// Check ACL for menu combination
function ADMINS_CHECK_ACL($act, $wht) {
- global $cacheArray, $_CONFIG, $cacheInstance;
+ global $cacheArray, $cacheInstance;
// If action is login or logout allow allways!
$default = "allow";
if (($act == "login") || ($act == "logout")) return true;
// Default is deny
$ret = false;
+ // Get admin's ID
+ $aid = GET_CURRENT_ADMIN_ID();
+
// Get admin's defult access right
- if (!empty($cacheArray['admins']['def_acl'][get_session('admin_login')])) {
- // Load from cache
- $default = $cacheArray['admins']['def_acl'][get_session('admin_login')];
-
- // Count cache hits
- if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
- } elseif (!is_object($cacheInstance)) {
- // Load from database
- $default = GET_ADMIN_DEFAULT_ACL(get_session('admin_login'));
- }
+ $default = GET_ADMIN_DEFAULT_ACL($aid);
- // Get admin's ID
- $aid = GET_ADMIN_ID(get_session('admin_login'));
if (!empty($wht)) {
// Check for parent menu:
}
if ($lines == 1) {
// Count cache hits
- if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
+ incrementConfigEntry('cache_hits');
break;
}
}
if (!empty($POST['pass1'][$id])) $ADD = sprintf(", password='%s'", SQL_ESCAPE($hash));
// Get admin's ID
- $salt = substr(GET_ADMIN_HASH(get_session('admin_login')), 0, -40);
- $aid = GET_ADMIN_ID(get_session('admin_login'));
+ $aid = GET_CURRENT_ADMIN_ID();
+ $salt = substr(GET_ADMIN_HASH($aid), 0, -40);
// Rewrite cookie when it's own account
if ($aid == $id) {
} // END - if
// Get default ACL from admin to check if we can allow him to change the default ACL
- $default = GET_ADMIN_DEFAULT_ACL(get_session('admin_login'));
+ $default = GET_ADMIN_DEFAULT_ACL(GET_CURRENT_ADMIN_ID());
// Update admin account
if ($default == "allow") {
// Allow changing default ACL
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET
+ SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET
login='%s'".$ADD.",
email='%s',
default_acl='%s',
), __FILE__, __LINE__);
} else {
// Do not allow it here
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET
+ SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET
login='%s'".$ADD.",
email='%s',
la_mode='%s'
}
// Remove cache file
- if ((EXT_IS_ACTIVE("cache")) && ($cache_update == "1")) {
- if ($cacheInstance->cache_file("admins", true)) $cacheInstance->cache_destroy();
- }
+ RUN_FILTER('post_admin_edited', $_POST);
}
// Make admin accounts editable
$id = bigintval($id);
// Delete only when it's not your own account!
- if (($del == 1) && (GET_ADMIN_ID(get_session('admin_login')) != $id)) {
+ if (($del == 1) && (GET_CURRENT_ADMIN_ID() != $id)) {
// Rewrite his tasks to all admins
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin=0 WHERE assigned_admin=%s",
+ SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin=0 WHERE assigned_admin=%s",
array($id), __FILE__, __LINE__);
// Remove account
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
- array($id), __FILE__, __LINE__);
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
+ array($id), __FILE__, __LINE__);
// Purge cache
CACHE_PURGE_ADMIN_MENU($id);
}
// Remove cache if cache system is activated
- if ((EXT_IS_ACTIVE("cache")) && ($cache_update == "1")) {
- if ($cacheInstance->cache_file("admins", true)) $cacheInstance->cache_destroy();
- }
+ RUN_FILTER('post_admin_deleted', $_POST);
}
// List all admin accounts
LOAD_TEMPLATE("admin_list_admins");
}
+// Filter for adding extra data to the query
+function FILTER_ADD_EXTRA_SQL_DATA () {
+ // Init extra data
+ $ADD = "";
+
+ // Is the admins extension updated? (should be!)
+ if (GET_EXT_VERSION("admins") >= "0.3") $ADD .= ", default_acl AS def_acl";
+ if (GET_EXT_VERSION("admins") >= "0.6.7") $ADD .= ", la_mode";
+ if (GET_EXT_VERSION("admins") >= "0.7.0") $ADD .= ", login_failtures, UNIX_TIMESTAMP(last_failture) AS last_failture";
+
+ // Return it
+ return $ADD;
+}
+
//
?>