6aba44b39868759a95758024e8c5e40a381b0600
[mailer.git] / inc / modules / admin / admin-inc.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 08/31/2003 *
4  * ===============                              Last change: 11/23/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : admin-inc.php                                    *
8  * -------------------------------------------------------------------- *
9  * Short description : Administrative related functions                 *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Fuer die Administration benoetigte Funktionen    *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
36 {
37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
38         require($INC);
39 }
40
41 //
42 function REGISTER_ADMIN ($user, $md5)
43 {
44         $ret = "failed";
45         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
46          array($user), __FILE__, __LINE__);
47         if (SQL_NUMROWS($result) == 0)
48         {
49                 // Ok, let's create the admin login
50                 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES('%s', '%s', '".WEBMASTER."')",
51                  array($user, $md5), __FILE__, __LINE__);
52                 $ret = "done";
53         }
54          else
55         {
56                 // Free memory
57                 SQL_FREERESULT($result);
58
59                 // Login does already exist
60                 $ret = "already";
61         }
62         return $ret;
63 }
64 // Only be executed on login procedure!
65 function CHECK_ADMIN_LOGIN ($admin_login, $password)
66 {
67         global $cacheArray, $_CONFIG, $cacheInstance;
68         $ret = "404"; $pass = "";
69         if (!empty($cacheArray['admins']['aid'][$admin_login]))
70         {
71                 // Get password from cache
72                 $pass = $cacheArray['admins']['password'][$admin_login];
73                 $ret = "pass";
74                 $_CONFIG['cache_hits']++;
75         }
76          else
77         {
78                 // Get password from DB
79                 $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
80                  array($admin_login), __FILE__, __LINE__);
81                 if (SQL_NUMROWS($result) == 1)
82                 {
83                         $ret = "pass";
84                         list($pass) = SQL_FETCHROW($result);
85                         SQL_FREERESULT($result);
86                 }
87         }
88
89         //* DEBUG: */ echo "*".$pass."/".$password."/".$ret."<br />";
90         if ((strlen($pass) == 32) && ($pass == md5($password)))
91         {
92                 // Generate new hash
93                 $pass = generateHash($password);
94                 if (($ret == "pass") && (GET_EXT_VERSION("sql_patches") < "0.3.6")) $ret = "done";
95         }
96          elseif ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == ""))
97         {
98                 // Old hashing way
99                 return $ret;
100         }
101
102         // Generate salt of password
103         define('__SALT', substr($pass, 0, -40));
104         $salt = __SALT;
105
106         // Check if password is same
107         if (($ret == "pass") && ($pass == generateHash($password, $salt)) && (!empty($salt)))
108         {
109                 // Update password
110                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE login='%s' LIMIT 1",
111                  array($pass, $admin_login), __FILE__, __LINE__);
112
113                 // Shall I remove the cache file?
114                 if ((EXT_IS_ACTIVE("cache")) && ($cacheInstance != false))
115                 {
116                         if ($cacheInstance->cache_file("admins", true)) $cacheInstance->cache_destroy();
117                 }
118
119                 // Password matches!
120                 $ret = "done";
121         }
122          elseif ((empty($salt)) && ($ret == "pass"))
123         {
124                 // Something bad went wrong
125                 $ret = "failed";
126         }
127         return $ret;
128 }
129 // Only be executed on cookie checking
130 function CHECK_ADMIN_COOKIES ($admin_login, $password) {
131         global $cacheArray, $_CONFIG;
132         $ret = "404"; $pass = "";
133         if (!empty($cacheArray['admins']['aid'][$admin_login])) {
134                 // Get password from cache
135                 $pass = $cacheArray['admins']['password'][$admin_login];
136                 $ret = "pass";
137                 $_CONFIG['cache_hits']++;
138         } else {
139                 // Get password from DB
140                 $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
141                  array($admin_login), __FILE__, __LINE__);
142                 if (SQL_NUMROWS($result) == 1) {
143                         $ret = "pass";
144                         list($pass) = SQL_FETCHROW($result);
145                         SQL_FREERESULT($result);
146                 }
147         }
148
149         //* DEBUG: */ echo "*".$pass."/".$password."<br />";
150
151         // Check if password matches
152         if (($ret == "pass") && ((generatePassString($pass) == $password) || ($pass == $password))) {
153                 // Passwords matches!
