Location: PHPKode > projects > iBWd News > news/admin/admin.php
<?

/*###############################################################*\
##                       iBWd News 1.1b                          ##
##                 http://bramstart.be/ibwds                     ##
##                                                               ##
*/###############################################################*\


require("config.php");
$query = "SELECT * FROM $table_users";
$result = mysql_query($query);
list($col1) = mysql_fetch_row($result);
if($col1==""){ $adm = 1; }
unset($query);
unset($result);
if($adm != "1"){
require("access.php");
if($status == "MOD"){ exit; }
}
?>
<html>
<head>
<style>
<?=$style;?>
</style>
</head>
<body>
<?
if(!isset($action)){ $action = "newuser"; }
// ADD NEWSUSER
if($action == "newuser" && !isset($submitok)){
	?>
<center>
<form method="post" action="<?=$PHP_SELF?>">
<table border="0" cellspacing="1" cellpadding="3" class="table_border">
<tr>
<td width="100%" colspan="2" class="header_cell">Add new users&nbsp;</td>
</tr>
<?
	if($adm == "1"){
?>
<input type="hidden" name="adminok" value="1">
<tr>
<td colspan="2" class="cells">Their are no users in the database, so you are the administrator, you are allowed to:
<li>Add users</li>
<li>Add news</li>
<li>Modify news</li>
<li>Delete news</li><br><br>
<center><b>Fill in now a desired admin name and admin password:</b></center>
</td>
</tr>
<? } ?>
<tr>
<td class="cells" align="right">Name:</td>
<td class="cells"><input type="text" name="nname" size="33" class="box"></td>
</tr>
<tr>
<td class="cells" align="right">Password:</td>
<td class="cells"><input type="password" name="npassword" size="33" class="box"></td>
</tr>

<? if(!isset($adm)){ ?>

<tr>
<td class="header_cell" align="right" colspan="2">
<p align="left">Permissions</td>
</tr>
<tr>
<td class="cells" align="right" colspan="2">
<table border="0" width="100%">
<tr>
<td width="33%" class="cells" align="center">
<p align="center"><b>Add posts</b></td>
<td width="33%" class="cells" align="center"><b>Modify posts</b></td>
<td width="34%" class="cells" align="center"><b>Delete posts</b></td>
</tr>
<tr>
<td width="33%" class="cells" align="center"><input type="checkbox" name="add" value="1" checked></td>
<td width="33%" class="cells" align="center"><input type="checkbox" name="mod" value="1"></td>
<td width="34%" class="cells" align="center"><input type="checkbox" name="del" value="1"></td>
</tr>

<? } ?>

</table>
</td>
</tr>

<center>
<tr>
<td width="100%" class="cells" colspan="2">
<p align="center"><input type="submit" name="submitok">&nbsp;</p>
</td>
</tr>
</table>
</form>
</center>
<? }
if(isset($submitok)){
	if($nname == "" || $npassword == ""){
		error("One or more required fields were left blank.\\n".
			"Please fill them in and try again.");
	}
	$query = "SELECT COUNT(*) FROM $table_users WHERE name = '$nname'";
	$result = mysql_query($query);
	if(!$result){
		error("A database error occurred in processing your submission.");
	}
	if(mysql_result($result,0,0)>0){
		error("A user already exists with your chosen name.\\n".
			"Please try another");
	}
	if($add==1 || isset($adminok)){$add = "Y";} else {$add = "N";}
	if($mod==1 || isset($adminok)){$mod= "Y";} else {$mod = "N";}
	if($del==1 || isset($adminok)){$del = "Y";} else {$del = "N";}

	$queryts = "SELECT * FROM $table_users where status = 'ADMIN'";
	$resultts = mysql_query($queryts);
	if(mysql_affected_rows($db)==1){ $check = 1; }
	unset($queryts);
	unset($resultts);


	if(isset($adminok) AND $check != 1){ $status = "ADMIN"; } else { $status = "MOD"; }

	$query = "INSERT INTO $table_users (ID, password, name, addpost, modpost, delpost, status) VALUES ('', PASSWORD('$npassword'), '$nname', '$add', '$mod', '$del', '$status')";


	if(!mysql_query($query)){
		error("Error while processing your submission, Can't connect the db...");
	}
	?>
		<center>
<table border="0" cellspacing="1" cellpadding="3" class="table_border">
<tr>
<td width="100%" class="header_cell">New user added </td>
</tr>
<tr>
<td class="cells">
The user &quot;<?=$nname?>&quot; has been added!</td>
</tr>
</table>
<? if(isset($adm)){ ?>
<br>
<b><a href="index.php">Click here to log in!</a></b> <? } ?>
</center>
		<?
}
mysql_close($db);
// END ADD NEW USER
?>
Return current item: iBWd News