X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fadmin-inc.php;h=426440e50d6ffc9673a842aee76af5068e03d0d6;hp=ffdab4e9b2be7d23068c1312fe87fe32158bc6c4;hb=b73179774f08d52b76fe1836ab80f085f05f8e46;hpb=8268379f7f0f38f5cd605714ecd5cbfacff0e282
diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index ffdab4e9b2..426440e50d 100644
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -228,7 +228,7 @@ function ifAdminCookiesAreValid ($admin, $password) {
//* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):".generatePassString($pass).'('.strlen($pass).")/".$password.'('.strlen($password).")
");
// Check if password matches
- if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass)))) {
+ if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass))) && (isAdmin())) {
// Passwords matches!
$ret = 'done';
} // END - if
@@ -238,7 +238,10 @@ function ifAdminCookiesAreValid ($admin, $password) {
}
// Do an admin action
-function doAdminAction ($what) {
+function doAdminAction () {
+ // Get default what
+ $what = getWhat();
+
//* DEBUG: */ outputHtml(__LINE__."*".$what.'/'.getModule().'/'.getAction().'/'.getWhat()."*
");
// Remove any spaces from variable
@@ -246,14 +249,14 @@ function doAdminAction ($what) {
// Default admin action is the overview page
$what = 'overview';
} else {
- // Compile out some chars
- $what = compileCode($what, false, false, false);
+ // Secure it
+ $what = secureString($what);
}
// Get action value
$action = getModeAction(getModule(), $what);
- // Define admin login name and ID number
+ // Define admin login name and id number
$content['login'] = getSession('admin_login');
$content['id'] = getCurrentAdminId();
@@ -269,6 +272,12 @@ function doAdminAction ($what) {
// Tableset header
loadTemplate('admin_main_header', false, $content);
+ // Is sql_patches not yet installed?
+ if (!isExtensionInstalled('sql_patches')) {
+ // Output warning
+ loadTemplate('admin_settings_saved', false, getMessage('ADMIN_WARNING_SQL_PATCHES_MISSING'));
+ } // END - if
+
// Check if action/what pair is valid
$result_action = SQL_QUERY_ESC("SELECT
`id`
@@ -287,7 +296,8 @@ WHERE
)
)
)
-LIMIT 1", array($action, $what, $what), __FUNCTION__, __LINE__);
+LIMIT 1",
+ array($action, $what, $what), __FUNCTION__, __LINE__);
if (SQL_NUMROWS($result_action) == 1) {
// Is valid but does the inlcude file exists?
$inc = sprintf("inc/modules/admin/action-%s.php", $action);
@@ -333,6 +343,8 @@ WHERE
ORDER BY
`sort` ASC,
`id` DESC", __FUNCTION__, __LINE__);
+
+ // Do we have entries?
if (SQL_NUMROWS($result_main) > 0) {
$OUT = "