X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin.php;h=69dc30b7c0d870dff917777cd8c67f08c4f26e3b;hb=5e7345f4959aacc2d5be0098f474770b483a0869;hp=2aa70e1b6b2cff24506a8b93326e84001b2d3a0d;hpb=5c159f0b199d12742dcd65d5d638cb504ee93c66;p=mailer.git diff --git a/inc/modules/admin.php b/inc/modules/admin.php index 2aa70e1b6b..69dc30b7c0 100644 --- a/inc/modules/admin.php +++ b/inc/modules/admin.php @@ -16,7 +16,7 @@ * $Author:: $ * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2009 by Roland Haeder * - * Copyright (c) 2009 - 2011 by Mailer Developer Team * + * Copyright (c) 2009 - 2012 by Mailer Developer Team * * For more information visit: http://mxchange.org * * * * This program is free software; you can redistribute it and/or modify * @@ -37,7 +37,7 @@ // Some security stuff... if (!defined('__SECURITY')) { - die(); + exit(); } // END - if // Load include file @@ -64,7 +64,7 @@ if (!isAdminRegistered()) { $hashedPass = md5(postRequestElement('admin_pass1')); // Kill maybe existing session variables - destroyAdminSession(false); + destroyAdminSession(); // Do registration $ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster()); @@ -76,7 +76,7 @@ if (!isAdminRegistered()) { $done = changeDataInLocalConfigurationFile('ADMIN-SETUP', "setConfigEntry('ADMIN_REGISTERED', '", "');", 'Y', 0); // Was it successfull? - if ($done === true) { + if ($done === TRUE) { // Registering is done redirectToUrl('modules.php?module=admin&register=done'); } else { @@ -128,7 +128,7 @@ if (!isAdminRegistered()) { $content['error_message'] = ''; // Yet-another notice-fix - if ((isFormSent()) && (postRequestElement('ok') == '***')) { + if ((isFormSent('add_first_admin')) && (postRequestElement('ok') == '***')) { // Init variables $loginMessage = ''; $pass1Message = ''; @@ -166,17 +166,17 @@ if (!isAdminRegistered()) { } // END - if // Output error messages - $content['login_message'] = loadTemplate('admin_login_msg', true, $loginMessage); - $content['pass1_message'] = loadTemplate('admin_login_msg', true, $pass1Message); - $content['pass2_message'] = loadTemplate('admin_login_msg', true, $pass2Message); - $content['error_message'] = loadTemplate('admin_login_msg', true, $errorMessage); + $content['login_message'] = loadTemplate('admin_login_msg', TRUE, $loginMessage); + $content['pass1_message'] = loadTemplate('admin_login_msg', TRUE, $pass1Message); + $content['pass2_message'] = loadTemplate('admin_login_msg', TRUE, $pass2Message); + $content['error_message'] = loadTemplate('admin_login_msg', TRUE, $errorMessage); } // END - if // Output message in seperate template displayMessage('{--ADMIN_ACCOUNT_NOT_REGISTERED_YET--}'); // Load register template - loadTemplate('admin_reg_form', false, $content); + loadTemplate('admin_reg_form', FALSE, $content); } // END - if } elseif (isGetRequestElementSet('reset_pass')) { // Is the form submitted? @@ -185,13 +185,13 @@ if (!isAdminRegistered()) { displayMessage(sendAdminPasswordResetLink(postRequestElement('email'))); } elseif (isGetRequestElementSet('hash')) { // Output form for hash validation - loadTemplate('admin_validate_reset_hash_form', false, getRequestElement('hash')); + loadTemplate('admin_validate_reset_hash_form', FALSE, getRequestElement('hash')); } elseif ((isPostRequestElementSet('validate_hash')) && (isPostRequestElementSet('admin_login')) && (isPostRequestElementSet('hash'))) { // Validate the login data and hash $valid = adminResetValidateHashLogin(postRequestElement('hash'), postRequestElement('admin_login')); // Valid? - if ($valid === true) { + if ($valid === TRUE) { // Prepare content first $content = array( 'hash' => postRequestElement('hash'), @@ -199,7 +199,7 @@ if (!isAdminRegistered()) { ); // Validation okay so display form for final password change - loadTemplate('admin_reset_password_form', false, $content); + loadTemplate('admin_reset_password_form', FALSE, $content); } else { // Cannot validate the login data and hash displayMessage('{--ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED--}'); @@ -208,7 +208,7 @@ if (!isAdminRegistered()) { // Okay, we shall the admin password here. So first revalidate the hash if (adminResetValidateHashLogin(postRequestElement('hash'), postRequestElement('admin_login'))) { // Output result - loadTemplate('admin_reset_password_done', false, doResetAdminPassword(postRequestElement('admin_login'), postRequestElement('admin_pass1'))); + loadTemplate('admin_reset_password_done', FALSE, doResetAdminPassword(postRequestElement('admin_login'), postRequestElement('admin_pass1'))); } else { // Validation failed displayMessage('{--ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2--}'); @@ -234,10 +234,10 @@ if (!isAdminRegistered()) { // Check if the admin has submitted data or not if ((isFormSent()) && ((!isPostRequestElementSet('admin_login')) || (!isPostRequestElementSet('admin_password')) || (strlen(postRequestElement('admin_password')) < getConfig('minium_admin_pass_length')))) { - setPostRequestElement('ok', '***'); + setPostRequestElement('login', '***'); } // END - if - if ((isFormSent()) && (postRequestElement('ok') != '***')) { + if ((isFormSent('login')) && (postRequestElement('login') != '***')) { // All required data was entered so we check his account $ret = ifAdminLoginDataIsValid(postRequestElement('admin_login'), postRequestElement('admin_password')); @@ -249,15 +249,15 @@ if (!isAdminRegistered()) { break; case '404': // Administrator login not found - setPostRequestElement('ok', $ret); + setPostRequestElement('login', $ret); $ret = '{%message,ADMIN_ACCOUNT_404=' . postRequestElement('admin_login') . '%}'; - destroyAdminSession(); + destroyAdminSession(TRUE); break; case 'password': // Wrong password - setPostRequestElement('ok', $ret); + setPostRequestElement('login', $ret); $ret = '{--WRONG_PASS--} [{--ADMIN_RESET_PASS--}]'; - destroyAdminSession(); + destroyAdminSession(TRUE); break; default: // Others will be logged @@ -277,7 +277,7 @@ if (!isAdminRegistered()) { $content['login_message'] = ''; $content['pass_message'] = ''; - if (isFormSent()) { + if (isFormSent('login')) { // Set messages to zero $loginMessage = ''; $passwdMessage = ''; @@ -286,7 +286,7 @@ if (!isAdminRegistered()) { if (!isPostRequestElementSet('admin_login')) { // No login entered? $loginMessage = '{--ADMIN_NO_LOGIN--}'; - } elseif ((!empty($ret)) && (postRequestElement('ok') == '404')) { + } elseif ((!empty($ret)) && (postRequestElement('login') == '404')) { // An error comes back from login? $loginMessage = $ret; } @@ -298,17 +298,17 @@ if (!isAdminRegistered()) { } elseif (strlen(postRequestElement('admin_password')) < getConfig('minium_admin_pass_length')) { // Or password too short? $passwdMessage = '{--ADMIN_SHORT_PASS--}'; - } elseif ((!empty($ret)) && (postRequestElement('ok') == 'password')) { + } elseif ((!empty($ret)) && (postRequestElement('login') == 'password')) { // An error comes back from login? $passwdMessage = $ret; } // Load message templates if the messages have been set if (!empty($loginMessage)) { - $content['login_message'] = loadTemplate('admin_login_msg', true, $loginMessage); + $content['login_message'] = loadTemplate('admin_login_msg', TRUE, $loginMessage); } // END - if if (!empty($passwdMessage)) { - $content['pass_message'] = loadTemplate('admin_login_msg', true, $passwdMessage); + $content['pass_message'] = loadTemplate('admin_login_msg', TRUE, $passwdMessage); } // END - if } // END - if @@ -316,11 +316,11 @@ if (!isAdminRegistered()) { $content['all_parameter'] = addAllGetRequestParameters(); // Load login form template - loadTemplate('admin_login_form', false, $content); + loadTemplate('admin_login_form', FALSE, $content); } // END - if } elseif (isGetRequestElementSet('logout')) { // Only try to remove cookies - if (destroyAdminSession()) { + if (destroyAdminSession(TRUE)) { // Load logout template if (isGetRequestElementSet('register')) { // Secure input @@ -340,7 +340,7 @@ if (!isAdminRegistered()) { } } else { // Something went wrong here... - loadTemplate('admin_settings_unsaved', false, '{--ADMIN_LOGOUT_FAILED--}'); + loadTemplate('admin_settings_unsaved', FALSE, '{--ADMIN_LOGOUT_FAILED--}'); // Add fatal message addFatalMessage(__FILE__, __LINE__, '{--CANNOT_UNREG_SESS--}'); @@ -356,20 +356,12 @@ if (!isAdminRegistered()) { runFilterChain('check_admin_acl'); // Check for version and switch between old menu system and new intelligent menu system - if ((adminGetMenuMode() == 'NEW') && (isIncludeReadable('inc/modules/admin/lasys-inc.php'))) { - // Default area is the entrance, of course - $area = 'entrance'; - - // Check for similar URL variable - if (isGetRequestElementSet('area')) { - $area = getRequestElement('area'); - } // END - if + if (adminGetMenuMode() == 'NEW') { + // Load include for admin AJAX + loadIncludeOnce('inc/ajax/ajax_admin.php'); - // Load logical-area menu-system file - loadIncludeOnce('inc/modules/admin/lasys-inc.php'); - - // Create new-style menu system will logical areas - doAdminLogicalArea($area, $action, getWhat()); + // Load main template + loadTemplate('admin_ajax_main'); } else { /* * This little call constructs the whole default old and lacky menu system @@ -380,15 +372,21 @@ if (!isAdminRegistered()) { break; case '404': // Administrator login not found - setPostRequestElement('ok', $ret); + setPostRequestElement('login', $ret); displayMessage('{%message,ADMIN_ACCOUNT_404=' . getCurrentAdminId() . '%}'); - destroyAdminSession(); + destroyAdminSession(TRUE); break; case 'password': // Wrong password - setPostRequestElement('ok', $ret); + setPostRequestElement('login', $ret); displayMessage('{--WRONG_PASS--}'); - destroyAdminSession(); + destroyAdminSession(TRUE); + break; + + case 'session': // Invalid admin session + setPostRequestElement('login', $ret); + displayMessage('{--INVALID_ADMIN_SESSION--}'); + destroyAdminSession(TRUE); break; default: // Others will be logged