X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fextensions%2Fext-admins.php;h=598516e96c3382b5cc301a08529d31d2f0eb0293;hp=bc2522d0a94d830ea6ef919862dd14c982441158;hb=56156f6c4392510cdbe0eb4f2ccefc23b43e2672;hpb=75ad748a68473ace540251427a74fb781b1145e9

diff --git a/inc/extensions/ext-admins.php b/inc/extensions/ext-admins.php
index bc2522d0a9..598516e96c 100644
--- a/inc/extensions/ext-admins.php
+++ b/inc/extensions/ext-admins.php
@@ -32,37 +32,38 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
 
 // Version of this extension
-$EXT_VERSION = "0.6.9";
+$EXT_VERSION = "0.7.1";
 
 // Auto-set extension version
 if (empty($EXT_VER)) $EXT_VER = $EXT_VERSION;
 
 // Version history array (add more with , "0.1" and so on)
-$EXT_VER_HISTORY = array("0.0", "0.1", "0.2", "0.3", "0.3.1", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6", "0.4.7", "0.4.8", "0.4.9", "0.5.0", "0.5.1", "0.5.2", "0.5.3", "0.5.4", "0.5.5", "0.5.6", "0.5.7", "0.5.8", "0.5.9", "0.6.0", "0.6.1", "0.6.2", "0.6.3", "0.6.4", "0.6.5", "0.6.6", "0.6.7", "0.6.8", "0.6.9");
+$EXT_VER_HISTORY = array("0.0", "0.1", "0.2", "0.3", "0.3.1", "0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4", "0.4.5", "0.4.6", "0.4.7", "0.4.8", "0.4.9", "0.5.0", "0.5.1", "0.5.2", "0.5.3", "0.5.4", "0.5.5", "0.5.6", "0.5.7", "0.5.8", "0.5.9", "0.6.0", "0.6.1", "0.6.2", "0.6.3", "0.6.4", "0.6.5", "0.6.6", "0.6.7", "0.6.8", "0.6.9", "0.7.0", "0.7.1");
 
 switch ($EXT_LOAD_MODE)
 {
-case "register": // Do stuff when installtion is running (modules.php?module=admin&action=login is called)
+case "register": // Do stuff when installation is running (modules.php?module=admin&action=login is called)
 	// SQL commands to run
-	$SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE action='admins' LIMIT 1";
-	$SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, what, title, descr, sort) VALUES ('admins', '', 'Admin-Management', 'Administratoren anlegen, l&ouml;schen oder Passwort/E-Mail Adresse &auml;ndern.', '1')";
-	$SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, what, title, descr, sort) VALUES ('admins', 'admins_add', 'Admin hinzuf&uuml;gen', 'Neuen Admin-Account anlegen', '0')";
-	$SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, what, title, descr, sort) VALUES ('admins', 'admins_edit', 'Admin-Account &auml;ndern', 'Bestehende Admin-Accounts bearbeiten: E-Mail-Adresse, Passwort und/oder Login-Name &auml;ndern.', '1')";
+	$SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins', NULL, 'Admin-Management','Administratoren anlegen, l&ouml;schen oder Passwort/E-Mail Adresse &auml;ndern.','1')";
+	$SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_add','Admin hinzuf&uuml;gen','Neuen Admin-Account anlegen','0')";
+	$SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_edit','Admin-Account &auml;ndern','Bestehende Admin-Accounts bearbeiten: E-Mail-Adresse, Passwort und/oder Login-Name &auml;ndern.','1')";
 	break;
 
 case "remove": // Do stuff when removing extension
 	// SQL commands to run
-	$SQLs[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE action='admins' LIMIT 5";
-	$SQLs[] = "DROP TABLE "._MYSQL_PREFIX."_admins_acls";
-	$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config DROP admins_default_acl";
+	$SQLs[] = "DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='admins' LIMIT 6";
+	$SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_admins_acls";
+	$SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_admins_mails";
 	$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins DROP default_acl";
+
+	// Remove filters
+	UNREGISTER_FILTER('sql_admin_extra_data', 'ADD_EXTRA_SQL_DATA', true, $dry_run);
 	break;
 
 case "activate": // Do stuff when admin activates this extension
@@ -79,7 +80,7 @@ case "update": // Update an extension
 	switch ($EXT_VER)
 	{
 	case "0.2": // SQL queries for v0.2
-		$SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, what, title, descr, sort) VALUES ('admins', 'admins_contact', 'Admin kontaktieren', 'Kontaktiert einen Admin per Mail oder Nachricht (nur wenn messaging-Erweiterung installiert ist).', '2')";
+		$SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_contact','Admin kontaktieren','Kontaktiert einen Admin per Mail oder Nachricht (nur wenn messaging-Erweiterung installiert ist).','2')";
 
