From 44a18f3e13077138af782f96cffb39294bca6283 Mon Sep 17 00:00:00 2001
From: jhunkeler <jhunkeler@c5b2fb0a-d05d-0410-98c8-828840a80ff6>
Date: Thu, 24 Dec 2009 21:39:09 +0000
Subject: (OC) fixed some display stuff for the debug console

git-svn-id: http://svn.3rd-infantry-division.org/testing/branches/Bayonet CMS v2@398 c5b2fb0a-d05d-0410-98c8-828840a80ff6
---
 admin/admins/functions.php | 34 ++++++++++++++++++++++------------
 1 file changed, 22 insertions(+), 12 deletions(-)

(limited to 'admin/admins/functions.php')

diff --git a/admin/admins/functions.php b/admin/admins/functions.php
index 413c0fe..68b9bc7 100644
--- a/admin/admins/functions.php
+++ b/admin/admins/functions.php
@@ -69,16 +69,22 @@
  	 if(isset($_POST['processed'])){
  	 
  	 	$username = addslashes($_POST['username']);
-		$level = addslashes($_POST['level']);
 		$email = addslashes($_POST['email']);
 		$first = addslashes($_POST['first']);
 		$last = addslashes($_POST['last']);
-			
+		
+		$level = $_POST['level'];	
 		$all = $_POST['all'];
 		$squadleader = $_POST['squadleader'];
 		$adjutant = $_POST['adjutant'];
 		$quartermaster = $_POST['quartermaster'];
 		
+		$level = (int)$level;
+		$all = (int)$all;
+		$squadleader = (int)$squadleader;
+		$adjutant = (int)$adjutant;
+		$quartermaster = (int)$quartermaster;
+				
 		$password = GeneratePassword(8);		
 		$cryptpassword = crypt(md5($password),'iamnotadirtywhorebitch');
 			
@@ -88,28 +94,32 @@
 			return;
 		}
 		
+		$result = $db->Query("SELECT `level` FROM `bayonet_users` WHERE `username` = '$username' OR `email` = '$email'");
+		if($db->Rows($result) > 0){
+			ReportError("The email and or username you entered is already in use.");
+			return;
+		}
+		
+		
 		$Name = "Rocky the Marne Dog";
 		$subject = "3rd ID Admin Password";
 		$header = "From: ". $Name . " < DO NOT RESPOND >\r\n"; //optional headerfields 
 		$mail_body = "Do not respond to this email.\n\n------------------------------\nUsername: ".$username."\nPassword: ".$password."\n------------------------------\n\nTo login click on this link. http://testbed.3rd-infantry-division.org/cms/admin/ \n\nIt is recommended that you change your password once you login. To do so, click on Account Settings>Change Password.";
 		
-		//$sent = mail($email, $subject, $mail_body, $header);
+		$sent = mail($email, $subject, $mail_body, $header);
 		if(!$sent){
 			ReportError("Error validating email. This user was not saved.");
-			//return;		
-		}
+			return;		
+		} 
 				
-	//	$db->Query("INSERT INTO `bayonet_users` (`user_id` ,`username` ,`password` ,`lastname` ,`firstname` ,`email` ,`joined` ,`level` ,`all` ,`squadleader` ,`adjutant` ,`quartermaster`) VALUES (NULL, '$username', '$cryptpassword', '$last', '$first', '$email', '', $level, $all, $squadleader, $adjutant, $quartermaster)");
-	
-		$db->Query("INSERT INTO `bayonet_users` SET `username` = '$username'");
-		
-						
+		$db->Query("INSERT INTO `bayonet_users` (`user_id` ,`username` ,`password` ,`lastname` ,`firstname` ,`email` ,`joined` ,`level` ,`all` ,`squadleader` ,`adjutant` ,`quartermaster`) VALUES (NULL, '$username', '$cryptpassword', '$last', '$first', '$email', CURRENT_TIMESTAMP, $level, $all, $squadleader, $adjutant, $quartermaster)");
+									
    		echo "Admin, '$username' level '$level' has been added. An email has been sent to him with his username and password.\n <br /><br /> 
 			Please wait while you are redirected. <br /><br /> 
 			<a href=\"?op=admins\">Click here if you don't feel like waiting.</a>";
 					
 	    // 3 second redirect to go back to the edit page
-   		//PageRedirect(2, "?op=admins");
+   		PageRedirect(2, "?op=admins");
 	    return;
  	 }
 ?>
@@ -300,7 +310,7 @@
 	if(isset($_POST['cancel']))
 	{
 		echo "User cancelled deletion of admin: '{$admin['username']}'";
-		PageRedirect(3,"?op=admins");
+		PageRedirect(1,"?op=admins");
 		return;
 	}  
 	?>
-- 
cgit