示例#1
0
function AddAdmin($mask, $srv_mask, $a_name, $a_steam, $a_email, $a_password, $a_password2, $a_sg, $a_wg, $a_serverpass, $a_webname, $a_servername, $server, $singlesrv)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_ADMINS)) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Hacking Attempt", $username . " tried to add an admin, but doesnt have access.");
        return $objResponse;
    }
    $a_name = RemoveCode($a_name);
    $a_steam = RemoveCode($a_steam);
    $a_email = RemoveCode($a_email);
    $a_servername = $a_servername == "0" ? null : RemoveCode($a_servername);
    $a_webname = RemoveCode($a_webname);
    $mask = (int) $mask;
    $error = 0;
    //No name
    if (empty($a_name)) {
        $error++;
        $objResponse->addAssign("name.msg", "innerHTML", "You must type a name for the admin.");
        $objResponse->addScript("\$('name.msg').setStyle('display', 'block');");
    } else {
        if (strstr($a_name, "'")) {
            $error++;
            $objResponse->addAssign("name.msg", "innerHTML", "An admin name can not contain a \" ' \".");
            $objResponse->addScript("\$('name.msg').setStyle('display', 'block');");
        } else {
            if (is_taken("admins", "user", $a_name)) {
                $error++;
                $objResponse->addAssign("name.msg", "innerHTML", "An admin with this name already exists");
                $objResponse->addScript("\$('name.msg').setStyle('display', 'block');");
            } else {
                $objResponse->addAssign("name.msg", "innerHTML", "");
                $objResponse->addScript("\$('name.msg').setStyle('display', 'none');");
            }
        }
    }
    // If they didnt type a steamid
    if (empty($a_steam) || strlen($a_steam) < 10) {
        $error++;
        $objResponse->addAssign("steam.msg", "innerHTML", "You must type a Steam ID or Community ID for the admin.");
        $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');");
    } else {
        // Validate the steamid or fetch it from the community id
        if (!is_numeric($a_steam) && !validate_steam($a_steam) || is_numeric($a_steam) && (strlen($a_steam) < 15 || !validate_steam($a_steam = FriendIDToSteamID($a_steam)))) {
            $error++;
            $objResponse->addAssign("steam.msg", "innerHTML", "Please enter a valid Steam ID or Community ID.");
            $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');");
        } else {
            if (is_taken("admins", "authid", $a_steam)) {
                $admins = $userbank->GetAllAdmins();
                foreach ($admins as $admin) {
                    if ($admin['authid'] == $a_steam) {
                        $name = $admin['user'];
                        break;
                    }
                }
                $error++;
                $objResponse->addAssign("steam.msg", "innerHTML", "Admin " . htmlspecialchars(addslashes($name)) . " already uses this Steam ID.");
                $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');");
            } else {
                $objResponse->addAssign("steam.msg", "innerHTML", "");
                $objResponse->addScript("\$('steam.msg').setStyle('display', 'none');");
            }
        }
    }
    // No email
    if (empty($a_email)) {
        // An E-Mail address is only required for users with web permissions.
        if ($mask != 0) {
            $error++;
            $objResponse->addAssign("email.msg", "innerHTML", "You must type an e-mail address.");
            $objResponse->addScript("\$('email.msg').setStyle('display', 'block');");
        }
    } else {
        // Is an other admin already registred with that email address?
        if (is_taken("admins", "email", $a_email)) {
            $admins = $userbank->GetAllAdmins();
            foreach ($admins as $admin) {
                if ($admin['email'] == $a_email) {
                    $name = $admin['user'];
                    break;
                }
            }
            $error++;
            $objResponse->addAssign("email.msg", "innerHTML", "This email address is already being used by " . htmlspecialchars(addslashes($name)) . ".");
            $objResponse->addScript("\$('email.msg').setStyle('display', 'block');");
        } else {
            $objResponse->addAssign("email.msg", "innerHTML", "");
            $objResponse->addScript("\$('email.msg').setStyle('display', 'none');");
            /*	if(!validate_email($a_email))
            			{
            				$error++;
            				$objResponse->addAssign("email.msg", "innerHTML", "Please enter a valid email address.");
            				$objResponse->addScript("$('email.msg').setStyle('display', 'block');");
            			}
            			else
            			{
            				$objResponse->addAssign("email.msg", "innerHTML", "");
            				$objResponse->addScript("$('email.msg').setStyle('display', 'none');");
            
            			}*/
        }
    }
    // no pass
    if (empty($a_password)) {
        // A password is only required for users with web permissions.
