function register_user()
{
if (!is_post_parameter_complete(array('salutation', 'gender', 'firstname', 'lastname', 'birthyear', 'birthmonth', 'birthday', 'username', 'password', 'aboutme'))) {
Redirect('../register.php');
}
$userDetails['salutation'] = $_POST['salutation'];
$userDetails['firstname'] = $_POST['firstname'];
$userDetails['lastname'] = $_POST['lastname'];
$userDetails['gender'] = $_POST['gender'];
$userDetails['birthdate'] = "{$_POST['birthyear']}-{$_POST['birthmonth']}-{$_POST['birthday']}";
$userDetails['username'] = $_POST['username'];
$userDetails['password'] = $_POST['password'];
$userDetails['aboutme'] = $_POST['aboutme'];
if (is_admin()) {
if (is_post_parameter_complete(array('accesslevel'))) {
$userDetails['accesslevel'] = $_POST['accesslevel'];
} else {
Redirect('../register.php');
}
} else {
$userDetails['accesslevel'] = 'User';
}
if (AddUser($userDetails)) {
Redirect('../index.php');
} else {
Error('Registration Failed');
}
}
/**
* Created by PhpStorm.
* User: sp
* Date: 24/11/15
* Time: 4:37 AM
*/
function HandleUserRequest($Request)
{
include '../common/controller/user_add.php';
include '../common/controller/user_get.php';
include '../common/config/ErrorCodes.php';
include '../common/helpers/ValidateRequest.php';
if (validate_userview_request($Request) == "True") {
$Type = $Request["type"];
$RequestData = $Request["payloads"];
switch ($Type) {
case "PUT":
$Response["STATUS CODE"] = AddUser($RequestData);
if ($Response["STATUS CODE"] == ERROR_DUP_NAME) {
$Response["SUCCESS"] = "False";
} else {
$Response["Payloads"] = "User Added Successfully";
}
$Response["SUCCESS"] = "True";
return $Response;
case "GET":
$Response["Payloads"] = GetUser($RequestData);
if ($Response["Payloads"] == ERROR_DATA_NOT_FOUND) {
$Response["STATUS CODE"] = ERROR_DATA_NOT_FOUND;
$Response["SUCCESS"] = "False";
$Response['Payloads'] = "Authentication Error";
} else {
$Response["SUCCESS"] = "True";
$Response["STATUS CODE"] = 200;
}
return $Response;
default:
return TYPE_NOT_SPECIFIED;
}
} else {
$Response["SUCCESS"] = "False";
$Response["STATUS CODE"] = PAYLOAD_MISSING;
$Response["Payloads"] = "Payloads Missing";
return $Response;
}
}
DisplayUserList();
break;
case 'makeadmin':
MakeAdminUser($vars['id']);
DisplayUserList();
break;
case 'notadmin':
MakeNotAdminUser($vars['id']);
DisplayUserList();
break;
case 'update':
UpdateUser($vars['id'], $vars['username'], $vars['password'], $vars['fullname'], $vars['email'], $vars['enabled'], $vars['isadmin'], $vars['isguest'], $vars['instanceid'], $vars['dataprojects'], $vars['phiprojects'], $vars['writedataprojects'], $vars['writephiprojects']);
DisplayUserList();
break;
case 'add':
AddUser($vars['username'], $vars['password'], $vars['fullname'], $vars['email'], $vars['enabled'], $vars['isadmin'], $vars['isguest'], $vars['instanceid'], $vars['dataprojects'], $vars['phiprojects'], $vars['writedataprojects'], $vars['writephiprojects']);
DisplayUserList();
break;
case 'delete':
DeleteUser($vars['id']);
break;
default:
DisplayUserList();
}
/* ------------------------------------ functions ------------------------------------ */
/* -------------------------------------------- */
/* ------- UpdateUser ------------------------- */
/* -------------------------------------------- */
