4d3cde5ab730a03bba13a61e79b3832635ce4f97
[mailer.git] / inc / modules / admin / admin-inc.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 08/31/2003 *
4  * ===============                              Last change: 11/23/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : admin-inc.php                                    *
8  * -------------------------------------------------------------------- *
9  * Short description : Administrative related functions                 *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Fuer die Administration benoetigte Funktionen    *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
36 {
37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
38         require($INC);
39 }
40
41 //
42 function REGISTER_ADMIN ($user, $md5, $email=WEBMASTER)
43 {
44         $ret = "failed";
45         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
46          array($user), __FILE__, __LINE__);
47         if (SQL_NUMROWS($result) == 0) {
48                 // Ok, let's create the admin login
49                 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES('%s', '%s', '%s')",
50                  array($user, $md5, $email), __FILE__, __LINE__);
51                 $ret = "done";
52         } else {
53                 // Free memory
54                 SQL_FREERESULT($result);
55
56                 // Login does already exist
57                 $ret = "already";
58         }
59         return $ret;
60 }
61 // Only be executed on login procedure!
62 function CHECK_ADMIN_LOGIN ($admin_login, $password)
63 {
64         global $cacheArray, $_CONFIG, $cacheInstance;
65         $ret = "404"; $pass = "";
66         if (!empty($cacheArray['admins']['aid'][$admin_login])) {
67                 // Get password from cache
68                 $pass = $cacheArray['admins']['password'][$admin_login];
69                 $ret = "pass";
70                 $_CONFIG['cache_hits']++;
71         } else {
72                 // Get password from DB
73                 $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
74                  array($admin_login), __FILE__, __LINE__);
75                 if (SQL_NUMROWS($result) == 1) {
76                         $ret = "pass";
77                         list($pass) = SQL_FETCHROW($result);
78                         SQL_FREERESULT($result);
79                 }
80         }
81
82         //* DEBUG: */ echo "*".$pass."/".md5($password)."/".$ret."<br />";
83         if ((strlen($pass) == 32) && ($pass == md5($password))) {
84                 // Generate new hash
85                 $pass = generateHash($password);
86
87                 // Is the sql_patches not installed, than we cannot have a valid hashed password here!
88                 if (($ret == "pass") && ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == ""))) $ret = "done";
89         } elseif ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) {
90                 // Old hashing way
91                 return $ret;
92         }
93
94         // Generate salt of password
95         define('__SALT', substr($pass, 0, -40));
96         $salt = __SALT;
97
98         // Check if password is same
99         if (($ret == "pass") && ($pass == generateHash($password, $salt)) && (!empty($salt)))   {
100                 // Change the passord hash here
101                 $pass = generateHash($password);
102
103                 // Update password
104                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE login='%s' LIMIT 1",
105                  array($pass, $admin_login), __FILE__, __LINE__);
106
107                 // Shall I remove the cache file?
