function Push_New_Entries()
{
print '<br>Push_New_Entries<br>';
$attribute_changer = $GLOBALS['AttributeChangerPlugin'];
$PLUGIN_FILES_DIR = $attribute_changer->AttributeChangerData['PLUGIN_FILES_DIR'];
$AttributeChangerData = $attribute_changer->AttributeChangerData;
$case_array = $AttributeChangerData['case_array'];
$Session = $attribute_changer->Current_Session;
foreach ($Session->Committed_New_Entries as $email_key => $new_attributes_and_values) {
$exists = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $AttributeChangerData['tables']['user'], $email_key));
if ($exists[0]) {
//$Failed_New_Entries[$email_key] = $new_attributes_and_values;
} else {
$new_user_id = addNewUser($email_key);
$new_value_array = array();
foreach ($new_attributes_and_values as $attribute_id => $attribute_value_id) {
if ($case_array[$Session->attribute_list[$attribute_id]['type']] == 'case_3') {
$new_value_array = array();
foreach ($attribute_value_id as $individual_id) {
if (array_key_exists($individual_id, $Session->attribute_list[$attribute_id]['allowed_value_ids'])) {
array_push($new_value_array, $individual_id);
}
}
$proper_this_attribute_value = implode(',', $new_value_array);
} else {
if ($case_array[$Session->attribute_list[$attribute_id]['type']] == 'case_2') {
if (array_key_exists($attribute_value_id, $Session->attribute_list[$attribute_id]['allowed_value_ids'])) {
$proper_this_attribute_value = $attribute_value_id;
}
} else {
///HERE IS MESSSSSSSSY
if (in_array($attribute_value_id, $Session->New_Entry_List[$email_key][$attribute_id])) {
$proper_this_attribute_value = $attribute_value_id;
}
}
}
print '<br>new user: '******' attribute id: ' . $attribute_id . ' value :' . $proper_this_attribute_value . '<br>';
//need a way for 'STICKY' attributes
SaveCurrentUserAttribute($new_user_id, $attribute_id, $proper_this_attribute_value);
//saveUserAttribute($new_user_id, $attribute_id, $proper_this_attribute_value);
}
}
}
}
if (!preg_match("/^[a-zA-Z ]*\$/", $_POST['first_name']) || !preg_match("/^[a-zA-Z ]*\$/", $_POST['last_name'])) {
$nameErr = "Only letters and white space allowed";
} else {
$first_name = $_POST["first_name"];
$last_name = $_POST["last_name"];
$email = $_POST["email"];
$phone = $_POST["phone"];
$pword = $_POST["pword"];
$cpword = $_POST["cpword"];
if ($pword != $cpword) {
echo '<font color = "red">Passwords do not match</font><br>';
}
$link = connectDatabase();
$check = checkNewUser($email, $link);
if (FALSE == $check) {
$flag = addNewUser($first_name, $last_name, $email, $phone, $pword, $link);
if (FALSE == $flag) {
echo '<font color = "red">Oops techie issues !!</font><br>';
} else {
echo "<script type='text/javascript'>alert('User " . $email . " was created successfully.');</script>";
closeConn($link);
}
} else {
echo "<script type='text/javascript'>alert('User " . $email . " already registered.');</script>";
}
}
}
}
}
}
}
if (isset($_POST['user_ufield10'])) {
$arrValuesToUpdate['user_ufield10'] = readPostVar('user_ufield10');
}
}
if (isset($_POST['user_notes'])) {
$arrValuesToUpdate['user_notes'] = readPostVar('user_notes');
}
$bIsUserNameDuplicated = getRecordCount($srv_settings['table_prefix'] . 'users', 'username='******'username'] . (!$bIsNewUser ? ' AND id<>' . $arrValuesToUpdate['id'] : '')) > 0;
if ($bIsUserNameDuplicated) {
$g_vars['page']['errors'] .= $lngstr['err_username_duplicate'];
}
if ($g_vars['page']['errors']) {
include_once $DOCUMENT_PAGES . "manageusers-2.inc.php";
} else {
if ($bIsNewUser) {
$f_id = addNewUser($arrValuesToUpdate, array(), true);
} else {
updateUser($arrValuesToUpdate);
}
if (isset($_POST['group']) && !empty($_POST['group'][0])) {
$arrGroupIDsNew = readPostVar('group');
unset($arrGroupIDsNew[0]);
$arrGroupIDsToAdd = array();
$arrGroupIDsToDelete = array();
//9917//9917
$i_rSet1 = $g_db->Execute("SELECT " . $srv_settings['table_prefix'] . "groups_users.groupid FROM " . $srv_settings['table_prefix'] . "groups_users WHERE id=" . $f_id);
if (!$i_rSet1) {
showDBError(__FILE__, 1);
} else {
while (!$i_rSet1->EOF) {
if (!empty($arrGroupIDsNew[$i_rSet1->fields['groupid']])) {
<?php
include '../../functions.php';
include '../../connectdb.php';
//Get data from the former page via POST method
$first_name = $_POST["first-name"];
$last_name = $_POST["last-name"];
$email = $_POST["email"];
$password = $_POST["password"];
//Add a new user to the database