154                 $ret = "done";
155         }
156
157         // Return result
158         return $ret;
159 }
160 //
161 function admin_WriteData ($file, $comment, $prefix, $suffix, $DATA, $seek=0)
162 {
163         $done = false;  $seek++; $found = false;
164         if (file_exists($file))
165         {
166                 $search = "CFG: ".$comment;
167                 $tmp = $file.".tmp";
168                 $fp = fopen($file, 'r') or OUTPUT_HTML("<STRONG>READ:</STRONG> ".$file."<br />");
169                 if ($fp)
170                 {
171                         $fp_tmp = fopen($tmp, 'w') or OUTPUT_HTML("<STRONG>WRITE:</STRONG> ".$tmp."<br />");
172                         if ($fp_tmp)
173                         {
174                                 while (! feof($fp))
175                                 {
176                                         $line = fgets ($fp, 1024);
177                                         if (strpos($line, $search) > -1) { $next = 0; $found = true; }
178                                         if ($next > -1)
179                                         {
180                                                 if ($next == $seek)
181                                                 {
182                                                         $next = -1;
183                                                         $line = $prefix . $DATA . $suffix."\n";
184                                                 }
185                                                  else
186                                                 {
187                                                         $next++;
188                                                 }
189                                         }
190                                         fputs($fp_tmp, $line);
191                                 }
192                                 fclose($fp_tmp);
193                                 // Finished writing tmp file
194                                 $done = true;
195                         }
196                         fclose($fp);
197                         if (($done) && ($found))
198                         {
199                                 // Copy back tmp file and delete tmp :-)
200                                 @copy($tmp, $file);
201                                 @unlink($tmp);
202                                 define('_FATAL', false);
203                         }
204                          elseif (!$found)
205                         {
206                                 OUTPUT_HTML("<STRONG>CHANGE:</STRONG> 404!");
207                                 define('_FATAL', true);
208                         }
209                          else
210                         {
211                                 OUTPUT_HTML("<STRONG>TMP:</STRONG> UNDONE!");
212                                 define('_FATAL', true);
213                         }
214                 }
215         }
216          else
217         {
218                 OUTPUT_HTML("<STRONG>404:</STRONG> ".$file."<br />");
219         }
220 }
221 //
222 function ADMIN_DO_ACTION($wht)
223 {
224         global $menuDesription, $menuTitle, $_CONFIG, $cacheArray, $link, $DATA;
225         //* DEBUG: */ echo __LINE__."*".$wht."/".$GLOBALS['module']."/".$GLOBALS['action']."/".$GLOBALS['what']."*<br />\n";
226         if (EXT_IS_ACTIVE("cache"))
227         {
228                 // Include cache instance
229                 global $cacheInstance;
230         }
231
232         // Remove any spaces from variable
233         if (empty($wht))
234         {
235                 // Default admin action is the overview page
236                 $wht = "overview";
237         }
238          else
239         {
240                 // Compile out some chars
241                 $wht = COMPILE_CODE($wht, false, false, false);
242         }
243
244         // Get action value
245         $act = GET_ACTION($GLOBALS['module'], $wht);
246
247         // Define admin login name and ID number
248         define('__ADMIN_LOGIN', SQL_ESCAPE(get_session('admin_login')));
249         define('__ADMIN_ID'   , GET_ADMIN_ID(get_session('admin_login')));
250
251         // Preload templates
252         if (EXT_IS_ACTIVE("admins")) {
253                 define('__ADMIN_WELCOME', LOAD_TEMPLATE("admin_welcome_admins", true));
254         } else {
255                 define('__ADMIN_WELCOME', LOAD_TEMPLATE("admin_welcome", true));
256         }
257         define('__ADMIN_FOOTER' , LOAD_TEMPLATE("admin_footer" , true));
258         define('__ADMIN_MENU'   , ADD_ADMIN_MENU($act, $wht, true));
259
260         // Tableset header
261         LOAD_TEMPLATE("admin_main_header");
262
263         // Check if action/what pair is valid
264         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu
265 WHERE action='%s' AND ((what='%s' AND what != 'overview') OR (what='' AND '%s'='overview'))
266 LIMIT 1", array($act, $wht, $wht), __FILE__, __LINE__);
267         if (SQL_NUMROWS($result) == 1)
268         {
269                 // Free memory
270                 SQL_FREERESULT($result);
271
272                 // Is valid but does the inlcude file exists?
