forked from web2project/web2project
-
Notifications
You must be signed in to change notification settings - Fork 1
/
do_user_aed.php
131 lines (112 loc) · 4.13 KB
/
do_user_aed.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
<?php /* $Id$ $URL$ */
require_once 'base.php';
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly');
}
require_once W2P_BASE_DIR . '/includes/config.php';
require_once W2P_BASE_DIR . '/includes/main_functions.php';
require_once W2P_BASE_DIR . '/includes/db_adodb.php';
require_once $AppUI->getLibraryClass('captcha/Functions');
$defaultTZ = w2PgetConfig('system_timezone', 'Europe/London');
$defaultTZ = ('' == $defaultTZ) ? 'Europe/London' : $defaultTZ;
date_default_timezone_set($defaultTZ);
/*
CAPTCHA control condition...
*/
if (strlen($_POST['spam_check']) > 0) {
$cid = md5_decrypt($_POST['cid']);
if ($cid == strtoupper($_POST['spam_check'])) {
$passed = true;
} else {
$passed = false;
echo "<script language='javascript'>
alert('Error: You didn\'t provide the correct Anti Spam Security ID or all required data. Please try again.');
history.go(-1);
</script>";
exit;
}
} else {
$passed = false;
echo "
<script language='javascript'>
alert('Error: You didn\'t provide the Anti Spam Security ID. Please try again.');
history.go(-1);
</script>
";
exit;
}
if (!isset($GLOBALS['OS_WIN'])) {
$GLOBALS['OS_WIN'] = (stristr(PHP_OS, 'WIN') !== false);
}
$AppUI = new CAppUI();
if (w2PgetConfig('activate_external_user_creation') != 'true') {
die('You should not access this file directly');
}
$username = w2PgetParam($_POST, 'user_username', 0);
$contactListByUsername = CContact::getContactByUsername($username);
if ($contactListByUsername != 'User Not Found') {
error_reporting(0);
echo "<script language='javascript'>
alert('The username you selected already exists, please select another or if that user name is yours request the password recovery through the dedicated link.');
history.go(-2);
</script>";
die();
}
$email = w2PgetParam($_POST, 'contact_email', 0);
$contactListByEmail = CContact::getContactByEmail($email);
if ($contactListByEmail != 'User Not Found') {
error_reporting(0);
echo "<script language='javascript'>
alert('The email you selected already exists, please select another or if that email is yours request the password recovery through the dedicated link.');
history.go(-2);
</script>";
die();
}
$user = new CUser();
if (!$user->bind($_POST)) {
$AppUI->setMsg($user->getError(), UI_MSG_ERROR);
$AppUI->redirect();
}
$contact = new CContact();
if (!$contact->bind($_POST)) {
$AppUI->setMsg($contact->getError(), UI_MSG_ERROR);
$AppUI->redirect();
}
// prepare (and translate) the module name ready for the suffix
$AppUI->setMsg('User');
$isNewUser = !(w2PgetParam($_REQUEST, 'user_id', 0));
if ($isNewUser) {
// check if a user with the param Username already exists
if( is_array($contactListByUsername)) {
$AppUI->setMsg('This username is not available, please try another.', UI_MSG_ERROR, true);
$AppUI->redirect();
} else {
$contact->contact_owner = $AppUI->user_id;
}
}
$result = $contact->store($AppUI);
if ($result) {
$user->user_contact = $contact->contact_id;
if (($msg = $user->store())) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
} else {
if ($isNewUser) {
notifyNewExternalUser($contact->contact_email, $contact->contact_first_name, $user->user_username, $_POST['user_password']);
}
notifyHR(w2PgetConfig('admin_email', '[email protected]'), 'w2P System Human Resources',
$contact->contact_email, $contact->contact_first_name, $user->user_username,
$_POST['user_password'], $user->user_id);
$q = new w2p_Database_Query;
$q->addTable('users', 'u');
$q->addQuery('contact_email');
$q->leftJoin('contacts', 'c', 'c.contact_id = u.user_contact');
$q->addWhere('u.user_username = \'admin\'');
$admin_user = $q->loadList();
}
} else {
$AppUI->setMsg($msg, UI_MSG_ERROR);
}
echo "<script language='javascript'>
alert('The User Administrator has been notified to grant you access to the system and an email message was sent to you with your login info. Thank you very much.');
history.go(-2);
</script>";