addNewUser($first_name, $last_name, $email, $password);
//Go to the login page
header("Location: ../../login.php");
$alertArr[] = $ALERT['PASS_TOSHORT'];
}
if (strlen($_POST['email']) > 140) {
$alertArr[] = $ALERT['EMAIL_TOLONG'];
}
if ($_POST['email'] && !emailValid($_POST['email'])) {
$alertArr[] = $ALERT['EMAIL_INVALID'];
}
if ($_POST['email'] && emailExist($_POST['email'])) {
$alertArr[] = $ALERT['EMAIL_TAKEN'];
}
if (count($alertArr) == 0) {
// Add the new account to the database
// (password has already been encrypted using javascript)
$_SESSION['reguname'] = $_SESSION['username'];
$_SESSION['regresult'] = addNewUser($_POST['pass1'], $_POST['email']);
$_SESSION['registered'] = true;
$refresh = $HTTP_SERVER_VARS[PHP_SELF];
exit(include_once HTML_PATH . "html_refresh.php");
// stop script
}
}
$alert = displayAlert($alertArr);
if ($_POST['pass_field_curr']) {
$_POST['pass_field_curr'] = "";
}
if ($_POST['pass_field_1']) {
$_POST['pass_field_1'] = "";
}
if ($_POST['pass_field_2']) {
$_POST['pass_field_2'] = "";
$subselect_where = " where " . $tables["list"] . ".owner = 0";
break;
}
if ($access != "all") {
$delete_message = '<br />' . $GLOBALS['I18N']->get('Delete will delete user from the list') . '<br />';
} else {
$delete_message = '<br />' . $GLOBALS['I18N']->get('Delete will delete user and all listmemberships') . '<br />';
}
$usegroups = Sql_Table_exists("groups") && Sql_Table_exists('user_group');
if ($_POST["change"] && ($access == "owner" || $access == "all")) {
if (!verifyToken()) {
print Error($GLOBALS['I18N']->get('No Access'));
return;
}
if (!$id) {
$id = addNewUser($_POST['email']);
$newuser = 1;
}
if (!$id) {
print $GLOBALS['I18N']->get('Error adding user, please check that the user exists');
return;
}
# read the current values to compare changes
$old_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables["user"], $id));
$old_data = array_merge($old_data, getUserAttributeValues('', $id));
# and membership of lists
$req = Sql_Query("select * from {$tables["listuser"]} where userid = {$id}");
while ($row = Sql_Fetch_Array($req)) {
$old_listmembership[$row["listid"]] = listName($row["listid"]);
}
while (list($key, $val) = each($struct)) {
if ($action == "Regret button") {
$props = array('u_id' => $_POST['u_id'], 'r_id' => $_POST['r_id']);
regretAndBecomeFriends($props);
print json_encode($_POST['u_id']);
return;
}
if ($action == "Form Filling") {
$props = $_POST;
$props['u_id'] = isset($_SESSION['loggedInUser']['u_id']) ? $_SESSION['loggedInUser']['u_id'] : null;
$props['u_password'] = md5($props['u_password']);
if ($_FILES) {
$props['u_picture'] = move_files($_FILES['file1']);
$props['u_secret_pic'] = move_files($_FILES['file2']);
}
if (!$props['u_id']) {
$resultArr = addNewUser($props);
} else {
$resultArr = updateExistingUser($props);
}
if (isset($resultArr['u_id'])) {
$_SESSION['loggedInUser'] = $resultArr;
}
print json_encode($resultArr);
return;
}
/*if($action == "Select All Active Users") {
if($_GET['order_by'] == "ASC") {
$users = selectAllActiveUsersASC($_SESSION['loggedInUser']['u_id']);
print json_encode($users);
return;
} else {
$email = $_POST["email"];
}
} else {
$errors['email'] = "поле Email не может быть пустым";
}
if (!empty($_POST['pass'])) {
$pass = strlen($_POST['pass']);
//Проверяем длинну пароля
if ($pass < 6) {
$errors['pass'] = "******";
} else {
$pass = md5($_POST["pass"]);
}
} else {
$errors['pass'] = "******";
}
//Тут уже отправка
if (empty($errors)) {
$res = addNewUser($login, $email, $pass, $regitrationdate);
$result = 'Пользователь успешно зарегистрирован';
}
}
include 'view/index.php';
//Тесты
//$link = DBconnect();
//$res = mysql_query("SELECT COUNT * FROM users", $link);
//$row = mysql_fetch_row($res);
//$users = $row[0];
//echo $users;
$result = mysql_query("SELECT * FROM users");
$num_rows = mysql_num_rows($result);
} else {
return true;
}
}
/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if (isset($_POST['subjoin'])) {
if (checkSubmitValues()) {
/* Add the new account to the database */
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = md5($_POST['pass']);
$_SESSION['reguid'] = addNewUser(trim($_POST['user']), trim($_POST['pass']), trim($_POST['email']));
$_SESSION['registered'] = true;
header('Location: ' . $CFG->wwwroot . '/modules/frontpage/frontpage.php');
return;
}
// Otherwise will fall through to show the form, with the error set.
