-<?php\r
-/************************************************************************\r
- * MXChange v0.2.1 Start: 06/30/2003 *\r
- * =============== Last change: 11/27/2004 *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * File : admins_functions.php *\r
- * -------------------------------------------------------------------- *\r
- * Short description : Functions for the admins extension *\r
- * -------------------------------------------------------------------- *\r
- * Kurzbeschreibung : Funktionen fuer die admins-Erweiterung *\r
- * -------------------------------------------------------------------- *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * Copyright (c) 2003 - 2007 by Roland Haeder *\r
- * For more information visit: http://www.mxchange.org *\r
- * *\r
- * This program is free software; you can redistribute it and/or modify *\r
- * it under the terms of the GNU General Public License as published by *\r
- * the Free Software Foundation; either version 2 of the License, or *\r
- * (at your option) any later version. *\r
- * *\r
- * This program is distributed in the hope that it will be useful, *\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *\r
- * GNU General Public License for more details. *\r
- * *\r
- * You should have received a copy of the GNU General Public License *\r
- * along with this program; if not, write to the Free Software *\r
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *\r
- * MA 02110-1301 USA *\r
- ************************************************************************/\r
-\r
-// Some security stuff...\r
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))\r
-{\r
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";\r
- require($INC);\r
-}\r
-//\r
-function ADMINS_CHECK_ACL($act, $wht)\r
-{\r
- global $_COOKIE, $ADMINS, $ADMINS_ACLS, $CONFIG;\r
- // If action is login or logout allow allways!\r
- if (($act == "login") || ($act == "logout")) return true;\r
-\r
- // Default is deny\r
- $ret = false;\r
-\r
- // Get admin's defult access right\r
- if (!empty($ADMINS['def_acl'][$_COOKIE['admin_login']]))\r
- {\r
- // Load from cache\r
- $default = $ADMINS['def_acl'][$_COOKIE['admin_login']];\r
-\r
- // Count cache hits\r
- $CONFIG['cache_hits']++;\r
- }\r
- else\r
- {\r
- // Load from database\r
- $result = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",\r
- array($_COOKIE['admin_login']), __FILE__, __LINE__);\r
- list($default) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- }\r
-\r
- // Get admin's ID\r
- $aid = GET_ADMIN_ID($_COOKIE['admin_login']);\r
-\r
- if (!empty($wht))\r
- {\r
- // Check for parent menu:\r
- // First get it's action value\r
- $parent_action = GET_ACTION("admin", $wht);\r
-\r
- // Check with this function...\r
- $parent = ADMINS_CHECK_ACL($parent_action, "");\r
- }\r
- else\r
- {\r
- // Anything else is true!\r
- $parent = false;\r
- }\r
-\r
- // Shall I test for a main or sub menu? (action or what?)\r
- $lines = 0; $acl_mode = "failed";\r
- if (GET_EXT_VERSION("cache") >= "0.1.2")\r
- {\r
- // Load only from array when there are lines!\r
- if (count($ADMINS_ACLS) > 0)\r
- {\r
- // Load ACL from array\r
- foreach ($ADMINS_ACLS['admin_id'] as $id=>$aid_acls)\r
- {\r
- if ($aid == $aid_acls)\r
- {\r
- // Okay, one line was found!\r
- if ((!empty($act)) && ($ADMINS_ACLS['action_menu'][$id] == $act))\r
- {\r
- // Main menu line found\r
- $acl_mode = $ADMINS_ACLS['access_mode'][$id];\r
- $lines = 1;\r
- }\r
- elseif ((!empty($wht)) && ($ADMINS_ACLS['what_menu'][$id] == $wht))\r
- {\r
- // Check sub menu\r
- $acl_mode = $ADMINS_ACLS['access_mode'][$id];\r
- $lines = 1;\r
- }\r
- if ($lines == 1)\r
- {\r
- // Count cache hits\r
- $CONFIG['cache_hits']++;\r
- break;\r
- }\r
- }\r
- }\r
-\r
- // No ACL found?\r
- if ($acl_mode == "failed")\r
- {\r
