* -------------------------------------------------------------------- *
* Kurzbeschreibung : Administrationsmodul *
* -------------------------------------------------------------------- *
- * $Revision:: 856 $ *
- * $Date:: 2009-03-06 20:24:32 +0100 (Fr, 06. Mär 2009) $ *
+ * $Revision:: $ *
+ * $Date:: $ *
* $Tag:: 0.2.1-FINAL $ *
- * $Author:: stelzi $ *
+ * $Author:: $ *
* Needs to be in all Files and every File needs "svn propset *
* svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
* -------------------------------------------------------------------- *
// Some security stuff...
if (!defined('__SECURITY')) {
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
+ $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
require($INC);
}
$done = changeDataInFile(constant('PATH')."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0);
if ($done === true) {
// Registering is done
- LOAD_URL("modules.php?module=admin&register=done");
+ LOAD_URL('modules.php?module=admin&register=done');
} else {
$ret = getMessage('ADMIN_CANNOT_COMPLETE');
}
break;
- case "failed":
+ case 'failed':
$ret = getMessage('ADMIN_REGISTER_FAILED');
break;
- case "already":
+ case 'already':
default:
- if ($ret == "already") {
+ if ($ret == 'already') {
// Admin does already exists!
$ret = getMessage('ADMIN_LOGIN_ALREADY_REG');
} else {
// Any other kind will be logged and interpreted as 'done'
DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_LOGIN() and interpreted as 'done'!", $ret));
// @TODO Why is this set to 'done'?
- $ret = "done";
+ $ret = 'done';
}
// Admin still not registered?
changeDataInFile(constant('PATH')."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0);
// Load URL for login
- LOAD_URL("modules.php?module=admin");
+ LOAD_URL('modules.php?module=admin');
} // END - if
break;
}
}
// Whas that action okay?
- if ($ret != "done") {
- // Fixes another "Notice"
+ if ($ret != 'done') {
+ // Fixes another notice
if (REQUEST_ISSET_POST(('login'))) {
define('__LOGIN_VALUE', REQUEST_POST('login'));
} else {
- define('__LOGIN_VALUE', "");
+ define('__LOGIN_VALUE', '');
}
- // Yet-another "Notice" fix
- if ((IS_FORM_SENT()) && (REQUEST_POST('ok') == "***")) {
+ // Yet-another notice-fix
+ if ((IS_FORM_SENT()) && (REQUEST_POST('ok') == '***')) {
// No login entered?
- if (!REQUEST_ISSET_POST(('login'))) $MSG1 = getMessage('ADMIN_NO_LOGIN');
+ if (!REQUEST_ISSET_POST(('login'))) $loginMessage = getMessage('ADMIN_NO_LOGIN');
// An error comes back from registration?
- if (!empty($ret)) $MSG1 = $ret;
+ if (!empty($ret)) $loginMessage = $ret;
// No password entered?
- if (!REQUEST_ISSET_POST(('pass'))) $MSG2 = getMessage('ADMIN_NO_PASS');
+ if (!REQUEST_ISSET_POST(('pass'))) $passwdMessage = getMessage('ADMIN_NO_PASS');
// Or password too short?
- if (strlen(REQUEST_POST('pass')) < 4) $MSG2 = getMessage('ADMIN_SHORT_PASS');
+ if (strlen(REQUEST_POST('pass')) < 4) $passwdMessage = getMessage('ADMIN_SHORT_PASS');
// Output error messages
- define('__MSG_LOGIN', LOAD_TEMPLATE("admin_login_msg", true, $MSG1));
- define('__MSG_PASS', LOAD_TEMPLATE("admin_login_msg", true, $MSG2));
+ define('__MSG_LOGIN', LOAD_TEMPLATE('admin_login_msg', true, $loginMessage));
+ define('__MSG_PASS', LOAD_TEMPLATE('admin_login_msg', true, $passwdMessage));
// Reset variables
- $MSG1 = ""; $MSG2 = "";
- } else {
+ $loginMessage = ''; $passwdMessage = '';
+ } else {
// Reset values to nothing
- define('__MSG_LOGIN', "");
- define('__MSG_PASS' , "");
+ define('__MSG_LOGIN', '');
+ define('__MSG_PASS' , '');
}
+ // Output message in seperate template
+ LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_NOT_REGISTERED'));
+
// Load register template
- LOAD_TEMPLATE("admin_reg_form");
+ LOAD_TEMPLATE('admin_reg_form');
}
} elseif (REQUEST_ISSET_GET(('reset_pass'))) {
// Is the form submitted?
