Writing of .htaccess no longer needed
[mailer.git] / inc / modules / admin / admin-inc.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 08/31/2003 *
4  * ===============                              Last change: 11/23/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : admin-inc.php                                    *
8  * -------------------------------------------------------------------- *
9  * Short description : Administrative related functions                 *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Fuer die Administration benoetigte Funktionen    *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
36 {
37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
38         require($INC);
39 }
40
41 //
42 function REGISTER_ADMIN ($user, $md5, $email=WEBMASTER)
43 {
44         $ret = "failed";
45         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
46          array($user), __FILE__, __LINE__);
47         if (SQL_NUMROWS($result) == 0) {
48                 // Ok, let's create the admin login
49                 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES('%s', '%s', '%s')",
50                  array($user, $md5, $email), __FILE__, __LINE__);
51                 $ret = "done";
52         } else {
53                 // Free memory
54                 SQL_FREERESULT($result);
55
56                 // Login does already exist
57                 $ret = "already";
58         }
59         return $ret;
60 }
61 // Only be executed on login procedure!
62 function CHECK_ADMIN_LOGIN ($admin_login, $password)
63 {
64         global $cacheArray, $_CONFIG, $cacheInstance;
65         $ret = "404"; $pass = "";
66         if (!empty($cacheArray['admins']['aid'][$admin_login])) {
67                 // Get password from cache
68                 $pass = $cacheArray['admins']['password'][$admin_login];
69                 $ret = "pass";
70                 $_CONFIG['cache_hits']++;
71         } else {
72                 // Get password from DB
73                 $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
74                  array($admin_login), __FILE__, __LINE__);
75                 if (SQL_NUMROWS($result) == 1) {
76                         $ret = "pass";
77                         list($pass) = SQL_FETCHROW($result);
78                         SQL_FREERESULT($result);
79                 }
80         }
81
82         //* DEBUG: */ echo "*".$pass."/".md5($password)."/".$ret."<br />";
83         if ((strlen($pass) == 32) && ($pass == md5($password))) {
84                 // Generate new hash
85                 $pass = generateHash($password);
86
87                 // Is the sql_patches not installed, than we cannot have a valid hashed password here!
88                 if (($ret == "pass") && ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == ""))) $ret = "done";
89         } elseif ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) {
90                 // Old hashing way
91                 return $ret;
92         }
93
94         // Generate salt of password
95         define('__SALT', substr($pass, 0, -40));
96         $salt = __SALT;
97
98         // Check if password is same
99         if (($ret == "pass") && ($pass == generateHash($password, $salt)) && (!empty($salt)))   {
100                 // Update password
101                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE login='%s' LIMIT 1",
102                  array($pass, $admin_login), __FILE__, __LINE__);
103
104                 // Shall I remove the cache file?
105                 if ((EXT_IS_ACTIVE("cache")) && ($cacheInstance != false)) {
106                         if ($cacheInstance->cache_file("admins", true)) $cacheInstance->cache_destroy();
107                 }
108
109                 // Password matches!
110                 $ret = "done";
111         } elseif ((empty($salt)) && ($ret == "pass")) {
112                 // Something bad went wrong
113                 $ret = "failed";
114         }
115         return $ret;
116 }
117
118 // Only be executed on cookie checking
119 function CHECK_ADMIN_COOKIES ($admin_login, $password) {
120         global $cacheArray, $_CONFIG;
121         $ret = "404"; $pass = "";
122         if (!empty($cacheArray['admins']['aid'][$admin_login])) {
123                 // Get password from cache
124                 $pass = $cacheArray['admins']['password'][$admin_login];
125                 $ret = "pass";
126                 $_CONFIG['cache_hits']++;
127         } else {
128                 // Get password from DB
129                 $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
130                  array($admin_login), __FILE__, __LINE__);
131                 if (SQL_NUMROWS($result) == 1) {
132                         // Entry found
133                         $ret = "pass";
134
135                         // Fetch password
136                         list($pass) = SQL_FETCHROW($result);
137                 }
138
139                 // Free result
140                 SQL_FREERESULT($result);
141         }
142
143         //* DEBUG: */ echo __FUNCTION__.":".$pass."(".strlen($pass).")/".$password."(".strlen($password).")<br />\n";
144
145         // Check if password matches
146         if (($ret == "pass") && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass)))) {
147                 // Passwords matches!
