WebSVN – ALCASAR – Diff – /web/acc/manager/lib/sql/create_user.php


<?php
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
	include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
else{
	echo "<b>Could not include SQL library</b><br>\n";
	exit();
}
include_once('../lib/functions.php');
if ($config[sql_use_operators] == 'true'){
	include("../lib/operators.php");
	$text = ',op';
	$passwd_op = ",':='";
}
$da_abort=0;
$op_val2 = '';
$link = @da_sql_pconnect($config);
if ($link){
	if (is_file("../lib/crypt/$config[general_encryption_method].php")){
		include("../lib/crypt/$config[general_encryption_method].php");
		/*Ajout en vue de l'impression des données*/
		$passwd_imp = $passwd;
		/*Fin Ajout*/
		$passwd = da_encrypt($passwd);
		$passwd = da_sql_escape_string($passwd);
		$res = @da_sql_query($link,$config,
		"INSERT INTO $config[sql_check_table] (attribute,value,username $text)
		VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);");
		if (!$res || !@da_sql_affected_rows($link,$res,$config)){
			echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n";
			$da_abort=1;
		}
		if ($config[sql_use_user_info_table] == 'true' && !$da_abort){
			$res = @da_sql_query($link,$config,
			"SELECT username FROM $config[sql_user_info_table] WHERE
			username = '$login';");
			if ($res){
				if (!@da_sql_num_rows($res,$config)){
					$Fcn = da_sql_escape_string($Fcn);
					$Fmail = da_sql_escape_string($Fmail);
					$Fou = da_sql_escape_string($Fou);
					$Fhomephone = da_sql_escape_string($Fhomephone);
					$Fworkphone = da_sql_escape_string($Fworkphone);
					$Fmobile = da_sql_escape_string($Fmobile);	
					$res = @da_sql_query($link,$config,
					"INSERT INTO $config[sql_user_info_table]
					(username,name,mail,department,homephone,workphone,mobile) VALUES
					('$login','$Fcn','$Fmail','$Fou','$Fhomephone','$Ftelephonenumber','$Fmobile');");
					if (!$res || !@da_sql_affected_rows($link,$res,$config))
						echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
				}
				else
					echo "<b>Cet usager existe d&eacute;j&agrave; dans la table 'info'</b><br>\n";
			}
			else
				echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";
		}
		if ($Fgroup != ''){
			$Fgroup = da_sql_escape_string($Fgroup);
			$res = @da_sql_query($link,$config,
			"SELECT username FROM $config[sql_usergroup_table]
			WHERE username = '$login' AND groupname = '$Fgroup';");
			if ($res){
				if (!@da_sql_num_rows($res,$config)){
					$res = @da_sql_query($link,$config,
					"INSERT INTO $config[sql_usergroup_table]
					(username,groupname) VALUES ('$login','$Fgroup');");
					if (!$res || !@da_sql_affected_rows($link,$res,$config))
						echo "<b>Could not add user to group $Fgroup. SQL Error</b><br>\n";
				}
				else
					echo "<b>User already is a member of group $Fgroup</b><br>\n";
			}
			else
				echo "<b>Could not add user to group $Fgroup: " . da_sql_error($link,$config) . "</b><br>\n";
		}
		if (!$da_abort){
			if ($Fgroup != '')
				require('../lib/defaults.php');
			foreach($show_attrs as $key => $attr){
				if ($attrmap["$key"] == 'none')
					continue;
				if ($attrmap["$key"] == ''){
					$attrmap["$key"] = $key;
					$attr_type["$key"] = 'replyItem';
					$rev_attrmap["$key"] = $key;
				}
				if ($attr_type["$key"] == 'checkItem'){
					$table = "$config[sql_check_table]";
					$type = 1;
				}
				else if ($attr_type["$key"] == 'replyItem'){
					$table = "$config[sql_reply_table]";
					$type = 2;
				}
				$val = $$attrmap["$key"];
				/*Ajout en vue de l'impression des données*/
