projects / mailer.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fixes/rewrites for missing sql_patches and check on admin's default access mode ...
[mailer.git] / inc / modules / admin / admin-inc.php
diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index 8d98c3d7ea56a6104b2eeae393bafa6e1125d112..f0aff19e6aae954eef2d6e6ef8e1995794ab4d95 100644 (file)
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -10,7 +10,12 @@
  * -------------------------------------------------------------------- *
  * Kurzbeschreibung  : Fuer die Administration benoetigte Funktionen    *
  * -------------------------------------------------------------------- *
- *                                                                      *
+ * $Revision::                                                        $ *
+ * $Date::                                                            $ *
+ * $Tag:: 0.2.1-FINAL                                                 $ *
+ * $Author::                                                          $ *
+ * Needs to be in all Files and every File needs "svn propset           *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  * For more information visit: http://www.mxchange.org                  *
@@ -38,19 +43,19 @@ if (!defined('__SECURITY')) {
 }
 
 // Register an administrator account
-function REGISTER_ADMIN ($user, $md5, $email=WEBMASTER) {
+function REGISTER_ADMIN ($user, $md5, $email) {
        // Login does already exist
        $ret = "already";
 
-       // Lookup the user
+       // Lookup the admin
        $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1",
-               array($user), __FILE__, __LINE__);
+               array($user), __FUNCTION__, __LINE__);
 
        // Is the entry there?
        if (SQL_NUMROWS($result) == 0) {
                // Ok, let's create the admin login
                SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins` (login, password, email) VALUES ('%s', '%s', '%s')",
-                       array($user, $md5, $email), __FILE__, __LINE__);
+                       array($user, $md5, $email), __FUNCTION__, __LINE__);
                $ret = "done";
        } // END - if
 
@@ -60,6 +65,7 @@ function REGISTER_ADMIN ($user, $md5, $email=WEBMASTER) {
        // Return result
        return $ret;
 }
+
 // Only be executed on login procedure!
 function CHECK_ADMIN_LOGIN ($admin_login, $password) {
        // By default no admin is found
@@ -79,18 +85,18 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password) {
                incrementConfigEntry('cache_hits');
 
                // Include more admins data?
-               if (GET_EXT_VERSION("admins") >= "0.7.0") {
+               if (GET_EXT_VERSION("admins") >= "0.7.2") {
                        // Load them here
                        $data['login_failures'] = $GLOBALS['cache_array']['admins']['login_failures'][$aid];
                        $data['last_failure']   = $GLOBALS['cache_array']['admins']['last_failure'][$aid];
                } // END - if
        } elseif (!EXT_IS_ACTIVE("cache")) {
                // Add extra data via filter now
-               $ADD = RUN_FILTER('sql_admin_extra_data');
+               $add = runFilterChain('sql_admin_extra_data');
 
                // Get password from DB
-               $result = SQL_QUERY_ESC("SELECT password".$ADD." FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1",
-                       array($aid), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("SELECT password".$add." FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1",
+                       array($aid), __FUNCTION__, __LINE__);
 
                // Entry found?
                if (SQL_NUMROWS($result) == 1) {
@@ -139,15 +145,15 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password) {
 
                        // Update password and reset login failures
                        SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s',login_failures=0,last_failure='0000-00-00 00:00:00' WHERE id=%s LIMIT 1",
-                               array($data['password'], $aid), __FILE__, __LINE__);
+                               array($data['password'], $aid), __FUNCTION__, __LINE__);
                } else {
                        // Update password
                        SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s' WHERE id=%s LIMIT 1",
-                               array($data['password'], $aid), __FILE__, __LINE__);
+                               array($data['password'], $aid), __FUNCTION__, __LINE__);
                }
 
                // Rebuild cache
-               REBUILD_CACHE("admins", "admin");
+               rebuildCacheFiles("admins", "admin");
 
                // Login has failed by default... ;-)
                $ret = "failed";
@@ -172,10 +178,10 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password) {
        if (($ret == "pass") && (GET_EXT_VERSION("admins") >= "0.7.0")) {
                // Update counter
                SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET login_failures=login_failures+1,last_failure=NOW() WHERE id=%s LIMIT 1",
-                       array($aid), __FILE__, __LINE__);
+                       array($aid), __FUNCTION__, __LINE__);
 
                // Rebuild cache
-               REBUILD_CACHE("admins", "admin");
+               rebuildCacheFiles("admins", "admin");
        } // END - if
 
        // Return the result
@@ -189,10 +195,10 @@ function LOGIN_ADMIN ($adminLogin, $passHash) {
        if ((GET_EXT_VERSION("admins") >= "0.7.0") && ((EXT_VERSION_IS_OLDER("sql_patches", "0.3.6")) || (GET_EXT_VERSION("sql_patches") == ""))) {
                // Reset counter on out-dated sql_patches version
                SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET login_failures=0,last_failure='0000-00-00 00:00:00' WHERE login='%s' LIMIT 1",
-                       array($adminLogin), __FILE__, __LINE__);
+                       array($adminLogin), __FUNCTION__, __LINE__);
 
