* -------------------------------------------------------------------- *
* Kurzbeschreibung : Admin-ACLs einstellen *
* -------------------------------------------------------------------- *
- * *
+ * $Revision:: 856 $ *
+ * $Date:: 2009-03-06 20:24:32 +0100 (Fr, 06. March 2009) $ *
+ * $Tag:: 0.2.1-FINAL $ *
+ * $Author:: stelzi $ *
+ * Needs to be in all Files and every File needs "svn propset *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2008 by Roland Haeder *
* For more information visit: http://www.mxchange.org *
************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
$SEL = 0;
-if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']);
+if (REQUEST_ISSET_POST('sel')) $SEL = SELECTION_COUNT(REQUEST_POST('sel'));
-if ((isset($_POST['edit'])) && ($SEL > 0))
-{
+if ((REQUEST_ISSET_POST('edit')) && ($SEL > 0)) {
// Edit ACLs
- $SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$sel)
- {
+ $OUT = ""; $SW = 2;
+ foreach (REQUEST_POST('sel') as $id => $selected) {
// Load data for the ID
- $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($aid, $act, $wht, $mode) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
'mode_options' => ADD_OPTION_LINES(
"/ARRAY/",
array("allow", "deny"),
- array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE),
+ array(constant('ADMINS_ALLOW_MODE'), constant('ADMINS_DENY_MODE')),
$mode
),
);
// Load main template
LOAD_TEMPLATE("admin_config_admins_edit");
-}
- elseif ((isset($_POST['change'])) && ($SEL > 0))
-{
+} elseif ((REQUEST_ISSET_POST(('change'))) && ($SEL > 0)) {
// Change entries
- foreach ($_POST['sel'] as $id=>$sel)
- {
+ foreach (REQUEST_POST('sel') as $id => $selected) {
// Secure ID
$id = bigintval($id);
// Update entries
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins_acls SET admin_id=%s, action_menu='%s', what_menu='%s', access_mode='%s' WHERE id=%s LIMIT 1",
- array($_POST['admin'][$id], $_POST['action_menu'][$id], $_POST['what_menu'][$id], $_POST['mode'][$id], $id),__FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins_acls` SET admin_id=%s, action_menu='%s', what_menu='%s', access_mode='%s' WHERE id=%s LIMIT 1",
+ array(
+ REQUEST_POST('admin', $id),
+ REQUEST_POST('action_menu', $id),
+ REQUEST_POST('what_menu', $id),
+ REQUEST_POST('mode', $id),
+ $id
+ ),__FILE__, __LINE__);
}
// Update cache when installed
- if (EXT_IS_ACTIVE("cache"))
- {
- if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
+ if (EXT_IS_ACTIVE("cache")) {
+ if ($GLOBALS['cache_instance']->loadCacheFile("admins_acls")) $GLOBALS['cache_instance']->destroyCacheFile();
+
+ // Purge menu cache
+ CACHE_PURGE_ADMIN_MENU(REQUEST_POST('admin', $id));
}
// Entries changed
- LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_CHANGED);
-}
- elseif ((isset($_POST['del'])) && ($SEL > 0))
-{
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ADMINS_ENTRIES_CHANGED'));
+} elseif ((REQUEST_ISSET_POST('del')) && ($SEL > 0)) {
// Delete ACLs
- $SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$sel)
- {
+ $OUT = ""; $SW = 2;
+ foreach (REQUEST_POST('sel') as $id => $selected) {
// Load data for the ID
- $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
- array(bigintval($id)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE id=%s LIMIT 1",
+ array(bigintval($id)), __FILE__, __LINE__);
list($admin, $act, $wht, $mode) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Prepare variables
if (empty($act)) $act = "---";
- if (empty($wht)) $wht = "---";
- $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;";
- eval($eval);
-
- // Load admin's data
- $login = GET_ADMIN_LOGIN($admin);
- if ($login != "***")
- {
- // Admin found
- $admin = "<A href=\"".URL."/modules.php?module=admin&what=admins_contct&admin=".$admin."\">".$login."</A>";
- }
- else
- {
- // Maybe deleted?
- $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
- }
+ if (empty($wht)) $wht = "---";
+
+ // Get admin mode
+ $mode = constant('ADMINS_'.strtoupper($mode).'_MODE');
+
+ // Generate link
+ $admin = GENERATE_AID_LINK($admin);
// Prepare data for the row template
$content = array(
// Load main template
LOAD_TEMPLATE("admin_config_admins_del");
-}
- elseif ((isset($_POST['remove'])) && ($SEL > 0))
-{
+} elseif ((REQUEST_ISSET_POST(('remove'))) && ($SEL > 0)) {
// Remove entries
- foreach ($_POST['sel'] as $id=>$sel)
- {
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
- array(bigintval($id)),__FILE__, __LINE__);
+ foreach (REQUEST_POST('sel') as $id => $selected) {
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE id=%s LIMIT 1",
+ array(bigintval($id)),__FILE__, __LINE__);
}
// Update cache when installed
- if (EXT_IS_ACTIVE("cache"))
- {
- if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
+ if (EXT_IS_ACTIVE("cache")) {
+ if ($GLOBALS['cache_instance']->loadCacheFile("admins_acls")) $GLOBALS['cache_instance']->destroyCacheFile();
+
+ // @TODO This causes the whole (!) menu cache being rebuild
+ CACHE_PURGE_ADMIN_MENU();
}
// Entries deleted
- LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_DELETED);
-}
- elseif (isset($_POST['add']))
-{
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ADMINS_ENTRIES_DELETED'));
+} elseif (REQUEST_ISSET_POST(('add'))) {
// Check if everything is fine...
- $result = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
- array(bigintval($_POST['admin_id'])), __FILE__, __LINE__);
- list($mode) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+ $mode = GET_ADMIN_DEFAULT_ACL(bigintval(REQUEST_POST('admin_id')));
// Default ACL is false
$ACL = false;
- if (!empty($_POST['what_menu']))
- {
+ if (REQUEST_ISSET_POST(('what_menu'))) {
// Check parent ACL
- $ACL = ADMINS_CHECK_ACL(GET_ACTION("admin", $_POST['what_menu']), "");
+ $ACL = ADMINS_CHECK_ACL(GET_ACTION("admin", REQUEST_POST('what_menu')), "");
}
- if ($mode != $_POST['mode'] || ($ACL))
- {
+ if ($mode != REQUEST_POST('mode') || ($ACL)) {
// Mode is fine
- $BOTH = ((!empty($_POST['action_menu'])) && (!empty($_POST['what_menu'])));
- if (((!empty($_POST['action_menu'])) || (!empty($_POST['what_menu']))) && (!$BOTH))
- {
+ $BOTH = ((REQUEST_ISSET_POST(('action_menu'))) && (REQUEST_ISSET_POST(('what_menu'))));
+ if (((REQUEST_ISSET_POST(('action_menu'))) || (REQUEST_ISSET_POST(('what_menu')))) && (!$BOTH)) {
// Main or sub menu selected
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%s AND action_menu='%s' AND what_menu='%s' LIMIT 1",
- array(bigintval($_POST['admin_id']), $_POST['action_menu'], $_POST['what_menu']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0)
- {
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE admin_id=%s AND action_menu='%s' AND what_menu='%s' LIMIT 1",
+ array(bigintval(REQUEST_POST('admin_id')), REQUEST_POST('action_menu'), REQUEST_POST('what_menu')), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 0) {
// Finally add the new ACL
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins_acls (admin_id, action_menu, what_menu, access_mode)
-VALUES ('%s', '%s', '%s', '%s')",
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins_acls` (admin_id, action_menu, what_menu, access_mode)
+VALUES ('%s','%s','%s','%s')",
array(
- $_POST['admin_id'],
- $_POST['action_menu'],
- $_POST['what_menu'],
- $_POST['mode']
+ bigintval(REQUEST_POST('admin_id')),
+ REQUEST_POST('action_menu'),
+ REQUEST_POST('what_menu'),
+ REQUEST_POST('mode')
), __FILE__, __LINE__);
- $content = ADMIN_ADMINS_ACL_SAVED;
+ $content = getMessage('ADMIN_ADMINS_ACL_SAVED');
// Update cache when installed
- if (EXT_IS_ACTIVE("cache"))
- {
- if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
- }
- }
- else
- {
+ if (EXT_IS_ACTIVE("cache")) {
+ if ($GLOBALS['cache_instance']->loadCacheFile("admins_acls")) $GLOBALS['cache_instance']->destroyCacheFile();
+
+ // Purge cache
+ CACHE_PURGE_ADMIN_MENU(REQUEST_POST('admin_id'), REQUEST_POST('action_menu'), REQUEST_POST('what_menu'));
+ } // END - if
+ } else {
// ACL does already exist!