				if($key == "Session-Timeout") $sto_imp = $val;
				if($key == "Max-Daily-Session") $mds_imp = $val;
				if($key == "Max-Monthly-Session") $mms_imp = $val;
				/*Fin Ajout*/
				$val = da_sql_escape_string($val);
				$op_name = $attrmap["$key"] . '_op';
				$op_val = $$op_name;
				if ($op_val != ''){
					$op_val = da_sql_escape_string($op_val);
					if (check_operator($op_val,$type) == -1){
						echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";
						continue;
					}
					$op_val2 = ",'$op_val'";
				}
				if ($val == '' || check_defaults($val,$op_val,$default_vals["$key"]))
					continue;
				$res = @da_sql_query($link,$config,
				"INSERT INTO $table (attribute,value,username $text)
				VALUES ('$attrmap[$key]','$val','$login' $op_val2);");
				if (!$res || !@da_sql_affected_rows($link,$res,$config))
					echo "<b>Query failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";
			}
		}
		echo "<b>Usager correctement cr&eacute;&eacute;</b><br>\n";
	}
	else
		echo "<b>Could not open encryption library file</b><br>\n";
}
else
	echo "<b>Could not connect to SQL database</b><br>\n";
?>
 

Subversion Repositories ALCASAR

(root)/web/acc/manager/lib/sql/create_user.php @ 509 – Rev 325 → 508

Rev 325		Rev 508
1	`<?php`	1	`<?php`
2	`if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))`	2	`if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))`
3	`include_once("../lib/sql/drivers/$config[sql_type]/functions.php");`	3	`include_once("../lib/sql/drivers/$config[sql_type]/functions.php");`
4	`else{`	4	`else{`
5	`echo "<b>Could not include SQL library</b><br>\n";`	5	`echo "<b>Could not include SQL library</b><br>\n";`
6	`exit();`	6	`exit();`
7	`}`	7	`}`
8	`include_once('../lib/functions.php');`	8	`include_once('../lib/functions.php');`
9	`if ($config[sql_use_operators] == 'true'){`	9	`if ($config[sql_use_operators] == 'true'){`
10	`include("../lib/operators.php");`	10	`include("../lib/operators.php");`
11	`$text = ',op';`	11	`$text = ',op';`
12	`$passwd_op = ",':='";`	12	`$passwd_op = ",':='";`
13	`}`	13	`}`
14	`$da_abort=0;`	14	`$da_abort=0;`
15	`$op_val2 = '';`	15	`$op_val2 = '';`
16	`$link = @da_sql_pconnect($config);`	16	`$link = @da_sql_pconnect($config);`
17	`if ($link){`	17	`if ($link){`
18	`if (is_file("../lib/crypt/$config[general_encryption_method].php")){`	18	`if (is_file("../lib/crypt/$config[general_encryption_method].php")){`
19	`include("../lib/crypt/$config[general_encryption_method].php");`	19	`include("../lib/crypt/$config[general_encryption_method].php");`
-		20	`/Ajout en vue de l'impression des données/`
-		21	`$passwd_imp = $passwd;`
-		22	`/Fin Ajout/`
20	`$passwd = da_encrypt($passwd);`	23	`$passwd = da_encrypt($passwd);`
21	`$passwd = da_sql_escape_string($passwd);`	24	`$passwd = da_sql_escape_string($passwd);`
22	`$res = @da_sql_query($link,$config,`	25	`$res = @da_sql_query($link,$config,`
23	`"INSERT INTO $config[sql_check_table] (attribute,value,username $text)`	26	`"INSERT INTO $config[sql_check_table] (attribute,value,username $text)`
24	`VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);");`	27	`VALUES ('$config[sql_password_attribute]','$passwd','$login' $passwd_op);");`
25	`if (!$res \|\| !@da_sql_affected_rows($link,$res,$config)){`	28	`if (!$res \|\| !@da_sql_affected_rows($link,$res,$config)){`
26	`echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n";`	29	`echo "<b>Unable to add user $login: " . da_sql_error($link,$config) . "</b><br>\n";`
27	`$da_abort=1;`	30	`$da_abort=1;`
28	`}`	31	`}`
29	`if ($config[sql_use_user_info_table] == 'true' && !$da_abort){`	32	`if ($config[sql_use_user_info_table] == 'true' && !$da_abort){`
