3 include_once("auth.php");
4 include_once("header.php");
6 if($role != 0) { die("Account \"".$user_name."\" Is Not Authorized To View This Page.<br><br>This Event Will Be Logged And Reported."); }
8 $_GET["name"] = mysql_real_escape_string($_GET["name"]);
9 $_GET["email"] = mysql_real_escape_string($_GET["email"]);
10 $_GET["class"] = mysql_real_escape_string($_GET["class"]);
12 // insert new user into database
14 if($_GET['action'] == "add")
16 if ($_GET['name'] == "") { die("No Name Sent"); }
17 if ($_GET['email'] == "") { die("No E-mail Sent"); }
18 if ($_GET['class'] == "") { die("No Class Sent"); }
20 /* TODO: verify user not already listed */
22 /* add person to user's table */
24 $sql = 'insert into users values("","'.$_GET['email'].'",SHA1("password"),"'.$_GET['name'].'",0,1,1)';
26 $result = mysql_query($sql);
27 if (!$result) { die("SQL ERROR: User Add"); }
29 /* get new user's User ID */
30 $sql= 'select user_id from users where email="'.$_GET['email'].'" and name="'.$_GET['name'].'"';
32 $result = mysql_query($sql);
33 if (!$result) { die("SQL ERROR: Get User"); }
34 $row = mysql_fetch_array($result);
36 /* then add user to enrollment for class */
37 $sql = 'insert into enrollment values("", '.$_GET['class'].', '.$row['user_id'].')';
39 $result = mysql_query($sql);
40 if (!$result) { die("SQL ERROR: Enrollment"); }
43 /* get list of classes to select from */
44 $sql = 'select * from class';
45 $result = mysql_query($sql);
46 if (!$result) { die("SQL ERROR"); }
47 while($row = mysql_fetch_array($result))
50 <option value='.$row['class_id'].'>'.$row['class_name'].'</option>';
56 <form name
="input" action
="enrollment_new.php" method
="get">
57 <input name
="action" type
="hidden" value
="add">
58 <input name
="class" type
="hidden" value
="'.$_GET['class'].'">
59 Name
:<input name
="name"><br
><br
>
60 Email
:<input name
="email"><br
><br
>
61 Class:<select name
="class"><option
></option
><?php
echo $classes; ?
> </select
><br
><br
>
62 <input type
="submit" value
="Add" />