} else {
if (isset($_GET['confirm'])) {
if (confirmRegistration($_GET['confirm'])) {
$t->assign('message', 'Thank you for confirming your registration.');
$t->display('registerConfirm.tpl');
die;
} else {
$t->assign('message', 'This registration is no longer valid. Please begin your registration again.');
$t->display('registerConfirm.tpl');
die;
/**
* Функция которая возвращает массив информации
* о просматриваемой страничка с типом $type
* и $id
* @param null $type
* @param null $id
* @return array
*/
function getContent($type = null, $id = null)
{
/*Если параметры null, то выводим страничку по умолчанию*/
if ($type == null) {
$type = DEFAULT_PAGE;
}
if (isset($_POST['new_submit']) && $_POST['new_submit']) {
$type = NEW_SUBMIT_TYPE;
}
$loginStatus = LOGIN_ALREADY;
if (isset($_GET['unlogin']) && $_GET['unlogin']) {
unlogin();
$loginStatus = LOGIN_EXIT;
}
if ($_POST['submit']) {
$loginStatus = login($_POST['login'], $_POST['password']);
}
/*Инициализируем информацию в зависимости от типа */
$array = array();
switch ($type) {
/*Если тип страницы - текстовая*/
case TEXT_TYPE:
/*Если id не инициализирован выводим главную.
Иначе страницу с id*/
if ($id == null) {
$id = MAIN_PAGE_TEXT_ID;
}
/*Получаем текст из базы*/
$page = getTextContent($id);
$array['content'] = $page['text'];
break;
case CATALOG_TYPE:
/*Если id не инициаизирован */
if (!($id > 0)) {
/*Выбираем первый попавшийся театр*/
$sql = "SELECT id from theatures LIMIT 1";
$res = mysql_query($sql);
$row = mysql_fetch_array($res);
$id = $row['id'];
}
/*Получаем спектали из базы*/
$items = getCatalogItems($id);
//$parent_item = get;
/*Вставляем их в ш для красивого вывода*/
$array['content'] = (include 'templates/content/item/items.php');
break;
case ITEM_TYPE:
$item = getItem($id);
$array['content'] = (include 'templates/content/item/item_big.php');
break;
case NEW_REG_TYPE:
$array['content'] = (include 'templates/content/login/newreg.php');
break;
case NEW_SUBMIT_TYPE:
//Если пароли совпадают
if ($_POST['new_password1'] == $_POST['new_password2']) {
if (addNewUser($_POST['new_login'], $_POST['new_password2'])) {
$array['content'] = 'Поздравляем вы зарегистерированы';
} else {
$array['content'] = 'Такой пользователь уже есть';
}
} else {
$array['content'] = 'Пароли не совпадают';
}
break;
case ADD_CART_TYPE:
addToCart($id);
$cartItems = getCartItems();
$sum = calculateCart();
$array['content'] = (include 'templates/content/cart/cart.php');
break;
case CART_TYPE:
$cartItems = getCartItems();
$sum = calculateCart();
$array['content'] = (include 'templates/content/cart/cart.php');
break;
/*Удаляем одну штуку*/
/*Удаляем одну штуку*/
case REMOVE_CART_TYPE:
$cartItems = getCartItems();
$sum = calculateCart();
removeFromCart($id);
$array['content'] = (include 'templates/content/cart/cart.php');
break;
/*Удаляем весь товар*/
/*Удаляем весь товар*/
case REMOVE_ITEM_CART_TYPE:
$cartItems = getCartItems();
$sum = calculateCart();
removeFromCart($id, CART_REMOVE_ALL);
$array['content'] = (include 'templates/content/cart/cart.php');
break;
case CLEAR_CART_TYPE:
$cartItems = getCartItems();
$sum = calculateCart();
clearCart();
$array['content'] = (include 'templates/content/cart/cart.php');
break;
}
$user = getCurrentUser();
$array['theatures'] = getCatalogCategories();
$items = getCatalogCategories();
$array['leftPanel'] = (include 'templates/content/catalog/catalogCategories.php');
$array['rightPanel'] = (include 'templates/content/login/login.php');
$array['banner_word'] = 'Театры';
$array['title'] = 'Сайт';
return $array;
}
/* Check if username is already in use */
if (usernameTaken($_POST['user'])) {
$use = $_POST['user'];
die("<br>\n <div align=center>\n <center>\n <table border=1 cellpadding=5 cellspacing=0 style=border-collapse: collapse id=AutoNumber1 bordercolor=#FFFFFF>\n <tr>\n <td width=100% bgcolor=#666666>\n \n <font color=#FF0000><b>ERROR:</b></font> Sorry, the username: <strong>{$use}</strong> is already taken, please pick another one!<br>\n </tr>\n </table>\n </center>\n</div>");
}
/* Check pass length */
if (strlen($_POST['pass']) < 5) {
die("<br>\n <div align=center>\n <center>\n <table border=1 cellpadding=5 cellspacing=0 style=border-collapse: collapse id=AutoNumber1 bordercolor=#FFFFFF>\n <tr>\n <td width=100% bgcolor=#666666>\n \n <font color=#FF0000><b>ERROR:</b></font> Sorry, the password is shorter than 5 characters, please make it longer!<br>\n </tr>\n </table>\n </center>\n</div>");
}
if (strlen($_POST['pass']) > 32) {