273                 $INC = sprintf(PATH."inc/modules/admin/action-%s.php", $act);
274                 if ((file_exists($INC)) && (is_readable($INC)) && (VALIDATE_MENU_ACTION("admin", $act, $wht)) && (__ACL_ALLOW == true))
275                 {
276                         // Ok, we finally load the admin action module
277                         include($INC);
278                 }
279                  elseif (__ACL_ALLOW == false)
280                 {
281                         // Access denied
282                         LOAD_TEMPLATE("admin_menu_failed", false, ADMINS_ACCESS_DENIED);
283                         ADD_FATAL(ADMINS_ACCESS_DENIED);
284                 }
285                  else
286                 {
287                         // Include file not found! :-(
288                         LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_404_ACTION);
289                         ADD_FATAL(ADMIN_404_ACTION_1.$act.ADMIN_404_ACTION_2);
290                 }
291         } else {
292                 // Invalid action/what pair found!
293                 LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_INVALID_ACTION);
294                 ADD_FATAL(ADMIN_INVALID_ACTION_1.$act."/".$wht.ADMIN_INVALID_ACTION_2);
295         }
296
297         // Tableset footer
298         LOAD_TEMPLATE("admin_main_footer");
299 }
300 //
301 function ADD_ADMIN_MENU($act, $wht,$return=false)
302 {
303         global $menuDesription, $menuTitle, $link;
304         $SUB = false;
305
306         // Menu descriptions
307         $menuDesription = array();
308         $menuTitle = array();
309
310         // Build main menu
311         $result_main = SQL_QUERY("SELECT action, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' ORDER BY sort, id DESC", __FILE__, __LINE__);
312         $OUT = "";
313         if (SQL_NUMROWS($result_main) > 0)
314         {
315                 $OUT = "<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_main\">
316 <TR><TD colspan=\"2\" height=\"7\" class=\"seperator\">&nbsp;</TD></TR>\n";
317                 while (list($menu, $title, $descr) = SQL_FETCHROW($result_main))
318                 {
319                         if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2"))
320                         {
321                                 $ACL = ADMINS_CHECK_ACL($menu, "");
322                         }
323                          else
324                         {
325                                 // ACL is "allow"... hmmm
326                                 $ACL = true;
327                         }
328                         if ($ACL)
329                         {
330                                 if (!$SUB)
331                                 {
332                                         // Insert compiled menu title and description
333                                         $menuTitle[$menu]        = $title;
334                                         $menuDesription[$menu] = $descr;
335                                 }
336                                 $OUT .= "<TR>
337         <TD class=\"admin_menu\" colspan=\"2\">
338                 <NOBR>&nbsp;<STRONG>&middot;</STRONG>&nbsp;";
339                                         if (($menu == $act) && (empty($wht)))
340                                 {
341                                         $OUT .= "<STRONG>";
342                                 }
343                                  else
344                                 {
345                                         $OUT .= "[&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;action=".$menu."\">";
346                                 }
347                                 $OUT .= $title;
348                                         if (($menu == $act) && (empty($wht)))
349                                 {
350                                         $OUT .= "</STRONG>";
351                                 }
352                                  else
353                                 {
354                                         $OUT .= "</A>&nbsp;]";
355                                 }
356                                 $OUT .= "</NOBR></TD>
357 </TR>\n";
358                                 $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' ORDER BY sort, id DESC",
359                                  array($menu), __FILE__, __LINE__);
360                                 if ((SQL_NUMROWS($result_what) > 0) && ($act == $menu))
361                                 {
362                                         $menuDesription = array();
363                                         $menuTitle = array(); $SUB = true;
364                                         $OUT .= "<TR>
365         <TD width=\"10\" class=\"seperator\">&nbsp;</TD>
366         <TD class=\"admin_menu\">
367                 <TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_sub\">\n";
368                                                 while (list($wht_sub, $title_what, $desc_what) = SQL_FETCHROW($result_what))
369                                         {
370                                                 // Filename
371                                                 $INC = sprintf(PATH."inc/modules/admin/what-%s.php", $wht_sub);
372                                                 if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2"))
373                                                 {
374                                                         $ACL = ADMINS_CHECK_ACL("", $wht_sub);
375                                                 }
376                                                  else
377                                                 {
378                                                         // ACL is "allow"... hmmm
379                                                         $ACL = true;
380                                                 }
381                                                 $readable = ((file_exists($INC)) && (is_readable($INC)));
382                                                 if ($ACL)
383                                                 {
384                                                         // Insert compiled title and description
385                                                         $menuTitle[$wht_sub]        = $title_what;
386                                                         $menuDesription[$wht_sub] = $desc_what;
