} else {
$message = getLang('reset_noemail');
}
}
}
$ShowQuestionForm = 0;
$SecretQuestion = '';
if ($_POST['_reqpass'] == 1 || $_POST['_pwdreset1'] == 1) {
$pattern = '/^[\\_]*([a-z0-9]+(\\.|\\_*)?)+@([a-z][a-z0-9\\-]+(\\.|\\-*\\.))+[a-z]{2,6}$/i';
$check = preg_match($pattern, $_POST['rform_email']);
if ($check == 0) {
$_POST['rform_email'] = '';
$message = 'Invalid email';
} else {
$db = new DBConnection();
$query = 'SELECT * FROM users WHERE user_email="' . $db->string_escape($_POST['rform_email']) . '" LIMIT 1';
$res = $db->rq($query);
$row = $db->fetch($res);
if (!$row['user_secret_question']) {
$message = getLang('reset_noquest');
} else {
$SecretQuestion = $row['user_secret_question'];
$ShowQuestionForm = 1;
}
}
}
// $ShowQuestionForm=1;
if ($ShowQuestionForm == 1) {
include 'parts/show_question.php';
} else {
include 'parts/forgot_box.php';
public function resetPasswordAnswer()
{
$db = new DBConnection();
$return = array();
$query = 'SELECT * FROM users WHERE user_email="' . $db->string_escape($_POST['rform_email']) . '" LIMIT 1';
$res = $db->rq($query);
$row = $db->fetch($res);
if (!isset($row['user_secret_answer'])) {
$return['error'] = getLang('reset_noansw');
} else {
if (strtolower(trim($_POST['rform_answer'])) == strtolower(trim($row['user_secret_answer']))) {
$pattern = '/^[\\_]*([a-z0-9]+(\\.|\\_*)?)+@([a-z][a-z0-9\\-]+(\\.|\\-*\\.))+[a-z]{2,6}$/i';
$check = preg_match($pattern, $_POST['rform_email']);
if ($check == 0) {
$return['error'] = getLang('reset_invalid_email');
} else {
$db = new DBConnection();
$query = 'SELECT u.*, ua1.advisor_names as user_advisor1, ua2.advisor_names as user_advisor2 FROM users u
left join users_advisors ua1 on u.user_advisor1 = ua1.users_advisors_id
left join users_advisors ua2 on u.user_advisor2 = ua2.users_advisors_id
WHERE u.user_email="' . $_POST['rform_email'] . '" LIMIT 1';
$res = $db->rq($query);
$num_rows = $db->num_rows($res);
if ($num_rows > 0) {
$row = $db->fetch($res);
addLog('Front-end', 'Login', '' . $row['user_firstname'] . ' ' . $row['user_lastname'] . ' (' . $row['user_account_num'] . ')', 0, 'Password reset request.');
/*$possible = '0123456789abcdfghjklmnopqrstuvwxyzABCDFGHJKLMNOPQRSTUVWXYZ';
$newpass = '';
$i = 0;
for($i=0;$i<8;$i++) {
$newpass.= substr($possible, mt_rand(0, strlen($possible)-1), 1);
}
$query2='UPDATE users SET user_password="******", user_passisset=0 WHERE users_id='.($row['users_id']+0).'';
$db->rq($query2);
*/
$query3 = 'SELECT * FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Forgot password"';
$res3 = $db->rq($query3);
$num_rows3 = $db->num_rows($res3);
if ($num_rows3 > 0) {
$row3 = $db->fetch($res3);
$query4 = 'SELECT * FROM global_settings WHERE section="mail_settings"';
$res4 = $db->rq($query4);
while (($row4 = $db->fetch($res4)) != FALSE) {
if ($row4['variable'] == 'mail_mandrill_host' && $row4['variable_value'] != '') {
$smtp_host = $row4['variable_value'];
}
if ($row4['variable'] == 'mail_mandrill_port' && $row4['variable_value'] != '') {
$smtp_port = $row4['variable_value'];
}
if ($row4['variable'] == 'mail_mandrill_user' && $row4['variable_value'] != '') {
$smtp_user = $row4['variable_value'];
}
if ($row4['variable'] == 'mail_mandrill_password' && $row4['variable_value'] != '') {
$smtp_password = $row4['variable_value'];
}
}
include 'nomad_mimemail.inc.php';
$mimemail = new nomad_mimemail();
$mimemail->set_charset("UTF-8");
if ($row3['mail_from'] != '') {
$mimemail->set_from($row3['mail_from_mail'], $row3['mail_from']);
