* -------------------------------------------------------------------- *\r
* *\r
* -------------------------------------------------------------------- *\r
- * Copyright (c) 2003 - 2007 by Roland Haeder *\r
+ * Copyright (c) 2003 - 2008 by Roland Haeder *\r
* For more information visit: http://www.mxchange.org *\r
* *\r
* This program is free software; you can redistribute it and/or modify *\r
************************************************************************/\r
\r
// Some security stuff...\r
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))\r
-{\r
+if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {\r
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";\r
require($INC);\r
-}\r
+}
+\r
// Add description as navigation point\r
ADD_DESCR("admin", basename(__FILE__));\r
\r
global $CACHE, $KEEP_ACTIVE, $CACHE_FILE;\r
\r
// Normally we want the overview of all registered extensions\r
-$mode = "overview";\r
+$do = "overview";\r
$SEL = "0";\r
if (!empty($_POST['sel'])) $SEL = SELECTION_COUNT($_POST['sel']);\r
\r
-if (!empty($_GET['reg_ext']))\r
-{\r
+if (!empty($_GET['reg_ext'])) {\r
// We are about to register a new extension\r
- $mode = "register"; $id = $_GET['reg_ext'];\r
+ $do = "register"; $id = $_GET['reg_ext'];\r
// The ID comes from task management and it is - of course - *not* the extension's name!\r
-}\r
- elseif ((isset($_POST['change'])) && ($SEL > 0) && (!IS_DEMO()))\r
-{\r
+} elseif ((isset($_POST['change'])) && ($SEL > 0) && (!IS_DEMO())) {\r
// De-/activate extensions\r
foreach ($_POST['sel'] as $id=>$active) {\r
// Shall we keep the extension always active?\r
EXTENSION_RUN_SQLS($id, $EXT_LOAD_MODE);\r
}\r
}\r
-}\r
- elseif (((isset($_POST['edit'])) || (isset($_POST['modify']))) && ($SEL > 0) && (!IS_DEMO()))\r
-{\r
+} elseif (((isset($_POST['edit'])) || (isset($_POST['modify']))) && ($SEL > 0) && (!IS_DEMO())) {\r
// Change settings like CSS file load\r
- if (isset($_POST['modify']))\r
- {\r
+ if (isset($_POST['modify'])) {\r
// Change entries\r
$CACHE_UPDATE = "0";\r
- foreach ($_POST['sel'] as $id=>$sel)\r
- {\r
+ foreach ($_POST['sel'] as $id=>$sel) {\r
// Secure ID\r
$id = bigintval($id);\r
\r
// Change this extension?\r
- if ($sel == 1)\r
- {\r
+ if ($sel == 1) {\r
// Update extension's record\r
$active = $_POST['active'][$id];\r
- if (GET_EXT_VERSION("sql_patches") >= "0.0.6")\r
- {\r
+ if (GET_EXT_VERSION("sql_patches") >= "0.0.6") {\r
// Update also CSS column when extensions sql_patches is newer or exact v0.0.6\r
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_has_css='%s', ext_active='%s' WHERE id=%d LIMIT 1",\r
array($_POST['css'][$id], $active, $id), __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
+ } else {\r
// When extension is older than v0.0.6 there is no column for the CSS information\r
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_extensions SET ext_active='%s' WHERE id=%d LIMIT 1",\r
array($active, $id), __FILE__, __LINE__);\r
- }\r
+ }
+\r
// Run SQLs on activation / deactivation\r
- switch ($active)\r
- {\r
+ switch ($active) {\r
case "Y": $EXT_LOAD_MODE = "activate"; break;\r
case "N": $EXT_LOAD_MODE = "deactivate"; break;\r
}\r
OUTPUT_HTML ("<P align=\"center\">");\r
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_EXT_CHANGED);\r
OUTPUT_HTML ("</P>");\r
- }\r
- else\r
- {\r
+ } else {\r
// Edit selected entries\r
$SW = "2"; $OUT = "";\r
- foreach ($_POST['sel'] as $id=>$sel)\r
- {\r
+ foreach ($_POST['sel'] as $id=>$sel) {\r
// Edit this extension?\r
- if (($sel == "Y") || ($sel == "N"))\r
- {\r
