From 6c42f30a0424cbf1c1af63f21d7f5074a4653c7a Mon Sep 17 00:00:00 2001
From: jhunkeler <jhunkeler@c5b2fb0a-d05d-0410-98c8-828840a80ff6>
Date: Wed, 23 Dec 2009 01:58:08 +0000
Subject: (OC) tried fixing the insert in NewAdmin(), no luck

git-svn-id: http://svn.3rd-infantry-division.org/testing/branches/Bayonet CMS v2@394 c5b2fb0a-d05d-0410-98c8-828840a80ff6
---
 admin/admins/functions.php | 69 ++++++++++++++++++++++++++++++++++++++++------
 admin/calendar/index.php   |  1 -
 admin/news/functions.php   |  2 +-
 admin/news/index.php       |  6 +++-
 4 files changed, 67 insertions(+), 11 deletions(-)

(limited to 'admin')
diff --git a/admin/admins/functions.php b/admin/admins/functions.php
index c44d05a..413c0fe 100644
--- a/admin/admins/functions.php
+++ b/admin/admins/functions.php
@@ -62,12 +62,55 @@
  
  function NewAdmin()
  {
+ 	 
+ 	 global $db;
  	 $maxLevel = $_SESSION['level'];
  	 
  	 if(isset($_POST['processed'])){
  	 
- 	 	echo GeneratePassword(8);
- 	 	return;
+ 	 	$username = addslashes($_POST['username']);
+		$level = addslashes($_POST['level']);
+		$email = addslashes($_POST['email']);
+		$first = addslashes($_POST['first']);
+		$last = addslashes($_POST['last']);
+			
+		$all = $_POST['all'];
+		$squadleader = $_POST['squadleader'];
+		$adjutant = $_POST['adjutant'];
+		$quartermaster = $_POST['quartermaster'];
+		
+		$password = GeneratePassword(8);		
+		$cryptpassword = crypt(md5($password),'iamnotadirtywhorebitch');
+			
+		if(empty($username))
+		{
+			ReportError("This user must have a username to continue.");
+			return;
+		}
+		
+		$Name = "Rocky the Marne Dog";
+		$subject = "3rd ID Admin Password";
+		$header = "From: ". $Name . " < DO NOT RESPOND >\r\n"; //optional headerfields 
+		$mail_body = "Do not respond to this email.\n\n------------------------------\nUsername: ".$username."\nPassword: ".$password."\n------------------------------\n\nTo login click on this link. http://testbed.3rd-infantry-division.org/cms/admin/ \n\nIt is recommended that you change your password once you login. To do so, click on Account Settings>Change Password.";
+		
+		//$sent = mail($email, $subject, $mail_body, $header);
+		if(!$sent){
+			ReportError("Error validating email. This user was not saved.");
+			//return;		
+		}
+				
+	//	$db->Query("INSERT INTO `bayonet_users` (`user_id` ,`username` ,`password` ,`lastname` ,`firstname` ,`email` ,`joined` ,`level` ,`all` ,`squadleader` ,`adjutant` ,`quartermaster`) VALUES (NULL, '$username', '$cryptpassword', '$last', '$first', '$email', '', $level, $all, $squadleader, $adjutant, $quartermaster)");
+	
+		$db->Query("INSERT INTO `bayonet_users` SET `username` = '$username'");
+		
+						
+   		echo "Admin, '$username' level '$level' has been added. An email has been sent to him with his username and password.\n <br /><br /> 
+			Please wait while you are redirected. <br /><br /> 
+			<a href=\"?op=admins\">Click here if you don't feel like waiting.</a>";
+					
+	    // 3 second redirect to go back to the edit page
+   		//PageRedirect(2, "?op=admins");
+	    return;
  	 }
 ?>
 <div style="text-align:right"><img src="images/cancel.png" />Cancel</div>
@@ -103,14 +146,14 @@
 <?php
  }
  
- function GetPermissions($user)
+ function GetPermissions($user = NULL)
  {
  ?>
  		<div class="slidepanel">
 			<table width="100%" style="text-align:center;">
-				<tr><th>Everything else</th><th>Adjutant</th><th>Quartermaster</th></tr>
+				<tr><th>Everything else</th><th>Squad Leader</th><th>Adjutant</th><th>Quartermaster</th></tr>
 				<tr>
-					<td>
+					<td width="25%">
 						<input type="hidden" name="all" value="0" />
 					<?php
 						if(isset($user['all']) && $user['all'] == 1)
@@ -119,7 +162,16 @@
 							echo "<input type=\"checkbox\" name=\"all\" value=\"1\" />";
 					?>
 					</td>
-					<td>
+					<td width="25%">
+						<input type="hidden" name="squadleader" value="0" />
+					<?php
+						if(isset($user['squadleader']) && $user['squadleader'] == 1)
+							echo "<input type=\"checkbox\" name=\"squadleader\" value=\"1\" checked/>";
+						else
+							echo "<input type=\"checkbox\" name=\"squadleader\" value=\"1\" />";
+					?>
+					</td>
+					<td width="25%">
 						<input type="hidden" name="adjutant" value="0" />
 					<?php
 						if(isset($user['adjutant']) && $user['adjutant'] == 1)
@@ -128,7 +180,7 @@
 							echo "<input type=\"checkbox\" name=\"adjutant\" value=\"1\" />";
 					?>
 					</td>
-					<td>
+					<td width="25%">
 						<input type="hidden" name="quartermaster" value="0" />
 					<?php
 						if(isset($user['quartermaster']) && $user['quartermaster'] == 1)
@@ -167,6 +219,7 @@
 			$level = addslashes($_POST['level']);
 			