 		// Update notes (these will be set as task text!)
 		$UPDATE_NOTES = "F&uuml;gt den Men&uuml;punkt &quot;Admin kontaktieren&quot; hinzu.";
@@ -87,45 +88,45 @@ case "update": // Update an extension
 
 	case "0.3": // SQL queries for v0.3
 		// Add admin menu
-		$SQLs[] = "INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, what, title, descr, sort) VALUES ('admins', 'config_admins', 'ACL einstellen', 'Richten Sie Zugriffskontrollzeilen f&uuml;r jeden Admin individuell ein, um ihm nur bestimmte Bereiche des Admin-Bereiches zug&auml;nglich zu machen oder zu sperren.', '4')";
+		$SQLs[] = "INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','config_admins','ACL einstellen','Richten Sie Zugriffskontrollzeilen f&uuml;r jeden Admin individuell ein, um ihm nur bestimmte Bereiche des Admin-Bereiches zug&auml;nglich zu machen oder zu sperren.','4')";
 
 		// Which is the default setting when you create a new admin login?
-		$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_config ADD admins_default_acl enum('deny', 'allow') not null default 'deny'";
+		$SQLs[] = "ALTER TABLE `"._MYSQL_PREFIX."_config` ADD admins_default_acl ENUM('deny','allow') NOT NULL DEFAULT 'deny'";
 
 		// Default is deny everything
-		$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins ADD default_acl enum('deny', 'allow') not null default 'deny'";
+		$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins ADD default_acl ENUM('deny','allow') NOT NULL DEFAULT 'deny'";
 
 		// But allow current admin everything (THIS SHALL BE YOU!)
-		$SQLs[] = "UPDATE "._MYSQL_PREFIX."_admins SET default_acl='allow' WHERE login='".$_COOKIE['admin_login']."' LIMIT 1";
+		$SQLs[] = "UPDATE "._MYSQL_PREFIX."_admins SET default_acl='allow' WHERE login='".get_session('admin_login')."' LIMIT 1";
 		$SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_admins_acls";
 		$SQLs[] = "CREATE TABLE "._MYSQL_PREFIX."_admins_acls (
-id bigint(20) not null auto_increment,
-admin_id bigint(20) not null default '0',
-action_menu varchar(255) not null default '',
-what_menu varchar(255) not null default '',
-access_mode enum('deny', 'allow') not null default 'deny',
+id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+admin_id BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
+action_menu VARCHAR(255) NOT NULL DEFAULT '',
+what_menu VARCHAR(255) NOT NULL DEFAULT '',
+access_mode ENUM('deny','allow') NOT NULL DEFAULT 'deny',
 KEY (admin_id),
 PRIMARY KEY (id)
 ) TYPE=MyISAM";
 
 		// Update notes (these will be set as task text!)
-		$UPDATE_NOTES = "Sogn. ACLs werden hinzugef&uuml;gt: <STRONG>A</STRONG>ccess <STRONG>C</STRONG>ontrol <STRONG>L</STRONG>ines sind zu deutsch Zugriffkontrollzeilen, mit denen Sie einstellen k&ouml;nnen, was welcher Admin machen darf oder nicht.";
+		$UPDATE_NOTES = "Sogn. ACLs werden hinzugef&uuml;gt: <strong>A</strong>ccess <strong>C</strong>ontrol <strong>L</strong>ines sind zu deutsch Zugriffkontrollzeilen, mit denen Sie einstellen k&ouml;nnen, was welcher Admin machen darf oder nicht.";
 		break;
 
 	case "0.3.1": // SQL queries for v0.3.1
-		$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins_acls MODIFY id bigint(20) not null auto_increment";
+		$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins_acls MODIFY id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT";
 		break;
 
