| Server IP : 149.202.105.228 / Your IP : 216.73.216.134 Web Server : Apache System : Linux webm129.cluster030.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64 User : atfycaf ( 116275) PHP Version : 7.4.33 Disable Function : _dyuweyrj4,_dyuweyrj4r,dl MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/a/t/f/atfycaf/www/admin/ |
Upload File : |
<?php
include "globalVars.php";
include "header.php";
?>
<h2>Create a New Admin User</h2>
<?php
if (isset($_POST["createUser"])) {
$accessGiven = array();
foreach($_POST["access"] as $accessID => $givenVar) {
$accessGiven[] = $accessID;
}
$privelegeArray = "|". implode("|", $accessGiven) ."|";
$newUserName = cleanPost($_POST["adminUserName"], $conn);
$newUserEmail = cleanPost($_POST["adminUserEmail"], $conn);
$newUserPass = cleanPost($_POST["adminUserPass"], $conn);
$newSendEmail = cleanPost($_POST["adminUserSend"], $conn);
$newCookieVar = getRandID(20);
$dateCreated = date("Y-m-d H:i:s");
mysqli_query($conn, "INSERT INTO admin (adminName, adminEmail, loginPass, cookieVar) VALUES ('". addslashes($newUserName) ."', '". addslashes($newUserEmail) ."', '". md5($newUserPass) ."', '$newCookieVar')");
$newAdminID = mysqli_insert_id($conn);
$trackDate = date("Y-m-d H:i:s");
$numPermissions = count($accessGiven);
mysqli_query($conn, "INSERT INTO userActions (dateCreated, adminID, pageTracking, databaseUpdated, updateDetails) VALUES ('$trackDate', '$adminID', 'admin/userManagementNew.html', 'admin', 'The User ". addslashes($newUserName) ." <$newUserEmail> was created by ". addslashes($adminName) ." <$adminEmail> and granted $numPermissions Admin Permissions')");
mysqli_query($conn, "INSERT INTO adminPriveleges (adminID, privelegeArray, dateAmended, amendedBy) VALUES ('$newAdminID', '$privelegeArray', '$dateCreated', '$adminID')");
echo "<p><strong>Success!</strong> The new Admin User $newUserName has been created.</p>";
if ($newSendEmail == 1) {
///// SEND THE NEW USER AN EMAIL WITH A LINK TO CREATE THEIR LOGIN PASSWORD AND LOG IN \\\\\
$resetVar = getRandID(30);
mysqli_query($conn, "INSERT INTO adminPasswordReset (adminID, resetVar, dateRequested) VALUES ('$newAdminID', '$resetVar', '$dateCreated')");
$enquiryTime = date("g:ia");
$enquiryDate = date("jS \of F, Y");
$salTime = date("H");
if ($salTime < 14) {
$salutation = "Good morning";
} elseif ($salTime < 20) {
$salutation = "Good afternoon";
} else {
$salutation = "Good evening";
}
$emailTitle = "Password Reset";
$LANG_PASSWORD_RESET_EMAIL_TEXT = "<p>[[SALUTATION]] [[EMAIL_NAME]],<br>Your account has been setup to access the FAB Almería management panel.<p>
<p>In an attempt to keep security as high as possible you are required to create a new password to log in. To do so, please visit the link below and setup your access password: <a href=\"[[URL]]password-reset-[[RESET_VAR]].html\">[[URL]]password-reset-[[RESET_VAR]].html</a><p><p>or copy and paste this link into your browser of choice:</p><p>[[URL]]password-reset-[[RESET_VAR]].html</p>
<p>After resetting your password to log in to the management panel for the first time, visit the <a href=\"[[URL]]\">main website</a> and click the User Login link in the main menu. The email address you should use to log in is <strong>$newUserEmail</strong></p>
<p>Regards,<br><br>
The FAB Almería Website<br>
<a href=\"[[URL]]\">FAB Almería</a></p>";
$emailContent = str_replace(array("[[SALUTATION]]", "[[EMAIL_NAME]]", "[[RESET_VAR]]"), array($salutation, $newUserName, $resetVar), $LANG_PASSWORD_RESET_EMAIL_TEXT);
$emailTemplate = file_get_contents($SERVER_ROOT ."/emails/email-template.html");
$emailTemplate = str_replace("[[EMAIL_CONTENT]]", $emailContent, $emailTemplate);
$emailContent = str_replace(array("[[EMAIL_TITLE]]", "[[URL]]", "[[IURL]]", "[[COMPANY_NAME]]", "[[EMAIL_ADD]]"), array($emailTitle, $url, $Iurl, $companyName, $emailEmailAdd), $emailTemplate);
$mailTo = $newUserEmail;
$emailSubject = "$companyName New Account";
$headers = array();
$headers[] = 'MIME-Version: 1.0';
$headers[] = 'Content-type: text/html; charset=utf-8';
$headers[] = 'To: '. $newUserName .' <'. $mailTo .'>';
$headers[] = 'From: '. $companyName .' <'. $emailEmailAdd .'>';
mail($mailTo, $emailSubject, $emailContent, implode("\r\n", $headers));
echo "<p>An email has been sent to $newUserEmail with the instructions to setup the password and log in for the first time.</p>";
}
} else {
?>
<form action="userManagementNew.html" method="post" id="newUserForm">
<div class="descStTab">
<div class="pFormRow">
<div class="pFormTitle">Name: <span class="infoButton"><img src="images/infoButton.png" width="14" height="14" alt="Help" title="Help" border="0" /><span>Simply for identification purposes</span></span></div>
<div class="pFormInput">
<input type="text" name="adminUserName" size="50" required />
<div class="pFormLabel">
<label class="labelName">Name:</label>
</div>
</div>
</div>
<div class="pFormRow">
<div class="pFormTitle">Email Address: <span class="infoButton"><img src="images/infoButton.png" width="14" height="14" alt="Help" title="Help" border="0" /><span>Will be used to access this admin and also for any correspondence such as password reminders</span></span></div>
<div class="pFormInput">
<input type="email" name="adminUserEmail" size="50" required />
<div class="pFormLabel">
