X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-admins_edit.php;h=c85b8448b5044d942f4295b72ce9456c17c4522e;hb=f26aab4a55972825a0d3ef9346c8c8dea8752b7b;hp=49d9b2108aa916be35c486387192db7b0aa9d10f;hpb=75ad748a68473ace540251427a74fb781b1145e9;p=mailer.git

diff --git a/inc/modules/admin/what-admins_edit.php b/inc/modules/admin/what-admins_edit.php
index 49d9b2108a..c85b8448b5 100644
--- a/inc/modules/admin/what-admins_edit.php
+++ b/inc/modules/admin/what-admins_edit.php
@@ -10,7 +10,12 @@
  * -------------------------------------------------------------------- *
  * Kurzbeschreibung  : Admin-Account editieren                          *
  * -------------------------------------------------------------------- *
- *                                                                      *
+ * $Revision::                                                        $ *
+ * $Date::                                                            $ *
+ * $Tag:: 0.2.1-FINAL                                                 $ *
+ * $Author::                                                          $ *
+ * Needs to be in all Files and every File needs "svn propset           *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  * For more information visit: http://www.mxchange.org                  *
@@ -32,246 +37,45 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
-// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
 
-// Instance for the cache extension
-global $CACHE;
+// Add description as navigation point
+ADD_DESCR("admin", __FILE__);
 
 // Set selection data to empty array when it is empty
-if (empty($_POST['sel'])) $_POST['sel'] = array();
+if (!REQUEST_ISSET_POST('sel')) REQUEST_SET_POST('sel', array());
 
 // Check if direct admin account was selected
-if (!empty($_GET['admin']))
-{
+if (REQUEST_ISSET_GET('admin')) {
 	// Secure ID number
-	$aid = bigintval($_GET['admin']);
-	$_POST['edit'] = "1";
-	$_POST['sel'][$aid] = array("1");
+	$aid = bigintval(REQUEST_GET('admin'));
+
+	// Set required fields
+	REQUEST_SET_POST('edit', "1");
+	REQUEST_SET_POST(array('sel', $aid), "1");
 }
 