148                 $ret = "done";
149         }
150
151         // Return result
152         return $ret;
153 }
154 //
155 function admin_WriteData ($file, $comment, $prefix, $suffix, $DATA, $seek=0) {
156         // Initialize some variables
157         $done = false;
158         $seek++;
159         $found = false;
160
161         // Is the file there and read-/write-able?
162         if ((file_exists($file)) && (is_readable($file)) && (is_writeable($file))) {
163                 $search = "CFG: ".$comment;
164                 $tmp = $file.".tmp";
165
166                 // Open the source file
167                 $fp = @fopen($file, 'r') or OUTPUT_HTML("<STRONG>READ:</STRONG> ".$file."<br />");
168
169                 // Is the resource valid?
170                 if (is_resource($fp)) {
171                         // Open temporary file
172                         $fp_tmp = @fopen($tmp, 'w') or OUTPUT_HTML("<STRONG>WRITE:</STRONG> ".$tmp."<br />");
173
174                         // Is the resource again valid?
175                         if (is_resource($fp_tmp)) {
176                                 while (!feof($fp)) {
177                                         // Read from source file
178                                         $line = fgets ($fp, 1024);
179
180                                         if (strpos($line, $search) > -1) { $next = 0; $found = true; }
181
182                                         if ($next > -1) {
183                                                 if ($next == $seek) {
184                                                         $next = -1;
185                                                         $line = $prefix . $DATA . $suffix."\n";
186                                                 } else {
187                                                         $next++;
188                                                 }
189                                         }
190
191                                         // Write to temp file
192                                         fputs($fp_tmp, $line);
193                                 }
194
195                                 // Close temp file
196                                 fclose($fp_tmp);
197
198                                 // Finished writing tmp file
199                                 $done = true;
200                         }
201
202                         // Close source file
203                         fclose($fp);
204
205                         if (($done) && ($found)) {
206                                 // Copy back tmp file and delete tmp :-)
207                                 @copy($tmp, $file);
208                                 @unlink($tmp);
209                                 define('_FATAL', false);
210                         } elseif (!$found) {
211                                 OUTPUT_HTML("<STRONG>CHANGE:</STRONG> 404!");
212                                 define('_FATAL', true);
213                         } else {
214                                 OUTPUT_HTML("<STRONG>TMP:</STRONG> UNDONE!");
215                                 define('_FATAL', true);
216                         }
217                 }
218         } else {
219                 // File not found, not readable or writeable
220                 OUTPUT_HTML("<STRONG>404:</STRONG> ".$file."<br />");
221         }
222 }
223
224 //
225 function ADMIN_DO_ACTION($wht)
226 {
227         global $menuDesription, $menuTitle, $_CONFIG, $cacheArray, $link, $DATA, $DEPTH;
228         //* DEBUG: */ echo __LINE__."*".$wht."/".$GLOBALS['module']."/".$GLOBALS['action']."/".$GLOBALS['what']."*<br />\n";
229         if (EXT_IS_ACTIVE("cache"))
230         {
231                 // Include cache instance
232                 global $cacheInstance;
233         }
234
235         // Remove any spaces from variable
236         if (empty($wht))
237         {
238                 // Default admin action is the overview page
239                 $wht = "overview";
240         }
241          else
242         {
243                 // Compile out some chars
244                 $wht = COMPILE_CODE($wht, false, false, false);
245         }
246
247         // Get action value
248         $act = GET_ACTION($GLOBALS['module'], $wht);
249
250         // Define admin login name and ID number
251         define('__ADMIN_LOGIN', SQL_ESCAPE(get_session('admin_login')));
252         define('__ADMIN_ID'   , GET_ADMIN_ID(get_session('admin_login')));
253
254         // Preload templates
255         if (EXT_IS_ACTIVE("admins")) {
256                 define('__ADMIN_WELCOME', LOAD_TEMPLATE("admin_welcome_admins", true));
257         } else {
258                 define('__ADMIN_WELCOME', LOAD_TEMPLATE("admin_welcome", true));
259         }
260         define('__ADMIN_FOOTER' , LOAD_TEMPLATE("admin_footer" , true));
261         define('__ADMIN_MENU'   , ADD_ADMIN_MENU($act, $wht, true));
262
263         // Tableset header
264         LOAD_TEMPLATE("admin_main_header");
265
266         // Check if action/what pair is valid
267         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu
268 WHERE action='%s' AND ((what='%s' AND what != 'overview') OR (what='' AND '%s'='overview'))
269 LIMIT 1", array($act, $wht, $wht), __FILE__, __LINE__);
270         if (SQL_NUMROWS($result) == 1)
271         {
272                 // Free memory
273                 SQL_FREERESULT($result);
274
275                 // Is valid but does the inlcude file exists?
