487eb2c3c7fec804f37a9d7d6a5db32e0161a1cd
[mailer.git] / 0.2.1 / inc / modules / admin / admin-inc.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 08/31/2003 *
4  * ===============                              Last change: 11/23/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : admin-inc.php                                    *
8  * -------------------------------------------------------------------- *
9  * Short description : Administrative related functions                 *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : F�r die Administration ben�tigte Funktionen      *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
36 {
37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
38         require($INC);
39 }
40
41 //
42 function REGISTER_ADMIN ($user, $md5)
43 {
44         $ret = "failed";
45         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
46          array($user), __FILE__, __LINE__);
47         if (SQL_NUMROWS($result) == 0)
48         {
49                 // Ok, let's create the admin login
50                 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES('%s', '%s', '".WEBMASTER."')",
51                  array($user, $md5), __FILE__, __LINE__);
52                 $ret = "done";
53         }
54          else
55         {
56                 // Free memory
57                 SQL_FREERESULT($result);
58
59                 // Login does already exist
60                 $ret = "already";
61         }
62         return $ret;
63 }
64 // Only be executed on login procedure!
65 function CHECK_ADMIN_LOGIN ($admin_login, $password)
66 {
67         global $ADMINS, $CONFIG, $CACHE;
68         $ret = "404"; $pass = "";
69         if (!empty($ADMINS['aid'][$admin_login]))
70         {
71                 // Get password from cache
72                 $pass = $ADMINS['password'][$admin_login];
73                 $ret = "pass";
74                 $CONFIG['cache_hits']++;
75         }
76          else
77         {
78                 // Get password from DB
79                 $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
80                  array($admin_login), __FILE__, __LINE__);
81                 if (SQL_NUMROWS($result) == 1)
82                 {
83                         $ret = "pass";
84                         list($pass) = SQL_FETCHROW($result);
85                         SQL_FREERESULT($result);
86                 }
87         }
88
89         //* DEBUG: */ echo "*".$pass."/".$password."/".$ret."<BR>";
90         if ((strlen($pass) == 32) && ($pass == md5($password)))
91         {
92                 // Generate new hash
93                 $pass = generateHash($password);
94                 if (($ret == "pass") && (GET_EXT_VERSION("sql_patches") < "0.3.6")) $ret = "done";
95         }
96          elseif ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == ""))
97         {
98                 // Old hashing way
99                 return $ret;
100         }
101
102         // Generate salt of password
103         define('__SALT', substr($pass, 0, -40));
104         $salt = __SALT;
105
106         // Check if password is same
107         if (($ret == "pass") && ($pass == generateHash($password, $salt)) && (!empty($salt)))
108         {
109                 // Update password
110                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE login='%s' LIMIT 1",
111                  array($pass, $admin_login), __FILE__, __LINE__);
112
113                 // Shall I remove the cache file?
114                 if ((EXT_IS_ACTIVE("cache")) && ($CACHE != false))
115                 {
116                         if ($CACHE->cache_file("admins", true)) $CACHE->cache_destroy();
117                 }
118
119                 // Password matches!
120                 $ret = "done";
121         }
122          elseif ((empty($salt)) && ($ret == "pass"))
123         {
124                 // Something bad went wrong
125                 $ret = "failed";
126         }
127         return $ret;
128 }
129 // Only be executed on cookie checking
130 function CHECK_ADMIN_COOKIES ($admin_login, $password)
131 {
132         global $ADMINS, $CONFIG;
133         $ret = "404"; $pass = "";
134         if (!empty($ADMINS['aid'][$admin_login]))
135         {
136                 // Get password from cache
137                 $pass = $ADMINS['password'][$admin_login];
138                 $ret = "pass";
139                 $CONFIG['cache_hits']++;
140         }
141          else
142         {
143                 // Get password from DB
144                 $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
145                  array($admin_login), __FILE__, __LINE__);
146                 if (SQL_NUMROWS($result) == 1)
147                 {
148                         $ret = "pass";
149                         list($pass) = SQL_FETCHROW($result);
150                         SQL_FREERESULT($result);
151                 }
152         }
153
154         //* DEBUG: */ echo "*".$pass."/".$password."<BR>";
155
156         // Check if password matches
157         if (($ret == "pass") && ((generatePassString($pass) == $password) || ($pass == $password)))
158         {
159                 // Passwords matches!
