<?
// This program is free software; you can redistribute it and/or modify it
// under the terms of the GNU General Public License as published by the Free
// Software Foundation; either version 2 of the License, or (at your option)
// any later version.
// This program is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
// FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
// more details.
// You should have received a copy of the GNU General Public License along with
// this program; if not, write to the Free Software Foundation, Inc., 59 Temple
// Place - Suite 330, Boston, MA 02111-1307, USA.
// Copyright: (C) 2002/2003 Stefan Cyris
if ($confirm) {
// empty fields ?
if (empty($name)) {
$errortext = "Error: Empty name\n";
}
if (empty($email)) {
$errortext = "Error: Empty email\n";
}
if (empty($login)) {
$errortext = "Error: Empty login\n";
}
if ((empty($password)) or (empty($password2))) {
$errortext = "Error: Empty password\n";
}
if (!($password == $password2)) {
$errortext = "Error: Passwords mismatch\n";
}
// no errors -> insert
if (empty($errortext)) {
// insert user data
$result = $DB->query("INSERT INTO ".$DB->tableprefix."user (name, login, email, password) VALUES ('".str_prepare($name)."','".str_prepare($login)."','".str_prepare($email)."','".md5(str_prepare($password))."')");
// get id
// no idea how to get it without extra select
$result = $DB->query("SELECT userid FROM ".$DB->tableprefix."user WHERE login='".str_prepare($login)."' AND name='".str_prepare($name)."' AND email='".$email."'");
$array = $DB->fetch_array($result);
$id = $array["userid"];
// insert groups
while (list ($key, $val) = each ($groups)) {
$result = $DB->query("INSERT INTO ".$DB->tableprefix."usertogroup (userid, usergroupid) VALUES ('".$id."', '".str_prepare($val)."') ");
}
if ($result) {
$successurl = $url."?hash=".$hash;
print "<html><head><meta http-equiv=\"refresh\" content=\"$refresh; URL=$successurl\">";
print "</head><body><a href=\"$successurl\">Success!</a></body></html>";
} else {
$errortext = "Unable to insert\n";
print $errortext;
}
$DB->free_result($result);
} else {
print $errortext;
}
} else {
// build group checkboxes
unset($tmparray);
$result = $DB->query("SELECT usergroupid,usergrouptitle FROM ".$DB->tableprefix."usergroup ORDER BY usergrouptitle");
while ($array = $DB->fetch_array($result)){
$tmparray[$array['usergroupid']]['checked'] = 0;
$tmparray[$array['usergroupid']]['description'] = $array['usergrouptitle'];
}
$tmparray = build_check_boxes_from_array($tmparray,'groups[]');
unset($group_cols);
while (list (, $v) = each ($tmparray)) {
$group_cols .= $v."<br>\n";
}
?>
<form method="POST" acion="user.php">
<table width="100%">
<tr><th>
New User
</th></tr>
<TR>
<TD WIDTH="50%" ALIGN="LEFT" VALIGN="TOP"><BR>
<fieldset><legend><B> Name </B>:<BR></legend>
<INPUT TYPE="text" NAME="name" SIZE=40>
<br></fieldset> </TD>
</TR>
<TR>
<TD WIDTH="50%" ALIGN="LEFT" VALIGN="TOP"><BR>
<fieldset><legend><B> Login </B>:<BR></legend>
<INPUT TYPE="text" NAME="login" SIZE=40>
<br></fieldset> </TD>
</TR>
<TR>
<TD WIDTH="50%" ALIGN="LEFT" VALIGN="TOP"><BR>
<fieldset><legend><B> Email </B>:<BR></legend>
<INPUT TYPE="text" NAME="email" SIZE=40>
<br></fieldset> </TD>
</TR>
<TR>
<TD WIDTH="50%" ALIGN="LEFT" VALIGN="TOP"><BR>
<fieldset><legend><B> Groups </B>:<br></legend>
<!--group-->
<? print $group_cols ?>
<!--/group-->
</font>
<br></fieldset>
</TD>
</tr>
<TR>
<TD WIDTH="50%" ALIGN="LEFT" VALIGN="TOP"><BR>
<fieldset><legend><B> Password </B>:<BR></legend>
<INPUT TYPE="password" NAME="password" SIZE=40><br>
Enter Password again:<br>
<INPUT TYPE="password" NAME="password2" SIZE=40>
<br></fieldset> </TD>
</TR>
<TR>
<TD ALIGN="CENTER" WIDTH=50%>
<INPUT TYPE="hidden" name="hash" VALUE="<?print $hash?>">
<INPUT TYPE="reset" CLASS="button" VALUE=" Reset ">
<INPUT TYPE="submit" name="confirm" CLASS="button" VALUE=" Create ">
</TD>
</TR>
</table>
</form>
<?
}
?>