        if ($mask != 0) {
            $error++;
            $objResponse->addAssign("password.msg", "innerHTML", "You must type a password.");
            $objResponse->addScript("\$('password.msg').setStyle('display', 'block');");
        }
    } else {
        if (strlen($a_password) < MIN_PASS_LENGTH) {
            $error++;
            $objResponse->addAssign("password.msg", "innerHTML", "Your password must be at-least " . MIN_PASS_LENGTH . " characters long.");
            $objResponse->addScript("\$('password.msg').setStyle('display', 'block');");
        } else {
            $objResponse->addAssign("password.msg", "innerHTML", "");
            $objResponse->addScript("\$('password.msg').setStyle('display', 'none');");
            // No confirmation typed
            if (empty($a_password2)) {
                $error++;
                $objResponse->addAssign("password2.msg", "innerHTML", "You must confirm the password");
                $objResponse->addScript("\$('password2.msg').setStyle('display', 'block');");
            } else {
                if ($a_password != $a_password2) {
                    $error++;
                    $objResponse->addAssign("password2.msg", "innerHTML", "Your passwords don't match");
                    $objResponse->addScript("\$('password2.msg').setStyle('display', 'block');");
                } else {
                    $objResponse->addAssign("password2.msg", "innerHTML", "");
                    $objResponse->addScript("\$('password2.msg').setStyle('display', 'none');");
                }
            }
        }
    }
    // Choose to use a server password
    if ($a_serverpass != "-1") {
        // No password given?
        if (empty($a_serverpass)) {
            $error++;
            $objResponse->addAssign("a_serverpass.msg", "innerHTML", "You must type a server password or uncheck the box.");
            $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'block');");
        } else {
            if (strlen($a_serverpass) < MIN_PASS_LENGTH) {
                $error++;
                $objResponse->addAssign("a_serverpass.msg", "innerHTML", "Your password must be at-least " . MIN_PASS_LENGTH . " characters long.");
                $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'block');");
            } else {
                $objResponse->addAssign("a_serverpass.msg", "innerHTML", "");
                $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'none');");
            }
        }
    } else {
        $objResponse->addAssign("a_serverpass.msg", "innerHTML", "");
        $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'none');");
        // Don't set "-1" as password ;)
        $a_serverpass = "";
    }
    // didn't choose a server group
    if ($a_sg == "-2") {
        $error++;
        $objResponse->addAssign("server.msg", "innerHTML", "You must choose a group.");
        $objResponse->addScript("\$('server.msg').setStyle('display', 'block');");
    } else {
        $objResponse->addAssign("server.msg", "innerHTML", "");
        $objResponse->addScript("\$('server.msg').setStyle('display', 'none');");
    }
    // chose to create a new server group
    if ($a_sg == 'n') {
        // didn't type a name
        if (empty($a_servername)) {
            $error++;
            $objResponse->addAssign("servername_err", "innerHTML", "You need to type a name for the new group.");
            $objResponse->addScript("\$('servername_err').setStyle('display', 'block');");
        } else {
            if (strstr($a_servername, ',')) {
                $error++;
                $objResponse->addAssign("servername_err", "innerHTML", "Group name cannot contain a ','");
                $objResponse->addScript("\$('servername_err').setStyle('display', 'block');");
            } else {
                $objResponse->addAssign("servername_err", "innerHTML", "");
                $objResponse->addScript("\$('servername_err').setStyle('display', 'none');");
            }
        }
    }
    // didn't choose a web group
    if ($a_wg == "-2") {
        $error++;
        $objResponse->addAssign("web.msg", "innerHTML", "You must choose a group.");
        $objResponse->addScript("\$('web.msg').setStyle('display', 'block');");
    } else {
        $objResponse->addAssign("web.msg", "innerHTML", "");
        $objResponse->addScript("\$('web.msg').setStyle('display', 'none');");
    }
    // Choose to create a new webgroup
    if ($a_wg == 'n') {
        // But didn't type a name
        if (empty($a_webname)) {
            $error++;
            $objResponse->addAssign("webname_err", "innerHTML", "You need to type a name for the new group.");
            $objResponse->addScript("\$('webname_err').setStyle('display', 'block');");
        } else {
            if (strstr($a_webname, ',')) {
                $error++;
                $objResponse->addAssign("webname_err", "innerHTML", "Group name cannot contain a ','");
                $objResponse->addScript("\$('webname_err').setStyle('display', 'block');");
            } else {
                $objResponse->addAssign("webname_err", "innerHTML", "");
                $objResponse->addScript("\$('webname_err').setStyle('display', 'none');");
            }
        }
    }
    // Ohnoes! something went wrong, stop and show errs
    if ($error) {
        ShowBox_ajx("Error", "There are some errors in your input. Please correct them.", "red", "", true, $objResponse);
        return $objResponse;
    }
    // ##############################################################
    // ##                     Start adding to DB                   ##
    // ##############################################################
    $gid = 0;
    $groupID = 0;
    $inGroup = false;
    $wgid = NextAid();
    $immunity = 0;
    // Extract immunity from server mask string
    if (strstr($srv_mask, "#")) {
        $immunity = "0";
        $immunity = substr($srv_mask, strpos($srv_mask, "#") + 1);
        $srv_mask = substr($srv_mask, 0, strlen($srv_mask) - strlen($immunity) - 1);
    }
    // Avoid negative immunity
    $immunity = $immunity > 0 ? $immunity : 0;
    // Handle Webpermissions
    // Chose to create a new webgroup
    if ($a_wg == 'n') {
        $add_webgroup = $GLOBALS['db']->Execute("INSERT INTO " . DB_PREFIX . "_groups(type, name, flags)\r\n\t\t\t\t\t\t\t\t\t\tVALUES (?,?,?)", array(1, $a_webname, $mask));
        $web_group = (int) $GLOBALS['db']->Insert_ID();
        // We added those permissons to the group, so don't add them as custom permissions again
        $mask = 0;
    } else {
        if ($a_wg != 'c' && $a_wg > 0) {
            $web_group = (int) $a_wg;
        } else {
            $web_group = -1;
        }
    }
    // Handle Serverpermissions
    // Chose to create a new server admin group
    if ($a_sg == 'n') {
        $add_servergroup = $GLOBALS['db']->Execute("INSERT INTO " . DB_PREFIX . "_srvgroups(immunity, flags, name, groups_immune)\r\n\t\t\t\t\tVALUES (?,?,?,?)", array($immunity, $srv_mask, $a_servername, " "));
        $server_admin_group = $a_servername;
        $server_admin_group_int = (int) $GLOBALS['db']->Insert_ID();
        // We added those permissons to the group, so don't add them as custom permissions again
        $srv_mask = "";
    } else {
        if ($a_sg != 'c' && $a_sg > 0) {
            $server_admin_group = $GLOBALS['db']->GetOne("SELECT `name` FROM " . DB_PREFIX . "_srvgroups WHERE id = '" . (int) $a_sg . "'");
            $server_admin_group_int = (int) $a_sg;
        } else {
            $server_admin_group = "";
            $server_admin_group_int = -1;
        }
    }
    // Add the admin
    $aid = $userbank->AddAdmin($a_name, $a_steam, $a_password, $a_email, $web_group, $mask, $server_admin_group, $srv_mask, $immunity, $a_serverpass);
    if ($aid > -1) {
        // Grant permissions to the selected server groups
        $srv_groups = explode(",", $server);
        $addtosrvgrp = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_admins_servers_groups(admin_id,group_id,srv_group_id,server_id) VALUES (?,?,?,?)");
        foreach ($srv_groups as $srv_group) {
            if (!empty($srv_group)) {
                $GLOBALS['db']->Execute($addtosrvgrp, array($aid, $server_admin_group_int, substr($srv_group, 1), '-1'));
            }
        }
        // Grant permissions to individual servers
        $srv_arr = explode(",", $singlesrv);
        $addtosrv = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_admins_servers_groups(admin_id,group_id,srv_group_id,server_id) VALUES (?,?,?,?)");
        foreach ($srv_arr as $server) {
            if (!empty($server)) {
                $GLOBALS['db']->Execute($addtosrv, array($aid, $server_admin_group_int, '-1', substr($server, 1)));
            }
        }
        if (isset($GLOBALS['config']['config.enableadminrehashing']) && $GLOBALS['config']['config.enableadminrehashing'] == 1) {
            // rehash the admins on the servers
