2011-03-28 14:21:28 +00:00
|
|
|
<?
|
|
|
|
//TODO: rewrite this, make it cleaner, make it work right, add it common stuff
|
2013-05-02 08:00:23 +00:00
|
|
|
if (!check_perms('admin_create_users')) {
|
|
|
|
error(403);
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
|
|
|
|
//Show our beautiful header
|
2012-10-11 08:00:15 +00:00
|
|
|
View::show_header('Create a User');
|
2011-03-28 14:21:28 +00:00
|
|
|
|
|
|
|
//Make sure the form was sent
|
|
|
|
if (isset($_POST['Username'])) {
|
|
|
|
authorize();
|
|
|
|
|
|
|
|
//Create variables for all the fields
|
2013-06-04 08:00:34 +00:00
|
|
|
$Username = trim($_POST['Username']);
|
|
|
|
$Email = trim($_POST['Email']);
|
2011-03-28 14:21:28 +00:00
|
|
|
$Password = $_POST['Password'];
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//Make sure all the fields are filled in
|
2013-06-04 08:00:34 +00:00
|
|
|
//Don't allow a username of "0" or "1" because of PHP's type juggling
|
|
|
|
if (!empty($Username) && !empty($Email) && !empty($Password) && $Username != '0' && $Username != '1') {
|
2011-03-28 14:21:28 +00:00
|
|
|
|
|
|
|
//Create hashes...
|
2013-06-01 08:00:52 +00:00
|
|
|
$Secret = Users::make_secret();
|
|
|
|
$torrent_pass = Users::make_secret();
|
2011-03-28 14:21:28 +00:00
|
|
|
|
|
|
|
//Create the account
|
2013-06-01 08:00:52 +00:00
|
|
|
$DB->query("
|
|
|
|
INSERT INTO users_main
|
|
|
|
(Username, Email, PassHash, torrent_pass, Enabled, PermissionID, Language)
|
|
|
|
VALUES
|
|
|
|
('".db_string($Username)."','".db_string($Email)."','".db_string(Users::make_crypt_hash($Password))."','".db_string($torrent_pass)."','1','".USER."', 'en')");
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//Increment site user count
|
|
|
|
$Cache->increment('stats_user_count');
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2013-06-01 08:00:52 +00:00
|
|
|
//Grab the userID
|
|
|
|
$UserID = $DB->inserted_id();
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-10-11 08:00:15 +00:00
|
|
|
Tracker::update_tracker('add_user', array('id' => $UserID, 'passkey' => $torrent_pass));
|
2011-03-28 14:21:28 +00:00
|
|
|
|
|
|
|
//Default stylesheet
|
|
|
|
$DB->query("SELECT ID FROM stylesheets");
|
2013-06-01 08:00:52 +00:00
|
|
|
list($StyleID) = $DB->next_record();
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//Auth key
|
2012-10-11 08:00:15 +00:00
|
|
|
$AuthKey = Users::make_secret();
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//Give them a row in users_info
|
2013-06-01 08:00:52 +00:00
|
|
|
$DB->query("
|
|
|
|
INSERT INTO users_info
|
|
|
|
(UserID, StyleID, AuthKey, JoinDate)
|
|
|
|
VALUES
|
|
|
|
('".db_string($UserID)."','".db_string($StyleID)."','".db_string($AuthKey)."', '".sqltime()."')");
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//Redirect to users profile
|
|
|
|
header ("Location: user.php?id=".$UserID);
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//What to do if we don't have a username, email, or password
|
|
|
|
} elseif (empty($Username)) {
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//Give the Error -- We do not have a username
|
|
|
|
error("Please supply a username");
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
} elseif (empty($Email)) {
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//Give the Error -- We do not have an email address
|
|
|
|
error("Please supply an email address");
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
} elseif (empty($Password)) {
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//Give the Error -- We do not have a password
|
|
|
|
error("Please supply a password");
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
} else {
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//Uh oh, something went wrong
|
|
|
|
error("Unknown error");
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
//Form wasn't sent -- Show form
|
|
|
|
} else {
|
|
|
|
|
|
|
|
?>
|
2012-08-19 08:00:19 +00:00
|
|
|
<div class="header">
|
|
|
|
<h2>Create a User</h2>
|
|
|
|
</div>
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2013-06-01 08:00:52 +00:00
|
|
|
<div class="thin box pad">
|
2012-09-15 08:00:25 +00:00
|
|
|
<form class="create_form" name="user" method="post" action="">
|
2011-03-28 14:21:28 +00:00
|
|
|
<input type="hidden" name="action" value="create_user" />
|
|
|
|
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
|
2012-09-01 08:00:24 +00:00
|
|
|
<table class="layout" cellpadding="2" cellspacing="1" border="0" align="center">
|
2013-05-02 08:00:23 +00:00
|
|
|
<tr valign="top">
|
|
|
|
<td align="right">Username </td>
|
|
|
|
<td align="left"><input type="text" name="Username" id="username" class="inputtext" /></td>
|
|
|
|
</tr>
|
|
|
|
<tr valign="top">
|
|
|
|
<td align="right">Email </td>
|
|
|
|
<td align="left"><input type="text" name="Email" id="email" class="inputtext" /></td>
|
|
|
|
</tr>
|
|
|
|
<tr valign="top">
|
|
|
|
<td align="right">Password </td>
|
|
|
|
<td align="left"><input type="password" name="Password" id="password" class="inputtext" /></td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td colspan="2" align="right"><input type="submit" name="submit" value="Create User" class="submit" /></td>
|
|
|
|
</tr>
|
|
|
|
</table>
|
2011-03-28 14:21:28 +00:00
|
|
|
</form>
|
2013-06-01 08:00:52 +00:00
|
|
|
</div>
|
|
|
|
<?
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
|
2012-10-11 08:00:15 +00:00
|
|
|
View::show_footer(); ?>
|