PHP Login System with Admin Features

This forum was created to talk about the PHP Login System with admin features created by jpmaster77 on evolt's website


    adding user only with admin

    Share
    avatar
    intothefantasy

    Number of posts : 37
    Registration date : 2009-04-11

    adding user only with admin

    Post  intothefantasy on Sun May 10, 2009 12:48 am

    ok i done this simple part of admin only can add new user...but i came to a part where i wan my admin to add those user with userlevel together as well...i modify some of the codes and still having problems with register fail..this wat i do

    adduser.php
    Code:
    <form action="<?php echo $processpath ; ?>" method="POST">
    <table align="left" border="0" cellspacing="0" cellpadding="3" class="content_text">
    <tr><td>Username:</td><td><input type="text" name="user" maxlength="30" value="<? echo $form->value("user"); ?>"></td><td><? echo $form->error("user"); ?></td></tr>
    <tr><td>Password:</td><td><input type="password" name="pass" maxlength="30" value="<? echo $form->value("pass"); ?>"></td><td><? echo $form->error("pass"); ?></td></tr>
    <tr><td>Email:</td><td><input type="text" name="email" maxlength="50" value="<? echo $form->value("email"); ?>"></td><td><? echo $form->error("email"); ?></td></tr>
    <tr><td>Level User:</td><td><select name="<? echo $form->value("addlevel"); ?>">
    <option value="1">Normal User
    <option value="7">xx
    <option value="8">xxx
    <option value="9">Admin
    </select>
    </td></tr>
    <tr><td colspan="2" align="right">
    <input type="hidden" name="subjoin" value="1">
    <input type="submit" value="Join!"></td></tr>
    </table>
    </form>

    process.php
    Code:
     function procRegister(){
          global $session, $form;
          /* Convert username to all lowercase (by option) */
          if(ALL_LOWERCASE){
            $_POST['user'] = strtolower($_POST['user']);
          }
          /* Registration attempt */
          $retval = $session->register($_POST['user'], $_POST['pass'], $_POST['email'], $_POST['addlevel']);
         
          /* Registration Successful */
          if($retval == 0){
            $_SESSION['reguname'] = $_POST['user'];
            $_SESSION['regsuccess'] = true;
            header("Location: ".$session->referrer);
          }
          /* Error found with form */
          else if($retval == 1){
            $_SESSION['value_array'] = $_POST;
            $_SESSION['error_array'] = $form->getErrorArray();
            header("Location: ".$session->referrer);
          }
          /* Registration attempt failed */
          else if($retval == 2){
            $_SESSION['reguname'] = $_POST['user'];
            $_SESSION['regsuccess'] = false;
            header("Location: ".$session->referrer);
          }
      }

    session.php
    Code:
     function register($subuser, $subpass, $subemail, $subaddlevel){
          global $database, $form, $mailer;  //The database, form and mailer object
         
          /* Username error checking */
          $field = "user";  //Use field name for username
          if(!$subuser || strlen($subuser = trim($subuser)) == 0){
            $form->setError($field, "* Username not entered");
          }
          else{
            /* Spruce up username, check length */
            $subuser = stripslashes($subuser);
            if(strlen($subuser) < 5){
                $form->setError($field, "* Username below 5 characters");
            }
            else if(strlen($subuser) > 30){
                $form->setError($field, "* Username above 30 characters");
            }
            /* Check if username is not alphanumeric */
            else if(!eregi("^([0-9a-z])+$", $subuser)){
                $form->setError($field, "* Username not alphanumeric");
            }
            /* Check if username is reserved */
            else if(strcasecmp($subuser, GUEST_NAME) == 0){
                $form->setError($field, "* Username reserved word");
            }
            /* Check if username is already in use */
            else if($database->usernameTaken($subuser)){
                $form->setError($field, "* Username already in use");
            }
            /* Check if username is banned */
            else if($database->usernameBanned($subuser)){
                $form->setError($field, "* Username banned");
            }
          }

          /* Password error checking */
          $field = "pass";  //Use field name for password
          if(!$subpass){
            $form->setError($field, "* Password not entered");
          }
          else{
            /* Spruce up password and check length*/
            $subpass = stripslashes($subpass);
            if(strlen($subpass) < 4){
                $form->setError($field, "* Password too short");
            }
            /* Check if password is not alphanumeric */
            else if(!eregi("^([0-9a-z])+$", ($subpass = trim($subpass)))){
                $form->setError($field, "* Password not alphanumeric");
            }
            /**
              * Note: I trimmed the password only after I checked the length
              * because if you fill the password field up with spaces
              * it looks like a lot more characters than 4, so it looks
              * kind of stupid to report "password too short".
              */
          }
         
          /* Email error checking */
          $field = "email";  //Use field name for email
          if(!$subemail || strlen($subemail = trim($subemail)) == 0){
            $form->setError($field, "* Email not entered");
          }
          else{
            /* Check if valid email address */
            $regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
                    ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
                    ."\.([a-z]{2,}){1}$";
            if(!eregi($regex,$subemail)){
                $form->setError($field, "* Email invalid");
            }
            $subemail = stripslashes($subemail);
          }

          /* Errors exist, have user correct them */
          if($form->num_errors > 0){
            return 1;  //Errors with form
          }
          /* No errors, add the new account to the */
          else{
            if($database->addNewUser($subuser, md5($subpass), $subemail, $subaddlevel)){
                if(EMAIL_WELCOME){
                  $mailer->sendWelcome($subuser,$subemail,$subpass);
                }
                return 0;  //New user added succesfully
            }else{
                return 2;  //Registration attempt failed
            }
          }
      }

    database.php
    Code:
     function addNewUser($username, $password, $email, $ulevel){
          $time = time();
          $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', $time)";
          return mysql_query($q, $this->connection);
     
      }

    the only error i get is failed to register...
    avatar
    Linchpin311

    Number of posts : 220
    Age : 32
    Localisation : Long Island
    Registration date : 2007-05-14

    Re: adding user only with admin

    Post  Linchpin311 on Tue May 12, 2009 12:03 am

    in database.php on your query line, add single quotes around $ulevel.


    _________________
    in the end, the universe tends to unfold as it should...

    Also note that it is your responsibility to die() if necessary.

      Current date/time is Sun Oct 22, 2017 4:54 pm