bludit/bl-kernel/admin/controllers/add-user.php

85 lines
2.4 KiB
PHP

<?php defined('BLUDIT') or die('Bludit CMS.');
// ============================================================================
// Check role
// ============================================================================
if($Login->role()!=='admin') {
Alert::set($Language->g('you-do-not-have-sufficient-permissions'));
Redirect::page('admin', 'dashboard');
}
// ============================================================================
// Functions
// ============================================================================
function addUser($args) {
global $dbUsers;
global $Language;
// Check empty username
if( Text::isEmpty($args['new_username']) ) {
Alert::set($Language->g('username-field-is-empty'), ALERT_STATUS_FAIL);
return false;
}
// Check already exist username
if( $dbUsers->userExists($args['new_username']) ) {
Alert::set($Language->g('username-already-exists'), ALERT_STATUS_FAIL);
return false;
}
// Password length
if( strlen($args['new_password']) < 6 ) {
Alert::set($Language->g('Password must be at least 6 characters long'), ALERT_STATUS_FAIL);
return false;
}
// Check new password and confirm password are equal
if( $args['new_password'] != $args['confirm_password'] ) {
Alert::set($Language->g('The password and confirmation password do not match'), ALERT_STATUS_FAIL);
return false;
}
// Filter form fields
$tmp = array();
$tmp['username'] = $args['new_username'];
$tmp['password'] = $args['new_password'];
$tmp['role'] = $args['role'];
$tmp['email'] = $args['email'];
// Add the user to the database
if( $dbUsers->add($tmp) ) {
// Add to syslog
$Syslog->add(array(
'dictionaryKey'=>'new-user',
'notes'=>$tmp['username']
));
// Create an alert
Alert::set($Language->g('user-has-been-added-successfully'), ALERT_STATUS_OK);
return true;
}
return false;
}
// ============================================================================
// Main before POST
// ============================================================================
// ============================================================================
// POST Method
// ============================================================================
if( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
if( addUser($_POST) ) {
Redirect::page('users');
}
}
// ============================================================================
// Main after POST
// ============================================================================