+
+ // Send "build mails" out
+ sendAdminBuildMails('delete', $table, $content, $id);
+ } // END - if
+
+ // Add id number
+ $idList .= $id . ',';
+ } // END - foreach
+
+ // Run the query
+ SQL_QUERY_ESC($sql, array($table, $idColumn, substr($idList, 0, -1)), __FUNCTION__, __LINE__);
+
+ // Was this fine?
+ if (SQL_AFFECTEDROWS() == count($IDs)) {
+ // All deleted
+ displayMessage('{--ADMIN_ALL_ENTRIES_REMOVED--}');
+ } else {
+ // Some are still there :(
+ displayMessage(sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_DELETED'), SQL_AFFECTEDROWS(), count($IDs)));
+ }
+ } else {
+ // List for deletion confirmation
+ adminListBuilder('delete', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn);
+ }
+ } // END - if
+}
+
+// Edit rows by given id numbers
+function adminEditEntriesConfirm ($IDs, $table, $columns = array(), $filterFunctions = array(), $extraValues = array(), $editNow = false, $idColumn = 'id', $userIdColumn = 'userid', $userid = 'userid') {
+ // All valid entries? (We hope so here!)
+ if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) {
+ // Shall we change here or list for editing?
+ if ($editNow === true) {
+ // Change them all
+ $affected = '0';
+ foreach ($IDs as $id => $sel) {
+ // Prepare content array (new values)
+ $content = array();
+
+ // Prepare SQL for this row
+ $sql = sprintf("UPDATE `{?_MYSQL_PREFIX?}_%s` SET",
+ SQL_ESCAPE($table)
+ );
+ foreach (postRequestArray() as $key => $entries) {
+ // Skip raw userid which is always invalid
+ if ($key == $userid) {
+ // Continue with next field
+ continue;
+ } // END - if
+
+ // Is entries an array?
+ if (($key != $idColumn) && (is_array($entries)) && (isset($entries[$id]))) {
+ // Add this entry to content
+ $content[$key] = $entries[$id];
+
+ // Send data through the filter function if found
+ if ((isset($filterFunctions[$key])) && (isset($extraValues[$key]))) {
+ // Filter function set!
+ $entries[$id] = handleExtraValues($filterFunctions[$key], $entries[$id], $extraValues[$key]);
+ } // END - if
+
+ // Then add this value
+ $sql .= sprintf(" `%s`='%s',",
+ SQL_ESCAPE($key),
+ SQL_ESCAPE($entries[$id])
+ );
+ } elseif (($key != $idColumn) && (!is_array($entries))) {
+ // Add normal entries as well!
+ $content[$key] = $entries;
+ }
+
+ // Do we have an URL?
+ if ($key == 'url') {
+ // Then add a framekiller test as well
+ $content['frametester'] = generateFrametesterUrl($content[$key]);
+ } // END - if
+ } // END - foreach
+
+ // Finish SQL command
+ $sql = substr($sql, 0, -1) . " WHERE `" . $idColumn . "`=" . bigintval($id) . " LIMIT 1";
+
+ // Run this query
+ SQL_QUERY($sql, __FUNCTION__, __LINE__);
+
+ // Add affected rows
+ $affected += SQL_AFFECTEDROWS();
+
+ // Load all data from that id
+ $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s`=%s LIMIT 1",
+ array($table, $idColumn, $id), __FUNCTION__, __LINE__);
+
+ // Fetch the data and merge it into $content
+ $content = merge_array($content, SQL_FETCHARRAY($result));
+
+ // Free the result
+ SQL_FREERESULT($result);
+
+ // Send "build mails" out
+ sendAdminBuildMails('edit', $table, $content, $id);
+ } // END - foreach
+
+ // Was this fine?
+ if ($affected == count($IDs)) {
+ // All deleted
+ displayMessage('{--ADMIN_ALL_ENTRIES_EDITED--}');
+ } else {
+ // Some are still there :(
+ displayMessage(sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_EDITED'), $affected, count($IDs)));
+ }
+ } else {
+ // List for editing
+ adminListBuilder('edit', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn);
+ }
+ } // END - if
+}
+
+// Un-/lock rows by given id numbers
+function adminLockEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn='id', $userIdColumn='userid') {
+ // All valid entries? (We hope so here!)
+ if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && (($lockNow === false) || (count($statusArray) == 1))) {
+ // Shall we un-/lock here or list for locking?
