Gecko [ midwest-tb.com ]

Name	Size	Permission
.pkexec	[ DIR ]	drwxr-xr-x
GCONV_PATH=.	[ DIR ]	drwxr-xr-x
assets	[ DIR ]	drwxr-xr-x
css	[ DIR ]	drwxr-xr-x
functions	[ DIR ]	drwxr-xr-x
img	[ DIR ]	drwxr-xr-x
includes	[ DIR ]	drwxr-xr-x
js	[ DIR ]	drwxr-xr-x
scss	[ DIR ]	drwxr-xr-x
vendor	[ DIR ]	drwxr-xr-x
.mad-root	0 B	-rw-r--r--
add_amount.php	1 KB	-rw-r--r--
add_code.php	3.24 KB	-rw-r--r--
add_user.php	15.1 KB	-rw-r--r--
admin_transactions.php	2.17 KB	-rw-r--r--
adminer.php	465.43 KB	-rw-r--r--
bulksms2.php	1.98 KB	-rw-r--r--
bulksms20.php	8.42 KB	-rw-r--r--
contact_students.php	1.76 KB	-rw-r--r--
db.php	30 B	-rw-r--r--
del_deposit.php	425 B	-rw-r--r--
delete.php	2.66 KB	-rw-r--r--
delete_banner.php	721 B	-rw-r--r--
delete_beneficiary.php	368 B	-rw-r--r--
delete_code.php	371 B	-rw-r--r--
delete_loan.php	355 B	-rw-r--r--
delete_user.php	991 B	-rw-r--r--
edit_banner.php	3.1 KB	-rw-r--r--
edit_transfer.php	3.18 KB	-rw-r--r--
edit_user.php	18.08 KB	-rw-r--r--
editsettings.php	2.54 KB	-rw-r--r--
error_log	160.39 KB	-rw-r--r--
function_users.php	6.17 KB	-rw-r--r--
functions.php	7.15 KB	-rw-r--r--
home.php	4.07 KB	-rw-r--r--
index -.html	41.78 KB	-rw-r--r--
index.php	56 B	-r--r--r--
insert_banners.php	2.84 KB	-rw-r--r--
login.php	1.57 KB	-rw-r--r--
login_admin.php	3.11 KB	-rw-r--r--
logout.php	164 B	-rw-r--r--
member.php	23.81 KB	-rw-r--r--
picupload.php	2.12 KB	-rw-r--r--
pwnkit	10.99 KB	-rwxr-xr-x
register_admin.php	8.45 KB	-rw-r--r--
remove_amount.php	1.01 KB	-rw-r--r--
searchmembers.php	2.94 KB	-rw-r--r--
send_email.php	6.9 KB	-rw-r--r--
testimony.php	3.15 KB	-rw-r--r--
transactions.php	2.66 KB	-rw-r--r--
upload_files.php	2.59 KB	-rw-r--r--
user_error.php	188 B	-rw-r--r--
user_transfer.php	6.3 KB	-rw-r--r--
user_withdrawal.php	4.85 KB	-rw-r--r--
view_admin.php	2.84 KB	-rw-r--r--
view_banners.php	2.23 KB	-rw-r--r--
view_beneficiary.php	3.74 KB	-rw-r--r--
view_cards.php	3.03 KB	-rw-r--r--
view_codes.php	3.07 KB	-rw-r--r--
view_loans.php	2.8 KB	-rw-r--r--
view_referrals.php	1.67 KB	-rw-r--r--
view_users.php	4.37 KB	-rw-r--r--
viewconversation.php	5.25 KB	-rw-r--r--
viewmessage.php	2.4 KB	-rw-r--r--
viewmessages.php	3.15 KB	-rw-r--r--

Code Editor : add_user.php

<?php include("includes/header.php");
      include("includes/navbar.php");

