Source for file AdminInsertUser.class.php

Documentation is available at AdminInsertUser.class.php

  1. <?php
  2. /**
  3.  * Class AdminInsertUser - Admin area
  4.  *
  5.  * LICENSE: CREATIVE COMMONS PUBLIC LICENSE  "Namensnennung — Nicht-kommerziell 2.0"
  6.  *
  7.  * @copyright  2009 <SEDesign />
  8.  * @license    http://creativecommons.org/licenses/by-nc/2.0/de/
  9.  * @version    $3.0.6$
  10.  * @link       http://www.sedesign.de/de_produkte_chat-v3.html
  11.  * @since      File available since Alpha 1.0
  12.  */
  13.  
  14. {
  15.  
  16.     /**
  17.     * Constructor
  18.     *
  19.     * @uses ConnectDB::sqlSet()
  20.     * @uses ConnectDB::close()
  21.     * @return void 
  22.     */
  23.     public function __construct ()
  24.         
  25.         // call parent Constructor from class DbConectionMaker
  26.         parent::__construct()
  27.  
  28.         session_start();
  29.  
  30.         header('Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0');
  31.         // Sets charset and content-type for index.php
  32.         header('content-type: text/html; charset=utf-8');
  33.         
  34.         // create new LangXml Object
  35.         $langObj = new LangXml();
  36.         $lang=$langObj->getLang()->admin[0]->admin_user[0];
  37.         
  38.         
  39.         if ($_SESSION['etchat_'.$this->_prefix.'user_priv']=="admin"){
  40.             
  41.             if (empty($_POST['user'])) {
  42.                 echo "Please fill user name field.<br><br><a href=\"./?AdminCreateNewUser\">back</a>";
  43.                 return false;
  44.             }
  45.  
  46.          $_POST['user'htmlentities($_POST['user']ENT_QUOTES"UTF-8");
  47.          $_POST['priv'htmlentities($_POST['priv']ENT_QUOTES"UTF-8");
  48.          if (!empty($_POST['pw'])) $_POST['pw'"'".md5($_POST['pw'])."'";
  49.          else $_POST['pw'"NULL";
  50.  
  51.          // Test if the user exists in the DB
  52.          $res $this->dbObj->sqlGet("select etchat_user_id FROM {$this->_prefix}etchat_user where etchat_username = '".$_POST['user']."'");
  53.          if (is_array($res))
  54.              $this->dbObj->sqlSet("UPDATE {$this->_prefix}etchat_user SET etchat_userpw = ".$_POST['pw'].", etchat_userprivilegien  = '".$_POST['priv']."' WHERE etchat_user_id=".$res[0][0]);
  55.          else
  56.              $this->dbObj->sqlSet("INSERT INTO {$this->_prefix}etchat_user(etchat_username,etchat_userpw,etchat_userprivilegien) VALUES ('".$_POST['user']."', ".$_POST['pw'].", '".$_POST['priv']."')");
  57.             
  58.         $this->dbObj->close();
  59.         header("Location: ./?AdminUserIndex");
  60.             
  61.         }else{
  62.             echo $lang->error[0]->tagData;
  63.             return false;
  64.         }
  65.     }

Documentation generated on Thu, 05 May 2011 14:05:53 +0000 by phpDocumentor 1.4.3