projects / mailer.git / blob
? search:


d75a08ed75e9e2851d947594b362ed005704af1c
[mailer.git] / inc / modules / admin / what-config_admins.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 06/30/2004 *
4  * ================                             Last change: 07/02/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File: what-config_admins.php                                         *
8  * -------------------------------------------------------------------- *
9  * Short description : Configure admin ACLs                             *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Admin-ACLs einstellen                            *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
36 {
37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
38         require($INC);
39 }
40 // Add description as navigation point
41 ADD_DESCR("admin", basename(__FILE__));
42
43 $SEL = 0;
44 if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']);
45
46 if ((isset($_POST['edit'])) && ($SEL > 0))
47 {
48         // Edit ACLs
49         $SW = 2; $OUT = "";
50         foreach ($_POST['sel'] as $id=>$sel)
51         {
52                 // Load data for the ID
53                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
54                  array(bigintval($id)), __FILE__, __LINE__);
55                 list($aid, $act, $wht, $mode) = SQL_FETCHROW($result);
56                 SQL_FREERESULT($result);
57
58                 // Prepare data for the row template
59                 $content = array(
60                         'sw'               => $SW,
61                         'id'               => $id,
62                         'admins_selection' => ADD_OPTION_LINES("admins", "id", "login", $aid, "default_acl"),
63                         'action_selection' => ADMIN_MENU_SELECTION("action", $act, $id),
64                         'what_selection'   => ADMIN_MENU_SELECTION("what", $wht, $id),
65                         'mode_options'     => ADD_OPTION_LINES(
66                                 "/ARRAY/",
67                                 array("allow", "deny"),
68                                 array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE),
69                                 $mode
70                         ),
71                 );
72
73                 // Load row template
74                 $OUT .= LOAD_TEMPLATE("admin_config_admins_edit_row", true, $content);
75                 $SW = 3 - $SW;
76         }
77         define('__ACL_ROWS', $OUT);
78
79         // Load main template
80         LOAD_TEMPLATE("admin_config_admins_edit");
81 }
82  elseif ((isset($_POST['change'])) && ($SEL > 0))
83 {
84         // Change entries
85         foreach ($_POST['sel'] as $id=>$sel)
86         {
87                 // Secure ID
88                 $id = bigintval($id);
89
90                 // Update entries
91                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins_acls SET admin_id=%s, action_menu='%s', what_menu='%s', access_mode='%s' WHERE id=%s LIMIT 1",
92                  array($_POST['admin'][$id], $_POST['action_menu'][$id], $_POST['what_menu'][$id], $_POST['mode'][$id], $id),__FILE__, __LINE__);
93         }
94
95         // Update cache when installed
96         if (EXT_IS_ACTIVE("cache"))
97         {
98                 if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
99         }
100
101         // Entries changed
102         LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_CHANGED);
103 }
104  elseif ((isset($_POST['del'])) && ($SEL > 0))
105 {
106         // Delete ACLs
107         $SW = 2; $OUT = "";
108         foreach ($_POST['sel'] as $id=>$sel)
109         {
110                 // Load data for the ID
111                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
112                  array(bigintval($id)), __FILE__, __LINE__);
113                 list($admin, $act, $wht, $mode) = SQL_FETCHROW($result);
114                 SQL_FREERESULT($result);
115
116                 // Prepare variables
117                 if (empty($act)) $act = "---";
118                 if (empty($wht))   $wht   = "---";
119                 $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;";
120                 eval($eval);
121
122                 // Load admin's data
123                 $login = GET_ADMIN_LOGIN($admin);
124                 if ($login != "***")
125                 {
126                         // Admin found
127                         $admin = "<A href=\"".URL."/modules.php?module=admin&amp;what=admins_contct&amp;admin=".$admin."\">".$login."</A>";
128                 }
129                  else
130                 {
131                         // Maybe deleted?
132                         $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
133                 }
134
135                 // Prepare data for the row template
136                 $content = array(
137                         'sw'     => $SW,
138                         'id'     => $id,
139                         'admin'  => $admin,
140                         'action' => $act,
141                         'what'   => $wht,
142                         'mode'   => $mode,
143                 );
144
145                 // Load row template and switch colors
146                 $OUT .= LOAD_TEMPLATE("admin_config_admins_del_row", true, $content);
147                 $SW = 3 - $SW;
148         }
149         define('__ACL_ROWS', $OUT);
150
151         // Load main template
152         LOAD_TEMPLATE("admin_config_admins_del");
153 }
154  elseif ((isset($_POST['remove'])) && ($SEL > 0))
155 {
156         // Remove entries
157         foreach ($_POST['sel'] as $id=>$sel)
158         {
159                 $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
160                  array(bigintval($id)),__FILE__, __LINE__);
161         }
162
163         // Update cache when installed
164         if (EXT_IS_ACTIVE("cache"))
165         {
166                 if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
167         }
168
169         // Entries deleted
170         LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_DELETED);
171 }
172  elseif (isset($_POST['add']))
173 {
174         // Check if everything is fine...
