Panel/modules/user_admin/add_user.php
copilot-swe-agent[bot] 898018d204 Complete license header replacement with file purpose descriptions (675 files)
Co-authored-by: iaretechnician <2749183+iaretechnician@users.noreply.github.com>
2025-09-05 22:46:27 +00:00

78 lines
2.8 KiB
PHP

<?php
/*
* Component of the user_admin module
*/
function exec_ogp_module()
{
global $db;
global $view;
if( isset($_POST['submit']) )
{
$username = sanitizeInputStr($_POST['username']);
$user_role = trim($_POST['user_role']);
$password = trim($_POST['newpass']);
$password2 = trim($_POST['newpass2']);
// Check a username is actually entered...
if(empty($username) === true){
print_failure(get_lang('enter_valid_username'));
$view->refresh("?m=user_admin");
return;
}
// Check _POST['user_role'] is what we expect it to be: either user or admin.
// Without this it can be anything else. It's pointless being anything else - but why allow it to be anything else?
if(in_array($_POST['user_role'], array('user', 'admin')) === false){
print_failure(get_lang('unexpected_role'));
$view->refresh("?m=user_admin");
return;
}
if( empty($password) || empty($password2) )
{
print_failure(get_lang('you_need_to_enter_both_passwords'));
$view->refresh("?m=user_admin");
return;
}
if($password !== $password2)
{
print_failure(get_lang('passwords_did_not_match'));
$view->refresh("?m=user_admin");
return;
}
if ( !$db->addUser($username,$password,$user_role) )
{
print_failure(get_lang_f('could_not_add_user_because_user_already_exists', $username));
$view->refresh("?m=user_admin");
return;
}
print_success(get_lang_f('successfully_added_user', $username));
$db->logger(get_lang_f('successfully_added_user', $username));
$view->refresh("?m=user_admin");
}
else
{
?>
<div class="center">
<h2><?php print_lang('add_a_new_user'); ?></h2>
<form action="?m=user_admin&amp;p=add" method="post">
<table class="center">
<tr><td align='right'><label for='username'><?php print_lang('username'); ?>:</label></td><td><input id="username" type="text" name="username" value="" /></td></tr>
<tr><td align='right'><?php print_lang('user_role'); ?>:</td><td align='left'>
<select name='user_role'>
<option value="admin"><?php print_lang('admin'); ?></option>
<option value="user" selected="selected"><?php print_lang('user'); ?></option></select></td></tr>
<tr><td align='right'><label for='password'><?php print_lang('password'); ?>:</label></td><td><input id="password" type="password" name="newpass" value="" /></td></tr>
<tr><td align='right'><label for='confirm_password'><?php print_lang('confirm_password'); ?>:</label></td>
<td><input id="confirm_password" type="password" name="newpass2" value="" /></td></tr>
</table>
<p><input type="submit" name="submit" value="<?php print_lang('add_user'); ?>" /></p>
</form>
</div><?php
}
}
?>