160                 $ret = "done";
161         }
162         return $ret;
163 }
164 //
165 function admin_WriteData ($FILE, $COMMENT, $PREFIX, $SUFFIX, $DATA, $SEEK=0)
166 {
167         $DONE = false;  $SEEK++; $found = false;
168         if (file_exists($FILE))
169         {
170                 $SEARCH = "CFG: ".$COMMENT;
171                 $TMP = $FILE.".tmp";
172                 $fp = fopen($FILE, 'r') or OUTPUT_HTML ("<STRONG>READ:</STRONG> ".$FILE."<BR>");
173                 if ($fp)
174                 {
175                         $fp_tmp = fopen($TMP, 'w') or OUTPUT_HTML ("<STRONG>WRITE:</STRONG> ".$TMP."<BR>");
176                         if ($fp_tmp)
177                         {
178                                 while (! feof($fp))
179                                 {
180                                         $line = fgets ($fp, 1024);
181                                         if (strpos($line, $SEARCH) > -1) { $next = 0; $found = true; }
182                                         if ($next > -1)
183                                         {
184                                                 if ($next == $SEEK)
185                                                 {
186                                                         $next = -1;
187                                                         $line = $PREFIX.$DATA.$SUFFIX."\n";
188                                                 }
189                                                  else
190                                                 {
191                                                         $next++;
192                                                 }
193                                         }
194                                         fputs($fp_tmp, $line);
195                                 }
196                                 fclose($fp_tmp);
197                                 // Finished writing tmp file
198                                 $DONE = true;
199                         }
200                         fclose($fp);
201                         if (($DONE) && ($found))
202                         {
203                                 // Copy back tmp file and delete tmp :-)
204                                 @copy($TMP, $FILE);
205                                 @unlink($TMP);
206                                 define ('_FATAL', false);
207                         }
208                          elseif (!$found)
209                         {
210                                 OUTPUT_HTML ("<STRONG>CHANGE:</STRONG> 404!");
211                                 define ('_FATAL', true);
212                         }
213                          else
214                         {
215                                 OUTPUT_HTML ("<STRONG>TMP:</STRONG> UNDONE!");
216                                 define ('_FATAL', true);
217                         }
218                 }
219         }
220          else
221         {
222                 OUTPUT_HTML ("<STRONG>404:</STRONG> ".$FILE."<BR>");
223         }
224 }
225 //
226 function ADMIN_DO_ACTION($wht)
227 {
228         global $menuDesription, $MTITLE, $CONFIG, $EXTENSIONS, $link, $DATA;
229         //* DEBUG: */ echo __LINE__."*".$wht."/".$GLOBALS['module']."/".$GLOBALS['action']."/".$GLOBALS['what']."*<br />\n";
230         if (EXT_IS_ACTIVE("cache"))
231         {
232                 // Include cache instance
233                 global $CACHE;
234         }
235
236         // Remove any spaces from variable
237         if (empty($wht))
238         {
239                 // Default admin action is the overview page
240                 $wht = "overview";
241         }
242          else
243         {
244                 // Compile out some chars
245                 $wht = COMPILE_CODE($wht, false, false, false);
246         }
247
248         // Get action value
249         $act = GET_ACTION($GLOBALS['module'], $wht);
250
251         // Define admin login name and ID number
252         define('__ADMIN_LOGIN', SQL_ESCAPE($_COOKIE['admin_login']));
253         define('__ADMIN_ID'   , GET_ADMIN_ID($_COOKIE['admin_login']));
254
255         // Preload templates
256         if (EXT_IS_ACTIVE("admins")) {
257                 define('__ADMIN_WELCOME', LOAD_TEMPLATE("admin_welcome_admins", true));
258         } else {
259                 define('__ADMIN_WELCOME', LOAD_TEMPLATE("admin_welcome", true));
260         }
261         define('__ADMIN_FOOTER' , LOAD_TEMPLATE("admin_footer" , true));
262         define('__ADMIN_MENU'   , ADD_ADMIN_MENU($act, $wht, true));
263
264         // Tableset header
265         LOAD_TEMPLATE("admin_main_header");
266
267         // Check if action/what pair is valid
268         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu
269 WHERE action='%s' AND ((what='%s' AND what != 'overview') OR (what='' AND '%s'='overview'))
270 LIMIT 1", array($act, $wht, $wht), __FILE__, __LINE__);
271         if (SQL_NUMROWS($result) == 1)
272         {
273                 // Free memory
274                 SQL_FREERESULT($result);
275
276                 // Is valid but does the inlcude file exists?
