-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathadminAddAction.php
68 lines (42 loc) · 1.38 KB
/
adminAddAction.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?
$user = $_POST["u_name"];
$pass = $_POST["p_pass"];
$name = "Admin";
$status = 1;
if(is_null($user) || is_null($pass) || $user == ""){
echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=add_admin.php?error=Username or Password is Invalid'>";
exit();
}
//connect to database
$num = null;
include("config.php");
$objConnect = mysql_connect($dbhost,$dbUser,$dbPass) or die("Error Connect to Database");
$objDB = mysql_select_db($dbName);
$strSQL1 = "SELECT * FROM admin WHERE Username = '".$user."'" ;
$objQuery1 = mysql_query($strSQL1) or die ("Error Query [".$strSQL1."]");
$num = mysql_num_rows($objQuery1);
if($num > 0 ){
@mysql_close($objConnect);
echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=add_admin.php?error=Username or Password is Duplicate'>";
exit();
}
$strSQL2 = "INSERT INTO admin ";
$strSQL2 .="(Username,Password,Name,status) ";
$strSQL2 .="VALUES ";
$strSQL2 .="('".$user."','".$pass."','".$name."','".$status."')";
$objQuery2 = mysql_query($strSQL2) or die ("Error Query [".$strSQL."]");
mysql_query("SET NAMES UTF8");
if($objQuery2)
{
//if add success redirect to equipment page
echo "Save Done.";
@mysql_close($objConnect);
echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=add_admin.php?error=Add admin successfull.'>";
}
else
{
// if add error show message error
echo "Error Save [".$strSQL."]";
}
@mysql_close($objConnect);
?>