30	`$res = @da_sql_query($link,$config,`	33	`$res = @da_sql_query($link,$config,`
31	`"SELECT username FROM $config[sql_user_info_table] WHERE`	34	`"SELECT username FROM $config[sql_user_info_table] WHERE`
32	`username = '$login';");`	35	`username = '$login';");`
33	`if ($res){`	36	`if ($res){`
34	`if (!@da_sql_num_rows($res,$config)){`	37	`if (!@da_sql_num_rows($res,$config)){`
35	`$Fcn = da_sql_escape_string($Fcn);`	38	`$Fcn = da_sql_escape_string($Fcn);`
36	`$Fmail = da_sql_escape_string($Fmail);`	39	`$Fmail = da_sql_escape_string($Fmail);`
37	`$Fou = da_sql_escape_string($Fou);`	40	`$Fou = da_sql_escape_string($Fou);`
38	`$Fhomephone = da_sql_escape_string($Fhomephone);`	41	`$Fhomephone = da_sql_escape_string($Fhomephone);`
39	`$Fworkphone = da_sql_escape_string($Fworkphone);`	42	`$Fworkphone = da_sql_escape_string($Fworkphone);`
40	`$Fmobile = da_sql_escape_string($Fmobile);`	43	`$Fmobile = da_sql_escape_string($Fmobile);`
41	`$res = @da_sql_query($link,$config,`	44	`$res = @da_sql_query($link,$config,`
42	`"INSERT INTO $config[sql_user_info_table]`	45	`"INSERT INTO $config[sql_user_info_table]`
43	`(username,name,mail,department,homephone,workphone,mobile) VALUES`	46	`(username,name,mail,department,homephone,workphone,mobile) VALUES`
44	`('$login','$Fcn','$Fmail','$Fou','$Fhomephone','$Ftelephonenumber','$Fmobile');");`	47	`('$login','$Fcn','$Fmail','$Fou','$Fhomephone','$Ftelephonenumber','$Fmobile');");`
45	`if (!$res \|\| !@da_sql_affected_rows($link,$res,$config))`	48	`if (!$res \|\| !@da_sql_affected_rows($link,$res,$config))`
46	`echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";`	49	`echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";`
47	`}`	50	`}`
48	`else`	51	`else`
49	`echo "<b>Cet usager existe déjà dans la table 'info'</b><br>\n";`	52	`echo "<b>Cet usager existe déjà dans la table 'info'</b><br>\n";`
50	`}`	53	`}`
51	`else`	54	`else`
52	`echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";`	55	`echo "<b>Could not add user information in user info table: " . da_sql_error($link,$config) . "</b><br>\n";`
53	`}`	56	`}`
54	`if ($Fgroup != ''){`	57	`if ($Fgroup != ''){`
55	`$Fgroup = da_sql_escape_string($Fgroup);`	58	`$Fgroup = da_sql_escape_string($Fgroup);`
56	`$res = @da_sql_query($link,$config,`	59	`$res = @da_sql_query($link,$config,`
57	`"SELECT username FROM $config[sql_usergroup_table]`	60	`"SELECT username FROM $config[sql_usergroup_table]`
58	`WHERE username = '$login' AND groupname = '$Fgroup';");`	61	`WHERE username = '$login' AND groupname = '$Fgroup';");`
59	`if ($res){`	62	`if ($res){`
60	`if (!@da_sql_num_rows($res,$config)){`	63	`if (!@da_sql_num_rows($res,$config)){`
61	`$res = @da_sql_query($link,$config,`	64	`$res = @da_sql_query($link,$config,`
62	`"INSERT INTO $config[sql_usergroup_table]`	65	`"INSERT INTO $config[sql_usergroup_table]`
63	`(username,groupname) VALUES ('$login','$Fgroup');");`	66	`(username,groupname) VALUES ('$login','$Fgroup');");`
64	`if (!$res \|\| !@da_sql_affected_rows($link,$res,$config))`	67	`if (!$res \|\| !@da_sql_affected_rows($link,$res,$config))`
65	`echo "<b>Could not add user to group $Fgroup. SQL Error</b><br>\n";`	68	`echo "<b>Could not add user to group $Fgroup. SQL Error</b><br>\n";`
66	`}`	69	`}`
67	`else`	70	`else`
68	`echo "<b>User already is a member of group $Fgroup</b><br>\n";`	71	`echo "<b>User already is a member of group $Fgroup</b><br>\n";`
69	`}`	72	`}`
70	`else`	73	`else`
