2 /************************************************************************
\r
3 * MXChange v0.2.1 Start: 04/12/2004 *
\r
4 * ================ Last change: 04/18/2004 *
\r
6 * -------------------------------------------------------------------- *
\r
7 * File : what-admins_add.php *
\r
8 * -------------------------------------------------------------------- *
\r
9 * Short description : Add new administrator account *
\r
10 * -------------------------------------------------------------------- *
\r
11 * Kurzbeschreibung : Neues Administrator-Account anlegen *
\r
12 * -------------------------------------------------------------------- *
\r
14 * -------------------------------------------------------------------- *
\r
15 * Copyright (c) 2003 - 2007 by Roland Haeder *
\r
16 * For more information visit: http://www.mxchange.org *
\r
18 * This program is free software; you can redistribute it and/or modify *
\r
19 * it under the terms of the GNU General Public License as published by *
\r
20 * the Free Software Foundation; either version 2 of the License, or *
\r
21 * (at your option) any later version. *
\r
23 * This program is distributed in the hope that it will be useful, *
\r
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
\r
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
\r
26 * GNU General Public License for more details. *
\r
28 * You should have received a copy of the GNU General Public License *
\r
29 * along with this program; if not, write to the Free Software *
\r
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
\r
31 * MA 02110-1301 USA *
\r
32 ************************************************************************/
\r
34 // Some security stuff...
\r
35 if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
\r
37 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
\r
40 // Add description as navigation point
\r
41 ADD_DESCR("admin", basename(__FILE__));
\r
45 // Display form is default
\r
48 if ((isset($_POST['add'])) && (!empty($_POST['login'])) && (!empty($_POST['email'])) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] == $_POST['pass2']))
\r
50 // Add admin when not added already
\r
51 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
\r
52 array($_POST['login']), __FILE__, __LINE__);
\r
53 if (SQL_NUMROWS($result) == 0)
\r
55 // Login does not exist so we can create it.
\r
57 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s', '%s', '%s')",
\r
58 array($_POST['login'], generateHash($_POST['pass1']), $_POST['email']), __FILE__, __LINE__);
\r
60 // Admin login saved
\r
61 LOAD_TEMPLATE ("admin_settings_saved", false, "<FONT class=\"admin_done\">".ADMIN_ADMINS_ADD_DONE."</FONT>");
\r
63 // Remove cache file
\r
64 if (EXT_IS_ACTIVE("cache"))
\r
66 if ($CACHE->cache_file("admins", true)) $CACHE->cache_destroy();
\r
72 SQL_FREERESULT($result);
\r
78 // Clear unset variables
\r
79 if (empty($_POST['login'])) $_POST['login'] = "";
\r
80 if (empty($_POST['email'])) $_POST['email'] = "";
\r
82 // Load form from template
\r
83 LOAD_TEMPLATE("admin_admins_add");
\r