 			$all = $_POST['all'];
+			$squadleader = $_POST['squadleader'];
 			$adjutant = $_POST['adjutant'];
 			$quartermaster = $_POST['quartermaster'];
 			
@@ -176,7 +229,7 @@
 		      return;
 		    }
 				
-			$db->Query("UPDATE `bayonet_users` SET `username` = '$username', `level` = '$level', `all` = '$all', `adjutant` = '$adjutant', `quartermaster` = '$quartermaster' WHERE `user_id` = '$user_id' LIMIT 1");
+			$db->Query("UPDATE `bayonet_users` SET `username` = '$username', `level` = '$level', `all` = '$all', `squadleader` = '$squadleader', `adjutant` = '$adjutant', `quartermaster` = '$quartermaster' WHERE `user_id` = '$user_id' LIMIT 1");
 		    
 		    echo "Admin, '$username' level '$level' has been edited.\n <br /><br /> 
 					Please wait while you are redirected. <br /><br /> 
diff --git a/admin/calendar/index.php b/admin/calendar/index.php
index a61424f..1197990 100644
--- a/admin/calendar/index.php
+++ b/admin/calendar/index.php
@@ -19,7 +19,6 @@
  ?>
  
  <div style="text-align:left;"><h2>- Manage Calendar & Events</h2></div>
- -Edit events needs to be completed.
 <?php
 
 if(!defined("ADMIN_FILE"))
diff --git a/admin/news/functions.php b/admin/news/functions.php
index a098e46..f98c4e2 100644
--- a/admin/news/functions.php
+++ b/admin/news/functions.php
@@ -94,7 +94,7 @@ function EditNews($news_id){
   	  global $db;
   	  
   	  echo "<select name=\"author\">";
-  	  $result = $db->Query("SELECT `user_id`, `lastname` FROM `bayonet_users` WHERE `active` = 1 ORDER BY `username` ASC");
+  	  $result = $db->Query("SELECT `user_id`, `lastname` FROM `bayonet_users` ORDER BY `username` ASC");
   	  while(($row = $db->Fetch($result))!= false){
   	  	  if($author_id == $row['user_id'])
   	  	  	echo "<option value=\"{$row['user_id']}\" selected>{$row['lastname']}</option>";
diff --git a/admin/news/index.php b/admin/news/index.php
index 2b7dca1..43baf81 100644
--- a/admin/news/index.php
+++ b/admin/news/index.php
@@ -16,7 +16,12 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
+ ?>
  
+ <div style="text-align:left;"><h2>- Manage News</h2></div>
+ -Everything needs to be completed.
+<?php
+
 if(!defined("ADMIN_FILE"))
 {
   die("Access denied.");
@@ -30,7 +35,6 @@ echo "<table class=\"panel\" width=\"100%\">
 if(isset($_GET['edit'])){
 	$news_id = $_GET['edit'];
 	EditNews($news_id);
-	return;
 }
 
 
-- 
cgit 


Everything else	Adjutant	Quartermaster
Everything else	Squad Leader	Adjutant	Quartermaster
+	"; ?>	+	+ + "; + else + echo ""; + ?> +	"; ?>	+	Query("UPDATE `bayonet_users` SET `username` = '$username', `level` = '$level', `all` = '$all', `adjutant` = '$adjutant', `quartermaster` = '$quartermaster' WHERE `user_id` = '$user_id' LIMIT 1"); + $db->Query("UPDATE `bayonet_users` SET `username` = '$username', `level` = '$level', `all` = '$all', `squadleader` = '$squadleader', `adjutant` = '$adjutant', `quartermaster` = '$quartermaster' WHERE `user_id` = '$user_id' LIMIT 1"); echo "Admin, '$username' level '$level' has been edited.\n Please wait while you are redirected. diff --git a/admin/calendar/index.php b/admin/calendar/index.php index a61424f..1197990 100644 --- a/admin/calendar/index.php +++ b/admin/calendar/index.php @@ -19,7 +19,6 @@ ?> - Manage Calendar & Events - -Edit events needs to be completed. "; - $result = $db->Query("SELECT `user_id`, `lastname` FROM `bayonet_users` WHERE `active` = 1 ORDER BY `username` ASC"); + $result = $db->Query("SELECT `user_id`, `lastname` FROM `bayonet_users` ORDER BY `username` ASC"); while(($row = $db->Fetch($result))!= false){ if($author_id == $row['user_id']) echo ""; diff --git a/admin/news/index.php b/admin/news/index.php index 2b7dca1..43baf81 100644 --- a/admin/news/index.php +++ b/admin/news/index.php @@ -16,7 +16,12 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ + ?> + - Manage News + -Everything needs to be completed. + if(isset($_GET['edit'])){ $news_id = $_GET['edit']; EditNews($news_id); - return; } -- cgit