Navigation

← Previous Changeset
Next Changeset →

Changeset 74

Timestamp:

28/05/05 16:54:44 (4 years ago)

Author:

stringfellow

Message:

Added preliminary addUser function to admin, this needs more work, but after food :)

Files:

admin.lib.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

admin.lib.php

r71	r74
301	301	echo "</div>\n";
302	302	}
	303
	304	/* Some functions to manage posts, users etc. */
	305
	306	function addUser()
	307	{
	308	$username = '';
	309	$password = '';
	310	$type = 1;
	311	$name = '';
	312	$title = '';
	313	$description = '';
	314	$css = 'blog.css';
	315	$enabled = False; // seems sensible..
	316
	317	//sanitise username
	318	if (isset($_POST['username']) && trim($_POST['username']) != "" && (int)$_POST['username'] == 0) {
	319	$username = $_POST['username'];
	320	} else {
	321	$this->inputError = _("Bad Input - Username");
	322	$err = 1;
	323	}
	324
	325	//sanitise password, assume it will be hashed before sending :)
	326	if (isset($_POST['password']) && trim($_POST['password']) != "" && (int)$_POST['password'] == 0) {
	327	$password = $_POST['password'];
	328	} else {
	329	$this->inputError = _("Bad Input - Password");
	330	$err = 1;
	331	}
	332
	333	//sanitise type
	334	if (isset($_POST['type']) && trim($_POST['type']) != "" && (int)$_POST['type'] > 0) {
	335	$type = (int)$_POST['type'];
	336	} else {
	337	$this->inputError = _("Bad Input - Type");
	338	$err = 1;
	339	}
	340
	341	//sanitise name
	342	if (isset($_POST['name']) && trim($_POST['name']) != "" && (int)$_POST['name'] == 0) {
	343	$name = addslashes(urldecode($_POST['name']));
	344	} else {
	345	$this->inputError = _("Bad Input - Realname");
	346	$err = 1;
	347	}
	348
	349	//sanitise title
	350	if (isset($_POST['title']) && trim($_POST['title']) != "" && (int)$_POST['title'] == 0) {
	351	$title = addslashes(urldecode($_POST['title']));
	352	} else {
	353	$this->inputError = _("Bad Input - Title");
	354	$err = 1;
	355	}
	356
	357	//sanitise description
	358	if (isset($_POST['description']) && trim($_POST['description']) != "" && (int)$_POST['description'] == 0) {
	359	$description = addslashes(urldecode($_POST['description']));
	360	} else {
	361	$this->inputError = _("Bad Input - Description");
	362	$err = 1;
	363	}
	364
	365	//sanitise css
	366	if (isset($_POST['css'])) { // if its not set its defaulted...
	367	if (trim($_POST['css']) != "" && (int)$_POST['css'] == 0 && is_file($_POST['css'])) {
	368	$css = $_POST['css'];
	369	} else {
	370	$this->inputError = _("Bad Input - CSS location");
	371	$err = 1;
	372	}
	373	}
	374
	375	//sanitise enabled -- not really sure about this. i think creation and enablig should be
	376	// done seperately... ???
	377	/*if (isset($_POST['enabled'])) { // if its not set its defaulted...
	378	if (trim($_POST['enabled']) != "" && (int)$_POST['enabled'] == 0)) {
	379	$css = $_POST['enabled'];
	380	} else {
	381	$this->inputError = _("Bad Input - Enabled");
	382	$err = 1;
	383	}
	384	}*/
	385
	386	if ($err == 0) { // and insert...
	387
	388	$query = "INSERT into USERS (username,password,type,name,title,description,css,enabled) VALUES ('{$username}','{$password}',{$type},'{$name}','{$title}','{$description}','{$css}',{$enabled});";
	389	if (!db_query($query)) {
	390	error(2,_("Database Insertion failed.");
	391	} else {
	392	print(_("OK. New user '{$username}' added.\nPlease enable the account."); //pleh?
	393	}
	394	} else {
	395	error(4,_("Bad Input."));
	396	}
	397	}
303	398	}

Navigation

Changeset 74

Legend:

admin.lib.php

Download in other formats: