iwa-panda1

add_user.php (5942B)

---

 <!DOCTYPE html>
 <html lang="eng">
     <head>
         <title>Add user</title>
         <!-- Bootstrap CSS -->
         <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
         <link rel="stylesheet" type="text/css" href="/css/homepage.css">
     </head>
     <?php
         include "views/navbar.php";
         include "utils/autoloader.php";
         if(!in_array(1, $_SESSION['user_permissions'])){
             header('Location: /dashboard');
             exit;
         }
         $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "wap2");
         //select the available permissions from the database
         $all_p = $db->all(Permissions::class);
         $available_permissions = [];
         foreach($all_p as $tmp){
             $available_permissions[] = ['id' => $tmp->permission_id, 'name' => $tmp->permission_name];
         }
         $msg = "";
     if ($_SERVER["REQUEST_METHOD"] == "POST") {
         $errors = array(); // initialize an empty array to store errors
     
         // Check if voornaam is set and not empty
         if (isset($_POST['voornaam']) && !empty($_POST['voornaam'])) {
             $fname = $_POST['voornaam'];
         } else {
             $errors[] = "Voornaam is required";
         }
     
         // Check if achternaam is set and not empty
         if (isset($_POST['achternaam']) && !empty($_POST['achternaam'])) {
             $lname = $_POST['achternaam'];
         } else {
             $errors[] = "Achternaam is required";
         }
     
         // Check if email is set and not empty
         if (isset($_POST['email']) && !empty($_POST['email'])) {
             $email = $_POST['email'];
         } else {
             $errors[] = "E-mail is required";
         }
     
         // Check if password is set and not empty
         if (isset($_POST['password']) && !empty($_POST['password'])) {
             $password = $_POST['password'];
         } else {
             $errors[] = "Wachtwoord is required";
         }
     
         // Check if permissions is set
         if (isset($_POST['permissions'])) {
             $permissions = $_POST['permissions'];
         } else {
             $errors[] = "Permissions are required";
         }
     
         // Check if there are any errors
         if (count($errors) > 0) {
             // Print out the errors
             foreach ($errors as $error) {
                 $msg .= $error . "<br>";
             }
         } else {
             // Pass the password through a hashing function
             $hashed_pwd = password_hash($password, PASSWORD_DEFAULT);
             
             //create a database object with table user
             $u = $db->get(User::class);
             //check if email already exists
             if($u->where("email",  $email)){
                 $msg = "this email address is taken: " . $email;
             }else{
                 $u = $db->get(User::class);
                 $succes = false;
                 //set new user data
                 $u->email = $email;
                 $u->first_name = $fname;
                 $u->last_name = $lname;
                 $u->password = $hashed_pwd;
                 
                 //add user with the add function
                 if($u->add()){
                     $succes = true;
                 };
                 $u = $db->get(User::class);
                 $u->where("email",  $email);
                 //create a database object with table permission for each permission
                 //set the data and execute the add function
                 foreach($permissions as $permission){
                     $p = $db->get(Permission_user::class);
                     $p->user_id = $u->user_id;
                     $p->permission_id = (int) $permission;
                     if($p->add())
                     {
                         $succes = true;
                     }
                 }
                 if($succes){
                     $msg = "succes! user with email: {$email} was added to the db";
                 }
             }
         }
     }
     ?>
       <body>
         <div class="container">
             <h1>Add user</h1>
 
             <form action="add_user" method="post">
                 <div class="mb-3">
                     <label for="voornaam" class="form-label"><b>Voornaam:</b></label>
                     <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam">
                 </div>
                 <div class="mb-3">
                     <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
                     <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam">
                 </div>
                 <div class="mb-3">
                     <label for="email" class="form-label"><b>Email:</b></label>
                     <input type="text" class="form-control" name="email" id="email" placeholder="Email">
                 </div>
                 <div class="mb-3">
                     <label for="password" class="form-label"><b>Wachtwoord:</b></label>
                     <input type="password" class="form-control" name="password" id="password" placeholder="******">
                 </div>
                 <p>Please select the user permissions:</p>
                 <?php 
                     foreach($available_permissions as $db_permission){		
                         echo "<div class=\"mb-3 form-check\">
                         <input type=\"checkbox\" class=\"form-check-input\" name=\"permissions[]\" value=" . $db_permission['id'] . "\">
                         <label class=\"form-check-label\" for=" . $db_permission['name'] . ">" . $db_permission['name'] . "</label>
                         </div>";
                     }
                 ?>
                 <button type="submit" class="btn btn-primary" name="submit">Add user</button>
             </form>
             <?php echo $msg;?>
         </div>
     </body>
 </html>