$OUT = ADMIN_SEND_PASSWORD_RESET_LINK(REQUEST_POST('email'));
// Output result
- LOAD_TEMPLATE("admin_settings_saved", false, $OUT);
+ LOAD_TEMPLATE('admin_settings_saved', false, $OUT);
} elseif (REQUEST_ISSET_GET(('hash'))) {
// Output form for hash validation
- LOAD_TEMPLATE("admin_validate_reset_hash_form", false, REQUEST_GET('hash'));
+ LOAD_TEMPLATE('admin_validate_reset_hash_form', false, REQUEST_GET('hash'));
} elseif ((REQUEST_ISSET_POST(('validate_hash'))) && (REQUEST_ISSET_POST(('login'))) && (REQUEST_ISSET_POST(('hash')))) {
// Validate the login data and hash
$valid = ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN(REQUEST_POST('hash'), REQUEST_POST('login'));
);
// Validation okay so display form for final password change
- LOAD_TEMPLATE("admin_reset_password_form", false, $content);
+ LOAD_TEMPLATE('admin_reset_password_form', false, $content);
} else {
// Cannot validate the login data and hash
- LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED'));
+ LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED'));
}
} elseif ((REQUEST_ISSET_POST(('reset_pass'))) && (REQUEST_ISSET_POST(('hash'))) && (REQUEST_ISSET_POST(('login'))) && (REQUEST_ISSET_POST(('pass1'))) && (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) {
// Okay, we shall the admin password here. So first revalidate the hash
$OUT = ADMIN_RESET_PASSWORD(REQUEST_POST('login'), REQUEST_POST('pass1'));
// Output result
- LOAD_TEMPLATE("admin_reset_pass_done", false, $OUT);
+ LOAD_TEMPLATE('admin_reset_pass_done', false, $OUT);
} else {
// Validation failed
- LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2'));
+ LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2'));
}
} else {
// Output reset password form
- LOAD_TEMPLATE("admin_send_reset_link");
+ LOAD_TEMPLATE('admin_send_reset_link');
}
} elseif ((!isSessionVariableSet('admin_login')) || (!isSessionVariableSet('admin_md5')) || (!isSessionVariableSet('admin_last')) || (!isSessionVariableSet('admin_to')) || ((get_session('admin_last') + bigintval(get_session('admin_to')) * 3600 * 24) < time())) {
// At leat one administrator account was created
if ((isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5')) && (isSessionVariableSet('admin_last')) && (isSessionVariableSet('admin_to'))) {
// Timeout for last login, we have to logout first!
- LOAD_URL("modules.php?module=admin&logout=1");
+ LOAD_URL('modules.php?module=admin&logout=1');
} // END - if
if (REQUEST_ISSET_GET(('register'))) {
// Registration of first admin is done
- if (REQUEST_GET('register') == "done") LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_REGISTER_DONE'));
+ if (REQUEST_GET('register') == 'done') LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_REGISTER_DONE'));
} // END - if
// Check if the admin has submitted data or not
if ((IS_FORM_SENT()) && ((!REQUEST_ISSET_POST(('login'))) || (!REQUEST_ISSET_POST(('pass'))) || (strlen(REQUEST_POST('pass')) < 4))) {
- REQUEST_SET_POST('ok', "***");
- }
+ REQUEST_SET_POST('ok', '***');
+ } // END - if
- if ((IS_FORM_SENT()) && (REQUEST_POST('ok') != "***")) {
+ if ((IS_FORM_SENT()) && (REQUEST_POST('ok') != '***')) {
// All required data was entered so we check his account
$ret = CHECK_ADMIN_LOGIN(REQUEST_POST('login'), REQUEST_POST('pass'));
// Which status do we have?
