/extremedating/trunk

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/extremedating/trunk

« back to all changes in this revision

Viewing changes to adduser.php

  • Committer: Gustav Hatvigsson
  • Date: 2013-04-14 13:29:34 UTC
  • Revision ID: gustav.hartvigsson@gmail.com-20130414132934-u283ow3t1e3r3zfq
* Made login re-direct if the a user is logedin
* 'secured' get_image.php

Show diffs side-by-side

added added

removed removed

Lines of Context:
adduser.php
1
1
<!DOCTYPE html>
2
2
<html>
 
3
<!--
 
4
    ExtremeDating - a Hackathon 2013 project.
 
5
    Copyright (C) 2013 Gustav Hartvigsson <gustav.hartvigsson@gmail.com>
 
6
    Copyright (C) 2013 Daniel Johansson <maila@danieljohansson.nu>
 
7
 
 
8
 
 
9
    This program is free software: you can redistribute it and/or modify
 
10
    it under the terms of the GNU Affero General Public License as
 
11
    published by the Free Software Foundation, either version 3 of the
 
12
    License, or (at your option) any later version.
 
13
 
 
14
    This program is distributed in the hope that it will be useful,
 
15
    but WITHOUT ANY WARRANTY; without even the implied warranty of
 
16
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 
17
    GNU Affero General Public License for more details.
 
18
 
 
19
    You should have received a copy of the GNU Affero General Public License
 
20
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
21
-->
3
22
<head>
4
 
    <title>Extreme Dating - Create User</title>
 
23
        <title>Extreme Dating - Create User</title>
 
24
        <link rel="stylesheet" type="text/css" href="css/main.css"/>
 
25
        <meta http-equiv="Content-Type" content="text/html;charset=utf-8">
5
26
<head>
6
27
<?php
7
28
include "php/db.php";
 
29
include "php/salt.php";
8
30
if(isset($_POST['hiddenStuff']) && $_POST['hiddenStuff'] == "Something Strange") {
9
 
  $password = sha1($_POST['passwd']."salt");
 
31
  $password = sha1($_POST['passwd'].$pwd_salt);
10
32
  //If there is a $_POST that indicates that the add userscript should be run.
11
33
  $query = "";
 
34
  $output = "";
 
35
  if(isset($_FILES["image"]["tmp_name"])){
 
36
    $tmpFile = $_FILES["image"]["tmp_name"];
 
37
    $handle = fopen($tmpFile,"r");
 
38
    $fileSize = $_FILES['image']['size'];
 
39
    $output = fread($handle, filesize($tmpFile));
 
40
    $output = base64_encode ($output);
 
41
  }
12
42
  if (isset($_SESSION['userType']) && $_POST['isSuperUser'] == true && $_SESSION['userType'] == 1) {
13
43
    $query = "INSERT INTO Users (
14
44
    loginName,
17
47
    surName,
18
48
    eMail,
19
49
    city,
 
50
    profileImage,
20
51
    userType
21
52
    )
22
53
    
27
58
    '{$_POST['surName']}',
28
59
    '{$_POST['eMail']}',
29
60
    '{$_POST['city']}',
 
61
    '{$output}',
30
62
    '1'
31
63
    );";
32
64
  } else {
36
68
    firstName,
37
69
    surName,
38
70
    eMail,
39
 
    city
 
71
    city,
 
72
    profileImage
40
73
    )
41
74
    
42
75
    VALUES(
45
78
    '{$_POST['firstName']}',
46
79
    '{$_POST['surName']}',
47
80
    '{$_POST['eMail']}',
48
 
    '{$_POST['city']}'
 
81
    '{$_POST['city']}',
 
82
    '{$output}'
49
83
    );";
50
84
  }
 
85
  try {
51
86
  $db->exec($query);
 
87
  } catch (PDOException $err) {
 
88
    var_dump($err);
 
89
  }
52
90
  echo "<body> <h1> New user added! </h1> </body>";
53
91
  sleep(.5);
 
92
  header("Location:./index.php");
54
93
} else {
55
94
 
56
95
?>
57
96
  <body id="wrapper">
58
 
                <div id="profile">
 
97
        <div id="profile">
 
98
        <div id="frame">
59
99
    <h1> Create a new user </h1>
60
 
    <hr \>
61
 
        <form action="./adduser.php" method="POST">
 
100
    <hr />
 
101
        <form action="./adduser.php" method="POST" enctype="multipart/form-data">
62
102
          <table border="0">
63
103
            <?php
64
104
              if(isset($_SESSION['userType']) && $_SESSION['userType'] == 1 ) {
67
107
            ?>
68
108
            <tr>
69
109
              <td> <label for="user"> Is the user a Super User? </label> </td>
70
 
              <td> <input type="checkbox" name="isSuperUser" id="super" \> </td>
 
110
              <td> <input type="checkbox" name="isSuperUser" id="super" /> </td>
71
111
            </tr>
72
112
            <?php
73
113
              }
96
136
              <td> <label for="city"> City </label> </td>
97
137
              <td> <input type="input" name="city" id="city" /> </td>
98
138
            </tr>
99
 
                        <tr>
 
139
            <tr>
 
140
              <td> <label for="file"> Profile Image </label> </td>
 
141
              <td> <input type="file" name="image" id="image" /> </td>
 
142
            </tr>
 
143
                              <tr>
100
144
              <td><input name="hiddenStuff" value="Something Strange" type="hidden"/></td>
101
 
              <td><input id="input" type="submit" action="./adduser.php" value="Registera mig"/></td>
102
 
                        </tr>
 
145
              <td><input id="inputbutton1" type="submit" action="./adduser.php" value="Registera mig"/></td>
 
146
            </tr>
103
147
          </table>
104
148
        </form>
105
149
      <?php
106
150
}
107
151
      ?>
 
152
          </div>
108
153
    </div>
109
154
  </body>
110
155
</html>