                // Rebuild cache
-               REBUILD_CACHE("admins", "admin");
+               rebuildCacheFiles("admins", "admin");
        } // END - if
 
        // Now set all session variables and return the result
@@ -231,7 +237,7 @@ function CHECK_ADMIN_COOKIES ($admin_login, $password) {
 }
 
 //
-function ADMIN_DO_ACTION($wht) {
+function ADMIN_DO_ACTION ($wht) {
        global $DATA;
        //* DEBUG: */ echo __LINE__."*".$wht."/".$GLOBALS['module']."/".$GLOBALS['action']."/".$GLOBALS['what']."*<br />\n";
 
@@ -265,28 +271,27 @@ function ADMIN_DO_ACTION($wht) {
 
        // Check if action/what pair is valid
        $result_action = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admin_menu`
-WHERE `action`='%s' AND ((what='%s' AND what != 'overview') OR ((what='' OR `what` IS NULL) AND '%s'='overview'))
-LIMIT 1", array($act, $wht, $wht), __FILE__, __LINE__);
+WHERE `action`='%s' AND ((`what`='%s' AND what != 'overview') OR ((`what`='' OR `what` IS NULL) AND '%s'='overview'))
+LIMIT 1", array($act, $wht, $wht), __FUNCTION__, __LINE__);
        if (SQL_NUMROWS($result_action) == 1) {
-
                // Is valid but does the inlcude file exists?
                $INC = sprintf("inc/modules/admin/action-%s.php", $act);
-               if ((INCLUDE_READABLE($INC)) && (VALIDATE_MENU_ACTION("admin", $act, $wht)) && (__ACL_ALLOW == true)) {
+               if ((INCLUDE_READABLE($INC)) && (VALIDATE_MENU_ACTION("admin", $act, $wht)) && ($GLOBALS['acl_allow'] === true)) {
                        // Ok, we finally load the admin action module
                        LOAD_INC($INC);
-               } elseif (__ACL_ALLOW == false) {
+               } elseif ($GLOBALS['acl_allow'] === false) {
                        // Access denied
                        LOAD_TEMPLATE("admin_menu_failed", false, getMessage('ADMIN_ACCESS_DENIED'));
-                       addFatalMessage(getMessage('ADMIN_ACCESS_DENIED'));
+                       addFatalMessage(__FUNCTION__, __LINE__, getMessage('ADMIN_ACCESS_DENIED'));
                } else {
                        // Include file not found! :-(
                        LOAD_TEMPLATE("admin_menu_failed", false, sprintf(getMessage('ADMIN_ACTION_404'), $act));
-                       addFatalMessage(getMessage('ADMIN_ACTION_404'), $act);
+                       addFatalMessage(__FUNCTION__, __LINE__, getMessage('ADMIN_ACTION_404'), $act);
                }
        } else {
                // Invalid action/what pair found!
                LOAD_TEMPLATE("admin_menu_failed", false, sprintf(getMessage('ADMIN_ACTION_INVALID'), $act."/".$wht));
-               addFatalMessage(getMessage('ADMIN_ACTION_INVALID'), $act."/".$wht);
+               addFatalMessage(__FUNCTION__, __LINE__, getMessage('ADMIN_ACTION_INVALID'), $act."/".$wht);
        }
 
        // Free memory
@@ -295,8 +300,9 @@ LIMIT 1", array($act, $wht, $wht), __FILE__, __LINE__);
        // Tableset footer
        LOAD_TEMPLATE("admin_main_footer");
 }
+
 //
-function ADD_ADMIN_MENU($act, $wht, $return=false) {
+function ADD_ADMIN_MENU ($act, $wht, $return=false) {
        // Init variables
        $SUB = false;
        $OUT = "";
@@ -306,7 +312,7 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) {
        $GLOBALS['menu']['title'] = array();
 
        // Is there a cache instance?
-       if ((isset($GLOBALS['cache_instance'])) && (is_object($GLOBALS['cache_instance'])) && (getConfig('cache_admin_menu') == "Y")) {
+       if ((isCacheInstanceValid()) && (getConfig('cache_admin_menu') == "Y")) {
                // Create cache name
                $cacheName = "admin_".$act."_".$wht."_".GET_LANGUAGE()."_".strtolower(get_session('admin_login'));
 
@@ -321,7 +327,7 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) {
                        $GLOBALS['menu']['description'] = unserialize(base64_decode($data['descr'][0]));
 
                        // Return or output content?
-                       if ($return) {
+                       if ($return === true) {
                                return $OUT;
                        } else {
                                OUTPUT_HTML($OUT);
@@ -330,10 +336,11 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) {
        } // END - if
 