277                 $INC = sprintf(PATH."inc/modules/admin/action-%s.php", $act);
278                 if ((file_exists($INC)) && (is_readable($INC)) && (VALIDATE_MENU_ACTION("admin", $act, $wht)) && (__ACL_ALLOW == true))
279                 {
280                         // Ok, we finally load the admin action module
281                         include($INC);
282                 }
283                  elseif (__ACL_ALLOW == false)
284                 {
285                         // Access denied
286                         LOAD_TEMPLATE("admin_menu_failed", false, ADMINS_ACCESS_DENIED);
287                         ADD_FATAL(ADMINS_ACCESS_DENIED);
288                 }
289                  else
290                 {
291                         // Include file not found! :-(
292                         LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_404_ACTION);
293                         ADD_FATAL(ADMIN_404_ACTION_1.$act.ADMIN_404_ACTION_2);
294                 }
295         } else {
296                 // Invalid action/what pair found!
297                 LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_INVALID_ACTION);
298                 ADD_FATAL(ADMIN_INVALID_ACTION_1.$act."/".$wht.ADMIN_INVALID_ACTION_2);
299         }
300
301         // Tableset footer
302         LOAD_TEMPLATE("admin_main_footer");
303 }
304 //
305 function ADD_ADMIN_MENU($act, $wht,$return=false)
306 {
307         global $_GET, $menuDesription, $MTITLE, $link;
308         $SUB = false;
309
310         // Menu descriptions
311         $menuDesription = array();
312         $MTITLE = array();
313
314         // Build main menu
315         $result_main = SQL_QUERY("SELECT action, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' ORDER BY sort, id DESC", __FILE__, __LINE__);
316         $OUT = "";
317         if (SQL_NUMROWS($result_main) > 0)
318         {
319                 $OUT = "<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_main\">
320 <TR><TD colspan=\"2\" height=\"7\" class=\"seperator\">&nbsp;</TD></TR>\n";
321                 while (list($menu, $title, $descr) = SQL_FETCHROW($result_main))
322                 {
323                         if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2"))
324                         {
325                                 $ACL = ADMINS_CHECK_ACL($menu, "");
326                         }
327                          else
328                         {
329                                 // ACL is "allow"... hmmm
330                                 $ACL = true;
331                         }
332                         if ($ACL)
333                         {
334                                 if (!$SUB)
335                                 {
336                                         // Insert compiled menu title and description
337                                         $MTITLE[$menu]        = $title;
338                                         $menuDesription[$menu] = $descr;
339                                 }
340                                 $OUT .= "<TR>
341   <TD class=\"admin_menu\" colspan=\"2\">
342     <NOBR>&nbsp;<STRONG>&middot;</STRONG>&nbsp;";
343                                 if (($menu == $act) && (empty($wht)))
344                                 {
345                                         $OUT .= "<STRONG>";
346                                 }
347                                  else
348                                 {
349                                         $OUT .= "[&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;action=".$menu."\">";
350                                 }
351                                 $OUT .= $title;
352                                 if (($menu == $act) && (empty($wht)))
353                                 {
354                                         $OUT .= "</STRONG>";
355                                 }
356                                  else
357                                 {
358                                         $OUT .= "</A>&nbsp;]";
359                                 }
360                                 $OUT .= "</NOBR></TD>
361 </TR>\n";
362                                 $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' ORDER BY sort, id DESC",
363                                  array($menu), __FILE__, __LINE__);
364                                 if ((SQL_NUMROWS($result_what) > 0) && ($act == $menu))
365                                 {
366                                         $menuDesription = array();
367                                         $MTITLE = array(); $SUB = true;
368                                         $OUT .= "<TR>
369   <TD width=\"10\" class=\"seperator\">&nbsp;</TD>
370   <TD class=\"admin_menu\">
371     <TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_sub\">\n";
372                                         while (list($wht_sub, $title_what, $desc_what) = SQL_FETCHROW($result_what))
373                                         {
374                                                 // Filename
375                                                 $INC = sprintf(PATH."inc/modules/admin/what-%s.php", $wht_sub);
376                                                 if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2"))
377                                                 {
378                                                         $ACL = ADMINS_CHECK_ACL("", $wht_sub);
379                                                 }
380                                                  else
381                                                 {
382                                                         // ACL is "allow"... hmmm
383                                                         $ACL = true;
384                                                 }
385                                                 $readable = ((file_exists($INC)) && (is_readable($INC)));
386                                                 if ($ACL)
387                                                 {
388                                                         // Insert compiled title and description
389                                                         $MTITLE[$wht_sub]        = $title_what;
390                                                         $menuDesription[$wht_sub] = $desc_what;
391                                                         $OUT .= "<TR>
