X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Flibs%2Fadmins_functions.php;h=d10f3bdc328582e32fc554fc948f66f49ff35419;hp=05e121443d6f47f43a5b197b06bc1e3da185005e;hb=3608f72d51e8126720024704398cf738e61f890b;hpb=39172de4ecec2f6ddc597a5ae439e7aef79c75ed diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php index 05e121443d..d10f3bdc32 100644 --- a/inc/libs/admins_functions.php +++ b/inc/libs/admins_functions.php @@ -39,7 +39,7 @@ if (!defined('__SECURITY')) { // Check ACL for menu combination function ADMINS_CHECK_ACL($act, $wht) { - global $cacheArray, $_CONFIG, $cacheInstance; + global $cacheArray, $cacheInstance; // If action is login or logout allow allways! $default = "allow"; if (($act == "login") || ($act == "logout")) return true; @@ -53,7 +53,6 @@ function ADMINS_CHECK_ACL($act, $wht) { // Get admin's defult access right $default = GET_ADMIN_DEFAULT_ACL($aid); - if (!empty($wht)) { // Check for parent menu: // First get it's action value @@ -87,7 +86,7 @@ function ADMINS_CHECK_ACL($act, $wht) { } if ($lines == 1) { // Count cache hits - if (getConfig('cache_hits') > 0) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } + incrementConfigEntry('cache_hits'); break; } } @@ -189,17 +188,17 @@ function ADMINS_CHANGE_ADMIN_ACCOUNT($POST) { // Rewrite cookie when it's own account if ($aid == $id) { // Set timeout cookie - set_session("admin_last", time()); + set_session('admin_last', time()); if ($login != get_session('admin_login')) { // Update login cookie - set_session("admin_login", $login); + set_session('admin_login', $login); // Update password cookie as well? - if (!empty($ADD)) set_session("admin_md5", $hash); + if (!empty($ADD)) set_session('admin_md5', $hash); } elseif (generateHash($POST['pass1'][$id], $salt) != get_session('admin_md5')) { // Update password cookie - set_session("admin_md5", $hash); + set_session('admin_md5', $hash); } } // END - if @@ -209,32 +208,32 @@ function ADMINS_CHANGE_ADMIN_ACCOUNT($POST) { // Update admin account if ($default == "allow") { // Allow changing default ACL - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login='%s'".$ADD.", email='%s', default_acl='%s', la_mode='%s' WHERE id=%s LIMIT 1", - array( - $login, - $POST['email'][$id], - $POST['mode'][$id], - $POST['la_mode'][$id], - $id -), __FILE__, __LINE__); + array( + $login, + $POST['email'][$id], + $POST['mode'][$id], + $POST['la_mode'][$id], + $id + ), __FILE__, __LINE__); } else { // Do not allow it here - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login='%s'".$ADD.", email='%s', la_mode='%s' WHERE id=%s LIMIT 1", - array( - $login, - $POST['email'][$id], - $POST['la_mode'][$id], - $id -), __FILE__, __LINE__); + array( + $login, + $POST['email'][$id], + $POST['la_mode'][$id], + $id + ), __FILE__, __LINE__); } // Purge cache @@ -249,7 +248,7 @@ WHERE id=%s LIMIT 1", // Display message if (!empty($MSG)) { - LOAD_TEMPLATE("admin_settings_saved", false, "".$MSG.""); + LOAD_TEMPLATE("admin_settings_saved", false, $MSG); } } @@ -259,6 +258,9 @@ WHERE id=%s LIMIT 1", // Make admin accounts editable function ADMINS_EDIT_ADMIN_ACCOUNTS ($POST) { + // "Resolve" current's admin access mode + $currMode = GET_ADMIN_DEFAULT_ACL(GET_CURRENT_ADMIN_ID()); + // Begin the edit loop $SW = 2; $OUT = ""; foreach ($POST['sel'] as $id => $sel) { @@ -267,7 +269,7 @@ function ADMINS_EDIT_ADMIN_ACCOUNTS ($POST) { // Get the admin's data $result = SQL_QUERY_ESC("SELECT login, email, default_acl AS mode, la_mode FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", - array($id), __FILE__, __LINE__); + array($id), __FILE__, __LINE__); if ((SQL_NUMROWS($result) == 1) && ($sel == 1)) { // Entry found $content = SQL_FETCHARRAY($result); @@ -278,7 +280,7 @@ function ADMINS_EDIT_ADMIN_ACCOUNTS ($POST) { $content['id'] = $id; // Shall we allow changing default ACL? - if ($content['mode'] == "allow") { + if ($currMode == "allow") { // Allow chaning it $content['mode'] = ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE), $content['mode']); } else { @@ -351,12 +353,12 @@ function ADMINS_REMOVE_ADMIN_ACCOUNTS ($POST) { // Delete only when it's not your own account! if (($del == 1) && (GET_CURRENT_ADMIN_ID() != $id)) { // Rewrite his tasks to all admins - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin=0 WHERE assigned_admin=%s", + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin=0 WHERE assigned_admin=%s", array($id), __FILE__, __LINE__); // Remove account - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", - array($id), __FILE__, __LINE__); + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", + array($id), __FILE__, __LINE__); // Purge cache CACHE_PURGE_ADMIN_MENU($id); @@ -396,14 +398,11 @@ function ADMINS_LIST_ADMIN_ACCOUNTS() { } // Filter for adding extra data to the query -function FILTER_ADD_EXTRA_SQL_DATA () { - // Init extra data - $ADD = ""; - +function FILTER_ADD_EXTRA_SQL_DATA ($ADD = "") { // Is the admins extension updated? (should be!) if (GET_EXT_VERSION("admins") >= "0.3") $ADD .= ", default_acl AS def_acl"; if (GET_EXT_VERSION("admins") >= "0.6.7") $ADD .= ", la_mode"; - if (GET_EXT_VERSION("admins") >= "0.7.0") $ADD .= ", login_failtures, UNIX_TIMESTAMP(last_failture) AS last_failture"; + if (GET_EXT_VERSION("admins") >= "0.7.2") $ADD .= ", login_failures, UNIX_TIMESTAMP(last_failure) AS last_failure"; // Return it return $ADD;