Add account system

When TINYIB_ADMINPASS is set, a super-administrator account with the username 'admin' is created using the provided password. WHEN TINYIB_MODPASS is set, a moderator account with the username 'mod' is created using the provided password.
2025-01-17 00:38:15 +01:00 · 2021-04-04 13:01:56 -07:00 · 2021-04-04 13:01:56 -07:00 · 1256e7cca0
commit 1256e7cca0
parent 421503ee01
22 changed files with 1481 additions and 682 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,8 +1,12 @@
 settings.php
 *.html
 *.db
-.posts
-.posts.lock
+.accounts*
+.bans*
+.keywords*
+.logs*
+.posts*
+.reports*
 .project
 .settings/
 .idea/
--- a/.htaccess
+++ b/.htaccess
@ -33,5 +33,11 @@ AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css a
 </Ifmodule>

 <IfModule mod_alias.c>
+RedirectMatch 404 (.*)\.accounts$
+RedirectMatch 404 (.*)\.bans$
+RedirectMatch 404 (.*)\.keywords$
+RedirectMatch 404 (.*)\.logs$
 RedirectMatch 404 (.*)\.posts$
+RedirectMatch 404 (.*)\.reports$
+RedirectMatch 404 (.*)\.tinyib.db$
 </Ifmodule>
--- a/README.md
+++ b/README.md
@ -14,7 +14,7 @@ See [DEMOS.md](https://code.rocketnine.space/tslocum/tinyib/src/branch/master/DE

 - GIF, JPG, PNG, SWF, MP4 and WebM upload.
 - YouTube, Vimeo and SoundCloud embedding.
- - CAPTCHA
+ - CAPTCHA:
   - A simple, self-hosted implementation is included.
   - [hCaptcha](https://hcaptcha.com) is supported.
   - [ReCAPTCHA](https://www.google.com/recaptcha/about/) is supported. (But [not recommended](https://nearcyan.com/you-probably-dont-need-recaptcha/))
@ -24,8 +24,10 @@ See [DEMOS.md](https://code.rocketnine.space/tslocum/tinyib/src/branch/master/DE
 - Report posts.
 - Block keywords.
 - Management panel:
-   - Administrators and moderators use separate passwords.
-     - Moderators are only able to sticky threads, lock threads, delete posts, and approve posts when necessary.  (See ``TINYIB_REQMOD``)
+   - Account system:
+     - Super administrators (all privileges)
+     - Administrators (all privileges except account management)
+     - Moderators (only able to sticky threads, lock threads, approve posts and delete posts)
   - Ban offensive/abusive posters across all boards.
   - Post using raw HTML.
   - Upgrade automatically when installed via git.  (Tested on Linux only)
@ -62,8 +64,7 @@ support in mind.
      - This library is usually installed by default.
      - If you plan on disabling image uploads to use TinyIB as a text board only, this library is not required.
     - [cURL Library](https://www.php.net/manual/en/book.curl.php)
-       - This is recommended, but is not strictly required except:
-         - When `TINYIB_CAPTCHA` is set to `hcaptcha` or `recaptcha`.
+       - This is recommended, but is not strictly required except when `TINYIB_CAPTCHA` is set to `hcaptcha` or `recaptcha`.
 2. CD to the directory you wish to install TinyIB.
 3. Run the command:
    - `git clone https://code.rocketnine.space/tslocum/tinyib.git ./`
@ -149,8 +150,8 @@ Translation is handled [online](https://hosted.weblate.org/projects/tinyib/tinyi

 ## Contribute

-**Note:** Please do not submit translations as patches.  See above.
+**Note:** Please do not submit translations via pull requests.  See above.

- 1. Fork TinyIB using [git](https://git-scm.com/downloads).
+ 1. [Fork TinyIB.](https://code.rocketnine.space/repo/fork/6)
 2. Commit code changes to your forked repository.
- 3. Send your patches to trevor@rocketnine.space via [git send-email](https://git-send-email.io/).
+ 3. [Submit a pull request.](https://code.rocketnine.space/tslocum/tinyib/pulls)
--- a/imgboard.php
+++ b/imgboard.php
@ -34,10 +34,8 @@ ini_set("display_errors", 1);
 session_start();
 setcookie(session_name(), session_id(), time() + 2592000);
 ob_implicit_flush();
-if (function_exists('ob_get_level')) {
-	while (ob_get_level() > 0) {
-		ob_end_flush();
-	}
+while (ob_get_level() > 0) {
+	ob_end_flush();
 }

 function fancyDie($message) {
@ -53,6 +51,7 @@ if (!file_exists('settings.php')) {
 }
 require 'settings.php';
 require 'inc/defines.php';
+global $tinyib_capcodes, $tinyib_embeds, $tinyib_hidefields, $tinyib_hidefieldsop;

 if (!defined('TINYIB_LOCALE') || TINYIB_LOCALE == '') {
 	function __($string) {
@ -67,12 +66,65 @@ if (!defined('TINYIB_LOCALE') || TINYIB_LOCALE == '') {
 	$translator->register();
 }

+if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') {
+	fancyDie(__('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured.'));
+}
+
+if ((TINYIB_CAPTCHA === 'hcaptcha' || TINYIB_MANAGECAPTCHA === 'hcaptcha') && (TINYIB_HCAPTCHA_SITE == '' || TINYIB_HCAPTCHA_SECRET == '')) {
+	fancyDie(__('TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET  must be configured.'));
+}
+
+if ((TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') && (TINYIB_RECAPTCHA_SITE == '' || TINYIB_RECAPTCHA_SECRET == '')) {
+	fancyDie(__('TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET  must be configured.'));
+}
+
+if (TINYIB_TIMEZONE != '') {
+	date_default_timezone_set(TINYIB_TIMEZONE);
+}
+
+$bcrypt_salt = '$2y$12$' . str_pad(str_replace('=', '/', str_replace('+', '.', substr(base64_encode(TINYIB_TRIPSEED), 0, 22))), 22, '/');
+
 $database_modes = array('flatfile', 'mysql', 'mysqli', 'sqlite', 'sqlite3', 'pdo');
 if (!in_array(TINYIB_DBMODE, $database_modes)) {
 	fancyDie(__('Unknown database mode specified.'));
 }

 if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') {
+	$accounts_sql = 'CREATE TABLE "' . TINYIB_DBACCOUNTS . '" (
+		"id" bigserial NOT NULL,
+		"username" varchar(255) NOT NULL,
+		"password" text NOT NULL,
+		"role" integer NOT NULL,
+		"lastactive" integer NOT NULL,
+		PRIMARY KEY	("id")
+	);';
+
+	$bans_sql = 'CREATE TABLE "' . TINYIB_DBBANS . '" (
+		"id" bigserial NOT NULL,
+		"ip" varchar(255) NOT NULL,
+		"timestamp" integer NOT NULL,
+		"expire" integer NOT NULL,
+		"reason" text NOT NULL,
+		PRIMARY KEY	("id")
+	);
+	CREATE INDEX ON "' . TINYIB_DBBANS . '"("ip");';
+
+	$keywords_sql = 'CREATE TABLE "' . TINYIB_DBKEYWORDS . '" (
+		"id" bigserial NOT NULL,
+		"text" varchar(255) NOT NULL,
+		"action" varchar(255) NOT NULL,
+		PRIMARY KEY	("id")
+	);';
+
+	$logs_sql = 'CREATE TABLE "' . TINYIB_DBLOGS . '" (
+		"id" bigserial NOT NULL,
+		"timestamp" integer NOT NULL,
+		"account" integer NOT NULL,
+		"message" text NOT NULL,
+		PRIMARY KEY	("id")
+	);
+	CREATE INDEX ON "' . TINYIB_DBLOGS . '"("account");';
+
 	$posts_sql = 'CREATE TABLE "' . TINYIB_DBPOSTS . '" (
 		"id" bigserial NOT NULL,
 		"parent" integer NOT NULL,
@ -106,30 +158,48 @@ if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') {
 	CREATE INDEX ON "' . TINYIB_DBPOSTS . '"("stickied");
 	CREATE INDEX ON "' . TINYIB_DBPOSTS . '"("moderated");';

-	$bans_sql = 'CREATE TABLE "' . TINYIB_DBBANS . '" (
-		"id" bigserial NOT NULL,
-		"ip" varchar(255) NOT NULL,
-		"timestamp" integer NOT NULL,
-		"expire" integer NOT NULL,
-		"reason" text NOT NULL,
-		PRIMARY KEY	("id")
-	);
-	CREATE INDEX ON "' . TINYIB_DBBANS . '"("ip");';
-
 	$reports_sql = 'CREATE TABLE "' . TINYIB_DBREPORTS . '" (
 		"id" bigserial NOT NULL,
 		"ip" varchar(255) NOT NULL,
 		"post" integer NOT NULL,
 		PRIMARY KEY	("id")
 	);';
-
-	$keywords_sql = 'CREATE TABLE "' . TINYIB_DBKEYWORDS . '" (
-		"id" bigserial NOT NULL,
-		"text" varchar(255) NOT NULL,
-		"action" varchar(255) NOT NULL,
-		PRIMARY KEY	("id")
-	);';
 } else {
+	$accounts_sql = "CREATE TABLE `" . TINYIB_DBACCOUNTS . "` (
+		`id` mediumint(7) unsigned NOT NULL auto_increment,
+		`username` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
+		`password` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
+		`role` mediumint(7) unsigned NOT NULL,
+		`lastactive` int(20) unsigned NOT NULL,
+		PRIMARY KEY	(`id`)
+	)";
+
+	$bans_sql = "CREATE TABLE `" . TINYIB_DBBANS . "` (
+		`id` mediumint(7) unsigned NOT NULL auto_increment,
+		`ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
+		`timestamp` int(20) NOT NULL,
+		`expire` int(20) NOT NULL,
+		`reason` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
+		PRIMARY KEY	(`id`),
+		KEY `ip` (`ip`)
+	)";
+
+	$keywords_sql = "CREATE TABLE `" . TINYIB_DBKEYWORDS . "` (
+		`id` mediumint(7) unsigned NOT NULL auto_increment,
+		`text` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
+		`action` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
+		PRIMARY KEY	(`id`)
+	)";
+
+	$logs_sql = "CREATE TABLE `" . TINYIB_DBLOGS . "` (
+		`id` mediumint(7) unsigned NOT NULL auto_increment,
+		`timestamp` int(20),
+		`account` mediumint(7) unsigned NOT NULL,
+		`message` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
+		PRIMARY KEY	(`id`),
+		KEY `account` (`account`)
+	)";
+
 	$posts_sql = "CREATE TABLE `" . TINYIB_DBPOSTS . "` (
 		`id` mediumint(7) unsigned NOT NULL auto_increment,
 		`parent` mediumint(7) unsigned NOT NULL,
@ -162,29 +232,12 @@ if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') {
 		KEY `moderated` (`moderated`)
 	)";

-	$bans_sql = "CREATE TABLE `" . TINYIB_DBBANS . "` (
-		`id` mediumint(7) unsigned NOT NULL auto_increment,
-		`ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
-		`timestamp` int(20) NOT NULL,
-		`expire` int(20) NOT NULL,
-		`reason` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
-		PRIMARY KEY	(`id`),
-		KEY `ip` (`ip`)
-	)";
-
 	$reports_sql = "CREATE TABLE `" . TINYIB_DBREPORTS . "` (
 		`id` mediumint(7) unsigned NOT NULL auto_increment,
 		`ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
 		`post` int(20) NOT NULL,
 		PRIMARY KEY	(`id`)
 	)";
-
-	$keywords_sql = "CREATE TABLE `" . TINYIB_DBKEYWORDS . "` (
-		`id` mediumint(7) unsigned NOT NULL auto_increment,
-		`text` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
-		`action` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
-		PRIMARY KEY	(`id`)
-	)";
 }

 // Check directories are writable by the script
@ -198,29 +251,11 @@ foreach ($writedirs as $dir) {
 	}
 }

-$includes = array('inc/functions.php', 'inc/html.php', 'inc/database/' . TINYIB_DBMODE . '_link.php', 'inc/database/' . TINYIB_DBMODE . '.php');
+$includes = array('inc/functions.php', 'inc/html.php', 'inc/database/' . TINYIB_DBMODE . '_link.php', 'inc/database/' . TINYIB_DBMODE . '.php', 'inc/database/database.php');
 foreach ($includes as $include) {
 	require $include;
 }