392   <TD class=\"admin_menu\" colspan=\"2\">
393     <NOBR>&nbsp;<STRONG>--&gt;</STRONG>&nbsp;";
394                                                         if ($readable)
395                                                         {
396                                                                 if ($wht == $wht_sub)
397                                                                 {
398                                                                         $OUT .= "<STRONG>";
399                                                                 }
400                                                                  else
401                                                                 {
402                                                                         $OUT .= "[&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;what=".$wht_sub."\">";
403                                                                 }
404                                                         }
405                                                          else
406                                                         {
407                                                                 $OUT .= "<I class=\"admin_note\">";
408                                                         }
409                                                         $OUT .= $title_what;
410                                                         if ($readable)
411                                                         {
412                                                                 if ($wht == $wht_sub)
413                                                                 {
414                                                                         $OUT .= "</STRONG>";
415                                                                 }
416                                                                  else
417                                                                 {
418                                                                         $OUT .= "</A>&nbsp;]";
419                                                                 }
420                                                         }
421                                                          else
422                                                         {
423                                                                 $OUT .= "</I>";
424                                                         }
425                                                         $OUT .= "</NOBR></TD>
426 </TR>\n";
427                                                 }
428                                         }
429
430                                         // Free memory
431                                         SQL_FREERESULT($result_what);
432                                         $OUT .= "    </TABLE>
433   </TD>
434 </TR>\n";
435                                 }
436                                 $OUT .= "<TR><TD height=\"7\" colspan=\"2\"></TD></TR>\n";
437                         }
438                 }
439
440                 // Free memory
441                 SQL_FREERESULT($result_main);
442                 $OUT .= "</TABLE>\n";
443         }
444
445         // Compile and run the code here. This inserts all constants into the
446         // HTML output. Costs me some time to figure this out... *sigh* Quix0r
447         $eval = "\$OUT = \"".COMPILE_CODE(addslashes($OUT))."\";";
448         eval($eval);
449
450         // Return or output content?
451         if ($return) {
452                 return $OUT;
453         } else {
454                 OUTPUT_HTML ($OUT);
455         }
456 }
457 //
458 function ADD_MEMBER_SELECTION_BOX($add_all = false, $return = false, $none = false, $def = "0")
459 {
460         global $_GET;
461         // Output selection form with all confirmed user accounts listed
462         $result = SQL_QUERY("SELECT userid, surname, family FROM "._MYSQL_PREFIX."_user_data ORDER BY userid", __FILE__, __LINE__);
463         $OUT = "";
464
465         // USe this only for adding points (e.g. adding refs really makes no sence ;-) )
466         if ($add_all) $OUT = "      <OPTION value=\"all\">".ALL_MEMBERS."</OPTION>\n";
467          elseif ($none) $OUT = "      <OPTION value=\"0\">".SELECT_NONE."</OPTION>\n";
468         while (list($id, $sname, $fname) = SQL_FETCHROW($result))
469         {
470                 $OUT .= "      <OPTION value=\"".$id."\"";
471                 if ($def == $id) $OUT .= " selected=\"selected\"";
472                 $OUT .= ">".$sname." ".$fname." (".$id.")</OPTION>\n";
473         }
474
475         // Free memory
476         SQL_FREERESULT($result);
477
478         // Remeber options in constant
479         define('_MEMBER_SELECTION', $OUT);
480
481         if (!$return)
482         {
483                 // Display selection box
484                 define('__LANG_VALUE', GET_LANGUAGE());
485
486                 // Load template
487                 LOAD_TEMPLATE("admin_member_selection_box", false, $GLOBALS['what']);
488         }
489 }
490 //
491 function ADMIN_MENU_SELECTION($MODE, $default="", $defid="")
492 {
493         $wht = "what != ''";
494         if ($MODE == "action") $wht = "what='' AND action !='login'";
495         $result = SQL_QUERY_ESC("SELECT %s, title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$wht." ORDER BY sort",
496          array($MODE), __FILE__, __LINE__);
497         if (SQL_NUMROWS($result) > 0)
498         {
499                 // Load menu as selection
500                 $OUT = "<SELECT name=\"".$MODE."_menu";
501                 if ((!empty($defid)) || ($defid == "0")) $OUT .= "[".$defid."]";
502                 $OUT .= "\" size=\"1\" class=\"admin_select\">
503   <OPTION value=\"\">".SELECT_NONE."</OPTION>\n";
504                 while (list($menu, $title) = SQL_FETCHROW($result))
505                 {
506                         $OUT .= "  <OPTION value=\"".$menu."\"";
507                         if ((!empty($default)) && ($default == $menu)) $OUT .= " selected=\"selected\"";
508                         $OUT .= ">".$title."</OPTION>\n";
509                 }
510
511                 // Free memory
512                 SQL_FREERESULT($result);
513                 $OUT .= "</SELECT>\n";
514         }
515          else
516         {
517                 // No menus???
