public static function addUser($frm_submitted)
{
global $obj_db;
$str_query = 'SELECT * FROM users WHERE username = "******"';
$obj_result = mysqli_query($obj_db, $str_query);
$arr_user = mysqli_fetch_array($obj_result, MYSQLI_ASSOC);
if ($obj_result !== false && !empty($arr_user) && $arr_user !== false) {
if (SHOW_USERNAME_IN_FORM && !empty($frm_submitted['username'])) {
return 'Username already exists';
} else {
return 'Username (emailaddress) already exists';
}
}
$str_query = 'SELECT * FROM users WHERE email = "' . $frm_submitted['email'] . '"';
$obj_result2 = mysqli_query($obj_db, $str_query);
$arr_user2 = mysqli_fetch_array($obj_result2, MYSQLI_ASSOC);
if ($obj_result2 !== false && !empty($arr_user2) && $arr_user2 !== false) {
return 'Emailaddress already exists';
}
// generate random password
$password = Utils::generatePassword();
$bln_insert = false;
if (User::isSuperAdmin()) {
$usertype = 'admin';
$admin_group = $_SESSION['calendar-uid']['uid'];
$bln_insert = true;
} else {
if (User::isAdmin()) {
$usertype = 'user';
$admin_group = $_SESSION['calendar-uid']['uid'];
$bln_insert = true;
}
}
if ($bln_insert) {
$send_activation_mail = Settings::getSetting('send_activation_mail', $admin_group);
$bln_send_activation_mail = $send_activation_mail == 'on';
$str_query = 'INSERT INTO users ( `firstname` ,`infix` ,`lastname` ,`username`,`password` ,`email` ,`registration_date` ,' . '`birth_date`, `active`, `ip`, `country`, `country_code`, `usertype`, `admin_group`) VALUES (' . '"' . $frm_submitted['firstname'] . '",' . '"' . $frm_submitted['infix'] . '",' . '"' . $frm_submitted['lastname'] . '",' . '"' . (isset($frm_submitted['username']) && !empty($frm_submitted['username']) ? $frm_submitted['username'] : $frm_submitted['email']) . '",' . '"' . self::getPasswordHashcode($password) . '",' . '"' . $frm_submitted['email'] . '",' . 'NOW(),' . '"",' . ($bln_send_activation_mail ? '0, ' : '1,') . '"",' . '"",' . '"",' . '"' . $usertype . '",' . $admin_group . ')';
$res = mysqli_query($obj_db, $str_query);
$int_user_id = mysqli_insert_id($obj_db);
$hash_code = self::getUserHashcode($int_user_id);
if ($bln_send_activation_mail) {
$str_query = 'UPDATE `users` SET user_hash = "' . $hash_code . '" ' . ' WHERE `user_id` = ' . $int_user_id;
$res2 = mysqli_query($obj_db, $str_query);
}
if ($res !== false) {
$admin_mail = '';
if (defined('ADMIN_EMAILADDRESS')) {
$admin_mail = ADMIN_EMAILADDRESS;
}
if (User::isSuperAdmin()) {
$bln_send = Utils::sendMail('add_admin', $frm_submitted['email'], $password, $frm_submitted);
if ($frm_submitted['copy_to_admin'] && !empty($admin_mail)) {
Utils::sendMail('copy_to_admin_admin_created', $admin_mail, $password, $frm_submitted);
}
// insert default settings
settings::saveDefaultSettings($int_user_id);
} else {
if (User::isAdmin()) {
$bln_send = Utils::sendMail('add_user', $frm_submitted['email'], $password, $frm_submitted, $int_user_id, $hash_code);
if ($frm_submitted['copy_to_admin'] && !empty($admin_mail)) {
Utils::sendMail('copy_to_admin_user_created', $admin_mail, $password, $frm_submitted);
}
}
}
if ($bln_send) {
if (defined('SHOW_CREATED_PASSWORD_WHEN_ADMIN_ADDS_USER') && SHOW_CREATED_PASSWORD_WHEN_ADMIN_ADDS_USER) {
return array('insert' => true, 'mail' => 'send', 'password' => $password);
} else {
return array('insert' => true, 'mail' => 'send');
}
} else {
if (defined('SHOW_CREATED_PASSWORD_WHEN_ADMIN_ADDS_USER') && SHOW_CREATED_PASSWORD_WHEN_ADMIN_ADDS_USER) {
return array('insert' => true, 'mail' => 'notsend', 'password' => $password);
} else {
return array('insert' => true, 'mail' => 'notsend');
}
}
} else {
return array('insert' => false, 'mail' => 'notsend');
}
} else {
return array('insert' => false, 'mail' => 'notsend', 'error' => 'You have no admin rights!');
}
}
