X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fadmin-inc.php;h=1353ad3d10da2d8b9c733016b2c1dc9fdac96d65;hp=a8f107f87f3c548b99473a2904b79b47df4282a9;hb=98077af43126dd7c274fe57f6ea0494e906e8943;hpb=95b85ceebca7c97bdd966b1cc94234adfd1abd52 diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php index a8f107f87f..1353ad3d10 100644 --- a/inc/modules/admin/admin-inc.php +++ b/inc/modules/admin/admin-inc.php @@ -10,7 +10,12 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Fuer die Administration benoetigte Funktionen * * -------------------------------------------------------------------- * - * * + * $Revision:: $ * + * $Date:: $ * + * $Tag:: 0.2.1-FINAL $ * + * $Author:: $ * + * Needs to be in all Files and every File needs "svn propset * + * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2008 by Roland Haeder * * For more information visit: http://www.mxchange.org * @@ -33,25 +38,25 @@ // Some security stuff... if (!defined('__SECURITY')) { - $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; + $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php'; require($INC); } // Register an administrator account -function REGISTER_ADMIN ($user, $md5, $email=WEBMASTER) { +function REGISTER_ADMIN ($user, $md5, $email) { // Login does already exist - $ret = "already"; + $ret = 'already'; - // Lookup the user - $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1", + // Lookup the admin + $result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1", array($user), __FUNCTION__, __LINE__); // Is the entry there? if (SQL_NUMROWS($result) == 0) { // Ok, let's create the admin login SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins` (login, password, email) VALUES ('%s', '%s', '%s')", - array($user, $md5, $email), __FUNCTION__, __LINE__); - $ret = "done"; + array($user, $md5, $email), __FUNCTION__, __LINE__); + $ret = 'done'; } // END - if // Free memory @@ -60,10 +65,11 @@ function REGISTER_ADMIN ($user, $md5, $email=WEBMASTER) { // Return result return $ret; } + // Only be executed on login procedure! function CHECK_ADMIN_LOGIN ($admin_login, $password) { // By default no admin is found - $ret = "404"; + $ret = '404'; // Get admin id $aid = GET_ADMIN_ID($admin_login); @@ -75,27 +81,27 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password) { if (isset($GLOBALS['cache_array']['admins']['password'][$aid])) { // Get password from cache $data['password'] = $GLOBALS['cache_array']['admins']['password'][$aid]; - $ret = "pass"; + $ret = 'pass'; incrementConfigEntry('cache_hits'); // Include more admins data? - if (GET_EXT_VERSION("admins") >= "0.7.0") { + if (GET_EXT_VERSION('admins') >= '0.7.2') { // Load them here $data['login_failures'] = $GLOBALS['cache_array']['admins']['login_failures'][$aid]; $data['last_failure'] = $GLOBALS['cache_array']['admins']['last_failure'][$aid]; } // END - if - } elseif (!EXT_IS_ACTIVE("cache")) { + } elseif (!EXT_IS_ACTIVE('cache')) { // Add extra data via filter now - $ADD = RUN_FILTER('sql_admin_extra_data'); + $add = runFilterChain('sql_admin_extra_data'); // Get password from DB - $result = SQL_QUERY_ESC("SELECT password".$ADD." FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `password`" . $add . " FROM `{!_MYSQL_PREFIX!}_admins` WHERE `id`=%s LIMIT 1", array($aid), __FUNCTION__, __LINE__); // Entry found? if (SQL_NUMROWS($result) == 1) { // Login password found - $ret = "pass"; + $ret = 'pass'; // Fetch data $data = SQL_FETCHARRAY($result); @@ -105,14 +111,14 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password) { SQL_FREERESULT($result); } - //* DEBUG: */ echo "*".$data['password']."/".md5($password)."/".$ret."
"; + //* DEBUG: */ echo "*".$data['password'].'/'.md5($password).'/'.$ret."
"; if ((isset($data['password'])) && (strlen($data['password']) == 32) && ($data['password'] == md5($password))) { // Generate new hash $data['password'] = generateHash($password); // Is the sql_patches not installed, than we cannot have a valid hashed password here! - if (($ret == "pass") && ((EXT_VERSION_IS_OLDER("sql_patches", "0.3.6")) || (GET_EXT_VERSION("sql_patches") == ""))) $ret = "done"; - } elseif ((EXT_VERSION_IS_OLDER("sql_patches", "0.3.6")) || (GET_EXT_VERSION("sql_patches") == "")) { + if (($ret == 'pass') && ((EXT_VERSION_IS_OLDER('sql_patches', '0.3.6')) || (GET_EXT_VERSION('sql_patches') == ''))) $ret = 'done'; + } elseif ((EXT_VERSION_IS_OLDER('sql_patches', '0.3.6')) || (GET_EXT_VERSION('sql_patches') == '')) { // Old hashing way return $ret; } elseif (!isset($data['password'])) { @@ -125,57 +131,57 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password) { $salt = __SALT; // Check if password is same - //* DEBUG: */ echo "*".$ret.",".$data['password'].",".$password.",".$salt."*
\n"; - if (($ret == "pass") && ($data['password'] == generateHash($password, $salt)) && ((!empty($salt))) || ($data['password'] == $password)) { + //* DEBUG: */ echo "*".$ret.','.$data['password'].','.$password.','.$salt."*