- $content = ADMIN_ADMINS_ACL_ALREADY_ADDED;
+ $content = getMessage('ADMIN_ADMINS_ACL_ALREADY_ADDED');
}
// Free memory
SQL_FREERESULT($result);
- }
- else
- {
+ } else {
// No menu selected makes also no sence...
- $content = ADMIN_ADMINS_SELECT_ACTION_WHAT;
+ $content = getMessage('ADMIN_ADMINS_SELECT_ACTION_WHAT');
}
- }
- else
- {
+ } else {
// Same mode makes no sence...
- $content = ADMIN_ADMINS_SAME_MODE_SELECTED;
+ $content = getMessage('ADMIN_ADMINS_SAME_MODE_SELECTED');
}
// Display message
LOAD_TEMPLATE("admin_settings_saved", false, $content);
-}
- else
-{
+} else {
// List all ACLs
- $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls ORDER BY admin_id, id", __FILE__, __LINE__);
- if (SQL_NUMROWS($result_acls) > 0)
- {
+ $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` ORDER BY admin_id, id", __FILE__, __LINE__);
+ if (SQL_NUMROWS($result_acls) > 0) {
// List ACLs
- $SW = 2; $OUT = "";
- while(list($id, $admin, $act, $wht, $mode) = SQL_FETCHROW($result_acls))
- {
+ $OUT = ""; $SW = 2;
+ while ($content = SQL_FETCHARRAY($result_acls)) {
// Prepare variables
- if (empty($act)) $act = "---";
- if (empty($wht)) $wht = "---";
- $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;";
- eval($eval);
-
- // Load admin's data
- $login = GET_ADMIN_LOGIN($admin);
- if ($login != "***")
- {
- // Admin found
- $admin = "<A href=\"".URL."/modules.php?module=admin&what=admins_contct&admin=".$admin."\">".$login."</A>";
- }
- else
- {
- // Maybe deleted?
- $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
- }
+ if (empty($content['action_menu'])) $content['action_menu'] = "---";
+ if (empty($content['what_menu'])) $content['what_menu'] = "---";
+
+ // Get mode
+ $content['access_mode'] = constant('ADMINS_'.strtoupper($content['access_mode']).'_MODE');
// Prepare data for the row template
$content = array(
'sw' => $SW,
- 'id' => $id,
- 'admin' => $admin,
- 'action' => $act,
- 'what' => $wht,
- 'mode' => $mode,
+ 'id' => $content['id'],
+ 'admin' => GENERATE_AID_LINK($content['admin_id']),
+ 'action' => $content['action_menu'],
+ 'what' => $content['what_menu'],
+ 'mode' => $content['access_mode'],
);
// Load row template and switch colors
define('_ADMINS_SELECTION', ADD_OPTION_LINES("admins", "id", "login", "", "default_acl"));
define('_ACTION_SELECTION', ADMIN_MENU_SELECTION("action"));
define('_WHAT_SELECTION' , ADMIN_MENU_SELECTION("what"));
- define('_MODE_OPTIONS' , ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE)));
+ define('_MODE_OPTIONS' ,
+ ADD_OPTION_LINES(
+ "/ARRAY/",
+ array("allow", "deny"),
+ array(
+ getMessage('ADMINS_ALLOW_MODE'),
+ getMessage('ADMINS_DENY_MODE')
+ )
+ )
+ );
// Load template for adding new ACL
LOAD_TEMPLATE("admin_admins_add_acl");
}
+
//
?>