2 /************************************************************************
3 * MXChange v0.2.1 Start: 04/11/2004 *
4 * ================ Last change: 10/29/2004 *
6 * -------------------------------------------------------------------- *
7 * File : ext-admins.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Administrator management *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Admin-Accountsverwaltung *
12 * -------------------------------------------------------------------- *
14 * -------------------------------------------------------------------- *
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
16 * For more information visit: http://www.mxchange.org *
18 * This program is free software; you can redistribute it and/or modify *
19 * it under the terms of the GNU General Public License as published by *
20 * the Free Software Foundation; either version 2 of the License, or *
21 * (at your option) any later version. *
23 * This program is distributed in the hope that it will be useful, *
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
26 * GNU General Public License for more details. *
28 * You should have received a copy of the GNU General Public License *
29 * along with this program; if not, write to the Free Software *
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
32 ************************************************************************/
34 // Some security stuff...
35 if (!defined('__SECURITY')) {
36 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
40 // Version of this extension
41 $EXT_VERSION = "0.7.2";
43 // Auto-set extension version
44 if (empty($EXT_VER)) $EXT_VER = $EXT_VERSION;
46 // Version history array (add more with , "0.1" and so on)
47 $EXT_VER_HISTORY = array("0.0", "0.1", "0.2", "0.3", "0.3.1", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6", "0.4.7", "0.4.8", "0.4.9", "0.5.0", "0.5.1", "0.5.2", "0.5.3", "0.5.4", "0.5.5", "0.5.6", "0.5.7", "0.5.8", "0.5.9", "0.6.0", "0.6.1", "0.6.2", "0.6.3", "0.6.4", "0.6.5", "0.6.6", "0.6.7", "0.6.8", "0.6.9", "0.7.0", "0.7.1", "0.7.2");
49 switch ($EXT_LOAD_MODE)
51 case "register": // Do stuff when installation is running (modules.php?module=admin&action=login is called)
52 // SQL commands to run
53 $SQLs[] = "INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins', NULL, 'Admin-Management','Administratoren anlegen, löschen oder Passwort/E-Mail Adresse ändern.','1')";
54 $SQLs[] = "INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_add','Admin hinzufügen','Neuen Admin-Account anlegen','0')";
55 $SQLs[] = "INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_edit','Admin-Account ändern','Bestehende Admin-Accounts bearbeiten: E-Mail-Adresse, Passwort und/oder Login-Name ändern.','1')";
58 case "remove": // Do stuff when removing extension
59 // SQL commands to run
60 $SQLs[] = "DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE `action`='admins' LIMIT 6";
61 $SQLs[] = "DROP TABLE IF EXISTS `{!_MYSQL_PREFIX!}_admins_acls`";
62 $SQLs[] = "DROP TABLE IF EXISTS `{!_MYSQL_PREFIX!}_admins_mails`";
63 $SQLs[] = "ALTER TABLE `{!_MYSQL_PREFIX!}_admins` DROP default_acl";
66 UNREGISTER_FILTER('sql_admin_extra_data', 'ADD_EXTRA_SQL_DATA', true, $dry_run);
69 case "activate": // Do stuff when admin activates this extension
70 // SQL commands to run
74 case "deactivate": // Do stuff when admin deactivates this extension
75 // SQL commands to run
79 case "update": // Update an extension
82 case "0.2": // SQL queries for v0.2
83 $SQLs[] = "INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_contact','Admin kontaktieren','Kontaktiert einen Admin per Mail oder Nachricht (nur wenn messaging-Erweiterung installiert ist).','2')";
85 // Update notes (these will be set as task text!)
86 $UPDATE_NOTES = "Fügt den Menüpunkt "Admin kontaktieren" hinzu.";
89 case "0.3": // SQL queries for v0.3
91 $SQLs[] = "INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','config_admins','ACL einstellen','Richten Sie Zugriffskontrollzeilen für jeden Admin individuell ein, um ihm nur bestimmte Bereiche des Admin-Bereiches zugänglich zu machen oder zu sperren.','4')";
93 // Which is the default setting when you create a new admin login?
94 $SQLs[] = "ALTER TABLE `{!_MYSQL_PREFIX!}_config` ADD admins_default_acl ENUM('deny','allow') NOT NULL DEFAULT 'deny'";
96 // Default is deny everything
97 $SQLs[] = "ALTER TABLE `{!_MYSQL_PREFIX!}_admins` ADD default_acl ENUM('deny','allow') NOT NULL DEFAULT 'deny'";
99 // But allow current admin everything (THIS SHALL BE YOU!)
100 $SQLs[] = "UPDATE `{!_MYSQL_PREFIX!}_admins` SET default_acl='allow' WHERE login='".get_session('admin_login')."' LIMIT 1";
101 $SQLs[] = "DROP TABLE IF EXISTS `{!_MYSQL_PREFIX!}_admins_acls`";
102 $SQLs[] = "CREATE TABLE `{!_MYSQL_PREFIX!}_admins_acls` (
103 id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
104 admin_id BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
105 action_menu VARCHAR(255) NOT NULL DEFAULT '',
106 what_menu VARCHAR(255) NOT NULL DEFAULT '',
107 access_mode ENUM('deny','allow') NOT NULL DEFAULT 'deny',
112 // Update notes (these will be set as task text!)