518                 $OUT = ADMIN_PROBLEM_NO_MENU;
519         }
520
521         // Return output
522         return $OUT;
523 }
524 //
525 function ADMIN_SAVE_SETTINGS (&$POST, $TABLE, $WHERE="config='1'", $translateComma = array(), $alwaysAdd=false)
526 {
527         global $CONFIG, $CFG_CACHE, $CACHE;
528         $DATA = array();
529         $skip = false; $TEST2 = "";
530         foreach ($POST as $id=>$val) {
531                 // Process only formular field but not submit buttons ;)
532                 if ($id != "ok") {
533                         // Do not save the ok value
534                         $TEST = substr($id, -3);
535                         if ((($TEST == "_ye") || ($TEST == "_mo") || ($TEST == "_we") || ($TEST == "_da") || ($TEST == "_ho") || ($TEST == "_mi") || ($TEST == "_se")) && (isset($val))) {
536                                 // Found a multi-selection for timings?
537                                 $TEST = substr($id, 0, -3);
538                                 if ((isset($POST[$TEST."_ye"])) && (isset($POST[$TEST."_mo"])) && (isset($POST[$TEST."_we"])) && (isset($POST[$TEST."_da"])) && (isset($POST[$TEST."_ho"])) && (isset($POST[$TEST."_mi"])) && (isset($POST[$TEST."_se"])) && ($TEST != $TEST2)) {
539                                         // Generate timestamp
540                                         $POST[$TEST] = CREATE_TIMESTAMP_FROM_SELECTIONS($TEST, $POST);
541                                         $DATA[] = "$TEST='".$POST[$TEST]."'";
542
543                                         // Remove data from array
544                                         unset($POST[$TEST."_ye"]);
545                                         unset($POST[$TEST."_mo"]);
546                                         unset($POST[$TEST."_we"]);
547                                         unset($POST[$TEST."_da"]);
548                                         unset($POST[$TEST."_ho"]);
549                                         unset($POST[$TEST."_mi"]);
550                                         unset($POST[$TEST."_se"]);
551
552                                         // Skip adding
553                                         unset($id); $skip = true; $TEST2 = $TEST;
554                                 }
555                         } else {
556                                 // Process this entry
557                                 $skip = false; $TEST2 = "";
558                         }
559
560                         // Shall we process this ID? It muss not be empty, of course
561                         if ((!$skip) && (!empty($id))) {
562                                 // Save this entry
563                                 $val = COMPILE_CODE($val);
564
565                                 // Translate the value? (comma to dot!)
566                                 if ((is_array($translateComma)) && (in_array($id, $translateComma))) {
567                                         // Then do it here... :)
568                                         $val = str_replace(",", ".", $val);
569                                 }
570
571                                 // Shall we add numbers or strings?
572                                 $test = (float)$val;
573                                 if ("".$val."" == "".$test."") {
574                                         // Add numbers
575                                         $DATA[] = $id."=".$val."";
576                                 } else {
577                                         // Add strings
578                                         $DATA[] = $id."='".trim($val)."'";
579                                 }
580
581                                 // Update current configuration
582                                 $CONFIG[$id] = $val;
583                         }
584                 }
585         }
586
587         // Check if entry does exist
588         $result = false;
589         if (!$alwaysAdd) {
590                 if (!empty($WHERE)) {
591                         $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$TABLE." WHERE ".$WHERE." LIMIT 1", __FILE__, __LINE__);
592                 } else {
593                         $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$TABLE." LIMIT 1", __FILE__, __LINE__);
594                 }
595         }
596
597         if (SQL_NUMROWS($result) == 1) {
598                 // "Implode" all data to single string
599                 $DATA_UPDATE = implode(", ", $DATA);
600
601                 // Generate SQL string
602                 $SQL = "UPDATE "._MYSQL_PREFIX.$TABLE." SET ".$DATA_UPDATE." WHERE ".$WHERE." LIMIT 1";
603         } else {
604                 // Add Line (does only work with auto_increment!