        // Build main menu
-       $result_main = SQL_QUERY("SELECT action, title, descr FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE (what='' OR `what` IS NULL) ORDER BY `sort`, id DESC", __FILE__, __LINE__);
+       $result_main = SQL_QUERY("SELECT action, title, descr FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE (`what`='' OR `what` IS NULL) ORDER BY `sort`, id DESC", __FUNCTION__, __LINE__);
        if (SQL_NUMROWS($result_main) > 0) {
                $OUT = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_main\">
 <tr><td colspan=\"2\" height=\"7\" class=\"seperator\">&nbsp;</td></tr>\n";
+               // @TODO Rewrite this to $content = SQL_FETCHARRAY()
                while (list($menu, $title, $descr) = SQL_FETCHROW($result_main)) {
                        if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2")) {
                                $ACL = ADMINS_CHECK_ACL($menu, "");
@@ -350,85 +357,84 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) {
                                }
                                $OUT .= "<tr>
        <td class=\"admin_menu\" colspan=\"2\">
-               <NOBR>&nbsp;<strong>&middot;</strong>&nbsp;";
-                               if (($menu == $act) && (empty($wht)))
-                               {
+               <div class=\"nobr\">&nbsp;<strong>&middot;</strong>&nbsp;";
+
+                               if (($menu == $act) && (empty($wht))) {
                                        $OUT .= "<strong>";
-                               }
-                                else
-                               {
+                               } else {
                                        $OUT .= "[<a href=\"{!URL!}/modules.php?module=admin&amp;action=".$menu."\">";
                                }
+
                                $OUT .= $title;
-                               if (($menu == $act) && (empty($wht)))
-                               {
+
+                               if (($menu == $act) && (empty($wht))) {
                                        $OUT .= "</strong>";
-                               }
-                                else
-                               {
+                               } else {
                                        $OUT .= "</a>]";
                                }
-                               $OUT .= "</NOBR></td>
+
+                               $OUT .= "</div></td>
 </tr>\n";
+
+                               // Check for menu entries
                                $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort`, id DESC",
-                                       array($menu), __FILE__, __LINE__);
-                               if ((SQL_NUMROWS($result_what) > 0) && ($act == $menu))
-                               {
+                                       array($menu), __FUNCTION__, __LINE__);
+
+                               // Remember the count for later checks
+                               setAdminMenuHasEntries($menu, ((SQL_NUMROWS($result_what) > 0) && ($act == $menu)));
+
+                               // Do we have entries?
+                               if ((ifAdminMenuHasEntries($menu)) && (SQL_NUMROWS($result_what) > 0)) {
                                        $GLOBALS['menu']['description'] = array();
                                        $GLOBALS['menu']['title'] = array(); $SUB = true;
                                        $OUT .= "<tr>
        <td width=\"10\" class=\"seperator\">&nbsp;</td>
        <td class=\"admin_menu\">
                <table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_menu_sub\">\n";
+                                       // @TODO Rewrite this to $content = SQL_FETCHARRAY()
                                        while (list($wht_sub, $title_what, $desc_what) = SQL_FETCHROW($result_what)) {
                                                // Filename
-                                               $INC = sprintf("%sinc/modules/admin/what-%s.php", constant('PATH'), $wht_sub);
+                                               $INC = sprintf("inc/modules/admin/what-%s.php", $wht_sub);
                                                if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2")) {
                                                        $ACL = ADMINS_CHECK_ACL("", $wht_sub);
                                                } else {
                                                        // ACL is "allow"... hmmm
                                                        $ACL = true;
                                                }
+
+                                               // Is the file readable?
                                                $readable = INCLUDE_READABLE($INC);
+
+                                               // Access allowed?
                                                if ($ACL === true) {
                                                        // Insert compiled title and description
                                                        $GLOBALS['menu']['title'][$wht_sub]      = $title_what;
                                                        $GLOBALS['menu']['description'][$wht_sub] = $desc_what;
                                                        $OUT .= "<tr>
        <td class=\"admin_menu\" colspan=\"2\">
-               <NOBR>&nbsp;<strong>--&gt;</strong>&nbsp;";
-                                                       if ($readable === true)
-                                                       {
-                                                               if ($wht == $wht_sub)
-                                                               {
+               <div class=\"nobr\">&nbsp;<strong>--&gt;</strong>&nbsp;";
+                                                       if ($readable === true) {
+                                                               if ($wht == $wht_sub) {
                                                                        $OUT .= "<strong>";
-                                                               }
-                                                                else
-                                                               {
+                                                               } else {
                                                                        $OUT .= "[<a href=\"{!URL!}/modules.php?module=admin&amp;what=".$wht_sub."\">";
                                                                }
-                                                       }
-                                                        else
-                                                       {
+                                                       } else {
                                                                $OUT .= "<i class=\"admin_note\">";
                                                        }
+
                                                        $OUT .= $title_what;
-                                                       if ($readable === true)
-                                                       {
-                                                               if ($wht == $wht_sub)
-                                                               {
+
+                                                       if ($readable === true) {
+                                                               if ($wht == $wht_sub) {
                                                                        $OUT .= "</strong>";
-                                                               }
-                                                                else
-                                                               {
+                                                               } else {
                                                                        $OUT .= "</a>]";
                                                                }
-                                                       }
-                                                        else
-                                                       {
+                                                       } else {
                                                                $OUT .= "</em>";
                                                        }
-                                                       $OUT .= "</NOBR></td>
+                                                       $OUT .= "</div></td>
 </tr>\n";
                                                }
                                        }
@@ -439,6 +445,7 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) {
        </td>
 </tr>\n";
                                }
+
                                $OUT .= "<tr><td height=\"7\" colspan=\"2\"></td></tr>\n";
                        }
                }
@@ -448,14 +455,8 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) {
                $OUT .= "</table>\n";
        }
 
