X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin.php;h=572888450ffb638c05c6e4ca6cd53ec2a0d5ff1f;hb=e17685c65d1a48c061b7c4f64c7a23c165430460;hp=261878ad0623b77382ee3a1a45ba6dd704a511d4;hpb=c8d76610eb94093d4eed4fcd8a6cb72e74c8f6d8;p=mailer.git diff --git a/inc/modules/admin.php b/inc/modules/admin.php index 261878ad06..572888450f 100644 --- a/inc/modules/admin.php +++ b/inc/modules/admin.php @@ -16,7 +16,7 @@ * $Author:: $ * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2009 by Roland Haeder * - * Copyright (c) 2009, 2010 by Mailer Developer Team * + * Copyright (c) 2009 - 2011 by Mailer Developer Team * * For more information visit: http://www.mxchange.org * * * * This program is free software; you can redistribute it and/or modify * @@ -52,7 +52,7 @@ $ret = 'init'; // Is no admin registered? if (!isAdminRegistered()) { // Admin is not registered so we have to inform the user - if ((isFormSent()) && ((!isPostRequestParameterSet('login')) || (!isPostRequestParameterSet('pass1')) || (strlen(postRequestParameter('pass1')) < 4) || (!isPostRequestParameterSet('pass2')) || (strlen(postRequestParameter('pass2')) < 4) || (postRequestParameter('pass1') != postRequestParameter('pass2')))) { + if ((isFormSent()) && ((!isPostRequestParameterSet('login')) || (!isPostRequestParameterSet('pass1')) || (strlen(postRequestParameter('pass1')) < getConfig('minium_admin_pass_length')) || (!isPostRequestParameterSet('pass2')) || (strlen(postRequestParameter('pass2')) < getConfig('minium_admin_pass_length')) || (postRequestParameter('pass1') != postRequestParameter('pass2')))) { setPostRequestParameter('ok', '***'); } // END - if @@ -67,12 +67,15 @@ if (!isAdminRegistered()) { destroyAdminSession(false); // Do registration - $ret = addAdminAccount(postRequestParameter('login'), $hashedPass, getConfig('WEBMASTER')); + $ret = addAdminAccount(postRequestParameter('login'), $hashedPass, getWebmaster()); // Check if registration wents fine switch ($ret) { case 'done': - $done = changeDataInFile(getCachePath() . 'config-local.php', 'ADMIN-SETUP', "setConfigEntry('ADMIN_REGISTERED', '", "');", 'Y', 0); + // Change ADMIN_REGISTERED entry + $done = changeDataInLocalConfigurationFile('ADMIN-SETUP', "setConfigEntry('ADMIN_REGISTERED', '", "');", 'Y', 0); + + // Was it successfull? if ($done === true) { // Registering is done redirectToUrl('modules.php?module=admin&register=done'); @@ -119,9 +122,10 @@ if (!isAdminRegistered()) { } // END - if // Init array elements - $content['login_message'] = ''; - $content['pass1_message'] = ''; - $content['pass2_message'] = ''; + $content['login_message'] = ''; + $content['pass1_message'] = ''; + $content['pass2_message'] = ''; + $content['error_message'] = ''; // Yet-another notice-fix if ((isFormSent()) && (postRequestParameter('ok') == '***')) { @@ -131,18 +135,28 @@ if (!isAdminRegistered()) { $pass2Message = ''; // No login entered? - if (empty($content['login'])) $loginMessage = '{--ADMIN_NO_LOGIN--}'; + if (empty($content['login'])) { + $loginMessage = '{--ADMIN_NO_LOGIN--}'; + } // END - if // An error comes back from registration? - if ((!empty($ret)) && ($ret != 'init')) $loginMessage = $errorMessage; + if ((!empty($ret)) && ($ret != 'init')) { + $loginMessage = $errorMessage; + } // END - if // No password 1 entered or to short? - if (!isPostRequestParameterSet('pass1')) $pass1Message = '{--ADMIN_NO_PASS1--}'; - elseif (strlen(postRequestParameter('pass1')) < 4) $pass1Message = '{--ADMIN_SHORT_PASS1--}'; + if (!isPostRequestParameterSet('pass1')) { + $pass1Message = '{--ADMIN_NO_PASS1--}'; + } elseif (strlen(postRequestParameter('pass1')) < getConfig('minium_admin_pass_length')) { + $pass1Message = '{--ADMIN_SHORT_PASS1--}'; + } // No password 2 entered or to short? - if (!isPostRequestParameterSet('pass2')) $pass2Message = '{--ADMIN_NO_PASS2--}'; - elseif (strlen(postRequestParameter('pass2')) < 4) $pass2Message = '{--ADMIN_SHORT_PASS2--}'; + if (!isPostRequestParameterSet('pass2')) { + $pass2Message = '{--ADMIN_NO_PASS2--}'; + } elseif (strlen(postRequestParameter('pass2')) < getConfig('minium_admin_pass_length')) { + $pass2Message = '{--ADMIN_SHORT_PASS2--}'; + } // Both didn't match? if (postRequestParameter('pass1') != postRequestParameter('pass2')) { @@ -155,10 +169,11 @@ if (!isAdminRegistered()) { $content['login_message'] = loadTemplate('admin_login_msg', true, $loginMessage); $content['pass1_message'] = loadTemplate('admin_login_msg', true, $pass1Message); $content['pass2_message'] = loadTemplate('admin_login_msg', true, $pass2Message); + $content['error_message'] = loadTemplate('admin_login_msg', true, $errorMessage); } // END - if // Output message in seperate template - loadTemplate('admin_settings_saved', false, '{--ADMIN_ACCOUNT_NOT_REGISTERED_YET--}'); + displayMessage('{--ADMIN_ACCOUNT_NOT_REGISTERED_YET--}'); // Load register template loadTemplate('admin_reg_form', false, $content); @@ -167,7 +182,7 @@ if (!isAdminRegistered()) { // Is the form submitted? if ((isPostRequestParameterSet('send_link')) && (isPostRequestParameterSet('email'))) { // Output result - loadTemplate('admin_settings_saved', false, sendAdminPasswordResetLink(postRequestParameter('email'))); + displayMessage(sendAdminPasswordResetLink(postRequestParameter('email'))); } elseif (isGetRequestParameterSet('hash')) { // Output form for hash validation loadTemplate('admin_validate_reset_hash_form', false, getRequestParameter('hash')); @@ -184,23 +199,23 @@ if (!isAdminRegistered()) { ); // Validation okay so display form for final password change - loadTemplate('form_reset_password_form', false, $content); + loadTemplate('admin_reset_password_form', false, $content); } else { // Cannot validate the login data and hash - loadTemplate('admin_settings_saved', false, '{--ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED--}'); + displayMessage('{--ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED--}'); } } elseif ((isPostRequestParameterSet('reset_pass')) && (isPostRequestParameterSet('hash')) && (isPostRequestParameterSet('login')) && (isPostRequestParameterSet('pass1')) && (postRequestParameter('pass1') == postRequestParameter('pass2'))) { // Okay, we shall the admin password here. So first revalidate the hash if (adminResetValidateHashLogin(postRequestParameter('hash'), postRequestParameter('login'))) { // Output result - loadTemplate('form_reset_pass_done', false, doResetAdminPassword(postRequestParameter('login'), postRequestParameter('pass1'))); + loadTemplate('admin_reset_password_done', false, doResetAdminPassword(postRequestParameter('login'), postRequestParameter('pass1'))); } else { // Validation failed - loadTemplate('admin_settings_saved', false, '{--ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2--}'); + displayMessage('{--ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2--}'); } } else { // Output reset password form - loadTemplate('admin_send_reset_link'); + loadTemplate('admin_reset_password_send_link'); } } elseif ((!isSessionVariableSet('admin_id')) || (!isSessionVariableSet('admin_md5')) || (!isSessionVariableSet('admin_last'))) { // At leat one administrator account was created @@ -211,11 +226,14 @@ if (!isAdminRegistered()) { if (isGetRequestParameterSet('register')) { // Registration of first admin is done - if (getRequestParameter('register') == 'done') loadTemplate('admin_settings_saved', false, '{--ADMIN_REGISTER_DONE--}'); + if (getRequestParameter('register') == 'done') { + // Regisration done! + displayMessage('{--ADMIN_REGISTER_DONE--}'); + } // END - if } // END - if // Check if the admin has submitted data or not - if ((isFormSent()) && ((!isPostRequestParameterSet('login')) || (!isPostRequestParameterSet('password')) || (strlen(postRequestParameter('password')) < 4))) { + if ((isFormSent()) && ((!isPostRequestParameterSet('login')) || (!isPostRequestParameterSet('password')) || (strlen(postRequestParameter('password')) < getConfig('minium_admin_pass_length')))) { setPostRequestParameter('ok', '***'); } // END - if @@ -235,13 +253,17 @@ if (!isAdminRegistered()) { } // END - if // Add data to URL - if (isWhatSet()) $url .