+ if ($lockNow === true) {
+ // Un-/lock entries
+ adminBuilderStatusHandler('lock', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray);
+ } else {
+ // List for editing
+ adminListBuilder('lock', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn);
+ }
+ } // END - if
+}
+
+// Undelete rows by given id numbers
+function adminUndeleteEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $undeleteNow=false, $idColumn='id', $userIdColumn='userid') {
+ // All valid entries? (We hope so here!)
+ if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && (($undeleteNow === false) || (count($statusArray) == 1))) {
+ // Shall we un-/lock here or list for locking?
+ if ($undeleteNow === true) {
+ // Undelete entries
+ adminBuilderStatusHandler('undelete', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray);
+ } else {
+ // List for editing
+ adminListBuilder('undelete', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn);
+ }
+ } // END - if
+}
+
+// Checks proxy settins by fetching check-updates3.php from www.mxchange.org
+function adminTestProxySettings ($settingsArray) {
+ // Set temporary the new settings
+ mergeConfig($settingsArray);
+
+ // Now get the test URL
+ $content = sendGetRequest('check-updates3.php');
+
+ // Is the first line with "200 OK"?
+ $valid = (strpos($content[0], '200 OK') !== false);
+
+ // Return result
+ return $valid;
+}
+
+// Sends out a link to the given email adress so the admin can reset his/her password
+function sendAdminPasswordResetLink ($email) {
+ // Init output
+ $OUT = '';
+
+ //Â Look up administator login
+ $result = SQL_QUERY_ESC("SELECT `id`, `login`, `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `email`='%s' LIMIT 1",
+ array($email), __FUNCTION__, __LINE__);
+
+ // Is there an account?
+ if (SQL_HASZERONUMS($result)) {
+ // No account found
+ return '{--ADMIN_NO_LOGIN_WITH_EMAIL--}';
+ } // END - if
+
+ // Load all data
+ $content = SQL_FETCHARRAY($result);
+
+ // Free result
+ SQL_FREERESULT($result);
+
+ // Generate hash for reset link
+ $content['hash'] = generateHash(getUrl() . getEncryptSeperator() . $content['id'] . getEncryptSeperator() . $content['login'] . getEncryptSeperator() . $content['password'], substr($content['password'], getSaltLength()));
+
+ // Remove some data
+ unset($content['id']);
+ unset($content['password']);
+
+ // Prepare email
+ $mailText = loadEmailTemplate('admin_reset_password', $content);
+
+ // Send it out
+ sendEmail($email, '{--ADMIN_RESET_PASSWORD_LINK_SUBJECT--}', $mailText);
+
+ // Prepare output
+ return '{--ADMIN_RESET_PASSWORD_LINK_SENT--}';
+}
+
+// Validate hash and login for password reset
+function adminResetValidateHashLogin ($hash, $login) {
+ // By default nothing validates... ;)
+ $valid = false;
+
+ // Then try to find that user
+ $result = SQL_QUERY_ESC("SELECT `id`, `password`, `email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
+ array($login), __FUNCTION__, __LINE__);
+
+ // Is an account here?
+ if (SQL_NUMROWS($result) == 1) {
+ // Load all data
+ $content = SQL_FETCHARRAY($result);
+
+ // Generate hash again
+ $hashFromData = generateHash(getUrl() . getEncryptSeperator() . $content['id'] . getEncryptSeperator() . $login . getEncryptSeperator() . $content['password'], substr($content['password'], getSaltLength()));
+
+ // Does both match?
+ $valid = ($hash == $hashFromData);
+ } // END - if
+
+ // Free result
+ SQL_FREERESULT($result);
+
+ // Return result
+ return $valid;
+}
+
+// Reset the password for the login. Do NOT call this function without calling above function first!
+function doResetAdminPassword ($login, $password) {
+ // Generate hash (we already check for sql_patches in generateHash())
+ $passHash = generateHash($password);
+
+ // Update database
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `password`='%s' WHERE `login`='%s' LIMIT 1",
+ array($passHash, $login), __FUNCTION__, __LINE__);
+
+ // Run filters
+ runFilterChain('post_form_reset_pass', array('login' => $login, 'hash' => $passHash));
+
+ // Return output
+ return '{--ADMIN_PASSWORD_RESET_DONE--}';
+}
+
+// Solves a task by given id number
+function adminSolveTask ($id) {
+ // Update the task data
+ adminUpdateTaskData($id, 'status', 'SOLVED');
+}
+
+// Marks a given task as deleted
+function adminDeleteTask ($id) {
+ // Update the task data
+ adminUpdateTaskData($id, 'status', 'DELETED');
+}
+
+// Function to update task data
+function adminUpdateTaskData ($id, $row, $data) {
+ // Should be admin!