108                 if ((EXT_IS_ACTIVE("cache")) && ($cacheInstance != false)) {
109                         if ($cacheInstance->cache_file("admins", true)) $cacheInstance->cache_destroy();
110                 }
111
112                 // Login has failed by default... ;-)
113                 $ret = "failed";
114
115                 // Password matches so login here
116                 if (LOGIN_ADMIN($admin_login, $pass)) {
117                         // All done now
118                         $ret = "done";
119                 }
120         } elseif ((empty($salt)) && ($ret == "pass")) {
121                 // Something bad went wrong
122                 $ret = "failed";
123         }
124
125         // Return the result
126         return $ret;
127 }
128
129 // Try to login the admin by setting some session/cookie variables
130 function LOGIN_ADMIN ($adminLogin, $passHash) {
131         // Now set all session variables and return the result
132         return (
133                 (
134                         set_session("admin_md5", generatePassString($passHash))
135                 ) && (
136                         set_session("admin_login", $adminLogin)
137                 ) && (
138                         set_session("admin_last", time())
139                 ) && (
140                         set_session("admin_to", $_POST['timeout'])
141                 )
142         );
143 }
144
145 // Only be executed on cookie checking
146 function CHECK_ADMIN_COOKIES ($admin_login, $password) {
147         global $cacheArray, $_CONFIG;
148         $ret = "404"; $pass = "";
149         if (!empty($cacheArray['admins']['aid'][$admin_login])) {
150                 // Get password from cache
151                 $pass = $cacheArray['admins']['password'][$admin_login];
152                 $ret = "pass";
153                 $_CONFIG['cache_hits']++;
154         } else {
155                 // Get password from DB
156                 $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
157                  array($admin_login), __FILE__, __LINE__);
158                 if (SQL_NUMROWS($result) == 1) {
159                         // Entry found
160                         $ret = "pass";
161
162                         // Fetch password
163                         list($pass) = SQL_FETCHROW($result);
164                 }
165
166                 // Free result
167                 SQL_FREERESULT($result);
168         }
169
170         //* DEBUG: */ echo __FUNCTION__.":".$pass."(".strlen($pass).")/".$password."(".strlen($password).")<br />\n";
171
172         // Check if password matches
173         if (($ret == "pass") && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass)))) {
174                 // Passwords matches!
175                 $ret = "done";
176         }
177
178         // Return result
179         return $ret;
180 }
181 //
182 function admin_WriteData ($file, $comment, $prefix, $suffix, $DATA, $seek=0) {
183         // Initialize some variables
184         $done = false;
185         $seek++;
186         $found = false;
187
188         // Is the file there and read-/write-able?
189         if ((file_exists($file)) && (is_readable($file)) && (is_writeable($file))) {
190                 $search = "CFG: ".$comment;
191                 $tmp = $file.".tmp";
192
193                 // Open the source file
194                 $fp = @fopen($file, 'r') or OUTPUT_HTML("<STRONG>READ:</STRONG> ".$file."<br />");
195
196                 // Is the resource valid?
197                 if (is_resource($fp)) {
198                         // Open temporary file
199                         $fp_tmp = @fopen($tmp, 'w') or OUTPUT_HTML("<STRONG>WRITE:</STRONG> ".$tmp."<br />");
200
201                         // Is the resource again valid?
202                         if (is_resource($fp_tmp)) {
203                                 while (!feof($fp)) {
204                                         // Read from source file
205                                         $line = fgets ($fp, 1024);
206
207                                         if (strpos($line, $search) > -1) { $next = 0; $found = true; }
208
209                                         if ($next > -1) {
210                                                 if ($next == $seek) {
211                                                         $next = -1;
212                                                         $line = $prefix . $DATA . $suffix."\n";
213                                                 } else {
214                                                         $next++;
215                                                 }