-if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') {
-	fancyDie(__('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured.'));
-}
-
-if ((TINYIB_CAPTCHA === 'hcaptcha' || TINYIB_MANAGECAPTCHA === 'hcaptcha') && (TINYIB_HCAPTCHA_SITE == '' || TINYIB_HCAPTCHA_SECRET == '')) {
-	fancyDie(__('TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET  must be configured.'));
-}
-
-if ((TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') && (TINYIB_RECAPTCHA_SITE == '' || TINYIB_RECAPTCHA_SECRET == '')) {
-	fancyDie(__('TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET  must be configured.'));
-}
-
-if (TINYIB_TIMEZONE != '') {
-	date_default_timezone_set(TINYIB_TIMEZONE);
-}
-
-$bcrypt_salt = '$2y$12$' . str_pad(str_replace('=', '/', str_replace('+', '.', substr(base64_encode(TINYIB_TRIPSEED), 0, 22))), 22, '/');
-
 $redirect = true;
 // Check if the request is to make a post
 if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) || isset($_POST['email']) || isset($_POST['subject']) || isset($_POST['message']) || isset($_POST['file']) || isset($_POST['embed']) || isset($_POST['password']))) {
@ -228,7 +263,8 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
 		fancyDie(__('Posting is currently disabled.<br>Please try again in a few moments.'));
 	}

-	list($loggedin, $isadmin) = manageCheckLogIn(false);
+	list($account, $loggedin, $isadmin) = manageCheckLogIn(false);
+
 	$rawpost = isRawPost();
 	$rawposttext = '';
 	if (!$loggedin) {
@ -512,7 +548,7 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
 	$json_posts = array();
 	$posts = postsInThreadByID($thread_id);
 	if ($new_since > 0) {
-		foreach ($posts as $i =>  $post) {
+		foreach ($posts as $i => $post) {
 			if ($post['id'] <= $new_since) {
 				continue;
 			}
@ -554,9 +590,9 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])

 	$post = postByID($_POST['delete']);
 	if ($post) {
-		list($loggedin, $isadmin) = manageCheckLogIn(false);
+		list($account, $loggedin, $isadmin) = manageCheckLogIn(false);

-		if ($loggedin && $_POST['password'] == '') {
+		if (!empty($account) && $_POST['password'] == '') {
 			// Redirect to post moderation page
 			echo '--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="0;url=' . basename($_SERVER['PHP_SELF']) . '?manage&moderate=' . $_POST['delete'] . '">';
 		} elseif ($post['password'] != '' && (hashData($_POST['password']) == $post['password'] || md5(md5($_POST['password'])) == $post['password'])) {
@ -592,7 +628,7 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
 		die('--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="0;url=imgboard.php">');
 	}

-	list($loggedin, $isadmin) = manageCheckLogIn(true);
+	list($account, $loggedin, $isadmin) = manageCheckLogIn(true);

 	if ($loggedin) {
 		if ($isadmin) {
@ -608,6 +644,57 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
 					fancyDie(__('Reporting is disabled.'));
 				}
 				$text .= manageReportsPage($_GET['reports']);
+			} elseif (isset($_GET['accounts'])) {
+				if ($account['role'] != TINYIB_SUPER_ADMINISTRATOR) {
+					fancyDie(__('Access denied'));
+				}
+
+				$id = intval($_GET['accounts']);
+				if (isset($_POST['id'])) {
+					$id = intval($_POST['id']);
+				}
+				$a = array('id' => 0);
+				if ($id > 0) {
+					$a = accountByID($id);
+					if (empty($a)) {
+						fancyDie(__('Account not found.'));
+					}
+
+					if ($a['username'] == 'admin' && TINYIB_ADMINPASS != '') {
+						fancyDie(__('This account may not be updated while TINYIB_ADMINPASS is set.'));
+					} else if ($a['username'] == 'mod' && TINYIB_MODPASS != '') {
+						fancyDie(__('This account may not be updated while TINYIB_MODPASS is set.'));
+					}
+				}
+
+				if (isset($_POST['id'])) {
+					if ($id == 0 && $_POST['password'] == '') {
+						fancyDie(__('A password is required.'));
+					}
+
+					$a['username'] = $_POST['username'];
+					if ($_POST['password'] != '') {
+						$a['password'] = $_POST['password'];
+					}
+					$a['role'] = intval($_POST['role']);
+					if ($a['role'] !== TINYIB_SUPER_ADMINISTRATOR && $a['role'] != TINYIB_ADMINISTRATOR && $a['role'] != TINYIB_MODERATOR && $a['role'] != TINYIB_DISABLED) {
+						fancyDie(__('Invalid role.'));
+					}
+
+					if ($id == 0) {
+						insertAccount($a);
+						$text .= manageInfo(__('Added account'));
+					} else {
+						updateAccount($a);
+						$text .= manageInfo(__('Updated account'));
+					}
+				}
+
+				$onload = manageOnLoad('accounts');
+				$text .= manageAccountForm($_GET['accounts']);
+				if (intval($_GET['accounts']) == 0) {
+					$text .= manageAccountsTable();
+				}
 			} elseif (isset($_GET['bans'])) {
 				clearExpiredBans();

@ -690,22 +777,49 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
 					<p>If you installed TinyIB without Git, you must <a href="https://code.rocketnine.space/tslocum/tinyib">update manually</a>.  If you did install with Git, ensure the script has read and write access to the <b>.git</b> folder.</p>';
 				}
 			} elseif (isset($_GET['dbmigrate'])) {
-				if (TINYIB_DBMIGRATE !== '' && TINYIB_DBMIGRATE !== false) {
+				if (TINYIB_DBMIGRATE !== '' && TINYIB_DBMIGRATE !== false && TINYIB_DBMODE != TINYIB_DBMIGRATE) {
+					$mysql_modes = array('mysql', 'mysqli');
+					if (in_array(TINYIB_DBMODE, $mysql_modes) && in_array(TINYIB_DBMIGRATE, $mysql_modes)) {
+						fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to MySQL database modes. No migration is necessary.');
+					}
+
+					$sqlite_modes = array('sqlite', 'sqlite3');
+					if (in_array(TINYIB_DBMODE, $sqlite_modes) && in_array(TINYIB_DBMIGRATE, $sqlite_modes)) {
+						fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to SQLite database modes. No migration is necessary.');
+					}
+
+					if (!in_array(TINYIB_DBMIGRATE, $database_modes)) {
+						fancyDie(__('Unknown database mode specified.'));
+					}
+
 					if (isset($_GET['go'])) {
-						if (TINYIB_DBMODE == TINYIB_DBMIGRATE) {
-							fancyDie('Set TINYIB_DBMIGRATE to the desired TINYIB_DBMODE and enter in any database related settings in settings.php before migrating.');
-						}
-
-						$mysql_modes = array('mysql', 'mysqli');
-						if (in_array(TINYIB_DBMODE, $mysql_modes) && in_array(TINYIB_DBMIGRATE, $mysql_modes)) {
-							fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to MySQL database modes. No migration is necessary.');
-						}
-
-						if (!in_array(TINYIB_DBMIGRATE, $database_modes)) {
-							fancyDie(__('Unknown database mode specified.'));
-						}
 						require 'inc/database/' . TINYIB_DBMIGRATE . '_link.php';

+						echo '<p>Migrating accounts...</p>';
+						$accounts = allAccounts();
+						foreach ($accounts as $account) {
+							migrateAccount($account);
+						}
+
+						echo '<p>Migrating bans...</p>';
+						$bans = allBans();
+						foreach ($bans as $ban) {
+							migrateBan($ban);
+						}
+
+						echo '<p>Migrating keywords...</p>';
+						$keywords = allKeywords();
+						foreach ($keywords as $keyword) {
+							migrateKeyword($keyword);
+						}
+
+						echo '<p>Migrating logs...</p>';
+						$logs = allLogs();
+						foreach ($logs as $log) {
+							migrateLog($log);
+						}
+
+						echo '<p>Migrating posts...</p>';
 						$threads = allThreads();
 						foreach ($threads as $thread) {
 							$posts = postsInThreadByID($thread['id']);
@ -714,17 +828,18 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
 							}
 						}

-						$bans = allBans();
-						foreach ($bans as $ban) {
-							migrateBan($ban);
+						echo '<p>Migrating reports...</p>';
+						$reports = allReports();
+						foreach ($reports as $report) {
+							migrateReport($report);
 						}

-						echo '<p><b>Database migration complete</b>.  Set TINYIB_DBMODE to mysqli and TINYIB_DBMIGRATE to false, then click <b>Rebuild All</b> above and ensure everything looks the way it should.</p>';
+						echo '<p><b>Database migration complete</b>.  Set TINYIB_DBMODE to the new database mode and TINYIB_DBMIGRATE to false, then click <b>Rebuild All</b> above and ensure everything looks and works as it should.</p>';
 					} else {
 						$text .= '<p>Your original database will not be deleted.  If the migration fails, disable the tool and your board will be unaffected.  See the <a href="https://code.rocketnine.space/tslocum/tinyib/src/branch/master/README.md" target="_blank">README</a> <small>(<a href="README.md" target="_blank">alternate link</a>)</small> for instructions.</a><br><br><a href="?manage&dbmigrate&go"><b>Start the migration</b></a></p>';
 					}
 				} else {
-					fancyDie('Set TINYIB_DBMIGRATE to true in settings.php to use this feature.');
+					fancyDie('Set TINYIB_DBMIGRATE to the desired TINYIB_DBMODE and enter in any database related settings in settings.php before migrating.');
 				}
 			}
 		}
@ -813,10 +928,25 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
 		} elseif (isset($_GET["rawpost"])) {
 			$onload = manageOnLoad("rawpost");
 			$text .= buildPostForm(0, true);
-		}
+		} elseif (isset($_GET['changepassword'])) {
+			if ($account['username'] == 'admin' && TINYIB_ADMINPASS != '') {
+				fancyDie(__('This account may not be updated while TINYIB_ADMINPASS is set.'));
+			} else if ($account['username'] == 'mod' && TINYIB_MODPASS != '') {
+				fancyDie(__('This account may not be updated while TINYIB_MODPASS is set.'));
+			}

-		if ($text == '') {
-			$text = manageStatus();
+			if (isset($_POST['password'])) {
+				if ($_POST['password'] == '') {
+					fancyDie(__('A password is required.'));
+				}
+
+				$account['password'] = $_POST['password'];
+				updateAccount($account);
+
+				$text .= manageInfo(__('Password updated'));
+			}
+
+			$text .= manageChangePasswordForm();
 		}
 	} else {
 		$onload = manageOnLoad('login');
--- a/inc/database/database.php
+++ b/inc/database/database.php
@ -0,0 +1,23 @@
+<?php
+
+if (TINYIB_ADMINPASS != '') {
+	$admin = accountByUsername('admin');
+	if (!empty($admin)) {
+		$admin['password'] = TINYIB_ADMINPASS;
+		updateAccount($admin);
+	} else {
+		$admin = array('username' => 'admin', 'password' => TINYIB_ADMINPASS, 'role' => TINYIB_SUPER_ADMINISTRATOR);
+		insertAccount($admin);
+	}
+}
+
+if (TINYIB_MODPASS != '') {
+	$mod = accountByUsername('mod');
+	if (!empty($mod)) {
+		$mod['password'] = TINYIB_MODPASS;
+		updateAccount($mod);
+	} else {
+		$mod = array('username' => 'mod', 'password' => TINYIB_MODPASS, 'role' => TINYIB_MODERATOR);
+		insertAccount($mod);
+	}
+}
--- a/inc/database/flatfile.php
+++ b/inc/database/flatfile.php
@ -3,6 +3,218 @@ if (!defined('TINYIB_BOARD')) {
 	die('');
 }

