Big Update Added Services and Admin

2025-06-22 11:26:57 -07:00
parent 8f462953b7
commit caca552cae
32 changed files with 683 additions and 46 deletions
--- a/controllers/create_admin.php
+++ b/controllers/create_admin.php
@@ -0,0 +1,58 @@
+<?php
+
+use Nickyeoman\Validation;
+
+$validate = new Validation\Validate();
+$valid = true;
+$p = $post->all();
+
+// Check secure key
+if (empty($p['secure_key']) || $p['secure_key'] !== $config['secure_key']) {
+    $valid = false;
+}
+
+// Username
+$name = $validate->clean($p['username']);
+if (!$validate->minLength($name, 1)) {
+    $valid = false;
+}
+
+// Email
+if (empty($p['email'])) {
+    $valid = false;
+} elseif (!$validate->isEmail($p['email'])) {
+    $valid = false;
+}
+
+// Password
+if (empty($p['password'])) {
+    $valid = false;
+} else {
+    // Use pepper + Argon2id
+    $peppered = hash_hmac('sha3-512', $p['password'], $config['secure_key']);
+    $hashed_password = password_hash($peppered, PASSWORD_ARGON2ID);
+}
+
+if ($valid) {
+    // Insert user
+    $query = <<<EOSQL
+    INSERT INTO `users`
+        (`username`, `password`, `email`, `validate`, `confirmationToken`, `reset`, `created`, `updated`, `confirmed`, `blocked`) 
+    VALUES 
+        (?, ?, ?, NULL, NULL, NULL, NOW(), NOW(), 1, 0);
+EOSQL;
+
+    $params = [$name, $hashed_password, $p['email']];
+    $db->query($query, $params);
+    $userid = $db->lastid();
+
+    // Assign admin group
+    $groupInsertQuery = <<<EOSQL
+    INSERT INTO `user_groups` (`user_id`, `groupName`) VALUES (?, ?);
+EOSQL;
+
+    $db->query($groupInsertQuery, [$userid, 'admin']);
+}
+
+// Always redirect at end
+$redirect->url('/novaconium');