276                 $INC = sprintf(PATH."inc/modules/admin/action-%s.php", $act);
277                 if ((file_exists($INC)) && (is_readable($INC)) && (VALIDATE_MENU_ACTION("admin", $act, $wht)) && (__ACL_ALLOW == true))
278                 {
279                         // Ok, we finally load the admin action module
280                         include($INC);
281                 }
282                  elseif (__ACL_ALLOW == false)
283                 {
284                         // Access denied
285                         LOAD_TEMPLATE("admin_menu_failed", false, ADMINS_ACCESS_DENIED);
286                         ADD_FATAL(ADMINS_ACCESS_DENIED);
287                 }
288                  else
289                 {
290                         // Include file not found! :-(
291                         LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_404_ACTION);
292                         ADD_FATAL(ADMIN_404_ACTION_1.$act.ADMIN_404_ACTION_2);
293                 }
294         } else {
295                 // Invalid action/what pair found!
296                 LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_INVALID_ACTION);
297                 ADD_FATAL(ADMIN_INVALID_ACTION_1.$act."/".$wht.ADMIN_INVALID_ACTION_2);
298         }
299
300         // Tableset footer
301         LOAD_TEMPLATE("admin_main_footer");
302 }
303 //
304 function ADD_ADMIN_MENU($act, $wht,$return=false)
305 {
306         global $menuDesription, $menuTitle, $link;
307         $SUB = false;
308
309         // Menu descriptions
310         $menuDesription = array();
311         $menuTitle = array();
312
313         // Build main menu
314         $result_main = SQL_QUERY("SELECT action, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' ORDER BY sort, id DESC", __FILE__, __LINE__);
315         $OUT = "";
316         if (SQL_NUMROWS($result_main) > 0)
317         {
318                 $OUT = "<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_main\">
319 <TR><TD colspan=\"2\" height=\"7\" class=\"seperator\">&nbsp;</TD></TR>\n";
320                 while (list($menu, $title, $descr) = SQL_FETCHROW($result_main))
321                 {
322                         if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2"))
323                         {
324                                 $ACL = ADMINS_CHECK_ACL($menu, "");
325                         }
326                          else
327                         {
328                                 // ACL is "allow"... hmmm
329                                 $ACL = true;
330                         }
331                         if ($ACL)
332                         {
333                                 if (!$SUB)
334                                 {
335                                         // Insert compiled menu title and description
336                                         $menuTitle[$menu]        = $title;
337                                         $menuDesription[$menu] = $descr;
338                                 }
339                                 $OUT .= "<TR>
340         <TD class=\"admin_menu\" colspan=\"2\">
341                 <NOBR>&nbsp;<STRONG>&middot;</STRONG>&nbsp;";
342                                         if (($menu == $act) && (empty($wht)))
343                                 {
344                                         $OUT .= "<STRONG>";
345                                 }
346                                  else
347                                 {
348                                         $OUT .= "[&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;action=".$menu."\">";
349                                 }
350                                 $OUT .= $title;
351                                         if (($menu == $act) && (empty($wht)))
352                                 {
353                                         $OUT .= "</STRONG>";
354                                 }
355                                  else
356                                 {
357                                         $OUT .= "</A>&nbsp;]";
358                                 }
359                                 $OUT .= "</NOBR></TD>
360 </TR>\n";
361                                 $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' ORDER BY sort, id DESC",
362                                  array($menu), __FILE__, __LINE__);
363                                 if ((SQL_NUMROWS($result_what) > 0) && ($act == $menu))
364                                 {
365                                         $menuDesription = array();
366                                         $menuTitle = array(); $SUB = true;
367                                         $OUT .= "<TR>
368         <TD width=\"10\" class=\"seperator\">&nbsp;</TD>
369         <TD class=\"admin_menu\">
370                 <TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_sub\">\n";
371                                                 while (list($wht_sub, $title_what, $desc_what) = SQL_FETCHROW($result_what))
372                                         {
373                                                 // Filename
374                                                 $INC = sprintf(PATH."inc/modules/admin/what-%s.php", $wht_sub);
375                                                 if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2"))
376                                                 {
377                                                         $ACL = ADMINS_CHECK_ACL("", $wht_sub);
378                                                 }
379                                                  else
380                                                 {
381                                                         // ACL is "allow"... hmmm
382                                                         $ACL = true;
383                                                 }
384                                                 $readable = ((file_exists($INC)) && (is_readable($INC)));
385                                                 if ($ACL)
386                                                 {
387                                                         // Insert compiled title and description
388                                                         $menuTitle[$wht_sub]        = $title_what;
389                                                         $menuDesription[$wht_sub] = $desc_what;
