i am currently creating a admin add user page where admin can add users by filling up forms like the register form but this time i use my own code for a simple change..
but my problem is after successfuly added new user...my current session automatically logout itself...here is my code
but my problem is after successfuly added new user...my current session automatically logout itself...here is my code
- Code:
<?php
if(isset($_POST['subjoin']))
{
$time = time();
$username = $_POST['user'];
$firstname = $_POST['name'];
$pw = $_POST['pass'];
$email = $_POST['email'];
$userlevel = $_POST['addlevel'];
$regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
."\.([a-z]{2,}){1}$";
$email = stripslashes($email);
$firstname = stripslashes($firstname);
$pw = stripslashes($pw);
$username = stripslashes($username);
if(!$username || strlen($username = trim($username)) == 0){
echo "<font size=\"2\" color=\"#ff0000\">* Username not entered</font>";
}
else if(strlen($username) < 5){
echo "<font size=\"2\" color=\"#ff0000\">* Username below 5 characters</font>";
}
else if(strlen($username) > 20){
echo "<font size=\"2\" color=\"#ff0000\">* Username above 20 characters</font>";
}
else if(!eregi("^([0-9a-z])+$", $username)){
echo "<font size=\"2\" color=\"#ff0000\">* Username not alphanumeric</font>";
}
else if(strcasecmp($username, GUEST_NAME) == 0){
echo "<font size=\"2\" color=\"#ff0000\">* Username reserved word</font>";
}
else if($database->usernameTaken($username)){
echo "<font size=\"2\" color=\"#ff0000\">* Username already in use</font>";
}
else if($database->usernameBanned($username)){
echo "<font size=\"2\" color=\"#ff0000\">* Username banned</font>";
}
if(!$pw){
echo "<br><font size=\"2\" color=\"#ff0000\">* Password not entered</font>";
}
else if(strlen($pw) < 4){
echo "<br><font size=\"2\" color=\"#ff0000\">* Password too short</font>";
}
else if(!eregi("^([0-9a-z])+$", ($pw = trim($pw)))){
echo "<br><font size=\"2\" color=\"#ff0000\">* Password not alphanumeric</font>";
}
if(!$email || strlen($email = trim($email)) == 0){
echo "<br><font size=\"2\" color=\"#ff0000\">* Email not entered</font>";
}
else if(!eregi($regex,$email)){
echo "<br><font size=\"2\" color=\"#ff0000\">* Email invalid</font>";
}
$password = md5($pw);
$query = "insert into users values('$username', '$password',0, $userlevel,'$email', '$firstname',$time)";
$result = mysql_query($query) or die ('Could not add'.mysql_error());
if($result)
{
echo "success";
}
else{
echo "failed";
}
}
else{
?>
<div class="title_box">Add User</div><br />
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td width="100%" valign="top" class="content_text">
<form action="<?php echo $_SERVER[PHP_SELF] ?>" method="POST">
<table align="left" border="0" cellspacing="0" cellpadding="3" class="content_text">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30" value=""></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30" value=""></td></tr>
<tr><td>Email:</td><td><input type="text" name="email" maxlength="50" value=""></td></tr>
<tr><td>Level User:</td><td><select name="addlevel">
<option value="1">Normal User
<option value="7">Team K-THX-BAI
<option value="8">Team Keyboard Warriors
<option value="9">Admin
</select>
</td></tr>
<tr><td colspan="2" align="right">
<input type="hidden" name="subjoin" value="1">
<input type="submit" value="Add New User"></td></tr>
</table>
</form>
</td>
</tr>
</table>
</div>
<br />