summaryrefslogblamecommitdiffstats
path: root/modules/adduser.inc.php
blob: fc0dfa74892cae05482bda390693b75df628d26f (plain) (tree)
















































































                                                                                                                                                                  
<?php

class Page_AddUser extends Page
{

	protected function doPreprocess()
	{
		User::load();
		if (!User::isShibbolethAuth()) {
			Message::addError('Not bwIDM');
			Util::redirect('?do=Main');
		}
		if (!User::isAdmin()) {
			Message::addError('Not admin!');
			Util::redirect('?do=Main');
		}
		// Add?
		if (Request::post('action') === 'add') {
			$organizationid = Request::post('organization', '');
			$firstname = Request::post('firstname', '');
			$lastname = Request::post('lastname', '');
			$password = Request::post('password', '');
			$login = Request::post('login', '');
			if (empty($organizationid)) {
				Message::addError('Keine Einrichtung gewählt.');
			} else if (empty($firstname) || empty($lastname)
				|| empty($login) || empty($password)) {
				Message:addError('Ein Feld wurde nicht ausgefüllt.');
			} else {
				// Validate login
				if (preg_match('/^[a-z0-9_\.\-]+@([a-z0-9_\.\-]+)$/i', $login, $out)) {
					// Complete login
					$suffix = $out[1];
				} else if (strpos($login, '@') !== false) {
					// Has @ but invalid format
					Message::addError('Ungültige Syntax für Login');
					$suffix = '<invalid>';
				} else {
					// No @, try add orgid
					$suffix = $organizationid;
					$login .= "@$suffix";
				}
				$ok = Database::queryFirst('SELECT organizationid FROM satellite_suffix WHERE organizationid = :o AND suffix = :s LIMIT 1', array(
					'o' => $organizationid,
					's' => $suffix
				));
				if ($ok === false) {
					Message::addError('Login-Suffix @{{0}} ist ungültig.', $suffix);
				} else {
					Database::exec('INSERT INTO user (login, password, organizationid, firstname, lastname, email) '
						. ' VALUES (:login, :password, :organization, :firstname, :lastname, :email)', array(
							'login' => $login,
							'password' => Crypto::hash6($password),
							'organization' => $organizationid,
							'firstname' => $firstname,
							'lastname' => $lastname,
							'email' => Request::post('email')
						));
					Message::addSuccess('Benutzer {{0}} angelegt', $login);
				}
			}
			Util::redirect('?do=Main');
		}
	}

	protected function doRender()
	{
		// Show mask
		$res = Database::simpleQuery('SELECT organizationid, name FROM satellite ORDER BY name ASC');
		$orgs = array();
		$orgs[] = array(
			'organizationid' => '',
			'name' => ' -- Bitte wählen -- '
		);
		while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
			$orgs[] = $row;
		}
		Render::addTemplate('adduser/_page', array('orgs' => $orgs));
	}

}