X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fadmin-inc.php;h=5d655b2f74b4fac3935630f250db0f6b54d4a08f;hp=2e47837431641f431c3e483a6c55638377c51bde;hb=8da353fa4bb729bb3299d247803c23833a52a327;hpb=4264b4f73e06a6b957330a9972efe600a8ff4ab5 diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php index 2e47837431..5d655b2f74 100644 --- a/inc/modules/admin/admin-inc.php +++ b/inc/modules/admin/admin-inc.php @@ -41,7 +41,7 @@ if (!defined('__SECURITY')) { } // END - if // Register an administrator account -function addAdminAccount ($adminLogin, $passHash, $adminEmail) { +function addAdminAccount ($adminLogin, $passHash, $adminEmail, $accessLevel = 'deny') { // Login does already exist $ret = 'already'; @@ -51,13 +51,25 @@ function addAdminAccount ($adminLogin, $passHash, $adminEmail) { // Is the entry there? if (SQL_HASZERONUMS($result)) { - // Ok, let's create the admin login - SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`,`password`,`email`) VALUES ('%s', '%s', '%s')", - array( - $adminLogin, - $passHash, - $adminEmail - ), __FUNCTION__, __LINE__); + // Is ext-admins installed and version at least 0.3.0? + if (isExtensionInstalledAndNewer('admins', '0.3.0')) { + // Ok, let's create the admin login + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`, `default_acl`) VALUES ('%s', '%s', '%s', '%s')", + array( + $adminLogin, + $passHash, + $adminEmail, + $accessLevel + ), __FUNCTION__, __LINE__); + } else { + // Ok, let's create the admin login + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')", + array( + $adminLogin, + $passHash, + $adminEmail + ), __FUNCTION__, __LINE__); + } // All done $ret = 'done'; @@ -80,7 +92,7 @@ function ifAdminLoginDataIsValid ($adminLogin, $adminPassword) { $adminId = getAdminId($adminLogin); // Continue only with found admin ids - if ($adminId > 0) { + if (isValidId($adminId)) { // Then we need to lookup the login name by getting the admin hash $adminHash = getAdminHash($adminId); @@ -133,12 +145,15 @@ function ifAdminCookiesAreValid ($adminLogin, $passHash) { //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'adminLogin=' . $adminLogin . ',passHash='.$passHash.',adminHash='.$adminHash.',testHash='.$testHash); // If they both match, the login data is valid - if ($testHash == $passHash) { + if ($testHash != $passHash) { + // Passwords don't match + $ret = 'password'; + } elseif (!isAdmin()) { + // Is not valid session + $ret = 'session'; + } else { // All fine $ret = 'done'; - } else { - // Set status - $ret = 'password'; } } // END - if @@ -158,18 +173,18 @@ function doAdminAction () { // Load welcome template if (isExtensionActive('admins')) { // @TODO This and the next getCurrentAdminId() call might be moved into the templates? - $content['welcome'] = loadTemplate('admin_welcome_admins', true, getCurrentAdminId()); + $content['welcome'] = loadTemplate('admin_welcome_admins', TRUE, getCurrentAdminId()); } else { - $content['welcome'] = loadTemplate('admin_welcome', true, getCurrentAdminId()); + $content['welcome'] = loadTemplate('admin_welcome', TRUE, getCurrentAdminId()); } // Load header, footer, render menu - $content['header'] = loadTemplate('admin_header' , true, $content); - $content['footer'] = loadTemplate('admin_footer' , true, $content); + $content['header'] = loadTemplate('admin_header' , TRUE, $content); + $content['footer'] = loadTemplate('admin_footer' , TRUE, $content); $content['menu'] = addAdminMenu($action, $what); // Load main template - loadTemplate('admin_main', false, $content); + loadTemplate('admin_main', FALSE, $content); // Check if action/what pair is valid $result_action = SQL_QUERY_ESC("SELECT @@ -200,26 +215,26 @@ LIMIT 1", if (SQL_NUMROWS($result_action) == 1) { // Is valid but does the inlcude file exists? $inc = sprintf("inc/modules/admin/action-%s.php", $action); - if ((isIncludeReadable($inc)) && (isMenuActionValid('admin', $action, $what)) && ($GLOBALS['acl_allow'] === true)) { + if ((isIncludeReadable($inc)) && (isMenuActionValid('admin', $action, $what)) && ($GLOBALS['acl_allow'] === TRUE)) { // Ok, we finally load the admin action module loadInclude($inc); - } elseif ($GLOBALS['acl_allow'] === false) { + } elseif ($GLOBALS['acl_allow'] === FALSE) { // Access denied - loadTemplate('admin_menu_failed', false, '{%message,ADMIN_ACCESS_DENIED=' . $what . '%}'); + loadTemplate('admin_menu_failed', FALSE, '{%message,ADMIN_ACCESS_DENIED=' . $what . '%}'); } else { // Include file not found :-( - loadTemplate('admin_menu_failed', false, '{%message,ADMIN_ACTION_404=' . $action . '%}'); + loadTemplate('admin_menu_failed', FALSE, '{%message,ADMIN_ACTION_404=' . $action . '%}'); } } else { // Invalid action/what pair found - loadTemplate('admin_menu_failed', false, '{%message,ADMIN_ACTION_INVALID=' . $action . '/' . $what . '%}'); + loadTemplate('admin_menu_failed', FALSE, '{%message,ADMIN_ACTION_INVALID=' . $action . '/' . $what . '%}'); } // Free memory SQL_FREERESULT($result_action); // Tableset footer - loadTemplate('admin_main_footer', false, $content); + loadTemplate('admin_main_footer', FALSE, $content); } /** @@ -241,7 +256,7 @@ function