-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathusers_add.php
More file actions
105 lines (100 loc) · 4.2 KB
/
users_add.php
File metadata and controls
105 lines (100 loc) · 4.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<?php
require_once('perm_constants.php');
require_once('db_constants.php');
require_once('check_connected.php');
$bdd = new PDO('mysql:host=' . DB_HOST . ';dbname=' . DB_NAME . ';charset=utf8', DB_USERNAME, DB_PASSWORD);
if (isset($_POST['username'])) {
$rights = 0;
if (isset($_POST['admin'])) {
$rights |= ADMIN_PERM;
}
if (isset($_POST['canteen'])) {
$rights |= CANTEEN_PERM;
}
if (isset($_POST['absences'])) {
$rights |= ABSENCES_PERM;
} /* Building final permission */
if ($_POST['id'] == "") { /*Checking whether it's a modification or not */
$request = $bdd->prepare("INSERT INTO " . TABLE_USERS . " (user, display_name, password, rights, mail) VALUES (:user, :display_name, :password, :rights, :mail)");
} else {
$add = (isset($_POST['psw']) && $_POST['psw'] !== "") ? "password = :password, " : "";
$request = $bdd->prepare("UPDATE " . TABLE_USERS . " SET user = :user, display_name = :display_name, " . $add . "rights = :rights, mail = :mail WHERE id = :id");
$request->bindParam(":id", $_POST['id']);
if ($_POST['id'] == "1") {
$rights |= ADMIN_PERM;
}
}
$request->bindParam(":user", $user);
$request->bindParam(":display_name", $dpName);
$request->bindParam(":mail", $mail);
$request->bindParam(":rights", $rights);
$user = $_POST['username'];
$dpName = $_POST['display_name'];
$mail = $_POST['email'];
echo $user;
echo $dpName;
echo $mail;
echo $rights;
if (isset($_POST['psw']) && $_POST['psw'] !== "") {
$request->bindParam(":password", $password);
$password = password_hash($_POST['psw'], PASSWORD_BCRYPT); /*Hashing password */
echo $password;
}
$request->execute();
}
if (isset($_GET['id'])) {
try { /*Displating user settings for editing */
$stmt = $bdd->prepare("SELECT * FROM ". TABLE_USERS . " WHERE id = :id");
$stmt->bindParam(":id", $_GET['id']);
if ($stmt->execute()) {
$row = $stmt->fetch();
$toAdd = "";
if ((int)$row['rights'] & ADMIN_PERM) {
$toAdd .= '$("#admin").prop("checked", true); ';
}
if ((int)$row['rights'] & CANTEEN_PERM) {
$toAdd .= '$("#canteen").prop("checked", true); ';
}
if ((int)$row['rights'] & ABSENCES_PERM) {
$toAdd .= '$("#absences").prop("checked", true); ';
}
echo '<script>
$("document").ready(function() {
$("#idS").text("'.$row['id'].'");
$("#id").val("'.$row['id'].'");
$("#user").val("'.$row['user'].'");
$("#display").val("'.$row['display_name'].'");
$("#mail").val("'.$row['mail'].'");
' . $toAdd . '
});
</script>
';
}
} catch (Exception $e) {
echo 'Erreur : ' . $e->getMessage();
}
} else {
echo '<script>$("document").ready(function() { $("#password").prop("required", true); $("#password").attr("placeholder", ""); });</script>';
}?>
<script>
$('document').ready(function() {
$('form').submit(function(e) {
if ($('#id').val() == "" && $('#password').val() == "") {
e.preventDefault();
alert('Le mot de passe ne peut pas être vide !');
}
});
});
</script>
<form method="post" id="add_user_form">
<table class="table"><tr><td><label for="id">ID : </label></td><td><span id="idS"></span><input id="id" type="hidden" name="id"></td></tr>
<tr><td><label for="user">Username :</label></td><td><input id="user" type="text" name="username" required /></td></tr>
<tr><td><label for="display">Nom :</label></td><td><input id="display" type="text" name="display_name" required /></td></tr>
<tr><td><label for="password" >Mot de passe :</label></td><td><input min="6" id="password" type="password" name="psw" placeholder="Laissez blanc si pas de modifications"/></td></tr>
<tr><td>Droits: </td><td><table><tr><td><label for="admin">Administrateur</label></td><td><input class="rights" value="1" type="checkbox" name="admin" id="admin"/></td></tr>
<tr><td><label for="canteen">Cantine</label></td><td><input class="rights" value="2" type="checkbox" name="canteen" id="canteen"/></td></tr>
<tr><td><label for="absences">Absences</label></td><td><input class="rights" value="4" type="checkbox" name="absences" id="absences"/></td></tr></table></td></tr>
<tr><td><label for="mail">E-mail:</label></td><td><input id="mail" type="email" name="email" required /></td></tr>
<tr><td></td><td><input type="submit" value="Envoyez"/></td></tr>
</table>
</form>