175         $result = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
176          array(bigintval($_POST['admin_id'])), __FILE__, __LINE__);
177         list($mode) = SQL_FETCHROW($result);
178         SQL_FREERESULT($result);
179
180         // Default ACL is false
181         $ACL = false;
182         if (!empty($_POST['what_menu']))
183         {
184                 // Check parent ACL
185                 $ACL = ADMINS_CHECK_ACL(GET_ACTION("admin", $_POST['what_menu']), "");
186         }
187
188         if ($mode != $_POST['mode'] || ($ACL))
189         {
190                 // Mode is fine
191                 $BOTH = ((!empty($_POST['action_menu'])) && (!empty($_POST['what_menu'])));
192                 if (((!empty($_POST['action_menu'])) || (!empty($_POST['what_menu']))) && (!$BOTH))
193                 {
194                         // Main or sub menu selected
195                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%s AND action_menu='%s' AND what_menu='%s' LIMIT 1",
196                          array(bigintval($_POST['admin_id']), $_POST['action_menu'], $_POST['what_menu']), __FILE__, __LINE__);
197                         if (SQL_NUMROWS($result) == 0)
198                         {
199                                 // Finally add the new ACL
200                                 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins_acls (admin_id, action_menu, what_menu, access_mode)
201 VALUES ('%s', '%s', '%s', '%s')",
202  array(
203         $_POST['admin_id'],
204         $_POST['action_menu'],
205         $_POST['what_menu'],
206         $_POST['mode']
207 ), __FILE__, __LINE__);
208                                 $content = ADMIN_ADMINS_ACL_SAVED;
209
210                                 // Update cache when installed
211                                 if (EXT_IS_ACTIVE("cache"))
212                                 {
213                                         if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
214                                 }
215                         }
216                          else
217                         {
218                                 // ACL does already exist!
219                                 $content = ADMIN_ADMINS_ACL_ALREADY_ADDED;
220                         }
221
222                         // Free memory
223                         SQL_FREERESULT($result);
224                 }
225                  else
226                 {
227                         // No menu selected makes also no sence...
228                         $content = ADMIN_ADMINS_SELECT_ACTION_WHAT;
229                 }
230         }
231          else
232         {
233                 // Same mode makes no sence...
234                 $content = ADMIN_ADMINS_SAME_MODE_SELECTED;
235         }
236
237         // Display message
238         LOAD_TEMPLATE("admin_settings_saved", false, $content);
239 }
240  else
241 {
242         // List all ACLs
243         $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls ORDER BY admin_id, id", __FILE__, __LINE__);
244         if (SQL_NUMROWS($result_acls) > 0)
245         {
246                 // List ACLs
247                 $SW = 2; $OUT = "";
248                 while(list($id, $admin, $act, $wht, $mode) = SQL_FETCHROW($result_acls))
249                 {
250                         // Prepare variables
251                         if (empty($act)) $act = "---";
252                         if (empty($wht))   $wht   = "---";
253                         $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;";
254                         eval($eval);
255
256                         // Load admin's data
257                         $login = GET_ADMIN_LOGIN($admin);
258                         if ($login != "***")
259                         {
260                                 // Admin found
261                                 $admin = "<A href=\"".URL."/modules.php?module=admin&amp;what=admins_contct&amp;admin=".$admin."\">".$login."</A>";
262                         }
263                          else
264                         {
265                                 // Maybe deleted?
266                                 $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
267                         }
268
269                         // Prepare data for the row template
270                         $content = array(
271                                 'sw'     => $SW,
272                                 'id'     => $id,
273                                 'admin'  => $admin,
274                                 'action' => $act,
275                                 'what'   => $wht,
276                                 'mode'   => $mode,
277                         );
278
279                         // Load row template and switch colors
280                         $OUT .= LOAD_TEMPLATE("admin_config_admins_row", true, $content);
281                         $SW = 3 - $SW;
282                 }
283
284                 // Free memory
285                 SQL_FREERESULT($result);
286                 define('__ACL_ROWS', $OUT);
287
288                 // Load main template
289                 LOAD_TEMPLATE("admin_config_admins");
290         }
291
292         // Prepare some constants for the template
293         define('_ADMINS_SELECTION', ADD_OPTION_LINES("admins", "id", "login", "", "default_acl"));
294         define('_ACTION_SELECTION', ADMIN_MENU_SELECTION("action"));
295         define('_WHAT_SELECTION'  , ADMIN_MENU_SELECTION("what"));
296         define('_MODE_OPTIONS'    , ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE)));
297
298         // Load template for adding new ACL
299         LOAD_TEMPLATE("admin_admins_add_acl");
300 }
301 //
302 ?>
Mailer-Project repository