= 'what='.getWhat(); - elseif (isActionSet()) $url .= 'action='.getAction(); - elseif (isGetRequestParameterSet('area')) $url .= 'area='.getRequestParameter('area'); + if (isWhatSet()) { + $url .= 'what=' . getWhat(); + } elseif (isActionSet()) { + $url .= 'action=' . getAction(); + } elseif (isGetRequestParameterSet('area')) { + $url .= 'area=' . getRequestParameter('area'); + } - // Load URL - redirectToUrl($url); - break; + // Load URL + redirectToUrl($url); + break; case '404': // Administrator login not found setPostRequestParameter('ok', $ret); @@ -274,26 +296,37 @@ if (!isAdminRegistered()) { if (isFormSent()) { // Set messages to zero - $loginMessage = ''; $passwdMessage = ''; - - // No login entered? - if (!isPostRequestParameterSet('login')) $loginMessage = '{--ADMIN_NO_LOGIN--}'; - - // An error comes back from login? - if ((!empty($ret)) && (postRequestParameter('ok') == '404')) $loginMessage = $ret; - - // No password entered? - if (!isPostRequestParameterSet('password')) $passwdMessage = '{--ADMIN_NO_PASS--}'; - - // Or password too short? - if (strlen(postRequestParameter('password')) < 4) $passwdMessage = '{--ADMIN_SHORT_PASS--}'; + $loginMessage = ''; + $passwdMessage = ''; + + // Check for login + if (!isPostRequestParameterSet('login')) { + // No login entered? + $loginMessage = '{--ADMIN_NO_LOGIN--}'; + } elseif ((!empty($ret)) && (postRequestParameter('ok') == '404')) { + // An error comes back from login? + $loginMessage = $ret; + } - // An error comes back from login? - if ((!empty($ret)) && (postRequestParameter('ok') == 'password')) $passwdMessage = $ret; + // Check for password + if (!isPostRequestParameterSet('password')) { + // No password entered? + $passwdMessage = '{--ADMIN_NO_PASS--}'; + } elseif (strlen(postRequestParameter('password')) < getConfig('minium_admin_pass_length')) { + // Or password too short? + $passwdMessage = '{--ADMIN_SHORT_PASS--}'; + } elseif ((!empty($ret)) && (postRequestParameter('ok') == 'password')) { + // An error comes back from login? + $passwdMessage = $ret; + } - // Load message template - $content['login_message'] = loadTemplate('admin_login_msg', true, $loginMessage); - $content['pass_message'] = loadTemplate('admin_login_msg', true, $passwdMessage); + // Load message templates if the messages have been set + if (!empty($loginMessage)) { + $content['login_message'] = loadTemplate('admin_login_msg', true, $loginMessage); + } // END - if + if (!empty($passwdMessage)) { + $content['pass_message'] = loadTemplate('admin_login_msg', true, $passwdMessage); + } // END - if } // END - if // Load login form @@ -354,7 +387,7 @@ if (!isAdminRegistered()) { } } else { // Maybe an Admin want's to login? - $ret = ifAdminCookiesAreValid(getSession('admin_id'), getSession('admin_md5')); + $ret = ifAdminCookiesAreValid(getCurrentAdminId(), getAdminMd5()); // Check status switch ($ret) { @@ -362,9 +395,6 @@ if (!isAdminRegistered()) { // Check for access control line of current menu entry runFilterChain('check_admin_acl'); - // When type of admin menu is not set fallback to old menu system - if (!isConfigEntrySet('admin_menu')) setConfigEntry('admin_menu', 'OLD'); - // Check for version and switch between old menu system and new intelligent menu system if ((adminGetMenuMode() == 'NEW') && (isIncludeReadable('inc/modules/admin/lasys-inc.php'))) { // Default area is the entrance, of course @@ -387,13 +417,13 @@ if (!isAdminRegistered()) { case '404': // Administrator login not found setPostRequestParameter('ok', $ret); - loadTemplate('admin_settings_saved', false, getMaskedMessage('ADMIN_ACCOUNT_404', getSession('admin_id'))); + displayMessage(getMaskedMessage('ADMIN_ACCOUNT_404', getCurrentAdminId())); destroyAdminSession(); break; case 'password': // Wrong password setPostRequestParameter('ok', $ret); - loadTemplate('admin_settings_saved', false, '{--WRONG_PASS--}'); + displayMessage('{--WRONG_PASS--}'); destroyAdminSession(); break;