die("<br>\n <div align=center>\n <center>\n <table border=1 cellpadding=5 cellspacing=0 style=border-collapse: collapse id=AutoNumber1 bordercolor=#FFFFFF>\n <tr>\n <td width=100% bgcolor=#666666>\n \n <font color=#FF0000><b>ERROR:</b></font> Sorry, the password is longer than 32 characters, please shorten it!<br>\n </tr>\n </table>\n </center>\n</div>");
}
/* Add the new account to the database */
$md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
$_SESSION['registered'] = true;
return;
} else {
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
if (!$_GET['ref']) {
$_GET['ref'] = 0;
}
?>
<html>
<body>
<tr>
<td colspan="2" align="center"><input type="submit" /></td>
</tr>
<table>
</form>
</div>
<?php
echo _footer();
// Create new user, after submiting the form
} elseif ($_GET['act'] == 'createNewUser') {
$dbControlHandler = new SQLiteDatabase(DB_CONTROL_FILE);
// Create Users Table
$dbControlHandler->query("CREATE TABLE users(id INTEGER PRIMARY KEY, username CHAR(60), salt CHAR(10), password CHAR(32), permissions INTEGER);");
$userName = $_POST['userName'];
$userPw = $_POST['password'];
addNewUser($dbControlHandler, $userName, $userPw, GLOBAL_ADMIN);
$dbTrackHandler = new SQLiteDatabase(DB_TRACK_FILE);
// Create Tracking Table
$dbTrackHandler->query("BEGIN;\r\n\t\tCREATE TABLE computers(id INTEGER PRIMARY KEY, name CHAR(250), region INTEGER, x INTEGER, y INTEGER, comment INTEGER, icon CHAR(150), laststatus INTEGER, lastsignal INTEGER);\r\n\t\tCREATE TABLE miscrecords(id INTEGER PRIMARY KEY, name CHAR(250), timestamp INTEGER, recordtype INTEGER, data TEXT);\r\n\t\tCREATE TABLE trackrecords(id INTEGER PRIMARY KEY, name CHAR(250), time INTEGER, status INTEGER);\r\nCREATE TABLE zones(id INTEGER PRIMARY KEY, region_name CHAR(255), region_width INTEGER, region_height INTEGER, region_map_img CHAR(255));\r\n\t\tCOMMIT;");
echo _header(_('New Database Setup'));
?>
<div id="yui-main">
<h1>Database Creation Completed!</h1>
<div>
<p>The Database Creation Process is completed. Please login to your root account!</p>
</div>
</div>
<?php
echo _footer();
} else {
die('Not Implemented!');
}
if ($attribute_changer->Current_Session->file_is_good == false) {
print '</body></html>';
} else {
$print_html = Get_Attribute_File_Column_Match();
$attribute_changer->Serialize_And_Store();
print '<html><body>' . $print_html . '</body></html>';
}
}
if (isset($_POST['resetTable'])) {
$query = sprintf("truncate table %s", $AttributeChangerData['tables']['user']);
$ret1 = Sql_Query($query);
$query = sprintf("truncate table %s", $GLOBALS['tables']['user_attribute']);
$ret2 = Sql_Query($query);
include_once $PLUGIN_FILES_DIR . 'New_And_Modify_Entry_Processor.php';
$id = addNewUser('djarcaig@milburnlaw.ca@');
if (!$id) {
print "error with user clear<br>";
return -1;
}
SaveCurrentUserAttribute($id, '1', 'fake name');
SaveCurrentUserAttribute($id, '1', '1');
}
if (isset($_POST['submitTest']) && $_POST['submitTest'] == 'submitTest') {
include_once $PLUGIN_FILES_DIR . 'Upload_Test_File_Processor.php';
if (!isset($attribute_changer->Current_Session) || $attribute_changer->Current_Session == null) {
print "<html><html>";
}
if ($attribute_changer->Current_Session->file_is_good == false) {
print '</body></html>';
} else {
require_once "connection.php";
session_start();
$form = $_GET['q'];
checkLogin($username, $password);
if ($form == "login") {
$username = $_POST['login-username'];
$password = $_POST['login-password'];
if (checkLogin($username, $password)) {
//if($username == "admin" && $password == "1234") {
// Successfully login
$_SESSION['username'] = $username;
header("location:index.php");
} else {
header("location:login.php?login=error");
}
} else {
if ($form == "logout") {
session_destroy();
header("location:index.php");
} else {
if ($form == "register") {
$username = $_POST["register-username"];
$password = $_POST["register-password"];
$repeatpassword = $_POST["register-repeat-password"];
if ($password == $repeatpassword) {
addNewUser($username, $password);
}
header("location:index.php");
}
}
}
/******************************************************************************/
$email = tfb_getRequestVar('email_address');
$newUser = tfb_getRequestVar('newUser');
$pass1 = tfb_getRequestVar('pass1');
$pass2 = tfb_getRequestVar('pass2');
$userType = tfb_getRequestVar('userType');
// check username
$usernameCheck = checkUsername($newUser);
// check password
$passwordCheck = checkPassword($pass1, $pass2);
// fast check email
$emailCheck = checkEmail($email);
// new user ?
