-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathadd_user.php
69 lines (63 loc) · 2.12 KB
/
add_user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
<?php
// configuration
require("includes/config.php");
checkTable(OP_TABLE);
//Normal user will can't use this page
makeSureIsAdmin();
// if form was submitted
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
foreach ( $_POST as &$p){
$p = htmlspecialchars(trim($p));
}
if (empty($_POST["call"]))
{
apologize("Sorry you have to enter your callsign");
}
else if (empty($_POST["password"]))
{
apologize("Sorry you have to enter a password");
}
else if (empty($_POST["name"]))
{
apologize("Sorry you have to enter your name");
}
else if (empty($_POST["email"]))
{
apologize("Sorry you have to enter an email");
}
else if (empty($_POST["phone"]))
{
apologize("Sorry you have to enter your phone number");
}
else if ($_POST["password"] != $_POST["confirmation"])
{
apologize("Passwords don't match!");
}
else if (strlen($_POST["password"]) < 6
|| $_POST["password"] == $_POST["call"])
{
apologize("Password must be at least 6 characters long, and
can't be the same as Call sign!");
}
$_POST["call"] = strtoupper($_POST["call"]);
//dump($_POST);
$insertOP = sprintf("INSERT INTO %s (`%s`, `%s`, `%s`, `%s`, `%s`, `%s`) VALUES(?,?,?,?,?,1)",
OP_TABLE, OP_CALL, OP_PASSWORD, OP_NAME, OP_EMAIL, OP_PHONE, OP_PRIVILEGE);
if (query($insertOP, $_POST["call"], crypt($_POST["password"]),
$_POST["name"], $_POST["email"], $_POST["phone"]) === false)
{
apologize("Sorry, register failed {$_POST["call"]} might exists!");
}
else
{
succeed(array("message"=>"User added!", "url"=>$_SERVER["PHP_SELF"],
"link_message"=>"Add another user"));
//redirect("add_user.php");
}
}
else
{
render("add_user_form.php", array("title"=>"Add user - " . $_SESSION["call"]));
}
?>