// Run SQLs
REGISTER_FILTER('run_sqls', 'RUN_SQLS');
+ // Admin ACL check
+ REGISTER_FILTER('check_admin_acl', 'CHECK_ADMIN_ACL');
+
// Register shutdown filters
REGISTER_FILTER('shutdown', 'FLUSH_FILTERS');
}
// "Registers" a new filter function
-function REGISTER_FILTER ($filterName, $filterFunction, $silentAbort = true, $force = false, $add = true) {
+function REGISTER_FILTER ($filterName, $filterFunction, $silentAbort = true, $force = false, $dry_run = false) {
global $filters, $counter;
// Extend the filter function name
} // END - if
// Shall we add it?
- if ($add) {
+ if (!$dry_run) {
// Simply add it to the array
$filters[$filterName][$filterFunction] = "Y";
$counter[$filterName][$filterFunction] = 0;
}
// "Unregisters" a filter from the given chain
-function UNREGISTER_FILTER ($filterName, $filterFunction, $force = false, $remove = true) {
+function UNREGISTER_FILTER ($filterName, $filterFunction, $force = false, $dry_run = false) {
global $filters, $counter, $loadedFilters;
// Extend the filter function name only if not loaded from database
} // END - if
// Shall we remove? (default, not while just showing an extension removal)
- if ($remove) {
+ if (!$dry_run) {
// Mark for filter removal
$filters[$filterName][$filterFunction] = "R";
unset($counter[$filterName][$filterFunction]);
// Then run all filters
foreach ($filters[$filterName] as $filterFunction=>$active) {
// Debug message
- //* DEBUG: */ echo __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): name={$filterName}, func={$filterFunction}, active={$active}<br />\n";
+ //* DEBUG: */ echo __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): name={$filterName},func={$filterFunction},active={$active}<br />\n";
// Is the filter active?
if ($active == "Y") {
} // END - if
// Run the run_sqls filter in non-dry mode
- RUN_FILTER('run_sqls', false);
+ RUN_FILTER('run_sqls', array('dry_run' => false, 'sqls' => $SQLs));
}
// Filter for calling the handler for login failtures
// Filter to load include files
function FILTER_LOAD_INCLUDES ($data) {
- global $INC_POOL;
+ global $CSS;
+
+ // Default is $data as inclusion list
+ $INC_POOL = $data;
// Is it an array?
- if ((!isset($INC_POOL)) || (!is_array($INC_POOL))) {
+ if ((!isset($data)) || (!is_array($data))) {
// Then abort here
DEBUG_LOG(__FILE__, __LINE__, "INC_POOL is no array!");
return $data;
- } // END - if
+ } elseif (isset($data['inc_pool'])) {
+ // Use this as new inclusion pool!
+ $INC_POOL = $data['inc_pool'];
+ }
// Check for added include files
if (count($INC_POOL) > 0) {
// Loads every include file
- foreach ($INC_POOL as $fqfn) {
- require_once($fqfn);
+ foreach ($INC_POOL as $FQFN) {
+ require_once($FQFN);
} // END - foreach
- // Remove array
- unset($INC_POOL);
+ // Reset array
+ if (isset($data['inc_pool'])) $data['inc_pool'] = array();
} // END - if
- // Return $data
+ // Continue with processing
return $data;
}
// Filter for running SQL commands
-function FILTER_RUN_SQLS ($dry_run) {
- global $SQLs;
-
+function FILTER_RUN_SQLS ($data) {
// Is the array there?
- if ((is_array($SQLs)) && (!$dry_run)) {
+ if ((isset($data['sqls'])) && ((!isset($data['dry_run'])) || ($data['dry_run'] == false))) {
// Run SQL commands
- foreach ($SQLs as $sql) {
+ foreach ($data['sqls'] as $sql) {
$sql = trim($sql);
if (!empty($sql)) {
// Do we have an "ALTER TABLE" command?
}
} // END - if
} // END - foreach
- } elseif (GET_EXT_VERSION("sql_patches") == "") {
- // Remove SQLs if extension is not installed
- $SQLs = array();
- }
+ } // END - if
}
// Filter for updating/validating login data
// Update last module / online time
$result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET last_module='%s', last_online=UNIX_TIMESTAMP(), REMOTE_ADDR='%s' WHERE userid=%s LIMIT 1",
- array($GLOBALS['what'], GET_REMOTE_ADDR(), $GLOBALS['userid']), __FILE__, __LINE__);
+ array($GLOBALS['what'], GET_REMOTE_ADDR(), $GLOBALS['userid']), __FILE__, __LINE__);
}
} else {
// Destroy session, we cannot update!
}
}
+// Filter for checking admin ACL
+function FILTER_CHECK_ADMIN_ACL () {
+ // Extension not installed so it's always allowed to access everywhere!
+ $ret = true;
+
+ // Ok, Cookie-Update done
+ if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2")) {
+ // Check if action GET variable was set
+ $action = SQL_ESCAPE($GLOBALS['action']);
+ if (!empty($GLOBALS['what'])) {
+ // Get action value by what-value
+ $action = GET_ACTION("admin", $GLOBALS['what']);
+ } // END - if
+
+ // Check for access control line of current menu entry
+ $ret = ADMINS_CHECK_ACL($action, $GLOBALS['what']);
+ } // END - if
+
+ // Return result
+ return $ret;
+}
+
//
?>