/extremedating/trunk : contents of adduser.php at revision 70

: (revision 70)

To get this branch, use:

bzr branch
http://gegoxaren.bato24.eu/bzr/extremedating/trunk

<!DOCTYPE html>
<html>
<!--
    ExtremeDating - a Hackathon 2013 project.
    Copyright (C) 2013 Gustav Hartvigsson <gustav.hartvigsson@gmail.com>
    Copyright (C) 2013 Daniel Johansson <maila@danieljohansson.nu>


    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU Affero General Public License as
    published by the Free Software Foundation, either version 3 of the
    License, or (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU Affero General Public License for more details.

    You should have received a copy of the GNU Affero General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-->
<head>
	<title>Extreme Dating - Create User</title>
	<link rel="stylesheet" type="text/css" href="css/main.css"/>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
<head>
<?php
set_time_limit(0);
include "php/db.php";
include "php/salt.php";
include "php/stupid_image.php";
set_time_limit(60);
ini_set("post_max_size","16M");
ini_set("upload_max_filesize","16M");
ini_set("memory_limit","64M");

if(isset($_POST['hiddenStuff']) && $_POST['hiddenStuff'] == "Something Strange") {
  $password = sha1($_POST['passwd'].$pwd_salt);
  //If there is a $_POST that indicates that the add userscript should be run.
  $query = "";
  $output = "";
  if(isset($_FILES["image"]["tmp_name"])){
    $tmpFile = $_FILES["image"]["tmp_name"];
    $handle = fopen($tmpFile,"r");
    $fileSize = $_FILES['image']['size'];
    $output = fread($handle, filesize($tmpFile));
    $image = new Imagick();
    $image->readImageBlob($output);
    $image = stupid_convert_and_rescale($image, 280, 280, 'png');
    $output = base64_encode ($image);
  }
  if (isset($_SESSION['userType']) && $_POST['isSuperUser'] == true && $_SESSION['userType'] == 1) {
    $query = "INSERT INTO Users (
    loginName,
    shadow,
    firstName,
    surName,
    eMail,
    city,
    profileImage,
    userType
    )
    
    VALUES(
    '{$_POST['name']}',
    '{$password}',
    '{$_POST['firstName']}',
    '{$_POST['surName']}',
    '{$_POST['eMail']}',
    '{$_POST['city']}',
    '{$output}',
    '1'
    );";
  } else {
    $query = "INSERT INTO Users (
    loginName,
    shadow,
    firstName,
    surName,
    eMail,
    city,
    profileImage
    )
    
    VALUES(
    '{$_POST['name']}',
    '{$password}',
    '{$_POST['firstName']}',
    '{$_POST['surName']}',
    '{$_POST['eMail']}',
    '{$_POST['city']}',
    '{$output}'
    );";
  }
  $success = NULL;
  try {
    $db->exec($query);
    $success = true;
  } catch (PDOException $err) {
    echo "<pre>";
    var_dump($err);
    var_dump($query);
    echo "</pre>";
    $db->rollBack();
    $success = false;
  } if ($success) {
    echo "<body> <h1> New user added! </h1> </body>";
    sleep(1);
    header("Location:./index.php");
  }
} else {

?>
  <body id="wrapper">
	<div id="profile">
	<div id="frame">
    <h1> Create a new user </h1>
    <hr />
        <form action="./adduser.php" method="POST" enctype="multipart/form-data">
          <table border="0">
            <?php
              if(isset($_SESSION['userType']) && $_SESSION['userType'] == 1 ) {
                //you are a superuser!
                //you can add other superusers.
            ?>
            <tr>
              <td> <label for="user"> Is the user a Super User? </label> </td>
              <td> <input type="checkbox" name="isSuperUser" id="super" /> </td>
            </tr>
            <?php
              }
            ?>
            <tr>
              <td> <label for="name"> User Name </label> </td>
              <td> <input type="input" name="name" id="name" /> </td>
            </tr>
            <tr>
              <td> <label for="passwd"> Password </label> </td>
              <td> <input type="password" name="passwd" id="passwd" /> </td>
            </tr>
            <tr>
              <td> <label for="firstname"> First Name </label> </td>
              <td> <input type="input" name="firstName" id="firstname" /> </td>
            </tr>
            <tr>
              <td> <label for="surname"> Sur Name </label> </td>
              <td> <input type="input" name="surName" id="surname" /> </td>
            </tr>
            <tr>
              <td> <label for="email"> E-mail </label> </td>
              <td> <input type="input" name="eMail" id="email" /> </td>
            </tr>
            <tr>
              <td> <label for="city"> City </label> </td>
              <td> <input type="input" name="city" id="city" /> </td>
            </tr>
            <tr>
              <td> <label for="file"> Profile Image </label> </td>
              <td> <input type="file" name="image" id="image" /> </td>
            </tr>
			      <tr>
              <td><input name="hiddenStuff" value="Something Strange" type="hidden"/></td>
              <td><input id="inputbutton1" type="submit" action="./adduser.php" value="Registera mig"/></td>
            </tr>
          </table>
        </form>
      <?php
}
      ?>
	  </div>
    </div>
  </body>
</html>

