} // END - if
// Register an administrator account
-function addAdminAccount ($adminLogin, $passHash, $adminEmail) {
+function addAdminAccount ($adminLogin, $passHash, $adminEmail, $accessLevel = 'deny') {
// Login does already exist
$ret = 'already';
// Is the entry there?
if (SQL_HASZERONUMS($result)) {
- // Ok, let's create the admin login
- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')",
- array(
- $adminLogin,
- $passHash,
- $adminEmail
- ), __FUNCTION__, __LINE__);
+ // Is ext-admins installed and version at least 0.3.0?
+ if (isExtensionInstalledAndNewer('admins', '0.3.0')) {
+ // Ok, let's create the admin login
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`, `default_acl`) VALUES ('%s', '%s', '%s', '%s')",
+ array(
+ $adminLogin,
+ $passHash,
+ $adminEmail,
+ $accessLevel
+ ), __FUNCTION__, __LINE__);
+ } else {
+ // Ok, let's create the admin login
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')",
+ array(
+ $adminLogin,
+ $passHash,
+ $adminEmail
+ ), __FUNCTION__, __LINE__);
+ }
// All done
$ret = 'done';
$adminId = getAdminId($adminLogin);
// Continue only with found admin ids
- if ($adminId > 0) {
+ if (isValidId($adminId)) {
// Then we need to lookup the login name by getting the admin hash
$adminHash = getAdminHash($adminId);
if (!SQL_HASZERONUMS($result)) {
// Load menu as selection
$OUT = '<select name="' . $mode . '_menu';
- if ((!empty($defid)) || ($defid == '0')) $OUT .= '[' . $defid . ']';
+ if (!isValidId($defid)) $OUT .= '[' . intval($defid) . ']';
$OUT .= '" size="1" class="form_select">
<option value="">{--SELECT_NONE--}</option>';
// Load all entries
//* BUG: */ reportBug(__FUNCTION__, __LINE__, '<pre>'.print_r(postRequestArray(), TRUE).'</pre>');
foreach ($postData as $id => $val) {
// Process only formular field but not submit buttons ;)
- if ($id == 'ok') {
+ if ($id == 'save_config') {
// Skip this button
continue;
} // END - if
// Is there cache?
if (!isset($GLOBALS[__FUNCTION__][$userid][$title . '_' . $what])) {
// Is title empty and valid userid?
- if (($title == '') && (isValidUserId($userid))) {
+ if (($title == '') && (isValidId($userid))) {
// Set userid as title
$title = $userid;
- } elseif (!isValidUserId($userid)) {
+ } elseif (!isValidId($userid)) {
// User id zero is invalid
return '<strong>' . convertNullToZero($userid) . '</strong>';
}
// Add other columns as well
foreach (postRequestArray() as $key => $entries) {
// Debug message
- logDebugMessage(__FUNCTION__, __LINE__, 'Found entry: ' . $key);
+ /* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Found entry: ' . $key);
// Skip id, raw userid and 'do_$mode'
if (!in_array($key, array($idColumn[0], $rawUserId[0], ('do_' . $mode)))) {
// Add entry
$content[$key] = $entries[$id];
}
- } else {
+ } elseif (isDebugModeEnabled()) {
// Skipped entry
logDebugMessage(__FUNCTION__, __LINE__, 'Skipped: ' . $key);
}
mergeConfig($settingsArray);
// Now get the test URL
- $content = sendGetRequest('check-updates3.php');
+ $content = sendHttpGetRequest('check-updates3.php');
// Is the first line with "200 OK"?
$valid = isInString('200 OK', $content[0]);
// Creates a link to the user's admin-profile
function adminCreateUserLink ($userid) {
// Is the userid set correctly?
- if (isValidUserId($userid)) {
+ if (isValidId($userid)) {
// Create a link to that profile
return '{%url=modules.php?module=admin&what=list_user&userid=' . bigintval($userid) . '%}';
} // END - if
$adminLink = '{--ADMIN_NO_ADMIN_ASSIGNED--}';
// Zero? = Not assigned
- if (isValidUserId($adminId)) {
+ if (isValidId($adminId)) {
// Load admin's login
$login = getAdminLogin($adminId);
// Okay, does he want to see them?
if (isAdminsExpertWarningEnabled()) {
// Ask for them
- if (isFormSent()) {
+ if (isFormSent('save_expert')) {
// Is the element set, then we need to change the admin
if (isPostRequestElementSet('expert_settings')) {
// Get it and prepare final post data array
$NAV .= '<a href="{%url=modules.php?module=admin&what=' . getWhat() . '&page=' . $page . '&offset=' . $offset;
// Add userid when we shall show all mails from a single member
- if ((isGetRequestElementSet('userid')) && (isValidUserId(getRequestElement('userid')))) $NAV .= '&userid=' . bigintval(getRequestElement('userid'));
+ if ((isGetRequestElementSet('userid')) && (isValidId(getRequestElement('userid')))) $NAV .= '&userid=' . bigintval(getRequestElement('userid'));
// Close open anchor tag
$NAV .= '%}">';
} // END - if
}
+// Function to register first admin
+function registerFirstAdmin () {
+ // Make sure that no admin is registered
+ assert(!isAdminRegistered());
+
+ // Admin is not registered so we have to inform the user
+ if ((isFormSent('add_first_admin')) && ((!isPostRequestElementSet('admin_login')) || (!isPostRequestElementSet('admin_password1')) || (strlen(postRequestElement('admin_password1')) < getConfig('minium_admin_pass_length')) || (!isPostRequestElementSet('admin_password2')) || (strlen(postRequestElement('admin_password2')) < getConfig('minium_admin_pass_length')) || (postRequestElement('admin_password1') != postRequestElement('admin_password2')))) {
+ setPostRequestElement('add_first_admin', '***');
+ } // END - if
+
+ // Clear error message
+ $errorMessage = '';
+ $ret = 'init';
+
+ // Is form for first admin sent?
