X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Ffilters.php;h=d582202ac6a02ac4297ec79673b0d6897687e6af;hb=641ca2a3526aa0612781dddf83dd77dbb003adff;hp=79f0ef4c6e31ae4925f166962a41b993abbce9df;hpb=0f9689b7d070311251abdc1dc3c5f970a4227021;p=mailer.git diff --git a/inc/filters.php b/inc/filters.php index 79f0ef4c6e..d582202ac6 100644 --- a/inc/filters.php +++ b/inc/filters.php @@ -125,12 +125,15 @@ ORDER BY `filter_id` ASC", __FILE__, __LINE__); // Run SQLs REGISTER_FILTER('run_sqls', 'RUN_SQLS'); + // Admin ACL check + REGISTER_FILTER('check_admin_acl', 'CHECK_ADMIN_ACL'); + // Register shutdown filters REGISTER_FILTER('shutdown', 'FLUSH_FILTERS'); } // "Registers" a new filter function -function REGISTER_FILTER ($filterName, $filterFunction, $silentAbort = true, $force = false, $add = true) { +function REGISTER_FILTER ($filterName, $filterFunction, $silentAbort = true, $force = false, $dry_run = false) { global $filters, $counter; // Extend the filter function name @@ -155,7 +158,7 @@ function REGISTER_FILTER ($filterName, $filterFunction, $silentAbort = true, $fo } // END - if // Shall we add it? - if ($add) { + if (!$dry_run) { // Simply add it to the array $filters[$filterName][$filterFunction] = "Y"; $counter[$filterName][$filterFunction] = 0; @@ -163,7 +166,7 @@ function REGISTER_FILTER ($filterName, $filterFunction, $silentAbort = true, $fo } // "Unregisters" a filter from the given chain -function UNREGISTER_FILTER ($filterName, $filterFunction, $force = false, $remove = true) { +function UNREGISTER_FILTER ($filterName, $filterFunction, $force = false, $dry_run = false) { global $filters, $counter, $loadedFilters; // Extend the filter function name only if not loaded from database @@ -179,7 +182,7 @@ function UNREGISTER_FILTER ($filterName, $filterFunction, $force = false, $remov } // END - if // Shall we remove? (default, not while just showing an extension removal) - if ($remove) { + if (!$dry_run) { // Mark for filter removal $filters[$filterName][$filterFunction] = "R"; unset($counter[$filterName][$filterFunction]); @@ -385,7 +388,7 @@ function FILTER_SOLVE_TASK ($data) { // Filter to load include files function FILTER_LOAD_INCLUDES ($data) { - global $INC_POOL; + global $INC_POOL, $CSS; // Is it an array? if ((!isset($INC_POOL)) || (!is_array($INC_POOL))) { @@ -474,7 +477,7 @@ function FILTER_UPDATE_LOGIN_DATA () { // Update last module / online time $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET last_module='%s', last_online=UNIX_TIMESTAMP(), REMOTE_ADDR='%s' WHERE userid=%s LIMIT 1", - array($GLOBALS['what'], GET_REMOTE_ADDR(), $GLOBALS['userid']), __FILE__, __LINE__); + array($GLOBALS['what'], GET_REMOTE_ADDR(), $GLOBALS['userid']), __FILE__, __LINE__); } } else { // Destroy session, we cannot update! @@ -482,5 +485,27 @@ function FILTER_UPDATE_LOGIN_DATA () { } } +// Filter for checking admin ACL +function FILTER_CHECK_ADMIN_ACL () { + // Extension not installed so it's always allowed to access everywhere! + $ret = true; + + // Ok, Cookie-Update done + if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2")) { + // Check if action GET variable was set + $action = SQL_ESCAPE($GLOBALS['action']); + if (!empty($GLOBALS['what'])) { + // Get action value by what-value + $action = GET_ACTION("admin", $GLOBALS['what']); + } // END - if + + // Check for access control line of current menu entry + $ret = ADMINS_CHECK_ACL($action, $GLOBALS['what']); + } // END - if + + // Return result + return $ret; +} + // ?>