__ACL_ALLOW rewritten to and @TODO finished

[mailer.git] / inc / modules / admin / admin-inc.php
diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php

index 9c8a1810224cdf5f4222744371b83063dce32483..288510d631cd95a701c338fb6a2a3765ebc7ea51 100644 (file)
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -37,61 +37,62 @@ if (!defined('__SECURITY')) {
         require($INC);
  }
  
-//
-function REGISTER_ADMIN ($user, $md5, $email=WEBMASTER)
-{
-       $ret = "failed";
-       $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
-        array($user), __FILE__, __LINE__);
+// Register an administrator account
+function REGISTER_ADMIN ($user, $md5, $email=WEBMASTER) {
+       // Login does already exist
+       $ret = "already";
+
+       // Lookup the user
+       $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1",
+               array($user), __FUNCTION__, __LINE__);
+
+       // Is the entry there?
         if (SQL_NUMROWS($result) == 0) {
                 // Ok, let's create the admin login
-               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s', '%s', '%s')",
-                array($user, $md5, $email), __FILE__, __LINE__);
+               SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins` (login, password, email) VALUES ('%s', '%s', '%s')",
+                       array($user, $md5, $email), __FUNCTION__, __LINE__);
                 $ret = "done";
-       } else {
-               // Free memory
-               SQL_FREERESULT($result);
+       } // END - if
  
-               // Login does already exist
-               $ret = "already";
-       }
+       // Free memory
+       SQL_FREERESULT($result);
+
+       // Return result
         return $ret;
  }
  // Only be executed on login procedure!
-function CHECK_ADMIN_LOGIN ($admin_login, $password)
-{
-       global $cacheArray, $_CONFIG, $cacheInstance;
-
-       // Init variables
+function CHECK_ADMIN_LOGIN ($admin_login, $password) {
+       // By default no admin is found
         $ret = "404";
-       $data = array();
  
         // Get admin id
         $aid = GET_ADMIN_ID($admin_login);
  
+       // Init array with admin id by default
+       $data = array('aid' => $aid);
+
         // Is the cache valid?
-       if (!empty($cacheArray['admins']['password'][$aid])) {
+       if (isset($GLOBALS['cache_array']['admins']['password'][$aid])) {
                 // Get password from cache
-               $data['password'] = $cacheArray['admins']['password'][$aid];
+               $data['password'] = $GLOBALS['cache_array']['admins']['password'][$aid];
                 $ret = "pass";
-               if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
+               incrementConfigEntry('cache_hits');
  
                 // Include more admins data?
                 if (GET_EXT_VERSION("admins") >= "0.7.0") {
                         // Load them here
-                       $data['login_failtures'] = $cacheArray['admins']['login_failtures'][$aid];
-                       $data['last_failture']   = $cacheArray['admins']['last_failture'][$aid];
+                       $data['login_failures'] = $GLOBALS['cache_array']['admins']['login_failures'][$aid];
+                       $data['last_failure']   = $GLOBALS['cache_array']['admins']['last_failure'][$aid];
                 } // END - if
         } elseif (!EXT_IS_ACTIVE("cache")) {
-               $ADD = "";
-               if (GET_EXT_VERSION("admins") >= "0.7.0") {
-                       // Load them here
-                       $ADD = ", login_failtures, UNIX_TIMESTAMP(last_failture) AS last_failture";
-               } // END - if
+               // Add extra data via filter now
+               $ADD = RUN_FILTER('sql_admin_extra_data');
  
                 // Get password from DB
-               $result = SQL_QUERY_ESC("SELECT password".$ADD." FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
-                array($aid), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("SELECT password".$ADD." FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1",
+                       array($aid), __FUNCTION__, __LINE__);
+
+               // Entry found?
                 if (SQL_NUMROWS($result) == 1) {
                         // Login password found
                         $ret = "pass";
@@ -130,19 +131,19 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password)
                 $data['password'] = generateHash($password);
  
                 // Do we have 0.7.0 of admins or later?
-               // Remmeber login failtures if available
-               if (GET_EXT_VERSION("admins") >= "0.7.0") {
+               // Remmeber login failures if available
+               if (GET_EXT_VERSION("admins") >= "0.7.2") {
                         // Store it in session
-                       set_session('mxchange_admin_failtures', $data['login_failtures']);
-                       set_session('mxchange_admin_last_fail', $data['last_failture']);
+                       set_session('mxchange_admin_failures', $data['login_failures']);
+                       set_session('mxchange_admin_last_fail', $data['last_failure']);
  
-                       // Update password and reset login failtures
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s',login_failtures=0,last_failture='0000-00-00 00:00:00' WHERE id=%s LIMIT 1",
-                               array($data['password'], $aid), __FILE__, __LINE__);
+                       // Update password and reset login failures
+                       SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s',login_failures=0,last_failure='0000-00-00 00:00:00' WHERE id=%s LIMIT 1",
+                               array($data['password'], $aid), __FUNCTION__, __LINE__);
                 } else {
                         // Update password
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE id=%s LIMIT 1",
-                               array($data['password'], $aid), __FILE__, __LINE__);
+                       SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s' WHERE id=%s LIMIT 1",
+                               array($data['password'], $aid), __FUNCTION__, __LINE__);
                 }
  
                 // Rebuild cache
@@ -167,11 +168,11 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password)
                 } // END - if
         }
  
-       // Count login failture if admins extension version is 0.7.0+
+       // Count login failure if admins extension version is 0.7.0+
         if (($ret == "pass") && (GET_EXT_VERSION("admins") >= "0.7.0")) {
                 // Update counter
-               SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login_failtures=login_failtures+1,last_failture=NOW() WHERE id=%s LIMIT 1",
-                       array($aid), __FILE__, __LINE__);
+               SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET login_failures=login_failures+1,last_failure=NOW() WHERE id=%s LIMIT 1",
+                       array($aid), __FUNCTION__, __LINE__);
  
                 // Rebuild cache
                 REBUILD_CACHE("admins", "admin");
@@ -184,13 +185,11 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password)
  
  // Try to login the admin by setting some session/cookie variables
  function LOGIN_ADMIN ($adminLogin, $passHash) {
-       global $cacheInstance;
-
-       // Reset failture counter on matching admins version
+       // Reset failure counter on matching admins version
         if ((GET_EXT_VERSION("admins") >= "0.7.0") && ((EXT_VERSION_IS_OLDER("sql_patches", "0.3.6")) || (GET_EXT_VERSION("sql_patches") == ""))) {
                 // Reset counter on out-dated sql_patches version
-               SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login_failtures=0,last_failture='0000-00-00 00:00:00' WHERE login='%s' LIMIT 1",
-                       array($adminLogin), __FILE__, __LINE__);
+               SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET login_failures=0,last_failure='0000-00-00 00:00:00' WHERE login='%s' LIMIT 1",
+                       array($adminLogin), __FUNCTION__, __LINE__);
  