$newUser = strtolower($newUser);
if ($usernameCheck === true && $passwordCheck === true && $emailCheck === true) {
addNewUser($newUser, $pass1, $userType, $email);
AuditAction($cfg["constants"]["admin"], $cfg['_NEWUSER'] . ": " . $newUser);
@header("location: admin.php?op=showUsers");
exit;
}
// init template-instance
tmplInitializeInstance($cfg["theme"], "page.admin.addUser.tmpl");
// set vars
$tmpl->setvar('newUser', $newUser);
// error
$tmpl->setvar('_ERROR', $cfg['_ERROR']);
// error-vars
$tmpl->setvar('errUsername', $usernameCheck !== true ? 1 : 0);
$tmpl->setvar('errMsgUsername', $usernameCheck !== true ? $usernameCheck : '');
$tmpl->setvar('errPassword', $passwordCheck !== true ? 1 : 0);
$tmpl->setvar('errMsgPassword', $passwordCheck !== true ? $passwordCheck : '');
$buyersql = "SELECT DISTINCT (buyer_id), buyer_name, buyer_email,\n\tbuyer_countrycode, buyer_land, buyer_zip, buyer_city, buyer_street\n\tFROM " . TABLE_AUCTION_DETAILS . " WHERE order_number =0";
$mybuyer = olc_db_query($buyersql);
$i = 0;
$email_text = EMPTY_STRING;
//look through buyers
while ($buyer_values = olc_db_fetch_array($mybuyer)) {
//check if email allready exists
$buyer_email = olc_db_input($buyer_values['buyer_email']);
$check_email_query = olc_db_query("select customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . $buyer_email . APOS);
$check_email = olc_db_fetch_array($check_email_query);
if (olc_db_num_rows($check_email) > 0) {
//email allready existing - just add items in basket
$customers_id = $check_email['customers_id'];
} else {
//email dont exist - add user
addNewUser($buyer_values, $customers_id);
}
//add auction in basket
//$email_text=addAuctionsInBasket($buyer_email,true);
$email_text = addAuctionsInBasket($buyer_email);
/*
//Reuse checkout_process_code
$_SESSION['shipping']=EBAY_SHIPPING;
$customer_default_address_id=$_SESSION['customer_default_address_id'];
$_SESSION['sendto']=$customer_default_address_id;
$_SESSION['billto']=$customer_default_address_id;
$_SESSION['payment'];
*/
sendemail($email_text, $buyer_email);
$is_auction = true;
$real_checkout = false;
}
if (isset($_POST['_back'])) $cmd='';
$page_content='';
switch ($cmd) {
case 'new':
$page_content=addNewUser();
break;
case 'edit':
$exp="/[^a-zA-Z0-9]/i";
$check=preg_match($exp, $_GET['uid']);
if(($check+0)==1) {
header('Location: users.php');
exit();
}else {
$page_content=addNewUser($_GET['uid']);
}
break;
case 'delete' :
if($_SESSION['admin']['is_logged']==1) {
$exp="/[^a-zA-Z0-9]/i";
$check=preg_match($exp, $_GET['uid']);
if(($check+0)==1) {
header('Location: users.php');
exit();
}
$db=new DBConnection();
$uDetails=$db->getRow('users','user_uid="'.$_GET['uid'].'"','user_firstname, user_lastname, user_account_num');
$query='SELECT * FROM trades WHERE user_account_num="'.$uDetails['user_account_num'].'"';
$res=$db->rq($query);
break;
case "adduser":
if (!file_exists(str_replace("//", "/", $_SERVER["DOCUMENT_ROOT"] . "/" . $dir . '/.htpasswd'))) {
error(HTLANG('err_htpasswd_not_exists', False), $dir);
} elseif (!isset($_SESSION['crypt'])) {
error(HTLANG('err_crypt', False), $dir);
} elseif ($user == "" || $user == " ") {
error(HTLANG('err_username', False), $dir);
} elseif ($pwd == "" || $pwd == " ") {
error(HTLANG('err_password', False), $dir);
} elseif (user_exists($user, $dir)) {
error(HTLANG('err_user_exists', False), $dir);
} else {
$err = "";
$msg = "";
if (addNewUser($user, $pwd, $_SESSION['crypt'], $dir) != FALSE) {
$msg = $msg . HTLANG('msg_user_created', False);
} else {
$err = $err . HTLANG('err_user_create', False);
}
if ($err != "") {
error($err . HTLANG('err_folder_cmod', False), $dir);
}
if ($msg != "") {
msg($msg, $dir);
}
}
break;
case "deluser":
if ($user == "" || $user == " ") {
error(HTLANG('err_username', False), $dir);
# create a default admin
$_SESSION['firstinstall'] = 1;
if (isset($_REQUEST['adminemail'])) {
$adminemail = $_REQUEST['adminemail'];
} else {
$adminemail = '';
}
if (isset($_REQUEST['adminpassword'])) {
$adminpass = $_REQUEST['adminpassword'];
} else {
$adminpass = '******';
}
Sql_Query(sprintf('insert into %s (loginname,namelc,email,created,modified,password,passwordchanged,superuser,disabled)
values("%s","%s","%s",now(),now(),"%s",now(),%d,0)', $tables['admin'], 'admin', 'admin', $adminemail, encryptPass($adminpass), 1));
## let's add them as a subscriber as well
$userid = addNewUser($adminemail, $adminpass);
Sql_Query(sprintf('update %s set confirmed = 1 where id = %d', $tables['user'], $userid));
/* to send the token at the end, doesn't work yet
$adminid = Sql_Insert_Id();
*/
} elseif ($table == 'task') {
while (list($type, $pages) = each($system_pages)) {
foreach ($pages as $page => $access_level) {
Sql_Query(sprintf('replace into %s (page,type) values("%s","%s")', $tables['task'], $page, $type));
}
}
}
echo '... ' . s('ok') . "<br />\n";
} else {
echo '... ' . s('failed') . "<br />\n";
}
$feedback = '';
$error_exist = 0;
if (!empty($_POST['change']) && ($access == 'owner' || $access == 'all')) {
if (!verifyToken()) {
print Error($GLOBALS['I18N']->get('Invalid security token, please reload the page and try again'));
return;
}
if (isset($_POST['email']) && !empty($_POST['email'])) {
## let's not validate here, an admin can add anything as an email, if they like, well, except for HTML
$email = strip_tags($_POST['email']);
} else {
$email = '';
}
if (!$error_exist && !empty($email)) {
if (!$id) {
$id = addNewUser($email);
Redirect("user&id={$id}");
exit;
}
if (!$id) {
print s('Error adding subscriber, please check that the subscriber exists');
$error_exist = 1;
//return;
}
}
/************ BEGIN <whitout_error IF block> (end in line 264) **********************/
if (!$error_exist) {
# read the current values to compare changes
$old_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables['user'], $id));
$old_data = array_merge($old_data, getUserAttributeValues('', $id));
# and membership of lists
function addUser($newUser, $pass1, $userType)
{
global $cfg;
$newUser = strtolower($newUser);
if (IsUser($newUser)) {
DisplayHead(_ADMINISTRATION);
// Admin Menu
displayMenu();
echo "<br><div align=\"center\">" . _TRYDIFFERENTUSERID . "<br><strong>" . $newUser . "</strong> " . _HASBEENUSED . "</div><br><br><br>";
DisplayFoot(true, true);
} else {
addNewUser($newUser, $pass1, $userType);
AuditAction($cfg["constants"]["admin"], _NEWUSER . ": " . $newUser);
header("location: admin.php?op=CreateUser");
}
}
function process_post()
{
/* We switch according to the $_POST[action] variable, which is a hidden
* submit formfield in each <form>. see html/add*.txt for more information.