390                                                         $OUT .= "<TR>
391         <TD class=\"admin_menu\" colspan=\"2\">
392                 <NOBR>&nbsp;<STRONG>--&gt;</STRONG>&nbsp;";
393                                                         if ($readable)
394                                                         {
395                                                                 if ($wht == $wht_sub)
396                                                                 {
397                                                                         $OUT .= "<STRONG>";
398                                                                 }
399                                                                  else
400                                                                 {
401                                                                         $OUT .= "[&nbsp;<A href=\"".URL."/modules.php?module=admin&amp;what=".$wht_sub."\">";
402                                                                 }
403                                                         }
404                                                          else
405                                                         {
406                                                                 $OUT .= "<I class=\"admin_note\">";
407                                                         }
408                                                         $OUT .= $title_what;
409                                                         if ($readable)
410                                                         {
411                                                                 if ($wht == $wht_sub)
412                                                                 {
413                                                                         $OUT .= "</STRONG>";
414                                                                 }
415                                                                  else
416                                                                 {
417                                                                         $OUT .= "</A>&nbsp;]";
418                                                                 }
419                                                         }
420                                                          else
421                                                         {
422                                                                 $OUT .= "</I>";
423                                                         }
424                                                         $OUT .= "</NOBR></TD>
425 </TR>\n";
426                                                 }
427                                         }
428
429                                         // Free memory
430                                         SQL_FREERESULT($result_what);
431                                         $OUT .= "    </TABLE>
432         </TD>
433 </TR>\n";
434                                 }
435                                 $OUT .= "<TR><TD height=\"7\" colspan=\"2\"></TD></TR>\n";
436                         }
437                 }
438
439                 // Free memory
440                 SQL_FREERESULT($result_main);
441                 $OUT .= "</TABLE>\n";
442         }
443
444         // Compile and run the code here. This inserts all constants into the
445         // HTML output. Costs me some time to figure this out... *sigh* Quix0r
446         $eval = "\$OUT = \"".COMPILE_CODE(addslashes($OUT))."\";";
447         eval($eval);
448
449         // Return or output content?
450         if ($return) {
451                 return $OUT;
452         } else {
453                 OUTPUT_HTML($OUT);
454         }
455 }
456 //
457 function ADD_MEMBER_SELECTION_BOX($add_all = false, $return = false, $none = false, $def = "0")
458 {
459         // Output selection form with all confirmed user accounts listed
460         $result = SQL_QUERY("SELECT userid, surname, family FROM "._MYSQL_PREFIX."_user_data ORDER BY userid", __FILE__, __LINE__);
461         $OUT = "";
462
463         // USe this only for adding points (e.g. adding refs really makes no sence ;-) )
464         if ($add_all) $OUT = "      <OPTION value=\"all\">".ALL_MEMBERS."</OPTION>\n";
465          elseif ($none) $OUT = "      <OPTION value=\"0\">".SELECT_NONE."</OPTION>\n";
466         while (list($id, $sname, $fname) = SQL_FETCHROW($result))
467         {
468                 $OUT .= "      <OPTION value=\"".$id."\"";
469                 if ($def == $id) $OUT .= " selected=\"selected\"";
470                 $OUT .= ">".$sname." ".$fname." (".$id.")</OPTION>\n";
471         }
472
473         // Free memory
474         SQL_FREERESULT($result);
475
476         // Remeber options in constant
477         define('_MEMBER_SELECTION', $OUT);
478
479         if (!$return) {
480                 // Display selection box
481                 define('__LANG_VALUE', GET_LANGUAGE());
482
483                 // Load template
484                 LOAD_TEMPLATE("admin_member_selection_box", false, $GLOBALS['what']);
485         }
486 }
487 //
488 function ADMIN_MENU_SELECTION($MODE, $default="", $defid="") {
489         $wht = "what != ''";
490         if ($MODE == "action") $wht = "what='' AND action !='login'";
491         $result = SQL_QUERY_ESC("SELECT %s, title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$wht." ORDER BY sort",
492          array($MODE), __FILE__, __LINE__);
493         if (SQL_NUMROWS($result) > 0)
494         {
495                 // Load menu as selection
496                 $OUT = "<SELECT name=\"".$MODE."_menu";
497                 if ((!empty($defid)) || ($defid == "0")) $OUT .= "[".$defid."]";
498                 $OUT .= "\" size=\"1\" class=\"admin_select\">
499         <OPTION value=\"\">".SELECT_NONE."</OPTION>\n";
500                 while (list($menu, $title) = SQL_FETCHROW($result))
501                 {
502                         $OUT .= "  <OPTION value=\"".$menu."\"";
503                         if ((!empty($default)) && ($default == $menu)) $OUT .= " selected=\"selected\"";
504                         $OUT .= ">".$title."</OPTION>\n";
505                 }
506
507                 // Free memory
508                 SQL_FREERESULT($result);
509                 $OUT .= "</SELECT>\n";
510         }
511          else
512         {
513                 // No menus???