$mimemail->set_reply_to($row3['mail_from_mail'], $row3['mail_from']);
} else {
$mimemail->set_from($row3['mail_from_mail']);
$mimemail->set_reply_to($row3['mail_from_mail']);
}
$search_for = array('{user_first_name}', '{user_last_name}', '{user_username}', '{user_password}', '{user_password_org}', '{user_account_num}', '{user_account_name}', '{user_admin_ref}', '{user_phone}', '{user_email}', '{user_mailing_address}', '{user_city}', '{user_state}', '{user_postal}', '{user_country}', '{user_advisor1}', '{user_advisor2}', '{user_app_date}');
$replace_with = array($row['user_firstname'], $row['user_lastname'], $row['user_username'], $row['user_password'], $row['user_password'], $row['user_account_num'], $row['user_account_name'], $row['user_ref'], $row['user_phone'], $row['user_email'], $row['user_mailing_address'], $row['user_city'], $row['user_state'], $row['user_postal'], $row['user_country'], $row['user_advisor1'], $row['user_advisor2'], $row['user_app_date']);
$row3['mail_html'] = str_replace($search_for, $replace_with, $row3['mail_html']);
$row3['mail_plain'] = str_replace($search_for, $replace_with, $row3['mail_plain']);
$t_search_for = array('{thanks}');
$t_replace_with_html = array(getLang('mails_thanks_html'));
$t_replace_with_plain = array(getLang('mails_thanks_plain'));
$row3['mail_html'] = str_replace($t_search_for, $t_replace_with_html, $row3['mail_html']);
$row3['mail_plain'] = str_replace($t_search_for, $t_replace_with_plain, $row3['mail_plain']);
$mimemail->set_subject($row3['mail_subject']);
$mimemail->set_html($row3['mail_html']);
$mimemail->set_text($row3['mail_plain']);
$mimemail->set_to($_POST['rform_email'], '' . $row['user_firstname'] . ' ' . $row['user_lastname'] . '');
if ($row3['mail_bcc']) {
$mimemail->set_bcc($row3['mail_bcc']);
}
$mimemail->set_smtp_host($smtp_host, $smtp_port);
$mimemail->set_smtp_auth($smtp_user, $smtp_password);
$mimemail->send();
}
$db->close();
$return['success'] = getLang('rform_newpass');
} else {
$return['error'] = getLang('reset_noemail');
}
}
} else {
$return['error'] = getLang('reset_wrong');
}
}
if (isset($return['error'])) {
$return['error'] = strip_tags($return['error']);
}
echo json_encode($return);
}
<?php
require '../../vendor/autoload.php';
require_once('ulogin/config/all.inc.php');
require_once('ulogin/main.inc.php');
require_once('auth.php');
if($_SESSION['admin']['is_logged']!=1) {
header('Location: index.php');
exit();
}
usleep(150000);
require_once('../../classes/db.class.php');
$db=new DBConnection();
$validateStock=$db->string_escape($_GET['symbol']);
$query='SELECT stocks_id FROM stocks WHERE stocks_symbol="'.$validateStock.'" LIMIT 1';
$res=$db->rq($query);
$num_rows=$db->num_rows($res);
if ($num_rows==0){
$valid = 'true';
}else{
$row=$db->fetch($res);
if($row['stocks_id'] > 0 && isset($_SESSION['admin']['uedit']) && $row['stocks_id'] == $_SESSION['admin']['uedit']) {
$valid = 'true';
}else{
$valid = 'false';
}
}
$db->close();
echo $valid;
<?php
require '../../vendor/autoload.php';
require_once('ulogin/config/all.inc.php');
require_once('ulogin/main.inc.php');
require_once('auth.php');
if($_SESSION['admin']['is_logged']!=1) {
header('Location: index.php');
exit();
}
usleep(150000);
require_once('../../classes/db.class.php');
$db=new DBConnection();
$validateRef=$db->string_escape($_GET['ref']);
$query='SELECT users_advisors_id FROM users_advisors WHERE advisor_ref="'.$validateRef.'" LIMIT 1';
$res=$db->rq($query);
$num_rows=$db->num_rows($res);
if ($num_rows==0){
$valid = 'true';
