1 files changed, 64 insertions, 53 deletions

diff --git a/actions/useradd.php b/actions/useradd.php
index e6e071f01..17459021b 100644
--- a/actions/useradd.php
+++ b/actions/useradd.php
@@ -1,58 +1,69 @@
 <?php
+/**
+ * Elgg add action
+ *
+ * @package Elgg
+ * @subpackage Core
+ */
 
-	/**
-	 * Elgg add action
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
-
-	require_once(dirname(dirname(__FILE__)) . "/engine/start.php");
-
-	admin_gatekeeper(); // Only admins can make someone an admin
-	action_gatekeeper();
-	
-	// Get variables

-	global $CONFIG;
-	$username = get_input('username');
-	$password = get_input('password');
-	$password2 = get_input('password2');
-	$email = get_input('email');
-	$name = get_input('name');
-	
-	$admin = get_input('admin');
-	if (is_array($admin)) $admin = $admin[0];
-	
-	// For now, just try and register the user
-	try {
-		if (
-			(
-				(trim($password)!="") &&
-				(strcmp($password, $password2)==0) 
-			) &&
-			($guid = register_user($username, $password, $name, $email, true))
-		) {
-			$new_user = get_entity($guid);
-			if (($guid) && ($admin))
-				$new_user->admin = 'yes';
-			
-			$new_user->admin_created = true;
-			

-			

-			notify_user($new_user->guid, $CONFIG->site->guid, elgg_echo('useradd:subject'), sprintf(elgg_echo('useradd:body'), $name, $CONFIG->site->name, $CONFIG->site->url, $username, $password));

-			
-			system_message(sprintf(elgg_echo("adduser:ok"),$CONFIG->sitename));
-		} else {
-			register_error(elgg_echo("adduser:bad"));
+elgg_make_sticky_form('useradd');
+
+// Get variables
+$username = get_input('username');
+$password = get_input('password', null, false);
+$password2 = get_input('password2', null, false);
+$email = get_input('email');
+$name = get_input('name');
+
+$admin = get_input('admin');
+if (is_array($admin)) {
+	$admin = $admin[0];
+}
+
+// no blank fields
+if ($username == '' || $password == '' || $password2 == '' || $email == '' || $name == '') {
+	register_error(elgg_echo('register:fields'));
+	forward(REFERER);
+}
+
+if (strcmp($password, $password2) != 0) {
+	register_error(elgg_echo('RegistrationException:PasswordMismatch'));
+	forward(REFERER);
+}
+
+// For now, just try and register the user
+try {
+	$guid = register_user($username, $password, $name, $email, TRUE);
+
+	if ($guid) {
+		$new_user = get_entity($guid);
+		if ($new_user && $admin && elgg_is_admin_logged_in()) {
+			$new_user->makeAdmin();
 		}
-	} catch (RegistrationException $r) {
-		register_error($r->getMessage());
+
+		elgg_clear_sticky_form('useradd');
+
+		$new_user->admin_created = TRUE;
+		// @todo ugh, saving a guid as metadata!
+		$new_user->created_by_guid = elgg_get_logged_in_user_guid();
+
+		$subject = elgg_echo('useradd:subject');
+		$body = elgg_echo('useradd:body', array(
+			$name,
+			elgg_get_site_entity()->name,
+			elgg_get_site_entity()->url,
+			$username,
+			$password,
+		));
+
+		notify_user($new_user->guid, elgg_get_site_entity()->guid, $subject, $body);
+
+		system_message(elgg_echo("adduser:ok", array(elgg_get_site_entity()->name)));
+	} else {
+		register_error(elgg_echo("adduser:bad"));
 	}
+} catch (RegistrationException $r) {
+	register_error($r->getMessage());
+}
 
-	forward($_SERVER['HTTP_REFERER']);
-	exit;
-?>
\ No newline at end of file
+forward(REFERER);