X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fadmin-inc.php;h=426440e50d6ffc9673a842aee76af5068e03d0d6;hb=501a861954273a54a21b714587fc33b57322d8e4;hp=e8778670dd68e3641742ab9eec8a57e2c5b2e8a6;hpb=1ebf518b9552f71ee95de6f4b80e6de3a27716d1;p=mailer.git

diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index e8778670dd..426440e50d 100644
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -39,7 +39,7 @@
 // Some security stuff...
 if (!defined('__SECURITY')) {
 	die();
-}
+} // END - if
 
 // Register an administrator account
 function addAdminAccount ($user, $md5, $email) {
@@ -53,8 +53,12 @@ function addAdminAccount ($user, $md5, $email) {
 	// Is the entry there?
 	if (SQL_NUMROWS($result) == 0) {
 		// Ok, let's create the admin login
-		SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (login, password, email) VALUES ('%s', '%s', '%s')",
-		array($user, $md5, $email), __FUNCTION__, __LINE__);
+		SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')",
+			array(
+				$user,
+				$md5,
+				$email
+			), __FUNCTION__, __LINE__);
 		$ret = 'done';
 	} // END - if
 
@@ -66,28 +70,28 @@ function addAdminAccount ($user, $md5, $email) {
 }
 
 // Only be executed on login procedure!
-function ifAdminLoginDataIsValid ($admin_login, $password) {
+function ifAdminLoginDataIsValid ($admin, $password) {
 	// By default no admin is found
 	$ret = '404';
 
 	// Get admin id
-	$adminId = getAdminId($admin_login);
+	$adminId = getAdminId($admin);
 
 	// Init array with admin id by default
 	$data = array('admin_id' => $adminId);
 
 	// Is the cache valid?
-	if (isset($GLOBALS['cache_array']['admins']['password'][$adminId])) {
+	if (isAdminHashSet($admin)) {
 		// Get password from cache
-		$data['password'] = $GLOBALS['cache_array']['admins']['password'][$adminId];
+		$data['password'] = getAdminHash($admin);
 		$ret = 'pass';
 		incrementStatsEntry('cache_hits');
 
 		// Include more admins data?
-		if (isExtensionInstalledAndNewer('admins', '0.7.2')) {
+		if ((isExtensionInstalledAndNewer('admins', '0.7.2')) && (isset($GLOBALS['cache_array']['admin']['login_failures'][$adminId]))) {
 			// Load them here
-			$data['login_failures'] = $GLOBALS['cache_array']['admins']['login_failures'][$adminId];
-			$data['last_failure']   = $GLOBALS['cache_array']['admins']['last_failure'][$adminId];
+			$data['login_failures'] = $GLOBALS['cache_array']['admin']['login_failures'][$adminId];
+			$data['last_failure']   = $GLOBALS['cache_array']['admin']['last_failure'][$adminId];
 		} // END - if
 	} elseif (!isExtensionActive('cache')) {
 		// Add extra data via filter now
@@ -136,28 +140,28 @@ function ifAdminLoginDataIsValid ($admin_login, $password) {
 
 		// Do we have 0.7.0 of admins or later?
 		// Remmeber login failures if available
-		if (isExtensionInstalledAndNewer('admins', '0.7.2')) {
+		if ((isExtensionInstalledAndNewer('admins', '0.7.2')) && (isset($data['login_failures']))) {
 			// Store it in session
 			setSession('mxchange_admin_failures', $data['login_failures']);
 			setSession('mxchange_admin_last_fail', $data['last_failure']);
 
 			// Update password and reset login failures
-			SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET password='%s',login_failures=0,last_failure='0000-00-00 00:00:00' WHERE `id`=%s LIMIT 1",
+			SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `password`='%s',`login_failures`=0,`last_failure`='0000-00-00 00:00:00' WHERE `id`=%s LIMIT 1",
 				array($data['password'], $adminId), __FUNCTION__, __LINE__);
 		} else {
 			// Update password
-			SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET password='%s' WHERE `id`=%s LIMIT 1",
+			SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `password`='%s' WHERE `id`=%s LIMIT 1",
 				array($data['password'], $adminId), __FUNCTION__, __LINE__);
 		}
 
 		// Rebuild cache
-		rebuildCacheFile('admins', 'admin');
+		rebuildCacheFile('admin', 'admin');
 
 		// Login has failed by default... ;-)
 		$ret = 'failed1';
 
 		// Password matches so login here
-		if (doAdminLogin($admin_login, $data['password'])) {
+		if (doAdminLogin($admin, $data['password'])) {
 			// All done now
 			$ret = 'done';
 		} // END - if
@@ -166,7 +170,7 @@ function ifAdminLoginDataIsValid ($admin_login, $password) {
 		$ret = 'failed_salt';
 	} elseif ($ret == 'done') {
 		// Try to login here if we have the old hashing way (sql_patches not installed?)
-		if (!doAdminLogin($admin_login, $data['password'])) {
+		if (!doAdminLogin($admin, $data['password'])) {
 			// Something went wrong
 			$ret = 'failed2';
 		} // END - if
@@ -175,15 +179,15 @@ function ifAdminLoginDataIsValid ($admin_login, $password) {
 	// Count login failure if admins extension version is 0.7.0+
 	if (($ret == 'pass') && (getExtensionVersion('admins') >= '0.7.0')) {
 		// Update counter
-		SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET login_failures=login_failures+1,last_failure=NOW() WHERE `id`=%s LIMIT 1",
-		array($adminId), __FUNCTION__, __LINE__);
+		SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET login_failures`=`login_failures`+1,`last_failure`=NOW() WHERE `id`=%s LIMIT 1",
+			array($adminId), __FUNCTION__, __LINE__);
 
 		// Rebuild cache
-		rebuildCacheFile('admins', 'admin');
+		rebuildCacheFile('admin', 'admin');
 	} // END - if
 
 	// Return the result
-	//* DEBUG: */ die("RETURN=".$ret);
+	//* DEBUG: */ die('RETURN=' . $ret);
 	return $ret;
 }
 
@@ -196,7 +200,7 @@ function doAdminLogin ($adminLogin, $passHash) {
 			array($adminLogin), __FUNCTION__, __LINE__);
 
 		// Rebuild cache
-		rebuildCacheFile('admins', 'admin');
+		rebuildCacheFile('admin', 'admin');
 	} // END - if
 
 	// Now set all session variables and return the result
@@ -212,19 +216,19 @@ function doAdminLogin ($adminLogin, $passHash) {
 }
 
 // Only be executed on cookie checking
-function ifAdminCookiesAreValid ($admin_login, $password) {
+function ifAdminCookiesAreValid ($admin, $password) {
 	// By default no admin cookies are found
 	$ret  = '404';
 	$pass = '';
 
 	// Get hash
-	$pass = getAdminHash(getAdminId($admin_login));
+	$pass = getAdminHash($admin);
 	if ($pass != '-1') $ret = 'pass';
 
 	//* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):".generatePassString($pass).'('.strlen($pass).")/".$password.'('.strlen($password).")<br />");
 
 	// Check if password matches
-	if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass)))) {
+	if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass))) && (isAdmin())) {
 		// Passwords matches!
 		$ret = 'done';
 	} // END - if
@@ -234,7 +238,10 @@ function ifAdminCookiesAreValid ($admin_login, $password) {
 }
 
 // Do an admin action
-function doAdminAction ($what) {
+function doAdminAction () {
+	// Get default what
+	$what = getWhat();
+
 	//* DEBUG: */ outputHtml(__LINE__."*".$what.'/'.getModule().'/'.getAction().'/'.getWhat()."*<br />");
 
 	// Remove any spaces from variable
@@ -242,14 +249,14 @@ function doAdminAction ($what) {
 		// Default admin action is the overview page
 		$what = 'overview';
 	} else {
-		// Compile out some chars
-		$what = compileCode($what, false, false, false);
+		// Secure it
+		$what = secureString($what);
 	}
 
 	// Get action value
 	$action = getModeAction(getModule(), $what);
 