\n"; + if (($ret == 'pass') && ($data['password'] == generateHash($password, $salt)) && ((!empty($salt))) || ($data['password'] == $password)) { // Re-hash the plain passord with new random salt $data['password'] = generateHash($password); // Do we have 0.7.0 of admins or later? // Remmeber login failures if available - if (GET_EXT_VERSION("admins") >= "0.7.2") { + if (GET_EXT_VERSION('admins') >= '0.7.2') { // Store it in session - set_session('mxchange_admin_failures', $data['login_failures']); - set_session('mxchange_admin_last_fail', $data['last_failure']); + setSession('mxchange_admin_failures', $data['login_failures']); + setSession('mxchange_admin_last_fail', $data['last_failure']); // Update password and reset login failures - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s',login_failures=0,last_failure='0000-00-00 00:00:00' WHERE id=%s LIMIT 1", - array($data['password'], $aid), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s',login_failures=0,last_failure='0000-00-00 00:00:00' WHERE `id`=%s LIMIT 1", + array($data['password'], $aid), __FUNCTION__, __LINE__); } else { // Update password - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s' WHERE id=%s LIMIT 1", - array($data['password'], $aid), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s' WHERE `id`=%s LIMIT 1", + array($data['password'], $aid), __FUNCTION__, __LINE__); } // Rebuild cache - REBUILD_CACHE("admins", "admin"); + rebuildCacheFiles('admins', 'admin'); // Login has failed by default... ;-) - $ret = "failed"; + $ret = 'failed'; // Password matches so login here if (LOGIN_ADMIN($admin_login, $data['password'])) { // All done now - $ret = "done"; + $ret = 'done'; } // END - if - } elseif ((empty($salt)) && ($ret == "pass")) { + } elseif ((empty($salt)) && ($ret == 'pass')) { // Something bad went wrong - $ret = "failed"; - } elseif ($ret == "done") { + $ret = 'failed'; + } elseif ($ret == 'done') { // Try to login here if we have the old hashing way (sql_patches not installed?) if (!LOGIN_ADMIN($admin_login, $data['password'])) { // Something went wrong - $ret = "failed"; + $ret = 'failed'; } // END - if } // Count login failure if admins extension version is 0.7.0+ - if (($ret == "pass") && (GET_EXT_VERSION("admins") >= "0.7.0")) { + if (($ret == 'pass') && (GET_EXT_VERSION('admins') >= '0.7.0')) { // Update counter - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET login_failures=login_failures+1,last_failure=NOW() WHERE id=%s LIMIT 1", - array($aid), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET login_failures=login_failures+1,last_failure=NOW() WHERE `id`=%s LIMIT 1", + array($aid), __FUNCTION__, __LINE__); // Rebuild cache - REBUILD_CACHE("admins", "admin"); + rebuildCacheFiles('admins', 'admin'); } // END - if // Return the result @@ -186,45 +192,44 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password) { // Try to login the admin by setting some session/cookie variables function LOGIN_ADMIN ($adminLogin, $passHash) { // Reset failure counter on matching admins version - if ((GET_EXT_VERSION("admins") >= "0.7.0") && ((EXT_VERSION_IS_OLDER("sql_patches", "0.3.6")) || (GET_EXT_VERSION("sql_patches") == ""))) { + if ((GET_EXT_VERSION('admins') >= '0.7.0') && ((EXT_VERSION_IS_OLDER('sql_patches', '0.3.6')) || (GET_EXT_VERSION('sql_patches') == ''))) { // Reset counter on out-dated sql_patches version SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET login_failures=0,last_failure='0000-00-00 00:00:00' WHERE login='%s' LIMIT 1", array($adminLogin), __FUNCTION__, __LINE__); // Rebuild cache - REBUILD_CACHE("admins", "admin"); + rebuildCacheFiles('admins', 'admin'); } // END - if // Now set all session variables and return the result - return ( - ( - set_session('admin_md5', generatePassString($passHash)) - ) && ( - set_session('admin_login', $adminLogin) - ) && ( - set_session('admin_last', time()) - ) && ( - set_session('admin_to', bigintval(REQUEST_POST('timeout'))) - ) - ); + return (( + setSession('admin_md5', generatePassString($passHash)) + ) && ( + setSession('admin_login', $adminLogin) + ) && ( + setSession('admin_last', time()) + ) && ( + setSession('admin_to', bigintval(REQUEST_POST('timeout'))) + )); } // Only be executed on cookie checking function CHECK_ADMIN_COOKIES ($admin_login, $password) { // By default no admin cookies are found - $ret = "404"; $pass = ""; + $ret = '404'; + $pass = ''; // Get hash $pass = GET_ADMIN_HASH(GET_ADMIN_ID($admin_login)); - if ($pass != "-1") $ret = "pass"; + if ($pass != '-1') $ret = 'pass'; - //* DEBUG: */ print __FUNCTION__."(".__LINE__."):".generatePassString($pass)."(".strlen($pass).")/".$password."(".strlen($password).")
\n"; + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):".generatePassString($pass).'('.strlen($pass).")/".$password.'('.strlen($password).")