-if ((isset($_POST['edit'])) && (SELECTION_COUNT($_POST['sel']) > 0))
-{
+if ((REQUEST_ISSET_POST('edit')) && (SELECTION_COUNT(REQUEST_POST('sel')) > 0)) {
 	// Edit account(s)
-	$SW = 2; $OUT = "";
-	foreach ($_POST['sel'] as $id=>$sel)
-	{
-		$result = SQL_QUERY_ESC("SELECT login, email, default_acl AS mode, la_mode FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",
-		 array(bigintval($id)), __FILE__, __LINE__);
-		if (SQL_NUMROWS($result) == 1)
-		{
-			// Entry found
-			$content = SQL_FETCHARRAY($result);
-			SQL_FREERESULT($result);
-			$content['mode']    = ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE), $content['mode']);
-			$content['la_mode'] = ADD_OPTION_LINES("/ARRAY/", array("global", "OLD", "NEW"), array(ADMINS_GLOBAL_LA_SETTING, ADMINS_OLD_LA_SETTING, ADMINS_NEW_LA_SETTING), $content['la_mode']);
-
-			// Prepare some more data for the template
-			$content['sw'] = $SW;
-			$content['id'] = $id;
-
-			// Load row template and switch color
-			$OUT .= LOAD_TEMPLATE("admin_edit_admins_row", true, $content);
-			$SW = 3 - $SW;
-		}
-	}
-	define('__ADMINS_ROWS', $OUT);
-
-	// Load template
-	LOAD_TEMPLATE("admin_edit_admins");
-}
- elseif ((isset($_POST['change'])) && (sizeof($_POST['login']) > 0))
-{
+	ADMINS_EDIT_ADMIN_ACCOUNTS(REQUEST_POST_ARRAY());
+} elseif ((REQUEST_ISSET_POST(('change'))) && (count(REQUEST_POST('login')) > 0)) {
 	// Change admin accounts
-	$CACHE_UPDATE = "0";
-	foreach ($_POST['login'] as $id=>$login)
-	{
-		// Secure ID number
-		$id = bigintval($id);
-
-		// When both passwords match update admin account
-		if ($_POST['pass1'][$id] == $_POST['pass2'][$id])
-		{
-			// Save only when both passwords are the same (also when they are empty)
-			$ADD = ""; $CACHE_UPDATE = "1";
-
-			// Generate hash
-			$hash = generateHash($_POST['pass1'][$id]);
-
-			// Save password when set
-			if (!empty($_POST['pass1'][$id])) $ADD = ", password='".$hash."'";
-
-			// Get admin's ID
-			$salt = substr(GET_ADMIN_HASH($_COOKIE['admin_login']), 0, -40);
-			$aid = GET_ADMIN_ID($_COOKIE['admin_login']);
-
-			// Rewrite cookie when it's own account
-			if ($aid == $id)
-			{
-				// Timeout
-				$TIMEOUT = time() + bigintval($_COOKIE['admin_to']);
-
-				// Set timeout cookie
-				@setcookie("admin_last", time(), $TIMEOUT, COOKIE_PATH);
-
-				if ($login != $_COOKIE['admin_login'])
-				{
-					// Update login cookie
-					@setcookie("admin_login", $login, $TIMEOUT, COOKIE_PATH);
-
-					// Update password cookie as well?
-					if (!empty($ADD)) @setcookie("admin_md5", $hash, $TIMEOUT, COOKIE_PATH);
-				}
-				 elseif (generateHash($_POST['pass1'][$id], $salt) != $_COOKIE['admin_md5'])
-				{
-					// Update password cookie
-					@setcookie("admin_md5", $hash, $TIMEOUT, COOKIE_PATH);
-				}
-
-			}
-
-			// Update admin account
-			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET
-login='%s'".$ADD.",
-email='%s',
-default_acl='%s',
-la_mode='%s'
-WHERE id=%d LIMIT 1",
- array(
-	$login,
-	$_POST['email'][$id],
-	$_POST['mode'][$id],
-	$_POST['la_mode'][$id],
-	$id
-), __FILE__, __LINE__);
-
-			// Admin account saved
-			$MSG = ADMIN_ACCOUNT_SAVED;
-		}
-		 else
-		{
-			// Passwords did not match
-			$MSG = ADMINS_ERROR_PASS_MISMATCH;
-		}
-	}
-
-	// Remove cache file
-	if ((EXT_IS_ACTIVE("cache")) && ($CACHE_UPDATE == "1"))
-	{
-		if ($CACHE->cache_file("admins", true)) $CACHE->cache_destroy();
-	}
-
-	// Display message
-	if (!empty($MSG))
-	{
-		LOAD_TEMPLATE("admin_settings_saved", false, "<SPAN class=\"admin_done\">".$MSG."</SPAN>");
-	}
-}
