X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-admins_edit.php;h=05747bc21edfd18a0604869df6bc6b6525897c2a;hb=995488beda665a1fc3de65df95f2d1ae236d1245;hp=80c4301711d7d339af2d98c019523b4b37b6b22f;hpb=b5912168d72ae511eb623c3d92540c82d31b93c5;p=mailer.git diff --git a/inc/modules/admin/what-admins_edit.php b/inc/modules/admin/what-admins_edit.php index 80c4301711..05747bc21e 100644 --- a/inc/modules/admin/what-admins_edit.php +++ b/inc/modules/admin/what-admins_edit.php @@ -1,7 +1,7 @@ 0)) -{ - // Edit account(s) - $SW = 2; $OUT = ""; - foreach ($_POST['sel'] as $id=>$sel) - { - $result = SQL_QUERY_ESC("SELECT login, email, default_acl AS mode, la_mode FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1", - array(bigintval($id)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { - // Entry found - $content = SQL_FETCHARRAY($result); - SQL_FREERESULT($result); - $content['mode'] = ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE), $content['mode']); - $content['la_mode'] = ADD_OPTION_LINES("/ARRAY/", array("global", "OLD", "NEW"), array(ADMINS_GLOBAL_LA_SETTING, ADMINS_OLD_LA_SETTING, ADMINS_NEW_LA_SETTING), $content['la_mode']); + // Set required fields + setPostRequestParameter('edit', 1); + setPostRequestParameter('sel', array($adminId => 1)); +} // END - if - // Prepare some more data for the template - $content['sw'] = $SW; - $content['id'] = $id; - - // Load row template and switch color - $OUT .= LOAD_TEMPLATE("admin_edit_admins_row", true, $content); - $SW = 3 - $SW; - } - } - define('__ADMINS_ROWS', $OUT); - - // Load template - LOAD_TEMPLATE("admin_edit_admins"); -} - elseif ((isset($_POST['change'])) && (sizeof($_POST['login']) > 0)) -{ +if ((isFormSent('edit')) && (countPostSelection() > 0)) { + // Edit account(s) + adminsEditAdminAccount(postRequestArray()); +} elseif ((isFormSent('change')) && (count(postRequestParameter('login')) > 0)) { // Change admin accounts - $CACHE_UPDATE = "0"; - foreach ($_POST['login'] as $id=>$login) - { - // Secure ID number - $id = bigintval($id); - - // When both passwords match update admin account - if ($_POST['pass1'][$id] == $_POST['pass2'][$id]) - { - // Save only when both passwords are the same (also when they are empty) - $ADD = ""; $CACHE_UPDATE = "1"; - - // Generate hash - $hash = generateHash($_POST['pass1'][$id]); - - // Save password when set - if (!empty($_POST['pass1'][$id])) $ADD = ", password='".$hash."'"; - - // Get admin's ID - $salt = substr(GET_ADMIN_HASH($_SESSION['admin_login']), 0, -40); - $aid = GET_ADMIN_ID($_SESSION['admin_login']); - - // Rewrite cookie when it's own account - if ($aid == $id) - { - // Timeout - $TIMEOUT = time() + bigintval($_SESSION['admin_to']); - - // Set timeout cookie - set_session("admin_last", time(), $TIMEOUT, COOKIE_PATH); - - if ($login != $_SESSION['admin_login']) - { - // Update login cookie - set_session("admin_login", $login, $TIMEOUT, COOKIE_PATH); - - // Update password cookie as well? - if (!empty($ADD)) set_session("admin_md5", $hash, $TIMEOUT, COOKIE_PATH); - } - elseif (generateHash($_POST['pass1'][$id], $salt) != $_SESSION['admin_md5']) - { - // Update password cookie - set_session("admin_md5", $hash, $TIMEOUT, COOKIE_PATH); - } - - } - - // Update admin account - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET -login='%s'".$ADD.", -email='%s', -default_acl='%s', -la_mode='%s' -WHERE id=%d LIMIT 1", - array( - $login, - $_POST['email'][$id], - $_POST['mode'][$id], - $_POST['la_mode'][$id], - $id -), __FILE__, __LINE__); - - // Admin account saved - $MSG = ADMIN_ACCOUNT_SAVED; - } - else - { - // Passwords did not match - $MSG = ADMINS_ERROR_PASS_MISMATCH; - } - } - - // Remove cache file - if ((EXT_IS_ACTIVE("cache")) && ($CACHE_UPDATE == "1")) - { - if ($CACHE->cache_file("admins", true)) $CACHE->cache_destroy(); - } - - // Display message - if (!empty($MSG)) - { - LOAD_TEMPLATE("admin_settings_saved", false, "".