X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin.php;h=cb120546621b44250fd204d9859466ba1d4e90ad;hb=03f62d0b89aa9276ac37f4d616d940fae184d850;hp=f92332230e8a55c3b6dfee8ee3604326db46d28c;hpb=6e008d188bf9c7f8d4edc2a8799c61940eee48e7;p=mailer.git diff --git a/inc/modules/admin.php b/inc/modules/admin.php index f92332230e..cb12054662 100644 --- a/inc/modules/admin.php +++ b/inc/modules/admin.php @@ -40,25 +40,25 @@ if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php'; require($INC); -} +} // END - if // Load include file -LOAD_INC_ONCE("inc/modules/admin/admin-inc.php"); +loadIncludeOnce('inc/modules/admin/admin-inc.php'); // Fix "deleted" cookies in PHP4 (PHP5 does remove them, PHP4 sets them to deleted!) -FIX_DELETED_COOKIES(array('admin_login', 'admin_md5', 'admin_last', 'admin_to')); +fixDeletedCookies(array('admin_login', 'admin_md5', 'admin_last', 'admin_to')); // Init return value -$ret = "init"; +$ret = 'init'; // Is no admin registered? if (!isAdminRegistered()) { // Admin is not registered so we have to inform the user - if ((IS_FORM_SENT()) && ((!REQUEST_ISSET_POST(('login'))) || (!REQUEST_ISSET_POST(('pass'))) || (strlen(REQUEST_POST('pass')) < 4))) { - REQUEST_SET_POST('ok', "***"); - } + if ((isFormSent()) && ((!REQUEST_ISSET_POST('login')) || (!REQUEST_ISSET_POST(('pass'))) || (strlen(REQUEST_POST('pass')) < 4))) { + REQUEST_SET_POST('ok', '***'); + } // END - if - if ((IS_FORM_SENT()) && (REQUEST_POST('ok') != "***")) { + if ((isFormSent()) && (REQUEST_POST('ok') != '***')) { // Hash the password with the old function because we are here in install mode $hashedPass = md5(REQUEST_POST('pass')); @@ -67,59 +67,60 @@ if (!isAdminRegistered()) { // Do registration $ret = REGISTER_ADMIN(REQUEST_POST('login'), $hashedPass, constant('WEBMASTER')); - switch ($ret) - { - case "done": - $done = changeDataInFile(constant('PATH')."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0); - if ($done === true) { - // Registering is done - LOAD_URL('modules.php?module=admin&register=done'); - } else { - $ret = getMessage('ADMIN_CANNOT_COMPLETE'); - } - break; - - case 'failed': - $ret = getMessage('ADMIN_REGISTER_FAILED'); - break; - - case 'already': - default: - if ($ret == 'already') { - // Admin does already exists! - $ret = getMessage('ADMIN_LOGIN_ALREADY_REG'); - } else { - // Any other kind will be logged and interpreted as 'done' - DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_LOGIN() and interpreted as 'done'!", $ret)); - // @TODO Why is this set to 'done'? - $ret = 'done'; - } - // Admin still not registered? - if (!isAdminRegistered()) { - // Write to config that registration is done - changeDataInFile(constant('PATH')."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0); - - // Load URL for login - LOAD_URL('modules.php?module=admin'); - } // END - if - break; - } + // Check if registration wents fine + switch ($ret) { + case 'done': + $done = changeDataInFile(constant('PATH') . 'inc/cache/config-local.php', "ADMIN-SETUP", "setConfigEntry('ADMIN_REGISTERED', \"", "\");", 'Y', 0); + if ($done === true) { + // Registering is done + redirectToUrl('modules.php?module=admin&register=done'); + } else { + $ret = getMessage('ADMIN_CANNOT_COMPLETE'); + } + break; + + case 'failed': + $ret = getMessage('ADMIN_REGISTER_FAILED'); + break; + + case 'already': + default: + if ($ret == 'already') { + // Admin does already exists! + $ret = getMessage('ADMIN_LOGIN_ALREADY_REG'); + } else { + // Any other kind will be logged and interpreted as 'done' + DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_LOGIN() and interpreted as 'done'!", $ret)); + // @TODO Why is this set to 'done'? + $ret = 'done'; + } + + // Admin still not registered? + if (!isAdminRegistered()) { + // Write to config that registration is done + changeDataInFile(constant('PATH') . 