function UpdateUser($id, $username, $password, $fullname, $email, $enabled, $isadmin, $isguest, $instanceid, $dataprojects, $phiprojects, $writedataprojects, $writephiprojects)
{
/* perform data checks */
//fall-through
//fall-through
case 'browse':
ShowAllUsers();
ShowFormAllUsers();
break;
case 'detail':
ShowDetailUser();
ShowFormDetailUser();
break;
case 'delete':
DeleteUser($_REQUEST['delete']);
break;
case 'add':
if ($_REQUEST['process'] == 'add') {
AddUser();
} else {
ShowFormAddUser();
}
break;
case 'add_order':
GetPaymentCurrency();
if ($_REQUEST['process'] == 'add_order') {
ProcessAddOrder();
} else {
ShowFormAddOrder();
}
break;
case 'search':
ShowSearchResult();
ShowFormSearchResult();
*/
session_start();
if (!isset($_SESSION['user'])) {
header('location:login.php');
}
//Add các file cần thiết
require '../../configs/config.php';
require '../../libraries/connect.php';
require '../../models/user.php';
$flag = 0;
if ($_POST) {
$list_user = GetUserList();
while ($users = mysql_fetch_assoc($list_user)) {
if ($users['username'] == $_POST['username']) {
$flag = 1;
}
if ($users['email'] == $_POST['email']) {
$flag = 2;
}
}
if ($flag == 0) {
$data = array('username' => $_POST['username'], 'password' => $_POST['password'], 'fullname' => $_POST['fullname'], 'email' => $_POST['email'], 'status' => isset($_POST['status']) ? 1 : 0, 'created' => date('Y-m-d H:i:s'), 'modified' => date('Y-m-d H:i:s'));
if (AddUser($data)) {
//Tạo cờ lưu thông báo thành công
$_SESSION['success'] = true;
//header('location:add.php'); // Tải lại trang để reset form
}
}
//Sử dụng mảng kết hợp để lưu trữ thông tin
}
require '../../views/admin/user/v_add.php';
}
}
}
}
}
}
}
}
}
}
}
}
if ($image) {
}
if ($addok == 1 && $cleared != 1) {
AddUser($handle, $ident, time(), $link, $image, $realpath);
time_point(__FILE__, __LINE__);
}
if ($addok == 1) {
require_once "../common/lastmsg.php";
SetLastMsg($realpath);
$currentday = date('Y-m-d');
$currenthour = date('H');
$currenthour = "h{$currenthour}=h{$currenthour}+1";
count_mysql_query("UPDATE uo_chat_stats SET {$currenthour} WHERE chat='{$realpath}' AND date='{$currentday}'", $handler, "sendmsg.php: Updated 'stats' 1/3");
if (mysql_affected_rows($handler) < 1) {
if (mt_rand(1, 100) == 50) {
count_mysql_query("DELETE FROM uo_chat_stats WHERE date<=DATE_SUB(NOW(), INTERVAL 28 DAY)", $handler, "sendmsg.php: Updated 'stats' 2/3");
}
count_mysql_query("INSERT INTO uo_chat_stats SET chat='{$realpath}', date='{$currentday}', {$currenthour}", $handler, "sendmsg.php: Updated 'stats' 3/3");
}
print "<TD width=27px><IMG SRC=document.png>\n";
print "<TD><A HREF=editguide.php?action=new>{$l10nstr['156']}</A><BR>\n";
/* create new guide */
}
print "</TABLE>\n";
GetPermissions();
if (($level = IsAllowed($name)) == 0) {
print "<CENTER><H1>{$l10nstr['157']}</H1>\n";
/* you are not allowed to access */
exit;
}
$action = $_GET['action'];
if ($action == 'adduser') {
$user = $_POST['new_user'];
$user = str_replace("\\'", '', $user);
AddUser($user);
print "<CENTER><H1 dir={$langdir}>{$l10nstr['118']}: ";
/* user */
print "{$user} ";
print "<H1>{$l10nstr['158']}</H1>\n";
/* added to system */
print "<A HREF=guides.php>{$l10nstr['158']}</A>\n";
exit;
}
if ($action == 'deluser') {
$user = $_GET['user'];
$user = str_replace("\\'", '', $user);
DelUser($user);
print "<CENTER><H1 dir=RTL>{$l10nstr['118']}: ";
/* user */
print "{$user} ";
