Location: PHPKode > projects > PhpRechnung > phpRechnung/user/newf.php
<?php
/*
	newf.php

	phpInvoice - is easy-to-use Web-based multilingual accounting software.
	Copyright (C) 2001 - 2008 Edy Corak < phprechnung at ecorak dot net >

	This program is free software; you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation; either version 2 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program; if not, write to the Free Software
	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/

require_once("../include/phprechnung.inc.php");
require_once("../include/smarty.inc.php");
CheckUser();
CheckAdminGroup1();
CheckSession();

if(isset($_POST['page']))
{
	$page = $_POST['page'];
}
if(isset($_POST['infoID']))
{
	$infoID = $_POST['infoID'];
}
if(isset($_POST['UserActive']))
{
	$UserActive = $_POST['UserActive'];
}
if(isset($_POST['FullName']))
{
	$FullName = $_POST['FullName'];
}
if(isset($_POST['UserName']))
{
	$UserName = $_POST['UserName'];
}
if(isset($_POST['UserLanguage']))
{
	$UserLanguage = $_POST['UserLanguage'];
}
if(isset($_POST['UserGroup1']))
{
	$UserGroup1 = $_POST['UserGroup1'];
}
if(isset($_POST['UserGroup2']))
{
	$UserGroup2 = $_POST['UserGroup2'];
}
if(isset($_POST['Password1']))
{
	$Password1 = $_POST['Password1'];
}
if(isset($_POST['Password2']))
{
	$Password2 = $_POST['Password2'];
}
if(isset($_POST['UserActive_1']))
{
	$UserActive_1 = $_POST['UserActive_1'];
}
if(isset($_POST['FullName_1']))
{
	$FullName_1 = $_POST['FullName_1'];
}
if(isset($_POST['UserName_1']))
{
	$UserName_1 = $_POST['UserName_1'];
}
if(isset($_POST['UserLanguage_1']))
{
	$UserLanguage_1 = $_POST['UserLanguage_1'];
}
if(isset($_POST['UserGroup_1']))
{
	$UserGroup_1 = $_POST['UserGroup_1'];
}
if(isset($_POST['Order']))
{
	$Order = $_POST['Order'];
}
if(isset($_POST['Sort']))
{
	$Sort = $_POST['Sort'];
}

function UserInput($mark)
{
	global $smarty, $page, $infoID, $UserActive, $FullName, $UserName, $UserLanguage,
	$UserGroup1, $UserGroup2, $UserActive, $FullName1, $UserName1, $UserLanguage1, $UserGroup1, $Sort, $Order;
	$smarty->assign("page",$page);
	$smarty->assign("infoID","$infoID");
	$smarty->assign("UserActive","$UserActive");
	$smarty->assign("FullName","$FullName");
	$smarty->assign("UserName","$UserName");
	$smarty->assign("UserLanguage","$UserLanguage");
	$smarty->assign("UserGroup1","$UserGroup1");
	$smarty->assign("UserGroup2","$UserGroup2");
	$smarty->assign("UserActive_1","$UserActive_1");
	$smarty->assign("FullName_1","$FullName_1");
	$smarty->assign("UserName_1","$UserName_1");
	$smarty->assign("UserLanguage_1","$UserLanguage_1");
	$smarty->assign("UserGroup_1","$UserGroup_1");
	$smarty->assign("Order",$Order);
	$smarty->assign("Sort",$Sort);
	$smarty->assign("Mark",$mark);
}

if (empty($FullName))
{
	$smarty->assign("FieldError","$a[fullname] - $a[field_error]");
	UserInput("FullName");
	$smarty->display('user/newf.tpl');
}
else if (empty($UserName))
{
	$smarty->assign("FieldError","$a[username] - $a[field_error]");
	UserInput("UserName");
	$smarty->display('user/newf.tpl');
}
else if (empty($Password1))
{
	$smarty->assign("FieldError","$a[password] - $a[field_error]");
	UserInput("Password1");
	$smarty->display('user/newf.tpl');
}
else if (empty($Password2))
{
	$smarty->assign("FieldError","$a[password] - $a[field_error]");
	UserInput("Password1");
	$smarty->display('user/newf.tpl');
}
else if ($Password1 != $Password2)
{
	$smarty->assign("FieldError","$a[password_error]");
	UserInput("Password1");
	$smarty->display('user/newf.tpl');
}
else
{
	// Database connection
	//
	DBConnect();
	$query1 = $db->Execute("SELECT DECODE(USERNAME,'$pkey') FROM {$TBLName}user WHERE DECODE(USERNAME,'$pkey')='$UserName'");
	$numrows1 = $query1->RowCount();

	if ($numrows1)
	{
		$smarty->assign("FieldError","$a[entry_exist]");
		UserInput("UserName");
		$smarty->display('user/newf.tpl');
	}
	else
	{

		$query2 = "INSERT INTO {$TBLName}user (USERID, FULLNAME, USERNAME, PASSWORD, USERGROUP1, USERGROUP2, LANGUAGE, USER_ACTIVE, LICENSE_ACCEPTED, CREATEDBY, MODIFIEDBY, CREATED, MODIFIED)";
		$query2 .= "VALUES(NULL, ENCODE('$FullName','$pkey'), ENCODE('$UserName','$pkey'), ENCODE('$Password1','$pkey'), ENCODE('$UserGroup1','$pkey'), ENCODE('$UserGroup2','$pkey'), '$UserLanguage', $UserActive, '2','$_SESSION[Username]','$_SESSION[Username]','$CurrentDateTime','$CurrentDateTime')";

		if ($db->Execute($query2) === false)
		{
			die($db->ErrorMsg());
		}

		$query3 = "INSERT INTO {$TBLName}syslog (SYSLOGID, CREATED, DESCRIPTION, CREATEDBY, USERGROUP1, USERGROUP2)";
		$query3 .= "VALUES(NULL, '$CurrentDateTime', 'User: $FullName - $UserName was ADDED by user $_SESSION[Username] (uid=$_SESSION[UserID]) from $IPAddress', 'admin', '1', '2')";
		if ($db->Execute($query3) === false)
		{
			die($db->ErrorMsg());
		}

		$_SESSION['NewID'] = "1";

		Header("Location: $web/user/new.php?page=$page&infoID=$infoID&FullName1=$FullName1&UserName1=$UserName1&UserLanguage1=$UserLanguage1&UserGroup1=$UserGroup1&Order=$Order&Sort=$Sort&$sessname=$sessid");
	}
}
?>
100% Free PHP Newsletter Script! Download now!
Return current item: PhpRechnung