1<?php 2# MantisBT - A PHP based bugtracking system 3 4# MantisBT is free software: you can redistribute it and/or modify 5# it under the terms of the GNU General Public License as published by 6# the Free Software Foundation, either version 2 of the License, or 7# (at your option) any later version. 8# 9# MantisBT is distributed in the hope that it will be useful, 10# but WITHOUT ANY WARRANTY; without even the implied warranty of 11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12# GNU General Public License for more details. 13# 14# You should have received a copy of the GNU General Public License 15# along with MantisBT. If not, see <http://www.gnu.org/licenses/>. 16 17/** 18 * Create a User 19 * 20 * @package MantisBT 21 * @copyright Copyright 2000 - 2002 Kenzaburo Ito - kenito@300baud.org 22 * @copyright Copyright 2002 MantisBT Team - mantisbt-dev@lists.sourceforge.net 23 * @link http://www.mantisbt.org 24 * 25 * @uses core.php 26 * @uses access_api.php 27 * @uses authentication_api.php 28 * @uses constant_inc.php 29 * @uses form_api.php 30 * @uses gpc_api.php 31 * @uses helper_api.php 32 * @uses html_api.php 33 * @uses lang_api.php 34 * @uses print_api.php 35 * @uses string_api.php 36 * @uses utility_api.php 37 */ 38 39require_once( 'core.php' ); 40require_api( 'access_api.php' ); 41require_api( 'authentication_api.php' ); 42require_api( 'constant_inc.php' ); 43require_api( 'form_api.php' ); 44require_api( 'gpc_api.php' ); 45require_api( 'helper_api.php' ); 46require_api( 'html_api.php' ); 47require_api( 'lang_api.php' ); 48require_api( 'print_api.php' ); 49require_api( 'string_api.php' ); 50require_api( 'utility_api.php' ); 51 52form_security_validate( 'manage_user_create' ); 53 54auth_reauthenticate(); 55 56$f_username = gpc_get_string( 'username' ); 57$f_realname = gpc_get_string( 'realname', '' ); 58$f_password = gpc_get_string( 'password', '' ); 59$f_password_verify = gpc_get_string( 'password_verify', '' ); 60$f_email = gpc_get_string( 'email', '' ); 61$f_access_level = gpc_get_string( 'access_level' ); 62$f_protected = gpc_get_bool( 'protected' ); 63$f_enabled = gpc_get_bool( 'enabled' ); 64 65if( $f_password != $f_password_verify ) { 66 trigger_error( ERROR_USER_CREATE_PASSWORD_MISMATCH, ERROR ); 67} 68 69# Password won't be sent by email. It is entered by the admin 70# Now, if the password is empty, confirm that that is what we wanted 71if( is_blank( $f_password ) && ( 72 ON != config_get( 'send_reset_password' ) || 73 ON != config_get( 'enable_email_notification' ) ) 74) { 75 helper_ensure_confirmed( 76 lang_get( 'empty_password_sure_msg' ), 77 lang_get( 'empty_password_button' ) ); 78} 79 80$t_data = array( 81 'query' => array(), 82 'payload' => array( 83 'username' => $f_username, 84 'email' => $f_email, 85 'access_level' => array( 'id' => $f_access_level ), 86 'real_name' => $f_realname, 87 'password' => $f_password, 88 'protected' => $f_protected, 89 'enabled' => $f_enabled 90 ) 91); 92 93$t_command = new UserCreateCommand( $t_data ); 94$t_result = $t_command->execute(); 95 96form_security_purge( 'manage_user_create' ); 97 98$t_user_id = $t_result['id']; 99$t_redirect_url = 'manage_user_edit_page.php?user_id=' . $t_user_id; 100 101layout_page_header( null, $t_redirect_url ); 102 103layout_page_begin( 'manage_overview_page.php' ); 104$t_access_level = get_enum_element( 'access_levels', $f_access_level ); 105$t_message = lang_get( 'created_user_part1' ) 106 . ' <span class="bold">' . $f_username . '</span> ' 107 . lang_get( 'created_user_part2' ) 108 . ' <span class="bold">' . $t_access_level . '</span><br />'; 109html_operation_successful( $t_redirect_url, $t_message ); 110 111echo '</div>'; 112 113layout_page_end(); 114