janis/ma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update create_admin.php

Browse Source
This commit is contained in:
jakani24
2024-01-14 14:05:53 +01:00
parent 50e8f26e04
commit 631f2ecc49
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/server/cyberhex-code/install/create_admin.php
View File

@@ -44,6 +44,8 @@
</head> </head>
<body> <body>
<h1>Please create an admin user:</h1> <h1>Please create an admin user:</h1>
<p>The admin user is later used to create new users, add machines and do all administrative tasks in cyberhex.</p>
<p>Please choose a strong password, because the admin user is one of the main attack vectors of cyberhex.</p>
<form action="create_admin.php?create=true" method="post"> <form action="create_admin.php?create=true" method="post">
<label for="username">Username:</label> <label for="username">Username:</label>
<input type="text" id="username" name="username" required> <input type="text" id="username" name="username" required>
@@ -53,8 +55,8 @@
<label for="password">Password:</label> <label for="password">Password:</label>
<input type="password" id="password" name="password" required> <input type="password" id="password" name="password" required>
<br>
<button type="submit">Submit</button> <button type="submit">Create admin</button>
</form> </form>
<?php <?php
include "../config.php"; include "../config.php";
@@ -71,7 +73,7 @@
$success=0; $success=0;
die("Connection failed: " . $conn->connect_error); die("Connection failed: " . $conn->connect_error);
} }
$stmt = $conn->prepare("INSERT INTO users (email, username, password,perms) VALUES (?, ?, ?)"); $stmt = $conn->prepare("INSERT INTO users (email, username, password,perms) VALUES (?, ?, ?, ?)");
$stmt->bind_param("ssss", $email, $username, $hash, $permissions); $stmt->bind_param("ssss", $email, $username, $hash, $permissions);
$email=htmlspecialchars($_POST["email"]); $email=htmlspecialchars($_POST["email"]);