387                                                         $OUT .= "<TR>
388         <TD class=\"admin_menu\" colspan=\"2\">
389                 <NOBR>&nbsp;<STRONG>--&gt;</STRONG>&nbsp;";
390                                                         if ($readable)
391                                                         {
392                                                                 if ($wht == $wht_sub)
393                                                                 {
394                                                                         $OUT .= "<STRONG>";
395                                                                 }
396                                                                  else
397                                                                 {
398                                                                         $OUT .= "[&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;what=".$wht_sub."\">";
399                                                                 }
400                                                         }
401                                                          else
402                                                         {
403                                                                 $OUT .= "<I class=\"admin_note\">";
404                                                         }
405                                                         $OUT .= $title_what;
406                                                         if ($readable)
407                                                         {
408                                                                 if ($wht == $wht_sub)
409                                                                 {
410                                                                         $OUT .= "</STRONG>";
411                                                                 }
412                                                                  else
413                                                                 {
414                                                                         $OUT .= "</A>&nbsp;]";
415                                                                 }
416                                                         }
417                                                          else
418                                                         {
419                                                                 $OUT .= "</I>";
420                                                         }
421                                                         $OUT .= "</NOBR></TD>
422 </TR>\n";
423                                                 }
424                                         }
425
426                                         // Free memory
427                                         SQL_FREERESULT($result_what);
428                                         $OUT .= "    </TABLE>
429         </TD>
430 </TR>\n";
431                                 }
432                                 $OUT .= "<TR><TD height=\"7\" colspan=\"2\"></TD></TR>\n";
433                         }
434                 }
435
436                 // Free memory
437                 SQL_FREERESULT($result_main);
438                 $OUT .= "</TABLE>\n";
439         }
440
441         // Compile and run the code here. This inserts all constants into the
442         // HTML output. Costs me some time to figure this out... *sigh* Quix0r
443         $eval = "\$OUT = \"".COMPILE_CODE(addslashes($OUT))."\";";
444         eval($eval);
445
446         // Return or output content?
447         if ($return) {
448                 return $OUT;
449         } else {
450                 OUTPUT_HTML($OUT);
451         }
452 }
453 //
454 function ADD_MEMBER_SELECTION_BOX($add_all = false, $return = false, $none = false, $def = "0")
455 {
456         // Output selection form with all confirmed user accounts listed
457         $result = SQL_QUERY("SELECT userid, surname, family FROM "._MYSQL_PREFIX."_user_data ORDER BY userid", __FILE__, __LINE__);
458         $OUT = "";
459
460         // USe this only for adding points (e.g. adding refs really makes no sence ;-) )
461         if ($add_all) $OUT = "      <OPTION value=\"all\">".ALL_MEMBERS."</OPTION>\n";
462          elseif ($none) $OUT = "      <OPTION value=\"0\">".SELECT_NONE."</OPTION>\n";
463         while (list($id, $sname, $fname) = SQL_FETCHROW($result))
464         {
465                 $OUT .= "      <OPTION value=\"".$id."\"";
466                 if ($def == $id) $OUT .= " selected=\"selected\"";
467                 $OUT .= ">".$sname." ".$fname." (".$id.")</OPTION>\n";
468         }
469
470         // Free memory
471         SQL_FREERESULT($result);
472
473         // Remeber options in constant
474         define('_MEMBER_SELECTION', $OUT);
475
476         if (!$return) {
477                 // Display selection box
478                 define('__LANG_VALUE', GET_LANGUAGE());
479
480                 // Load template
481                 LOAD_TEMPLATE("admin_member_selection_box", false, $GLOBALS['what']);
482         }
483 }
484 //
485 function ADMIN_MENU_SELECTION($MODE, $default="", $defid="") {
486         $wht = "what != ''";
487         if ($MODE == "action") $wht = "what='' AND action !='login'";
488         $result = SQL_QUERY_ESC("SELECT %s, title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$wht." ORDER BY sort",
489          array($MODE), __FILE__, __LINE__);
490         if (SQL_NUMROWS($result) > 0)
491         {
492                 // Load menu as selection
493                 $OUT = "<SELECT name=\"".$MODE."_menu";
494                 if ((!empty($defid)) || ($defid == "0")) $OUT .= "[".$defid."]";
495                 $OUT .= "\" size=\"1\" class=\"admin_select\">
496         <OPTION value=\"\">".SELECT_NONE."</OPTION>\n";
497                 while (list($menu, $title) = SQL_FETCHROW($result))
498                 {
499                         $OUT .= "  <OPTION value=\"".$menu."\"";
500                         if ((!empty($default)) && ($default == $menu)) $OUT .= " selected=\"selected\"";
501                         $OUT .= ">".$title."</OPTION>\n";
502                 }
503
504                 // Free memory
505                 SQL_FREERESULT($result);
506                 $OUT .= "</SELECT>\n";
507         }
508          else
509         {
510                 // No menus???
