d74d041d96281c950ab87a8d6986528d30242405
[mailer.git] / inc / modules / admin / what-config_admins.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 06/30/2004 *
4  * ================                             Last change: 07/02/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File: what-config_admins.php                                         *
8  * -------------------------------------------------------------------- *
9  * Short description : Configure admin ACLs                             *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Admin-ACLs einstellen                            *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
37         require($INC);
38 }
39
40 // Add description as navigation point
41 ADD_DESCR("admin", __FILE__);
42
43 $SEL = 0;
44 if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']);
45
46 if ((isset($_POST['edit'])) && ($SEL > 0)) {
47         // Edit ACLs
48         $SW = 2; $OUT = "";
49         foreach ($_POST['sel'] as $id => $sel) {
50                 // Load data for the ID
51                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
52                  array(bigintval($id)), __FILE__, __LINE__);
53                 list($aid, $act, $wht, $mode) = SQL_FETCHROW($result);
54                 SQL_FREERESULT($result);
55
56                 // Prepare data for the row template
57                 $content = array(
58                         'sw'               => $SW,
59                         'id'               => $id,
60                         'admins_selection' => ADD_OPTION_LINES("admins", "id", "login", $aid, "default_acl"),
61                         'action_selection' => ADMIN_MENU_SELECTION("action", $act, $id),
62                         'what_selection'   => ADMIN_MENU_SELECTION("what", $wht, $id),
63                         'mode_options'     => ADD_OPTION_LINES(
64                                 "/ARRAY/",
65                                 array("allow", "deny"),
66                                 array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE),
67                                 $mode
68                         ),
69                 );
70
71                 // Load row template
72                 $OUT .= LOAD_TEMPLATE("admin_config_admins_edit_row", true, $content);
73                 $SW = 3 - $SW;
74         }
75         define('__ACL_ROWS', $OUT);
76
77         // Load main template
78         LOAD_TEMPLATE("admin_config_admins_edit");
79 } elseif ((isset($_POST['change'])) && ($SEL > 0)) {
80         // Change entries
81         foreach ($_POST['sel'] as $id => $sel) {
82                 // Secure ID
83                 $id = bigintval($id);
84
85                 // Update entries
86                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins_acls SET admin_id=%s, action_menu='%s', what_menu='%s', access_mode='%s' WHERE id=%s LIMIT 1",
87                  array($_POST['admin'][$id], $_POST['action_menu'][$id], $_POST['what_menu'][$id], $_POST['mode'][$id], $id),__FILE__, __LINE__);
88         }
89
90         // Update cache when installed
91         if (EXT_IS_ACTIVE("cache")) {
92                 if ($cacheInstance->loadCacheFile("admins_acls")) $cacheInstance->destroyCacheFile();
93
94                 // Purge menu cache
95                 CACHE_PURGE_ADMIN_MENU($_POST['admin'][$id]);
96         }
97
98         // Entries changed
99         LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_CHANGED);
100 } elseif ((isset($_POST['del'])) && ($SEL > 0)) {
101         // Delete ACLs
102         $SW = 2; $OUT = "";
103         foreach ($_POST['sel'] as $id => $sel) {
104                 // Load data for the ID
105                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
106                  array(bigintval($id)), __FILE__, __LINE__);
107                 list($admin, $act, $wht, $mode) = SQL_FETCHROW($result);
108                 SQL_FREERESULT($result);
109
110                 // Prepare variables
111                 if (empty($act)) $act = "---";
112                 if (empty($wht)) $wht   = "---";
113
114                 // Get admin mode
115                 $mode = constant('ADMINS_'.strtoupper($mode).'_MODE');
116
117                 // Load admin's data
118                 $login = GET_ADMIN_LOGIN($admin);
119                 if ($login != "***") {
120                         // Admin found
121                         $admin = "<A href=\"".URL."/modules.php?module=admin&amp;what=admins_contct&amp;admin=".$admin."\">".$login."</A>";
122                 } else {
123                         // Maybe deleted?
124                         $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
125                 }
126
127                 // Prepare data for the row template
128                 $content = array(
129                         'sw'     => $SW,
130                         'id'     => $id,
131                         'admin'  => $admin,
132                         'action' => $act,
133                         'what'   => $wht,
134                         'mode'   => $mode,
135                 );
136
137                 // Load row template and switch colors
138                 $OUT .= LOAD_TEMPLATE("admin_config_admins_del_row", true, $content);
139                 $SW = 3 - $SW;
140         }
141         define('__ACL_ROWS', $OUT);
142
143         // Load main template
144         LOAD_TEMPLATE("admin_config_admins_del");
145 } elseif ((isset($_POST['remove'])) && ($SEL > 0)) {
146         // Remove entries
147         foreach ($_POST['sel'] as $id => $sel) {
148                 $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
149                  array(bigintval($id)),__FILE__, __LINE__);
150         }
151
152         // Update cache when installed
153         if (EXT_IS_ACTIVE("cache")) {
154                 if ($cacheInstance->loadCacheFile("admins_acls")) $cacheInstance->destroyCacheFile();
155
156                 // @TODO This causes the whole (!) menu cache being rebuild
157                 CACHE_PURGE_ADMIN_MENU();
158         }
159
160         // Entries deleted
161         LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_DELETED);
162 } elseif (isset($_POST['add'])) {
163         // Check if everything is fine...
