trojans-trophy-room/admin/user_management/add_safe_admin.php

<!DOCTYPE html>

<html>

<head>
  <meta charset="UTF-8" />
  <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no" />
  <link rel="stylesheet" href="/styles/primary.css" />
  <link rel="stylesheet" href="/styles/db_management.css" />
  <script src="/scripts/tools.js"></script>
  <script>verifyPageInFrame()</script>
  <title>no title</title>
</head>

<body class="sqlOutput">
  <?php
  // USER-DEFINED VARIABLES
  include("../db_config.php"); // Include database stuff
  include("../db_management/initialise.php");


  try {  // Try opening the SQL database connection
    $conn = new PDO("mysql:host=$servername; dbname=$dbName", $dbUsername, $dbPassword);
    // set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);


    // Check if the users table exists already
    $sqlCheckAdminUserTable = $conn->prepare("SHOW TABLES LIKE '" . $adminUserTableName . "'");
  
    // Run the query
    $sqlCheckAdminUserTable->execute();
  
    //Check if any rows exist - if not, create the table
    $adminCount = $sqlCheckAdminUserTable->rowCount();

    if ($adminCount == 0) {
      echo "<p>Admins table not found! This is probably initial setup.</p><p>Creating safe admins table...</p>";
        try {
          $conn->query($sqlCreateAdminTable);
          echo "<p>Table '" . $adminUserTableName . "' successfully created (safe admins)</p>";
        } catch (PDOException $e) {
          echo $sqlCreateUserTable . "<br>" . $e->getMessage();
        }
    }
    

    // Variables for the various input fields
    $username = $_POST["username"];
    $password = password_hash($_POST["password"], PASSWORD_DEFAULT);  // Hash the password for security
    $twitch = $_POST["twitch"];
    $discord = $_POST["discord"];
    $discordLink = $_POST["discordLink"];
    $youtube = $_POST["youtube"];
    $youtubeLink = $_POST["youtubeLink"];

    // Gotta check and make sure the user we're creating is an admin
    $privileges = 0;

    if (filter_has_var(INPUT_POST, "privileges")) {
      $privileges = 1;
    }

    // Prepare the query
    $insert = $conn->prepare("INSERT INTO " . $adminUserTableName . " (username, password, discord, discordLink, twitch, youtube, youtubeLink, privileges) VALUES (:username, :password, :discord, :discordLink, :twitch, :youtube, :youtubeLink, :privileges)");

    // Bind parameters to the query
    $insert->bindParam(":username", $username);
    $insert->bindParam(":password", $password);
    $insert->bindParam(":discord", $discord);
    $insert->bindParam(":discordLink", $discordLink);
    $insert->bindParam(":twitch", $twitch);
    $insert->bindParam(":youtube", $youtube);
    $insert->bindParam(":youtubeLink", $youtubeLink);
    $insert->bindParam(":privileges", $privileges);

    // Execute
    $insert->execute();

    // Check if users table exists, if not run the initialize script, otherwise just make the user

    $sqlCheckUserTable = $conn->prepare("SHOW TABLES LIKE " . $userTableName);

    // Run the query, if the table doesn't exist, initialize the database first
    if ($sqlCheckUserTable !== false && $sqlCheckUserTable->rowCount() > 0) {
        echo "<p>Users table found</p>";
    
      // Now add them to the regular users table as well
      // Prepare the query
      $insert = $conn->prepare("INSERT INTO " . $userTableName . " (username, password, discord, discordLink, twitch, youtube, youtubeLink, privileges) VALUES (:username, :password, :discord, :discordLink, :twitch, :youtube, :youtubeLink, :privileges)");

      // Bind parameters to the query
      $insert->bindParam(":username", $username);
      $insert->bindParam(":password", $password);
      $insert->bindParam(":discord", $discord);
      $insert->bindParam(":discordLink", $discordLink);
      $insert->bindParam(":twitch", $twitch);
      $insert->bindParam(":youtube", $youtube);
      $insert->bindParam(":youtubeLink", $youtubeLink);
      $insert->bindParam(":privileges", $privileges);