- elseif ((isset($_POST['del'])) && (SELECTION_COUNT($_POST['sel']) > 0))
-{
-	// Check if this account is the last one which cannot be deleted...
-	$result_main = SQL_QUERY("SELECT id FROM "._MYSQL_PREFIX."_admins", __FILE__, __LINE__);
-	$accounts = SQL_NUMROWS($result_main);
-	SQL_FREERESULT($result_main);
-	if ($accounts > 1)
-	{
-		// Delete accounts
-		$SW = 2; $OUT = "";
-		foreach ($_POST['sel'] as $id=>$sel)
-		{
-			$result = SQL_QUERY_ESC("SELECT login, email, default_acl AS mode, la_mode FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",
-			 array(bigintval($id)), __FILE__, __LINE__);
-			if (SQL_NUMROWS($result) == 1)
-			{
-				// Entry found
-				$content = SQL_FETCHARRAY($result);
-				SQL_FREERESULT($result);
-				$eval = "\$content['mode'] = ADMINS_".strtoupper($content['mode'])."_MODE;";
-				eval($eval);
-				$eval = "\$content['la_mode'] = ADMINS_".strtoupper($content['la_mode'])."_LA_SETTING;";
-				eval($eval);
-
-				// Prepare some more data
-				$content['sw'] = $SW;
-				$content['id'] = $id;
-
-				// Load row template and switch color
-				$OUT .= LOAD_TEMPLATE("admin_del_admins_row", true, $content);
-				$SW = 3 - $SW;
-			}
-		}
-		define('__ADMINS_ROWS', $OUT);
-
-		// Load template
-		LOAD_TEMPLATE("admin_del_admins");
-	}
-	 else
-	{
-		// Cannot delete last account!
-		LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_CANNOT_DELETE_LAST);
-	}
-}
- else
-{
-	if ((isset($_POST['remove'])) && (SELECTION_COUNT($_POST['sel']) > 0))
-	{
+	ADMINS_CHANGE_ADMIN_ACCOUNT(REQUEST_POST_ARRAY());
+} elseif ((REQUEST_ISSET_POST('del')) && (SELECTION_COUNT(REQUEST_POST('sel')) > 0)) {
+	// Show admin accounts for deletetion
+	ADMINS_DELETE_ADMIN_ACCOUNTS(REQUEST_POST_ARRAY());
+} else {
+	if ((REQUEST_ISSET_POST(('remove'))) && (SELECTION_COUNT(REQUEST_POST('sel')) > 0)) {
 		// Remove accounts now
-		$CACHE_UPDATE = "0";
-		foreach ($_POST['sel'] as $id=>$del)
-		{
-			// Delete only when it's not your own account!
-			if (($del == 1) && (GET_ADMIN_ID($_COOKIE['admin_login']) != $id))
-			{
-				// Rewrite his tasks to all admins
-				$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin='0' WHERE assigned_admin='%s'",
-				 array(bigintval($id)), __FILE__, __LINE__);
-
-				// Remove account
-				$result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",
-				 array(bigintval($id)), __FILE__, __LINE__);
-
-				$CACHE_UPDATE = "1";
-			}
-		}
-
-		// Remove cache if cache system is activated
-		if ((EXT_IS_ACTIVE("cache")) && ($CACHE_UPDATE == "1"))
-		{
-			if ($CACHE->cache_file("admins", true)) $CACHE->cache_destroy();
-		}
+		ADMINS_REMOVE_ADMIN_ACCOUNTS(REQUEST_POST_ARRAY());
 	}
 
 	// List all admin accounts
-	$result = SQL_QUERY("SELECT id, login, email, default_acl AS mode, la_mode FROM "._MYSQL_PREFIX."_admins ORDER BY login", __FILE__, __LINE__);
-	$SW = 2; $OUT = "";
-	while ($content = SQL_FETCHARRAY($result))
-	{
-		// Compile some variables
-		$eval = "\$content['mode'] = ADMINS_".strtoupper($content['mode'])."_MODE;";
-		eval($eval);
-		$eval = "\$content['la_mode'] = ADMINS_".strtoupper($content['la_mode'])."_LA_SETTING;";
-		eval($eval);
-
-		// Prepare some more data
-		$content['sw']         = $SW;
-		$content['email_link'] = CREATE_EMAIL_LINK($content['id']);
-
-		// Load row template and switch color
-		$OUT .= LOAD_TEMPLATE("admin_list_admins_row", true, $content);
-		$SW = 3 - $SW;
-	}
-
-	// Free memory
-	SQL_FREERESULT($result);
-	define('__ADMINS_ROWS', $OUT);
-
-	// Load template
-	LOAD_TEMPLATE("admin_list_admins");
+	ADMINS_LIST_ADMIN_ACCOUNTS();
 }
+
 //
 ?>