From 1622d7d8b5c890391f98ac5d7f7be56fd79c4a8a Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Thu, 27 Dec 2012 04:21:25 +0000 Subject: [PATCH] ext-admins must be checked here, first admin had never 'allow' --- inc/libs/admins_functions.php | 2 +- inc/modules/admin/admin-inc.php | 30 +++++++++++++++++++++--------- 2 files changed, 22 insertions(+), 10 deletions(-) diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php index 1e85afc090..46ac5a0f89 100644 --- a/inc/libs/admins_functions.php +++ b/inc/libs/admins_functions.php @@ -54,7 +54,7 @@ function isAdminsAllowedByAcl ($action, $what) { } // But default result is failed - $GLOBALS[__FUNCTION__][$action][$what] = FALSE; + $GLOBALS[__FUNCTION__][$adminId][$action][$what] = FALSE; // Get admin's defult access right $default = getAdminDefaultAcl($adminId); diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php index c9f941dbd5..ce7680ee51 100644 --- a/inc/modules/admin/admin-inc.php +++ b/inc/modules/admin/admin-inc.php @@ -41,7 +41,7 @@ if (!defined('__SECURITY')) { } // END - if // Register an administrator account -function addAdminAccount ($adminLogin, $passHash, $adminEmail) { +function addAdminAccount ($adminLogin, $passHash, $adminEmail, $accessLevel = 'deny') { // Login does already exist $ret = 'already'; @@ -51,13 +51,25 @@ function addAdminAccount ($adminLogin, $passHash, $adminEmail) { // Is the entry there? if (SQL_HASZERONUMS($result)) { - // Ok, let's create the admin login - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')", - array( - $adminLogin, - $passHash, - $adminEmail - ), __FUNCTION__, __LINE__); + // Is ext-admins installed and version at least 0.3.0? + if (isExtensionInstalledAndNewer('admins', '0.3.0')) { + // Ok, let's create the admin login + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`, `default_acl`) VALUES ('%s', '%s', '%s', '%s')", + array( + $adminLogin, + $passHash, + $adminEmail, + $accessLevel + ), __FUNCTION__, __LINE__); + } else { + // Ok, let's create the admin login + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')", + array( + $adminLogin, + $passHash, + $adminEmail + ), __FUNCTION__, __LINE__); + } // All done $ret = 'done'; @@ -1611,7 +1623,7 @@ function registerFirstAdmin () { destroyAdminSession(); // Do registration - $ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster()); + $ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster(), 'allow'); // Check if registration wents fine switch ($ret) { -- 2.39.5