                 // Rebuild cache
                 REBUILD_CACHE("admins", "admin");
@@ -199,20 +198,20 @@ function LOGIN_ADMIN ($adminLogin, $passHash) {
         // Now set all session variables and return the result
         return (
                 (
-                       set_session("admin_md5", generatePassString($passHash))
+                       set_session('admin_md5', generatePassString($passHash))
                 ) && (
-                       set_session("admin_login", $adminLogin)
+                       set_session('admin_login', $adminLogin)
                 ) && (
-                       set_session("admin_last", time())
+                       set_session('admin_last', time())
                 ) && (
-                       set_session("admin_to", bigintval($_POST['timeout']))
+                       set_session('admin_to', bigintval(REQUEST_POST('timeout')))
                 )
         );
  }
  
  // Only be executed on cookie checking
  function CHECK_ADMIN_COOKIES ($admin_login, $password) {
-       global $cacheArray, $_CONFIG;
+       // By default no admin cookies are found
         $ret = "404"; $pass = "";
  
         // Get hash
@@ -230,86 +229,11 @@ function CHECK_ADMIN_COOKIES ($admin_login, $password) {
         // Return result
         return $ret;
  }
-//
-function admin_WriteData ($file, $comment, $prefix, $suffix, $DATA, $seek=0) {
-       // Initialize some variables
-       $done = false;
-       $seek++;
-       $next=-1;
-       $found = false;
-
-       // Is the file there and read-/write-able?
-       if ((FILE_READABLE($file)) && (is_writeable($file))) {
-               $search = "CFG: ".$comment;
-               $tmp = $file.".tmp";
-
-               // Open the source file
-               $fp = @fopen($file, 'r') or OUTPUT_HTML("<STRONG>READ:</STRONG> ".$file."<br />");
-
-               // Is the resource valid?
-               if (is_resource($fp)) {
-                       // Open temporary file
-                       $fp_tmp = @fopen($tmp, 'w') or OUTPUT_HTML("<STRONG>WRITE:</STRONG> ".$tmp."<br />");
-
-                       // Is the resource again valid?
-                       if (is_resource($fp_tmp)) {
-                               while (!feof($fp)) {
-                                       // Read from source file
-                                       $line = fgets ($fp, 1024);
-
-                                       if (strpos($line, $search) > -1) { $next = 0; $found = true; }
-
-                                       if ($next > -1) {
-                                               if ($next === $seek) {
-                                                       $next = -1;
-                                                       $line = $prefix . $DATA . $suffix."\n";
-                                               } else {
-                                                       $next++;
-                                               }
-                                       }
-
-                                       // Write to temp file
-                                       fputs($fp_tmp, $line);
-                               }
-
-                               // Close temp file
-                               fclose($fp_tmp);
-
-                               // Finished writing tmp file
-                               $done = true;
-                       }
-
-                       // Close source file
-                       fclose($fp);
-
-                       if (($done) && ($found)) {
-                               // Copy back tmp file and delete tmp :-)
-                               @copy($tmp, $file);
-                               @unlink($tmp);
-                               define('_FATAL', false);
-                       } elseif (!$found) {
-                               OUTPUT_HTML("<STRONG>CHANGE:</STRONG> 404!");
-                               define('_FATAL', true);
-                       } else {
-                               OUTPUT_HTML("<STRONG>TMP:</STRONG> UNDONE!");
-                               define('_FATAL', true);
-                       }
-               }
-       } else {
-               // File not found, not readable or writeable
-               OUTPUT_HTML("<STRONG>404:</STRONG> ".$file."<br />");
-       }
-}
  
  //
-function ADMIN_DO_ACTION($wht) {
-       global $menuDesription, $menuTitle, $_CONFIG, $cacheArray, $DATA, $DEPTH;
-
+function ADMIN_DO_ACTION ($wht) {
+       global $DATA;
         //* DEBUG: */ echo __LINE__."*".$wht."/".$GLOBALS['module']."/".$GLOBALS['action']."/".$GLOBALS['what']."*<br />\n";
-       if (EXT_IS_ACTIVE("cache")) {
-               // Include cache instance
-               global $cacheInstance;
-       }
  
         // Remove any spaces from variable
         if (empty($wht)) {
@@ -325,7 +249,7 @@ function ADMIN_DO_ACTION($wht) {
  
         // Define admin login name and ID number
         define('__ADMIN_LOGIN', get_session('admin_login'));
-       define('__ADMIN_ID'   , GET_ADMIN_ID(get_session('admin_login')));
+       define('__ADMIN_ID'   , GET_CURRENT_ADMIN_ID());
  
         // Preload templates
         if (EXT_IS_ACTIVE("admins")) {
@@ -340,29 +264,28 @@ function ADMIN_DO_ACTION($wht) {
         LOAD_TEMPLATE("admin_main_header");
  
         // Check if action/what pair is valid
-       $result_action = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu
-WHERE action='%s' AND ((what='%s' AND what != 'overview') OR ((what='' OR what IS NULL) AND '%s'='overview'))
-LIMIT 1", array($act, $wht, $wht), __FILE__, __LINE__);
+       $result_action = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admin_menu`
+WHERE `action`='%s' AND ((what='%s' AND what != 'overview') OR ((what='' OR `what` IS NULL) AND '%s'='overview'))
+LIMIT 1", array($act, $wht, $wht), __FUNCTION__, __LINE__);
         if (SQL_NUMROWS($result_action) == 1) {
-
                 // Is valid but does the inlcude file exists?
-               $INC = sprintf("%sinc/modules/admin/action-%s.php", PATH, $act);
-               if ((FILE_READABLE($INC)) && (VALIDATE_MENU_ACTION("admin", $act, $wht)) && (__ACL_ALLOW == true)) {
+               $INC = sprintf("inc/modules/admin/action-%s.php", $act);
+               if ((INCLUDE_READABLE($INC)) && (VALIDATE_MENU_ACTION("admin", $act, $wht)) && ($GLOBALS['acl_allow'] === true)) {
                         // Ok, we finally load the admin action module
-                       include($INC);
-               } elseif (__ACL_ALLOW == false) {
+                       LOAD_INC($INC);
+               } elseif ($GLOBALS['acl_allow'] === false) {
                         // Access denied
-                       LOAD_TEMPLATE("admin_menu_failed", false, ADMINS_ACCESS_DENIED);
-                       ADD_FATAL(ADMINS_ACCESS_DENIED);
+                       LOAD_TEMPLATE("admin_menu_failed", false, getMessage('ADMIN_ACCESS_DENIED'));
+                       addFatalMessage(__FUNCTION__, __LINE__, getMessage('ADMIN_ACCESS_DENIED'));
                 } else {
                         // Include file not found! :-(
-                       LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_404_ACTION);
-                       ADD_FATAL(ADMIN_404_ACTION_1.$act.ADMIN_404_ACTION_2);
+                       LOAD_TEMPLATE("admin_menu_failed", false, sprintf(getMessage('ADMIN_ACTION_404'), $act));
+                       addFatalMessage(__FUNCTION__, __LINE__, getMessage('ADMIN_ACTION_404'), $act);
                 }
         } else {
                 // Invalid action/what pair found!
-               LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_INVALID_ACTION);
-               ADD_FATAL(ADMIN_INVALID_ACTION_1.$act."/".$wht.ADMIN_INVALID_ACTION_2);
+               LOAD_TEMPLATE("admin_menu_failed", false, sprintf(getMessage('ADMIN_ACTION_INVALID'), $act."/".$wht));
+               addFatalMessage(__FUNCTION__, __LINE__, getMessage('ADMIN_ACTION_INVALID'), $act."/".$wht);
         }
  
