+<?php
+/************************************************************************
+ * Mailer v0.2.1-FINAL Start: 06/30/2011 *
+ * =================== Last change: 06/30/2011 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : what-list_admins_acls.php *
+ * -------------------------------------------------------------------- *
+ * Short description : List admin access control lines (ACLs) *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : Auflisten von Zugriffskontrollzeilen (ACLs) *
+ * -------------------------------------------------------------------- *
+ * $Revision:: $ *
+ * $Date:: $ *
+ * $Tag:: 0.2.1-FINAL $ *
+ * $Author:: $ *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
+ * Copyright (c) 2009 - 2011 by Mailer Developer Team *
+ * For more information visit: http://www.mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+// Some security stuff...
+if ((!defined('__SECURITY')) || (!isAdmin())) {
+ die();
+} // END - if
+
+// Add description as navigation point
+addYouAreHereLink('admin', __FILE__);
+
+if ((isFormSent('edit')) && (ifPostContainsSelections())) {
+ // Edit ACLs
+ $OUT = '';
+ foreach (postRequestParameter('sel') as $id => $selected) {
+ // Load data for the id
+ $result = SQL_QUERY_ESC("SELECT `id`, `admin_id`, `action_menu`, `what_menu`, `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `id`=%s LIMIT 1",
+ array(bigintval($id)), __FILE__, __LINE__);
+ $content = SQL_FETCHARRAY($result);
+
+ // Free result
+ SQL_FREERESULT($result);
+
+ // Prepare data for the row template
+ $content = array(
+ 'id' => $content['id'],
+ 'admins_selection' => generateOptionList('admins', 'id', 'login', $content['admin_id'], 'default_acl'),
+ 'action_selection' => adminMenuSelectionBox_DEPRECATED('action', $content['action_menu'], $content['id']),
+ 'what_selection' => adminMenuSelectionBox_DEPRECATED('what', $content['what_menu'], $content['id']),
+ 'mode_options' => generateOptionList(
+ '/ARRAY/',
+ array('allow', 'deny'),
+ array(
+ '{--ADMIN_ADMINS_ACCESS_MODE_ALLOW--}',
+ '{--ADMIN_ADMINS_ACCESS_MODE_DENY--}'
+ ),
+ $content['access_mode']
+ ),
+ );
+
+ // Load row template
+ $OUT .= loadTemplate('admin_edit_admins_acls_row', true, $content);
+ } // END - foreach
+
+ // Load main template
+ loadTemplate('admin_edit_admins_acls', false, $OUT);
+} elseif ((isFormSent('change')) && (ifPostContainsSelections())) {
+ // Change entries
+ foreach (postRequestParameter('sel') as $id => $selected) {
+ // Secure id
+ $id = bigintval($id);
+
+ // Update entries
+ SQL_QUERY_ESC("UPDATE
+ `{?_MYSQL_PREFIX?}_admins_acls`
+SET
+ `admin_id`=%s,
+ `action_menu`='%s',
+ `what_menu`='%s',
+ `access_mode`='%s'
+WHERE
+ `id`=%s
+LIMIT 1",
+ array(
+ postRequestParameter('admin', $id),
+ postRequestParameter('action_menu', $id),
+ postRequestParameter('what_menu', $id),
+ postRequestParameter('mode', $id),
+ $id
+ ),__FILE__, __LINE__);
+ } // END - foreach
+
+ // Update cache when installed
+ // @TODO Rewrite this to a filter
+ if (isExtensionActive('cache')) {
+ if ($GLOBALS['cache_instance']->loadCacheFile('admin_acls')) $GLOBALS['cache_instance']->removeCacheFile();
+ } // END - if
+
+ // Entries changed
+ displayMessage('{--ADMIN_ADMINS_ENTRIES_CHANGED--}');
+} elseif ((isFormSent('delete')) && (ifPostContainsSelections())) {
+ // Delete ACLs
+ $OUT = '';
+ foreach (postRequestParameter('sel') as $id => $selected) {
+ // Load data for the id
+ $result = SQL_QUERY_ESC("SELECT `id`, `admin_id`, `action_menu`, `what_menu`, `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `id`=%s LIMIT 1",
+ array(bigintval($id)), __FILE__, __LINE__);
+ $content = SQL_FETCHARRAY($result);
+ SQL_FREERESULT($result);
+
+ // Get admin mode
+ $content['access_mode'] = '{--ADMIN_ADMINS_ACCESS_MODE_' . strtoupper($content['access_mode']) . '--}';
+
+ // Load row template and switch colors
+ $OUT .= loadTemplate('admin_delete_admins_acls_row', true, $content);
+ } // END - foreach
+
+ // Load main template
+ loadTemplate('admin_delete_admins_acls', false, $OUT);
+} elseif ((isFormSent('remove')) && (ifPostContainsSelections())) {
+ // Remove entries
+ // @TODO Rewrite this to filter 'run_sqls'
+ foreach (postRequestParameter('sel') as $id => $selected) {
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `id`=%s LIMIT 1",
+ array(bigintval($id)),__FILE__, __LINE__);
+ } // END - foreach
+
+ // Update cache when installed
+ if (isExtensionActive('cache')) {
+ if ($GLOBALS['cache_instance']->loadCacheFile('admin_acls')) $GLOBALS['cache_instance']->removeCacheFile();
+ } // END - if
+
+ // Entries deleted
+ displayMessage('{--ADMIN_ADMINS_ENTRIES_DELETED--}');
+} elseif (isFormSent('add')) {
+ // Check if everything is fine...
