inc/modules/admin/what-config_admins.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 06/30/2004 *
   4  * ================                             Last change: 07/02/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File: what-config_admins.php                                         *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Configure admin ACLs                             *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Admin-ACLs einstellen                            *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * Needs to be in all Files and every File needs "svn propset           *
  18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  19  * -------------------------------------------------------------------- *
  20  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  21  * For more information visit: http://www.mxchange.org                  *
  22  *                                                                      *
  23  * This program is free software; you can redistribute it and/or modify *
  24  * it under the terms of the GNU General Public License as published by *
  25  * the Free Software Foundation; either version 2 of the License, or    *
  26  * (at your option) any later version.                                  *
  27  *                                                                      *
  28  * This program is distributed in the hope that it will be useful,      *
  29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  31  * GNU General Public License for more details.                         *
  32  *                                                                      *
  33  * You should have received a copy of the GNU General Public License    *
  34  * along with this program; if not, write to the Free Software          *
  35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  36  * MA  02110-1301  USA                                                  *
  37  ************************************************************************/
  38
  39 // Some security stuff...
  40 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
  41         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
  42         require($INC);
  43 }
  44
  45 // Add description as navigation point
  46 ADD_DESCR('admin', __FILE__);
  47
  48 $SEL = 0;
  49 if (REQUEST_ISSET_POST('sel')) $SEL = countPostSelection();
  50
  51 if ((REQUEST_ISSET_POST('edit')) && ($SEL > 0)) {
  52         // Edit ACLs
  53         $OUT = ''; $SW = 2;
  54         foreach (REQUEST_POST('sel') as $id => $selected) {
  55                 // Load data for the ID
  56                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE `id`=%s LIMIT 1",
  57                         array(bigintval($id)), __FILE__, __LINE__);
  58                 list($aid, $act, $wht, $mode) = SQL_FETCHROW($result);
  59                 SQL_FREERESULT($result);
  60
  61                 // Prepare data for the row template
  62                 $content = array(
  63                         'sw'               => $SW,
  64                         'id'               => $id,
  65                         'admins_selection' => generateOptionList('admins', 'id', 'login', $aid, 'default_acl'),
  66                         'action_selection' => ADMIN_MENU_SELECTION('action', $act, $id),
  67                         'what_selection'   => ADMIN_MENU_SELECTION('what', $wht, $id),
  68                         'mode_options'     => generateOptionList(
  69                                 '/ARRAY/',
  70                                 array('allow', 'deny'),
  71                                 array(
  72                                         constant('ADMINS_ALLOW_MODE'),
  73                                         constant('ADMINS_DENY_MODE')
  74                                 ),
  75                                 $mode
  76                         ),
  77                 );
  78
  79                 // Load row template
  80                 $OUT .= LOAD_TEMPLATE('admin_config_admins_edit_row', true, $content);
  81                 $SW = 3 - $SW;
  82         }
  83         define('__ACL_ROWS', $OUT);
  84
  85         // Load main template
  86         LOAD_TEMPLATE('admin_config_admins_edit');
  87 } elseif ((REQUEST_ISSET_POST('change')) && ($SEL > 0)) {
  88         // Change entries
  89         foreach (REQUEST_POST('sel') as $id => $selected) {
  90                 // Secure ID
  91                 $id = bigintval($id);
  92
  93                 // Update entries
  94                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins_acls` SET admin_id=%s, action_menu='%s', what_menu='%s', access_mode='%s' WHERE `id`=%s LIMIT 1",
  95                 array(
  96                         REQUEST_POST('admin', $id),
  97                         REQUEST_POST('action_menu', $id),
  98                         REQUEST_POST('what_menu', $id),
  99                         REQUEST_POST('mode', $id),
 100                         $id
 101                 ),__FILE__, __LINE__);
 102         } // END - foreach
 103
 104         // Update cache when installed
 105         if (EXT_IS_ACTIVE('cache')) {
 106                 if ($GLOBALS['cache_instance']->loadCacheFile('admins_acls')) $GLOBALS['cache_instance']->destroyCacheFile();
 107
 108                 // Purge menu cache