'inc/cache/config-local.php', "ADMIN-SETUP", "setConfigEntry('ADMIN_REGISTERED', \"", "\");", 'Y', 0); + + // Load URL for login + redirectToUrl('modules.php?module=admin'); + } // END - if + break; + } // END - switch } // Whas that action okay? if ($ret != 'done') { // Fixes another notice - if (REQUEST_ISSET_POST(('login'))) { + if (REQUEST_ISSET_POST('login')) { define('__LOGIN_VALUE', REQUEST_POST('login')); } else { define('__LOGIN_VALUE', ''); } // Yet-another notice-fix - if ((IS_FORM_SENT()) && (REQUEST_POST('ok') == '***')) { + if ((isFormSent()) && (REQUEST_POST('ok') == '***')) { // No login entered? - if (!REQUEST_ISSET_POST(('login'))) $loginMessage = getMessage('ADMIN_NO_LOGIN'); + if (!REQUEST_ISSET_POST('login')) $loginMessage = getMessage('ADMIN_NO_LOGIN'); // An error comes back from registration? if (!empty($ret)) $loginMessage = $ret; @@ -148,18 +149,18 @@ if (!isAdminRegistered()) { // Load register template LOAD_TEMPLATE('admin_reg_form'); } -} elseif (REQUEST_ISSET_GET(('reset_pass'))) { +} elseif (REQUEST_ISSET_GET('reset_pass')) { // Is the form submitted? - if ((REQUEST_ISSET_POST(('send_link'))) && (REQUEST_ISSET_POST(('email')))) { + if ((REQUEST_ISSET_POST('send_link')) && (REQUEST_ISSET_POST('email'))) { // Try to send the link out $OUT = ADMIN_SEND_PASSWORD_RESET_LINK(REQUEST_POST('email')); // Output result LOAD_TEMPLATE('admin_settings_saved', false, $OUT); - } elseif (REQUEST_ISSET_GET(('hash'))) { + } elseif (REQUEST_ISSET_GET('hash')) { // Output form for hash validation LOAD_TEMPLATE('admin_validate_reset_hash_form', false, REQUEST_GET('hash')); - } elseif ((REQUEST_ISSET_POST(('validate_hash'))) && (REQUEST_ISSET_POST(('login'))) && (REQUEST_ISSET_POST(('hash')))) { + } elseif ((REQUEST_ISSET_POST('validate_hash')) && (REQUEST_ISSET_POST('login')) && (REQUEST_ISSET_POST('hash'))) { // Validate the login data and hash $valid = ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN(REQUEST_POST('hash'), REQUEST_POST('login')); @@ -177,7 +178,7 @@ if (!isAdminRegistered()) { // Cannot validate the login data and hash LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED')); } - } elseif ((REQUEST_ISSET_POST(('reset_pass'))) && (REQUEST_ISSET_POST(('hash'))) && (REQUEST_ISSET_POST(('login'))) && (REQUEST_ISSET_POST(('pass1'))) && (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) { + } elseif ((REQUEST_ISSET_POST('reset_pass')) && (REQUEST_ISSET_POST('hash')) && (REQUEST_ISSET_POST('login')) && (REQUEST_ISSET_POST(('pass1'))) && (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) { // Okay, we shall the admin password here. So first revalidate the hash if (ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN(REQUEST_POST('hash'), REQUEST_POST('login'))) { // Set the password now @@ -193,11 +194,11 @@ if (!isAdminRegistered()) { // Output reset password form LOAD_TEMPLATE('admin_send_reset_link'); } -} elseif ((!isSessionVariableSet('admin_login')) || (!isSessionVariableSet('admin_md5')) || (!isSessionVariableSet('admin_last')) || (!isSessionVariableSet('admin_to')) || ((get_session('admin_last') + bigintval(get_session('admin_to')) * 3600 * 24) < time())) { +} elseif ((!isSessionVariableSet('admin_login')) || (!isSessionVariableSet('admin_md5')) || (!isSessionVariableSet('admin_last')) || (!isSessionVariableSet('admin_to')) || ((getSession('admin_last') + bigintval(getSession('admin_to')) * 3600 * 24) < time())) { // At leat one administrator account was created if ((isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5')) && (isSessionVariableSet('admin_last')) && (isSessionVariableSet('admin_to'))) { // Timeout for last login, we have to logout