}else{
$row=$db->fetch($res);
if($row['users_advisors_id']>0&&$row['users_advisors_id']==$_SESSION['admin']['uedit']) {
$valid = 'true';
}else{
$valid = 'false';
}
}
$db->close();
echo $valid;
?>
<?php
session_start();
require '../vendor/autoload.php';
if ($_SESSION['user']['is_logged'] != 1) {
header('Location: index.php');
exit;
}
usleep(150000);
require_once '../classes/db.class.php';
$db = new DBConnection();
$validateEmail = $db->string_escape($_GET['user_email']);
$query = 'SELECT user_account_num FROM users WHERE user_email="' . $validateEmail . '" LIMIT 1';
$res = $db->rq($query);
$num_rows = $db->num_rows($res);
if ($num_rows == 0) {
$valid = 'true';
} else {
$row = $db->fetch($res);
if ($row['user_account_num'] > 0 && $row['user_account_num'] == $_SESSION['user']['user_account_num']) {
$valid = 'true';
} else {
$valid = 'false';
}
}
$db->close();
echo $valid;
require_once('../includes/ulogin/config/all.inc.php');
require_once('../includes/ulogin/main.inc.php');
require_once('../includes/auth.php');
if ($_SESSION['admin']['is_logged']!=1){
echo 'ERROR';
exit();
}
require_once ('../../classes/db.class.php');
$db=new DBConnection();
$searchColumns=array('commodities_groups_id','commodities_groups_name');
$searchLimit='';
if (isset($_GET['iDisplayStart'])&&$_GET['iDisplayLength']!='-1'){
$searchLimit='LIMIT '.$db->string_escape($_GET['iDisplayStart']).', '.$db->string_escape($_GET['iDisplayLength']).'';
}
/* Ordering */
if (isset($_GET['iSortCol_0'])){
$searchOrder="ORDER BY ";
for($i=0; $i<$db->string_escape($_GET['iSortingCols']); $i++ ){
$addComma='';
if($i!=0) $addComma.=', ';
$searchOrder.=$addComma.fnColumnToField($db->string_escape($_GET['iSortCol_'.$i])).' '.$db->string_escape($_GET['iSortDir_'.$i]).'';
}
}
$searchFor='';
if ($_GET['sSearch']!=''){
function addNewValue($details_id=0) {
$JSCripts=' onchange="setDetails();"';
$db=new DBConnection();
$pcontent='';
$pcontent.='
<div class="mainHolder">
<div class="hintHolder ui-state-default"><b>Adding New Stock Values</b></div>
<script type="text/javascript" src="../js/jquery.validate.js"></script>
<script type="text/javascript" src="js/forms/stockValues.js"></script>
<form name="addNewStockValue" method="POST" id="MainForms" action="">';
$query='SELECT * FROM stocks ORDER BY stocks_name ASC';
$res=$db->rq($query);
$num = 1;
$pcontent.='<div class="left">';
while (($row=$db->fetch($res))!=FALSE){
if($details_id > 0) {
$details_id = $db->string_escape($details_id);
$curval = $db->getRow('stock_details','stocks_id="'.$row['stocks_id'].'" AND details_ref="'.$details_id.'"','value, volume, date');
} else {
$curval = $db->getRow('stock_details','stocks_id="'.$row['stocks_id'].'" ORDER BY date DESC','value, volume');
}
if($curval){
$date = array_get($curval, 'date');
$pcontent.='<fieldset class="mainFormHolder">
<legend>Share</legend>
<div class="formsLeft">Share:</div>
<div class="formsRight">
<select name="stocks_id_'.$num.'" id="stocks_id_'.$num.'" class="text-input">';
$pcontent.='<option value="'.$row['stocks_id'].'">'.$row['stocks_symbol'].' ('.$row['stocks_name'].')</option>';
$pcontent.='
</select>
</div><br />
<div class="formsLeft">Value:</div>
<div class="formsRight">
<input class="required text-input align-right" type="text" name="value_'.$num.'" id="value_'.$num.'" value="'.$curval['value'].'"'.$JSCripts.' />
</div>
<br />
<div class="formsLeft">Volume:</div>
<div class="formsRight">
<input class="text-input align-right" type="text" name="volume_'.$num.'" id="volume_'.$num.'" value="'.$curval['volume'].'"'.$JSCripts.' />
