Previous fix fixed, a lot constants rewritten (unfinished)

[mailer.git] / inc / modules / admin / what-admins_add.php

diff --git a/inc/modules/admin/what-admins_add.php b/inc/modules/admin/what-admins_add.php
index bb740c380eefb0837e2ce6f4e05cd90b0588cade..5adb87dde1db5a3cbfea40da1400c3a7f118a78d 100644 (file)
--- a/inc/modules/admin/what-admins_add.php
+++ b/inc/modules/admin/what-admins_add.php
@@ -32,55 +32,43 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
+
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
-global $CACHE;
+global $cacheInstance;
 
 // Display form is default
 $FORM = true;
 
-if ((isset($_POST['add'])) && (!empty($_POST['login'])) && (!empty($_POST['email'])) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] == $_POST['pass2']))
-{
+if ((isset($_POST['add'])) && (!empty($_POST['login'])) && (!empty($_POST['email'])) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] == $_POST['pass2'])) {
        // Add admin when not added already
-       $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
-        array($_POST['login']), __FILE__, __LINE__);
-       if (SQL_NUMROWS($result) == 0)
-       {
-               // Login does not exist so we can create it.
+       if (REGISTER_ADMIN($_POST['login'], generateHash($_POST['pass1']), $_POST['email']) == "done") {
+               // Do not ouput any form!
                $FORM = false;
-               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s', '%s', '%s')",
-                array($_POST['login'], generateHash($_POST['pass1']), $_POST['email']), __FILE__, __LINE__);
 
                // Admin login saved
-               LOAD_TEMPLATE("admin_settings_saved", false, "<FONT class=\"admin_done\">".ADMIN_ADMINS_ADD_DONE."</FONT>");
+               LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ADMINS_ADD_DONE'));
 
-               // Remove cache file
-               if (EXT_IS_ACTIVE("cache"))
-               {
-                       if ($CACHE->cache_file("admins", true)) $CACHE->cache_destroy();
-               }
-       }
-        else
-       {
-               // Free memory
-               SQL_FREERESULT($result);
-       }
-}
+               // Run filter chain
+               RUN_FILTER('post_admin_added', $_POST);
+       } // END - if
+} // END - if
 
-if ($FORM)
-{
-       // Clear unset variables
-       if (empty($_POST['login'])) $_POST['login'] = "";
-       if (empty($_POST['email'])) $_POST['email'] = "";
+// Shall we display the form?
+if ($FORM === true) {
+       // Set missing elements
+       // @TODO Do we need this ugly code here?
+       if (!isset($_POST['login'])) $_POST['login'] = "";
+       if (!isset($_POST['email'])) $_POST['email'] = "";
 
        // Load form from template
        LOAD_TEMPLATE("admin_admins_add");
-}
+} // END - if
+
 //
 ?>