2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 04/11/2004 *
4 * =================== Last change: 10/29/2004 *
6 * -------------------------------------------------------------------- *
7 * File : ext-admins.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Administrator management *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Admin-Accountsverwaltung *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * Needs to be in all Files and every File needs "svn propset *
18 * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
19 * -------------------------------------------------------------------- *
20 * Copyright (c) 2003 - 2009 by Roland Haeder *
21 * Copyright (c) 2009, 2010 by Mailer Developer Team *
22 * For more information visit: http://www.mxchange.org *
24 * This program is free software; you can redistribute it and/or modify *
25 * it under the terms of the GNU General Public License as published by *
26 * the Free Software Foundation; either version 2 of the License, or *
27 * (at your option) any later version. *
29 * This program is distributed in the hope that it will be useful, *
30 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
31 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
32 * GNU General Public License for more details. *
34 * You should have received a copy of the GNU General Public License *
35 * along with this program; if not, write to the Free Software *
36 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
38 ************************************************************************/
40 // Some security stuff...
41 if (!defined('__SECURITY')) {
45 // Version of this extension
46 setThisExtensionVersion('0.7.5');
48 // Version history array (add more with , '0.1.0' and so on)
49 setExtensionVersionHistory(array('0.0', '0.1.0', '0.2.0', '0.3.0', '0.3.1', '0.4.0', '0.4.1', '0.4.2', '0.4.3', '0.4.4', '0.4.5', '0.4.6', '0.4.7', '0.4.8', '0.4.9', '0.5.0', '0.5.1', '0.5.2', '0.5.3', '0.5.4', '0.5.5', '0.5.6', '0.5.7', '0.5.8', '0.5.9', '0.6.0', '0.6.1', '0.6.2', '0.6.3', '0.6.4', '0.6.5', '0.6.6', '0.6.7', '0.6.8', '0.6.9', '0.7.0', '0.7.1', '0.7.2', '0.7.3', '0.7.4', '0.7.5'));
51 // Keep this extension always active!
52 setExtensionAlwaysActive('Y');
54 switch (getExtensionMode()) {
55 case 'register': // Do stuff when installation is running (modules.php?module=admin is called)
56 // SQL commands to run
57 addAdminMenuSql('admins', NULL, 'Admin-Management','Administratoren anlegen, löschen oder Passwort/E-Mail Adresse ändern.',1);
58 addAdminMenuSql('admins','admins_add','Admin hinzufügen','Neuen Admin-Account anlegen',0);
59 addAdminMenuSql('admins','admins_edit','Admin-Account ändern','Bestehende Admin-Accounts bearbeiten: E-Mail-Adresse, Passwort und/oder Login-Name ändern.',1);
62 case 'remove': // Do stuff when removing extension
63 // SQL commands to run
64 addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE `action`='admins'");
65 addExtensionSql("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_admins_acls`");
66 addExtensionSql("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_admins_mails`");
67 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` DROP `default_acl`");
70 unregisterFilter('sql_admin_extra_data', 'ADD_EXTRA_SQL_DATA', true, getExtensionDryRun());
71 unregisterFilter('do_admin_login_done', 'RESET_ADMINS_LOGIN_FAILURES', true, getExtensionDryRun());
72 unregisterFilter('do_admin_login_pass', 'COUNT_ADMINS_LOGIN_FAILURE', true, getExtensionDryRun());
73 unregisterFilter('do_admin_login_done', 'REHASH_ADMINS_PASSWORD', true, getExtensionDryRun());
76 case 'activate': // Do stuff when admin activates this extension
77 // SQL commands to run
81 case 'deactivate': // Do stuff when admin deactivates this extension
82 // SQL commands to run
86 case 'update': // Update an extension
87 switch (getCurrentExtensionVersion()) {
88 case '0.2.0': // SQL queries for v0.2
89 addAdminMenuSql('admins','admins_contact','Admin kontaktieren','Kontaktiert einen Admin per Mail oder Nachricht (nur wenn messaging-Erweiterung installiert ist).',2);
91 // Update notes (these will be set as task text!)