if ($new_name && $new_pass && $new_level) {
if ($new_pass == "random") {
$new_pass = RandomPass(8);
}
$new_mail = $_REQUEST['new_mail'];
$message = $_REQUEST['message'];
$subject = $_REQUEST['subject'];
if ($message && $subject && $new_email) {
mail($new_email, $subject, $message, "From: {$master_email}\nReply-To: {$cadmin}\nBCC: {$master_email}\nX-pJJ-IP: {$_SERVER['REMOTE_ADDR']}\nX-pJJ-Chat: https://pjj.cc/{$chatpath}/\nX-pJJ-Auth: {$_REQUEST['login']}\n");
echo "Mail sent to {$new_email}.";
} else {
$new_faction = $_REQUEST['new_faction'];
if (empty($new_faction)) {
$new_faction = "0";
}
if (AddUser($login, $password, trim($new_name), trim($new_pass), trim($new_faction), trim($new_email), trim($new_level), $chatpath) >= 1) {
if ($ruid) {
count_mysql_query("UPDATE uo_chat_regapps SET appstat=1 WHERE chat='{$chatpath}' AND id='{$ruid}'", $handler);
}
if ($new_email) {
$uname = urlencode($new_name);
$upass = urlencode($new_pass);
$subject = "Welcome to {$ctitle}, {$new_name}.";
$message = "You have been accepted in {$ctitle} with the login:\n";
$message .= "Name: {$new_name}\n";
$message .= "Password: {$new_pass}\n";
$message .= "\n";
$message .= "Please log in at {$cpath}/register/login.php?login={$uname}&password={$upass} and edit your profile.\n";
$message .= "Your flag {$new_level}, which is ";
if (CheckFlags("m", $new_level)) {
$message .= "Chat Master";
if (empty($enews)) {
$enews = $_GET['enews'];
}
if ($enews) {
include '../../data/dbcache/class.php';
}
//增加用户
if ($enews == "AddUser") {
$username = $_POST['username'];
$password = $_POST['password'];
$repassword = $_POST['repassword'];
$groupid = $_POST['groupid'];
$adminclass = $_POST['adminclass'];
$checked = $_POST['checked'];
$styleid = $_POST['styleid'];
AddUser($username, $password, $repassword, $groupid, $adminclass, $checked, $styleid, $logininid, $loginin);
} elseif ($enews == "EditUser") {
$userid = $_POST['userid'];
$username = $_POST['username'];
$password = $_POST['password'];
$repassword = $_POST['repassword'];
$groupid = $_POST['groupid'];
$adminclass = $_POST['adminclass'];
$oldusername = $_POST['oldusername'];
$checked = $_POST['checked'];
$styleid = $_POST['styleid'];
EditUser($userid, $username, $password, $repassword, $groupid, $adminclass, $oldusername, $checked, $styleid, $logininid, $loginin);
} elseif ($enews == "DelUser") {
$userid = $_GET['userid'];
DelUser($userid, $logininid, $loginin);
}
require_once 'application.php';
// Initialisation
$error = "";
// Traitement
// Si l'utilisateur a envoyé le formulaire d'inscription
if (isset($_REQUEST["modalForm"])) {
// Initialisation
$NewName = filter_input(INPUT_POST, 'NewName', FILTER_SANITIZE_SPECIAL_CHARS);
$NewPassword = filter_input(INPUT_POST, 'NewPassword', FILTER_SANITIZE_SPECIAL_CHARS);
$NewPasswordConfirmed = filter_input(INPUT_POST, 'NewPasswordConfirmed', FILTER_SANITIZE_SPECIAL_CHARS);
// Si les champs ne sont pas vides
if (!empty($NewName) && !empty($NewPassword) && !empty($NewPasswordConfirmed)) {
// Si le mdp est le même que le mdp de la verification
if ($NewPassword == $NewPasswordConfirmed) {
// Si l'ajout de l'utilisateur est fonctionnel
if (AddUser($NewName, $NewPassword)) {
// Affiche un message comme quoi le compte a été crée
$error = '<span id="helpBlock" class="help-block">The account has been successfully created.</span>';
} else {
