2 /************************************************************************
3 * MXChange v0.2.1 Start: 06/30/2004 *
4 * ================ Last change: 07/02/2004 *
6 * -------------------------------------------------------------------- *
7 * File: what-config_admins.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Configure admin ACLs *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Admin-ACLs einstellen *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * Needs to be in all Files and every File needs "svn propset *
18 * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
19 * -------------------------------------------------------------------- *
20 * Copyright (c) 2003 - 2008 by Roland Haeder *
21 * For more information visit: http://www.mxchange.org *
23 * This program is free software; you can redistribute it and/or modify *
24 * it under the terms of the GNU General Public License as published by *
25 * the Free Software Foundation; either version 2 of the License, or *
26 * (at your option) any later version. *
28 * This program is distributed in the hope that it will be useful, *
29 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
31 * GNU General Public License for more details. *
33 * You should have received a copy of the GNU General Public License *
34 * along with this program; if not, write to the Free Software *
35 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
37 ************************************************************************/
39 // Some security stuff...
40 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
41 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
45 // Add description as navigation point
46 ADD_DESCR('admin', __FILE__);
49 if (REQUEST_ISSET_POST('sel')) $SEL = countPostSelection();
51 if ((REQUEST_ISSET_POST('edit')) && ($SEL > 0)) {
54 foreach (REQUEST_POST('sel') as $id => $selected) {
55 // Load data for the ID
56 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE `id`=%s LIMIT 1",
57 array(bigintval($id)), __FILE__, __LINE__);
58 list($aid, $act, $wht, $mode) = SQL_FETCHROW($result);
59 SQL_FREERESULT($result);
61 // Prepare data for the row template
65 'admins_selection' => generateOptionList('admins', 'id', 'login', $aid, 'default_acl'),
66 'action_selection' => ADMIN_MENU_SELECTION('action', $act, $id),
67 'what_selection' => ADMIN_MENU_SELECTION('what', $wht, $id),
68 'mode_options' => generateOptionList(
70 array('allow', 'deny'),
72 constant('ADMINS_ALLOW_MODE'),
73 constant('ADMINS_DENY_MODE')
80 $OUT .= LOAD_TEMPLATE('admin_config_admins_edit_row', true, $content);
83 define('__ACL_ROWS', $OUT);
86 LOAD_TEMPLATE('admin_config_admins_edit');
87 } elseif ((REQUEST_ISSET_POST('change')) && ($SEL > 0)) {
89 foreach (REQUEST_POST('sel') as $id => $selected) {
94 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins_acls` SET admin_id=%s, action_menu='%s', what_menu='%s', access_mode='%s' WHERE `id`=%s LIMIT 1",
96 REQUEST_POST('admin', $id),
97 REQUEST_POST('action_menu', $id),
98 REQUEST_POST('what_menu', $id),
99 REQUEST_POST('mode', $id),
101 ),__FILE__, __LINE__);
104 // Update cache when installed
105 if (EXT_IS_ACTIVE('cache')) {
106 if ($GLOBALS['cache_instance']->loadCacheFile('admins_acls')) $GLOBALS['cache_instance']->destroyCacheFile();
109 cachePurgeAdminMenu(REQUEST_POST('admin', $id));
113 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_ADMINS_ENTRIES_CHANGED'));
114 } elseif ((REQUEST_ISSET_POST('del')) && ($SEL > 0)) {
117 foreach (REQUEST_POST('sel') as $id => $selected) {
118 // Load data for the ID
119 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE `id`=%s LIMIT 1",
120 array(bigintval($id)), __FILE__, __LINE__);
121 list($admin, $act, $wht, $mode) = SQL_FETCHROW($result);
122 SQL_FREERESULT($result);
125 if (empty($act)) $act = '---';
126 if (empty($wht)) $wht = '---';
129 $mode = constant('ADMINS_'.strtoupper($mode).'_MODE');
132 $admin = generateAdminLink($admin);
134 // Prepare data for the row template
144 // Load row template and switch colors
145 $OUT .= LOAD_TEMPLATE('admin_config_admins_del_row', true, $content);
148 define('__ACL_ROWS', $OUT);
150 // Load main template
151 LOAD_TEMPLATE('admin_config_admins_del');
152 } elseif ((REQUEST_ISSET_POST('remove')) && ($SEL > 0)) {
154 // @TODO Rewrite this to filter 'run_sqls'
155 foreach (REQUEST_POST('sel') as $id => $selected) {
156 SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE `id`=%s LIMIT 1",
157 array(bigintval($id)),__FILE__, __LINE__);
160 // Update cache when installed
161 if (EXT_IS_ACTIVE('cache')) {
162 if ($GLOBALS['cache_instance']->loadCacheFile('admins_acls')) $GLOBALS['cache_instance']->destroyCacheFile();
164 // @TODO This causes the whole (!) menu cache being rebuild
165 cachePurgeAdminMenu();
169 LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_ADMINS_ENTRIES_DELETED'));
170 } elseif (REQUEST_ISSET_POST('add')) {
171 // Check if everything is fine...
