// Lookup the admin
$result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1",
- array($user), __FUNCTION__, __LINE__);
+ array($user), __FUNCTION__, __LINE__);
// Is the entry there?
if (SQL_NUMROWS($result) == 0) {
// Ok, let's create the admin login
SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins` (login, password, email) VALUES ('%s', '%s', '%s')",
- array($user, $md5, $email), __FUNCTION__, __LINE__);
+ array($user, $md5, $email), __FUNCTION__, __LINE__);
$ret = 'done';
} // END - if
// Only be executed on login procedure!
function CHECK_ADMIN_LOGIN ($admin_login, $password) {
// By default no admin is found
- $ret = "404";
+ $ret = '404';
// Get admin id
$aid = GET_ADMIN_ID($admin_login);
// Get password from DB
$result = SQL_QUERY_ESC("SELECT password".$add." FROM `{!_MYSQL_PREFIX!}_admins` WHERE `id`=%s LIMIT 1",
- array($aid), __FUNCTION__, __LINE__);
+ array($aid), __FUNCTION__, __LINE__);
// Entry found?
if (SQL_NUMROWS($result) == 1) {
$salt = __SALT;
// Check if password is same
- //* DEBUG: */ echo "*".$ret.",".$data['password'].",".$password.",".$salt."*<br >\n";
+ //* DEBUG: */ echo "*".$ret.','.$data['password'].','.$password.','.$salt."*<br >\n";
if (($ret == 'pass') && ($data['password'] == generateHash($password, $salt)) && ((!empty($salt))) || ($data['password'] == $password)) {
// Re-hash the plain passord with new random salt
$data['password'] = generateHash($password);
// Update password and reset login failures
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s',login_failures=0,last_failure='0000-00-00 00:00:00' WHERE `id`=%s LIMIT 1",
- array($data['password'], $aid), __FUNCTION__, __LINE__);
+ array($data['password'], $aid), __FUNCTION__, __LINE__);
} else {
// Update password
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s' WHERE `id`=%s LIMIT 1",
- array($data['password'], $aid), __FUNCTION__, __LINE__);
+ array($data['password'], $aid), __FUNCTION__, __LINE__);
}
// Rebuild cache
if (($ret == 'pass') && (GET_EXT_VERSION('admins') >= '0.7.0')) {
// Update counter
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET login_failures=login_failures+1,last_failure=NOW() WHERE `id`=%s LIMIT 1",
- array($aid), __FUNCTION__, __LINE__);
+ array($aid), __FUNCTION__, __LINE__);
// Rebuild cache
rebuildCacheFiles('admins', 'admin');
if ((GET_EXT_VERSION('admins') >= '0.7.0') && ((EXT_VERSION_IS_OLDER('sql_patches', '0.3.6')) || (GET_EXT_VERSION('sql_patches') == ''))) {
// Reset counter on out-dated sql_patches version
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET login_failures=0,last_failure='0000-00-00 00:00:00' WHERE login='%s' LIMIT 1",
- array($adminLogin), __FUNCTION__, __LINE__);
+ array($adminLogin), __FUNCTION__, __LINE__);
// Rebuild cache
rebuildCacheFiles('admins', 'admin');
// Now set all session variables and return the result
return (
- (
- setSession('admin_md5', generatePassString($passHash))
- ) && (
- setSession('admin_login', $adminLogin)
- ) && (
- setSession('admin_last', time())
- ) && (
- setSession('admin_to', bigintval(REQUEST_POST('timeout')))
- )
+ (
+ setSession('admin_md5', generatePassString($passHash))
+ ) && (
+ setSession('admin_login', $adminLogin)
+ ) && (
+ setSession('admin_last', time())
+ ) && (
+ setSession('admin_to', bigintval(REQUEST_POST('timeout')))
+ )
);
}
// Only be executed on cookie checking
function CHECK_ADMIN_COOKIES ($admin_login, $password) {
// By default no admin cookies are found
- $ret = "404"; $pass = '';
+ $ret = '404'; $pass = '';
// Get hash
$pass = GET_ADMIN_HASH(GET_ADMIN_ID($admin_login));
- if ($pass != "-1") $ret = 'pass';
+ if ($pass != '-1') $ret = 'pass';
- //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):".generatePassString($pass)."(".strlen($pass).")/".$password."(".strlen($password).")<br />\n";
+ //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):".generatePassString($pass).'('.strlen($pass).")/".$password.'('.strlen($password).")<br />\n";
// Check if password matches
if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass)))) {
if ((ifAdminMenuHasEntries($menu)) && (SQL_NUMROWS($result_what) > 0)) {
$GLOBALS['menu']['description'] = array();
$GLOBALS['menu']['title'] = array(); $SUB = true;
- $OUT .= "<ul class=\"admin_menu_sub\">\n";
+ $OUT .= "<li class=\"admin_menu_sub\"><ul class=\"admin_menu_sub\">\n";
// @TODO Rewrite this to $content = SQL_FETCHARRAY()
