Dump everything from SVN

subs/admin.backend.php

@@ -0,0 +1,44 @@
+<?php
+/**
+ * /subs/admin.backend.php
+ * @version 1.0
+ * @desc backend for admin site
+ * @author Fándly Gergő Zoltán
+ * @copy 2017 Fándly Gergő Zoltán
+ */
+
+if($_SESSION['accesslevel']>=3){
+    if(isset($_POST['ms_post'])){
+        if(!file_put_contents("./config/allowlogin.cnf", (isset($_POST['allow_login'])?1:0)) || !file_put_contents("./config/allowsignup.cnf", (isset($_POST['allow_signup'])?1:0))){
+            functions::setError(6);
+            if(!isset($_GET['backend'])) header("Location: ./admin");
+        }
+        else{
+            functions::setMessage(7);
+            if(!isset($_GET['backend'])) header("Location: ./admin");
+        }
+    }
+    
+    if(isset($_POST['set_tsas_id'])){
+        $sql=$db->prepare("SELECT COUNT(id) AS count FROM time_sequences WHERE id=:id");
+        $sql->execute(array(":id"=>$_POST['set_tsas_id']));
+        $res=$sql->fetch(PDO::FETCH_ASSOC);
+        if($res['count']<1){
+            functions::setError(7);
+            if(!isset($_GET['backend'])) header("Location: ./admin");
+        }
+        else{
+            $sql=$db->prepare("UPDATE time_sequences SET allow_signup=:as WHERE id=:id");
+            $sql->execute(array(":as"=>(isset($_POST['set_tsas'])?1:0), ":id"=>$_POST['set_tsas_id']));
+            $res=$sql->rowCount();
+            if($res<1){
+                functions::setError(6);
+                if(!isset($_GET['backend'])) header("Location: ./admin");
+            }
+            else{
+                functions::setMessage(7);
+                if(!isset($_GET['backend'])) header("Location: ./admin");
+            }
+        }
+    }
+}