 	case "0.4.0": // SQL queries for v0.4.0
 		$SQLs[] = "DROP TABLE IF EXISTS "._MYSQL_PREFIX."_admins_mails";
 		$SQLs[] = "CREATE TABLE "._MYSQL_PREFIX."_admins_mails (
-id bigint(20) not null auto_increment,
-admin_id bigint(20) not null default '0',
-mail_template varchar(255) not null,
+id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+admin_id BIGINT(20) UNSIGNED NOT NULL DEFAULT 0,
+mail_template VARCHAR(255) NOT NULL,
 KEY (admin_id),
 PRIMARY KEY (id)
 ) TYPE=MyISAM";
-		$SQLs[] = "INSERT INTO  "._MYSQL_PREFIX."_admin_menu (action, what, title, descr, sort) VALUES ('admins', 'admins_mails', 'Admin-Mails', 'Stellen Sie hier ein, welcher Admin welche Mail erhalten soll. Sie k&ouml;nnen dies (derzeit) jedoch erst, wenn einmal die Mail versendet wurde!', '5')";
+		$SQLs[] = "INSERT INTO  `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('admins','admins_mails','Admin-Mails','Stellen Sie hier ein, welcher Admin welche Mail erhalten soll. Sie k&ouml;nnen dies (derzeit) jedoch erst, wenn einmal die Mail versendet wurde!','5')";
 
 		// Update notes (these will be set as task text!)
 		$UPDATE_NOTES = "Kontrollieren Sie, welche Mails welcher Admin oder alle (admin_id=0) bekommen soll oder im UserLog (admin_id=-1) verzeichnet werden soll. Standartm&auml;ssig wird weiter an alle versendet.";
@@ -184,7 +185,7 @@ PRIMARY KEY (id)
 
 	case "0.5.3": // SQL queries for v0.5.3
 		// Update notes (these will be set as task text!)
-		$UPDATE_NOTES = "Seit <A href=\"".SERVER_URL."/patches/340-Gast_Mitgliedsmenue_Deaktivieren.zip\">Patch 340</A> &uuml;berfl&uuml;ssige HTML-Tags entfernt.";
+		$UPDATE_NOTES = "Seit <a href=\"#\">Patch 340</a> &uuml;berfl&uuml;ssige HTML-Tags entfernt.";
 		break;
 
 	case "0.5.4": // SQL queries for v0.5.4
@@ -198,19 +199,19 @@ PRIMARY KEY (id)
 		break;
 
 	case "0.5.6": // SQL queries for v0.5.6
-		$SQLs[] = "UPDATE "._MYSQL_PREFIX."_admin_menu SET what='admins_contct' WHERE what='admins_contact' LIMIT 1";
+		$SQLs[] = "UPDATE `"._MYSQL_PREFIX."_admin_menu` SET what='admins_contct' WHERE what='admins_contact' LIMIT 1";
 
 		// Update notes (these will be set as task text!)
-		$UPDATE_NOTES = "Namenskonflikt zwischen den Erweiterungen <STRONG>admins</STRONG> und (kommender) <STRONG>contact</STRONG>.";
+		$UPDATE_NOTES = "Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>.";
 		break;
 
 	case "0.5.7": // SQL queries for v0.5.7
 		// Update notes (these will be set as task text!)
-		$UPDATE_NOTES = "Links wegen <STRONG>what=admins_contct</STRONG> ge&auml;ndert.";
+		$UPDATE_NOTES = "Links wegen <strong>what=admins_contct</strong> ge&auml;ndert.";
 		break;
 
 	case "0.5.8": // SQL queries for v0.5.8
-		$SQLs[] = "UPDATE "._MYSQL_PREFIX."_admin_menu SET what='admins_contct' WHERE what='admins_contact' LIMIT 1";
+		$SQLs[] = "UPDATE `"._MYSQL_PREFIX."_admin_menu` SET what='admins_contct' WHERE what='admins_contact' LIMIT 1";
 
 		// Update notes (these will be set as task text!)
 		$UPDATE_NOTES = "Ein Punkt in der Versionsnummernliste verhinderte das 0.5.6-Update.";
@@ -233,7 +234,7 @@ PRIMARY KEY (id)
 
 	case "0.6.2": // SQL queries for v0.6.2
 		// Update notes (these will be set as task text!)
-		$UPDATE_NOTES = "Bitte verschieben Sie die admins-Templates (Ordner: ".PATH."/templates/de/emails/) in den neuen Order admins!";
+		$UPDATE_NOTES = "Bitte verschieben Sie die admins-Templates (Ordner: {!PATH!}/templates/de/emails/) in den neuen Order admins!";
 		break;
 
 	case "0.6.3": // SQL queries for v0.6.3
@@ -252,42 +253,61 @@ PRIMARY KEY (id)
 		break;
 
 	case "0.6.6": // SQL queries for v0.5.6
-		$SQLs[] = "UPDATE "._MYSQL_PREFIX."_admin_menu SET what='admins_contct' WHERE what='admins_contact' LIMIT 1";
+		$SQLs[] = "UPDATE `"._MYSQL_PREFIX."_admin_menu` SET what='admins_contct' WHERE what='admins_contact' LIMIT 1";
 
