Re-added
[mailer.git] / inc / modules / admin / what-config_admins.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 06/30/2004 *
4  * ================                             Last change: 07/02/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File: what-config_admins.php                                         *
8  * -------------------------------------------------------------------- *
9  * Short description : Configure admin ACLs                             *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Admin-ACLs einstellen                            *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
37         require($INC);
38 }
39
40 // Add description as navigation point
41 ADD_DESCR("admin", basename(__FILE__));
42
43 $SEL = 0;
44 if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']);
45
46 if ((isset($_POST['edit'])) && ($SEL > 0)) {
47         // Edit ACLs
48         $SW = 2; $OUT = "";
49         foreach ($_POST['sel'] as $id => $sel) {
50                 // Load data for the ID
51                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
52                  array(bigintval($id)), __FILE__, __LINE__);
53                 list($aid, $act, $wht, $mode) = SQL_FETCHROW($result);
54                 SQL_FREERESULT($result);
55
56                 // Prepare data for the row template
57                 $content = array(
58                         'sw'               => $SW,
59                         'id'               => $id,
60                         'admins_selection' => ADD_OPTION_LINES("admins", "id", "login", $aid, "default_acl"),
61                         'action_selection' => ADMIN_MENU_SELECTION("action", $act, $id),
62                         'what_selection'   => ADMIN_MENU_SELECTION("what", $wht, $id),
63                         'mode_options'     => ADD_OPTION_LINES(
64                                 "/ARRAY/",
65                                 array("allow", "deny"),
66                                 array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE),
67                                 $mode
68                         ),
69                 );
70
71                 // Load row template
72                 $OUT .= LOAD_TEMPLATE("admin_config_admins_edit_row", true, $content);
73                 $SW = 3 - $SW;
74         }
75         define('__ACL_ROWS', $OUT);
76
77         // Load main template
78         LOAD_TEMPLATE("admin_config_admins_edit");
79 } elseif ((isset($_POST['change'])) && ($SEL > 0)) {
80         // Change entries
81         foreach ($_POST['sel'] as $id => $sel) {
82                 // Secure ID
83                 $id = bigintval($id);
84
85                 // Update entries
86                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins_acls SET admin_id=%s, action_menu='%s', what_menu='%s', access_mode='%s' WHERE id=%s LIMIT 1",
87                  array($_POST['admin'][$id], $_POST['action_menu'][$id], $_POST['what_menu'][$id], $_POST['mode'][$id], $id),__FILE__, __LINE__);
88         }
89
90         // Update cache when installed
91         if (EXT_IS_ACTIVE("cache")) {
92                 if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
93
94                 // Purge menu cache
95                 CACHE_PURGE_ADMIN_MENU($_POST['admin'][$id]);
96         }
97
98         // Entries changed
99         LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_CHANGED);
100 } elseif ((isset($_POST['del'])) && ($SEL > 0)) {
101         // Delete ACLs
102         $SW = 2; $OUT = "";
103         foreach ($_POST['sel'] as $id => $sel) {
104                 // Load data for the ID
105                 $result = SQL_QUERY_ESC("SELECT admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
106                  array(bigintval($id)), __FILE__, __LINE__);
107                 list($admin, $act, $wht, $mode) = SQL_FETCHROW($result);
108                 SQL_FREERESULT($result);
109
110                 // Prepare variables
111                 if (empty($act)) $act = "---";
112                 if (empty($wht)) $wht   = "---";
113                 $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;";
114                 eval($eval);
115
116                 // Load admin's data
117                 $login = GET_ADMIN_LOGIN($admin);
118                 if ($login != "***") {
119                         // Admin found
120                         $admin = "<A href=\"".URL."/modules.php?module=admin&amp;what=admins_contct&amp;admin=".$admin."\">".$login."</A>";
121                 } else {
122                         // Maybe deleted?
123                         $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
124                 }
125
126                 // Prepare data for the row template
127                 $content = array(
128                         'sw'     => $SW,
129                         'id'     => $id,
130                         'admin'  => $admin,
131                         'action' => $act,
132                         'what'   => $wht,
133                         'mode'   => $mode,
134                 );
135
136                 // Load row template and switch colors
137                 $OUT .= LOAD_TEMPLATE("admin_config_admins_del_row", true, $content);
138                 $SW = 3 - $SW;
139         }
140         define('__ACL_ROWS', $OUT);
141
142         // Load main template
143         LOAD_TEMPLATE("admin_config_admins_del");
144 } elseif ((isset($_POST['remove'])) && ($SEL > 0)) {
145         // Remove entries
146         foreach ($_POST['sel'] as $id => $sel) {
147                 $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins_acls WHERE id=%s LIMIT 1",
148                  array(bigintval($id)),__FILE__, __LINE__);
149         }
150
151         // Update cache when installed
152         if (EXT_IS_ACTIVE("cache")) {
153                 if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
154
155                 // @TODO This causes the whole (!) menu cache being rebuild
156                 CACHE_PURGE_ADMIN_MENU();
157         }
158
159         // Entries deleted
160         LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ADMINS_ENTRIES_DELETED);
161 } elseif (isset($_POST['add'])) {
162         // Check if everything is fine...
