From 1622d7d8b5c890391f98ac5d7f7be56fd79c4a8a Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Thu, 27 Dec 2012 04:21:25 +0000
Subject: [PATCH] ext-admins must be checked here, first admin had never
 'allow'

---
 inc/libs/admins_functions.php   |  2 +-
 inc/modules/admin/admin-inc.php | 30 +++++++++++++++++++++---------
 2 files changed, 22 insertions(+), 10 deletions(-)

diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php
index 1e85afc090..46ac5a0f89 100644
--- a/inc/libs/admins_functions.php
+++ b/inc/libs/admins_functions.php
@@ -54,7 +54,7 @@ function isAdminsAllowedByAcl ($action, $what) {
 	}
 
 	// But default result is failed
-	$GLOBALS[__FUNCTION__][$action][$what] = FALSE;
+	$GLOBALS[__FUNCTION__][$adminId][$action][$what] = FALSE;
 
 	// Get admin's defult access right
 	$default = getAdminDefaultAcl($adminId);
diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index c9f941dbd5..ce7680ee51 100644
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -41,7 +41,7 @@ if (!defined('__SECURITY')) {
 } // END - if
 
 // Register an administrator account
-function addAdminAccount ($adminLogin, $passHash, $adminEmail) {
+function addAdminAccount ($adminLogin, $passHash, $adminEmail, $accessLevel = 'deny') {
 	// Login does already exist
 	$ret = 'already';
 
@@ -51,13 +51,25 @@ function addAdminAccount ($adminLogin, $passHash, $adminEmail) {
 
 	// Is the entry there?
 	if (SQL_HASZERONUMS($result)) {
-		// Ok, let's create the admin login
-		SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')",
-			array(
-				$adminLogin,
-				$passHash,
-				$adminEmail
-			), __FUNCTION__, __LINE__);
+		// Is ext-admins installed and version at least 0.3.0?
+		if (isExtensionInstalledAndNewer('admins', '0.3.0')) {
+			// Ok, let's create the admin login
+			SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`, `default_acl`) VALUES ('%s', '%s', '%s', '%s')",
+				array(
+					$adminLogin,
+					$passHash,
+					$adminEmail,
+					$accessLevel
+				), __FUNCTION__, __LINE__);
+		} else {
+			// Ok, let's create the admin login
+			SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')",
+				array(
+					$adminLogin,
+					$passHash,
+					$adminEmail
+				), __FUNCTION__, __LINE__);
+		}
 
 		// All done
 		$ret = 'done';
@@ -1611,7 +1623,7 @@ function registerFirstAdmin () {
 		destroyAdminSession();
 
 		// Do registration
-		$ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster());
+		$ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster(), 'allow');
 
 		// Check if registration wents fine
 		switch ($ret) {
-- 
2.39.2