Beispiel #1
0
    private function render_add_user()
    {
        $errorMessage = '';
        //Check to see if the add button was pressed
        if (param('btnAdd')) {
            //Check the token
            if (SessionUtil::session('token') != param('hidToken')) {
                $errorMessage .= 'Invalid Token try again. ';
            }
            //Validation Block
            if (!ValidationUtil::text(param('txtName'), 30, 1)) {
                $errorMessage .= 'You must provide a name between 1 and 30 characters long. ';
            }
            if (!ValidationUtil::email(param('txtEmail'))) {
                $errorMessage .= 'Email is invalid. ';
            }
            if (!ValidationUtil::text(param('txtCompany'), 30, 1)) {
                $errorMessage .= 'You must provide a company name with a max of 30 characters. ';
            }
            if (!ValidationUtil::text(param('txtPassword'), 12, 8)) {
                $errorMessage .= 'You must enter in a password that is a min of 8 and a max of 12. ';
            }
            if (!$errorMessage) {
                $errorMessage = $this->add_user();
            }
        }
        //Set the token for the page
        $token = SessionUtil::token();
        SessionUtil::session_set('token', $token);
        //Render the page
        ?>
        <div class="admin-page-wrapper">
            <form action="/pages/admin/useradmin.php?subPage=Add User" method="post">
                <div class="admin-user-wrapper">
                    <h1>Add User</h1>
                    <?php 
        //Check to see if there is any messages and display them if there is any
        if ($errorMessage) {
            echo '<span class="warning">' . $errorMessage . '</span>';
        }
        ?>
                    <div class="user-admin-content">
                        <input type="hidden" name="hidToken" value="<?php 
        echo $token;
        ?>
" />
                        <label for="txtName">User Name:</label><br />
                        <input type="text" name="txtName" id="txtName" /><br />
                        <label for="txtEmail">Email:</label><br />
                        <input type="email" name="txtEmail" id="txtEmail" /><br />
                        <label for="txtCompany">Company:</label><br />
                        <input type="text" name="txtCompany" id="txtCompany" /><br />
                        <label for="txtPassword">Password:</label><br />
                        <input type="text" name="txtPassword" id="txtPassword" value="<?php 
        echo AuthenticationUtil::generate_password();
        ?>
" />
                    </div>
                    <h3>Privileges</h3>
                    <div>
                        <input type="checkbox" name="cbxPrivs[]" value="<?php 
        echo AuthenticationUtil::PRIVILEGE_VIEW_MERCHANT_PAGE;
        ?>
" id="cbx1" />
                        <label for="cbx1">Merchant View</label><br />
                        <input type="checkbox" name="cbxPrivs[]" value="<?php 
        echo AuthenticationUtil::PRIVILEGE_VIEW_ADMIN_PAGE;
        ?>
" id="cbx2" />
                        <label for="cbx2">Admin View</label><br />
                        <input type="checkbox" name="cbxPrivs[]" value="<?php 
        echo AuthenticationUtil::PRIVILEGE_ASSIGN_PRIVILEGES;
        ?>
" id="cbx3" />
                        <label for="cbx3">Assign Privileges</label><br />
                        <input type="checkbox" name="cbxPrivs[]" value="<?php 
        echo AuthenticationUtil::PRIVILEGE_PAGE_ADMIN;
        ?>
" id="cbx4" />
                        <label for="cbx4">Admin Pages</label><br />
                        <input type="checkbox" name="cbxPrivs[]" value="<?php 
        echo AuthenticationUtil::PRIVILEGE_USER_ADMIN;
        ?>
" id="cbx5" />
                        <label for="cbx5">Admin Users</label><br />
                    </div>
                    <input type="submit" name="btnAdd" />
                </div>
            </form>
        </div>
    <?php 
    }