X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Flibs%2Fadmins_functions.php;h=d4ced65b01a0e87bb6b2b575251a1fec9b6dc33f;hp=fa205b2f54baed1d6d7bb7d1c73eaa1d5303c35e;hb=ab6e23979a94ee3f68efca58da90137e88a95236;hpb=be89901a666991ef455920e2b0a6f7a0b31e0609 diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php index fa205b2f54..d4ced65b01 100644 --- a/inc/libs/admins_functions.php +++ b/inc/libs/admins_functions.php @@ -200,9 +200,6 @@ function ADMINS_CHANGE_ADMIN_ACCOUNT($POST) { // Rewrite cookie when it's own account if ($aid == $id) { - // Timeout - $TIMEOUT = time() + bigintval($_SESSION['admin_to']); - // Set timeout cookie set_session("admin_last", time()); @@ -219,8 +216,18 @@ function ADMINS_CHANGE_ADMIN_ACCOUNT($POST) { } + // Get default ACL from admin to check if we can allow him to change the default ACL + $result = SQL_QUERY_ESC("SELECT default_acl FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", + array($_SESSION['admin_login']), __FILE__, __LINE__); + list($default) = SQL_FETCHROW($result); + + // Free result + SQL_FREERESULT($result); + // Update admin account - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET + if ($default == "allow") { + // Allow changing default ACL + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login='%s'".$ADD.", email='%s', default_acl='%s', @@ -233,6 +240,20 @@ WHERE id=%d LIMIT 1", $POST['la_mode'][$id], $id ), __FILE__, __LINE__); + } else { + // Do not allow it here + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET +login='%s'".$ADD.", +email='%s', +la_mode='%s' +WHERE id=%d LIMIT 1", + array( + $login, + $POST['email'][$id], + $POST['la_mode'][$id], + $id +), __FILE__, __LINE__); + } // Admin account saved $MSG = ADMIN_ACCOUNT_SAVED; @@ -272,7 +293,15 @@ function ADMINS_EDIT_ADMIN_ACCOUNTS ($POST) { // Prepare some more data for the template $content['sw'] = $SW; $content['id'] = $id; - $content['mode'] = ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE), $content['mode']); + + // Shall we allow changing default ACL? + if ($content['mode'] == "allow") { + // Allow chaning it + $content['mode'] = ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE), $content['mode']); + } else { + // Don't allow it + $content['mode'] = " "; + } $content['la_mode'] = ADD_OPTION_LINES("/ARRAY/", array("global", "OLD", "NEW"), array(ADMINS_GLOBAL_LA_SETTING, ADMINS_OLD_LA_SETTING, ADMINS_NEW_LA_SETTING), $content['la_mode']); // Load row template and switch color