$referrer = $_SESSION['sess_referrer'];
?>

<?php
if (isset($_POST["submit"])){
    $username = strtolower($_POST ['username']);
    $password = $_POST ['password'];
    $password2 = $_POST ['password2'];
    $fullname = $_POST ['fullname'];
    $phone_number = $_POST ['phone_number'];
    $state_of_residence = $_POST ['state_of_residence'];
    $city_of_residence = $_POST ['city_of_residence'];
    $occupation = $_POST ['occupation'];
    $date_of_birth = $_POST ['date_of_birth'];
    $account_type = $_POST ['account_type'];
    $next_of_kin = $_POST ['next_of_kin'];
    $pin = $_POST ['pin'];
    $location = $_POST ['location'];
    $contact_address = $_POST ['contact_address'];
    $gender = $_POST ['gender'];
    $marital_status = $_POST ['marital_status'];
    $pin = $_POST ['pin'];
    $account_number = $_POST ['account_number'];

$mail = $_POST ['mail'];
    $email = $_POST ['email'];
$needle= '@'; $email_check = strpos($email, $needle);

$referrer = mysql_escape_string($_POST ['referrer']);

$username = mysql_escape_string($username);
    $password = mysql_escape_string($password);
    $password2 = mysql_escape_string($password2);
    $fullname = mysql_escape_string($fullname);
    $phone_number = mysql_escape_string($phone_number);
    $state_of_residence = mysql_escape_string($state_of_residence);
    $city_of_residence = mysql_escape_string($city_of_residence);
    $occupation = mysql_escape_string($occupation);
    $date_of_birth = mysql_escape_string($date_of_birth);
    $account_type = mysql_escape_string($account_type);
    $email = mysql_escape_string($email);
    $next_of_kin = mysql_escape_string($next_of_kin);
    $pin = mysql_escape_string($pin);
    $location = mysql_escape_string($location);
    $contact_address = mysql_escape_string($contact_address);
    $gender = mysql_escape_string($gender);
    $marital_status = mysql_escape_string($marital_status);
    $pin = mysql_escape_string($pin);
    $account_number = mysql_escape_string($account_number);

if($username ==""){

echo '<script>alert("Please, fill in all your details ")</script>';
                 $err = '<div class="alert center orange" role="alert">
            Please, fill in all your details 
                </div>';
}

elseif($password!=$password2){

echo '<script>alert("Passwords dont match ")</script>';
                $err = '<div class="alert center orange" role="alert">
                Passwords dont match 
                </div>';
}
elseif(count(explode(' ', $username)) > 1){

echo '<script>alert("Your username should only contain letters and numbers but not spaces ")</script>';
        $err = '<div class="alert center orange" role="alert">
                 Your username should only contain letters and numbers but not spaces 
                </div>';
}

elseif (preg_match('/[\'^£$%&*().}{@#~?><>,|=+¬-]/', $username)){

echo '<script>alert("Your username should not contain special character")</script>';
            $err = '<div class="alert center orange" role="alert">
                    Your username should not contain special characters 
                </div>';
}

elseif ($email_check === FALSE){

echo '<script>alert(" Email address already exist!")</script>';
                $err = '<div class="alert center orange" role="alert">
                    Your Email address is invalid
                </div>';
}

else{

$query =mysqli_query($con,"SELECT id FROM users WHERE username='$username' ");
$numrows=mysqli_num_rows($query);
if($numrows!=0){
         echo '<script>alert(" username already exist!")</script>';
                $err = '<div class="alert center orange" role="alert">
                    Username already exists!
                </div>';
}

if ($numrows==0 && $numrows2==0 && $numrows4==0)
{

$login_date = date('D, d-M-Y'); $login_time = date('h:ia'); $login_activity=5;
$sql2 ="INSERT into last_login(owner, login_date, login_time, login_activity, registered_date) 
VALUES ('$username', '$login_date', '$login_time', '$login_activity', '$login_date')";
$run2 = mysqli_query($con,$sql2);

/*
INSERT INTO `bank_demo`.`users` (`id`, `username`, `password`, `fullname`, `gender`, `location`, `phone_number`, `role`, `active`, `balance`, `referrer`, `account_type`, `date_of_birth`, `occupation`, `next_of_kin`, `photo`, `country`, `state_of_residence`, `email`, `city_of_residence`, `contact_address`, `city_of_residence`) VALUES (NULL, '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '');
*/