// Sinon affiche une erreur
$error = '<span id="helpBlock" class="help-block">This name is already assigned</span>';
}
} else {
// Sinon affiche une erreur
$error = '<span id="helpBlock" class="help-block">The password are not the same.</span>';
}
} else {
// Sinon affiche une erreur
$error = '<span id="helpBlock" class="help-block">Some field are empty.</span>';
}
}
} elseif ($_POST["md5_hash"] == "") {
$result = "You must set the password when adding a user";
} elseif ($_POST["full_name"] == "") {
$result = "You must give a Full Name when adding a user";
} elseif ($_POST["email"] == "") {
$result = "You must give an E-Mail when adding a user";
} elseif (!array_key_exists("is_admin", $_POST) && !array_key_exists("projects", $_POST)) {
$result = "Non admin users must have at least one project assigned";
} else {
// We check here that the given username doesn't already exist in the database.
// We could let AddUser give us an error code in return, but the error message
// wouldn't be very human readable.
if (GetUserInfos($_POST["username"]) != array()) {
$result = "The indicated username already exists in the database. Please choose another one.";
} else {
$result = AddUser($_POST["username"], $_POST["md5_hash"], $_POST["full_name"], $_POST["email"], array_key_exists("can_upload", $_POST) ? "Y" : "N", array_key_exists("is_power", $_POST) ? "Y" : "N", array_key_exists("is_admin", $_POST) ? "Y" : "N", array_key_exists("projects", $_POST) ? $_POST["projects"] : array());
}
}
if ($result == "") {
$msg = "Add successful";
} else {
$msg = "Error while adding: " . $result;
}
} elseif ($action == "modify") {
// Rules:
// - There must always be one admin in the system
// - A user cannot revoke his own admin status
// - The full name must always be indicated
if ($_POST["full_name"] == "") {
$result = "The Full Name cannot be blank";
} elseif ($_POST["email"] == "") {
$skip = 0;
foreach ($excludedUsers as $ex) {
if ($ex == $adUser) {
$skip = 1;
break;
}
}
if ($skip == 1) {
continue;
}
// query LDAP for the full user info
$userInfo = $adldap->user_info($adUser, $ldapAttributes);
if (NewUser($adUser, $oemrUsers)) {
// add new user
echo "Adding user {$adUser}";
if (AddUser($adUser, $userInfo)) {
echo ", OK\n";
} else {
echo ", FAILED\n";
}
} else {
// update existing users with Active Directory info
echo "existing user {$adUser}";
if (UpdateUser($adUser, $userInfo)) {
echo ", OK\n";
} else {
echo ", FAILED\n";
}
}
}
// re-query in case we have updated a username in the previous loop
}
}
$Error = "";
//Suppression User
if (isset($_POST['RemID'])) {
if ($_SESSION['IDUsager'] == 0) {
if ($_POST['RemID'] != $_SESSION['IDUsager']) {
RemoveUser($_POST['RemID']);
}
}
}
//Ajout Usager
if (isset($_POST['Nom']) && isset($_POST['password'])) {
if (strlen($_POST['password']) > 0 && strlen($_POST['password']) < 128) {
if (strlen($_POST['Nom']) > 0 && strlen($_POST['Nom']) < 65) {
AddUser($_POST['Nom'], $_POST['password']);
} else {
$Error = "Le nom d'usager n'est pas de la bonne longueur!";
}
} else {
$Error = "Mot de passe pas valide!";
}
}
?>
<div class="container">
<?php
if (!empty($Error)) {
?>
<div class="alert alert-danger" role="alert"><?php
echo $Error;
?>
} else {
if (isset($_GET["no"]) && $_GET["no"] == "13") {
// for getting the assignment material based on Assignment ID chosen by mentee.
