Hi,
I’m creating a CMS for a website and in the most part its working. I want administrators to be able to set up new users. My code looks as follows (quit long, sorry):
<?php
require_once('library/Sentry.php');
$theSentry = new Sentry();
if (!$theSentry->checkLogin(2) ){ header("Location: login.php"); die(); }
if(isset($_POST['add']))
{
$firstname = $_POST['firstname'];
$surname = $_POST['surname'];
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$group = $_POST['group'];
if(!get_magic_quotes_gpc())
{
$firstname = addslashes($firstname);
$surname = addslashes($surname);
$username = addslashes($username);
$password = addslashes($password);
$email = addslashes($email);
$group = addslashes($group);
}
include 'library/config.php';
include 'library/opendb.php';
$query = "INSERT INTO cmsusers (user, pass, thegroup, firstname, surname, email, enabled) VALUES ('$username', (PASSWORD('$password')), '$group', '$firstname', '$surname', '$email',1)";
mysql_query($query) or die('Error ,query failed');
include 'library/closedb.php';
echo "User Added";
}
?>
<link rel="stylesheet" type="text/css" media="screen" href="css/screen.css" title="default" />
</head>
<body>
<form method="post">
<table width="600" border="0" align="center" cellpadding="0" cellspacing="1">
<tr><td><img src="images/head_logo.jpg"></td></tr>
</table>
<table width="674" border="0" align="center" cellpadding="5" cellspacing="1">
<tr><td colspan="3" id="breadcrumb">Insert Breadcrumb nav here</td></tr>
<tr align="center" bgcolor="#ffffff">
<td width="150" id="nav" rowspan="20" align="left">
<h2>content</h2>
<ul class="menu">
<li><a href="news.php">news</a></li>
<li><a href="index.php">pages</a></li>
<li><a href="addpage.php">Add Page</a></li>
<li><a href="documents.php">documents</a></li>
<li><a href="images.php">images</a></li>
<li><a href="shows.php">shows</a></li>
</ul>
<h2>Users</h2>
<ul class="menu">
<li><a href="useradd.php">add user</a></li>
<li><a href="#">update user</a></li>
</ul>
<h2>actions</h2>
<ul class="menu">
<li><a href="site" target="_blank">View Live Site</a></li>
<li><a href="login.php?action=logout">Logout</a></li>
</ul>
</td>
</tr>
<tr>
<td id="headers" align="right">
Firstname:</td>
<td align="left"><input name="firstname" type="text" class="box" id="firstname"></td>
</tr>
<tr>
<td id="headers" align="right">Surname:</td>
<td align="left"><input name="surname" type="text" class="box" id="surname"></td>
</tr>
<tr>
<td id="headers" align="right">
Username:
</td>
<td align="left"><input name="username" type="text" class="box" id="username"></td>
</tr>
<tr>
<td valign="top" align="right" id="headers">Password:</td>
<td align="left" valign="top"><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td valign="top" id="headers" align="right">Email:</td>
<td align="left" valign="top"><input name="email" type="text" class="box" id="email"></td>
</tr>
<tr>
<td valign="top" align="right" id="headers">Group</td>
<td valign="top"><select name="group">
<option value="1">1 - Admin</option><option value="2">2 - Manager</option><option value="3">3 - Section Editor</option><option value="4">4 - </option><option value="5">5 - Editor</option><option value="6">6 - </option><option value="7">7 - </option><option value="8">8 - </option><option value="9">9 - Registered</option><option value="10">10 - Anonymous</option> </select></td>
</tr>
<tr>
<td colspan="2" align="center" valign="top"><input name="add" type="submit" class="box" id="add" value="Add"></td>
</tr>
</table>
</form>
</body>
</html>
My problem is, that it goes into the database fine, but the password doesn’t work. Each one entered using this form has a * before the encrypted string of numbers etc, but the one i have that works doesn’t. Any ideas???
Thanks!!
Phil
