SQL_FREERESULT($result);
} // END - if
+ // Init filters
+ REGISTER_FILTER('init', 'UPDATE_LOGIN_DATA');
+
// Login failtures handler
REGISTER_FILTER('post_youhere_line', 'CALL_HANDLER_LOGIN_FAILTURES');
// Run SQLs
REGISTER_FILTER('run_sqls', 'RUN_SQLS');
+ // Admin ACL check
+ REGISTER_FILTER('check_admin_acl', 'CHECK_ADMIN_ACL');
+
// Register shutdown filters
REGISTER_FILTER('shutdown', 'FLUSH_FILTERS');
}
// "Registers" a new filter function
-function REGISTER_FILTER ($filterName, $filterFunction, $silentAbort = true, $force = false, $add = true) {
+function REGISTER_FILTER ($filterName, $filterFunction, $silentAbort = true, $force = false, $dry_run = false) {
global $filters, $counter;
// Extend the filter function name
} // END - if
// Shall we add it?
- if ($add) {
+ if (!$dry_run) {
// Simply add it to the array
$filters[$filterName][$filterFunction] = "Y";
$counter[$filterName][$filterFunction] = 0;
}
// "Unregisters" a filter from the given chain
-function UNREGISTER_FILTER ($filterName, $filterFunction, $force = false, $remove = true) {
- global $filters, $counter;
+function UNREGISTER_FILTER ($filterName, $filterFunction, $force = false, $dry_run = false) {
+ global $filters, $counter, $loadedFilters;
- // Extend the filter function name
- $filterFunction = sprintf("FILTER_%s", strtoupper($filterFunction));
+ // Extend the filter function name only if not loaded from database
+ if (!isset($loadedFilters[$filterName][$filterFunction])) {
+ $filterFunction = sprintf("FILTER_%s", strtoupper($filterFunction));
+ } // END - if
// Is that filter there?
if ((!isset($filters[$filterName][$filterFunction])) && (!$force)) {
} // END - if
// Shall we remove? (default, not while just showing an extension removal)
- if ($remove) {
+ if (!$dry_run) {
// Mark for filter removal
$filters[$filterName][$filterFunction] = "R";
unset($counter[$filterName][$filterFunction]);
$removeSQL = substr($removeSQL, 0, -2) . "LIMIT ".$removed;
// And run it
- $removeSQL;
+ $SQLs[] = $removeSQL;
} // END - if
// Shall we update usage counters (ONLY FOR DEBUGGING!)
}
}
+// Filter for updating/validating login data
+function FILTER_UPDATE_LOGIN_DATA () {
+ global $LAST;
+ if (!is_array($LAST)) $LAST = array();
+
+ // Recheck if logged in
+ if (!IS_MEMBER()) return false;
+
+ // Secure user ID
+ $GLOBALS['userid'] = bigintval(get_session('userid'));
+
+ // Extract last online time (life) and how long is auto-login valid (time)
+ $newl = time() + bigintval(get_session('lifetime'));
+
+ // Load last module and last online time
+ $result = SQL_QUERY_ESC("SELECT last_module, last_online FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
+ // Load last module and online time
+ list($mod, $onl) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+
+ // Maybe first login time?
+ if (empty($mod)) $mod = "login";
+
+ if (set_session("userid", $GLOBALS['userid'], $newl, COOKIE_PATH) && set_session("u_hash", get_session('u_hash'), $newl, COOKIE_PATH) && set_session("lifetime", bigintval(get_session('lifetime')), $newl, COOKIE_PATH)) {
+ // This will be displayed on welcome page! :-)
+ if (empty($LAST['module'])) {
+ $LAST['module'] = $mod; $LAST['online'] = $onl;
+ } // END - if
+
+ // "what" not set?
+ if (empty($GLOBALS['what'])) {
+ // Fix it to default
+ $GLOBALS['what'] = "welcome";
+ if (getConfig('index_home') != "") $GLOBALS['what'] = getConfig('index_home');
+ } // END - if
+
+ // Update last module / online time
+ $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET last_module='%s', last_online=UNIX_TIMESTAMP(), REMOTE_ADDR='%s' WHERE userid=%s LIMIT 1",
+ array($GLOBALS['what'], GET_REMOTE_ADDR(), $GLOBALS['userid']), __FILE__, __LINE__);
+ }
+ } else {
+ // Destroy session, we cannot update!
+ destroy_user_session();
+ }
+}
+
+// Filter for checking admin ACL
+function FILTER_CHECK_ADMIN_ACL () {
+ // Extension not installed so it's always allowed to access everywhere!
+ $ret = true;
+
+ // Ok, Cookie-Update done
+ if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2")) {
+ // Check if action GET variable was set
+ $action = SQL_ESCAPE($GLOBALS['action']);
+ if (!empty($GLOBALS['what'])) {
+ // Get action value by what-value
+ $action = GET_ACTION("admin", $GLOBALS['what']);
+ } // END - if
+
+ // Check for access control line of current menu entry
+ $ret = ADMINS_CHECK_ACL($action, $GLOBALS['what']);
+ } // END - if
+
+ // Return result
+ return $ret;
+}
+
//
?>
projects / mailer.git / blobdiff