<?php
/********************** WEB AUTHENTICATION with PHP **************************
This package provide a set of tools for web authentication with php and mysql.
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
WEB AUTHENTICATION with PHP
Copyright (C) 2005-2006 Naldi Stefano
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
CONTACT
Please send any question, bug or communication to the author:
Naldi Stefano
ITALY
e-mail: hide@address.com
*****************************************************************************/
$infi = str_replace ("\\", "/", get_included_files());
if(!in_array(stripslashes(dirname($_SERVER['DOCUMENT_ROOT'])."/wawp_admin/admin.php"), $infi)
|| !in_array(stripslashes(dirname($_SERVER['DOCUMENT_ROOT'])."/wawp_admin/config.php"), $infi))
{
require (dirname($_SERVER['DOCUMENT_ROOT'])."/wawp_admin/php_pages_header.php");
}
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO users_and_groups (name, email, nstatus, fullname, tel, login_redirect, ntype) VALUES (%s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['name'], "text"),
GetSQLValueString($_POST['email'], "text"),
GetSQLValueString($_POST['nstatus'], "text"),
GetSQLValueString($_POST['fullname'], "text"),
GetSQLValueString($_POST['tel'], "text"),
GetSQLValueString($_POST['login_redirect'], "text"),
GetSQLValueString($_POST['ntype'], "text"));
mysql_select_db($mydbname, $mylink);
$Result1 = mysql_query($insertSQL, $mylink) or die(mysql_error());
$insertGoTo = "groups.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Web Authentication with PHP</title>
<style type="text/css">
<!--
.style4 {
color: #FFFF00;
font-weight: bold;
}
.style5 {color: #FF0000}
.style7 {color: #FF0000; font-weight: bold; }
-->
</style>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_validateForm() { //v4.0
var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
if (val) { nm=val.name; if ((val=val.value)!="") {
if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
} else if (test!='R') { num = parseFloat(val);
if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
min=test.substring(8,p); max=test.substring(p+1);
if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
} } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
} if (errors) alert('The following error(s) occurred:\n'+errors);
document.MM_returnValue = (errors == '');
}
//-->
</script>
</head>
<body>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<!--DWLayoutTable-->
<tr>
<td width="100%" height="50" align="center" valign="middle" bgcolor="#0000FF"><div align="center" class="style4">Web Authentication with PHP v. 1.1<br>
<small><small style="font-style: italic;">
<span style="color: rgb(255, 255, 0);">Released under the GNU General Public License</span></small></small><br>
</div></td>
</tr>
<tr>
<td height="50" align="center" valign="middle" bgcolor="#FFCC33"><div align="center" class="style5">
<table width="80%" cellspacing="1" bgcolor="#0000FF">
<tr align="center" bgcolor="#FFCC33">
<td width="20%"><a href="../index.php">Administration</a></td>
<td width="20%"><a href="../setup/setup.php">Setup</a></td>
<td width="20%" bgcolor="#FFCC33"><a href="users.php">Users</a></td>
<td width="20%" bgcolor="#FFFFFF"><a href="groups.php">Groups</a></td>
<td width="20%"><a href="locations.php">Locations</a></td>
</tr>
</table>
</div></td>
</tr>
<tr>
<td height="300" align="center" valign="top"><br>
<span class="style7">Insert new group<br>
</span>
<form action="<?php echo $editFormAction; ?>" method="post" enctype="multipart/form-data" name="form1" onSubmit="MM_validateForm('name','','R','cpasswd','','R','email','','NisEmail','passwd','','R');return document.MM_returnValue">
<table align="center" cellspacing="1" bgcolor="#0000FF">
<tr valign="baseline" bgcolor="#FFFFFF">
<td align="right" nowrap>Name:</td>
<td><input type="text" name="name" value="" size="32"></td>
</tr>
<tr valign="baseline" bgcolor="#FFFFFF">
<td align="right" nowrap>Email:</td>
<td><input type="text" name="email" value="" size="32"></td>
</tr>
<tr valign="baseline" bgcolor="#FFFFFF">
<td align="right" nowrap>Nstatus:</td>
<td><select name="nstatus" id="nstatus">
<option value="A" selected>ACTIVE</option>
<option value="I">INACTIVE</option>
</select></td>
</tr>
<tr valign="baseline" bgcolor="#FFFFFF">
<td align="right" nowrap>Fullname:</td>
<td><input type="text" name="fullname" value="" size="32"></td>
</tr>
<tr valign="baseline" bgcolor="#FFFFFF">
<td align="right" nowrap>Tel:</td>
<td><input type="text" name="tel" value="" size="32"></td>
</tr>
<tr valign="baseline" bgcolor="#FFFFFF">
<td align="right" nowrap>Login_redirect:</td>
<td><input name="login_redirect" type="text" onBlur="MM_validateForm('name','','R','cpasswd','','R','email','','NisEmail','passwd','','R');return document.MM_returnValue" value="" size="32"></td>
</tr>
<tr valign="baseline" bgcolor="#FFFFFF">
<td align="right" nowrap>Ntype:</td>
<td><input type="text" name="ntype" value="G" size="32"></td>
</tr>
<tr valign="baseline" bgcolor="#FFFFFF">
<td align="right" nowrap> </td>
<td><input type="submit" value="Insert record"></td>
</tr>
</table>
<input type="hidden" name="MM_insert" value="form1">
</form></td>
</tr>
</table>
</body>
</html>