71	`echo "<b>Could not add user to group $Fgroup: " . da_sql_error($link,$config) . "</b><br>\n";`	74	`echo "<b>Could not add user to group $Fgroup: " . da_sql_error($link,$config) . "</b><br>\n";`
72	`}`	75	`}`
73	`if (!$da_abort){`	76	`if (!$da_abort){`
74	`if ($Fgroup != '')`	77	`if ($Fgroup != '')`
75	`require('../lib/defaults.php');`	78	`require('../lib/defaults.php');`
76	`foreach($show_attrs as $key => $attr){`	79	`foreach($show_attrs as $key => $attr){`
77	`if ($attrmap["$key"] == 'none')`	80	`if ($attrmap["$key"] == 'none')`
78	`continue;`	81	`continue;`
79	`if ($attrmap["$key"] == ''){`	82	`if ($attrmap["$key"] == ''){`
80	`$attrmap["$key"] = $key;`	83	`$attrmap["$key"] = $key;`
81	`$attr_type["$key"] = 'replyItem';`	84	`$attr_type["$key"] = 'replyItem';`
82	`$rev_attrmap["$key"] = $key;`	85	`$rev_attrmap["$key"] = $key;`
83	`}`	86	`}`
84	`if ($attr_type["$key"] == 'checkItem'){`	87	`if ($attr_type["$key"] == 'checkItem'){`
85	`$table = "$config[sql_check_table]";`	88	`$table = "$config[sql_check_table]";`
86	`$type = 1;`	89	`$type = 1;`
87	`}`	90	`}`
88	`else if ($attr_type["$key"] == 'replyItem'){`	91	`else if ($attr_type["$key"] == 'replyItem'){`
89	`$table = "$config[sql_reply_table]";`	92	`$table = "$config[sql_reply_table]";`
90	`$type = 2;`	93	`$type = 2;`
91	`}`	94	`}`
92	`$val = $$attrmap["$key"];`	95	`$val = $$attrmap["$key"];`
-		96	`/Ajout en vue de l'impression des données/`
-		97	`if($key == "Session-Timeout") $sto_imp = $val;`
-		98	`if($key == "Max-Daily-Session") $mds_imp = $val;`
-		99	`if($key == "Max-Monthly-Session") $mms_imp = $val;`
-		100	`/Fin Ajout/`
93	`$val = da_sql_escape_string($val);`	101	`$val = da_sql_escape_string($val);`
94	`$op_name = $attrmap["$key"] . '_op';`	102	`$op_name = $attrmap["$key"] . '_op';`
95	`$op_val = $$op_name;`	103	`$op_val = $$op_name;`
96	`if ($op_val != ''){`	104	`if ($op_val != ''){`
97	`$op_val = da_sql_escape_string($op_val);`	105	`$op_val = da_sql_escape_string($op_val);`
98	`if (check_operator($op_val,$type) == -1){`	106	`if (check_operator($op_val,$type) == -1){`
99	`echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";`	107	`echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";`
100	`coninue;`	108	`continue;`
101	`}`	109	`}`
102	`$op_val2 = ",'$op_val'";`	110	`$op_val2 = ",'$op_val'";`
103	`}`	111	`}`
104	`if ($val == '' \|\| check_defaults($val,$op_val,$default_vals["$key"]))`	112	`if ($val == '' \|\| check_defaults($val,$op_val,$default_vals["$key"]))`
105	`continue;`	113	`continue;`
106	`$res = @da_sql_query($link,$config,`	114	`$res = @da_sql_query($link,$config,`
107	`"INSERT INTO $table (attribute,value,username $text)`	115	`"INSERT INTO $table (attribute,value,username $text)`
108	`VALUES ('$attrmap[$key]','$val','$login' $op_val2);");`	116	`VALUES ('$attrmap[$key]','$val','$login' $op_val2);");`
109	`if (!$res \|\| !@da_sql_affected_rows($link,$res,$config))`	117	`if (!$res \|\| !@da_sql_affected_rows($link,$res,$config))`
110	`echo "<b>Query failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";`	118	`echo "<b>Query failed for attribute $key: " . da_sql_error($link,$config) . "</b><br>\n";`
111	`}`	119	`}`
112	`}`	120	`}`
113	`echo "<b>Usager correctement créé</b><br>\n";`	121	`echo "<b>Usager correctement créé</b><br>\n";`
114	`}`	122	`}`
115	`else`	123	`else`
116	`echo "<b>Could not open encryption library file</b><br>\n";`	124	`echo "<b>Could not open encryption library file</b><br>\n";`
117	`}`	125	`}`
118	`else`	126	`else`
119	`echo "<b>Could not connect to SQL database</b><br>\n";`	127	`echo "<b>Could not connect to SQL database</b><br>\n";`
120	`?>`	128	`?>`
121		129