605                 $KEYs = array(); $VALUEs = array();
606                 foreach ($DATA as $entry) {
607                         // Split up
608                         $line = explode("=", $entry);
609                         $KEYs[] = $line[0]; $VALUEs[] = $line[1];
610                 }
611
612                 // Add both in one line
613                 $KEYs = implode(", ", $KEYs);
614                 $VALUEs = implode(", ", $VALUEs);
615
616                 // Generate SQL string
617                 $SQL = "INSERT INTO "._MYSQL_PREFIX.$TABLE." (".$KEYs.") VALUES(".$VALUEs.")";
618         }
619
620         // Free memory
621         SQL_FREERESULT($result);
622
623         // Simply run generated SQL string
624         $result = SQL_QUERY($SQL, __FILE__, __LINE__);
625
626         // Is the config table updated and the cache extension installed?
627         if ((GET_EXT_VERSION("cache") >= "0.1.2") && ($TABLE == "_config")) {
628                 // Remove it here...
629                 if ($CACHE->cache_file("config", true)) $CACHE->cache_destroy();
630                 unset($CFG_CACHE);
631         }
632
633         // Settings saved
634         LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_done\">".SETTINGS_SAVED."</STRONG>");
635 }
636 //
637 function ADMIN_MAKE_MENU_SELECTION($menu, $type, $name, $default="") {
638         // Init the selection box
639         $OUT = "<SELECT name=\"".$name."\" class=\"admin_select\" size=\"1\">\n <OPTION value=\"\">".IS_TOP_MENU."</OPTION>\n";
640
641         // Open the requested menu directory
642         $handle = opendir(PATH."inc/modules/".$menu."/") or mxchange_die("Cannot load menu ".$menu."!");
643         while ($file = readdir($handle)) {
644                 // Is this a PHP script?
645                 if (($file != ".") && ($file != "..") && ($file != "lost+found") && (strpos($file, "".$type."-") > -1) && (strpos($file, ".php") > 0)) {
646                         // Then test if the file is readable
647                         $test = PATH."inc/modules/".$menu."/".$file;
648                         if (is_readable($test)) {
649                                 // Extract the value for what=xxx
650                                 $part = substr($file, (strlen($type) + 1)); $part = substr($part, 0, strpos($part, ".php"));
651
652                                 // Is that part different from the overview?
653                                 if ($part != "overview") {
654                                         $OUT .= "       <OPTION value=\"".$part."\"";
655                                         if ($part == $default) $OUT .= "selected";
656                                         $OUT .= ">".$part."</OPTION>\n";
657                                 }
658                         }
659                 }
660         }
661         closedir($handle);
662         $OUT .= "</SELECT>\n";
663         return $OUT;
664 }
665 //
666 function ADMIN_USER_PROFILE_LINK($uid, $title="", $wht="list_user")
667 {
668         if (($title == "") && ($title != "0")) { $title = $uid; }
669         if (($title == "0") && ($wht == "list_refs"))
670         {
671                 // Return title again
672                 return $title;
673         }
674
675         //* DEBUG: */ echo "A:".$title."<BR>";
676         // Return link
677         return "<A href=\"".URL."/modules.php?module=admin&amp;what=".$wht."&amp;u_id=".$uid."\" title=\"".ADMIN_USER_PROFILE_TITLE."\">".$title."</A>";
678 }
679 //
680 function ADMIN_CHECK_MENU_MODE()
681 {
682         global $CONFIG, $ADMINS, $_COOKIE;
683
684         // Set the global mode as the mode for all admins
685         $MODE = $CONFIG['admin_menu']; $ADMIN = $MODE;
686
687         // Check individual settings of current admin
688         if (isset($ADMINS['la_mode'][$_COOKIE['admin_login']]))
689         {
690                 // Load from cache
691                 $ADMIN = $ADMINS['la_mode'][$_COOKIE['admin_login']];
692                 $CONFIG['cache_hits']++;
693         }
694          elseif (GET_EXT_VERSION("admins") >= "0.6.7")
695         {
696                 // Load from database when version of "admins" is enough
697                 $result = SQL_QUERY_ESC("SELECT la_mode FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
698                  array($_COOKIE['admin_login']), __FILE__, __LINE__);
699                 if (SQL_NUMROWS($result) == 1)
700                 {
701                         // Load data
702                         list($ADMIN) = SQL_FETCHROW($result);
703                 }
704
705                 // Free memory
706                 SQL_FREERESULT($result);
707         }
708
709         // Check what the admin wants and set it when it's not the global mode
710         if ($ADMIN != "global") $MODE = $ADMIN;
711
712         // Return admin-menu's mode
713         return $MODE;
714 }
715 // Change activation status
716 function ADMIN_CHANGE_ACTIVATION_STATUS (array $IDs, $table, $row, $idRow = "id") {
717         global $CONFIG;
718         $cnt = 0; $newStatus = "Y";
