X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fadmin-inc.php;h=ae6191a043e05021fe8b47ddbc5d7d0f1266c32a;hb=8ce32e702f3caa76b8d446902948e83e1e6854c8;hp=2f9bd54d5a8c13873776e11da90e8e2969791d1e;hpb=6d8886333b637f5bace7d9a6e4e04cf28d3fbf2e;p=mailer.git diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php index 2f9bd54d5a..ae6191a043 100644 --- a/inc/modules/admin/admin-inc.php +++ b/inc/modules/admin/admin-inc.php @@ -14,12 +14,10 @@ * $Date:: $ * * $Tag:: 0.2.1-FINAL $ * * $Author:: $ * - * Needs to be in all Files and every File needs "svn propset * - * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2009 by Roland Haeder * - * Copyright (c) 2009, 2010 by Mailer Developer Team * - * For more information visit: http://www.mxchange.org * + * Copyright (c) 2009 - 2011 by Mailer Developer Team * + * For more information visit: http://mxchange.org * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * @@ -54,7 +52,7 @@ function addAdminAccount ($adminLogin, $passHash, $adminEmail) { // Is the entry there? if (SQL_HASZERONUMS($result)) { // Ok, let's create the admin login - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')", + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`,`password`,`email`) VALUES ('%s', '%s', '%s')", array( $adminLogin, $passHash, @@ -74,32 +72,40 @@ function addAdminAccount ($adminLogin, $passHash, $adminEmail) { // This function will be executed when the admin is not logged in and has submitted his login data function ifAdminLoginDataIsValid ($adminLogin, $adminPassword) { - // First of all, no admin login is found + // First of all, no admin login is found, so the admin hash is null $ret = '404'; + $adminHash = NULL; - // Then we need to lookup the login name by getting the admin hash - $adminHash = getAdminHash($adminLogin); + // Get admin id from login + $adminId = getAdminId($adminLogin); - // If this is fine, we can continue - if ($adminHash != '-1') { - // Get admin id and set it as current - setCurrentAdminId(getAdminId($adminLogin)); + // Continue only with found admin ids + if ($adminId > 0) { + // Then we need to lookup the login name by getting the admin hash + $adminHash = getAdminHash($adminId); - // Now, we need to encode the password in the same way the one is encoded in database - $testHash = generateHash($adminPassword, $adminHash); + // If this is fine, we can continue + if ($adminHash != '-1') { + // Get admin id and set it as current + setCurrentAdminId($adminId); - // If they both match, the login data is valid - if ($testHash == $adminHash) { - // All fine - $ret = 'done'; - } else { - // Set status - $ret = 'pass'; - } + // Now, we need to encode the password in the same way the one is encoded in database + $testHash = generateHash($adminPassword, $adminHash); + + // If they both match, the login data is valid + if ($testHash == $adminHash) { + // All fine + $ret = 'done'; + } else { + // Did not match! + $ret = 'password'; + } + } // END - if } // END - if // Prepare data array $data = array( + 'id' => $adminId, 'login' => $adminLogin, 'plain_pass' => $adminPassword, 'pass_hash' => $adminHash @@ -124,7 +130,7 @@ function ifAdminCookiesAreValid ($adminLogin, $passHash) { if ($adminHash != '-1') { // Now, we need to encode the password in the same way the one is encoded in database $testHash = encodeHashForCookie($adminHash); - //* DEBUG: */ outputHtml('adminLogin='.$adminLogin.',
passHash='.$passHash.',
adminHash='.$adminHash.',
testHash='.$testHash.'
'); + //* DEBUG: */ debugOutput('adminLogin=' . $adminLogin . ',passHash='.$passHash.',adminHash='.$adminHash.',testHash='.$testHash); // If they both match, the login data is valid if ($testHash == $passHash) { @@ -132,12 +138,12 @@ function ifAdminCookiesAreValid ($adminLogin, $passHash) { $ret = 'done'; } else { // Set status - $ret = 'pass'; + $ret = 'password'; } } // END - if // Return status - //* DEBUG: */ outputHtml('ret='.$ret); + //* DEBUG: */ debugOutput('ret='.$ret); return $ret; } @@ -146,7 +152,7 @@ function doAdminAction () { // Get default what $what = getWhat(); - //* DEBUG: */ outputHtml(__LINE__.'*'.$what.'/'.getModule().'/'.getAction().'/'.getWhat().'*
'); + //* DEBUG: */ debugOutput(__LINE__.'*'.$what.'/'.getModule().'/'.getAction().'/'.getWhat().'*'); // Remove any spaces from variable if (empty($what)) { @@ -160,21 +166,21 @@ function doAdminAction () { // Get action value $action = getActionFromModuleWhat(getModule(), $what); - // Define admin login name and id number - $content['login'] = getSession('admin_login'); - $content['id'] = getCurrentAdminId(); - - // Preload templates + // Load welcome template if (isExtensionActive('admins')) { - $content['welcome'] = loadTemplate('admin_welcome_admins', true, $content); + // @TODO This and the next getCurrentAdminId() call might be moved into the templates? + $content['welcome'] = loadTemplate('admin_welcome_admins', true, getCurrentAdminId()); } else { - $content['welcome'] = loadTemplate('admin_welcome', true, $content); + $content['welcome'] = loadTemplate('admin_welcome', true, getCurrentAdminId()); } + + // Load header, footer, render menu + $content['header'] = loadTemplate('admin_header' , true, $content); $content['footer'] = loadTemplate('admin_footer' , true, $content); - $content['menu'] = addAdminMenu($action, $what, true); + $content['menu'] = addAdminMenu($action, $what); - // Tableset header - loadTemplate('admin_main_header', false, $content); + // Load main template + loadTemplate('admin_main', false, $content); // Check if action/what pair is valid $result_action = SQL_QUERY_ESC("SELECT @@ -210,14 +216,14 @@ LIMIT 1", loadInclude($inc); } elseif ($GLOBALS['acl_allow'] === false) { // Access denied - loadTemplate('admin_menu_failed', false, getMaskedMessage('ADMIN_ACCESS_DENIED', $what)); + loadTemplate('admin_menu_failed', false, '{%message,ADMIN_ACCESS_DENIED=' . $what . '%}'); } else { - // Include file not found! :-( - loadTemplate('admin_menu_failed', false, getMaskedMessage('ADMIN_ACTION_404', $action)); + // Include file not found :-( + loadTemplate('admin_menu_failed', false, '{%message,ADMIN_ACTION_404=' . $action . '%}'); } } else { - // Invalid action/what pair found! - loadTemplate('admin_menu_failed', false, getMaskedMessage('ADMIN_ACTION_INVALID', $action . '/' . $what)); + // Invalid action/what pair found + loadTemplate('admin_menu_failed', false, '{%message,ADMIN_ACTION_INVALID=' . $action . '/' . $what . '%}'); } // Free memory @@ -227,19 +233,35 @@ LIMIT 