X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmysql-manager.php;h=4be52eb6d64ad6284509abd822d8a45170a6ad60;hb=f8dbc8804f8f36a3348418cbe6ad0bf15ca50196;hp=e4bcad187cb98d9505a358ec57139a435f9ef9a2;hpb=4ceb80adf5708c4602e61aef0b160dbec34511f2;p=mailer.git
diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index e4bcad187c..4be52eb6d6 100644
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -32,8 +32,7 @@
************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
@@ -73,6 +72,7 @@ function ADD_MODULE_TITLE($mod) {
}
return $name;
}
+
// Check validity of a given module name (no file extension)
function CHECK_MODULE($mod) {
// We need them now here...
@@ -101,7 +101,7 @@ function CHECK_MODULE($mod) {
if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isBooleanConstantAndTrue('mxchange_installing')) || (!isBooleanConstantAndTrue('admin_registered'))) return "done";
// Check if cache is latest version
- $locked = 'Y'; $hidden = 'N'; $admin = 'N'; $mem = 'N'; $found = false;
+ $locked = "Y"; $hidden = "N"; $admin = "N"; $mem = "N"; $found = false;
if ((GET_EXT_VERSION("cache") >= "0.1.2") && (isset($cacheArray['modules']['module'])) && (is_array($cacheArray['modules']['module']))) {
// Is the module cached?
if (isset($cacheArray['modules']['locked'][$mod_chk])) {
@@ -132,16 +132,16 @@ function CHECK_MODULE($mod) {
// Check returned values against current access permissions
//
// Admin access ----- Guest access ----- --- Guest or member? ---
- if ((IS_ADMIN()) || (($locked == 'N') && ($admin == 'N') && (($mem == 'N') || (IS_LOGGED_IN())))) {
+ if ((IS_ADMIN()) || (($locked == "N") && ($admin == "N") && (($mem == "N") || (IS_LOGGED_IN())))) {
// If you are admin you are welcome for everything!
$ret = "done";
- } elseif ($locked == 'Y') {
+ } elseif ($locked == "Y") {
// Module is locked
$ret = "locked";
- } elseif (($mem == 'Y') && (!IS_LOGGED_IN())) {
+ } elseif (($mem == "Y") && (!IS_LOGGED_IN())) {
// You have to login first!
$ret = "mem_only";
- } elseif (($admin == 'Y') && (!IS_ADMIN())) {
+ } elseif (($admin == "Y") && (!IS_ADMIN())) {
// Only the Admin is allowed to enter this module!
$ret = "admin_only";
}
@@ -187,9 +187,9 @@ function CHECK_MODULE($mod) {
// Return the value
return $ret;
}
+
// Add menu description pending on given file name (without path!)
-function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true)
-{
+function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true) {
global $DEPTH, $_CONFIG;
$LINK_ADD = ""; $OUT = ""; $AND = "";
// First we have to do some analysis...
@@ -209,7 +209,7 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true)
$MOD_CHECK = $GLOBALS['module'];
break;
}
- $AND = " AND what=''";
+ $AND = " AND (what='' OR what IS NULL)";
} elseif (ereg("what-", $file)) {
// This is an admin what file!
$type = "what";
@@ -251,19 +251,23 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true)
if (!$return) $DEPTH++;
$prefix = "";
}
+
$prefix .= " -> ";
+
if (ereg(".php", $search)) {
$search = substr($search, 0, strpos($search, ".php"));
}
+
$result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_%s_menu WHERE %s='%s' ".$AND." LIMIT 1",
array($ACC_LVL, $type, $search), __FILE__, __LINE__);
+
if (SQL_NUMROWS($result) == 1) {
list($ret) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
if ($return) {
// Return title
return $ret;
- } elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($_CONFIG['youre_here'] == 'Y')) || ((IS_ADMIN()) && ($MOD_CHECK == "admin"))) {
+ } elseif (((GET_EXT_VERSION("sql_patches") >= "0.2.3") && ($_CONFIG['youre_here'] == "Y")) || ((IS_ADMIN()) && ($MOD_CHECK == "admin"))) {
// Output HTML code
$OUT = $prefix."".$ret."\n";
//* DEBUG: */ echo __LINE__."*".$type."/".$GLOBALS['what']."*
\n";
@@ -287,22 +291,28 @@ function ADD_DESCR($ACC_LVL, $file, $return = false, $output = true)
//
function ADD_MENU($MODE, $act, $wht) {
global $_CONFIG;
+
+ // Init some variables
+ $main_cnt = 0;
+ $AND = "";
+ $main_action = "";
+ $sub_what = "";
+
if (!VALIDATE_MENU_ACTION($MODE, $act, $wht, true)) return CODE_MENU_NOT_VALID;
- $main_cnt = 0; $AND = ""; $main_action = ""; $sub_what = "";
- if (!IS_ADMIN())
- {
+
+ // Non-admin shall not see all menus
+ if (!IS_ADMIN()) {
$AND = "AND visible='Y' AND locked='N'";
}
+
// Load SQL data and add the menu to the output stream...
- $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE what='' ".$AND." ORDER BY sort",
+ $result_main = SQL_QUERY_ESC("SELECT title, action FROM "._MYSQL_PREFIX."_%s_menu WHERE (what='' OR what IS NULL) ".$AND." ORDER BY sort",
array($MODE), __FILE__, __LINE__);
//* DEBUG: */ echo __LINE__."/".$main_cnt."/".$main_action."/".$sub_what.":".$GLOBALS['what']."*
\n";
- if (SQL_NUMROWS($result_main) > 0)
- {
+ if (SQL_NUMROWS($result_main) > 0) {
OUTPUT_HTML("