Newer
Older
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
include_once("includes/header.php");
include_once("includes/footer.php");
include_once("includes/db.php");
$db = connect_db();
printHeader(array(
));
if (!isset($_POST['frmaction'])) {
?>
Robert Anderson
committed
<p class="pageheader">Add WiSP User</p>
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<!-- Add user input fields -->
<form method="post" action="wisp-user-add.php">
<div>
<input type="hidden" name="frmaction" value="insert" />
</div>
<table class="entry">
<tr>
<td class="textcenter" colspan="2">Account Information</td>
</tr>
<tr>
<td><div></div><td>
</tr>
<tr>
<td class="entrytitle">User Name</td>
<td><input type="text" name="user_name" /></td>
</tr>
<tr>
<td class="entrytitle">Password</td>
<td><input type="password" name="user_password" /></td>
</tr>
<tr>
<td><div></div><td>
</tr>
<tr>
<td class="textcenter" colspan="2">Private Information</td>
</tr>
<tr>
<td><div></div><td>
</tr>
<tr>
<td class="entrytitle">First Name</td>
<td><input type="text" name="user_first_name" /></td>
</tr>
<tr>
<td class="entrytitle">Last Name</td>
<td><input type="text" name="user_last_name" /></td>
</tr>
<tr>
<td class="entrytitle">Phone</td>
<td><input type="text" name="user_phone" /></td>
</tr>
<tr>
<td class="entrytitle">Location</td>
<td>
<select name="user_location">
<option selected="selected" value="NULL">No location</option>
<?php
$sql = "SELECT
ID, Name
FROM
${DB_TABLE_PREFIX}wisp_locations
ORDER BY
Name
DESC
";
$res = $db->query($sql);
# If there are any result rows, list items
if ($res->rowCount() > 0) {
while ($row = $res->fetchObject()) {
?>
<option value="<?php echo $row->id; ?>"><?php echo $row->name; ?></option>
<?php
}
}
?>
</select>
</td>
</tr>
<tr>
<td class="entrytitle">Email Address</td>
<td><input type="text" name="user_email" /></td>
</tr>
<tr>
<td class="entrytitle">MAC Address</td>
<td><input type="text" name="user_mac_address" /></td>
</tr>
<tr>
<td class="entrytitle">IP Address</td>
<td><input type="text" name="user_ip_address" /></td>
</tr>
Robert Anderson
committed
<tr>
<td class="entrytitle">Data Usage Limit (MB)</td>
<td><input type="text" name="user_data_limit" /></td>
</tr>
<tr>
<td class="entrytitle">Time Limit (Min)</td>
<td><input type="text" name="user_time_limit" /></td>
</tr>
<tr>
<td class="textcenter" colspan="2"><input type="submit" value="Submit" /></td>
</tr>
</table>
</form>
<?php
}
if (isset($_POST['frmaction']) && $_POST['frmaction'] == "insert") {
?>
<p class="pageheader">Add user</p>
<?php
# Check for empty values
$emptyItem = 0;
foreach ($_POST as $key => $value) {
if (empty($value)) {
$emptyItem = 1;
}
}
if ($emptyItem == 1) {
?>
<div class="warning">One or more fields have been left empty</div>
<?php
} else {
Robert Anderson
committed
$db->beginTransaction();
# Insert into users table
$usersStatement = $db->prepare("INSERT INTO ${DB_TABLE_PREFIX}users (Username) VALUES (?)");
$userResult = $usersStatement->execute(array(
$_POST['user_name'],
));
Robert Anderson
committed
# Get user ID to insert into other tables
$getUserID = $db->query("SELECT ID FROM ${DB_TABLE_PREFIX}users WHERE Username = ".$db->quote($_POST['user_name']));
$resultRow = $getUserID->fetchObject();
$userID = $resultRow->id;
# Insert MAC Address
$userMACAddressStatement = $db->prepare("INSERT INTO
${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
VALUES
($userID,'Calling-Station-Id','||==',?)
");
$userMACAddressResult = $userMACAddressStatement->execute(array(
$_POST['user_mac_address'],
));
Robert Anderson
committed
# Insert IP Address
$userIPAddressStatement = $db->prepare("INSERT INTO
${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
VALUES
($userID,'Framed-IP-Address','+=',?)
");
$userIPAddressResult = $userIPAddressStatement->execute(array(
$_POST['user_ip_address'],
));
# Insert data limit
$userDataStatement = $db->prepare(" INSERT INTO
${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
VALUES
($userID,'SMRadius-Capping-Traffic-Limit',':=',?)
");
$userDataResult = $userDataStatement->execute(array(
Robert Anderson
committed
));
# Insert time limit
$userTimeStatement = $db->prepare(" INSERT INTO
${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
VALUES
($userID,'SMRadius-Capping-UpTime-Limit',':=',?)
Robert Anderson
committed
");
$userTimeResult = $userTimeStatement->execute(array(
$_POST['user_time_limit'],
));
# Insert password
$userPasswordStatement = $db->prepare(" INSERT INTO
${DB_TABLE_PREFIX}user_attributes (UserID,Name,Operator,Value)
VALUES
($userID,'User-Password','==',?)
");
$userPasswordResult = $userPasswordStatement->execute(array(
$_POST['user_password'],
Robert Anderson
committed
));
# Insert user data
$userDataStatement = $db->prepare(" INSERT INTO
${DB_TABLE_PREFIX}wisp_userdata (UserID, FirstName, LastName, Email, Phone)
Robert Anderson
committed
VALUES
Robert Anderson
committed
");
$userDataResult = $userDataStatement->execute(array(
$_POST['user_first_name'],
$_POST['user_last_name'],
$_POST['user_email'],
$_POST['user_phone'],
));
$userLocationStatement = $db->prepare(" INSERT INTO
${DB_TABLE_PREFIX}wisp_userdata (LocationID)
VALUES
(?)
");
Robert Anderson
committed
$userLocationResult = $userLocationStatement->execute(array($_POST['user_location'],));
if ($userDataResult && $userResult && $userIPAddressResult && $userDataResult && $userTimeResult && $userPasswordResult) {
?>
<div class="notice">User added</div>
<?php
Robert Anderson
committed
$db->commit();
} else {
?>
<div class="warning">Failed to add user</div>
Robert Anderson
committed
<div class="warning"><?php print_r($db->errorInfo()) ?></div>
Robert Anderson
committed
$db->rollback();