示例#1
0
function send_password($email, $email_from_address, $website_address, $new_user = false)
{
    $query_passwordcheck = "SELECT * FROM users WHERE user_email = '" . $email . "'";
    $passwordcheck = mysql_query($query_passwordcheck) or die(mysql_error());
    $row_passwordcheck = mysql_fetch_assoc($passwordcheck);
    $totalRows_passwordcheck = mysql_num_rows($passwordcheck);
    $new_password = gen_password(8);
    update_profile($email, $new_password);
    if ($totalRows_passwordcheck == 1) {
        error_log("Sending password email to: " . $email);
        //SEND EMAIL WITH PASSWORD
        $password = $row_passwordcheck['user_password'];
        $name = "Donor Track";
        $subject = $new_user ? "Welcome to Donor Track" : "Your New Password";
        $message = "Your password is {$new_password}.";
        $emailto = $row_passwordcheck['user_email'];
        if ($new_user) {
            $message .= " Your username is {$email}.";
        } else {
            $message = "A password reset request was submitted for your account. " . $message;
        }
        $message .= " \nYou can login at: {$website_address}/login.php";
        error_log($message);
        return mail($emailto, $subject, $message, "From: {$name} <" . $email_from_address . ">\n" . "MIME-Version: 1.0\n" . "Content-type: text/html; charset=iso-8859-1");
        //END SEND EMAIL
    } else {
        if ($totalRows_passwordcheck < 1) {
            return false;
        }
    }
}
示例#2
0
 static function create_user($username, $password, $title, $forname, $surname, $email, $course, $gender, $year, $role, $sid, $db, $initials = null)
 {
     $username = trim($username);
     $surname = trim($surname);
     if (empty($username) or empty($surname) or empty($role)) {
         return false;
     }
     if (!self::username_exists($username, $db) and $username != '' and stristr('ps_', $username) === false) {
         // Force re-build of initials off forenames.
         $initial = explode(' ', $forname);
         $initials = '';
         foreach ($initial as $name) {
             $initials .= substr($name, 0, 1);
         }
         $initials = strtoupper($initials);
         $surname = self::my_ucwords($surname);
         $title = self::my_ucwords(trim($title));
         // If there is no password generate a default one.
         if ($password == '') {
             $password = gen_password();
         }
         // Force valid value for gender or default to NULL
         if (strtolower($gender) != 'male' and strtolower($gender) != 'female') {
             $gender = null;
         }
         $salt = UserUtils::get_salt();
         $encrypt_password = encpw($salt, $username, $password);
         // One way encrypt the password.
         // Add new record into users table.
         $result = $db->prepare("INSERT INTO users VALUES(?, ?, ?, ?, ?, ?, ?, ?, NULL, ?, ?, 0, ?, NULL, NULL)");
         $result->bind_param('ssssssssssi', $encrypt_password, $course, $surname, $initials, $title, $username, $email, $role, $forname, $gender, $year);
         $result->execute();
         $result->close();
         $tmp_userID = $db->insert_id;
         if (isset($sid) and $sid != '') {
             $result = $db->prepare("INSERT INTO sid VALUES(?, ?)");
             if ($db->error) {
                 try {
                     throw new Exception("MySQL error {$db->error} <br /> Query:<br /> ", $db->errno);
                 } catch (Exception $e) {
                     echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br />";
                     echo nl2br($e->getTraceAsString());
                 }
             }
             $result->bind_param('si', $sid, $tmp_userID);
             $result->execute();
             $result->close();
         }
         return $tmp_userID;
     }
     return false;
 }
示例#3
0
 public function login($username, $password)
 {
     if (strpos($username, '@')) {
         $filer['email'] = $username;
     } else {
         $filer['username'] = $username;
     }
     $filer['password'] = gen_password($password);
     $user = $this->where($filer)->find();
     if (!$user || 1 != $user['status']) {
         $this->error = '用户不存在或已被禁用!';
         return false;
     }
     action_log('user_login', 'member', $user['id'], $user['id']);
     /* 登录用户 */
     $this->autoLogin($user);
     return $user;
 }
示例#4
0
function user_generate_password($email)
{
    $res = sql_pe("SELECT user_id, user_name, user_passwd FROM `users` WHERE user_email=? LIMIT 1", array($email));
    if (sizeof($res) == 0) {
        return 2;
    }
    $r = $res[0];
    $username = $r['user_name'];
    if ($r['user_passwd'] == '' || $r['user_passwd'] == 'notagreed') {
        return get_openid_domain_by_username($r['user_name']);
    }
    $pwd = gen_password();
    //send email
    if (send_email($email, 'Восстановление пароля на opencorpora.org', "Добрый день,\n\nВаш новый пароль для входа на opencorpora.org:\n\n{$pwd}\n\nРекомендуем как можно быстрее изменить его через интерфейс сайта.\n\nНапоминаем, ваш логин - {$username}\n\nOpenCorpora")) {
        $md5 = md5(md5($pwd) . substr($r['user_name'], 0, 2));
        sql_query("UPDATE `users` SET `user_passwd`='{$md5}' WHERE user_id=" . $r['user_id'] . " LIMIT 1");
        return 1;
    } else {
        return 3;
    }
}
示例#5
0
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/sysadmin_auth.inc';
require_once '../classes/userutils.class.php';
require_once '../include/errors.inc';
$userid = check_var('userID', 'GET', true, false, true);
if (!UserUtils::userid_exists($userid, $mysqli)) {
    $msg = sprintf($string['furtherassistance'], $configObject->get('support_email'), $configObject->get('support_email'));
    $notice->display_notice_and_exit($mysqli, $string['pagenotfound'], $msg, $string['pagenotfound'], '../artwork/page_not_found.png', '#C00000', true, true);
}
$username = UserUtils::get_username($userid, $mysqli);
$new_password = gen_password();
$success = UserUtils::update_password($username, $new_password, $userid, $mysqli);
if (!$success) {
    display_error($string['resetfailed'], $string['failuremsg'], $configObject->get('cfg_root_path') . '/artwork/exclamation_red_bg.png', '#C00000', true, true, true);
}
$mysqli->close();
?>
<!DOCTYPE html>
<html>
  <meta http-equiv="X-UA-Compatible" content="IE=edge" />
  <meta http-equiv="content-type" content="text/html;charset=<?php 
echo $configObject->get('cfg_page_charset');
?>
" />

