// First of all, no admin login is found
$ret = '404';
- // Then we need to lookup the login name by getting the admin hash
- $adminHash = getAdminHash($adminLogin);
-
- // If this is fine, we can continue
- if ($adminHash != '-1') {
- // Get admin id and set it as current
- setCurrentAdminId(getAdminId($adminLogin));
-
- // Now, we need to encode the password in the same way the one is encoded in database
- $testHash = generateHash($adminPassword, $adminHash);
-
- // If they both match, the login data is valid
- if ($testHash == $adminHash) {
- // All fine
- $ret = 'done';
- } else {
- // Set status
- $ret = 'pass';
- }
+ // Get admin id from login
+ $adminId = getAdminId($adminLogin);
+
+ // Continue only with found admin ids
+ if ($adminId > 0) {
+ // Then we need to lookup the login name by getting the admin hash
+ $adminHash = getAdminHash($adminId);
+
+ // If this is fine, we can continue
+ if ($adminHash != '-1') {
+ // Get admin id and set it as current
+ setCurrentAdminId($adminId);
+
+ // Now, we need to encode the password in the same way the one is encoded in database
+ $testHash = generateHash($adminPassword, $adminHash);
+
+ // If they both match, the login data is valid
+ if ($testHash == $adminHash) {
+ // All fine
+ $ret = 'done';
+ } else {
+ // Set status
+ $ret = 'password';
+ }
+ } // END - if
} // END - if
// Prepare data array
$data = array(
+ 'id' => $adminId,
'login' => $adminLogin,
'plain_pass' => $adminPassword,
'pass_hash' => $adminHash
$ret = 'done';
} else {
// Set status
- $ret = 'pass';
+ $ret = 'password';
}
} // END - if
$action = getActionFromModuleWhat(getModule(), $what);
// Define admin login name and id number
- $content['login'] = getSession('admin_login');
+ $content['login'] = getAdminLogin(getSession('admin_id'));
$content['id'] = getCurrentAdminId();
// Preload templates
`id` DESC", __FUNCTION__, __LINE__);
// Do we have entries?
- if (SQL_NUMROWS($result_main) > 0) {
+ if (!SQL_HASZERONUMS($result_main)) {
$OUT .= '<ul class="admin_menu_main">';
// @TODO Rewrite this to $content = SQL_FETCHARRAY()
while (list($menu, $title, $descr) = SQL_FETCHROW($result_main)) {
$OUT .= '[<a href="{%url=modules.php?module=admin&action=' . $menu . '%}">';
}
} else {
- $OUT .= '<em style="cursor:help" class="admin_note" title="{--MENU_ACTION_404--}">';
+ $OUT .= '<em style="cursor:help" class="admin_note" title="{%message,MENU_ACTION_404=' . $menu . '}">';
}
$OUT .= $title;
array($menu), __FUNCTION__, __LINE__);
// Remember the count for later checks
- setAdminMenuHasEntries($menu, ((SQL_NUMROWS($result_what) > 0) && ($action == $menu)));
+ setAdminMenuHasEntries($menu, ((!SQL_HASZERONUMS($result_what)) && ($action == $menu)));
// Do we have entries?
- if ((ifAdminMenuHasEntries($menu)) && (SQL_NUMROWS($result_what) > 0)) {
+ if ((ifAdminMenuHasEntries($menu)) && (!SQL_HASZERONUMS($result_what))) {
$GLOBALS['menu']['description'] = array();
$GLOBALS['menu']['title'] = array(); $SUB = true;
$OUT .= '<li class="admin_menu_sub"><ul class="admin_menu_sub">';
$OUT .= '[<a href="{%url=modules.php?module=admin&what=' . $what_sub . '%}">';
}
} else {
- $OUT .= '<em style="cursor:help" class="admin_note" title="{--MENU_WHAT_404--}">';
+ $OUT .= '<em style="cursor:help" class="admin_note" title="{%message,MENU_WHAT_404=' . $what_sub . '%}">';
}
$OUT .= $title_what;
$result = SQL_QUERY_ESC("SELECT `%s` AS `menu`, `title` FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE ".$what." ORDER BY `sort` ASC",
array($mode), __FUNCTION__, __LINE__);
- if (SQL_NUMROWS($result) > 0) {
+ if (!SQL_HASZERONUMS($result)) {
// Load menu as selection
$OUT = '<select name="' . $mode . '_menu';
if ((!empty($defid)) || ($defid == '0')) $OUT .= '[' . $defid . ']';
$OUT .= '</select>';
} else {
// No menus???
- $OUT = getMessage('ADMIN_PROBLEM_NO_MENU');
+ $OUT = '{--ADMIN_PROBLEM_NO_MENU--}';
}
// Return output
rebuildCache('config', 'config');
// Settings saved, so display message?
- if ($displayMessage === true) loadTemplate('admin_settings_saved', false, getMessage('SETTINGS_SAVED'));
+ if ($displayMessage === true) loadTemplate('admin_settings_saved', false, '{--SETTINGS_SAVED--}');
// Return affected rows
return $affected;
incrementStatsEntry('cache_hits');
} elseif (isExtensionInstalledAndNewer('admins', '0.6.7')) {
// Load from database when version of 'admins' is enough
- $result = SQL_QUERY_ESC("SELECT la_mode FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT `la_mode` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
array($adminId), __FUNCTION__, __LINE__);
// Do we have an entry?
loadTemplate('admin_settings_saved', false, sprintf(getMessage('ADMIN_STATUS_CHANGED'), $cnt, count($IDs)));
} else {
// Nothing selected!
- loadTemplate('admin_settings_saved', false, getMessage('ADMIN_NOTHING_SELECTED_CHANGE'));
+ loadTemplate('admin_settings_saved', false, '{--ADMIN_NOTHING_SELECTED_CHANGE--}');
}
}
// Is the raw userid set?
if (postRequestParameter($userid, $id) > 0) {
// Generate subject
- $subjectLine = getMessage('MEMBER_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
+ $subject = '{--MEMBER_' . strtoupper($subject) . '_' . strtoupper($table) . '_SUBJECT--}';
// Load email template
if (!empty($subjectPart)) {
}
// Send email out
- sendEmail(postRequestParameter($userid, $id), $subjectLine, $mail);
+ sendEmail(postRequestParameter($userid, $id), $subject, $mail);
} // END - if
// Generate subject
- $subjectLine = getMessage('ADMIN_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
+ $subject = '{--ADMIN_' . strtoupper($subject) . '_' . strtoupper($table) . '_SUBJECT--}';
// Send admin notification out
if (!empty($subjectPart)) {
- sendAdminNotification($subjectLine, 'admin_' . $mode . '_' . strtolower($subjectPart) . '_' . $table, $content, postRequestParameter($userid, $id));
+ sendAdminNotification($subject, 'admin_' . $mode . '_' . strtolower($subjectPart) . '_' . $table, $content, postRequestParameter($userid, $id));
} else {
- sendAdminNotification($subjectLine, 'admin_' . $mode . '_' . $table, $content, postRequestParameter($userid, $id));
+ sendAdminNotification($subject, 'admin_' . $mode . '_' . $table, $content, postRequestParameter($userid, $id));
}
}
// Build a special template list
function adminListBuilder ($listType, $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $userid = 'userid') {
- $OUT = ''; $SW = 2;
+ $OUT = '';
// "Walk" through all entries
foreach ($IDs as $id => $selected) {
$content[$key] = handleExtraValues($filterFunctions[$idx], $value, $extraValues[$idx]);
} // END - foreach
- // Add color switching
- $content['sw'] = $SW;
-
// Then list it
$OUT .= loadTemplate(sprintf("admin_%s_%s_row",
$listType,
$table
), true, $content
);
-
- // Switch color
- $SW = 3 - $SW;
} // END - if
// Free the result
} // END - if
} elseif (isset($content[$column])) {
// Unfinished!
- debug_report_bug(__FUNCTION__, __LINE__, ":UNFINISHED: id={$id}/{$column}[".gettype($statusInfo)."] = {$content[$column]}");
+ debug_report_bug(__FUNCTION__, __LINE__, ':UNFINISHED: id=' . $id . ',column=' . $column . '[' . gettype($statusInfo) . '] = ' . $content[$column]);
}
} // END - foreach
// Was this fine?
if (SQL_AFFECTEDROWS() == count($IDs)) {
// All deleted
- loadTemplate('admin_settings_saved', false, getMessage('ADMIN_ALL_ENTRIES_REMOVED'));
+ loadTemplate('admin_settings_saved', false, '{--ADMIN_ALL_ENTRIES_REMOVED--}');
} else {
// Some are still there :(
loadTemplate('admin_settings_saved', false, sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_DELETED'), SQL_AFFECTEDROWS(), count($IDs)));
// Was this fine?
if ($affected == count($IDs)) {
// All deleted
- loadTemplate('admin_settings_saved', false, getMessage('ADMIN_ALL_ENTRIES_EDITED'));
+ loadTemplate('admin_settings_saved', false, '{--ADMIN_ALL_ENTRIES_EDITED--}');
} else {
// Some are still there :(
loadTemplate('admin_settings_saved', false, sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_EDITED'), $affected, count($IDs)));
// Is there an account?
if (SQL_HASZERONUMS($result)) {
// No account found!
- return getMessage('ADMIN_NO_LOGIN_WITH_EMAIL');
+ return '{--ADMIN_NO_LOGIN_WITH_EMAIL--}';
} // END - if
// Load all data
SQL_FREERESULT($result);
// Generate hash for reset link
- $content['hash'] = generateHash(getConfig('URL') . ':' . $content['id'] . ':' . $content['login'] . ':' . $content['password'], substr($content['password'], 10));
+ $content['hash'] = generateHash(getUrl() . ':' . $content['id'] . ':' . $content['login'] . ':' . $content['password'], substr($content['password'], 10));
// Remove some data
unset($content['id']);
$mailText = loadEmailTemplate('admin_reset_password', $content);
// Send it out
- sendEmail($email, getMessage('ADMIN_RESET_PASS_LINK_SUBJ'), $mailText);
+ sendEmail($email, '{--ADMIN_RESET_PASS_LINK_SUBJECT--}', $mailText);
// Prepare output
- return getMessage('ADMIN_RESET_LINK_SENT');
+ return '{--ADMIN_RESET_LINK_SENT--}';
}
// Validate hash and login for password reset
$content = SQL_FETCHARRAY($result);
// Generate hash again
- $hashFromData = generateHash(getConfig('URL') . ':' . $content['id'] . ':' . $login . ':' . $content['password'], substr($content['password'], 10));
+ $hashFromData = generateHash(getUrl() . ':' . $content['id'] . ':' . $login . ':' . $content['password'], substr($content['password'], 10));
// Does both match?
$valid = ($hash == $hashFromData);
runFilterChain('post_admin_reset_pass', array('login' => $login, 'hash' => $passHash));
// Return output
- return getMessage('ADMIN_PASSWORD_RESET_DONE');
+ return '{--ADMIN_PASSWORD_RESET_DONE--}';
}
// Solves a task by given id number
// Output message for other status than ask/agreed
if (($return != 'ask') && ($return != 'agreed')) {
// Output message
- loadTemplate('admin_settings_saved', false, getMessage('ADMIN_EXPERT_SETTINGS_STATUS_' . strtoupper($return)));
+ loadTemplate('admin_settings_saved', false, '{--ADMIN_EXPERT_SETTINGS_STATUS_' . strtoupper($return) . '--}');
} // END - if
// Return status
$NAV .= '<a href="{%url=modules.php?module=admin&what=' . getWhat() . '&page=' . $page . '&offset=' . $offset;
// Add userid when we shall show all mails from a single member
- if ((isGetRequestParameterSet('userid')) && (bigintval(getRequestParameter('userid')) > 0)) $NAV .= '&userid=' . bigintval(getRequestParameter('userid'));
+ if ((isGetRequestParameterSet('userid')) && (isValidUserId(getRequestParameter('userid')))) $NAV .= '&userid=' . bigintval(getRequestParameter('userid'));
// Close open anchor tag
$NAV .= '%}">';
projects / mailer.git / blobdiff