first! - LOAD_URL('modules.php?module=admin&logout=1'); + redirectToUrl('modules.php?module=admin&logout=1'); } // END - if if (REQUEST_ISSET_GET(('register'))) { @@ -206,68 +207,67 @@ if (!isAdminRegistered()) { } // END - if // Check if the admin has submitted data or not - if ((IS_FORM_SENT()) && ((!REQUEST_ISSET_POST(('login'))) || (!REQUEST_ISSET_POST(('pass'))) || (strlen(REQUEST_POST('pass')) < 4))) { + if ((isFormSent()) && ((!REQUEST_ISSET_POST('login')) || (!REQUEST_ISSET_POST(('pass'))) || (strlen(REQUEST_POST('pass')) < 4))) { REQUEST_SET_POST('ok', '***'); } // END - if - if ((IS_FORM_SENT()) && (REQUEST_POST('ok') != '***')) { + if ((isFormSent()) && (REQUEST_POST('ok') != '***')) { // All required data was entered so we check his account $ret = CHECK_ADMIN_LOGIN(REQUEST_POST('login'), REQUEST_POST('pass')); // Which status do we have? - switch ($ret) - { - case 'done': // Admin and password are okay, so we log in now - // Construct URL and redirect - $URL = 'modules.php?module=admin&'; - - // Rewrite overview module - if ($GLOBALS['what'] == 'overview') { - $GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']); - } // END - if - - // Add data to URL - if (!empty($GLOBALS['what'])) $URL .= 'what='.$GLOBALS['what']; - elseif (!empty($GLOBALS['action'])) $URL .= 'action='.$GLOBALS['action']; - elseif (REQUEST_ISSET_GET('area')) $URL .= 'area='.REQUEST_GET('area'); - - // Load URL - LOAD_URL($URL); - break; - - case '404': // Administrator login not found - REQUEST_SET_POST('ok', $ret); - $ret = getMessage('ADMIN_NOT_FOUND'); - destroyAdminSession(); - break; - - case 'pass': // Wrong password - REQUEST_SET_POST('ok', $ret); - $ret = '{--WRONG_PASS--} [{--ADMIN_RESET_PASS--}]'; - destroyAdminSession(); - break; - - default: // Others will be logged - DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_LOGIN()", $ret)); - break; + switch ($ret) { + case 'done': // Admin and password are okay, so we log in now + // Construct URL and redirect + $URL = 'modules.php?module=admin&'; + + // Rewrite overview module + if (getWhat() == 'overview') { + setAction(getModeAction(getModule(), getWhat())); + } // END - if + + // Add data to URL + if (isWhatSet()) $URL .= 'what='.getWhat(); + elseif (isActionSet()) $URL .= 'action='.getAction(); + elseif (REQUEST_ISSET_GET('area')) $URL .= 'area='.REQUEST_GET('area'); + + // Load URL + redirectToUrl($URL); + break; + + case '404': // Administrator login not found + REQUEST_SET_POST('ok', $ret); + $ret = getMessage('ADMIN_NOT_FOUND'); + destroyAdminSession(); + break; + + case 'pass': // Wrong password + REQUEST_SET_POST('ok', $ret); + $ret = '{--WRONG_PASS--} [{--ADMIN_RESET_PASS--}]'; + destroyAdminSession(); + break; + + default: // Others will be logged + DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_LOGIN()", $ret)); + break; } // END - switch } // END - if // Error detected? // @TODO Rewrite all these constants if ($ret != 'done') { - if (REQUEST_ISSET_POST(('login'))) { + if (REQUEST_ISSET_POST('login')) { define('__LOGIN_VALUE', REQUEST_POST('login')); } else { define('__LOGIN_VALUE', ''); } - if (IS_FORM_SENT()) { + if (isFormSent()) { // Set messages to zero $loginMessage = ''; $passwdMessage = ''; // No login entered? - if (!REQUEST_ISSET_POST(('login'))) $loginMessage = getMessage('ADMIN_NO_LOGIN'); + if (!REQUEST_ISSET_POST('login')) $loginMessage = getMessage('ADMIN_NO_LOGIN'); // An error comes back from login? if ((!empty($ret)) && (REQUEST_POST('ok') == '404')) $loginMessage = $ret; @@ -295,13 +295,13 @@ if (!isAdminRegistered()) { } // Load login form - if (!empty($GLOBALS['what'])) { + if (isWhatSet()) { // Restore old what value - $content = array('target' => 'what', 'value' => $GLOBALS['what']); - } elseif (!empty($GLOBALS['action'])) { - if ($GLOBALS['action'] != 'logout') { + $content = array('target' => 'what', 'value' => getWhat()); + } elseif (isActionSet()) { + if (getAction() != 'logout') { // Restore old action value - $content = array('target' => 'action', 'value' => $GLOBALS['action']); + $content = array('target' => 'action', 'value' => getAction()); } else { // Set default values $content = array('target' => 'action', 'value' => 'login'); @@ -346,51 +346,51 @@ if (!isAdminRegistered()) { } } else { // Maybe an Admin want's to login? - $ret = CHECK_ADMIN_COOKIES(get_session('admin_login'), get_session('admin_md5')); + $ret = CHECK_ADMIN_COOKIES(getSession('admin_login'), getSession('admin_md5')); switch ($ret) { - case 'done': - // Check for access control line of current menu entry - $GLOBALS['acl_allow'] = runFilterChain('check_admin_acl'); + case 'done': + // Check for access control line of current menu entry + $GLOBALS['acl_allow'] = runFilterChain('check_admin_acl'); - // When type of admin menu is not set fallback to old menu system - if (!isConfigEntrySet('admin_menu')) setConfigEntry('admin_menu', 'OLD'); + // When type of admin menu is not set fallback to old menu system + if (!isConfigEntrySet('admin_menu')) setConfigEntry('admin_menu', 'OLD'); - // Check for version and switch between old menu system and new intelligent menu system - if ((ADMIN_CHECK_MENU_MODE() == 'NEW') && (INCLUDE_READABLE('inc/modules/admin/lasys-inc.php'))) { - // Default area is the entrance, of course - $area = 'entrance'; + // Check for version and switch between old menu system and new intelligent menu system + if ((ADMIN_CHECK_MENU_MODE() == 'NEW') && (isIncludeReadable('inc/modules/admin/lasys-inc.php'))) { + // Default area is the entrance, of course + $area = 'entrance'; - // Check for similar URL variable - if (REQUEST_ISSET_GET('area')) $area = REQUEST_GET('area'); + // Check for similar URL variable + if (REQUEST_ISSET_GET('area')) $area = REQUEST_GET('area'); - // Load logical-area menu-system file - LOAD_INC_ONCE('inc/modules/admin/lasys-inc.php'); + // Load logical-area menu-system file + loadIncludeOnce('inc/modules/admin/lasys-inc.php'); - // Create new-style menu system will logical areas - ADMIN_LOGICAL_AREA_SYSTEM($area, $act, $GLOBALS['what']); - } else { - // This little call constructs the whole default old and lacky menu system - // on left side. It also renders the content on right side - ADMIN_DO_ACTION($GLOBALS['what']); - } - break; - - case '404': // Administrator login not found - REQUEST_SET_POST('ok', $ret); - destroyAdminSession(); - addFatalMessage(__FILE__, __LINE__, getMessage('ADMIN_NOT_FOUND')); - break; - - case 'pass': // Wrong password - REQUEST_SET_POST('ok', $ret); - destroyAdminSession(); - addFatalMessage(__FILE__, __LINE__, getMessage('WRONG_PASS')); - break; - - default: // Others will be logged - DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_COOKIES()", $ret)); - break; + // Create new-style menu system will logical areas + ADMIN_LOGICAL_AREA_SYSTEM($area, $act, getWhat()); + } else { + // This little call constructs the whole default old and lacky menu system + // on left side. It also renders the content on right side + ADMIN_DO_ACTION(getWhat()); + } + break; + + case '404': // Administrator login not found + REQUEST_SET_POST('ok', $ret); + destroyAdminSession(); + addFatalMessage(__FILE__, __LINE__, getMessage('ADMIN_NOT_FOUND')); + break; + + case 'pass': // Wrong password + REQUEST_SET_POST('ok', $ret); + destroyAdminSession(); + addFatalMessage(__FILE__, __LINE__, getMessage('WRONG_PASS')); + break; + + default: // Others will be logged + DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_COOKIES()", $ret)); + break; } }