163         $mode = GET_ADMIN_DEFAULT_ACL(GET_ADMIN_LOGIN(bigintval($_POST['admin_id'])));
164
165         // Default ACL is false
166         $ACL = false;
167         if (!empty($_POST['what_menu'])) {
168                 // Check parent ACL
169                 $ACL = ADMINS_CHECK_ACL(GET_ACTION("admin", $_POST['what_menu']), "");
170         }
171
172         if ($mode != $_POST['mode'] || ($ACL)) {
173                 // Mode is fine
174                 $BOTH = ((!empty($_POST['action_menu'])) && (!empty($_POST['what_menu'])));
175                 if (((!empty($_POST['action_menu'])) || (!empty($_POST['what_menu']))) && (!$BOTH)) {
176                         // Main or sub menu selected
177                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%s AND action_menu='%s' AND what_menu='%s' LIMIT 1",
178                          array(bigintval($_POST['admin_id']), $_POST['action_menu'], $_POST['what_menu']), __FILE__, __LINE__);
179                         if (SQL_NUMROWS($result) == 0) {
180                                 // Finally add the new ACL
181                                 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins_acls (admin_id, action_menu, what_menu, access_mode)
182 VALUES ('%s','%s','%s','%s')",
183  array(
184         bigintval($_POST['admin_id']),
185         $_POST['action_menu'],
186         $_POST['what_menu'],
187         $_POST['mode']
188 ), __FILE__, __LINE__);
189                                 $content = ADMIN_ADMINS_ACL_SAVED;
190
191                                 // Update cache when installed
192                                 if (EXT_IS_ACTIVE("cache")) {
193                                         if ($cacheInstance->cache_file("admins_acls", true) == true) $cacheInstance->cache_destroy();
194
195                                         // Purge cache
196                                         CACHE_PURGE_ADMIN_MENU($_POST['admin_id'], $_POST['action_menu'], $_POST['what_menu']);
197                                 } // END - if
198                         } else {
199                                 // ACL does already exist!
200                                 $content = ADMIN_ADMINS_ACL_ALREADY_ADDED;
201                         }
202
203                         // Free memory
204                         SQL_FREERESULT($result);
205                 } else {
206                         // No menu selected makes also no sence...
207                         $content = ADMIN_ADMINS_SELECT_ACTION_WHAT;
208                 }
209         } else {
210                 // Same mode makes no sence...
211                 $content = ADMIN_ADMINS_SAME_MODE_SELECTED;
212         }
213
214         // Display message
215         LOAD_TEMPLATE("admin_settings_saved", false, $content);
216 } else {
217         // List all ACLs
218         $result_acls = SQL_QUERY("SELECT id, admin_id, action_menu, what_menu, access_mode FROM "._MYSQL_PREFIX."_admins_acls ORDER BY admin_id, id", __FILE__, __LINE__);
219         if (SQL_NUMROWS($result_acls) > 0)
220         {
221                 // List ACLs
222                 $SW = 2; $OUT = "";
223                 while(list($id, $admin, $act, $wht, $mode) = SQL_FETCHROW($result_acls))
224                 {
225                         // Prepare variables
226                         if (empty($act)) $act = "---";
227                         if (empty($wht))   $wht   = "---";
228                         $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;";
229                         eval($eval);
230
231                         // Load admin's data
232                         $login = GET_ADMIN_LOGIN($admin);
233                         if ($login != "***")
234                         {
235                                 // Admin found
236                                 $admin = "<A href=\"".URL."/modules.php?module=admin&amp;what=admins_contct&amp;admin=".$admin."\">".$login."</A>";
237                         }
238                          else
239                         {
240                                 // Maybe deleted?
241                                 $admin = "<FONT class=\"admin_note\">".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2."</FONT>";
242                         }
243
244                         // Prepare data for the row template
245                         $content = array(
246                                 'sw'     => $SW,
247                                 'id'     => $id,
248                                 'admin'  => $admin,
249                                 'action' => $act,
250                                 'what'   => $wht,
251                                 'mode'   => $mode,
252                         );
253
254                         // Load row template and switch colors
255                         $OUT .= LOAD_TEMPLATE("admin_config_admins_row", true, $content);
256                         $SW = 3 - $SW;
257                 }
258
259                 // Free memory
260                 SQL_FREERESULT($result);
261                 define('__ACL_ROWS', $OUT);
262
263                 // Load main template
264                 LOAD_TEMPLATE("admin_config_admins");
265         }
266
267         // Prepare some constants for the template
268         define('_ADMINS_SELECTION', ADD_OPTION_LINES("admins", "id", "login", "", "default_acl"));
269         define('_ACTION_SELECTION', ADMIN_MENU_SELECTION("action"));
270         define('_WHAT_SELECTION'  , ADMIN_MENU_SELECTION("what"));
271         define('_MODE_OPTIONS'    , ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE)));
272
273         // Load template for adding new ACL
274         LOAD_TEMPLATE("admin_admins_add_acl");
275 }
276
277 //
278 ?>