2 /************************************************************************
3 * MXChange v0.2.1 Start: 06/30/2004 *
4 * ================ Last change: 07/02/2004 *
6 * -------------------------------------------------------------------- *
7 * File: what-config_admins.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Configure admin ACLs *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Admin-ACLs einstellen *
12 * -------------------------------------------------------------------- *
14 * -------------------------------------------------------------------- *
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
16 * For more information visit: http://www.mxchange.org *
18 * This program is free software; you can redistribute it and/or modify *
19 * it under the terms of the GNU General Public License as published by *
20 * the Free Software Foundation; either version 2 of the License, or *
21 * (at your option) any later version. *
23 * This program is distributed in the hope that it will be useful, *
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
26 * GNU General Public License for more details. *
28 * You should have received a copy of the GNU General Public License *
29 * along with this program; if not, write to the Free Software *
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
32 ************************************************************************/
34 // Some security stuff...
35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
36 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
40 // Add description as navigation point
41 ADD_DESCR("admin", basename(__FILE__));
44 if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']);
46 if ((isset($_POST['edit'])) && ($SEL > 0)) {
49 foreach ($_POST['sel'] as $id => $sel) {
50 // Load data for the ID
51 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
52 array(bigintval($id)), __FILE__, __LINE__);
53 list($aid, $act, $wht, $mode) = SQL_FETCHROW($result);
54 SQL_FREERESULT($result);
56 // Prepare data for the row template
60 'admins_selection' => ADD_OPTION_LINES("admins", "id", "login", $aid, "default_acl"),
61 'action_selection' => ADMIN_MENU_SELECTION("action", $act, $id),
62 'what_selection' => ADMIN_MENU_SELECTION("what", $wht, $id),
63 'mode_options' => ADD_OPTION_LINES(
65 array("allow", "deny"),
66 array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE),
72 $OUT .= LOAD_TEMPLATE("admin_config_admins_edit_row", true, $content);
75 define('__ACL_ROWS', $OUT);
78 LOAD_TEMPLATE("admin_config_admins_edit");
79 } elseif ((isset($_POST['change'])) && ($SEL > 0)) {
81 foreach ($_POST['sel'] as $id => $sel) {
86 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins_acls SET admin_id=%s, action_menu='%s', what_menu='%s', access_mode='%s' WHERE id=%s LIMIT 1",
87 array($_POST['admin'][$id], $_POST['action_menu'][$id], $_POST['what_menu'][$id], $_POST['mode'][$id], $id),__FILE__, __LINE__);
90 // Update cache when installed
91 if (EXT_IS_ACTIVE("cache")) {
92 if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
95 CACHE_PURGE_ADMIN_MENU($_POST['admin'][$id]);
99 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_CHANGED);
100 } elseif ((isset($_POST['del'])) && ($SEL > 0)) {
103 foreach ($_POST['sel'] as $id => $sel) {
104 // Load data for the ID
105 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
106 array(bigintval($id)), __FILE__, __LINE__);
107 list($admin, $act, $wht, $mode) = SQL_FETCHROW($result);
108 SQL_FREERESULT($result);
111 if (empty($act)) $act = "---";
112 if (empty($wht)) $wht = "---";
113 $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;";
117 $login = GET_ADMIN_LOGIN($admin);
118 if ($login != "***") {
120 $admin = "<A href=\"".URL."/modules.php?module=admin&what=admins_contct&admin=".$admin."\">".$login."</A>";
123 $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
126 // Prepare data for the row template
136 // Load row template and switch colors
137 $OUT .= LOAD_TEMPLATE("admin_config_admins_del_row", true, $content);
140 define('__ACL_ROWS', $OUT);
142 // Load main template
143 LOAD_TEMPLATE("admin_config_admins_del");
144 } elseif ((isset($_POST['remove'])) && ($SEL > 0)) {
146 foreach ($_POST['sel'] as $id => $sel) {
147 $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
148 array(bigintval($id)),__FILE__, __LINE__);
151 // Update cache when installed
152 if (EXT_IS_ACTIVE("cache")) {
153 if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
155 // @TODO This causes the whole (!) menu cache being rebuild
156 CACHE_PURGE_ADMIN_MENU();
160 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_DELETED);
161 } elseif (isset($_POST['add'])) {
162 // Check if everything is fine...