 109                 cachePurgeAdminMenu(REQUEST_POST('admin', $id));
 110         } // END - if
 111
 112         // Entries changed
 113         LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_ADMINS_ENTRIES_CHANGED'));
 114 } elseif ((REQUEST_ISSET_POST('del')) && ($SEL > 0)) {
 115         // Delete ACLs
 116         $OUT = ''; $SW = 2;
 117         foreach (REQUEST_POST('sel') as $id => $selected) {
 118                 // Load data for the ID
 119                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE `id`=%s LIMIT 1",
 120                         array(bigintval($id)), __FILE__, __LINE__);
 121                 list($admin, $act, $wht, $mode) = SQL_FETCHROW($result);
 122                 SQL_FREERESULT($result);
 123
 124                 // Prepare variables
 125                 if (empty($act)) $act = '---';
 126                 if (empty($wht)) $wht = '---';
 127
 128                 // Get admin mode
 129                 $mode = constant('ADMINS_'.strtoupper($mode).'_MODE');
 130
 131                 // Generate link
 132                 $admin = generateAdminLink($admin);
 133
 134                 // Prepare data for the row template
 135                 $content = array(
 136                         'sw'     => $SW,
 137                         'id'     => $id,
 138                         'admin'  => $admin,
 139                         'action' => $act,
 140                         'what'   => $wht,
 141                         'mode'   => $mode,
 142                 );
 143
 144                 // Load row template and switch colors
 145                 $OUT .= LOAD_TEMPLATE('admin_config_admins_del_row', true, $content);
 146                 $SW = 3 - $SW;
 147         } // END - foreach
 148         define('__ACL_ROWS', $OUT);
 149
 150         // Load main template
 151         LOAD_TEMPLATE('admin_config_admins_del');
 152 } elseif ((REQUEST_ISSET_POST('remove')) && ($SEL > 0)) {
 153         // Remove entries
 154         // @TODO Rewrite this to filter 'run_sqls'
 155         foreach (REQUEST_POST('sel') as $id => $selected) {
 156                 SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE `id`=%s LIMIT 1",
 157                         array(bigintval($id)),__FILE__, __LINE__);
 158         } // END - foreach
 159
 160         // Update cache when installed
 161         if (EXT_IS_ACTIVE('cache')) {
 162                 if ($GLOBALS['cache_instance']->loadCacheFile('admins_acls')) $GLOBALS['cache_instance']->destroyCacheFile();
 163
 164                 // @TODO This causes the whole (!) menu cache being rebuild
 165                 cachePurgeAdminMenu();
 166         } // END - if
 167
 168         // Entries deleted
 169         LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_ADMINS_ENTRIES_DELETED'));
 170 } elseif (REQUEST_ISSET_POST('add')) {
 171         // Check if everything is fine...
 172         $mode = getAdminDefaultAcl(bigintval(REQUEST_POST('admin_id')));
 173
 174         // Default ACL is false
 175         $ACL = false;
 176         if (REQUEST_ISSET_POST('what_menu')) {
 177                 // Check parent ACL
 178                 $ACL = adminsCheckAdminAcl(getModeAction('admin', REQUEST_POST('what_menu')), '');
 179         } // END - if
 180
 181         if (($mode != REQUEST_POST('mode')) || ($ACL)) {
 182                 // Mode is fine
 183                 $BOTH = ((REQUEST_ISSET_POST('action_menu')) && (REQUEST_ISSET_POST('what_menu')));
 184                 if (((REQUEST_ISSET_POST('action_menu')) || (REQUEST_ISSET_POST('what_menu'))) && (!$BOTH)) {
 185                         // Main or sub menu selected
 186                         $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE admin_id=%s AND action_menu='%s' AND what_menu='%s' LIMIT 1",
 187                                 array(bigintval(REQUEST_POST('admin_id')), REQUEST_POST('action_menu'), REQUEST_POST('what_menu')), __FILE__, __LINE__);
 188                         if (SQL_NUMROWS($result) == 0) {
 189                                 // Finally add the new ACL
 190                                 SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins_acls` (admin_id, action_menu, what_menu, access_mode)
 191 VALUES ('%s','%s','%s','%s')",
 192                                 array(
 193                                         bigintval(REQUEST_POST('admin_id')),
 194                                         REQUEST_POST('action_menu'),
 195                                         REQUEST_POST('what_menu'),
 196                                         REQUEST_POST('mode')
 197                                 ), __FILE__, __LINE__);
 198                                 $content = getMessage('ADMIN_ADMINS_ACL_SAVED');
 199
 200                                 // Update cache when installed
 201                                 if (EXT_IS_ACTIVE('cache')) {
 202                                         if ($GLOBALS['cache_instance']->loadCacheFile('admins_acls')) $GLOBALS['cache_instance']->destroyCacheFile();
 203
 204                                         // Purge cache
 205                                         cachePurgeAdminMenu(REQUEST_POST('admin_id'), REQUEST_POST('action_menu'), REQUEST_POST('what_menu'));
 206                                 } // END - if
 207                         } else {
 208                                 // ACL does already exist!
 209                                 $content = getMessage('ADMIN_ADMINS_ACL_ALREADY_ADDED');
 210                         }
 211
 212                         // Free memory
 213                         SQL_FREERESULT($result);
 214                 } else {
 215                         // No menu selected makes also no sence...
 216                         $content = getMessage('ADMIN_ADMINS_SELECT_ACTION_WHAT');
 217                 }
 218         } else {
 219                 // Same mode makes no sence...
 220                 $content = getMessage('ADMIN_ADMINS_SAME_MODE_SELECTED');
 221         }
 222
 223         // Display message
 224         LOAD_TEMPLATE('admin_settings_saved', false, $content);
 225 } else {
 226         // List all ACLs
 227         $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` ORDER BY admin_id, id", __FILE__, __LINE__);
 228
 229         // Entries found?
 230         if (SQL_NUMROWS($result_acls) > 0) {
 231                 // List ACLs
 232                 $OUT = ''; $SW = 2;
 233                 while ($content = SQL_FETCHARRAY($result_acls)) {
 234                         // Prepare variables
 235                         if (empty($content['action_menu'])) $content['action_menu'] = '---';
 236                         if (empty($content['what_menu']))   $content['what_menu']   = '---';
 237
 238                         // Get mode
 239                         $content['access_mode'] = constant('ADMINS_'.strtoupper($content['access_mode']).'_MODE');
 240
 241                         // Prepare data for the row template
 242                         $content = array(
 243                                 'sw'     => $SW,
 244                                 'id'     => $content['id'],
 245                                 'admin'  => generateAdminLink($content['admin_id']),
 246                                 'action' => $content['action_menu'],
 247                                 'what'   => $content['what_menu'],
 248                                 'mode'   => $content['access_mode'],
 249                         );
 250
 251                         // Load row template and switch colors
 252                         $OUT .= LOAD_TEMPLATE('admin_config_admins_row', true, $content);
 253                         $SW = 3 - $SW;
 254                 } // END - while
 255
 256                 // Free memory
 257                 SQL_FREERESULT($result);
 258                 define('__ACL_ROWS', $OUT);
 259
 260                 // Load main template
 261                 LOAD_TEMPLATE('admin_config_admins');
 262         } // END - if
 263
 264         // Prepare some constants for the template
 265         define('_ADMINS_SELECTION', generateOptionList('admins', 'id', 'login', '', 'default_acl'));
 266         define('_ACTION_SELECTION', ADMIN_MENU_SELECTION('action'));
 267         define('_WHAT_SELECTION'  , ADMIN_MENU_SELECTION('what'));
 268         define('_MODE_OPTIONS'    , generateOptionList(
 269                 '/ARRAY/',
 270                 array('allow', 'deny'),
 271                 array(
 272                         getMessage('ADMINS_ALLOW_MODE'),
 273                         getMessage('ADMINS_DENY_MODE')
 274                 )
 275         ));
 276
 277         // Load template for adding new ACL
 278         LOAD_TEMPLATE('admin_admins_add_acl');
 279 }
 280
 281 //
 282 ?>