2 /************************************************************************
3 * MXChange v0.2.1 Start: 04/11/2004 *
4 * ================ Last change: 10/29/2004 *
6 * -------------------------------------------------------------------- *
7 * File : ext-admins.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Administrator management *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Admin-Accountsverwaltung *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * Needs to be in all Files and every File needs "svn propset *
18 * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
19 * -------------------------------------------------------------------- *
20 * Copyright (c) 2003 - 2008 by Roland Haeder *
21 * For more information visit: http://www.mxchange.org *
23 * This program is free software; you can redistribute it and/or modify *
24 * it under the terms of the GNU General Public License as published by *
25 * the Free Software Foundation; either version 2 of the License, or *
26 * (at your option) any later version. *
28 * This program is distributed in the hope that it will be useful, *
29 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
31 * GNU General Public License for more details. *
33 * You should have received a copy of the GNU General Public License *
34 * along with this program; if not, write to the Free Software *
35 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
37 ************************************************************************/
39 // Some security stuff...
40 if (!defined('__SECURITY')) {
41 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
45 // Version of this extension
46 EXT_SET_VERSION('0.7.2');
48 // Version history array (add more with , '0.1.0' and so on)
49 EXT_SET_VER_HISTORY(array('0.0', '0.1.0', '0.2.0', '0.3.0', '0.3.1', '0.4.0', '0.4.1', '0.4.2', '0.4.3', '0.4.4', '0.4.5', '0.4.6', '0.4.7', '0.4.8', '0.4.9', '0.5.0', '0.5.1', '0.5.2', '0.5.3', '0.5.4', '0.5.5', '0.5.6', '0.5.7', '0.5.8', '0.5.9', '0.6.0', '0.6.1', '0.6.2', '0.6.3', '0.6.4', '0.6.5', '0.6.6', '0.6.7', '0.6.8', '0.6.9', '0.7.0', '0.7.1', '0.7.2'));
51 switch ($EXT_LOAD_MODE)
53 case 'register': // Do stuff when installation is running (modules.php?module=admin&action=login is called)
54 // SQL commands to run
55 ADD_EXT_SQL("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins', NULL, 'Admin-Management','Administratoren anlegen, löschen oder Passwort/E-Mail Adresse ändern.','1')");
56 ADD_EXT_SQL("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_add','Admin hinzufügen','Neuen Admin-Account anlegen','0')");
57 ADD_EXT_SQL("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_edit','Admin-Account ändern','Bestehende Admin-Accounts bearbeiten: E-Mail-Adresse, Passwort und/oder Login-Name ändern.','1')");
60 case 'remove': // Do stuff when removing extension
61 // SQL commands to run
62 ADD_EXT_SQL("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE `action`='admins'");
63 ADD_EXT_SQL("DROP TABLE IF EXISTS `{!_MYSQL_PREFIX!}_admins_acls`");
64 ADD_EXT_SQL("DROP TABLE IF EXISTS `{!_MYSQL_PREFIX!}_admins_mails`");
65 ADD_EXT_SQL("ALTER TABLE `{!_MYSQL_PREFIX!}_admins` DROP default_acl");
68 UNREGISTER_FILTER('sql_admin_extra_data', 'ADD_EXTRA_SQL_DATA', true, $dry_run);
71 case 'activate': // Do stuff when admin activates this extension
72 // SQL commands to run
76 case 'deactivate': // Do stuff when admin deactivates this extension
77 // SQL commands to run
81 case 'update': // Update an extension
84 case '0.2.0': // SQL queries for v0.2
85 ADD_EXT_SQL("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_contact','Admin kontaktieren','Kontaktiert einen Admin per Mail oder Nachricht (nur wenn messaging-Erweiterung installiert ist).','2')");
87 // Update notes (these will be set as task text!)
88 EXT_SET_UPDATE_NOTES("Fügt den Menüpunkt "Admin kontaktieren" hinzu.");
91 case '0.3.0': // SQL queries for v0.3
93 ADD_EXT_SQL("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','config_admins','ACL einstellen','Richten Sie Zugriffskontrollzeilen für jeden Admin individuell ein, um ihm nur bestimmte Bereiche des Admin-Bereiches zugänglich zu machen oder zu sperren.','4')");
95 // Which is the default setting when you create a new admin login?