92 setExtensionUpdateNotes("Fügt den Menüpunkt "Admin kontaktieren" hinzu.");
95 case '0.3.0': // SQL queries for v0.3
97 addAdminMenuSql('admins','config_admins','ACL einstellen','Richten Sie Zugriffskontrollzeilen für jeden Admin individuell ein, um ihm nur bestimmte Bereiche des Admin-Bereiches zugänglich zu machen oder zu sperren.',4);
99 // Which is the default setting when you create a new admin login?
100 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_config` ADD admins_default_acl ENUM('deny','allow') NOT NULL DEFAULT 'deny'");
102 // Default is deny everything
103 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` ADD default_acl ENUM('deny','allow') NOT NULL DEFAULT 'deny'");
105 // But allow current admin everything (THIS SHALL BE YOU!)
106 addExtensionSql("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `default_acl`='allow' WHERE `login`='".getSession('admin_login')."' LIMIT 1");
107 addExtensionSql("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_admins_acls`");
108 addExtensionSql("CREATE TABLE `{?_MYSQL_PREFIX?}_admins_acls` (
109 `id` BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
110 `admin_id` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
111 `action_menu` VARCHAR(255) NOT NULL DEFAULT '',
112 `what_menu` VARCHAR(255) NOT NULL DEFAULT '',
113 `access_mode` ENUM('deny','allow') NOT NULL DEFAULT 'deny',
116 ) TYPE={?_TABLE_TYPE?}");
118 // Update notes (these will be set as task text!)
119 setExtensionUpdateNotes("Sogn. ACLs werden hinzugefügt: <strong>A</strong>ccess <strong>C</strong>ontrol <strong>L</strong>ines sind zu deutsch Zugriffkontrollzeilen, mit denen Sie einstellen können, was welcher Admin machen darf oder nicht. <strong>Nur Sie haben momentan Vollzugriff auf den Adminbereich.</strong>");
122 case '0.3.1': // SQL queries for v0.3.1
123 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins_acls` MODIFY id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT");
126 case '0.4.0': // SQL queries for v0.4.0
127 addExtensionSql("DROP TABLE IF EXISTS `{?_MYSQL_PREFIX?}_admins_mails`");
128 addExtensionSql("CREATE TABLE `{?_MYSQL_PREFIX?}_admins_mails` (
129 id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
130 admin_id BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
131 mail_template VARCHAR(255) NOT NULL,
134 ) TYPE={?_TABLE_TYPE?}");
135 addExtensionSql("INSERT INTO `{?_MYSQL_PREFIX?}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_mails','Admin-Mails','Stellen Sie hier ein, welcher Admin welche Mail erhalten soll. Sie können dies (derzeit) jedoch erst, wenn einmal die Mail versendet wurde!',5)");
137 // Update notes (these will be set as task text!)
138 setExtensionUpdateNotes("Kontrollieren Sie, welche Mails welcher Admin oder alle (admin_id=0) bekommen soll oder im UserLog (admin_id=-1) verzeichnet werden soll. Standartmässig wird weiter an alle versendet.");
141 case '0.4.1': // SQL queries for v0.4.1
142 addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admins_mails` WHERE mail_template LIKE '% %'");
144 // Update notes (these will be set as task text!)
145 setExtensionUpdateNotes("Admins-Mails-Tabelle geleert.");
147 case '0.4.4': // SQL queries for v0.4.4
148 // Update notes (these will be set as task text!)
149 setExtensionUpdateNotes("&admin= in &amp;admin= umgewandelt.");
152 case '0.4.5': // SQL queries for v0.4.5
153 // Update notes (these will be set as task text!)
154 setExtensionUpdateNotes("Vorbereitet auf Cache-System");
157 case '0.4.6': // SQL queries for v0.4.6
158 // Update notes (these will be set as task text!)
159 setExtensionUpdateNotes("Problem mit cache-Erweiterung gefixt. Der Admin-Bereich war permanent gesperrt.");
162 case '0.4.7': // SQL queries for v0.4.7
163 // Update notes (these will be set as task text!)
164 setExtensionUpdateNotes("Es wurde die Zeitmarke der Cache-Datei admins.cache mit berücksichtigt.");
167 case '0.4.8': // SQL queries for v0.4.8
168 // Update notes (these will be set as task text!)