         // Free memory
@@ -373,30 +296,28 @@ LIMIT 1", array($act, $wht, $wht), __FILE__, __LINE__);
  }
  //
  function ADD_ADMIN_MENU($act, $wht, $return=false) {
-       global $menuDesription, $menuTitle, $cacheInstance, $_CONFIG;
-
         // Init variables
         $SUB = false;
         $OUT = "";
  
         // Menu descriptions
-       $menuDesription = array();
-       $menuTitle = array();
+       $GLOBALS['menu']['description'] = array();
+       $GLOBALS['menu']['title'] = array();
  
         // Is there a cache instance?
-       if ((is_object($cacheInstance)) && (isset($_CONFIG['cache_admin_menu'])) && ($_CONFIG['cache_admin_menu'] == "Y")) {
+       if ((isset($GLOBALS['cache_instance'])) && (is_object($GLOBALS['cache_instance'])) && (getConfig('cache_admin_menu') == "Y")) {
                 // Create cache name
                 $cacheName = "admin_".$act."_".$wht."_".GET_LANGUAGE()."_".strtolower(get_session('admin_login'));
  
                 // Is that cache there?
-               if ($cacheInstance->loadCacheFile($cacheName)) {
+               if ($GLOBALS['cache_instance']->loadCacheFile($cacheName)) {
                         // Then load it
-                       $data = $cacheInstance->getArrayFromCache();
+                       $data = $GLOBALS['cache_instance']->getArrayFromCache();
  
                         // Extract all parts
                         $OUT = base64_decode($data['output'][0]);
-                       $menuTitle = unserialize(base64_decode($data['title'][0]));
-                       $menuDescription = unserialize(base64_decode($data['descr'][0]));
+                       $GLOBALS['menu']['title'] = unserialize(base64_decode($data['title'][0]));
+                       $GLOBALS['menu']['description'] = unserialize(base64_decode($data['descr'][0]));
  
                         // Return or output content?
                         if ($return) {
@@ -408,152 +329,147 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) {
         } // END - if
  
         // Build main menu
-       $result_main = SQL_QUERY("SELECT action, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) ORDER BY sort, id DESC", __FILE__, __LINE__);
-       if (SQL_NUMROWS($result_main) > 0)
-       {
-               $OUT = "<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_main\">
-<TR><TD colspan=\"2\" height=\"7\" class=\"seperator\">&nbsp;</TD></TR>\n";
-               while (list($menu, $title, $descr) = SQL_FETCHROW($result_main))
-               {
-                       if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2"))
-                       {
+       $result_main = SQL_QUERY("SELECT action, title, descr FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE (what='' OR `what` IS NULL) ORDER BY `sort`, id DESC", __FUNCTION__, __LINE__);
+       if (SQL_NUMROWS($result_main) > 0) {
+               $OUT = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_main\">
+<tr><td colspan=\"2\" height=\"7\" class=\"seperator\">&nbsp;</td></tr>\n";
+               while (list($menu, $title, $descr) = SQL_FETCHROW($result_main)) {
+                       if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2")) {
                                 $ACL = ADMINS_CHECK_ACL($menu, "");
-                       }
-                        else
-                       {
+                       } else {
                                 // ACL is "allow"... hmmm
                                 $ACL = true;
                         }
-                       if ($ACL)
-                       {
-                               if (!$SUB)
-                               {
+
+                       if ($ACL === true) {
+                               if (!$SUB) {
                                         // Insert compiled menu title and description
-                                       $menuTitle[$menu]      = $title;
-                                       $menuDesription[$menu] = $descr;
+                                       $GLOBALS['menu']['title'][$menu]      = $title;
+                                       $GLOBALS['menu']['description'][$menu] = $descr;
                                 }
-                               $OUT .= "<TR>
-       <TD class=\"admin_menu\" colspan=\"2\">
-               <NOBR>&nbsp;<STRONG>&middot;</STRONG>&nbsp;";
+                               $OUT .= "<tr>
+       <td class=\"admin_menu\" colspan=\"2\">
+               <NOBR>&nbsp;<strong>&middot;</strong>&nbsp;";
                                 if (($menu == $act) && (empty($wht)))
                                 {
-                                       $OUT .= "<STRONG>";
+                                       $OUT .= "<strong>";
                                 }
                                  else
                                 {
-                                       $OUT .= "[<A href=\"".URL."/modules.php?module=admin&amp;action=".$menu."\">";
+                                       $OUT .= "[<a href=\"{!URL!}/modules.php?module=admin&amp;action=".$menu."\">";
                                 }
                                 $OUT .= $title;
                                 if (($menu == $act) && (empty($wht)))
                                 {
-                                       $OUT .= "</STRONG>";
+                                       $OUT .= "</strong>";
                                 }
                                  else
                                 {
-                                       $OUT .= "</A>]";
+                                       $OUT .= "</a>]";
                                 }
-                               $OUT .= "</NOBR></TD>
-</TR>\n";
-                               $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort, id DESC",
-                                array($menu), __FILE__, __LINE__);
+                               $OUT .= "</NOBR></td>
+</tr>\n";
+                               $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort`, id DESC",
+                                       array($menu), __FUNCTION__, __LINE__);
                                 if ((SQL_NUMROWS($result_what) > 0) && ($act == $menu))
                                 {
-                                       $menuDesription = array();
-                                       $menuTitle = array(); $SUB = true;
-                                       $OUT .= "<TR>
-       <TD width=\"10\" class=\"seperator\">&nbsp;</TD>
-       <TD class=\"admin_menu\">
-               <TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_sub\">\n";
+                                       $GLOBALS['menu']['description'] = array();
+                                       $GLOBALS['menu']['title'] = array(); $SUB = true;
+                                       $OUT .= "<tr>
+       <td width=\"10\" class=\"seperator\">&nbsp;</td>
+       <td class=\"admin_menu\">
+               <table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_sub\">\n";
                                         while (list($wht_sub, $title_what, $desc_what) = SQL_FETCHROW($result_what)) {
                                                 // Filename
-                                               $INC = sprintf("%sinc/modules/admin/what-%s.php", PATH, $wht_sub);
+                                               $INC = sprintf("%sinc/modules/admin/what-%s.php", constant('PATH'), $wht_sub);
                                                 if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2")) {
                                                         $ACL = ADMINS_CHECK_ACL("", $wht_sub);
                                                 } else {
                                                         // ACL is "allow"... hmmm
                                                         $ACL = true;
                                                 }
-                                               $readable = FILE_READABLE($INC);
-                                               if ($ACL) {
+                                               $readable = INCLUDE_READABLE($INC);
+                                               if ($ACL === true) {
                                                         // Insert compiled title and description
-                                                       $menuTitle[$wht_sub]      = $title_what;
-                                                       $menuDesription[$wht_sub] = $desc_what;
-                                                       $OUT .= "<TR>
-       <TD class=\"admin_menu\" colspan=\"2\">
-               <NOBR>&nbsp;<STRONG>--&gt;</STRONG>&nbsp;";
-                                                       if ($readable)
+                                                       $GLOBALS['menu']['title'][$wht_sub]      = $title_what;
+                                                       $GLOBALS['menu']['description'][$wht_sub] = $desc_what;
+                                                       $OUT .= "<tr>
+       <td class=\"admin_menu\" colspan=\"2\">
+               <NOBR>&nbsp;<strong>--&gt;</strong>&nbsp;";
+                                                       if ($readable === true)
                                                         {
                                                                 if ($wht == $wht_sub)
                                                                 {
-                                                                       $OUT .= "<STRONG>";
+                                                                       $OUT .= "<strong>";
                                                                 }
                                                                  else
                                                                 {
-                                                                       $OUT .= "[<A href=\"".URL."/modules.php?module=admin&amp;what=".$wht_sub."\">";
+                                                                       $OUT .= "[<a href=\"{!URL!}/modules.php?module=admin&amp;what=".$wht_sub."\">";
                                                                 }
                                                         }
                                                          else
                                                         {
-                                                               $OUT .= "<I class=\"admin_note\">";
+                                                               $OUT .= "<i class=\"admin_note\">";
                                                         }
                                                         $OUT .= $title_what;
-                                                       if ($readable)
+                                                       if ($readable === true)
                                                         {
                                                                 if ($wht == $wht_sub)
                                                                 {
-                                                                       $OUT .= "</STRONG>";
+                                                                       $OUT .= "</strong>";
                                                                 }
                                                                  else
                                                                 {
-                                                                       $OUT .= "</A>]";
+                                                                       $OUT .= "</a>]";
                                                                 }
                                                         }
                                                          else
                                                         {
-                                                               $OUT .= "</I>";
+                                                               $OUT .= "</em>";
                                                         }
-                                                       $OUT .= "</NOBR></TD>
-</TR>\n";
+                                                       $OUT .= "</NOBR></td>
+</tr>\n";
                                                 }
                                         }
  
                                         // Free memory
                                         SQL_FREERESULT($result_what);
-                                       $OUT .= "    </TABLE>
-       </TD>
-</TR>\n";
+                                       $OUT .= "    </table>
+       </td>
+</tr>\n";
                                 }
-                               $OUT .= "<TR><TD height=\"7\" colspan=\"2\"></TD></TR>\n";
+                               $OUT .= "<tr><td height=\"7\" colspan=\"2\"></td></tr>\n";
                         }
                 }
  
                 // Free memory
                 SQL_FREERESULT($result_main);
-               $OUT .= "</TABLE>\n";
+               $OUT .= "</table>\n";
         }
  
         // Compile and run the code here. This inserts all constants into the
         // HTML output. Costs me some time to figure this out... *sigh* Quix0r
-       $eval = "\$OUT = \"".COMPILE_CODE(addslashes($OUT))."\";";
+       // @TODO Is this eval longer needed?
+       $eval = "\$OUT = \"".COMPILE_CODE(smartAddSlashes($OUT))."\";";
         eval($eval);
  
         // Is there a cache instance again?
-       if ((is_object($cacheInstance)) && (isset($_CONFIG['cache_admin_menu'])) && ($_CONFIG['cache_admin_menu'] == "Y")) {
+       if ((isset($GLOBALS['cache_instance'])) && (is_object($GLOBALS['cache_instance'])) && (getConfig('cache_admin_menu') == "Y")) {
                 // Init cache
-               $cacheInstance->init($cacheName);
+               $GLOBALS['cache_instance']->init($cacheName);
  
                 // Prepare cache data
                 $data = array(
                         'output' => base64_encode($OUT),
-                       'title'  => $menuTitle,
-                       'descr'  => $menuDesription
+                       'title'  => $GLOBALS['menu']['title'],
+                       'descr'  => $GLOBALS['menu']['description']
                 );
  
                 // Write the data away
-               $cacheInstance->addRow($data);
+               $GLOBALS['cache_instance']->addRow($data);
  
                 // Close cache
-               $cacheInstance->finalize();
+               $GLOBALS['cache_instance']->finalize();
         } // END - if
  
         // Return or output content?
@@ -567,17 +483,17 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) {
  function ADD_MEMBER_SELECTION_BOX ($def="0", $add_all=false, $return=false, $none=false, $field="userid")
  {
         // Output selection form with all confirmed user accounts listed
-       $result = SQL_QUERY("SELECT userid, surname, family FROM "._MYSQL_PREFIX."_user_data ORDER BY userid", __FILE__, __LINE__);
+       $result = SQL_QUERY("SELECT userid, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` ORDER BY userid", __FUNCTION__, __LINE__);
         $OUT = "";
  