+// Account functions
+function accountByID($id) {
+	$rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_ID, '=', $id, INTEGER_COMPARISON), 1);
+	if (isset($rows[0])) {
+		return $rows[0];
+	}
+	return array();
+}
+
+function accountByUsername($username) {
+	$rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_USERNAME, '=', $username, STRING_COMPARISON), 1);
+	if (isset($rows[0])) {
+		return $rows[0];
+	}
+	return array();
+}
+
+function allAccounts() {
+	$rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, NULL, -1, array(new OrderBy(ACCOUNT_ROLE, ASCENDING, INTEGER_COMPARISON), new OrderBy(ACCOUNT_USERNAME, ASCENDING, STRING_COMPARISON)));
+	return convertAccountsToSQLStyle($rows);
+}
+
+function convertAccountsToSQLStyle($accounts, $single = false) {
+	$newaccounts = array();
+	foreach ($accounts as $a) {
+		$account = array();
+		$account['id'] = $a[ACCOUNT_ID];
+		$account['username'] = $a[ACCOUNT_USERNAME];
+		$account['password'] = $a[ACCOUNT_PASSWORD];
+		$account['role'] = $a[ACCOUNT_ROLE];
+		$account['lastactive'] = $a[ACCOUNT_LASTACTIVE];
+
+		if ($single) {
+			return $account;
+		}
+		$newaccounts[] = $account;
+	}
+	return $newaccounts;
+}
+
+function insertAccount($a) {
+	$account = array();
+	$account[ACCOUNT_ID] = '0';
+	$account[ACCOUNT_USERNAME] = $a['username'];
+	$account[ACCOUNT_PASSWORD] =  hashData($a['password']);
+	$account[ACCOUNT_ROLE] = $a['role'];
+	$account[ACCOUNT_LASTACTIVE] = 0;
+
+	$GLOBALS['db']->insertWithAutoId(ACCOUNTS_FILE, ACCOUNT_ID, $account);
+}
+
+function updateAccount($a) {
+	$account = array();
+	$account[ACCOUNT_ID] = $a['id'];
+	$account[ACCOUNT_USERNAME] = $a['username'];
+	$account[ACCOUNT_PASSWORD] = hashData($a['password']);
+	$account[ACCOUNT_ROLE] = $a['role'];
+	$account[ACCOUNT_LASTACTIVE] = $a['lastactive'];
+
+	$GLOBALS['db']->updateRowById(ACCOUNTS_FILE, ACCOUNT_ID, $account);
+}
+
+function deleteAccountByID($id) {
+	$GLOBALS['db']->deleteWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_ID, '=', $id, INTEGER_COMPARISON));
+}
+
+// Ban functions
+function banByID($id) {
+	return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON), 1), true);
+}
+
+function banByIP($ip) {
+	$compClause = new OrWhereClause();
+	$compClause->add(new SimpleWhereClause(BAN_IP, '=', $ip, STRING_COMPARISON));
+	$compClause->add(new SimpleWhereClause(BAN_IP, '=', hashData($ip), STRING_COMPARISON));
+	return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, $compClause, 1), true);
+}
+
+function allBans() {
+	$rows = $GLOBALS['db']->selectWhere(BANS_FILE, NULL, -1, new OrderBy(BAN_TIMESTAMP, DESCENDING, INTEGER_COMPARISON));
+	return convertBansToSQLStyle($rows);
+}
+
+function convertBansToSQLStyle($bans, $single = false) {
+	$newbans = array();
+	foreach ($bans as $oldban) {
+		$ban = array();
+		$ban['id'] = $oldban[BAN_ID];
+		$ban['ip'] = $oldban[BAN_IP];
+		$ban['timestamp'] = $oldban[BAN_TIMESTAMP];
+		$ban['expire'] = $oldban[BAN_EXPIRE];
+		$ban['reason'] = $oldban[BAN_REASON];
+
+		if ($single) {
+			return $ban;
+		}
+		$newbans[] = $ban;
+	}
+	return $newbans;
+}
+
+function insertBan($newban) {
+	$ban = array();
+	$ban[BAN_ID] = '0';
+	$ban[BAN_IP] = hashData($newban['ip']);
+	$ban[BAN_TIMESTAMP] = time();
+	$ban[BAN_EXPIRE] = $newban['expire'];
+	$ban[BAN_REASON] = $newban['reason'];
+
+	return $GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban);
+}
+
+function clearExpiredBans() {
+	$compClause = new AndWhereClause();
+	$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '>', 0, INTEGER_COMPARISON));
+	$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '<=', time(), INTEGER_COMPARISON));
+
+	$bans = $GLOBALS['db']->selectWhere(BANS_FILE, $compClause, -1);
+	foreach ($bans as $ban) {
+		deleteBanByID($ban[BAN_ID]);
+	}
+}
+
+function deleteBanByID($id) {
+	$GLOBALS['db']->deleteWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON));
+}
+
+// Keyword functions
+function keywordByID($id) {
+	$clause = new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON);
+	return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
+}
+
+function keywordByText($text) {
+	$text = strtolower($text);
+	$clause = new SimpleWhereClause(KEYWORD_TEXT, '=', $text, STRING_COMPARISON);
+	return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
+}
+
+function allKeywords() {
+	$rows = $GLOBALS['db']->selectWhere(KEYWORDS_FILE, NULL, -1, new OrderBy(KEYWORD_TEXT, ASCENDING, INTEGER_COMPARISON));
+	return convertKeywordsToSQLStyle($rows);
+}
+
+function convertKeywordsToSQLStyle($keywords, $single = false) {
+	$newkeywords = array();
+	foreach ($keywords as $oldkeyword) {
+		$keyword = array();
+		$keyword['id'] = $oldkeyword[KEYWORD_ID];
+		$keyword['text'] = $oldkeyword[KEYWORD_TEXT];
+		$keyword['action'] = $oldkeyword[KEYWORD_ACTION];
+
+		if ($single) {
+			return $keyword;
+		}
+		$newkeywords[] = $keyword;
+	}
+	return $newkeywords;
+}
+
+function insertKeyword($newkeyword) {
+	$newkeyword['text'] = strtolower($newkeyword['text']);
+
+	$keyword = array();
+	$keyword[KEYWORD_ID] = '0';
+	$keyword[KEYWORD_TEXT] = $newkeyword['text'];
+	$keyword[KEYWORD_ACTION] = $newkeyword['action'];
+
+	$GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword);
+}
+
+function deleteKeyword($id) {
+	$GLOBALS['db']->deleteWhere(KEYWORDS_FILE, new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON));
+}
+
+// Log functions
+function allLogs() {
+	$rows = $GLOBALS['db']->selectWhere(LOGS_FILE, NULL, -1, new OrderBy(LOG_ID, DESCENDING, INTEGER_COMPARISON));
+	return convertLogsToSQLStyle($rows);
+}
+
+function convertLogsToSQLStyle($logs, $single = false) {
+	$newlogs = array();
+	foreach ($logs as $l) {
+		$log = array();
+		$log['id'] = $l[LOG_ID];
+		$log['timestamp'] = $l[LOG_TIMESTAMP];
+		$log['account'] = $l[LOG_ACCOUNT];
+		$log['message'] = $l[LOG_MESSAGE];
+
+		if ($single) {
+			return $log;
+		}
+		$newlogs[] = $log;
+	}
+	return $newlogs;
+}
+
+function insertLog($l) {
+	$log = array();
+	$log['id'] = '0';
+	$log['timestamp'] = $l[LOG_TIMESTAMP];
+	$log['account'] = $l[LOG_ACCOUNT];
+	$log['message'] = $l[LOG_MESSAGE];
+
+	$GLOBALS['db']->insertWithAutoId(LOGS_FILE, LOG_ID, $log);
+}
+
+function deleteLog($id) {
+	$GLOBALS['db']->deleteWhere(LOGS_FILE, new SimpleWhereClause(LOG_ID, '=', $id, INTEGER_COMPARISON));
+}
+
 // Post functions
 function uniquePosts() {
 	return 0; // Unsupported by this database option
@ -96,7 +308,7 @@ function countThreads() {
 	return count($rows);
 }

-function convertPostsToSQLStyle($posts, $singlepost = false) {
+function convertPostsToSQLStyle($posts, $single = false) {
 	$newposts = array();
 	foreach ($posts as $oldpost) {
 		$post = newPost();
@ -129,7 +341,7 @@ function convertPostsToSQLStyle($posts, $singlepost = false) {
 			$post['parent'] = TINYIB_NEWTHREAD;
 		}

-		if ($singlepost) {
+		if ($single) {
 			return $post;
 		}
 		$newposts[] = $post;
@ -201,67 +413,6 @@ function lastPostByIP() {
 	return convertPostsToSQLStyle($rows, true);
 }

-// Ban functions
-function banByID($id) {
-	return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON), 1), true);
-}
-
-function banByIP($ip) {
-	$compClause = new OrWhereClause();
-	$compClause->add(new SimpleWhereClause(BAN_IP, '=', $ip, STRING_COMPARISON));
-	$compClause->add(new SimpleWhereClause(BAN_IP, '=', hashData($ip), STRING_COMPARISON));
-	return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, $compClause, 1), true);
-}
-
-function allBans() {
-	$rows = $GLOBALS['db']->selectWhere(BANS_FILE, NULL, -1, new OrderBy(BAN_TIMESTAMP, DESCENDING, INTEGER_COMPARISON));
-	return convertBansToSQLStyle($rows);
-}
-
-function convertBansToSQLStyle($bans, $singleban = false) {
-	$newbans = array();
-	foreach ($bans as $oldban) {
-		$ban = array();
-		$ban['id'] = $oldban[BAN_ID];
-		$ban['ip'] = $oldban[BAN_IP];
-		$ban['timestamp'] = $oldban[BAN_TIMESTAMP];
-		$ban['expire'] = $oldban[BAN_EXPIRE];
-		$ban['reason'] = $oldban[BAN_REASON];
-
-		if ($singleban) {
-			return $ban;
-		}
-		$newbans[] = $ban;
-	}
-	return $newbans;
-}
-
-function insertBan($newban) {
-	$ban = array();
-	$ban[BAN_ID] = '0';
-	$ban[BAN_IP] = hashData($newban['ip']);
-	$ban[BAN_TIMESTAMP] = time();
-	$ban[BAN_EXPIRE] = $newban['expire'];
-	$ban[BAN_REASON] = $newban['reason'];
-
-	return $GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban);
-}
-
-function clearExpiredBans() {
-	$compClause = new AndWhereClause();
-	$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '>', 0, INTEGER_COMPARISON));
-	$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '<=', time(), INTEGER_COMPARISON));
-
-	$bans = $GLOBALS['db']->selectWhere(BANS_FILE, $compClause, -1);
-	foreach ($bans as $ban) {
-		deleteBanByID($ban[BAN_ID]);
-	}
-}
-
-function deleteBanByID($id) {
-	$GLOBALS['db']->deleteWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON));
-}
-
 // Report functions
 function reportByIP($post, $ip) {
 	$ipClause = new OrWhereClause();
@ -284,7 +435,7 @@ function allReports() {
 	return convertReportsToSQLStyle($rows);
 }

-function convertReportsToSQLStyle($reports, $singlereport = false) {
+function convertReportsToSQLStyle($reports, $single = false) {
 	$newreports = array();
 	foreach ($reports as $oldreport) {
 		$report = array();
@ -292,7 +443,7 @@ function convertReportsToSQLStyle($reports, $singlereport = false) {
 		$report['ip'] = $oldreport[REPORT_IP];
 		$report['post'] = $oldreport[REPORT_POST];

-		if ($singlereport) {
+		if ($single) {
 			return $report;
 		}
 		$newreports[] = $report;
@ -320,50 +471,3 @@ function deleteReportsByIP($ip) {

 	$GLOBALS['db']->deleteWhere(REPORTS_FILE, $ipClause);
 }
-
-// Keyword functions
-function keywordByID($id) {
-	$clause = new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON);
-	return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
-}
-function keywordByText($text) {
-	$text = strtolower($text);
-	$clause = new SimpleWhereClause(KEYWORD_TEXT, '=', $text, STRING_COMPARISON);
-	return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
-}
-
-function allKeywords() {
-	$rows = $GLOBALS['db']->selectWhere(KEYWORDS_FILE, NULL, -1, new OrderBy(KEYWORD_TEXT, ASCENDING, INTEGER_COMPARISON));
-	return convertKeywordsToSQLStyle($rows);
-}
-
-function convertKeywordsToSQLStyle($keywords, $singlekeyword = false) {
-	$newkeywords = array();
-	foreach ($keywords as $oldkeyword) {
-		$keyword = array();
-		$keyword['id'] = $oldkeyword[KEYWORD_ID];
-		$keyword['text'] = $oldkeyword[KEYWORD_TEXT];
-		$keyword['action'] = $oldkeyword[KEYWORD_ACTION];
-
-		if ($singlekeyword) {
-			return $keyword;
-		}
-		$newkeywords[] = $keyword;
-	}
-	return $newkeywords;
-}
-
-function insertKeyword($newkeyword) {
-	$newkeyword['text'] = strtolower($newkeyword['text']);
-
-	$keyword = array();
-	$keyword[KEYWORD_ID] = '0';
-	$keyword[KEYWORD_TEXT] = $newkeyword['text'];
-	$keyword[KEYWORD_ACTION] = $newkeyword['action'];
-
-	$GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword);
-}
-
-function deleteKeyword($id) {
-	$GLOBALS['db']->deleteWhere(KEYWORDS_FILE, new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON));
-}
--- a/inc/database/flatfile_link.php
+++ b/inc/database/flatfile_link.php
@ -3,6 +3,35 @@ if (!defined('TINYIB_BOARD')) {
 	die('');
 }

