2 /************************************************************************
3 * MXChange v0.2.1 Start: 06/30/2004 *
4 * ================ Last change: 07/02/2004 *
6 * -------------------------------------------------------------------- *
7 * File: what-config_admins.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Configure admin ACLs *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Admin-ACLs einstellen *
12 * -------------------------------------------------------------------- *
14 * -------------------------------------------------------------------- *
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
16 * For more information visit: http://www.mxchange.org *
18 * This program is free software; you can redistribute it and/or modify *
19 * it under the terms of the GNU General Public License as published by *
20 * the Free Software Foundation; either version 2 of the License, or *
21 * (at your option) any later version. *
23 * This program is distributed in the hope that it will be useful, *
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
26 * GNU General Public License for more details. *
28 * You should have received a copy of the GNU General Public License *
29 * along with this program; if not, write to the Free Software *
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
32 ************************************************************************/
34 // Some security stuff...
35 if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
37 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
40 // Add description as navigation point
41 ADD_DESCR("admin", basename(__FILE__));
44 if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']);
46 if ((isset($_POST['edit'])) && ($SEL > 0))
50 foreach ($_POST['sel'] as $id=>$sel)
52 // Load data for the ID
53 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%d LIMIT 1",
54 array(bigintval($id)), __FILE__, __LINE__);
55 list($aid, $act, $wht, $mode) = SQL_FETCHROW($result);
56 SQL_FREERESULT($result);
58 // Prepare data for the row template
62 'admins_selection' => ADD_OPTION_LINES("admins", "id", "login", $aid, "default_acl"),
63 'action_selection' => ADMIN_MENU_SELECTION("action", $act, $id),
64 'what_selection' => ADMIN_MENU_SELECTION("what", $wht, $id),
65 'mode_options' => ADD_OPTION_LINES(
67 array("allow", "deny"),
68 array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE),
74 $OUT .= LOAD_TEMPLATE("admin_config_admins_edit_row", true, $content);
77 define('__ACL_ROWS', $OUT);
80 LOAD_TEMPLATE("admin_config_admins_edit");
82 elseif ((isset($_POST['change'])) && ($SEL > 0))
85 foreach ($_POST['sel'] as $id=>$sel)
91 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins_acls SET admin_id=%d, action_menu='%s', what_menu='%s', access_mode='%s' WHERE id=%d LIMIT 1",
92 array($_POST['admin'][$id], $_POST['action_menu'][$id], $_POST['what_menu'][$id], $_POST['mode'][$id], $id),__FILE__, __LINE__);
95 // Update cache when installed
96 if (EXT_IS_ACTIVE("cache"))
98 if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
102 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_CHANGED);
104 elseif ((isset($_POST['del'])) && ($SEL > 0))
108 foreach ($_POST['sel'] as $id=>$sel)
110 // Load data for the ID
111 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%d LIMIT 1",
112 array(bigintval($id)), __FILE__, __LINE__);
113 list($admin, $act, $wht, $mode) = SQL_FETCHROW($result);
114 SQL_FREERESULT($result);
117 if (empty($act)) $act = "---";
118 if (empty($wht)) $wht = "---";
119 $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;";
123 $login = GET_ADMIN_LOGIN($admin);
127 $admin = "<A href=\"".URL."/modules.php?module=admin&what=admins_contct&admin=".$admin."\">".$login."</A>";
132 $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
135 // Prepare data for the row template
145 // Load row template and switch colors
146 $OUT .= LOAD_TEMPLATE("admin_config_admins_del_row", true, $content);
149 define('__ACL_ROWS', $OUT);
151 // Load main template
152 LOAD_TEMPLATE("admin_config_admins_del");
154 elseif ((isset($_POST['remove'])) && ($SEL > 0))
157 foreach ($_POST['sel'] as $id=>$sel)
159 $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%d LIMIT 1",
160 array(bigintval($id)),__FILE__, __LINE__);
163 // Update cache when installed
164 if (EXT_IS_ACTIVE("cache"))
166 if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
170 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_DELETED);
172 elseif (isset($_POST['add']))
174 // Check if everything is fine...
175 $result = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",
176 array(bigintval($_POST['admin_id'])), __FILE__, __LINE__);
177 list($mode) = SQL_FETCHROW($result);
178 SQL_FREERESULT($result);
180 // Default ACL is false
182 if (!empty($_POST['what_menu']))
185 $ACL = ADMINS_CHECK_ACL(GET_ACTION("admin", $_POST['what_menu']), "");
188 if ($mode != $_POST['mode'] || ($ACL))
191 $BOTH = ((!empty($_POST['action_menu'])) && (!empty($_POST['what_menu'])));
192 if (((!empty($_POST['action_menu'])) || (!empty($_POST['what_menu']))) && (!$BOTH))
194 // Main or sub menu selected
195 $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%d AND action_menu='%s' AND what_menu='%s' LIMIT 1",
196 array(bigintval($_POST['admin_id']), $_POST['action_menu'], $_POST['what_menu']), __FILE__, __LINE__);
197 if (SQL_NUMROWS($result) == 0)
199 // Finally add the new ACL
200 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins_acls (admin_id, action_menu, what_menu, access_mode)
201 VALUES ('%s', '%s', '%s', '%s')",
204 $_POST['action_menu'],
207 ), __FILE__, __LINE__);
208 $content = ADMIN_ADMINS_ACL_SAVED;
210 // Update cache when installed
211 if (EXT_IS_ACTIVE("cache"))
213 if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
218 // ACL does already exist!
219 $content = ADMIN_ADMINS_ACL_ALREADY_ADDED;
223 SQL_FREERESULT($result);
227 // No menu selected makes also no sence...
228 $content = ADMIN_ADMINS_SELECT_ACTION_WHAT;
233 // Same mode makes no sence...
234 $content = ADMIN_ADMINS_SAME_MODE_SELECTED;
238 LOAD_TEMPLATE("admin_settings_saved", false, $content);
243 $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls ORDER BY admin_id, id", __FILE__, __LINE__);
244 if (SQL_NUMROWS($result_acls) > 0)
248 while(list($id, $admin, $act, $wht, $mode) = SQL_FETCHROW($result_acls))
251 if (empty($act)) $act = "---";
252 if (empty($wht)) $wht = "---";
253 $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;";
257 $login = GET_ADMIN_LOGIN($admin);
261 $admin = "<A href=\"".URL."/modules.php?module=admin&what=admins_contct&admin=".$admin."\">".$login."</A>";
266 $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
269 // Prepare data for the row template
279 // Load row template and switch colors
280 $OUT .= LOAD_TEMPLATE("admin_config_admins_row", true, $content);
285 SQL_FREERESULT($result);
286 define('__ACL_ROWS', $OUT);
288 // Load main template
289 LOAD_TEMPLATE("admin_config_admins");
292 // Prepare some constants for the template
293 define('_ADMINS_SELECTION', ADD_OPTION_LINES("admins", "id", "login", "", "default_acl"));
294 define('_ACTION_SELECTION', ADMIN_MENU_SELECTION("action"));
295 define('_WHAT_SELECTION' , ADMIN_MENU_SELECTION("what"));
296 define('_MODE_OPTIONS' , ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE)));
298 // Load template for adding new ACL
299 LOAD_TEMPLATE("admin_admins_add_acl");