Gazelle/sections/tools/misc/create_user.php

124 lines
3.4 KiB
PHP
Raw Permalink Normal View History

2011-03-28 14:21:28 +00:00
<?
//TODO: rewrite this, make it cleaner, make it work right, add it common stuff
2013-05-02 08:00:23 +00:00
if (!check_perms('admin_create_users')) {
error(403);
}
2011-03-28 14:21:28 +00:00
//Show our beautiful header
2012-10-11 08:00:15 +00:00
View::show_header('Create a User');
2011-03-28 14:21:28 +00:00
//Make sure the form was sent
if (isset($_POST['Username'])) {
authorize();
//Create variables for all the fields
2013-06-04 08:00:34 +00:00
$Username = trim($_POST['Username']);
$Email = trim($_POST['Email']);
2011-03-28 14:21:28 +00:00
$Password = $_POST['Password'];
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Make sure all the fields are filled in
2013-06-04 08:00:34 +00:00
//Don't allow a username of "0" or "1" because of PHP's type juggling
if (!empty($Username) && !empty($Email) && !empty($Password) && $Username != '0' && $Username != '1') {
2011-03-28 14:21:28 +00:00
//Create hashes...
2013-06-01 08:00:52 +00:00
$Secret = Users::make_secret();
$torrent_pass = Users::make_secret();
2011-03-28 14:21:28 +00:00
//Create the account
2013-06-01 08:00:52 +00:00
$DB->query("
INSERT INTO users_main
2013-08-28 23:08:41 +00:00
(Username, Email, PassHash, torrent_pass, Enabled, PermissionID)
2013-06-01 08:00:52 +00:00
VALUES
2013-08-28 23:08:41 +00:00
('".db_string($Username)."', '".db_string($Email)."', '".db_string(Users::make_crypt_hash($Password))."', '".db_string($torrent_pass)."', '1', '".USER."')");
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Increment site user count
$Cache->increment('stats_user_count');
2013-02-22 08:00:24 +00:00
2013-06-01 08:00:52 +00:00
//Grab the userID
$UserID = $DB->inserted_id();
2013-02-22 08:00:24 +00:00
2012-10-11 08:00:15 +00:00
Tracker::update_tracker('add_user', array('id' => $UserID, 'passkey' => $torrent_pass));
2011-03-28 14:21:28 +00:00
//Default stylesheet
2013-07-10 00:08:53 +00:00
$DB->query("
SELECT ID
FROM stylesheets");
2013-06-01 08:00:52 +00:00
list($StyleID) = $DB->next_record();
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Auth key
2012-10-11 08:00:15 +00:00
$AuthKey = Users::make_secret();
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Give them a row in users_info
2013-06-01 08:00:52 +00:00
$DB->query("
INSERT INTO users_info
(UserID, StyleID, AuthKey, JoinDate)
VALUES
2013-07-10 00:08:53 +00:00
('".db_string($UserID)."', '".db_string($StyleID)."', '".db_string($AuthKey)."', '".sqltime()."')");
2013-02-22 08:00:24 +00:00
2013-08-28 23:08:41 +00:00
// Give the notification settings
$DB->query("INSERT INTO users_notifications_settings (UserID) VALUES ('$UserID')");
2011-03-28 14:21:28 +00:00
//Redirect to users profile
2013-07-10 00:08:53 +00:00
header ("Location: user.php?id=$UserID");
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//What to do if we don't have a username, email, or password
} elseif (empty($Username)) {
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Give the Error -- We do not have a username
2013-07-10 00:08:53 +00:00
error('Please supply a username');
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
} elseif (empty($Email)) {
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Give the Error -- We do not have an email address
2013-07-10 00:08:53 +00:00
error('Please supply an email address');
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
} elseif (empty($Password)) {
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Give the Error -- We do not have a password
2013-07-10 00:08:53 +00:00
error('Please supply a password');
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
} else {
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Uh oh, something went wrong
2013-07-10 00:08:53 +00:00
error('Unknown error');
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
}
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Form wasn't sent -- Show form
} else {
?>
2012-08-19 08:00:19 +00:00
<div class="header">
<h2>Create a User</h2>
</div>
2013-02-22 08:00:24 +00:00
2013-06-01 08:00:52 +00:00
<div class="thin box pad">
2012-09-15 08:00:25 +00:00
<form class="create_form" name="user" method="post" action="">
2011-03-28 14:21:28 +00:00
<input type="hidden" name="action" value="create_user" />
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
2012-09-01 08:00:24 +00:00
<table class="layout" cellpadding="2" cellspacing="1" border="0" align="center">
2013-05-02 08:00:23 +00:00
<tr valign="top">
2014-03-23 08:00:50 +00:00
<td align="right" class="label">Username:</td>
2013-05-02 08:00:23 +00:00
<td align="left"><input type="text" name="Username" id="username" class="inputtext" /></td>
</tr>
<tr valign="top">
2014-03-23 08:00:50 +00:00
<td align="right" class="label">Email address:</td>
<td align="left"><input type="email" name="Email" id="email" class="inputtext" /></td>
2013-05-02 08:00:23 +00:00
</tr>
<tr valign="top">
2014-03-23 08:00:50 +00:00
<td align="right" class="label">Password:</td>
2013-05-02 08:00:23 +00:00
<td align="left"><input type="password" name="Password" id="password" class="inputtext" /></td>
</tr>
<tr>
2014-03-23 08:00:50 +00:00
<td colspan="2" align="right">
<input type="submit" name="submit" value="Create User" class="submit" />
</td>
2013-05-02 08:00:23 +00:00
</tr>
</table>
2011-03-28 14:21:28 +00:00
</form>
2013-06-01 08:00:52 +00:00
</div>
<?
2011-03-28 14:21:28 +00:00
}
2012-10-11 08:00:15 +00:00
View::show_footer(); ?>