-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathcreateuser_admin.php
113 lines (98 loc) · 2.33 KB
/
createuser_admin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
<?php
error_reporting(0);
//Database Connection
define('INCLUDE_CHECK', true);
require 'connect.php';
//json decode the values recieved
$_POST = json_decode(file_get_contents('php://input'), true);
//Params passed or not
if(!isset($_POST['code'])){
$output = array(
"status" => false,
"error" => "code is not set",
"errorCode" => "102",
"response" => ""
);
die(json_encode($output));
}
if(!isset($_POST['name'])){
$output = array(
"status" => false,
"error" => "Name is not set",
"errorCode" => "102",
"response" => ""
);
die(json_encode($output));
}
if(!isset($_POST['contact'])){
$output = array(
"status" => false,
"error" => "contact is not set",
"errorCode" => "102",
"response" => ""
);
die(json_encode($output));
}
if(!isset($_POST['password'])){
$output = array(
"status" => false,
"error" => "password is not set",
"errorCode" => "102",
"response" => ""
);
die(json_encode($output));
}
//assign the values to local varibles
$code=$_POST['code'];
$name=$_POST['name'];
$password=$_POST['password'];
$contact=$_POST['contact'];
//params validation
//name
if(!preg_match("(^[A-Za-z\s]{1,}[\.]{0,1}[A-Za-z\s]{0,}$)", $name)){
$output = array(
"status" => false,
"error" => "Name is invalid",
"errorCode" => "101",
"response" => ""
);
die(json_encode($output));
}
//password
if(!preg_match("((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{6,20})", $password)){
$output = array(
"status" => false,
"error" => "Password is invalid",
"errorCode" => "101",
"response" => ""
);
die(json_encode($output));
}
//check if the user already exists
$clash = false;
$admin=mysql_query("SELECT `code`, `name`, `password`, `lastLogin`, `contact` FROM `dash_admins` WHERE `code`='{$code}'");
while($row = mysql_fetch_assoc($admin)){
$clash=true;
$output = array(
"status" => false,
"error" => "Admin already Exists",
"errorCode" => "201",
"response" => ""
);
die(json_encode($output));
}
//add Admin to database
if(!$clash){
mysql_query("INSERT INTO `dash_admins`(`code`, `name`, `password`, `lastLogin`, `contact`) VALUES ('{$code}','{$name}','{$password}','','{$contact}')");
$response = array(
"message" => "Admin was created sucessfully"
);
$output = array(
"status" => true,
"error" => "",
"errorCode" => "",
"response" => $response
);
echo json_encode($output);
}
?>