function addStaff($user = 0, $pass1 = 0, $pass2 = 0, $perm) { global $mysql; //add staff member if (!valid('admin')) { error("Permission denied"); } if ($this->isStaff($mysql->escape_string($user))) { error("This user already exists!"); } switch ($perm) { case 'admin': $allowed = 'janitor_board,moderator,admin'; $denied = 'none'; break; case 'mod': $allowed = 'janitor_board,moderator'; $denied = 'admin'; break; case 'janitor': $allowed = 'janitor_board'; $denied = 'moderator, admin'; break; default: error("Attempted to set unknown permission type."); break; } if ($pass1 !== $pass2) { error("Passwords did not match!"); } require_once CORE_DIR . "/crypt/legacy.php"; $crypt = new SaguaroCryptLegacy(); $salt = $crypt->generate_hash($pass2); $mysql->query("INSERT INTO " . SQLMODSLOG . " (`user`, `password`, `public_salt`, `allowed`, `denied`) VALUES ('" . $mysql->escape_string($user) . "', '" . $salt['hash'] . "', '" . $salt['public_salt'] . "', '" . $allowed . "', '" . $denied . "')"); }
$q = mysqli_query($mysqli, $sql); $exists = mysqli_num_rows($q) > 0 ? true : false; if ($exists) { echo "<strong>{$table}</strong> table already exists.<br>"; } else { echo "<strong>{$table}</strong> table does not exist, creating... "; $status = mysqli_query($mysqli, "CREATE TABLE {$table} ({$query})"); echo $status ? $success : "(" . mysqli_errno($mysqli) . ") " . $fail; } mysqli_free_result($q); } if ($loaded['crypt']) { $crypt = new SaguaroCryptLegacy(); echo "<br>Creating default accounts:<br>"; foreach ($defaults as $account) { $password = $crypt->generate_hash($account['pass']); //Generate password hash and public salt with SaguaroCrypt. //$pass = ($autolock === true) ? "<span class='spoiler'>" . $account['pass'] . "</span>" : ""; echo "<strong>" . $account['name'] . "</strong> {$pass} (<span class='info' title='Privileges'>" . $account['priv'] . "</span> / <span class='info' title='Denied'>" . $account['deny'] . "</span>) "; $status = mysqli_query($mysqli, "INSERT INTO " . SQLMODSLOG . " (user, password, public_salt, allowed, denied) VALUES ('{$account['name']}', '{$password['hash']}', '{$password['public_salt']}', '{$account['priv']}', '{$account['deny']}')"); $unfail = mysqli_errno($mysqli) == 1062 ? "<span class='fail'>ALREADY EXISTS</span><br>" : $fail; echo $status ? $success : "(" . mysqli_errno($mysqli) . ") " . $unfail; } } else { echo "<br><strong class='info' title='" . CORE_DIR . "/crypt/legacy.php'>SaguaroCrypt</strong> was not loaded, cannot create default accounts. <span class='info' title='SaguaroCrypt is used to encrypt passwords in the database.' style='font-style:italic;'>Why?</span>"; } } } mysqli_close($mysqli); } echo "</div>";