require_once("models/config.php");
if (!securePage($_SERVER['PHP_SELF'])){die();}
-require_once("models/header.php");
-
-$text_area="# Rows starting with '#' are ignored. Rows are of the form:\n# username, Full Name, email";
+$text_area="# Rows starting with '#' are ignored. Rows are of the form:\n# Username, Full Name, Email[, Title]";
$show_form = true;
}
else if ($_POST['action'] === "Upload") // Upload users in the text area
{
-
+\r
+ if ($_POST['upload_mode'] === "purge")\r
+ {\r
+ $to_delete = fetchAllUsersWithoutPerm("Administrator");\r
+ if (count($to_delete) > 0)\r
+ {\r
+ if ($deletion_count = deleteUsers($to_delete)) {\r
+ $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));\r
+ }\r
+ else {\r
+ $errors[] = lang("SQL_ERROR");\r
+ }\r
+ }\r
+ }\r
+
$text_area = $_POST['userUpload'];
-
// Iterate through each row
$all_rows=preg_split("/((\r?\n)|(\r\n?))/", $_POST['userUpload']);
-
-
-
foreach ($all_rows as $row)
{
if (empty($row) or $row[0] === '#')
continue;
- $errors = array();
-
- $fields = preg_split("/,/", $row);
-
- $user_name = trim($fields[0]);
- $display_name = trim($fields[1]);
- $email = trim($fields[2]);
+ $fields = preg_split("/,/", $row);\r
+ if(count($fields) < 3)\r
+ {\r
+ $errors[] = "Warning: Ignoring row not in correct format: ".htmlspecialchars($row);\r
+ continue;\r
+ }\r
+
+ $username = trim($fields[0]);
+ $displayname = trim($fields[1]);
+ $email = trim($fields[2]);\r
+ $title = trim($fields[3]);\r
+ \r
+ if(!isValidEmail($email))\r
+ {\r
+ $errors[] = "Enter a valid email for row: ".htmlspecialchars($row);\r
+ continue;\r
+ }\r
+
// generate the temporary password
$password = generatePassword();
-
- if(count($errors) == 0)
- {
- //Construct a user object
- $user = new User($username,$displayname,$password,$email);
-
- //Checking this flag tells us whether there were any errors such as possible data duplication occured
- if(!$user->status)
- {
- if($user->username_taken) $errors[] = lang("ACCOUNT_USERNAME_IN_USE",array($username));
- if($user->displayname_taken) $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE",array($displayname));
- if($user->email_taken) $errors[] = lang("ACCOUNT_EMAIL_IN_USE",array($email));
- }
- else
- {
- //Attempt to add the user to the database, carry out finishing tasks like emailing the user (if required)
- if(!$user->userCakeAddUser())
- {
- if($user->mail_failure) $errors[] = lang("MAIL_ERROR");
- if($user->sql_failure) $errors[] = lang("SQL_ERROR");
- }
- }
+ //Construct a user object
+ $user = new User($username,$displayname,$password,$email);
+
+ //Checking this flag tells us whether there were any errors such as possible data duplication occured
+ if(!$user->status)
+ {
+ if($user->username_taken) $localerrors[] = lang("ACCOUNT_USERNAME_IN_USE",array($username));
+ if($user->displayname_taken) $localerrors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE",array($displayname));
+ if($user->email_taken) $localerrors[] = lang("ACCOUNT_EMAIL_IN_USE",array($email));
}
- if(count($errors) == 0)
+ else
{
- $successes[] = $user->success;
+ //Attempt to add the user to the database, carry out finishing tasks like emailing the user (if required)
+ $user->userCakeAddUser(); //This doesn't return anything itself
+
+ if($user->mail_failure) $localerrors[] = lang("MAIL_ERROR");
+ if($user->sql_failure) $localerrors[] = lang("SQL_ERROR");
+ \r
+ if(strlen($title) >= 50)\r
+ {\r
+ $localerrors[] = "Warning: User".$username." added but failed to set title: ".lang("ACCOUNT_TITLE_CHAR_LIMIT",array(1,50));\r
+ }\r
+ else if (count($localerrors) == 0 && strlen($title) > 0)\r
+ {\r
+ $user_id = fetchUserId($username); //So stupid, when you create a user, it doesn't return the user id\r
+ if (!updateTitle($user_id, $title))\r
+ {\r
+ $localerrors[] = "Warning: User ".$username." added but failed to set title: ". lang("SQL_ERROR");\r
+ }\r
+ }
}
- echo resultBlock($errors,$successes);
- }
+ if(count($localerrors) == 0)
+ {\r
+ $users[] = [$username, $password]; //Push user onto array
+ //$successes[] = ($user->success);
+ }\r
+ else\r
+ {\r
+ $errors = array_merge($errors, $localerrors);\r
+ }
-
-
-
-
+ }
+ \r
+ if(count($users) > 0)\r
+ {\r
+ $successes[] = (count($users)." users created.");\r
+ $successes[] = ("The list of usernames and passwords follow. You must save this!");\r
+ foreach($users as $user)\r
+ {\r
+ $successes[] = $user[0].",".$user[1];\r
+ }\r
+ }
}
-}
+}\r
+\r
+require_once("models/header.php");\r
+startPage();\r
+\r
+echo notificationBlock($errors,$successes);\r
+\r
+echo '<div class="widget"><div class="title">Upload users</div>';
if ($show_form)
{
<input type=\"submit\" name=\"action\" value=\"Reset\"/>
<p> Enter or copy/paste user information below (resize the text area if necessary): </p>
<p>
- <textarea name=\"userUpload\" rows=\"50\" cols=\"100\">".$text_area."</textarea> </p>
+ <textarea name=\"userUpload\" rows=\"50\" cols=\"100\" style=\"width: 100%\">".$text_area."</textarea> </p>
</form>";
-}
+}\r
+\r
+echo '</div>';\r
+finishPage();
?>