+ if (!isAdmin()) {
+ // Not an admin so redirect better
+ redirectToUrl('modules.php?module=index');
+ } // END - if
+
+ // Is the id not set, then we need a backtrace here... :(
+ if ($id <= 0) {
+ // Initiate backtrace
+ debug_report_bug(__FUNCTION__, __LINE__, sprintf("id is invalid: %s. row=%s, data=%s",
+ $id,
+ $row,
+ $data
+ ));
+ } // END - if
+
+ // Update the task
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_task_system` SET `%s`='%s' WHERE `id`=%s LIMIT 1",
+ array(
+ $row,
+ $data,
+ bigintval($id)
+ ), __FUNCTION__, __LINE__);
+}
+
+// Checks wether if the admin menu has entries
+function ifAdminMenuHasEntries ($action) {
+ return (
+ ((
+ // Is the entry set?
+ isset($GLOBALS['admin_menu_has_entries'][$action])
+ ) && (
+ // And do we have a menu for this action?
+ $GLOBALS['admin_menu_has_entries'][$action] === true
+ )) || (
+ // Login has always a menu
+ $action == 'login'
+ )
+ );
+}
+
+// Setter for 'admin_menu_has_entries'
+function setAdminMenuHasEntries ($action, $hasEntries) {
+ $GLOBALS['admin_menu_has_entries'][$action] = (bool) $hasEntries;
+}
+
+// Creates a link to the user's admin-profile
+function adminCreateUserLink ($userid) {
+ // Is the userid set correctly?
+ if (isValidUserId($userid)) {
+ // Create a link to that profile
+ return '{%url=modules.php?module=admin&what=list_user&userid=' . bigintval($userid) . '%}';
+ } // END - if
+
+ // Return a link to the user list
+ return '{%url=modules.php?module=admin&what=list_user%}';
+}
+
+// Generate a "link" for the given admin id (admin_id)
+function generateAdminLink ($adminId) {
+ // No assigned admin is default
+ $adminLink = '<span class="notice">{--ADMIN_NO_ADMIN_ASSIGNED--}</span>';
+
+ // Zero? = Not assigned
+ if (bigintval($adminId) > 0) {
+ // Load admin's login
+ $login = getAdminLogin($adminId);
+
+ // Is the login valid?
+ if ($login != '***') {
+ // Is the extension there?
+ if (isExtensionActive('admins')) {
+ // Admin found
+ $adminLink = '<a href="' . generateEmailLink(getAdminEmail($adminId), 'admins') . '" title="{--ADMIN_CONTACT_LINK_TITLE--}">' . $login . '</a>';
+ } else {
+ // Extension not found
+ $adminLink = getMaskedMessage('ADMIN_TASK_ROW_EXTENSION_NOT_INSTALLED', 'admins');
+ }
+ } else {
+ // Maybe deleted?
+ $adminLink = '<div class="notice">' . getMaskedMessage('ADMIN_ID_404', $adminId) . '</div>';
+ }
+ } // END - if
+
+ // Return result
+ return $adminLink;
+}
+
+// Verifies if the current admin has confirmed to alter expert settings
+//
+// Return values:
+// 'failed' = Something goes wrong (default)
+// 'agreed' = Has verified and and confirmed it to see them
+// 'forbidden' = Has not the proper right to alter them
+// 'update' = Need to update extension 'admins'
+// 'ask' = A form was send to the admin
+function doVerifyExpertSettings () {
+ // Default return status is failed
+ $return = 'failed';
+
+ // Is the extension installed and recent?
+ if (isExtensionInstalledAndNewer('admins', '0.7.3')) {
+ // Okay, load the status
+ $expertSettings = getAminsExpertSettings();
+
+ // Is he allowed?
+ if ($expertSettings == 'Y') {
+ // Okay, does he want to see them?
+ if (isAdminsExpertWarningEnabled()) {
+ // Ask for them
+ if (isFormSent()) {
+ // Is the element set, then we need to change the admin
+ if (isPostRequestParameterSet('expert_settings')) {
+ // Get it and prepare final post data array
+ $postData['login'][getCurrentAdminId()] = getCurrentAdminLogin();
+ $postData['expert_warning'][getCurrentAdminId()] = 'N';
+
+ // Change it in the admin
+ adminsChangeAdminAccount($postData, 'expert_warning');
+
+ // Clear form
+ unsetPostRequestParameter('ok');
+ } // END - if
+
+ // All fine!
+ $return = 'agreed';
+ } else {
+ // Send form
+ loadTemplate('admin_expert_settings_form');
+
+ // Asked for it
+ $return = 'ask';