header('Location: index.php?info=User added successfully');
}
} elseif ($op == "add") {
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$groups = $_POST['user_groups'];
$permissions = $_POST['permissions'];
$err = "";
if (strlen(trim($password)) > 0) {
if (trim($password) != trim($password2)) {
$err = "The passwords are not equal.";
}
}
if ($err == "") {
$err = insert_user($username, $password, $groups, $permissions);
}
if (strlen($err) > 0) {
header('Location: error.php?msg=' . urlencode($err));
} else {
header('Location: user_list.php');
}
} elseif ($op == "edit") {
if (isset($_POST['id'])) {
$username = $_POST['id'];
$new_username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$groups = $_POST['user_groups'];
$permissions = $_POST['permissions'];
$err = "";
function create_account()
{
$name = $_POST['name'];
$email = $_POST['email'];
$password = $_POST['password'];
$result = insert_user($name, $email, $password);
if ($result) {
redirect("home");
} else {
redirect("user/create-failed");
}
}
function make_a_comment($pid, $name, $content)
{
$content = trim($content);
if (strlen($content) > CONTENT_MAX_LENGTH) {
echo json_encode(["content too long(max 140)"]);
return;
}
global $db;
try {
$uid = insert_user($name);
$stmt = $db->prepare("INSERT INTO Comments (user_id, photo_id, content) VALUES(:user_id, :photo_id, :content)");
$stmt->bindParam(":user_id", $uid, PDO::PARAM_INT);
$stmt->bindParam(":photo_id", $pid, PDO::PARAM_INT);
$stmt->bindParam(":content", $content);
$stmt->execute();
echo json_encode(["status" => "OK"]);
} catch (PDOException $e) {
error_log("ERROR while favour: " . $e->getMessage());
echo json_encode(["ERROR" => $e->getMessage()]);
// return false;
}
}
}
// Shares
if (substr($split, 0, 6) == "shares") {
insert_shares($split);
}
// Mapped Drives
if (substr($split, 0, 6) == "mapped") {
insert_mapped($split);
}
// Local Groups
if (substr($split, 0, 7) == "l_group") {
insert_group($split);
}
// Local Users
if (substr($split, 0, 6) == "l_user") {
insert_user($split);
}
// Startup Programs
if (substr($split, 0, 7) == "startup") {
insert_startup($split);
}
// Services
if (substr($split, 0, 7) == "service") {
insert_service($split);
}
// Hotfixes
if (substr($split, 0, 6) == "hotfix") {
insert_hotfix($split);
}
// IE Browser Helper Objects
if (substr($split, 0, 6) == "ie_bho") {
function create_user($U)
{
extract($U);
$U['inputs']['account_addr_id'] = insert_address($U);
if ($_SERVER['HTTP_X_FORWARDED_HOST'] != '') {
$server = $_SERVER['HTTP_X_FORWARDED_HOST'];
} else {
$server = $_SERVER['HTTP_HOST'];
}
$s3dburl = 'http://' . $server . S3DB_URI_BASE;
if (insert_user($U)) {
#send and email to the user telling him about his new password!
