-
Notifications
You must be signed in to change notification settings - Fork 1
/
AddAccounts.php
43 lines (37 loc) · 1.23 KB
/
AddAccounts.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
<?
session_start();
require_once("database.php");
require_once('DBsettings.php');
$db = new db();
$db->DBConnect();
$Account = $db->escapeString($_GET['Account']);
$Password = hash('sha256',$db->escapeString($_GET['Password']));
$User = $db->escapeString($_GET['User']);
$Permission = $db->escapeString($_GET['Permission']);
$sql = "Select * From Accounts where Account = '$Account'";
$result = $db->numRows($db->query($sql));
if ($_SESSION['Permission']==1){
if($result==0){
// Load settings from parent class
$settings = DatabaseSettings::getSettings();
// Get the main settings from the array we just loaded
$host = $settings['dbhost'];
$name = $settings['dbname'];
$user = $settings['dbusername'];
$pass = $settings['dbpassword'];
$conn = new PDO("mysql:host=$host;dbname=$name", $user, $pass);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql="INSERT INTO `Accounts`(`Account`, `Password`, `User`, `Permission`) VALUES ('$Account','$Password','$User','$Permission')";
// use exec() because no results are returned
$conn->exec($sql);
echo "Add Acounts Successfully!!";
}
else{
echo "Account Exists!!";
}
}
else{
echo "Permission Denied!!";
}
?>