<label class="labelName">Email Address:</label>
</div>
</div>
</div>
<div class="pFormRow">
<div class="pFormTitle">Send Email?: <span class="infoButton"><img src="images/infoButton.png" width="14" height="14" alt="Help" title="Help" border="0" /><span>Would you like to send this person an invitation to the admin with links to log in and create their own password?</span></span></div>
<div class="pFormSelect">
<select name="adminUserSend">
<option value="0">No</option>
<option value="1">Yes</option>
</select>
<div class="pFormLabel">
<label class="labelName">Send Email:</label>
</div>
</div>
</div>
<div class="pFormRow">
<div class="pFormTitle">Password: <span class="infoButton"><img src="images/infoButton.png" width="14" height="14" alt="Help" title="Help" border="0" /><span>The password they need to use to access this admin</span></span></div>
<div class="pFormInput">
<input type="text" id="adminUserPass" name="adminUserPass" size="50" data-display="passStrength" required />
<div class="pFormLabel">
<label class="labelName">Password:</label>
</div>
</div>
<a id="autoGenPass">Generate Password</a>
</div>
<div id="passStrength"></div>
<div id="accessSelect">
<h3>User Access Permissions</h3>
<div class="accessTitle">
Calendars <a class="checkAll" data-cl="checks1"><i class="fas fa-check"></i> Check All</a>
</div>
<div class="accessChecks" id="checks1">
<div class="accessCheck">
<input type="checkbox" id="access1" class="accessCheckBox" name="access[1]" value="1">
<label for="access1">Create Calendars</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access2" class="accessCheckBox" name="access[2]" value="1">
<label for="access2">Update Calendars</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access3" class="accessCheckBox" name="access[3]" value="1">
<label for="access3">Delete Calendars</label>
</div>
</div>
<div class="accessTitle">
Forthcoming Events <a class="checkAll" data-cl="checks10"><i class="fas fa-check"></i> Check All</a>
</div>
<div class="accessChecks" id="checks10">
<div class="accessCheck">
<input type="checkbox" id="access42" class="accessCheckBox" name="access[42]" value="1">
<label for="access42">Create Events</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access43" class="accessCheckBox" name="access[43]" value="1">
<label for="access43">Update Events</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access44" class="accessCheckBox" name="access[44]" value="1">
<label for="access44">Delete Events</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access45" class="accessCheckBox" name="access[45]" value="1">
<label for="access45">Manage Registered Players</label>
</div>
</div>
<div class="accessTitle">
Knockout Competitions <a class="checkAll" data-cl="checks2"><i class="fas fa-check"></i> Check All</a>
</div>
<div class="accessChecks" id="checks2">
<div class="accessCheck">
<input type="checkbox" id="access4" class="accessCheckBox" name="access[4]" value="1">
<label for="access4">Create Knockout Competitions</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access5" class="accessCheckBox" name="access[5]" value="1">
<label for="access5">Update Knockout Competitions</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access6" class="accessCheckBox" name="access[6]" value="1">
<label for="access6">Delete Knockout Competitions</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access7" class="accessCheckBox" name="access[7]" value="1">
<label for="access7">Create Knockout Groups</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access8" class="accessCheckBox" name="access[8]" value="1">
<label for="access8">Update Knockout Groups</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access9" class="accessCheckBox" name="access[9]" value="1">
<label for="access9">Delete Knockout Groups</label>
</div>
</div>
<div class="accessTitle">
League Competitions <a class="checkAll" data-cl="checks3"><i class="fas fa-check"></i> Check All</a>
</div>
<div class="accessChecks" id="checks3">
<div class="accessCheck">
<input type="checkbox" id="access10" class="accessCheckBox" name="access[10]" value="1">
<label for="access10">Create League Competitions</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access11" class="accessCheckBox" name="access[11]" value="1">
<label for="access11">Update League Competitions</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access12" class="accessCheckBox" name="access[12]" value="1">
<label for="access12">Delete League Competitions</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access13" class="accessCheckBox" name="access[13]" value="1">
<label for="access13">Create League Groups</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access14" class="accessCheckBox" name="access[14]" value="1">
<label for="access14">Update League Groups</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access15" class="accessCheckBox" name="access[15]" value="1">
<label for="access15">Delete League Groups</label>
</div>
</div>
<div class="accessTitle">
Championship Honours <a class="checkAll" data-cl="checks4"><i class="fas fa-check"></i> Check All</a>
</div>
<div class="accessChecks" id="checks4">
<div class="accessCheck">
<input type="checkbox" id="access16" class="accessCheckBox" name="access[16]" value="1">