         // USe this only for adding points (e.g. adding refs really makes no sence ;-) )
-       if ($add_all) $OUT = "      <OPTION value=\"all\">".ALL_MEMBERS."</OPTION>\n";
-        elseif ($none) $OUT = "      <OPTION value=\"0\">".SELECT_NONE."</OPTION>\n";
+       if ($add_all) $OUT = "      <option value=\"all\">".ALL_MEMBERS."</option>\n";
+        elseif ($none) $OUT = "      <option value=\"0\">".SELECT_NONE."</option>\n";
         while (list($id, $sname, $fname) = SQL_FETCHROW($result))
         {
-               $OUT .= "      <OPTION value=\"".bigintval($id)."\"";
+               $OUT .= "      <option value=\"".bigintval($id)."\"";
                 if ($def == $id) $OUT .= " selected=\"selected\"";
-               $OUT .= ">".$sname." ".$fname." (".bigintval($id).")</OPTION>\n";
+               $OUT .= ">".$sname." ".$fname." (".bigintval($id).")</option>\n";
         }
  
         // Free memory
@@ -599,37 +515,45 @@ function ADD_MEMBER_SELECTION_BOX ($def="0", $add_all=false, $return=false, $non
  }
  //
  function ADMIN_MENU_SELECTION($MODE, $default="", $defid="") {
-       $wht = "what != ''";
-       if ($MODE == "action") $wht = "(what='' OR what IS NULL) AND action !='login'";
-       $result = SQL_QUERY_ESC("SELECT %s, title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$wht." ORDER BY sort",
-        array($MODE), __FILE__, __LINE__);
+       $wht = "`what` != ''";
+       if ($MODE == "action") $wht = "(what='' OR `what` IS NULL) AND action !='login'";
+       $result = SQL_QUERY_ESC("SELECT %s, title FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE ".$wht." ORDER BY `sort`",
+        array($MODE), __FUNCTION__, __LINE__);
         if (SQL_NUMROWS($result) > 0) {
                 // Load menu as selection
-               $OUT = "<SELECT name=\"".$MODE."_menu";
+               $OUT = "<select name=\"".$MODE."_menu";
                 if ((!empty($defid)) || ($defid == "0")) $OUT .= "[".$defid."]";
                 $OUT .= "\" size=\"1\" class=\"admin_select\">
-       <OPTION value=\"\">".SELECT_NONE."</OPTION>\n";
+       <option value=\"\">".SELECT_NONE."</option>\n";
                 while (list($menu, $title) = SQL_FETCHROW($result)) {
-                       $OUT .= "  <OPTION value=\"".$menu."\"";
+                       $OUT .= "  <option value=\"".$menu."\"";
                         if ((!empty($default)) && ($default == $menu)) $OUT .= " selected=\"selected\"";
-                       $OUT .= ">".$title."</OPTION>\n";
+                       $OUT .= ">".$title."</option>\n";
                 } // END - while
  
                 // Free memory
                 SQL_FREERESULT($result);
-               $OUT .= "</SELECT>\n";
+               $OUT .= "</select>\n";
         } else {
                 // No menus???
-               $OUT = ADMIN_PROBLEM_NO_MENU;
+               $OUT = getMessage('ADMIN_PROBLEM_NO_MENU');
         }
  
         // Return output
         return $OUT;
  }
-// Save settings to the database
-function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="config=0", $translateComma=array(), $alwaysAdd=false) {
-       global $_CONFIG, $cacheArray, $cacheInstance;
  
+// Wrapper for $_POST and ADMIN_SAVE_SETTINGS
+function ADMIN_SAVE_SETTINGS_POST () {
+       // Get the array
+       $POST = REQUEST_POST_ARRAY();
+
+       // Call the lower function
+       ADMIN_SAVE_SETTINGS($POST);
+}
+
+// Save settings to the database
+function ADMIN_SAVE_SETTINGS (&$POST, $tableName = "_config", $whereStatement = "config=0", $translateComma = array(), $alwaysAdd = false) {
         // Prepare all arrays, variables
         $DATA = array();
         $skip = false;
@@ -663,7 +587,7 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="con
                                 }
  
                                 // Update current configuration
-                               $_CONFIG[$id] = $val;
+                               setConfigEntry($id, $val);
                         } // END - if
                 } // END - if
         } // END - foreach
@@ -672,9 +596,9 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="con
         $result = false;
         if (!$alwaysAdd) {
                 if (!empty($whereStatement)) {
-                       $result = SQL_QUERY("SELECT * FROM `"._MYSQL_PREFIX.$tableName."` WHERE ".$whereStatement." LIMIT 1", __FILE__, __LINE__);
+                       $result = SQL_QUERY("SELECT * FROM `{!_MYSQL_PREFIX!}".$tableName."` WHERE ".$whereStatement." LIMIT 1", __FUNCTION__, __LINE__);
                 } else {
-                       $result = SQL_QUERY("SELECT * FROM `"._MYSQL_PREFIX.$tableName."` LIMIT 1", __FILE__, __LINE__);
+                       $result = SQL_QUERY("SELECT * FROM `{!_MYSQL_PREFIX!}".$tableName."` LIMIT 1", __FUNCTION__, __LINE__);
                 }
         } // END - if
  
@@ -683,7 +607,7 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="con
                 $DATA_UPDATE = implode(", ", $DATA);
  
                 // Generate SQL string
-               $SQL = sprintf("UPDATE `"._MYSQL_PREFIX."%s` SET %s WHERE %s LIMIT 1",
+               $SQL = sprintf("UPDATE `{!_MYSQL_PREFIX!}%s` SET %s WHERE %s LIMIT 1",
                         $tableName,
                         $DATA_UPDATE,
                         $whereStatement
@@ -702,7 +626,7 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="con
                 $VALUEs = implode(", ", $VALUEs);
  
                 // Generate SQL string
-               $SQL = sprintf("INSERT INTO "._MYSQL_PREFIX."%s (%s) VALUES (%s)",
+               $SQL = sprintf("INSERT INTO {!_MYSQL_PREFIX!}%s (%s) VALUES (%s)",
                         $tableName,
                         $KEYs,
                         $VALUEs
@@ -713,38 +637,41 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName="_config", $whereStatement="con
         SQL_FREERESULT($result);
  
         // Simply run generated SQL string
-       $result = SQL_QUERY($SQL, __FILE__, __LINE__);
+       SQL_QUERY($SQL, __FUNCTION__, __LINE__);
  
         // Rebuild cache
         REBUILD_CACHE("config", "config");
  
         // Settings saved
-       LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_done\">".SETTINGS_SAVED."</STRONG>");
+       LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED'));
  }
-//
-function ADMIN_MAKE_MENU_SELECTION($menu, $type, $name, $default="") {
+
+// Generate a selection box
+function ADMIN_MAKE_MENU_SELECTION ($menu, $type, $name, $default="") {
         // Open the requested menu directory
-       $handle = opendir(sprintf("%sinc/modules/%s/", PATH, $menu)) or mxchange_die("Cannot load menu ".$menu."!");
+       $handle = opendir(sprintf("%sinc/modules/%s/", constant('PATH'), $menu)) or mxchange_die("Cannot load menu ".$menu."!");
  