96 ADD_EXT_SQL("ALTER TABLE `{!_MYSQL_PREFIX!}_config` ADD admins_default_acl ENUM('deny','allow') NOT NULL DEFAULT 'deny'");
98 // Default is deny everything
99 ADD_EXT_SQL("ALTER TABLE `{!_MYSQL_PREFIX!}_admins` ADD default_acl ENUM('deny','allow') NOT NULL DEFAULT 'deny'");
101 // But allow current admin everything (THIS SHALL BE YOU!)
102 ADD_EXT_SQL("UPDATE `{!_MYSQL_PREFIX!}_admins` SET default_acl='allow' WHERE login='".getSession('admin_login')."' LIMIT 1");
103 ADD_EXT_SQL("DROP TABLE IF EXISTS `{!_MYSQL_PREFIX!}_admins_acls`");
104 ADD_EXT_SQL("CREATE TABLE `{!_MYSQL_PREFIX!}_admins_acls` (
105 id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
106 admin_id BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
107 action_menu VARCHAR(255) NOT NULL DEFAULT '',
108 what_menu VARCHAR(255) NOT NULL DEFAULT '',
109 access_mode ENUM('deny','allow') NOT NULL DEFAULT 'deny',
112 ) TYPE={!_TABLE_TYPE!}");
114 // Update notes (these will be set as task text!)
115 EXT_SET_UPDATE_NOTES("Sogn. ACLs werden hinzugefügt: <strong>A</strong>ccess <strong>C</strong>ontrol <strong>L</strong>ines sind zu deutsch Zugriffkontrollzeilen, mit denen Sie einstellen können, was welcher Admin machen darf oder nicht.");
118 case '0.3.1': // SQL queries for v0.3.1
119 ADD_EXT_SQL("ALTER TABLE `{!_MYSQL_PREFIX!}_admins_acls` MODIFY id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT");
122 case '0.4.0': // SQL queries for v0.4.0
123 ADD_EXT_SQL("DROP TABLE IF EXISTS `{!_MYSQL_PREFIX!}_admins_mails`");
124 ADD_EXT_SQL("CREATE TABLE `{!_MYSQL_PREFIX!}_admins_mails` (
125 id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
126 admin_id BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
127 mail_template VARCHAR(255) NOT NULL,
130 ) TYPE={!_TABLE_TYPE!}");
131 ADD_EXT_SQL("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_mails','Admin-Mails','Stellen Sie hier ein, welcher Admin welche Mail erhalten soll. Sie können dies (derzeit) jedoch erst, wenn einmal die Mail versendet wurde!','5')");
133 // Update notes (these will be set as task text!)
134 EXT_SET_UPDATE_NOTES("Kontrollieren Sie, welche Mails welcher Admin oder alle (admin_id=0) bekommen soll oder im UserLog (admin_id=-1) verzeichnet werden soll. Standartmässig wird weiter an alle versendet.");
137 case '0.4.1': // SQL queries for v0.4.1
138 ADD_EXT_SQL("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admins_mails` WHERE mail_template LIKE '% %'");
140 // Update notes (these will be set as task text!)
141 EXT_SET_UPDATE_NOTES("Admins-Mails-Tabelle geleert.");
143 case '0.4.4': // SQL queries for v0.4.4
144 // Update notes (these will be set as task text!)
145 EXT_SET_UPDATE_NOTES("&admin= in &amp;admin= umgewandelt.");
148 case '0.4.5': // SQL queries for v0.4.5
149 // Update notes (these will be set as task text!)
150 EXT_SET_UPDATE_NOTES("Vorbereitet auf Cache-System");
153 case '0.4.6': // SQL queries for v0.4.6
154 // Update notes (these will be set as task text!)
155 EXT_SET_UPDATE_NOTES("Problem mit cache-Erweiterung gefixt. Der Admin-Bereich war permanent gesperrt.");
158 case '0.4.7': // SQL queries for v0.4.7
159 // Update notes (these will be set as task text!)
