Fix Bug352
parent
ef87c1248f
commit
f3ef8d8e5c
60
Script.php
60
Script.php
|
@ -1,7 +1,19 @@
|
|||
<?php
|
||||
include 'NoDirectPhpAcess.php';
|
||||
function downloadFile($filename)
|
||||
{
|
||||
|
||||
$file_url = './acounts/' . $filename.'.txt';
|
||||
header('content-type: text/plain');
|
||||
header('Cache-Control: no-cache, must-revalidate');
|
||||
header('Content-Disposition: attachment; filename=' . basename($file_url));
|
||||
readfile($file_url);
|
||||
header("Refresh: 5");
|
||||
|
||||
}
|
||||
?>
|
||||
|
||||
|
||||
<?php
|
||||
|
||||
/*
|
||||
|
@ -12,9 +24,18 @@ session_start();
|
|||
|
||||
date_default_timezone_set('Asia/Shanghai');
|
||||
|
||||
|
||||
// Connect to MySQL database
|
||||
include "get_mysql_credentials.php";
|
||||
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
|
||||
$mysql_host= "localhost";
|
||||
$mysql_username = "root";
|
||||
$mysql_password = "";
|
||||
$mysql_db = "lrr";
|
||||
|
||||
// $mysql_username, $mysql_password variable declared directly
|
||||
$con= mysqli_connect($mysql_host,$mysql_username,$mysql_password,$mysql_db);
|
||||
//$con = mysqli_connect("localhost", "root", "", "lrr");
|
||||
|
||||
|
||||
|
||||
// Check connection
|
||||
if (mysqli_connect_errno()) {
|
||||
|
@ -269,6 +290,14 @@ if (!empty($_POST["form_createlecturrer"])) {
|
|||
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
|
||||
$type = mysqli_real_escape_string($con, $_POST["type"]);
|
||||
$password = mysqli_real_escape_string($con, $_POST["passport"]);
|
||||
$pass_len=strlen($password);
|
||||
if ($pass_len==0) {
|
||||
$password = generateStrongPassword();
|
||||
|
||||
}
|
||||
|
||||
|
||||
// $passport_no=$password;
|
||||
// check if email is taken
|
||||
$result = mysqli_query(
|
||||
$con,
|
||||
|
@ -277,17 +306,40 @@ if (!empty($_POST["form_createlecturrer"])) {
|
|||
if (mysqli_num_rows($result) != 0) {
|
||||
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
|
||||
header("Location: Admin.php");
|
||||
exit;
|
||||
// header( "refresh:5;url=Admin.php" );
|
||||
|
||||
}
|
||||
$password_hash = password_hash("$password", PASSWORD_DEFAULT);
|
||||
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
|
||||
. "('$email','$password_hash','$fullname','$type')";
|
||||
|
||||
if ($con->query($sql) === TRUE) {
|
||||
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and $password as password.";
|
||||
// $file_name = $email.'.txt';
|
||||
$_SESSION["info_Admin_Users"] = $type . " user created successfully. Use email " . $email . " as account name and ". $password ." as password.";
|
||||
// file_put_contents('./acounts/'.$file_name, $_SESSION["info_Admin_Users"]);
|
||||
//downloadFile($email);
|
||||
header("Location: Admin.php");
|
||||
|
||||
} else {
|
||||
echo "Error: " . $sql . "<br>" . $con->error;
|
||||
alert("Error: " . $sql . "<br>" . $con->error);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// ### FUNCTION TO GENERATE INITIAL PASSWORDS ###//
|
||||
function generateStrongPassword() {
|
||||
|
||||
$characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_';
|
||||
$password_length = 12;
|
||||
$gen_password = '';
|
||||
for ($i = 0; $i < $password_length; $i++) {
|
||||
$random_index = mt_rand(0, strlen($characters) - 1);
|
||||
$gen_password .= $characters[$random_index];
|
||||
}
|
||||
|
||||
// Return the generated password
|
||||
return $gen_password;
|
||||
}
|
||||
|
||||
// #### FUNCTION CHECK FILE TYPES ////
|
||||
|
|
Loading…
Reference in New Issue