$message .= sprintf("%s\n\n", 'Dear ' . $inputs['account_uname'] . ',');
$message .= sprintf("%s\n", 'An account on s3db has been created on your behalf.');
$message .= sprintf("%s\n", 'Your login ID is: ' . $inputs['account_lid']);
$message .= sprintf("%s\n", 'Your password is: ' . $inputs['account_pwd']);
$message .= sprintf("%s\n\n", 'You can login at ' . $s3dburl);
$message .= sprintf("%s\n", 'The S3DB team.(http://www.s3db.org)');
$message .= sprintf("%s\n\n", 'Note: Please do not reply, this is an automated message');
$E = array('email' => array($inputs['account_email']), 'message' => $message, 'subject' => 'Your s3db account');
if ($GLOBALS['s3db_info']['server']['email_host'] != '' && $GLOBALS['s3db_info']['server']['email_host'] != 'mail') {
#if user did no input data on host of deleted it, don't send email
send_email($E);
}
return True;
} else {
return False;
}
}
<?php
include 'include/database.class.php';
/*If any registration is invalid,
/ set up error message in error string
/ to inform to the other page.error.php
*/
if (isset($_GET['uname'], $_GET['uemail'], $_GET['upassword'])) {
$uname = filter_input(INPUT_GET, 'uname', FILTER_SANITIZE_STRING);
// $uemail = $_GET['uemail'];
$uemail = filter_input(INPUT_GET, 'uemail', FILTER_SANITIZE_EMAIL);
$upassword = $_GET['upassword'];
check_email($uemail);
check_user_exists($uname, $uemail);
check_password($upassword);
insert_user($uname, $uemail, $upassword);
} else {
$mgs = "INFORMATION NOT PROPERLY SET";
send_error($mgs);
}
function check_email($uemail)
{
if (!filter_var($uemail, FILTER_VALIDATE_EMAIL)) {
$mgs = "INVALID EMAIL";
send_error($mgs);
} else {
if (check_email_exists($uemail)) {
$mgs = "EMAIL ALREADY REGISTERED";
send_error($mgs);
exit;
} else {
$debug = isset($_SESSION['debug']) && $_SESSION['debug'] == "on" ? 1 : 0;
if ($debug) {
/*Head of the page*/
include_once $_SERVER['DOCUMENT_ROOT'] . '/Contacts/views/building/head.php';
dump($_SESSION, "SESSION");
dump($_POST, "POST");
}
$failure = 0;
/*For disable or enable registration.*/
if (1) {
if (isset($_POST['useremail_1']) && !empty($_POST['useremail_1']) && isset($_POST['useremail_2']) && !empty($_POST['useremail_2']) && isset($_POST['userpass_1']) && !empty($_POST['userpass_1']) && isset($_POST['userpass_2']) && !empty($_POST['userpass_2'])) {
if ($_POST['useremail_1'] == $_POST['useremail_2'] && $_POST['userpass_1'] == $_POST['userpass_2']) {
$username = trim($_POST['useremail_1']);
if (NULL == exists_user(0, $username)) {
$active = "act" . md5(mt_rand());
if ($userid = insert_user($username, md5(trim($_POST['userpass_1'])), $_SERVER['REMOTE_ADDR'], $_SERVER['REMOTE_PORT'], $_SERVER['HTTP_USER_AGENT'], $active)) {
$url = "" . $_SERVER['SERVER_NAME'] . "contacts/models/user/activation.php?id=" . $userid . "&user="******"&active=" . $active . "";
$message = "<h2>Thank you " . $username . " for registering!</h2><hr /><br /><p>Your account is not activated, \n\t\t\t\t\tTo activate click on the following link: </p>" . $url . "<div><sub>Mycnts © 2014<sub></div>";
if (mail_utf8($_POST['useremail_1'], "Account validation MyCnts", $message)) {
$_SESSION['success'] = ($debug ? "<b>register.php:</b><br />" : "") . "Thanks for signing up! We've sent an email account activation at: <b>'" . $username . "'</b>";
} else {
$_SESSION['error'] = ($debug ? "<b>register.php:</b><br />" : "") . "Ooops! Something went wrong with sending e-mail!";
}
} else {
$failure = 1;
$_SESSION['error'] = ($debug ? "<b>register.php:</b><br />" : "") . "Ooops! The registration process failed!";
}
} else {
$failure = 1;
$_SESSION['warning'] = ($debug ? "<b>register.php:</b><br />" : "") . "The user with e-mail '" . $username . "' already exists, try again with another username!";
}
if (!$session) {
$message = new AlertText('That doesn\'t seem to be a valid or unexpired token, please try again or <a href="mailto:grinnellplans@gmail.com">Email</a> us.', 'Token not recognized');
