/**
* Add user
*
* @author John.meng (цот╤РШ)
* @since version 1.0 - 2005-12-14 22:27:14
* @param string
*
*/
function opAdd()
{
global $__Lang__, $UrlParameter, $SiteDB, $AddIPObj, $FlushPHPObj, $form, $smarty;
parent::opAdd();
if ($_REQUEST['Action'] == 'Update') {
$this->opUpdate();
}
$form->addElement('header', null, $__Lang__['langUserAddHeader']);
$form->addElement('text', 'user_name', $__Lang__['langMenuUser'] . $__Lang__['langGeneralName'] . ' : ');
$form->addElement('password', 'user_passwd', $__Lang__['langMenuUser'] . $__Lang__['langGeneralPassword'] . ' : ');
$form->addElement('password', 'user_passwd2', $__Lang__['langGeneralConfirm'] . $__Lang__['langGeneralPassword'] . ' : ');
$form->addElement('hidden', 'Module', $_REQUEST['Module']);
$form->addElement('hidden', 'Page', $_REQUEST['Page']);
$form->addElement('hidden', 'Action', $_REQUEST['Action']);
$form->addElement('submit', 'btnSubmit', $__Lang__['langGeneralSubmit']);
$form->addRule('user_name', 'Please enter a username.', 'required');
$form->addRule('user_passwd', 'Please enter a password.', 'required');
$form->addRule('user_passwd2', 'Please enter a confirm password.', 'required');
$form->addRule(array('user_passwd2', 'user_passwd'), 'The passwords do not match', 'compare');
if ($form->validate()) {
$record["UserName"] = $form->exportValue('user_name');
$record["Passwd"] = md5($form->exportValue('user_passwd'));
$record["AddIP"] = $AddIPObj->getTrueIP();
$record["CreateTime"] = time();
$dbAppObj = $FlushPHPObj->loadApp("DBApp");
if ($_POST['ID'] && $_POST['Action'] == 'Update') {
$thisDAO =& new UserDAO();
$thisDAO->opUpdate(USERS_TABLE, $record, " UsersID = " . $_POST['ID']);
$form->setElementError('user_name', $__Lang__['langGeneralOperation'] . $__Lang__['langGeneralSuccess']);
$form->freeze();
} else {
if ($dbAppObj->checkExists(USERS_TABLE, " UserName='******' ")) {
$form->setElementError('user_name', $__Lang__['langUserNameExist']);
} else {
$userDAO = new UserDAO();
$userDAO->addUser($record);
$form->setElementError('user_name', $__Lang__['langGeneralOperation'] . $__Lang__['langGeneralSuccess']);
$form->freeze();
}
}
$form->removeElement('btnSubmit');
}
$smarty->assign("Main", $form->toHTML());
}
public function registerUser($username, $password, $email)
{
/*
* Perform validation and create all required entries for new user in database
*
* Input: $password is in plaintext
* Ouput: ["result" => true, "userid" => {userid}, "passhash" => {passhash}] if successful
* ["result" => false, "error" => {error message}] if not successful
*/
// Perform check that username/email is not already taken
// and password is valid (not empty)
$userDAO = new UserDAO();
if ($userDAO->checkUsernameExists($username)) {
return ["result" => false, "error" => "Username is already in use."];
}
if ($userDAO->checkEmailExists($email)) {
return ["result" => false, "error" => "Email is already in use."];
}
if (empty($password)) {
return ["result" => false, "error" => "Password should be non-empty"];
}
$password_encrypted = password_hash($password, PASSWORD_DEFAULT);
//return newly-created userID (null if unsuccessful)
$userid = $userDAO->addUser($username, $password_encrypted, $email);
//initialize empty row in userdata, userprefs, and userrecords table
$userdataSuccess = $userDAO->initializeUserData($userid);
$userprefsSuccess = $userDAO->initializeUserPrefs($userid);
$userrecordsSuccess = $userDAO->initializeUserRecords($userid);
//add email to MailChimp list
$MailChimp = initialize_mailchimp();
mailchimp_subscribe($_POST['email'], $MailChimp);
//check if user added successfully
$add_member = !is_null($userid) && $userdataSuccess && $userprefsSuccess && $userrecordsSuccess;
if ($add_member) {
return ["result" => true, "userid" => $userid, "passhash" => $password_encrypted];
} else {
return ["result" => false, "error" => "Database error: Could not successfully create user"];
}
}
/************************INSERT user**********************/
} else {
if ($myApi->getMethod() == 'POST') {
$userDao = new UserDAO($pdo);
if (isset($_POST['login'])) {
$login = $_POST['login'];
}
if (isset($_POST['password'])) {
$password = $_POST['password'];
}
if (isset($_POST['type'])) {
$type = $_POST['type'];
}
if (isset($login) && isset($password) && isset($type)) {
if (!$userDao->checkUser($login)) {
$userDao->addUser($login, $password, $type);
} else {
$responseData[] = array('error' => 'Login déjà existant');
echo $myApi->_response($responseData, 200);
}
} else {
echo $myApi->_response("Mauvais param login :"******" password:" . $password, 200);
}
} else {
echo $myApi->_response('Invalid Method', 405);
}
}
break;
/************************Default case**********************/
/************************Default case**********************/
default:
$user = new User();
$user->name = $name;
$user->password = $password;
$user->username = $username;
$valid = true;
if (strlen($username) > 15) {
$message = "username allowed <= 15 char";
$valid = false;
}
if (strlen($password) > 20) {
$message = $message . "<br/> " . "password allowed <= 15 char";
$valid = false;
}
if ($valid == true) {
if (UserDAO::checkUsernameAvailable($user->username)) {
UserDAO::addUser($user);
redirect_to("ManageAdmins.php");
} else {
$message = "Username not available";
}
}
} catch (Exception $exception) {
echo "{\"success\":false}";
}
}
require "partials/header.php";
$admins = UserDAO::getAll();
?>
<div class="table-responsive" style="padding-top:200px;margin-left:150px;width:70%; ">
<h4>Manage admins</h4>
