diff options
author | Thomas Lange <code@nerdmind.de> | 2017-02-24 21:27:59 +0100 |
---|---|---|
committer | Thomas Lange <code@nerdmind.de> | 2017-02-24 21:27:59 +0100 |
commit | 52b077a48c743ba4d08ac00520a0bf1ef6deef5f (patch) | |
tree | b4205c194167e0e03e273957cdd0aab3be9fdf01 /admin/user/insert.php | |
download | blog-6442789bf36c04639bf5f104ea963937717a39b5.tar.gz blog-6442789bf36c04639bf5f104ea963937717a39b5.tar.xz blog-6442789bf36c04639bf5f104ea963937717a39b5.zip |
Initial commit.v1.0
Diffstat (limited to 'admin/user/insert.php')
-rw-r--r-- | admin/user/insert.php | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/admin/user/insert.php b/admin/user/insert.php new file mode 100644 index 0000000..7c892d4 --- /dev/null +++ b/admin/user/insert.php @@ -0,0 +1,78 @@ +<?php +#=============================================================================== +# DEFINE: Administration +#=============================================================================== +define('ADMINISTRATION', TRUE); +define('AUTHENTICATION', TRUE); + +#=============================================================================== +# INCLUDE: Main configuration +#=============================================================================== +require_once '../../core/application.php'; + +$Attribute = new User\Attribute(); + +if(HTTP::issetPOST('id', 'slug', 'username', 'password', 'fullname', 'mailaddr', 'body', 'time_insert', 'time_update', 'insert')) { + $Attribute->set('id', HTTP::POST('id') ? HTTP::POST('id') : FALSE); + $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('username'))); + $Attribute->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL); + $Attribute->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE); + $Attribute->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL); + $Attribute->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL); + $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL); + $Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s')); + $Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s')); + + if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) { + try { + if($Attribute->databaseINSERT($Database)) { + HTTP::redirect(Application::getAdminURL('user/')); + } + } catch(PDOException $Exception) { + $messages[] = $Exception->getMessage(); + } + } + + else { + $messages[] = $Language->text('error_security_csrf'); + } +} + +#=============================================================================== +# TRY: Template\Exception +#=============================================================================== +try { + $FormTemplate = Template\Factory::build('user/form'); + $FormTemplate->set('FORM', [ + 'TYPE' => 'INSERT', + 'INFO' => $messages ?? [], + 'DATA' => [ + 'ID' => $Attribute->get('id'), + 'SLUG' => $Attribute->get('slug'), + 'USERNAME' => $Attribute->get('username'), + 'PASSWORD' => NULL, + 'FULLNAME' => $Attribute->get('fullname'), + 'MAILADDR' => $Attribute->get('mailaddr'), + 'BODY' => $Attribute->get('body'), + 'TIME_INSERT' => $Attribute->get('time_insert'), + 'TIME_UPDATE' => $Attribute->get('time_update'), + ], + 'TOKEN' => Application::getSecurityToken() + ]); + + $InsertTemplate = Template\Factory::build('user/insert'); + $InsertTemplate->set('HTML', $FormTemplate); + + $MainTemplate = Template\Factory::build('main'); + $MainTemplate->set('NAME', $Language->text('title_user_insert')); + $MainTemplate->set('HTML', $InsertTemplate); + echo $MainTemplate; +} + +#=============================================================================== +# CATCH: Template\Exception +#=============================================================================== +catch(Template\Exception $Exception) { + $Exception->defaultHandler(); +} +?>
\ No newline at end of file |