-	// Define admin login name and ID number
+	// Define admin login name and id number
 	$content['login'] = getSession('admin_login');
 	$content['id']    = getCurrentAdminId();
 
@@ -265,6 +272,12 @@ function doAdminAction ($what) {
 	// Tableset header
 	loadTemplate('admin_main_header', false, $content);
 
+	// Is sql_patches not yet installed?
+	if (!isExtensionInstalled('sql_patches')) {
+		// Output warning
+		loadTemplate('admin_settings_saved', false, getMessage('ADMIN_WARNING_SQL_PATCHES_MISSING'));
+	} // END - if
+
 	// Check if action/what pair is valid
 	$result_action = SQL_QUERY_ESC("SELECT
 	`id`
@@ -283,7 +296,8 @@ WHERE
 			)
 		)
 	)
-LIMIT 1", array($action, $what, $what), __FUNCTION__, __LINE__);
+LIMIT 1",
+		array($action, $what, $what), __FUNCTION__, __LINE__);
 	if (SQL_NUMROWS($result_action) == 1) {
 		// Is valid but does the inlcude file exists?
 		$inc = sprintf("inc/modules/admin/action-%s.php", $action);
@@ -329,6 +343,8 @@ WHERE
 ORDER BY
 	`sort` ASC,
 	`id` DESC", __FUNCTION__, __LINE__);
+
+	// Do we have entries?
 	if (SQL_NUMROWS($result_main) > 0) {
 		$OUT = "<div style=\"height:7px\" class=\"seperator\">&nbsp;</div>\n";
 		$OUT .= "<ul class=\"admin_menu_main\">\n";
@@ -341,6 +357,12 @@ ORDER BY
 				$ACL = true;
 			}
 
+			// Filename
+			$inc = sprintf("inc/modules/admin/action-%s.php", $menu);
+
+			// Is the file readable?
+			$readable = isIncludeReadable($inc);
+
 			if ($ACL === true) {
 				if ($SUB === false) {
 					// Insert compiled menu title and description
@@ -350,18 +372,26 @@ ORDER BY
 				$OUT .= "<li class=\"admin_menu\">
 <div class=\"nobr\"><strong>&middot;</strong>&nbsp;";
 
-				if (($menu == $action) && (empty($what))) {
-					$OUT .= "<strong>";
+				if ($readable === true) {
+					if (($menu == $action) && (empty($what))) {
+						$OUT .= "<strong>";
+					} else {
+						$OUT .= "[<a href=\"{?URL?}/modules.php?module=admin&amp;action=".$menu."\">";
+					}
 				} else {
-					$OUT .= "[<a href=\"{?URL?}/modules.php?module=admin&amp;action=".$menu."\">";
+					$OUT .= "<em style=\"cursor:help\" class=\"admin_note\" title=\"{--MENU_ACTION_404--}\">";
 				}
 
 				$OUT .= $title;
 
-				if (($menu == $action) && (empty($what))) {
-					$OUT .= "</strong>";
+				if ($readable === true) {
+					if (($menu == $action) && (empty($what))) {
+						$OUT .= "</strong>";
+					} else {
+						$OUT .= "</a>]";
+					}
 				} else {
-					$OUT .= "</a>]";
+					$OUT .= "</em>";
 				}
 
 				$OUT .= "</div>
@@ -463,7 +493,7 @@ ORDER BY
 }
 
 // Create member selection box
-function addMemberSelectionBox ($def='0', $add_all=false, $return=false, $none=false, $field='userid') {
+function addMemberSelectionBox ($def=0, $add_all=false, $return=false, $none=false, $field='userid') {
 	// Output selection form with all confirmed user accounts listed
 	$result = SQL_QUERY("SELECT `userid`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` ORDER BY `userid` ASC", __FUNCTION__, __LINE__);
 
