X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Flibs%2Fadmins_functions.php;h=dd8d3273f178e46d67f4f35b50ddecc52a6f0408;hp=535adf41acd8ab806f7211a3930aa105da24224d;hb=2e68ea39a430a7217e58747b877acaa3e92ea997;hpb=f13b0c89b6dce2dc31ef3c58f0e2ad4821d7bee8 diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php index 535adf41ac..dd8d3273f1 100644 --- a/inc/libs/admins_functions.php +++ b/inc/libs/admins_functions.php @@ -39,7 +39,7 @@ if (!defined('__SECURITY')) { // Check ACL for menu combination function ADMINS_CHECK_ACL($act, $wht) { - global $cacheArray, $_CONFIG, $cacheInstance; + global $cacheArray, $cacheInstance; // If action is login or logout allow allways! $default = "allow"; if (($act == "login") || ($act == "logout")) return true; @@ -48,12 +48,11 @@ function ADMINS_CHECK_ACL($act, $wht) { $ret = false; // Get admin's ID - $aid = GET_ADMIN_ID(get_session('admin_login')); + $aid = GET_CURRENT_ADMIN_ID(); // Get admin's defult access right $default = GET_ADMIN_DEFAULT_ACL($aid); - if (!empty($wht)) { // Check for parent menu: // First get it's action value @@ -87,7 +86,7 @@ function ADMINS_CHECK_ACL($act, $wht) { } if ($lines == 1) { // Count cache hits - if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; } + incrementConfigEntry('cache_hits'); break; } } @@ -183,7 +182,7 @@ function ADMINS_CHANGE_ADMIN_ACCOUNT($POST) { if (!empty($POST['pass1'][$id])) $ADD = sprintf(", password='%s'", SQL_ESCAPE($hash)); // Get admin's ID - $aid = GET_ADMIN_ID(get_session('admin_login')); + $aid = GET_CURRENT_ADMIN_ID(); $salt = substr(GET_ADMIN_HASH($aid), 0, -40); // Rewrite cookie when it's own account @@ -204,12 +203,12 @@ function ADMINS_CHANGE_ADMIN_ACCOUNT($POST) { } // END - if // Get default ACL from admin to check if we can allow him to change the default ACL - $default = GET_ADMIN_DEFAULT_ACL(GET_ADMIN_ID(get_session('admin_login'))); + $default = GET_ADMIN_DEFAULT_ACL(GET_CURRENT_ADMIN_ID()); // Update admin account if ($default == "allow") { // Allow changing default ACL - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login='%s'".$ADD.", email='%s', default_acl='%s', @@ -224,7 +223,7 @@ WHERE id=%s LIMIT 1", ), __FILE__, __LINE__); } else { // Do not allow it here - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login='%s'".$ADD.", email='%s', la_mode='%s' @@ -249,18 +248,19 @@ WHERE id=%s LIMIT 1", // Display message if (!empty($MSG)) { - LOAD_TEMPLATE("admin_settings_saved", false, "".$MSG.""); + LOAD_TEMPLATE("admin_settings_saved", false, $MSG); } } // Remove cache file - if ((EXT_IS_ACTIVE("cache")) && ($cache_update == "1")) { - if ($cacheInstance->cache_file("admins")) $cacheInstance->cache_destroy(); - } + RUN_FILTER('post_admin_edited', $_POST); } // Make admin accounts editable function ADMINS_EDIT_ADMIN_ACCOUNTS ($POST) { + // "Resolve" current's admin access mode + $currMode = GET_ADMIN_DEFAULT_ACL(GET_CURRENT_ADMIN_ID()); + // Begin the edit loop $SW = 2; $OUT = ""; foreach ($POST['sel'] as $id => $sel) { @@ -269,7 +269,7 @@ function ADMINS_EDIT_ADMIN_ACCOUNTS ($POST) { // Get the admin's data $result = SQL_QUERY_ESC("SELECT login, email, default_acl AS mode, la_mode FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", - array($id), __FILE__, __LINE__); + array($id), __FILE__, __LINE__); if ((SQL_NUMROWS($result) == 1) && ($sel == 1)) { // Entry found $content = SQL_FETCHARRAY($result); @@ -280,7 +280,7 @@ function ADMINS_EDIT_ADMIN_ACCOUNTS ($POST) { $content['id'] = $id; // Shall we allow changing default ACL? - if ($content['mode'] == "allow") { + if ($currMode == "allow") { // Allow chaning it $content['mode'] = ADD_OPTION_LINES("/ARRAY/", array("allow", "deny"), array(ADMINS_ALLOW_MODE, ADMINS_DENY_MODE), $content['mode']); } else { @@ -351,14 +351,14 @@ function ADMINS_REMOVE_ADMIN_ACCOUNTS ($POST) { $id = bigintval($id); // Delete only when it's not your own account! - if (($del == 1) && (GET_ADMIN_ID(get_session('admin_login')) != $id)) { + if (($del == 1) && (GET_CURRENT_ADMIN_ID() != $id)) { // Rewrite his tasks to all admins - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin=0 WHERE assigned_admin=%s", + SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin=0 WHERE assigned_admin=%s", array($id), __FILE__, __LINE__); // Remove account - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", - array($id), __FILE__, __LINE__); + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1", + array($id), __FILE__, __LINE__); // Purge cache CACHE_PURGE_ADMIN_MENU($id); @@ -367,9 +367,7 @@ function ADMINS_REMOVE_ADMIN_ACCOUNTS ($POST) { } // Remove cache if cache system is activated - if ((EXT_IS_ACTIVE("cache")) && ($cache_update == "1")) { - if ($cacheInstance->cache_file("admins")) $cacheInstance->cache_destroy(); - } + RUN_FILTER('post_admin_deleted', $_POST); } // List all admin accounts @@ -399,5 +397,16 @@ function ADMINS_LIST_ADMIN_ACCOUNTS() { LOAD_TEMPLATE("admin_list_admins"); } +// Filter for adding extra data to the query +function FILTER_ADD_EXTRA_SQL_DATA ($ADD = "") { + // Is the admins extension updated? (should be!) + if (GET_EXT_VERSION("admins") >= "0.3") $ADD .= ", default_acl AS def_acl"; + if (GET_EXT_VERSION("admins") >= "0.6.7") $ADD .= ", la_mode"; + if (GET_EXT_VERSION("admins") >= "0.7.0") $ADD .= ", login_failtures, UNIX_TIMESTAMP(last_failture) AS last_failture"; + + // Return it + return $ADD; +} + // ?>