From 5fd9fa480f302902328b81f912dd67ce378284f8 Mon Sep 17 00:00:00 2001
From: citizenz7 <citizenz7@protonmail.com>
Date: Thu, 20 Apr 2017 18:50:55 +0200
Subject: V.1.4.6

---
 Html/admin/add-user.php | 156 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 156 insertions(+)
 create mode 100644 Html/admin/add-user.php

(limited to 'Html/admin/add-user.php')

diff --git a/Html/admin/add-user.php b/Html/admin/add-user.php
new file mode 100644
index 0000000..bd0ea57
--- /dev/null
+++ b/Html/admin/add-user.php
@@ -0,0 +1,156 @@
+<?php
+//include config
+require_once('../includes/config.php');
+
+//Si pas connecté OU si le membre n'est pas admin, pas de connexion à l'espace d'admin --> retour sur la page login
+if(!$user->is_logged_in()) {
+        header('Location: login.php');
+}
+
+if(isset($_SESSION['userid'])) {
+        if($_SESSION['userid'] != 1) {
+                header('Location: '.SITEURL);
+        }
+}
+
+// titre de la page
+$pagetitle= 'Admin : ajouter un membre';
+require('../includes/header.php');
+?>
+
+<body>
+
+<div id="container">
+
+        <?php
+                require('../includes/header-logo.php');
+                require('../includes/nav.php');
+        ?>
+
+        <div id="body">
+        <div id="content">
+
+<?php
+// fil d'ariane
+$def = "index";
+$dPath = $_SERVER['REQUEST_URI'];
+$dChunks = explode("/", $dPath);
+
+echo('<a class="dynNav" href="/">Accueil</a><span class="dynNav"> > </span>');
+for($i=1; $i<count($dChunks); $i++ ){
+        echo('<a class="dynNav" href="/');
+        for($j=1; $j<=$i; $j++ ){
+                echo($dChunks[$j]);
+                if($j!=count($dChunks)-1){ echo("/");}
+        }
+
+        if($i==count($dChunks)-1){
+                $prChunks = explode(".", $dChunks[$i]);
+                if ($prChunks[0] == $def) $prChunks[0] = "";
+                $prChunks[0] = $prChunks[0] . "</a>";
+        }
+        else $prChunks[0]=$dChunks[$i] . '</a><span class="dynNav"> > </span>';
+        echo('">');
+        echo(str_replace("_" , " " , $prChunks[0]));
+}
+?>
+<br /><br />
+
+
+        <?php include('menu.php');?>
+				<p><a href="users.php">Membres Admin Index</a></p>
+
+				<h2>Ajouter un membre</h2>
+				        <?php
+
+        //if form has been submitted process it
+        if(isset($_POST['submit'])){
+
+                //collect form data
+                extract($_POST);
+
+                //very basic validation
+                if($username ==''){
+                        $error[] = 'Veuillez entrer un pseudo.';
+                }
+
+                if($password ==''){
+                        $error[] = 'Veuillez entrer un mot de passe.';
+                }
+
+                if($passwordConfirm ==''){
+                        $error[] = 'Veuillez confirmer le mot de passe.';
+                }
+
+                if($password != $passwordConfirm){
+                        $error[] = 'Les mots de passe concordent pas.';
+                }
+
+                if($email ==''){
+                        $error[] = 'Veuillez entrer une adresse e-mail.';
+                }
+
+                if(!isset($error)){
+
+                        $hashedpassword = $user->password_hash($_POST['password'], PASSWORD_BCRYPT);
+
+                        try {
+
+                                //insert into database
+                                $stmt = $db->prepare('INSERT INTO blog_members (username,password,email) VALUES (:username, :password, :email)') ;
+                                $stmt->execute(array(
+                                        ':username' => $username,
+                                        ':password' => $hashedpassword,
+                                        ':email' => $email
+                                ));
+
+                                //redirect to index page
+                                header('Location: users.php?action=ajoute');
+                                exit;
+
+                        } catch(PDOException $e) {
+                            echo $e->getMessage();
+                        }
+
+                }
+
+        }
+        //check for any errors
+        if(isset($error)){
+                foreach($error as $error){
+                        echo '<p class="error">'.$error.'</p>';
+                }
+        }
+        ?>
+
+        <form action='' method='post'>
+
+                <p><label>Pseudo</label><br />
+                <input type='text' name='username' value='<?php if(isset($error)){ echo html($_POST['username']);}?>'></p>
+
+                <p><label>Mot de passe</label><br />
+                <input type='password' name='password' value='<?php if(isset($error)){ echo html($_POST['password']);}?>'></p>
+
+                <p><label>Confirmation mot de passe</label><br />
+                <input type='password' name='passwordConfirm' value='<?php if(isset($error)){ echo html($_POST['passwordConfirm']);}?>'></p>
+
+                <p><label>E-mail</label><br />
+                <input type='text' name='email' value='<?php if(isset($error)){ echo html($_POST['email']);}?>'></p>
+
+                <p><input type='submit' class="searchsubmit formbutton" name='submit' value='Ajouter un membre'></p>
+
+        </form>
+        </div>
+        
+	<?php require('../sidebar.php'); ?>
+        
+    	<div class="clear"></div>
+    </div>
+</div>
+
+<div id="footer">
+	<?php require('../includes/footer.php'); ?>
+</div>
+
+</body>
+</html>
-- 
cgit v1.2.1