+++ /dev/null
-<?php
-/************************************************************************
- * MXChange v0.2.1 Start: 06/30/2003 *
- * =============== Last change: 11/27/2004 *
- * *
- * -------------------------------------------------------------------- *
- * File : admins_functions.php *
- * -------------------------------------------------------------------- *
- * Short description : Functions for the admins extension *
- * -------------------------------------------------------------------- *
- * Kurzbeschreibung : Funktionen fuer die admins-Erweiterung *
- * -------------------------------------------------------------------- *
- * *
- * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
- * For more information visit: http://www.mxchange.org *
- * *
- * This program is free software; you can redistribute it and/or modify *
- * it under the terms of the GNU General Public License as published by *
- * the Free Software Foundation; either version 2 of the License, or *
- * (at your option) any later version. *
- * *
- * This program is distributed in the hope that it will be useful, *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
- * GNU General Public License for more details. *
- * *
- * You should have received a copy of the GNU General Public License *
- * along with this program; if not, write to the Free Software *
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
- * MA 02110-1301 USA *
- ************************************************************************/
-
-// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
- require($INC);
-}
-//
-function ADMINS_CHECK_ACL($act, $wht)
-{
- global $_COOKIE, $ADMINS, $ADMINS_ACLS, $CONFIG;
- // If action is login or logout allow allways!
- if (($act == "login") || ($act == "logout")) return true;
-
- // Default is deny
- $ret = false;
-
- // Get admin's defult access right
- if (!empty($ADMINS['def_acl'][$_COOKIE['admin_login']]))
- {
- // Load from cache
- $default = $ADMINS['def_acl'][$_COOKIE['admin_login']];
-
- // Count cache hits
- $CONFIG['cache_hits']++;
- }
- else
- {
- // Load from database
- $result = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array($_COOKIE['admin_login']), __FILE__, __LINE__);
- list($default) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
-
- // Get admin's ID
- $aid = GET_ADMIN_ID($_COOKIE['admin_login']);
-
- if (!empty($wht))
- {
- // Check for parent menu:
- // First get it's action value
- $parent_action = GET_ACTION("admin", $wht);
-
- // Check with this function...
- $parent = ADMINS_CHECK_ACL($parent_action, "");
- }
- else
- {
- // Anything else is true!
- $parent = false;
- }
-
- // Shall I test for a main or sub menu? (action or what?)
- $lines = 0; $acl_mode = "failed";
- if (GET_EXT_VERSION("cache") >= "0.1.2")
- {
- // Load only from array when there are lines!
- if (count($ADMINS_ACLS) > 0)
- {
- // Load ACL from array
- foreach ($ADMINS_ACLS['admin_id'] as $id=>$aid_acls)
- {
- if ($aid == $aid_acls)
- {
- // Okay, one line was found!
- if ((!empty($act)) && ($ADMINS_ACLS['action_menu'][$id] == $act))
- {
- // Main menu line found
- $acl_mode = $ADMINS_ACLS['access_mode'][$id];
- $lines = 1;
- }
- elseif ((!empty($wht)) && ($ADMINS_ACLS['what_menu'][$id] == $wht))
- {
- // Check sub menu
- $acl_mode = $ADMINS_ACLS['access_mode'][$id];
- $lines = 1;
- }
- if ($lines == 1)
- {
- // Count cache hits
- $CONFIG['cache_hits']++;
- break;
- }
- }
- }
-
- // No ACL found?
- if ($acl_mode == "failed")
- {
- $acl_mode = "";
- $lines = 0;
- }
- }
- else
- {
- // No lines here
- $lines = 0;
- }
- }
- else
- {
- // Old version, so load it from database
- if (!empty($act))
- {
- // Main menu
- $result = SQL_QUERY_ESC("SELECT access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%d AND action_menu='%s' LIMIT 1",
- array(bigintval($aid), $act), __FILE__, __LINE__);
- }
- elseif (!empty($wht))
- {
- // Sub menu
- $result = SQL_QUERY_ESC("SELECT access_mode FROM "._MYSQL_PREFIX."_admins_acls WHERE admin_id=%d AND what_menu='%s' LIMIT 1",
- array(bigintval($aid), $wht), __FILE__, __LINE__);
- }
-
- // Get number of lines
- $lines = SQL_NUMROWS($result);
-
- // Load ACL
- list($acl_mode) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
- }
-
- // Check ACL and (maybe) allow
- if ((($default == "allow") && ($lines == 0)) || (($default == "deny") && ($lines == "1") && ($acl_mode == "allow")) || (($lines == 0) && ($parent))) $ret = true;
-
- // Return value
- return $ret;
-}
-// Create email link to admins's account
-function ADMINS_CREATE_EMAIL_LINK($email, $mod="admin")
-{
- $locked = " AND status='CONFIRMED'";
- if (IS_ADMIN()) $locked = "";
- if (strpos("@", $email) > 0)
- {
- // Create email link
- $result = SQL_QUERY_ESC("SELECT id
-FROM "._MYSQL_PREFIX."_admins
-WHERE email='%s'".$locked." LIMIT 1",
- array($email), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Load userid
- list($uid) = SQL_FETCHROW($result);
-
- // Rewrite email address to contact link
- $email = URL."/modules.php?module=".$mod."&what=user_contct&u_id=".bigintval($uid);
- }
-
- // Free memory
- SQL_FREERESULT($result);
- }
- elseif (bigintval($email) > 0)
- {
- // Direct ID given
- $email = URL."/modules.php?module=".$mod."&what=admins_contct&admin=".bigintval($email);
- }
-
- // Return rewritten (?) email address
- return $email;
-}
-//
-?>