if ((isset($_POST['add'])) && (!empty($_POST['login'])) && (!empty($_POST['email'])) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] == $_POST['pass2'])) {
// Add admin when not added already
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array($_POST['login']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0) {
- // Login does not exist so we can create it.
+ if (REGISTER_ADMIN($_POST['login'], generateHash($_POST['pass1']), $_POST['email']) == "done") {
+ // Do not ouput any form!
$FORM = false;
- SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s','%s','%s')",
- array($_POST['login'], generateHash($_POST['pass1']), $_POST['email']), __FILE__, __LINE__);
// Admin login saved
- LOAD_TEMPLATE("admin_settings_saved", false, "<FONT class=\"admin_done\">".ADMIN_ADMINS_ADD_DONE."</FONT>");
+ LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ADD_DONE);
// Run filter chain
RUN_FILTER('post_admin_added', $_POST);
} // END - if
+} // END - if
- // Free memory
- SQL_FREERESULT($result);
-}
-
-if ($FORM) {
- // Clear unset variables
- if (empty($_POST['login'])) $_POST['login'] = "";
- if (empty($_POST['email'])) $_POST['email'] = "";
+// Shall we display the form?
+if ($FORM === true) {
+ // Set missing elements
+ // @TODO Do we need this ugly code here?
+ if (!isset($_POST['login'])) $_POST['login'] = "";
+ if (!isset($_POST['email'])) $_POST['email'] = "";
// Load form from template
LOAD_TEMPLATE("admin_admins_add");
-}
+} // END - if
+
//
?>