719         if (count($IDs) > 0) {
720                 // "Walk" all through and count them
721                 foreach ($IDs as $id=>$selected) {
722                         // Secure the ID number
723                         $id = bigintval($id);
724
725                         // Should always be 1 ;-)
726                         if ($selected == 1) {
727                                 // Determine new status
728                                 $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_%s WHERE %s=%d LIMIT 1",
729                                         array($row, $table, $idRow, $id), __FILE__, __LINE__);
730
731                                 // Row found?
732                                 if (SQL_NUMROWS($result) == 1) {
733                                         // Load the status
734                                         list($currStatus) = SQL_FETCHROW($result);
735                                         if ($currStatus == "Y") $newStatus="N"; else $newStatus = "Y";
736
737                                         // Change this status
738                                         SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s SET %s='%s' WHERE %s=%d LIMIT 1",
739                                                 array($table, $row, $newStatus, $idRow, $id), __FILE__, __LINE__);
740
741                                         // Count up affected rows
742                                         $cnt += SQL_AFFECTEDROWS();
743                                 }
744
745                                 // Free the result
746                                 SQL_FREERESULT($result);
747                         }
748                 }
749
750                 // Output status
751                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_STATUS_CHANGED_1.$cnt.ADMIN_STATUS_CHANGED_2.count($IDs).ADMIN_STATUS_CHANGED_3);
752         } else {
753                 // Nothing selected!
754                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NOTHING_SELECTED_CHANGE);
755         }
756 }
757 // Delete rows by given ID numbers
758 function ADMIN_DELETE_ENTRIES_CONFIRM (array $IDs, $table, $row, array $columns = array(), array $filterFunctions = array(), $deleteNow=false, $idRow="id") {
759         global $CONFIG;
760         $OUT = ""; $SW = 2;
761         if (count($IDs) > 0) {
762                 // "Walk" through all entries and count them
763                 if ($deleteNow) {
764                         // Delete them
765                 } else {
766                         // List for confirmation
767                         foreach ($IDs as $id=>$selected) {
768                                 // Secure ID number
769                                 $id = bigintval($id);
770
771                                 // Will always be 1 ;-)
772                                 if ($selected == 1) {
773                                         // Get result from a given column array and table name
774                                         $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idRow, $id);
775
776                                         // Is there one entry?
777                                         if (SQL_NUMROWS($result) == 1) {
778                                                 // Load all data
779                                                 $content = SQL_FETCHARRAY($result);
780
781                                                 // Filter all data
782                                                 foreach ($content as $key=>$value) {
783                                                         // Is a filter function set?
784                                                         $idx = array_search($key, $columns, true);
785                                                         if (!empty($filterFunctions[$idx])) {
786                                                                 // Then call it!
787                                                                 $content[$key] = call_user_func($filterFunctions[$idx], $value);
788                                                         }
789                                                 }
790
791                                                 // Add color switching
792                                                 $content['sw'] = $SW;
793
794                                                 // Then list it again...
795                                                 $OUT .= LOAD_TEMPLATE("admin_del_".$table."_row", true, $content);
796                                                 $SW = 3 - $SW;
797                                         }
798
799                                         // Free the result
800                                         SQL_FREERESULT($result);
801                                 }
802                         }
803
804                         // Load master template
805                         LOAD_TEMPLATE("admin_del_".$table."", false, $OUT);
806                 }
807         }
808 }
809 //
810 ?>