+// Accounts table
+define('ACCOUNTS_FILE', '.accounts');
+define('ACCOUNT_ID', 0);
+define('ACCOUNT_USERNAME', 1);
+define('ACCOUNT_PASSWORD', 2);
+define('ACCOUNT_ROLE', 3);
+define('ACCOUNT_LASTACTIVE', 4);
+
+// Bans table
+define('BANS_FILE', '.bans');
+define('BAN_ID', 0);
+define('BAN_IP', 1);
+define('BAN_TIMESTAMP', 2);
+define('BAN_EXPIRE', 3);
+define('BAN_REASON', 4);
+
+// Keywords table
+define('KEYWORDS_FILE', '.keywords');
+define('KEYWORD_ID', 0);
+define('KEYWORD_TEXT', 1);
+define('KEYWORD_ACTION', 2);
+
+// Log table
+define('LOGS_FILE', '.logs');
+define('LOG_ID', 0);
+define('LOG_TIMESTAMP', 1);
+define('LOG_ACCOUNT', 2);
+define('LOG_MESSAGE', 3);
+
 // Posts table
 define('POSTS_FILE', '.posts');
 define('POST_ID', 0);
@ -31,26 +60,12 @@ define('POST_STICKIED', 22);
 define('POST_LOCKED', 23);
 define('POST_MODERATED', 24);

-// Bans table
-define('BANS_FILE', '.bans');
-define('BAN_ID', 0);
-define('BAN_IP', 1);
-define('BAN_TIMESTAMP', 2);
-define('BAN_EXPIRE', 3);
-define('BAN_REASON', 4);
-
 // Reports table
 define('REPORTS_FILE', '.reports');
 define('REPORT_ID', 0);
 define('REPORT_IP', 1);
 define('REPORT_POST', 2);

-// Keywords table
-define('KEYWORDS_FILE', '.keywords');
-define('KEYWORD_ID', 0);
-define('KEYWORD_TEXT', 1);
-define('KEYWORD_ACTION', 2);
-
 require_once 'flatfile/flatfile.php';
 $db = new Flatfile();
 $db->datadir = 'inc/database/flatfile/';
@ -60,59 +75,78 @@ if (file_exists('inc/flatfile/' . POSTS_FILE)) {
 }

 if (function_exists('insertPost')) {
-	function migratePost($newpost) {
-		$post = array();
-		$post[POST_ID] = $newpost['id'];
-		$post[POST_PARENT] = $newpost['parent'];
-		$post[POST_TIMESTAMP] = $newpost['timestamp'];
-		$post[POST_BUMPED] = $newpost['bumped'];
-		$post[POST_IP] = $newpost['ip'];
-		$post[POST_NAME] = $newpost['name'];
-		$post[POST_TRIPCODE] = $newpost['tripcode'];
-		$post[POST_EMAIL] = $newpost['email'];
-		$post[POST_NAMEBLOCK] = $newpost['nameblock'];
-		$post[POST_SUBJECT] = $newpost['subject'];
-		$post[POST_MESSAGE] = $newpost['message'];
-		$post[POST_PASSWORD] = $newpost['password'];
-		$post[POST_FILE] = $newpost['file'];
-		$post[POST_FILE_HEX] = $newpost['file_hex'];
-		$post[POST_FILE_ORIGINAL] = $newpost['file_original'];
-		$post[POST_FILE_SIZE] = $newpost['file_size'];
-		$post[POST_FILE_SIZE_FORMATTED] = $newpost['file_size_formatted'];
-		$post[POST_IMAGE_WIDTH] = $newpost['image_width'];
-		$post[POST_IMAGE_HEIGHT] = $newpost['image_height'];
-		$post[POST_THUMB] = $newpost['thumb'];
-		$post[POST_THUMB_WIDTH] = $newpost['thumb_width'];
-		$post[POST_THUMB_HEIGHT] = $newpost['thumb_height'];
-		$post[POST_MODERATED] = $newpost['moderated'];
-		$post[POST_STICKIED] = $newpost['stickied'];
-		$post[POST_LOCKED] = $newpost['locked'];
-		$GLOBALS['db']->insertWithAutoId(POSTS_FILE, POST_ID, $post);
+	function migrateAccount($a) {
+		$account = array();
+		$account[ACCOUNT_ID] = $a['id'];
+		$account[ACCOUNT_USERNAME] = $a['username'];
+		$account[ACCOUNT_PASSWORD] = $a['password'];
+		$account[ACCOUNT_ROLE] = $a['role'];
+		$account[ACCOUNT_LASTACTIVE] = $a['lastactive'];
+		$GLOBALS['db']->insertWithAutoId(ACCOUNTS_FILE, ACCOUNT_ID, $account);
 	}

-	function migrateBan($newban) {
+	function migrateBan($b) {
 		$ban = array();
-		$ban[BAN_ID] = $newban['id'];
-		$ban[BAN_IP] = $newban['ip'];
-		$ban[BAN_TIMESTAMP] = $newban['timestamp'];
-		$ban[BAN_EXPIRE] = $newban['expire'];
-		$ban[BAN_REASON] = $newban['reason'];
+		$ban[BAN_ID] = $b['id'];
+		$ban[BAN_IP] = $b['ip'];
+		$ban[BAN_TIMESTAMP] = $b['timestamp'];
+		$ban[BAN_EXPIRE] = $b['expire'];
+		$ban[BAN_REASON] = $b['reason'];
 		$GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban);
 	}

-	function migrateReport($newreport) {
-		$report = array();
-		$report[REPORT_ID] = $newreport['id'];
-		$report[REPORT_IP] = $newreport['ip'];
-		$report[REPORT_POST] = $newreport['post'];
-		$GLOBALS['db']->insertWithAutoId(REPORTS_FILE, REPORT_ID, $report);
-	}
-
-	function migrateKeyword($newkeyword) {
+	function migrateKeyword($k) {
 		$keyword = array();
-		$keyword[KEYWORD_ID] = $newkeyword['id'];
-		$keyword[KEYWORD_TEXT] = $newkeyword['text'];
-		$keyword[KEYWORD_ACTION] = $newkeyword['action'];
+		$keyword[KEYWORD_ID] = $k['id'];
+		$keyword[KEYWORD_TEXT] = $k['text'];
+		$keyword[KEYWORD_ACTION] = $k['action'];
 		$GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword);
 	}
+
+	function migrateLog($l) {
+		$log = array();
+		$log[LOG_ID] = $l['id'];
+		$log[LOG_TIMESTAMP] = $l['timestamp'];
+		$log[LOG_ACCOUNT] = $l['account'];
+		$log[LOG_MESSAGE] = $l['message'];
+		$GLOBALS['db']->insertWithAutoId(LOGS_FILE, LOG_ID, $log);
+	}
+
+	function migratePost($p) {
+		$post = array();
+		$post[POST_ID] = $p['id'];
+		$post[POST_PARENT] = $p['parent'];
+		$post[POST_TIMESTAMP] = $p['timestamp'];
+		$post[POST_BUMPED] = $p['bumped'];
+		$post[POST_IP] = $p['ip'];
+		$post[POST_NAME] = $p['name'];
+		$post[POST_TRIPCODE] = $p['tripcode'];
+		$post[POST_EMAIL] = $p['email'];
+		$post[POST_NAMEBLOCK] = $p['nameblock'];
+		$post[POST_SUBJECT] = $p['subject'];
+		$post[POST_MESSAGE] = $p['message'];
+		$post[POST_PASSWORD] = $p['password'];
+		$post[POST_FILE] = $p['file'];
+		$post[POST_FILE_HEX] = $p['file_hex'];
+		$post[POST_FILE_ORIGINAL] = $p['file_original'];
+		$post[POST_FILE_SIZE] = $p['file_size'];
+		$post[POST_FILE_SIZE_FORMATTED] = $p['file_size_formatted'];
+		$post[POST_IMAGE_WIDTH] = $p['image_width'];
+		$post[POST_IMAGE_HEIGHT] = $p['image_height'];
+		$post[POST_THUMB] = $p['thumb'];
+		$post[POST_THUMB_WIDTH] = $p['thumb_width'];
+		$post[POST_THUMB_HEIGHT] = $p['thumb_height'];
+		$post[POST_MODERATED] = $p['moderated'];
+		$post[POST_STICKIED] = $p['stickied'];
+		$post[POST_LOCKED] = $p['locked'];
+		$GLOBALS['db']->insertWithAutoId(POSTS_FILE, POST_ID, $post);
+	}
+
+	function migrateReport($r) {
+		$report = array();
+		$report[REPORT_ID] = $r['id'];
+		$report[REPORT_IP] = $r['ip'];
+		$report[REPORT_POST] = $r['post'];
+		$GLOBALS['db']->insertWithAutoId(REPORTS_FILE, REPORT_ID, $report);
+	}
 }
--- a/inc/database/mysql.php
+++ b/inc/database/mysql.php
@ -3,6 +3,47 @@ if (!defined('TINYIB_BOARD')) {
 	die('');
 }

+// Account functions
+function accountByID($id) {
+	$result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "' LIMIT 1");
+	if ($result) {
+		while ($account = mysql_fetch_assoc($result)) {
+			return $account;
+		}
+	}
+}
+
+function accountByUsername($username) {
+	$result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `username` = '" . mysql_real_escape_string($username) . "' LIMIT 1");
+	if ($result) {
+		while ($account = mysql_fetch_assoc($result)) {
+			return $account;
+		}
+	}
+}
+
+function allAccounts($username) {
+	$result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` ORDER BY `role` ASC, `username` ASC");
+	if ($result) {
+		while ($account = mysql_fetch_assoc($result)) {
+			return $account;
+		}
+	}
+}
+
+function insertAccount($account) {
+	mysql_query("INSERT INTO `" . TINYIB_DBACCOUNTS . "` (`username`, `password`, `role`, `lastactive`) VALUES (" . $account['username'] . ", '" . hashData($account['password']) . "', '" . mysql_real_escape_string($account['role']) . "', '0')");
+	return mysql_insert_id();
+}
+
+function updateAccount($account) {
+	mysql_query("UPDATE `" . TINYIB_DBACCOUNTS . "` SET `username` = " . $account['username'] . ", `password` = '" . hashData($account['password']) . "', `role` = '" . mysql_real_escape_string($account['role']) . "', `lastactive` = " . mysql_real_escape_string($account['lastactive']) . " WHERE `id` = '" . mysql_real_escape_string($account['id']) . "'");
+}
+
+function deleteAccountByID($id) {
+	mysql_query("DELETE FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "'");
+}
+
 // Post functions
 function uniquePosts() {
 	$row = mysql_fetch_row(mysql_query("SELECT COUNT(DISTINCT(`ip`)) FROM " . TINYIB_DBPOSTS));
--- a/inc/database/mysql_link.php
+++ b/inc/database/mysql_link.php
@ -17,26 +17,31 @@ if (!$db_selected) {
 }
 mysql_query("SET NAMES 'utf8mb4'");

-// Create the posts table if it does not exist
-if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
-	mysql_query($posts_sql);
+// Create tables (when necessary)
+if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBACCOUNTS . "'")) == 0) {
+	mysql_query($accounts_sql);
 }

-// Create the bans table if it does not exist
 if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBBANS . "'")) == 0) {
 	mysql_query($bans_sql);
 }

-// Create the reports table if it does not exist
-if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
-	mysql_query($reports_sql);
-}
-
-// Create the keywords table if it does not exist
 if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBKEYWORDS . "'")) == 0) {
 	mysql_query($keywords_sql);
 }

+if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBLOGS . "'")) == 0) {
+	mysql_query($logs_sql);
+}
+
+if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
+	mysql_query($posts_sql);
+}
+
+if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
+	mysql_query($reports_sql);
+}
+
 if (mysql_num_rows(mysql_query("SHOW COLUMNS FROM `" . TINYIB_DBPOSTS . "` LIKE 'stickied'")) == 0) {
 	mysql_query("ALTER TABLE `" . TINYIB_DBPOSTS . "` ADD COLUMN stickied TINYINT(1) NOT NULL DEFAULT '0'");
 }
@ -51,19 +56,27 @@ mysql_query("ALTER TABLE `" . TINYIB_DBPOSTS . "` MODIFY ip VARCHAR(255) NOT NUL
 mysql_query("ALTER TABLE `" . TINYIB_DBBANS . "` MODIFY ip VARCHAR(255) NOT NULL DEFAULT ''");

 if (function_exists('insertPost')) {
-	function migratePost($post) {
-		mysql_query("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysql_real_escape_string($post['ip']) . "', '" . mysql_real_escape_string($post['name']) . "', '" . mysql_real_escape_string($post['tripcode']) . "',	'" . mysql_real_escape_string($post['email']) . "',	'" . mysql_real_escape_string($post['nameblock']) . "', '" . mysql_real_escape_string($post['subject']) . "', '" . mysql_real_escape_string($post['message']) . "', '" . mysql_real_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysql_real_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
+	function migrateAccount($account) {
+		mysql_query("INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES ('" . mysql_real_escape_string($account['id']) . "', '" . mysql_real_escape_string($account['username']) . "', '" . mysql_real_escape_string($account['password']) . "', '" . mysql_real_escape_string($account['role']) . "', '" . mysql_real_escape_string($account['lastactive']) . "')");
 	}

 	function migrateBan($ban) {
 		mysql_query("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . mysql_real_escape_string($ban['id']) . "', '" . mysql_real_escape_string($ban['ip']) . "', '" . mysql_real_escape_string($ban['timestamp']) . "', '" . mysql_real_escape_string($ban['expire']) . "', '" . mysql_real_escape_string($ban['reason']) . "')");
 	}

