Protect admin pages

Change-Id: I09e77bf11424c7dbad22f925f2563138a5f9c563
diff --git a/admin/createtable.php b/admin/createtable.php
index 971499b..07ad979 100644
--- a/admin/createtable.php
+++ b/admin/createtable.php
@@ -1,6 +1,11 @@
 <?php
 	require '../credentials.php';
 	require '../php/utils.php';
+
+	$credentials = new Credentials();
+	if ($credentials->adminToken != ($_GET["token"] ?? "")) {
+		exit();
+	}
 	
 	$dbname = $_GET['dbname'];
 	$mortsname = $dbname . "_morts"; 
diff --git a/admin/index.php b/admin/index.php
index 9253f8f..bf6078c 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -1,6 +1,7 @@
 <h1>Crea nova taula</h1>
 <form action="createtable.php" method="GET">
 	<label>Crear taula: <input type="text" name="dbname" placeholder="Nom de la base de dades" /></label>
+	<input type="password" name="token" placeholder="Token">
 	<input type="submit" />
 </form>
 
@@ -8,5 +9,6 @@
 <form action="insert.php" method="POST" enctype="multipart/form-data">
 	<label>Insert CSV: <input type="file" name="csvname" /></label>
 	<input type="text" name="dbname" placeholder="Nom de la base de dades" value="<?=isset($_GET['dbname']) ? $_GET['dbname'] : ''?>" />
+	<input type="password" name="token" placeholder="Token">
 	<input type="submit" />
 </form>
diff --git a/admin/insert.php b/admin/insert.php
index 883ca8a..9f5abb2 100644
--- a/admin/insert.php
+++ b/admin/insert.php
@@ -1,7 +1,12 @@
 <?php
 	require '../credentials.php';
 	require '../php/utils.php';
-	
+
+	$credentials = new Credentials();
+	if ($credentials->adminToken != ($_POST["token"] ?? "")) {
+		exit();
+	}
+
 	$csvname = $_FILES['csvname']['tmp_name'];
 	$dbname = $_POST['dbname'];