/** * Adds user to the databse. * Creates a temporary randomly generated password string * for user, emails the user a confirmation message about account creation * along with * temporary password string. * * @param $DB_con - * PDO Database connection object */ public function add_user($DB_con) { // generate random password string $temp_password = random_str(10); // not currently needed // hash password // if (isset($password)) { // $password = crypt($password); // } // prepare and executer query to add user to database $add_user_query = 'INSERT INTO `tat_user` (`employee_number`, `First_Name`, `Last_Name`, `Email`, `Phone_Number`, `GPA`, `Gender`, `Password`, `Access_Level`) VALUES (:sid, :first_name, :last_name, :email, :phone_number, :gpa, :gender, :password, :access_level)'; $statement = $DB_con->prepare($add_user_query); // bind query parameters $statement->bindParam(':sid', $this->id, PDO::PARAM_STR); $statement->bindParam(':first_name', $this->first_name, PDO::PARAM_STR); $statement->bindParam(':last_name', $this->last_name, PDO::PARAM_STR); $statement->bindParam(':email', $this->email, PDO::PARAM_STR); $statement->bindParam(':phone_number', $this->phone_number, PDO::PARAM_STR); $statement->bindParam(':gpa', $this->gpa, PDO::PARAM_STR); $statement->bindParam(':gender', $this->gender, PDO::PARAM_STR); $statement->bindParam(':password', $temp_password, PDO::PARAM_STR); $statement->bindParam(':access_level', $this->access_level, PDO::PARAM_STR); // execute query if (!$statement->execute()) { // set error message and redirect user $_SESSION['add_user_error'] = 'An unknown error has occurred. Please contact system support and provide a detailed description of what you were trying to accomplish when this error occurred. (Error: -1)'; header('Location: ../add_user_gui.php'); die; } else { // redirect to dash board $_SESSION['user_added'] = 1; $fullName = $this->first_name . " " . $this->last_name; // finally send them an email if ($this->access_level == 'lecturer') { $email = new Emailer(); $email->sendLecturerTempEmail($_POST['user_email'], $fullName, $temp_password); header('Location: ../add_user_gui.php'); die; } else { if ($this->access_level == 'student') { $email = new Emailer(); $email->sendStudentTempEmail($_POST['user_email'], $fullName, $temp_password); header('Location: ../add_user_gui.php'); die; } } } }