branch prepared
[mailer.git] / inc / libs / admins_functions.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 06/30/2003 *
4  * ===============                              Last change: 11/27/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : admins_functions.php                             *
8  * -------------------------------------------------------------------- *
9  * Short description : Functions for the admins extension               *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Funktionen fuer die admins-Erweiterung           *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
36 {
37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
38         require($INC);
39 }
40 //
41 function ADMINS_CHECK_ACL($act, $wht)
42 {
43         global $_COOKIE, $ADMINS, $ADMINS_ACLS, $CONFIG;
44         // If action is login or logout allow allways!
45         if (($act == "login") || ($act == "logout")) return true;
46
47         // Default is deny
48         $ret = false;
49
50         // Get admin's defult access right
51         if (!empty($ADMINS['def_acl'][$_COOKIE['admin_login']]))
52         {
53                 // Load from cache
54                 $default = $ADMINS['def_acl'][$_COOKIE['admin_login']];
55
56                 // Count cache hits
57                 $CONFIG['cache_hits']++;
58         }
59          else
60         {
61                 // Load from database
62                 $result = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
63                  array($_COOKIE['admin_login']), __FILE__, __LINE__);
64                 list($default) = SQL_FETCHROW($result);
65                 SQL_FREERESULT($result);
66         }
67
68         // Get admin's ID
69         $aid = GET_ADMIN_ID($_COOKIE['admin_login']);
70
71         if (!empty($wht))
72         {
73                 // Check for parent menu:
74                 // First get it's action value
75                 $parent_action = GET_ACTION("admin", $wht);
76
77                 // Check with this function...
78                 $parent = ADMINS_CHECK_ACL($parent_action, "");
79         }
80          else
81         {
82                 // Anything else is true!
83                 $parent = false;
84         }
85
86         // Shall I test for a main or sub menu? (action or what?)
87         $lines = 0; $acl_mode = "failed";
88         if (GET_EXT_VERSION("cache") >= "0.1.2")
89         {
90                 // Load only from array when there are lines!
91                 if (count($ADMINS_ACLS) > 0)
92                 {
93                         // Load ACL from array
94                         foreach ($ADMINS_ACLS['admin_id'] as $id=>$aid_acls)
95                         {
96                                 if ($aid == $aid_acls)
97                                 {
98                                         // Okay, one line was found!
99                                         if ((!empty($act)) && ($ADMINS_ACLS['action_menu'][$id] == $act))
100                                         {
101                                                 // Main menu line found
102                                                 $acl_mode = $ADMINS_ACLS['access_mode'][$id];
103                                                 $lines = 1;
104                                         }
105                                          elseif ((!empty($wht)) && ($ADMINS_ACLS['what_menu'][$id] == $wht))
106                                         {
107                                                 // Check sub menu
108                                                 $acl_mode = $ADMINS_ACLS['access_mode'][$id];
109                                                 $lines = 1;
110                                         }
111                                         if ($lines == 1)
112                                         {
113                                                 // Count cache hits
114                                                 $CONFIG['cache_hits']++;
115                                                 break;
116                                         }
117                                 }
118                         }
119
120                         // No ACL found?
121                         if ($acl_mode == "failed")
122                         {
123                                 $acl_mode = "";
124                                 $lines = 0;
125                         }
126                 }
127                  else
128                 {
129                         // No lines here
130                         $lines = 0;
131                 }
132         }
133          else
134         {
135                 // Old version, so load it from database
136                 if (!empty($act))
137                 {
138                         // Main menu
139                         $result = SQL_QUERY_ESC("SELECT access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%d AND action_menu='%s' LIMIT 1",
140                          array(bigintval($aid), $act), __FILE__, __LINE__);
141                 }
142                  elseif (!empty($wht))
143                 {
144                         // Sub menu
145                         $result = SQL_QUERY_ESC("SELECT access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%d AND what_menu='%s' LIMIT 1",
146                          array(bigintval($aid), $wht), __FILE__, __LINE__);
147                 }
148
149                 // Get number of lines
150                 $lines = SQL_NUMROWS($result);
151
152                 // Load ACL
153                 list($acl_mode) = SQL_FETCHROW($result);
154                 SQL_FREERESULT($result);
155         }
156
157         // Check ACL and (maybe) allow
158         if ((($default == "allow") && ($lines == 0)) || (($default == "deny") && ($lines == "1") && ($acl_mode == "allow")) || (($lines == 0) && ($parent))) $ret = true;
159
160         // Return value
161         return $ret;
162 }
163 // Create email link to admins's account
164 function ADMINS_CREATE_EMAIL_LINK($email, $mod="admin")
165 {
166         $locked = " AND status='CONFIRMED'";
167         if (IS_ADMIN()) $locked = "";
168         if (strpos("@", $email) > 0)
169         {
170                 // Create email link
171                 $result = SQL_QUERY_ESC("SELECT id
172 FROM "._MYSQL_PREFIX."_admins
173 WHERE email='%s'".$locked." LIMIT 1",
174  array($email), __FILE__, __LINE__);
175                 if (SQL_NUMROWS($result) == 1)
176                 {
177                         // Load userid
178                         list($uid) = SQL_FETCHROW($result);
179
180                         // Rewrite email address to contact link
181                         $email = URL."/modules.php?module=".$mod."&amp;what=user_contct&amp;u_id=".bigintval($uid);
182                 }
183
184                 // Free memory
185                 SQL_FREERESULT($result);
186         }
187          elseif (bigintval($email) > 0)
188         {
189                 // Direct ID given
190                 $email = URL."/modules.php?module=".$mod."&amp;what=admins_contct&amp;admin=".bigintval($email);
191         }
192
193         // Return rewritten (?) email address
194         return $email;
195 }
196 //
197 ?>