\n"; // Check if password matches - if (($ret == "pass") && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass)))) { + if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass)))) { // Passwords matches! - $ret = "done"; - } + $ret = 'done'; + } // END - if // Return result return $ret; @@ -233,81 +238,82 @@ function CHECK_ADMIN_COOKIES ($admin_login, $password) { // function ADMIN_DO_ACTION ($wht) { global $DATA; - //* DEBUG: */ echo __LINE__."*".$wht."/".$GLOBALS['module']."/".$GLOBALS['action']."/".$GLOBALS['what']."*
\n"; + //* DEBUG: */ echo __LINE__."*".$wht.'/'.getModule().'/'.getAction().'/'.getWhat()."*
\n"; // Remove any spaces from variable if (empty($wht)) { // Default admin action is the overview page - $wht = "overview"; + $wht = 'overview'; } else { // Compile out some chars $wht = COMPILE_CODE($wht, false, false, false); } // Get action value - $act = GET_ACTION($GLOBALS['module'], $wht); + $act = getModeAction(getModule(), $wht); // Define admin login name and ID number - define('__ADMIN_LOGIN', get_session('admin_login')); - define('__ADMIN_ID' , GET_CURRENT_ADMIN_ID()); + define('__ADMIN_LOGIN', getSession('admin_login')); + define('__ADMIN_ID' , getCurrentAdminId()); // Preload templates - if (EXT_IS_ACTIVE("admins")) { - define('__ADMIN_WELCOME', LOAD_TEMPLATE("admin_welcome_admins", true)); + if (EXT_IS_ACTIVE('admins')) { + define('__ADMIN_WELCOME', LOAD_TEMPLATE('admin_welcome_admins', true)); } else { - define('__ADMIN_WELCOME', LOAD_TEMPLATE("admin_welcome", true)); + define('__ADMIN_WELCOME', LOAD_TEMPLATE('admin_welcome', true)); } - define('__ADMIN_FOOTER' , LOAD_TEMPLATE("admin_footer" , true)); + define('__ADMIN_FOOTER' , LOAD_TEMPLATE('admin_footer' , true)); define('__ADMIN_MENU' , ADD_ADMIN_MENU($act, $wht, true)); // Tableset header - LOAD_TEMPLATE("admin_main_header"); + LOAD_TEMPLATE('admin_main_header'); // Check if action/what pair is valid - $result_action = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admin_menu` -WHERE `action`='%s' AND ((what='%s' AND what != 'overview') OR ((what='' OR `what` IS NULL) AND '%s'='overview')) + $result_action = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_admin_menu` +WHERE `action`='%s' AND ((`what`='%s' AND what != 'overview') OR ((`what`='' OR `what` IS NULL) AND '%s'='overview')) LIMIT 1", array($act, $wht, $wht), __FUNCTION__, __LINE__); if (SQL_NUMROWS($result_action) == 1) { // Is valid but does the inlcude file exists? $INC = sprintf("inc/modules/admin/action-%s.php", $act); - if ((INCLUDE_READABLE($INC)) && (VALIDATE_MENU_ACTION("admin", $act, $wht)) && ($GLOBALS['acl_allow'] === true)) { + if ((isIncludeReadable($INC)) && (isMenuActionValid('admin', $act, $wht)) && ($GLOBALS['acl_allow'] === true)) { // Ok, we finally load the admin action module - LOAD_INC($INC); + loadInclude($INC); } elseif ($GLOBALS['acl_allow'] === false) { // Access denied - LOAD_TEMPLATE("admin_menu_failed", false, getMessage('ADMIN_ACCESS_DENIED')); + LOAD_TEMPLATE('admin_menu_failed', false, getMessage('ADMIN_ACCESS_DENIED')); addFatalMessage(__FUNCTION__, __LINE__, getMessage('ADMIN_ACCESS_DENIED')); } else { // Include file not found! :-( - LOAD_TEMPLATE("admin_menu_failed", false, sprintf(getMessage('ADMIN_ACTION_404'), $act)); + LOAD_TEMPLATE('admin_menu_failed', false, sprintf(getMessage('ADMIN_ACTION_404'), $act)); addFatalMessage(__FUNCTION__, __LINE__, getMessage('ADMIN_ACTION_404'), $act); } } else { // Invalid action/what pair found! - LOAD_TEMPLATE("admin_menu_failed", false, sprintf(getMessage('ADMIN_ACTION_INVALID'), $act."/".$wht)); - addFatalMessage(__FUNCTION__, __LINE__, getMessage('ADMIN_ACTION_INVALID'), $act."/".$wht); + LOAD_TEMPLATE('admin_menu_failed', false, sprintf(getMessage('ADMIN_ACTION_INVALID'), $act.'/'.$wht)); + addFatalMessage(__FUNCTION__, __LINE__, getMessage('ADMIN_ACTION_INVALID'), $act.'/'.$wht); } // Free memory SQL_FREERESULT($result_action); // Tableset footer - LOAD_TEMPLATE("admin_main_footer"); + LOAD_TEMPLATE('admin_main_footer'); } + // -function ADD_ADMIN_MENU($act, $wht, $return=false) { +function ADD_ADMIN_MENU ($act, $wht, $return=false) { // Init variables $SUB = false; - $OUT = ""; + $OUT = ''; // Menu descriptions $GLOBALS['menu']['description'] = array(); $GLOBALS['menu']['title'] = array(); // Is there a cache instance? - if ((isset($GLOBALS['cache_instance'])) && (is_object($GLOBALS['cache_instance'])) && (getConfig('cache_admin_menu') == "Y")) { + if ((isCacheInstanceValid()) && (getConfig('cache_admin_menu') == 'Y')) { // Create cache name - $cacheName = "admin_".$act."_".$wht."_".GET_LANGUAGE()."_".strtolower(get_session('admin_login')); + $cacheName = 'admin_' . $act . '_' . $wht . '_' . getLanguage() . '_' . strtolower(getSession('admin_login')); // Is that cache there? if ($GLOBALS['cache_instance']->loadCacheFile($cacheName)) { @@ -320,7 +326,7 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) { $GLOBALS['menu']['description'] = unserialize(base64_decode($data['descr'][0])); // Return or output content? - if ($return) { + if ($return === true) { return $OUT; } else { OUTPUT_HTML($OUT); @@ -329,15 +335,16 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) { } // END - if // Build main menu - $result_main = SQL_QUERY("SELECT action, title, descr FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE (what='' OR `what` IS NULL) ORDER BY `sort`, id DESC", __FUNCTION__, __LINE__); + $result_main = SQL_QUERY("SELECT action, title, descr FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE (`what`='' OR `what` IS NULL) ORDER BY `sort`, id DESC", __FUNCTION__, __LINE__); if (SQL_NUMROWS($result_main) > 0) { - $OUT = " -\n"; + $OUT = "
 