-	function migrateReport($report) {
-		mysql_query("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysql_real_escape_string($report['id']) . "', '" . mysql_real_escape_string($report['ip']) . "', '" . mysql_real_escape_string($report['post']) . "')");
-	}
-
 	function migrateKeyword($keyword) {
 		mysql_query("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . mysql_real_escape_string($keyword['id']) . "', '" . mysql_real_escape_string($keyword['text']) . "', '" . mysql_real_escape_string($keyword['action']) . "')");
 	}
+
+	function migrateLog($log) {
+		mysql_query("INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . mysql_real_escape_string($log['id']) . "', '" . mysql_real_escape_string($log['timestamp']) . "', '" . mysql_real_escape_string($log['account']) . "', '" . mysql_real_escape_string($log['message']) . "')");
+	}
+
+	function migratePost($post) {
+		mysql_query("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysql_real_escape_string($post['ip']) . "', '" . mysql_real_escape_string($post['name']) . "', '" . mysql_real_escape_string($post['tripcode']) . "',	'" . mysql_real_escape_string($post['email']) . "',	'" . mysql_real_escape_string($post['nameblock']) . "', '" . mysql_real_escape_string($post['subject']) . "', '" . mysql_real_escape_string($post['message']) . "', '" . mysql_real_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysql_real_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
+	}
+
+	function migrateReport($report) {
+		mysql_query("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysql_real_escape_string($report['id']) . "', '" . mysql_real_escape_string($report['ip']) . "', '" . mysql_real_escape_string($report['post']) . "')");
+	}
 }
--- a/inc/database/mysqli.php
+++ b/inc/database/mysqli.php
@ -3,6 +3,55 @@ if (!defined('TINYIB_BOARD')) {
 	die('');
 }

+// Account functions
+function accountByID($id) {
+	global $link;
+	$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysqli_real_escape_string($link, $id) . "' LIMIT 1");
+	if ($result) {
+		while ($account = mysqli_fetch_assoc($result)) {
+			return $account;
+		}
+	}
+}
+
+function accountByUsername($username) {
+	global $link;
+	$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `username` = '" . mysqli_real_escape_string($link, $username) . "' LIMIT 1");
+	if ($result) {
+		while ($account = mysqli_fetch_assoc($result)) {
+			return $account;
+		}
+	}
+}
+
+function allAccounts() {
+	global $link;
+	$accounts = array();
+	$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` ORDER BY `role` ASC, `username` ASC");
+	if ($result) {
+		while ($account = mysqli_fetch_assoc($result)) {
+			$accounts[] = $account;
+		}
+	}
+	return $accounts;
+}
+
+function insertAccount($account) {
+	global $link;
+	mysqli_query($link, "INSERT INTO `" . TINYIB_DBACCOUNTS . "` (`username`, `password`, `role`, `lastactive`) VALUES ('" . mysqli_real_escape_string($link, $account['username']) . "', '" . mysqli_real_escape_string($link, hashData($account['password'])) . "', '" . mysqli_real_escape_string($link, $account['role']) . "', '0')");
+	return mysqli_insert_id($link);
+}
+
+function updateAccount($account) {
+	global $link;
+	mysqli_query($link, "UPDATE `" . TINYIB_DBACCOUNTS . "` SET `username` = '" . mysqli_real_escape_string($link, $account['username']) . "', `password` = '" . mysqli_real_escape_string($link, hashData($account['password'])) . "', `role` = '" . mysqli_real_escape_string($link, $account['role']) . "', `lastactive` = " . mysqli_real_escape_string($link, $account['lastactive'])  . " WHERE `id` = " . mysqli_real_escape_string($link, $account['id']) . " LIMIT 1");
+}
+
+function deleteAccountByID($id) {
+	global $link;
+	mysqli_query($link, "DELETE FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = " . mysqli_real_escape_string($link, $id) . " LIMIT 1");
+}
+
 // Post functions
 function uniquePosts() {
 	global $link;
--- a/inc/database/mysqli_link.php
+++ b/inc/database/mysqli_link.php
@ -17,26 +17,31 @@ if (!$db_selected) {
 }
 mysqli_query($link, "SET NAMES 'utf8mb4'");

-// Create the posts table if it does not exist
-if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
-	mysqli_query($link, $posts_sql);
+// Create tables (when necessary)
+if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBACCOUNTS . "'")) == 0) {
+	mysqli_query($link, $accounts_sql);
 }

-// Create the bans table if it does not exist
 if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBBANS . "'")) == 0) {
 	mysqli_query($link, $bans_sql);
 }

-// Create the reports table if it does not exist
-if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
-	mysqli_query($link, $reports_sql);
-}
-
-// Create the keywords table if it does not exist
 if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBKEYWORDS . "'")) == 0) {
 	mysqli_query($link, $keywords_sql);
 }

+if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBLOGS . "'")) == 0) {
+	mysqli_query($link, $logs_sql);
+}
+
+if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
+	mysqli_query($link, $posts_sql);
+}
+
+if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
+	mysqli_query($link, $reports_sql);
+}
+
 if (mysqli_num_rows(mysqli_query($link, "SHOW COLUMNS FROM `" . TINYIB_DBPOSTS . "` LIKE 'stickied'")) == 0) {
 	mysqli_query($link, "ALTER TABLE `" . TINYIB_DBPOSTS . "` ADD COLUMN stickied TINYINT(1) NOT NULL DEFAULT '0'");
 }
@ -51,9 +56,9 @@ mysqli_query($link, "ALTER TABLE `" . TINYIB_DBPOSTS . "` MODIFY ip VARCHAR(255)
 mysqli_query($link, "ALTER TABLE `" . TINYIB_DBBANS . "` MODIFY ip VARCHAR(255) NOT NULL DEFAULT ''");

 if (function_exists('insertPost')) {
-	function migratePost($post) {
+	function migrateAccount($account) {
 		global $link;
-		mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`id`, `parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `moderated`, `stickied`, `locked`) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysqli_real_escape_string($link, $post['ip']) . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "',      '" . mysqli_real_escape_string($link, $post['email']) . "',     '" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
+		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (" . mysqli_real_escape_string($link, $account['id']) . "', '" . mysqli_real_escape_string($link, $account['username']) . "', '" . mysqli_real_escape_string($link, $account['password']) . "', '" . mysqli_real_escape_string($link, $account['role']) . "', '" . mysqli_real_escape_string($link, $account['lastactive']) . "')");
 	}

 	function migrateBan($ban) {
@ -61,13 +66,23 @@ if (function_exists('insertPost')) {
 		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . mysqli_real_escape_string($link, $ban['id']) . "', '" . mysqli_real_escape_string($link, $ban['ip']) . "', '" . mysqli_real_escape_string($link, $ban['timestamp']) . "', '" . mysqli_real_escape_string($link, $ban['expire']) . "', '" . mysqli_real_escape_string($link, $ban['reason']) . "')");
 	}

-	function migrateReport($report) {
-		global $link;
-		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysqli_real_escape_string($link, $report['id']) . "', '" . mysqli_real_escape_string($link, $report['ip']) . "', '" . mysqli_real_escape_string($link, $report['post']) . "')");
-	}
-
 	function migrateKeyword($keyword) {
 		global $link;
 		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . mysqli_real_escape_string($link, $keyword['id']) . "', '" . mysqli_real_escape_string($link, $keyword['text']) . "', '" . mysqli_real_escape_string($link, $keyword['action']) . "')");
 	}
+
+	function migrateLog($log) {
+		global $link;
+		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . mysqli_real_escape_string($link, $log['id']) . "', '" . mysqli_real_escape_string($link, $log['timestamp']) . "', '" . mysqli_real_escape_string($link, $log['account']) . "', '" . mysqli_real_escape_string($link, $log['message']) . "')");
+	}
+
+	function migratePost($post) {
+		global $link;
+		mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`id`, `parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `moderated`, `stickied`, `locked`) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysqli_real_escape_string($link, $post['ip']) . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "',      '" . mysqli_real_escape_string($link, $post['email']) . "',     '" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
+	}
+
+	function migrateReport($report) {
+		global $link;
+		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysqli_real_escape_string($link, $report['id']) . "', '" . mysqli_real_escape_string($link, $report['ip']) . "', '" . mysqli_real_escape_string($link, $report['post']) . "')");
+	}
 }
--- a/inc/database/pdo.php
+++ b/inc/database/pdo.php
@ -3,6 +3,43 @@ if (!defined('TINYIB_BOARD')) {
 	die('');
 }

+// Account functions
+function accountByID($id) {
+	$result = pdoQuery("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE id = ?", array($id));
+	return $result->fetch(PDO::FETCH_ASSOC);
+}
+
+function accountByUsername($username) {
+	$result = pdoQuery("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE username = ? LIMIT 1", array($username));
+	return $result->fetch(PDO::FETCH_ASSOC);
+}
+
+function allAccounts() {
+	$accounts = array();
+	$results = pdoQuery("SELECT * FROM " . TINYIB_DBACCOUNTS . " ORDER BY role ASC, username ASC");
+	while ($row = $results->fetch(PDO::FETCH_ASSOC)) {
+		$accounts[] = $row;
+	}
+	return $accounts;
+}
+
+function insertAccount($account) {
+	global $dbh;
+	$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBACCOUNTS . " (username, password, role, lastactive) VALUES (?, ?, ?, ?)");
+	$stm->execute(array($account['username'], hashData($account['password']), $account['role'], 0));
+	return $dbh->lastInsertId();
+}
+
+function updateAccount($account) {
+	global $dbh;
+	$stm = $dbh->prepare("UPDATE " . TINYIB_DBACCOUNTS . " SET username = ?, password = ?, role = ?, lastactive = ? WHERE id = ?");
+	$stm->execute(array($account['username'], hashData($account['password']), $account['role'], $account['lastactive'], $account['id']));
+}
+
+function deleteAccountByID($id) {
+	pdoQuery("DELETE FROM " . TINYIB_DBACCOUNTS . " WHERE id = ?", array($id));
+}
+
 // Post functions
 function uniquePosts() {
 	$result = pdoQuery("SELECT COUNT(DISTINCT(ip)) FROM " . TINYIB_DBPOSTS);
--- a/inc/database/pdo_link.php
+++ b/inc/database/pdo_link.php
@ -28,19 +28,40 @@ try {
 	fancyDie("Failed to connect to the database: " . $e->getMessage());
 }

-// Create the posts table if it does not exist
+// Create tables (when necessary)
 if (TINYIB_DBDRIVER === 'pgsql') {
-	$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBPOSTS);
-	$posts_exists = $dbh->query($query)->fetchColumn() != 0;
+	$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBACCOUNTS);
+	$accounts_exists = $dbh->query($query)->fetchColumn() != 0;
 } else {
-	$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBPOSTS));
-	$posts_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
+	$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBACCOUNTS));
+	$accounts_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
 }
-if (!$posts_exists) {
-	$dbh->exec($posts_sql);
+if (!$accounts_exists) {
+	$dbh->exec($accounts_sql);
+}
+
+if (TINYIB_DBDRIVER === 'pgsql') {
+	$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBLOGS);
+	$logs_exists = $dbh->query($query)->fetchColumn() != 0;
+} else {
+	$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBLOGS));
+	$logs_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
+}
+if (!$logs_exists) {
+	$dbh->exec($logs_sql);
+}
+
+if (TINYIB_DBDRIVER === 'pgsql') {
+	$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBKEYWORDS);
+	$keywords_exists = $dbh->query($query)->fetchColumn() != 0;
+} else {
+	$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBKEYWORDS));
+	$keywords_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
+}
+if (!$keywords_exists) {
+	$dbh->exec($keywords_sql);
 }