1", loadTemplate('admin_main_footer', false, $content); } +// Checks wether current admin is allowed to access given action/what combination +// (only one is allowed to be null!) +function isAdminAllowedAccessMenu ($action, $what = NULL) { + // Do we have cache? + if (!isset($GLOBALS[__FUNCTION__][$action][$what])) { + // ACL is always 'allow' when no ext-admins is installed + // @TODO This can be rewritten into a filter + $GLOBALS[__FUNCTION__][$action][$what] = ((!isExtensionInstalledAndNewer('admins', '0.2.0')) || (isAdminsAllowedByAcl($action, $what))); + } // END - if + + // Return the cached value + return $GLOBALS[__FUNCTION__][$action][$what]; +} + // Adds an admin menu -function addAdminMenu ($action, $what, $return=false) { +function addAdminMenu ($action, $what) { // Init variables $SUB = false; $OUT = ''; // Menu descriptions $GLOBALS['menu']['description'] = array(); - $GLOBALS['menu']['title'] = array(); + $GLOBALS['menu']['title'] = array(); // Build main menu $result_main = SQL_QUERY("SELECT - `action`, `title`, `descr` + `action` AS `main_action`, + `title` AS `main_title`, + `descr` AS `main_descr` FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE @@ -249,60 +271,78 @@ ORDER BY `id` DESC", __FUNCTION__, __LINE__); // Do we have entries? - if (SQL_NUMROWS($result_main) > 0) { + if (!SQL_HASZERONUMS($result_main)) { $OUT .= ''; + + // Free memory + SQL_FREERESULT($result_main); + } // END - if + + // Return content + return $OUT; +} + +// Add admin sub menu +function addAdminSubMenu ($mainContent, $action, $what) { + // Init content + $OUT = ''; + + // Check for menu entries + $result_what = SQL_QUERY_ESC("SELECT + `what` AS `sub_what`, + `title` AS `sub_title`, + `descr` AS `sub_descr` FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE @@ -312,102 +352,137 @@ WHERE ORDER BY `sort` ASC, `id` DESC", - array($menu), __FUNCTION__, __LINE__); - - // Remember the count for later checks - setAdminMenuHasEntries($menu, ((SQL_NUMROWS($result_what) > 0) && ($action == $menu))); - - // Do we have entries? - if ((ifAdminMenuHasEntries($menu)) && (SQL_NUMROWS($result_what) > 0)) { - $GLOBALS['menu']['description'] = array(); - $GLOBALS['menu']['title'] = array(); $SUB = true; - $OUT .= '
  • '; - } + } // END - if - // Is there a cache instance again? - // Return or output content? - if ($return === true) { - return $OUT; - } else { - outputHtml($OUT); - } + // Close li-tag + $OUT .= '
    • '; + + // Return content + return $OUT; +} + +// Create an admin selection box form +function addAdminSelectionBox ($adminId = NULL, $special = '') { + // Default is email as "special column" + $ADD = ',`email` AS `special`'; + + // Is a special column given? + if (!empty($special)) { + // Additional column for SQL query + $ADD = ',`' . $special . '` AS `special`'; + } // END - if + + // Query all entries + $result = SQL_QUERY('SELECT + `id`, + `login` + ' . $ADD . ' +FROM + `{?_MYSQL_PREFIX?}_admins` +ORDER BY + `login` ASC', __FUNCTION__, __LINE__); + + // Init output + $OUT = ''; + + // Load all entries + while ($content = SQL_FETCHARRAY($result)) { + // Add the entry + $OUT .= loadTemplate('select_admins_option', true, $content); + } // END - if + + // Free memory + SQL_FREERESULT($result); + + // Add form to content + $content['form_selection'] = $OUT; + + // Output form + loadTemplate('select_admins_box', false, $content); } -// Create member selection box -function addMemberSelectionBox ($def = 0, $add_all = false, $return = false, $none = false, $field = 'userid') { +// Create a member selection box +function addMemberSelectionBox ($userid = NULL, $add_all = false, $return = false, $none = false, $field = 'userid') { // Output selection form with all confirmed user accounts listed - $result = SQL_QUERY("SELECT `userid`, `surname`, `family` FROM `{?_MYSQL_PREFIX?}_user_data` ORDER BY `userid` ASC", __FUNCTION__, __LINE__); + $result = SQL_QUERY('SELECT + `userid`,`surname`,`family` +FROM + `{?_MYSQL_PREFIX?}_user_data` +ORDER BY + `userid` ASC', __FUNCTION__, __LINE__); // Default output $OUT = ''; // USe this only for adding points (e.g. adding refs really makes no sence ;-) ) - if ($add_all === true) $OUT = ' '; - elseif ($none === true) $OUT = ' '; + if ($add_all === true) { + $OUT = ' '; + } elseif ($none === true) { + $OUT = ' '; + } + // Load all entries while ($content = SQL_FETCHARRAY($result)) { $OUT .= ''; // Walk through all files foreach ($menuArray as $file) { // Is this a PHP script? - if ((!isDirectory($file)) && (strpos($file, '' . $type . '-') > -1) && (strpos($file, '.php') > 0)) { + if ((!isDirectory($file)) && (isInString('' . $type . '-', $file)) && (isInString('.php', $file))) { // Then test if the file is readable $test = sprintf("inc/modules/%s/%s", $menu, $file); @@ -616,12 +691,12 @@ function adminAddMenuSelectionBox ($menu, $type, $name, $default = '') { // Creates a user-profile link for the admin. This function can also be used for many other purposes function generateUserProfileLink ($userid, $title = '', $what = 'list_user') { - if (($title == '') && ($userid > 0)) { + if (($title == '') && (isValidUserId($userid))) { // Set userid as title $title = $userid; - } elseif ($userid == 0) { + } elseif (!isValidUserId($userid)) { // User id zero is invalid - return '' . $userid . ''; + return '' . convertNullToZero($userid) . ''; } if (($title == '0') && ($what == 'list_refs')) { @@ -632,7 +707,11 @@ function generateUserProfileLink ($userid, $title = '', $what = 'list_user') { $nick = getNickname($userid); // Is it not empty, use it as title else the userid - if (!empty($nick)) $title = $nick . '(' . $userid . ')'; else $title = $userid; + if (!empty($nick)) { + $title = $nick . '(' . $userid . ')'; + } else { + $title = $userid; + } } // Return link @@ -642,7 +721,14 @@ function generateUserProfileLink ($userid, $title = '', $what = 'list_user') { // Check "logical-area-mode" function adminGetMenuMode () { // Set the default menu mode as the mode for all admins - $mode = getConfig('admin_menu'); + $mode = 'global'; + + // If sql_patches is up-to-date enough, use the configuration + if (isExtensionInstalledAndNewer('sql_patches', '0.3.2')) { + $mode = getAdminMenu(); + } // END - if + + // Backup it $adminMode = $mode; // Get admin id @@ -655,7 +741,7 @@ function adminGetMenuMode () { incrementStatsEntry('cache_hits'); } elseif (isExtensionInstalledAndNewer('admins', '0.6.7')) { // Load from database when version of 'admins' is enough - $result = SQL_QUERY_ESC("SELECT la_mode FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `la_mode` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1", array($adminId), __FUNCTION__, __LINE__); // Do we have an entry? @@ -669,7 +755,9 @@ function adminGetMenuMode () { } // Check what the admin wants and set it when it's not the default mode - if ($adminMode != 'global') $mode = $adminMode; + if ($adminMode != 'global') { + $mode = $adminMode; + } // END - if // Return admin-menu's mode return $mode; @@ -677,7 +765,7 @@ function adminGetMenuMode () { // Change activation status function adminChangeActivationStatus ($IDs, $table, $row, $idRow = 'id') { - $cnt = '0'; $newStatus = 'Y'; + $count = '0'; if ((is_array($IDs)) && (count($IDs) > 0)) { // "Walk" all through and count them foreach ($IDs as $id => $selected) { @@ -688,7 +776,12 @@ function adminChangeActivationStatus ($IDs, $table, $row, $idRow = 'id') { if (!empty($selected)) { // Determine new status $result = SQL_QUERY_ESC("SELECT %s FROM `{?_MYSQL_PREFIX?}_%s` WHERE %s=%s LIMIT 1", - array($row, $table, $idRow, $id), __FUNCTION__, __LINE__); + array( + $row, + $table, + $idRow, + $id + ), __FUNCTION__, __LINE__); // Row found? if (SQL_NUMROWS($result) == 1) { @@ -696,14 +789,20 @@ function adminChangeActivationStatus ($IDs, $table, $row, $idRow = 'id') { list($currStatus) = SQL_FETCHROW($result); // And switch it N<->Y - if ($currStatus == 'Y') $newStatus = 'N'; else $newStatus = 'Y'; + $newStatus = convertBooleanToYesNo(!($currStatus == 'Y')); // Change this status SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s` SET %s='%s' WHERE %s=%s LIMIT 1", - array($table, $row, $newStatus, $idRow, $id), __FUNCTION__, __LINE__); + array( + $table, + $row, + $newStatus, + $idRow, + $id + ), __FUNCTION__, __LINE__); // Count up affected rows - $cnt += SQL_AFFECTEDROWS(); + $count += SQL_AFFECTEDROWS(); } // END - if // Free the result @@ -712,15 +811,24 @@ function adminChangeActivationStatus ($IDs, $table, $row, $idRow = 'id') { } // END - foreach // Output status - loadTemplate('admin_settings_saved', false, sprintf(getMessage('ADMIN_STATUS_CHANGED'), $cnt, count($IDs))); + displayMessage(sprintf(getMessage('ADMIN_STATUS_CHANGED'), $count, count($IDs))); } else { // Nothing selected! - loadTemplate('admin_settings_saved', false, getMessage('ADMIN_NOTHING_SELECTED_CHANGE')); + displayMessage('{--ADMIN_NOTHING_SELECTED_CHANGE--}'); } } // Send mails for del/edit/lock build modes -function sendAdminBuildMails ($mode, $table, $content, $id, $subjectPart = '') { +function sendAdminBuildMails ($mode, $tableName, $content, $id, $subjectPart = '', $userIdColumn = array('userid')) { + // $tableName must be an array + if ((!is_array($tableName)) || (count($tableName) != 1)) { + // $tableName is no array + debug_report_bug(__FUNCTION__, __LINE__, 'tableName[]=' . gettype($tableName) . '!=array'); + } elseif ((!is_array($userIdColumn)) || (count($userIdColumn) != 1)) { + // $tableName is no array + debug_report_bug(__FUNCTION__, __LINE__, 'userIdColumn[]=' . gettype($userIdColumn) . '!=array'); + } // END - if + // Default subject is the subject part $subject = $subjectPart; @@ -731,43 +839,54 @@ function sendAdminBuildMails ($mode, $table, $content, $id, $subjectPart = '') { } // END - if // Is the raw userid set? - if (postRequestParameter('userid_raw', $id) > 0) { - // Generate subject - $subjectLine = getMessage('MEMBER_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT'); - + if (postRequestElement($userIdColumn[0], $id) > 0) { // Load email template if (!empty($subjectPart)) { - $mail = loadEmailTemplate('member_' . $mode . '_' . strtolower($subjectPart) . '_' . $table, $content); + $mail = loadEmailTemplate('member_' . $mode . '_' . strtolower($subjectPart) . '_' . $tableName[0], $content); } else { - $mail = loadEmailTemplate('member_' . $mode . '_' . $table, $content); + $mail = loadEmailTemplate('member_' . $mode . '_' . $tableName[0], $content); } // Send email out - sendEmail(postRequestParameter('userid_raw', $id), $subjectLine, $mail); + sendEmail(postRequestElement($userIdColumn[0], $id), strtoupper('{--MEMBER_' . $subject . '_' . $tableName[0] . '_SUBJECT--}'), $mail); } // END - if // Generate subject - $subjectLine = getMessage('ADMIN_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT'); + $subject = strtoupper('{--ADMIN_' . $subject . '_' . $tableName[0] . '_SUBJECT--}'); // Send admin notification out if (!empty($subjectPart)) { - sendAdminNotification($subjectLine, 'admin_' . $mode . '_' . strtolower($subjectPart) . '_' . $table, $content, postRequestParameter('userid_raw', $id)); + sendAdminNotification($subject, 'admin_' . $mode . '_' . strtolower($subjectPart) . '_' . $tableName[0], $content, postRequestElement($userIdColumn[0], $id)); } else { - sendAdminNotification($subjectLine, 'admin_' . $mode . '_' . $table, $content, postRequestParameter('userid_raw', $id)); + sendAdminNotification($subject, 'admin_' . $mode . '_' . $tableName[0], $content, postRequestElement($userIdColumn[0], $id)); } } // Build a special template list -function adminListBuilder ($listType, $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn) { - $OUT = ''; $SW = 2; +function adminListBuilder ($listType, $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId = array('userid')) { + // $tableName and $idColumn must bove be arrays! + if ((!is_array($tableName)) || (count($tableName) != 1)) { + // $tableName is no array + debug_report_bug(__FUNCTION__, __LINE__, 'tableName[]=' . gettype($tableName) . '!=array'); + } elseif (!is_array($idColumn)) { + // $idColumn is no array + debug_report_bug(__FUNCTION__, __LINE__, 'idColumn[]=' . gettype($idColumn) . '!=array'); + } elseif ((!is_array($userIdColumn)) || (count($userIdColumn) != 1)) { + // $tableName is no array + debug_report_bug(__FUNCTION__, __LINE__, 'userIdColumn[]=' . gettype($userIdColumn) . '!=array'); + } + + // Init row output + $OUT = ''; // "Walk" through all entries - foreach ($IDs as $id => $selected) { + //* DEBUG: */ debug_report_bug(__FUNCTION__, __LINE__, 'listType=
    '.print_r($listType,true).'
    ,tableName
    '.print_r($tableName,true).'
    ,columns=
    '.print_r($columns,true).'
    ,filterFunctions=
    '.print_r($filterFunctions,true).'
    ,extraValues=
    '.print_r($extraValues,true).'
    ,idColumn=
    '.print_r($idColumn,true).'
    ,userIdColumn=
    '.print_r($userIdColumn,true).'
    ,rawUserId=
    '.print_r($rawUserId,true).'