169 setExtensionUpdateNotes("Fehler beseitigt, wenn error_reporting=E_ALL gesetzt ist.");
172 case '0.4.9': // SQL queries for v0.4.9
173 // Update notes (these will be set as task text!)
174 setExtensionUpdateNotes("Fehler beseitigt, wenn error_reporting=E_ALL gesetzt ist.");
177 case '0.5.0': // SQL queries for v0.5.0
178 // Update notes (these will be set as task text!)
179 setExtensionUpdateNotes("Fehler beseitigt, wenn error_reporting=E_ALL gesetzt ist.");
182 case '0.5.1': // SQL queries for v0.5.1
183 // Update notes (these will be set as task text!)
184 setExtensionUpdateNotes("Cache wird endlich gelöscht, wenn Admin entfernt wird.");
187 case '0.5.2': // SQL queries for v0.5.2
188 // Update notes (these will be set as task text!)
189 setExtensionUpdateNotes("Löschen von Admin-Accounts repariert und HTML-Code ausgelagert in Templates.");
192 case '0.5.3': // SQL queries for v0.5.3
193 // Update notes (these will be set as task text!)
194 setExtensionUpdateNotes("Seit <strong>Patch 340</strong> überflüssige HTML-Tags entfernt.");
197 case '0.5.4': // SQL queries for v0.5.4
198 // Update notes (these will be set as task text!)
199 setExtensionUpdateNotes("IP-Nummer und Browserbezeichnung wird in Admin-Mails eingesetzt.");
202 case '0.5.5': // SQL queries for v0.5.5
203 // Update notes (these will be set as task text!)
204 setExtensionUpdateNotes("Menüpunkt Admin-Mails korregiert: SQL-Anweisung war fehlerhaft; und HTML-Code in Templates ausgelagert.");
207 case '0.5.6': // SQL queries for v0.5.6
208 addExtensionSql("UPDATE `{?_MYSQL_PREFIX?}_admin_menu` SET `what`='admins_contct' WHERE `what`='admins_contact' LIMIT 1");
210 // Update notes (these will be set as task text!)
211 setExtensionUpdateNotes("Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>.");
214 case '0.5.7': // SQL queries for v0.5.7
215 // Update notes (these will be set as task text!)
216 setExtensionUpdateNotes("Links wegen <strong>what=admins_contct</strong> geändert.");
219 case '0.5.8': // SQL queries for v0.5.8
220 addExtensionSql("UPDATE `{?_MYSQL_PREFIX?}_admin_menu` SET `what`='admins_contct' WHERE `what`='admins_contact' LIMIT 1");
222 // Update notes (these will be set as task text!)
223 setExtensionUpdateNotes("Ein Punkt in der Versionsnummernliste verhinderte das 0.5.6-Update.");
226 case '0.5.9': // SQL queries for v0.5.9
227 // Update notes (these will be set as task text!)
228 setExtensionUpdateNotes("Sicherheitsupdate: SQL-Anweisungen geschützt.");
231 case '0.6.0': // SQL queries for v0.6.0
232 // Update notes (these will be set as task text!)
233 setExtensionUpdateNotes("Link in "ACL Einstellen" zum Admin-Kontaktformular korregiert.");
236 case '0.6.1': // SQL queries for v0.6.1
237 // Update notes (these will be set as task text!)
238 setExtensionUpdateNotes("Speichern von Admin-Accounts klappt wieder.");
241 case '0.6.2': // SQL queries for v0.6.2
242 // Update notes (these will be set as task text!)
243 setExtensionUpdateNotes("Bitte verschieben Sie die admins-Templates (Ordner: {?PATH?}/templates/de/emails/) in den neuen Order admins!");
246 case '0.6.3': // SQL queries for v0.6.3
247 // Update notes (these will be set as task text!)
248 setExtensionUpdateNotes("Abspeichern von Einstellungen repariert.");
251 case '0.6.4': // SQL queries for v0.6.4
252 // Update notes (these will be set as task text!)
253 setExtensionUpdateNotes("Problem mit der Rechtevererbung beseitigt: Geben Sie nun ein Hauptmenü frei (Allow), dann kann der Admin auch die Untermenüs erreichen. Zudem können Sie gezielte Untermenüs im freigegeben Hauptmenü dennoch sperren.");
256 case '0.6.5': // SQL queries for v0.6.5
257 // Update notes (these will be set as task text!)