  <title><?php 
 } else {
     if ($SECRET_QUESTION != $pmc_SECRET_QUESTION) {
         $Error = L_ERR_PASS_3;
         $field_errorSQ = true;
         $SECRET_QUESTION = $pmc_SECRET_QUESTION;
     } else {
         if ($SECRET_ANSWER != $pmc_SECRET_ANSWER) {
             $Error = L_ERR_PASS_4;
             $field_errorSA = true;
         } else {
             $DbLink->clean_results();
             $DbLink->query("SELECT count(*) FROM " . C_REG_TBL . " WHERE username='******'");
             list($rows) = $DbLink->next_record();
             if ($rows != 0) {
                 $Latin1 = $Charset != "utf-8" ? 1 : 0;
                 $pmc_password = gen_password();
                 $PWD_Hash = md5(stripslashes($pmc_password));
                 // Send e-mail
                 $send = send_email(L_PASS_9 . " [" . (C_CHAT_NAME != "" ? C_CHAT_NAME : APP_NAME) . "]", L_SET_2, L_REG_1, L_PASS_11, 1);
                 if (!$send) {
                     $Error = sprintf(L_EMAIL_VAL_Err, $Sender_email, $Sender_email);
                 }
                 if (!isset($Error) || $Error == "") {
                     $DbLink->clean_results();
                     $DbLink->query("UPDATE " . C_REG_TBL . " SET password='******', ip='{$IP}', country_code='{$COUNTRY_CODE}', country_name='{$COUNTRY_NAME}' WHERE username='******' AND email='{$EMAIL}' AND s_question='{$SECRET_QUESTION}' AND s_answer='{$SECRET_ANSWER}'");
                     $Message = L_PASS_8 . "<br />" . sprintf(L_PASS_10, $pmc_password);
                 }
             }
         }
     }
 }
示例#7
0
 /**
  * Index Page for this controller.
  */
 public function index()
 {
     //Check if we are submitting data.
     $data = $this->input->post();
     if ($data) {
         if (empty($data['email'])) {
             //Query the database for a match.
             $this->db->select('users.id, users.verified, users.username, users.guild, guilds.name')->join('guilds', 'guilds.id = users.guild', 'left')->where(array('LOWER(users.username)' => strtolower($data['username']), 'users.password' => gen_password($data['password'])));
             $query = $this->db->get('users');
             if ($query->num_rows() > 0) {
                 //We have a winner.
                 $tmp = $query->row();
                 if ($tmp->verified) {
                     $this->session->set_userdata('user_id', $tmp->id);
                     $this->output->set_output("SUCCESS");
                 } else {
                     //Not verified.
                     $this->output->set_output("Account is not verified");
                 }
             } else {
                 //No match found.
                 $this->output->set_output("Login information incorrect");
             }
         } else {
             //Lowercase the email to compare it against the database.
             $data['email'] = strtolower($data['email']);
             //Generate a new password.
             $new = substr(md5(mt_rand()), 0, 10);
             $this->db->where('email', $data['email'])->update('users', array('password' => gen_password($new)));
             //Check if we updated the row.
             if ($this->db->affected_rows() > 0) {
                 //Password was changed successfully. Now we want to email the user.
                 $this->load->library('email');
                 //Prepare data we need in the email...
                 $rs = $this->db->select('username')->where('email', $data['email'])->get('users');
                 $this->email->from('*****@*****.**', 'RaidRifts');
                 $this->email->to($data['email']);
                 $this->email->subject('RaidRifts password reset');
                 //Build message content.
                 $msg = "An attempt to reset your password has been made. You can log in with the below information:\n\n";
                 $msg .= "Username: "******"\n";
                 $msg .= "Password: "******"\n\n";
                 $msg .= "If you feel you have received this message incorrectly, please contact us!";
                 $this->email->message($msg);
                 //Send the email.
                 if ($this->email->send()) {
                     $this->output->set_output('SUCCESS');
                 } else {
                     $this->output->set_output('Error sending email');
                 }
             } else {
                 $this->output->set_output('Email address invalid');
             }
         }
     } else {
         if ($this->session->userdata('user_id')) {
             //We're logging out.
             $this->session->sess_destroy('user_id');
             //Load up libs to redirect the user back to their page.
             $this->load->helper('url');
             $this->load->library('user_agent');
             redirect($this->agent->referrer());
         } else {
             //Invalid access to the login.
             show_404("invalid_login_request");
         }
     }
 }
 public function edit()
 {
     session('token', gen_password(time()));
     $category_id = I('category_id');
     $this->content_id = I('content_id');
     $condition['category_id'] = $category_id;
     $condition['id'] = intval($this->content_id);
     $content = D('Content')->getPages($condition);
     $this->content = $content[0];
     $this->category = D('Category')->where('id=%d', $category_id)->find();
     $this->display('article:edit');
 }
示例#9
0
 function inserisci($_POST)
 {
     $query = "insert into " . $this->cosa . " (";
     $value = " values(";
     $i = 0;
     $foto = array();
     $file = array();
     $url = '';
     if ($this->cosa == 'utenti') {
         $url = HOMEPATH . "registrazione.php";
     } else {
         $url = ADMINPATH . "inserisci.php?cosa=" . $this->cosa;
     }
     if (isset($_REQUEST['url'])) {
         $url = $_REQUEST['url'];
     }
     $int = new interfaccia($this->_properties);
     $int->genera_controlli_php($url);
     foreach ($this->_properties as $s) {
         print $s['tipo'] . '<br />';
         if ($s['tipo'] != 'file' && $s['tipo'] != 'tab' && $s['tipo'] != 'tabs' && $s['tipo'] != 'titolo' && !isset($s['onsubmit'])) {
             if ($s['tipo'] == 'checkbox' && $s['nome'] != 'privacy') {
                 if (isset($s['unico']) && $_POST[$s['nome']] == '1') {
                     $query2 = "update " . $cosa . ' set ' . $s['nome'] . '=0';
                 }
                 if ($_POST[$s['nome']] != '1') {
                     $_POST[$s['nome']] = 0;
                 } else {
                     $_POST[$s['nome']] = 1;
                 }
             } elseif ($s['tipo'] == 'textarea' || $s['tipo'] == 'text') {
                 if (isset($s['unico']) && $_POST[$s['nome']] != '') {
                     $unico = mysql_query("select * from " . $cosa . " where " . $s['nome'] . "='" . $_POST[$s['nome']] . "'");
                     if (mysql_num_rows($unico) > 0) {
                         header("Location: ../index.php?ins=err2");
                         exit;
                     }
                 }
                 if ($s['controllo'] == 'data') {
                     $_POST[$s['nome']] = my_date($_POST[$s['nome']]);
                 } else {
                     if ($s['tipo'] == 'textarea' && !isset($s['codice'])) {
                         if (isset($s['editor'])) {
                             $_POST[$s['nome']] = htmlentities($_POST[$s['nome']]);
                         }
                     } elseif (!isset($s['codice'])) {
                         $_POST[$s['nome']] = addslashes(htmlentities($_POST[$s['nome']]));
                     } else {
                         $_POST[$s['nome']] = addslashes($_POST[$s['nome']]);
                     }
                 }
             }
             if ($i == 0) {
                 if ($s['nome'] != 'privacy') {
                     $query .= $s['nome'];
                     $value .= "'" . $_POST[$s['nome']] . "'";
                     $i++;
                 }
             } else {
                 if ($s['nome'] != 'privacy') {
                     $query .= ',' . $s['nome'];
                     $value .= ",'" . $_POST[$s['nome']] . "'";
                 }
             }
         } elseif (isset($s['genere']) && !isset($s['onsubmit'])) {
             $file[] = $s;
         } elseif (!isset($s['onsubmit'])) {
             $foto[] = $s;
         }
     }
     if (isset($query2)) {
         mysql_query($query2) or die(mysql_error());
     }
     if ($this->cosa == 'utenti') {
         $_POST['verificato'] = gen_password();
         $query .= ',verificato';
         $value .= ",'" . $_POST['verificato'] . "'";
     }
     $query .= ')';
     $value .= ')';
     //print $query.$value;
     mysql_query($query . $value) or die(mysql_error());
     $id_modello = mysql_insert_id();
     $descrizione = $id_modello;
     $_POST['id'] = $id_modello;
     $i = 0;
     if (isset($foto)) {
         foreach ($foto as $f) {
             if ($_FILES[$f['nome']]['tmp_name'] != '') {
                 $nome = ins_foto($_FILES[$f['nome']], $cosa . $i, $descrizione);
             } else {
                 $nome = '';
             }
             if (strpos($nome, $cosa) || $nome == '') {
                 $i++;
                 mysql_query("update " . $cosa . " set " . $f['nome'] . "='" . $nome . "' where id_" . $cosa . "='" . $id_modello . "'") or die(mysql_error());
             }
         }
     }
     if (isset($file)) {
         foreach ($file as $fi) {
             $newName = 'tool' . $id_modello;
             $nome = copyFile($_FILES[$fi['nome']], $newName);
             if ($nome !== false) {
                 $i++;
                 mysql_query("update " . $cosa . " set " . $fi['nome'] . "='" . $nome . "' where id_" . $cosa . "='" . $id_modello . "'") or die(mysql_error());
             }
         }
     }
     if ($i == count($foto) + count($file)) {
         header("Location:" . $url . "&ins=ok");
         exit;
     } else {
         header("Location:" . $url . "&ins=err");
         exit;
     }
 }
示例#10
0
 /**
  * 验证用户密码
  * @param int $uid 用户id
  * @param string $password_in 密码
  * @return true 验证成功,false 验证失败
  * @author huajie <*****@*****.**>
  */
 protected function verifyUser($uid, $password_in)
 {
     $password = $this->getFieldById($uid, 'password');
     if (gen_password($password_in) === $password) {
         return true;
     }
     return false;
 }
示例#11
0
 public function edit_settings($data)
 {
     //Going into this function assuming everything is set correctly.
     $errors = array();
     $changes_made = false;
     //First check and see if the user wanted to change their password.
     if (!empty($data['old_password']) || !empty($data['new_password1']) || !empty($data['new_password2'])) {
         //Load up the password helper.
         $this->load->helper('password');
         //For efficiency check and see if the new passwords match and have 6 characters.
         if ($data['new_password1'] != $data['new_password2']) {
             $errors[] = 'The passwords provided do not match.';
         }
         if (strlen($data['new_password1']) < 6) {
             $errors[] = 'The passwords provided are too short.';
         }
         //All of the criteria met, update the password.
         if (empty($errors)) {
             $this->db->where(array('id' => $this->user->id, 'password' => gen_password($data['old_password'])))->update('users', array('password' => gen_password($data['new_password1'])));
             //This means the old password is the same as the new one or the old password was wrong.
             if ($this->db->affected_rows() < 1) {
                 $errors[] = 'The old password provided does not match.';
             }
         }
         $changes_made = true;
     }
     //Check if changes were made.
     if (!$changes_made) {
         $errors[] = 'No settings were changed.';
     }
     if (empty($errors)) {
         return true;
     }
     $this->error = implode('<br />', $errors);
     return false;
 }
示例#12
0
    function demobutton($displaystdformobj)
    {
        global $string, $language;
        $this->savetodebug('Demo Info');
        $this->savetodebug('Adding New Demo Button');
        $postbuttonmessage = new displaystdformmessage();
        $postbuttonmessage->pretext = <<<HTML
<script>