514                 $OUT = ADMIN_PROBLEM_NO_MENU;
515         }
516
517         // Return output
518         return $OUT;
519 }
520 //
521 function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="config=0", $translateComma = array(), $alwaysAdd=false)
522 {
523         global $_CONFIG, $cacheArray, $cacheInstance;
524         $DATA = array();
525         $skip = false; $TEST2 = "";
526         foreach ($POST as $id=>$val) {
527                 // Process only formular field but not submit buttons ;)
528                 if ($id != "ok") {
529                         // Do not save the ok value
530                         $TEST = substr($id, -3);
531                         if ((($TEST == "_ye") || ($TEST == "_mo") || ($TEST == "_we") || ($TEST == "_da") || ($TEST == "_ho") || ($TEST == "_mi") || ($TEST == "_se")) && (isset($val))) {
532                                 // Found a multi-selection for timings?
533                                 $TEST = substr($id, 0, -3);
534                                 if ((isset($POST[$TEST."_ye"])) && (isset($POST[$TEST."_mo"])) && (isset($POST[$TEST."_we"])) && (isset($POST[$TEST."_da"])) && (isset($POST[$TEST."_ho"])) && (isset($POST[$TEST."_mi"])) && (isset($POST[$TEST."_se"])) && ($TEST != $TEST2)) {
535                                         // Generate timestamp
536                                         $POST[$TEST] = CREATE_TIMESTAMP_FROM_SELECTIONS($TEST, $POST);
537                                         $DATA[] = "$TEST='".$POST[$TEST]."'";
538
539                                         // Remove data from array
540                                         unset($POST[$TEST."_ye"]);
541                                         unset($POST[$TEST."_mo"]);
542                                         unset($POST[$TEST."_we"]);
543                                         unset($POST[$TEST."_da"]);
544                                         unset($POST[$TEST."_ho"]);
545                                         unset($POST[$TEST."_mi"]);
546                                         unset($POST[$TEST."_se"]);
547
548                                         // Skip adding
549                                         unset($id); $skip = true; $TEST2 = $TEST;
550                                 }
551                         } else {
552                                 // Process this entry
553                                 $skip = false; $TEST2 = "";
554                         }
555
556                         // Shall we process this ID? It muss not be empty, of course
557                         if ((!$skip) && (!empty($id))) {
558                                 // Save this entry
559                                 $val = COMPILE_CODE($val);
560
561                                 // Translate the value? (comma to dot!)
562                                 if ((is_array($translateComma)) && (in_array($id, $translateComma))) {
563                                         // Then do it here... :)
564                                         $val = str_replace(",", ".", $val);
565                                 }
566
567                                 // Shall we add numbers or strings?
