* @license http://www.contenido.org/license/LIZENZ.txt * @link http://www.4fb.de * @link http://www.contenido.org * @since file available since contenido release <= 4.6 * * {@internal * created 2003-04-30 * modified 2008-06-24, Timo Trautmann, storage for valid from valid to added * modified 2008-06-27, Frederic Schneider, add security fix * modified 2008-11-17, H. Librenz - new ConUser class are used for user creation now, comments fixed, code formatted * modified 2008-11-18, H. Librenz - values given during a submittion try are now resubmitted * modified 2010-05-31, Ortwin Pinke, PHP >= 5.3, replace deprecated split-function with explode() * modified 2011-02-07, Murat Purc, Cleanup, optimization and formatting * * $Id: include.rights_create.php 2 2011-07-20 12:00:48Z oldperl $: * }} * */ if (!defined('CON_FRAMEWORK')) { die('Illegal call'); } cInclude('includes', 'functions.rights.php'); if (!$perm->have_perm_area_action($area, $action)) { $notification->displayNotification("error", i18n("Permission denied")); return; } $aPerms = array(); $sNotification = ''; $bError = false; if ($action == 'user_createuser') { if ($username == '') { $sNotification = $notification->returnNotification("warning", i18n("Username can't be empty")); $bError = true; } else { $aPerms = buildUserOrGroupPermsFromRequest(true); $oUser = new ConUser($cfg, $db); if (strcmp($password, $passwordagain) == 0) { // ok, both passwords given are equal, but is the password valid? $iPassCheck = $oUser->setPassword($password); if ($iPassCheck == iConUser::PASS_OK) { // yes, it is.... try { $oUser->setUserName($username); $oUser->setRealName($realname); $oUser->setMail($email); $oUser->setTelNumber($telephone); $oUser->setStreet($address_street); $oUser->setCity($address_city); $oUser->setZip($address_zip); $oUser->setCountry($address_country); $oUser->setUseTiny($wysi); $oUser->setValidDateFrom($valid_from); $oUser->setValidDateTo($valid_to); $oUser->setPerms($aPerms); $oUser->setPassword($password); if ($oUser->save()) { // save user id and clean "old" values... $sNotification = $notification->returnNotification("info", i18n("User created")); $userid = $oUser->getUserId(); $username = ''; $realname = ''; $email = ''; $telephone = ''; $address_city = ''; $address_country = ''; $address_street = ''; $address_zip = ''; $wysi = ''; $valid_from = ''; $valid_to = ''; $aPerms = array(); $password = ''; } } catch (ConUserException $cue) { switch ($cue->getCode()) { case iConUser::EXCEPTION_USERNAME_EXISTS: $sNotification = $notification->returnNotification("warning", i18n("Username already exists")); $bError = true; break; default: $sNotification = $notification->returnNotification("warning", i18n("Unknown error") . ": " . $cue->getMessage()); $bError = true; break; } } } else { // oh oh, password is NOT valid. check it... $sNotification = $notification->returnNotification("warning", ConUser::getErrorString($iPassCheck, $cfg)); $bError = true; } } else { $sNotification = $notification->returnNotification("warning", i18n("Passwords don't match")); $bError = true; } } } $tpl->reset(); $tpl->set('s','NOTIFICATION', $sNotification); $form = '