160 EXT_SET_UPDATE_NOTES("Es wurde die Zeitmarke der Cache-Datei admins.cache mit berücksichtigt.");
163 case '0.4.8': // SQL queries for v0.4.8
164 // Update notes (these will be set as task text!)
165 EXT_SET_UPDATE_NOTES("Fehler beseitigt, wenn error_reporting=E_ALL gesetzt ist.");
168 case '0.4.9': // SQL queries for v0.4.9
169 // Update notes (these will be set as task text!)
170 EXT_SET_UPDATE_NOTES("Fehler beseitigt, wenn error_reporting=E_ALL gesetzt ist.");
173 case '0.5.0': // SQL queries for v0.5.0
174 // Update notes (these will be set as task text!)
175 EXT_SET_UPDATE_NOTES("Fehler beseitigt, wenn error_reporting=E_ALL gesetzt ist.");
178 case '0.5.1': // SQL queries for v0.5.1
179 // Update notes (these will be set as task text!)
180 EXT_SET_UPDATE_NOTES("Cache wird endlich gelöscht, wenn Admin entfernt wird.");
183 case '0.5.2': // SQL queries for v0.5.2
184 // Update notes (these will be set as task text!)
185 EXT_SET_UPDATE_NOTES("Löschen von Admin-Accounts repariert und HTML-Code ausgelagert in Templates.");
188 case '0.5.3': // SQL queries for v0.5.3
189 // Update notes (these will be set as task text!)
190 EXT_SET_UPDATE_NOTES("Seit <a href=\"#\">Patch 340</a> überflüssige HTML-Tags entfernt.");
193 case '0.5.4': // SQL queries for v0.5.4
194 // Update notes (these will be set as task text!)
195 EXT_SET_UPDATE_NOTES("IP-Nummer und Browserbezeichnung wird in Admin-Mails eingesetzt.");
198 case '0.5.5': // SQL queries for v0.5.5
199 // Update notes (these will be set as task text!)
200 EXT_SET_UPDATE_NOTES("Menüpunkt Admin-Mails korregiert: SQL-Anweisung war fehlerhaft; und HTML-Code in Templates ausgelagert.");
203 case '0.5.6': // SQL queries for v0.5.6
204 ADD_EXT_SQL("UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET `what`='admins_contct' WHERE `what`='admins_contact' LIMIT 1");
206 // Update notes (these will be set as task text!)
207 EXT_SET_UPDATE_NOTES("Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>.");
210 case '0.5.7': // SQL queries for v0.5.7
211 // Update notes (these will be set as task text!)
212 EXT_SET_UPDATE_NOTES("Links wegen <strong>what=admins_contct</strong> geändert.");
215 case '0.5.8': // SQL queries for v0.5.8
216 ADD_EXT_SQL("UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET `what`='admins_contct' WHERE `what`='admins_contact' LIMIT 1");
218 // Update notes (these will be set as task text!)
219 EXT_SET_UPDATE_NOTES("Ein Punkt in der Versionsnummernliste verhinderte das 0.5.6-Update.");
222 case '0.5.9': // SQL queries for v0.5.9
223 // Update notes (these will be set as task text!)
224 EXT_SET_UPDATE_NOTES("Sicherheitsupdate: SQL-Anweisungen geschützt.");
227 case '0.6.0': // SQL queries for v0.6.0
228 // Update notes (these will be set as task text!)
229 EXT_SET_UPDATE_NOTES("Link in "ACL Einstellen" zum Admin-Kontaktformular korregiert.");
232 case '0.6.1': // SQL queries for v0.6.1
233 // Update notes (these will be set as task text!)
234 EXT_SET_UPDATE_NOTES("Speichern von Admin-Accounts klappt wieder.");
237 case '0.6.2': // SQL queries for v0.6.2
238 // Update notes (these will be set as task text!)
239 EXT_SET_UPDATE_NOTES("Bitte verschieben Sie die admins-Templates (Ordner: {!PATH!}/templates/de/emails/) in den neuen Order admins!");
242 case '0.6.3': // SQL queries for v0.6.3
243 // Update notes (these will be set as task text!)