\n"; + $OUT .= " - -\n"; + + $OUT .= " +\n"; + + // Check for menu entries $result_what = SQL_QUERY_ESC("SELECT what, title, descr FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort`, id DESC", array($menu), __FUNCTION__, __LINE__); - if ((SQL_NUMROWS($result_what) > 0) && ($act == $menu)) - { + + // Remember the count for later checks + setAdminMenuHasEntries($menu, ((SQL_NUMROWS($result_what) > 0) && ($act == $menu))); + + // Do we have entries? + if ((ifAdminMenuHasEntries($menu)) && (SQL_NUMROWS($result_what) > 0)) { $GLOBALS['menu']['description'] = array(); $GLOBALS['menu']['title'] = array(); $SUB = true; - $OUT .= " - - -\n"; + $OUT .= " +\n"; } - $OUT .= "\n"; + + $OUT .= "
  •  
    • \n"; } } // Free memory SQL_FREERESULT($result_main); - $OUT .= "
     
    -  · "; - if (($menu == $act) && (empty($wht))) - { + $OUT .= "
  • +
    · "; + + if (($menu == $act) && (empty($wht))) { $OUT .= ""; - } - else - { + } else { $OUT .= "["; } + $OUT .= $title; - if (($menu == $act) && (empty($wht))) - { + + if (($menu == $act) && (empty($wht))) { $OUT .= ""; - } - else - { + } else { $OUT .= "]"; } - $OUT .= "
    •   - \n"; + $OUT .= "
    • \n"; + // @TODO Rewrite this to $content = SQL_FETCHARRAY() while (list($wht_sub, $title_what, $desc_what) = SQL_FETCHROW($result_what)) { - // Filename - $INC = sprintf("%sinc/modules/admin/what-%s.php", constant('PATH'), $wht_sub); - if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2")) { - $ACL = ADMINS_CHECK_ACL("", $wht_sub); + // Check for access level + if ((EXT_IS_ACTIVE('admins')) && (GET_EXT_VERSION('admins') > '0.2.0')) { + $ACL = adminsCheckAdminAcl('', $wht_sub); } else { - // ACL is "allow"... hmmm + // @TODO ACL is 'allow'... hmmm $ACL = true; } - $readable = INCLUDE_READABLE($INC); + + // Filename + $INC = sprintf("inc/modules/admin/what-%s.php", $wht_sub); + + // Is the file readable? + $readable = isIncludeReadable($INC); + + // Access allowed? if ($ACL === true) { // Insert compiled title and description $GLOBALS['menu']['title'][$wht_sub] = $title_what; $GLOBALS['menu']['description'][$wht_sub] = $desc_what; - $OUT .= "
    • - -\n"; + $OUT .= " +\n"; } } // Free memory SQL_FREERESULT($result_what); - $OUT .= "
    -  --> "; - if ($readable === true) - { - if ($wht == $wht_sub) - { + $OUT .= "
  • +
    --> "; + if ($readable === true) { + if ($wht == $wht_sub) { $OUT .= ""; - } - else - { + } else { $OUT .= "["; } + } else { + $OUT .= ""; } - else - { - $OUT .= ""; - } + $OUT .= $title_what; - if ($readable === true) - { - if ($wht == $wht_sub) - { + + if ($readable === true) { + if ($wht == $wht_sub) { $OUT .= ""; - } - else - { + } else { $OUT .= "]"; } - } - else - { + } else { $OUT .= ""; } - $OUT .= "
    • -
    \n"; + $OUT .= "\n"; } - // Compile and run the code here. This inserts all constants into the - // HTML output. Costs me some time to figure this out... *sigh* Quix0r - // @TODO Is this eval longer needed? - $eval = "\$OUT = \"".COMPILE_CODE(smartAddSlashes($OUT))."\";"; - eval($eval); - // Is there a cache instance again? - if ((isset($GLOBALS['cache_instance'])) && (is_object($GLOBALS['cache_instance'])) && (getConfig('cache_admin_menu') == "Y")) { + if ((isCacheInstanceValid()) && (getConfig('cache_admin_menu') == 'Y')) { // Init cache $GLOBALS['cache_instance']->init($cacheName); @@ -473,61 +470,66 @@ function ADD_ADMIN_MENU($act, $wht, $return=false) { } // END - if // Return or output content? - if ($return) { + if ($return === true) { return $OUT; } else { OUTPUT_HTML($OUT); } } -// -function ADD_MEMBER_SELECTION_BOX ($def="0", $add_all=false, $return=false, $none=false, $field="userid") -{ + +// Create member selection box +function ADD_MEMBER_SELECTION_BOX ($def='0', $add_all=false, $return=false, $none=false, $field='userid') { // Output selection form with all confirmed user accounts listed - $result = SQL_QUERY("SELECT userid, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` ORDER BY userid", __FUNCTION__, __LINE__); - $OUT = ""; + $result = SQL_QUERY("SELECT userid, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` ORDER BY `userid` ASC", __FUNCTION__, __LINE__); + + // Default output + $OUT = ''; // USe this only for adding points (e.g. adding refs really makes no sence ;-) ) - if ($add_all) $OUT = " \n"; - elseif ($none) $OUT = " \n"; - while (list($id, $sname, $fname) = SQL_FETCHROW($result)) - { - $OUT .= " \n"; + elseif ($none === true) $OUT = " \n"; + + while ($content = SQL_FETCHARRAY($result)) { + $OUT .