    \$(function () {

        \$(".slidingDiv").hide();
        \$(".show_hide").show();

    \$('.show_hide').click(function(){
    \$(".slidingDiv").slideToggle();
    });

});

</script>
HTML;
        $postbuttonmessage->pretext = $postbuttonmessage->pretext . '<br><a href="#" class="show_hide">Create Demo Account</a><br/>';
        $content0 = <<<HTML

    <script>
        function checkForm() {
            if (document.newUser.new_first_names.value == "") {
                alert("{$string['reqfirstname']}");
                return false;
            }
            if (document.newUser.new_surname.value == "") {
                alert("{$string['reqsurname']}");
                return false;
            }
            if (document.newUser.new_email.value == "" || document.newUser.new_email.value == "@nottingham.ac.uk") {
                alert("{$string['reqemail']}");
                return false;
            }
            if (document.newUser.new_grade.options[document.newUser.new_grade.selectedIndex].value == "") {
                alert("{$string['reqcourse']}");
                return false;
            }
            if (document.newUser.new_username.value == "") {
                alert("{$string['requsername']}");
                return false;
            } else {
                username = document.newUser.new_username.value;
                for (a = 0; a < username.length; a++) {
                    char = username.substr(a, 1);
                    if (char == '_') {
                        alert('{$string['usernamechars']}');
                        return false;
                    }
                }
            }
            if (document.newUser.new_password.value == "") {
                alert("{$string['reqpassword']}");
                return false;
            }
        }

    </script>
HTML;
        $stfsel = '';
        if (isset($_POST['new_type']) and $_POST['new_type'] == 'Staff') {
            $stfsel = ' checked';
        }
        $stusel = '';
        if (isset($_POST['new_type']) and $_POST['new_type'] == 'Student') {
            $stusel = ' checked';
        }
        if ($stfsel === '' and $stusel === '') {
            $stfsel = ' checked';
        }
        $content1 = <<<HTML
<div id="content">
<br/>
    <form method="post" name="newUser" onsubmit="return checkForm()" action="{$_SERVER['PHP_SELF']}">
        <div align="center">
            <table border="0" cellspacing="1" cellpadding="0" style="background-color:#95AEC8; text-align:left">
                <tr>
                    <td>
                        <table border="0" cellspacing="6" cellpadding="0" width="100%" style="background-color:white">
                            <tr>
                                <td width="32"><img src="../artwork/user_female_32.png" width="32" height="32"
                                                    alt="User Icon"/></td>
                                        <td><table><tr>
                                                                        <td class="title">{$string['register1']}</td><td>
<input type="radio" name="new_type" value="Staff" {$stfsel}>Staff User<br>
<input type="radio" name="new_type" value="Student" {$stusel}>Student User
                                </td>
                                        </tr></table></td>

                            </tr>
                        </table>
                    </td>
                </tr>
                <tr>
                    <td>
                        <table border="0" cellspacing="6" cellpadding="0" style="background-color:#F1F5FB">
                            <tr>
                                <td colspan="2" class="h">Your Details</td>
                            </tr>
                            <tr>
                                <td align="right"><span class="field">{$string['title']}</span></td>
                                <td>
                                    <select id="new_users_title" name="new_users_title" size="1">
HTML;
        $content2 = '';
        if ($language != 'en') {
            $content2 = "<option value=\"\"></option>\n";
        }
        $titles = explode(',', $string['title_types']);
        foreach ($titles as $tmp_title) {
            $content2 .= "<option value=\"{$tmp_title}\">{$tmp_title}</option>";
        }
        $first_names = '';
        if (isset($_POST['new_first_names'])) {
            $first_names = $_POST['new_first_names'];
        }
        $surname = '';
        if (isset($_POST['new_surname'])) {
            $surname = $_POST['new_surname'];
        }
        $email = '';
        if (isset($_POST['new_email'])) {
            $email = $_POST['new_email'];
        }
        $usrnmstyle = '';
        if (!isset($_POST['new_username'])) {
            $_POST['new_username'] = '';
        }
        if (isset($_POST['new_username']) and $this->unique_username != true) {
            $usrnmstyle = ' style="background-color:#FFD9D9; color:#800000; border:1px solid #800000" value="' . $_POST['new_username'] . '"';
        }
        if (isset($_POST['new_password']) and $_POST['new_password'] != '') {
            $newpass = $_POST['new_password'];
        } else {
            $newpass = gen_password();
        }
        $msel = '';
        if (isset($_POST['new_gender']) and $_POST['new_gender'] == 'Male') {
            $msel = ' selected';
        }
        $fsel = '';
        if (isset($_POST['new_gender']) and $_POST['new_gender'] == 'Female') {
            $fsel = ' selected';
        }
        $newgrade2 = '';
        if (isset($_POST['new_grade2']) and $this->unique_coursename != true) {
            $newgradestyle = ' style="background-color:#FFD9D9; color:#800000; border:1px solid #800000" value="' . $_POST['new_username'] . '"';
        } elseif (isset($_POST['new_grade2'])) {
            $newgradestyle = 'value="' . $_POST['new_grade2'] . '"';
        }
        $content3 = <<<HTML
                                    </select></td>
                            </tr>
                            <tr>
                                <td align="right"><span class="field">{$string['firstnames']}</span></td>
                                <td><input type="text" id="new_first_names" name="new_first_names" size="40"
                                           value="{$first_names}"/>
                                </td>
                            </tr>
                            <tr>
                                <td align="right"><span class="field">{$string['lastname']}</span></td>
                                <td><input type="text" id="new_surname" name="new_surname" size="40"
                                           value="{$surname}"/></td>
                            </tr>
                            <tr>
                                <td align="right"><span class="field">{$string['email']}</span></td>
                                <td><input type="text" id="new_email" name="new_email" size="40"
                                           value="{$email}"/></td>
                            </tr>
                            <tr>
                                <td align="right"><span class="field">{$string['username']}</span></td>
                                <td><input type="text" id="new_username" name="new_username"
                                           size="12" {$usrnmstyle}/>
                                    </td></tr><tr><td align="right"><span class="field">{$string['password']}</span></td><td>
                                    <input type="text" id="new_password" name="new_password" value="{$newpass}" size="12"/></td>
                            </tr>

