/extremedating/trunk : contents of adduser.php at revision 63

: (revision 63)

To get this branch, use:

bzr branch
http://gegoxaren.bato24.eu/bzr/extremedating/trunk

<!DOCTYPE html>
<html>
<!--
    ExtremeDating - a Hackathon 2013 project.
    Copyright (C) 2013 Gustav Hartvigsson <gustav.hartvigsson@gmail.com>
    Copyright (C) 2013 Daniel Johansson <maila@danieljohansson.nu>


    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU Affero General Public License as
    published by the Free Software Foundation, either version 3 of the
    License, or (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU Affero General Public License for more details.

    You should have received a copy of the GNU Affero General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-->
<head>
	<title>Extreme Dating - Create User</title>
	<link rel="stylesheet" type="text/css" href="css/main.css"/>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
<head>
<?php
include "php/db.php";
include "php/salt.php";
if(isset($_POST['hiddenStuff']) && $_POST['hiddenStuff'] == "Something Strange") {
  $password = sha1($_POST['passwd'].$pwd_salt);
  //If there is a $_POST that indicates that the add userscript should be run.
  $query = "";
  $output = "";
  if(isset($_FILES["image"]["tmp_name"])){
    $tmpFile = $_FILES["image"]["tmp_name"];
    $handle = fopen($tmpFile,"r");
    $fileSize = $_FILES['image']['size'];
    $output = fread($handle, filesize($tmpFile));
    $output = base64_encode ($output);
  }
  if (isset($_SESSION['userType']) && $_POST['isSuperUser'] == true && $_SESSION['userType'] == 1) {
    $query = "INSERT INTO Users (
    loginName,
    shadow,
    firstName,
    surName,
    eMail,
    city,
    profileImage,
    userType
    )
    
    VALUES(
    '{$_POST['name']}',
    '{$password}',
    '{$_POST['firstName']}',
    '{$_POST['surName']}',
    '{$_POST['eMail']}',
    '{$_POST['city']}',
    '{$output}',
    '1'
    );";
  } else {
    $query = "INSERT INTO Users (
    loginName,
    shadow,
    firstName,
    surName,
    eMail,
    city,
    profileImage
    )
    
    VALUES(
    '{$_POST['name']}',
    '{$password}',
    '{$_POST['firstName']}',
    '{$_POST['surName']}',
    '{$_POST['eMail']}',
    '{$_POST['city']}',
    '{$output}'
    );";
  }
  try {
  $db->exec($query);
  } catch (PDOException $err) {
    var_dump($err);
  }
  echo "<body> <h1> New user added! </h1> </body>";
  sleep(.5);
  header("Location:./index.php");
} else {

?>
  <body id="wrapper">
	<div id="profile">
	<div id="frame">
    <h1> Create a new user </h1>
    <hr />
        <form action="./adduser.php" method="POST" enctype="multipart/form-data">
          <table border="0">
            <?php
              if(isset($_SESSION['userType']) && $_SESSION['userType'] == 1 ) {
                //you are a superuser!
                //you can add other superusers.
            ?>
            <tr>
              <td> <label for="user"> Is the user a Super User? </label> </td>
              <td> <input type="checkbox" name="isSuperUser" id="super" /> </td>
            </tr>
            <?php
              }
            ?>
            <tr>
              <td> <label for="name"> User Name </label> </td>
              <td> <input type="input" name="name" id="name" /> </td>
            </tr>
            <tr>
              <td> <label for="passwd"> Password </label> </td>
              <td> <input type="password" name="passwd" id="passwd" /> </td>
            </tr>
            <tr>
              <td> <label for="firstname"> First Name </label> </td>
              <td> <input type="input" name="firstName" id="firstname" /> </td>
            </tr>
            <tr>
              <td> <label for="surname"> Sur Name </label> </td>
              <td> <input type="input" name="surName" id="surname" /> </td>
            </tr>
            <tr>
              <td> <label for="email"> E-mail </label> </td>
              <td> <input type="input" name="eMail" id="email" /> </td>
            </tr>
            <tr>
              <td> <label for="city"> City </label> </td>
              <td> <input type="input" name="city" id="city" /> </td>
            </tr>
            <tr>
              <td> <label for="file"> Profile Image </label> </td>
              <td> <input type="file" name="image" id="image" /> </td>
            </tr>
			      <tr>
              <td><input name="hiddenStuff" value="Something Strange" type="hidden"/></td>
              <td><input id="inputbutton1" type="submit" action="./adduser.php" value="Registera mig"/></td>
            </tr>
          </table>
        </form>
      <?php
}
      ?>
	  </div>
    </div>
  </body>
</html>