216                                         }
217
218                                         // Write to temp file
219                                         fputs($fp_tmp, $line);
220                                 }
221
222                                 // Close temp file
223                                 fclose($fp_tmp);
224
225                                 // Finished writing tmp file
226                                 $done = true;
227                         }
228
229                         // Close source file
230                         fclose($fp);
231
232                         if (($done) && ($found)) {
233                                 // Copy back tmp file and delete tmp :-)
234                                 @copy($tmp, $file);
235                                 @unlink($tmp);
236                                 define('_FATAL', false);
237                         } elseif (!$found) {
238                                 OUTPUT_HTML("<STRONG>CHANGE:</STRONG> 404!");
239                                 define('_FATAL', true);
240                         } else {
241                                 OUTPUT_HTML("<STRONG>TMP:</STRONG> UNDONE!");
242                                 define('_FATAL', true);
243                         }
244                 }
245         } else {
246                 // File not found, not readable or writeable
247                 OUTPUT_HTML("<STRONG>404:</STRONG> ".$file."<br />");
248         }
249 }
250
251 //
252 function ADMIN_DO_ACTION($wht)
253 {
254         global $menuDesription, $menuTitle, $_CONFIG, $cacheArray, $link, $DATA, $DEPTH;
255         //* DEBUG: */ echo __LINE__."*".$wht."/".$GLOBALS['module']."/".$GLOBALS['action']."/".$GLOBALS['what']."*<br />\n";
256         if (EXT_IS_ACTIVE("cache"))
257         {
258                 // Include cache instance
259                 global $cacheInstance;
260         }
261
262         // Remove any spaces from variable
263         if (empty($wht))
264         {
265                 // Default admin action is the overview page
266                 $wht = "overview";
267         }
268          else
269         {
270                 // Compile out some chars
271                 $wht = COMPILE_CODE($wht, false, false, false);
272         }
273
274         // Get action value
275         $act = GET_ACTION($GLOBALS['module'], $wht);
276
277         // Define admin login name and ID number
278         define('__ADMIN_LOGIN', SQL_ESCAPE(get_session('admin_login')));
279         define('__ADMIN_ID'   , GET_ADMIN_ID(get_session('admin_login')));
280
281         // Preload templates
282         if (EXT_IS_ACTIVE("admins")) {
283                 define('__ADMIN_WELCOME', LOAD_TEMPLATE("admin_welcome_admins", true));
284         } else {
285                 define('__ADMIN_WELCOME', LOAD_TEMPLATE("admin_welcome", true));
286         }
287         define('__ADMIN_FOOTER' , LOAD_TEMPLATE("admin_footer" , true));
288         define('__ADMIN_MENU'   , ADD_ADMIN_MENU($act, $wht, true));
289
290         // Tableset header
291         LOAD_TEMPLATE("admin_main_header");
292
293         // Check if action/what pair is valid
294         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu
295 WHERE action='%s' AND ((what='%s' AND what != 'overview') OR (what='' AND '%s'='overview'))
296 LIMIT 1", array($act, $wht, $wht), __FILE__, __LINE__);
297         if (SQL_NUMROWS($result) == 1)
298         {
299                 // Free memory
300                 SQL_FREERESULT($result);
301
302                 // Is valid but does the inlcude file exists?
303                 $INC = sprintf(PATH."inc/modules/admin/action-%s.php", $act);
304                 if ((file_exists($INC)) && (is_readable($INC)) && (VALIDATE_MENU_ACTION("admin", $act, $wht)) && (__ACL_ALLOW == true))
305                 {
306                         // Ok, we finally load the admin action module
307                         include($INC);
308                 }
309                  elseif (__ACL_ALLOW == false)
310                 {
311                         // Access denied
312                         LOAD_TEMPLATE("admin_menu_failed", false, ADMINS_ACCESS_DENIED);
313                         ADD_FATAL(ADMINS_ACCESS_DENIED);
314                 }
315                  else
316                 {
317                         // Include file not found! :-(
318                         LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_404_ACTION);
319                         ADD_FATAL(ADMIN_404_ACTION_1.$act.ADMIN_404_ACTION_2);
320                 }
321         } else {
322                 // Invalid action/what pair found!
