-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcreateAdmin.php
More file actions
executable file
·104 lines (97 loc) · 3.43 KB
/
createAdmin.php
File metadata and controls
executable file
·104 lines (97 loc) · 3.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
session_start();
$servername = "localhost";
$username = "cyborg";
$password = "toor";
$dbname = "lab";
// Create connection
$link = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($link->connect_error) {
die("Connection failed: " . $link->connect_error);
}
$exist = "";
if(isset($_SESSION['name']) && (strcmp($_SESSION['name'],"Admin") == 0)){
if($_SERVER["REQUEST_METHOD"]== "POST"){
if(strcmp($_POST['password'],$_POST['confirmPassword']) == 0){
$invalidEmail="";
$user=$link->real_escape_string($_POST['username']);
$email=$link->real_escape_string($_POST['email']);
// checking Secondary admin exist or not
$id1 = $link->query("SELECT id FROM adminTable WHERE adminName='$user'");
if( $id1->num_rows ==0)
{
if(1){
// $_SESSION['name'] = $user;
//$_SESSION['email'] = $email;
$pass=sha1($_POST['password']);
// for email verification in future, do hash check
//$_SESSION["password"] = $pass;
$sql = "INSERT INTO adminTable (adminName, adminEmail ,password) "
. "VALUES ('$user', '$email' ,'$pass')";
$link->query($sql);
#set session to display
if ($link->query($sql) === TRUE) {
$_SESSION['message'] = "Registration Successful!, added secondary admin : $user to database";
echo "New record created successfully";
// header("location: welcome.php");
} else {
echo "Error : " . $sql . "<br>" . $link->error;
}
header("location:admin.php");
//$link->close();
}
else {
$_SESSION['message'] = 'Invalid Request';
$InvalidEmail="Sorry, its only for IIT ropar people.";
$link->close();
}
}
else
{
$exist = "This Admin already exists";
}
}
else{
// remove link and session variables
$link->close();
session_unset();session_destroy();
$_SESSION['message'] = 'passwords do not match!';
$passwordNotMatches="Two passwords didn't matched\n";
}
}
else {$link->close();} // remove session variables if user is not registering;
}
else{
echo "Session Expired, Login Again";
}
?>
<!DOCTYPE html>
<html>
<head>
<title>My Mess</title>
<link rel="stylesheet" type="text/css" href="styles/register.css">
</head>
<body>
<div id="registerBack"></div>
<div id="register">
<form action="createAdmin.php" class="registerForm" method="post">
<h1 class="Register">Create New Admin</h1>
<br>
<input type="text" class="username" name="username" autocomplete="off" placeholder="New Admin Name" required="">
<br>
<input type="email" class="EmailInput" name="email" autocomplete="off" placeholder="Email" required="">
<br>
<input type="password" class="password" name="password" placeholder="Password" required="">
<br>
<input type="password" class="confirmPassword" name="confirmPassword" placeholder="Confirm Password" required="">
<br>
<button type="submit" class="submit" value=""><span>Submit</span></button>
<br>
<span class="error" style="color:rgb(250,50,50) ; font-size:17px ; font-weignt : 100;"><?php echo $passwordNotMatches;?></span>
<span class="error" style="color:rgb(250,50,50) ; font-size:17px ; font-weignt : 100;"><?php echo $InvalidEmail;?></span>
<span class="error" style="color:rgb(250,50,50) ; font-size:17px ; font-weignt : 100;"><?php echo $exist;?></span>
</form>
</div>
</body>
</html>