* Access resctricted to administrators and members of group "Management" * @author Gabriele Droege, DNA Bank Network * @version 2.0 * @package Configuration * @copyright Copyright © 2011 DNA Bank Network http://www.dnabank-network.org
The contents of this file are subject to the Mozilla Public License Version 1.1 * @filesource * @license http://www.mozilla.org/MPL/ MPL * @see start.inc.php|RandPass */ /******************************************************************************************** * login as administrator or manager is required * * password will be generated automatically (line 35) * * @see start.inc.php|RandPass * *********************************************************************************************/ if (!isset($_SESSION['admin']) & !$_SESSION['admin'] & !isset($_SESSION['management']) & !$_SESSION['management']) { $sql= "SELECT ID_User FROM user"; $result = mysqli_query($GLOBALS["___mysqli_ston"], $sql); if(mysqli_num_rows($result) > 10) { $TestAdmin = false; echo "Sorry, you have no permission for editing connection parameters! Please login as administrator or contact an admin."; } else { $Test = true; } } if($Test == "true" or (isset($_SESSION['admin']) || $_SESSION['admin'] || isset($_SESSION['management']) || $_SESSION['management'])) { if($formSubmitSaveUser) { $Signature = $_POST['signature']; $Username = $_POST['username']; $Password = md5($randomstring); $Email = $_POST['email']; $Group = $_POST['group']; $sqltest = "SELECT * FROM user WHERE Signature = '$Signature' OR Login = '$Username'"; $resulttest = mysqli_query($GLOBALS["___mysqli_ston"], $sqltest); if(mysqli_num_rows($resulttest) > 0) { echo "User name '".$Username."' or real name '".$Signature."' already exist in database!"; $Exist = true; } else { if ($Group == '0' or $Group == '') { $Group = 'NULL'; } else { $Group = "'".$Group."'"; } $sql = "INSERT INTO user (Signature, Login, Password, Email, FK_Group, Created_Who) VALUES ('$Signature','$Username','$Password','$Email',$Group,'$log')"; $result = mysqli_query($GLOBALS["___mysqli_ston"], $sql); $msg = ""; $msg .= ""; $msg .= ""; $msg .= ""; echo "

Dear ".utf8_decode($Signature)."

Welcome to the DNA Module! Please keep this email. It contains your current password. You can change your password at any time.

Login name: ".utf8_decode($Username)."
Password: ".$randomstring."

Sincerely,

Administrator DNA Module

"; /******************************************************************************************** * sending email to new user with generated password * *********************************************************************************************/ if(empty($Email_Admin) or !isset($Email_Admin)) { $from = "From: contact@dnabank-network.org\n"; } else { $from = "From: ".$Email_Admin."\n"; } $from .= "Content-Type: text/html\n"; if(mail($Email, "Welcome to the DNA Module", htmlspecialchars_decode($msg), $from)) { $NewUser = true; echo "An email with current password has been sent to ".$Email.""; } else { echo "Sending Email failed."; }} } else { echo " "; echo ""; echo ""; echo ""; echo ""; echo ""; echo ''; echo "

Add new user: Password will be generated automatically and can be changed after first login.
Signature		Real Name/Signature.
User name		Login Name.
Email		Enter user's email address. The user will receive an email with his or her password.
Group		Group for this user.

";} } ?>

Add new user: