A lot while() conditions rewritten to SQL_FETCHARRAY(), see bug #107, @TODO tags...
[mailer.git] / inc / modules / admin / what-config_admins.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 06/30/2004 *
4  * ================                             Last change: 07/02/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File: what-config_admins.php                                         *
8  * -------------------------------------------------------------------- *
9  * Short description : Configure admin ACLs                             *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Admin-ACLs einstellen                            *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
37         require($INC);
38 }
39
40 // Add description as navigation point
41 ADD_DESCR("admin", __FILE__);
42
43 $SEL = 0;
44 if (REQUEST_ISSET_POST('sel')) $SEL = SELECTION_COUNT(REQUEST_POST('sel'));
45
46 if ((REQUEST_ISSET_POST('edit')) && ($SEL > 0)) {
47         // Edit ACLs
48         $OUT = ""; $SW = 2;
49         foreach (REQUEST_POST('sel') as $id => $selected) {
50                 // Load data for the ID
51                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE id=%s LIMIT 1",
52                  array(bigintval($id)), __FILE__, __LINE__);
53                 list($aid, $act, $wht, $mode) = SQL_FETCHROW($result);
54                 SQL_FREERESULT($result);
55
56                 // Prepare data for the row template
57                 $content = array(
58                         'sw'               => $SW,
59                         'id'               => $id,
60                         'admins_selection' => ADD_OPTION_LINES("admins", "id", "login", $aid, "default_acl"),
61                         'action_selection' => ADMIN_MENU_SELECTION("action", $act, $id),
62                         'what_selection'   => ADMIN_MENU_SELECTION("what", $wht, $id),
63                         'mode_options'     => ADD_OPTION_LINES(
64                                 "/ARRAY/",
65                                 array("allow", "deny"),
66                                 array(constant('ADMINS_ALLOW_MODE'), constant('ADMINS_DENY_MODE')),
67                                 $mode
68                         ),
69                 );
70
71                 // Load row template
72                 $OUT .= LOAD_TEMPLATE("admin_config_admins_edit_row", true, $content);
73                 $SW = 3 - $SW;
74         }
75         define('__ACL_ROWS', $OUT);
76
77         // Load main template
78         LOAD_TEMPLATE("admin_config_admins_edit");
79 } elseif ((REQUEST_ISSET_POST(('change'))) && ($SEL > 0)) {
80         // Change entries
81         foreach (REQUEST_POST('sel') as $id => $selected) {
82                 // Secure ID
83                 $id = bigintval($id);
84
85                 // Update entries
86                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins_acls` SET admin_id=%s, action_menu='%s', what_menu='%s', access_mode='%s' WHERE id=%s LIMIT 1",
87                         array(
88                                 REQUEST_POST('admin', $id),
89                                 REQUEST_POST('action_menu', $id),
90                                 REQUEST_POST('what_menu', $id),
91                                 REQUEST_POST('mode', $id),
92                                 $id
93                         ),__FILE__, __LINE__);
94         }
95
96         // Update cache when installed
97         if (EXT_IS_ACTIVE("cache")) {
98                 if ($GLOBALS['cache_instance']->loadCacheFile("admins_acls")) $GLOBALS['cache_instance']->destroyCacheFile();
99
100                 // Purge menu cache
101                 CACHE_PURGE_ADMIN_MENU(REQUEST_POST('admin', $id));
102         }
103
104         // Entries changed
105         LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ADMINS_ENTRIES_CHANGED'));
106 } elseif ((REQUEST_ISSET_POST('del')) && ($SEL > 0)) {
107         // Delete ACLs
108         $OUT = ""; $SW = 2;
109         foreach (REQUEST_POST('sel') as $id => $selected) {
110                 // Load data for the ID
111                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE id=%s LIMIT 1",
112                         array(bigintval($id)), __FILE__, __LINE__);
113                 list($admin, $act, $wht, $mode) = SQL_FETCHROW($result);
114                 SQL_FREERESULT($result);
115
116                 // Prepare variables
117                 if (empty($act)) $act = "---";
118                 if (empty($wht)) $wht = "---";
119
120                 // Get admin mode
121                 $mode = constant('ADMINS_'.strtoupper($mode).'_MODE');
122
123                 // Generate link
124                 $admin = GENERATE_AID_LINK($admin);
125
126                 // Prepare data for the row template
127                 $content = array(
128                         'sw'     => $SW,
129                         'id'     => $id,
130                         'admin'  => $admin,
131                         'action' => $act,
132                         'what'   => $wht,
133                         'mode'   => $mode,
134                 );
135
136                 // Load row template and switch colors
137                 $OUT .= LOAD_TEMPLATE("admin_config_admins_del_row", true, $content);
138                 $SW = 3 - $SW;
139         }
140         define('__ACL_ROWS', $OUT);
141
142         // Load main template
143         LOAD_TEMPLATE("admin_config_admins_del");
144 } elseif ((REQUEST_ISSET_POST(('remove'))) && ($SEL > 0)) {
145         // Remove entries
146         foreach (REQUEST_POST('sel') as $id => $selected) {
147                 SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE id=%s LIMIT 1",
148                         array(bigintval($id)),__FILE__, __LINE__);
149         }
150
151         // Update cache when installed
152         if (EXT_IS_ACTIVE("cache")) {
153                 if ($GLOBALS['cache_instance']->loadCacheFile("admins_acls")) $GLOBALS['cache_instance']->destroyCacheFile();
154
155                 // @TODO This causes the whole (!) menu cache being rebuild
156                 CACHE_PURGE_ADMIN_MENU();
157         }
158
159         // Entries deleted
160         LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ADMINS_ENTRIES_DELETED'));
161 } elseif (REQUEST_ISSET_POST(('add'))) {
162         // Check if everything is fine...