         // Init the selection box
-       $OUT = "<SELECT name=\"".$name."\" class=\"admin_select\" size=\"1\">\n <OPTION value=\"\">".IS_TOP_MENU."</OPTION>\n";
+       $OUT = "<select name=\"".$name."\" class=\"admin_select\" size=\"1\">\n <option value=\"\">{--IS_TOP_MENU--}</option>\n";
  
         // Walk through all files
         while ($file = readdir($handle)) {
                 // Is this a PHP script?
                 if (($file != ".") && ($file != "..") && ($file != "lost+found") && (strpos($file, "".$type."-") > -1) && (strpos($file, ".php") > 0)) {
                         // Then test if the file is readable
-                       $test = sprintf("%sinc/modules/%s/%s", PATH, $menu, $file);
-                       if ((is_file($test)) && (is_readable($test))) {
+                       $test = sprintf("%sinc/modules/%s/%s", constant('PATH'), $menu, $file);
+
+                       // Is the file there?
+                       if (FILE_READABLE($test)) {
                                 // Extract the value for what=xxx
                                 $part = substr($file, (strlen($type) + 1));
                                 $part = substr($part, 0, -4);
  
                                 // Is that part different from the overview?
                                 if ($part != "overview") {
-                                       $OUT .= "       <OPTION value=\"".$part."\"";
-                                       if ($part == $default) $OUT .= "selected";
-                                       $OUT .= ">".$part."</OPTION>\n";
+                                       $OUT .= "       <option value=\"".$part."\"";
+                                       if ($part == $default) $OUT .= " selected=\"selected\"";
+                                       $OUT .= ">".$part."</option>\n";
                                 } // END - if
                         } // END - if
                 } // END - if
@@ -752,7 +679,9 @@ function ADMIN_MAKE_MENU_SELECTION($menu, $type, $name, $default="") {
  
         // Close dir and selection box
         closedir($handle);
-       $OUT .= "</SELECT>\n";
+       $OUT .= "</select>\n";
+       
+       // Return contents
         return $OUT;
  }
  //
@@ -767,29 +696,29 @@ function ADMIN_USER_PROFILE_LINK ($uid, $title="", $wht="list_user") {
                 return $title;
         } // END - if
  
-       //* DEBUG: */ echo "A:".$title."<br />";
+       //* DEBUG: */ echo "a:".$title."<br />";
         // Return link
-       return "<A href=\"".URL."/modules.php?module=admin&amp;what=".$wht."&amp;u_id=".$uid."\" title=\"".ADMIN_USER_PROFILE_TITLE."\">".$title."</A>";
+       return "<a href=\"{!URL!}/modules.php?module=admin&amp;what=".$wht."&amp;uid=".$uid."\" title=\"{--ADMIN_USER_PROFILE_TITLE--}\">".$title."</a>";
  }
-//
-function ADMIN_CHECK_MENU_MODE() {
-       global $_CONFIG, $cacheArray;
  
+// Check "logical-area-mode"
+function ADMIN_CHECK_MENU_MODE () {
         // Set the global mode as the mode for all admins
-       $MODE = $_CONFIG['admin_menu']; $ADMIN = $MODE;
+       $MODE = getConfig('admin_menu');
+       $ADMIN = $MODE;
  
         // Get admin id
-       $aid = GET_ADMIN_ID(get_session('admin_login'));
+       $aid = GET_CURRENT_ADMIN_ID();
  
         // Check individual settings of current admin
-       if (isset($cacheArray['admins']['la_mode'][$aid])) {
+       if (isset($GLOBALS['cache_array']['admins']['la_mode'][$aid])) {
                 // Load from cache
-               $ADMIN = $cacheArray['admins']['la_mode'][$aid];
-               if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
+               $ADMIN = $GLOBALS['cache_array']['admins']['la_mode'][$aid];
+               incrementConfigEntry('cache_hits');
         } elseif (GET_EXT_VERSION("admins") >= "0.6.7") {
                 // Load from database when version of "admins" is enough
-               $result = SQL_QUERY_ESC("SELECT la_mode FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
-                array($aid), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("SELECT la_mode FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1",
+                       array($aid), __FUNCTION__, __LINE__);
                 if (SQL_NUMROWS($result) == 1) {
                         // Load data
                         list($ADMIN) = SQL_FETCHROW($result);
@@ -805,9 +734,9 @@ function ADMIN_CHECK_MENU_MODE() {
         // Return admin-menu's mode
         return $MODE;
  }
+
  // Change activation status
  function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") {
-       global $_CONFIG;
         $cnt = 0; $newStatus = "Y";
         if ((is_array($IDs)) && (count($IDs) > 0)) {
                 // "Walk" all through and count them
@@ -815,38 +744,41 @@ function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") {
                         // Secure the ID number
                         $id = bigintval($id);
  
-                       // Should always be 1 ;-)
-                       if ($selected == 1) {
+                       // Should always be set... ;-)
+                       if (!empty($selected)) {
                                 // Determine new status
-                               $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_%s WHERE %s=%s LIMIT 1",
-                                       array($row, $table, $idRow, $id), __FILE__, __LINE__);
+                               $result = SQL_QUERY_ESC("SELECT %s FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
+                                       array($row, $table, $idRow, $id), __FUNCTION__, __LINE__);
  
                                 // Row found?
                                 if (SQL_NUMROWS($result) == 1) {
                                         // Load the status
                                         list($currStatus) = SQL_FETCHROW($result);
-                                       if ($currStatus == "Y") $newStatus='N'; else $newStatus = "Y";
+
+                                       // And switch it N<->Y
+                                       if ($currStatus == "Y") $newStatus = "N"; else $newStatus = "Y";
  
                                         // Change this status
-                                       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s SET %s='%s' WHERE %s=%s LIMIT 1",
-                                               array($table, $row, $newStatus, $idRow, $id), __FILE__, __LINE__);
+                                       SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_%s` SET %s='%s' WHERE %s=%s LIMIT 1",
+                                               array($table, $row, $newStatus, $idRow, $id), __FUNCTION__, __LINE__);
  
                                         // Count up affected rows
                                         $cnt += SQL_AFFECTEDROWS();
-                               }
+                               } // END - if
  
                                 // Free the result
                                 SQL_FREERESULT($result);
-                       }
-               }
+                       } // END - if
+               } // END - foreach
  