- $acl_mode = "";\r
- $lines = 0;\r
- }\r
- }\r
- else\r
- {\r
- // No lines here\r
- $lines = 0;\r
- }\r
- }\r
- else\r
- {\r
- // Old version, so load it from database\r
- if (!empty($act))\r
- {\r
- // Main menu\r
- $result = SQL_QUERY_ESC("SELECT access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%d AND action_menu='%s' LIMIT 1",\r
- array(bigintval($aid), $act), __FILE__, __LINE__);\r
- }\r
- elseif (!empty($wht))\r
- {\r
- // Sub menu\r
- $result = SQL_QUERY_ESC("SELECT access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%d AND what_menu='%s' LIMIT 1",\r
- array(bigintval($aid), $wht), __FILE__, __LINE__);\r
- }\r
-\r
- // Get number of lines\r
- $lines = SQL_NUMROWS($result);\r
-\r
- // Load ACL\r
- list($acl_mode) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- }\r
-\r
- // Check ACL and (maybe) allow\r
- if ((($default == "allow") && ($lines == 0)) || (($default == "deny") && ($lines == "1") && ($acl_mode == "allow")) || (($lines == 0) && ($parent))) $ret = true;\r
-\r
- // Return value\r
- return $ret;\r
-}\r
-// Create email link to admins's account\r
-function ADMINS_CREATE_EMAIL_LINK($email, $mod="admin")\r
-{\r
- $locked = " AND status='CONFIRMED'";\r
- if (IS_ADMIN()) $locked = "";\r
- if (strpos("@", $email) > 0)\r
- {\r
- // Create email link\r
- $result = SQL_QUERY_ESC("SELECT id\r
-FROM "._MYSQL_PREFIX."_admins\r
-WHERE email='%s'".$locked." LIMIT 1",\r
- array($email), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1)\r
- {\r
- // Load userid\r
- list($uid) = SQL_FETCHROW($result);\r
-\r
- // Rewrite email address to contact link\r
- $email = URL."/modules.php?module=".$mod."&what=user_contct&u_id=".bigintval($uid);\r
- }\r
-\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- }\r
- elseif (bigintval($email) > 0)\r
- {\r
- // Direct ID given\r
- $email = URL."/modules.php?module=".$mod."&what=admins_contct&admin=".bigintval($email);\r
- }\r
-\r
- // Return rewritten (?) email address\r
- return $email;\r
-}\r
-//\r
-?>\r
+<?php
+/************************************************************************
+ * MXChange v0.2.1 Start: 06/30/2003 *
+ * =============== Last change: 11/27/2004 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : admins_functions.php *
+ * -------------------------------------------------------------------- *
+ * Short description : Functions for the admins extension *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : Funktionen fuer die admins-Erweiterung *
+ * -------------------------------------------------------------------- *
+ * *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * For more information visit: http://www.mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+// Some security stuff...
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
+{
+ $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
+ require($INC);
+}
+//
+function ADMINS_CHECK_ACL($act, $wht)
+{
+ global $_COOKIE, $ADMINS, $ADMINS_ACLS, $CONFIG;
+ // If action is login or logout allow allways!
+ if (($act == "login") || ($act == "logout")) return true;
+
+ // Default is deny
+ $ret = false;
+
+ // Get admin's defult access right
+ if (!empty($ADMINS['def_acl'][$_COOKIE['admin_login']]))
+ {
+ // Load from cache
+ $default = $ADMINS['def_acl'][$_COOKIE['admin_login']];
+
+ // Count cache hits
+ $CONFIG['cache_hits']++;
+ }
+ else
+ {
+ // Load from database
+ $result = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
+ array($_COOKIE['admin_login']), __FILE__, __LINE__);
+ list($default) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ }
+
+ // Get admin's ID
+ $aid = GET_ADMIN_ID($_COOKIE['admin_login']);
+
+ if (!empty($wht))
+ {
+ // Check for parent menu:
+ // First get it's action value
+ $parent_action = GET_ACTION("admin", $wht);
+
+ // Check with this function...