-       // Compile and run the code here. This inserts all constants into the
-       // HTML output. Costs me some time to figure this out... *sigh* Quix0r
-       // @TODO Is this eval longer needed?
-       $eval = "\$OUT = \"".COMPILE_CODE(smartAddSlashes($OUT))."\";";
-       eval($eval);
-
        // Is there a cache instance again?
-       if ((isset($GLOBALS['cache_instance'])) && (is_object($GLOBALS['cache_instance'])) && (getConfig('cache_admin_menu') == "Y")) {
+       if ((isCacheInstanceValid()) && (getConfig('cache_admin_menu') == "Y")) {
                // Init cache
                $GLOBALS['cache_instance']->init($cacheName);
 
@@ -474,34 +475,37 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) {
        } // END - if
 
        // Return or output content?
-       if ($return) {
+       if ($return === true) {
                return $OUT;
        } else {
                OUTPUT_HTML($OUT);
        }
 }
-//
-function ADD_MEMBER_SELECTION_BOX ($def="0", $add_all=false, $return=false, $none=false, $field="userid")
-{
+
+// Create member selection box
+function ADD_MEMBER_SELECTION_BOX ($def="0", $add_all=false, $return=false, $none=false, $field="userid") {
        // Output selection form with all confirmed user accounts listed
-       $result = SQL_QUERY("SELECT userid, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` ORDER BY userid", __FILE__, __LINE__);
+       $result = SQL_QUERY("SELECT userid, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` ORDER BY userid", __FUNCTION__, __LINE__);
+
+       // Default output
        $OUT = "";
 
        // USe this only for adding points (e.g. adding refs really makes no sence ;-) )
-       if ($add_all) $OUT = "      <option value=\"all\">".ALL_MEMBERS."</option>\n";
-        elseif ($none) $OUT = "      <option value=\"0\">".SELECT_NONE."</option>\n";
-       while (list($id, $sname, $fname) = SQL_FETCHROW($result))
-       {
-               $OUT .= "      <option value=\"".bigintval($id)."\"";
-               if ($def == $id) $OUT .= " selected=\"selected\"";
-               $OUT .= ">".$sname." ".$fname." (".bigintval($id).")</option>\n";
-       }
+       if ($add_all === true)   $OUT = "      <option value=\"all\">{--ALL_MEMBERS--}</option>\n";
+        elseif ($none === true) $OUT = "      <option value=\"0\">{--SELECT_NONE--}</option>\n";
+
+       while ($content = SQL_FETCHARRAY($result)) {
+               $OUT .= "      <option value=\"".bigintval($content['userid'])."\"";
+               if ($def == $content['userid']) $OUT .= " selected=\"selected\"";
+               $OUT .= ">".$content['surname']." ".$content['family']." (".bigintval($content['userid']).")</option>\n";
+       } // END - while
 
        // Free memory
        SQL_FREERESULT($result);
 
        if (!$return) {
                // Remeber options in constant
+               // @TODO Rewrite these both constants
                define('_MEMBER_SELECTION', $OUT);
 
