Source for file AdminInsertUser.class.php

Documentation is available at AdminInsertUser.class.php

  1. <?php
  2. /**
  3.  * Class AdminInsertUser - Admin area
  4.  *
  5.  * LICENSE: CREATIVE COMMONS PUBLIC LICENSE  "Namensnennung — Nicht-kommerziell 2.0"
  6.  *
  7.  * @copyright  2009 <SEDesign />
  8.  * @license    http://creativecommons.org/licenses/by-nc/2.0/de/
  9.  * @version    $3.0.6$
  10.  * @link       http://www.sedesign.de/de_produkte_chat-v3.html
  11.  * @since      File available since Alpha 1.0
  12.  */
  13.  
  14. {
  15.  
  16.     /**
  17.     * Constructor
  18.     *
  19.     * @uses ConnectDB::sqlSet()
  20.     * @uses ConnectDB::close()
  21.     * @return void 
  22.     */
  23.     public function __construct ()
  24.         
  25.         // call parent Constructor from class DbConectionMaker
  26.         parent::__construct()
  27.  
  28.         session_start();
  29.  
  30.         header('Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0');
  31.         
  32.         // create new LangXml Object
  33.         $langObj = new LangXml();
  34.         $lang=$langObj->getLang()->admin[0]->admin_user[0];
  35.         
  36.         
  37.         if ($_SESSION['etchat_'.$this->_prefix.'user_priv']=="admin"){
  38.             
  39.             if (empty($_POST['user'])) {
  40.                 echo "Please fill user name field.<br><br><a href=\"./?AdminCreateNewUser\">back</a>";
  41.                 return false;
  42.             }
  43.  
  44.          $_POST['user'htmlentities($_POST['user']ENT_QUOTES"UTF-8");
  45.          $_POST['priv'htmlentities($_POST['priv']ENT_QUOTES"UTF-8");
  46.          if (!empty($_POST['pw'])) $_POST['pw'"'".md5($_POST['pw'])."'";
  47.          else $_POST['pw'"NULL";
  48.  
  49.          // Test if the user exists in the DB
  50.          $res $this->dbObj->sqlGet("select etchat_user_id FROM {$this->_prefix}etchat_user where etchat_username = '".$_POST['user']."'");
  51.          if (is_array($res))
  52.              $this->dbObj->sqlSet("UPDATE {$this->_prefix}etchat_user SET etchat_userpw = ".$_POST['pw'].", etchat_userprivilegien  = '".$_POST['priv']."' WHERE etchat_user_id=".$res[0][0]);
  53.          else
  54.              $this->dbObj->sqlSet("INSERT INTO {$this->_prefix}etchat_user(etchat_username,etchat_userpw,etchat_userprivilegien) VALUES ('".$_POST['user']."', ".$_POST['pw'].", '".$_POST['priv']."')");
  55.             
  56.         $this->dbObj->close();
  57.         header("Location: ./?AdminUserIndex");
  58.             
  59.         }else{
  60.             echo $lang->error[0]->tagData;
  61.             return false;
  62.         }
  63.     }

Documentation generated on Tue, 22 Dec 2009 09:42:43 +0100 by phpDocumentor 1.4.1