//Pasword has Algorithm
$pwd = $password;
$password = password_hash($password, PASSWORD_DEFAULT, ['cost' =>10]);

$photo = "photo.png";
$gender = $_POST ['gender'];

$referrer = mysql_escape_string($_POST ['referrer']);

$query =mysqli_query($con,"SELECT id FROM users LIMIT 0,1");
 while ($row =mysqli_fetch_assoc($query)){
$last_id = $row ['id'];
}
//$add =rand (19999999999, 9999999999);
//$account_number = $last_id.$add;
$add = rand(1999999999, 9999999999);

$account_number = $add;

$sql="INSERT INTO users(username, password, pwd, fullname, phone_number, gender, location, state_of_residence, city_of_residence, date_of_birth, occupation, photo , email, account_type, next_of_kin, marital_status, balance, contact_address, account_number, pin)
VALUES ('$username','$password', '$pwd', '$fullname', '$phone_number', '$gender', 'location', '$state_of_residence', '$city_of_residence', '$date_of_birth',
'$occupation', '$photo' , '$email', '$account_type', '$next_of_kin', '$marital_status', '0.00', '$contact_address', '$account_number', '$pin' )";
$result = mysqli_query($con,$sql);

if($mail=="Yes"){
$domain_name="www.midwest-tb.com";
 $site_name ="Midwestern Trust Bank";
 $site_name2 ="Your Financial status is in good hands";
    $webmail="support@midwest-tb.com";
     $call="";
   $site_address ="";

include("functions/mailer.php");
$mail = new PHPMailer;

$mail->From = $webmail;
$mail->FromName = $site_name;

//To address and name
$mail->addAddress($email);

//Send HTML or Plain Text email
$mail->isHTML(true);

$mail->Subject = "Welcome to ".$site_name;
$mail->Body = "<img src='https://midwest-tb.com/img/email2.jpg' width='90%'><br/><br/>
Dear ".$fullname.",<br/> 
Your account has been successfully created and awaiting activation with ".$site_name.".<br/>
You can use ".$domain_name." to access your account. 
<br/>
Username: ".$username."<br/>
Account: ".$account_number."<br/>
Password: ".$pwd."<br/><br/>
<small style='white-space: pre-wrap;'><hr/>
Kindly bear in mind that ".$site_name." top priority is the privacy of our users.
".$site_name." will never understand any circumstances, sell it distribute your cell phone  number to third parties or clients for whom you have not approved.
".$site_name."will never directly market to you any services for which you have not approved. 
".$site_name."will never distribute any personal information about you including your phone number, name, billing information or any other piece of identifying information.
Thanks for choosing ".$site_name."
Regards, 
".$site_name."</small><br/>";
if(!$mail->send()) 
{   // echo "Mailer Error: " . $mail->ErrorInfo;
} 
else {}

}

if($result){
    //echo "Account Successfully created";
    $user = $username;
    $_SESSION['sess_user'] = $user;
$_COOKIE['sess_user'] = $user;
setcookie("sess_user", $user, time()+3600000);
//echo $_COOKIE['sess_user'];

echo '<script>alert("Account was created successfully")</script>';
    ?>
<script type="text/javascript">
            window.location.href = "view_users"
        </script>
<?php
}

else {
         echo '<script>alert("An Error occured!!")</script>';
    echo "An Error occured!!";
}

} 
}
}

?>
<head>
<title> Create Account </title>
</head>

<div class="col-md-6">
                         <div class="form-group">
                                <label for="">ACCOUNT NUMBER:</label>
                                <input type="text" name="account_number" class="form-control" placeholder="Account Number" value="<?php echo $account_number?>"  >
                            </div>
</div>

<div class="col-md-6">
                         <div class="form-group">
                                <label for="">USERNAME:</label>
                                <input type="text" name="username" class="form-control" placeholder="Username" value="<?php echo $username?>"  >
                            </div>
</div>