GetAssignmentMaterial($_GET["assID"]);
} else {
if (isset($_GET["no"]) && $_GET["no"] == "14") {
// for getting the mentor of a particular mentee.
GetMentorDetailsOfMentee($_GET["email"], $_GET["id"]);
} else {
if (isset($_GET["no"]) && $_GET["no"] == "15") {
// for sending the message from the mentee to the mentor.
SendMessageFromMenteeToMentor($_GET["toEmail"], $_GET["msg"], $_GET["email"]);
} else {
if (isset($_GET["no"]) && $_GET["no"] == "16") {
// for adding the user to the User and the Specified table.
AddUser($_GET["organ"], $_GET["course"], $_GET["email"], $_GET["level"]);
} else {
if (isset($_GET["no"]) && $_GET["no"] == "17") {
// for changing the password of the specified Account.
ChangePassword($_GET["email"], $_GET["oldPassword"], $_GET["newPassword"], $_GET["newPasswordConfirm"], $_GET["table"]);
} else {
if (isset($_GET["no"]) && $_GET["no"] == "18") {
// for getting the assignments based on a mentor email and id.
GetMentorAssignment($_GET["email"], $_GET["id"]);
} else {
if (isset($_GET["no"]) && $_GET["no"] == "19") {
// for getting the calender image on the mentor page.
GetMentorCalender($_GET["mentorEmail"]);
} else {
if (isset($_GET["no"]) && $_GET["no"] == "20") {
// for getting the director details of a particular mentor.
$validation[count($validation)] = "*Password is empty";
}
if (!ValidateTelephone($telephone1)) {
$validation[count($validation)] = "*Telephone is not valid";
}
if (strlen($password) < 8) {
$validation[count($validation)] = "*Password must contain 8 characters or more";
}
if (count($validation) == 0) {
$db = DBConnect();
PrepareSQL($db);
$exists = mysql_fetch_row(ExeQuery($db, "SELECT COUNT(*) FROM `utils` WHERE U_NAME = '{$username}'"));
if ($exists[0] != 0) {
$validation[count($validation)] = "*Username already exists " . $exists;
} else {
AddUser(array($username, $password, $firstname, $lastname, $address, $city, $state, $country, $telephone1, $telephone2, $email));
ENDSql($db);
session_start();
$_SESSION['MM_Username'] = $username;
header("location: Intro.php");
}
ENDSql($db);
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Register</title>
</div>
<!--check the subscription fields and add user to database -->
<?php
include "scripts/adduser.php";
if (isset($_GET['register'])) {
if ($_GET['username'] != "" and $_GET['password'] != "" and $_GET['password'] == $_GET['confpass'] and $_GET['email'] != "" and $_GET['forename'] != "" and $_GET['surname'] != "" and $_GET['age'] != "" and $_GET['school'] != "" and $_GET['city'] != "") {
$username = strtolower($_GET['username']);
$password = $_GET['password'];
$email = $_GET['email'];
$forename = $_GET['forename'];
$surname = $_GET['surname'];
$age = $_GET['age'];
$school = $_GET['school'];
$city = $_GET['city'];
$gender = $_GET['gender'];
$registered = AddUser($username, $password, $email, $forename, $surname, $age, $school, $city, $gender);
if ($registered == "added") {
$_SESSION['username'] = $username;
?>
<script>location.href = "registerAdd.php";</script>
<?php
} else {
?>
<script>
$("#errorlabel").text("Username already exists");
$("#errorlabel").css("color", "#ff6666");
</script>
<?php
}
}
}
