function adminPassword() { global $tbl_1d_admins; global $adminID, $adminAlias; //from session global $SUBS, $PARAM, $MSG; if ($PARAM['Password']) { $query = "SELECT Password\n \t\t\tFROM {$tbl_1d_admins}\n \t\t\tWHERE (ID={$adminID}) AND\n \t\t\t(Password = MD5(" . dbQuote($PARAM['password0']) . "))"; $result = runQuery($query, 'adminPassword()', 'CHECK_PASSWORD'); if (!($row = db_fetch_row($result))) { $SUBS['ERROR'] = $MSG[20005]; $SUBS['LOGIN_ERROR'] = fileParse('_admin_error.htmlt'); adminLogout(); return; } if ($PARAM['password1'] != $PARAM['password2']) { $SUBS['ERROR'] = $MSG[20003]; } if (strlen($PARAM['password1']) < getAdmSetting('MIN_PASSWORD_LEN')) { $SUBS['ERROR'] = $MSG[20004]; } if ($SUBS['ERROR']) { $SUBS['PASSWORD_ERROR'] = fileParse('_admin_error.htmlt'); } else { $query = "UPDATE {$tbl_1d_admins}\n\t\t\t\tSET Password = "******"\n\t\t\t\tWHERE ID = {$adminID}"; $result = runQuery($query, 'adminPassword()', 'WRITE_PASSWORD'); $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20006"; printPage('_admin_done.htmlt'); return; } } if ($PARAM['err'] != '') { $SUBS['ERROR'] = $MSG[$PARAM['err']]; $SUBS['PASSWORD_ERROR'] = fileParse('_admin_error.htmlt'); } printPage('_admin_password.htmlt'); }
admineditmatches(); break; case 9: updatematch(); break; case 10: get_players_byDivision(); break; case 11: updatePlayer(); break; case 12: loginAdmin(); break; case 13: adminLogout(); break; case 14: confirmAdmin(); break; default: echo '{"result":0, "message": "unknown command"}'; break; } function loginAdmin() { include "../../model/admin.php"; $username = $_REQUEST['username']; $admin_password = $_REQUEST['admin_password']; $admin = new Admin(); $row = $admin->confirmAdmin($username, $admin_password);