$MSG.""); - } -} - elseif ((isset($_POST['del'])) && (SELECTION_COUNT($_POST['sel']) > 0)) -{ - // Check if this account is the last one which cannot be deleted... - $result_main = SQL_QUERY("SELECT id FROM "._MYSQL_PREFIX."_admins", __FILE__, __LINE__); - $accounts = SQL_NUMROWS($result_main); - SQL_FREERESULT($result_main); - if ($accounts > 1) - { - // Delete accounts - $SW = 2; $OUT = ""; - foreach ($_POST['sel'] as $id=>$sel) - { - $result = SQL_QUERY_ESC("SELECT login, email, default_acl AS mode, la_mode FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1", - array(bigintval($id)), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { - // Entry found - $content = SQL_FETCHARRAY($result); - SQL_FREERESULT($result); - $eval = "\$content['mode'] = ADMINS_".strtoupper($content['mode'])."_MODE;"; - eval($eval); - $eval = "\$content['la_mode'] = ADMINS_".strtoupper($content['la_mode'])."_LA_SETTING;"; - eval($eval); - - // Prepare some more data - $content['sw'] = $SW; - $content['id'] = $id; - - // Load row template and switch color - $OUT .= LOAD_TEMPLATE("admin_del_admins_row", true, $content); - $SW = 3 - $SW; - } - } - define('__ADMINS_ROWS', $OUT); - - // Load template - LOAD_TEMPLATE("admin_del_admins"); - } - else - { - // Cannot delete last account! - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_CANNOT_DELETE_LAST); - } -} - else -{ - if ((isset($_POST['remove'])) && (SELECTION_COUNT($_POST['sel']) > 0)) - { + adminsChangeAdminAccount(postRequestArray()); +} elseif ((isFormSent('del')) && (countPostSelection() > 0)) { + // Show admin accounts for deletetion + adminsDeleteAdminAccount(postRequestArray()); +} else { + if ((isFormSent('remove')) && (countPostSelection() > 0)) { // Remove accounts now - $CACHE_UPDATE = "0"; - foreach ($_POST['sel'] as $id=>$del) - { - // Delete only when it's not your own account! - if (($del == 1) && (GET_ADMIN_ID($_SESSION['admin_login']) != $id)) - { - // Rewrite his tasks to all admins - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin='0' WHERE assigned_admin='%s'", - array(bigintval($id)), __FILE__, __LINE__); - - // Remove account - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1", - array(bigintval($id)), __FILE__, __LINE__); - - $CACHE_UPDATE = "1"; - } - } - - // Remove cache if cache system is activated - if ((EXT_IS_ACTIVE("cache")) && ($CACHE_UPDATE == "1")) - { - if ($CACHE->cache_file("admins", true)) $CACHE->cache_destroy(); - } - } + adminsRemoveAdminAccount(postRequestArray()); + } // END - if // List all admin accounts - $result = SQL_QUERY("SELECT id, login, email, default_acl AS mode, la_mode FROM "._MYSQL_PREFIX."_admins ORDER BY login", __FILE__, __LINE__); - $SW = 2; $OUT = ""; - while ($content = SQL_FETCHARRAY($result)) - { - // Compile some variables - $eval = "\$content['mode'] = ADMINS_".strtoupper($content['mode'])."_MODE;"; - eval($eval); - $eval = "\$content['la_mode'] = ADMINS_".strtoupper($content['la_mode'])."_LA_SETTING;"; - eval($eval); - - // Prepare some more data - $content['sw'] = $SW; - $content['email_link'] = CREATE_EMAIL_LINK($content['id']); - - // Load row template and switch color - $OUT .= LOAD_TEMPLATE("admin_list_admins_row", true, $content); - $SW = 3 - $SW; - } - - // Free memory - SQL_FREERESULT($result); - define('__ADMINS_ROWS', $OUT); - - // Load template - LOAD_TEMPLATE("admin_list_admins"); + adminsListAdminAccounts(); } -// + +// [EOF] ?>