Fix Bug352

pull/59/head
KOUONTCHOU NEIL ARMSTRONG 2023-12-06 02:40:34 +01:00
parent ef87c1248f
commit f3ef8d8e5c
1 changed files with 57 additions and 5 deletions

View File

@ -1,7 +1,19 @@
<?php
include 'NoDirectPhpAcess.php';
function downloadFile($filename)
{
$file_url = './acounts/' . $filename.'.txt';
header('content-type: text/plain');
header('Cache-Control: no-cache, must-revalidate');
header('Content-Disposition: attachment; filename=' . basename($file_url));
readfile($file_url);
header("Refresh: 5");
}
?>
<?php
/*
@ -12,9 +24,18 @@ session_start();
date_default_timezone_set('Asia/Shanghai');
// Connect to MySQL database
include "get_mysql_credentials.php";
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
$mysql_host= "localhost";
$mysql_username = "root";
$mysql_password = "";
$mysql_db = "lrr";
// $mysql_username, $mysql_password variable declared directly
$con= mysqli_connect($mysql_host,$mysql_username,$mysql_password,$mysql_db);
//$con = mysqli_connect("localhost", "root", "", "lrr");
// Check connection
if (mysqli_connect_errno()) {
@ -269,6 +290,14 @@ if (!empty($_POST["form_createlecturrer"])) {
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
$type = mysqli_real_escape_string($con, $_POST["type"]);
$password = mysqli_real_escape_string($con, $_POST["passport"]);
$pass_len=strlen($password);
if ($pass_len==0) {
$password = generateStrongPassword();
}
// $passport_no=$password;
// check if email is taken
$result = mysqli_query(
$con,
@ -277,17 +306,40 @@ if (!empty($_POST["form_createlecturrer"])) {
if (mysqli_num_rows($result) != 0) {
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
header("Location: Admin.php");
exit;
// header( "refresh:5;url=Admin.php" );
}
$password_hash = password_hash("$password", PASSWORD_DEFAULT);
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
. "('$email','$password_hash','$fullname','$type')";
if ($con->query($sql) === TRUE) {
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and $password as password.";
// $file_name = $email.'.txt';
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and ". $password ." as password.";
// file_put_contents('./acounts/'.$file_name, $_SESSION["info_Admin_Users"]);
//downloadFile($email);
header("Location: Admin.php");
} else {
echo "Error: " . $sql . "<br>" . $con->error;
alert("Error: " . $sql . "<br>" . $con->error);
}
}
// ### FUNCTION TO GENERATE INITIAL PASSWORDS ###//
function generateStrongPassword() {
$characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_';
$password_length = 12;
$gen_password = '';
for ($i = 0; $i < $password_length; $i++) {
$random_index = mt_rand(0, strlen($characters) - 1);
$gen_password .= $characters[$random_index];
}
// Return the generated password
return $gen_password;
}
// #### FUNCTION CHECK FILE TYPES ////