 		// Update notes (these will be set as task text!)
-		$UPDATE_NOTES = "Namenskonflikt zwischen den Erweiterungen <STRONG>admins</STRONG> und (kommender) <STRONG>contact</STRONG>.";
+		$UPDATE_NOTES = "Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>.";
 		break;
 
 	case "0.6.7": // SQL queries for v0.6.7
-		$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins ADD la_mode enum('global', 'OLD', 'NEW') not null default 'global'";
+		$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins ADD la_mode ENUM('global','OLD','NEW') NOT NULL DEFAULT 'global'";
 
 		// Update notes (these will be set as task text!)
-		$UPDATE_NOTES = "Namenskonflikt zwischen den Erweiterungen <STRONG>admins</STRONG> und (kommender) <STRONG>contact</STRONG>. Beseitigung eines Fehlers <STRONG>HTTP_POSR_VARS</STRONG> beim &Auml;ndern von Administratoren.";
+		$UPDATE_NOTES = "Namenskonflikt zwischen den Erweiterungen <strong>admins</strong> und (kommender) <strong>contact</strong>. Beseitigung eines Fehlers <strong>HTTP_POSR_VARS</strong> beim &Auml;ndern von Administratoren.";
 		break;
 
 	case "0.6.8": // SQL queries for v0.6.8
 		// Update notes (these will be set as task text!)
-		$UPDATE_NOTES = "<STRONG>setcookie()</STRONG> mit @-Zeichen gegen ungewollte Ausgaben abgesichert.";
+		$UPDATE_NOTES = "<strong>set_session()</strong> mit @-Zeichen gegen ungewollte Ausgaben abgesichert.";
 		break;
 
 	case "0.6.9": // SQL queries for v0.6.9
-		$SQLs[] = "UPDATE "._MYSQL_PREFIX."_admin_menu SET title = 'Admin-Management' WHERE action = 'admins' AND what='' LIMIT 1";
+		$SQLs[] = "UPDATE `"._MYSQL_PREFIX."_admin_menu` SET title = 'Admin-Management' WHERE action = 'admins' AND (what='' OR what IS NULL) LIMIT 1";
 
 		// Update notes (these will be set as task text!)
 		$UPDATE_NOTES = "Verwaltung nach Management umbenannt.";
 		break;
+
+	case "0.7.0": // SQL queries for v0.7.0
+		$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins ADD login_failtures BIGINT(20) UNSIGNED NOT NULL DEFAULT 0";
+		$SQLs[] = "ALTER TABLE "._MYSQL_PREFIX."_admins ADD last_failture TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00'";
+
+		// Update notes (these will be set as task text!)
+		$UPDATE_NOTES = "Fehlgeschlagene Login-Versuche werden nun mitgez&auml;hlt und der letzte vermerkt.";
+		break;
+
+	case "0.7.1": // SQL queries for v0.7.1
+		// Update depends on sql_patches
+		$EXT_UPDATE_DEPENDS = "sql_patches";
+
+		// Add filters
+		REGISTER_FILTER('sql_admin_extra_data', 'ADD_EXTRA_SQL_DATA', false, true, $dry_run);
+
+		// Update notes (these will be set as task text!)
+		$UPDATE_NOTES = "Filter hinzugef&uuml;gt und ist von <strong>sql_patches</strong> abh&auml;ngig.";
+		break;
 	}
 	break;
 
+case "test": // For testing purposes. For details see file inc/modules/admin/what-extensions.php, arround line 305.
+	break;
+
 default: // Do stuff when extension is loaded
 	break;
 }
 
-// Language file prefix
-$EXT_LANG_PREFIX = "admins";
-
-// Extension is always active?
-$EXT_ALWAYS_ACTIVE = "N";
+// Keep this extension always active!
+$EXT_ALWAYS_ACTIVE = "Y";
 
 //
 ?>