HEX
Server: nginx/1.24.0
System: Linux webserver-one 6.8.0-101-generic #101-Ubuntu SMP PREEMPT_DYNAMIC Mon Feb 9 10:15:05 UTC 2026 x86_64
User: www-data (33)
PHP: 8.4.18
Disabled: NONE
$ pwd: /srv/www/rectt-csmcri.res.in/admin_html/
Upload Files
File: /srv/www/rectt-csmcri.res.in/admin_html/admin_register.php
<?php
session_start();
require_once dirname(__DIR__) . '/public_html/sites/config/config.php';

// Restrict access to superadmins only
if (!isset($_SESSION['admin_logged_in']) || $_SESSION['admin_logged_in'] !== true || $_SESSION['admin_role'] !== 'superadmin') {
    header("Location: admin_dashboard.php");
    exit;
}

// 1) basic session checks
if (
    empty($_SESSION['admin_id']) || empty($_SESSION['session_token'])
) {
    header("Location: admin_login.php");
    exit;
}

// 2) pull the token (and role) from the database
$stmt = $conn->prepare("SELECT session_token FROM admin_users WHERE id = ?");
$stmt->bind_param("i", $_SESSION['admin_id']);
$stmt->execute();
$result = $stmt->get_result()->fetch_assoc();
$stmt->close();

// 3) if the DB token is gone or doesn’t match the session’s, force logout
if (
    ! $result || $result['session_token'] !== $_SESSION['session_token']
) {
    session_unset();
    session_destroy();
    header("Location: admin_login.php?error=" . urlencode("Your session has expired."));
    exit;
}

$message = "";
$error = "";

// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $username = trim($_POST['username'] ?? '');
    $password = $_POST['password'] ?? '';
    $confirm_password = $_POST['confirm_password'] ?? '';
    $role = $_POST['role'] ?? 'manager';

    // Validate input
    if (!$username || !$password || !$confirm_password || !$role) {
        $error = "All fields are required.";
    } elseif ($password !== $confirm_password) {
        $error = "Passwords do not match.";
    } elseif (!preg_match('/^[a-zA-Z0-9_]{3,50}$/', $username)) {
        $error = "Username must be 3-50 characters, alphanumeric or underscores only.";
    } elseif (strlen($password) < 6) {
        $error = "Password must be at least 6 characters.";
    } elseif (!in_array($role, ['superadmin', 'manager', 'reviewer'])) {
        $error = "Invalid role.";
    } else {
        // Check if username exists
        $stmt = $conn->prepare("SELECT id FROM admin_users WHERE username = ?");
        $stmt->bind_param("s", $username);
        $stmt->execute();
        $stmt->store_result();
        if ($stmt->num_rows > 0) {
            $error = "Username already exists.";
        } else {
            // Insert user
            // $hash = password_hash($password, PASSWORD_DEFAULT);

            // $hash = $password;
            $hash = sha1($password . $salt);
            $stmt2 = $conn->prepare("INSERT INTO admin_users (username, password_hash, role) VALUES (?, ?, ?)");
            $stmt2->bind_param("sss", $username, $hash, $role);
            if ($stmt2->execute()) {
                $message = "Admin user created successfully!";
            } else {
                $error = "Failed to create user. Please try again.";
            }
            $stmt2->close();
        }
        $stmt->close();
    }
}
?>
<!DOCTYPE html>
<html>

<head>
    <title>Create Admin User</title>
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
    <style>
        body {
            background: #f7fafc;
        }

        .register-card {
            max-width: 430px;
            margin: 80px auto;
        }
    </style>
</head>

<body>
    <div class="card register-card shadow-sm p-4">
        <h3 class="mb-4 text-center">Create Admin User</h3>
        <?php if ($message): ?>
            <div class="alert alert-success"><?= htmlspecialchars($message) ?></div>
        <?php elseif ($error): ?>
            <div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
        <?php endif; ?>
        <form method="POST" autocomplete="off">
            <div class="mb-3">
                <label class="form-label">Username <span class="text-danger">*</span></label>
                <input type="text" name="username" class="form-control" required value="<?= isset($_POST['username']) ? htmlspecialchars($_POST['username']) : '' ?>" pattern="^[a-zA-Z0-9_]{3,50}$" title="3-50 characters, letters, numbers, and underscores only">
            </div>
            <div class="mb-3">
                <label class="form-label">Password <span class="text-danger">*</span></label>
                <input type="password" name="password" class="form-control" required minlength="6">
            </div>
            <div class="mb-3">
                <label class="form-label">Confirm Password <span class="text-danger">*</span></label>
                <input type="password" name="confirm_password" class="form-control" required minlength="6">
            </div>
            <div class="mb-3">
                <label class="form-label">Role <span class="text-danger">*</span></label>
                <select name="role" class="form-select" required>
                    <option value="manager" <?= (isset($_POST['role']) && $_POST['role'] == 'manager') ? 'selected' : '' ?>>Manager</option>
                    <option value="reviewer" <?= (isset($_POST['role']) && $_POST['role'] == 'reviewer') ? 'selected' : '' ?>>Reviewer</option>
                    <option value="superadmin" <?= (isset($_POST['role']) && $_POST['role'] == 'superadmin') ? 'selected' : '' ?>>Super Admin</option>
                </select>
            </div>
            <button type="submit" class="btn btn-primary w-100">Create User</button>
            <a href="admin_dashboard.php" class="btn btn-link mt-2 w-100">Back to Dashboard</a>
        </form>
    </div>
</body>

</html>
@ Telegram