-
Notifications
You must be signed in to change notification settings - Fork 99
/
newinstructor.php.dist
121 lines (106 loc) · 7.34 KB
/
newinstructor.php.dist
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php
require("init_without_validate.php");
require_once(__DIR__.'/includes/newusercommon.php');
$pagetitle = "New instructor account request";
$placeinhead = "<link rel=\"stylesheet\" href=\"$imasroot/infopages.css\" type=\"text/css\">\n";
$placeinhead .= '<script type="text/javascript" src="'.$imasroot.'/javascript/jquery.validate.min.js"></script>';
if (isset($CFG['locale'])) {
$placeinhead .= '<script type="text/javascript" src="'.$imasroot.'/javascript/jqvalidatei18n/messages_'.substr($CFG['locale'],0,2).'.min.js"></script>';
}
$nologo = true;
require("header.php");
$pagetitle = "Instructor Account Request";
require("infoheader.php");
$required = array('SID','firstname','lastname','email','pw1','pw2','school','phone','agree');
if (isset($_POST['firstname'])) {
$error = '';
if (!isset($_POST['agree'])) {
$error .= "<p>You must agree to the Terms and Conditions to set up an account</p>";
}
$error .= checkNewUserValidation($required);
if ($error != '') {
echo $error;
} else {
if (isset($CFG['GEN']['homelayout'])) {
$homelayout = $CFG['GEN']['homelayout'];
} else {
$homelayout = '|0,1,2||0,1';
}
if (isset($CFG['GEN']['newpasswords'])) {
require_once("./includes/password.php");
$md5pw = password_hash($_POST['pw1'], PASSWORD_DEFAULT);
} else {
$md5pw = md5($_POST['pw1']);
}
//DB $query = "INSERT INTO imas_users (SID, password, rights, FirstName, LastName, email, homelayout) ";
//DB $query .= "VALUES ('{$_POST['username']}','$md5pw',0,'{$_POST['firstname']}','{$_POST['lastname']}','{$_POST['email']}','$homelayout');";
//DB mysql_query($query) or die("Query failed : " . mysql_error());
//DB $newuserid = mysql_insert_id();
$query = "INSERT INTO imas_users (SID, password, rights, FirstName, LastName, email, homelayout) ";
$query .= "VALUES (:SID, :password, :rights, :FirstName, :LastName, :email, :homelayout);";
$stm = $DBH->prepare($query);
$stm->execute(array(':SID'=>$_POST['SID'], ':password'=>$md5pw, ':rights'=>12, ':FirstName'=>$_POST['firstname'], ':LastName'=>$_POST['lastname'], ':email'=>$_POST['email'], ':homelayout'=>$homelayout));
$newuserid = $DBH->lastInsertId();
if (isset($CFG['GEN']['enrollonnewinstructor'])) {
$valbits = array();
foreach ($CFG['GEN']['enrollonnewinstructor'] as $ncid) {
$ncid = intval($ncid);
$valbits[] = "($newuserid,$ncid)";
}
//DB $query = "INSERT INTO imas_students (userid,courseid) VALUES ".implode(',',$valbits);
//DB mysql_query($query) or die("Query failed : " . mysql_error());
$stm = $DBH->query("INSERT INTO imas_students (userid,courseid) VALUES ".implode(',',$valbits)); //known INTs - safe
}
$subject = "New Instructor Account Request";
$message = "Name: {$_POST['firstname']} {$_POST['lastname']} <br/>\n";
$message .= "Email: {$_POST['email']} <br/>\n";
$message .= "School: {$_POST['school']} <br/>\n";
$message .= "Phone: {$_POST['phone']} <br/>\n";
$message .= "Username: {$_POST['SID']} <br/>\n";
require_once("./includes/email.php");
send_email($sendfrom, $sendfrom, $subject, $message, array(), array(), 10);
$now = time();
//DB $query = "INSERT INTO imas_log (time, log) VALUES ($now, 'New Instructor Request: $newuserid:: School: {$_POST['school']} <br/> Phone: {$_POST['phone']} <br/>')";
//DB mysql_query($query) or die("Query failed : " . mysql_error());
$stm = $DBH->prepare("INSERT INTO imas_log (time, log) VALUES (:now, :log)");
$stm->execute(array(':now'=>$now, ':log'=>"New Instructor Request: $newuserid:: School: {$_POST['school']} <br/> Phone: {$_POST['phone']} <br/>"));