                // Display selection box
@@ -514,18 +518,20 @@ function ADD_MEMBER_SELECTION_BOX ($def="0", $add_all=false, $return=false, $non
                return "<select class=\"admin_select\" name=\"".$field."\" size=\"1\">\n".$OUT."</select>\n";
        }
 }
-//
-function ADMIN_MENU_SELECTION($MODE, $default="", $defid="") {
+
+// Create a menu selection box for given menu system
+function ADMIN_MENU_SELECTION ($MODE, $default="", $defid="") {
        $wht = "`what` != ''";
-       if ($MODE == "action") $wht = "(what='' OR `what` IS NULL) AND action !='login'";
+       if ($MODE == "action") $wht = "(`what`='' OR `what` IS NULL) AND action !='login'";
        $result = SQL_QUERY_ESC("SELECT %s, title FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE ".$wht." ORDER BY `sort`",
-        array($MODE), __FILE__, __LINE__);
+               array($MODE), __FUNCTION__, __LINE__);
        if (SQL_NUMROWS($result) > 0) {
                // Load menu as selection
                $OUT = "<select name=\"".$MODE."_menu";
                if ((!empty($defid)) || ($defid == "0")) $OUT .= "[".$defid."]";
                $OUT .= "\" size=\"1\" class=\"admin_select\">
-       <option value=\"\">".SELECT_NONE."</option>\n";
+       <option value=\"\">{--SELECT_NONE--}</option>\n";
+               // @TODO Try to rewrite this to $content = SQL_FETCHARRAY(). Please look some lines above for the dynamic query
                while (list($menu, $title) = SQL_FETCHROW($result)) {
                        $OUT .= "  <option value=\"".$menu."\"";
                        if ((!empty($default)) && ($default == $menu)) $OUT .= " selected=\"selected\"";
@@ -597,9 +603,9 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName = "_config", $whereStatement =
        $result = false;
        if (!$alwaysAdd) {
                if (!empty($whereStatement)) {
-                       $result = SQL_QUERY("SELECT * FROM `{!_MYSQL_PREFIX!}".$tableName."` WHERE ".$whereStatement." LIMIT 1", __FILE__, __LINE__);
+                       $result = SQL_QUERY("SELECT * FROM `{!_MYSQL_PREFIX!}".$tableName."` WHERE ".$whereStatement." LIMIT 1", __FUNCTION__, __LINE__);
                } else {
-                       $result = SQL_QUERY("SELECT * FROM `{!_MYSQL_PREFIX!}".$tableName."` LIMIT 1", __FILE__, __LINE__);
+                       $result = SQL_QUERY("SELECT * FROM `{!_MYSQL_PREFIX!}".$tableName."` LIMIT 1", __FUNCTION__, __LINE__);
                }
        } // END - if
 
@@ -608,7 +614,7 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName = "_config", $whereStatement =
                $DATA_UPDATE = implode(", ", $DATA);
 
                // Generate SQL string
-               $SQL = sprintf("UPDATE `{!_MYSQL_PREFIX!}%s` SET %s WHERE %s LIMIT 1",
+               $sql = sprintf("UPDATE `{!_MYSQL_PREFIX!}%s` SET %s WHERE %s LIMIT 1",
                        $tableName,
                        $DATA_UPDATE,
                        $whereStatement
@@ -627,7 +633,7 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName = "_config", $whereStatement =
                $VALUEs = implode(", ", $VALUEs);
 
                // Generate SQL string
-               $SQL = sprintf("INSERT INTO {!_MYSQL_PREFIX!}%s (%s) VALUES (%s)",
+               $sql = sprintf("INSERT INTO {!_MYSQL_PREFIX!}%s (%s) VALUES (%s)",
                        $tableName,
                        $KEYs,
                        $VALUEs
@@ -638,10 +644,10 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName = "_config", $whereStatement =
        SQL_FREERESULT($result);
 
        // Simply run generated SQL string
-       SQL_QUERY($SQL, __FILE__, __LINE__);
+       SQL_QUERY($sql, __FUNCTION__, __LINE__);
 
        // Rebuild cache
-       REBUILD_CACHE("config", "config");
+       rebuildCacheFiles("config", "config");
 
        // Settings saved
        LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED'));
@@ -650,13 +656,14 @@ function ADMIN_SAVE_SETTINGS (&$POST, $tableName = "_config", $whereStatement =
 // Generate a selection box
 function ADMIN_MAKE_MENU_SELECTION ($menu, $type, $name, $default="") {
        // Open the requested menu directory
-       $handle = opendir(sprintf("%sinc/modules/%s/", constant('PATH'), $menu)) or mxchange_die("Cannot load menu ".$menu."!");
+       $menuArray = GET_DIR_AS_ARRAY(sprintf("inc/modules/%s/", $menu), "", false, false);
 
        // Init the selection box
-       $OUT = "<select name=\"".$name."\" class=\"admin_select\" size=\"1\">\n <option value=\"\">{--IS_TOP_MENU--}</option>\n";
+       $OUT = "<select name=\"".$name."\" class=\"admin_select\" size=\"1\">
+       <option value=\"\">{--IS_TOP_MENU--}</option>\n";
 
        // Walk through all files
-       while ($file = readdir($handle)) {
+       foreach ($menuArray as $file) {
                // Is this a PHP script?
                if (($file != ".") && ($file != "..") && ($file != "lost+found") && (strpos($file, "".$type."-") > -1) && (strpos($file, ".php") > 0)) {
                        // Then test if the file is readable
@@ -676,16 +683,16 @@ function ADMIN_MAKE_MENU_SELECTION ($menu, $type, $name, $default="") {
                                } // END - if
                        } // END - if
                } // END - if
-       } // END - while
+       } // END - foreach
 
