invisio v2.0

<?php
session_start();
include('../../../config/main_function.php');
$secure = "cAh3DrJACzw4RbU";
$connection = connectDB($secure);

if ($connection) {

$text = '';
    // $member_id = mysqli_real_escape_string($connection, $_POST['member_id']);
    $update_user_id = mysqli_real_escape_string($connection, $_POST['update_user_id']);
    $temp_id = explode(".", $update_user_id);
    $update_user_id = bigsara_decode($temp_id[0], $temp_id[1]);

$admin_id = getRandomID2(10, 'tbl_admin', 'admin_id');
    $username = mysqli_real_escape_string($connection, $_POST['username']);
    $admin_name = mysqli_real_escape_string($connection, $_POST['admin_name']);
    $password = mysqli_real_escape_string($connection, $_POST['password']);
    $menu_access = $_POST['menu_access'];
    $update_user_id = mysqli_real_escape_string($connection, $_POST['update_user_id']);
    $temp_id = explode(".", $update_user_id);
    $update_user_id = bigsara_decode($temp_id[0], $temp_id[1]);

$randomNumber = rand(5, 10);
    $secure_text = randomCode($randomNumber);
    $secure_pointer = rand(0, 9);

$temp_password = md5($password);
    $my_password = stringInsert($temp_password, $secure_text, $secure_pointer);

foreach ($menu_access as $access) {
        $text .= ($text == '') ? $access : ",$access";
    }

$sql_insert = "INSERT INTO tbl_admin SET
    admin_id = '$admin_id',
    create_userid = '$update_user_id',
    username = '$username',
    admin_name = '$admin_name',
    secure_text = '$secure_text',
    secure_pointer = '$secure_pointer',
    menu_access = '$text',
    password = '$my_password'";

$res_insert = mysqli_query($connection, $sql_insert) or die($connection->error);

if ($res_insert) {
        $arr['result'] = 1;
    } else {
        $arr['result'] = 0;
    }
    // } else {

//     $sql_member = "SELECT * FROM tbl_member WHERE member_id = '$member_id'";
    //     $res_member = mysqli_query($connection, $sql_member);
    //     $row_member = mysqli_fetch_assoc($res_member);

//     if (!empty($password)) {
    //         //////////// hash password /////////// 
    //         $temp_password = md5($password);
    //         $my_password = substr($temp_password, $secure_text, $secure_pointer);
    //         /////////////////////////////////////
    //         $admin_password = ", password = '$my_password'";
    //     } else {
    //         $admin_password = "";
    //     }

//     $sql_insert = "INSERT INTO tbl_admin SET  
    //         admin_id = '$admin_id',
    //         username = '$username'
    //         $admin_password,
    //         secure_text = '$secure_text',
    //         secure_pointer = '$secure_pointer',
    //         menu_access = '$menu_access',
    //         admin_name = '$admin_name'";
    //     $res_insert = mysqli_query($connection, $sql_insert) or die($connection->error);

//     if ($res_insert) {
    //         $arr['result'] = 1;
    //     } else {
    //         $arr['result'] = 0;
    //     }
    // }
} else {
    $arr['result'] = 9;
}

mysqli_close($connection);
echo json_encode($arr);