4dab2a6ff87ad14b71a7ccb199999ad1fe23e4b0
[mailer.git] / inc / modules / admin / what-config_admins.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 06/30/2004 *
4  * ================                             Last change: 07/02/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File: what-config_admins.php                                         *
8  * -------------------------------------------------------------------- *
9  * Short description : Configure admin ACLs                             *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Admin-ACLs einstellen                            *
12  * -------------------------------------------------------------------- *
13  * $Revision::                                                        $ *
14  * $Date::                                                            $ *
15  * $Tag:: 0.2.1-FINAL                                                 $ *
16  * $Author::                                                          $ *
17  * Needs to be in all Files and every File needs "svn propset           *
18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
19  * -------------------------------------------------------------------- *
20  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
21  * For more information visit: http://www.mxchange.org                  *
22  *                                                                      *
23  * This program is free software; you can redistribute it and/or modify *
24  * it under the terms of the GNU General Public License as published by *
25  * the Free Software Foundation; either version 2 of the License, or    *
26  * (at your option) any later version.                                  *
27  *                                                                      *
28  * This program is distributed in the hope that it will be useful,      *
29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
31  * GNU General Public License for more details.                         *
32  *                                                                      *
33  * You should have received a copy of the GNU General Public License    *
34  * along with this program; if not, write to the Free Software          *
35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
36  * MA  02110-1301  USA                                                  *
37  ************************************************************************/
38
39 // Some security stuff...
40 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
41         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
42         require($INC);
43 }
44
45 // Add description as navigation point
46 ADD_DESCR('admin', __FILE__);
47
48 $SEL = 0;
49 if (REQUEST_ISSET_POST('sel')) $SEL = SELECTION_COUNT(REQUEST_POST('sel'));
50
51 if ((REQUEST_ISSET_POST('edit')) && ($SEL > 0)) {
52         // Edit ACLs
53         $OUT = ''; $SW = 2;
54         foreach (REQUEST_POST('sel') as $id => $selected) {
55                 // Load data for the ID
56                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE id=%s LIMIT 1",
57                  array(bigintval($id)), __FILE__, __LINE__);
58                 list($aid, $act, $wht, $mode) = SQL_FETCHROW($result);
59                 SQL_FREERESULT($result);
60
61                 // Prepare data for the row template
62                 $content = array(
63                         'sw'               => $SW,
64                         'id'               => $id,
65                         'admins_selection' => ADD_OPTION_LINES('admins', "id", "login", $aid, "default_acl"),
66                         'action_selection' => ADMIN_MENU_SELECTION("action", $act, $id),
67                         'what_selection'   => ADMIN_MENU_SELECTION("what", $wht, $id),
68                         'mode_options'     => ADD_OPTION_LINES(
69                                 "/ARRAY/",
70                                 array("allow", "deny"),
71                                 array(constant('ADMINS_ALLOW_MODE'), constant('ADMINS_DENY_MODE')),
72                                 $mode
73                         ),
74                 );
75
76                 // Load row template
77                 $OUT .= LOAD_TEMPLATE("admin_config_admins_edit_row", true, $content);
78                 $SW = 3 - $SW;
79         }
80         define('__ACL_ROWS', $OUT);
81
82         // Load main template
83         LOAD_TEMPLATE("admin_config_admins_edit");
84 } elseif ((REQUEST_ISSET_POST('change')) && ($SEL > 0)) {
85         // Change entries
86         foreach (REQUEST_POST('sel') as $id => $selected) {
87                 // Secure ID
88                 $id = bigintval($id);
89
90                 // Update entries
91                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins_acls` SET admin_id=%s, action_menu='%s', what_menu='%s', access_mode='%s' WHERE id=%s LIMIT 1",
92                         array(
93                                 REQUEST_POST('admin', $id),
94                                 REQUEST_POST('action_menu', $id),
95                                 REQUEST_POST('what_menu', $id),
96                                 REQUEST_POST('mode', $id),
97                                 $id
98                         ),__FILE__, __LINE__);