-// Create the bans table if it does not exist
 if (TINYIB_DBDRIVER === 'pgsql') {
 	$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBBANS);
 	$bans_exists = $dbh->query($query)->fetchColumn() != 0;
@ -52,7 +73,17 @@ if (!$bans_exists) {
 	$dbh->exec($bans_sql);
 }

-// Create the reports table if it does not exist
+if (TINYIB_DBDRIVER === 'pgsql') {
+	$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBPOSTS);
+	$posts_exists = $dbh->query($query)->fetchColumn() != 0;
+} else {
+	$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBPOSTS));
+	$posts_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
+}
+if (!$posts_exists) {
+	$dbh->exec($posts_sql);
+}
+
 if (TINYIB_DBDRIVER === 'pgsql') {
 	$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBREPORTS);
 	$reports_exists = $dbh->query($query)->fetchColumn() != 0;
@ -64,18 +95,6 @@ if (!$reports_exists) {
 	$dbh->exec($reports_sql);
 }

-// Create the keywords table if it does not exist
-if (TINYIB_DBDRIVER === 'pgsql') {
-	$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBKEYWORDS);
-	$keywords_exists = $dbh->query($query)->fetchColumn() != 0;
-} else {
-	$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBKEYWORDS));
-	$keywords_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
-}
-if (!$keywords_exists) {
-	$dbh->exec($keywords_sql);
-}
-
 if (TINYIB_DBDRIVER === 'pgsql') {
 	$query = "SELECT column_name FROM information_schema.columns WHERE table_name='" . TINYIB_DBPOSTS . "' and column_name='moderated'";
 	$moderated_exists = $dbh->query($query)->fetchColumn() != 0;
@ -137,6 +156,30 @@ function pdoQuery($sql, $params = false) {
 }

 if (function_exists('insertPost')) {
+	function migrateAccount($account) {
+		global $dbh;
+		$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (?, ?, ?, ?, ?)");
+		$stm->execute(array($account['id'], $account['username'], $account['password'], $account['role'], $account['lastactive']));
+	}
+
+	function migrateBan($ban) {
+		global $dbh;
+		$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (?, ?, ?, ?, ?)");
+		$stm->execute(array($ban['id'], $ban['ip'], $ban['timestamp'], $ban['expire'], $ban['reason']));
+	}
+
+	function migrateKeyword($keyword) {
+		global $dbh;
+		$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES (?, ?, ?)");
+		$stm->execute(array($keyword['id'], $keyword['text'], $keyword['action']));
+	}
+
+	function migrateLog($log) {
+		global $dbh;
+		$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES (?, ?, ?, ?)");
+		$stm->execute(array($log['id'], $log['timestamp'], $log['account'], $log['message']));
+	}
+
 	function migratePost($post) {
 		global $dbh;
 		$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) " .
@ -147,21 +190,9 @@ if (function_exists('insertPost')) {
 			$post['image_width'], $post['image_height'], $post['thumb'], $post['thumb_width'], $post['thumb_height'], $post['moderated'], $post['stickied'], $post['locked']));
 	}

-	function migrateBan($ban) {
-		global $dbh;
-		$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (?, ?, ?, ?, ?)");
-		$stm->execute(array($ban['id'], $ban['ip'], $ban['timestamp'], $ban['expire'], $ban['reason']));
-	}
-
 	function migrateReport($report) {
 		global $dbh;
 		$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES (?, ?, ?)");
 		$stm->execute(array($report['id'], $report['ip'], $report['post']));
 	}
-
-	function migrateKeyword($keyword) {
-		global $dbh;
-		$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES (?, ?, ?)");
-		$stm->execute(array($keyword['id'], $keyword['text'], $keyword['action']));
-	}
 }
--- a/inc/database/sqlite.php
+++ b/inc/database/sqlite.php
@ -3,6 +3,43 @@ if (!defined('TINYIB_BOARD')) {
 	die('');
 }

+// Account functions
+function accountByID($id) {
+	$result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE id = '" . sqlite_escape_string($id) . "' LIMIT 1"), SQLITE_ASSOC);
+	foreach ($result as $account) {
+		return $account;
+	}
+}
+
+function accountByUsername($username) {
+	$result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE username = '" . sqlite_escape_string($username) . "' LIMIT 1"), SQLITE_ASSOC);
+	foreach ($result as $account) {
+		return $account;
+	}
+}
+
+function allAccounts() {
+	$accounts = array();
+	$result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBACCOUNTS . " ORDER BY role ASC, username ASC"), SQLITE_ASSOC);
+	foreach ($result as $account) {
+		$accounts[] = $account;
+	}
+	return $accounts;
+}
+
+function insertAccount($account) {
+	sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBACCOUNTS . " (username, password, role, lastactive) VALUES ('" . sqlite_escape_string($account['username']) . "', '" . sqlite_escape_string(hashData($account['password'])) . "', '" . sqlite_escape_string($account['role']) . "', '0')");
+	return sqlite_last_insert_rowid($GLOBALS["db"]);
+}
+
+function updateAccount($account) {
+	sqlite_query($GLOBALS["db"], "UPDATE " . TINYIB_DBACCOUNTS . " SET username = '" . sqlite_escape_string($account['username']) . "', password = '" . sqlite_escape_string(hashData($account['password'])) . "', role = '" . sqlite_escape_string($account['role']) . "', lastactive = '" . sqlite_escape_string($account['lastactive']) . "' WHERE id = " . sqlite_escape_string($account['id']));
+}
+
+function deleteAccountByID($id) {
+	sqlite_query($GLOBALS["db"], "DELETE FROM " . TINYIB_DBACCOUNTS . " WHERE id = " . sqlite_escape_string($id));
+}
+
 // Post functions
 function uniquePosts() {
 	return sqlite_fetch_single(sqlite_query($GLOBALS["db"], "SELECT COUNT(ip) FROM (SELECT DISTINCT ip FROM " . TINYIB_DBPOSTS . ")"));
--- a/inc/database/sqlite3.php
+++ b/inc/database/sqlite3.php
@ -3,6 +3,50 @@ if (!defined('TINYIB_BOARD')) {
 	die('');
 }

+// Account functions
+function accountByID($id) {
+	global $db;
+	$result = $db->query("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE id = '" . $db->escapeString($id) . "' LIMIT 1");
+	while ($account = $result->fetchArray()) {
+		return $account;
+	}
+}
+
+function accountByUsername($username) {
+	global $db;
+	$result = $db->query("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE username = '" . $db->escapeString($username) . "' LIMIT 1");
+	while ($account = $result->fetchArray()) {
+		return $account;
+	}
+}
+
+function allAccounts() {
+	global $db;
+	$accounts = array();
+	$result = $db->query("SELECT * FROM " . TINYIB_DBACCOUNTS . " ORDER BY role ASC, username ASC");
+	while ($account = $result->fetchArray()) {
+		$accounts[] = $account;
+	}
+	return $accounts;
+}
+
+function insertAccount($account) {
+	global $db;
+	$db->exec("INSERT INTO " . TINYIB_DBACCOUNTS . " (username, password, role, lastactive) VALUES ('" . $db->escapeString($account['username']) . "', '" . $db->escapeString(hashData($account['password'])) . "', '" . $db->escapeString($account['role']) . "', '0')");
+	return $db->lastInsertRowID();
+}
+
+function updateAccount($account) {
+	global $db;
+	$db->exec("UPDATE " . TINYIB_DBACCOUNTS . " SET username = '" . $db->escapeString($account['username']) . "', password = '" . $db->escapeString(hashData($account['password'])) . "', role = '" . $db->escapeString($account['role']) . "', lastactive = '" . $db->escapeString($account['lastactive']) . "'  WHERE id = " . $db->escapeString($account['id']));
+	return $db->lastInsertRowID();
+}
+
+function deleteAccountByID($id) {
+	global $db;
+	$db->exec("DELETE FROM " . TINYIB_DBACCOUNTS . " WHERE id = " . $db->escapeString($id));
+}
+
 // Post functions
 function uniquePosts() {
 	global $db;
@ -132,52 +176,6 @@ function lastPostByIP() {
 	}
 }

-// Ban functions
-function banByID($id) {
-	global $db;
-	$result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " WHERE id = '" . $db->escapeString($id) . "' LIMIT 1");
-	while ($ban = $result->fetchArray()) {
-		return $ban;
-	}
-}
-
-function banByIP($ip) {
-	global $db;
-	$result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " WHERE ip = '" . $db->escapeString($ip) . "' OR ip = '" . $db->escapeString(hashData($ip)) . "' LIMIT 1");
-	while ($ban = $result->fetchArray()) {
-		return $ban;
-	}
-}
-
-function allBans() {
-	global $db;
-	$bans = array();
-	$result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " ORDER BY timestamp DESC");
-	while ($ban = $result->fetchArray()) {
-		$bans[] = $ban;
-	}
-	return $bans;
-}
-
-function insertBan($ban) {
-	global $db;
-	$db->exec("INSERT INTO " . TINYIB_DBBANS . " (ip, timestamp, expire, reason) VALUES ('" . $db->escapeString(hashData($ban['ip'])) . "', " . time() . ", '" . $db->escapeString($ban['expire']) . "', '" . $db->escapeString($ban['reason']) . "')");
-	return $db->lastInsertRowID();
-}
-
-function clearExpiredBans() {
-	global $db;
-	$result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " WHERE expire > 0 AND expire <= " . time());
-	while ($ban = $result->fetchArray()) {
-		$db->exec("DELETE FROM " . TINYIB_DBBANS . " WHERE id = " . $ban['id']);
-	}
-}
-
-function deleteBanByID($id) {
-	global $db;
-	$db->exec("DELETE FROM " . TINYIB_DBBANS . " WHERE id = " . $db->escapeString($id));
-}
-
 // Report functions
 function reportByIP($post, $ip) {
 	global $db;
--- a/inc/database/sqlite3_link.php
+++ b/inc/database/sqlite3_link.php
@ -12,7 +12,48 @@ if (!$db) {
 	fancyDie("Could not connect to database: " . $db->lastErrorMsg());
 }

-// Create the posts table if it does not exist
+// Create tables (when necessary)
+$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBACCOUNTS . "'");
+if (!$result->fetchArray()) {
+	$db->exec("CREATE TABLE " . TINYIB_DBACCOUNTS . " (
+		id INTEGER PRIMARY KEY,
+		username TEXT NOT NULL,
+		password TEXT NOT NULL,
+		role INTEGER NOT NULL,
+		lastactive TIMESTAMP NOT NULL
+	)");
+}
+
+$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'");
+if (!$result->fetchArray()) {
+	$db->exec("CREATE TABLE " . TINYIB_DBBANS . " (
+		id INTEGER PRIMARY KEY,
+		ip TEXT NOT NULL,
+		timestamp TIMESTAMP NOT NULL,
+		expire TIMESTAMP NOT NULL,
+		reason TEXT NOT NULL
+	)");
+}
+
+$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'");
+if (!$result->fetchArray()) {
+	$db->exec("CREATE TABLE " . TINYIB_DBKEYWORDS . " (
+		id INTEGER PRIMARY KEY,
+		text TEXT NOT NULL,
+		action TEXT NOT NULL
+	)");
+}
+
+$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBLOGS . "'");
+if (!$result->fetchArray()) {
+	$db->exec("CREATE TABLE " . TINYIB_DBLOGS . " (
+		id INTEGER PRIMARY KEY,
+		timestamp TIMESTAMP NOT NULL,
+		account INTEGER NOT NULL,
+		message TEXT NOT NULL
+	)");
+}
+
 $result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBPOSTS . "'");
 if (!$result->fetchArray()) {
 	$db->exec("CREATE TABLE " . TINYIB_DBPOSTS . " (
@ -44,19 +85,6 @@ if (!$result->fetchArray()) {
 	)");
 }

-// Create the bans table if it does not exist
-$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'");
-if (!$result->fetchArray()) {
-	$db->exec("CREATE TABLE " . TINYIB_DBBANS . " (
-		id INTEGER PRIMARY KEY,
-		ip TEXT NOT NULL,
-		timestamp TIMESTAMP NOT NULL,
-		expire TIMESTAMP NOT NULL,
-		reason TEXT NOT NULL
-	)");
-}
-
-// Create the reports table if it does not exist
 $result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBREPORTS . "'");
 if (!$result->fetchArray()) {
 	$db->exec("CREATE TABLE " . TINYIB_DBREPORTS . " (
@ -66,16 +94,6 @@ if (!$result->fetchArray()) {
 	)");
 }