                            <input type="hidden" name="new_year" value="1"/>

                            <tr>
                                <td align="right"><span class="field">{$string['gender']}</span></td>
                                <td>
                                    <select id="new_gender" name="new_gender" size="1">
                                        <option value=""></option>
                                        <option value="Male" {$msel}>{$string['male']}</option>
                                        <option value="Female" {$fsel}>{$string['female']}</option>
                                    </select>
                                </td>
                            </tr>

                            <tr>
                                <td colspan="2" class="h">{$string['demomodule']}</td>
                            </tr>

                            <tr>
                                <td align="right"><span class="field">{$string['name']}</span></td>
                                <td>
                                    <input type="text" id="new_grade2" name="new_grade2" size="40"
                                           {$newgradestyle} />
                                </td>
                            </tr>

                            <tr>
                                <td colspan="2">&nbsp;</td>
                            </tr>
                            <tr>
                                <td>&nbsp;</td>
                                <td><input type="hidden" name="new_welcome" value="1"/>&nbsp;{$this->errmess}</td>
                            </tr>
                            <tr>
                                <td colspan="2" align="center">
                                    <input type="submit" name="createnewdemoaccount" value="{$string['createaccount']}"/>
                                </td>
                            </tr>
                        </table>
                    </td>
                </tr>
            </table>
        </div>
        <input type="hidden" size="15" name="new_sid"/>
        </div>
HTML;
        $content = $content0 . $content1 . $content2 . $content3;
        $newbutton = new displaystdformobjbutton();
        $newbutton->type = 'button';
        $newbutton->value = ' Create Demo Account ';
        $newbutton->pretext = <<<HTML
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.js" type="text/javascript"></script>
<script>

    \$(function () {

        \$(".slidingDiv").hide();
        \$(".show_hide").show();

    \$('.show_hide').click(function(){
    \$(".slidingDiv").slideToggle();
    });

});

</script>
<br>
HTML;
        $newbutton->name = 'showcreatedemoaccount';
        $newbutton->class = 'show_hide';
        $newbutton->posttext = '<div class="slidingDiv">' . $content . '</div>';
        $displaystdformobj->buttons[] = $newbutton;
        return $displaystdformobj;
    }
<?php

$username = '******';
$password = gen_password(16);
$role = 'Staff,SysCron';
// Add cron user to config file.
$new_lines = array("// cron user login credentials\n", "\$cfg_cron_user = '******';\n", "\$cfg_cron_passwd = '{$password}';\n");
$target_line = '$percent_decimals';
$updater_utils->add_line($string, '$cfg_cron_user', $new_lines, 28, $cfg_web_root, $target_line, -2);
// Add cron user to database.
$usercheck = $updater_utils->count_rows("SELECT id FROM users WHERE username = '******'");
if (!$usercheck) {
    $salt = UserUtils::get_salt();
    $encrypt_password = encpw($salt, $username, $password);
    $updater_utils->execute_query("INSERT INTO users (username, password, surname, roles) VALUES ('{$username}', '{$encrypt_password}', '{$username}', '{$role}')", true);
}
/*
 *****   NOW UPDATE THE INSTALLER SCRIPT   *****
 */
示例#14
0
 public function submit_edit()
 {
     $data = I('post.', 'htmlspecialchars');
     // var_dump($data);die;
     $data_user['id'] = $data['id'];
     $data_user['username'] = $data['username'];
     $data_user['role'] = $data['manager_role'];
     $data_user['email'] = $data['email'];
     $data_user['manager'] = 'Y';
     if (!$data['id']) {
         $data_user['password'] = gen_password($data['password']);
         $data_user['create_time'] = time();
     }
     if ($data['manager_role'] != 'manager') {
         $category_display = D('Category')->where(array('id' => array('in', explode(',', $data['cids']))))->getField('id,title', true);
         $data_user['category_display'] = serialize($category_display);
     }
     $user_id = M('User')->saveOrUpdate($data_user);
     session("highlight_id", $user_id);
     redirect(U('User/index'));
 }
示例#15
0
 public function forgot_pwd()
 {
     if (IS_POST) {
         $data = $_POST;
         /* 检测验证码 */
         if (!check_captcha($data['captcha'])) {
             session('error', '验证码输入错误!');
             redirect("/forgot_pwd");
         }
         if (!valid_email($data['email'])) {
             session('error', '邮箱格式不正确!');
             redirect("/forgot_pwd");
         }
         $user = D('User')->field('id, email, username')->getByEmail($data['email']);
         if ($user) {
             $subject = "找回密码";
             $this->username = $user['username'];
             $repwdcode = gen_password($user['email'] . "+" . time());
             $info['repwdcode'] = $repwdcode;
             $result = D('User')->updateFieldsById($user['id'], $info);
             if ($result) {
                 $url = 'http://' . $_SERVER['HTTP_HOST'] . '/user/resetpwd?rpcode=' . $repwdcode;
                 $this->content = '<a href="' . $url . '">' . $url . '</a>';
                 $html = $this->fetch("public:send_mail_template");
                 $from['reply'] = "*****@*****.**";
                 $from['name'] = "taoshuanghu";
                 MailApi::sendEmail($from, $data['email'], '找回密码', $html);
                 redirect('display_success?username='******'username'] . '&email=' . $user['email']);
             } else {
                 $this->error("申请修改密码未通过,建议重新申请");
             }
         } else {
             session('error', '邮箱不存在, 请重新输入');
             redirect("/forgot_pwd");
         }
     } else {
         $this->display();
     }
 }
示例#16
0
    ?>
</td>
                            <td><input type="text" id="new_username" name="new_username" id="new_username" size="12" <?php 
    if (isset($_POST['username']) and $unique_username != true) {
        echo ' style="background-color:#FFD9D9; color:#800000; border:1px solid #800000" value="' . $_POST['username'] . '"';
    }
    ?>
 required />
                                &nbsp;&nbsp;&nbsp;<?php 
    echo $string['password'];
    ?>
                                <input type="text" id="new_password" name="new_password" id="new_username" value="<?php 
    if (isset($_POST['password'])) {
        echo $_POST['password'];
    } else {
        echo gen_password();
    }
    ?>
" size="12" required /></td>
                        </tr>