@@ -507,7 +537,7 @@ function adminMenuSelectionBox_DEPRECATED ($mode, $default = '', $defid = '') {
 	if (SQL_NUMROWS($result) > 0) {
 		// Load menu as selection
 		$OUT = "<select name=\"".$mode."_menu";
-		if ((!empty($defid)) || ($defid == '0')) $OUT .= "[".$defid."]";
+		if ((!empty($defid)) || ($defid == 0)) $OUT .= "[".$defid."]";
 		$OUT .= "\" size=\"1\" class=\"admin_select\">
 	<option value=\"\">{--SELECT_NONE--}</option>\n";
 		// @TODO Try to rewrite this to $content = SQL_FETCHARRAY(). Please look some lines above for the dynamic query
@@ -530,7 +560,7 @@ function adminMenuSelectionBox_DEPRECATED ($mode, $default = '', $defid = '') {
 }
 
 // Wrapper for $_POST and adminSaveSettings
-function adminSaveSettingsFromPostData ($tableName = "_config", $whereStatement = "config=0", $translateComma = array(), $alwaysAdd = false) {
+function adminSaveSettingsFromPostData ($tableName = '_config', $whereStatement = '`config`=0', $translateComma = array(), $alwaysAdd = false) {
 	// Get the array
 	$postData = postRequestArray();
 
@@ -539,7 +569,7 @@ function adminSaveSettingsFromPostData ($tableName = "_config", $whereStatement
 }
 
 // Save settings to the database
-function adminSaveSettings (&$postData, $tableName = "_config", $whereStatement = "config=0", $translateComma = array(), $alwaysAdd = false) {
+function adminSaveSettings (&$postData, $tableName = '_config', $whereStatement = '`config`=0', $translateComma = array(), $alwaysAdd = false) {
 	// Prepare all arrays, variables
 	$DATA = array();
 	$skip = false;
@@ -551,11 +581,8 @@ function adminSaveSettings (&$postData, $tableName = "_config", $whereStatement
 			// Do not save the ok value
 			convertSelectionsToTimestamp($postData, $DATA, $id, $skip);
 
-			// Shall we process this ID? It muss not be empty, of course
-			if (($skip === false) && (!empty($id))) {
-				// Save this entry
-				$val = compileCode($val);
-
+			// Shall we process this id? It muss not be empty, of course
+			if (($skip === false) && (!empty($id)) && (!isset($GLOBALS['skip_config'][$id]))) {
 				// Translate the value? (comma to dot!)
 				if ((is_array($translateComma)) && (in_array($id, $translateComma))) {
 					// Then do it here... :)
@@ -564,7 +591,7 @@ function adminSaveSettings (&$postData, $tableName = "_config", $whereStatement
 
 				// Shall we add numbers or strings?
 				$test = (float)$val;
-				if ("".$val."" == ''.$test."") {
+				if ('' . $val . '' == '' . $test . '') {
 					// Add numbers
 					$DATA[] = sprintf("`%s`=%s", $id, $test);
 				} else {
@@ -572,6 +599,9 @@ function adminSaveSettings (&$postData, $tableName = "_config", $whereStatement
 					$DATA[] = sprintf("`%s`='%s'", $id, trim($val));
 				}
 
+				// Do not add a config entry twice
+				$GLOBALS['skip_config'][$id] = true;
+
 				// Update current configuration
 				setConfigEntry($id, $val);
 			} // END - if
@@ -590,13 +620,13 @@ function adminSaveSettings (&$postData, $tableName = "_config", $whereStatement
 
 	if (SQL_NUMROWS($result) == 1) {
 		// "Implode" all data to single string
-		$DATA_UPDATE = implode(", ", $DATA);
+		$DATA_UPDATE = implode(', ', $DATA);
 
 		// Generate SQL string
 		$sql = sprintf("UPDATE `{?_MYSQL_PREFIX?}%s` SET %s WHERE %s LIMIT 1",
-		$tableName,
-		$DATA_UPDATE,
-		$whereStatement
+			$tableName,
+			$DATA_UPDATE,
+			$whereStatement
 		);
 	} else {
 		// Add Line (does only work with auto_increment!
@@ -608,14 +638,14 @@ function adminSaveSettings (&$postData, $tableName = "_config", $whereStatement
 		} // END - foreach
 
 		// Add both in one line
-		$KEYs = implode(", ", $KEYs);
-		$values = implode(", ", $values);
+		$KEYs = implode('`, `', $KEYs);
+		$values = implode(', ', $values);
 