    '); + foreach (postRequestElement($idColumn[0]) as $id => $selected) { // Secure id number $id = bigintval($id); // Get result from a given column array and table name - $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idColumn, $id, __FUNCTION__, __LINE__); + $result = SQL_RESULT_FROM_ARRAY($tableName[0], $columns, $idColumn[0], $id, __FUNCTION__, __LINE__); // Is there one entry? if (SQL_NUMROWS($result) == 1) { @@ -777,38 +896,57 @@ function adminListBuilder ($listType, $IDs, $table, $columns, $filterFunctions, // Filter all data foreach ($content as $key => $value) { // Search index - $idx = array_search($key, $columns, true); + $idx = searchXmlArray($key, $columns, 'column'); + + // Skip any missing entries + if ($idx === false) { + // Skip this one + //* DEBUG: */ debug_report_bug(__FUNCTION__, __LINE__, 'key=' . $key . ' - SKIPPED!'); + continue; + } // END - if // Do we have a userid? - if ($key == 'userid') { + //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'key=' . $key . ',userIdColumn=' . $userIdColumn[0]); + if ($key == $userIdColumn[0]) { // Add it again as raw id - $content['userid_raw'] = bigintval($value); + //* DEBUG: */ debug_report_bug(__FUNCTION__, __LINE__, 'key=' . $key . ',userIdColumn=' . $userIdColumn[0]); + $content[$userIdColumn[0]] = convertZeroToNull($value); + $content[$userIdColumn[0] . '_raw'] = $content[$userIdColumn[0]]; } // END - if // If the key matches the idColumn variable, we need to temporary remember it - //* DEBUG: */ print 'key=' . $key . ',idColumn=' . $idColumn . ',value=' . $value . '
    '; - if ($key == $idColumn) { + //* DEBUG: */ debugOutput('key=' . $key . ',idColumn=' . $idColumn[0] . ',value=' . $value); + if ($key == $idColumn[0]) { // Found, so remember it $GLOBALS['admin_list_builder_id_value'] = $value; } // END - if - // Handle the call in external function - //* DEBUG: */ print 'key=' . $key . ',fucntion=' . $filterFunctions[$idx] . ',value=' . $value . '
    '; - $content[$key] = handleExtraValues($filterFunctions[$idx], $value, $extraValues[$idx]); + // Do we have a call-back function and extra-value pair? + if ((isset($filterFunctions[$idx])) && (isset($extraValues[$idx]))) { + // Handle the call in external function + //* DEBUG: */ debugOutput('key=' . $key . ',fucntion=' . $filterFunctions[$idx] . ',value=' . $value); + $content[$key] = handleExtraValues( + $filterFunctions[$idx], + $value, + $extraValues[$idx] + ); + } elseif ((isset($columns[$idx]['name'])) && (isset($filterFunctions[$columns[$idx]['name']])) && (isset($extraValues[$columns[$idx]['name']]))) { + // Handle the call in external function + //* DEBUG: */ debugOutput('key=' . $key . ',fucntion=' . $filterFunctions[$columns[$idx]['name']] . ',value=' . $value); + $content[$key] = handleExtraValues( + $filterFunctions[$columns[$idx]['name']], + $value, + $extraValues[$columns[$idx]['name']] + ); + } } // END - foreach - // Add color switching - $content['sw'] = $SW; - // Then list it $OUT .= loadTemplate(sprintf("admin_%s_%s_row", $listType, - $table + $tableName[0] ), true, $content ); - - // Switch color - $SW = 3 - $SW; } // END - if // Free the result @@ -818,23 +956,39 @@ function adminListBuilder ($listType, $IDs, $table, $columns, $filterFunctions, // Load master template loadTemplate(sprintf("admin_%s_%s", $listType, - $table + $tableName[0] ), false, $OUT ); } // Change status of "build" list -function adminBuilderStatusHandler ($mode, $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray) { +function adminBuilderStatusHandler ($mode, $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray, $rawUserId = array('userid')) { + // $tableName must be an array + if ((!is_array($tableName)) || (count($tableName) != 1)) { + // No tableName specified + debug_report_bug(__FUNCTION__, __LINE__, 'tableName is not given. Please fix your XML,tableName[]=' . gettype($tableName) . '!=array'); + } elseif (!is_array($idColumn)) { + // $idColumn is no array + debug_report_bug(__FUNCTION__, __LINE__, 'idColumn[]=' . gettype($idColumn) . '!=array'); + } elseif ((!is_array($userIdColumn)) || (count($userIdColumn) != 1)) { + // $tableName is no array + debug_report_bug(__FUNCTION__, __LINE__, 'userIdColumn[]=' . gettype($userIdColumn) . '!=array'); + } // END - if + // All valid entries? (We hope so here!) - if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && (count($statusArray) > 0)) { + if ((count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && (count($statusArray) > 0)) { // "Walk" through all entries - foreach ($IDs as $id => $sel) { + foreach (postRequestElement($idColumn[0]) as $id => $sel) { // Construct SQL query - $sql = sprintf("UPDATE `{?_MYSQL_PREFIX?}_%s` SET", SQL_ESCAPE($table)); + $sql = sprintf("UPDATE `{?_MYSQL_PREFIX?}_%s` SET", SQL_ESCAPE($tableName[0])); // Load data of entry $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s`=%s LIMIT 1", - array($table, $idColumn, $id), __FUNCTION__, __LINE__); + array( + $tableName[0], + $idColumn[0], + $id + ), __FUNCTION__, __LINE__); // Fetch the data $content = SQL_FETCHARRAY($result); @@ -850,7 +1004,7 @@ function adminBuilderStatusHandler ($mode, $IDs, $table, $columns, $filterFuncti // Does the entry exist? if ((isset($content[$column])) && (isset($statusInfo[$content[$column]]))) { // Add these entries for update - $sql .= sprintf(" %s='%s',", SQL_ESCAPE($column), SQL_ESCAPE($statusInfo[$content[$column]])); + $sql .= sprintf(" `%s`='%s',", SQL_ESCAPE($column), SQL_ESCAPE($statusInfo[$content[$column]])); // Remember status if ($statusColumn == 'unknown') { @@ -861,7 +1015,7 @@ function adminBuilderStatusHandler ($mode, $IDs, $table, $columns, $filterFuncti } // END - if } elseif (isset($content[$column])) { // Unfinished! - app_die(__FUNCTION__, __LINE__, ":UNFINISHED: id={$id}/{$column}[".gettype($statusInfo)."] = {$content[$column]}"); + debug_report_bug(__FUNCTION__, __LINE__, ':UNFINISHED: id=' . $id . ',column=' . $column . '[' . gettype($statusInfo) . '] = ' . $content[$column]); } } // END - foreach @@ -871,14 +1025,14 @@ function adminBuilderStatusHandler ($mode, $IDs, $table, $columns, $filterFuncti logDebugMessage(__FUNCTION__, __LINE__, 'Found entry: ' . $key); // Skip id, raw userid and 'do_$mode' - if (!in_array($key, array($idColumn, 'userid_raw', ('do_' . $mode)))) { + if (!in_array($key, array($idColumn[0], $rawUserId[0], ('do_' . $mode)))) { // Are there brackets () at the end? if (substr($entries[$id], -2, 2) == '()') { // Direct SQL command found - $sql .= sprintf(" %s=%s,", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id])); + $sql .= sprintf(" `%s`=%s,", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id])); } else { // Add regular entry - $sql .= sprintf(" %s='%s',", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id])); + $sql .= sprintf(" `%s`='%s',", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id])); // Add entry $content[$key] = $entries[$id]; @@ -891,7 +1045,7 @@ function adminBuilderStatusHandler ($mode, $IDs, $table, $columns, $filterFuncti // Finish SQL statement $sql = substr($sql, 0, -1) . sprintf(" WHERE `%s`=%s AND `%s`='%s' LIMIT 1", - $idColumn, + $idColumn[0], bigintval($id), $statusColumn, $oldStatus @@ -907,28 +1061,47 @@ function adminBuilderStatusHandler ($mode, $IDs, $table, $columns, $filterFuncti } // END - if // Send "build mails" out - sendAdminBuildMails($mode, $table, $content, $id, $statusInfo[$content[$column]]); + sendAdminBuildMails($mode, $tableName, $content, $id, $statusInfo[$content[$column]], $userIdColumn); } // END - foreach } // END - if } // Delete rows by given id numbers -function adminDeleteEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $deleteNow=false, $idColumn='id', $userIdColumn='userid') { +function adminDeleteEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $deleteNow = array(false), $idColumn = array('id'), $userIdColumn = array('userid'), $rawUserId = array('userid')) { + // $tableName must be an array + if ((!is_array($tableName)) || (count($tableName) != 1)) { + // No tableName specified + debug_report_bug(__FUNCTION__, __LINE__, 'tableName is not given. Please fix your XML,tableName[]=' . gettype($tableName) . '!=array'); + } elseif (!is_array($idColumn)) { + // $idColumn is no array + debug_report_bug(__FUNCTION__, __LINE__, 'idColumn[]=' . gettype($idColumn) . '!=array'); + } elseif (!is_array($userIdColumn)) { + // $userIdColumn is no array + debug_report_bug(__FUNCTION__, __LINE__, 'userIdColumn[]=' . gettype($userIdColumn) . '!