Пример #1
0
// extract ( $_SESSION , EXTR_REFS ) ;
$err_message = " Unable to process your request due to the following problems: <br>\n";
//Code added  to address security problem reported by Sebastian Held 14-Nov-2006
$header = "Setup Account";
$accepted_privilegeID_arr = array(3 => "");
$accepted_phaseID_arr = array(1 => "", 2 => "", 3 => "", 4 => "");
authentication($header, $accepted_privilegeID_arr, $accepted_phaseID_arr, $homepage, $php_root_path, $GLOBALS["DB_PREFIX"], &$err_message);
if ($_POST["Submit"] == "Back") {
    $url = "Location: setup_new_account.php?accountType=" . $_POST["accountType"];
    header($url);
    exit;
}
//Generate the random password
$password = generate_password();
//Call the function to setup reviewer account
$result = setup_new_account($_POST, $password);
if ($result === true) {
    do_html_header("Successful Setup");
    echo "<p>The following account has been setup successfully.<br><br>";
    echo "Account Type: " . $_POST["accountType"] . "<br><br>";
    echo "Login Name: <strong>" . $_POST["loginname"] . "</strong><br>";
    echo "Email Address: <strong>" . $_POST["email"] . "</strong><br><br>";
    if ($_POST["accountType"] == "Reviewer") {
        echo "You can either <a href=\"setup_new_account.php?accountType=Reviewer\"> Add </a> another reviewer or <a href=\"view_all_reviewers.php\">View Reviewer Accounts</a>.</p>";
    } else {
        echo "Go back to <a href=\"view_all_users.php\">View All Users</a>.</p>";
    }
    do_html_footer();
} else {
    do_html_header("Error Information");
    echo "<p>{$result}</p>";
}
if (isset($_SESSION["content"])) {
    $arrContent = $_SESSION["content"];
}
//Establish connection with database
$db = adodb_connect();
if (!$db) {
    do_html_header("Database Conntection Fail");
    $err_message .= "Could not connect to database server - please try later.";
    do_html_footer(&$err_message);
    exit;
}
//get the conference info to get the contact mail
$conferenceInfo = get_conference_info();
//Call the function to setup reviwer account
if (setup_new_account($arrAccountInfo, $arrContent["password"])) {
    //Send Email to user
    //~ $mail = new Mail();
    //~ $mail -> Organization($conferenceInfo -> ConferenceCodeName);
    //~ $mail -> ReplyTo($conferenceInfo -> ConferenceContact);
    //~ $mail -> From($conferenceInfo -> ConferenceContact);
    //~ $mail -> To($arrAccountInfo["email"]);
    //~ $mail -> Subject($arrContent["subject"]);
    //~ $mail -> Body($arrContent["content"]);
    //~ if ($arrAccountInfo["cc"] != "")
    //~ $mail -> Cc($arrAccountInfo["cc"]);
    //~ $mail -> Priority(1);
    //~ $mail -> Send();
    $sender = $conferenceInfo->ConferenceContact;
    $recipient = $arrAccountInfo["email"];
    $headers = array('From' => $conferenceInfo->ConferenceContact, 'To' => $arrAccountInfo["email"], 'Subject' => stripslashes($arrContent["subject"]), 'Organization' => $conferenceInfo->ConferenceCodeName, 'Reply-To' => $conferenceInfo->ConferenceContact, 'Cc' => $arrAccountInfo["cc"]);