164         $mode = GET_ADMIN_DEFAULT_ACL(bigintval($_POST['admin_id']));
165
166         // Default ACL is false
167         $ACL = false;
168         if (!empty($_POST['what_menu'])) {
169                 // Check parent ACL
170                 $ACL = ADMINS_CHECK_ACL(GET_ACTION("admin", $_POST['what_menu']), "");
171         }
172
173         if ($mode != $_POST['mode'] || ($ACL)) {
174                 // Mode is fine
175                 $BOTH = ((!empty($_POST['action_menu'])) && (!empty($_POST['what_menu'])));
176                 if (((!empty($_POST['action_menu'])) || (!empty($_POST['what_menu']))) && (!$BOTH)) {
177                         // Main or sub menu selected
178                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%s AND action_menu='%s' AND what_menu='%s' LIMIT 1",
179                          array(bigintval($_POST['admin_id']), $_POST['action_menu'], $_POST['what_menu']), __FILE__, __LINE__);
180                         if (SQL_NUMROWS($result) == 0) {
181                                 // Finally add the new ACL
182                                 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins_acls (admin_id, action_menu, what_menu, access_mode)
183 VALUES ('%s','%s','%s','%s')",
184  array(
185         bigintval($_POST['admin_id']),
186         $_POST['action_menu'],
187         $_POST['what_menu'],
188         $_POST['mode']
189 ), __FILE__, __LINE__);
190                                 $content = ADMIN_ADMINS_ACL_SAVED;
191
192                                 // Update cache when installed
193                                 if (EXT_IS_ACTIVE("cache")) {
194                                         if ($cacheInstance->loadCacheFile("admins_acls")) $cacheInstance->destroyCacheFile();
195
196                                         // Purge cache
197                                         CACHE_PURGE_ADMIN_MENU($_POST['admin_id'], $_POST['action_menu'], $_POST['what_menu']);
198                                 } // END - if
199                         } else {
200                                 // ACL does already exist!
201                                 $content = ADMIN_ADMINS_ACL_ALREADY_ADDED;
202                         }
203
204                         // Free memory
205                         SQL_FREERESULT($result);
206                 } else {
207                         // No menu selected makes also no sence...
208                         $content = ADMIN_ADMINS_SELECT_ACTION_WHAT;
209                 }
210         } else {
211                 // Same mode makes no sence...
212                 $content = ADMIN_ADMINS_SAME_MODE_SELECTED;
213         }
214
215         // Display message
216         LOAD_TEMPLATE("admin_settings_saved", false, $content);
217 } else {
218         // List all ACLs
219         $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls ORDER BY admin_id, id", __FILE__, __LINE__);
220         if (SQL_NUMROWS($result_acls) > 0)
221         {
222                 // List ACLs
223                 $SW = 2; $OUT = "";
224                 while(list($id, $admin, $act, $wht, $mode) = SQL_FETCHROW($result_acls))
225                 {
226                         // Prepare variables
227                         if (empty($act)) $act = "---";
228                         if (empty($wht))   $wht   = "---";
229
230                         // Get mode
231                         $mode = constant('ADMINS_'.strtoupper($mode).'_MODE');
232
233                         // Load admin's data
234                         $login = GET_ADMIN_LOGIN($admin);
235                         if ($login != "***")
236                         {
237                                 // Admin found
238                                 $admin = "<A href=\"".URL."/modules.php?module=admin&amp;what=admins_contct&amp;admin=".$admin."\">".$login."</A>";
239                         }
240                          else
241                         {
242                                 // Maybe deleted?
243                                 $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
244                         }
245
246                         // Prepare data for the row template
247                         $content = array(
248                                 'sw'     => $SW,
249                                 'id'     => $id,
250                                 'admin'  => $admin,
251                                 'action' => $act,
252                                 'what'   => $wht,
253                                 'mode'   => $mode,
254                         );
255
256                         // Load row template and switch colors
257                         $OUT .= LOAD_TEMPLATE("admin_config_admins_row", true, $content);
258                         $SW = 3 - $SW;
259                 }
260
261                 // Free memory
262                 SQL_FREERESULT($result);
263                 define('__ACL_ROWS', $OUT);
264
265                 // Load main template
266                 LOAD_TEMPLATE("admin_config_admins");
267         }
268
269         // Prepare some constants for the template
270         define('_ADMINS_SELECTION', ADD_OPTION_LINES("admins", "id", "login", "", "default_acl"));
271         define('_ACTION_SELECTION', ADMIN_MENU_SELECTION("action"));
272         define('_WHAT_SELECTION'  , ADMIN_MENU_SELECTION("what"));
273         define('_MODE_OPTIONS'    , ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE)));
274
275         // Load template for adding new ACL
276         LOAD_TEMPLATE("admin_admins_add_acl");
277 }
278
279 //
280 ?>