=array'); + } elseif (!is_array($deleteNow)) { + // $deleteNow is no array + debug_report_bug(__FUNCTION__, __LINE__, 'deleteNow[]=' . gettype($deleteNow) . '!=array'); + } // END - if + // All valid entries? (We hope so here!) - if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) { + if ((count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) { // Shall we delete here or list for deletion? - if ($deleteNow === true) { + if ($deleteNow[0] === true) { // The base SQL command: - $sql = "DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_%s` WHERE %s IN (%s)"; + $sql = "DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s` IN (%s)"; // Delete them all $idList = ''; - foreach ($IDs as $id => $sel) { + foreach (postRequestElement($idColumn[0]) as $id => $sel) { // Is there a userid? - if (isPostRequestParameterSet('userid_raw', $id)) { + if (isPostRequestElementSet($rawUserId[0], $id)) { // Load all data from that id - $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_%s` WHERE %s=%s LIMIT 1", - array($table, $idColumn, $id), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s`=%s LIMIT 1", + array( + $tableName[0], + $idColumn[0], + $id + ), __FUNCTION__, __LINE__); // Fetch the data $content = SQL_FETCHARRAY($result); @@ -937,7 +1110,7 @@ function adminDeleteEntriesConfirm ($IDs, $table, $columns=array(), $filterFunct SQL_FREERESULT($result); // Send "build mails" out - sendAdminBuildMails('del', $table, $content, $id); + sendAdminBuildMails('delete', $tableName, $content, $id, '', $userIdColumn); } // END - if // Add id number @@ -945,48 +1118,65 @@ function adminDeleteEntriesConfirm ($IDs, $table, $columns=array(), $filterFunct } // END - foreach // Run the query - SQL_QUERY($sql, array($table, $idColumn, substr($idList, 0, -1)), __FUNCTION__, __LINE__); + SQL_QUERY_ESC($sql, array($tableName[0], $idColumn[0], substr($idList, 0, -1)), __FUNCTION__, __LINE__); // Was this fine? - if (SQL_AFFECTEDROWS() == count($IDs)) { + if (SQL_AFFECTEDROWS() == count(postRequestElement($idColumn[0]))) { // All deleted - loadTemplate('admin_settings_saved', false, getMessage('ADMIN_ALL_ENTRIES_REMOVED')); + displayMessage('{--ADMIN_ALL_ENTRIES_REMOVED--}'); } else { // Some are still there :( - loadTemplate('admin_settings_saved', false, sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_DELETED'), SQL_AFFECTEDROWS(), count($IDs))); + displayMessage(sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_DELETED'), SQL_AFFECTEDROWS(), count(postRequestElement($idColumn[0])))); } } else { // List for deletion confirmation - adminListBuilder('del', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); + adminListBuilder('delete', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); } } // END - if } // Edit rows by given id numbers -function adminEditEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $editNow=false, $idColumn='id', $userIdColumn='userid') { +function adminEditEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $editNow = array(false), $idColumn = array('id'), $userIdColumn = array('userid'), $rawUserId = array('userid')) { + // $tableName must be an array + if ((!is_array($tableName)) || (count($tableName) != 1)) { + // No tableName specified + debug_report_bug(__FUNCTION__, __LINE__, 'tableName is not given. Please fix your XML,tableName[]=' . gettype($tableName) . '!=array'); + } elseif (!is_array($idColumn)) { + // $idColumn is no array + debug_report_bug(__FUNCTION__, __LINE__, 'idColumn[]=' . gettype($idColumn) . '!=array'); + } elseif (!is_array($userIdColumn)) { + // $userIdColumn is no array + debug_report_bug(__FUNCTION__, __LINE__, 'userIdColumn[]=' . gettype($userIdColumn) . '!=array'); + } elseif (!is_array($editNow)) { + // $editNow is no array + debug_report_bug(__FUNCTION__, __LINE__, 'editNow[]=' . gettype($editNow) . '!=array'); + } // END - if + // All valid entries? (We hope so here!) - if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) { + //* DEBUG: */ debug_report_bug(__FUNCTION__, __LINE__, 'idColumn=
    '.print_r($idColumn,true).'
    ,tableName
    '.print_r($tableName,true).'
    ,columns=
    '.print_r($columns,true).'
    ,filterFunctions=
    '.print_r($filterFunctions,true).'
    ,extraValues=
    '.print_r($extraValues,true).'
    ,editNow=
    '.print_r($editNow,true).'
    ,userIdColumn=
    '.print_r($userIdColumn,true).'
    ,rawUserId=
    '.print_r($rawUserId,true).'
    '); + //if ((count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) { + if (true) { // Shall we change here or list for editing? - if ($editNow === true) { + if ($editNow[0] === true) { // Change them all $affected = '0'; - foreach ($IDs as $id => $sel) { + foreach (postRequestElement($idColumn[0]) as $id => $sel) { // Prepare content array (new values) $content = array(); // Prepare SQL for this row $sql = sprintf("UPDATE `{?_MYSQL_PREFIX?}_%s` SET", - SQL_ESCAPE($table) + SQL_ESCAPE($tableName[0]) ); foreach (postRequestArray() as $key => $entries) { // Skip raw userid which is always invalid - if ($key == 'userid_raw') { + if ($key == $rawUserId[0]) { // Continue with next field continue; } // END - if // Is entries an array? - if (($key != $idColumn) && (is_array($entries)) && (isset($entries[$id]))) { + if (($key != $idColumn[0]) && (is_array($entries)) && (isset($entries[$id]))) { // Add this entry to content $content[$key] = $entries[$id]; @@ -1001,7 +1191,7 @@ function adminEditEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctio SQL_ESCAPE($key), SQL_ESCAPE($entries[$id]) ); - } elseif (($key != $idColumn) && (!is_array($entries))) { + } elseif (($key != $idColumn[0]) && (!is_array($entries))) { // Add normal entries as well! $content[$key] = $entries; } @@ -1014,7 +1204,7 @@ function adminEditEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctio } // END - foreach // Finish SQL command - $sql = substr($sql, 0, -1) . " WHERE `" . $idColumn . "`=" . bigintval($id) . " LIMIT 1"; + $sql = substr($sql, 0, -1) . " WHERE `" . $idColumn[0] . "`=" . bigintval($id) . " LIMIT 1"; // Run this query SQL_QUERY($sql, __FUNCTION__, __LINE__); @@ -1024,7 +1214,11 @@ function adminEditEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctio // Load all data from that id $result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s`=%s LIMIT 1", - array($table, $idColumn, $id), __FUNCTION__, __LINE__); + array( + $tableName[0], + $idColumn[0], + $id + ), __FUNCTION__, __LINE__); // Fetch the data and merge it into $content $content = merge_array($content, SQL_FETCHARRAY($result)); @@ -1033,55 +1227,238 @@ function adminEditEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctio SQL_FREERESULT($result); // Send "build mails" out - sendAdminBuildMails('edit', $table, $content, $id); + sendAdminBuildMails('edit', $tableName, $content, $id, '', $userIdColumn); } // END - foreach // Was this fine? - if ($affected == count($IDs)) { + if ($affected == count(postRequestElement($idColumn[0]))) { // All deleted - loadTemplate('admin_settings_saved', false, getMessage('ADMIN_ALL_ENTRIES_EDITED')); + displayMessage('{--ADMIN_ALL_ENTRIES_EDITED--}'); } else { // Some are still there :( - loadTemplate('admin_settings_saved', false, sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_EDITED'), $affected, count($IDs))); + displayMessage(sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_EDITED'), $affected, count(postRequestElement($idColumn[0])))); } } else { // List for editing - adminListBuilder('edit', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); + adminListBuilder('edit', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); } - } // END - if + } else { + // Maybe some invalid parameters + debug_report_bug(__FUNCTION__, __LINE__, 'tableName=' . $tableName[0] . ',columns[]=' . gettype($columns) . ',filterFunctions[]=' . gettype($filterFunctions) . ',extraValues[]=' . gettype($extraValues) . ',idColumn=' . $idColumn[0] . ',userIdColumn=' . $userIdColumn[0] . ' - INVALID!'); + } } // Un-/lock rows by given id numbers -function adminLockEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn='id', $userIdColumn='userid') { +function adminLockEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $statusArray = array(), $lockNow = array(false), $idColumn = array('id'), $userIdColumn = array('userid')) { + // $tableName must be an array + if ((!is_array($tableName)) || (count($tableName) != 1)) { + // No tableName specified + debug_report_bug(__FUNCTION__, __LINE__, 'tableName is not given. Please fix your XML,tableName[]=' . gettype($tableName) . '!=array'); + } elseif (!is_array($idColumn)) { + // $idColumn is no array + debug_report_bug(__FUNCTION__, __LINE__, 'idColumn[]=' . gettype($idColumn) . '!