From 37cc6c8fc8399adf1f11a66caf709a349e83daa1 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Tue, 27 Nov 2012 23:23:54 +0000 Subject: [PATCH] Introduced registerFirstAdmin() and fixed some checks on 'ok' to 'add_first_admin' --- inc/modules/admin.php | 129 +----------------------------- inc/modules/admin/admin-inc.php | 134 ++++++++++++++++++++++++++++++++ 2 files changed, 136 insertions(+), 127 deletions(-) diff --git a/inc/modules/admin.php b/inc/modules/admin.php index 69dc30b7c0..080748f72a 100644 --- a/inc/modules/admin.php +++ b/inc/modules/admin.php @@ -51,133 +51,8 @@ $ret = 'init'; // Is no admin registered? if (!isAdminRegistered()) { - // Admin is not registered so we have to inform the user - if ((isFormSent()) && ((!isPostRequestElementSet('admin_login')) || (!isPostRequestElementSet('admin_pass1')) || (strlen(postRequestElement('admin_pass1')) < getConfig('minium_admin_pass_length')) || (!isPostRequestElementSet('admin_pass2')) || (strlen(postRequestElement('admin_pass2')) < getConfig('minium_admin_pass_length')) || (postRequestElement('admin_pass1') != postRequestElement('admin_pass2')))) { - setPostRequestElement('ok', '***'); - } // END - if - - // Clear error message - $errorMessage = ''; - - if ((isFormSent()) && (postRequestElement('ok') != '***')) { - // Hash the password with the old function because we are here in install mode - $hashedPass = md5(postRequestElement('admin_pass1')); - - // Kill maybe existing session variables - destroyAdminSession(); - - // Do registration - $ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster()); - - // Check if registration wents fine - switch ($ret) { - case 'done': - // Change ADMIN_REGISTERED entry - $done = changeDataInLocalConfigurationFile('ADMIN-SETUP', "setConfigEntry('ADMIN_REGISTERED', '", "');", 'Y', 0); - - // Was it successfull? - if ($done === TRUE) { - // Registering is done - redirectToUrl('modules.php?module=admin&register=done'); - } else { - // Registration incomplete - $errorMessage = '{--ADMIN_CANNOT_COMPLETE--}'; - - // Set this to have our error message displayed - setPostRequestElement('ok', '***'); - } - break; - - case 'failed': // Registration has failed - $errorMessage = '{--ADMIN_REGISTER_FAILED--}'; - - // Set this to have our error message displayed - setPostRequestElement('ok', '***'); - break; - - case 'already': // Admin does already exists! - $errorMessage = '{--ADMIN_LOGIN_ALREADY_REG--}'; - - // Set this to have our error message displayed - setPostRequestElement('ok', '***'); - break; - - default: - // Any other kind will be logged - $errorMessage = sprintf("Unknown return code %s from ifAdminLoginDataIsValid().", $ret); - logDebugMessage(__FILE__, __LINE__, $errorMessage); - - // Set this to have our error message displayed - setPostRequestElement('ok', '***'); - break; - } // END - switch - } // END - if - - // Whas that action okay? - if ($ret != 'done') { - // Init login name - $content['admin_login'] = ''; - if (isPostRequestElementSet('admin_login')) { - $content['admin_login'] = postRequestElement('admin_login'); - } // END - if - - // Init array elements - $content['login_message'] = ''; - $content['pass1_message'] = ''; - $content['pass2_message'] = ''; - $content['error_message'] = ''; - - // Yet-another notice-fix - if ((isFormSent('add_first_admin')) && (postRequestElement('ok') == '***')) { - // Init variables - $loginMessage = ''; - $pass1Message = ''; - $pass2Message = ''; - - // No login entered? - if (empty($content['admin_login'])) { - $loginMessage = '{--ADMIN_NO_LOGIN--}'; - } // END - if - - // An error comes back from registration? - if ((!empty($ret)) && ($ret != 'init')) { - $loginMessage = $errorMessage; - } // END - if - - // No password 1 entered or to short? - if (!isPostRequestElementSet('admin_pass1')) { - $pass1Message = '{--ADMIN_NO_PASSWORD1--}'; - } elseif (strlen(postRequestElement('admin_pass1')) < getConfig('minium_admin_pass_length')) { - $pass1Message = '{--ADMIN_SHORT_PASSWORD1--}'; - } - - // No password 2 entered or to short? - if (!isPostRequestElementSet('admin_pass2')) { - $pass2Message = '{--ADMIN_NO_PASSWORD2--}'; - } elseif (strlen(postRequestElement('admin_pass2')) < getConfig('minium_admin_pass_length')) { - $pass2Message = '{--ADMIN_SHORT_PASSWORD2--}'; - } - - // Both didn't match? - if (postRequestElement('admin_pass1') != postRequestElement('admin_pass2')) { - // No match - if (empty($pass1Message)) $pass1Message = '{--ADMIN_PASSWORD1_MISMATCH--}'; - if (empty($pass2Message)) $pass2Message = '{--ADMIN_PASSWORD2_MISMATCH--}'; - } // END - if - - // Output error messages - $content['login_message'] = loadTemplate('admin_login_msg', TRUE, $loginMessage); - $content['pass1_message'] = loadTemplate('admin_login_msg', TRUE, $pass1Message); - $content['pass2_message'] = loadTemplate('admin_login_msg', TRUE, $pass2Message); - $content['error_message'] = loadTemplate('admin_login_msg', TRUE, $errorMessage); - } // END - if - - // Output message in seperate template - displayMessage('{--ADMIN_ACCOUNT_NOT_REGISTERED_YET--}'); - - // Load register template - loadTemplate('admin_reg_form', FALSE, $content); - } // END - if + // Register first admin + registerFirstAdmin(); } elseif (isGetRequestElementSet('reset_pass')) { // Is the form submitted? if ((isPostRequestElementSet('send_link')) && (isPostRequestElementSet('email'))) { diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php index 505bcc0f82..67e1376547 100644 --- a/inc/modules/admin/admin-inc.php +++ b/inc/modules/admin/admin-inc.php @@ -1588,5 +1588,139 @@ function doAdminProcessMenuWeightning ($type, $AND) { } // END - if } +// Function to register first admin +function registerFirstAdmin () { + // Make sure that no admin is registered + assert(!isAdminRegistered()); + + // Admin is not registered so we have to inform the user + if ((isFormSent('add_first_admin')) && ((!isPostRequestElementSet('admin_login')) || (!isPostRequestElementSet('admin_pass1')) || (strlen(postRequestElement('admin_pass1')) < getConfig('minium_admin_pass_length')) || (!isPostRequestElementSet('admin_pass2')) || (strlen(postRequestElement('admin_pass2')) < getConfig('minium_admin_pass_length')) || (postRequestElement('admin_pass1') != postRequestElement('admin_pass2')))) { + setPostRequestElement('add_first_admin', '***'); + } // END - if + + // Clear error message + $errorMessage = ''; + + if ((isFormSent('add_first_admin')) && (postRequestElement('add_first_admin') != '***')) { + // Hash the password with the old function because we are here in install mode + $hashedPass = md5(postRequestElement('admin_pass1')); + + // Kill maybe existing session variables + destroyAdminSession(); + + // Do registration + $ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster()); + + // Check if registration wents fine + switch ($ret) { + case 'done': + // Change ADMIN_REGISTERED entry + $done = changeDataInLocalConfigurationFile('ADMIN-SETUP', "setConfigEntry('ADMIN_REGISTERED', '", "');", 'Y', 0); + + // Was it successfull? + if ($done === TRUE) { + // Registering is done + redirectToUrl('modules.php?module=admin&register=done'); + } else { + // Registration incomplete + $errorMessage = '{--ADMIN_CANNOT_COMPLETE--}'; + + // Set this to have our error message displayed + setPostRequestElement('add_first_admin', '***'); + } + break; + + case 'failed': // Registration has failed + $errorMessage = '{--ADMIN_REGISTER_FAILED--}'; + + // Set this to have our error message displayed + setPostRequestElement('add_first_admin', '***'); + break; + + case 'already': // Admin does already exists! + $errorMessage = '{--ADMIN_LOGIN_ALREADY_REG--}'; + + // Set this to have our error message displayed + setPostRequestElement('add_first_admin', '***'); + break; + + default: + // Any other kind will be logged + $errorMessage = sprintf("Unknown return code %s from ifAdminLoginDataIsValid().", $ret); + logDebugMessage(__FUNCTION__, __LINE__, $errorMessage); + + // Set this to have our error message displayed + setPostRequestElement('add_first_admin', '***'); + break; + } // END - switch + } // END - if + + // Whas that action okay? + if ($ret != 'done') { + // Init login name + $content['admin_login'] = ''; + if (isPostRequestElementSet('admin_login')) { + $content['admin_login'] = postRequestElement('admin_login'); + } // END - if + + // Init array elements + $content['login_message'] = ''; + $content['pass1_message'] = ''; + $content['pass2_message'] = ''; + $content['error_message'] = ''; + + // Yet-another notice-fix + if ((isFormSent('add_first_admin')) && (postRequestElement('add_first_admin') == '***')) { + // Init variables + $loginMessage = ''; + $pass1Message = ''; + $pass2Message = ''; + + // No login entered? + if (empty($content['admin_login'])) { + $loginMessage = '{--ADMIN_NO_LOGIN--}'; + } // END - if + + // An error comes back from registration? + if ((!empty($ret)) && ($ret != 'init')) { + $loginMessage = $errorMessage; + } // END - if + + // No password 1 entered or to short? + if (!isPostRequestElementSet('admin_pass1')) { + $pass1Message = '{--ADMIN_NO_PASSWORD1--}'; + } elseif (strlen(postRequestElement('admin_pass1')) < getConfig('minium_admin_pass_length')) { + $pass1Message = '{--ADMIN_SHORT_PASSWORD1--}'; + } + + // No password 2 entered or to short? + if (!isPostRequestElementSet('admin_pass2')) { + $pass2Message = '{--ADMIN_NO_PASSWORD2--}'; + } elseif (strlen(postRequestElement('admin_pass2')) < getConfig('minium_admin_pass_length')) { + $pass2Message = '{--ADMIN_SHORT_PASSWORD2--}'; + } + + // Both didn't match? + if (postRequestElement('admin_pass1') != postRequestElement('admin_pass2')) { + // No match + if (empty($pass1Message)) $pass1Message = '{--ADMIN_PASSWORD1_MISMATCH--}'; + if (empty($pass2Message)) $pass2Message = '{--ADMIN_PASSWORD2_MISMATCH--}'; + } // END - if + + // Output error messages + $content['login_message'] = loadTemplate('admin_login_msg', TRUE, $loginMessage); + $content['pass1_message'] = loadTemplate('admin_login_msg', TRUE, $pass1Message); + $content['pass2_message'] = loadTemplate('admin_login_msg', TRUE, $pass2Message); + $content['error_message'] = loadTemplate('admin_login_msg', TRUE, $errorMessage); + } // END - if + + // Output message in seperate template + displayMessage('{--ADMIN_ACCOUNT_NOT_REGISTERED_YET--}'); + + // Load register template + loadTemplate('admin_reg_form', FALSE, $content); + } // END - if +} + // [EOF] ?> -- 2.39.5