323                 LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_INVALID_ACTION);
324                 ADD_FATAL(ADMIN_INVALID_ACTION_1.$act."/".$wht.ADMIN_INVALID_ACTION_2);
325         }
326
327         // Tableset footer
328         LOAD_TEMPLATE("admin_main_footer");
329 }
330 //
331 function ADD_ADMIN_MENU($act, $wht,$return=false)
332 {
333         global $menuDesription, $menuTitle, $link;
334         $SUB = false;
335
336         // Menu descriptions
337         $menuDesription = array();
338         $menuTitle = array();
339
340         // Build main menu
341         $result_main = SQL_QUERY("SELECT action, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' ORDER BY sort, id DESC", __FILE__, __LINE__);
342         $OUT = "";
343         if (SQL_NUMROWS($result_main) > 0)
344         {
345                 $OUT = "<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_main\">
346 <TR><TD colspan=\"2\" height=\"7\" class=\"seperator\">&nbsp;</TD></TR>\n";
347                 while (list($menu, $title, $descr) = SQL_FETCHROW($result_main))
348                 {
349                         if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2"))
350                         {
351                                 $ACL = ADMINS_CHECK_ACL($menu, "");
352                         }
353                          else
354                         {
355                                 // ACL is "allow"... hmmm
356                                 $ACL = true;
357                         }
358                         if ($ACL)
359                         {
360                                 if (!$SUB)
361                                 {
362                                         // Insert compiled menu title and description
363                                         $menuTitle[$menu]        = $title;
364                                         $menuDesription[$menu] = $descr;
365                                 }
366                                 $OUT .= "<TR>
367         <TD class=\"admin_menu\" colspan=\"2\">
368                 <NOBR>&nbsp;<STRONG>&middot;</STRONG>&nbsp;";
369                                         if (($menu == $act) && (empty($wht)))
370                                 {
371                                         $OUT .= "<STRONG>";
372                                 }
373                                  else
374                                 {
375                                         $OUT .= "[&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;action=".$menu."\">";
376                                 }
377                                 $OUT .= $title;
378                                         if (($menu == $act) && (empty($wht)))
379                                 {
380                                         $OUT .= "</STRONG>";
381                                 }
382                                  else
383                                 {
384                                         $OUT .= "</A>&nbsp;]";
385                                 }
386                                 $OUT .= "</NOBR></TD>
387 </TR>\n";
388                                 $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' ORDER BY sort, id DESC",
389                                  array($menu), __FILE__, __LINE__);
390                                 if ((SQL_NUMROWS($result_what) > 0) && ($act == $menu))
391                                 {
392                                         $menuDesription = array();
393                                         $menuTitle = array(); $SUB = true;
394                                         $OUT .= "<TR>
395         <TD width=\"10\" class=\"seperator\">&nbsp;</TD>
396         <TD class=\"admin_menu\">
397                 <TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_sub\">\n";
398                                                 while (list($wht_sub, $title_what, $desc_what) = SQL_FETCHROW($result_what))
399                                         {
400                                                 // Filename
401                                                 $INC = sprintf(PATH."inc/modules/admin/what-%s.php", $wht_sub);
402                                                 if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2"))
403                                                 {
404                                                         $ACL = ADMINS_CHECK_ACL("", $wht_sub);
405                                                 }
406                                                  else
407                                                 {
408                                                         // ACL is "allow"... hmmm
409                                                         $ACL = true;
410                                                 }
411                                                 $readable = ((file_exists($INC)) && (is_readable($INC)));
412                                                 if ($ACL)
413                                                 {
414                                                         // Insert compiled title and description
415                                                         $menuTitle[$wht_sub]        = $title_what;
416                                                         $menuDesription[$wht_sub] = $desc_what;
417                                                         $OUT .= "<TR>
418         <TD class=\"admin_menu\" colspan=\"2\">
419                 <NOBR>&nbsp;<STRONG>--&gt;</STRONG>&nbsp;";
420                                                         if ($readable)
421                                                         {
422                                                                 if ($wht == $wht_sub)
423                                                                 {
424                                                                         $OUT .= "<STRONG>";
425                                                                 }
426                                                                  else
427                                                                 {
428                                                                         $OUT .= "[&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;what=".$wht_sub."\">";
429                                                                 }
430                                                         }
431                                                          else
432                                                         {
433                                                                 $OUT .= "<I class=\"admin_note\">";
434                                                         }
435                                                         $OUT .= $title_what;
436                                                         if ($readable)
437                                                         {
438                                                                 if ($wht == $wht_sub)
439                                                                 {
440                                                                         $OUT .= "</STRONG>";
441                                                                 }
442                                                                  else
443                                                                 {
444                                                                         $OUT .= "</A>&nbsp;]";
445                                                                 }
446                                                         }
447                                                          else
448                                                         {
449                                                                 $OUT .= "</I>";
450                                                         }
451                                                         $OUT .= "</NOBR></TD>
452 </TR>\n";
453                                                 }
454                                         }
455
456                                         // Free memory
457                                         SQL_FREERESULT($result_what);
458                                         $OUT .= "    </TABLE>
459         </TD>
460 </TR>\n";
461                                 }
462                                 $OUT .= "<TR><TD height=\"7\" colspan=\"2\"></TD></TR>\n";
463                         }
464                 }
465
466                 // Free memory
467                 SQL_FREERESULT($result_main);
468                 $OUT .= "</TABLE>\n";
469         }
470
471         // Compile and run the code here. This inserts all constants into the
472         // HTML output. Costs me some time to figure this out... *sigh* Quix0r
473         $eval = "\$OUT = \"".COMPILE_CODE(addslashes($OUT))."\";";
474         eval($eval);
475
476         // Return or output content?