*/
switch ("{$_POST['action']}") {
/*
* Add new user. We wont touch that here. Let auth() handle that.
*/
case "newuser":
addNewUser();
break;
/*
* Update to the about box in profiles.
*/
/*
* Update to the about box in profiles.
*/
case "modprofile":
modProfile();
break;
/*
* Change password. We wont touch that here. Let auth() handle that.
*/
/*
* Change password. We wont touch that here. Let auth() handle that.
*/
case "changepw":
changePassword();
break;
/*
* Change email.
*/
/*
* Change email.
*/
case "changeemail":
changeEmail();
break;
/*
* Change can view preferences.
*/
/*
* Change can view preferences.
*/
case "changecanpage":
changeCanPrefs();
break;
/*
* Update API Key
*/
/*
* Update API Key
*/
case "update_api":
global $MySelf;
$api = new api($MySelf->getID());
if ($_POST[deleteKey]) {
// Delete api Key
$api->deleteApiKey();
makeNotice("Your API key has been delete from the database.", "notice", "API Key wipe success", "index.php?action=preferences");
} else {
// Update api key
$api->setApiKey($_POST[apiID], $_POST[apiKey]);
makeNotice("Your new API key has been stored.", "notice", "API Key update success", "index.php?action=preferences");
}
break;
/*
* Add a Rank
*/
/*
* Add a Rank
*/
case "addnewrank":
addRank();
break;
/*
* Edit the ranks
*/
/*
* Edit the ranks
*/
case "editranks":
editRanks();
break;
/*
* Change opt-in status.
*/
/*
* Change opt-in status.
*/
case "optIn":
toggleOptIn();
break;
/*
* Change See Inoffical Runs Setting (sir)
*/
/*
* Change See Inoffical Runs Setting (sir)
*/
case "sirchange":
sirchange();
break;
/*
* Submiting a template change form
*/
/*
* Submiting a template change form
*/
case "editTemplate":
editTemplate();
break;
/*
* Change ore value.
*/
/*
* Change ore value.
*/
case "changeore":
changeOreValue();
break;
/*
* Change ship value.
*/
/*
* Change ship value.
*/
case "changeship":
changeShipValue();
break;
/*
* Delete pending payout request
*/
/*
* Delete pending payout request
*/
case "deleteRequest":
deletePayoutRequest();
break;
/*
* Modify online time.
*/
/*
* Modify online time.
*/
case "modonlinetime":
modOnlineTime();
break;
/*
* Modify site settings.
*/
/*
* Modify site settings.
*/
case "configuration":
modConfiguration();
break;
/*
* Add an event to the DB
*/
/*
* Add an event to the DB
*/
case "addevent":
addEventToDB();
break;
/*
* Request payout.
*/
/*
* Request payout.
*/
case "requestPayout":
requestPayout();
break;
/*
* Transfer Money
*/
/*
* Transfer Money
*/
case "transferMoney":
transferMoney();
break;
/*
* Do the payouts
*/
/*
* Do the payouts
*/
case "payout":
doPayout();
break;
/*
* Create a new can in the Database.
*/
/*
* Create a new can in the Database.
*/
case "addcan":
addCanToDatabase();
break;
/*
* Admin request to change a user.
*/
/*
* Admin request to change a user.
*/
case "edituser":
editUser();
break;
/*
* AddRun
* This adds a new run to the database.
*/
/*
* AddRun
* This adds a new run to the database.
*/
case "addrun":
addRun();
break;
/*
* Analog to AddRun, just for Hauls.
*/
/*
* Analog to AddRun, just for Hauls.
*/
case "addhaul":
addHaul();
break;
/*
* Create a new transaction.
*/
/*
* Create a new transaction.