244 EXT_SET_UPDATE_NOTES("Abspeichern von Einstellungen repariert.");
247 case '0.6.4': // SQL queries for v0.6.4
248 // Update notes (these will be set as task text!)
249 EXT_SET_UPDATE_NOTES("Problem mit der Rechtevererbung beseitigt: Geben Sie nun ein Hauptmenü frei (Allow), dann kann der Admin auch die Untermenüs erreichen. Zudem können Sie gezielte Untermenüs im freigegeben Hauptmenü dennoch sperren.");
252 case '0.6.5': // SQL queries for v0.6.5
253 // Update notes (these will be set as task text!)
254 EXT_SET_UPDATE_NOTES("Sicherheitsupdate für die Include-Befehle.");
257 case '0.6.6': // SQL queries for v0.5.6
258 ADD_EXT_SQL("UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET `what`='admins_contct' WHERE `what`='admins_contact' LIMIT 1");
260 // Update notes (these will be set as task text!)
261 EXT_SET_UPDATE_NOTES("Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>.");
264 case '0.6.7': // SQL queries for v0.6.7
265 ADD_EXT_SQL("ALTER TABLE `{!_MYSQL_PREFIX!}_admins` ADD la_mode ENUM('global','OLD','NEW') NOT NULL DEFAULT 'global'");
267 // Update notes (these will be set as task text!)
268 EXT_SET_UPDATE_NOTES("Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>. Beseitigung eines Fehlers <strong>HTTP_POSR_VARS</strong> beim Ändern von Administratoren.");
271 case '0.6.8': // SQL queries for v0.6.8
272 // Update notes (these will be set as task text!)
273 EXT_SET_UPDATE_NOTES("<strong>setSession()</strong> mit @-Zeichen gegen ungewollte Ausgaben abgesichert.");
276 case '0.6.9': // SQL queries for v0.6.9
277 ADD_EXT_SQL("UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET title = 'Admin-Management' WHERE action = 'admins' AND (`what`='' OR `what` IS NULL) LIMIT 1");
279 // Update notes (these will be set as task text!)
280 EXT_SET_UPDATE_NOTES("Verwaltung nach Management umbenannt.");
283 case '0.7.0': // SQL queries for v0.7.0
284 // Update notes (these will be set as task text!)
285 EXT_SET_UPDATE_NOTES("Veraltetes Update.");
288 case '0.7.1': // SQL queries for v0.7.1
289 // Update depends on sql_patches
290 EXT_ADD_UPDATE_DEPENDS('sql_patches');
293 REGISTER_FILTER('sql_admin_extra_data', 'ADD_EXTRA_SQL_DATA', false, true, $dry_run);
295 // Update notes (these will be set as task text!)
296 EXT_SET_UPDATE_NOTES("Filter hinzugefügt und ist von <strong>sql_patches</strong> abhängig.");
299 case '0.7.2': // SQL queries for v0.7.2
300 ADD_EXT_SQL("ALTER TABLE `{!_MYSQL_PREFIX!}_admins` DROP login_failtures");
301 ADD_EXT_SQL("ALTER TABLE `{!_MYSQL_PREFIX!}_admins` DROP last_failture");
302 ADD_EXT_SQL("ALTER TABLE `{!_MYSQL_PREFIX!}_admins` ADD login_failures BIGINT(20) UNSIGNED NOT NULL DEFAULT 0");
303 ADD_EXT_SQL("ALTER TABLE `{!_MYSQL_PREFIX!}_admins` ADD last_failure TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00'");
305 // Update notes (these will be set as task text!)
306 EXT_SET_UPDATE_NOTES("Schreibweise korregiert.");
311 case 'modify': // When the extension got modified
314 case 'test': // For testing purposes. For details see file inc/modules/admin/what-extensions.php, arround line 305.
317 default: // Do stuff when extension is loaded
321 // Keep this extension always active!
322 EXT_SET_ALWAYS_ACTIVE('Y');