163 $result = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
164 array(bigintval($_POST['admin_id'])), __FILE__, __LINE__);
165 list($mode) = SQL_FETCHROW($result);
166 SQL_FREERESULT($result);
168 // Default ACL is false
170 if (!empty($_POST['what_menu'])) {
172 $ACL = ADMINS_CHECK_ACL(GET_ACTION("admin", $_POST['what_menu']), "");
175 if ($mode != $_POST['mode'] || ($ACL)) {
177 $BOTH = ((!empty($_POST['action_menu'])) && (!empty($_POST['what_menu'])));
178 if (((!empty($_POST['action_menu'])) || (!empty($_POST['what_menu']))) && (!$BOTH)) {
179 // Main or sub menu selected
180 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%s AND action_menu='%s' AND what_menu='%s' LIMIT 1",
181 array(bigintval($_POST['admin_id']), $_POST['action_menu'], $_POST['what_menu']), __FILE__, __LINE__);
182 if (SQL_NUMROWS($result) == 0) {
183 // Finally add the new ACL
184 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins_acls (admin_id, action_menu, what_menu, access_mode)
185 VALUES ('%s', '%s', '%s', '%s')",
187 bigintval($_POST['admin_id']),
188 $_POST['action_menu'],
191 ), __FILE__, __LINE__);
192 $content = ADMIN_ADMINS_ACL_SAVED;
194 // Update cache when installed
195 if (EXT_IS_ACTIVE("cache")) {
196 if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
199 CACHE_PURGE_ADMIN_MENU($_POST['admin_id'], $_POST['action_menu'], $_POST['what_menu']);
202 // ACL does already exist!
203 $content = ADMIN_ADMINS_ACL_ALREADY_ADDED;
207 SQL_FREERESULT($result);
209 // No menu selected makes also no sence...
210 $content = ADMIN_ADMINS_SELECT_ACTION_WHAT;
213 // Same mode makes no sence...
214 $content = ADMIN_ADMINS_SAME_MODE_SELECTED;
218 LOAD_TEMPLATE("admin_settings_saved", false, $content);
221 $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls ORDER BY admin_id, id", __FILE__, __LINE__);
222 if (SQL_NUMROWS($result_acls) > 0)
226 while(list($id, $admin, $act, $wht, $mode) = SQL_FETCHROW($result_acls))
229 if (empty($act)) $act = "---";
230 if (empty($wht)) $wht = "---";
231 $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;";
235 $login = GET_ADMIN_LOGIN($admin);
239 $admin = "<A href=\"".URL."/modules.php?module=admin&what=admins_contct&admin=".$admin."\">".$login."</A>";
244 $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
247 // Prepare data for the row template
257 // Load row template and switch colors
258 $OUT .= LOAD_TEMPLATE("admin_config_admins_row", true, $content);
263 SQL_FREERESULT($result);
264 define('__ACL_ROWS', $OUT);
266 // Load main template
267 LOAD_TEMPLATE("admin_config_admins");
270 // Prepare some constants for the template
271 define('_ADMINS_SELECTION', ADD_OPTION_LINES("admins", "id", "login", "", "default_acl"));
272 define('_ACTION_SELECTION', ADMIN_MENU_SELECTION("action"));
273 define('_WHAT_SELECTION' , ADMIN_MENU_SELECTION("what"));
274 define('_MODE_OPTIONS' , ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE)));
276 // Load template for adding new ACL
277 LOAD_TEMPLATE("admin_admins_add_acl");