+ if (($sel == "Y") || ($sel == "N")) {\r
// Load required data\r
- if (GET_EXT_VERSION("sql_patches") >= "0.0.6")\r
- {\r
+ if (GET_EXT_VERSION("sql_patches") >= "0.0.6") {\r
$result = SQL_QUERY_ESC("SELECT ext_name, ext_has_css, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1",\r
array(bigintval($id)), __FILE__, __LINE__);\r
list($name, $css, $active) = SQL_FETCHROW($result);\r
SQL_FREERESULT($result);\r
- }\r
- else\r
- {\r
+ } else {\r
$result = SQL_QUERY_ESC("SELECT ext_name, ext_active FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1",\r
array(bigintval($id)), __FILE__, __LINE__);\r
list($name, $active) = SQL_FETCHROW($result);\r
\r
// Load template\r
LOAD_TEMPLATE("admin_extensions_edit");\r
- $mode = "edit";\r
+ $do = "edit";\r
}\r
-}\r
- elseif ((isset($_POST['delete'])) && ($SEL > 0) && (!IS_DEMO()))\r
-{\r
+} elseif ((isset($_POST['delete'])) && ($SEL > 0) && (!IS_DEMO())) {\r
// List extensions and when verbose is enabled SQL statements which will be executed\r
$SW = 2; $OUT = "";\r
- foreach ($_POST['sel'] as $id=>$sel)\r
- {\r
+ foreach ($_POST['sel'] as $id=>$sel) {\r
$VERBOSE_OUT = ""; $SQLs = array();\r
// Load extension's data\r
$result = SQL_QUERY_ESC("SELECT ext_name, ext_version FROM "._MYSQL_PREFIX."_extensions WHERE id=%d LIMIT 1",\r
array(bigintval($id)), __FILE__, __LINE__);\r
- list($ext_name, $ext_ver) = SQL_FETCHROW($result);\r
+ list($ext_name, $ext_ver) = SQL_FETCHROW($result);
+
+ // Free the result\r
SQL_FREERESULT($result);\r
\r
- if ($CONFIG['verbose_sql'])\r
- {\r
+ if ($CONFIG['verbose_sql']) {\r
// Load SQL commands in remove mode\r
$EXT_LOAD_MODE = "remove";\r
$file = sprintf(PATH."inc/extensions/ext-%s.php", $ext_name);\r
\r
// Load template\r
LOAD_TEMPLATE("admin_extensions_delete");\r
- $mode = "delete";\r
-}\r
- elseif ((isset($_POST['remove'])) && ($SEL > 0) && (!IS_DEMO()))\r
-{\r
+ $do = "delete";\r
+} elseif ((isset($_POST['remove'])) && ($SEL > 0) && (!IS_DEMO())) {\r
// Remove extensions from DB (you have to delete all files manually!)\r
$CACHE_UPDATE = "0";\r
- foreach ($_POST['sel'] as $id=>$active)\r
- {\r
- if ($active == 1)\r
- {\r
+ foreach ($_POST['sel'] as $id=>$active) {
+ // Secure ID number
+ $id = bigintval($id);
+
+ // Is this extension selected?\r
+ if ($active == 1) {\r
// Run embeded SQL commands\r
EXTENSION_RUN_SQLS($id, "remove");\r
\r
array(bigintval($id)), __FILE__, __LINE__);\r
}\r
}\r
-}\r
- elseif (!empty($_GET['do']) && (!IS_DEMO()))\r
-{\r
+} elseif (!empty($_GET['do']) && (!IS_DEMO())) {\r
// Other things to do\r
- $mode = $_GET['do'];\r
-}\r
- elseif (!empty($_GET['do']))\r
-{\r
+ $do = SQL_ESCAPE(strip_tags($_GET['do']));\r
+} elseif (!empty($_GET['do'])) {\r
// Demo mode active!\r
- $mode = "demo";\r
+ $do = "demo";\r
}\r
-\r
-switch ($mode)\r
-{\r
+
+// Shall we display active/inactive extensions?
+$where = "";
+if (!empty($_GET['active'])) {
+ $where = sprintf("WHERE ext_active = '%s'", SQL_ESCAPE(strip_tags($_GET['active'])));
+}
+
+// Case selection\r
+switch ($do) {\r
case "overview": // List all registered extensions\r
- if (GET_EXT_VERSION("sql_patches") >= "0.0.6")\r
- {\r
+ if (GET_EXT_VERSION("sql_patches") >= "0.0.6") {\r
// Load extension data with CSS informations\r
- $result = SQL_QUERY("SELECT id, ext_name, ext_lang_file, ext_active, ext_has_css, ext_version FROM "._MYSQL_PREFIX."_extensions ORDER BY ext_name", __FILE__, __LINE__);\r
- }\r
- else\r
- {\r
+ $result = SQL_QUERY("SELECT id, ext_name, ext_lang_file, ext_active, ext_has_css, ext_version
+ FROM "._MYSQL_PREFIX."_extensions
+ ".$where."