-       // Close dir and selection box
-       closedir($handle);
+       // Close selection box
        $OUT .= "</select>\n";
        
        // Return contents
        return $OUT;
 }
-//
+
+// Creates a user-profile link for the admin. This function can also be used for many other purposes
 function ADMIN_USER_PROFILE_LINK ($uid, $title="", $wht="list_user") {
        if (($title == "") && ($title != "0")) {
                // Set userid as title
@@ -719,7 +726,7 @@ function ADMIN_CHECK_MENU_MODE () {
        } elseif (GET_EXT_VERSION("admins") >= "0.6.7") {
                // Load from database when version of "admins" is enough
                $result = SQL_QUERY_ESC("SELECT la_mode FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1",
-                       array($aid), __FILE__, __LINE__);
+                       array($aid), __FUNCTION__, __LINE__);
                if (SQL_NUMROWS($result) == 1) {
                        // Load data
                        list($ADMIN) = SQL_FETCHROW($result);
@@ -749,7 +756,7 @@ function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") {
                        if (!empty($selected)) {
                                // Determine new status
                                $result = SQL_QUERY_ESC("SELECT %s FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
-                                       array($row, $table, $idRow, $id), __FILE__, __LINE__);
+                                       array($row, $table, $idRow, $id), __FUNCTION__, __LINE__);
 
                                // Row found?
                                if (SQL_NUMROWS($result) == 1) {
@@ -761,7 +768,7 @@ function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") {
 
                                        // Change this status
                                        SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_%s` SET %s='%s' WHERE %s=%s LIMIT 1",
-                                               array($table, $row, $newStatus, $idRow, $id), __FILE__, __LINE__);
+                                               array($table, $row, $newStatus, $idRow, $id), __FUNCTION__, __LINE__);
 
                                        // Count up affected rows
                                        $cnt += SQL_AFFECTEDROWS();
@@ -773,7 +780,7 @@ function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") {
                } // END - foreach
 
                // Output status
-               LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_STATUS_CHANGED_1.$cnt.ADMIN_STATUS_CHANGED_2.count($IDs).ADMIN_STATUS_CHANGED_3);
+               LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_STATUS_CHANGED'), $cnt, count($IDs)));
        } else {
                // Nothing selected!
                LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_NOTHING_SELECTED_CHANGE'));
@@ -794,7 +801,7 @@ function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="")
        // Is the raw userid set?
        if (REQUEST_POST('uid_raw', $id) > 0) {
                // Generate subject
-               $subjectLine = constant('MEMBER_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
+               $subjectLine = getMessage('MEMBER_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
 
                // Load email template
                if (!empty($subjectPart)) {
@@ -808,7 +815,7 @@ function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="")
        } // END - if
 
        // Generate subject
-       $subjectLine = constant('ADMIN_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
+       $subjectLine = getMessage('ADMIN_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
 
        // Send admin notification out
        if (!empty($subjectPart)) {
@@ -828,7 +835,7 @@ function ADMIN_BUILD_LIST ($listType, $IDs, $table, $columns, $filterFunctions,
                $id = bigintval($id);
 
                // Get result from a given column array and table name
-               $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idColumn, $id, __FILE__, __LINE__);
+               $result = SQL_RESULT_FROM_ARRAY($table, $columns, $idColumn, $id, __FUNCTION__, __LINE__);
 
                // Is there one entry?
                if (SQL_NUMROWS($result) == 1) {
@@ -883,13 +890,13 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct
                // "Walk" through all entries
                foreach ($IDs as $id => $sel) {
                        // Construct SQL query
-                       $SQL = sprintf("UPDATE `{!_MYSQL_PREFIX!}_%s` SET",
+                       $sql = sprintf("UPDATE `{!_MYSQL_PREFIX!}_%s` SET",
                                SQL_ESCAPE($table)
                        );
 
                        // Load data of entry
                        $result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
-                               array($table, $idColumn, $id), __FILE__, __LINE__);
+                               array($table, $idColumn, $id), __FUNCTION__, __LINE__);
 
                        // Fetch the data
                        $content = SQL_FETCHARRAY($result);
@@ -905,7 +912,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct
                                // Does the entry exist?
                                if ((isset($content[$column])) && (isset($statusInfo[$content[$column]]))) {
                                        // Add these entries for update
-                                       $SQL .= sprintf(" %s='%s',", SQL_ESCAPE($column), SQL_ESCAPE($statusInfo[$content[$column]]));
+                                       $sql .= sprintf(" %s='%s',", SQL_ESCAPE($column), SQL_ESCAPE($statusInfo[$content[$column]]));
 