switch ($ret)
{
- case "done": // Admin and password are okay, so we log in now
+ case 'done': // Admin and password are okay, so we log in now
// Construct URL and redirect
- $URL = "modules.php?module=admin&";
+ $URL = 'modules.php?module=admin&';
// Rewrite overview module
- if ($GLOBALS['what'] == "overview") {
+ if ($GLOBALS['what'] == 'overview') {
$GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']);
} // END - if
// Add data to URL
- if (!empty($GLOBALS['what'])) $URL .= "what=".$GLOBALS['what'];
- elseif (!empty($GLOBALS['action'])) $URL .= "action=".$GLOBALS['action'];
- elseif (REQUEST_ISSET_GET(('area'))) $URL .= "area=".REQUEST_GET('area');
+ if (!empty($GLOBALS['what'])) $URL .= 'what='.$GLOBALS['what'];
+ elseif (!empty($GLOBALS['action'])) $URL .= 'action='.$GLOBALS['action'];
+ elseif (REQUEST_ISSET_GET('area')) $URL .= 'area='.REQUEST_GET('area');
// Load URL
LOAD_URL($URL);
break;
- case "404": // Administrator login not found
+ case '404': // Administrator login not found
REQUEST_SET_POST('ok', $ret);
$ret = getMessage('ADMIN_NOT_FOUND');
destroyAdminSession();
break;
- case "pass": // Wrong password
+ case 'pass': // Wrong password
REQUEST_SET_POST('ok', $ret);
- $ret = "{--WRONG_PASS--} [<a href=\"{!URL!}/modules.php?module=admin&reset_pass=1\">{--ADMIN_RESET_PASS--}</a>]\n";
+ $ret = '{--WRONG_PASS--} [<a href="{!URL!}/modules.php?module=admin&reset_pass=1">{--ADMIN_RESET_PASS--}</a>]';
destroyAdminSession();
break;
} // END - if
// Error detected?
- if ($ret != "done") {
+ // @TODO Rewrite all these constants
+ if ($ret != 'done') {
if (REQUEST_ISSET_POST(('login'))) {
define('__LOGIN_VALUE', REQUEST_POST('login'));
} else {
- define('__LOGIN_VALUE', "");
+ define('__LOGIN_VALUE', '');
}
if (IS_FORM_SENT()) {
// Set messages to zero
- $MSG1 = ""; $MSG2 = "";
+ $loginMessage = ''; $passwdMessage = '';
// No login entered?
- if (!REQUEST_ISSET_POST(('login'))) $MSG1 = getMessage('ADMIN_NO_LOGIN');
+ if (!REQUEST_ISSET_POST(('login'))) $loginMessage = getMessage('ADMIN_NO_LOGIN');
// An error comes back from login?
- if ((!empty($ret)) && (REQUEST_POST('ok') == "404")) $MSG1 = $ret;
+ if ((!empty($ret)) && (REQUEST_POST('ok') == '404')) $loginMessage = $ret;
// No password entered?
- if (!REQUEST_ISSET_POST(('pass'))) $MSG2 = getMessage('ADMIN_NO_PASS');
+ if (!REQUEST_ISSET_POST(('pass'))) $passwdMessage = getMessage('ADMIN_NO_PASS');
// Or password too short?
- if (strlen(REQUEST_POST('pass')) < 4) $MSG2 = getMessage('ADMIN_SHORT_PASS');
+ if (strlen(REQUEST_POST('pass')) < 4) $passwdMessage = getMessage('ADMIN_SHORT_PASS');
// An error comes back from login?
- if ((!empty($ret)) && (REQUEST_POST('ok') == "pass")) $MSG2 = $ret;
+ if ((!empty($ret)) && (REQUEST_POST('ok') == 'pass')) $passwdMessage = $ret;
// Load message template
- define('__MSG_LOGIN', LOAD_TEMPLATE("admin_login_msg", true, $MSG1));
- define('__MSG_PASS' , LOAD_TEMPLATE("admin_login_msg", true, $MSG2));
+ define('__MSG_LOGIN', LOAD_TEMPLATE('admin_login_msg', true, $loginMessage));
+ define('__MSG_PASS' , LOAD_TEMPLATE('admin_login_msg', true, $passwdMessage));
// Reset variables
- $MSG1 = ""; $MSG2 = "";
- } else {
+ unset($loginMessage);
+ unset($passwdMessage);
+ } else {
// Set constants to empty for hiding them
- define('__MSG_LOGIN', "");
- define('__MSG_PASS' , "");
+ define('__MSG_LOGIN', '');
+ define('__MSG_PASS' , '');
}
// Load login form
if (!empty($GLOBALS['what'])) {
// Restore old what value
- $content = array('target' => "what", 'value' => $GLOBALS['what']);
+ $content = array('target' => 'what', 'value' => $GLOBALS['what']);
} elseif (!empty($GLOBALS['action'])) {
- if ($GLOBALS['action'] != "logout") {
+ if ($GLOBALS['action'] != 'logout') {
// Restore old action value
- $content = array('target' => "action", 'value' => $GLOBALS['action']);