                 // Output status
                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_STATUS_CHANGED_1.$cnt.ADMIN_STATUS_CHANGED_2.count($IDs).ADMIN_STATUS_CHANGED_3);
         } else {
                 // Nothing selected!
-               LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NOTHING_SELECTED_CHANGE);
+               LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_NOTHING_SELECTED_CHANGE'));
         }
  }
+
  // Send mails for del/edit/lock build modes
  function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="") {
         // Default subject is the subject part
@@ -859,7 +791,7 @@ function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="")
         } // END - if
  
         // Is the raw userid set?
-       if ($_POST['uid_raw'][$id] > 0) {
+       if (REQUEST_POST('uid_raw', $id) > 0) {
                 // Generate subject
                 $subjectLine = constant('MEMBER_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
  
@@ -871,7 +803,7 @@ function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="")
                 }
  
                 // Send email out
-               SEND_EMAIL($_POST['uid_raw'][$id], $subjectLine, $mail);
+               SEND_EMAIL(REQUEST_POST('uid_raw', $id), $subjectLine, $mail);
         } // END - if
  
         // Generate subject
@@ -879,14 +811,14 @@ function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="")
  
         // Send admin notification out
         if (!empty($subjectPart)) {
-               SEND_ADMIN_NOTIFICATION($subjectLine, "admin_".$mode."_".strtolower($subjectPart)."_".$table, $content, $_POST['uid_raw'][$id]);
+               SEND_ADMIN_NOTIFICATION($subjectLine, "admin_".$mode."_".strtolower($subjectPart)."_".$table, $content, REQUEST_POST('uid_raw', $id));
         } else {
-               SEND_ADMIN_NOTIFICATION($subjectLine, "admin_".$mode."_".$table, $content, $_POST['uid_raw'][$id]);
+               SEND_ADMIN_NOTIFICATION($subjectLine, "admin_".$mode."_".$table, $content, REQUEST_POST('uid_raw', $id));
         }
  }
+
  // Build a special template list
  function ADMIN_BUILD_LIST ($listType, $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn) {
-       global $_CONFIG;
         $OUT = ""; $SW = 2;
  
         // "Walk" through all entries
@@ -895,7 +827,7 @@ function ADMIN_BUILD_LIST ($listType, $IDs, $table, $columns, $filterFunctions,
                 $id = bigintval($id);
  
                 // Get result from a given column array and table name
-               $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idColumn, $id, __FILE__, __LINE__);
+               $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idColumn, $id, __FUNCTION__, __LINE__);
  
                 // Is there one entry?
                 if (SQL_NUMROWS($result) == 1) {
@@ -942,6 +874,7 @@ function ADMIN_BUILD_LIST ($listType, $IDs, $table, $columns, $filterFunctions,
                 ), false, $OUT
         );
  }
+
  // Change status of "build" list
  function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray) {
         // All valid entries? (We hope so here!)
@@ -949,11 +882,13 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct
                 // "Walk" through all entries
                 foreach ($IDs as $id => $sel) {
                         // Construct SQL query
-                       $SQL = "UPDATE "._MYSQL_PREFIX."_".$table." SET";
+                       $SQL = sprintf("UPDATE `{!_MYSQL_PREFIX!}_%s` SET",
+                               SQL_ESCAPE($table)
+                       );
  
                         // Load data of entry
-                       $result = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_%s WHERE %s=%s LIMIT 1",
-                               array($table, $idColumn, $id), __FILE__, __LINE__);
+                       $result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
+                               array($table, $idColumn, $id), __FUNCTION__, __LINE__);
  
                         // Fetch the data
                         $content = SQL_FETCHARRAY($result);
@@ -985,7 +920,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct
                         } // END - foreach
  
                         // Add other columns as well
-                       foreach ($_POST as $key => $entries) {
+                       foreach (REQUEST_POST_ARRAY() as $key => $entries) {
                                 // Skip id, raw userid and 'do_$mode'
                                 if (!in_array($key, array($idColumn, 'uid_raw', ('do_'.$mode)))) {
                                         // Are there brackets () at the end?
@@ -1011,7 +946,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct
                         );
  
                         // Run the SQL
-                       SQL_QUERY($SQL, __FILE__, __LINE__);
+                       SQL_QUERY($SQL, __FUNCTION__, __LINE__);
  
                         // Do we have an URL?
                         if (isset($content['url'])) {
@@ -1024,6 +959,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct
                 } // END - foreach
         } // END - if
  }
+
  // Delete rows by given ID numbers
  function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $deleteNow=false, $idColumn="id", $userIdColumn="userid") {
         // All valid entries? (We hope so here!)
@@ -1031,16 +967,16 @@ function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFu
                 // Shall we delete here or list for deletion?
                 if ($deleteNow) {
                         // The base SQL command:
-                       $SQL = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_%s WHERE %s IN (%s)";
+                       $SQL = "DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s IN (%s)";
  
                         // Delete them all
                         $idList = "";
                         foreach ($IDs as $id => $sel) {
                                 // Is there a userid?
-                               if (isset($_POST['uid_raw'][$id])) {
+                               if (REQUEST_ISSET_POST('uid_raw', $id)) {
                                         // Load all data from that id
-                                       $result = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_%s WHERE %s=%s LIMIT 1",
-                                               array($table, $idColumn, $id), __FILE__, __LINE__);
+                                       $result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
+                                               array($table, $idColumn, $id), __FUNCTION__, __LINE__);
  
                                         // Fetch the data
                                         $content = SQL_FETCHARRAY($result);
@@ -1057,12 +993,12 @@ function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFu
                         } // END - foreach
  
                         // Run the query
-                       SQL_QUERY($SQL, array($table, $idColumn, substr($idList, 0, -1)), __FILE__, __LINE__);
+                       SQL_QUERY($SQL, array($table, $idColumn, substr($idList, 0, -1)), __FUNCTION__, __LINE__);
  
                         // Was this fine?
                         if (SQL_AFFECTEDROWS() == count($IDs)) {
                                 // All deleted
-                               LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ALL_ENTRIES_REMOVED);
+                               LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ALL_ENTRIES_REMOVED'));
                         } else {
                                 // Some are still there :(
                                 LOAD_TEMPLATE("admin_settings_saved", false, sprintf(ADMIN_SOME_ENTRIES_NOT_DELETED, SQL_AFFECTEDROWS(), count($IDs)));
@@ -1073,6 +1009,7 @@ function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFu
                 }
         } // END - if
  }
+
  // Edit rows by given ID numbers
  function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $editNow=false, $idColumn="id", $userIdColumn="userid") {
         // All valid entries? (We hope so here!)
@@ -1086,8 +1023,10 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc
                                 $content = array();
  
