************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
-global $CACHE;
+global $cacheInstance;
// Display form is default
$FORM = true;
-if ((isset($_POST['add'])) && (!empty($_POST['login'])) && (!empty($_POST['email'])) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] == $_POST['pass2']))
-{
+if ((isset($_POST['add'])) && (!empty($_POST['login'])) && (!empty($_POST['email'])) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] == $_POST['pass2'])) {
// Add admin when not added already
$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array($_POST['login']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0)
- {
+ array($_POST['login']), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 0) {
// Login does not exist so we can create it.
$FORM = false;
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s', '%s', '%s')",
- array($_POST['login'], generateHash($_POST['pass1']), $_POST['email']), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s','%s','%s')",
+ array($_POST['login'], generateHash($_POST['pass1']), $_POST['email']), __FILE__, __LINE__);
// Admin login saved
LOAD_TEMPLATE("admin_settings_saved", false, "<FONT class=\"admin_done\">".ADMIN_ADMINS_ADD_DONE."</FONT>");
- // Remove cache file
- if (EXT_IS_ACTIVE("cache"))
- {
- if ($CACHE->cache_file("admins", true)) $CACHE->cache_destroy();
- }
- }
- else
- {
- // Free memory
- SQL_FREERESULT($result);
- }
+ // Run filter chain
+ RUN_FILTER('post_admin_added', $_POST);
+ } // END - if
+
+ // Free memory
+ SQL_FREERESULT($result);
}
-if ($FORM)
-{
+if ($FORM) {
// Clear unset variables
if (empty($_POST['login'])) $_POST['login'] = "";
if (empty($_POST['email'])) $_POST['email'] = "";