477         if ($return) {
478                 return $OUT;
479         } else {
480                 OUTPUT_HTML($OUT);
481         }
482 }
483 //
484 function ADD_MEMBER_SELECTION_BOX($add_all = false, $return = false, $none = false, $def = "0")
485 {
486         // Output selection form with all confirmed user accounts listed
487         $result = SQL_QUERY("SELECT userid, surname, family FROM "._MYSQL_PREFIX."_user_data ORDER BY userid", __FILE__, __LINE__);
488         $OUT = "";
489
490         // USe this only for adding points (e.g. adding refs really makes no sence ;-) )
491         if ($add_all) $OUT = "      <OPTION value=\"all\">".ALL_MEMBERS."</OPTION>\n";
492          elseif ($none) $OUT = "      <OPTION value=\"0\">".SELECT_NONE."</OPTION>\n";
493         while (list($id, $sname, $fname) = SQL_FETCHROW($result))
494         {
495                 $OUT .= "      <OPTION value=\"".$id."\"";
496                 if ($def == $id) $OUT .= " selected=\"selected\"";
497                 $OUT .= ">".$sname." ".$fname." (".$id.")</OPTION>\n";
498         }
499
500         // Free memory
501         SQL_FREERESULT($result);
502
503         // Remeber options in constant
504         define('_MEMBER_SELECTION', $OUT);
505
506         if (!$return) {
507                 // Display selection box
508                 define('__LANG_VALUE', GET_LANGUAGE());
509
510                 // Load template
511                 LOAD_TEMPLATE("admin_member_selection_box", false, $GLOBALS['what']);
512         }
513 }
514 //
515 function ADMIN_MENU_SELECTION($MODE, $default="", $defid="") {
516         $wht = "what != ''";
517         if ($MODE == "action") $wht = "what='' AND action !='login'";
518         $result = SQL_QUERY_ESC("SELECT %s, title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$wht." ORDER BY sort",
519          array($MODE), __FILE__, __LINE__);
520         if (SQL_NUMROWS($result) > 0)
521         {
522                 // Load menu as selection
523                 $OUT = "<SELECT name=\"".$MODE."_menu";
524                 if ((!empty($defid)) || ($defid == "0")) $OUT .= "[".$defid."]";
525                 $OUT .= "\" size=\"1\" class=\"admin_select\">
526         <OPTION value=\"\">".SELECT_NONE."</OPTION>\n";
527                 while (list($menu, $title) = SQL_FETCHROW($result))
528                 {
529                         $OUT .= "  <OPTION value=\"".$menu."\"";
530                         if ((!empty($default)) && ($default == $menu)) $OUT .= " selected=\"selected\"";
531                         $OUT .= ">".$title."</OPTION>\n";
532                 }
533
534                 // Free memory
535                 SQL_FREERESULT($result);
536                 $OUT .= "</SELECT>\n";
537         }
538          else
539         {
540                 // No menus???
