* $Author:: $ *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2009 by Roland Haeder *
- * Copyright (c) 2009 - 2012 by Mailer Developer Team *
+ * Copyright (c) 2009 - 2013 by Mailer Developer Team *
* For more information visit: http://mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
// Some security stuff...
if (!defined('__SECURITY')) {
die();
-}
+} // END - if
// Check ACL for menu combination
function isAdminsAllowedByAcl ($action, $what) {
return $GLOBALS[__FUNCTION__][$adminId][$action][$what];
}
- // But default result is failed
- $GLOBALS[__FUNCTION__][$action][$what] = FALSE;
-
// Get admin's defult access right
$default = getAdminDefaultAcl($adminId);
$result = FALSE;
if (!empty($action)) {
// Main menu
- $result = SQL_QUERY_ESC("SELECT `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `admin_id`=%s AND `action_menu`='%s' LIMIT 1",
+ $result = sqlQueryEscaped("SELECT `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `admin_id`=%s AND `action_menu`='%s' LIMIT 1",
array(bigintval($adminId), $action), __FUNCTION__, __LINE__);
} elseif (!empty($what)) {
// Sub menu
- $result = SQL_QUERY_ESC("SELECT `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `admin_id`=%s AND `what_menu`='%s' LIMIT 1",
+ $result = sqlQueryEscaped("SELECT `access_mode` FROM `{?_MYSQL_PREFIX?}_admins_acls` WHERE `admin_id`=%s AND `what_menu`='%s' LIMIT 1",
array(bigintval($adminId), $what), __FUNCTION__, __LINE__);
}
// Is an entry found?
- if (SQL_NUMROWS($result) == 1) {
+ if (sqlNumRows($result) == 1) {
// Load ACL
- list($aclMode) = SQL_FETCHROW($result);
+ list($aclMode) = sqlFetchRow($result);
} // END - if
// Free memory
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
}
+ // But default result is failed
+ $GLOBALS[__FUNCTION__][$adminId][$action][$what] = FALSE;
+
// Check ACL and (maybe) allow
//* DEBUG: */ debugOutput('default='.$default.',acl_mode='.$aclMode.',parent='.intval($parent));
if ((($default == 'allow') && ($aclMode != 'deny')) || (($default == 'deny') && ($aclMode == 'allow')) || ($parent === TRUE) || (($default == 'NO-ACL') && ($aclMode == 'failed') && ($parent === FALSE))) {
// Is it an email?
if (isInString('@', $email)) {
// Create email link
- $result = SQL_QUERY_ESC("SELECT `id`
+ $result = sqlQueryEscaped("SELECT `id`
FROM
`{?_MYSQL_PREFIX?}_admins`
WHERE
array($email), __FUNCTION__, __LINE__);
// Is there an entry?
- if (SQL_NUMROWS($result) == 1) {
+ if (sqlNumRows($result) == 1) {
// Load userid
- list($adminId) = SQL_FETCHROW($result);
+ list($adminId) = sqlFetchRow($result);
// Call this function again
$email = generateAdminEmailLink($adminId, $mod);
} // END - if
// Free memory
- SQL_FREERESULT($result);
- } elseif (isValidUserId($email)) {
+ sqlFreeResult($result);
+ } elseif (isValidId($email)) {
// Direct id given
$email = '{%url=modules.php?module=' . $mod . '&what=admins_contct&id=' . bigintval($email) . '%}';
} else {
// When both passwords match update admin account
if ((!empty($element)) && (isset($postData[$element]))) {
// Save this setting
- SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `%s`='%s' WHERE `id`=%s LIMIT 1",
+ sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_admins` SET `%s`='%s' WHERE `id`=%s LIMIT 1",
array(
$element,
$postData[$element][$id],
// Save password when set
if (!empty($postData['password1'][$id])) {
- $add = sprintf(",`password`='%s'", SQL_ESCAPE($hash));
+ $add = sprintf(",`password`='%s'", sqlEscapeString($hash));
} // END - if
// Get admin's id
// Update admin account
if ($default == 'allow') {
// Allow changing default ACL
- SQL_QUERY_ESC("UPDATE
+ sqlQueryEscaped("UPDATE
`{?_MYSQL_PREFIX?}_admins`
SET
`login`='%s'" . $add . ",
), __FUNCTION__, __LINE__);
} else {
// Do not allow it here
- SQL_QUERY_ESC("UPDATE
+ sqlQueryEscaped("UPDATE
`{?_MYSQL_PREFIX?}_admins`
SET
`login`='%s'" . $add . ",
$SQL = getUpdateSqlFromArray($postData, 'admins', 'id', '%s', array('login', 'id'), $id);
// Run it
- SQL_QUERY_ESC($SQL, array(bigintval($id)), __FUNCTION__, __LINE__);
+ sqlQueryEscaped($SQL, array(bigintval($id)), __FUNCTION__, __LINE__);
// Was it updated?
- if (SQL_AFFECTEDROWS() == 1) {
+ if (sqlAffectedRows() == 1) {
// Admin account saved
$message = '{--ADMIN_ACCOUNT_SAVED--}';
} else {
$id = bigintval($id);
// Get the admin's data
- $result = SQL_QUERY_ESC("SELECT `login`, `email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
+ $result = sqlQueryEscaped('SELECT `login`, `email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1',
array($id), __FUNCTION__, __LINE__);
- if ((SQL_NUMROWS($result) == 1) && ($selected == 1)) {
+ if ((sqlNumRows($result) == 1) && ($selected == 1)) {
// Entry found
- $content = SQL_FETCHARRAY($result);
+ $content = sqlFetchArray($result);
// Prepare some more data for the template
$content['id'] = $id;
} // END - if
// Free result
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
} // END - foreach
// Load template
$id = bigintval($id);
// Get the admin's data
- $result = SQL_QUERY_ESC("SELECT `login`, `email`, `default_acl` AS `access_mode`, `la_mode` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
+ $result = sqlQueryEscaped('SELECT
+ `login`,
+ `email`,
+ `default_acl` AS `access_mode`,
+ `la_mode`
+FROM
+ `{?_MYSQL_PREFIX?}_admins`
+WHERE
+ `id`=%s
+LIMIT 1',
array($id), __FUNCTION__, __LINE__);
// Is there an entry?
- if (SQL_NUMROWS($result) == 1) {
+ if (sqlNumRows($result) == 1) {
// Entry found, so load data
- $content = SQL_FETCHARRAY($result);
+ $content = sqlFetchArray($result);
$content['access_mode'] = '{--ADMIN_ADMINS_ACCESS_MODE_' . strtoupper($content['access_mode']) . '--}';
$content['la_mode'] = '{--ADMIN_ADMINS_LA_MODE_' . strtoupper($content['la_mode']) . '--}';
} // END - if
// Free result
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
} // END - foreach
// Load template
// Delete only when it's not your own account!
if (($del == 1) && (getCurrentAdminId() != $id)) {
// Rewrite his tasks to all admins
- SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_task_system` SET `assigned_admin`=NULL WHERE `assigned_admin`=%s",
+ sqlQueryEscaped('UPDATE `{?_MYSQL_PREFIX?}_task_system` SET `assigned_admin`=NULL WHERE `assigned_admin`=%s',
array($id), __FUNCTION__, __LINE__);
// Remove account
- SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
+ sqlQueryEscaped('DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1',
array($id), __FUNCTION__, __LINE__);
}
}
// List all admin accounts
function adminsListAdminAccounts() {
// Select all admin accounts
- $result = SQL_QUERY('SELECT
+ $result = sqlQuery('SELECT
`id`,
`login`,
`email`,
ORDER BY
`login` ASC', __FUNCTION__, __LINE__);
$OUT = '';
- while ($content = SQL_FETCHARRAY($result)) {
+ while ($content = sqlFetchArray($result)) {
// Compile some variables
$content['access_mode'] = '{--ADMIN_ADMINS_ACCESS_MODE_' . strtoupper($content['access_mode']) . '--}';
$content['la_mode'] = '{--ADMIN_ADMINS_LA_MODE_' . strtoupper($content['la_mode']) . '--}';
} // END - while
// Free memory
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
// Load template
loadTemplate('admin_list_admins', FALSE, $OUT);
$message = loadEmailTemplate($template, $content, $userid);
// Check which admin shall receive this mail
- $result = SQL_QUERY_ESC("SELECT `admin_id` FROM `{?_MYSQL_PREFIX?}_admins_mails` WHERE `mail_template`='%s' ORDER BY `admin_id` ASC",
+ $result = sqlQueryEscaped("SELECT `admin_id` FROM `{?_MYSQL_PREFIX?}_admins_mails` WHERE `mail_template`='%s' ORDER BY `admin_id` ASC",
array($template), __FUNCTION__, __LINE__);
// No entries found?
- if (SQL_HASZERONUMS($result)) {
+ if (ifSqlHasZeroNums($result)) {
// Is ext-admins' version at least 0.7.9?
if (isExtensionInstalledAndNewer('admins', '0.7.9')) {
// Create new entry (to all admins)
- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins_mails` (`admin_id`, `mail_template`) VALUES (NULL, '%s')",
+ sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_admins_mails` (`admin_id`, `mail_template`) VALUES (NULL, '%s')",
array($template), __FUNCTION__, __LINE__);
} // END - if
// Select all email adresses (default)
- $result = SQL_QUERY('SELECT `email` FROM `{?_MYSQL_PREFIX?}_admins` ORDER BY `id` ASC',
+ $result = sqlQuery('SELECT `email` FROM `{?_MYSQL_PREFIX?}_admins` ORDER BY `id` ASC',
__FUNCTION__, __LINE__);
} else {
// Load admin ids...
// @TODO This can be, somehow, rewritten
$adminIds = array();
- while ($content = SQL_FETCHARRAY($result)) {
+ while ($content = sqlFetchArray($result)) {
array_push($adminIds, $content['admin_id']);
} // END - while
// Free memory
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
// Init result
$result = FALSE;
EVENTS_ADD_LINE($subject, $message, $userid);
} else {
// Log error for debug
- logDebugMessage(__FUNCTION__, __LINE__, sprintf("Extension 'ext-events' missing: template=%s,subj=%s,userid=%s",
+ logDebugMessage(__FUNCTION__, __LINE__, sprintf('Extension ext-events missing: template=%s,subj=%s,userid=%s',
$template,
$subject,
$userid
return;
} elseif (($adminId == '0') || (empty($adminId))) {
// Select all email adresses
- $result = SQL_QUERY('SELECT `email` FROM `{?_MYSQL_PREFIX?}_admins` ORDER BY `id` ASC',
+ $result = sqlQuery('SELECT `email` FROM `{?_MYSQL_PREFIX?}_admins` ORDER BY `id` ASC',
__FUNCTION__, __LINE__);
} else {
// If Admin-Id is not "to-all" select
- $result = SQL_QUERY_ESC("SELECT `email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id` IN (%s) ORDER BY `id` ASC",
+ $result = sqlQueryEscaped('SELECT `email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id` IN (%s) ORDER BY `id` ASC',
array($adminId), __FUNCTION__, __LINE__);
}
}
} // END - if
// Load email addresses and send away
- while ($content = SQL_FETCHARRAY($result)) {
+ while ($content = sqlFetchArray($result)) {
sendEmail($content['email'], $subject, $message, 'N', $mailHeader);
} // END - while
// Free memory
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
}
// "Getter" for current admin's expert settings
incrementStatsEntry('cache_hits');
} elseif (!isExtensionInstalled('cache')) {
// Load from database
- $result = SQL_QUERY_ESC("SELECT `expert_settings` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
+ $result = sqlQueryEscaped('SELECT `expert_settings` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1',
array($adminId), __FUNCTION__, __LINE__);
// Entry found?
- if (SQL_NUMROWS($result) == 1) {
+ if (sqlNumRows($result) == 1) {
// Fetch data
- $data = SQL_FETCHARRAY($result);
+ $data = sqlFetchArray($result);
// Set cache
$GLOBALS['cache_array']['admin']['expert_settings'][$adminId] = $data['expert_settings'];
} // END - if
// Free memory
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
}
// Return the result
incrementStatsEntry('cache_hits');
} elseif (!isExtensionInstalled('cache')) {
// Load from database
- $result = SQL_QUERY_ESC("SELECT `expert_warning` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
+ $result = sqlQueryEscaped('SELECT `expert_warning` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1',
array($adminId), __FUNCTION__, __LINE__);
// Entry found?
- if (SQL_NUMROWS($result) == 1) {
+ if (sqlNumRows($result) == 1) {
// Fetch data
- $data = SQL_FETCHARRAY($result);
+ $data = sqlFetchArray($result);
// Set cache
$GLOBALS['cache_array']['admin']['expert_warning'][$adminId] = $data['expert_warning'];
} // END - if
// Free memory
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
}
// Return the result
incrementStatsEntry('cache_hits');
} elseif (!isExtensionActive('cache')) {
// Load from database
- $result = SQL_QUERY_ESC("SELECT `login_failures` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
+ $result = sqlQueryEscaped('SELECT `login_failures` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1',
array($adminId), __FUNCTION__, __LINE__);
// Is there an entry?
- if (SQL_NUMROWS($result) == 1) {
+ if (sqlNumRows($result) == 1) {
// Get it
- $data = SQL_FETCHARRAY($result);
+ $data = sqlFetchArray($result);
} // END - if
// Free result
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
}
// Return the login_failures
incrementStatsEntry('cache_hits');
} elseif (!isExtensionActive('cache')) {
// Load from database
- $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`last_failure`) AS `last_failure` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
+ $result = sqlQueryEscaped('SELECT UNIX_TIMESTAMP(`last_failure`) AS `last_failure` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1',
array($adminId), __FUNCTION__, __LINE__);
// Is there an entry?
- if (SQL_NUMROWS($result) == 1) {
+ if (sqlNumRows($result) == 1) {
// Get it
- $data = SQL_FETCHARRAY($result);
+ $data = sqlFetchArray($result);
} // END - if
// Free result
- SQL_FREERESULT($result);
+ sqlFreeResult($result);
}
// Return the last_failure
projects / mailer.git / blobdiff