+ if ((isFormSent('add_first_admin')) && (postRequestElement('add_first_admin') != '***')) {
+ // Hash the password with the old function because we are here in install mode
+ $hashedPass = md5(postRequestElement('admin_password1'));
+
+ // Kill maybe existing session variables
+ destroyAdminSession();
+
+ // Do registration
+ $ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster(), 'allow');
+
+ // Check if registration wents fine
+ switch ($ret) {
+ case 'done':
+ // Change ADMIN_REGISTERED entry
+ $done = changeDataInLocalConfigurationFile('ADMIN-SETUP', "setConfigEntry('ADMIN_REGISTERED', '", "');", 'Y', 0);
+
+ // Was it successfull?
+ if ($done === TRUE) {
+ // Registering is done
+ redirectToUrl('modules.php?module=admin&register=done');
+ } else {
+ // Registration incomplete
+ $errorMessage = '{--ADMIN_CANNOT_COMPLETE--}';
+
+ // Set this to have our error message displayed
+ setPostRequestElement('add_first_admin', '***');
+ }
+ break;
+
+ case 'failed': // Registration has failed
+ $errorMessage = '{--ADMIN_REGISTER_FAILED--}';
+
+ // Set this to have our error message displayed
+ setPostRequestElement('add_first_admin', '***');
+ break;
+
+ case 'already': // Admin does already exists!
+ $errorMessage = '{--ADMIN_LOGIN_ALREADY_REG--}';
+
+ // Set this to have our error message displayed
+ setPostRequestElement('add_first_admin', '***');
+ break;
+
+ default:
+ // Any other kind will be logged
+ $errorMessage = sprintf("Unknown return code %s from ifAdminLoginDataIsValid().", $ret);
+ logDebugMessage(__FUNCTION__, __LINE__, $errorMessage);
+
+ // Set this to have our error message displayed
+ setPostRequestElement('add_first_admin', '***');
+ break;
+ } // END - switch
+ } // END - if
+
+ // Whas that action okay?
+ if ($ret != 'done') {
+ // Init login name
+ $content['admin_login'] = '';
+ if (isPostRequestElementSet('admin_login')) {
+ $content['admin_login'] = postRequestElement('admin_login');
+ } // END - if
+
+ // Init array elements
+ $content['login_message'] = '';
+ $content['password1_message'] = '';
+ $content['password2_message'] = '';
+ $content['error_message'] = '';
+
+ // Yet-another notice-fix
+ if ((isFormSent('add_first_admin')) && (postRequestElement('add_first_admin') == '***')) {
+ // Init variables
+ $loginMessage = '';
+ $password1Message = '';
+ $password2Message = '';
+
+ // No login entered?
+ if (empty($content['admin_login'])) {
+ $loginMessage = '{--ADMIN_NO_LOGIN--}';
+ } // END - if
+
+ // An error comes back from registration?
+ if ((!empty($ret)) && ($ret != 'init')) {
+ $loginMessage = $errorMessage;
+ } // END - if
+
+ // No password 1 entered or to short?
+ if (!isPostRequestElementSet('admin_password1')) {
+ $password1Message = '{--ADMIN_NO_PASSWORD1--}';
+ } elseif (strlen(postRequestElement('admin_password1')) < getConfig('minium_admin_pass_length')) {
+ $password1Message = '{--ADMIN_SHORT_PASSWORD1--}';
+ }
+
+ // No password 2 entered or to short?
+ if (!isPostRequestElementSet('admin_password2')) {
+ $password2Message = '{--ADMIN_NO_PASSWORD2--}';
+ } elseif (strlen(postRequestElement('admin_password2')) < getConfig('minium_admin_pass_length')) {
+ $password2Message = '{--ADMIN_SHORT_PASSWORD2--}';
+ }
+
+ // Both didn't match?
+ if (postRequestElement('admin_password1') != postRequestElement('admin_password2')) {
+ // No match
+ if (empty($password1Message)) $password1Message = '{--ADMIN_PASSWORD1_MISMATCH--}';
+ if (empty($password2Message)) $password2Message = '{--ADMIN_PASSWORD2_MISMATCH--}';
+ } // END - if
+
+ // Output error messages
+ $content['login_message'] = loadTemplate('admin_login_msg', TRUE, $loginMessage);
+ $content['password1_message'] = loadTemplate('admin_login_msg', TRUE, $password1Message);
+ $content['password2_message'] = loadTemplate('admin_login_msg', TRUE, $password2Message);
+ $content['error_message'] = loadTemplate('admin_login_msg', TRUE, $errorMessage);
+ } // END - if
+
+ // Output message in seperate template
+ displayMessage('{--ADMIN_ACCOUNT_NOT_REGISTERED_YET--}');
+
+ // Load register template
+ loadTemplate('admin_reg_form', FALSE, $content);
+ } // END - if
+}
+
// [EOF]
?>