541                 $OUT = ADMIN_PROBLEM_NO_MENU;
542         }
543
544         // Return output
545         return $OUT;
546 }
547 //
548 function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="config=0", $translateComma = array(), $alwaysAdd=false)
549 {
550         global $_CONFIG, $cacheArray, $cacheInstance;
551         $DATA = array();
552         $skip = false; $TEST2 = "";
553         foreach ($POST as $id=>$val) {
554                 // Process only formular field but not submit buttons ;)
555                 if ($id != "ok") {
556                         // Do not save the ok value
557                         $TEST = substr($id, -3);
558                         if ((($TEST == "_ye") || ($TEST == "_mo") || ($TEST == "_we") || ($TEST == "_da") || ($TEST == "_ho") || ($TEST == "_mi") || ($TEST == "_se")) && (isset($val))) {
559                                 // Found a multi-selection for timings?
560                                 $TEST = substr($id, 0, -3);
561                                 if ((isset($POST[$TEST."_ye"])) && (isset($POST[$TEST."_mo"])) && (isset($POST[$TEST."_we"])) && (isset($POST[$TEST."_da"])) && (isset($POST[$TEST."_ho"])) && (isset($POST[$TEST."_mi"])) && (isset($POST[$TEST."_se"])) && ($TEST != $TEST2)) {
562                                         // Generate timestamp
563                                         $POST[$TEST] = CREATE_TIMESTAMP_FROM_SELECTIONS($TEST, $POST);
564                                         $DATA[] = "$TEST='".$POST[$TEST]."'";
565
566                                         // Remove data from array
567                                         unset($POST[$TEST."_ye"]);
568                                         unset($POST[$TEST."_mo"]);
569                                         unset($POST[$TEST."_we"]);
570                                         unset($POST[$TEST."_da"]);
571                                         unset($POST[$TEST."_ho"]);
572                                         unset($POST[$TEST."_mi"]);
573                                         unset($POST[$TEST."_se"]);
574
575                                         // Skip adding
576                                         unset($id); $skip = true; $TEST2 = $TEST;
577                                 }
578                         } else {
579                                 // Process this entry
580                                 $skip = false; $TEST2 = "";
581                         }
582
583                         // Shall we process this ID? It muss not be empty, of course
584                         if ((!$skip) && (!empty($id))) {
585                                 // Save this entry
586                                 $val = COMPILE_CODE($val);
587
588                                 // Translate the value? (comma to dot!)
589                                 if ((is_array($translateComma)) && (in_array($id, $translateComma))) {
590                                         // Then do it here... :)
591                                         $val = str_replace(",", ".", $val);
592                                 }
593
594                                 // Shall we add numbers or strings?
595                                 $test = (float)$val;
596                                 if ("".$val."" == "".$test."") {
597                                         // Add numbers
598                                         $DATA[] = $id."=".$val."";
599                                 } else {
600                                         // Add strings
601                                         $DATA[] = $id."='".trim($val)."'";
602                                 }
603
604                                 // Update current configuration
605                                 $_CONFIG[$id] = $val;
606                         }
607                 }
608         }
609
610         // Check if entry does exist
611         $result = false;
612         if (!$alwaysAdd) {
613                 if (!empty($whereStatement)) {
614                         $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$tableName." WHERE ".$whereStatement." LIMIT 1", __FILE__, __LINE__);
615                 } else {
616                         $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$tableName." LIMIT 1", __FILE__, __LINE__);
617                 }
618         }
619
620         if (SQL_NUMROWS($result) == 1) {
621                 // "Implode" all data to single string
622                 $DATA_UPDATE = implode(", ", $DATA);
623
624                 // Generate SQL string
625                 $SQL = "UPDATE "._MYSQL_PREFIX.$tableName." SET ".$DATA_UPDATE." WHERE ".$whereStatement." LIMIT 1";
626         } else {
627                 // Add Line (does only work with auto_increment!