                        <input type="hidden" name="new_year" value="1"/>

                        <tr>
                            <td align="right"><?php 
    echo $string['gender'];
    ?>
</td>
                            <td>
                                <select id="new_gender" name="new_gender" size="1" required>
                                    <option value=""></option>
示例#17
0
    public function showMain($message = '')
    {
        $returnStr = $this->showNurseHeader(Language::messageSMSTitle());
        $returnStr .= '<div id="wrap">';
        if (isVisionTestNurse(new User($_SESSION['URID']))) {
            $primkey = gen_password(10);
            $returnStr .= "<form method=post>";
            $returnStr .= '<input type=hidden name=' . POST_PARAM_SE . ' value="' . addslashes(USCIC_SURVEY) . '">';
            $returnStr .= '<input type=hidden name=' . POST_PARAM_PRIMKEY . ' value="' . addslashes(encryptC($primkey, Config::directLoginKey())) . '">';
            $returnStr .= '<input type=hidden name=' . POST_PARAM_LANGUAGE . ' value="' . '1' . '">';
            $returnStr .= '<input type=hidden name=' . POST_PARAM_URID . ' value="' . addslashes($_SESSION['URID']) . '">';
            $returnStr .= '<input type=hidden name=' . POST_PARAM_NEW_PRIMKEY . ' value="1">';
            $returnStr .= '<input type=hidden name=' . POST_PARAM_MODE . ' value="' . MODE_CAPI . '">';
            $returnStr .= '<input type=hidden name=' . POST_PARAM_SUID . ' value="' . '5' . '">';
            $returnStr .= '<button type="submit" id="startsurveybtn" class="btn btn-default navbar-btn" style="width:200px">Start the vision test</button>';
            $returnStr .= "</form>";
        } else {
            $returnStr .= $this->showNavBar();
            $returnStr .= '<div class="container"><p>';
            $returnStr .= $message;
            if (isFieldNurse(new User($_SESSION['URID']))) {
                $respondents = new Respondents();
                $respondents = $respondents->getRespondentsByUrid($_SESSION['URID']);
                $returnStr .= '<table cellpadding="0" cellspacing="0" border="0" class="table table-striped table-bordered" id="example">
		<thead>
			<tr>
				<th>' . Language::labelNurseHouseholdID() . '</th><th>' . Language::labelNurseName() . '</th><th>' . Language::labelNurseDwellingID() . '</th><th>' . Language::labelNurseVillage() . '</th></tr>';
                foreach ($respondents as $respondent) {
                    $returnStr .= '<tr>';
                    $refpage = 'nurse.respondent.fieldnurse';
                    $returnStr .= '<td>' . setSessionParamsHref(array('page' => $refpage . '.info', 'primkey' => $respondent->getPrimkey()), $respondent->getPrimkey()) . '</td>';
                    $returnStr .= '<td>' . $respondent->getName() . '</td><td>' . $respondent->getAddress1() . '</td><td>' . $respondent->getCity() . '</td></tr>';
                }
                $returnStr .= '</table>';
            } else {
                //lab or lab nurse mode
                //respondents mode!
                $returnStr .= '<h4>' . Language::labelNurseScanBarcode() . '</h4>';
                $returnStr .= '<form id="searchform" role="search" autocomplete=off>';
                $returnStr .= setSessionParamsPost(array("page" => "nurse.respondents.search"));
                $returnStr .= '<div class="input-group" style="width:300px">
			  <input name="search" type="text" class="form-control" id="search">
			  <span class="input-group-btn">
				<button id="searchbutton" class="btn btn-default" type="submit">' . Language::labelSearch() . '</button>
			  </span>
			</div><!-- /input-group -->';
                $returnStr .= '<script>$("#search").focus();</script>';
                $returnStr .= '</form>';
                //$returnStr .= $this->showSearch();
                if (isLabNurse(new User($_SESSION['URID']))) {
                    $returnStr .= '<br/><hr>';
                    $returnStr .= '<b>' . Language::labelNurseFieldDBS() . '</b><br/><br/>';
                    global $db;
                    $query = 'select count(*) as cnt from ' . Config::dbSurveyData() . '_lab where fielddbsstatus = 1';
                    $result = $db->selectQuery($query);
                    if ($result != null) {
                        $row = $db->getRow($result);
                        if ($row['cnt'] > 0) {
                            $returnStr .= $this->displayInfo(Language::labelNurseToShip($row["cnt"]));
                            $returnStr .= '<a href="' . setSessionParams(array('page' => 'nurse.fielddbs.shiptolab')) . '" target="#">' . Language::labelNurseShipToLab() . '</a>';
                            $returnStr .= '&nbsp;&nbsp;|&nbsp;&nbsp;';
                            $returnStr .= '<a href="' . setSessionParams(array('page' => 'nurse.fielddbs.shiptolab.marked')) . '">' . Language::labelNurseMarkShipped() . '</a>';
                        } else {
                            $returnStr .= $this->displayInfo('There are currently no field DBS cards that need to be send to the lab');
                        }
                    }
                    $returnStr .= '<hr><b>' . Language::labelNurseLabName() . '</b><br/><br/>';
                    $returnStr .= '<a href="' . setSessionParams(array('page' => 'nurse.labblood.overview')) . '" target="#">' . Language::labelNurseLabBloodOverview() . '</a><br/>';
                    $returnStr .= '<a href="' . setSessionParams(array('page' => 'nurse.labdbs.overview')) . '" target="#">' . Language::labelNurseLabDBSOverview() . '</a><br/>';
                    //$returnStr .= '&nbsp;&nbsp;|&nbsp;&nbsp;';
                    //$returnStr .= '<a href="' . setSessionParams(array('page' => 'nurse.fielddbs.shiptolab.marked')) . '">' . 'Mark these DBS cards as "shipped"' . '</a>';
                }
                if (!isLabNurse(new User($_SESSION['URID']))) {
                    //TEST
                    $returnStr .= '<hr><b>' . Language::labelNurseTestLab() . '</b><br/><br/>';
                    $primkey = gen_password(10);
                    $returnStr .= "<form method=post>";
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_SE . ' value="' . addslashes(USCIC_SURVEY) . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_PRIMKEY . ' value="' . addslashes(encryptC($primkey, Config::directLoginKey())) . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_LANGUAGE . ' value="' . '1' . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_URID . ' value="' . addslashes($_SESSION['URID']) . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_NEW_PRIMKEY . ' value="1">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_MODE . ' value="' . MODE_CAPI . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_SUID . ' value="' . '3' . '">';
                    $returnStr .= '<button type="submit" id="startsurveybtn" class="btn btn-default navbar-btn" style="width:200px">' . Language::labelNurseStartSurvey() . '</button>';
                    $returnStr .= "</form>";
                    $primkey = gen_password(10);
                    $returnStr .= "<form method=post>";
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_SE . ' value="' . addslashes(USCIC_SURVEY) . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_PRIMKEY . ' value="' . addslashes(encryptC($primkey, Config::directLoginKey())) . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_LANGUAGE . ' value="' . '1' . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_URID . ' value="' . addslashes($_SESSION['URID']) . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_NEW_PRIMKEY . ' value="1">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_MODE . ' value="' . MODE_CAPI . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_SUID . ' value="' . '5' . '">';
                    $returnStr .= '<button type="submit" id="startsurveybtn" class="btn btn-default navbar-btn" style="width:200px">' . Language::labelNurseStartVision() . '</button>';
                    $returnStr .= "</form>";
                    $primkey = gen_password(10);
                    $returnStr .= "<form method=post>";
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_SE . ' value="' . addslashes(USCIC_SURVEY) . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_PRIMKEY . ' value="' . addslashes(encryptC($primkey, Config::directLoginKey())) . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_LANGUAGE . ' value="' . '1' . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_URID . ' value="' . addslashes($_SESSION['URID']) . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_NEW_PRIMKEY . ' value="1">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_MODE . ' value="' . MODE_CAPI . '">';
                    $returnStr .= '<input type=hidden name=' . POST_PARAM_SUID . ' value="' . '6' . '">';
                    $returnStr .= '<button type="submit" id="startsurveybtn" class="btn btn-default navbar-btn" style="width:200px">' . Language::labelNurseAntropometrics() . '</button>';
                    $returnStr .= "</form>";
                }
            }
        }
        //END TEST
        $returnStr .= '</p></div>    </div>';
        //container and wrap
        $returnStr .= $this->showBottomBar();
        $returnStr .= $this->showFooter(false);
        return $returnStr;
    }
示例#18
0
    <label><?php 
echo NOTE;
?>
*</label>
    <textarea rows="10" cols="25" name="note" class="form-control required <?php 
echo $classe['note'];
?>
" ><?php 
echo stripslashes($_POST['note']);
?>
</textarea>
</div>
<div class="col_full">
    <label>Codice di sicurezza*</label><br>
    <?php 
$captcha = gen_password(5);
?>
    <img style="margin-bottom: 10px" src="<?php 
echo TOTALPATH;
?>
captcha.php?code=<?php 
echo $captcha;
?>
" class="fleft"/><br><br>
    <input type="text" name="jpg_captcha" style="margin-top: 15px;" class="form-control required <?php 
echo $classe['jpg_captcha'];
?>
"  id="jpg_captcha" value=""  ><input type="hidden" name="captcha" value="<?php 
echo md5(strtoupper($captcha));
?>
">
示例#19
0
 /**
  * create the database and users if they do not exist
  *
  */
 static function createDatabase($dbname, $dbcharset)
 {
     global $string;
     $res = self::$db->prepare("SHOW DATABASES LIKE '{$dbname}'");
     $res->execute();
     $res->store_result();
     @ob_flush();
     @flush();
     if ($res->num_rows > 0) {
         self::displayError(array('010' => sprintf($string['displayerror1'], $dbname)));
     }
     $res->close();
     switch ($dbcharset) {
         case 'utf8':
             $collation = 'utf8_general_ci';
             break;
         default:
             $collation = 'latin1_swedish_ci';
     }
     self::$db->query("CREATE DATABASE {$dbname} CHARACTER SET = {$dbcharset} COLLATE = {$collation}");
     //have to use query here oldvers of php throw an error
     if (self::$db->errno != 0) {
         self::displayError(array('011' => $string['displayerror2']));
     }
     //select the newly created database
     self::$db->change_user(self::$db_admin_username, self::$db_admin_passwd, self::$cfg_db_name);
     //create tables