511                 $OUT = ADMIN_PROBLEM_NO_MENU;
512         }
513
514         // Return output
515         return $OUT;
516 }
517 //
518 function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="config=0", $translateComma = array(), $alwaysAdd=false)
519 {
520         global $_CONFIG, $cacheArray, $cacheInstance;
521         $DATA = array();
522         $skip = false; $TEST2 = "";
523         foreach ($POST as $id=>$val) {
524                 // Process only formular field but not submit buttons ;)
525                 if ($id != "ok") {
526                         // Do not save the ok value
527                         $TEST = substr($id, -3);
528                         if ((($TEST == "_ye") || ($TEST == "_mo") || ($TEST == "_we") || ($TEST == "_da") || ($TEST == "_ho") || ($TEST == "_mi") || ($TEST == "_se")) && (isset($val))) {
529                                 // Found a multi-selection for timings?
530                                 $TEST = substr($id, 0, -3);
531                                 if ((isset($POST[$TEST."_ye"])) && (isset($POST[$TEST."_mo"])) && (isset($POST[$TEST."_we"])) && (isset($POST[$TEST."_da"])) && (isset($POST[$TEST."_ho"])) && (isset($POST[$TEST."_mi"])) && (isset($POST[$TEST."_se"])) && ($TEST != $TEST2)) {
532                                         // Generate timestamp
533                                         $POST[$TEST] = CREATE_TIMESTAMP_FROM_SELECTIONS($TEST, $POST);
534                                         $DATA[] = "$TEST='".$POST[$TEST]."'";
535
536                                         // Remove data from array
537                                         unset($POST[$TEST."_ye"]);
538                                         unset($POST[$TEST."_mo"]);
539                                         unset($POST[$TEST."_we"]);
540                                         unset($POST[$TEST."_da"]);
541                                         unset($POST[$TEST."_ho"]);
542                                         unset($POST[$TEST."_mi"]);
543                                         unset($POST[$TEST."_se"]);
544
545                                         // Skip adding
546                                         unset($id); $skip = true; $TEST2 = $TEST;
547                                 }
548                         } else {
549                                 // Process this entry
550                                 $skip = false; $TEST2 = "";
551                         }
552
553                         // Shall we process this ID? It muss not be empty, of course
554                         if ((!$skip) && (!empty($id))) {
555                                 // Save this entry
556                                 $val = COMPILE_CODE($val);
557
558                                 // Translate the value? (comma to dot!)
559                                 if ((is_array($translateComma)) && (in_array($id, $translateComma))) {
560                                         // Then do it here... :)
561                                         $val = str_replace(",", ".", $val);
562                                 }
563
564                                 // Shall we add numbers or strings?
565                                 $test = (float)$val;
566                                 if ("".$val."" == "".$test."") {
567                                         // Add numbers
568                                         $DATA[] = $id."=".$val."";
569                                 } else {
570                                         // Add strings
571                                         $DATA[] = $id."='".trim($val)."'";
572                                 }
573
574                                 // Update current configuration
575                                 $_CONFIG[$id] = $val;
576                         }
577                 }
578         }
579
580         // Check if entry does exist
581         $result = false;
582         if (!$alwaysAdd) {
583                 if (!empty($whereStatement)) {
584                         $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$tableName." WHERE ".$whereStatement." LIMIT 1", __FILE__, __LINE__);
585                 } else {
586                         $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$tableName." LIMIT 1", __FILE__, __LINE__);
587                 }
588         }
589
590         if (SQL_NUMROWS($result) == 1) {
591                 // "Implode" all data to single string
592                 $DATA_UPDATE = implode(", ", $DATA);
593
594                 // Generate SQL string
595                 $SQL = "UPDATE "._MYSQL_PREFIX.$tableName." SET ".$DATA_UPDATE." WHERE ".$whereStatement." LIMIT 1";
596         } else {
597                 // Add Line (does only work with auto_increment!