14.1.1 by Gustav Hatvigsson Started work on the add user form.	1	<!DOCTYPE html>
	2	<html>
49.1.1 by Gustav Hatvigsson Added licensing information to some files	3	<!--
	4	ExtremeDating - a Hackathon 2013 project.
	5	Copyright (C) 2013 Gustav Hartvigsson <gustav.hartvigsson@gmail.com>
	6	Copyright (C) 2013 Daniel Johansson <maila@danieljohansson.nu>
	7
	8
	9	This program is free software: you can redistribute it and/or modify
	10	it under the terms of the GNU Affero General Public License as
	11	published by the Free Software Foundation, either version 3 of the
	12	License, or (at your option) any later version.
	13
	14	This program is distributed in the hope that it will be useful,
	15	but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	17	GNU Affero General Public License for more details.
	18
	19	You should have received a copy of the GNU Affero General Public License
	20	along with this program. If not, see <http://www.gnu.org/licenses/>.
	21	-->
14.1.1 by Gustav Hatvigsson Started work on the add user form.	22	<head>
30 by Daniel Johansson Derping around	23	<title>Extreme Dating - Create User</title>
	24	<link rel="stylesheet" type="text/css" href="css/main.css"/>
	25	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
14.1.1 by Gustav Hatvigsson Started work on the add user form.	26	<head>
	27	<?php
	28	include "php/db.php";
52.1.2 by Gustav Hatvigsson Seperated out the salt into its own file.	29	include "php/salt.php";
20.1.1 by Daniel Johansson Fixed stuffz in adduser.php	30	if(isset($_POST['hiddenStuff']) && $_POST['hiddenStuff'] == "Something Strange") {
52.1.2 by Gustav Hatvigsson Seperated out the salt into its own file.	31	$password = sha1($_POST['passwd'].$pwd_salt);
14.1.1 by Gustav Hatvigsson Started work on the add user form.	32	//If there is a $_POST that indicates that the add userscript should be run.
	33	$query = "";
39.1.6 by Gustav Hatvigsson Fixed the gawd damn get_image.php thingies...	34	$output = "";
45.1.1 by Gustav Hatvigsson Fixed it again...	35	if(isset($_FILES["image"]["tmp_name"])){
39.1.6 by Gustav Hatvigsson Fixed the gawd damn get_image.php thingies...	36	$tmpFile = $_FILES["image"]["tmp_name"];
	37	$handle = fopen($tmpFile,"r");
	38	$fileSize = $_FILES['image']['size'];
45.1.1 by Gustav Hatvigsson Fixed it again...	39	$output = fread($handle, filesize($tmpFile));
39.1.6 by Gustav Hatvigsson Fixed the gawd damn get_image.php thingies...	40	$output = base64_encode ($output);
	41	}
20.1.1 by Daniel Johansson Fixed stuffz in adduser.php	42	if (isset($_SESSION['userType']) && $_POST['isSuperUser'] == true && $_SESSION['userType'] == 1) {
14.1.1 by Gustav Hatvigsson Started work on the add user form.	43	$query = "INSERT INTO Users (
	44	loginName,
	45	shadow,
	46	firstName,
	47	surName,
	48	eMail,
	49	city,
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	50	profileImage,
14.1.1 by Gustav Hatvigsson Started work on the add user form.	51	userType
	52	)
	53
	54	VALUES(
	55	'{$_POST['name']}',
	56	'{$password}',
	57	'{$_POST['firstName']}',
	58	'{$_POST['surName']}',
	59	'{$_POST['eMail']}',
24 by Daniel Johansson Fixed gegos errors	60	'{$_POST['city']}',
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	61	'{$output}',
14.1.1 by Gustav Hatvigsson Started work on the add user form.	62	'1'
	63	);";
	64	} else {
	65	$query = "INSERT INTO Users (
	66	loginName,
	67	shadow,
	68	firstName,
	69	surName,
	70	eMail,
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	71	city,
	72	profileImage
14.1.1 by Gustav Hatvigsson Started work on the add user form.	73	)
	74
	75	VALUES(
	76	'{$_POST['name']}',
	77	'{$password}',
	78	'{$_POST['firstName']}',
	79	'{$_POST['surName']}',
	80	'{$_POST['eMail']}',
31.1.4 by Daniel Johansson Merge	81	'{$_POST['city']}',