 		// Generate SQL string
-		$sql = sprintf("INSERT INTO {?_MYSQL_PREFIX?}%s (%s) VALUES (%s)",
-		$tableName,
-		$KEYs,
-		$values
+		$sql = sprintf("INSERT INTO `{?_MYSQL_PREFIX?}%s` (%s) VALUES (%s)",
+			$tableName,
+			$KEYs,
+			$values
 		);
 	}
 
@@ -673,18 +703,23 @@ function adminAddMenuSelectionBox ($menu, $type, $name, $default = '') {
 
 // Creates a user-profile link for the admin. This function can also be used for many other purposes
 function generateUserProfileLink ($userid, $title = '', $what = 'list_user') {
-	if (($title == '') && ($title != '0')) {
+	if (($title == '') && ($userid > 0)) {
 		// Set userid as title
 		$title = $userid;
 	} // END - if
 
-	if (($title == '0') && ($what == 'list_refs')) {
+	if (($title == 0) && ($what == 'list_refs')) {
 		// Return title again
 		return $title;
-	} // END - if
+	} elseif (isExtensionActive('nickname')) {
+		// Get nickname
+		$nick = getNickname($userid);
+
+		// Is it not empty, use it as title else the userid
+		if (!empty($nick)) $title = $nick . '(' . $userid . ')'; else $title = $userid;
+	}
 
 	// Return link
-	//* DEBUG: */ outputHtml("a:".$title."<br />");
 	return '[<a href="{?URL?}/modules.php?module=admin&amp;what=' . $what . '&amp;userid=' . $userid . '" title="{--ADMIN_USER_PROFILE_TITLE--}">' . $title . '</a>]';
 }
 
@@ -698,9 +733,9 @@ function adminGetMenuMode () {
 	$adminId = getCurrentAdminId();
 
 	// Check individual settings of current admin
-	if (isset($GLOBALS['cache_array']['admins']['la_mode'][$adminId])) {
+	if (isset($GLOBALS['cache_array']['admin']['la_mode'][$adminId])) {
 		// Load from cache
-		$ADMIN = $GLOBALS['cache_array']['admins']['la_mode'][$adminId];
+		$ADMIN = $GLOBALS['cache_array']['admin']['la_mode'][$adminId];
 		incrementStatsEntry('cache_hits');
 	} elseif (isExtensionInstalledAndNewer('admins', '0.6.7')) {
 		// Load from database when version of 'admins' is enough
@@ -728,7 +763,7 @@ function adminChangeActivationStatus ($IDs, $table, $row, $idRow = 'id') {
 	if ((is_array($IDs)) && (count($IDs) > 0)) {
 		// "Walk" all through and count them
 		foreach ($IDs as $id => $selected) {
-			// Secure the ID number
+			// Secure the id number
 			$id = bigintval($id);
 
 			// Should always be set... ;-)
@@ -810,7 +845,7 @@ function adminListBuilder ($listType, $IDs, $table, $columns, $filterFunctions,
 
 	// "Walk"Â through all entries
 	foreach ($IDs as $id => $selected) {
-		// Secure ID number
+		// Secure id number
 		$id = bigintval($id);
 
 		// Get result from a given column array and table name
@@ -945,7 +980,7 @@ function adminBuilderStatusHandler ($mode, $IDs, $table, $columns, $filterFuncti
 	} // END - if
 }
 
-// Delete rows by given ID numbers
+// Delete rows by given id numbers
 function adminDeleteEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $deleteNow=false, $idColumn='id', $userIdColumn='userid') {
 	// All valid entries? (We hope so here!)
 	if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) {
@@ -995,7 +1030,7 @@ function adminDeleteEntriesConfirm ($IDs, $table, $columns=array(), $filterFunct
 	} // END - if
 }
 
-// Edit rows by given ID numbers
+// Edit rows by given id numbers
 function adminEditEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $editNow=false, $idColumn='id', $userIdColumn='userid') {
 	// All valid entries? (We hope so here!)
 	if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) {
@@ -1084,7 +1119,7 @@ function adminEditEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctio
 	} // END - if
 }
 