                                        // Remember status
                                        if ($statusColumn == "unknown") {
@@ -916,7 +923,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct
                                        } // END - if
                                } elseif (isset($content[$column])) {
                                        // Unfinished!
-                                       mxchange_die("{--".__FUNCTION__."--}:".__LINE__.":UNFINISHED: id={$id}/{$column}[".gettype($statusInfo)."] = {$content[$column]}");
+                                       app_die(__FUNCTION__, __LINE__, ":UNFINISHED: id={$id}/{$column}[".gettype($statusInfo)."] = {$content[$column]}");
                                }
                        } // END - foreach
 
@@ -927,10 +934,10 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct
                                        // Are there brackets () at the end?
                                        if (substr($entries[$id], -2, 2) == "()") {
                                                // Direct SQL command found
-                                               $SQL .= sprintf(" %s=%s,", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id]));
+                                               $sql .= sprintf(" %s=%s,", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id]));
                                        } else {
                                                // Add regular entry
-                                               $SQL .= sprintf(" %s='%s',", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id]));
+                                               $sql .= sprintf(" %s='%s',", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id]));
 
                                                // Add entry
                                                $content[$key] = $entries[$id];
@@ -939,7 +946,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct
                        } // END - foreach
 
                        // Finish SQL statement
-                       $SQL = substr($SQL, 0, -1) . sprintf(" WHERE %s=%s AND %s='%s' LIMIT 1",
+                       $sql = substr($sql, 0, -1) . sprintf(" WHERE `%s`=%s AND `%s`='%s' LIMIT 1",
                                $idColumn,
                                bigintval($id),
                                $statusColumn,
@@ -947,7 +954,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct
                        );
 
                        // Run the SQL
-                       SQL_QUERY($SQL, __FILE__, __LINE__);
+                       SQL_QUERY($sql, __FUNCTION__, __LINE__);
 
                        // Do we have an URL?
                        if (isset($content['url'])) {
@@ -968,7 +975,7 @@ function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFu
                // Shall we delete here or list for deletion?
                if ($deleteNow) {
                        // The base SQL command:
-                       $SQL = "DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s IN (%s)";
+                       $sql = "DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s IN (%s)";
 
                        // Delete them all
                        $idList = "";
@@ -977,7 +984,7 @@ function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFu
                                if (REQUEST_ISSET_POST('uid_raw', $id)) {
                                        // Load all data from that id
                                        $result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
-                                               array($table, $idColumn, $id), __FILE__, __LINE__);
+                                               array($table, $idColumn, $id), __FUNCTION__, __LINE__);
 
                                        // Fetch the data
                                        $content = SQL_FETCHARRAY($result);
@@ -994,7 +1001,7 @@ function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFu
                        } // END - foreach
 
                        // Run the query
-                       SQL_QUERY($SQL, array($table, $idColumn, substr($idList, 0, -1)), __FILE__, __LINE__);
+                       SQL_QUERY($sql, array($table, $idColumn, substr($idList, 0, -1)), __FUNCTION__, __LINE__);
 
                        // Was this fine?
                        if (SQL_AFFECTEDROWS() == count($IDs)) {
@@ -1002,7 +1009,7 @@ function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFu
                                LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ALL_ENTRIES_REMOVED'));
                        } else {
                                // Some are still there :(
-                               LOAD_TEMPLATE("admin_settings_saved", false, sprintf(ADMIN_SOME_ENTRIES_NOT_DELETED, SQL_AFFECTEDROWS(), count($IDs)));
+                               LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_DELETED'), SQL_AFFECTEDROWS(), count($IDs)));
                        }
                } else {
                        // List for deletion confirmation
@@ -1024,7 +1031,7 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc
                                $content = array();
 
                                // Prepare SQL for this row
-                               $SQL = sprintf("UPDATE `{!_MYSQL_PREFIX!}_ SET",
+                               $sql = sprintf("UPDATE `{!_MYSQL_PREFIX!}_ SET",
                                        SQL_ESCAPE($table)
                                );
                                foreach (REQUEST_POST_ARRAY() as $key => $entries) {
@@ -1046,7 +1053,7 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc
                                                } // END - if
 
                                                // Then add this value
-                                               $SQL .= sprintf(" %s='%s',",
+                                               $sql .= sprintf(" %s='%s',",
                                                        SQL_ESCAPE($key),
                                                        SQL_ESCAPE($entries[$id])
                                                );
@@ -1063,17 +1070,17 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc
                                } // END - foreach
 
                                // Finish SQL command
-                               $SQL = substr($SQL, 0, -1) . " WHERE ".$idColumn."=".bigintval($id)." LIMIT 1";
+                               $sql = substr($sql, 0, -1) . " WHERE ".$idColumn."=".bigintval($id)." LIMIT 1";
 
