public function addUser(eCRFUser $user)
{
$id = $user->getID();
$time = date('Y-m-d H:i:s');
if (!isset($this->firstuser)) {
$this->set('firstuser', $id);
$this->set('created', $time);
}
$this->set('lastuser', $id);
$this->set('lastmod', $time);
}
$_SESSION[$include] = $data;
header("Location:index.php?page={$include}");
exit;
break;
case 'usereg':
if (isset($_POST['userID']) && is_numeric($_POST['userID'])) {
$userEdit = new eCRFUser($_POST['userID']);
if ($userEdit->getPrivilege() > 90 && $_POST['usereg-privilege_id'] < 90) {
$_SESSION['error'] = "You must use the User Admin screen to authorise new users.";
} elseif ($userEdit->getPrivilege() < $user->getPrivilege() || $user->getPrivilege() > $_POST['usereg-privilege_id']) {
$_SESSION['error'] = "You cannot edit a user with greater privilege than yourself.";
} elseif ($userEdit->getCentre() != $user->getCentre() && $user->isLocal()) {
$_SESSION['error'] = "You cannot edit users from other centres.";
} elseif ($userEdit->getCountry() != $user->getCountry() && !$user->isCentralAdmin()) {
$_SESSION['error'] = "You cannot edit users from other countries.";
} elseif ($userEdit->getID() !== $user->getID() && $_POST['deleteUser'] === '1') {
$userEdit->deleteUser();
$_SESSION['message'] = "You have deleted the user.";
} else {
if ($trial->addUserInput($_POST, $userEdit)) {
if ($_POST['usereg-revalUser'] === '1') {
$password = $userEdit->generatePassword();
// Generate new password
$userEdit->setPassword($password, $user->getKey());
// Set it for the user
$email = $userEdit->writeEmail('created', $user, $password);
// Send email with username and password
$mail = $trial->sendEmail($email);
}
$userEdit->saveToDB();
$_SESSION['message'] = "You have updated the user's details.";