<label for="access16">Create New Honours</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access17" class="accessCheckBox" name="access[17]" value="1">
<label for="access17">Update Championship Honours</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access18" class="accessCheckBox" name="access[18]" value="1">
<label for="access18">Delete Championship Honours</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access19" class="accessCheckBox" name="access[19]" value="1">
<label for="access19">Create Honours Groups</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access20" class="accessCheckBox" name="access[20]" value="1">
<label for="access20">Update Honours Groups</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access21" class="accessCheckBox" name="access[21]" value="1">
<label for="access21">Delete Honours Groups</label>
</div>
</div>
<div class="accessTitle">
Committee Members <a class="checkAll" data-cl="checks5"><i class="fas fa-check"></i> Check All</a>
</div>
<div class="accessChecks" id="checks5">
<div class="accessCheck">
<input type="checkbox" id="access22" class="accessCheckBox" name="access[22]" value="1">
<label for="access22">Create New Members</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access23" class="accessCheckBox" name="access[23]" value="1">
<label for="access23">Update Committee Members</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access24" class="accessCheckBox" name="access[24]" value="1">
<label for="access24">Delete Committee Members</label>
</div>
</div>
<div class="accessTitle">
Local Clubs <a class="checkAll" data-cl="checks6"><i class="fas fa-check"></i> Check All</a>
</div>
<div class="accessChecks" id="checks6">
<div class="accessCheck">
<input type="checkbox" id="access25" class="accessCheckBox" name="access[25]" value="1">
<label for="access25">Create New Club</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access26" class="accessCheckBox" name="access[26]" value="1">
<label for="access26">Update Local Clubs</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access27" class="accessCheckBox" name="access[27]" value="1">
<label for="access27">Delete Local Clubs</label>
</div>
</div>
<div class="accessTitle">
Pages <a class="checkAll" data-cl="checks7"><i class="fas fa-check"></i> Check All</a>
</div>
<div class="accessChecks" id="checks7">
<div class="accessCheck">
<input type="checkbox" id="access28" class="accessCheckBox" name="access[28]" value="1">
<label for="access28">Create New Pages</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access29" class="accessCheckBox" name="access[29]" value="1">
<label for="access29">Update Site Pages</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access30" class="accessCheckBox" name="access[30]" value="1">
<label for="access30">Delete Site Pages</label>
</div>
</div>
<div class="accessTitle">
Header Slides <a class="checkAll" data-cl="checks8"><i class="fas fa-check"></i> Check All</a>
</div>
<div class="accessChecks" id="checks8">
<div class="accessCheck">
<input type="checkbox" id="access31" class="accessCheckBox" name="access[31]" value="1">
<label for="access31">Create New Slides</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access32" class="accessCheckBox" name="access[32]" value="1">
<label for="access32">Update Header Slides</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access33" class="accessCheckBox" name="access[33]" value="1">
<label for="access33">Delete Header Slides</label>
</div>
</div>
<div class="accessTitle">
Photo Galleries <a class="checkAll" data-cl="checks9"><i class="fas fa-check"></i> Check All</a>
</div>
<div class="accessChecks" id="checks9">
<div class="accessCheck">
<input type="checkbox" id="access34" class="accessCheckBox" name="access[34]" value="1">
<label for="access34">Create New Galleries</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access35" class="accessCheckBox" name="access[35]" value="1">
<label for="access35">Update Photo Galleries</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access36" class="accessCheckBox" name="access[36]" value="1">
<label for="access36">Delete Photo Galleries</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access37" class="accessCheckBox" name="access[37]" value="1">
<label for="access37">Upload New Photos</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access38" class="accessCheckBox" name="access[38]" value="1">
<label for="access38">Update Photos</label>
</div>
<div class="accessCheck">
<input type="checkbox" id="access39" class="accessCheckBox" name="access[39]" value="1">
<label for="access39">Delete Photos</label>
</div>
</div>
<div class="accessTitle">
Main Menu
</div>
<div class="accessChecks">
<div class="accessCheck">
<input type="checkbox" id="access40" name="access[40]" value="1">
<label for="access40">Update the Main Menu</label>
</div>
</div>
<div class="accessTitle">
Site Configuration
</div>
<div class="accessChecks">
<div class="accessCheck">
<input type="checkbox" id="access41" name="access[41]" value="1">
<label for="access41">Update the Site Configuration</label>
</div>
</div>
</div>
</div>
<input type="submit" class="submitButton" id="createUser" name="createUser" value="Create this User" />
</form>
<?php
}
?>
<?php
include "footer.php";
?>