-// Create the keywords table if it does not exist
-$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'");
-if (!$result->fetchArray()) {
-	$db->exec("CREATE TABLE " . TINYIB_DBKEYWORDS . " (
-		id INTEGER PRIMARY KEY,
-		text TEXT NOT NULL,
-		action TEXT NOT NULL
-	)");
-}
-
 // Add moderated column if it isn't present
@$db->exec("ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN moderated INTEGER NOT NULL DEFAULT '0'");

@ -86,9 +104,9 @@ if (!$result->fetchArray()) {
@$db->exec("ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN locked INTEGER NOT NULL DEFAULT '0'");

 if (function_exists('insertPost')) {
-	function migratePost($post) {
+	function migrateAccount($account) {
 		global $db;
-		$db->exec("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . $db->escapeString($post['ip']) . "', '" . $db->escapeString($post['name']) . "', '" . $db->escapeString($post['tripcode']) . "',	'" . $db->escapeString($post['email']) . "',	'" . $db->escapeString($post['nameblock']) . "', '" . $db->escapeString($post['subject']) . "', '" . $db->escapeString($post['message']) . "', '" . $db->escapeString($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . $db->escapeString($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
+		$db->exec("INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (" . $db->escapeString($account['id']) . ", '" . $db->escapeString($account['username']) . "', " . $db->escapeString($account['password']) . ", " . $db->escapeString($account['role']) . ", '" . $db->escapeString($account['lastactive']) . "')");
 	}

 	function migrateBan($ban) {
@ -96,13 +114,23 @@ if (function_exists('insertPost')) {
 		$db->exec("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . $db->escapeString($ban['id']) . ", '" . $db->escapeString($ban['ip']) . "', " . $db->escapeString($ban['timestamp']) . ", " . $db->escapeString($ban['expire']) . ", '" . $db->escapeString($ban['reason']) . "')");
 	}

-	function migrateReport($report) {
-		global $db;
-		$db->exec("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . $db->escapeString($report['id']) . "', '" . $db->escapeString($report['ip']) . "', '" . $db->escapeString($report['post']) . "')");
-	}
-
 	function migrateKeyword($keyword) {
 		global $db;
 		$db->exec("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . $db->escapeString($keyword['id']) . "', '" . $db->escapeString($keyword['text']) . "', '" . $db->escapeString($keyword['action']) . "')");
 	}
+
+	function migrateLog($log) {
+		global $db;
+		$db->exec("INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . $db->escapeString($log['id']) . "', '" . $db->escapeString($log['timestamp']) . "', '" . $db->escapeString($log['account']) . "', '" . $db->escapeString($log['message']) . "')");
+	}
+
+	function migratePost($post) {
+		global $db;
+		$db->exec("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . $db->escapeString($post['ip']) . "', '" . $db->escapeString($post['name']) . "', '" . $db->escapeString($post['tripcode']) . "',	'" . $db->escapeString($post['email']) . "',	'" . $db->escapeString($post['nameblock']) . "', '" . $db->escapeString($post['subject']) . "', '" . $db->escapeString($post['message']) . "', '" . $db->escapeString($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . $db->escapeString($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
+	}
+
+	function migrateReport($report) {
+		global $db;
+		$db->exec("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . $db->escapeString($report['id']) . "', '" . $db->escapeString($report['ip']) . "', '" . $db->escapeString($report['post']) . "')");
+	}
 }
--- a/inc/database/sqlite_link.php
+++ b/inc/database/sqlite_link.php
@ -11,7 +11,48 @@ if (!$db = sqlite_open(TINYIB_DBPATH, 0666, $error)) {
 	fancyDie("Could not connect to database: " . $error);
 }

-// Create the posts table if it does not exist
+// Create tables (when necessary)
+$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBACCOUNTS . "'");
+if (sqlite_num_rows($result) == 0) {
+	sqlite_query($db, "CREATE TABLE " . TINYIB_DBACCOUNTS . " (
+		id INTEGER PRIMARY KEY,
+		username TEXT NOT NULL,
+		password TEXT NOT NULL,
+		role INTEGER NOT NULL,
+		lastactive TIMESTAMP NOT NULL
+	)");
+}
+
+$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'");
+if (sqlite_num_rows($result) == 0) {
+	sqlite_query($db, "CREATE TABLE " . TINYIB_DBBANS . " (
+		id INTEGER PRIMARY KEY,
+		ip TEXT NOT NULL,
+		timestamp TIMESTAMP NOT NULL,
+		expire TIMESTAMP NOT NULL,
+		reason TEXT NOT NULL
+	)");
+}
+
+$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'");
+if (sqlite_num_rows($result) == 0) {
+	sqlite_query($db, "CREATE TABLE " . TINYIB_DBKEYWORDS . " (
+		id INTEGER PRIMARY KEY,
+		text TEXT NOT NULL,
+		action TEXT NOT NULL
+	)");
+}
+
+$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBLOGS . "'");
+if (sqlite_num_rows($result) == 0) {
+	sqlite_query($db, "CREATE TABLE " . TINYIB_DBLOGS . " (
+		id INTEGER PRIMARY KEY,
+		timestamp TIMESTAMP NOT NULL,
+		account INTEGER NOT NULL,
+		message TEXT NOT NULL
+	)");
+}
+
 $result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBPOSTS . "'");
 if (sqlite_num_rows($result) == 0) {
 	sqlite_query($db, "CREATE TABLE " . TINYIB_DBPOSTS . " (
@ -42,20 +83,6 @@ if (sqlite_num_rows($result) == 0) {
 		locked INTEGER NOT NULL DEFAULT '0'
 	)");
 }
-
-// Create the bans table if it does not exist
-$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'");
-if (sqlite_num_rows($result) == 0) {
-	sqlite_query($db, "CREATE TABLE " . TINYIB_DBBANS . " (
-		id INTEGER PRIMARY KEY,
-		ip TEXT NOT NULL,
-		timestamp TIMESTAMP NOT NULL,
-		expire TIMESTAMP NOT NULL,
-		reason TEXT NOT NULL
-	)");
-}
-
-// Create the reports table if it does not exist
 $result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBREPORTS . "'");
 if (sqlite_num_rows($result) == 0) {
 	sqlite_query($db, "CREATE TABLE " . TINYIB_DBREPORTS . " (
@ -65,16 +92,6 @@ if (sqlite_num_rows($result) == 0) {
 	)");
 }

-// Create the keywords table if it does not exist
-$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'");
-if (sqlite_num_rows($result) == 0) {
-	sqlite_query($db, "CREATE TABLE " . TINYIB_DBKEYWORDS . " (
-		id INTEGER PRIMARY KEY,
-		text TEXT NOT NULL,
-		action TEXT NOT NULL
-	)");
-}
-
 // Add moderated column if it isn't present
 sqlite_query($db, "ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN moderated INTEGER NOT NULL DEFAULT '0'");

@ -85,19 +102,27 @@ sqlite_query($db, "ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN stickied INTEGE
 sqlite_query($db, "ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN locked INTEGER NOT NULL DEFAULT '0'");

 if (function_exists('insertPost')) {
-	function migratePost($post) {
-		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . sqlite_escape_string($post['ip']) . "', '" . sqlite_escape_string($post['name']) . "', '" . sqlite_escape_string($post['tripcode']) . "',	'" . sqlite_escape_string($post['email']) . "',	'" . sqlite_escape_string($post['nameblock']) . "', '" . sqlite_escape_string($post['subject']) . "', '" . sqlite_escape_string($post['message']) . "', '" . sqlite_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . sqlite_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
+	function migrateAccount($account) {
+		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (" . sqlite_escape_string($account['id']) . "', '" . sqlite_escape_string($account['username']) . "', '" . sqlite_escape_string($account['password']) . "', '" . sqlite_escape_string($account['role']) . "', '" . sqlite_escape_string($account['lastactive']) . "')");
 	}

 	function migrateBan($ban) {
 		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . sqlite_escape_string($ban['id']) . "', '" . sqlite_escape_string($ban['ip']) . "', '" . sqlite_escape_string($ban['timestamp']) . "', '" . sqlite_escape_string($ban['expire']) . "', '" . sqlite_escape_string($ban['reason']) . "')");
 	}

-	function migrateReport($report) {
-		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . sqlite_escape_string($report['id']) . "', '" . sqlite_escape_string($report['ip']) . "', '" . sqlite_escape_string($report['post']) . "')");
-	}
-
 	function migrateKeyword($keyword) {
 		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . sqlite_escape_string($keyword['id']) . "', '" . sqlite_escape_string($keyword['text']) . "', '" . sqlite_escape_string($keyword['action']) . "')");
 	}
+
+	function migrateLog($log) {
+		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . sqlite_escape_string($log['id']) . "', '" . sqlite_escape_string($log['timestamp']) . "', '" . sqlite_escape_string($log['account']) . "', '" . sqlite_escape_string($log['message']) . "')");
+	}
+
+	function migratePost($post) {
+		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . sqlite_escape_string($post['ip']) . "', '" . sqlite_escape_string($post['name']) . "', '" . sqlite_escape_string($post['tripcode']) . "',	'" . sqlite_escape_string($post['email']) . "',	'" . sqlite_escape_string($post['nameblock']) . "', '" . sqlite_escape_string($post['subject']) . "', '" . sqlite_escape_string($post['message']) . "', '" . sqlite_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . sqlite_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
+	}
+
+	function migrateReport($report) {
+		sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . sqlite_escape_string($report['id']) . "', '" . sqlite_escape_string($report['ip']) . "', '" . sqlite_escape_string($report['post']) . "')");
+	}
 }
--- a/inc/defines.php
+++ b/inc/defines.php
@ -8,6 +8,12 @@ define('TINYIB_INDEXPAGE', false);
 define('TINYIB_RESPAGE', true);
 define('TINYIB_WORDBREAK_IDENTIFIER', '@!@TINYIB_WORDBREAK@!@');

+// Account roles
+define('TINYIB_SUPER_ADMINISTRATOR', 1);
+define('TINYIB_ADMINISTRATOR', 2);
+define('TINYIB_MODERATOR', 3);
+define('TINYIB_DISABLED', 99);
+
 // The following are provided for backward compatibility and should not be relied upon
 // Copy new settings from settings.default.php to settings.php
 if (!defined('TINYIB_LOCALE')) {
@ -94,12 +100,18 @@ if (!defined('TINYIB_DATEFMT')) {
 if (!defined('TINYIB_DBMIGRATE')) {
 	define('TINYIB_DBMIGRATE', false);
 }
+if (!defined('TINYIB_DBACCOUNTS')) {
+	define('TINYIB_DBACCOUNTS', 'accounts');
+}
 if (!defined('TINYIB_DBREPORTS')) {
 	define('TINYIB_DBREPORTS', TINYIB_BOARD . '_reports');
 }
 if (!defined('TINYIB_DBKEYWORDS')) {
 	define('TINYIB_DBKEYWORDS', TINYIB_BOARD . '_keywords');
 }
+if (!defined('TINYIB_DBLOGS')) {
+	define('TINYIB_DBLOGS', 'logs');
+}
 if (!defined('TINYIB_DBPORT')) {
 	define('TINYIB_DBPORT', 3306);
 }
--- a/inc/functions.php
+++ b/inc/functions.php
@ -11,9 +11,9 @@ if (!function_exists('array_column')) {
 	}
 }

-function hashData($data) {
+function hashData($data, $force = false) {
 	global $bcrypt_salt;
-	if (substr($data, 0, 4) == '$2y$') {
+	if (substr($data, 0, 4) == '$2y$' && !$force) {
 		return $data;
 	}
 	return crypt($data, $bcrypt_salt);
@ -336,6 +336,7 @@ function checkMessageSize() {
 }

 function manageCheckLogIn($requireKey) {
+	$account = array();
 	$loggedin = false;
 	$isadmin = false;

@ -344,40 +345,44 @@ function manageCheckLogIn($requireKey) {
 		$key = $_SESSION['tinyib_key'];
 	}
 	if (TINYIB_MANAGEKEY != '' && $key !== hashData(TINYIB_MANAGEKEY)) {
-		$_SESSION['tinyib'] = '';
 		$_SESSION['tinyib_key'] = '';
+		$_SESSION['tinyib_account'] = '';
 		session_destroy();

 		if ($requireKey) {
 			fancyDie(__('Invalid key.'));
 		}
-		return array($loggedin, $isadmin);
+
+		return array($account, $loggedin, $isadmin);
 	}

-	if (isset($_POST['managepassword'])) {
+	if (isset($_POST['username']) && isset($_POST['managepassword']) && $_POST['username'] != '' && $_POST['managepassword'] != '') {
 		checkCAPTCHA(TINYIB_MANAGECAPTCHA);

