Fixes/rewrites for missing sql_patches and check on admin's default access mode ...

[mailer.git] / inc / libs / admins_functions.php

diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php
index 291df0192379c3469342e5661b0e6b45b84a4f04..a981f8d148a093f49707dd8e42513f138a9b2ca7 100644 (file)
--- a/inc/libs/admins_functions.php
+++ b/inc/libs/admins_functions.php
@@ -10,7 +10,12 @@
  * -------------------------------------------------------------------- *
  * Kurzbeschreibung  : Funktionen fuer die admins-Erweiterung           *
  * -------------------------------------------------------------------- *
- *                                                                      *
+ * $Revision::                                                        $ *
+ * $Date::                                                            $ *
+ * $Tag:: 0.2.1-FINAL                                                 $ *
+ * $Author::                                                          $ *
+ * Needs to be in all Files and every File needs "svn propset           *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  * For more information visit: http://www.mxchange.org                  *
@@ -65,92 +70,77 @@ function ADMINS_CHECK_ACL($act, $wht) {
        }
 
        // Shall I test for a main or sub menu? (action or what?)
-       $lines = 0; $acl_mode = "failed";
-       if (GET_EXT_VERSION("cache") >= "0.1.2") {
-               // Load only from array when there are lines!
-               if ((isset($GLOBALS['cache_array']['admin_acls'])) && (is_array($GLOBALS['cache_array']['admin_acls'])) && (count($GLOBALS['cache_array']['admin_acls']) > 0)) {
-                       // Load ACL from array
-                       foreach ($GLOBALS['cache_array']['admin_acls']['admin_id'] as $id => $aid_acls) {
-                               if ($aid == $aid_acls) {
-                                       // Okay, one line was found!
-                                       if ((!empty($act)) && ($GLOBALS['cache_array']['admin_acls']['action_menu'][$id] == $act)) {
-                                               // Main menu line found
-                                               $acl_mode = $GLOBALS['cache_array']['admin_acls']['access_mode'][$id];
-                                               $lines = 1;
-                                       }
-                                        elseif ((!empty($wht)) && ($GLOBALS['cache_array']['admin_acls']['what_menu'][$id] == $wht)) {
-                                               // Check sub menu
-                                               $acl_mode = $GLOBALS['cache_array']['admin_acls']['access_mode'][$id];
-                                               $lines = 1;
-                                       }
-                                       if ($lines == 1) {
-                                               // Count cache hits
-                                               incrementConfigEntry('cache_hits');
-                                               break;
-                                       }
-                               }
-                       }
-
-                       // No ACL found?
-                       if ($acl_mode == "failed") {
-                               $acl_mode = "";
-                               $lines = 0;
-                       }
-               } else {
-                       // No lines here
-                       $lines = 0;
+       $acl_mode = "failed";
+       if ((GET_EXT_VERSION("cache") >= "0.1.2") && (count($GLOBALS['cache_array']['admin_acls']) > 0)) {
+               // Lookup in cache
+               if ((!empty($act)) && (isset($GLOBALS['cache_array']['admin_acls']['action_menu'][$aid])) & ($GLOBALS['cache_array']['admin_acls']['action_menu'][$aid] == $act)) {
+                       // Main menu line found
+                       $acl_mode = $GLOBALS['cache_array']['admin_acls']['access_mode'][$aid];
+
+                       // Count cache hits
+                       incrementConfigEntry('cache_hits');
+               } elseif ((!empty($wht)) && (isset($GLOBALS['cache_array']['admin_acls']['what_menu'][$aid])) && ($GLOBALS['cache_array']['admin_acls']['what_menu'][$aid] == $wht)) {
+                       // Check sub menu
+                       $acl_mode = $GLOBALS['cache_array']['admin_acls']['access_mode'][$aid];
+
+                       // Count cache hits
+                       incrementConfigEntry('cache_hits');
                }
-       } else {
+       } elseif (!EXT_IS_ACTIVE("cache")) {
                // Old version, so load it from database
-               if (!empty($act))
-               {
+               if (!empty($act)) {
                        // Main menu
                        $result = SQL_QUERY_ESC("SELECT access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE admin_id=%s AND action_menu='%s' LIMIT 1",
-                        array(bigintval($aid), $act), __FUNCTION__, __LINE__);
+                               array(bigintval($aid), $act), __FUNCTION__, __LINE__);
                } elseif (!empty($wht)) {
                        // Sub menu
                        $result = SQL_QUERY_ESC("SELECT access_mode FROM `{!_MYSQL_PREFIX!}_admins_acls` WHERE admin_id=%s AND what_menu='%s' LIMIT 1",
-                        array(bigintval($aid), $wht), __FUNCTION__, __LINE__);
+                               array(bigintval($aid), $wht), __FUNCTION__, __LINE__);
                }
 
-               // Get number of lines
-               $lines = SQL_NUMROWS($result);
+               // Is an entry found?
+               if (SQL_NUMROWS($result) == 1) {
+                       // Load ACL
+                       list($acl_mode) = SQL_FETCHROW($result);
+               } // END - if
 
-               // Load ACL
-               list($acl_mode) = SQL_FETCHROW($result);
+               // Free memory
                SQL_FREERESULT($result);
        }
 
        // Check ACL and (maybe) allow
-       if ((($default == "allow") && ($lines == 0)) || (($default == "deny") && ($lines == "1") && ($acl_mode == "allow")) || (($lines == 0) && ($parent))) $ret = true;
+       if (($default == "allow") || (($default == "deny") && ($acl_mode == "allow")) || ($parent === true)) {
+               // Access is granted
+               $ret = true;
+       } // END - if
 
        // Return value
+       //* DEBUG: */ print __FUNCTION__."[".__LINE__."]:act={$act},wht={$wht},default={$default},acl_mode={$acl_mode}<br />\n";
        return $ret;
 }
 
 // Create email link to admins's account
 function ADMINS_CREATE_EMAIL_LINK ($email, $mod="admin") {
-       $locked = " AND `status`='CONFIRMED'";
-       if (IS_ADMIN()) $locked = "";
-       if (strpos("@", $email) > 0) {
+       // Is it an email?
+       if (strpos($email, "@") !== false) {
                // Create email link
-               $result = SQL_QUERY_ESC("SELECT id
+               $result = SQL_QUERY_ESC("SELECT `id`
 FROM `{!_MYSQL_PREFIX!}_admins`
-WHERE email='%s'".$locked." LIMIT 1",
- array($email), __FUNCTION__, __LINE__);
+WHERE `email`='%s' LIMIT 1",
+                       array($email), __FUNCTION__, __LINE__);
 
-               // Is there an entry?
+               // Is there an entry?
                if (SQL_NUMROWS($result) == 1) {
                        // Load userid
-                       list($uid) = SQL_FETCHROW($result);
+                       list($aid) = SQL_FETCHROW($result);
 
                        // Rewrite email address to contact link
-                       $email = "{!URL!}/modules.php?module=".$mod."&amp;what=user_contct&amp;uid=".bigintval($uid);
-               }
+                       $email = "{!URL!}/modules.php?module=".$mod."&amp;what=admins_contct&amp;admin=".bigintval($aid);
+               } // END - if
 
                // Free memory
                SQL_FREERESULT($result);
-       } elseif (bigintval($email) > 0) {
+       } elseif ((is_int($email)) && ($email > 0)) {
                // Direct ID given
                $email = "{!URL!}/modules.php?module=".$mod."&amp;what=admins_contct&amp;admin=".bigintval($email);
        }
@@ -170,13 +160,13 @@ function ADMINS_CHANGE_ADMIN_ACCOUNT($POST) {
                // When both passwords match update admin account
                if ($POST['pass1'][$id] == $POST['pass2'][$id]) {
                        // Save only when both passwords are the same (also when they are empty)
-                       $ADD = ""; $cache_update = "1";
+                       $add = ""; $cache_update = "1";
 
                        // Generate hash
                        $hash = generateHash($POST['pass1'][$id]);
 
                        // Save password when set
-                       if (!empty($POST['pass1'][$id])) $ADD = sprintf(", password='%s'", SQL_ESCAPE($hash));
+                       if (!empty($POST['pass1'][$id])) $add = sprintf(", password='%s'", SQL_ESCAPE($hash));
 
                        // Get admin's ID
                        $aid = GET_CURRENT_ADMIN_ID();
@@ -192,7 +182,7 @@ function ADMINS_CHANGE_ADMIN_ACCOUNT($POST) {
                                        set_session('admin_login', $login);
 
                                        // Update password cookie as well?
-                                       if (!empty($ADD)) set_session('admin_md5', $hash);
+                                       if (!empty($add)) set_session('admin_md5', $hash);
                                } elseif (generateHash($POST['pass1'][$id], $salt) != get_session('admin_md5')) {
                                        // Update password cookie
                                        set_session('admin_md5', $hash);
@@ -206,7 +196,7 @@ function ADMINS_CHANGE_ADMIN_ACCOUNT($POST) {
                        if ($default == "allow") {
                                // Allow changing default ACL
                                SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET
-login='%s'".$ADD.",
+login='%s'".$add.",
 email='%s',
 default_acl='%s',
 la_mode='%s'
@@ -221,7 +211,7 @@ WHERE id=%s LIMIT 1",
                        } else {
                                // Do not allow it here
                                SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET
-login='%s'".$ADD.",
+login='%s'".$add.",
 email='%s',
 la_mode='%s'
 WHERE id=%s LIMIT 1",
@@ -237,15 +227,15 @@ WHERE id=%s LIMIT 1",
                        CACHE_PURGE_ADMIN_MENU($id);
 
                        // Admin account saved
-                       $MSG = ADMIN_ACCOUNT_SAVED;
+                       $message = ADMIN_ACCOUNT_SAVED;
                } else {
                        // Passwords did not match
-                       $MSG = ADMINS_ERROR_PASS_MISMATCH;
+                       $message = ADMINS_ERROR_PASS_MISMATCH;
                }
 
                // Display message
-               if (!empty($MSG)) {
-                       LOAD_TEMPLATE("admin_settings_saved", false, $MSG);
+               if (!empty($message)) {
+                       LOAD_TEMPLATE("admin_settings_saved", false, $message);
                }
        }
 
@@ -395,14 +385,14 @@ function ADMINS_LIST_ADMIN_ACCOUNTS() {
 }
 
 // Filter for adding extra data to the query
-function FILTER_ADD_EXTRA_SQL_DATA ($ADD = "") {
+function FILTER_ADD_EXTRA_SQL_DATA ($add = "") {
        // Is the admins extension updated? (should be!)
-       if (GET_EXT_VERSION("admins") >= "0.3")   $ADD .= ", default_acl AS def_acl";
-       if (GET_EXT_VERSION("admins") >= "0.6.7") $ADD .= ", la_mode";
-       if (GET_EXT_VERSION("admins") >= "0.7.2") $ADD .= ", login_failures, UNIX_TIMESTAMP(last_failure) AS last_failure";
+       if (GET_EXT_VERSION("admins") >= "0.3")   $add .= ", default_acl AS def_acl";
+       if (GET_EXT_VERSION("admins") >= "0.6.7") $add .= ", la_mode";
+       if (GET_EXT_VERSION("admins") >= "0.7.2") $add .= ", login_failures, UNIX_TIMESTAMP(last_failure) AS last_failure";
 
        // Return it
-       return $ADD;
+       return $add;
 }
 
 //