Fixes for 'empty version'

[mailer.git] / inc / modules / admin / admin-inc.php

diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index d7a51703112ed512da4ec8dc39bfe107416d4c34..c43101826b69b249db598a5e4fd66fa428a6d43c 100644 (file)
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -116,12 +116,13 @@ function ifAdminLoginDataIsValid ($admin, $password) {
                SQL_FREERESULT($result);
        }
 
-       //* DEBUG: */ outputHtml("*".$data['password'].'/'.md5($password).'/'.$ret."<br />");
+       //* DEBUG: */ outputHtml('*' . $data['password'] . '/' . md5($password) .'/' . $ret . '*<br />');
        if ((isset($data['password'])) && (strlen($data['password']) == 32) && ($data['password'] == md5($password))) {
                // Generate new hash
                $data['password'] = generateHash($password);
 
                // Is the sql_patches not installed, than we cannot have a valid hashed password here!
+               //* DEBUG: */ outputHtml($ret . ',' . intval(isExtensionInstalledAndOlder('sql_patches', '0.3.6')) . '/' . intval(!isExtensionInstalled('sql_patches')).'<br />');
                if (($ret == 'pass') && ((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionInstalled('sql_patches')))) $ret = 'done';
        } elseif ((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionInstalled('sql_patches'))) {
                // Old hashing way
@@ -135,8 +136,8 @@ function ifAdminLoginDataIsValid ($admin, $password) {
        $salt = substr($data['password'], 0, -40);
 
        // Check if password is same
-       //* DEBUG: */ outputHtml("*".$ret.','.$data['password'].','.$password.','.$salt."*<br />");
-       if (($ret == 'pass') && ($data['password'] == generateHash($password, $salt)) && ((!empty($salt))) || ($data['password'] == $password)) {
+       //* DEBUG: */ outputHtml('*' . $ret . ',' . $data['password'] . ',' . $password . ',' . $salt . '*<br />');
+       if (($ret == 'pass') && ($data['password'] == generateHash($password, $salt)) && ((!empty($salt))) || ($data['password'] == md5($password))) {
                // Re-hash the plain passord with new random salt
                $data['password'] = generateHash($password);
 
@@ -313,7 +314,7 @@ LIMIT 1",
                }
        } else {
                // Invalid action/what pair found!
-               loadTemplate('admin_menu_failed', false, sprintf(getMessage('ADMIN_ACTION_INVALID'), $action.'/'.$what));
+               loadTemplate('admin_menu_failed', false, sprintf(getMessage('ADMIN_ACTION_INVALID'), $action . '/' . $what));
        }
 
        // Free memory
@@ -532,7 +533,7 @@ function addMemberSelectionBox ($def=0, $add_all=false, $return=false, $none=fal
 function adminMenuSelectionBox_DEPRECATED ($mode, $default = '', $defid = '') {
        $what = "`what` != ''";
        if ($mode == 'action') $what = "(`what`='' OR `what` IS NULL) AND action !='login'";
-       $result = SQL_QUERY_ESC("SELECT %s, title FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE ".$what." ORDER BY `sort`",
+       $result = SQL_QUERY_ESC("SELECT %s, `title` FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE ".$what." ORDER BY `sort` ASC",
                array($mode), __FUNCTION__, __LINE__);
        if (SQL_NUMROWS($result) > 0) {
                // Load menu as selection