diff --git a/includes/core.php b/includes/core.php
index 82a09ab..f40b455 100644
--- a/includes/core.php
+++ b/includes/core.php
@@ -48,19 +48,21 @@ function generate($level)
{
global $db;
if (isset($_SESSION['id'])) {
- if ($_SESSION['level'] < '3' && $level > $_SESSION['level'] && $level < '4') {
+ if ($_SESSION['level'] < '3') {
if (empty($level)) {
include_once('./invite.php');
} else {
- $q = $db->prepare("INSERT INTO invites (code, level, issuer) VALUES (:code, :level, :issuer)");
- $code = generateString(CODE_CHARSET, 16);
- $q->bindParam(':code', $code);
- $q->bindParam(':level', $level);
- $q->bindParam(':issuer', $_SESSION['user']);
- $q->execute();
- echo 'Generation Successful.
- Code: '.$code.'
- Access Level: '.$level.'
';
+ if ($level > $_SESSION['level'] && $level < '4') {
+ $q = $db->prepare("INSERT INTO invites (code, level, issuer) VALUES (:code, :level, :issuer)");
+ $code = generateString(CODE_CHARSET, 16);
+ $q->bindParam(':code', $code);
+ $q->bindParam(':level', $level);
+ $q->bindParam(':issuer', $_SESSION['user']);
+ $q->execute();
+ echo 'Generation Successful.
+ Code: '.$code.'
+ Access Level: '.$level.'
';
+ }
}
} else {
echo 'Insufficient Access Level.';