All fields marked * are mandatory"); }else{ // add operator $OPERATOR_username = $_POST["username"]; $OPERATOR_firstname = $_POST["firstname"]; $OPERATOR_lastname = $_POST["lastname"]; $OPERATOR_email = $_POST["email"]; $OPERATOR_level = $_POST["level"]; $OPERATOR_autosave = $_POST["autosave"]; $OPERATOR_usepic = $_POST["usepic"]; // Check to see if operator exists $result_search = DATABASE_query("SELECT * FROM ".$DB_prefix."departments"); while($search = DATABASE_fetch($result_search)){ $SEARCH_operator = $search["operator"]; if($SEARCH_operator == $OPERATOR_username){ $ADD_error = "Operator already exists"; } } if(isset($_POST["password"]) && $_POST["password"] == $_POST["passworda"]){ $OPERATOR_password = $_POST["password"]; }else{ $ADD_error = "Passwords do not match"; } // Make sure the image is not corrupted by magic quotes set_magic_quotes_runtime(0); // Get the icon data if(isset($_FILES["pic"]) && $_FILES["pic"] !== "" && $_FILES["pic"]["size"] !== 0){ $imagefile = $_FILES["pic"]["tmp_name"]; $imagesize = $_FILES["pic"]["size"]; $imagename = $_FILES["pic"]["name"]; $imagetype = $_FILES["pic"]["type"]; $image = fopen($imagefile, "rb"); $imageblob = base64_encode(fread($image, filesize($imagefile))); }else{ $imagefile = "operator.gif"; $imagetype = "image/gif"; $image = fopen("operator.gif", "rb"); $imageblob = base64_encode(fread($image, filesize("operator.gif"))); } // Inrset icon into the database if(!isset($ADD_error)){ $OPERATOR_password = md5($OPERATOR_password); DATABASE_query("INSERT INTO ".$DB_prefix."operators (operator,password,level,email,firstname,lastname,imageblob,imagetype,autosave,usepic) VALUES ('$OPERATOR_username','$OPERATOR_password','$OPERATOR_level','$OPERATOR_email','$OPERATOR_firstname','$OPERATOR_lastname','$imageblob','$imagetype','$OPERATOR_autosave','$OPERATOR_usepic')"); echo("
Operator added. Please assign this operator to a department to make the account active
"); }else{ echo("
".$ADD_error."
"); } fclose($image); // Put magic quotes back as they were set_magic_quotes_runtime(get_magic_quotes_gpc()); $result_dep = DATABASE_query("SELECT * FROM ".$DB_prefix."departments GROUP BY department"); while($fetch = DATABASE_fetch($result_dep)){ $DEPARTMENT_name = $fetch["department"]; $DEPARTMENT_name = str_replace(" ", "+", $DEPARTMENT_name); $DEPARTMENT_email = $fetch["email"]; $DEPARTMENT_update = $_POST[$DEPARTMENT_name]; $DEPARTMENT_poll = $_POST["poll".$DEPARTMENT_name]; $DEPARTMENT_name = str_replace("+", " ", $DEPARTMENT_name); $DEPARTMENT_update = str_replace("+", " ", $DEPARTMENT_update); $DEPARTMENT_poll = str_replace("+", " ", $DEPARTMENT_poll); if($DEPARTMENT_poll == ""){ $result_poll = DATABASE_query("SELECT * FROM ".$DB_prefix."departments WHERE department='$DEPARTMENT_name' AND poll NOT NULL ORDER BY poll DESC LIMIT 1"); if($find = DATABASE_fetch($result_poll)){ $DEPARTMENT_lastpoll = $find["poll"]; $DEPARTMENT_poll = $DEPARTMENT_lastpoll + 1; }else{ $DEPARTMENT_poll = 0; } } if($DEPARTMENT_update == 1){ DATABASE_query("INSERT INTO ".$DB_prefix."departments (operator,department,poll,email) VALUES ('$OPERATOR_username','$DEPARTMENT_name','$DEPARTMENT_poll','$DEPARTMENT_email')"); } } } }else{ $ADD_showform = 1; } if($ADD_showform == 1){ ?>
* Username
* Password
* Password Again
* First Name
* Last Name
* E-Mail
Picture (50 x 50px)
* Display Operator's Picture Yes    No
* Admin Privileges Yes    No
* Autosave Transcripts Yes    No
Departments \n"); } if($OPERATOR_depfound !== 1){ echo("\n"); } ?>
  ".$OPERATOR_department."
 No departments found