*/
case "transaction":
createTransaction();
break;
/*
* Lotto stuff
*/
/*
* Lotto stuff
*/
case "editLottoTickets":
lotto_editCreditsInDB();
break;
case "createDrawing":
lotto_createDrawing();
break;
case "lottoBuyCredits":
lotto_buyTickets();
break;
}
}
@header("location: ../../../index.php");
exit;
}
/******************************************************************************/
$newUser = tfb_getRequestVar('newUser');
$pass1 = tfb_getRequestVar('pass1');
$pass2 = tfb_getRequestVar('pass2');
$userType = tfb_getRequestVar('userType');
// check username
$usernameCheck = checkUsername($newUser);
// check password
$passwordCheck = checkPassword($pass1, $pass2);
// new user ?
$newUser = strtolower($newUser);
if ($usernameCheck === true && $passwordCheck === true) {
addNewUser($newUser, $pass1, $userType);
AuditAction($cfg["constants"]["admin"], $cfg['_NEWUSER'] . ": " . $newUser);
@header("location: admin.php?op=showUsers");
exit;
}
// init template-instance
tmplInitializeInstance($cfg["theme"], "page.admin.addUser.tmpl");
// set vars
$tmpl->setvar('newUser', $newUser);
// error
// backward-compat-vars
$tmpl->setvar('_TRYDIFFERENTUSERID', $cfg['_TRYDIFFERENTUSERID']);
$tmpl->setvar('_HASBEENUSED', $cfg['_HASBEENUSED']);
// error-vars
$tmpl->setvar('errUsername', $usernameCheck !== true ? 1 : 0);
$tmpl->setvar('errMsgUsername', $usernameCheck !== true ? $usernameCheck : '');
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
} else {
//email correcly entered
$booleanEmail = true;
}
}
//check if data in form is correctly entered
if ($booleanName && $booleanPass1 && $booleanPass2 && $booleanEmail && $match) {
addNewUser();
}
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
function addNewUser()
{
$username = $_POST['name'];
$password = md5($_POST['pass1']);
$e_mail = $_POST['email'];
$sql = "INSERT INTO\n users(ID, username, password, email)\n VALUES(null,'{$username}','{$password}','{$e_mail}')";
$xmlRoot->appendChild(castVote($dbconn, $xmlDoc, $_REQUEST['user_id'], $_REQUEST['post_id'], $_REQUEST['vote']));
break;
case "tallyVotes":
$xmlRoot->appendChild(tallyVotes($dbconn, $xmlDoc, $_REQUEST['post_id']));
break;
case "checkForUserVote":
$xmlRoot->appendChild(checkForUserVote($dbconn, $xmlDoc, $_REQUEST['post_id'], $_REQUEST['user_id']));
break;
case "addComment":
$xmlRoot->appendChild(addComment($dbconn, $xmlDoc, $_REQUEST['user_id'], $_REQUEST['post_id'], $_REQUEST['comment']));
break;
case "getComments":
$xmlRoot->appendChild(getComments($dbconn, $xmlDoc, $_REQUEST['post_id']));
break;
case "addNewUser":
$xmlRoot->appendChild(addNewUser($dbconn, $xmlDoc, $_REQUEST['username'], $_REQUEST['password'], $_REQUEST['email']));
break;
case "signIn":
$xmlRoot->appendChild(signIn($dbconn, $xmlDoc, $_REQUEST['username'], $_REQUEST['password']));
break;
case "getConnections":
$xmlRoot->appendChild(getConnections($dbconn, $xmlDoc, $_REQUEST['user_id'], $_REQUEST['module_type']));
break;
case "logs":
$xmlRoot->appendChild(getLogs($dbconn, $xmlDoc, $_REQUEST['user_id']));
break;
case "getPlayerData":
$xmlRoot->appendChild(getPlayerData($dbconn, $xmlDoc, $_REQUEST['ign'], $_REQUEST['token']));
break;
case "getUser":
$xmlRoot->appendChild(getUser($dbconn, $xmlDoc, $_REQUEST['user_id']));
function api_addNewUser($i_username = '', $i_password = '', $arrUserData = array(), $arrGroupIDs = array())
{
$arrInternalUserData['username'] = $i_username;
$arrInternalUserData['user_password'] = $i_password;
if (isset($arrUserData['checkword'])) {
$arrInternalUserData['user_checkword'] = $arrUserData['checkword'];
}
$i_active = isset($arrUserData['active']) ? (bool) $arrUserData['active'] : true;
$arrInternalUserData['user_enabled'] = $i_active ? 1 : 0;
$arrInternalUserData['user_expiredate'] = isset($arrUserData['expiredate']) ? (int) $arrUserData['expiredate'] : 0;
$arrInternalUserData['email'] = isset($arrUserData['email']) ? $arrUserData['email'] : '';
$arrInternalUserData['user_title'] = isset($arrUserData['title']) ? $arrUserData['title'] : '';
$arrInternalUserData['user_firstname'] = isset($arrUserData['firstname']) ? $arrUserData['firstname'] : '';
$arrInternalUserData['user_lastname'] = isset($arrUserData['lastname']) ? $arrUserData['lastname'] : '';
$arrInternalUserData['user_middlename'] = isset($arrUserData['middlename']) ? $arrUserData['middlename'] : '';
$arrInternalUserData['user_address'] = isset($arrUserData['address']) ? $arrUserData['address'] : '';
$arrInternalUserData['user_city'] = isset($arrUserData['city']) ? $arrUserData['city'] : '';