14.1.1 by Gustav Hatvigsson Started work on the add user form.	1	<!DOCTYPE html>
	2	<html>
49.1.1 by Gustav Hatvigsson Added licensing information to some files	3	<!--
	4	ExtremeDating - a Hackathon 2013 project.
	5	Copyright (C) 2013 Gustav Hartvigsson <gustav.hartvigsson@gmail.com>
	6	Copyright (C) 2013 Daniel Johansson <maila@danieljohansson.nu>
	7
	8
	9	This program is free software: you can redistribute it and/or modify
	10	it under the terms of the GNU Affero General Public License as
	11	published by the Free Software Foundation, either version 3 of the
	12	License, or (at your option) any later version.
	13
	14	This program is distributed in the hope that it will be useful,
	15	but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	17	GNU Affero General Public License for more details.
	18
	19	You should have received a copy of the GNU Affero General Public License
	20	along with this program. If not, see <http://www.gnu.org/licenses/>.
	21	-->
14.1.1 by Gustav Hatvigsson Started work on the add user form.	22	<head>
30 by Daniel Johansson Derping around	23	<title>Extreme Dating - Create User</title>
	24	<link rel="stylesheet" type="text/css" href="css/main.css"/>
	25	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
14.1.1 by Gustav Hatvigsson Started work on the add user form.	26	<head>
	27	<?php
68 by Gustav Hartvigsson Made the uploaded files take less space in the databas, though the use of	28	set_time_limit(0);
14.1.1 by Gustav Hatvigsson Started work on the add user form.	29	include "php/db.php";
52.1.2 by Gustav Hatvigsson Seperated out the salt into its own file.	30	include "php/salt.php";
68 by Gustav Hartvigsson Made the uploaded files take less space in the databas, though the use of	31	include "php/stupid_image.php";
	32	set_time_limit(60);
	33	ini_set("post_max_size","16M");
	34	ini_set("upload_max_filesize","16M");
	35	ini_set("memory_limit","64M");
	36
20.1.1 by Daniel Johansson Fixed stuffz in adduser.php	37	if(isset($_POST['hiddenStuff']) && $_POST['hiddenStuff'] == "Something Strange") {
52.1.2 by Gustav Hatvigsson Seperated out the salt into its own file.	38	$password = sha1($_POST['passwd'].$pwd_salt);
14.1.1 by Gustav Hatvigsson Started work on the add user form.	39	//If there is a $_POST that indicates that the add userscript should be run.
	40	$query = "";
39.1.6 by Gustav Hatvigsson Fixed the gawd damn get_image.php thingies...	41	$output = "";
45.1.1 by Gustav Hatvigsson Fixed it again...	42	if(isset($_FILES["image"]["tmp_name"])){
39.1.6 by Gustav Hatvigsson Fixed the gawd damn get_image.php thingies...	43	$tmpFile = $_FILES["image"]["tmp_name"];
	44	$handle = fopen($tmpFile,"r");
	45	$fileSize = $_FILES['image']['size'];
45.1.1 by Gustav Hatvigsson Fixed it again...	46	$output = fread($handle, filesize($tmpFile));
68 by Gustav Hartvigsson Made the uploaded files take less space in the databas, though the use of	47	$image = new Imagick();
	48	$image->readImageBlob($output);
	49	$image = stupid_convert_and_rescale($image, 280, 280, 'png');
70 by Gustav Hartvigsson woops..	50	$output = base64_encode ($image);
39.1.6 by Gustav Hatvigsson Fixed the gawd damn get_image.php thingies...	51	}
20.1.1 by Daniel Johansson Fixed stuffz in adduser.php	52	if (isset($_SESSION['userType']) && $_POST['isSuperUser'] == true && $_SESSION['userType'] == 1) {
14.1.1 by Gustav Hatvigsson Started work on the add user form.	53	$query = "INSERT INTO Users (
	54	loginName,
	55	shadow,
	56	firstName,
	57	surName,
	58	eMail,
	59	city,
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	60	profileImage,
14.1.1 by Gustav Hatvigsson Started work on the add user form.	61	userType
	62	)
	63
	64	VALUES(
	65	'{$_POST['name']}',
	66	'{$password}',
	67	'{$_POST['firstName']}',
	68	'{$_POST['surName']}',
	69	'{$_POST['eMail']}',
24 by Daniel Johansson Fixed gegos errors	70	'{$_POST['city']}',
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	71	'{$output}',
14.1.1 by Gustav Hatvigsson Started work on the add user form.	72	'1'
	73	);";
	74	} else {
	75	$query = "INSERT INTO Users (
	76	loginName,
	77	shadow,
	78	firstName,
	79	surName,
	80	eMail,
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	81	city,
	82	profileImage
14.1.1 by Gustav Hatvigsson Started work on the add user form.	83	)
	84
	85	VALUES(
	86	'{$_POST['name']}',
	87	'{$password}',
	88	'{$_POST['firstName']}',
