/
add_address.php
executable file
·62 lines (46 loc) · 1.57 KB
/
add_address.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<?php
require_once("inc/config.php");
check_role($ROLE_ADMIN);
$tem = template_open("add_address.tpl");
$tem = template_add_head_foot($tem,head,foot);
$username = ereg_replace("[^[A-z]]","",$_REQUEST['username']);
$password = ereg_replace("[^[A-z]]","",$_REQUEST['password']);
$first = ereg_replace("[^[:alnum:] ]","",$_REQUEST['first']);
$last = ereg_replace("[^[:alnum:] ]","",$_REQUEST['last']);
echo "do sem";
$sql = "SELECT * FROM roles";//TitleGroup";
$result = $db->fetchAll($sql);
foreach ($result as $res) {
$names[] .= $res["name"];
$values[].= $res["id_role"];
}
$role_dropdown = html_drop_down_arrays("role_drop",$names,$values,"");
if ($_REQUEST['add'] == "Dodaj") {
//echo $username."-".$password."-".$first."-".$last."-".$role_drop;
if ($username and $password and $first and $last) {
//pogledamo kaj imamo in ce je ze tak notr slucajn...
$sql = "SELECT first FROM persons where first='$first' and last='$last'";
$result = $db->fetchOne($sql);
if ( $result ) {
$message.="Uporabnik ze obstaja";
} else {
// dejansko vnesemo
$data = array(
'username' => $username,
'passwd' => $password,
'first' => $first,
'last' => $last,
'id_role' => $role_drop
);
$db->insert('persons', $data);
$message .= "Uporabnik dodan..";
}
} else {
$message.= "Izpolni vsa polja!";
}
}
$tem = str_replace("##MESSAGE##",$message,$tem);
$tem = str_replace("##ROLE_DROPDOWN##",$role_dropdown,$tem);
$tem = template_clean_up_tags($tem,"##");
echo $tem;
?>