-// Un-/lock rows by given ID numbers
+// Un-/lock rows by given id numbers
 function adminLockEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn='id', $userIdColumn='userid') {
 	// All valid entries? (We hope so here!)
 	if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && (($lockNow === false) || (count($statusArray) == 1))) {
@@ -1099,7 +1134,7 @@ function adminLockEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctio
 	} // END - if
 }
 
-// Undelete rows by given ID numbers
+// Undelete rows by given id numbers
 function adminUndeleteEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $undeleteNow=false, $idColumn='id', $userIdColumn='userid') {
 	// All valid entries? (We hope so here!)
 	if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && (($undeleteNow === false) || (count($statusArray) == 1))) {
@@ -1134,9 +1169,6 @@ function sendAdminPasswordResetLink ($email) {
 	// Init output
 	$OUT = '';
 
-	// Compile out security characters (must be for looking up!)
-	$email = compileCode($email);
-
 	//Â Look up administator login
 	$result = SQL_QUERY_ESC("SELECT `id`, `login`, `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `email`='%s' LIMIT 1",
 		array($email), __FUNCTION__, __LINE__);
@@ -1175,12 +1207,9 @@ function adminResetValidateHashLogin ($hash, $login) {
 	// By default nothing validates... ;)
 	$valid = false;
 
-	// Compile the login for lookup
-	$login = compileCode($login);
-
 	// Then try to find that user
 	$result = SQL_QUERY_ESC("SELECT `id`, `password`, `email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
-	array($login), __FUNCTION__, __LINE__);
+		array($login), __FUNCTION__, __LINE__);
 
 	// Is an account here?
 	if (SQL_NUMROWS($result) == 1) {
@@ -1188,7 +1217,7 @@ function adminResetValidateHashLogin ($hash, $login) {
 		$content = SQL_FETCHARRAY($result);
 
 		// Generate hash again
-		$hashFromData = generateHash(getConfig('URL').':'.$content['id'].':'.$login.':'.$content['password'], substr($content['password'], 10));
+		$hashFromData = generateHash(getConfig('URL') . ':' . $content['id'] . ':' . $login . ':' . $content['password'], substr($content['password'], 10));
 
 		// Does both match?
 		$valid = ($hash == $hashFromData);
@@ -1207,7 +1236,7 @@ function doResetAdminPassword ($login, $password) {
 	$passHash = '';
 
 	// Now check if we have sql_patches installed
-	if (getExtensionVersion('sql_patches') >= '0.3.6') {
+	if (isExtensionInstalledAndNewer('sql_patches', '0.3.6')) {
 		// Use new way of hashing
 		$passHash = generateHash($password);
 	} else {
@@ -1291,5 +1320,35 @@ function adminCreateUserLink ($userid) {
 	return '{?URL?}/modules.php?module=admin&amp;what=list_user';
 }
 
+// Generate a "link" for the given admin id (admin_id)
+function generateAdminLink ($adminId) {
+	// No assigned admin is default
+	$adminLink = "<span class=\"admin_note\">{--ADMIN_NO_ADMIN_ASSIGNED--}</span>";
+
+	// Zero? = Not assigned
+	if (bigintval($adminId) > 0) {
+		// Load admin's login
+		$login = getAdminLogin($adminId);
+
+		// Is the login valid?
+		if ($login != '***') {
+			// Is the extension there?
+			if (isExtensionActive('admins')) {
+				// Admin found
+				$adminLink = "<a href=\"".generateEmailLink(getAdminEmail($adminId), 'admins')."\">" . $login."</a>";
+			} else {
+				// Extension not found
+				$adminLink = sprintf(getMessage('EXTENSION_PROBLEM_NOT_INSTALLED'), 'admins');
+			}
+		} else {
+			// Maybe deleted?
+			$adminLink = "<div class=\"admin_note\">".sprintf(getMessage('ADMIN_ID_404'), $adminId)."</div>";
+		}
+	} // END - if
+
+	// Return result
+	return $adminLink;
+}
+
 // [EOF]
 ?>