-if ((isset($_POST['add'])) && (!empty($_POST['login'])) && (!empty($_POST['email'])) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] == $_POST['pass2']))
-{
- // Add admin when not added already
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array($_POST['login']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0)
- {
- // Login does not exist so we can create it.
- $FORM = false;
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s', '%s', '%s')",
- array($_POST['login'], generateHash($_POST['pass1']), $_POST['email']), __FILE__, __LINE__);
+// Is the form sent?
+if (isFormSent('add')) {
+ // Check all
+ if ((isPostRequestParameterSet('login')) && (isPostRequestParameterSet('email')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2')) && (postRequestParameter('pass1') == postRequestParameter('pass2'))) {
+ // Add admin when not added already
+ if (addAdminAccount(postRequestParameter('login'), generateHash(postRequestParameter('pass1')), postRequestParameter('email')) == 'done') {
+ // Do not ouput any form!
+ $FORM = false;