From 5b5e96f9701fe2ec2127a7da818aa91283094917 Mon Sep 17 00:00:00 2001
From: Thies Mueller <git@td00.de>
Date: Sun, 10 Jan 2021 14:33:06 +0100
Subject: [PATCH] introduced "isadmin" flag to code and registration

---
 login.php    | 1 +
 rawdata.php  | 5 +++++
 register.php | 2 +-
 update.php   | 1 +
 4 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/login.php b/login.php
index 6013bb9..39a3ca8 100644
--- a/login.php
+++ b/login.php
@@ -19,6 +19,7 @@ if(isset($_GET['login'])) {
         $_SESSION['lastName'] = $user['lastName'];
         $_SESSION['activated'] = $user['activated'];
         $_SESSION['updated_at'] = $user['updated_at'];
+        $_SESSION['isadmin'] = $user['isadmin'];
         die('<div class="alert alert-success" role="alert"> successfull. go to: <a href="secure.php">secure page</a></div> <meta http-equiv="refresh" content="0; URL=secure.php">');
     } else {
         $errorMessage = '<div class="alert alert-danger" role="alert">somethings wrong (maybe wrong password or wrong user)</div><br>';
diff --git a/rawdata.php b/rawdata.php
index 17f9cee..59721a1 100644
--- a/rawdata.php
+++ b/rawdata.php
@@ -11,4 +11,9 @@ echo "<br />";
 echo $_SESSION['lastName'];
 echo "<br />";
 echo $_SESSION['activated'];
+echo "<br />";
+echo $_SESSION['updated_at'];
+echo "<br />";
+echo $_SESSION['isadmin'];
+
 ?>
\ No newline at end of file
diff --git a/register.php b/register.php
index 28d4141..b6b4ee0 100644
--- a/register.php
+++ b/register.php
@@ -75,7 +75,7 @@ if(isset($_GET['register'])) {
     if(!$error) {    
         $password_hash = password_hash($password, PASSWORD_DEFAULT);
         
-        $statement = $pdo->prepare("INSERT INTO users (email, username, givenName, activated, lastName, password) VALUES (:email, :username, :givenName, '0', :lastName, :password)");
+        $statement = $pdo->prepare("INSERT INTO users (email, username, givenName, activated, isadmin, lastName, password) VALUES (:email, :username, :givenName, '0', '0', :lastName, :password)");
         $result = $statement->execute(array('email' => $email, 'username' => $username, 'givenName' => $givenName, 'lastName' => $lastName, 'password' => $password_hash));
         
         if($result) {        
diff --git a/update.php b/update.php
index ae026c3..ac4c302 100644
--- a/update.php
+++ b/update.php
@@ -14,6 +14,7 @@ $_SESSION['givenName'] = $user['givenName'];
 $_SESSION['lastName'] = $user['lastName'];
 $_SESSION['activated'] = $user['activated'];
 $_SESSION['updated_at'] = $user['updated_at'];
+$_SESSION['isadmin'] = $user['isadmin'];
 
 
 echo 'Session newly validated!<br />';