     $tables = new databaseTables($dbcharset);
     self::$db->autocommit(false);
     while ($sql = $tables->next()) {
         $res = self::$db->query($sql);
         @ob_flush();
         @flush();
         if (self::$db->errno != 0) {
             self::displayError(array('012' => $string['displayerror3'] . self::$db->error . "<br /> {$sql}"));
             try {
                 $err = self::$db->error;
                 $mess = self::$db->errno;
                 throw new Exception("MySQL error {$err}", $mess);
             } catch (Exception $e) {
                 echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br />";
             }
             self::$db->rollback();
         }
     }
     self::$db->commit();
     self::$cfg_db_username = self::$cfg_db_basename . '_auth';
     self::$cfg_db_password = gen_password() . gen_password();
     self::$cfg_db_student_user = self::$cfg_db_basename . '_stu';
     self::$cfg_db_student_passwd = gen_password() . gen_password();
     self::$cfg_db_staff_user = self::$cfg_db_basename . '_staff';
     self::$cfg_db_staff_passwd = gen_password() . gen_password();
     self::$cfg_db_external_user = self::$cfg_db_basename . '_ext';
     self::$cfg_db_external_passwd = gen_password() . gen_password();
     self::$cfg_db_sysadmin_user = self::$cfg_db_basename . '_sys';
     self::$cfg_db_sysadmin_passwd = gen_password() . gen_password();
     self::$cfg_db_sct_user = self::$cfg_db_basename . '_sct';
     self::$cfg_db_sct_passwd = gen_password() . gen_password();
     self::$cfg_db_inv_user = self::$cfg_db_basename . '_inv';
     self::$cfg_db_inv_passwd = gen_password() . gen_password();
     self::$cfg_cron_user = '******';
     self::$cfg_cron_passwd = gen_password() . gen_password();
     $priv_SQL = array();
     //create 'database user authentication user' and grant permissions
     self::$db->query("CREATE USER '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_password . "'");
     if (self::$db->errno != 0) {
         self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_username . $string['wnotcreated'] . ' ' . self::$db->error));
     }
     //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".admin_access TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".courses TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".client_identifiers TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".labs TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".lti_keys TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".lti_user TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules_student TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_metadata_security TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, UPDATE, INSERT, DELETE ON " . $dbname . ".password_tokens TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".schools TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".sid TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".special_needs TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".sys_errors TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT,INSERT ON " . $dbname . ".temp_users TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".users TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".users_metadata TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_username . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "FLUSH PRIVILEGES";
     foreach ($priv_SQL as $sql) {
         self::$db->query($sql);
         @ob_flush();
         @flush();
         if (self::$db->errno != 0) {
             self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_username . $string['wnotpermission'] . ' ' . self::$db->error));
             self::$db->rollback();
         }
     }
     self::$db->commit();
     $priv_SQL = array();
     //create 'database user student user' and grant permissions
     self::$db->query("CREATE USER  '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_student_passwd . "'");
     if (self::$db->errno != 0) {
         self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_student_user . $string['wnotcreated'] . ' ' . self::$db->error));
     }
     //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_student_user . "'@'". self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".announcements TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".cache_median_question_marks TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".cache_paper_stats TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".cache_student_paper_marks TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".exam_announcements TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".feedback_release TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_log TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_searches TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_tutorial_log TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".client_identifiers TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".keywords_question TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".labs TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log0 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log1 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log2 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log3 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log4 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log4_overall TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log5 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log6 TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log_extra_time TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log_lab_end_time TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log_late TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log_metadata TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".lti_resource TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".lti_context TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".marking_override TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".modules_student TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".objectives TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".options TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_feedback TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_metadata_security TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".papers TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties_modules TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".questions TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_exclude TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_statuses TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_material TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_modules TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_papers TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".relationships TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".schools TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".sid TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".sessions TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".std_set TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".std_set_questions TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".state TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".student_help TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".special_needs TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".sys_errors TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".temp_users TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".users TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".users_metadata TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".access_log TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".killer_questions TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".save_fail_log TO '" . self::$cfg_db_student_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "FLUSH PRIVILEGES";
     foreach ($priv_SQL as $sql) {
         self::$db->query($sql);
         @ob_flush();
         @flush();
         if (self::$db->errno != 0) {
             self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_student_user . $string['wnotpermission'] . ' ' . self::$db->error));
             self::$db->rollback();
         }
     }
     self::$db->commit();
     $priv_SQL = array();
     //create 'database user external user' and grant permissions
     self::$db->query("CREATE USER  '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_external_passwd . "'");
     if (self::$db->errno != 0) {
         self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_external_user . $string['wnotcreated'] . ' ' . self::$db->error));
     }
     //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_external_user . "'@'". self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".help_log TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".help_searches TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".keywords_question TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log0 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log1 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log2 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log3 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log4 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log4_overall TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log5 TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log_late TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log_metadata TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules_staff TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".options TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".papers TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".questions TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_statuses TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_material TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_modules TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".reference_papers TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".review_comments TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".review_metadata TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".special_needs TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".std_set TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".std_set_questions TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".staff_help TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".student_help TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".sys_errors TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".users TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".access_log TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties_reviewers TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".client_identifiers TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".labs TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties_modules TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log_extra_time TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log_lab_end_time TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".schools TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_metadata_security TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules_student TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_exclude TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".users_metadata TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".marking_override TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".sid TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".student_notes TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_notes TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".exam_announcements TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".relationships TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".feedback_release TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".cache_paper_stats TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_feedback TO '" . self::$cfg_db_external_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "FLUSH PRIVILEGES";
