forked from web2project/web2project
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdo_user_aed.php
162 lines (139 loc) · 5.73 KB
/
do_user_aed.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
<?php /* $Id$ $URL$ */
require_once 'base.php';
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly');
}
require_once W2P_BASE_DIR . '/lib/captcha/Functions.php';
/*
CAPTCHA control condition...
*/
if (strlen($_POST['spam_check']) > 0) {
$cid = md5_decrypt($_POST['cid']);
if ($cid == strtoupper($_POST['spam_check'])) {
$passed = true;
} else {
$passed = false;
echo "<script language='javascript'>
alert('Error: You didn\'t provide the correct Anti Spam Security ID or all required data. Please try again.');
history.go(-1);
</script>";
exit;
}
} else {
$passed = false;
echo "
<script language='javascript'>
alert('Error: You didn\'t provide the Anti Spam Security ID. Please try again.');
history.go(-1);
</script>
";
exit;
}
require_once W2P_BASE_DIR . '/includes/config.php';
if (!isset($GLOBALS['OS_WIN'])) {
$GLOBALS['OS_WIN'] = (stristr(PHP_OS, 'WIN') !== false);
}
// tweak for pathname consistence on windows machines
require_once W2P_BASE_DIR . '/includes/main_functions.php';
require_once W2P_BASE_DIR . '/includes/db_adodb.php';
$AppUI = new CAppUI();
// Create the roles class container
require_once W2P_BASE_DIR . '/modules/system/roles/roles.class.php';
if (w2PgetConfig('activate_external_user_creation') != 'true') {
die('You should not access this file directly');
}
$username = w2PgetParam($_POST, 'user_username', 0);
$contactListByUsername = CContact::getContactByUsername($username);
if ($contactListByUsername != 'User Not Found') {
error_reporting(0);
echo "<script language='javascript'>
alert('The username you selected already exists, please select another or if that user name is yours request the password recovery through the dedicated link.');
history.go(-2);
</script>";
die();
}
$email = w2PgetParam($_POST, 'contact_email', 0);
$contactListByEmail = CContact::getContactByEmail($email);
if ($contactListByEmail != 'User Not Found') {
error_reporting(0);
echo "<script language='javascript'>
alert('The email you selected already exists, please select another or if that email is yours request the password recovery through the dedicated link.');
history.go(-2);
</script>";
die();
}
$user = new CUser();
if (!$user->bind($_POST)) {
$AppUI->setMsg($user->getError(), UI_MSG_ERROR);
$AppUI->redirect();
}
$contact = new CContact();
if (!$contact->bind($_POST)) {
$AppUI->setMsg($contact->getError(), UI_MSG_ERROR);
$AppUI->redirect();
}
// prepare (and translate) the module name ready for the suffix
$AppUI->setMsg('User');
$isNewUser = !(w2PgetParam($_REQUEST, 'user_id', 0));
if ($isNewUser) {
// check if a user with the param Username already exists
if( is_array($contactListByUsername)) {
$AppUI->setMsg('This username is not available, please try another.', UI_MSG_ERROR, true);
$AppUI->redirect();
} else {
$contact->contact_owner = $AppUI->user_id;
}
}
if (($msg = $contact->store($AppUI))) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
} else {
$user->user_contact = $contact->contact_id;
if (($msg = $user->store())) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
} else {
if ($isNewUser) {
notifyNewExternalUser($contact->contact_email, $contact->contact_first_name, $user->user_username, $_POST['user_password']);
}
notifyHR('[email protected]', 'w2P System Human Resources', $contact->contact_email, $contact->contact_first_name, $user->user_username, $_POST['user_password'], $user->user_id);
$q = new DBQuery;
$q->addTable('users', 'u');
$q->addQuery('ct.contact_email');
$q->addJoin('contacts', 'ct', 'ct.contact_id = u.user_contact', 'inner');
$q->addWhere('u.user_username = \'admin\'');
$admin_user = $q->loadList();
}
}
echo "<script language='javascript'>
alert('The User Administrator has been notified to grant you access to the system and an email message was sent to you with your login info. Thank you very much.');
history.go(-2);
</script>";
function notifyNewExternalUser($address, $username, $logname, $logpwd) {
global $AppUI;
$mail = new Mail;
if ($mail->ValidEmail($address)) {
if ($mail->ValidEmail($AppUI->user_email)) {
$email = $AppUI->user_email;
} else {
$email = '[email protected]';
}
$mail->To($address);
$mail->Subject('New Account Created');
$mail->Body('You have signed up for a new account on ' . w2PgetConfig('company_name') . ".\n\n" . "Once the administrator approves your request, you will receive an email with confirmation.\n" . "Your login information are below for your own record:\n\n" . 'Username: ' . $logname . "\n" . 'Password: ' . $logpwd . "\n\n" . "You may login at the following URL: " . W2P_BASE_URL . "\n\n" . "Thank you very much.\n\n" . 'The ' . w2PgetConfig('company_name') . " Support Staff.\n\n" . '****PLEASE KEEP THIS EMAIL FOR YOUR RECORDS****');
$mail->Send();
}
}
function notifyHR($address, $username, $uaddress, $uusername, $logname, $logpwd, $userid) {
global $AppUI;
$mail = new Mail;
if ($mail->ValidEmail($address)) {
if ($mail->ValidEmail($AppUI->user_email)) {
$email = $AppUI->user_email;
} else {
$email = '[email protected]';
}
$mail->To($address);
$mail->Subject('New External User Created');
$mail->Body('A new user has signed up on ' . w2PgetConfig('company_name') . ". Please go through the user details below:\n" . 'Name: ' . $uusername . "\n" . 'Username: ' . $logname . "\n" . 'Email: ' . $uaddress . "\n\n" . 'You may check this account at the following URL: ' . W2P_BASE_URL . '/index.php?m=admin&a=viewuser&user_id=' . $userid . "\n\n" . "Thank you very much.\n\n" . 'The ' . w2PgetConfig('company_name') . " Taskforce.\n\n" . '****PLEASE KEEP THIS EMAIL FOR YOUR RECORDS****');
$mail->Send();
}
}