113 $UPDATE_NOTES = "Sogn. ACLs werden hinzugefügt: <strong>A</strong>ccess <strong>C</strong>ontrol <strong>L</strong>ines sind zu deutsch Zugriffkontrollzeilen, mit denen Sie einstellen können, was welcher Admin machen darf oder nicht.";
116 case "0.3.1": // SQL queries for v0.3.1
117 $SQLs[] = "ALTER TABLE `{!_MYSQL_PREFIX!}_admins_acls` MODIFY id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT";
120 case "0.4.0": // SQL queries for v0.4.0
121 $SQLs[] = "DROP TABLE IF EXISTS `{!_MYSQL_PREFIX!}_admins_mails`";
122 $SQLs[] = "CREATE TABLE `{!_MYSQL_PREFIX!}_admins_mails` (
123 id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
124 admin_id BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
125 mail_template VARCHAR(255) NOT NULL,
129 $SQLs[] = "INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_mails','Admin-Mails','Stellen Sie hier ein, welcher Admin welche Mail erhalten soll. Sie können dies (derzeit) jedoch erst, wenn einmal die Mail versendet wurde!','5')";
131 // Update notes (these will be set as task text!)
132 $UPDATE_NOTES = "Kontrollieren Sie, welche Mails welcher Admin oder alle (admin_id=0) bekommen soll oder im UserLog (admin_id=-1) verzeichnet werden soll. Standartmässig wird weiter an alle versendet.";
135 case "0.4.1": // SQL queries for v0.4.1
136 $SQLs[] = "DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admins_mails` WHERE mail_template LIKE '% %'";
138 // Update notes (these will be set as task text!)
139 $UPDATE_NOTES = "Admins-Mails-Tabelle geleert.";
141 case "0.4.4": // SQL queries for v0.4.4
142 // Update notes (these will be set as task text!)
143 $UPDATE_NOTES = "&admin= in &amp;admin= umgewandelt.";
146 case "0.4.5": // SQL queries for v0.4.5
147 // Update notes (these will be set as task text!)
148 $UPDATE_NOTES = "Vorbereitet auf Cache-System";
151 case "0.4.6": // SQL queries for v0.4.6
152 // Update notes (these will be set as task text!)
153 $UPDATE_NOTES = "Problem mit cache-Erweiterung gefixt. Der Admin-Bereich war permanent gesperrt.";
156 case "0.4.7": // SQL queries for v0.4.7
157 // Update notes (these will be set as task text!)
158 $UPDATE_NOTES = "Es wurde die Zeitmarke der Cache-Datei admins.cache mit berücksichtigt.";
161 case "0.4.8": // SQL queries for v0.4.8
162 // Update notes (these will be set as task text!)
163 $UPDATE_NOTES = "Fehler beseitigt, wenn error_reporting=E_ALL gesetzt ist.";
166 case "0.4.9": // SQL queries for v0.4.9
167 // Update notes (these will be set as task text!)
168 $UPDATE_NOTES = "Fehler beseitigt, wenn error_reporting=E_ALL gesetzt ist.";
171 case "0.5.0": // SQL queries for v0.5.0
172 // Update notes (these will be set as task text!)
173 $UPDATE_NOTES = "Fehler beseitigt, wenn error_reporting=E_ALL gesetzt ist.";
176 case "0.5.1": // SQL queries for v0.5.1
177 // Update notes (these will be set as task text!)
178 $UPDATE_NOTES = "Cache wird endlich gelöscht, wenn Admin entfernt wird.";
181 case "0.5.2": // SQL queries for v0.5.2
182 // Update notes (these will be set as task text!)
183 $UPDATE_NOTES = "Löschen von Admin-Accounts repariert und HTML-Code ausgelagert in Templates.";
186 case "0.5.3": // SQL queries for v0.5.3
187 // Update notes (these will be set as task text!)
188 $UPDATE_NOTES = "Seit <a href=\"#\">Patch 340</a> überflüssige HTML-Tags entfernt.";
191 case "0.5.4": // SQL queries for v0.5.4
192 // Update notes (these will be set as task text!)
193 $UPDATE_NOTES = "IP-Nummer und Browserbezeichnung wird in Admin-Mails eingesetzt.";
196 case "0.5.5": // SQL queries for v0.5.5
197 // Update notes (these will be set as task text!)
198 $UPDATE_NOTES = "Menüpunkt Admin-Mails korregiert: SQL-Anweisung war fehlerhaft; und HTML-Code in Templates ausgelagert.";
201 case "0.5.6": // SQL queries for v0.5.6
202 $SQLs[] = "UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET `what`='admins_contct' WHERE `what`='admins_contact' LIMIT 1";
204 // Update notes (these will be set as task text!)
205 $UPDATE_NOTES = "Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>.";
208 case "0.5.7": // SQL queries for v0.5.7
209 // Update notes (these will be set as task text!)