+ ORDER BY ext_name", __FILE__, __LINE__);\r
+ } else {\r
// Load extension data without CSS informations\r
- $result = SQL_QUERY("SELECT id, ext_name, ext_lang_file, ext_active, id, ext_version FROM "._MYSQL_PREFIX."_extensions ORDER BY ext_name", __FILE__, __LINE__);\r
- }\r
- if (SQL_NUMROWS($result) > 0)\r
- {\r
+ $result = SQL_QUERY("SELECT id, ext_name, ext_lang_file, ext_active, id, ext_version
+ FROM "._MYSQL_PREFIX."_extensions
+ ".$where."
+ ORDER BY ext_name", __FILE__, __LINE__);\r
+ }
+
+ // Are there some entries?\r
+ if (SQL_NUMROWS($result) > 0) {\r
// Extensions are registered\r
$SW = 2; $OUT = "";\r
- while (list($id, $name, $lang, $active, $css, $ver) = SQL_FETCHROW($result))\r
- {\r
+ while (list($id, $name, $lang, $active, $css, $ver) = SQL_FETCHROW($result)) {\r
$CSS = "---";\r
if (GET_EXT_VERSION("sql_patches") >= "0.0.6") $CSS = TRANSLATE_YESNO($css);\r
\r
\r
// Load template\r
LOAD_TEMPLATE("admin_extensions");\r
- }\r
- else\r
- {\r
+ } else {\r
// No extensions are registered\r
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_EXTENSION_REGISTERED."</FONT>");\r
}\r
case "register": // Register new extension\r
$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_task_system WHERE assigned_admin='%s' AND task_type='EXTENSION' LIMIT 1",\r
array(bigintval(GET_ADMIN_ID($_COOKIE['admin_login']))), __FILE__, __LINE__);\r
- $task_found = SQL_NUMROWS($result);\r
+ $task_found = SQL_NUMROWS($result);
+
+ // Free result\r
SQL_FREERESULT($result);\r
- if (($id > 0) && ($task_found == 1))\r
- {\r
+
+ // Is the ID number valid and the task was found?
+ if (($id > 0) && ($task_found == 1)) {\r
// ID is valid so begin with registration, we first want to it's real name from task management (subject column)\r
$result = SQL_QUERY_ESC("SELECT subject FROM "._MYSQL_PREFIX."_task_system WHERE id=%d LIMIT 1",\r
array(bigintval($id)), __FILE__, __LINE__);\r
\r
// Disable cache update by default\r
$CACHE_UPDATE = "0";\r
- if (!empty($subj))\r
- {\r
+ if (!empty($subj)) {\r
// Extract extension's name from subject...\r
$ext_name = trim(substr($subj, 1, strpos($subj, ":") - 1));\r
\r
// ... so we can finally register and load it in registration mode\r
$status = EXTENSION_REGISTER($ext_name, $id);\r
- if ($status)\r
- {\r
+ if ($status) {\r
// Extension was found and successfully registered\r
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_EXTENSION_REGISTERED);\r
\r
// Do we need to update cache file?\r
- if ((EXT_IS_ACTIVE("cache")) && ($CACHE_FILE != "no"))\r
- {\r
+ if ((EXT_IS_ACTIVE("cache")) && ($CACHE_FILE != "no")) {\r
// Remove cache file (will be auto-created again!)\r
if ($CACHE->cache_file("extensions", true)) $CACHE->cache_destroy();\r
}\r
- }\r
- else\r
- {\r
+ } else {\r
// Motify the admin that we have a problem here...\r
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_REG_FAILED_404);\r
}\r
- }\r
- else\r
- {\r
+ } else {\r
// Extension was not found in task management\r
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_REG_FAILED_ID_404);\r
}\r
- }\r
- elseif ($task_found == "0")\r
- {\r
+ } elseif ($task_found == "0") {\r
// No longer assigned or old task\r
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_REG_FAILED_ASSIGED);\r
- }\r
- else\r
- {\r
+ } else {\r
// ID is invalid\r
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_REG_FAILED_INVALID);\r
}\r