. #------------------------------ # $Revision: 2643 $ # $Author: al $ # $Date: 2009-06-18 19:06:27 -0400 (Thu, 18 Jun 2009) $ #------------------------------ require_once( 'core.php' ); $t_core_path = config_get( 'core_path' ); require_once( $t_core_path.'email_api.php' ); auth_reauthenticate(); access_ensure_global_level( config_get( 'manage_user_threshold' ) ); $f_username = gpc_get_string( 'username' ); $f_realname = gpc_get_string( 'realname' ); $f_password = gpc_get_string( 'password', '' ); $f_password_verify = gpc_get_string( 'password_verify', '' ); $f_email = gpc_get_string( 'email' ); $f_access_level = gpc_get_string( 'access_level' ); $f_protected = gpc_get_bool( 'protected' ); $f_enabled = gpc_get_bool( 'enabled' ); # check for empty username $f_username = trim( $f_username ); if ( is_blank( $f_username ) ) { trigger_error( ERROR_EMPTY_FIELD, ERROR ); } # Check the name for validity here so we do it before promting to use a # blank password (don't want to prompt the user if the process will fail # anyway) user_ensure_name_valid( $f_username ); user_ensure_realname_valid( $f_realname ); if ( $f_password != $f_password_verify ) { trigger_error( ERROR_USER_CREATE_PASSWORD_MISMATCH, ERROR ); } $f_email = email_append_domain( $f_email ); email_ensure_not_disposable( $f_email ); if ( ( ON == config_get( 'send_reset_password' ) ) && ( ON == config_get( 'enable_email_notification' ) ) ) { # Check code will be sent to the user directly via email. Dummy password set to random # Create random password $t_seed = $f_email . $f_username; $f_password = auth_generate_random_password( $t_seed ); } else { # Password won't to be sent by email. It entered by the admin # Now, if the password is empty, confirm that that is what we wanted if ( is_blank( $f_password ) ) { helper_ensure_confirmed( lang_get( 'empty_password_sure_msg' ), lang_get( 'empty_password_button' ) ); } } form_security_validate( 'manage_user_create' ); $t_cookie = user_create( $f_username, $f_password, $f_email, $f_access_level, $f_protected, $f_enabled, $f_realname ); if ( $t_cookie === false ) { $t_redirect_url = 'manage_user_page.php'; } else { # ok, we created the user, get the row again $t_user_id = user_get_id_by_name( $f_username ); $t_redirect_url = 'manage_user_edit_page.php?user_id=' . $t_user_id; } html_page_top1(); html_meta_redirect( $t_redirect_url ); html_page_top2(); ?>