598                 $KEYs = array(); $VALUEs = array();
599                 foreach ($DATA as $entry) {
600                         // Split up
601                         $line = explode("=", $entry);
602                         $KEYs[] = $line[0]; $VALUEs[] = $line[1];
603                 }
604
605                 // Add both in one line
606                 $KEYs = implode(", ", $KEYs);
607                 $VALUEs = implode(", ", $VALUEs);
608
609                 // Generate SQL string
610                 $SQL = "INSERT INTO "._MYSQL_PREFIX.$tableName." (".$KEYs.") VALUES(".$VALUEs.")";
611         }
612
613         // Free memory
614         SQL_FREERESULT($result);
615
616         // Simply run generated SQL string
617         $result = SQL_QUERY($SQL, __FILE__, __LINE__);
618
619         // Is the config table updated and the cache extension installed?
620         if ((GET_EXT_VERSION("cache") >= "0.1.2") && ($tableName == "_config")) {
621                 // Remove it here...
622                 if ($cacheInstance->cache_file("config", true)) $cacheInstance->cache_destroy();
623                 unset($cacheArray);
624         }
625
626         // Settings saved
627         LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_done\">".SETTINGS_SAVED."</STRONG>");
628 }
629 //
630 function ADMIN_MAKE_MENU_SELECTION($menu, $type, $name, $default="") {
631         // Init the selection box
632         $OUT = "<SELECT name=\"".$name."\" class=\"admin_select\" size=\"1\">\n <OPTION value=\"\">".IS_TOP_MENU."</OPTION>\n";
633
634         // Open the requested menu directory
635         $handle = opendir(PATH."inc/modules/".$menu."/") or mxchange_die("Cannot load menu ".$menu."!");
636         while ($file = readdir($handle)) {
637                 // Is this a PHP script?
638                 if (($file != ".") && ($file != "..") && ($file != "lost+found") && (strpos($file, "".$type."-") > -1) && (strpos($file, ".php") > 0)) {
639                         // Then test if the file is readable
640                         $test = PATH."inc/modules/".$menu."/".$file;
641                         if (is_readable($test)) {
642                                 // Extract the value for what=xxx
643                                 $part = substr($file, (strlen($type) + 1)); $part = substr($part, 0, strpos($part, ".php"));
644
645                                 // Is that part different from the overview?
646                                 if ($part != "overview") {
647                                         $OUT .= "       <OPTION value=\"".$part."\"";
648                                         if ($part == $default) $OUT .= "selected";
649                                         $OUT .= ">".$part."</OPTION>\n";
650                                 }
651                         }
652                 }
653         }
654         closedir($handle);
655         $OUT .= "</SELECT>\n";
656         return $OUT;
657 }
658 //
659 function ADMIN_USER_PROFILE_LINK($uid, $title="", $wht="list_user")
660 {
661         if (($title == "") && ($title != "0")) { $title = $uid; }
662         if (($title == "0") && ($wht == "list_refs"))
663         {
664                 // Return title again
665                 return $title;
666         }
667
668         //* DEBUG: */ echo "A:".$title."<br />";
669         // Return link
670         return "<A href=\"".URL."/modules.php?module=admin&amp;what=".$wht."&amp;u_id=".$uid."\" title=\"".ADMIN_USER_PROFILE_TITLE."\">".$title."</A>";
671 }
672 //
673 function ADMIN_CHECK_MENU_MODE()
674 {
675         global $_CONFIG, $cacheArray;
676
677         // Set the global mode as the mode for all admins
678         $MODE = $_CONFIG['admin_menu']; $ADMIN = $MODE;
679
680         // Check individual settings of current admin
681         if (isset($cacheArray['admins']['la_mode'][get_session('admin_login')]))
682         {
683                 // Load from cache
684                 $ADMIN = $cacheArray['admins']['la_mode'][get_session('admin_login')];
685                 $_CONFIG['cache_hits']++;
686         }
687          elseif (GET_EXT_VERSION("admins") >= "0.6.7")
688         {
689                 // Load from database when version of "admins" is enough
690                 $result = SQL_QUERY_ESC("SELECT la_mode FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
691                  array(get_session('admin_login')), __FILE__, __LINE__);
692                 if (SQL_NUMROWS($result) == 1)
693                 {
694                         // Load data
695                         list($ADMIN) = SQL_FETCHROW($result);
696                 }
697
698                 // Free memory
699                 SQL_FREERESULT($result);
700         }
701
702         // Check what the admin wants and set it when it's not the global mode
703         if ($ADMIN != "global") $MODE = $ADMIN;
704
705         // Return admin-menu's mode
706         return $MODE;
707 }
708 // Change activation status
709 function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") {
710         global $_CONFIG;
711         $cnt = 0; $newStatus = 'Y';