210 $UPDATE_NOTES = "Links wegen <strong>what=admins_contct</strong> geändert.";
213 case "0.5.8": // SQL queries for v0.5.8
214 $SQLs[] = "UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET `what`='admins_contct' WHERE `what`='admins_contact' LIMIT 1";
216 // Update notes (these will be set as task text!)
217 $UPDATE_NOTES = "Ein Punkt in der Versionsnummernliste verhinderte das 0.5.6-Update.";
220 case "0.5.9": // SQL queries for v0.5.9
221 // Update notes (these will be set as task text!)
222 $UPDATE_NOTES = "Sicherheitsupdate: SQL-Anweisungen geschützt.";
225 case "0.6.0": // SQL queries for v0.6.0
226 // Update notes (these will be set as task text!)
227 $UPDATE_NOTES = "Link in "ACL Einstellen" zum Admin-Kontaktformular korregiert.";
230 case "0.6.1": // SQL queries for v0.6.1
231 // Update notes (these will be set as task text!)
232 $UPDATE_NOTES = "Speichern von Admin-Accounts klappt wieder.";
235 case "0.6.2": // SQL queries for v0.6.2
236 // Update notes (these will be set as task text!)
237 $UPDATE_NOTES = "Bitte verschieben Sie die admins-Templates (Ordner: {!PATH!}/templates/de/emails/) in den neuen Order admins!";
240 case "0.6.3": // SQL queries for v0.6.3
241 // Update notes (these will be set as task text!)
242 $UPDATE_NOTES = "Abspeichern von Einstellungen repariert.";
245 case "0.6.4": // SQL queries for v0.6.4
246 // Update notes (these will be set as task text!)
247 $UPDATE_NOTES = "Problem mit der Rechtevererbung beseitigt: Geben Sie nun ein Hauptmenü frei (Allow), dann kann der Admin auch die Untermenüs erreichen. Zudem können Sie gezielte Untermenüs im freigegeben Hauptmenü dennoch sperren.";
250 case "0.6.5": // SQL queries for v0.6.5
251 // Update notes (these will be set as task text!)
252 $UPDATE_NOTES = "Sicherheitsupdate für die Include-Befehle.";
255 case "0.6.6": // SQL queries for v0.5.6
256 $SQLs[] = "UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET `what`='admins_contct' WHERE `what`='admins_contact' LIMIT 1";
258 // Update notes (these will be set as task text!)
259 $UPDATE_NOTES = "Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>.";
262 case "0.6.7": // SQL queries for v0.6.7
263 $SQLs[] = "ALTER TABLE `{!_MYSQL_PREFIX!}_admins` ADD la_mode ENUM('global','OLD','NEW') NOT NULL DEFAULT 'global'";
265 // Update notes (these will be set as task text!)
266 $UPDATE_NOTES = "Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>. Beseitigung eines Fehlers <strong>HTTP_POSR_VARS</strong> beim Ändern von Administratoren.";
269 case "0.6.8": // SQL queries for v0.6.8
270 // Update notes (these will be set as task text!)
271 $UPDATE_NOTES = "<strong>set_session()</strong> mit @-Zeichen gegen ungewollte Ausgaben abgesichert.";
274 case "0.6.9": // SQL queries for v0.6.9
275 $SQLs[] = "UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET title = 'Admin-Management' WHERE action = 'admins' AND (what='' OR `what` IS NULL) LIMIT 1";
277 // Update notes (these will be set as task text!)
278 $UPDATE_NOTES = "Verwaltung nach Management umbenannt.";
281 case "0.7.0": // SQL queries for v0.7.0
282 // Update notes (these will be set as task text!)
283 $UPDATE_NOTES = "Veraltetes Update.";
286 case "0.7.1": // SQL queries for v0.7.1
287 // Update depends on sql_patches
288 $EXT_UPDATE_DEPENDS = "sql_patches";
291 REGISTER_FILTER('sql_admin_extra_data', 'ADD_EXTRA_SQL_DATA', false, true, $dry_run);
293 // Update notes (these will be set as task text!)
294 $UPDATE_NOTES = "Filter hinzugefügt und ist von <strong>sql_patches</strong> abhängig.";
297 case "0.7.2": // SQL queries for v0.7.2
298 $SQLs[] = "ALTER TABLE `{!_MYSQL_PREFIX!}_admins` DROP login_failtures";
299 $SQLs[] = "ALTER TABLE `{!_MYSQL_PREFIX!}_admins` DROP last_failture";
300 $SQLs[] = "ALTER TABLE `{!_MYSQL_PREFIX!}_admins` ADD login_failures BIGINT(20) UNSIGNED NOT NULL DEFAULT 0";
301 $SQLs[] = "ALTER TABLE `{!_MYSQL_PREFIX!}_admins` ADD last_failure TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00'";
303 // Update notes (these will be set as task text!)
304 $UPDATE_NOTES = "Schreibweise korregiert.";
309 case "test": // For testing purposes. For details see file inc/modules/admin/what-extensions.php, arround line 305.
312 default: // Do stuff when extension is loaded
316 // Keep this extension always active!
317 $EXT_ALWAYS_ACTIVE = "Y";