568                                 $test = (float)$val;
569                                 if ("".$val."" == "".$test."") {
570                                         // Add numbers
571                                         $DATA[] = $id."=".$val."";
572                                 } else {
573                                         // Add strings
574                                         $DATA[] = $id."='".trim($val)."'";
575                                 }
576
577                                 // Update current configuration
578                                 $_CONFIG[$id] = $val;
579                         }
580                 }
581         }
582
583         // Check if entry does exist
584         $result = false;
585         if (!$alwaysAdd) {
586                 if (!empty($whereStatement)) {
587                         $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$tableName." WHERE ".$whereStatement." LIMIT 1", __FILE__, __LINE__);
588                 } else {
589                         $result = SQL_QUERY("SELECT * FROM "._MYSQL_PREFIX.$tableName." LIMIT 1", __FILE__, __LINE__);
590                 }
591         }
592
593         if (SQL_NUMROWS($result) == 1) {
594                 // "Implode" all data to single string
595                 $DATA_UPDATE = implode(", ", $DATA);
596
597                 // Generate SQL string
598                 $SQL = "UPDATE "._MYSQL_PREFIX.$tableName." SET ".$DATA_UPDATE." WHERE ".$whereStatement." LIMIT 1";
599         } else {
600                 // Add Line (does only work with auto_increment!
601                 $KEYs = array(); $VALUEs = array();
602                 foreach ($DATA as $entry) {
603                         // Split up
604                         $line = explode("=", $entry);
605                         $KEYs[] = $line[0]; $VALUEs[] = $line[1];
606                 }
607
608                 // Add both in one line
609                 $KEYs = implode(", ", $KEYs);
610                 $VALUEs = implode(", ", $VALUEs);
611
612                 // Generate SQL string
613                 $SQL = "INSERT INTO "._MYSQL_PREFIX.$tableName." (".$KEYs.") VALUES(".$VALUEs.")";
614         }
615
616         // Free memory
617         SQL_FREERESULT($result);
618
619         // Simply run generated SQL string
620         $result = SQL_QUERY($SQL, __FILE__, __LINE__);
621
622         // Is the config table updated and the cache extension installed?
623         if ((GET_EXT_VERSION("cache") >= "0.1.2") && ($tableName == "_config")) {
624                 // Remove it here...
625                 if ($cacheInstance->cache_file("config", true)) $cacheInstance->cache_destroy();
626                 unset($cacheArray);
627         }
628
629         // Settings saved
630         LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_done\">".SETTINGS_SAVED."</STRONG>");
631 }
632 //
633 function ADMIN_MAKE_MENU_SELECTION($menu, $type, $name, $default="") {
634         // Init the selection box
635         $OUT = "<SELECT name=\"".$name."\" class=\"admin_select\" size=\"1\">\n <OPTION value=\"\">".IS_TOP_MENU."</OPTION>\n";
636
637         // Open the requested menu directory
638         $handle = opendir(PATH."inc/modules/".$menu."/") or mxchange_die("Cannot load menu ".$menu."!");
639         while ($file = readdir($handle)) {
640                 // Is this a PHP script?
641                 if (($file != ".") && ($file != "..") && ($file != "lost+found") && (strpos($file, "".$type."-") > -1) && (strpos($file, ".php") > 0)) {
642                         // Then test if the file is readable
643                         $test = PATH."inc/modules/".$menu."/".$file;
644                         if (is_readable($test)) {
645                                 // Extract the value for what=xxx
646                                 $part = substr($file, (strlen($type) + 1)); $part = substr($part, 0, strpos($part, ".php"));
647
648                                 // Is that part different from the overview?
649                                 if ($part != "overview") {
650                                         $OUT .= "       <OPTION value=\"".$part."\"";
651                                         if ($part == $default) $OUT .= "selected";
652                                         $OUT .= ">".$part."</OPTION>\n";
653                                 }
654                         }
655                 }
656         }
657         closedir($handle);
658         $OUT .= "</SELECT>\n";
659         return $OUT;
660 }
661 //
662 function ADMIN_USER_PROFILE_LINK($uid, $title="", $wht="list_user")
663 {
664         if (($title == "") && ($title != "0")) { $title = $uid; }
665         if (($title == "0") && ($wht == "list_refs"))
666         {
667                 // Return title again
668                 return $title;
669         }
670
671         //* DEBUG: */ echo "A:".$title."<br />";
672         // Return link
673         return "<A href=\"".URL."/modules.php?module=admin&amp;what=".$wht."&amp;u_id=".$uid."\" title=\"".ADMIN_USER_PROFILE_TITLE."\">".$title."</A>";
674 }
675 //
676 function ADMIN_CHECK_MENU_MODE()
677 {
678         global $_CONFIG, $cacheArray;
679
680         // Set the global mode as the mode for all admins
681         $MODE = $_CONFIG['admin_menu']; $ADMIN = $MODE;
682
683         // Check individual settings of current admin
684         if (isset($cacheArray['admins']['la_mode'][get_session('admin_login')]))
685         {
686                 // Load from cache
687                 $ADMIN = $cacheArray['admins']['la_mode'][get_session('admin_login')];
688                 $_CONFIG['cache_hits']++;
689         }
690          elseif (GET_EXT_VERSION("admins") >= "0.6.7")
691         {
692                 // Load from database when version of "admins" is enough
693                 $result = SQL_QUERY_ESC("SELECT la_mode FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