+ $parent = ADMINS_CHECK_ACL($parent_action, "");
+ }
+ else
+ {
+ // Anything else is true!
+ $parent = false;
+ }
+
+ // Shall I test for a main or sub menu? (action or what?)
+ $lines = 0; $acl_mode = "failed";
+ if (GET_EXT_VERSION("cache") >= "0.1.2")
+ {
+ // Load only from array when there are lines!
+ if (count($ADMINS_ACLS) > 0)
+ {
+ // Load ACL from array
+ foreach ($ADMINS_ACLS['admin_id'] as $id=>$aid_acls)
+ {
+ if ($aid == $aid_acls)
+ {
+ // Okay, one line was found!
+ if ((!empty($act)) && ($ADMINS_ACLS['action_menu'][$id] == $act))
+ {
+ // Main menu line found
+ $acl_mode = $ADMINS_ACLS['access_mode'][$id];
+ $lines = 1;
+ }
+ elseif ((!empty($wht)) && ($ADMINS_ACLS['what_menu'][$id] == $wht))
+ {
+ // Check sub menu
+ $acl_mode = $ADMINS_ACLS['access_mode'][$id];
+ $lines = 1;
+ }
+ if ($lines == 1)
+ {
+ // Count cache hits
+ $CONFIG['cache_hits']++;
+ break;
+ }
+ }
+ }
+
+ // No ACL found?
+ if ($acl_mode == "failed")
+ {
+ $acl_mode = "";
+ $lines = 0;
+ }
+ }
+ else
+ {
+ // No lines here
+ $lines = 0;
+ }
+ }
+ else
+ {
+ // Old version, so load it from database
+ if (!empty($act))
+ {
+ // Main menu
+ $result = SQL_QUERY_ESC("SELECT access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%d AND action_menu='%s' LIMIT 1",
+ array(bigintval($aid), $act), __FILE__, __LINE__);
+ }
+ elseif (!empty($wht))
+ {
+ // Sub menu
+ $result = SQL_QUERY_ESC("SELECT access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%d AND what_menu='%s' LIMIT 1",
+ array(bigintval($aid), $wht), __FILE__, __LINE__);
+ }
+
+ // Get number of lines
+ $lines = SQL_NUMROWS($result);
+
+ // Load ACL
+ list($acl_mode) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ }
+
+ // Check ACL and (maybe) allow
+ if ((($default == "allow") && ($lines == 0)) || (($default == "deny") && ($lines == "1") && ($acl_mode == "allow")) || (($lines == 0) && ($parent))) $ret = true;
+
+ // Return value
+ return $ret;
+}
+// Create email link to admins's account
+function ADMINS_CREATE_EMAIL_LINK($email, $mod="admin")
+{
+ $locked = " AND status='CONFIRMED'";
+ if (IS_ADMIN()) $locked = "";
+ if (strpos("@", $email) > 0)
+ {
+ // Create email link
+ $result = SQL_QUERY_ESC("SELECT id
+FROM "._MYSQL_PREFIX."_admins
+WHERE email='%s'".$locked." LIMIT 1",
+ array($email), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1)
+ {
+ // Load userid
+ list($uid) = SQL_FETCHROW($result);
+
+ // Rewrite email address to contact link
+ $email = URL."/modules.php?module=".$mod."&what=user_contct&u_id=".bigintval($uid);
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ }
+ elseif (bigintval($email) > 0)
+ {
+ // Direct ID given
+ $email = URL."/modules.php?module=".$mod."&what=admins_contct&admin=".bigintval($email);
+ }
+
+ // Return rewritten (?) email address
+ return $email;
+}
+//
+?>