99         }
100
101         // Update cache when installed
102         if (EXT_IS_ACTIVE('cache')) {
103                 if ($GLOBALS['cache_instance']->loadCacheFile("admins_acls")) $GLOBALS['cache_instance']->destroyCacheFile();
104
105                 // Purge menu cache
106                 CACHE_PURGE_ADMIN_MENU(REQUEST_POST('admin', $id));
107         }
108
109         // Entries changed
110         LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_ADMINS_ENTRIES_CHANGED'));
111 } elseif ((REQUEST_ISSET_POST('del')) && ($SEL > 0)) {
112         // Delete ACLs
113         $OUT = ''; $SW = 2;
114         foreach (REQUEST_POST('sel') as $id => $selected) {
115                 // Load data for the ID
116                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE id=%s LIMIT 1",
117                         array(bigintval($id)), __FILE__, __LINE__);
118                 list($admin, $act, $wht, $mode) = SQL_FETCHROW($result);
119                 SQL_FREERESULT($result);
120
121                 // Prepare variables
122                 if (empty($act)) $act = "---";
123                 if (empty($wht)) $wht = "---";
124
125                 // Get admin mode
126                 $mode = constant('ADMINS_'.strtoupper($mode).'_MODE');
127
128                 // Generate link
129                 $admin = GENERATE_AID_LINK($admin);
130
131                 // Prepare data for the row template
132                 $content = array(
133                         'sw'     => $SW,
134                         'id'     => $id,
135                         'admin'  => $admin,
136                         'action' => $act,
137                         'what'   => $wht,
138                         'mode'   => $mode,
139                 );
140
141                 // Load row template and switch colors
142                 $OUT .= LOAD_TEMPLATE("admin_config_admins_del_row", true, $content);
143                 $SW = 3 - $SW;
144         }
145         define('__ACL_ROWS', $OUT);
146
147         // Load main template
148         LOAD_TEMPLATE("admin_config_admins_del");
149 } elseif ((REQUEST_ISSET_POST('remove')) && ($SEL > 0)) {
150         // Remove entries
151         foreach (REQUEST_POST('sel') as $id => $selected) {
152                 SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE id=%s LIMIT 1",
153                         array(bigintval($id)),__FILE__, __LINE__);
154         }
155
156         // Update cache when installed
157         if (EXT_IS_ACTIVE('cache')) {
158                 if ($GLOBALS['cache_instance']->loadCacheFile("admins_acls")) $GLOBALS['cache_instance']->destroyCacheFile();
159
160                 // @TODO This causes the whole (!) menu cache being rebuild
161                 CACHE_PURGE_ADMIN_MENU();
162         }
163
164         // Entries deleted
165         LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_ADMINS_ENTRIES_DELETED'));
166 } elseif (REQUEST_ISSET_POST(('add'))) {
167         // Check if everything is fine...
168         $mode = GET_ADMIN_DEFAULT_ACL(bigintval(REQUEST_POST('admin_id')));
169
170         // Default ACL is false
171         $ACL = false;
172         if (REQUEST_ISSET_POST(('what_menu'))) {
173                 // Check parent ACL
174                 $ACL = ADMINS_CHECK_ACL(GET_ACTION('admin', REQUEST_POST('what_menu')), '');
175         }
176
177         if ($mode != REQUEST_POST('mode') || ($ACL)) {
178                 // Mode is fine
179                 $BOTH = ((REQUEST_ISSET_POST(('action_menu'))) && (REQUEST_ISSET_POST(('what_menu'))));
180                 if (((REQUEST_ISSET_POST(('action_menu'))) || (REQUEST_ISSET_POST(('what_menu')))) && (!$BOTH)) {
181                         // Main or sub menu selected
182                         $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE admin_id=%s AND action_menu='%s' AND what_menu='%s' LIMIT 1",
183                          array(bigintval(REQUEST_POST('admin_id')), REQUEST_POST('action_menu'), REQUEST_POST('what_menu')), __FILE__, __LINE__);
184                         if (SQL_NUMROWS($result) == 0) {
185                                 // Finally add the new ACL
186                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins_acls` (admin_id, action_menu, what_menu, access_mode)
187 VALUES ('%s','%s','%s','%s')",
188  array(
189         bigintval(REQUEST_POST('admin_id')),
190         REQUEST_POST('action_menu'),
191         REQUEST_POST('what_menu'),
192         REQUEST_POST('mode')
193 ), __FILE__, __LINE__);
194                                 $content = getMessage('ADMIN_ADMINS_ACL_SAVED');
195
196                                 // Update cache when installed
197                                 if (EXT_IS_ACTIVE('cache')) {
198                                         if ($GLOBALS['cache_instance']->loadCacheFile("admins_acls")) $GLOBALS['cache_instance']->destroyCacheFile();
199
200                                         // Purge cache
201                                         CACHE_PURGE_ADMIN_MENU(REQUEST_POST('admin_id'), REQUEST_POST('action_menu'), REQUEST_POST('what_menu'));
202                                 } // END - if
203                         } else {
204                                 // ACL does already exist!