            $serveraccessq = $GLOBALS['db']->GetAll("SELECT s.sid FROM `" . DB_PREFIX . "_servers` s\r\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . DB_PREFIX . "_admins_servers_groups` asg ON asg.admin_id = '" . (int) $aid . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . DB_PREFIX . "_servers_groups` sg ON sg.group_id = asg.srv_group_id\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE ((asg.server_id != '-1' AND asg.srv_group_id = '-1')\r\n\t\t\t\t\t\t\t\t\t\t\t\tOR (asg.srv_group_id != '-1' AND asg.server_id = '-1'))\r\n\t\t\t\t\t\t\t\t\t\t\t\tAND (s.sid IN(asg.server_id) OR s.sid IN(sg.server_id)) AND s.enabled = 1");
            $allservers = array();
            foreach ($serveraccessq as $access) {
                if (!in_array($access['sid'], $allservers)) {
                    $allservers[] = $access['sid'];
                }
            }
            $objResponse->addScript("ShowRehashBox('" . implode(",", $allservers) . "','Admin Added', 'The admin has been added successfully', 'green', 'index.php?p=admin&c=admins');TabToReload();");
        } else {
            $objResponse->addScript("ShowBox('Admin Added', 'The admin has been added successfully', 'green', 'index.php?p=admin&c=admins');TabToReload();");
        }
        $log = new CSystemLog("m", "Admin added", "Admin (" . $a_name . ") has been added");
        return $objResponse;
    } else {
        $objResponse->addScript("ShowBox('User NOT Added', 'The admin failed to be added to the database. Check the logs for any SQL errors.', 'red', 'index.php?p=admin&c=admins');");
    }
}
function AddAdmin($mask, $srv_mask, $a_name, $a_steam, $a_email, $a_password, $a_password2, $a_sg, $a_wg, $a_serverpass, $a_webname, $a_servername, $server, $singlesrv)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_ADMINS)) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Ошибка доступа", $username . " пытался добавить админа, не имея на то прав.");
        return $objResponse;
    }
    $a_name = RemoveCode($a_name);
    $a_steam = RemoveCode($a_steam);
    $a_email = RemoveCode($a_email);
    $a_servername = $a_servername == "0" ? null : RemoveCode($a_servername);
    $a_webname = RemoveCode($a_webname);
    $mask = (int) $mask;
    $error = 0;
    //No name
    if (empty($a_name)) {
        $error++;
        $objResponse->addAssign("name.msg", "innerHTML", "Введите имя админа.");
        $objResponse->addScript("\$('name.msg').setStyle('display', 'block');");
    } else {
        if (strstr($a_name, "'")) {
            $error++;
            $objResponse->addAssign("name.msg", "innerHTML", "Имя админа не должно содержать символы \" ' \".");
            $objResponse->addScript("\$('name.msg').setStyle('display', 'block');");
        } else {
            if (is_taken("admins", "user", $a_name)) {
                $error++;
                $objResponse->addAssign("name.msg", "innerHTML", "Имя уже существует");
                $objResponse->addScript("\$('name.msg').setStyle('display', 'block');");
            } else {
                $objResponse->addAssign("name.msg", "innerHTML", "");
                $objResponse->addScript("\$('name.msg').setStyle('display', 'none');");
            }
        }
    }
    // If they didnt type a steamid
    if (empty($a_steam) || strlen($a_steam) < 10) {
        $error++;
        $objResponse->addAssign("steam.msg", "innerHTML", "Введите Steam ID или Community ID админа.");
        $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');");
    } else {
        // Validate the steamid or fetch it from the community id
        if (!is_numeric($a_steam) && !validate_steam($a_steam) || is_numeric($a_steam) && (strlen($a_steam) < 15 || !validate_steam($a_steam = FriendIDToSteamID($a_steam)))) {
            $error++;
            $objResponse->addAssign("steam.msg", "innerHTML", "Введите действительный Steam ID или Community ID.");
            $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');");
        } else {
            if (is_taken("admins", "authid", $a_steam)) {
                $admins = $userbank->GetAllAdmins();
                foreach ($admins as $admin) {
                    if ($admin['authid'] == $a_steam) {
                        $name = $admin['user'];
                        break;
                    }
                }
                $error++;
                $objResponse->addAssign("steam.msg", "innerHTML", "Этот Steam ID уже используется админом " . htmlspecialchars(addslashes($name)) . " .");
                $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');");
            } else {
                $objResponse->addAssign("steam.msg", "innerHTML", "");
                $objResponse->addScript("\$('steam.msg').setStyle('display', 'none');");
            }
        }
    }
    // No email
    if (empty($a_email)) {
        // An E-Mail address is only required for users with web permissions.
