/
addAdminPhp.php
58 lines (51 loc) · 1.83 KB
/
addAdminPhp.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
<?php
include('session.php');
include('loadNoty.js');
include('controller/dbController.php');
$error=''; // Variable To Store Error Message
//$dbuser= $_POST['dbuser'];
if (isset($_POST['submit']))
{
if (empty($_POST['name']) || empty($_POST['password']) || empty($_POST['username']))
{
echo "<b></b>";
echo '<script>showError("Details are not filled properly!");</script>';
}
else
{
// Define $username and $password
$name=$_POST['name'];
$username=$_POST['username'];
$password=$_POST['password'];
$info=$_POST['info'];
$email=$_POST['email'];
// To protect MySQL injection for Security purpose
$username = stripslashes($username);
$name = stripslashes($name);
$password = stripslashes($password);
$email= stripslashes($email);
$username = mysql_real_escape_string($username);
$name = mysql_real_escape_string($name);
$password = mysql_real_escape_string($password);
$email = mysql_real_escape_string($email);
//SQL to check if user is already existing
$row = checkAndGetBackUsername($username);
$existing =$row['username'];
echo "<b></b>";
if (!isset($existing)){
$hashedPassword = md5($password);
if(addNewLoginUser($username,$hashedPassword,'admin')) {
addNewAdmin($username,$name,$info,$email);
echo '<script>showSuccess("New Admin Added!");</script>';
} else
{
echo '<script>showError("Error while adding user!");</script>';
}
} else
{
echo '<script>showError("ERROR: User alreay exists!");</script>';
}
mysql_close($connection); // Closing Connection
}
}
?>