X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=inc%2Fmodules%2Fadmin%2Fadmin-inc.php;h=78bfa36ec9bbc48507db04b98b6516c62ea81917;hb=3b85bd5030ad591b0c5cb038ca534a7b50e1b319;hp=ea7df656eade12a540ad1832e9b528b8ed1ad0b0;hpb=3df5cfd765d32de200a4db2a21a04cb2fde40b23;p=mailer.git diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php index ea7df656ea..78bfa36ec9 100644 --- a/inc/modules/admin/admin-inc.php +++ b/inc/modules/admin/admin-inc.php @@ -58,8 +58,7 @@ function REGISTER_ADMIN ($user, $md5, $email=WEBMASTER) return $ret; } // Only be executed on login procedure! -function CHECK_ADMIN_LOGIN ($admin_login, $password) -{ +function CHECK_ADMIN_LOGIN ($admin_login, $password) { global $cacheArray, $_CONFIG, $cacheInstance; // Init variables @@ -389,9 +388,9 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) { $cacheName = "admin_".$act."_".$wht."_".GET_LANGUAGE()."_".strtolower(get_session('admin_login')); // Is that cache there? - if ($cacheInstance->cache_file($cacheName, true)) { + if ($cacheInstance->loadCacheFile($cacheName)) { // Then load it - $data = $cacheInstance->cache_load(); + $data = $cacheInstance->getArrayFromCache(); // Extract all parts $OUT = base64_decode($data['output'][0]); @@ -408,7 +407,7 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) { } // END - if // Build main menu - $result_main = SQL_QUERY("SELECT action, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) ORDER BY sort, id DESC", __FILE__, __LINE__); + $result_main = SQL_QUERY("SELECT action, title, descr FROM `"._MYSQL_PREFIX."_admin_menu` WHERE (what='' OR what IS NULL) ORDER BY sort, id DESC", __FILE__, __LINE__); if (SQL_NUMROWS($result_main) > 0) { $OUT = " @@ -454,7 +453,7 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) { } $OUT .= "\n"; - $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort, id DESC", + $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort, id DESC", array($menu), __FILE__, __LINE__); if ((SQL_NUMROWS($result_what) > 0) && ($act == $menu)) { @@ -540,7 +539,7 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) { // Is there a cache instance again? if ((is_object($cacheInstance)) && (isset($_CONFIG['cache_admin_menu'])) && ($_CONFIG['cache_admin_menu'] == "Y")) { // Init cache - $cacheInstance->cache_init($cacheName); + $cacheInstance->init($cacheName); // Prepare cache data $data = array( @@ -550,10 +549,10 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) { ); // Write the data away - $cacheInstance->add_row($data); + $cacheInstance->addRow($data); // Close cache - $cacheInstance->cache_close(); + $cacheInstance->finalize(); } // END - if // Return or output content? @@ -567,7 +566,7 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) { function ADD_MEMBER_SELECTION_BOX ($def="0", $add_all=false, $return=false, $none=false, $field="userid") { // Output selection form with all confirmed user accounts listed - $result = SQL_QUERY("SELECT userid, surname, family FROM "._MYSQL_PREFIX."_user_data ORDER BY userid", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT userid, surname, family FROM `"._MYSQL_PREFIX."_user_data` ORDER BY userid", __FILE__, __LINE__); $OUT = ""; // USe this only for adding points (e.g. adding refs really makes no sence ;-) ) @@ -601,7 +600,7 @@ function ADD_MEMBER_SELECTION_BOX ($def="0", $add_all=false, $return=false, $non function ADMIN_MENU_SELECTION($MODE, $default="", $defid="") { $wht = "what != ''"; if ($MODE == "action") $wht = "(what='' OR what IS NULL) AND action !='login'"; - $result = SQL_QUERY_ESC("SELECT %s, title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$wht." ORDER BY sort", + $result = SQL_QUERY_ESC("SELECT %s, title FROM `"._MYSQL_PREFIX."_admin_menu` WHERE ".$wht." ORDER BY sort", array($MODE), __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { // Load menu as selection @@ -656,10 +655,10 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="con $test = (float)$val; if ("".$val."" == "".$test."") { // Add numbers - $DATA[] = $id."=".$val.""; + $DATA[] = sprintf("`%s`=%s", $id, $test); } else { // Add strings - $DATA[] = $id."='".trim($val)."'"; + $DATA[] = sprintf("`%s`='%s'", $id, trim($val)); } // Update current configuration @@ -672,9 +671,9 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="con $result = false; if (!$alwaysAdd) { if (!empty($whereStatement)) { - $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$tableName." WHERE ".$whereStatement." LIMIT 1", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT * FROM `"._MYSQL_PREFIX.$tableName."` WHERE ".$whereStatement." LIMIT 1", __FILE__, __LINE__); } else { - $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$tableName." LIMIT 1", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT * FROM `"._MYSQL_PREFIX.$tableName."` LIMIT 1", __FILE__, __LINE__); } } // END - if @@ -683,7 +682,11 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="con $DATA_UPDATE = implode(", ", $DATA); // Generate SQL string - $SQL = "UPDATE "._MYSQL_PREFIX.$tableName." SET ".$DATA_UPDATE." WHERE ".$whereStatement." LIMIT 1"; + $SQL = sprintf("UPDATE `"._MYSQL_PREFIX."%s` SET %s WHERE %s LIMIT 1", + $tableName, + $DATA_UPDATE, + $whereStatement + ); } else { // Add Line (does only work with auto_increment! $KEYs = array(); $VALUEs = array(); @@ -698,7 +701,11 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="con $VALUEs = implode(", ", $VALUEs); // Generate SQL string - $SQL = "INSERT INTO "._MYSQL_PREFIX.$tableName." (".$KEYs.") VALUES (".$VALUEs.")"; + $SQL = sprintf("INSERT INTO "._MYSQL_PREFIX."%s (%s) VALUES (%s)", + $tableName, + $KEYs, + $VALUEs + ); } // Free memory @@ -1285,6 +1292,9 @@ function ADMIN_RESET_PASSWORD ($login, $password) { SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE login='%s' LIMIT 1", array($passHash, $login), __FILE__, __LINE__); + // Run filters + RUN_FILTER('post_admin_reset_pass', array('login' => $login, 'hash' => $passHash)); + // Return output return ADMIN_PASSWORD_RESET_DONE; }