<?
/*###############################################################*\
## iBWd News 1.1b ##
## http://bramstart.be/ibwds ##
## ##
*/###############################################################*\
require("config.php");
$query = "SELECT * FROM $table_users";
$result = mysql_query($query);
list($col1) = mysql_fetch_row($result);
if($col1==""){ $adm = 1; }
unset($query);
unset($result);
if($adm != "1"){
require("access.php");
if($status == "MOD"){ exit; }
}
?>
<html>
<head>
<style>
<?=$style;?>
</style>
</head>
<body>
<?
if(!isset($action)){ $action = "newuser"; }
// ADD NEWSUSER
if($action == "newuser" && !isset($submitok)){
?>
<center>
<form method="post" action="<?=$PHP_SELF?>">
<table border="0" cellspacing="1" cellpadding="3" class="table_border">
<tr>
<td width="100%" colspan="2" class="header_cell">Add new users </td>
</tr>
<?
if($adm == "1"){
?>
<input type="hidden" name="adminok" value="1">
<tr>
<td colspan="2" class="cells">Their are no users in the database, so you are the administrator, you are allowed to:
<li>Add users</li>
<li>Add news</li>
<li>Modify news</li>
<li>Delete news</li><br><br>
<center><b>Fill in now a desired admin name and admin password:</b></center>
</td>
</tr>
<? } ?>
<tr>
<td class="cells" align="right">Name:</td>
<td class="cells"><input type="text" name="nname" size="33" class="box"></td>
</tr>
<tr>
<td class="cells" align="right">Password:</td>
<td class="cells"><input type="password" name="npassword" size="33" class="box"></td>
</tr>
<? if(!isset($adm)){ ?>
<tr>
<td class="header_cell" align="right" colspan="2">
<p align="left">Permissions</td>
</tr>
<tr>
<td class="cells" align="right" colspan="2">
<table border="0" width="100%">
<tr>
<td width="33%" class="cells" align="center">
<p align="center"><b>Add posts</b></td>
<td width="33%" class="cells" align="center"><b>Modify posts</b></td>
<td width="34%" class="cells" align="center"><b>Delete posts</b></td>
</tr>
<tr>
<td width="33%" class="cells" align="center"><input type="checkbox" name="add" value="1" checked></td>
<td width="33%" class="cells" align="center"><input type="checkbox" name="mod" value="1"></td>
<td width="34%" class="cells" align="center"><input type="checkbox" name="del" value="1"></td>
</tr>
<? } ?>
</table>
</td>
</tr>
<center>
<tr>
<td width="100%" class="cells" colspan="2">
<p align="center"><input type="submit" name="submitok"> </p>
</td>
</tr>
</table>
</form>
</center>
<? }
if(isset($submitok)){
if($nname == "" || $npassword == ""){
error("One or more required fields were left blank.\\n".
"Please fill them in and try again.");
}
$query = "SELECT COUNT(*) FROM $table_users WHERE name = '$nname'";
$result = mysql_query($query);
if(!$result){
error("A database error occurred in processing your submission.");
}
if(mysql_result($result,0,0)>0){
error("A user already exists with your chosen name.\\n".
"Please try another");
}
if($add==1 || isset($adminok)){$add = "Y";} else {$add = "N";}
if($mod==1 || isset($adminok)){$mod= "Y";} else {$mod = "N";}
if($del==1 || isset($adminok)){$del = "Y";} else {$del = "N";}
$queryts = "SELECT * FROM $table_users where status = 'ADMIN'";
$resultts = mysql_query($queryts);
if(mysql_affected_rows($db)==1){ $check = 1; }
unset($queryts);
unset($resultts);
if(isset($adminok) AND $check != 1){ $status = "ADMIN"; } else { $status = "MOD"; }
$query = "INSERT INTO $table_users (ID, password, name, addpost, modpost, delpost, status) VALUES ('', PASSWORD('$npassword'), '$nname', '$add', '$mod', '$del', '$status')";
if(!mysql_query($query)){
error("Error while processing your submission, Can't connect the db...");
}
?>
<center>
<table border="0" cellspacing="1" cellpadding="3" class="table_border">
<tr>
<td width="100%" class="header_cell">New user added </td>
</tr>
<tr>
<td class="cells">
The user "<?=$nname?>" has been added!</td>
</tr>
</table>
<? if(isset($adm)){ ?>
<br>
<b><a href="index.php">Click here to log in!</a></b> <? } ?>
</center>
<?
}
mysql_close($db);
// END ADD NEW USER
?>