                                // Run this query
-                               SQL_QUERY($SQL, __FILE__, __LINE__);
+                               SQL_QUERY($sql, __FUNCTION__, __LINE__);
 
                                // Add affected rows
                                $affected += SQL_AFFECTEDROWS();
 
                                // Load all data from that id
                                $result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1",
-                                       array($table, $idColumn, $id), __FILE__, __LINE__);
+                                       array($table, $idColumn, $id), __FUNCTION__, __LINE__);
 
                                // Fetch the data
                                global $DATA;
@@ -1092,7 +1099,7 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc
                                LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ALL_ENTRIES_EDITED'));
                        } else {
                                // Some are still there :(
-                               LOAD_TEMPLATE("admin_settings_saved", false, sprintf(ADMIN_SOME_ENTRIES_NOT_EDITED, $affected, count($IDs)));
+                               LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_EDITED'), $affected, count($IDs)));
                        }
                } else {
                        // List for editing
@@ -1156,7 +1163,7 @@ function ADMIN_SEND_PASSWORD_RESET_LINK ($email) {
 
        // Look up administator login
        $result = SQL_QUERY_ESC("SELECT id, login, password FROM `{!_MYSQL_PREFIX!}_admins` WHERE email='%s' LIMIT 1",
-               array($email), __FILE__, __LINE__);
+               array($email), __FUNCTION__, __LINE__);
 
        // Is there an account?
        if (SQL_NUMROWS($result) == 0) {
@@ -1197,7 +1204,7 @@ function ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN ($hash, $login) {
 
        // Then try to find that user
        $result = SQL_QUERY_ESC("SELECT id, password, email FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1",
-               array($login), __FILE__, __LINE__);
+               array($login), __FUNCTION__, __LINE__);
 
        // Is an account here?
        if (SQL_NUMROWS($result) == 1) {
@@ -1217,6 +1224,7 @@ function ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN ($hash, $login) {
        // Return result
        return $valid;
 }
+
 // Reset the password for the login. Do NOT call this function without calling above function first!
 function ADMIN_RESET_PASSWORD ($login, $password) {
        // Init hash
@@ -1233,29 +1241,73 @@ function ADMIN_RESET_PASSWORD ($login, $password) {
 
        // Update database
        SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s' WHERE login='%s' LIMIT 1",
-               array($passHash, $login), __FILE__, __LINE__);
+               array($passHash, $login), __FUNCTION__, __LINE__);
 
        // Run filters
-       RUN_FILTER('post_admin_reset_pass', array('login' => $login, 'hash' => $passHash));
+       runFilterChain('post_admin_reset_pass', array('login' => $login, 'hash' => $passHash));
 
        // Return output
        return ADMIN_PASSWORD_RESET_DONE;
 }
+
 // Solves a task by given id number
 function ADMIN_SOLVE_TASK ($id) {
        // Update the task data
        ADMIN_UPDATE_TASK_DATA($id, "status", "SOLVED");
 }
+
 // Marks a given task as deleted
 function ADMIN_DELETE_TASK ($id) {
        // Update the task data
        ADMIN_UPDATE_TASK_DATA($id, "status", "DELETED");
 }
+
 // Function to update task data
 function ADMIN_UPDATE_TASK_DATA ($id, $row, $data) {
+       // Is the id not set, then we need a backtrace here... :(
+       if ($id <= 0) {
+               // Initiate backtrace
+               debug_report_bug(sprintf("id is invalid: %s. row=%s, data=%s",
+                       $id,
+                       $row,
+                       $data
+               ));
+       } // END - if
+
        // Update the task
        SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_task_system` SET %s='%s' WHERE id=%s LIMIT 1",
-               array($row, $data, bigintval($id)), __FILE__, __LINE__);
+               array($row, $data, bigintval($id)), __FUNCTION__, __LINE__);
+}
+
+// Checks wether if the admin menu has entries
+function ifAdminMenuHasEntries ($action) {
+       return (
+               ((
+                       isset($GLOBALS['admin_menu_has_entries'][$action])
+               ) && (
+                       $GLOBALS['admin_menu_has_entries'][$action] === true
+               )) || (
+                       $action == "login"
+               )
+       );
 }
+
+// Setter for 'admin_menu_has_entries'
+function setAdminMenuHasEntries ($action, $hasEntries) {
+       $GLOBALS['admin_menu_has_entries'][$action] = (bool) $hasEntries;
+}
+
+// Creates a link to the user's admin-profile
+function ADMIN_CREATE_USERID_LINK ($uid) {
+       // Is the userid set correctly?
+       if ($uid > 0) {
+               // Create a link to that profile
+               return "{!URL!}/modules.php?module=admin&amp;what=list_user&amp;uid=".bigintval($uid);
+       } // END - if
+
+       // Return a link to the user list
+       return "{!URL!}/modules.php?module=admin&amp;what=list_user";
+}
+
 //
 ?>
Mailer-Project repository