set_charset("utf8");
if ($conn->connect_error) {
die("Database connection failed: " . $conn->connect_error);
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['uname']) && isset($_POST['pswd'])) {
$uname = trim($_POST['uname']);
$pswd = trim($_POST['pswd']);
$is_admin = isset($_POST['admin']) ? 1 : 0;
$defPath = isset($_POST['defPath']) ? trim($_POST['defPath']) : '';
$delPer = isset($_POST['delPer']) ? (int)$_POST['delPer'] : 0;
$dowPer = isset($_POST['downPer']) ? (int)$_POST['downPer'] : 0;
$upPer = isset($_POST['upPer']) ? (int)$_POST['upPer'] : 0;
if (empty($uname) || empty($pswd)) {
$_SESSION['message'] = 'Error: Username and password are required!';
$_SESSION['message_type'] = 'error';
} else if (!CheckPassword($pswd)) {
$_SESSION['message'] = 'Error: Password must be at least 8 characters long, contain at least one number and one uppercase letter!';
$_SESSION['message_type'] = 'error';
} else {
$sql_check = "SELECT * FROM users WHERE uname = ?";
$stmt_check = $conn->prepare($sql_check);
if (!$stmt_check) {
$_SESSION['message'] = 'Error: Database preparation failed.';
$_SESSION['message_type'] = 'error';
} else {
$stmt_check->bind_param("s", $uname);
$stmt_check->execute();
$result_check = $stmt_check->get_result();
if ($result_check->num_rows > 0) {
$_SESSION['message'] = 'Error: Username already exists!';
$_SESSION['message_type'] = 'error';
} else {
$sql_insert = "INSERT INTO users (uname, pswd, admin, defPath, delPer, downPer, upPer) VALUES (?, ?, ?, ?, ?, ?, ?)";
$stmt_insert = $conn->prepare($sql_insert);
if (!$stmt_insert) {
$_SESSION['message'] = 'Error: Database preparation failed.';
$_SESSION['message_type'] = 'error';
} else {
$hash = password_hash($pswd, PASSWORD_BCRYPT);
if (!$hash) {
$_SESSION['message'] = 'Error: Password hashing failed.';
$_SESSION['message_type'] = 'error';
} else {
$stmt_insert->bind_param("ssisiii", $uname, $hash, $is_admin, $defPath, $delPer, $dowPer, $upPer);
if ($stmt_insert->execute()) {
$_SESSION['message'] = 'User added successfully!';
$_SESSION['message_type'] = 'success';
} else {
$_SESSION['message'] = 'Error: Failed to add user. Please try again later.';
$_SESSION['message_type'] = 'error';
}
}
}
}
$stmt_check->close();
if (isset($stmt_insert)) {
$stmt_insert->close();
}
}
}
header("Location: adminpanel.php");
exit();
} else {
$_SESSION['message'] = 'Error: Missing form data!';
$_SESSION['message_type'] = 'error';
header("Location: adminpanel.php");
exit();
}
}
if (isset($_GET['delete'])) {
$delete_uname = htmlspecialchars($_GET['delete']);
$sql = "DELETE FROM users WHERE uname=?";
$stmt = $conn->prepare($sql);
if ($stmt) {
$stmt->bind_param("s", $delete_uname);
if ($stmt->execute()) {
$_SESSION['message'] = 'User deleted successfully!';
$_SESSION['message_type'] = 'success';
} else {
$_SESSION['message'] = 'Error: Failed to delete user.';
$_SESSION['message_type'] = 'error';
}
$stmt->close();
} else {
$_SESSION['message'] = 'Error: Database preparation failed.';
$_SESSION['message_type'] = 'error';
}
header("Location: adminpanel.php");
exit();
}
$result = $conn->query("SELECT uname, admin, defPath, delPer, downPer, upPer FROM users");
$message = $_SESSION['message'] ?? '';
$message_type = $_SESSION['message_type'] ?? '';
unset($_SESSION['message']);
unset($_SESSION['message_type']);
function CheckPassword($password) {
if (strlen($password) < 8) {
return false;
}
if (!preg_match('/[0-9]/', $password)) {
return false;
}
if (!preg_match('/[A-Z]/', $password)) {
return false;
}
return true;
}
?>
Admin Panel
User Management
Users List
| Username |
Admin |
Default Path |
Delete Permission |
Download Permission |
Upload Permission |
Actions |
fetch_assoc()) { ?>
|
|
|
|
|
|
|
close();
?>