=array'); + } elseif (!is_array($lockNow)) { + // $lockNow is no array + debug_report_bug(__FUNCTION__, __LINE__, 'lockNow[]=' . gettype($lockNow) . '!=array'); + } // END - if + // All valid entries? (We hope so here!) - if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && (($lockNow === false) || (count($statusArray) == 1))) { + if ((count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && (($lockNow[0] === false) || (count($statusArray) == 1))) { // Shall we un-/lock here or list for locking? - if ($lockNow === true) { + if ($lockNow[0] === true) { // Un-/lock entries - adminBuilderStatusHandler('lock', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray); + adminBuilderStatusHandler('lock', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray); } else { // List for editing - adminListBuilder('lock', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); + adminListBuilder('lock', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); } } // END - if } // Undelete rows by given id numbers -function adminUndeleteEntriesConfirm ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $undeleteNow=false, $idColumn='id', $userIdColumn='userid') { +function adminUndeleteEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $statusArray = array(), $undeleteNow = array(false), $idColumn = array('id'), $userIdColumn = array('userid')) { + // $tableName must be an array + if ((!is_array($tableName)) || (count($tableName) != 1)) { + // No tableName specified + debug_report_bug(__FUNCTION__, __LINE__, 'tableName is not given. Please fix your XML,tableName[]=' . gettype($tableName) . '!=array'); + } elseif (!is_array($idColumn)) { + // $idColumn is no array + debug_report_bug(__FUNCTION__, __LINE__, 'idColumn[]=' . gettype($idColumn) . '!=array'); + } elseif (!is_array($undeleteNow)) { + // $undeleteNow is no array + debug_report_bug(__FUNCTION__, __LINE__, 'undeleteNow[]=' . gettype($undeleteNow) . '!=array'); + } // END - if + // All valid entries? (We hope so here!) - if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && (($undeleteNow === false) || (count($statusArray) == 1))) { + if ((count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && (($undeleteNow[0] === false) || (count($statusArray) == 1))) { // Shall we un-/lock here or list for locking? - if ($undeleteNow === true) { + if ($undeleteNow[0] === true) { // Undelete entries - adminBuilderStatusHandler('undelete', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray); + adminBuilderStatusHandler('undelete', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray); } else { // List for editing - adminListBuilder('undelete', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); + adminListBuilder('undelete', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); + } + } // END - if +} + +// Adds a given entry to the database +function adminAddEntries ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array()) { + //* DEBUG: */ die('columns=
    '.print_r($columns,true).'
    ,filterFunctions=
    '.print_r($filterFunctions,true).'
    ,extraValues=
    '.print_r($extraValues,true).'
    ,POST=
    '.print_r($_POST,true).'
    '); + // Verify that tableName and columns are not empty + if ((!is_array($tableName)) || (count($tableName) != 1)) { + // No tableName specified + debug_report_bug(__FUNCTION__, __LINE__, 'tableName is not given. Please fix your XML,tableName[]=' . gettype($tableName) . '!=array'); + } elseif (count($columns) == 0) { + // No columns specified + debug_report_bug(__FUNCTION__, __LINE__, 'columns is not given. Please fix your XML.'); + } + + // Init columns and value elements + $sqlColumns = array(); + $sqlValues = array(); + + // Add columns and values + foreach ($columns as $key => $columnName) { + // Copy entry to final arrays + $sqlColumns[$key] = $columnName; + $sqlValues[$key] = postRequestElement($columnName); + //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'key='.$key.',columnName='.$columnName.',filterFunctions='.$filterFunctions[$key].',extraValues='.intval(isset($extraValues[$key])).',extraValuesName='.intval(isset($extraValues[$columnName . '_list'])).'
    '); + + // Send data through the filter function if found + if ((isset($filterFunctions[$key])) && (isset($extraValues[$key . '_list']))) { + // Filter function set! + $sqlValues[$key] = call_user_func_array($filterFunctions[$key], merge_array(array($columnName), $extraValues[$key . '_list'])); + } // END - if + } // END - foreach + + // Build the SQL query + $SQL = 'INSERT INTO `{?_MYSQL_PREFIX?}_' . $tableName[0] . '` (`' . implode('`,`', $sqlColumns) . "`) VALUES ('" . implode("','", $sqlValues) . "')"; + + // Run the SQL query + SQL_QUERY($SQL, __FUNCTION__, __LINE__); + + // Entry has been added? + if (!SQL_HASZEROAFFECTED()) { + // Display success message + displayMessage('{--ADMIN_ENTRY_ADDED--}'); + } else { + // Display failed message + displayMessage('{--ADMIN_ENTRY_NOT_ADDED--}'); + } +} + +// List all given rows (callback function from XML) +function adminListEntries ($tableTemplate, $rowTemplate, $noEntryMessageId, $tableName, $columns, $whereColumns, $orderByColumns, $callbackColumns, $extraParameters = array()) { + // Verify that tableName and columns are not empty + if ((!is_array($tableName)) || (count($tableName) != 1)) { + // No tableName specified + debug_report_bug(__FUNCTION__, __LINE__, 'tableName is not given. Please fix your XML,tableName[]=' . gettype($tableName) . '!=array,tableTemplate=' . $tableTemplate . ',rowTemplate=' . $rowTemplate); + } elseif (count($columns) == 0) { + // No columns specified + debug_report_bug(__FUNCTION__, __LINE__, 'columns is not given. Please fix your XML,tableTemplate=' . $tableTemplate . ',rowTemplate=' . $rowTemplate . ',tableName[0]=' . $tableName[0]); + } + + // This is the minimum query, so at least columns and tableName must have entries + $SQL = 'SELECT '; + + // Get the sql part back from given array + $SQL .= getSqlPartFromXmlArray($columns); + + // Remove last commata and add FROM statement + $SQL .= ' FROM `{?_MYSQL_PREFIX?}_' . $tableName[0] . '`'; + + // Do we have entries from whereColumns to add? + if (count($whereColumns) > 0) { + // Then add these as well + if (count($whereColumns) == 1) { + // One entry found + $SQL .= ' WHERE '; + + // Table/alias included? + if (!empty($whereColumns[0]['table'])) { + // Add it as well + $SQL .= $whereColumns[0]['table'] . '.'; + } // END - if + + // Add the rest + $SQL .= '`' . $whereColumns[0]['column'] . '`' . $whereColumns[0]['condition'] . "'" . $whereColumns[0]['look_for'] . "'"; + } else { + // More than one entry -> Unsupported + debug_report_bug(__FUNCTION__, __LINE__, 'More than one WHERE statement found. This is currently not supported.'); } } // END - if + + // Do we have entries from orderByColumns to add? + if (count($orderByColumns) > 0) { + // Add them as well + $SQL .= ' ORDER BY '; + foreach ($orderByColumns as $orderByColumn => $array) { + // Get keys (table/alias) and values (sorting itself) + $table = trim(implode('', array_keys($array))); + $sorting = trim(implode('', array_keys($array))); + + // table/alias can be omitted + if (!empty($table)) { + // table/alias is given + $SQL .= $table . '.'; + } // END - if + + // Add order-by column + $SQL .= '`' . $orderByColumn . '` ' . $sorting . ','; + } // END - foreach + + // Remove last column + $SQL = substr($SQL, 0, -1); + } // END - if + + // Now handle all over to the inner function which will execute the listing + doAdminListEntries($SQL, $tableTemplate, $noEntryMessageId, $rowTemplate, $callbackColumns, $extraParameters); +} + +// Do the listing of entries +function doAdminListEntries ($SQL, $tableTemplate, $noEntryMessageId, $rowTemplate, $callbackColumns, $extraParameters = array()) { + // Run the SQL query + $result = SQL_QUERY($SQL, __FUNCTION__, __LINE__); + + // Do we have some URLs left? + if (!SQL_HASZERONUMS($result)) { + // List all URLs + $OUT = ''; + while ($content = SQL_FETCHARRAY($result)) { + // "Translate" content + foreach ($callbackColumns as $columnName => $callbackFunction) { + // Fill the callback arguments + $args = array($content[$columnName]); + + // Do we have more to add? + if (isset($extraParameters[$columnName])) { + // Add them as well + $args = merge_array($args, $extraParameters[$columnName]); + } // END - if + + // Call the callback-function + //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'callbackFunction=' . $callbackFunction . ',args=
    '.print_r($args, true).'