+ $mode = getAdminDefaultAcl(bigintval(postRequestParameter('admin_id')));
+
+ // Default ACL is false
+ $ACL = false;
+ if (isPostRequestParameterSet('what_menu')) {
+ // Check parent ACL
+ $ACL = adminsCheckAdminAcl(getActionFromModuleWhat('admin', postRequestParameter('what_menu')), '');
+ } // END - if
+
+ if (($mode != postRequestParameter('mode')) || (($ACL === true) && (postRequestParameter('mode') == 'deny'))) {
+ // Mode is fine
+ $BOTH = ((isPostRequestParameterSet('action_menu')) && (isPostRequestParameterSet('what_menu')) && (postRequestParameter('action_menu') != '') && (postRequestParameter('what_menu') != ''));
+
+ // Check if one has been selected
+ if ((((isPostRequestParameterSet('action_menu')) && (postRequestParameter('action_menu') != '')) || ((isPostRequestParameterSet('what_menu')) && (postRequestParameter('what_menu') != ''))) && ($BOTH === false)) {
+ // Main or sub menu selected
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `admin_id`=%s AND `action_menu`='%s' AND `what_menu`='%s' LIMIT 1",
+ array(
+ bigintval(postRequestParameter('admin_id')),
+ postRequestParameter('action_menu'),
+ postRequestParameter('what_menu')
+ ), __FILE__, __LINE__);
+ if (SQL_HASZERONUMS($result)) {
+ // Finally add the new ACL
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins_acls` (`admin_id`, `action_menu`, `what_menu`, `access_mode`)
+VALUES ('%s','%s','%s','%s')",
+ array(
+ bigintval(postRequestParameter('admin_id')),
+ postRequestParameter('action_menu'),
+ postRequestParameter('what_menu'),
+ postRequestParameter('mode')
+ ), __FILE__, __LINE__);
+ $content = '{--ADMIN_ADMINS_ACL_SAVED--}';
+
+ // Update cache when installed
+ if (isExtensionActive('cache')) {
+ if ($GLOBALS['cache_instance']->loadCacheFile('admin_acls')) $GLOBALS['cache_instance']->removeCacheFile();
+ } // END - if
+ } else {
+ // ACL does already exist!
+ $content = '{--ADMIN_ADMINS_ACL_ALREADY_ADDED--}';
+ }
+
+ // Free memory
+ SQL_FREERESULT($result);
+ } else {
+ // No menu selected makes also no sence...
+ $content = '{--ADMIN_ADMINS_SELECT_ACTION_WHAT--}';
+ }
+ } else {
+ // Same mode makes no sence...
+ $content = '{--ADMIN_ADMINS_SAME_MODE_SELECTED--}';
+ }
+
+ // Display message
+ displayMessage($content);
+} else {
+ // List all ACLs
+ $result = SQL_QUERY('SELECT `id`, `admin_id`, `action_menu`, `what_menu`, `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` ORDER BY `admin_id` ASC, `id` ASC', __FILE__, __LINE__);
+
+ // Entries found?
+ if (!SQL_HASZERONUMS($result)) {
+ // List ACLs
+ $OUT = '';
+ while ($content = SQL_FETCHARRAY($result)) {
+ // Generate mode string
+ $content['access_mode'] = '{--ADMIN_ADMINS_ACCESS_MODE_' . strtoupper($content['access_mode']) . '--}';
+
+ // Load row template and switch colors
+ $OUT .= loadTemplate('admin_list_admins_acls_row', true, $content);
+ } // END - while
+
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // Load main template
+ loadTemplate('admin_list_admins_acls', false, $OUT);
+ } // END - if
+
+ // Prepare some constants for the template
+ $content['admins_selection'] = generateOptionList('admins', 'id', 'login', '', 'default_acl');
+ $content['action_selection'] = adminMenuSelectionBox_DEPRECATED('action');
+ $content['what_selection'] = adminMenuSelectionBox_DEPRECATED('what');
+ $content['mode_options'] = generateOptionList(
+ '/ARRAY/',
+ array('allow', 'deny'),
+ array(
+ '{--ADMIN_ADMINS_ACCESS_MODE_ALLOW--}',
+ '{--ADMIN_ADMINS_ACCESS_MODE_DENY--}'
+ )
+ );
+
+ // Load template for adding new ACL
+ loadTemplate('admin_add_admins_acl', false, $content);
+}
+
+// [EOF]
+?>