enableAddon(ADMIN_DIRECTORY.'\\users'); // Create a javascript back link $js_back = ADMIN_URL.'/users/index.php'; if( !$admin->checkFTAN() ) { $admin->print_header(); $sInfo = strtoupper(basename(__DIR__).'_'.basename(__FILE__, ''.PAGE_EXTENSION).'::'); $sDEBUG=(@DEBUG?$sInfo:''); $admin->print_error($sDEBUG.$oTrans->MESSAGE_GENERIC_SECURITY_ACCESS, $js_back ); } // After check print the header $admin->print_header(); /** * $sLanguagesAddonDefaultFile = WB_PATH.'/account/languages/EN.php'; * if (is_readable($sLanguagesAddonDefaultFile)){include $sLanguagesAddonDefaultFile;} * $sLanguagesAddonFile = WB_PATH.'/account/languages/'.LANGUAGE.'.php'; * if (is_readable($sLanguagesAddonFile)){include $sLanguagesAddonFile;} */ /* print '

function '.__FUNCTION__.'( '.''.' );  filename: '.basename(__FILE__).'  line: '.__LINE__.' -> 
';
print_r( $oTrans ); print '

'; flush (); // ob_flush();;sleep(10); die(); */ $aInputs = array(); $aInputs = array_merge( $_POST ); // Get details entered $groups_id = ( isset($aInputs['groups']) ? implode(",", $aInputs['groups']) : ''); $active = intval( is_array($aInputs['active']) ?($aInputs['active'][0]):$aInputs['active']); $username_fieldname = $admin->get_post('username_fieldname'); $username = strtolower($admin->get_post($username_fieldname)); $password = $admin->get_post('password'); $password2 = $admin->get_post('password2'); $display_name = $admin->StripCodeFromText($admin->get_post('display_name')); $email = $admin->StripCodeFromText($admin->get_post('email')); $home_folder = $admin->get_post('home_folder'); $default_language = DEFAULT_LANGUAGE; $default_timezone = DEFAULT_TIMEZONE; /*----------------------------------------------------------------------------------------------------*/ // Check values // Check if username already exists $sql = 'SELECT `user_id` FROM `'.TABLE_PREFIX.'users` ' . 'WHERE `username` = \''.$username.'\' '; if ($database->get_one($sql)) { $aErrorMessage[] = $oTrans->MESSAGE_USERS_USERNAME_TAKEN; } if(!preg_match('/^[a-z]{1}[a-z0-9_-]{2,}$/i', $username)) { $aErrorMessage[] = $oTrans->MESSAGE_USERS_NAME_INVALID_CHARS.' / ' . $oTrans->MESSAGE_USERS_USERNAME_TOO_SHORT; } if(strlen($password) < 2) { $aErrorMessage[] = $oTrans->MESSAGE_USERS_PASSWORD_TOO_SHORT; } if($password != $password2) { $aErrorMessage[] = $oTrans->MESSAGE_USERS_PASSWORD_MISMATCH; } $sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` '; $sql .= 'WHERE `display_name` LIKE \''.$display_name.'\''; if ($database->get_one($sql) > 0) { $aErrorMessage[] = ( @$oTrans->MESSAGE_USERS_DISPLAYNAME_TAKEN?:$oTrans->MESSAGE_MEDIA_BLANK_NAME.' ('.$oTrans->TEXT_DISPLAY_NAME.')'); } if($email != '') { // Check if the email already exists $sql = 'SELECT `user_id` FROM `'.TABLE_PREFIX.'users` ' . 'WHERE `email` = \''.$email.'\' '; if ($database->get_one($sql)) { if(isset($oTrans->MESSAGE_USERS_EMAIL_TAKEN)) { $aErrorMessage[] = $oTrans->MESSAGE_USERS_EMAIL_TAKEN; } if($admin->validate_email($email) == false) { $aErrorMessage[] = $oTrans->MESSAGE_USERS_INVALID_EMAIL; } } } else { // e-mail must be present $aErrorMessage[] = $oTrans->MESSAGE_SIGNUP_NO_EMAIL; } if($groups_id == '') { $aErrorMessage[] = $oTrans->MESSAGE_USERS_NO_GROUP; } /*----------------------------------------------------------------------------------------------------*/ // choose group_id from groups_id - workaround for still remaining calls to group_id (to be cleaned-up) $gid_tmp = explode(',', $groups_id); if(in_array('1', $gid_tmp)) $group_id = '1'; // if user is in administrator-group, get this group else $group_id = $gid_tmp[0]; // else just get the first one unset($gid_tmp); if (!sizeof($aErrorMessage)) { // MD5 supplied password $md5_password = md5($password); $now = time(); // Insert the user into the database $sql = // add the Admin user 'INSERT INTO `'.TABLE_PREFIX.'users` SET ' . '`group_id`='.intval($group_id).', ' . '`groups_id`=\''.$database->escapeString($groups_id).'\', ' . '`active`=\''.$database->escapeString($active).'\', ' . '`username`=\''.$database->escapeString($username).'\', ' . '`password`=\''.$database->escapeString($md5_password).'\', ' . '`remember_key`=\'\', ' . '`last_reset`=0, ' . '`display_name`=\''.$database->escapeString($display_name).'\', ' . '`email`=\''.$database->escapeString($email).'\', ' . '`timezone`=\''.$database->escapeString($default_timezone).'\', ' . '`date_format`=\''.DEFAULT_DATE_FORMAT.'\', ' . '`time_format`=\''.DEFAULT_TIME_FORMAT.'\', ' . '`language`=\''.$database->escapeString($default_language).'\', ' . '`home_folder`=\''.$database->escapeString($home_folder).'\', ' . '`login_when`=\''.time().'\', ' . '`login_ip`=\'\' ' . ''; if (!$database->query($sql)) { if($database->is_error()) { $aErrorMessage[] = $database->get_error(); } } } if (sizeof($aErrorMessage)) { $admin->print_error(implode('
', $aErrorMessage), $js_back); } else { $admin->print_success($oTrans->MESSAGE_USERS_ADDED, $js_back); } // Print admin footer $admin->print_footer();