Location: PHPKode > projects > wawp > wawp/administration/users.insert.php
/********************** WEB AUTHENTICATION with PHP **************************
This package provide a set of tools for web authentication with php and mysql.

Version 2, June 1991


Copyright (C) 2005-2006  Naldi Stefano

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA


Please send any question, bug or communication to the author:

Naldi Stefano


e-mail: hide@address.com


$infi = str_replace ("\\", "/", get_included_files());
if(!in_array(stripslashes(dirname($_SERVER['DOCUMENT_ROOT'])."/wawp_admin/admin.php"), $infi)
   || !in_array(stripslashes(dirname($_SERVER['DOCUMENT_ROOT'])."/wawp_admin/config.php"), $infi))
    require (dirname($_SERVER['DOCUMENT_ROOT'])."/wawp_admin/php_pages_header.php");

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
  return $theValue;

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

if(isset($_POST["passwd"]) && isset($_POST["cpasswd"])){
 if($_POST["passwd"] == $_POST["cpasswd"]){
 if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO users_and_groups (name, passwd, email, nstatus, fullname, tel, login_redirect, ntype) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)",
                       GetSQLValueString($_POST['name'], "text"),
                       GetSQLValueString(md5($_POST['passwd']), "text"),
                       GetSQLValueString($_POST['email'], "text"),
                       GetSQLValueString($_POST['nstatus'], "text"),
                       GetSQLValueString($_POST['fullname'], "text"),
                       GetSQLValueString($_POST['tel'], "text"),
                       GetSQLValueString($_POST['login_redirect'], "text"),
                       GetSQLValueString($_POST['ntype'], "text"));

  mysql_select_db($mydbname, $mylink);
  $Result1 = mysql_query($insertSQL, $mylink) or die(mysql_error());

  $insertSQL1 = sprintf("INSERT INTO groups_members (groupname, membername) VALUES (%s, %s)",
                       GetSQLValueString("users", "text"),
                       GetSQLValueString($_POST['name'], "text"));

  mysql_select_db($mydbname, $mylink);
  $Result2 = mysql_query($insertSQL1, $mylink) or die(mysql_error());

  $insertGoTo = "users.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  header(sprintf("Location: %s", $insertGoTo));
else {
$err_pw='<br>WARNING: fields &laquo;Passwd&raquo; and &laquo;Confirm Passwd&raquo; are empy or not equal !!! <br>';
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Web Authentication with PHP</title>
<style type="text/css">
.style4 {
	color: #FFFF00;
	font-weight: bold;
.style5 {color: #FF0000}
.style7 {color: #FF0000; font-weight: bold; }
<script language="JavaScript" type="text/JavaScript">
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;

function MM_validateForm() { //v4.0
  var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
  for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
    if (val) { nm=val.name; if ((val=val.value)!="") {
      if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
        if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
      } else if (test!='R') { num = parseFloat(val);
        if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
        if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
          min=test.substring(8,p); max=test.substring(p+1);
          if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
    } } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
  } if (errors) alert('The following error(s) occurred:\n'+errors);
  document.MM_returnValue = (errors == '');


<table width="100%" border="0" cellpadding="0" cellspacing="0">
    <td width="100%" height="50" align="center" valign="middle" bgcolor="#0000FF"><div align="center" class="style4">Web Authentication with PHP  &nbsp;    v. 1.1<br>
    <small><small style="font-style: italic;">
	<span style="color: rgb(255, 255, 0);">Released under the GNU General Public License</span></small></small><br>
    <td height="50" align="center" valign="middle" bgcolor="#FFCC33"><div align="center" class="style5">
      <table width="80%" cellspacing="1" bgcolor="#0000FF">
        <tr align="center" bgcolor="#FFCC33">
          <td width="20%"><a href="../index.php">Administration</a></td>
          <td width="20%"><a href="../setup/setup.php">Setup</a></td>
          <td width="20%" bgcolor="#FFFFFF"><a href="users.php">Users</a></td>
          <td width="20%"><a href="groups.php">Groups</a></td>
          <td width="20%"><a href="locations.php">Locations</a></td>
    <td height="350" align="center" valign="top"><br>
      <span class="style7">Insert new user<br>
      <?php echo $err_pw; ?>
      <form action="<?php echo $editFormAction; ?>" method="post" enctype="multipart/form-data" name="form1" onSubmit="MM_validateForm('name','','R','cpasswd','','R','email','','NisEmail','passwd','','R');return document.MM_returnValue">
      <table align="center" cellspacing="1" bgcolor="#0000FF">
          <tr valign="baseline" bgcolor="#FFFFFF">
            <td align="right" nowrap>Name:</td>
            <td><input type="text" name="name" value="" size="32"></td>
          <tr valign="baseline" bgcolor="#FFFFFF">
            <td align="right" nowrap>Passwd:</td>
            <td><input type="password" name="passwd" size="32"></td>
          <tr valign="baseline" bgcolor="#FFFFFF">
            <td align="right" nowrap>Confirm Passwd: </td>
            <td><input name="cpasswd" type="password" id="cpasswd" size="32"></td>
          <tr valign="baseline" bgcolor="#FFFFFF">
            <td align="right" nowrap>Email:</td>
            <td><input type="text" name="email" value="" size="32"></td>
          <tr valign="baseline" bgcolor="#FFFFFF">
            <td align="right" nowrap>Nstatus:</td>
            <td><select name="nstatus" id="nstatus">
              <option value="A" selected>ACTIVE</option>
              <option value="I">INACTIVE</option>
          <tr valign="baseline" bgcolor="#FFFFFF">
            <td align="right" nowrap>Fullname:</td>
            <td><input type="text" name="fullname" value="" size="32"></td>
          <tr valign="baseline" bgcolor="#FFFFFF">
            <td align="right" nowrap>Tel:</td>
            <td><input type="text" name="tel" value="" size="32"></td>
          <tr valign="baseline" bgcolor="#FFFFFF">
            <td align="right" nowrap>Login_redirect:</td>
            <td><input name="login_redirect" type="text" onBlur="MM_validateForm('name','','R','cpasswd','','R','email','','NisEmail','passwd','','R');return document.MM_returnValue" value="" size="32"></td>
          <tr valign="baseline" bgcolor="#FFFFFF">
            <td align="right" nowrap>Ntype:</td>
            <td><input type="text" name="ntype" value="U" size="32"></td>
          <tr valign="baseline" bgcolor="#FFFFFF">
            <td align="right" nowrap>&nbsp;</td>
            <td><input type="submit" value="Insert record"></td>
        <input type="hidden" name="MM_insert" value="form1">

Return current item: wawp