Exemple #1
0
            die;
        }
        echo '<div class="title">

<h2>' . $LANG['users_add_title'] . '</h2>

<div style="float:right; margin: 0 2px 0 0;">
<a href="?route=users.php&amp;action=list" class="btn">' . $LANG['users_view'] . '</a>
</div>';
        if (!empty($LANG['users_add_subtitle'])) {
            echo '<span>' . $LANG['users_add_subtitle'] . '</span>';
        }
        echo '</div>';
        if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'users_csrf')) {
            if (isset($_POST['name']) && isset($_POST['email']) && isset($_POST['password']) && isset($_POST['points']) && (!$GLOBALS['me']->is_admin || isset($_POST['privileges']) && in_array($_POST['privileges'], array(0, 1, 2)))) {
                if (actions::add_user(array('name' => $_POST['name'], 'email' => $_POST['email'], 'password' => $_POST['password'], 'points' => $_POST['points'], 'credits' => $GLOBALS['me']->is_admin && isset($_POST['credits']) ? $_POST['credits'] : 0, 'privileges' => $GLOBALS['me']->is_admin ? $_POST['privileges'] : '', 'erole' => $GLOBALS['me']->is_admin ? isset($_POST['erole']) && (int) $_POST['privileges'] === 1 ? $_POST['erole'] : '' : '', 'subscriber' => isset($_POST['subscriber']) ? 1 : 0, 'confirm' => isset($_POST['confirm']) ? 1 : 0))) {
                    echo '<div class="a-success">' . $LANG['msg_added'] . '</div>';
                    if (isset($_POST['send_copy'])) {
                        \site\mail::send($_POST['email'], $LANG['email_ac_title'] . ' - ' . \query\main::get_option('sitename'), array('template' => 'account_creation', 'path' => '../'), array('ac_main_text' => sprintf($LANG['email_ac_maintext'], \query\main::get_option('sitename')), 'form_email' => $LANG['email_ac_email'], 'form_password' => $LANG['email_ac_password'], 'email' => $_POST['email'], 'password' => $_POST['password'], 'link' => \query\main::get_option('siteurl')));
                    }
                } else {
                    echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
                }
            }
        }
        $csrf = $_SESSION['users_csrf'] = \site\utils::str_random(10);
        echo '<div class="form-table">

<form action="#" method="POST" enctype="multipart/form-data" autocomplete="off">

<div class="row"><span>' . $LANG['form_name'] . ':</span><div><input type="text" name="name" value="" /></div></div>