while (list($wht_sub, $title_what, $desc_what) = SQL_FETCHROW($result_what)) {
// Check for access level
// USe this only for adding points (e.g. adding refs really makes no sence ;-) )
if ($add_all === true) $OUT = " <option value=\"all\">{--ALL_MEMBERS--}</option>\n";
- elseif ($none === true) $OUT = " <option value=\"0\">{--SELECT_NONE--}</option>\n";
+ elseif ($none === true) $OUT = " <option value=\"0\">{--SELECT_NONE--}</option>\n";
while ($content = SQL_FETCHARRAY($result)) {
$OUT .= " <option value=\"".bigintval($content['userid'])."\"";
$wht = "`what` != ''";
if ($mode == "action") $wht = "(`what`='' OR `what` IS NULL) AND action !='login'";
$result = SQL_QUERY_ESC("SELECT %s, title FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE ".$wht." ORDER BY `sort`",
- array($mode), __FUNCTION__, __LINE__);
+ array($mode), __FUNCTION__, __LINE__);
if (SQL_NUMROWS($result) > 0) {
// Load menu as selection
$OUT = "<select name=\"".$mode."_menu";
// Generate SQL string
$sql = sprintf("UPDATE `{!_MYSQL_PREFIX!}%s` SET %s WHERE %s LIMIT 1",
- $tableName,
- $DATA_UPDATE,
- $whereStatement
+ $tableName,
+ $DATA_UPDATE,
+ $whereStatement
);
} else {
// Add Line (does only work with auto_increment!
// Generate SQL string
$sql = sprintf("INSERT INTO {!_MYSQL_PREFIX!}%s (%s) VALUES (%s)",
- $tableName,
- $KEYs,
- $values
+ $tableName,
+ $KEYs,
+ $values
);
}
// Walk through all files
foreach ($menuArray as $file) {
// Is this a PHP script?
- if ((!isDirectory($file)) && (strpos($file, "".$type.'-') > -1) && (strpos($file, ".php") > 0)) {
+ if ((!isDirectory($file)) && (strpos($file, "".$type.'-') > -1) && (strpos($file, '.php') > 0)) {
// Then test if the file is readable
$test = sprintf("%sinc/modules/%s/%s", constant('PATH'), $menu, $file);
// Close selection box
$OUT .= "</select>\n";
-
+
// Return contents
return $OUT;
}
} elseif (GET_EXT_VERSION('admins') >= '0.6.7') {
// Load from database when version of 'admins' is enough
$result = SQL_QUERY_ESC("SELECT la_mode FROM `{!_MYSQL_PREFIX!}_admins` WHERE `id`=%s LIMIT 1",
- array($aid), __FUNCTION__, __LINE__);
+ array($aid), __FUNCTION__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Load data
list($ADMIN) = SQL_FETCHROW($result);
}
// Change activation status
-function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") {
+function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = 'id') {
$cnt = 0; $newStatus = 'Y';
if ((is_array($IDs)) && (count($IDs) > 0)) {
// "Walk" all through and count them
if (!empty($selected)) {
// Determine new status
$result = SQL_QUERY_ESC("SELECT %s FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
- array($row, $table, $idRow, $id), __FUNCTION__, __LINE__);
+ array($row, $table, $idRow, $id), __FUNCTION__, __LINE__);
// Row found?
if (SQL_NUMROWS($result) == 1) {
// Change this status
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_%s` SET %s='%s' WHERE %s=%s LIMIT 1",
- array($table, $row, $newStatus, $idRow, $id), __FUNCTION__, __LINE__);
+ array($table, $row, $newStatus, $idRow, $id), __FUNCTION__, __LINE__);
// Count up affected rows
$cnt += SQL_AFFECTEDROWS();
// Then list it
$OUT .= LOAD_TEMPLATE(sprintf("admin_%s_%s_row",
- $listType,
- $table
- ), true, $content
+ $listType,
+ $table
+ ), true, $content
);
// Switch color
// Load master template
LOAD_TEMPLATE(sprintf("admin_%s_%s",
- $listType,
- $table
- ), false, $OUT
+ $listType,
+ $table
+ ), false, $OUT
);
}
foreach ($IDs as $id => $sel) {
// Construct SQL query
$sql = sprintf("UPDATE `{!_MYSQL_PREFIX!}_%s` SET",
- SQL_ESCAPE($table)
+ SQL_ESCAPE($table)
);
// Load data of entry
$result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
- array($table, $idColumn, $id), __FUNCTION__, __LINE__);
+ array($table, $idColumn, $id), __FUNCTION__, __LINE__);
// Fetch the data
$content = SQL_FETCHARRAY($result);
// Finish SQL statement
$sql = substr($sql, 0, -1) . sprintf(" WHERE `%s`=%s AND `%s`='%s' LIMIT 1",
- $idColumn,
- bigintval($id),
- $statusColumn,
- $oldStatus
+ $idColumn,
+ bigintval($id),
+ $statusColumn,
+ $oldStatus
);
// Run the SQL
}
// Delete rows by given ID numbers
-function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $deleteNow=false, $idColumn="id", $userIdColumn='userid') {
+function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $deleteNow=false, $idColumn='id', $userIdColumn='userid') {
// All valid entries? (We hope so here!)