172 $mode = getAdminDefaultAcl(bigintval(REQUEST_POST('admin_id')));
174 // Default ACL is false
176 if (REQUEST_ISSET_POST('what_menu')) {
178 $ACL = adminsCheckAdminAcl(getModeAction('admin', REQUEST_POST('what_menu')), '');
181 if (($mode != REQUEST_POST('mode')) || ($ACL)) {
183 $BOTH = ((REQUEST_ISSET_POST('action_menu')) && (REQUEST_ISSET_POST('what_menu')));
184 if (((REQUEST_ISSET_POST('action_menu')) || (REQUEST_ISSET_POST('what_menu'))) && (!$BOTH)) {
185 // Main or sub menu selected
186 $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE admin_id=%s AND action_menu='%s' AND what_menu='%s' LIMIT 1",
187 array(bigintval(REQUEST_POST('admin_id')), REQUEST_POST('action_menu'), REQUEST_POST('what_menu')), __FILE__, __LINE__);
188 if (SQL_NUMROWS($result) == 0) {
189 // Finally add the new ACL
190 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins_acls` (admin_id, action_menu, what_menu, access_mode)
191 VALUES ('%s','%s','%s','%s')",
193 bigintval(REQUEST_POST('admin_id')),
194 REQUEST_POST('action_menu'),
195 REQUEST_POST('what_menu'),
197 ), __FILE__, __LINE__);
198 $content = getMessage('ADMIN_ADMINS_ACL_SAVED');
200 // Update cache when installed
201 if (EXT_IS_ACTIVE('cache')) {
202 if ($GLOBALS['cache_instance']->loadCacheFile('admins_acls')) $GLOBALS['cache_instance']->destroyCacheFile();
205 cachePurgeAdminMenu(REQUEST_POST('admin_id'), REQUEST_POST('action_menu'), REQUEST_POST('what_menu'));
208 // ACL does already exist!
209 $content = getMessage('ADMIN_ADMINS_ACL_ALREADY_ADDED');
213 SQL_FREERESULT($result);
215 // No menu selected makes also no sence...
216 $content = getMessage('ADMIN_ADMINS_SELECT_ACTION_WHAT');
219 // Same mode makes no sence...
220 $content = getMessage('ADMIN_ADMINS_SAME_MODE_SELECTED');
224 LOAD_TEMPLATE('admin_settings_saved', false, $content);
227 $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` ORDER BY admin_id, id", __FILE__, __LINE__);
230 if (SQL_NUMROWS($result_acls) > 0) {
233 while ($content = SQL_FETCHARRAY($result_acls)) {
235 if (empty($content['action_menu'])) $content['action_menu'] = '---';
236 if (empty($content['what_menu'])) $content['what_menu'] = '---';
239 $content['access_mode'] = constant('ADMINS_'.strtoupper($content['access_mode']).'_MODE');
241 // Prepare data for the row template
244 'id' => $content['id'],
245 'admin' => generateAdminLink($content['admin_id']),
246 'action' => $content['action_menu'],
247 'what' => $content['what_menu'],
248 'mode' => $content['access_mode'],
251 // Load row template and switch colors
252 $OUT .= LOAD_TEMPLATE('admin_config_admins_row', true, $content);
257 SQL_FREERESULT($result);
258 define('__ACL_ROWS', $OUT);
260 // Load main template
261 LOAD_TEMPLATE('admin_config_admins');
264 // Prepare some constants for the template
265 define('_ADMINS_SELECTION', generateOptionList('admins', 'id', 'login', '', 'default_acl'));
266 define('_ACTION_SELECTION', ADMIN_MENU_SELECTION('action'));
267 define('_WHAT_SELECTION' , ADMIN_MENU_SELECTION('what'));
268 define('_MODE_OPTIONS' , generateOptionList(
270 array('allow', 'deny'),
272 getMessage('ADMINS_ALLOW_MODE'),
273 getMessage('ADMINS_DENY_MODE')
277 // Load template for adding new ACL
278 LOAD_TEMPLATE('admin_admins_add_acl');