// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: admin.php
//
// Template File: -none-
//
// Template Variables:
//
// action
// message
// username
// domains
//
// POST / GET Variables:
//
// username
// password1
// password2
// domains
//
require_once '../functions.inc.php';
include '../languages/' . check_language() . '.lang';
$list_admins = list_admins();
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
$password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
$password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
$ROLE = ADMIN_ROLE;
if (empty($username) || in_array($username, array_column($list_admins, 'username'))) {
$message = $LANG['AdminAdd_admin_username_error'];
}
if (empty($password1) || $password1 != $password2) {
$message = $LANG['AdminAdd_admin_password_error'];
}
if (empty($message)) {
$hashed = bcrypt($password1);
try {
$dbh = pdo_connect();
$sth = $dbh->prepare("INSERT INTO admin (username,password,role,created,modified) VALUES (?,?,?,NOW(),NOW())");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->bindParam(2, $hashed, PDO::PARAM_STR);
$sth->bindParam(3, $ROLE, PDO::PARAM_STR);
$sth->execute();
$message = $LANG['AdminAdd_admin_result_succes'] . " ($username)Go to the LOGIN page";
} catch(PDOException $e) {
$message = $LANG['AdminAdd_admin_result_error'] . " ($username)
$e";
}
}
}
@header("Expires: Wed, 29 Feb 1984 00:00:00 GMT");
@header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
@header("Cache-Control: no-store, no-cache, must-revalidate");
@header("Cache-Control: post-check=0, pre-check=0", false);
@header("Pragma: no-cache");
?>