</div><br />
</fieldset>';
}
$num++;
}
$pcontent.='</div><div class="left"><fieldset class="mainFormHolder">
<legend>Date</legend>
<div class="formsLeft">Value date:</div>
<div class="formsRight"><input class="text-input" type="text" name="date_value" id="date_value" value="'.$date.'" /></div>
<br />';
if($details_id) {
$pcontent.='<input type="hidden" name="trade_ref" value="'.$details_id.'" />';
$pcontent.='<input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete the values from this date?\')) location=\'?action=delete_values&sid='.($details_id).'\';" />';
}
$pcontent.='<input type="hidden" name="_form_submit" value="1" />
<input type="hidden" name="_new_value" value="1" />
<input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" />
';
$pcontent.='
<input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'stocks.php\';" />
</fieldset></div>
</form>
</div>';
return $pcontent;
}
<?php
require_once('template.php');
if(!$_SESSION['admin']['is_logged']) {
header('Location: index.php');
exit();
}
$_SESSION['admin']['selected_tab']=5;
unset($_SESSION['admin']['uedit']);
if(isset($_POST['_form_submit'])) {
$db=new DBConnection();
foreach ($_POST AS $k=>$x) $_POST[$k]=$db->string_escape($x);
if(($_POST['cid']+0)>0) {
$query='UPDATE commodities SET commodities_groups_id="'.$_POST['commodities_groups_id'].'",
commodities_name="'.($_POST['commodities_name']).'", commodities_symbol="'.$_POST['commodities_symbol'].'",
commodities_contract_size="'.$db->string_escape($_POST['commodities_contract_size']).'",
commodities_unit="'.$db->string_escape($_POST['commodities_unit']).'",
commodities_status="'.$db->string_escape($_POST['commodities_status']).'",
commodities_order_priority="'.$db->string_escape($_POST['commodities_order_priority']).'",
commodities_def_fee="'.$db->string_escape($_POST['commodities_def_fee']+0).'",
commodities_def_prem="'.$db->string_escape($_POST['commodities_def_prem']+0).'"
WHERE commodities_id='.($_POST['cid']+0).'';
$db->rq($query);
addLog('Back-end','Back-end Settings, Commodities',0,''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Commodity edited ('.$_POST['commodities_symbol'].')');
}else {
$query='INSERT INTO commodities SET commodities_groups_id="'.$_POST['commodities_groups_id'].'",
commodities_name="'.($_POST['commodities_name']).'", commodities_symbol="'.$_POST['commodities_symbol'].'",
commodities_contract_size="'.$db->string_escape($_POST['commodities_contract_size']).'",
commodities_unit="'.$db->string_escape($_POST['commodities_unit']).'",
commodities_status="'.$db->string_escape($_POST['commodities_status']).'",
commodities_order_priority="'.$db->string_escape($_POST['commodities_order_priority']).'",
<?php
require '../../vendor/autoload.php';
require_once('ulogin/config/all.inc.php');
require_once('ulogin/main.inc.php');
require_once('auth.php');
if(!isAppLoggedIn()) {
header('Location: index.php');
exit();
}
usleep(150000);
require_once('../../classes/db.class.php');
$db=new DBConnection();
$validateUsername=$db->string_escape($_GET['user_username']);
$query='SELECT users_id FROM users WHERE user_username="******" LIMIT 1';
$res=$db->rq($query);
$num_rows=$db->num_rows($res);
if ($num_rows==0){
$valid = 'true';
}else{
$row=$db->fetch($res);
if($row['users_id']>0&&$row['users_id']==$_SESSION['admin']['uedit']) {
$valid = 'true';
}else{
$valid = 'false';
}
}
$db->close();
echo $valid;
?>
