');
}
echo 'heres the admin world
';
$showForm = true;
if(isset($_GET['user']) ) {
if(!isset($_POST['username']) || empty($_POST['username'])) {
$error = "Enter the username";
} else {
$statement = $pdo->prepare("SELECT * FROM users WHERE username = :username");
$result = $statement->execute(array('username' => $_POST['username']));
$user = $statement->fetch();
if($user === false) {
$error = "no user found";
} else {
//check if theres a code already
$statement = $pdo->prepare("UPDATE users SET isadmin = '1' WHERE id = :userid");
$result = $statement->execute(array('userid' => $user['id']));
echo 'Successfully granted ';
echo $user['username'];
echo ' ADMIN rights.
';
$showForm = false;
}
}
}
if($showForm):
?>
Give Admin Rights!
Please enter the username below.
';
echo '';
?>