= " \n"; + $OUT = "\n"; - + // Return contents return $OUT; } -// -function ADMIN_USER_PROFILE_LINK ($uid, $title="", $wht="list_user") { - if (($title == "") && ($title != "0")) { + +// Creates a user-profile link for the admin. This function can also be used for many other purposes +function generateUserProfileLink ($uid, $title = '', $wht="list_user") { + if (($title == '') && ($title != '0')) { // Set userid as title $title = $uid; } // END - if - if (($title == "0") && ($wht == "list_refs")) { + if (($title == '0') && ($wht == "list_refs")) { // Return title again return $title; } // END - if @@ -704,21 +707,21 @@ function ADMIN_USER_PROFILE_LINK ($uid, $title="", $wht="list_user") { // Check "logical-area-mode" function ADMIN_CHECK_MENU_MODE () { // Set the global mode as the mode for all admins - $MODE = getConfig('admin_menu'); - $ADMIN = $MODE; + $mode = getConfig('admin_menu'); + $ADMIN = $mode; // Get admin id - $aid = GET_CURRENT_ADMIN_ID(); + $aid = getCurrentAdminId(); // Check individual settings of current admin if (isset($GLOBALS['cache_array']['admins']['la_mode'][$aid])) { // Load from cache $ADMIN = $GLOBALS['cache_array']['admins']['la_mode'][$aid]; incrementConfigEntry('cache_hits'); - } elseif (GET_EXT_VERSION("admins") >= "0.6.7") { - // Load from database when version of "admins" is enough - $result = SQL_QUERY_ESC("SELECT la_mode FROM `{!_MYSQL_PREFIX!}_admins` WHERE id=%s LIMIT 1", - array($aid), __FUNCTION__, __LINE__); + } elseif (GET_EXT_VERSION('admins') >= '0.6.7') { + // Load from database when version of 'admins' is enough + $result = SQL_QUERY_ESC("SELECT la_mode FROM `{!_MYSQL_PREFIX!}_admins` WHERE `id`=%s LIMIT 1", + array($aid), __FUNCTION__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load data list($ADMIN) = SQL_FETCHROW($result); @@ -729,15 +732,15 @@ function ADMIN_CHECK_MENU_MODE () { } // Check what the admin wants and set it when it's not the global mode - if ($ADMIN != "global") $MODE = $ADMIN; + if ($ADMIN != 'global') $mode = $ADMIN; // Return admin-menu's mode - return $MODE; + return $mode; } // Change activation status -function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") { - $cnt = 0; $newStatus = "Y"; +function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = 'id') { + $cnt = 0; $newStatus = 'Y'; if ((is_array($IDs)) && (count($IDs) > 0)) { // "Walk" all through and count them foreach ($IDs as $id => $selected) { @@ -748,7 +751,7 @@ function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") { if (!empty($selected)) { // Determine new status $result = SQL_QUERY_ESC("SELECT %s FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1", - array($row, $table, $idRow, $id), __FUNCTION__, __LINE__); + array($row, $table, $idRow, $id), __FUNCTION__, __LINE__); // Row found? if (SQL_NUMROWS($result) == 1) { @@ -756,11 +759,11 @@ function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") { list($currStatus) = SQL_FETCHROW($result); // And switch it N<->Y - if ($currStatus == "Y") $newStatus = "N"; else $newStatus = "Y"; + if ($currStatus == 'Y') $newStatus = 'N'; else $newStatus = 'Y'; // Change this status SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_%s` SET %s='%s' WHERE %s=%s LIMIT 1", - array($table, $row, $newStatus, $idRow, $id), __FUNCTION__, __LINE__); + array($table, $row, $newStatus, $idRow, $id), __FUNCTION__, __LINE__); // Count up affected rows $cnt += SQL_AFFECTEDROWS(); @@ -772,15 +775,15 @@ function ADMIN_CHANGE_ACTIVATION_STATUS ($IDs, $table, $row, $idRow = "id") { } // END - foreach // Output status - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_STATUS_CHANGED_1.$cnt.ADMIN_STATUS_CHANGED_2.count($IDs).ADMIN_STATUS_CHANGED_3); + LOAD_TEMPLATE('admin_settings_saved', false, sprintf(getMessage('ADMIN_STATUS_CHANGED'), $cnt, count($IDs))); } else { // Nothing selected! - LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_NOTHING_SELECTED_CHANGE')); + LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_NOTHING_SELECTED_CHANGE')); } } // Send mails for del/edit/lock build modes -function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="") { +function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart = '') { // Default subject is the subject part $subject = $subjectPart; @@ -793,7 +796,7 @@ function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="") // Is the raw userid set? if (REQUEST_POST('uid_raw', $id) > 0) { // Generate subject - $subjectLine = constant('MEMBER_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT'); + $subjectLine = getMessage('MEMBER_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT'); // Load email template if (!empty($subjectPart)) { @@ -803,23 +806,23 @@ function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="") } // Send email out - SEND_EMAIL(REQUEST_POST('uid_raw', $id), $subjectLine, $mail); + sendEmail(REQUEST_POST('uid_raw', $id), $subjectLine, $mail); } // END - if // Generate subject - $subjectLine = constant('ADMIN_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT'); + $subjectLine = getMessage('ADMIN_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT'); // Send admin notification out if (!empty($subjectPart)) { - SEND_ADMIN_NOTIFICATION($subjectLine, "admin_".$mode."_".strtolower($subjectPart)."_".$table, $content, REQUEST_POST('uid_raw', $id)); + sendAdminNotification($subjectLine, "admin_".$mode."_".strtolower($subjectPart)."_".$table, $content, REQUEST_POST('uid_raw', $id)); } else { - SEND_ADMIN_NOTIFICATION($subjectLine, "admin_".$mode."_".$table, $content, REQUEST_POST('uid_raw', $id)); + sendAdminNotification($subjectLine, "admin_".