if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) {
// Shall we delete here or list for deletion?
if (REQUEST_ISSET_POST('uid_raw', $id)) {
// Load all data from that id
$result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
- array($table, $idColumn, $id), __FUNCTION__, __LINE__);
+ array($table, $idColumn, $id), __FUNCTION__, __LINE__);
// Fetch the data
$content = SQL_FETCHARRAY($result);
} // END - if
// Add id number
- $idList .= $id.",";
+ $idList .= $id . ',';
} // END - foreach
// Run the query
}
// Edit rows by given ID numbers
-function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $editNow=false, $idColumn="id", $userIdColumn='userid') {
+function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $editNow=false, $idColumn='id', $userIdColumn='userid') {
// All valid entries? (We hope so here!)
if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) {
// Shall we change here or list for editing?
// Prepare SQL for this row
$sql = sprintf("UPDATE `{!_MYSQL_PREFIX!}_ SET",
- SQL_ESCAPE($table)
+ SQL_ESCAPE($table)
);
foreach (REQUEST_POST_ARRAY() as $key => $entries) {
// Skip raw userid which is always invalid
// Then add this value
$sql .= sprintf(" %s='%s',",
- SQL_ESCAPE($key),
- SQL_ESCAPE($entries[$id])
+ SQL_ESCAPE($key),
+ SQL_ESCAPE($entries[$id])
);
} elseif (($key != $idColumn) && (!is_array($entries))) {
// Add normal entries as well!
// Load all data from that id
$result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE `%s`=%s LIMIT 1",
- array($table, $idColumn, $id), __FUNCTION__, __LINE__);
+ array($table, $idColumn, $id), __FUNCTION__, __LINE__);
// Fetch the data
global $DATA;
}
// Un-/lock rows by given ID numbers
-function ADMIN_LOCK_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn="id", $userIdColumn='userid') {
+function ADMIN_LOCK_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn='id', $userIdColumn='userid') {
// All valid entries? (We hope so here!)
if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && ((!$lockNow) || (count($statusArray) == 1))) {
// Shall we un-/lock here or list for locking?
}
// Undelete rows by given ID numbers
-function ADMIN_UNDELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn="id", $userIdColumn='userid') {
+function ADMIN_UNDELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn='id', $userIdColumn='userid') {
// All valid entries? (We hope so here!)
if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && ((!$lockNow) || (count($statusArray) == 1))) {
// Shall we un-/lock here or list for locking?
// Look up administator login
$result = SQL_QUERY_ESC("SELECT id, login, password FROM `{!_MYSQL_PREFIX!}_admins` WHERE email='%s' LIMIT 1",
- array($email), __FUNCTION__, __LINE__);
+ array($email), __FUNCTION__, __LINE__);
// Is there an account?
if (SQL_NUMROWS($result) == 0) {
// Then try to find that user
$result = SQL_QUERY_ESC("SELECT id, password, email FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1",
- array($login), __FUNCTION__, __LINE__);
+ array($login), __FUNCTION__, __LINE__);
// Is an account here?
if (SQL_NUMROWS($result) == 1) {
// Update database
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s' WHERE login='%s' LIMIT 1",
- array($passHash, $login), __FUNCTION__, __LINE__);
+ array($passHash, $login), __FUNCTION__, __LINE__);
// Run filters
runFilterChain('post_admin_reset_pass', array('login' => $login, 'hash' => $passHash));
if ($id <= 0) {
// Initiate backtrace
debug_report_bug(sprintf("id is invalid: %s. row=%s, data=%s",
- $id,
- $row,
- $data
+ $id,
+ $row,
+ $data
));
} // END - if
// Update the task
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_task_system` SET %s='%s' WHERE `id`=%s LIMIT 1",
- array($row, $data, bigintval($id)), __FUNCTION__, __LINE__);
+ array($row, $data, bigintval($id)), __FUNCTION__, __LINE__);
}
// Checks wether if the admin menu has entries
function ifAdminMenuHasEntries ($action) {
return (
- ((
- isset($GLOBALS['admin_menu_has_entries'][$action])
- ) && (
- $GLOBALS['admin_menu_has_entries'][$action] === true
- )) || (
- $action == "login"
- )
+ ((
+ isset($GLOBALS['admin_menu_has_entries'][$action])
+ ) && (
+ $GLOBALS['admin_menu_has_entries'][$action] === true
+ )) || (
+ $action == "login"
+ )
);
}