    '); + // @TODO If we can rewrite the EL sub-system to support more than one parameter, this call_user_func_array() can be avoided + $content[$columnName] = call_user_func_array($callbackFunction, $args); + } // END - foreach + + // Load row template + $OUT .= loadTemplate(trim($rowTemplate[0]), true, $content); + } // END - while + + // Load main template + loadTemplate(trim($tableTemplate[0]), false, $OUT); + } else { + // No URLs in surfbar + displayMessage('{--' .$noEntryMessageId[0] . '--}'); + } + + // Free result + SQL_FREERESULT($result); } -// Checks proxy settins by fetching check-updates3.php from www.mxchange.org +// Checks proxy settins by fetching check-updates3.php from mxchange.org function adminTestProxySettings ($settingsArray) { // Set temporary the new settings mergeConfig($settingsArray); @@ -1090,7 +1467,7 @@ function adminTestProxySettings ($settingsArray) { $content = sendGetRequest('check-updates3.php'); // Is the first line with "200 OK"? - $valid = (strpos($content[0], '200 OK') !== false); + $valid = isInString('200 OK', $content[0]); // Return result return $valid; @@ -1102,13 +1479,13 @@ function sendAdminPasswordResetLink ($email) { $OUT = ''; // Look up administator login - $result = SQL_QUERY_ESC("SELECT `id`, `login`, `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `email`='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `id`,`login`,`password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE '%s' REGEXP `email` LIMIT 1", array($email), __FUNCTION__, __LINE__); // Is there an account? if (SQL_HASZERONUMS($result)) { - // No account found! - return getMessage('ADMIN_NO_LOGIN_WITH_EMAIL'); + // No account found + return '{--ADMIN_NO_LOGIN_WITH_EMAIL--}'; } // END - if // Load all data @@ -1118,7 +1495,7 @@ function sendAdminPasswordResetLink ($email) { SQL_FREERESULT($result); // Generate hash for reset link - $content['hash'] = generateHash(getConfig('URL') . ':' . $content['id'] . ':' . $content['login'] . ':' . $content['password'], substr($content['password'], 10)); + $content['hash'] = generateHash(getUrl() . getEncryptSeparator() . $content['id'] . getEncryptSeparator() . $content['login'] . getEncryptSeparator() . $content['password'], substr($content['password'], getSaltLength())); // Remove some data unset($content['id']); @@ -1128,10 +1505,10 @@ function sendAdminPasswordResetLink ($email) { $mailText = loadEmailTemplate('admin_reset_password', $content); // Send it out - sendEmail($email, getMessage('ADMIN_RESET_PASS_LINK_SUBJ'), $mailText); + sendEmail($email, '{--ADMIN_RESET_PASSWORD_LINK_SUBJECT--}', $mailText); // Prepare output - return getMessage('ADMIN_RESET_LINK_SENT'); + return '{--ADMIN_RESET_PASSWORD_LINK_SENT--}'; } // Validate hash and login for password reset @@ -1140,7 +1517,7 @@ function adminResetValidateHashLogin ($hash, $login) { $valid = false; // Then try to find that user - $result = SQL_QUERY_ESC("SELECT `id`, `password`, `email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `id`,`password`,`email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1", array($login), __FUNCTION__, __LINE__); // Is an account here? @@ -1149,7 +1526,7 @@ function adminResetValidateHashLogin ($hash, $login) { $content = SQL_FETCHARRAY($result); // Generate hash again - $hashFromData = generateHash(getConfig('URL') . ':' . $content['id'] . ':' . $login . ':' . $content['password'], substr($content['password'], 10)); + $hashFromData = generateHash(getUrl() . getEncryptSeparator() . $content['id'] . getEncryptSeparator() . $login . getEncryptSeparator() . $content['password'], substr($content['password'], getSaltLength())); // Does both match? $valid = ($hash == $hashFromData); @@ -1167,15 +1544,20 @@ function doResetAdminPassword ($login, $password) { // Generate hash (we already check for sql_patches in generateHash()) $passHash = generateHash($password); + // Prepare fake POST data + $postData = array( + 'login' => array(getAdminId($login) => $login), + 'password' => array(getAdminId($login) => $passHash), + ); + // Update database - SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `password`='%s' WHERE `login`='%s' LIMIT 1", - array($passHash, $login), __FUNCTION__, __LINE__); + $message = adminsChangeAdminAccount($postData, '', false); // Run filters - runFilterChain('post_admin_reset_pass', array('login' => $login, 'hash' => $passHash)); + runFilterChain('post_form_reset_pass', array('login' => $login, 'hash' => $passHash, 'message' => $message)); // Return output - return getMessage('ADMIN_PASSWORD_RESET_DONE'); + return '{--ADMIN_PASSWORD_RESET_DONE--}'; } // Solves a task by given id number @@ -1192,16 +1574,13 @@ function adminDeleteTask ($id) { // Function to update task data function adminUpdateTaskData ($id, $row, $data) { - // Should be admin! + // Should be admin and valid id if (!isAdmin()) { // Not an admin so redirect better - redirectToUrl('modules.php?module=index'); - } // END - if - - // Is the id not set, then we need a backtrace here... :( - if ($id <= 0) { + debug_report_bug(__FUNCTION__, __LINE__, 'id=' . $id . ',row=' . $row . ',data=' . $data . ' - isAdmin()=false'); + } elseif ($id <= 0) { // Initiate backtrace - debug_report_bug(sprintf("id is invalid: %s. row=%s, data=%s", + debug_report_bug(__FUNCTION__, __LINE__, sprintf("id is invalid: %s. row=%s, data=%s", $id, $row, $data @@ -1241,7 +1620,7 @@ function setAdminMenuHasEntries ($action, $hasEntries) { // Creates a link to the user's admin-profile function adminCreateUserLink ($userid) { // Is the userid set correctly? - if ($userid > 0) { + if (isValidUserId($userid)) { // Create a link to that profile return '{%url=modules.php?module=admin&what=list_user&userid=' . bigintval($userid) . '%}'; } // END - if @@ -1253,7 +1632,7 @@ function adminCreateUserLink ($userid) { // Generate a "link" for the given admin id (admin_id) function generateAdminLink ($adminId) { // No assigned admin is default - $adminLink = '{--ADMIN_NO_ADMIN_ASSIGNED--}'; + $adminLink = '{--ADMIN_NO_ADMIN_ASSIGNED--}'; // Zero? = Not assigned if (bigintval($adminId) > 0) { @@ -1268,11 +1647,11 @@ function generateAdminLink ($adminId) { $adminLink = '' . $login . ''; } else { // Extension not found - $adminLink = getMaskedMessage('EXTENSION_PROBLEM_NOT_INSTALLED', 'admins'); + $adminLink = '{%message,ADMIN_TASK_ROW_EXTENSION_NOT_INSTALLED=admins%}'; } } else { // Maybe deleted? - $adminLink = '
    ' . getMaskedMessage('ADMIN_ID_404', $adminId) . '
    '; + $adminLink = '
    {%message,ADMIN_ID_404=' . $adminId . '%}
