add_user.php (5942B) download
1<!DOCTYPE html>
2<html lang="eng">
3 <head>
4 <title>Add user</title>
5 <!-- Bootstrap CSS -->
6 <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
7 <link rel="stylesheet" type="text/css" href="/css/homepage.css">
8 </head>
9 <?php
10 include "views/navbar.php";
11 include "utils/autoloader.php";
12 if(!in_array(1, $_SESSION['user_permissions'])){
13 header('Location: /dashboard');
14 exit;
15 }
16 $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "wap2");
17 //select the available permissions from the database
18 $all_p = $db->all(Permissions::class);
19 $available_permissions = [];
20 foreach($all_p as $tmp){
21 $available_permissions[] = ['id' => $tmp->permission_id, 'name' => $tmp->permission_name];
22 }
23 $msg = "";
24 if ($_SERVER["REQUEST_METHOD"] == "POST") {
25 $errors = array(); // initialize an empty array to store errors
26
27 // Check if voornaam is set and not empty
28 if (isset($_POST['voornaam']) && !empty($_POST['voornaam'])) {
29 $fname = $_POST['voornaam'];
30 } else {
31 $errors[] = "Voornaam is required";
32 }
33
34 // Check if achternaam is set and not empty
35 if (isset($_POST['achternaam']) && !empty($_POST['achternaam'])) {
36 $lname = $_POST['achternaam'];
37 } else {
38 $errors[] = "Achternaam is required";
39 }
40
41 // Check if email is set and not empty
42 if (isset($_POST['email']) && !empty($_POST['email'])) {
43 $email = $_POST['email'];
44 } else {
45 $errors[] = "E-mail is required";
46 }
47
48 // Check if password is set and not empty
49 if (isset($_POST['password']) && !empty($_POST['password'])) {
50 $password = $_POST['password'];
51 } else {
52 $errors[] = "Wachtwoord is required";
53 }
54
55 // Check if permissions is set
56 if (isset($_POST['permissions'])) {
57 $permissions = $_POST['permissions'];
58 } else {
59 $errors[] = "Permissions are required";
60 }
61
62 // Check if there are any errors
63 if (count($errors) > 0) {
64 // Print out the errors
65 foreach ($errors as $error) {
66 $msg .= $error . "<br>";
67 }
68 } else {
69 // Pass the password through a hashing function
70 $hashed_pwd = password_hash($password, PASSWORD_DEFAULT);
71
72 //create a database object with table user
73 $u = $db->get(User::class);
74 //check if email already exists
75 if($u->where("email", $email)){
76 $msg = "this email address is taken: " . $email;
77 }else{
78 $u = $db->get(User::class);
79 $succes = false;
80 //set new user data
81 $u->email = $email;
82 $u->first_name = $fname;
83 $u->last_name = $lname;
84 $u->password = $hashed_pwd;
85
86 //add user with the add function
87 if($u->add()){
88 $succes = true;
89 };
90 $u = $db->get(User::class);
91 $u->where("email", $email);
92 //create a database object with table permission for each permission
93 //set the data and execute the add function
94 foreach($permissions as $permission){
95 $p = $db->get(Permission_user::class);
96 $p->user_id = $u->user_id;
97 $p->permission_id = (int) $permission;
98 if($p->add())
99 {
100 $succes = true;
101 }
102 }
103 if($succes){
104 $msg = "succes! user with email: {$email} was added to the db";
105 }
106 }
107 }
108 }
109 ?>
110 <body>
111 <div class="container">
112 <h1>Add user</h1>
113
114 <form action="add_user" method="post">
115 <div class="mb-3">
116 <label for="voornaam" class="form-label"><b>Voornaam:</b></label>
117 <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam">
118 </div>
119 <div class="mb-3">
120 <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
121 <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam">
122 </div>
123 <div class="mb-3">
124 <label for="email" class="form-label"><b>Email:</b></label>
125 <input type="text" class="form-control" name="email" id="email" placeholder="Email">
126 </div>
127 <div class="mb-3">
128 <label for="password" class="form-label"><b>Wachtwoord:</b></label>
129 <input type="password" class="form-control" name="password" id="password" placeholder="******">
130 </div>
131 <p>Please select the user permissions:</p>
132 <?php
133 foreach($available_permissions as $db_permission){
134 echo "<div class=\"mb-3 form-check\">
135 <input type=\"checkbox\" class=\"form-check-input\" name=\"permissions[]\" value=" . $db_permission['id'] . "\">
136 <label class=\"form-check-label\" for=" . $db_permission['name'] . ">" . $db_permission['name'] . "</label>
137 </div>";
138 }
139 ?>
140 <button type="submit" class="btn btn-primary" name="submit">Add user</button>
141 </form>
142 <?php echo $msg;?>
143 </div>
144 </body>
145</html>