     foreach ($priv_SQL as $sql) {
         self::$db->query($sql);
         @ob_flush();
         @flush();
         if (self::$db->errno != 0) {
             self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_external_user . $string['wnotpermission'] . ' ' . self::$db->error));
             self::$db->rollback();
         }
     }
     self::$db->commit();
     $priv_SQL = array();
     //create 'database user staff user' and grant permissions
     self::$db->query("CREATE USER  '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_staff_passwd . "'");
     if (self::$db->errno != 0) {
         self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_staff_user . $string['wnotcreated'] . ' ' . self::$db->error));
     }
     //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_staff_user . "'@'". self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".* TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".cache_median_question_marks TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".cache_paper_stats TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".cache_student_paper_marks TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".ebel TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".exam_announcements TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".feedback_release TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".folders TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".folders_modules_staff TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_log TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_searches TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".help_tutorial_log TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".hofstee TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".keywords_question TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".keywords_user TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log0 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log1 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log2 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log3 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log4 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log4_overall TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log5 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".log6 TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log_late TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log_metadata TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".lti_resource TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".lti_context TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".marking_override TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".modules TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".modules_staff TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".modules_student TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".objectives TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".options TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".paper_metadata_security TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".paper_notes TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".paper_feedback TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".papers TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".password_tokens TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".performance_main TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".performance_details TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".properties TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".properties_modules TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".question_exclude TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".questions TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".question_statuses TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".questions_metadata TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".questions_modules TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".recent_papers TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".reference_material TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".reference_modules TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".reference_papers TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".relationships TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".review_comments TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".review_metadata TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, DELETE ON " . $dbname . ".scheduling TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".sessions TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".sid TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".sms_imports TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".special_needs TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".std_set TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".std_set_questions TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".state TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".student_notes TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".temp_users TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".textbox_marking TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".textbox_remark TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".track_changes TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".users TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".users_metadata TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".access_log TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".properties_reviewers TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".sys_errors TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".killer_questions TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT ON " . $dbname . ".save_fail_log TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, UPDATE ON " . $dbname . ".toilet_breaks TO '" . self::$cfg_db_staff_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "FLUSH PRIVILEGES";
     foreach ($priv_SQL as $sql) {
         self::$db->query($sql);
         @ob_flush();
         @flush();
         if (self::$db->errno != 0) {
             self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_staff_user . $string['wnotpermission'] . ' ' . self::$db->error));
             self::$db->rollback();
         }
     }
     self::$db->commit();
     $priv_SQL = array();
     //create 'database user SCT user' and grant permissions
     self::$db->query("CREATE USER  '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_sct_passwd . "'");
     if (self::$db->errno != 0) {
         self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_sct_user . $string['wnotcreated'] . ' ' . self::$db->error));
     }
     //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_sct_user . "'@'". self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".options TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_metadata_security TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".paper_notes TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".papers TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".questions TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_statuses TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".questions_metadata TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".sct_reviews TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_sct_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "FLUSH PRIVILEGES";
     foreach ($priv_SQL as $sql) {
         self::$db->query($sql);
         if (self::$db->errno != 0) {
             self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_sct_user . $string['wnotpermission'] . ' ' . self::$db->error));
             self::$db->rollback();
         }
     }
     self::$db->commit();
     $priv_SQL = array();
     //create 'database user Invigilator user' and grant permissions
     self::$db->query("CREATE USER  '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_inv_passwd . "'");
     if (self::$db->errno != 0) {
         self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_inv_user . $string['wnotcreated'] . ' ' . self::$db->error));
     }
     //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_inv_user . "'@'". self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".exam_announcements TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".client_identifiers TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".labs TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log2 TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".log_metadata TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log_extra_time TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE ON " . $dbname . ".log_lab_end_time TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules_student TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".paper_notes TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".properties_modules TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".modules TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".papers TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".questions TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".question_statuses TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $dbname . ".student_notes TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".sid TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".special_needs TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $dbname . ".users TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".access_log TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT INSERT ON " . $dbname . ".denied_log TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, DELETE ON " . $dbname . ".toilet_breaks TO '" . self::$cfg_db_inv_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "FLUSH PRIVILEGES";
