<?php //$Id: addagent.php,v 2.19 2010-06-19 22:36:04 pat Exp $
//DON'T MESS WITH ANY OF THIS!
session_start();
if (file_exists("common.php")) {
include("common.php");
}
else {
echo "Unable to find configuration file common.php <br />
<a href=\"install30.php\">
Perhaps you need to run install30.php</a> ? <br />";
return;
}
$link = getdb();
$login = new user_login();
$install_path = config_options('install_path');
$baseurl = config_options('baseurl');
if (config_options('debug') == 'y')
include("$admin_path/debug.php");
/* if (config_options('hide_user') == 'y')
{
$user_entry = 'password';
}
else
{
$user_entry = 'text';
}
if (config_options('hide_pw') == 'y')
{
$pw_entry = 'password';
}
else
{
$pw_entry = 'text';
}
*/
//Highly beta code- gotta get the variables outta the array... hopefully in a 'nice' manner
//I really don't want to have to rewrite all of this code.
/*if (isset ($_SESSION))
{
$a = $_SESSION;
foreach ($a as $key=>$value)
{
$$key = $value;
}
}
$a = $_POST;
foreach ($a as $key=>$value)
{
$$key = slashquote($value);
if (isset($_POST['admin_user']))
{
$_SESSION["admin_user"] = slashquote($_POST['admin_user']);
$_SESSION["admin_password"] = slashquote($_POST['admin_password']);
}
}
*/
print "<!-- HERE BEGINNETH THE HEADER -->\r\n";
include("$install_path/templates/user_top.php");
//login authorization code
//Check for admin needed to setup user
/* if (config_options('require_admin') == 'y' &&
((!isset ($_SESSION['admin_user']) ||
$_SESSION['admin_user'] != $openadmin) ||
!isset($_SESSION['admin_password']) ||
$_SESSION['admin_password'] !=$openpassword))
{
echo "<p><form action = \"./addagent.php\" method=\"post\">Please enter the admin name and password:<p>
Login Name:<input type=$user_entry name=admin_user><p>
Password:<input type=$pw_entry name=admin_password><p>
<input type = submit value=\"Log In\"></form>";
}
*/
if (config_options('require_admin') == 'y')
$login->login('admin');
//ADD A RECORD
if (isset($_GET['action']) && $_GET['action']=="add" && isset($_POST))
{
$agent = slashquote($_POST['agent']);
$agentpass = slashquote($_POST['agentpass']);
$notes = slashquote($_POST['notes']);
$agentemail = slashquote($_POST['agentemail']);
$agenturl = slashquote($_POST['agenturl']);
$agentphone = slashquote($_POST['agentphone']);
$agentcell = slashquote($_POST['agentcell']);
$agentfax = slashquote($_POST['agentfax']);
$agenttitle = slashquote($_POST['agenttitle']);
$num_rows = 0;
//make sure there isn't another person by that name
$sql = "SELECT agent FROM ".$table_prefix."agents WHERE agent = '$agent'";
$output = mysql_query($sql,$link);
$num_rows = mysql_num_rows($output);
if ($num_rows > 0)
{
print "There is already an agent by that name. Please try another name.<P>";
}
elseif ($agent == "")
{die ("<P>Please Enter A Name!<P><FORM><INPUT TYPE=\"BUTTON\" VALUE=\"BACK\" onClick=\"history.back()\"></FORM>");}
elseif ($agentpass == "")
{die ("<P>Please Enter A Password!<P><FORM><INPUT TYPE=\"BUTTON\" VALUE=\"BACK\" onClick=\"history.back()\"></FORM>");}
elseif ($agentemail == "")
{die ("<P>Please Enter an Email Address!<P><FORM><INPUT TYPE=\"BUTTON\" VALUE=\"BACK\" onClick=\"history.back()\"></FORM>");}
else
//success! Go ahead and add the account.
{
//handles the input for the database
if (config_options('linefeeds') == 'y')
{
$notes = nl2br($notes);
}
$query = "INSERT INTO ".$table_prefix."agents (agent, agentpass, agenturl, agentemail, notes, agentphone, agentcell, agentfax, agenttitle) values ( '$agent', '$agentpass', '$agenturl', '$agentemail', '$notes', '$agentphone', '$agentcell', '$agentfax', '$agenttitle')";
if (!mysql_query ($query, $link) )
{
die (mysql_error());
}
echo "Your account has been added...
<BR />Your login is: $agent
<BR />Your password is $agentpass
<br />Now, you may <a href=\"$baseurl/agentadmin.php\">login</a> and manage your properties.";
}
}
else
{
print "<table border=0 cellspacing=0 cellpadding=0 width=580><tr><td>";
print "<font face=\"arial,ms sans serif\" size=3><b>Create Agent Account</b></font>";
print "</td></tr></table><P>";
Print "<font face=\"arial,ms sans serif\" size=2><P>";
print "<form name=\"addagent\" action=\"$baseurl/addagent.php?action=add\" method=post>";
print "<table width=580 border=0 cellpadding=3>";
print "<tr><td align=right><font color=red><B>*</b></font>Name:</td><td align=left> <input type=\"text\" name=\"agent\"></td></tr>";
print "<tr><td align=right><font color=red><B>*</b></font>Password:</td><td align=left> <input type=\"text\" name=\"agentpass\"></td></tr>";
print "<tr><td align=right><font color=red><B>*</b></font>Email:</td><td align=left> <input type=\"text\" name=\"agentemail\"> ";
print "<tr height=5><td align=right></td><td align=left></td></tr>";
print "<tr><td align=right>Title:</td><td align=left> <input type=\"text\" name=\"agenttitle\"></td></tr>";
print "<tr><td align=right>Phone:</td><td align=left> <input type=\"text\" name=\"agentphone\"></td></tr>";
print "<tr><td align=right>Mobile:</td><td align=left> <input type=\"text\" name=\"agentcell\"></td></tr>";
print "<tr><td align=right>Fax:</td><td align=left> <input type=\"text\" name=\"agentfax\"></td></tr>";
print "<tr><td align=right>Homepage:</td><td align=left> <input type=\"text\" name=\"agenturl\"></td></tr>";
print "<tr><td align=right>About you:</td><td align=left> <textarea name=\"notes\" rows=4 cols=80></textarea></td></tr>";
print "<tr height=5><td align=right></td><td align=left></td></tr>";
print "<tr><td align=right></td><td align=left><font size=2>(<font color=red><B>*</b></font> Required Field)</font></td></tr>";
print "</table>";
print "<P>";
print "<input type=submit value=\"SAVE\"></form>";
print "<font size=2>You can add images to your personal seller homepage once you create an account</font><BR>";
}
//print the footer
print"\r\n<!-- THUS ENDETH THE MAIN CONTENT -->\r\n<!-- HERE BEGINNETH THE FOOTER -->";
include("$install_path/templates/user_bottom.php");
?>