628                 $KEYs = array(); $VALUEs = array();
629                 foreach ($DATA as $entry) {
630                         // Split up
631                         $line = explode("=", $entry);
632                         $KEYs[] = $line[0]; $VALUEs[] = $line[1];
633                 }
634
635                 // Add both in one line
636                 $KEYs = implode(", ", $KEYs);
637                 $VALUEs = implode(", ", $VALUEs);
638
639                 // Generate SQL string
640                 $SQL = "INSERT INTO "._MYSQL_PREFIX.$tableName." (".$KEYs.") VALUES(".$VALUEs.")";
641         }
642
643         // Free memory
644         SQL_FREERESULT($result);
645
646         // Simply run generated SQL string
647         $result = SQL_QUERY($SQL, __FILE__, __LINE__);
648
649         // Is the config table updated and the cache extension installed?
650         if ((GET_EXT_VERSION("cache") >= "0.1.2") && ($tableName == "_config")) {
651                 // Remove it here...
652                 if ($cacheInstance->cache_file("config", true)) $cacheInstance->cache_destroy();
653                 unset($cacheArray);
654         }
655
656         // Settings saved
657         LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_done\">".SETTINGS_SAVED."</STRONG>");
658 }
659 //
660 function ADMIN_MAKE_MENU_SELECTION($menu, $type, $name, $default="") {
661         // Init the selection box
662         $OUT = "<SELECT name=\"".$name."\" class=\"admin_select\" size=\"1\">\n <OPTION value=\"\">".IS_TOP_MENU."</OPTION>\n";
663
664         // Open the requested menu directory
665         $handle = opendir(PATH."inc/modules/".$menu."/") or mxchange_die("Cannot load menu ".$menu."!");
666         while ($file = readdir($handle)) {
667                 // Is this a PHP script?
668                 if (($file != ".") && ($file != "..") && ($file != "lost+found") && (strpos($file, "".$type."-") > -1) && (strpos($file, ".php") > 0)) {
669                         // Then test if the file is readable
670                         $test = PATH."inc/modules/".$menu."/".$file;
671                         if (is_readable($test)) {
672                                 // Extract the value for what=xxx
673                                 $part = substr($file, (strlen($type) + 1)); $part = substr($part, 0, strpos($part, ".php"));
674
675                                 // Is that part different from the overview?
676                                 if ($part != "overview") {
677                                         $OUT .= "       <OPTION value=\"".$part."\"";
678                                         if ($part == $default) $OUT .= "selected";
679                                         $OUT .= ">".$part."</OPTION>\n";
680                                 }
681                         }
682                 }
683         }
684         closedir($handle);
685         $OUT .= "</SELECT>\n";
686         return $OUT;
687 }
688 //
689 function ADMIN_USER_PROFILE_LINK($uid, $title="", $wht="list_user")
690 {
691         if (($title == "") && ($title != "0")) { $title = $uid; }
692         if (($title == "0") && ($wht == "list_refs"))
693         {
694                 // Return title again
695                 return $title;
696         }
697
698         //* DEBUG: */ echo "A:".$title."<br />";
699         // Return link
700         return "<A href=\"".URL."/modules.php?module=admin&amp;what=".$wht."&amp;u_id=".$uid."\" title=\"".ADMIN_USER_PROFILE_TITLE."\">".$title."</A>";
701 }
702 //
703 function ADMIN_CHECK_MENU_MODE()
704 {
705         global $_CONFIG, $cacheArray;
706
707         // Set the global mode as the mode for all admins
708         $MODE = $_CONFIG['admin_menu']; $ADMIN = $MODE;
709
710         // Check individual settings of current admin
711         if (isset($cacheArray['admins']['la_mode'][get_session('admin_login')]))
712         {
713                 // Load from cache
714                 $ADMIN = $cacheArray['admins']['la_mode'][get_session('admin_login')];
715                 $_CONFIG['cache_hits']++;
716         }
717          elseif (GET_EXT_VERSION("admins") >= "0.6.7")
718         {
719                 // Load from database when version of "admins" is enough
720                 $result = SQL_QUERY_ESC("SELECT la_mode FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
721                  array(get_session('admin_login')), __FILE__, __LINE__);
722                 if (SQL_NUMROWS($result) == 1)
723                 {
724                         // Load data
725                         list($ADMIN) = SQL_FETCHROW($result);
726                 }
727
728                 // Free memory
729                 SQL_FREERESULT($result);
730         }
731
732         // Check what the admin wants and set it when it's not the global mode
733         if ($ADMIN != "global") $MODE = $ADMIN;
734
735         // Return admin-menu's mode
736         return $MODE;
737 }
738 // Change activation status
739 function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") {
740         global $_CONFIG;
741         $cnt = 0; $newStatus = 'Y';
742         if ((is_array($IDs)) && (count($IDs) > 0)) {
743                 // "Walk" all through and count them
744                 foreach ($IDs as $id=>$selected) {
745                         // Secure the ID number
746                         $id = bigintval($id);
747
748                         // Should always be 1 ;-)
749                         if ($selected == 1) {
750                                 // Determine new status
751                                 $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_%s WHERE %s=%d LIMIT 1",
752                                         array($row, $table, $idRow, $id), __FILE__, __LINE__);
753
754                                 // Row found?