        if ($mask != 0) {
            $error++;
            $objResponse->addAssign("email.msg", "innerHTML", "Введите адрес e-mail.");
            $objResponse->addScript("\$('email.msg').setStyle('display', 'block');");
        }
    } else {
        // Is an other admin already registred with that email address?
        if (is_taken("admins", "email", $a_email)) {
            $admins = $userbank->GetAllAdmins();
            foreach ($admins as $admin) {
                if ($admin['email'] == $a_email) {
                    $name = $admin['user'];
                    break;
                }
            }
            $error++;
            $objResponse->addAssign("email.msg", "innerHTML", "Этот e-mail уже используется админом " . htmlspecialchars(addslashes($name)) . ".");
            $objResponse->addScript("\$('email.msg').setStyle('display', 'block');");
        } else {
            $objResponse->addAssign("email.msg", "innerHTML", "");
            $objResponse->addScript("\$('email.msg').setStyle('display', 'none');");
            /*	if(!validate_email($a_email))
            			{
            				$error++;
            				$objResponse->addAssign("email.msg", "innerHTML", "Please enter a valid email address.");
            				$objResponse->addScript("$('email.msg').setStyle('display', 'block');");
            			}
            			else
            			{
            				$objResponse->addAssign("email.msg", "innerHTML", "");
            				$objResponse->addScript("$('email.msg').setStyle('display', 'none');");
            
            			}*/
        }
    }
    // no pass
    if (empty($a_password)) {
        // A password is only required for users with web permissions.
        if ($mask != 0) {
            $error++;
            $objResponse->addAssign("password.msg", "innerHTML", "Введите пароль.");
            $objResponse->addScript("\$('password.msg').setStyle('display', 'block');");
        }
    } else {
        if (strlen($a_password) < MIN_PASS_LENGTH) {
            $error++;
            $objResponse->addAssign("password.msg", "innerHTML", "Длина пароля не менее " . MIN_PASS_LENGTH . " символов.");
            $objResponse->addScript("\$('password.msg').setStyle('display', 'block');");
        } else {
            $objResponse->addAssign("password.msg", "innerHTML", "");
            $objResponse->addScript("\$('password.msg').setStyle('display', 'none');");
            // No confirmation typed
            if (empty($a_password2)) {
                $error++;
                $objResponse->addAssign("password2.msg", "innerHTML", "Подтвердите пароль");
                $objResponse->addScript("\$('password2.msg').setStyle('display', 'block');");
            } else {
                if ($a_password != $a_password2) {
                    $error++;
                    $objResponse->addAssign("password2.msg", "innerHTML", "Пароли не соответствуют");
                    $objResponse->addScript("\$('password2.msg').setStyle('display', 'block');");
                } else {
                    $objResponse->addAssign("password2.msg", "innerHTML", "");
                    $objResponse->addScript("\$('password2.msg').setStyle('display', 'none');");
                }
            }
        }
    }
    // Choose to use a server password
    if ($a_serverpass != "-1") {
        // No password given?