-		if ($_POST['managepassword'] === TINYIB_ADMINPASS) {
-			$_SESSION['tinyib'] = hashData(TINYIB_ADMINPASS);
-			$_SESSION['tinyib_key'] = hashData(TINYIB_MANAGEKEY);
-		} elseif (TINYIB_MODPASS != '' && $_POST['managepassword'] === TINYIB_MODPASS) {
-			$_SESSION['tinyib'] = hashData(TINYIB_MODPASS);
-			$_SESSION['tinyib_key'] = hashData(TINYIB_MANAGEKEY);
-		} else {
-			fancyDie(__('Invalid password.'));
+		$account = accountByUsername($_POST['username']);
+		if (hashData($_POST['managepassword'], true) !== $account['password']) {
+			fancyDie(__('Invalid username or password.'));
+		}
+		$_SESSION['tinyib_key'] = hashData(TINYIB_MANAGEKEY);
+		$_SESSION['tinyib_username'] = $account['username'];
+		$_SESSION['tinyib_password'] = $account['password'];
+	}
+
+	if (isset($_SESSION['tinyib_username']) && isset($_SESSION['tinyib_password'])) {
+		$a = accountByUsername($_SESSION['tinyib_username']);
+		if (!empty($a) && $a['password'] == $_SESSION['tinyib_password']) {
+			$account = $a;
+			$loggedin = true;
+			if ($account['role'] == TINYIB_SUPER_ADMINISTRATOR || $account['role'] == TINYIB_ADMINISTRATOR) {
+				$isadmin = true;
+			}
+
+			$account['lastactive'] = time();
+			updateAccount($account);
 		}
 	}

-	if (isset($_SESSION['tinyib'])) {
-		if ($_SESSION['tinyib'] === hashData(TINYIB_ADMINPASS)) {
-			$loggedin = true;
-			$isadmin = true;
-		} elseif (TINYIB_MODPASS != '' && $_SESSION['tinyib'] === hashData(TINYIB_MODPASS)) {
-			$loggedin = true;
-		}
-	}
-
-	return array($loggedin, $isadmin);
+	return array($account, $loggedin, $isadmin);
 }

 function setParent() {
--- a/inc/html.php
+++ b/inc/html.php
@ -753,7 +753,7 @@ function rebuildThread($id) {
 }

 function adminBar() {
-	global $loggedin, $isadmin, $returnlink;
+	global $account, $loggedin, $isadmin, $returnlink;

 	$return = '[<a href="' . $returnlink . '" style="text-decoration: underline;">' . __('Return') . '</a>]';
 	if (!$loggedin) {
@ -765,6 +765,9 @@ function adminBar() {
 		if (TINYIB_REPORT) {
 			$output .= '<a href="?manage&reports">' . __('Reports') . '</a>] [';
 		}
+		if ($account['role'] == TINYIB_SUPER_ADMINISTRATOR) {
+			$output .= '<a href="?manage&accounts">' . __('Accounts') . '</a>] [';
+		}
 		$output .= '<a href="?manage&bans">' . __('Bans') . '</a>] [';
 		$output .= '<a href="?manage&keywords">' . __('Keywords') . '</a>] [';
 	}
@ -778,6 +781,7 @@ function adminBar() {
 	if ($isadmin && TINYIB_DBMIGRATE) {
 		$output .= '<a href="?manage&dbmigrate"><b>' . __('Migrate Database') . '</b></a>] [';
 	}
+	$output .= '<a href="?manage&changepassword">' . __('Change password') . '</a>] [';
 	$output .= '<a href="?manage&logout">' . __('Log Out') . '</a>] &middot; ' . $return;
 	return $output;
 }
@ -812,6 +816,8 @@ function manageOnLoad($page) {
 			return ' onload="document.tinyib.text.focus();"';
 		case 'rawpost':
 			return ' onload="document.tinyib.message.focus();"';
+		case 'accounts':
+			return ' onload="document.tinyib.username.focus();"';
 		case 'bans':
 			return ' onload="document.tinyib.ip.focus();"';
 	}
@ -819,7 +825,7 @@ function manageOnLoad($page) {

 function manageLogInForm() {
 	$txt_login = __('Log In');
-	$txt_login_prompt = __('Enter an administrator or moderator password');
+	$txt_login_prompt = __('Enter a username and password');
 	$captcha_inner_html = '';
 	if (TINYIB_MANAGECAPTCHA === 'hcaptcha') {
 		$captcha_inner_html = '
@ -857,7 +863,8 @@ function manageLogInForm() {
 	<fieldset>
 	<legend align="center">$txt_login_prompt</legend>
 	<div class="login">
-	<input type="password" id="managepassword" name="managepassword"><br>
+	<input type="text" id="username" name="username" placeholder="Username"><br>
+	<input type="password" id="managepassword" name="managepassword" placeholder="Password"><br>
 	$captcha_inner_html
 	<input type="submit" value="$txt_login" class="managebutton">
 	</div>
@ -935,6 +942,96 @@ function manageReportsPage($ip) {
 EOF;
 }

+function manageChangePasswordForm() {
+	$txt_header = __('Change password');
+	$txt_submit = __('Submit');
+	return <<<EOF
+	<form id="tinyib" name="tinyib" method="post" action="?manage&changepassword">
+	<fieldset>
+	<legend>$txt_header</legend>
+	<input type="password" name="password" id="password" value="">
+	<input type="submit" value="$txt_submit" class="managebutton">
+	<legend>
+	</fieldset>
+	</form><br>
+EOF;
+}
+
+function manageAccountForm($id=0) {
+	$a = array(
+		'id' => 0,
+		'username' => '',
+		'password' => '',
+		'role' => 0,
+	);
+	$txt_header = __('Add an account');
+	$txt_password_hint = '';
+	if ($id > 0){
+		$txt_header = __('Update an account');
+		$txt_password_hint = '(' . __('Leave blank to maintain current password') . ')';
+		$a = accountByID($id);
+	}
+
+	$a['id'] = htmlentities($a['id'], ENT_QUOTES);
+	$a['username'] = htmlentities($a['username'], ENT_QUOTES);
+
+	$txt_username = __('Username');
+	$txt_password = __('Password');
+	$txt_role = __('Role');
+	$return = <<<EOF
+	<form id="tinyib" name="tinyib" method="post" action="?manage&accounts">
+	<input type="hidden" name="id" value="{$a['id']}">
+	<fieldset>
+	<legend>$txt_header</legend>
+	<label for="username">$txt_username</label> <input type="text" name="username" id="username" value="{$a['username']}"><br>
+	<label for="password">$txt_password</label> <input type="password" name="password" id="password" value=""> <small>$txt_password_hint</small><br>
+	<label for="role">$txt_role</label> <select name="role" id="role">
+EOF;
+	$return .= '<option value="0" ' . ($a['role'] == 0 ? ' selected' : '') . '>' . __('Choose a role') . '</option>';
+	$return .= '<option value="1" ' . ($a['role'] == 1 ? ' selected' : '') . '>' . __('Super-administrator') . '</option>';
+	$return .= '<option value="2" ' . ($a['role'] == 2 ? ' selected' : '') . '>' . __('Administrator') . '</option>';
+	$return .= '<option value="3" ' . ($a['role'] == 3 ? ' selected' : '') . '>' . __('Moderator') . '</option>';
+	$return .= '<option value="99" ' . ($a['role'] == 99 ? ' selected' : '') . '>' . __('Disabled') . '</option>';
+	$txt_submit = __('Submit');
+	$return .= <<<EOF
+	</select><br>
+	<input type="submit" value="$txt_submit" class="managebutton">
+	<legend>
+	</fieldset>
+	</form><br>
+EOF;
+	return $return;
+}
+
+function manageAccountsTable() {
+	$text = '';
+	$allaccounts = allAccounts();
+	if (count($allaccounts) > 0) {
+		$text .= '<table border="1"><tr><th>' . __('Username') . '</th><th>' . __('Role') . '</th><th>' . __('Last active') . '</th><th>&nbsp;</th></tr>';
+		foreach ($allaccounts as $account) {
+			$lastactive = ($account['lastactive'] > 0) ? strftime(TINYIB_DATEFMT, $account['lastactive']) : __('Never');
+			$text .= '<tr><td>' . htmlentities($account['username']) . '</td><td>';
+			switch (intval($account['role'])) {
+				case TINYIB_SUPER_ADMINISTRATOR:
+					$text .= __('Super-administrator');
+					break;
+				case TINYIB_ADMINISTRATOR:
+					$text .= __('Administrator');
+					break;
+				case TINYIB_MODERATOR:
+					$text .= __('Moderator');
+					break;
+				case TINYIB_DISABLED:
+					$text .= __('Disabled');
+					break;
+			}
+			$text .= '</td><td>' . $lastactive . '</td><td><a href="?manage&accounts=' . $account['id'] . '">' . __('update') . '</a></td></tr>';
+		}
+		$text .= '</table>';
+	}
+	return $text;
+}
+
 function manageBanForm() {
 	$txt_ban = __('Add a ban');
 	$txt_ban_ip = __('IP Address');
--- a/locale/en/tinyib.po
+++ b/locale/en/tinyib.po
--- a/settings.default.php
+++ b/settings.default.php
@ -18,13 +18,6 @@ click Rebuild All in the management panel.
 // Internationalization
 define('TINYIB_LOCALE', '');          // Locale  (see README for instructions)

-// Management panel
-define('TINYIB_MANAGEKEY', '');       // When set, the [Manage] link is hidden and the management panel may only be accessed via imgboard.php?manage=TINYIB_MANAGEKEY  ['' to disable]
-
-// Administrator/moderator credentials
-define('TINYIB_ADMINPASS', '');       // Administrators have full access to the board
-define('TINYIB_MODPASS', '');         // Moderators only have access to delete (and moderate if TINYIB_REQMOD is set) posts  ['' to disable]
-
 // Board description and behavior
 //   Warning: Enabling reCAPTCHA will cause all visitors to be tracked by Google.  See https://nearcyan.com/you-probably-dont-need-recaptcha/
 define('TINYIB_BOARD', 'b');          // Unique identifier for this board using only letters and numbers
@ -118,15 +111,30 @@ define('TINYIB_HCAPTCHA_SECRET', ''); // Secret key
 define('TINYIB_RECAPTCHA_SITE', '');  // Site key
 define('TINYIB_RECAPTCHA_SECRET', '');// Secret key

+// Management panel
+define('TINYIB_MANAGEKEY', '');       // When set, the [Manage] link is hidden and the management panel may only be accessed via imgboard.php?manage=TINYIB_MANAGEKEY  ['' to disable]
+//   Administrator and moderator passwords
+//     When TINYIB_ADMINPASS is set, an administrator account is created with username "admin"
+//     When TINYIB_MODPASS is set, a moderator account is created with username "moderator"
+//     These settings are for installation and anti-lockout purposes only
+//     Once the account(s) are created, blank both of these settings
+define('TINYIB_ADMINPASS', '');       // Administrator password
+define('TINYIB_MODPASS', '');         // Moderator password  ['' to disable]
+
 // Database
 //   Recommended database modes from best to worst:
 //     pdo, mysqli, mysql, sqlite3, sqlite (deprecated), flatfile (only useful if you need portability or lack any kind of database)
 define('TINYIB_DBMODE', 'flatfile');     // Mode
-define('TINYIB_DBMIGRATE', false);       // Enable database migration tool  (see README for instructions)
-define('TINYIB_DBBANS', 'bans');         // Bans table name (use the same table across boards for global bans)
-define('TINYIB_DBKEYWORDS', 'keywords'); // Keywords table name (use the same table across boards for global keywords)
-define('TINYIB_DBPOSTS', TINYIB_BOARD . '_posts');     // Posts table name
-define('TINYIB_DBREPORTS', TINYIB_BOARD . '_reports'); // Reports table name
+//   Table names
+//     Use the same table name across boards for global accounts, bans, etc.
+define('TINYIB_DBACCOUNTS', 'accounts'); // Staff accounts
+define('TINYIB_DBBANS', 'bans');         // Bans
+define('TINYIB_DBKEYWORDS', 'keywords'); // Keywords
+define('TINYIB_DBLOGS', 'logs');         // Staff logs
+define('TINYIB_DBPOSTS', TINYIB_BOARD . '_posts');     // Posts
+define('TINYIB_DBREPORTS', TINYIB_BOARD . '_reports'); // Reports
+//   See README for migration instructions
+define('TINYIB_DBMIGRATE', false);       // Enable database migration tool

 // Database configuration - MySQL / pgSQL
 //   The following only apply when TINYIB_DBMODE is set to mysql, mysqli or pdo with default (blank) TINYIB_DBDSN