      // Execute
      $insert->execute();
    } else {
      echo "<p>Users table not found! This is probably (still) initial setup. Creating...</p>";

      initialiseDatabase();


      // Next we're going to copy any safe admins into the users table.
      // This will make userlists easier to work with
      //echo "<p>Copying users from safe admins...</p>";
      //$copyAdmins = $conn->prepare("INSERT INTO " . $userTableName . " SELECT * FROM " . $adminUserTableName);
    
      //$copyAdmins->execute();
      //echo "<p>Copied!</p>";
    }

    
    if ($userCount == 0) {
    } else {
    }


    echo "Safe Admin created successfully!";

  } catch (PDOException $e) { // failed connection
    echo "Connection failed: " . $e->getMessage();
  }

  $conn = null;

  ?>

</body>

</html>
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00			`<!DOCTYPE html>`

			`<html>`

			`<head>`
			`<meta charset="UTF-8" />`
			`<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no" />`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`<link rel="stylesheet" href="/styles/primary.css" />`
- Changed relative HTML file paths to absolute - Renamed 'trojan.js' to 'tools.js' for future compatibility - Added placeholder team names to the game-adding screen 2025-03-03 21:46:44 -05:00			`<link rel="stylesheet" href="/styles/db_management.css" />`
Enforced all pages that load in frames, to only load in frames, preventing pages from being loaded indivudually that aren't supposed to be 2025-03-08 16:38:13 -05:00			`<script src="/scripts/tools.js"></script>`
			`<script>verifyPageInFrame()</script>`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00			`<title>no title</title>`
			`</head>`

			`<body class="sqlOutput">`
			`<?php`
			`// USER-DEFINED VARIABLES`
			`include("../db_config.php"); // Include database stuff`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`include("../db_management/initialise.php");`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00

			`try { // Try opening the SQL database connection`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`$conn = new PDO("mysql:host=$servername; dbname=$dbName", $dbUsername, $dbPassword);`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00			`// set the PDO error mode to exception`
			`$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);`


			`// Check if the users table exists already`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`$sqlCheckAdminUserTable = $conn->prepare("SHOW TABLES LIKE '" . $adminUserTableName . "'");`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00
			`// Run the query`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`$sqlCheckAdminUserTable->execute();`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00
			`//Check if any rows exist - if not, create the table`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`$adminCount = $sqlCheckAdminUserTable->rowCount();`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`if ($adminCount == 0) {`
			`echo "<p>Admins table not found! This is probably initial setup.</p><p>Creating safe admins table...</p>";`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00			`try {`
			`$conn->query($sqlCreateAdminTable);`
ANOTHER BIG "I need to commit more" UPDATE! - Users can now create their own accounts! Still needs to re-direct (home? user panel?) - Reformatted the folder structure again, trying to achieve more consistent file locations 2025-03-03 21:14:00 -05:00			`echo "<p>Table '" . $adminUserTableName . "' successfully created (safe admins)</p>";`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00			`} catch (PDOException $e) {`
			`echo $sqlCreateUserTable . "<br>" . $e->getMessage();`
			`}`
			`}`


- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`// Variables for the various input fields`
			`$username = $_POST["username"];`
			`$password = password_hash($_POST["password"], PASSWORD_DEFAULT); // Hash the password for security`
			`$twitch = $_POST["twitch"];`
			`$discord = $_POST["discord"];`
			`$discordLink = $_POST["discordLink"];`
			`$youtube = $_POST["youtube"];`
			`$youtubeLink = $_POST["youtubeLink"];`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`// Gotta check and make sure the user we're creating is an admin`
Re-factored "isAdmin" to a more generic "privileges" to store different levels of access 2025-03-09 08:39:59 -04:00			`$privileges = 0;`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00
Re-factored "isAdmin" to a more generic "privileges" to store different levels of access 2025-03-09 08:39:59 -04:00			`if (filter_has_var(INPUT_POST, "privileges")) {`
			`$privileges = 1;`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`}`

			`// Prepare the query`
Re-factored "isAdmin" to a more generic "privileges" to store different levels of access 2025-03-09 08:39:59 -04:00			`$insert = $conn->prepare("INSERT INTO " . $adminUserTableName . " (username, password, discord, discordLink, twitch, youtube, youtubeLink, privileges) VALUES (:username, :password, :discord, :discordLink, :twitch, :youtube, :youtubeLink, :privileges)");`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00
			`// Bind parameters to the query`
			`$insert->bindParam(":username", $username);`
			`$insert->bindParam(":password", $password);`
			`$insert->bindParam(":discord", $discord);`
			`$insert->bindParam(":discordLink", $discordLink);`
			`$insert->bindParam(":twitch", $twitch);`
			`$insert->bindParam(":youtube", $youtube);`
			`$insert->bindParam(":youtubeLink", $youtubeLink);`
Re-factored "isAdmin" to a more generic "privileges" to store different levels of access 2025-03-09 08:39:59 -04:00			`$insert->bindParam(":privileges", $privileges);`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00
			`// Execute`
			`$insert->execute();`

			`// Check if users table exists, if not run the initialize script, otherwise just make the user`

			`$sqlCheckUserTable = $conn->prepare("SHOW TABLES LIKE " . $userTableName);`

			`// Run the query, if the table doesn't exist, initialize the database first`
			`if ($sqlCheckUserTable !== false && $sqlCheckUserTable->rowCount() > 0) {`
			`echo "<p>Users table found</p>";`

			`// Now add them to the regular users table as well`
			`// Prepare the query`
Re-factored "isAdmin" to a more generic "privileges" to store different levels of access 2025-03-09 08:39:59 -04:00			`$insert = $conn->prepare("INSERT INTO " . $userTableName . " (username, password, discord, discordLink, twitch, youtube, youtubeLink, privileges) VALUES (:username, :password, :discord, :discordLink, :twitch, :youtube, :youtubeLink, :privileges)");`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00
			`// Bind parameters to the query`
			`$insert->bindParam(":username", $username);`
			`$insert->bindParam(":password", $password);`
			`$insert->bindParam(":discord", $discord);`
			`$insert->bindParam(":discordLink", $discordLink);`
			`$insert->bindParam(":twitch", $twitch);`
			`$insert->bindParam(":youtube", $youtube);`
			`$insert->bindParam(":youtubeLink", $youtubeLink);`
Re-factored "isAdmin" to a more generic "privileges" to store different levels of access 2025-03-09 08:39:59 -04:00			`$insert->bindParam(":privileges", $privileges);`
- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00
			`// Execute`
			`$insert->execute();`
			`} else {`
			`echo "<p>Users table not found! This is probably (still) initial setup. Creating...</p>";`

			`initialiseDatabase();`


			`// Next we're going to copy any safe admins into the users table.`
			`// This will make userlists easier to work with`
			`//echo "<p>Copying users from safe admins...</p>";`
			`//$copyAdmins = $conn->prepare("INSERT INTO " . $userTableName . " SELECT * FROM " . $adminUserTableName);`

			`//$copyAdmins->execute();`
			`//echo "<p>Copied!</p>";`
			`}`


			`if ($userCount == 0) {`
			`} else {`
			`}`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00



- Added a "My Account" page - Somewhat basic but works. Probably a lot of bugs still - Re-worked databases to add Discord and YouTube links as separate entries 2025-03-05 21:08:39 -05:00			`echo "Safe Admin created successfully!";`
- Added 'safe' admins; these accounts will persist across database resets 2025-03-01 09:58:27 -05:00
			`} catch (PDOException $e) { // failed connection`
			`echo "Connection failed: " . $e->getMessage();`
			`}`

			`$conn = null;`

			`?>`

			`</body>`

			`</html>`