BlogScript/new-user.php at master · grahammccann/BlogScript · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php
    include($_SERVER['DOCUMENT_ROOT'] . "/includes/inc-sessions.php");
    include($_SERVER['DOCUMENT_ROOT'] . "/includes/inc-db-connection.php");
    include($_SERVER['DOCUMENT_ROOT'] . "/includes/inc-functions.php");
    include($_SERVER['DOCUMENT_ROOT'] . "/includes/inc-header.php");
?>


<main>

	<?php $user = getUsersDetails($member); ?>

	<?php

	if (!$user || $user['member_is_admin'] != "yes") {
		stderr("<strong>Protected</strong> page.");
		include($_SERVER['DOCUMENT_ROOT'] . "/includes/inc-footer.php");
		die();
	}

	?>

	<div class="row">

		<div class="col-md-3">

			<div class="card">
			<?php include($_SERVER['DOCUMENT_ROOT'] . "/includes/inc-dashboard.php"); ?>
			</div>

			<div class="card">
			<?php include($_SERVER['DOCUMENT_ROOT'] . "/includes/inc-dashboard-extended.php"); ?>
			</div>

		</div>

		<div class="col-md-9">

			<div class="card">
			  <div class="card-header"><i class="fas fa-plus"></i> New User</div>
                <div class="card-body">

				 <?php

				 $errors = [];

				 if (isset($_POST['submitUser'])) {

					$dupe = DB::getInstance()->selectOneByField('members', 'member_email', $_POST['user_email']);

					if (!empty($dupe)) {
			            $errors[] = 'That <strong>email</strong> is already in use please choose another.';
		            }

					if (!empty($errors) > 0) {

						foreach($errors as $error) {
							echo '<div class="alert alert-danger" role="alert"><i class="fas fa-exclamation-triangle"></i> '.$error.'</div>';
						}

					} else {

						DB::getInstance()->insert(
							'members',
						[
							'member_username' => $_POST['user_username'],
							'member_password' => $_POST['user_password'],
							'member_password_md5' => $_POST['user_password'],
							'member_email' => $_POST['user_email'],
							'member_is_admin' => $_POST['user_status'],
							'member_date' => date('Y-m-d H:i:s')
						]);

						stdmsg("Your new <strong>user</strong> has been <strong>added</strong>.");

					}

				 }

				 ?>

				 <form action="new-user.php" method="post">

				  <div class="mb-3">
					<label for="user_username" class="form-label"><strong>Username:</strong></label>
					<input type="text" class="form-control" id="user_username" name="user_username" required>
				  </div>

				  <div class="mb-3">
					<label for="user_password" class="form-label"><strong>Password:</strong></label>
					<input type="text" class="form-control" id="user_password" name="user_password" required>
				  </div>

				  <div class="mb-3">
					<label for="user_email" class="form-label"><strong>Email:</strong></label>
					<input type="email" class="form-control" id="user_email" name="user_email" required>
				  </div>

				  <div class="mb-3">
					<label for="user_status" class="form-label"><strong>Administrator:</strong></label>
					<select id="user_status" name="user_status" class="form-select" required>
					  <?php
					      $admin = array("no" => "No", "yes" => "Yes");
					      foreach($admin as $key => $value) {
					          echo "<option value='{$key}'>{$value}</option>";
                          }
					  ?>
					</select>
				  </div>

				  <button type="submit" name="submitUser" class="btn btn-success float-end"><i class="fas fa-plus"></i> New User</button>

				</form>

                </div>
			</div>
		</div>

	</div>

</main>

<?php
    include($_SERVER['DOCUMENT_ROOT'] . "/includes/inc-footer.php");
?>