     foreach ($priv_SQL as $sql) {
         self::$db->query($sql);
         @ob_flush();
         @flush();
         if (self::$db->errno != 0) {
             self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_inv_user . $string['wnotpermission'] . ' ' . self::$db->error));
             self::$db->rollback();
         }
     }
     self::$db->commit();
     $priv_SQL = array();
     //create 'database user sysadmin user' and grant permissions
     self::$db->query("CREATE USER  '" . self::$cfg_db_sysadmin_user . "'@'" . self::$cfg_web_host . "' IDENTIFIED BY '" . self::$cfg_db_sysadmin_passwd . "'");
     if (self::$db->errno != 0) {
         self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_sysadmin_user . $string['wnotcreated'] . ' ' . self::$db->error));
     }
     //$priv_SQL[] = "REVOKE ALL PRIVILEGES ON $dbname.* FROM '". self::$cfg_db_sysadmin_user . "'@'". self::$cfg_web_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE, DELETE, ALTER, DROP  ON " . $dbname . ".* TO '" . self::$cfg_db_sysadmin_user . "'@'" . self::$cfg_web_host . "'";
     $priv_SQL[] = "FLUSH PRIVILEGES";
     foreach ($priv_SQL as $sql) {
         self::$db->query($sql);
         @ob_flush();
         @flush();
         if (self::$db->errno != 0) {
             echo self::$db->error . "<br />";
             self::displayError(array('013' => $string['wdatabaseuser'] . self::$cfg_db_sysadmin_user . $string['wnotpermission'] . ' ' . self::$db->error));
             self::$db->rollback();
         }
     }
     self::$db->commit();
     //create sysadmin user
     UserUtils::create_user($_POST['SysAdmin_username'], $_POST['SysAdmin_password'], $_POST['SysAdmin_title'], $_POST['SysAdmin_first'], $_POST['SysAdmin_last'], $_POST['SysAdmin_email'], 'University Lecturer', '', '1', 'Staff,SysAdmin', '', self::$db);
     //create cron user
     UserUtils::create_user(self::$cfg_cron_user, self::$cfg_cron_passwd, '', '', 'cron', '', '', '', '', 'Staff,SysCron', '', self::$db);
     //create 100 guest accounts
     for ($i = 1; $i <= 100; $i++) {
         UserUtils::create_user('user' . $i, '', 'Dr', 'A', 'User' . $i, '', 'none', '', '1', 'Student', '', self::$db);
     }
     self::$db->commit();
     //add unknown school & faculty
     $facultyID = FacultyUtils::add_faculty('UNKNOWN Faculty', self::$db);
     $scoolID = SchoolUtils::add_school($facultyID, 'UNKNOWN School', self::$db);
     //add traing school
     $facultyID = FacultyUtils::add_faculty('Administrative and Support Units', self::$db);
     $scoolID = SchoolUtils::add_school($facultyID, 'Training', self::$db);
     //create special modules
     module_utils::add_modules('TRAIN', 'Training Module', 1, $scoolID, '', '', 0, false, false, false, true, null, null, self::$db, 0, 0, 1, 1, '07/01');
     module_utils::add_modules('SYSTEM', 'Online Help', 1, $scoolID, '', '', 0, true, true, true, true, null, null, self::$db, 0, 0, 1, 1, '07/01');
     self::$db->commit();
     // Create default question statuses
     $statuses = array(array('name' => 'Normal', 'exclude_marking' => false, 'retired' => false, 'is_default' => true, 'change_locked' => true, 'validate' => true, 'display_warning' => 0, 'colour' => '#000000', 'display_order' => 0), array('name' => 'Retired', 'exclude_marking' => false, 'retired' => true, 'is_default' => false, 'change_locked' => true, 'validate' => false, 'display_warning' => 1, 'colour' => '#808080', 'display_order' => 1), array('name' => 'Incomplete', 'exclude_marking' => false, 'retired' => false, 'is_default' => false, 'change_locked' => false, 'validate' => false, 'display_warning' => 1, 'colour' => '#000000', 'display_order' => 2), array('name' => 'Experimental', 'exclude_marking' => true, 'retired' => false, 'is_default' => false, 'change_locked' => false, 'validate' => true, 'display_warning' => 0, 'colour' => '#808080', 'display_order' => 3), array('name' => 'Beta', 'exclude_marking' => false, 'retired' => false, 'is_default' => false, 'change_locked' => false, 'validate' => true, 'display_warning' => 1, 'colour' => '#000000', 'display_order' => 4));
     foreach ($statuses as $data) {
         $qs = new QuestionStatus(self::$db, $string, $data);
         $qs->save();
     }
     //FLUSH PRIVILEGES
     self::$db->query("FLUSH PRIVILEGES");
     if (self::$db->errno != 0) {
         self::logWarning(array('014' => $string['logwarning20']));
     }
     self::$db->commit();
     self::$db->autocommit(false);
 }
示例#20
0
{
    echo $_SESSION['msg'];
    unset($_SESSION['msg']);
}
$dis = 'none';
if (isset($_SESSION['msg'])) {
    $dis = block;
}
//
if (isset($_POST['email'])) {
    mysql_select_db($database_contacts, $contacts);
    $query_passwordcheck = "SELECT * FROM users WHERE user_email = '" . $_POST['email'] . "'";
    $passwordcheck = mysql_query($query_passwordcheck, $contacts) or die(mysql_error());
    $row_passwordcheck = mysql_fetch_assoc($passwordcheck);
    $totalRows_passwordcheck = mysql_num_rows($passwordcheck);
    $new_password = gen_password(8);
    if (send_password($_POST["email"], $email_from_address, $website_address)) {
        set_msg('A new password has been sent.');
        header('Location: login.php');
        die;
    } else {
        set_msg('Could not send the password.');
        header('Location: password.php');
        die;
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
示例#21
0
     if (file_put_contents($cfg_web_root . 'config/config.inc.php', $cfg) === false) {
         echo "<li class=\"error\">" . $string['couldnotwrite'] . "</li>";
     }
     ///////////////////////  update the config file!! //////////////////////////////////////
 }
 // END Create SCT user
 $result->free_result();
 $result->close();
 $cfg_db_inv_username = $cfg_db_database . '_inv';
 $result = $mysqli->prepare("SELECT user FROM mysql.user WHERE user = '******'");
 $result->execute();
 $result->store_result();
 $result->bind_result($tmp_user);
 $result->fetch();
 if ($result->num_rows() == 0) {
     $cfg_db_inv_password = gen_password(16);
     $priv_SQL = array();
     //create 'database user SCT user' and grant permissions
     $mysqli->query("CREATE USER  '" . $cfg_db_inv_username . "'@'" . $cfg_db_host . "' IDENTIFIED BY '" . $cfg_db_inv_password . "'");
     echo "<li>NEW DB USER:: {$cfg_db_inv_username} created</li>";
     $priv_SQL[] = "GRANT SELECT ON " . $cfg_db_database . ".student_modules TO '" . $cfg_db_inv_username . "'@'" . $cfg_db_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $cfg_db_database . ".users TO '" . $cfg_db_inv_username . "'@'" . $cfg_db_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $cfg_db_database . ".special_needs TO '" . $cfg_db_inv_username . "'@'" . $cfg_db_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $cfg_db_database . ".sid TO '" . $cfg_db_inv_username . "'@'" . $cfg_db_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $cfg_db_database . ".ip_addresses TO '" . $cfg_db_inv_username . "'@'" . $cfg_db_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $cfg_db_database . ".labs TO '" . $cfg_db_inv_username . "'@'" . $cfg_db_host . "'";
     $priv_SQL[] = "GRANT SELECT ON " . $cfg_db_database . ".properties TO '" . $cfg_db_inv_username . "'@'" . $cfg_db_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $cfg_db_database . ".student_notes TO '" . $cfg_db_inv_username . "'@'" . $cfg_db_host . "'";
     $priv_SQL[] = "GRANT SELECT, INSERT, UPDATE ON " . $cfg_db_database . ".paper_notes TO '" . $cfg_db_inv_username . "'@'" . $cfg_db_host . "'";
     foreach ($priv_SQL as $sql) {
         $updater_utils->execute_query($sql, false);
示例#22
0
 /**
  * Index Page for this controller.
  */
 public function index()
 {
     //Check if we are submitting data.
     $data = $this->input->post();
     $errors = array();
     if ($data && IS_VALID_AJAX) {
         //Verify the username for length, and then verify against the database.
         if (strlen($data['username']) < 2) {
             $errors[] = "Your username was too short (2+ chars).";
         } elseif (strlen($data['username']) > 16) {
             $errors[] = "Your username was too long (16- chars).";
         } else {
             $q = $this->db->query("SELECT COUNT(*) as total FROM users WHERE `username` = {$this->db->escape(strtolower($data['username']))}");
             if ($q->row()->total > 0) {
                 $errors[] = "This username is already taken.";
             }
         }
         //Also verify that the password is the minimum length.
         if (strlen($data['password1']) < 6) {
             $errors[] = "Your password is too short (6+ chars).";
         }
         //Verify the user's passwords match.
         if ($data['password1'] != $data['password2']) {
             $errors[] = "Your passwords did not match.";
         }
         //Verify that the email is the correct format, then verify against the database.
         if (!strlen($data['email']) || !preg_match("/^[^@]+@[a-zA-Z0-9._-]+\\.[a-zA-Z]+\$/", $data['email'])) {
             $errors[] = "The email provided is invalid.";
         } else {
             $data['email'] = strtolower($data['email']);
             $q = $this->db->query("SELECT COUNT(*) as total FROM users WHERE `email` = {$this->db->escape($data['email'])}");
             if ($q->row()->total > 0) {
                 $errors[] = "This email address is already taken.";
             }
         }
         //If there are errors output them for the client to fix.
         if (sizeof($errors)) {
             $this->output->set_output(implode('<br />', $errors));
         } else {
             //Prepare last stuff.
             $pw = gen_password($data['password1']);
             //We now want to email the user and validate their account.
             $this->load->library('email');
             $this->email->from('*****@*****.**', 'RaidRifts');
             $this->email->to($data['email']);
             $this->email->subject('Welcome to RaidRifts!');
             //Build the email message.
             $base_url = base_url();
             $msg = "Welcome to Raidrifts, {$data['username']}!\n\n";
             $msg .= "You must validate your account in order to use it. Simply visit {$base_url}register/complete/{$this->verify_gen($data['username'], $pw)}/{$data['username']}/ to verify your account.";
             $this->email->message($msg);
             if ($this->email->send()) {
                 //This means all data was valid, insert into the database.
                 $this->db->insert("users", array('username' => $data['username'], 'password' => $pw, 'email' => $data['email'], 'added' => date("Y-m-d H:i:s")));
                 //Output to the user everything went well.
                 $this->output->set_output('SUCCESS');
             } else {
                 $this->output->set_output("An error occurred while processing.");
             }
         }
     } else {
         show_404("invalid_registration_request");
     }
 }
 public function create()
 {
     $this->token = gen_password(microtime());
     session('message_create_unique_token', $this->token);
     $this->display();
 }