        if (empty($a_serverpass)) {
            $error++;
            $objResponse->addAssign("a_serverpass.msg", "innerHTML", "Введите пароль сервера, либо снимите галочку.");
            $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'block');");
        } else {
            if (strlen($a_serverpass) < MIN_PASS_LENGTH) {
                $error++;
                $objResponse->addAssign("a_serverpass.msg", "innerHTML", "Длина пароля не менее " . MIN_PASS_LENGTH . " символов.");
                $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'block');");
            } else {
                $objResponse->addAssign("a_serverpass.msg", "innerHTML", "");
                $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'none');");
            }
        }
    } else {
        $objResponse->addAssign("a_serverpass.msg", "innerHTML", "");
        $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'none');");
        // Don't set "-1" as password ;)
        $a_serverpass = "";
    }
    // didn't choose a server group
    if ($a_sg == "-2") {
        $error++;
        $objResponse->addAssign("server.msg", "innerHTML", "Выберите группу.");
        $objResponse->addScript("\$('server.msg').setStyle('display', 'block');");
    } else {
        $objResponse->addAssign("server.msg", "innerHTML", "");
        $objResponse->addScript("\$('server.msg').setStyle('display', 'none');");
    }
    // chose to create a new server group
    if ($a_sg == 'n') {
        // didn't type a name
        if (empty($a_servername)) {
            $error++;
            $objResponse->addAssign("servername_err", "innerHTML", "Введите имя новой группы.");
            $objResponse->addScript("\$('servername_err').setStyle('display', 'block');");
        } else {
            if (strstr($a_servername, ',')) {
                $error++;
                $objResponse->addAssign("servername_err", "innerHTML", "Имя группы не может содержать запятую ','");
                $objResponse->addScript("\$('servername_err').setStyle('display', 'block');");
            } else {
                $objResponse->addAssign("servername_err", "innerHTML", "");
                $objResponse->addScript("\$('servername_err').setStyle('display', 'none');");
            }
        }
    }
    // didn't choose a web group
    if ($a_wg == "-2") {
        $error++;
        $objResponse->addAssign("web.msg", "innerHTML", "Выберите группу.");
        $objResponse->addScript("\$('web.msg').setStyle('display', 'block');");
    } else {
        $objResponse->addAssign("web.msg", "innerHTML", "");
        $objResponse->addScript("\$('web.msg').setStyle('display', 'none');");
    }
    // Choose to create a new webgroup
    if ($a_wg == 'n') {
        // But didn't type a name
        if (empty($a_webname)) {
            $error++;
            $objResponse->addAssign("webname_err", "innerHTML", "Введите имя новой группы.");
            $objResponse->addScript("\$('webname_err').setStyle('display', 'block');");
        } else {
            if (strstr($a_webname, ',')) {
                $error++;
                $objResponse->addAssign("webname_err", "innerHTML", "Имя группы не может содержать запятую ','");
                $objResponse->addScript("\$('webname_err').setStyle('display', 'block');");
            } else {
                $objResponse->addAssign("webname_err", "innerHTML", "");
                $objResponse->addScript("\$('webname_err').setStyle('display', 'none');");
            }
        }
    }
    // Ohnoes! something went wrong, stop and show errs
    if ($error) {
        ShowBox_ajx("Error", "Допущены ошибки. Пожалуйста, исправьте их.", "red", "", true, $objResponse);
        return $objResponse;
    }
    // ##############################################################
    // ##                     Start adding to DB                   ##
    // ##############################################################
    $gid = 0;
    $groupID = 0;
    $inGroup = false;
    $wgid = NextAid();
    $immunity = 0;
    // Extract immunity from server mask string
    if (strstr($srv_mask, "#")) {
        $immunity = "0";
        $immunity = substr($srv_mask, strpos($srv_mask, "#") + 1);
        $srv_mask = substr($srv_mask, 0, strlen($srv_mask) - strlen($immunity) - 1);
    }
    // Avoid negative immunity
    $immunity = $immunity > 0 ? $immunity : 0;
