major login problems fixed and some code-improvements

[mailer.git] / inc / modules / admin / admin-inc.php

diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index 9e2e39a423da4f3f4c8646bd4dc6727e15c89a44..c2a5e2445854213130b8bf19e3fb7b11f659ef4a 100644 (file)
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -127,24 +127,19 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password)
        return $ret;
 }
 // Only be executed on cookie checking
-function CHECK_ADMIN_COOKIES ($admin_login, $password)
-{
+function CHECK_ADMIN_COOKIES ($admin_login, $password) {
        global $ADMINS, $_CONFIG;
        $ret = "404"; $pass = "";
-       if (!empty($ADMINS['aid'][$admin_login]))
-       {
+       if (!empty($ADMINS['aid'][$admin_login])) {
                // Get password from cache
                $pass = $ADMINS['password'][$admin_login];
                $ret = "pass";
                $_CONFIG['cache_hits']++;
-       }
-        else
-       {
+       } else {
                // Get password from DB
                $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
                 array($admin_login), __FILE__, __LINE__);
-               if (SQL_NUMROWS($result) == 1)
-               {
+               if (SQL_NUMROWS($result) == 1) {
                        $ret = "pass";
                        list($pass) = SQL_FETCHROW($result);
                        SQL_FREERESULT($result);
@@ -154,11 +149,12 @@ function CHECK_ADMIN_COOKIES ($admin_login, $password)
        //* DEBUG: */ echo "*".$pass."/".$password."<br />";
 
        // Check if password matches
-       if (($ret == "pass") && ((generatePassString($pass) == $password) || ($pass == $password)))
-       {
+       if (($ret == "pass") && ((generatePassString($pass) == $password) || ($pass == $password))) {
                // Passwords matches!
                $ret = "done";
        }
+
+       // Return result
        return $ret;
 }
 //
@@ -249,8 +245,8 @@ function ADMIN_DO_ACTION($wht)
        $act = GET_ACTION($GLOBALS['module'], $wht);
 
        // Define admin login name and ID number
-       define('__ADMIN_LOGIN', SQL_ESCAPE($_COOKIE['admin_login']));
-       define('__ADMIN_ID'   , GET_ADMIN_ID($_COOKIE['admin_login']));
+       define('__ADMIN_LOGIN', SQL_ESCAPE($_SESSION['admin_login']));
+       define('__ADMIN_ID'   , GET_ADMIN_ID($_SESSION['admin_login']));
 
        // Preload templates
        if (EXT_IS_ACTIVE("admins")) {
@@ -679,23 +675,23 @@ function ADMIN_USER_PROFILE_LINK($uid, $title="", $wht="list_user")
 //
 function ADMIN_CHECK_MENU_MODE()
 {
-       global $_CONFIG, $ADMINS, $_COOKIE;
+       global $_CONFIG, $ADMINS, $_SESSION;
 
        // Set the global mode as the mode for all admins
        $MODE = $_CONFIG['admin_menu']; $ADMIN = $MODE;
 
        // Check individual settings of current admin
-       if (isset($ADMINS['la_mode'][$_COOKIE['admin_login']]))
+       if (isset($ADMINS['la_mode'][$_SESSION['admin_login']]))
        {
                // Load from cache
-               $ADMIN = $ADMINS['la_mode'][$_COOKIE['admin_login']];
+               $ADMIN = $ADMINS['la_mode'][$_SESSION['admin_login']];
                $_CONFIG['cache_hits']++;
        }
         elseif (GET_EXT_VERSION("admins") >= "0.6.7")
        {
                // Load from database when version of "admins" is enough
                $result = SQL_QUERY_ESC("SELECT la_mode FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
-                array($_COOKIE['admin_login']), __FILE__, __LINE__);
+                array($_SESSION['admin_login']), __FILE__, __LINE__);
                if (SQL_NUMROWS($result) == 1)
                {
                        // Load data