$mode."_".$table, $content, REQUEST_POST('uid_raw', $id)); } } // Build a special template list function ADMIN_BUILD_LIST ($listType, $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn) { - $OUT = ""; $SW = 2; + $OUT = ''; $SW = 2; // "Walk" through all entries foreach ($IDs as $id => $selected) { @@ -840,13 +843,13 @@ function ADMIN_BUILD_LIST ($listType, $IDs, $table, $columns, $filterFunctions, $idx = array_search($key, $columns, true); // Do we have a userid? - if ($key == "userid") { + if ($key == 'userid') { // Add it again as raw id $content['uid'] = bigintval($value); } // END - if // Handle the call in external function - $content[$key] = HANDLE_EXTRA_VALUES($filterFunctions[$idx], $value, $extraValues[$idx]); + $content[$key] = handleExtraValues($filterFunctions[$idx], $value, $extraValues[$idx]); } // END - foreach // Add color switching @@ -854,9 +857,9 @@ function ADMIN_BUILD_LIST ($listType, $IDs, $table, $columns, $filterFunctions, // Then list it $OUT .= LOAD_TEMPLATE(sprintf("admin_%s_%s_row", - $listType, - $table - ), true, $content + $listType, + $table + ), true, $content ); // Switch color @@ -869,9 +872,9 @@ function ADMIN_BUILD_LIST ($listType, $IDs, $table, $columns, $filterFunctions, // Load master template LOAD_TEMPLATE(sprintf("admin_%s_%s", - $listType, - $table - ), false, $OUT + $listType, + $table + ), false, $OUT ); } @@ -882,9 +885,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct // "Walk" through all entries foreach ($IDs as $id => $sel) { // Construct SQL query - $sql = sprintf("UPDATE `{!_MYSQL_PREFIX!}_%s` SET", - SQL_ESCAPE($table) - ); + $sql = sprintf("UPDATE `{!_MYSQL_PREFIX!}_%s` SET", SQL_ESCAPE($table)); // Load data of entry $result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1", @@ -897,9 +898,9 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct SQL_FREERESULT($result); // Add all status entries (e.g. status column last_updated or so) - $newStatus = "UNKNOWN"; - $oldStatus = "UNKNOWN"; - $statusColumn = "unknown"; + $newStatus = 'UNKNOWN'; + $oldStatus = 'UNKNOWN'; + $statusColumn = 'unknown'; foreach ($statusArray as $column => $statusInfo) { // Does the entry exist? if ((isset($content[$column])) && (isset($statusInfo[$content[$column]]))) { @@ -907,7 +908,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct $sql .= sprintf(" %s='%s',", SQL_ESCAPE($column), SQL_ESCAPE($statusInfo[$content[$column]])); // Remember status - if ($statusColumn == "unknown") { + if ($statusColumn == 'unknown') { // Always (!!!) change status column first! $oldStatus = $content[$column]; $newStatus = $statusInfo[$oldStatus]; @@ -915,7 +916,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct } // END - if } elseif (isset($content[$column])) { // Unfinished! - mxchange_die("{--".__FUNCTION__."--}:".__LINE__.":UNFINISHED: id={$id}/{$column}[".gettype($statusInfo)."] = {$content[$column]}"); + app_die(__FUNCTION__, __LINE__, ":UNFINISHED: id={$id}/{$column}[".gettype($statusInfo)."] = {$content[$column]}"); } } // END - foreach @@ -938,11 +939,11 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct } // END - foreach // Finish SQL statement - $sql = substr($sql, 0, -1) . sprintf(" WHERE %s=%s AND %s='%s' LIMIT 1", - $idColumn, - bigintval($id), - $statusColumn, - $oldStatus + $sql = substr($sql, 0, -1) . sprintf(" WHERE `%s`=%s AND `%s`='%s' LIMIT 1", + $idColumn, + bigintval($id), + $statusColumn, + $oldStatus ); // Run the SQL @@ -961,7 +962,7 @@ function ADMIN_BUILD_STATUS_HANDLER ($mode, $IDs, $table, $columns, $filterFunct } // Delete rows by given ID numbers -function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $deleteNow=false, $idColumn="id", $userIdColumn="userid") { +function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $deleteNow=false, $idColumn='id', $userIdColumn='userid') { // All valid entries? (We hope so here!) if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) { // Shall we delete here or list for deletion? @@ -970,13 +971,13 @@ function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFu $sql = "DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s IN (%s)"; // Delete them all - $idList = ""; + $idList = ''; foreach ($IDs as $id => $sel) { // Is there a userid? if (REQUEST_ISSET_POST('uid_raw', $id)) { // Load all data from that id $result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1", - array($table, $idColumn, $id), __FUNCTION__, __LINE__); + array($table, $idColumn, $id), __FUNCTION__, __LINE__); // Fetch the data $content = SQL_FETCHARRAY($result); @@ -985,11 +986,11 @@ function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFu SQL_FREERESULT($result); // Send "build mails" out - ADMIN_SEND_BUILD_MAILS("del", $table, $content, $id); + ADMIN_SEND_BUILD_MAILS('del', $table, $content, $id); } // END - if // Add id number - $idList .= $id.","; + $idList .