$thispage->append($message);
$thispage->append(show_form());
} else {
$data = unserialize($session);
$username = $data['username'];
$type = $data['type'];
$year = $data['year'];
$email = $username . '@' . $domain;
if (get_item($dbh, 'username', 'accounts', 'username', $username)) {
$message = new AlertText("A plan with the username {$username} already exists, meaning this token has been used. If you are the owner of that email, your password was given to you when you first clicked the link. If you've lost the password, or for anything else, <a href=\"mailto:{$admin_email}\">Email us</a>.", 'Plan exists');
$thispage->append($message);
$thispage->append(show_form());
} else {
$results = insert_user($username, '', $year, $email, $type);
$password = $results[0];
$message = new InfoText("Your account has been created! Your username is {$username} and your initial password is {$password}." . ' Go <a href="http://www.grinnellplans.com/">Here</a> to test them out.', 'Plan Created');
$thispage->append($message);
$message = "A new plan has been created with \nusername: {$username}\nGrad Year: {$year}\n{$username} self-identifies as {$type}.";
send_mail($admin_email, "Plan Created: {$username}", $message);
$message = "Your account has been created! Your username is {$username} and your initial password is {$password}. Go to http://www.grinnellplans.com/ to get started.\n";
send_mail($email, "Plan Created", $message);
}
}
} else {
$thispage->append(show_form());
}
}
interface_disp_page($thispage);
db_disconnect($dbh);
$variable['Login_Username'] = $_POST['Login_Username'];
$variable['Login_Password'] = $_POST['Login_Password'];
include 'check_user.php';
check_user($variable);
break;
case 'frm_AddUser':
$variable = array();
$variable['addUser_Username'] = general_validate($_POST['addUser_Username']);
$variable['addUser_Password'] = general_validate($_POST['addUser_Password']);
$variable['addUser_ReEnterPassword'] = general_validate($_POST['addUser_ReEnterPassword']);
$variable['addUser_Fname'] = general_validate($_POST['addUser_Fname']);
$variable['addUser_Lname'] = general_validate($_POST['addUser_Lname']);
$variable['addUser_Address'] = general_validate($_POST['addUser_Address']);
$variable['addUser_ContactNo'] = general_validate($_POST['addUser_ContactNo']);
include 'insert_user.php';
insert_user($variable);
break;
case 'frm_AddCCard':
$variable = array();
$variable['addCC_CardName'] = general_validate($_POST['addCC_CardName']);
$variable['addCC_CardType'] = general_validate($_POST['addCC_CardType']);
$variable['addCC_CardNumber'] = general_validate($_POST['addCC_CardNumber']);
$variable['addCC_ExpireYear'] = general_validate($_POST['addCC_ExpireYear']);
$variable['addCC_CardSecurityNumber'] = general_validate($_POST['addCC_CardSecurityNumber']);
break;
case 'frm_AddMerchant':
$variable = array();
$variable['addMer_name'] = general_validate($_POST['addMer_name']);
$variable['addMer_cat'] = general_validate($_POST['addMer_cat']);
include 'insert_merchant.php';
insert_merchant($variable);
<?php
include_once '/../../includes/connection.php';
include_once 'user_function.php';
session_start();
$userid = $_POST['userid'];
$name = $_POST['name'];
$password = $_POST['password'];
if ($_POST['add']) {
insert_user($userid, $name, $password);
$_SESSION['message'] = "{$name} has been added";
header('Location: /danzsecurity/database');
}
if ($_POST['update']) {
update_user($userid, $name, $password);
$_SESSION['message'] = "{$name} has been updated";
header('Location: /danzsecurity/database');
}
if ($_POST['delete']) {
delete_user($userid);
$_SESSION['message'] = "{$name} has been deleted";
header('Location: /danzsecurity/database');
}
// get user record informaation.
$user = get_user($conn, $_GET['edit']);
include 'views/edit_user.php';
} elseif (isset($_GET['add'])) {
//if form is submitted.