163         $mode = GET_ADMIN_DEFAULT_ACL(bigintval(REQUEST_POST('admin_id')));
164
165         // Default ACL is false
166         $ACL = false;
167         if (REQUEST_ISSET_POST(('what_menu'))) {
168                 // Check parent ACL
169                 $ACL = ADMINS_CHECK_ACL(GET_ACTION("admin", REQUEST_POST('what_menu')), "");
170         }
171
172         if ($mode != REQUEST_POST('mode') || ($ACL)) {
173                 // Mode is fine
174                 $BOTH = ((REQUEST_ISSET_POST(('action_menu'))) && (REQUEST_ISSET_POST(('what_menu'))));
175                 if (((REQUEST_ISSET_POST(('action_menu'))) || (REQUEST_ISSET_POST(('what_menu')))) && (!$BOTH)) {
176                         // Main or sub menu selected
177                         $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE admin_id=%s AND action_menu='%s' AND what_menu='%s' LIMIT 1",
178                          array(bigintval(REQUEST_POST('admin_id')), REQUEST_POST('action_menu'), REQUEST_POST('what_menu')), __FILE__, __LINE__);
179                         if (SQL_NUMROWS($result) == 0) {
180                                 // Finally add the new ACL
181                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins_acls` (admin_id, action_menu, what_menu, access_mode)
182 VALUES ('%s','%s','%s','%s')",
183  array(
184         bigintval(REQUEST_POST('admin_id')),
185         REQUEST_POST('action_menu'),
186         REQUEST_POST('what_menu'),
187         REQUEST_POST('mode')
188 ), __FILE__, __LINE__);
189                                 $content = getMessage('ADMIN_ADMINS_ACL_SAVED');
190
191                                 // Update cache when installed
192                                 if (EXT_IS_ACTIVE("cache")) {
193                                         if ($GLOBALS['cache_instance']->loadCacheFile("admins_acls")) $GLOBALS['cache_instance']->destroyCacheFile();
194
195                                         // Purge cache
196                                         CACHE_PURGE_ADMIN_MENU(REQUEST_POST('admin_id'), REQUEST_POST('action_menu'), REQUEST_POST('what_menu'));
197                                 } // END - if
198                         } else {
199                                 // ACL does already exist!
200                                 $content = getMessage('ADMIN_ADMINS_ACL_ALREADY_ADDED');
201                         }
202
203                         // Free memory
204                         SQL_FREERESULT($result);
205                 } else {
206                         // No menu selected makes also no sence...
207                         $content = getMessage('ADMIN_ADMINS_SELECT_ACTION_WHAT');
208                 }
209         } else {
210                 // Same mode makes no sence...
211                 $content = getMessage('ADMIN_ADMINS_SAME_MODE_SELECTED');
212         }
213
214         // Display message
215         LOAD_TEMPLATE("admin_settings_saved", false, $content);
216 } else {
217         // List all ACLs
218         $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` ORDER BY admin_id, id", __FILE__, __LINE__);
219         if (SQL_NUMROWS($result_acls) > 0) {
220                 // List ACLs
221                 $OUT = ""; $SW = 2;
222                 while ($content = SQL_FETCHARRAY($result_acls)) {
223                         // Prepare variables
224                         if (empty($content['action_menu'])) $content['action_menu'] = "---";
225                         if (empty($content['what_menu']))   $content['what_menu']   = "---";
226
227                         // Get mode
228                         $content['access_mode'] = constant('ADMINS_'.strtoupper($content['access_mode']).'_MODE');
229
230                         // Prepare data for the row template
231                         $content = array(
232                                 'sw'     => $SW,
233                                 'id'     => $content['id'],
234                                 'admin'  => GENERATE_AID_LINK($content['admin_id']),
235                                 'action' => $content['action_menu'],
236                                 'what'   => $content['what_menu'],
237                                 'mode'   => $content['access_mode'],
238                         );
239
240                         // Load row template and switch colors
241                         $OUT .= LOAD_TEMPLATE("admin_config_admins_row", true, $content);
242                         $SW = 3 - $SW;
243                 }
244
245                 // Free memory
246                 SQL_FREERESULT($result);
247                 define('__ACL_ROWS', $OUT);
248
249                 // Load main template
250                 LOAD_TEMPLATE("admin_config_admins");
251         }
252
253         // Prepare some constants for the template
254         define('_ADMINS_SELECTION', ADD_OPTION_LINES("admins", "id", "login", "", "default_acl"));
255         define('_ACTION_SELECTION', ADMIN_MENU_SELECTION("action"));
256         define('_WHAT_SELECTION'  , ADMIN_MENU_SELECTION("what"));
257         define('_MODE_OPTIONS'    ,
258                 ADD_OPTION_LINES(
259                         "/ARRAY/",
260                         array("allow", "deny"),
261                         array(
262                                 getMessage('ADMINS_ALLOW_MODE'),
263                                 getMessage('ADMINS_DENY_MODE')
264                         )
265                 )
266         );
267
268         // Load template for adding new ACL
269         LOAD_TEMPLATE("admin_admins_add_acl");
270 }
271
272 //
273 ?>