admin/34619-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34619-vm/admin/user_add.php
Flatlogic Bot 610097cac5 Auto commit: 2025-10-03T13:03:26.863Z
2025-10-03 13:03:26 +00:00

106 lines
4.1 KiB
PHP
Raw Blame History

<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
require_once __DIR__ . '/../includes/security.php';
$error_message = '';
$success_message = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!validate_csrf_token()) {
$error_message = 'CSRF token validation failed.';
} else {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if (empty($username) || empty($password)) {
$error_message = 'Please fill in all fields.';
} else {
try {
$pdo = db();
// Check if username already exists
$stmt = $pdo->prepare("SELECT id FROM users WHERE username = ?");
$stmt->execute([$username]);
if ($stmt->fetch()) {
$error_message = 'Username already taken.';
} else {
// Hash password and insert user
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$insert_stmt = $pdo->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
$insert_stmt->execute([$username, $hashed_password]);
header("Location: users.php?status=added");
exit;
}
} catch (PDOException $e) {
$error_message = "Database error: " . $e->getMessage();
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Add User - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<header class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0 shadow">
<a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="#">FormFlex Pro</a>
</header>
<div class="container-fluid">
<div class="row">
<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
<div class="position-sticky pt-3">
<ul class="nav flex-column">
<li class="nav-item"><a class="nav-link" href="index.php">Dashboard</a></li>
<li class="nav-item"><a class="nav-link" href="surveys.php">Surveys</a></li>
<li class="nav-item"><a class="nav-link active" aria-current="page" href="users.php">Users</a></li>
<li class="nav-item"><a class="nav-link" href="#">Settings</a></li>
</ul>
</div>
</nav>
<main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
<h1 class="h2">Add New User</h1>
</div>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error_message); ?></div>
<?php endif; ?>
<form method="POST" action="user_add.php" class="card p-3">
<?php echo csrf_input_field(); ?>
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<button type="submit" class="btn btn-primary">Add User</button>
<a href="users.php" class="btn btn-secondary mt-2">Cancel</a>
</form>
</main>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink