<?php
$user_admin=$_COOKIE["user_admin"];
include("kurs/datenbankanbindung.php"); // fügt die Datenbankanbindung ein: \php\includes\kurs\datenbankanbindung.php
// Rechteüberprüfung
$db = dbconnect();
if ($user_admin == ""){ require("index.php"); exit;} //Wenn man nicht angemeldet ist, darf man nicht auf die Seite
$result = $db->query("SELECT 1 FROM spt_admin_rechte, spt_admin_rechte_zuord , spt_admin where spt_admin_rechte.spt_admin_rolle = spt_admin_rechte_zuord.spt_admin_rolle AND spt_admin_rechte_zuord.faid = spt_admin.faid AND spt_admin.user = '$user_admin' AND spt_admin_rechte_zuord.spt_admin_rolle = 'a_admanleg'");
$row = $result->fetch_array();
if ($row[0] != 1){ include("kurs/rechte.php"); exit;}
// Rechteüberprüfung ende
if (isset($_GET['action']))
$action = $_GET['action'];
else
$action = "";
switch($action){
default:
echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Administrator anlegen</title>
</head>
<body onload=\"if(document.adm_anleg)document.adm_anleg.vorname.focus();return false;\">
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
<tr>
<td>
<div align=\"center\">
<table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
<tr>
<td width=\"10\" background=\"../images/box_e1.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
<img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
<font class=\"hd\">Administrator anlegen</font><br>
<img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></font></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td width=\"1%\" background=\"../images/box_l.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
<td>
<form action="; echo $_SERVER['PHP_SELF'] . "?action=doz"; echo" method=\"POST\" name=\"adm_anleg\">
<table border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse; border-width: 0\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber1\" height=\"194\">
<tr>
<td width=\"40%\">
<b>Vorname*:</b>
</td>
<td width=\"60%\">
<input type=\"text\" name=\"vorname\" size=\"40\">
</td>
</tr>
<tr>
<td width=\"40%\">
<b>Nachname*:</b>
</td>
<td width=\"60%\">
<input type=\"text\" name=\"nachname\" size=\"40\">
</td>
</tr>
<tr>
<td width=\"40%\">
<b>Benutzerkennung*:</b>
</td>
<td width=\"60%\">
<input type=\"text\" name=\"user\" size=\"40\">
</td>
</tr>
<tr>
<td width=\"40%\">
</td>
<td width=\"60%\">
</td>
</tr
<tr>
<td width=\"40%\">
* = Pflichtfelder
</td>
<td width=\"60%\">
</td>
</tr>
</table>
<br>
<br>
<input type=\"submit\" value=\"Abschicken\" name=\"B1\">
<input type=\"reset\" value=\"Zurücksetzen\" name=\"B2\">
</form>
</td>
<td width=\"1%\" background=\"../images/box_r.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</body>
</html>";
break;
case "doz":
$db = dbconnect();
if ($_POST[vorname] == "" or $_POST[nachname] == "" or $_POST[user] == ""){ // Fehler, falls Pflichtfelder unausgefüllt
echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Eingabefehler</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
<tr>
<td>
<div align=\"center\">
<table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
<tr>
<td width=\"10\" background=\"../images/box_e1.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
<td width=\"95%\" background=\"../images/box_top.gif\">
<img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
<span class=\"sh\">Eingabefehler</span><br>
<img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td width=\"1%\" background=\"../images/box_l.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
<td colspan=\"2\"><br>
<p align=\"center\"><b>Es müssen mindestens die Pflichtfelder ausgefüllt werden!</b>
</p>
<p align=\"center\"><a href=\"javascript:history.back()\">
<img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
</p>
<p></p>
<p></p>
<p></p>
<p></p>
<p><br>
</p>
</td>
<td width=\"1%\" background=\"../images/box_r.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</body>
</html>";
exit;
}
if ($_POST[user] != ""){
$result = $db->query("SELECT user FROM spt_admin WHERE user=\"". $_POST['user']."\"");
$row = $result->fetch_array();
if ($_POST['user'] == $row[user] ){
echo"
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Doppelerfassung</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
<tr>
<td>
<div align=\"center\">
<table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
<tr>
<td width=\"10\" background=\"../images/box_e1.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
<td width=\"95%\" background=\"../images/box_top.gif\">
<img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
<span class=\"sh\">Doppelerfassung</span><br>
<img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td width=\"1%\" background=\"../images/box_l.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
<td colspan=\"2\"><br>
<p align=\"center\"><b>Die Benutzerkennung ist im System bereits vorhanden!</b>
</p>
<p align=\"center\"><a href=\"javascript:history.back()\">
<img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
</p>
<p></p>
<p></p>
<p></p>
<p></p>
<p><br>
</p>
</td>
<td width=\"1%\" background=\"../images/box_r.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</body>
</html>";
exit;
} // Ende If zwei benutzerkennungen
} // Ende If $_POST['user']=""
$passwd = md5($_POST['user']);
//$passwd= mysqli_escape_string($db,$passwd);
$sql = $db->query("INSERT INTO spt_admin ( vorname
, nachname
, user
, passwort
)
VALUES
( \"". $_POST['vorname']."\"
, \"". $_POST['nachname']."\"
, \"". $_POST['user']."\"
, \"$passwd\"
)
");
if($sql)
{
echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Einbindung</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
<tr>
<td>
<div align=\"center\">
<table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
<tr>
<td width=\"10\" background=\"../images/box_e1.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
<td width=\"95%\" background=\"../images/box_top.gif\">
<img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
<span class=\"sh\">Einbindung</span><br>
<img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td width=\"1%\" background=\"../images/box_l.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
<td colspan=\"2\"><br>
<p align=\"center\"><b>Der Administrator wurde eingebunden! Das Passwort ist gleich der Benutzerkennung</b>
</p>
<p align=\"center\"><a href=".$_SERVER['PHP_SELF'] .">
<img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
</p>
<p></p>
<p></p>
<p></p>
<p></p>
<p><br>
</p>
</td>
<td width=\"1%\" background=\"../images/box_r.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</body>
</html>";
}else{
echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Einbindung fehlgeschlagen</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
<tr>
<td>
<div align=\"center\">
<table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
<tr>
<td width=\"10\" background=\"../images/box_e1.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
<td width=\"95%\" background=\"../images/box_top.gif\">
<img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
<span class=\"sh\">Einbindung fehlgeschlagen</span><br>
<img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td width=\"1%\" background=\"../images/box_l.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
<td colspan=\"2\"><br>
<p align=\"center\"><b>Der Administrator wurde nicht eingebunden!<br>Es trat ein interner Fehler auf!</b>
</p>
<p align=\"center\"><a href=".$_SERVER['PHP_SELF'] .">
<img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
</p>
<p></p>
<p></p>
<p></p>
<p></p>
<p><br>
</p>
</td>
<td width=\"1%\" background=\"../images/box_r.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</body>
</html>";
}
}
?>