694                  array(get_session('admin_login')), __FILE__, __LINE__);
695                 if (SQL_NUMROWS($result) == 1)
696                 {
697                         // Load data
698                         list($ADMIN) = SQL_FETCHROW($result);
699                 }
700
701                 // Free memory
702                 SQL_FREERESULT($result);
703         }
704
705         // Check what the admin wants and set it when it's not the global mode
706         if ($ADMIN != "global") $MODE = $ADMIN;
707
708         // Return admin-menu's mode
709         return $MODE;
710 }
711 // Change activation status
712 function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") {
713         global $_CONFIG;
714         $cnt = 0; $newStatus = 'Y';
715         if ((is_array($IDs)) && (count($IDs) > 0)) {
716                 // "Walk" all through and count them
717                 foreach ($IDs as $id=>$selected) {
718                         // Secure the ID number
719                         $id = bigintval($id);
720
721                         // Should always be 1 ;-)
722                         if ($selected == 1) {
723                                 // Determine new status
724                                 $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_%s WHERE %s=%d LIMIT 1",
725                                         array($row, $table, $idRow, $id), __FILE__, __LINE__);
726
727                                 // Row found?
728                                 if (SQL_NUMROWS($result) == 1) {
729                                         // Load the status
730                                         list($currStatus) = SQL_FETCHROW($result);
731                                         if ($currStatus == 'Y') $newStatus='N'; else $newStatus = 'Y';
732
733                                         // Change this status
734                                         SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s SET %s='%s' WHERE %s=%d LIMIT 1",
735                                                 array($table, $row, $newStatus, $idRow, $id), __FILE__, __LINE__);
736
737                                         // Count up affected rows
738                                         $cnt += SQL_AFFECTEDROWS();
739                                 }
740
741                                 // Free the result
742                                 SQL_FREERESULT($result);
743                         }
744                 }
745
746                 // Output status
747                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_STATUS_CHANGED_1.$cnt.ADMIN_STATUS_CHANGED_2.count($IDs).ADMIN_STATUS_CHANGED_3);
748         } else {
749                 // Nothing selected!
750                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NOTHING_SELECTED_CHANGE);
751         }
752 }
753 // Delete rows by given ID numbers
754 function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $row, $columns = array(), $filterFunctions = array(), $deleteNow=false, $idRow="id") {
755         global $_CONFIG;
756         $OUT = ""; $SW = 2;
757         if ((is_array($IDs)) && (count($IDs) > 0)) {
758                 // "Walk" through all entries and count them
759                 if ($deleteNow) {
760                         // Delete them
761                 } else {
762                         // List for confirmation
763                         foreach ($IDs as $id=>$selected) {
764                                 // Secure ID number
765                                 $id = bigintval($id);
766
767                                 // Will always be 1 ;-)
768                                 if ($selected == 1) {
769                                         // Get result from a given column array and table name
770                                         $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idRow, $id);
771
772                                         // Is there one entry?
773                                         if (SQL_NUMROWS($result) == 1) {
774                                                 // Load all data
775                                                 $content = SQL_FETCHARRAY($result);
776
777                                                 // Filter all data
778                                                 foreach ($content as $key=>$value) {
779                                                         // Is a filter function set?
780                                                         $idx = array_search($key, $columns, true);
781                                                         if (!empty($filterFunctions[$idx])) {
782                                                                 // Then call it!
783                                                                 $content[$key] = call_user_func($filterFunctions[$idx], $value);
784                                                         }
785                                                 }
786
787                                                 // Add color switching
788                                                 $content['sw'] = $SW;
789
790                                                 // Then list it again...
791                                                 $OUT .= LOAD_TEMPLATE("admin_del_".$table."_row", true, $content);
792                                                 $SW = 3 - $SW;
793                                         }
794
795                                         // Free the result
796                                         SQL_FREERESULT($result);
797                                 }
798                         }
799
800                         // Load master template
801                         LOAD_TEMPLATE("admin_del_".$table."", false, $OUT);
802                 }
803         }
804 }
805 //
806 ?>