Esempio n. 1
0
function lxAddUser()
{
    global $DB, $C;
    VerifyPrivileges(P_USER_ADD);
    $user_count = $DB->Count('SELECT COUNT(*) FROM lx_users WHERE username=?', array($_REQUEST['username']));
    $mail_count = $DB->Count('SELECT COUNT(*) FROM lx_users WHERE email=?', array($_REQUEST['email']));
    $validator = new Validator();
    $validator->Register($_REQUEST['username'], V_LENGTH, 'The username must be between 3 and 32 characters in length', array('min' => 3, 'max' => 32));
    $validator->Register($_REQUEST['username'], V_ALPHANUM, 'The username can only contain letters and numbers');
    $validator->Register($_REQUEST['password'], V_LENGTH, 'The password must contain at least 4 characters', array('min' => 4, 'max' => 999));
    $validator->Register($_REQUEST['email'], V_EMAIL, 'The e-mail address is not properly formatted');
    $validator->Register($user_count, V_ZERO, 'A user account already exists with that username');
    $validator->Register($mail_count, V_ZERO, 'A user account already exists with that e-mail address');
    $validator->Register($_REQUEST['weight'], V_NUMERIC, 'The weight value must be numeric');
    $validator->Register($_REQUEST['date_added'], V_DATETIME, 'The Date Added field is not properly formatted');
    if (!empty($_REQUEST['date_modified'])) {
        $validator->Register($_REQUEST['date_modified'], V_DATETIME, 'The Date Modified field is not properly formatted');
    }
    if (!$validator->Validate()) {
        $GLOBALS['errstr'] = join('<br />', $validator->GetErrors());
        lxShAddUser();
        return;
    }
    NullIfEmpty($_REQUEST['date_modified']);
    // Add account data to the database
    $DB->Update('INSERT INTO lx_users VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)', array($_REQUEST['username'], sha1($_REQUEST['password']), $_REQUEST['name'], $_REQUEST['email'], $_REQUEST['date_added'], $_REQUEST['date_modified'], $_REQUEST['status'], '', NULL, 0, intval($_REQUEST['recip_required']), intval($_REQUEST['allow_redirect']), $_REQUEST['weight']));
    // Add user defined fields
    $query_data = CreateUserInsert('lx_user_fields', $_REQUEST);
    $DB->Update('INSERT INTO lx_user_fields VALUES (' . $query_data['bind_list'] . ')', $query_data['binds']);
    $GLOBALS['message'] = 'New user account successfully added';
    $GLOBALS['added'] = true;
    UnsetArray($_REQUEST);
    lxShAddUser();
}
Esempio n. 2
0
function txAdministratorAdd()
{
    global $DB, $C;
    VerifyAdministrator();
    $user_count = $DB->Count('SELECT COUNT(*) FROM `tx_administrators` WHERE `username`=?', array($_REQUEST['username']));
    $v = new Validator();
    $v->Register($_REQUEST['username'], V_LENGTH, 'The username must be between 3 and 32 characters in length', array('min' => 3, 'max' => 32));
    $v->Register($_REQUEST['username'], V_ALPHANUM, 'The username can only contain letters and numbers');
    $v->Register($_REQUEST['password'], V_LENGTH, 'The password must contain at least 4 characters', array('min' => 4, 'max' => 999));
    $v->Register($_REQUEST['email'], V_EMAIL, 'The e-mail address is not properly formatted');
    if ($user_count > 0) {
        $v->SetError('An administrator account already exists with that username');
    }
    if (isset($_REQUEST['e_cheat_report']) && !is_numeric($_REQUEST['reports_waiting'])) {
        $v->SetError('The number of reports waiting must be filled in and numeric');
    }
    if (isset($_REQUEST['e_partner_request']) && !is_numeric($_REQUEST['requests_waiting'])) {
        $v->SetError('The number of requests waiting must be filled in and numeric');
    }
    if (!$v->Validate()) {
        return $v->ValidationError('txShAdministratorAdd');
    }
    // Determine the privileges and notifications for this account
    $privileges = GenerateFlags($_REQUEST, '^p_');
    $notifications = GenerateFlags($_REQUEST, '^e_');
    // Add account data to the database
    $DB->Update('INSERT INTO `tx_administrators` VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)', array($_REQUEST['username'], sha1($_REQUEST['password']), NULL, NULL, $_REQUEST['name'], $_REQUEST['email'], $_REQUEST['type'], NULL, NULL, NULL, NULL, 0, 0, 0, $notifications, $privileges, $_REQUEST['reports_waiting'], $_REQUEST['requests_waiting']));
    $GLOBALS['message'] = 'New administrator successfully added';
    $GLOBALS['added'] = true;
    UnsetArray($_REQUEST);
    txShAdministratorAdd();
}