup.style.display = 'none'; // Reload parent window to update contacts page = '/admin/index.php?foobar='+100*Math.random(); // Random to force reload window.parent.location = page; </script>