X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin.php;h=2d11145709e5a936fbfa73896d31cd8e6d51674a;hp=d416353943a48b21069446b62bd7d3bfbfd76d22;hb=c47144dd555bbab4acdf9085e4623900dedb0e7c;hpb=feda50ff73c05935417ed33164d30caf966ba854 diff --git a/inc/modules/admin.php b/inc/modules/admin.php index d416353943..2d11145709 100644 --- a/inc/modules/admin.php +++ b/inc/modules/admin.php @@ -44,11 +44,15 @@ if ((empty($GLOBALS['action'])) && ($check == "admin_only")) { } // END - if // Load include file -require_once(PATH."inc/modules/admin/admin-inc.php"); +LOAD_INC_ONCE("inc/modules/admin/admin-inc.php"); // Fix "deleted" cookies in PHP4 (PHP5 does remove them, PHP4 sets them to deleted!) FIX_DELETED_COOKIES(array('admin_login', 'admin_md5', 'admin_last', 'admin_to')); +// Init return value +$ret = "init"; + +// Is no admin registered? if (!isBooleanConstantAndTrue('admin_registered')) { // Admin is not registered so we have to inform the user if ((isset($_POST['ok'])) && ((empty($_POST['login'])) || (empty($_POST['pass'])) || (strlen($_POST['pass']) < 4))) $_POST['ok'] = "***"; @@ -57,10 +61,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { $hashedPass = md5($_POST['pass']); // Kill maybe existing session variables - set_session('admin_login' , ""); - set_session('admin_md5' , ""); - set_session('admin_last' , ""); - set_session('admin_to' , ""); + DESTROY_ADMIN_SESSION(false); // Do registration $ret = REGISTER_ADMIN($_POST['login'], $hashedPass); @@ -70,7 +71,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0); if (!_FATAL) { // Registering is done - LOAD_URL(URL."/modules.php?module=admin&action=login®ister=done"); + LOAD_URL("modules.php?module=admin&action=login®ister=done"); } else { $ret = ADMIN_CANNOT_COMPLETE; } @@ -86,7 +87,9 @@ if (!isBooleanConstantAndTrue('admin_registered')) { // Admin does already exists! $ret = ADMIN_LOGIN_ALREADY_REG; } else { - // Any other kind + // Any other kind will be logged and interpreted as 'done' + DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_LOGIN()", $ret)); + // @TODO Why is this set to 'done'? $ret = "done"; } @@ -96,8 +99,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0); // Load URL for login - $URL = URL."/modules.php?module=admin&action=login"; - LOAD_URL($URL); + LOAD_URL("modules.php?module=admin&action=login"); } // END - if break; } @@ -168,7 +170,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { LOAD_TEMPLATE("admin_reset_password_form", false, $content); } else { // Cannot validate the login data and hash - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED); + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED')); } } elseif ((isset($_POST['reset_pass'])) && (!empty($_POST['hash'])) && (!empty($_POST['login'])) && (!empty($_POST['pass1'])) && ($_POST['pass1'] == $_POST['pass2'])) { // Okay, we shall the admin password here. So first revalidate the hash @@ -180,7 +182,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { LOAD_TEMPLATE("admin_reset_pass_done", false, $OUT); } else { // Validation failed - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2); + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2')); } } else { // Output reset password form @@ -190,16 +192,15 @@ if (!isBooleanConstantAndTrue('admin_registered')) { // At leat one administrator account was created if ((isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5')) && (isSessionVariableSet('admin_last')) && (isSessionVariableSet('admin_to'))) { // Timeout for last login, we have to logout first! - $URL = URL."/modules.php?module=admin&action=login&logout=1"; - LOAD_URL($URL); - } + LOAD_URL("modules.php?module=admin&action=login&logout=1"); + } // END - if + if (!empty($_GET['register'])) { // Registration of first admin is done - if ($_GET['register'] == "done") OUTPUT_HTML("".ADMIN_REGISTER_DONE.""); + if ($_GET['register'] == "done") LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_REGISTER_DONE')); } // END - if // Check if the admin has submitted data or not - $ret = ""; if ((isset($_POST['ok'])) && ((empty($_POST['login'])) || (empty($_POST['pass'])) || (strlen($_POST['pass']) < 4))) $_POST['ok'] = "***"; if ((isset($_POST['ok'])) && ($_POST['ok'] != "***")) { // All required data was entered so we check his account @@ -210,12 +211,12 @@ if (!isBooleanConstantAndTrue('admin_registered')) { { case "done": // Admin and password are okay, so we log in now // Construct URL and redirect - $URL = URL."/modules.php?module=admin&"; + $URL = "modules.php?module=admin&"; // Rewrite overview module if ($GLOBALS['what'] == "overview") { $GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']); - } + } // END - if // Add data to URL if (!empty($GLOBALS['what'])) $URL .= "what=".$GLOBALS['what']; @@ -228,17 +229,23 @@ if (!isBooleanConstantAndTrue('admin_registered')) { case "404": // Administrator login not found $_POST['ok'] = $ret; - $ret = ADMIN_NOT_FOUND; + $ret = getMessage('ADMIN_NOT_FOUND'); DESTROY_ADMIN_SESSION(); break; case "pass": // Wrong password $_POST['ok'] = $ret; - $ret = WRONG_PASS." [".ADMIN_RESET_PASS."]\n"; + $ret = "{!WRONG_PASS!} [{!ADMIN_RESET_PASS!}]\n"; DESTROY_ADMIN_SESSION(); break; - } - } + + default: // Others will be logged + DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown return code %s from CHECK_ADMIN_LOGIN()", $ret)); + break; + } // END - switch + } // END - if + + // Error detected? if ($ret != "done") { if (!empty($_POST['login'])) { define('__LOGIN_VALUE', $_POST['login']); @@ -248,8 +255,8 @@ if (!isBooleanConstantAndTrue('admin_registered')) { if (isset($_POST['ok'])) { // Set messages to zero - $MSG1 = ""; $MSG2 = ""; + // No login entered? if (empty($_POST['login'])) $MSG1 = ADMIN_NO_LOGIN; @@ -299,7 +306,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) { // Load login form template LOAD_TEMPLATE("admin_login_form", false, $content); - } + } // END - if } elseif (isset($_GET['logout'])) { // Only try to remove cookies if (DESTROY_ADMIN_SESSION()) { @@ -322,10 +329,10 @@ if (!isBooleanConstantAndTrue('admin_registered')) { } } else { // Something went wrong here... - OUTPUT_HTML("".ADMIN_LOGOUT_FAILED.""); + LOAD_TEMPLATE("admin_settings_saved", false, "