= $id . ','; } // END - foreach // Run the query @@ -998,20 +999,20 @@ function ADMIN_DELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFu // Was this fine? if (SQL_AFFECTEDROWS() == count($IDs)) { // All deleted - LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ALL_ENTRIES_REMOVED')); + LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_ALL_ENTRIES_REMOVED')); } else { // Some are still there :( - LOAD_TEMPLATE("admin_settings_saved", false, sprintf(ADMIN_SOME_ENTRIES_NOT_DELETED, SQL_AFFECTEDROWS(), count($IDs))); + LOAD_TEMPLATE('admin_settings_saved', false, sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_DELETED'), SQL_AFFECTEDROWS(), count($IDs))); } } else { // List for deletion confirmation - ADMIN_BUILD_LIST("del", $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); + ADMIN_BUILD_LIST('del', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); } } // END - if } // Edit rows by given ID numbers -function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $editNow=false, $idColumn="id", $userIdColumn="userid") { +function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $editNow=false, $idColumn='id', $userIdColumn='userid') { // All valid entries? (We hope so here!) if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues))) { // Shall we change here or list for editing? @@ -1024,7 +1025,7 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc // Prepare SQL for this row $sql = sprintf("UPDATE `{!_MYSQL_PREFIX!}_ SET", - SQL_ESCAPE($table) + SQL_ESCAPE($table) ); foreach (REQUEST_POST_ARRAY() as $key => $entries) { // Skip raw userid which is always invalid @@ -1041,13 +1042,13 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc // Send data through the filter function if found if ((isset($filterFunctions[$key])) && (isset($extraValues[$key]))) { // Filter function set! - $entries[$id] = HANDLE_EXTRA_VALUES($filterFunctions[$key], $entries[$id], $extraValues[$key]); + $entries[$id] = handleExtraValues($filterFunctions[$key], $entries[$id], $extraValues[$key]); } // END - if // Then add this value $sql .= sprintf(" %s='%s',", - SQL_ESCAPE($key), - SQL_ESCAPE($entries[$id]) + SQL_ESCAPE($key), + SQL_ESCAPE($entries[$id]) ); } elseif (($key != $idColumn) && (!is_array($entries))) { // Add normal entries as well! @@ -1062,7 +1063,7 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc } // END - foreach // Finish SQL command - $sql = substr($sql, 0, -1) . " WHERE ".$idColumn."=".bigintval($id)." LIMIT 1"; + $sql = substr($sql, 0, -1) . " WHERE `".$idColumn."`=".bigintval($id)." LIMIT 1"; // Run this query SQL_QUERY($sql, __FUNCTION__, __LINE__); @@ -1071,8 +1072,8 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc $affected += SQL_AFFECTEDROWS(); // Load all data from that id - $result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE %s=%s LIMIT 1", - array($table, $idColumn, $id), __FUNCTION__, __LINE__); + $result = SQL_QUERY_ESC("SELECT * FROM `{!_MYSQL_PREFIX!}_%s` WHERE `%s`=%s LIMIT 1", + array($table, $idColumn, $id), __FUNCTION__, __LINE__); // Fetch the data global $DATA; @@ -1082,26 +1083,26 @@ function ADMIN_EDIT_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc SQL_FREERESULT($result); // Send "build mails" out - ADMIN_SEND_BUILD_MAILS("edit", $table, $content, $id); + ADMIN_SEND_BUILD_MAILS('edit', $table, $content, $id); } // END - foreach // Was this fine? if ($affected == count($IDs)) { // All deleted - LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ALL_ENTRIES_EDITED')); + LOAD_TEMPLATE('admin_settings_saved', false, getMessage('ADMIN_ALL_ENTRIES_EDITED')); } else { // Some are still there :( - LOAD_TEMPLATE("admin_settings_saved", false, sprintf(ADMIN_SOME_ENTRIES_NOT_EDITED, $affected, count($IDs))); + LOAD_TEMPLATE('admin_settings_saved', false, sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_EDITED'), $affected, count($IDs))); } } else { // List for editing - ADMIN_BUILD_LIST("edit", $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); + ADMIN_BUILD_LIST('edit', $IDs, $table, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); } } // END - if } // Un-/lock rows by given ID numbers -function ADMIN_LOCK_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn="id", $userIdColumn="userid") { +function ADMIN_LOCK_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn='id', $userIdColumn='userid') { // All valid entries? (We hope so here!) if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && ((!$lockNow) || (count($statusArray) == 1))) { // Shall we un-/lock here or list for locking? @@ -1116,7 +1117,7 @@ function ADMIN_LOCK_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunc } // Undelete rows by given ID numbers -function ADMIN_UNDELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn="id", $userIdColumn="userid") { +function ADMIN_UNDELETE_ENTRIES_CONFIRM ($IDs, $table, $columns=array(), $filterFunctions=array(), $extraValues=array(), $statusArray=array(), $lockNow=false, $idColumn='id', $userIdColumn='userid') { // All valid entries? (We hope so here!) if ((is_array($IDs)) && (count($IDs) > 0) && (count($columns) == count($filterFunctions)) && (count($columns) == count($extraValues)) && ((!$lockNow) || (count($statusArray) == 1))) { // Shall we un-/lock here or list for locking? @@ -1136,10 +1137,10 @@ function ADMIN_TEST_PROXY_SETTINGS ($settingsArray) { mergeConfig($settingsArray); // Now get the test URL - $content = GET_URL("check-updates3.php"); + $content = sendGetRequest('check-updates3.php'); // Is the first line with "200 OK"? - $valid = eregi("200 OK", $content[0]); + $valid = (strpos($content[0], '200 OK') !