-if ((isset($_POST['add'])) && (!empty($_POST['login'])) && (!empty($_POST['email'])) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] == $_POST['pass2']))
-{
- // Add admin when not added already
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array($_POST['login']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0)
- {
- // Login does not exist so we can create it.
- $FORM = false;
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s', '%s', '%s')",
- array($_POST['login'], generateHash($_POST['pass1']), $_POST['email']), __FILE__, __LINE__);
+// Is the form sent?
+if (isFormSent('add')) {
+ // Check all
+ if ((isPostRequestElementSet('login')) && (isPostRequestElementSet('email')) && (isPostRequestElementSet('pass1')) && (isPostRequestElementSet('pass2')) && (postRequestElement('pass1') == postRequestElement('pass2'))) {
+ // Add admin when not added already
+ if (addAdminAccount(postRequestElement('login'), generateHash(postRequestElement('pass1')), postRequestElement('email')) == 'done') {
+ // Do not ouput any form!
+ $FORM = false;