addLog('Front-end', 'Login', '' . $_SESSION['user']['user_firstname'] . ' ' . $_SESSION['user']['user_lastname'] . ' (' . $_SESSION['user']['user_account_num'] . ')', 0, 'User successfully logged out');
unset($_SESSION['user']);
if (!$_SESSION['admin']['is_logged']) {
session_destroy();
}
header('Location: index.php');
exit;
}
/**
* Initialize the login
*/
if (isset($_POST['_login']) && $_POST['l_username'] != '' && $_POST['l_password'] != '') {
$db = new DBConnection();
$UserIP = GetHostByName($_SERVER["REMOTE_ADDR"]);
$username = $_POST['l_username'];
$username = $db->string_escape($username);
$password = $_POST['l_password'];
$password = $db->string_escape($password);
$query = 'SELECT * FROM users WHERE user_username="******" AND user_status=1 AND user_password!="" LIMIT 1';
$res = $db->rq($query);
$row = $db->fetch($res);
$base_password = $row['user_password'];
$validatePassword = FALSE;
if ($password == $base_password) {
$validatePassword = TRUE;
}
if ($validatePassword == TRUE && strtolower($row['user_username']) == strtolower($username)) {
// if everything goes ok
page_header_simple(1);
echo '<img src="images/lploader.gif" border="0"><br /><b>System is loading, please wait...</b>';
page_footer();
<?php
require '../../vendor/autoload.php';
require_once('ulogin/config/all.inc.php');
require_once('ulogin/main.inc.php');
require_once('auth.php');
if($_SESSION['admin']['is_logged']!=1) {
header('Location: index.php');
exit();
}
usleep(150000);
require_once('../../classes/db.class.php');
$db=new DBConnection();
$validateSymbol=$db->string_escape($_GET['commodities_symbol']);
$query='SELECT commodities_id FROM commodities WHERE commodities_symbol="'.$validateSymbol.'" LIMIT 1';
$res=$db->rq($query);
$num_rows=$db->num_rows($res);
if ($num_rows==0){
$valid = 'true';
}else{
$row=$db->fetch($res);
if($row['commodities_id']>0&&$row['commodities_id']==$_SESSION['admin']['uedit']) {
$valid = 'true';
}else{
$valid = 'false';
}
}
$db->close();
echo $valid;
?>
$_SESSION['UserSessionTime'] = time() + MAX_SESSION_TIME;
} else {
if ($_SESSION['UserSessionTime'] < time()) {
unset($_SESSION['user']);
unset($_SESSION['UserSessionTime']);
session_regenerate_id();
session_destroy();
exit;
} else {
$_SESSION['UserSessionTime'] = time() + MAX_SESSION_TIME;
}
}
if ($_SESSION['user']['is_logged'] != 1) {
header('Location: index.php');
exit;
}
usleep(150000);
require_once '../classes/db.class.php';
$db = new DBConnection();
$validateBalance = $db->string_escape($_GET['tr_value']);
$validateBalance = str_replace(',', '', $validateBalance);
$query = 'SELECT user_balance FROM users WHERE user_account_num="' . $_SESSION['user']['user_account_num'] . '" LIMIT 1';
$res = $db->rq($query);
$row = $db->fetch($res);
if ($row['user_balance'] >= $validateBalance) {
$valid = 'true';
} else {
$valid = 'false';
}
$db->close();
echo $valid;
if (isset($_GET['action'])){
$cmd=($_GET['action']);
}else{
$cmd='';
}
if (isset($_POST['_back'])) $cmd='';
$page_content='';
switch ($cmd) {
case 'new' :
$page_content=addNewAdvisor();
break;
case 'edit' :
if ($_GET['ref']!=''&&($_GET['advid']+0)==0){
$db=new DBConnection();
$query='SELECT users_advisors_id FROM users_advisors WHERE advisor_ref="'.$db->string_escape($_GET['ref']).'" LIMIT 1';
$res=$db->rq($query);
$row=$db->fetch($res);
$_GET['advid']=($row['users_advisors_id']+0);
}
$page_content=addNewAdvisor($_GET['advid']+0);
break;
case 'delete' :
if ($_SESSION['admin']['is_logged']==1){
$db=new DBConnection();
$getCurrentData=$db->getRow('users_advisors', 'users_advisors_id="'.$_GET['advid'].'"');