+ $content = array('target' => 'action', 'value' => $GLOBALS['action']);
} else {
// Set default values
- $content = array('target' => "action", 'value' => "login");
+ $content = array('target' => 'action', 'value' => 'login');
}
- } elseif (REQUEST_ISSET_GET(('area'))) {
+ } elseif (REQUEST_ISSET_GET('area')) {
// Restore old area value
- $content = array('target' => "area", 'value' => REQUEST_GET('area'));
+ $content = array('target' => 'area', 'value' => REQUEST_GET('area'));
} else {
// Set default values
- $content = array('target' => "action", 'value' => "login");
+ $content = array('target' => 'action', 'value' => 'login');
}
// Load login form template
- LOAD_TEMPLATE("admin_login_form", false, $content);
+ LOAD_TEMPLATE('admin_login_form', false, $content);
} // END - if
} elseif (REQUEST_ISSET_GET(('logout'))) {
// Only try to remove cookies
// Special logout redirect for installation of given extension
LOAD_TEMPLATE(sprintf("admin_logout_%s_install", $register));
- } elseif (REQUEST_ISSET_GET(('remove'))) {
+ } elseif (REQUEST_ISSET_GET('remove')) {
// Secure input
- $remove = REQUEST_GET(('remove'));
+ $remove = REQUEST_GET('remove');
// Special logout redirect for removal of given extension
LOAD_TEMPLATE(sprintf("admin_logout_%s_remove", $remove));
} else {
// Logged out normally
- LOAD_TEMPLATE("admin_logout");
+ LOAD_TEMPLATE('admin_logout');
}
} else {
// Something went wrong here...
- LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_fatal\">{--ADMIN_LOGOUT_FAILED--}</div>");
+ LOAD_TEMPLATE('admin_settings_saved', false, '<div class="admin_fatal">{--ADMIN_LOGOUT_FAILED--}</div>');
// Add fatal message
addFatalMessage(__FILE__, __LINE__, getMessage('CANNOT_UNREG_SESS'));
$ret = CHECK_ADMIN_COOKIES(get_session('admin_login'), get_session('admin_md5'));
switch ($ret)
{
- case "done":
+ case 'done':
// Check for access control line of current menu entry
$GLOBALS['acl_allow'] = runFilterChain('check_admin_acl');
// When type of admin menu is not set fallback to old menu system
- if (!isConfigEntrySet('admin_menu')) setConfigEntry('admin_menu', "OLD");
+ if (!isConfigEntrySet('admin_menu')) setConfigEntry('admin_menu', 'OLD');
- // Check for version and switch between old menu system and new "intelligent menu system"
- if ((ADMIN_CHECK_MENU_MODE() == "NEW") && (INCLUDE_READABLE("inc/modules/admin/lasys-inc.php"))) {
+ // Check for version and switch between old menu system and new intelligent menu system
+ if ((ADMIN_CHECK_MENU_MODE() == 'NEW') && (INCLUDE_READABLE('inc/modules/admin/lasys-inc.php'))) {
// Default area is the entrance, of course
- $area = "entrance";
+ $area = 'entrance';
// Check for similar URL variable
- if (REQUEST_ISSET_GET(('area'))) $area = REQUEST_GET(('area'));
+ if (REQUEST_ISSET_GET('area')) $area = REQUEST_GET('area');
- // Load "logical-area menu-system" file
- LOAD_INC_ONCE("inc/modules/admin/lasys-inc.php");
+ // Load logical-area menu-system file
+ LOAD_INC_ONCE('inc/modules/admin/lasys-inc.php');
- // Create new-style menu system will "logical areas"
+ // Create new-style menu system will logical areas
ADMIN_LOGICAL_AREA_SYSTEM($area, $act, $GLOBALS['what']);
} else {
// This little call constructs the whole default old and lacky menu system
- // on left side
+ // on left side. It also renders the content on right side
ADMIN_DO_ACTION($GLOBALS['what']);
}
break;
- case "404": // Administrator login not found
+ case '404': // Administrator login not found
REQUEST_SET_POST('ok', $ret);
destroyAdminSession();
addFatalMessage(__FILE__, __LINE__, getMessage('ADMIN_NOT_FOUND'));
break;
- case "pass": // Wrong password
+ case 'pass': // Wrong password
REQUEST_SET_POST('ok', $ret);
destroyAdminSession();
addFatalMessage(__FILE__, __LINE__, getMessage('WRONG_PASS'));