Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include 'verifadmin.php';
- require_once(__DIR__ . '/../assets/credentials.php');
- $deleted = false;
- if(isset($_GET['id'])){
- $ID = $_GET['id'];
- $sql = "DELETE FROM users WHERE id = :ID";
- $req = $bdd->prepare($sql);
- $req->bindParam(':ID', $ID, PDO::PARAM_INT);
- $req->execute();
- if($req){
- $deleted=true;
- header('location: users');
- }
- }
- $email = htmlspecialchars($_POST['email']);
- $username = sha1(htmlspecialchars($_POST['username']));
- $displayname = htmlspecialchars($_POST['username']);
- $password = $_POST['password'];
- $role = $_POST['role'];
- // Used to verify if we submitted once before throwing errors
- $submit = $_POST['password'];
- //Verifcation
- if (empty($email) || empty($username) || empty($password)) {
- if (isset($password)) {
- $error = 'All fields have not been filled';
- $class = 'danger';
- }
- } else {
- // Email validation
- if (isset($submit)) {
- if (!filter_var($email, FILTER_VALIDATE_EMAIL)){
- $error = 'Enter a valid email address';
- $class = 'danger';
- }
- }
- // Password length
- if (isset($submit)) {
- if (strlen($password) <= 6){
- $error = 'Choose a password longer then 6 character';
- $class = 'danger';
- }
- }
- if(!isset($error)){
- // no error
- $hashed_password = sha1($password);
- $sthandler = $bdd->prepare("SELECT email FROM users WHERE email = :email");
- $sthandler->bindParam(':email', $email);
- $sthandler->execute();
- // Check if email is available
- if($sthandler->rowCount() > 0){
- $error = 'Email already taken';
- $class = 'danger';
- } else {
- $sthandler = $bdd->prepare("SELECT username FROM users WHERE username = :username");
- $sthandler->bindParam(':username', $username);
- $sthandler->execute();
- // Check if username is available
- if($sthandler->rowCount() > 0){
- $error = 'Username already taken';
- $class = 'danger';
- } else {
- $sql = "INSERT INTO users(email, username, displayname, password, role) VALUES (:email, :username, :displayname, :password, :role)";
- $query = $bdd->prepare($sql);
- $query->execute(array(
- 'email' => $email,
- 'username' => $username,
- 'displayname' => $displayname,
- 'password' => $hashed_password,
- 'role' => $role));
- if($query) {
- $class = 'success';
- $success = 'Successfully added user';
- header( "refresh:3" );
- }
- }
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement