require($INC);
}
-// Login is default
-if ((empty($GLOBALS['action'])) && ($check == "admin_only")) {
- // Redirect to right URL
- LOAD_URL("modules.php?module=admin&action=login");
-} // END - if
-
// Load include file
LOAD_INC_ONCE("inc/modules/admin/admin-inc.php");
$ret = "init";
// Is no admin registered?
-if (!isBooleanConstantAndTrue('admin_registered')) {
+if (!isAdminRegistered()) {
// Admin is not registered so we have to inform the user
if ((IS_FORM_SENT()) && ((!REQUEST_ISSET_POST(('login'))) || (!REQUEST_ISSET_POST(('pass'))) || (strlen(REQUEST_POST('pass')) < 4))) {
REQUEST_SET_POST('ok', "***");
switch ($ret)
{
case "done":
- changeDataInFile(constant('PATH')."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0);
- if (!constant('_FATAL')) {
+ $done = changeDataInFile(constant('PATH')."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0);
+ if ($done === true) {
// Registering is done
LOAD_URL("modules.php?module=admin&action=login®ister=done");
} else {
}
// Admin still not registered?
- if (!isBooleanConstantAndTrue('admin_registered')) {
+ if (!isAdminRegistered()) {
// Write to config that registration is done
changeDataInFile(constant('PATH')."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0);
// Load logout template
if (REQUEST_ISSET_GET(('register'))) {
// Secure input
- $register = SQL_ESCAPE(REQUEST_GET('register'));
+ $register = REQUEST_GET(('register'));
// Special logout redirect for installation of given extension
LOAD_TEMPLATE(sprintf("admin_logout_%s_install", $register));
} elseif (REQUEST_ISSET_GET(('remove'))) {
// Secure input
- $remove = SQL_ESCAPE(REQUEST_GET('remove'));
+ $remove = REQUEST_GET(('remove'));
// Special logout redirect for removal of given extension
LOAD_TEMPLATE(sprintf("admin_logout_%s_remove", $remove));
LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_fatal\">{--ADMIN_LOGOUT_FAILED--}</div>");
// Add fatal message
- addFatalMessage(getMessage('CANNOT_UNREG_SESS'));
+ addFatalMessage(__FILE__, __LINE__, getMessage('CANNOT_UNREG_SESS'));
}
} else {
// Maybe an Admin want's to login?
{
case "done":
// Check for access control line of current menu entry
- define('__ACL_ALLOW', RUN_FILTER('check_admin_acl'));
+ $GLOBALS['acl_allow'] = RUN_FILTER('check_admin_acl');
// When type of admin menu is not set fallback to old menu system
if (!isConfigEntrySet('admin_menu')) setConfigEntry('admin_menu', "OLD");
$area = "entrance";
// Check for similar URL variable
- if (REQUEST_ISSET_GET(('area'))) $area = SQL_ESCAPE(REQUEST_GET('area'));
+ if (REQUEST_ISSET_GET(('area'))) $area = REQUEST_GET(('area'));
// Load "logical-area menu-system" file
LOAD_INC_ONCE("inc/modules/admin/lasys-inc.php");
case "404": // Administrator login not found
REQUEST_SET_POST('ok', $ret);
destroyAdminSession();
- addFatalMessage(getMessage('ADMIN_NOT_FOUND'));
+ addFatalMessage(__FILE__, __LINE__, getMessage('ADMIN_NOT_FOUND'));
break;
case "pass": // Wrong password
REQUEST_SET_POST('ok', $ret);
destroyAdminSession();
- addFatalMessage(getMessage('WRONG_PASS'));
+ addFatalMessage(__FILE__, __LINE__, getMessage('WRONG_PASS'));
break;
default: // Others will be logged