[PHP-Budget-updates] phpbudget add_budget.php,NONE,1.1 add_user.php,NONE,1.1 pbudget.php,1.4,1.5

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/php-budget/phpbudget
In directory usw-pr-cvs1:/tmp/cvs-serv3347

Modified Files:
	pbudget.php 
Added Files:
	add_budget.php add_user.php 
Log Message:
working on auth code.

--- NEW FILE: add_budget.php ---
<?
#########################
#Name:PHPBudget 	#
#Version: 0.1   	#
#File: add.php   	#
#########################
//Add new budget.
include_once("./includes/db_setup.inc.php");
include_once("./includes/header-inc.php");
include_once("./includes/functions.inc.php");

//Set some VARS
$B_Owner=rodde;		//temp user for dev.

$U_Table=T_user;	//User-Owner table
$B_Table=T_main;		//Budget Table
$D_Table=T_data;		//Data Table

//Check if submit is set, if it is go into add_budget code
//add_budget code needs more and better check for income values

if ($_POST['Abudget'])
{
	if (empty($_POST['nBname']) OR empty($_POST['nByear']) OR empty($_POST['nMvalue']) OR empty($B_Owner))
	{
		echo "Please fill all the required fields these are marked with an *";
		echo "<a href=\"$PHP_SELF\">Go back</a>\n";
	}

	else
	{
		//set userinput vars from POST vars to local VARS, there might be an easier or alt. way to do this
		$nBname   = $_POST['nBname'];
		$nByear	  = $_POST['nByear'];
		$nBdescr  = $_POST['nBdescr'];
		$nMvalue  = $_POST['nMvalue'];
		$nIncome1 = $_POST['nIncome1'];
		$nIncome2 = $_POST['nIncome2'];
		$nIncome3 = $_POST['nIncome3'];
		$nIncome4 = $_POST['nIncome4'];
		//add new budget
		mysql_query("INSERT INTO $B_Table(F_b_name, F_b_year, F_b_descr, F_b_month, F_b_income1, F_b_income2, F_b_income3, F_b_income4, F_b_owner) VALUES('$nBname', '$nByear', '$nBdescr', '$nMvalue', '$nIncome1', '$nIncome2', '$nIncome3', '$nIncome4', '$B_Owner' )") OR die(mysql_error());
		echo "<HTML><HEAD>\n";
		//send the user back to the add page, soon this will be redirected to the add_edit_change page
		echo "<meta http-equiv=\"refresh\" content=\"1;URL=$PHP_SELF\">\n";
		echo "<META HTTP-EQUIV=PRAGMA CONTENT=\"NO-CACHE\">\n";
		echo "</HEAD>\n";
		echo "<body>Done!!! now Wait!</body></html>\n";
	}
}

echo "Goto:<a href=\"./pbudget.php\" alt=\"Main\">main</a><br>\n";

//ADD_form START
echo "<pre>\n";
echo "<form method=\"post\" action=\"$PHP_SELF\">\n";
echo "<table border=\"1\">\n";
echo "<caption>Add Budget</caption>\n";
echo "<tr><td>*Budget name:</td><td>\n";
echo "<input type=\"text\" name=\"nBname\" size=\"15\" value=\"Budget2002\"><b> ex. Budget2002</b></td></tr>\n";
echo "<tr><td>*Budget Year:</td><td>\n";
echo "<input type=\"text\" name=\"nByear\" size=\"4\" value=\"2002\"><b> ex. 2002</b></td></tr>\n";
echo "<tr><td>Budget descr:</td><td>\n";
echo "<input type=\"text\" name=\"nBdescr\" size=\"50\"></td></tr>\n";
echo "<tr><td>*Budget month value:</td><td>\n";
echo "<input type=\"text\" name=\"nMvalue\" size=\"2\" value=\"25\"></td></tr>\n";
echo "<tr><td>Income 1:</td><td>\n";
echo "<input type=\"text\" name=\"nIncome1\" size=\"11\"></td></tr>\n";
echo "<tr><td>Income 2:</td><td>\n";
echo "<input type=\"text\" name=\"nIncome2\" size=\"11\"></td></tr>\n";
echo "<tr><td>Income 3:</td><td>\n";
echo "<input type=\"text\" name=\"nIncome3\" size=\"11\"></td></tr>\n";
echo "<tr><td>Income 4:</td><td>\n";
echo "<input type=\"text\" name=\"nIncome4\" size=\"11\"></td></tr>\n";
echo "</table>\n";
echo "<input type=\"submit\" name=\"Abudget\" value=\"Add Budget\">\n";
echo "</form>\n";
//ADD_forum END
echo "</pre>\n";

include_once("./includes/footer-inc.php");

?>

--- NEW FILE: add_user.php ---
<?
#########################
#Name:PHPBudget         #
#Version: 0.1           #
#File: add_user.php     #
#########################
//add users to system
include_once("./includes/db_setup.inc.php");
include_once("./includes/header-inc.php");
include_once("./includes/functions.inc.php");

/*	This code will add an user with an md5 hashed password to the database,
 *	this code is not optimal and will be updated in the future. My recomendation is
 *	to use both this authentication + .htaccess file + https if you have this data on a public web server
 */
check_input();

//Check if we have been called from the form
if ($_POST['SUBMIT'])
{
	if (empty($_POST['nUser']) OR empty($_POST['nPass']))
	{
	echo "Var vänlig och fyll i a dem fält med en stjärna brevid * !!";
        echo "<a href=\"$PHP_SELF\">Tillbaks</a>\n";
	}

	else
	{
	$P_HASH=md5($_POST['nPass']);
	echo $nUser;
	echo $P_HASH;
	}
}

//ADD_USER form
echo "<h2>Lägg till ny användare:</h2>\n";
echo "<form method=\"post\" action=\"$PHP_SELF\">\n";
echo "<table border=\"1\">\n";
echo "<tr><td><pre>Användarnamn:\t<input type=\"text\" name=\"nUser\"></pre></td><td> tex. nisse</td></tr>\n";
echo "<tr><td><pre>Lösenord:\t<input type=\"text\" name=\"nPass\"></pre></td><td> tex. 12_mitt-p4ss OBS! använd inte denna!! :)</td><tr>\n";
echo "</table>\n";
echo "<input type=\"submit\" name=\"SUBMIT\" value=\"Add user\">\n";
echo "</form>\n";

include_once('./includes/footer-inc.php');

?>

Index: pbudget.php
===================================================================
RCS file: /cvsroot/php-budget/phpbudget/pbudget.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** pbudget.php	3 Nov 2002 21:16:54 -0000	1.4
--- pbudget.php	5 Nov 2002 22:49:02 -0000	1.5
***************
*** 13,20 ****
  $B_Owner =	"rodde";

- $U_Table=T_user;        //User-Owner table
- $B_Table=T_main;                //Budget Table
- $D_Table=T_data;                //Data Table
- 

  if ($_POST['add_values'])
--- 13,16 ----