$arrInternalUserData['user_state'] = isset($arrUserData['state']) ? $arrUserData['state'] : '';
$arrInternalUserData['user_zip'] = isset($arrUserData['zip']) ? $arrUserData['zip'] : '';
$arrInternalUserData['user_country'] = isset($arrUserData['country']) ? $arrUserData['country'] : '';
$arrInternalUserData['user_phone'] = isset($arrUserData['phone']) ? $arrUserData['phone'] : '';
$arrInternalUserData['user_fax'] = isset($arrUserData['fax']) ? $arrUserData['fax'] : '';
$arrInternalUserData['user_mobile'] = isset($arrUserData['mobile']) ? $arrUserData['mobile'] : '';
$arrInternalUserData['user_pager'] = isset($arrUserData['pager']) ? $arrUserData['pager'] : '';
$arrInternalUserData['user_ipphone'] = isset($arrUserData['ipphone']) ? $arrUserData['ipphone'] : '';
$arrInternalUserData['user_webpage'] = isset($arrUserData['webpage']) ? $arrUserData['webpage'] : '';
$arrInternalUserData['user_icq'] = isset($arrUserData['icq']) ? $arrUserData['icq'] : '';
$arrInternalUserData['user_msn'] = isset($arrUserData['msn']) ? $arrUserData['msn'] : '';
$arrInternalUserData['user_aol'] = isset($arrUserData['aol']) ? $arrUserData['aol'] : '';
$arrInternalUserData['user_gender'] = isset($arrUserData['gender']) ? $arrUserData['gender'] : 0;
$arrInternalUserData['user_birthday'] = isset($arrUserData['birthday']) ? $arrUserData['birthday'] : '00000000';
$arrInternalUserData['user_husbandwife'] = isset($arrUserData['husbandwife']) ? $arrUserData['husbandwife'] : '';
$arrInternalUserData['user_children'] = isset($arrUserData['children']) ? $arrUserData['children'] : '';
$arrInternalUserData['user_trainer'] = isset($arrUserData['trainer']) ? $arrUserData['trainer'] : '';
$arrInternalUserData['user_photo'] = isset($arrUserData['photo']) ? $arrUserData['photo'] : '';
$arrInternalUserData['user_company'] = isset($arrUserData['company']) ? $arrUserData['company'] : '';
$arrInternalUserData['user_cposition'] = isset($arrUserData['cposition']) ? $arrUserData['cposition'] : '';
$arrInternalUserData['user_department'] = isset($arrUserData['department']) ? $arrUserData['department'] : '';
$arrInternalUserData['user_coffice'] = isset($arrUserData['coffice']) ? $arrUserData['coffice'] : '';
$arrInternalUserData['user_caddress'] = isset($arrUserData['caddress']) ? $arrUserData['caddress'] : '';
$arrInternalUserData['user_ccity'] = isset($arrUserData['ccity']) ? $arrUserData['ccity'] : '';
$arrInternalUserData['user_cstate'] = isset($arrUserData['cstate']) ? $arrUserData['cstate'] : '';
$arrInternalUserData['user_czip'] = isset($arrUserData['czip']) ? $arrUserData['czip'] : '';
$arrInternalUserData['user_ccountry'] = isset($arrUserData['ccountry']) ? $arrUserData['ccountry'] : '';
$arrInternalUserData['user_cphone'] = isset($arrUserData['cphone']) ? $arrUserData['cphone'] : '';
$arrInternalUserData['user_cfax'] = isset($arrUserData['cfax']) ? $arrUserData['cfax'] : '';
$arrInternalUserData['user_cmobile'] = isset($arrUserData['cmobile']) ? $arrUserData['cmobile'] : '';
$arrInternalUserData['user_cpager'] = isset($arrUserData['cpager']) ? $arrUserData['cpager'] : '';
$arrInternalUserData['user_cipphone'] = isset($arrUserData['cipphone']) ? $arrUserData['cipphone'] : '';
$arrInternalUserData['user_cwebpage'] = isset($arrUserData['cwebpage']) ? $arrUserData['cwebpage'] : '';
$arrInternalUserData['user_cphoto'] = isset($arrUserData['cphoto']) ? $arrUserData['cphoto'] : '';
$arrInternalUserData['user_ufield1'] = isset($arrUserData['ufield1']) ? $arrUserData['ufield1'] : '';
$arrInternalUserData['user_ufield2'] = isset($arrUserData['ufield2']) ? $arrUserData['ufield2'] : '';
$arrInternalUserData['user_ufield3'] = isset($arrUserData['ufield3']) ? $arrUserData['ufield3'] : '';
$arrInternalUserData['user_ufield4'] = isset($arrUserData['ufield4']) ? $arrUserData['ufield4'] : '';
$arrInternalUserData['user_ufield5'] = isset($arrUserData['ufield5']) ? $arrUserData['ufield5'] : '';
$arrInternalUserData['user_ufield6'] = isset($arrUserData['ufield6']) ? $arrUserData['ufield6'] : '';
$arrInternalUserData['user_ufield7'] = isset($arrUserData['ufield7']) ? $arrUserData['ufield7'] : '';
$arrInternalUserData['user_ufield8'] = isset($arrUserData['ufield8']) ? $arrUserData['ufield8'] : '';
$arrInternalUserData['user_ufield9'] = isset($arrUserData['ufield9']) ? $arrUserData['ufield9'] : '';
$arrInternalUserData['user_ufield10'] = isset($arrUserData['ufield10']) ? $arrUserData['ufield10'] : '';
return addNewUser($arrInternalUserData, $arrGroupIDs);
}