X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin.php;h=37f234633d8af064788daffe78fbde4d9ecea63a;hb=0dd42320430efb55daf522aec91d312b6d2fbc80;hp=67f359aa6a960039b212e717211f94cdc4295342;hpb=4c83f0cc7459cad9ec9c1c68963f5365155ee935;p=mailer.git diff --git a/inc/modules/admin.php b/inc/modules/admin.php index 67f359aa6a..37f234633d 100644 --- a/inc/modules/admin.php +++ b/inc/modules/admin.php @@ -10,7 +10,12 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Administrationsmodul * * -------------------------------------------------------------------- * - * * + * $Revision:: $ * + * $Date:: $ * + * $Tag:: 0.2.1-FINAL $ * + * $Author:: $ * + * Needs to be in all Files and every File needs "svn propset * + * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2008 by Roland Haeder * * For more information visit: http://www.mxchange.org * @@ -37,12 +42,6 @@ if (!defined('__SECURITY')) { require($INC); } -// Login is default -if ((empty($GLOBALS['action'])) && ($check == "admin_only")) { - // Redirect to right URL - LOAD_URL("modules.php?module=admin&action=login"); -} // END - if - // Load include file LOAD_INC_ONCE("inc/modules/admin/admin-inc.php"); @@ -53,7 +52,7 @@ FIX_DELETED_COOKIES(array('admin_login', 'admin_md5', 'admin_last', 'admin_to')) $ret = "init"; // Is no admin registered? -if (!isBooleanConstantAndTrue('admin_registered')) { +if (!isAdminRegistered()) { // Admin is not registered so we have to inform the user if ((IS_FORM_SENT()) && ((!REQUEST_ISSET_POST(('login'))) || (!REQUEST_ISSET_POST(('pass'))) || (strlen(REQUEST_POST('pass')) < 4))) { REQUEST_SET_POST('ok', "***"); @@ -67,14 +66,14 @@ if (!isBooleanConstantAndTrue('admin_registered')) { destroyAdminSession(false); // Do registration - $ret = REGISTER_ADMIN(REQUEST_POST('login'), $hashedPass); + $ret = REGISTER_ADMIN(REQUEST_POST('login'), $hashedPass, constant('WEBMASTER')); switch ($ret) { case "done": - changeDataInFile(constant('PATH')."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0); - if (!constant('_FATAL')) { + $done = changeDataInFile(constant('PATH')."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0); + if ($done === true) { // Registering is done - LOAD_URL("modules.php?module=admin&action=login®ister=done"); + LOAD_URL("modules.php?module=admin&register=done"); } else { $ret = getMessage('ADMIN_CANNOT_COMPLETE'); } @@ -91,18 +90,18 @@ if (!isBooleanConstantAndTrue('admin_registered')) { $ret = getMessage('ADMIN_LOGIN_ALREADY_REG'); } else { // Any other kind will be logged and interpreted as 'done' - DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_LOGIN()", $ret)); + DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_LOGIN() and interpreted as 'done'!", $ret)); // @TODO Why is this set to 'done'? $ret = "done"; } // Admin still not registered? - if (!isBooleanConstantAndTrue('admin_registered')) { + if (!isAdminRegistered()) { // Write to config that registration is done changeDataInFile(constant('PATH')."