258 setExtensionUpdateNotes("Sicherheitsupdate für die Include-Befehle.");
261 case '0.6.6': // SQL queries for v0.5.6
262 addExtensionSql("UPDATE `{?_MYSQL_PREFIX?}_admin_menu` SET `what`='admins_contct' WHERE `what`='admins_contact' LIMIT 1");
264 // Update notes (these will be set as task text!)
265 setExtensionUpdateNotes("Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>.");
268 case '0.6.7': // SQL queries for v0.6.7
269 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` ADD la_mode ENUM('global','OLD','NEW') NOT NULL DEFAULT 'global'");
271 // Update notes (these will be set as task text!)
272 setExtensionUpdateNotes("Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>. Beseitigung eines Fehlers <strong>HTTP_POSR_VARS</strong> beim Ändern von Administratoren.");
275 case '0.6.8': // SQL queries for v0.6.8
276 // Update notes (these will be set as task text!)
277 setExtensionUpdateNotes("<strong>setSession()</strong> mit @-Zeichen gegen ungewollte Ausgaben abgesichert.");
280 case '0.6.9': // SQL queries for v0.6.9
281 addExtensionSql("UPDATE `{?_MYSQL_PREFIX?}_admin_menu` SET title = 'Admin-Management' WHERE action = 'admins' AND (`what`='' OR `what` IS NULL) LIMIT 1");
283 // Update notes (these will be set as task text!)
284 setExtensionUpdateNotes("Verwaltung nach Management umbenannt.");
287 case '0.7.0': // SQL queries for v0.7.0
288 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` ADD `login_failtures` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0");
289 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` ADD `last_failture` TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00'");
291 // Update notes (these will be set as task text!)
292 setExtensionUpdateNotes("Veraltetes Update.");
295 case '0.7.1': // SQL queries for v0.7.1
296 // Update depends on sql_patches
297 addExtensionUpdateDependency('sql_patches');
300 registerFilter('sql_admin_extra_data', 'ADD_EXTRA_SQL_DATA', false, true, getExtensionDryRun());
302 // Update notes (these will be set as task text!)
303 setExtensionUpdateNotes("Filter hinzugefügt und ist von <strong>sql_patches</strong> abhängig.");
306 case '0.7.2': // SQL queries for v0.7.2
307 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` DROP `login_failtures`");
308 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` DROP `last_failture`");
309 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` ADD `login_failures` BIGINT(20) UNSIGNED NOT NULL DEFAULT 0");
310 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` ADD `last_failure` TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00'");
312 // Update notes (these will be set as task text!)
313 setExtensionUpdateNotes("Schreibweise korregiert.");
316 case '0.7.3': // SQL queries for v0.7.3
317 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` ADD `expert_settings` ENUM('Y','N') NOT NULL DEFAULT 'Y'");
318 addExtensionSql("ALTER TABLE `{?_MYSQL_PREFIX?}_admins` ADD `expert_warning` ENUM('Y','N') NOT NULL DEFAULT 'Y'");
320 // Update notes (these will be set as task text!)
321 setExtensionUpdateNotes("Experten-Einstellungen sind nun hinzugekommen.");
324 case '0.7.4': // SQL queries for v0.7.4
326 registerFilter('do_admin_login_done', 'RESET_ADMINS_LOGIN_FAILURES', false, true, getExtensionDryRun());
327 registerFilter('do_admin_login_pass', 'COUNT_ADMINS_LOGIN_FAILURE', false, true, getExtensionDryRun());
329 // Update notes (these will be set as task text!)
330 setExtensionUpdateNotes("Filter hinzugefuegt.");
333 case '0.7.5': // SQL queries for v0.7.5
334 registerFilter('do_admin_login_done', 'REHASH_ADMINS_PASSWORD', false, true, getExtensionDryRun());
341 case 'modify': // When the extension got modified
344 case 'test': // For testing purposes. For details see file inc/modules/admin/what-extensions.php, arround line 305.
347 case 'init': // Do stuff when extension is initialized
350 default: // Unknown extension mode
351 logDebugMessage(__FILE__, __LINE__, sprintf("Unknown extension mode %s in extension %s detected.", getExtensionMode(), getCurrentExtensionName()));