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$msg = "";
$class_stat = 'class="alert alert-info"';
if (trim($_POST['password']) != trim($_POST['confirm_password'])) {
$msg = "Your password does not match your confirmed password.";
$class_stat = 'class="alert alert-warning"';
} else {
$_POST['password'] = md5($_POST['password']);
unset($_POST['confirm_password']);
$data[] = $_POST;
//print_r($data);exit;
$is_inserted = insert_user($conn, $data);
if ($is_inserted) {
$msg = "Data is inserted.";
$class_stat = 'class="alert alert-info"';
} else {
$msg = "Error input.";
$class_stat = 'class="alert alert-warning"';
}
}
//redirect to user list
//header("Location: index.php?controller=users");
//exit();
}
include 'views/add_user.php';
}
<?php
require "dbfunctions.php";
$dbh = db_connect();
if ($added_name) {
if (isvaliduser($dbh, $added_name)) {
echo "User already exists.";
} else {
$type = $_POST['type'];
$password = $_POST['password'];
$email = $_POST['email'];
$perms = $_POST['perms'];
$gradyear = $_POST['gradyear'];
if ($type == "other") {
$type = $_POST['other'];
}
$results = insert_user($added_name, $password, $gradyear, $email, $type, $perms);
$password = $results[0];
$email = $results[1];
echo "Account created for " . $added_name . " with password " . $password . ", email " . $email . ", and graduation year " . $gradyear . ".<br>";
?>
<form action="email.php" method="POST">
<input type="hidden" name="username" value="<?php
echo $added_name;
?>
">
<input type="hidden" name="password" value="<?php
echo $password;
?>
">
<input type="hidden" name="email" value="<?php
echo $email;
if (isset($_POST['sent'])) {
//initialisations
$pseudo = htmlspecialchars($_POST['pseudo']);
$password = $_POST['password'];
$password_verification = $_POST['password_verification'];
$email = htmlspecialchars($_POST['email']);
$everything_entered = verify_everything_entered($pseudo, $password, $password_verification, $email);
//Si tout a bien été entré, on commence les vérifications
if ($everything_entered) {
include_once 'model/user/user_exists.php';
$everything_verified = verify($pseudo, $password, $password_verification, $email);
//Si tout est vérifié
if ($everything_verified) {
//On peut rajouter l'utilisateur
include_once 'model/user/insert_user.php';
insert_user($pseudo, $password, $email);
include_once 'model/user/connect_user.php';
connect_user($pseudo);
include_once 'view/user/inscription/inscription_done.php';
exit;
//Stop le chargement pour éviter de charger l'autre vue
}
} else {
$_SESSION['inscription_errors'][] = 'Il manque des informations.';
}
}
//Si ça ne s'est pas bien passé ou que l'utilisateur n'a rien fait
//On affiche le formulaire
include_once 'view/user/inscription/inscription_form.php';
//Vérification que les infos sont bien entrées
function verify_everything_entered($pseudo, $password, $password_verification, $email)
session_unset();
// destroy the session
session_destroy();
if (!session_id()) {
session_start();
}
$clef_id = $result['id'];
$_SESSION['name'] = $result['first_name'] . ' ' . $result['last_name'];
$_SESSION['email'] = $result['email'];
$_SESSION['user_id'] = $clef_id;
$_SESSION['logged_in_at'] = time();
// timestamp in unix time
require_once 'mysql.php';
$user = get_user($clef_id, $mysql);
if (!$user) {
insert_user($clef_id, $result['first_name'], $mysql);
}
// send them to the member's area!
header("Location: members_area.php");
}
} else {
echo "Log in with Clef failed, please try again.";
}
}
} else {
echo "Log in with Clef failed, please try again.";
}
} else {
echo "Log in with Clef failed, please try again.";
}
}
$result = $response->info;
// reset the user's session
if (isset($result->id) && $result->id != '') {
//remove all the variables in the session
session_unset();
// destroy the session
session_destroy();
if (!session_id()) {
session_start();
}
$clef_id = $result->id;
$_SESSION['name'] = $result->first_name . ' ' . $result->last_name;
$_SESSION['email'] = $result->email;
$_SESSION['user_id'] = $clef_id;
$_SESSION['logged_in_at'] = time();
// timestamp in unix time
require_once 'mysql.php';
$user = get_user($clef_id, $mysql);
if (!$user) {
insert_user($clef_id, $result->first_name, $mysql);
}
// send them to the member's area!