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	82	'{$output}'
14.1.1 by Gustav Hatvigsson Started work on the add user form.	83	);";
	84	}
39.1.4 by Gustav Hatvigsson fixed the user images! that only took a fow houres -_-...	85	try {
22.1.1 by Gustav Hatvigsson forgot to let the database run the query.	86	$db->exec($query);
39.1.4 by Gustav Hatvigsson fixed the user images! that only took a fow houres -_-...	87	} catch (PDOException $err) {
	88	var_dump($err);
	89	}
22.1.2 by Gustav Hatvigsson forgot an ;	90	echo "<body> <h1> New user added! </h1> </body>";
22.1.1 by Gustav Hatvigsson forgot to let the database run the query.	91	sleep(.5);
43.1.1 by Gustav Hatvigsson Made it redirect... again...	92	header("Location:./index.php");
14.1.1 by Gustav Hatvigsson Started work on the add user form.	93	} else {
	94
	95	?>
	96	<body id="wrapper">
30 by Daniel Johansson Derping around	97	<div id="profile">
30 by Daniel Johansson Derping around	98	<div id="frame">
14.1.1 by Gustav Hatvigsson Started work on the add user form.	99	<h1> Create a new user </h1>
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	100	<hr />
45.1.1 by Gustav Hatvigsson Fixed it again...	101	<form action="./adduser.php" method="POST" enctype="multipart/form-data">
14.1.1 by Gustav Hatvigsson Started work on the add user form.	102	<table border="0">
	103	<?php
18.1.1 by Gustav Hatvigsson fixed a few things.	104	if(isset($_SESSION['userType']) && $_SESSION['userType'] == 1 ) {
14.1.1 by Gustav Hatvigsson Started work on the add user form.	105	//you are a superuser!
	106	//you can add other superusers.
	107	?>
	108	<tr>
	109	<td> <label for="user"> Is the user a Super User? </label> </td>
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	110	<td> <input type="checkbox" name="isSuperUser" id="super" /> </td>
14.1.1 by Gustav Hatvigsson Started work on the add user form.	111	</tr>
	112	<?php
	113	}
	114	?>
	115	<tr>
	116	<td> <label for="name"> User Name </label> </td>
	117	<td> <input type="input" name="name" id="name" /> </td>
	118	</tr>
	119	<tr>
	120	<td> <label for="passwd"> Password </label> </td>
	121	<td> <input type="password" name="passwd" id="passwd" /> </td>
	122	</tr>
	123	<tr>
	124	<td> <label for="firstname"> First Name </label> </td>
	125	<td> <input type="input" name="firstName" id="firstname" /> </td>
	126	</tr>
	127	<tr>
	128	<td> <label for="surname"> Sur Name </label> </td>
	129	<td> <input type="input" name="surName" id="surname" /> </td>
	130	</tr>
	131	<tr>
	132	<td> <label for="email"> E-mail </label> </td>
	133	<td> <input type="input" name="eMail" id="email" /> </td>
	134	</tr>
	135	<tr>
	136	<td> <label for="city"> City </label> </td>
	137	<td> <input type="input" name="city" id="city" /> </td>
	138	</tr>
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	139	<tr>
57.1.2 by Gustav Hatvigsson fixed the "city" bug.	140	<td> <label for="file"> Profile Image </label> </td>
32 by Gustav Hatvigsson Fixed a few things...	141	<td> <input type="file" name="image" id="image" /> </td>
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	142	</tr>
	143	<tr>
20.1.1 by Daniel Johansson Fixed stuffz in adduser.php	144	<td><input name="hiddenStuff" value="Something Strange" type="hidden"/></td>
30 by Daniel Johansson Derping around	145	<td><input id="inputbutton1" type="submit" action="./adduser.php" value="Registera mig"/></td>
33 by Gustav Hatvigsson fixed merge errors, and indentation.	146	</tr>
14.1.1 by Gustav Hatvigsson Started work on the add user form.	147	</table>
	148	</form>
	149	<?php
	150	}
	151	?>
30 by Daniel Johansson Derping around	152	</div>
14.1.1 by Gustav Hatvigsson Started work on the add user form.	153	</div>
	154	</body>
	155	</html>