    // Handle Webpermissions
    // Chose to create a new webgroup
    if ($a_wg == 'n') {
        $add_webgroup = $GLOBALS['db']->Execute("INSERT INTO " . DB_PREFIX . "_groups(type, name, flags)\r\n\t\t\t\t\t\t\t\t\t\tVALUES (?,?,?)", array(1, $a_webname, $mask));
        $web_group = (int) $GLOBALS['db']->Insert_ID();
        // We added those permissons to the group, so don't add them as custom permissions again
        $mask = 0;
    } else {
        if ($a_wg != 'c' && $a_wg > 0) {
            $web_group = (int) $a_wg;
        } else {
            $web_group = -1;
        }
    }
    // Handle Serverpermissions
    // Chose to create a new server admin group
    if ($a_sg == 'n') {
        $add_servergroup = $GLOBALS['db']->Execute("INSERT INTO " . DB_PREFIX . "_srvgroups(immunity, flags, name, groups_immune)\r\n\t\t\t\t\tVALUES (?,?,?,?)", array($immunity, $srv_mask, $a_servername, " "));
        $server_admin_group = $a_servername;
        $server_admin_group_int = (int) $GLOBALS['db']->Insert_ID();
        // We added those permissons to the group, so don't add them as custom permissions again
        $srv_mask = "";
    } else {
        if ($a_sg != 'c' && $a_sg > 0) {
            $server_admin_group = $GLOBALS['db']->GetOne("SELECT `name` FROM " . DB_PREFIX . "_srvgroups WHERE id = '" . (int) $a_sg . "'");
            $server_admin_group_int = (int) $a_sg;
        } else {
            $server_admin_group = "";
            $server_admin_group_int = -1;
        }
    }
    // Add the admin
    $aid = $userbank->AddAdmin($a_name, $a_steam, $a_password, $a_email, $web_group, $mask, $server_admin_group, $srv_mask, $immunity, $a_serverpass);
    if ($aid > -1) {
        // Grant permissions to the selected server groups
        $srv_groups = explode(",", $server);
        $addtosrvgrp = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_admins_servers_groups(admin_id,group_id,srv_group_id,server_id) VALUES (?,?,?,?)");
        foreach ($srv_groups as $srv_group) {
            if (!empty($srv_group)) {
                $GLOBALS['db']->Execute($addtosrvgrp, array($aid, $server_admin_group_int, substr($srv_group, 1), '-1'));
            }
        }
        // Grant permissions to individual servers
        $srv_arr = explode(",", $singlesrv);
        $addtosrv = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_admins_servers_groups(admin_id,group_id,srv_group_id,server_id) VALUES (?,?,?,?)");
        foreach ($srv_arr as $server) {
            if (!empty($server)) {
                $GLOBALS['db']->Execute($addtosrv, array($aid, $server_admin_group_int, '-1', substr($server, 1)));
            }
        }
        if (isset($GLOBALS['config']['config.enableadminrehashing']) && $GLOBALS['config']['config.enableadminrehashing'] == 1) {
            // rehash the admins on the servers
            $serveraccessq = $GLOBALS['db']->GetAll("SELECT s.sid FROM `" . DB_PREFIX . "_servers` s\r\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . DB_PREFIX . "_admins_servers_groups` asg ON asg.admin_id = '" . (int) $aid . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . DB_PREFIX . "_servers_groups` sg ON sg.group_id = asg.srv_group_id\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE ((asg.server_id != '-1' AND asg.srv_group_id = '-1')\r\n\t\t\t\t\t\t\t\t\t\t\t\tOR (asg.srv_group_id != '-1' AND asg.server_id = '-1'))\r\n\t\t\t\t\t\t\t\t\t\t\t\tAND (s.sid IN(asg.server_id) OR s.sid IN(sg.server_id)) AND s.enabled = 1");
            $allservers = array();
            foreach ($serveraccessq as $access) {
                if (!in_array($access['sid'], $allservers)) {
                    $allservers[] = $access['sid'];
                }
            }
            $objResponse->addScript("ShowRehashBox('" . implode(",", $allservers) . "','Админ добавлен', 'Админ успешно добавлен', 'green', 'index.php?p=admin&c=admins');TabToReload();");
        } else {
            $objResponse->addScript("ShowBox('Админ добавлен', 'Админ успешно добавлен', 'green', 'index.php?p=admin&c=admins');TabToReload();");
        }
        $log = new CSystemLog("m", "Админ добавлен", "Админ (" . $a_name . ") добавлен");
        return $objResponse;
    } else {
        $objResponse->addScript("ShowBox('Пользователь не добавлен', 'Ошибка при добавлении админа в базу. Проверьте лог на наличие SQL ошибок.', 'red', 'index.php?p=admin&c=admins');");
    }
}