header("Location: members_area.php");
}
} catch (Exception $e) {
echo "Login with Clef failed: " . $e->getMessage();
}
}
?>
* $Id: signup.php,v 1.4 2001/11/29 20:17:30 hifix Exp $
*
* To Do:
* - LOcalisation
* - minimal password length check
*/
/******************************************************************************
* MAIN
*****************************************************************************/
include "../application.php";
/* form has been submitted, try to create the new user account */
if (match_referer() && isset($HTTP_POST_VARS)) {
$frm = $HTTP_POST_VARS;
$errormsg = validate_form($frm, $errors);
if (empty($errormsg)) {
$status = insert_user($frm);
$DOC_TITLE = "Signup Successful";
include "{$CFG->templatedir}/header.php";
include "templates/signup_success.inc";
include "{$CFG->templatedir}/footer.php";
die;
} else {
$session['notice'] = $errormsg;
}
}
$DOC_TITLE = "Signup";
include "{$CFG->templatedir}/header.php";
include "templates/signup_form.inc";
include "{$CFG->templatedir}/footer.php";
/******************************************************************************
* FUNCTIONS
$errors[] = "Your password has to be at least 7 characters long";
}
} else {
$user_password = "";
$conf_password = "";
$errors[] = "Please enter a password";
}
// if no errors, proceed to database
if (empty($errors)) {
// check if email is unique
if (has_rows(unique_email($user_email))) {
$messages[] = "That email address has already been registered.";
//echo json_encode($message);
} else {
// insert user into the database
if (insert_user($user_data)) {
// success
$messages[] = "Thanks for registering";
$_SESSION['id'] = last_inserted_id($db);
$_SESSION['username'] = $user_data['user_name'];
// $message[] = true;
// echo json_encode($message);
} else {
// failure
$messages[] = "There was an error inserting into the database.";
echo json_encode($message);
}
}
} else {
// if there were $errors
$messages[] = "There were errors in the form. Not ready to proceed to database.";
function favour_photo($p_id, $username, $token = null)
{
// 以后添加不允许重复投票的机制
// ------------------------
global $db;
$u_id = insert_user($username);
$stmt = $db->prepare("INSERT INTO PhotoFavours (photo_id, user_id) VALUES (:p_id, :u_id)");
try {
$stmt->execute([$p_id, $u_id]);
// 返回赞的数量
$favour_count = get_photo_favour($p_id);
// 更新Photos里面的赞数量
$db->exec("UPDATE Photos SET favour_count={$favour_count} WHERE id={$p_id}");
return $favour_count;
} catch (PDOException $e) {
error_log("ERROR while favour: " . $e->getMessage());
return false;
}
}
if (!ctype_digit($mobile)) {
echo "Invalid Mobile Number<br/>";
} else {
// Kollo zay el foll ..
// Insert in Database ..
$db_handle = mysql_connect("localhost", "root", "");
$db_found = mysql_select_db("7amada", $db_handle);
if ($db_found) {
if (is_element_found("username", $username)) {
echo $username . " already available<br/>";
} else {
if (is_element_found("email", $email)) {
echo $email . " already available<br/>";
} else {
$password = md5($password);
insert_user($firstname, $lastname, $address, $gender, $username, $password, $email, $account_type, $mobile);
header("Location: home.php");
}
}
} else {
echo "Did not found 7amada Database<br/>";
}
}
}
}
}
}
}
}
}
}
<?php /** * Index.php * * PHP Version 5 * * @category Ondex * @package MyPackage * @author Nikolskiy Serhiy <*****@*****.**> * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License * @link http://www.hashbangcode.com/ */ insert_user($name, $surname, $phone, $email, $password, $salt);
<?php
include "../model/userdb.php";
if ($_POST['method'] == "insert") {
insert_user();
}
if ($_POST['method'] == "login") {
get_user_by_username_password();
}
if ($_POST['method'] == "view") {
getall_usernames();
}
if ($_POST['method'] == "update") {
update_user();
}
if ($_POST['method'] == "delete") {
delete_user();
}
if ($_POST['method'] == "viewAllImg") {
viewall_user_imgs();
}
private function post_user()
{
if ($this->get_request_method() != 'POST') {
$this->response($this->get_request_method(), 406);
}
//Recebe um Json como argumento para o parâmetro 'json'.