	89	'{$_POST['surName']}',
	90	'{$_POST['eMail']}',
31.1.4 by Daniel Johansson Merge	91	'{$_POST['city']}',
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	92	'{$output}'
14.1.1 by Gustav Hatvigsson Started work on the add user form.	93	);";
	94	}
68 by Gustav Hartvigsson Made the uploaded files take less space in the databas, though the use of	95	$success = NULL;
39.1.4 by Gustav Hatvigsson fixed the user images! that only took a fow houres -_-...	96	try {
68 by Gustav Hartvigsson Made the uploaded files take less space in the databas, though the use of	97	$db->exec($query);
	98	$success = true;
39.1.4 by Gustav Hatvigsson fixed the user images! that only took a fow houres -_-...	99	} catch (PDOException $err) {
68 by Gustav Hartvigsson Made the uploaded files take less space in the databas, though the use of	100	echo "<pre>";
39.1.4 by Gustav Hatvigsson fixed the user images! that only took a fow houres -_-...	101	var_dump($err);
68 by Gustav Hartvigsson Made the uploaded files take less space in the databas, though the use of	102	var_dump($query);
	103	echo "</pre>";
	104	$db->rollBack();
	105	$success = false;
	106	} if ($success) {
	107	echo "<body> <h1> New user added! </h1> </body>";
	108	sleep(1);
	109	header("Location:./index.php");
39.1.4 by Gustav Hatvigsson fixed the user images! that only took a fow houres -_-...	110	}
14.1.1 by Gustav Hatvigsson Started work on the add user form.	111	} else {
	112
	113	?>
	114	<body id="wrapper">
30 by Daniel Johansson Derping around	115	<div id="profile">
30 by Daniel Johansson Derping around	116	<div id="frame">
14.1.1 by Gustav Hatvigsson Started work on the add user form.	117	<h1> Create a new user </h1>
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	118	<hr />
45.1.1 by Gustav Hatvigsson Fixed it again...	119	<form action="./adduser.php" method="POST" enctype="multipart/form-data">
14.1.1 by Gustav Hatvigsson Started work on the add user form.	120	<table border="0">
	121	<?php
18.1.1 by Gustav Hatvigsson fixed a few things.	122	if(isset($_SESSION['userType']) && $_SESSION['userType'] == 1 ) {
14.1.1 by Gustav Hatvigsson Started work on the add user form.	123	//you are a superuser!
	124	//you can add other superusers.
	125	?>
	126	<tr>
	127	<td> <label for="user"> Is the user a Super User? </label> </td>
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	128	<td> <input type="checkbox" name="isSuperUser" id="super" /> </td>
14.1.1 by Gustav Hatvigsson Started work on the add user form.	129	</tr>
	130	<?php
	131	}
	132	?>
	133	<tr>
	134	<td> <label for="name"> User Name </label> </td>
	135	<td> <input type="input" name="name" id="name" /> </td>
	136	</tr>
	137	<tr>
	138	<td> <label for="passwd"> Password </label> </td>
	139	<td> <input type="password" name="passwd" id="passwd" /> </td>
	140	</tr>
	141	<tr>
	142	<td> <label for="firstname"> First Name </label> </td>
	143	<td> <input type="input" name="firstName" id="firstname" /> </td>
	144	</tr>
	145	<tr>
	146	<td> <label for="surname"> Sur Name </label> </td>
	147	<td> <input type="input" name="surName" id="surname" /> </td>
	148	</tr>
	149	<tr>
	150	<td> <label for="email"> E-mail </label> </td>
	151	<td> <input type="input" name="eMail" id="email" /> </td>
	152	</tr>
	153	<tr>
	154	<td> <label for="city"> City </label> </td>
	155	<td> <input type="input" name="city" id="city" /> </td>
	156	</tr>
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	157	<tr>
57.1.2 by Gustav Hatvigsson fixed the "city" bug.	158	<td> <label for="file"> Profile Image </label> </td>
32 by Gustav Hatvigsson Fixed a few things...	159	<td> <input type="file" name="image" id="image" /> </td>
29.1.1 by Gustav Hatvigsson Added profile image to the adduser.php file.	160	</tr>
	161	<tr>
20.1.1 by Daniel Johansson Fixed stuffz in adduser.php	162	<td><input name="hiddenStuff" value="Something Strange" type="hidden"/></td>
30 by Daniel Johansson Derping around	163	<td><input id="inputbutton1" type="submit" action="./adduser.php" value="Registera mig"/></td>
33 by Gustav Hatvigsson fixed merge errors, and indentation.	164	</tr>
14.1.1 by Gustav Hatvigsson Started work on the add user form.	165	</table>
	166	</form>
	167	<?php
	168	}
	169	?>
30 by Daniel Johansson Derping around	170	</div>
14.1.1 by Gustav Hatvigsson Started work on the add user form.	171	</div>
	172	</body>
	173	</html>