                                 // Prepare SQL for this row
-                               $SQL = "UPDATE "._MYSQL_PREFIX."_".$table." SET";
-                               foreach ($_POST as $key => $entries) {
+                               $SQL = sprintf("UPDATE `{!_MYSQL_PREFIX!}_ SET",
+                                       SQL_ESCAPE($table)
+                               );
+                               foreach (REQUEST_POST_ARRAY() as $key => $entries) {
                                         // Skip raw userid which is always invalid
                                         if ($key == "uid_raw") {
                                                 // Continue with next field
@@ -1126,14 +1065,14 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc
                                 $SQL = substr($SQL, 0, -1) . " WHERE ".$idColumn."=".bigintval($id)." LIMIT 1";
  
                                 // Run this query
-                               SQL_QUERY($SQL, __FILE__, __LINE__);
+                               SQL_QUERY($SQL, __FUNCTION__, __LINE__);
  
                                 // Add affected rows
                                 $affected += SQL_AFFECTEDROWS();
  
                                 // Load all data from that id
-                               $result = SQL_QUERY_ESC("SELECT * FROM "._MYSQL_PREFIX."_%s WHERE %s=%s LIMIT 1",
-                                       array($table, $idColumn, $id), __FILE__, __LINE__);
+                               $result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
+                                       array($table, $idColumn, $id), __FUNCTION__, __LINE__);
  
                                 // Fetch the data
                                 global $DATA;
@@ -1149,7 +1088,7 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc
                         // Was this fine?
                         if ($affected == count($IDs)) {
                                 // All deleted
-                               LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_ALL_ENTRIES_EDITED);
+                               LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ALL_ENTRIES_EDITED'));
                         } else {
                                 // Some are still there :(
                                 LOAD_TEMPLATE("admin_settings_saved", false, sprintf(ADMIN_SOME_ENTRIES_NOT_EDITED, $affected, count($IDs)));
@@ -1160,6 +1099,7 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc
                 }
         } // END - if
  }
+
  // Un-/lock rows by given ID numbers
  function ADMIN_LOCK_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn="id", $userIdColumn="userid") {
         // All valid entries? (We hope so here!)
@@ -1174,6 +1114,7 @@ function ADMIN_LOCK_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc
                 }
         } // END - if
  }
+
  // Undelete rows by given ID numbers
  function ADMIN_UNDELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn="id", $userIdColumn="userid") {
         // All valid entries? (We hope so here!)
@@ -1188,12 +1129,11 @@ function ADMIN_UNDELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filter
                 }
         } // END - if
  }
+
  // Checks proxy settins by fetching check-updates3.php from www.mxchange.org
  function ADMIN_TEST_PROXY_SETTINGS ($settingsArray) {
-       global $_CONFIG;
-
         // Set temporary the new settings
-       $_CONFIG = array_merge($_CONFIG, $settingsArray);
+       mergeConfig($settingsArray);
  
         // Now get the test URL
         $content = GET_URL("check-updates3.php");
@@ -1204,9 +1144,9 @@ function ADMIN_TEST_PROXY_SETTINGS ($settingsArray) {
         // Return result
         return $valid;
  }
+
  // Sends out a link to the given email adress so the admin can reset his/her password
  function ADMIN_SEND_PASSWORD_RESET_LINK ($email) {
-       global $_CONFIG;
         // Init output
         $OUT = "";
  
@@ -1214,13 +1154,13 @@ function ADMIN_SEND_PASSWORD_RESET_LINK ($email) {
         $email = COMPILE_CODE($email);
  
         // Look up administator login
-       $result = SQL_QUERY_ESC("SELECT id, login, password FROM "._MYSQL_PREFIX."_admins WHERE email='%s' LIMIT 1",
-               array($email), __FILE__, __LINE__);
+       $result = SQL_QUERY_ESC("SELECT id, login, password FROM `{!_MYSQL_PREFIX!}_admins` WHERE email='%s' LIMIT 1",
+               array($email), __FUNCTION__, __LINE__);
  
         // Is there an account?
         if (SQL_NUMROWS($result) == 0) {
                 // No account found!
-               return ADMIN_NO_LOGIN_WITH_EMAIL;
+               return getMessage('ADMIN_NO_LOGIN_WITH_EMAIL');
         } // END - if
  
         // Load all data
@@ -1240,11 +1180,12 @@ function ADMIN_SEND_PASSWORD_RESET_LINK ($email) {
         $mailText = LOAD_EMAIL_TEMPLATE("admin_reset_password", $content);
  
         // Send it out
-       SEND_EMAIL($email, ADMIN_RESET_PASS_LINK_SUBJ, $mailText);
+       SEND_EMAIL($email, getMessage('ADMIN_RESET_PASS_LINK_SUBJ'), $mailText);
  
         // Prepare output
-       return ADMIN_RESET_LINK_SENT;
+       return getMessage('ADMIN_RESET_LINK_SENT');
  }
+
  // Validate hash and login for password reset
  function ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN ($hash, $login) {
         // By default nothing validates... ;)
@@ -1254,8 +1195,8 @@ function ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN ($hash, $login) {
         $login = COMPILE_CODE($login);
  
         // Then try to find that user
-       $result = SQL_QUERY_ESC("SELECT id, password, email FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
-               array($login), __FILE__, __LINE__);
+       $result = SQL_QUERY_ESC("SELECT id, password, email FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1",
+               array($login), __FUNCTION__, __LINE__);
  
         // Is an account here?
         if (SQL_NUMROWS($result) == 1) {
@@ -1290,8 +1231,11 @@ function ADMIN_RESET_PASSWORD ($login, $password) {
         }
  
         // Update database
-       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE login='%s' LIMIT 1",
-               array($passHash, $login), __FILE__, __LINE__);
+       SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s' WHERE login='%s' LIMIT 1",
+               array($passHash, $login), __FUNCTION__, __LINE__);
+
+       // Run filters
+       RUN_FILTER('post_admin_reset_pass', array('login' => $login, 'hash' => $passHash));
  
         // Return output
         return ADMIN_PASSWORD_RESET_DONE;
@@ -1309,8 +1253,8 @@ function ADMIN_DELETE_TASK ($id) {
  // Function to update task data
  function ADMIN_UPDATE_TASK_DATA ($id, $row, $data) {
         // Update the task
-       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET %s='%s' WHERE id=%s LIMIT 1",
-               array($row, $data, bigintval($id)), __FILE__, __LINE__);
+       SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_task_system` SET %s='%s' WHERE id=%s LIMIT 1",
+               array($row, $data, bigintval($id)), __FUNCTION__, __LINE__);
  }
  //
  ?>