    '; } } // END - if @@ -1300,20 +1679,20 @@ function doVerifyExpertSettings () { // Is he allowed? if ($expertSettings == 'Y') { // Okay, does he want to see them? - if (getAminsExpertWarning() == 'Y') { + if (isAdminsExpertWarningEnabled()) { // Ask for them if (isFormSent()) { // Is the element set, then we need to change the admin - if (isPostRequestParameterSet('expert_settings')) { + if (isPostRequestElementSet('expert_settings')) { // Get it and prepare final post data array - $postData['login'][getCurrentAdminId()] = getAdminLogin(getCurrentAdminId()); + $postData['login'][getCurrentAdminId()] = getCurrentAdminLogin(); $postData['expert_warning'][getCurrentAdminId()] = 'N'; // Change it in the admin adminsChangeAdminAccount($postData, 'expert_warning'); // Clear form - unsetPostRequestParameter('ok'); + unsetPostRequestElement('ok'); } // END - if // All fine! @@ -1341,12 +1720,217 @@ function doVerifyExpertSettings () { // Output message for other status than ask/agreed if (($return != 'ask') && ($return != 'agreed')) { // Output message - loadTemplate('admin_settings_saved', false, getMessage('ADMIN_EXPERT_SETTINGS_STATUS_' . strtoupper($return))); + displayMessage('{--ADMIN_EXPERT_SETTINGS_STATUS_' . strtoupper($return) . '--}'); } // END - if // Return status return $return; } +// Generate link to unconfirmed mails for admin +function generateUnconfirmedAdminLink ($id, $unconfirmed, $type = 'bid') { + // Init output + $OUT = $unconfirmed; + + // Do we have unconfirmed mails? + if ($unconfirmed > 0) { + // Add link to list_unconfirmed what-file + $OUT = '{%pipe,translateComma=' . $unconfirmed . '%}'; + } // END - if + + // Return it + return $OUT; +} + +// Generates a navigation row for listing emails +function addEmailNavigation ($numPages, $offset, $show_form, $colspan, $return=false) { + // Don't do anything if $numPages is 1 + if ($numPages == 1) { + // Abort here with empty content + return ''; + } // END - if + + $TOP = ''; + if ($show_form === false) { + $TOP = ' top'; + } // END - if + + $NAV = ''; + for ($page = 1; $page <= $numPages; $page++) { + // Is the page currently selected or shall we generate a link to it? + if (($page == getRequestElement('page')) || ((!isGetRequestElementSet('page')) && ($page == 1))) { + // Is currently selected, so only highlight it + $NAV .= '-'; + } else { + // Open anchor tag and add base URL + $NAV .= ''; + } + $NAV .= $page; + if (($page == getRequestElement('page')) || ((!isGetRequestElementSet('page')) && ($page == 1))) { + // Is currently selected, so only highlight it + $NAV .= '-'; + } else { + // Close anchor tag + $NAV .= ''; + } + + // Add separator if we have not yet reached total pages + if ($page < $numPages) { + // Add it + $NAV .= '|'; + } // END - if + } // END - for + + // Define constants only once + $content['nav'] = $NAV; + $content['span'] = $colspan; + $content['top'] = $TOP; + + // Load navigation template + $OUT = loadTemplate('admin_email_nav_row', true, $content); + + if ($return === true) { + // Return generated HTML-Code + return $OUT; + } else { + // Output HTML-Code + outputHtml($OUT); + } +} + +// Process menu editing form +function adminProcessMenuEditForm ($type, $subMenu) { + // An action is done... + foreach (postRequestElement('sel') as $sel => $menu) { + $AND = "(`what` = '' OR `what` IS NULL)"; + + $sel = bigintval($sel); + + if (!empty($subMenu)) { + $AND = "`action`='" . $subMenu . "'"; + } // END - if + + switch (postRequestElement('ok')) { + case 'edit': // Edit menu + // Shall we update a menu or sub menu? + if (!isGetRequestElementSet('sub')) { + // Update with 'what'=null + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `title`='%s',`action`='%s',`what`=NULL WHERE ".$AND." AND `id`=%s LIMIT 1", + array( + $type, + $menu, + postRequestElement('sel_action', $sel), + $sel + ), __FUNCTION__, __LINE__); + } else { + // Update with selected 'what' + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `title`='%s',`action`='%s',`what`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1", + array( + $type, + $menu, + postRequestElement('sel_action', $sel), + postRequestElement('sel_what', $sel), + $sel + ), __FUNCTION__, __LINE__); + } + break; + + case 'delete': // Delete menu + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE ".$AND." AND `id`=%s LIMIT 1", + array( + $type, + $sel + ), __FUNCTION__, __LINE__); + break; + + case 'status': // Change status of menus + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `visible`='%s',`locked`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1", + array( + $type, + postRequestElement('visible', $sel), + postRequestElement('locked', $sel), + $sel + ), __FUNCTION__, __LINE__); + break; + + default: // Unexpected action + logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unsupported action %s detected.", postRequestElement('ok'))); + displayMessage('{%message,ADMIN_UNKNOWN_OKAY=' . postRequestElement('ok') . '%}'); + break; + } // END - switch + } // END - foreach + + // Load template + displayMessage('{--SETTINGS_SAVED--}'); +} + +// Handle weightning +function doAdminProcessMenuWeightning ($type, $AND) { + // Are there all required (generalized) GET parameter? + if ((isGetRequestElementSet('act')) && (isGetRequestElementSet('tid')) && (isGetRequestElementSet('fid'))) { + // Init variables + $tid = ''; $fid = ''; + + // Get ids + if (isGetRequestElementSet('w')) { + // Sub menus selected + $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `sort`=%s LIMIT 1", + array( + $type, + getRequestElement('act'), + bigintval(getRequestElement('tid')) + ), __FUNCTION__, __LINE__); + list($tid) = SQL_FETCHROW($result); + SQL_FREERESULT($result); + $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `sort`=%s LIMIT 1", + array( + $type, + getRequestElement('act'), + bigintval(getRequestElement('fid')) + ), __FUNCTION__, __LINE__); + list($fid) = SQL_FETCHROW($result); + SQL_FREERESULT($result); + } else { + // Main menu selected + $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL) AND `sort`=%s LIMIT 1", + array( + $type, + bigintval(getRequestElement('tid')) + ), __FUNCTION__, __LINE__); + list($tid) = SQL_FETCHROW($result); + SQL_FREERESULT($result); + $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL) AND `sort`=%s LIMIT 1", + array( + $type, + bigintval(getRequestElement('fid')) + ), __FUNCTION__, __LINE__); + list($fid) = SQL_FETCHROW($result); + SQL_FREERESULT($result); + } + + if ((!empty($tid)) && (!empty($fid))) { + // Sort menu + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `sort`=%s WHERE ".$AND." AND `id`=%s LIMIT 1", + array( + $type, + bigintval(getRequestElement('tid')), + bigintval($fid) + ), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `sort`=%s WHERE ".$AND." AND `id`=%s LIMIT 1", + array( + $type, + bigintval(getRequestElement('fid')), + bigintval($tid) + ), __FUNCTION__, __LINE__); + } // END - if + } // END - if +} + // [EOF] ?>