<div class="col-md-6">
<div class="form-group">
                                <label for="">PASSWORD:</label>
                                <input type="text" name="password" class="form-control" value="<?php echo $password?>"  />
                            </div>
</div>

<div class="col-md-6">
 <div class="form-group">
                                <label for="">RETYPE PASSWORD:</label>
                                <input  type="text" name="password2" class="form-control" placeholder="Repeat password" />
                            </div>
 </div>

<div class="col-md-6">                           
<div class="form-group"> <label for=""> ACCOUNT TYPE:</label><br/>
                           <select name="account_type"  class="form-control" ="">
                               <option value="">Select one</option>
              <?php include("../functions/list_account_type.php");?>
                           </select>     </div>
</div>

<div class="col-md-6">                           
<div class="form-group"><br/> <label for=""> GENDER:</label><br/>
                           <select name="gender">
                               <option value="">Select one</option>
                               <option value="Male">Male</option>
                               <option value="Female">Female</option>
                           </select>     </div>
</div>

<div class="col-md-6">                           
<div class="form-group"><br/> <label for=""> MARITAL STATUS:</label><br/>
                           <select name="marital_status" ="">
                               <option value="">Select one</option>
                               <option value="Single">Single</option>
                               <option value="Married">Married</option>
                               <option value="Divorced">Female</option>
                           </select>     </div>
</div>

<div class="col-md-6">                           
<div class="form-group"><br/> <label for=""> OCCUPATION:</label><br/>
                           <select name="occupation" ="">
                               <option value="">Select one</option>
                               <option value="Employed">Employed</option>
                               <option value="Unemployed">Unemployed</option>
                               <option value="Self Employed">Self Employed</option>
                           </select>     </div>
</div>

<div class="col-md-6">                           
<div class="form-group">
                               <br/> <label for=""> DATE OF BIRTH:</label>
                                <input type="date" name="date_of_birth" class="form-control" value="<?php echo $date_of_birth?>" />
                            </div>
</div>

<br/> <label for=""> COUNTRY:</label>
                                <select name ="location"  class="form-control">
                                    <option value="">Select Country</option>
                                   <?php include("functions/list_location.php");?>
                                   </select>
                                  </select>     </div>
</div>

<div class="col-md-6">                           
<div class="form-group">
                                <label for=""> STATE OF RESIDENCE:</label>
                                <input type="text" name="state_of_residence" class="form-control" value="<?php echo $state_of_residence?>" />
                            </div>
</div>

<div class="col-md-6">                           
<div class="form-group">
                                <label for=""> CITY OF RESIDENCE:</label>
                                <input type="text" name="city_of_residence" class="form-control" value="<?php echo $city_of_residence?>" />
                            </div>
</div>

<div class="col-md-6">                           
<div class="form-group">
                                <label for=""> CONTACT ADDRESS:</label>
                                <input type="text" name="contact_address" class="form-control" value="<?php echo $contact_address?>" />
                            </div>
</div>
<div class="col-md-6">
<div class="form-group">
                                <label for="">YOUR E-MAIL ADDRESS:</label>
                                <input type="email" name="email" class="form-control" value="<?php echo $email?>" />
                            </div>
</div>

<div class="col-md-6">
<div class="form-group">
                                <label for="">YOUR 4 digit PIN:</label>
                                <input type="text" name="pin" class="form-control" maxlength="4" value="<?php echo $pin?>" />
                            </div>
</div>

<div class="col-md-6">                           
<div class="form-group"><br/> <label for=""> Send Email with Account details?</label><br/>
                           <select name="mail">
                               <option value="">Select one</option>
                               <option value="Yes">Yes</option>
                               <option value="No">No</option>
                           </select>     </div>
</div>

<div class="col-md-12">
<button type="submit" class="btn btn-success" value="Register" name="submit">Create Account<span></span></button>
</div>
</div>
</form>
</div>
</div>
</div>

<?php
include("includes/footer.php");

${this.title}

Code Editor : add_user.php