$reqdata = array('reqmade'=>$now, 'school'=>$_POST['school'], 'phone'=>$_POST['phone']);
$stm = $DBH->prepare("INSERT INTO imas_instr_acct_reqs (userid,status,reqdate,reqdata) VALUES (?,0,?,?)");
$stm->execute(array($newuserid, $now, json_encode($reqdata)));
$message = "<p>Your new account request has been sent.</p> ";
$message .= "<p>This request is processed by hand, so please be patient.</p>";
send_email($_POST['email'], $sendfrom, $subject, $message, array(), array(), 10);
echo $message;
require("footer.php");
exit;
}
}
if (isset($_POST['firstname'])) {$firstname=Sanitize::encodeStringForDisplay($_POST['firstname']);} else {$firstname='';}
if (isset($_POST['lastname'])) {$lastname=Sanitize::encodeStringForDisplay($_POST['lastname']);} else {$lastname='';}
if (isset($_POST['email'])) {$email=Sanitize::encodeStringForDisplay($_POST['email']);} else {$email='';}
if (isset($_POST['phone'])) {$phone=Sanitize::encodeStringForDisplay($_POST['phone']);} else {$phone='';}
if (isset($_POST['school'])) {$school=Sanitize::encodeStringForDisplay($_POST['school']);} else {$school='';}
if (isset($_POST['SID'])) {$username=Sanitize::encodeStringForDisplay($_POST['SID']);} else {$username='';}
echo "<h3>New Instructor Account Request</h3>\n";
echo "<form method=post id=newinstrform class=limitaftervalidate action=\"newinstructor.php\">\n";
echo "<span class=form>First Name</span><span class=formright><input type=text id=firstname name=firstname value=\"$firstname\" size=40></span><br class=form />\n";
echo "<span class=form>Last Name</span><span class=formright><input type=text id=lastname name=lastname value=\"$lastname\" size=40></span><br class=form />\n";
echo "<span class=form>Email Address</span><span class=formright><input type=text id=email name=email value=\"$email\" size=40></span><br class=form />\n";
echo "<span class=form>Phone Number</span><span class=formright><input type=text id=phone name=phone value=\"$phone\" size=40></span><br class=form />\n";
echo "<span class=form>School/College</span><span class=formright><input type=text id=school name=school value=\"$school\" size=40></span><br class=form />\n";
echo "<span class=form>Requested Username</span><span class=formright><input type=text id=SID name=SID value=\"$username\" size=40></span><br class=form />\n";
echo "<span class=form>Requested Password</span><span class=formright><input type=password id=pw1 name=pw1 size=40></span><br class=form />\n";
echo "<span class=form>Retype Password</span><span class=formright><input type=password id=pw2 name=pw2 size=40></span><br class=form />\n";
echo "<span class=form>I have read and agree to the Terms of Use (below)</span><span class=formright><input type=checkbox id=agree name=agree></span><br class=form />\n";
echo "<div class=submit><input type=submit value=\"Request Account\"></div>\n";
echo "</form>\n";
echo "<h4>Terms of Use</h4>\n";
echo "<p><em>This software is made available with <strong>no warranty</strong> and <strong>no guarantees</strong>. The ";
echo "server or software might crash or mysteriously lose all your data. Your account or this service may be terminated without warning. ";
echo "No official support is provided. </em></p>\n";
echo "<p><em>Copyrighted materials should not be posted or used in questions without the permission of the copyright owner. You shall be solely ";
echo "responsible for your own user created content and the consequences of posting or publishing them. This site expressly disclaims any and all liability in ";
echo "connection with user created content.</em></p>";
showNewUserValidation('newinstrform',$required);
require("footer.php");
?>