* * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ require_once "inc/toolkit.inc.php"; include_once "inc/header.inc.php"; if (!verify_permission('user_add_new')) { error(ERR_PERM_ADD_USER); } else { if (isset($_POST["commit"])) { add_new_user($_POST); success(SUC_USER_ADD); } echo " <h2>" . _('Add user') . "</h2>\n"; echo " <form method=\"post\">\n"; echo " <table>\n"; echo " <tr>\n"; echo " <td class=\"n\">" . _('Username') . "</td>\n"; echo " <td class=\"n\"><input type=\"text\" class=\"input\" name=\"username\" value=\"\"></td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td class=\"n\">" . _('Fullname') . "</td>\n"; echo " <td class=\"n\"><input type=\"text\" class=\"input\" name=\"fullname\" value=\"\"></td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td class=\"n\">" . _('Password') . "</td>\n";
require_once "inc/config.php"; require_once ROOT_PATH . "inc/database.php"; include ROOT_PATH . "inc/header.php"; if (isset($_SESSION['user_id'])) { header("Location:home.php"); } $email = ""; $fname = ""; $lname = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (isset($_POST["email"])) { $email = trim($_POST["email"]); $password = password_hash($_POST["password"], PASSWORD_DEFAULT); $fname = trim(ucfirst($_POST["fname"])); $lname = trim(ucfirst($_POST["lname"])); $new_user_id = add_new_user($email, $password, $fname, $lname); $user = get_user($new_user_id); $_SESSION['user_id'] = $new_user_id; $_SESSION['fname'] = $fname; $_SESSION['lname'] = $lname; $_SESSION['email'] = $email; $_SESSION['permissions'] = $user["permissions_level"]; $_SESSION['member_level'] = $user["member_level"]; // if the user was sent to register.php from an event page, send them back to that event page if (isset($_SESSION["event"])) { header("Location:" . BASE_URL . "events/" . $_SESSION["event"] . "/"); } else { // otherwise, send them to the home page header("Location:index.php"); } }
function take_registration_form() { /** * $username string * $password string * $passhash_md5 string * $email string */ $username = $_POST['login']['username']; $password = $_POST['login']['password']; $passhash_md5 = hash_password($password); $email = $_POST['login']['email']; /** * Tarkasta annetun datan aitous ja ainutlaatuisuus * $email string * $password string * $username string */ if (validate($email, $password, $username)) { echo "validaatio toimii"; add_new_user($email, $passhash_md5, $username); $_SESSION['login']['passhash_md5'] = $passhash_md5; $_SESSION['login']['email'] = $email; $_SESSION['login']['logged_in'] = 1; $_SESSION['login']['user_id'] = get_user_id($email); $_SESSION['login']['username'] = $username; direct_right(); } else { direct_wrong(); } }
$return = "SUCCESS"; } else { $return = "ERROR"; } } else { $return = "EMPTY"; } } else { $return = "WRONG"; } echo $return; } if ($_POST['action'] == 'add_new_user') { if ($login['admin'] == true) { if (!empty($_POST['useradd']) && !empty($_POST['passadd']) && !empty($_POST['nick']) && !empty($_POST['bbs']) && !empty($_POST['ref']) && !empty($_POST['intro']) && !empty($_POST['email']) && mb_strlen($_POST['passadd']) > 3 && mb_strlen($_POST['passadd']) < 21) { $add = add_new_user($_POST['useradd'], $_POST['passadd'], $_POST['email'], $_POST['nick'], $_POST['bbs'], $_POST['ref'], $_POST['intro']); $add ? $return = "SUCCESS" : ($return = "ERROR"); } else { $return = "EMPTY"; } } else { $return = "ERROR"; } echo $return; } // 管理員更改密碼 if ($_POST['action'] == 'adminChangePass') { $response_array['status'] = false; $response_array['message'] = ""; if ($login['admin'] == true) { if (!empty($_POST['user']) && !empty($_POST['pass']) && mb_strlen($_POST['pass']) > 3 && mb_strlen($_POST['pass']) < 21) {
{ if (empty($_POST['name'])) { deliver_response(400, "No name set", NULL); return false; } if (empty($_POST['password'])) { deliver_response(400, "No password set", NULL); return false; } if (empty($_POST['email'])) { deliver_response(400, "No email set", NULL); return false; } return true; } function add_new_user() { $conn = new mysqli($GLOBALS['db'], $GLOBALS['login'], $GLOBALS['pass'], $GLOBALS['dbname']); if (!$conn) { die("Connection failed: " . mysqli_connect_error()); } $query = "INSERT INTO GS_USER (NICKNAME, PASSWORD, EMAIL) VALUES (\n '" . $_POST['name'] . "',\n '" . sha1($_POST['password']) . "',\n '" . $_POST['email'] . "'\n )"; if (mysqli_query($conn, $query)) { deliver_response(201, "Success", 2); } else { deliver_response(400, "Query error", 232); } } if (verify_new_user()) { add_new_user(); }
* * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ require_once "inc/toolkit.inc.php"; include_once "inc/header.inc.php"; if (!verify_permission('user_add_new')) { error(ERR_PERM_ADD_USER); } else { if (isset($_POST["commit"])) { if (add_new_user($_POST)) { success(SUC_USER_ADD); } } echo " <h2>" . _('Add user') . "</h2>\n"; echo " <form method=\"post\" action=\"add_user.php\">\n"; echo " <table>\n"; echo " <tr>\n"; echo " <td class=\"n\">" . _('Username') . "</td>\n"; echo " <td class=\"n\"><input type=\"text\" class=\"input\" name=\"username\" value=\"\"></td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td class=\"n\">" . _('Fullname') . "</td>\n"; echo " <td class=\"n\"><input type=\"text\" class=\"input\" name=\"fullname\" value=\"\"></td>\n"; echo " </tr>\n"; echo " <tr>\n";