/extremedating/trunk

<!DOCTYPE html>

<html>

<!--

    ExtremeDating - a Hackathon 2013 project.

    Copyright (C) 2013 Gustav Hartvigsson <gustav.hartvigsson@gmail.com>

    Copyright (C) 2013 Daniel Johansson <maila@danieljohansson.nu>

    This program is free software: you can redistribute it and/or modify

    it under the terms of the GNU Affero General Public License as

    published by the Free Software Foundation, either version 3 of the

    License, or (at your option) any later version.

    This program is distributed in the hope that it will be useful,

    but WITHOUT ANY WARRANTY; without even the implied warranty of

    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

    GNU Affero General Public License for more details.

    You should have received a copy of the GNU Affero General Public License

    along with this program.  If not, see <http://www.gnu.org/licenses/>.

-->

<head>

	<title>Extreme Dating - Create User</title>

	<link rel="stylesheet" type="text/css" href="css/main.css"/>

	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">

</head>

<?php

set_time_limit(0);

include "php/db.php";

include "php/salt.php";

include "php/stupid_image.php";

set_time_limit(60);

ini_set("post_max_size","16M");

ini_set("upload_max_filesize","16M");

ini_set("memory_limit","64M");

if(isset($_POST['hiddenStuff']) && $_POST['hiddenStuff'] == "Something Strange") {

  $password = sha1($_POST['passwd'].$pwd_salt);

  //If there is a $_POST that indicates that the add userscript should be run.

  $query = "";

  $output = "";

  if(isset($_FILES["image"]["tmp_name"]) && $_FILES['image']['size'] != 0 ){

    $tmpFile = $_FILES["image"]["tmp_name"];

    $handle = fopen($tmpFile,"r");

    $fileSize = $_FILES['image']['size'];

    $output = fread($handle, filesize($tmpFile));

    $image = new Imagick();

    $image->readImageBlob($output);

    $image = stupid_convert_and_rescale($image, 280, 280, 'png');

    $output = $image;

  }

  $query = "INSERT INTO Users (

    loginName,

    shadow,

    firstName,

    surName,

    eMail,

    city,

    profileImage,

    userType

    )

    VALUES(

    '{$_POST['name']}',

    '{$password}',

    '{$_POST['firstName']}',

    '{$_POST['surName']}',

    '{$_POST['eMail']}',

    '{$_POST['city']}',

    ? ,

    ?

    );";

  $q = null;

  try{

    $q = $db->prepare($query);

  } catch (PDOException $err) {

    echo "<pre>";

    var_dump($err);

    echo "</pre>";

  }

  if (isset($_SESSION['userType']) && $_POST['isSuperUser'] == true && $_SESSION['userType'] == 1) {

    $q->bindValue(2, '1');

  } else {

    $q->bindValue(2, '0');

  }

  $success = NULL;

  try {

    $q->bindValue(1,$output, PDO::PARAM_LOB);

    $q->execute();

    $success = true;

  } catch (PDOException $err) {

    echo "<pre>";

    var_dump($err);

    var_dump($query);

    var_dump($q);

    echo "</pre>";

    $success = false;

  } if ($success) {

    /*echo "<pre>";

    var_dump($query);

    var_dump($q);

    echo "</pre>";

    */

    echo "<body> <h1> New user added! </h1>";

    sleep(1);

    header("Location:./index.php");

  }

} else {

?>

  <body id="wrapper">

	<div id="profile">

	<div id="frame">

    <h1> Create a new user </h1>

    <hr />

        <form action="./adduser.php" method="POST" enctype="multipart/form-data">

          <table border="0">

            <?php

              if(isset($_SESSION['userType']) && $_SESSION['userType'] == 1 ) {

                //you are a superuser!

                //you can add other superusers.

            ?>

            <tr>

              <td> <label for="user"> Is the user a Super User? </label> </td>

              <td> <input type="checkbox" name="isSuperUser" id="super" /> </td>

            </tr>

            <?php

              }

            ?>

            <tr>

              <td> <label for="name"> User Name </label> </td>

              <td> <input type="input" name="name" id="name" /> </td>

            </tr>

            <tr>

              <td> <label for="passwd"> Password </label> </td>

              <td> <input type="password" name="passwd" id="passwd" /> </td>

            </tr>

            <tr>

              <td> <label for="firstname"> First Name </label> </td>

              <td> <input type="input" name="firstName" id="firstname" /> </td>

            </tr>

            <tr>

              <td> <label for="surname"> Sur Name </label> </td>

              <td> <input type="input" name="surName" id="surname" /> </td>

            </tr>

            <tr>

              <td> <label for="email"> E-mail </label> </td>

              <td> <input type="input" name="eMail" id="email" /> </td>

            </tr>

            <tr>

              <td> <label for="city"> City </label> </td>

              <td> <input type="input" name="city" id="city" /> </td>

            </tr>

            <tr>

              <td> <label for="file"> Profile Image </label> </td>

              <td> <input type="file" name="image" id="image" /> </td>

            </tr>

			      <tr>

              <td><input name="hiddenStuff" value="Something Strange" type="hidden"/></td>

              <td><input id="inputbutton1" type="submit" action="./adduser.php" value="Registera mig"/></td>

            </tr>

          </table>

        </form>

	    </div>

    </div>

    <?php

}

    ?>

  </body>

</html>