755                                 if (SQL_NUMROWS($result) == 1) {
756                                         // Load the status
757                                         list($currStatus) = SQL_FETCHROW($result);
758                                         if ($currStatus == 'Y') $newStatus='N'; else $newStatus = 'Y';
759
760                                         // Change this status
761                                         SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s SET %s='%s' WHERE %s=%d LIMIT 1",
762                                                 array($table, $row, $newStatus, $idRow, $id), __FILE__, __LINE__);
763
764                                         // Count up affected rows
765                                         $cnt += SQL_AFFECTEDROWS();
766                                 }
767
768                                 // Free the result
769                                 SQL_FREERESULT($result);
770                         }
771                 }
772
773                 // Output status
774                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_STATUS_CHANGED_1.$cnt.ADMIN_STATUS_CHANGED_2.count($IDs).ADMIN_STATUS_CHANGED_3);
775         } else {
776                 // Nothing selected!
777                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NOTHING_SELECTED_CHANGE);
778         }
779 }
780 // Delete rows by given ID numbers
781 function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $row, $columns = array(), $filterFunctions = array(), $deleteNow=false, $idRow="id") {
782         global $_CONFIG;
783         $OUT = ""; $SW = 2;
784         if ((is_array($IDs)) && (count($IDs) > 0)) {
785                 // "Walk" through all entries and count them
786                 if ($deleteNow) {
787                         // Delete them
788                 } else {
789                         // List for confirmation
790                         foreach ($IDs as $id=>$selected) {
791                                 // Secure ID number
792                                 $id = bigintval($id);
793
794                                 // Will always be 1 ;-)
795                                 if ($selected == 1) {
796                                         // Get result from a given column array and table name
797                                         $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idRow, $id);
798
799                                         // Is there one entry?
800                                         if (SQL_NUMROWS($result) == 1) {
801                                                 // Load all data
802                                                 $content = SQL_FETCHARRAY($result);
803
804                                                 // Filter all data
805                                                 foreach ($content as $key=>$value) {
806                                                         // Is a filter function set?
807                                                         $idx = array_search($key, $columns, true);
808                                                         if (!empty($filterFunctions[$idx])) {
809                                                                 // Then call it!
810                                                                 $content[$key] = call_user_func($filterFunctions[$idx], $value);
811                                                         }
812                                                 }
813
814                                                 // Add color switching
815                                                 $content['sw'] = $SW;
816
817                                                 // Then list it again...
818                                                 $OUT .= LOAD_TEMPLATE("admin_del_".$table."_row", true, $content);
819                                                 $SW = 3 - $SW;
820                                         }
821
822                                         // Free the result
823                                         SQL_FREERESULT($result);
824                                 }
825                         }
826
827                         // Load master template
828                         LOAD_TEMPLATE("admin_del_".$table."", false, $OUT);
829                 }
830         }
831 }
832 //
833 ?>