712         if ((is_array($IDs)) && (count($IDs) > 0)) {
713                 // "Walk" all through and count them
714                 foreach ($IDs as $id=>$selected) {
715                         // Secure the ID number
716                         $id = bigintval($id);
717
718                         // Should always be 1 ;-)
719                         if ($selected == 1) {
720                                 // Determine new status
721                                 $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_%s WHERE %s=%d LIMIT 1",
722                                         array($row, $table, $idRow, $id), __FILE__, __LINE__);
723
724                                 // Row found?
725                                 if (SQL_NUMROWS($result) == 1) {
726                                         // Load the status
727                                         list($currStatus) = SQL_FETCHROW($result);
728                                         if ($currStatus == 'Y') $newStatus='N'; else $newStatus = 'Y';
729
730                                         // Change this status
731                                         SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s SET %s='%s' WHERE %s=%d LIMIT 1",
732                                                 array($table, $row, $newStatus, $idRow, $id), __FILE__, __LINE__);
733
734                                         // Count up affected rows
735                                         $cnt += SQL_AFFECTEDROWS();
736                                 }
737
738                                 // Free the result
739                                 SQL_FREERESULT($result);
740                         }
741                 }
742
743                 // Output status
744                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_STATUS_CHANGED_1.$cnt.ADMIN_STATUS_CHANGED_2.count($IDs).ADMIN_STATUS_CHANGED_3);
745         } else {
746                 // Nothing selected!
747                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NOTHING_SELECTED_CHANGE);
748         }
749 }
750 // Delete rows by given ID numbers
751 function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $row, $columns = array(), $filterFunctions = array(), $deleteNow=false, $idRow="id") {
752         global $_CONFIG;
753         $OUT = ""; $SW = 2;
754         if ((is_array($IDs)) && (count($IDs) > 0)) {
755                 // "Walk" through all entries and count them
756                 if ($deleteNow) {
757                         // Delete them
758                 } else {
759                         // List for confirmation
760                         foreach ($IDs as $id=>$selected) {
761                                 // Secure ID number
762                                 $id = bigintval($id);
763
764                                 // Will always be 1 ;-)
765                                 if ($selected == 1) {
766                                         // Get result from a given column array and table name
767                                         $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idRow, $id);
768
769                                         // Is there one entry?
770                                         if (SQL_NUMROWS($result) == 1) {
771                                                 // Load all data
772                                                 $content = SQL_FETCHARRAY($result);
773
774                                                 // Filter all data
775                                                 foreach ($content as $key=>$value) {
776                                                         // Is a filter function set?
777                                                         $idx = array_search($key, $columns, true);
778                                                         if (!empty($filterFunctions[$idx])) {
779                                                                 // Then call it!
780                                                                 $content[$key] = call_user_func($filterFunctions[$idx], $value);
781                                                         }
782                                                 }
783
784                                                 // Add color switching
785                                                 $content['sw'] = $SW;
786
787                                                 // Then list it again...
788                                                 $OUT .= LOAD_TEMPLATE("admin_del_".$table."_row", true, $content);
789                                                 $SW = 3 - $SW;
790                                         }
791
792                                         // Free the result
793                                         SQL_FREERESULT($result);
794                                 }
795                         }
796
797                         // Load master template
798                         LOAD_TEMPLATE("admin_del_".$table."", false, $OUT);
799                 }
800         }
801 }
802 //
803 ?>