$json = $this->_request['json'];
//Converte o Json em um array, os indices do array são iguais às chaves do Json. Ex.: {"id":1,"outroValor": "string"}.
$vector = json_decode($json, TRUE);
// variaveis
$id = $vector['Id'];
$email = $vector['Email'];
$nick = $vector['Nickname'];
$cpf = $vector['CPF'];
$password = $vector['Password'];
$response = array();
if ($id == 0) {
// insert
$sql = insert_user($cpf, $password, $email, $nick);
if ($query = mysqli_query($this->db, $sql)) {
// pega o id do insert
$response['Id'] = (string) mysqli_insert_id($this->db);
$this->response(json_encode($response), 200);
} else {
$response['Error'] = mysqli_error($this->db);
$this->response(json_encode($response), 200);
}
} else {
//update
$sql = update_user($id, $cpf, $password, $email, $nick);
if ($query = mysqli_query($this->db, $sql)) {
// retorna o id que ja foi passado
$response['Id'] = $id;
$this->response(json_encode($response), 200);
} else {
$response['Error'] = mysqli_error($this->db);
$this->response(json_encode($response), 200);
}
}
}
if ($success) {
action_success('User Delete Success!');
} else {
action_failure('User Delete Failure!');
}
unset($seluserid);
} elseif ($seluserid && $username && $fullname && $localityid) {
$success = update_user($seluserid, $username, $password, $fullname, $email, $localityid);
if ($success) {
optimizemysqltable('users');
action_success('User Update Success!');
} else {
action_failure('User Update Failure!');
}
} elseif ($username && $password && $fullname && $localityid) {
$nextid = nextautoid('users');
$success = insert_user($seluserid, $username, $password, $fullname, $email, $localityid);
if ($success) {
action_success('User Insert Success!');
$seluserid = $nextid;
optimizemysqltable('adminusers');
} else {
action_failure('User Insert Failure!');
}
} else {
action_failure('User Action Failure!');
}
}
directoryuser_form($seluserid);
}
adminpage_footer('../../');
<?php
include 'function.php';
if ($_POST) {
$username = $_POST['username'];
$nama_lengkap = $_POST['nama_lengkap'];
$password = $_POST['password'];
$response = insert_user($username, $nama_lengkap, $password);
if ($response == 1) {
header('location:index.php?page=user&message=1');
} else {
header('location:index.php?page=user&message=0');
}
} else {
if (isset($_GET['action'])) {
if ($_GET['action'] == "delete") {
$response = delete_user($_GET['username']);
if ($response == 1) {
header('location:index.php?page=user&message=2');
} else {
header('location:index.php?page=user&message=0');
}
}
}
}
function handle_user_insert(&$HTTP_VARS, &$errors)
{
if (!is_user_valid($HTTP_VARS['user_id'])) {
$HTTP_VARS['user_id'] = strtolower(filter_input_field("filtered(20,20,a-zA-Z0-9_.)", $HTTP_VARS['user_id']));
if (!validate_input_field(get_opendb_lang_var('userid'), "filtered(20,20,a-zA-Z0-9_.)", "Y", $HTTP_VARS['user_id'], $errors)) {
return FALSE;
}
if (validate_user_info(NULL, $HTTP_VARS, $address_provided_r, $errors)) {
if ($HTTP_VARS['op'] == 'signup') {
// no password saved when signing up, as user still must be activated
$active_ind = 'X';
// Will be reset when user activated
$HTTP_VARS['pwd'] = NULL;
} else {
$active_ind = 'Y';
if (strlen($HTTP_VARS['pwd']) == 0) {