205                                 $content = getMessage('ADMIN_ADMINS_ACL_ALREADY_ADDED');
206                         }
207
208                         // Free memory
209                         SQL_FREERESULT($result);
210                 } else {
211                         // No menu selected makes also no sence...
212                         $content = getMessage('ADMIN_ADMINS_SELECT_ACTION_WHAT');
213                 }
214         } else {
215                 // Same mode makes no sence...
216                 $content = getMessage('ADMIN_ADMINS_SAME_MODE_SELECTED');
217         }
218
219         // Display message
220         LOAD_TEMPLATE('admin_settings_saved', false, $content);
221 } else {
222         // List all ACLs
223         $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` ORDER BY admin_id, id", __FILE__, __LINE__);
224         if (SQL_NUMROWS($result_acls) > 0) {
225                 // List ACLs
226                 $OUT = ''; $SW = 2;
227                 while ($content = SQL_FETCHARRAY($result_acls)) {
228                         // Prepare variables
229                         if (empty($content['action_menu'])) $content['action_menu'] = "---";
230                         if (empty($content['what_menu']))   $content['what_menu']   = "---";
231
232                         // Get mode
233                         $content['access_mode'] = constant('ADMINS_'.strtoupper($content['access_mode']).'_MODE');
234
235                         // Prepare data for the row template
236                         $content = array(
237                                 'sw'     => $SW,
238                                 'id'     => $content['id'],
239                                 'admin'  => GENERATE_AID_LINK($content['admin_id']),
240                                 'action' => $content['action_menu'],
241                                 'what'   => $content['what_menu'],
242                                 'mode'   => $content['access_mode'],
243                         );
244
245                         // Load row template and switch colors
246                         $OUT .= LOAD_TEMPLATE("admin_config_admins_row", true, $content);
247                         $SW = 3 - $SW;
248                 }
249
250                 // Free memory
251                 SQL_FREERESULT($result);
252                 define('__ACL_ROWS', $OUT);
253
254                 // Load main template
255                 LOAD_TEMPLATE("admin_config_admins");
256         }
257
258         // Prepare some constants for the template
259         define('_ADMINS_SELECTION', ADD_OPTION_LINES('admins', "id", "login", '', "default_acl"));
260         define('_ACTION_SELECTION', ADMIN_MENU_SELECTION("action"));
261         define('_WHAT_SELECTION'  , ADMIN_MENU_SELECTION("what"));
262         define('_MODE_OPTIONS'    ,
263                 ADD_OPTION_LINES(
264                         "/ARRAY/",
265                         array("allow", "deny"),
266                         array(
267                                 getMessage('ADMINS_ALLOW_MODE'),
268                                 getMessage('ADMINS_DENY_MODE')
269                         )
270                 )
271         );
272
273         // Load template for adding new ACL
274         LOAD_TEMPLATE("admin_admins_add_acl");
275 }
276
277 //
278 ?>