$query='DELETE FROM users_advisors WHERE users_advisors_id='.($_GET['advid']+0);
$db->rq($query);
addLog('Back-end','Advisors',''.$getCurrentData['advisor_names'].' ('.$getCurrentData['advisor_ref'].')',''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Advisor deleted');
$referenceNumber = $_GET['buyref'];
}elseif ($_GET['sellref']!=''){
$whatmail='Trade sell details';
$referenceNumber = $_GET['sellref'];
}elseif ($_GET['tdref']!=''){
$whatmail='Transfer deposit details';
$referenceNumber = $_GET['tdref'];
}elseif ($_GET['twref']!=''){
$whatmail='Transfer withdraw details';
$referenceNumber = $_GET['twref'];
}else{
$whatmail='Other';
}
foreach ($_POST as $k => $x){
$_POST[$k] = $db->string_escape($x);
}
$mysql_fields='';
$comma='';
$count=0;
foreach ($_POST as $k => $x) {
if($k != '_submit' && $k != '_preview' && $k != '_form_submit' && $k != 'mail_templates_id' && $k != 'user_account_num' && $k != 'mail_html' && $k != 'mail_plain') {
if($count != 0){
$comma=', ';
}
$mysql_fields.=''.$comma.''.$k.'="'.($x).'"';
$count++;
}
}
<?php
require_once('template.php');
if(!$_SESSION['admin']['is_logged']) {
header('Location: index.php');
exit();
}
$_SESSION['admin']['selected_tab']=5;
unset($_SESSION['admin']['uedit']);
if(isset($_POST['_form_submit'])) {
$db=new DBConnection();
foreach ($_POST AS $k=>$x) $_POST[$k]=$db->string_escape($x);
if(($_POST['edid']+0)>0) {
$expiry_short=convertTradeDates(strtotime($_POST['expiry_date']));
$query='UPDATE expiry_dates SET expiry_date="'.$_POST['expiry_date'].'", expiry_short="'.$expiry_short.'" WHERE expiry_dates_id='.($_POST['edid']+0).'';
$db->rq($query);
addLog('Back-end','Back-end Settings, Commodities - exp. dates',0,''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Commodity expiry date edited ('.$_POST['expiry_date'].')');
}else{
$expiry_short=convertTradeDates(strtotime($_POST['expiry_date']));
$query='INSERT INTO expiry_dates SET expiry_date="'.$_POST['expiry_date'].'", expiry_short="'.$expiry_short.'"';
$db->rq($query);
addLog('Back-end','Back-end Settings, Commodities - exp. dates',0,''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Commodity expiry date added ('.$_POST['expiry_date'].')');
}
$db->close();
header('Location: expiry_dates.php');
exit();
}
$count=0;
foreach ($_POST as $k=>$x){
if ($k!='depid'&&$k!='_submit'&&$k!='_add_withdraw'&&$k!='k'){
if ($count!=0) $comma=', ';
if ($k=='tr_value'||$k=='tr_fees'||$k=='tr_total') $x=str_replace(',', '', $x);
$mysql_fields.=''.$comma.''.$k.'="'.$db->string_escape($x).'"';
$count++ ;
}
}
$query='SELECT user_balance FROM users WHERE user_account_num='.($_SESSION['user']['user_account_num']+0).'';
$res=$db->rq($query);
$row=$db->fetch($res);
$cmd = '';
}
if (isset($_POST['_back'])){
$cmd = '';
}
$page_content='';
switch ($cmd) {
case 'new' :
$page_content=addNewAdmin();
break;
case 'edit' :
if (isset($_GET['username']) && array_get($_GET, 'aid', 0) == 0){
$db = new DBConnection();
$query = 'SELECT id FROM ul_logins WHERE username="******" LIMIT 1';
$res = $db->rq($query);
$row = $db->fetch($res);
$_GET['aid'] = $row['id'];
}
$page_content = addNewAdmin($_GET['aid']+0);
break;
case 'delete' :
if (isAppLoggedIn()){
$db = new DBConnection();
$currentData = $db->getRow('ul_logins', 'id='.($_GET['aid']+0).'');
$ulogin->DeleteUser($_GET['aid']);
addLog('Back-end','Back-end users',''.$currentData['name'].' ('.$currentData['ref'].')',''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Admin deleted');