if (is_valid_opendb_mailer()) {
$HTTP_VARS['pwd'] = generate_password(8);
} else {
$errors[] = array('error' => get_opendb_lang_var('passwd_not_specified'));
return FALSE;
}
} else {
if ($HTTP_VARS['pwd'] != $HTTP_VARS['confirmpwd']) {
$errors[] = array('error' => get_opendb_lang_var('passwds_do_not_match'));
return FALSE;
}
}
}
// We want to validate and perform inserts even in signup mode
if (insert_user($HTTP_VARS['user_id'], $HTTP_VARS['fullname'], $HTTP_VARS['pwd'], $HTTP_VARS['user_role'], $HTTP_VARS['uid_language'], $HTTP_VARS['uid_theme'], $HTTP_VARS['email_addr'], $active_ind)) {
$user_r = fetch_user_r($HTTP_VARS['user_id']);
return update_user_addresses($user_r, $address_provided_r, $HTTP_VARS, $errors);
} else {
$db_error = db_error();
$errors[] = array('error' => get_opendb_lang_var('user_not_added', 'user_id', $HTTP_VARS['user_id']), 'detail' => $db_error);
return FALSE;
}
} else {
return FALSE;
}
} else {
$errors[] = array('error' => get_opendb_lang_var('user_exists', 'user_id', $HTTP_VARS['user_id']), 'detail' => '');
return FALSE;
}
}
require_once __DIR__ . '/../vendor/autoload.php';
$app = (require_once __DIR__ . '/../app/app.php');
$passes = [];
$h = fopen(__DIR__ . '/passes.csv', "w");
while ($user = fgetcsv(STDIN, ";")) {
$id = $user[0];
$lastName = $user[1];
$firstName = $user[2];
$class = $user[3];
$companyID = isset($user[4]) ? $user[4] : NULL;
$pass = create_pass();
$passes = [$lastName, $firstName, $class, $pass];
$roles = $companyID !== NULL ? 'betriebsleiter' : '';
$isChief = $companyID == NULL ? false : true;
$chiefOf_ID = $companyID;
insert_user($id, $firstName, $lastName, password_hash($pass, PASSWORD_DEFAULT), $roles, $isChief, $chiefOf_ID, $app['db.connection']);
fputcsv($h, $passes, ";");
}
function create_pass($length = 6)
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
return $randomString;
}
function insert_user($id, $firstName, $lastName, $pass, $roles, $isChief, $chiefOf_ID, $c)
{
$c->insert('users', ['id' => $id, 'firstName' => $firstName, 'lastName' => $lastName, 'pass' => $pass, 'roles' => $roles, 'isChief' => $isChief, 'chiefOf_ID' => $chiefOf_ID]);
}
<!DOCTYPE HTML>
<html>
<head>
<title>Test PHP</title>
<meta charset="utf-8" />
</head>
<body>
<?php
require_once 'header.php';
require_once 'functions.php';
if (isset($_POST['name'])) {
insert_user($_POST['name'], $_POST['password']);
$_SESSION['username'] = $_POST['name'];
header("Location: first.php");
exit;
} else {
?>
<form action="register.php" method="post">
<div class="style_input">
<label for="name"></label>
<input type="text" id="name" name="name" />
</div>
<div class="style_input">
<label for="password"></label>
<?php
include_once 'head.php';
generatePath(array("Home", "Sign Up"));
include_once 'dbconnect.php';
// This script file get $username and $password from $_POST.
include_once 'getauth.php';
include_once 'utils.php';
?>
<?php
if (username_existed($link, $username)) {
die("Username {$username} already exists.");
}
$userid = smallest_unused_id($link);
insert_user($link, $userid, $username, $password);
$username = htmlspecialchars($username);
echo "<h1>Welcome, {$username}, you have successfully registered!</h1>";
?>
<?php
include_once 'foot.php';