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0); // Load URL for login - LOAD_URL("modules.php?module=admin&action=login"); + LOAD_URL("modules.php?module=admin"); } // END - if break; } @@ -120,29 +119,32 @@ if (!isBooleanConstantAndTrue('admin_registered')) { // Yet-another "Notice" fix if ((IS_FORM_SENT()) && (REQUEST_POST('ok') == "***")) { // No login entered? - if (!REQUEST_ISSET_POST(('login'))) $MSG1 = getMessage('ADMIN_NO_LOGIN'); + if (!REQUEST_ISSET_POST(('login'))) $loginMessage = getMessage('ADMIN_NO_LOGIN'); // An error comes back from registration? - if (!empty($ret)) $MSG1 = $ret; + if (!empty($ret)) $loginMessage = $ret; // No password entered? - if (!REQUEST_ISSET_POST(('pass'))) $MSG2 = getMessage('ADMIN_NO_PASS'); + if (!REQUEST_ISSET_POST(('pass'))) $passwdMessage = getMessage('ADMIN_NO_PASS'); // Or password too short? - if (strlen(REQUEST_POST('pass')) < 4) $MSG2 = getMessage('ADMIN_SHORT_PASS'); + if (strlen(REQUEST_POST('pass')) < 4) $passwdMessage = getMessage('ADMIN_SHORT_PASS'); // Output error messages - define('__MSG_LOGIN', LOAD_TEMPLATE("admin_login_msg", true, $MSG1)); - define('__MSG_PASS', LOAD_TEMPLATE("admin_login_msg", true, $MSG2)); + define('__MSG_LOGIN', LOAD_TEMPLATE("admin_login_msg", true, $loginMessage)); + define('__MSG_PASS', LOAD_TEMPLATE("admin_login_msg", true, $passwdMessage)); // Reset variables - $MSG1 = ""; $MSG2 = ""; - } else { + $loginMessage = ""; $passwdMessage = ""; + } else { // Reset values to nothing define('__MSG_LOGIN', ""); define('__MSG_PASS' , ""); } + // Output message in seperate template + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_NOT_REGISTERED')); + // Load register template LOAD_TEMPLATE("admin_reg_form"); } @@ -195,7 +197,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { // At leat one administrator account was created if ((isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5')) && (isSessionVariableSet('admin_last')) && (isSessionVariableSet('admin_to'))) { // Timeout for last login, we have to logout first! - LOAD_URL("modules.php?module=admin&action=login&logout=1"); + LOAD_URL("modules.php?module=admin&logout=1"); } // END - if if (REQUEST_ISSET_GET(('register'))) { @@ -227,7 +229,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { // Add data to URL if (!empty($GLOBALS['what'])) $URL .= "what=".$GLOBALS['what']; elseif (!empty($GLOBALS['action'])) $URL .= "action=".$GLOBALS['action']; - elseif (REQUEST_ISSET_GET(('area'))) $URL .= "area=".REQUEST_GET('area'); + elseif (REQUEST_ISSET_GET('area')) $URL .= "area=".REQUEST_GET('area'); // Load URL LOAD_URL($URL); @@ -252,6 +254,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { } // END - if // Error detected? + // @TODO Rewrite all these constants if ($ret != "done") { if (REQUEST_ISSET_POST(('login'))) { define('__LOGIN_VALUE', REQUEST_POST('login')); @@ -261,30 +264,31 @@ if (!isBooleanConstantAndTrue('admin_registered')) { if (IS_FORM_SENT()) { // Set messages to zero - $MSG1 = ""; $MSG2 = ""; + $loginMessage = ""; $passwdMessage = ""; // No login entered? - if (!REQUEST_ISSET_POST(('login'))) $MSG1 = getMessage('ADMIN_NO_LOGIN'); + if (!REQUEST_ISSET_POST(('login'))) $loginMessage = getMessage('ADMIN_NO_LOGIN'); // An error comes back from login? - if ((!empty($ret)) && (REQUEST_POST('ok') == "404")) $MSG1 = $ret; + if ((!empty($ret)) && (REQUEST_POST('ok') == "404")) $loginMessage = $ret; // No password entered? - if (!REQUEST_ISSET_POST(('pass'))) $MSG2 = getMessage('ADMIN_NO_PASS'); + if (!REQUEST_ISSET_POST(('pass'))) $passwdMessage = getMessage('ADMIN_NO_PASS'); // Or password too short? - if (strlen(REQUEST_POST('pass')) < 4) $MSG2 = getMessage('ADMIN_SHORT_PASS'); + if (strlen(REQUEST_POST('pass')) < 4) $passwdMessage = getMessage('ADMIN_SHORT_PASS'); // An error comes back from login? - if ((!empty($ret)) && (REQUEST_POST('ok') == "pass")) $MSG2 = $ret; + if ((!empty($ret)) && (REQUEST_POST('ok') == "pass")) $passwdMessage = $ret; // Load message template - define('__MSG_LOGIN', LOAD_TEMPLATE("admin_login_msg", true, $MSG1)); - define('__MSG_PASS' , LOAD_TEMPLATE("admin_login_msg", true, $MSG2)); + define('__MSG_LOGIN', LOAD_TEMPLATE("admin_login_msg", true, $loginMessage)); + define('__MSG_PASS' , LOAD_TEMPLATE("admin_login_msg", true, $passwdMessage)); // Reset variables - $MSG1 = ""; $MSG2 = ""; - } else { + unset($loginMessage); + unset($passwdMessage); + } else { // Set constants to empty for hiding them define('__MSG_LOGIN', ""); define('__MSG_PASS' , ""); @@ -302,7 +306,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { // Set default values $content = array('target' => "action", 'value' => "login"); } - } elseif (REQUEST_ISSET_GET(('area'))) { + } elseif (REQUEST_ISSET_GET('area')) { // Restore old area value $content = array('target' => "area", 'value' => REQUEST_GET('area')); } else { @@ -323,9 +327,9 @@ if (!isBooleanConstantAndTrue('admin_registered')) { // Special logout redirect for installation of given extension LOAD_TEMPLATE(sprintf("admin_logout_%s_install", $register)); - } elseif (REQUEST_ISSET_GET(('remove'))) { + } elseif (REQUEST_ISSET_GET('remove')) { // Secure input - $remove = REQUEST_GET(('remove')); + $remove = REQUEST_GET('remove'); // Special logout redirect for removal of given extension LOAD_TEMPLATE(sprintf("admin_logout_%s_remove", $remove)); @@ -338,7 +342,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { LOAD_TEMPLATE("admin_settings_saved", false, "
{--ADMIN_LOGOUT_FAILED--}
"); // Add fatal message - addFatalMessage(getMessage('CANNOT_UNREG_SESS')); + addFatalMessage(__FILE__, __LINE__, getMessage('CANNOT_UNREG_SESS')); } } else { // Maybe an Admin want's to login? @@ -347,7 +351,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { { case "done": // Check for access control line of current menu entry - define('__ACL_ALLOW', RUN_FILTER('check_admin_acl')); + $GLOBALS['acl_allow'] = runFilterChain('check_admin_acl'); // When type of admin menu is not set fallback to old menu system if (!isConfigEntrySet('admin_menu')) setConfigEntry('admin_menu', "OLD"); @@ -358,7 +362,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { $area = "entrance"; // Check for similar URL variable - if (REQUEST_ISSET_GET(('area'))) $area = REQUEST_GET(('area')); + if (REQUEST_ISSET_GET('area')) $area = REQUEST_GET('area'); // Load "logical-area menu-system" file LOAD_INC_ONCE("inc/modules/admin/lasys-inc.php"); @@ -367,7 +371,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { ADMIN_LOGICAL_AREA_SYSTEM($area, $act, $GLOBALS['what']); } else { // This little call constructs the whole default old and lacky menu system - // on left side + // on left side. It also renders the content on right side ADMIN_DO_ACTION($GLOBALS['what']); } break; @@ -375,13 +379,13 @@ if (!isBooleanConstantAndTrue('admin_registered')) { case "404": // Administrator login not found REQUEST_SET_POST('ok', $ret); destroyAdminSession(); - addFatalMessage(getMessage('ADMIN_NOT_FOUND')); + addFatalMessage(__FILE__, __LINE__, getMessage('ADMIN_NOT_FOUND')); break; case "pass": // Wrong password REQUEST_SET_POST('ok', $ret); destroyAdminSession(); - addFatalMessage(getMessage('WRONG_PASS')); + addFatalMessage(__FILE__, __LINE__, getMessage('WRONG_PASS')); break; default: // Others will be logged