function adminPassword()
{
global $tbl_1d_admins;
global $adminID, $adminAlias;
//from session
global $SUBS, $PARAM, $MSG;
if ($PARAM['Password']) {
$query = "SELECT Password\n \t\t\tFROM {$tbl_1d_admins}\n \t\t\tWHERE (ID={$adminID}) AND\n \t\t\t(Password = MD5(" . dbQuote($PARAM['password0']) . "))";
$result = runQuery($query, 'adminPassword()', 'CHECK_PASSWORD');
if (!($row = db_fetch_row($result))) {
$SUBS['ERROR'] = $MSG[20005];
$SUBS['LOGIN_ERROR'] = fileParse('_admin_error.htmlt');
adminLogout();
return;
}
if ($PARAM['password1'] != $PARAM['password2']) {
$SUBS['ERROR'] = $MSG[20003];
}
if (strlen($PARAM['password1']) < getAdmSetting('MIN_PASSWORD_LEN')) {
$SUBS['ERROR'] = $MSG[20004];
}
if ($SUBS['ERROR']) {
$SUBS['PASSWORD_ERROR'] = fileParse('_admin_error.htmlt');
} else {
$query = "UPDATE {$tbl_1d_admins}\n\t\t\t\tSET Password = "******"\n\t\t\t\tWHERE ID = {$adminID}";
$result = runQuery($query, 'adminPassword()', 'WRITE_PASSWORD');
$SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20006";
printPage('_admin_done.htmlt');
return;
}
}
if ($PARAM['err'] != '') {
$SUBS['ERROR'] = $MSG[$PARAM['err']];
$SUBS['PASSWORD_ERROR'] = fileParse('_admin_error.htmlt');
}
printPage('_admin_password.htmlt');
}
admineditmatches();
break;
case 9:
updatematch();
break;
case 10:
get_players_byDivision();
break;
case 11:
updatePlayer();
break;
case 12:
loginAdmin();
break;
case 13:
adminLogout();
break;
case 14:
confirmAdmin();
break;
default:
echo '{"result":0, "message": "unknown command"}';
break;
}
function loginAdmin()
{
include "../../model/admin.php";
$username = $_REQUEST['username'];
$admin_password = $_REQUEST['admin_password'];
$admin = new Admin();
$row = $admin->confirmAdmin($username, $admin_password);
