accountaccess == false) header("Location: index.php?err=You do not have permission to access account data!"); if($_GET['del']) { mysql_query("DELETE FROM `admin` WHERE `id`=".$_GET['del']); header("Location: admin.php"); } if($_POST["editId"]) { // TODO update this if(trim($_POST["password"])) mysql_query("UPDATE `admin` SET `username`='". mysql_real_escape_string($_POST['username']) ."', `password`='". hash('sha256',$_POST['password']) ."', `accountaccess`=". (($_POST['access'])?"1":"0") ." WHERE `id`=". $_POST['editId']) or die(mysql_error()); else mysql_query("UPDATE `admin` SET `username`='". mysql_real_escape_string($_POST['username']) ."', `accountaccess`=". (($_POST['access'])?"1":"0") ." WHERE `id`=". $_POST['editId']) or die(mysql_error()); header("Location: admin.php"); } if($_POST["username"] && !$_POST["editId"]) { mysql_query("INSERT INTO `admin` (`username`,`password`,`accountaccess`) VALUES ('". mysql_real_escape_string($_POST['username']) ."','". hash('sha256',$_POST['password']) ."',". (($_POST['access'])?"1":"0") .")") or die(mysql_error()); header("Location: admin.php"); } include("header.php"); ?>
Admin Account List

New Admin Account

  ". $acc->username ." ". (($acc->accountaccess)?"Has access to admin accounts":"Does not have access to admin accounts") ." "; } ?>
Create New Account

Username:

Password:

Has access to admin accounts?

    

Edit Account

Username:

Password: (leave blank if not changing)

Has access to admin accounts? accountaccess) { ?> checked="checked" />