== false); // Return result return $valid; @@ -1148,14 +1149,14 @@ function ADMIN_TEST_PROXY_SETTINGS ($settingsArray) { // Sends out a link to the given email adress so the admin can reset his/her password function ADMIN_SEND_PASSWORD_RESET_LINK ($email) { // Init output - $OUT = ""; + $OUT = ''; // Compile out security characters (must be for looking up!) $email = COMPILE_CODE($email); // Look up administator login $result = SQL_QUERY_ESC("SELECT id, login, password FROM `{!_MYSQL_PREFIX!}_admins` WHERE email='%s' LIMIT 1", - array($email), __FUNCTION__, __LINE__); + array($email), __FUNCTION__, __LINE__); // Is there an account? if (SQL_NUMROWS($result) == 0) { @@ -1170,7 +1171,7 @@ function ADMIN_SEND_PASSWORD_RESET_LINK ($email) { SQL_FREERESULT($result); // Generate hash for reset link - $content['hash'] = generateHash(URL.":".$content['id'].":".$content['login'].":".$content['password'], substr($content['password'], 10)); + $content['hash'] = generateHash(URL.':'.$content['id'].':'.$content['login'].':'.$content['password'], substr($content['password'], 10)); // Remove some data unset($content['id']); @@ -1180,7 +1181,7 @@ function ADMIN_SEND_PASSWORD_RESET_LINK ($email) { $mailText = LOAD_EMAIL_TEMPLATE("admin_reset_password", $content); // Send it out - SEND_EMAIL($email, getMessage('ADMIN_RESET_PASS_LINK_SUBJ'), $mailText); + sendEmail($email, getMessage('ADMIN_RESET_PASS_LINK_SUBJ'), $mailText); // Prepare output return getMessage('ADMIN_RESET_LINK_SENT'); @@ -1196,7 +1197,7 @@ function ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN ($hash, $login) { // Then try to find that user $result = SQL_QUERY_ESC("SELECT id, password, email FROM `{!_MYSQL_PREFIX!}_admins` WHERE login='%s' LIMIT 1", - array($login), __FUNCTION__, __LINE__); + array($login), __FUNCTION__, __LINE__); // Is an account here? if (SQL_NUMROWS($result) == 1) { @@ -1204,7 +1205,7 @@ function ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN ($hash, $login) { $content = SQL_FETCHARRAY($result); // Generate hash again - $hashFromData = generateHash(URL.":".$content['id'].":".$login.":".$content['password'], substr($content['password'], 10)); + $hashFromData = generateHash(URL.':'.$content['id'].':'.$login.':'.$content['password'], substr($content['password'], 10)); // Does both match? $valid = ($hash == $hashFromData); @@ -1216,13 +1217,14 @@ function ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN ($hash, $login) { // Return result return $valid; } + // Reset the password for the login. Do NOT call this function without calling above function first! function ADMIN_RESET_PASSWORD ($login, $password) { // Init hash - $passHash = ""; + $passHash = ''; // Now check if we have sql_patches installed - if (GET_EXT_VERSION("sql_patches") >= "0.3.6") { + if (GET_EXT_VERSION('sql_patches') >= '0.3.6') { // Use new way of hashing $passHash = generateHash($password); } else { @@ -1232,29 +1234,73 @@ function ADMIN_RESET_PASSWORD ($login, $password) { // Update database SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admins` SET password='%s' WHERE login='%s' LIMIT 1", - array($passHash, $login), __FUNCTION__, __LINE__); + array($passHash, $login), __FUNCTION__, __LINE__); // Run filters - RUN_FILTER('post_admin_reset_pass', array('login' => $login, 'hash' => $passHash)); + runFilterChain('post_admin_reset_pass', array('login' => $login, 'hash' => $passHash)); // Return output return ADMIN_PASSWORD_RESET_DONE; } + // Solves a task by given id number function ADMIN_SOLVE_TASK ($id) { // Update the task data - ADMIN_UPDATE_TASK_DATA($id, "status", "SOLVED"); + ADMIN_UPDATE_TASK_DATA($id, 'status', "SOLVED"); } + // Marks a given task as deleted function ADMIN_DELETE_TASK ($id) { // Update the task data - ADMIN_UPDATE_TASK_DATA($id, "status", "DELETED"); + ADMIN_UPDATE_TASK_DATA($id, 'status', "DELETED"); } + // Function to update task data function ADMIN_UPDATE_TASK_DATA ($id, $row, $data) { + // Is the id not set, then we need a backtrace here... :( + if ($id <= 0) { + // Initiate backtrace + debug_report_bug(sprintf("id is invalid: %s. row=%s, data=%s", + $id, + $row, + $data + )); + } // END - if + // Update the task - SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_task_system` SET %s='%s' WHERE id=%s LIMIT 1", - array($row, $data, bigintval($id)), __FUNCTION__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_task_system` SET %s='%s' WHERE `id`=%s LIMIT 1", + array($row, $data, bigintval($id)), __FUNCTION__, __LINE__); } + +// Checks wether if the admin menu has entries +function ifAdminMenuHasEntries ($action) { + return ( + (( + isset($GLOBALS['admin_menu_has_entries'][$action]) + ) && ( + $GLOBALS['admin_menu_has_entries'][$action] === true + )) || ( + $action == 'login' + ) + ); +} + +// Setter for 'admin_menu_has_entries' +function setAdminMenuHasEntries ($action, $hasEntries) { + $GLOBALS['admin_menu_has_entries'][$action] = (bool) $hasEntries; +} + +// Creates a link to the user's admin-profile +function ADMIN_CREATE_USERID_LINK ($uid) { + // Is the userid set correctly? + if ($uid > 0) { + // Create a link to that profile + return '{!URL!}/modules.php?module=admin&what=list_user&uid='.bigintval($uid); + } // END - if + + // Return a link to the user list + return '{!URL!}/modules.php?module=admin&what=list_user'; +} + // ?>