isAdminAllowedAccessMenu ($action, $what = NULL) { // Adds an admin menu function addAdminMenu ($action, $what) { // Init variables - $SUB = false; + $SUB = FALSE; $OUT = ''; // Menu descriptions @@ -272,7 +287,7 @@ ORDER BY // Is the current admin allowed to access this 'action' menu? if (isAdminAllowedAccessMenu($mainContent['main_action'])) { - if ($SUB === false) { + if ($SUB === FALSE) { // Insert compiled menu title and description $GLOBALS['menu']['title'][$mainContent['main_action']] = $mainContent['main_title']; $GLOBALS['menu']['description'][$mainContent['main_action']] = $mainContent['main_descr']; @@ -353,7 +368,7 @@ ORDER BY // Are there entries? if (ifAdminMenuHasEntries($mainContent['main_action'])) { // Sub menu has been called - $SUB = true; + $SUB = TRUE; // Are there entries? if (!SQL_HASZERONUMS($result_what)) { @@ -442,8 +457,17 @@ ORDER BY // Load all entries while ($content = SQL_FETCHARRAY($result)) { + // Default is none + $content['default'] = ''; + + // Is the id the same? + if ($content['id'] == $adminId) { + // Set this as default + $content['default'] = ' selected="selected"'; + } // END - if + // Add the entry - $OUT .= loadTemplate('select_admins_option', true, $content); + $OUT .= loadTemplate('select_admins_option', TRUE, $content); } // END - if // Free memory @@ -453,11 +477,11 @@ ORDER BY $content['form_selection'] = $OUT; // Output form - loadTemplate('select_admins_box', false, $content); + loadTemplate('select_admins_box', FALSE, $content); } // Create a member selection box -function addMemberSelectionBox ($userid = NULL, $add_all = false, $return = false, $none = false, $field = 'userid', $whereStatement = " WHERE `surname` NOT LIKE '{?tester_user_surname_prefix?}%'") { +function addMemberSelectionBox ($userid = NULL, $add_all = FALSE, $return = FALSE, $none = FALSE, $field = 'userid', $whereStatement = " WHERE `surname` NOT LIKE '{?tester_user_surname_prefix?}%'") { // Output selection form with all confirmed user accounts listed $result = SQL_QUERY('SELECT `userid`, @@ -473,9 +497,9 @@ ORDER BY $OUT = ''; // USe this only for adding points (e.g. adding refs really makes no sence ;-) ) - if ($add_all === true) { + if ($add_all === TRUE) { $OUT = ' '; - } elseif ($none === true) { + } elseif ($none === TRUE) { $OUT = ' '; } @@ -483,7 +507,7 @@ ORDER BY while ($content = SQL_FETCHARRAY($result)) { //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . intval($userid) . '/' . $content['userid']); $OUT .= ''; @@ -704,18 +737,18 @@ function generateUserProfileLink ($userid, $title = '', $what = '') { // Is there cache? if (!isset($GLOBALS[__FUNCTION__][$userid][$title . '_' . $what])) { // Is title empty and valid userid? - if (($title == '') && (isValidUserId($userid))) { + if (($title == '') && (isValidId($userid))) { // Set userid as title $title = $userid; - } elseif (!isValidUserId($userid)) { + } elseif (!isValidId($userid)) { // User id zero is invalid return '' . convertNullToZero($userid) . ''; } // Is what set? if (empty($what)) { - // Then get it - $what = getWhat(); + // Then get it to 'list_user' + $what = 'list_user'; } // END - if if (($title == '0') && ($what == 'list_refs')) { @@ -748,7 +781,7 @@ function adminGetMenuMode () { // Set the default menu mode as the mode for all admins $mode = 'global'; - // If sql_patches is up-to-date enough, use the configuration + // If ext-sql_patches is up-to-date enough, use the configuration if (isExtensionInstalledAndNewer('sql_patches', '0.3.2')) { $mode = getAdminMenu(); } // END - if @@ -844,9 +877,10 @@ function adminChangeActivationStatus ($IDs, $table, $row, $idRow = 'id') { } // Build a special template list -function adminListBuilder ($listType, $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId = array('userid')) { +// @TODO cacheFiles is not yet supported +function adminListBuilder ($listType, $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId = array('userid'), $content = array()) { // Call inner (general) function - doGenericListBuilder('admin', $listType, $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId); + doGenericListBuilder('admin', $listType, $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId, $content); } // Change status of "build" list @@ -908,7 +942,7 @@ function adminBuilderStatusHandler ($mode, $tableName, $columns, $filterFunction // Add other columns as well foreach (postRequestArray() as $key => $entries) { // Debug message - logDebugMessage(__FUNCTION__, __LINE__, 'Found entry: ' . $key); + /* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Found entry: ' . $key); // Skip id, raw userid and 'do_$mode' if (!in_array($key, array($idColumn[0], $rawUserId[0], ('do_' . $mode)))) { @@ -923,7 +957,7 @@ function adminBuilderStatusHandler ($mode, $tableName, $columns, $filterFunction // Add entry $content[$key] = $entries[$id]; } - } else { + } elseif (isDebugModeEnabled()) { // Skipped entry logDebugMessage(__FUNCTION__, __LINE__, 'Skipped: ' . $key); } @@ -946,7 +980,7 @@ function adminBuilderStatusHandler ($mode, $tableName, $columns, $filterFunction } // Delete rows by given id numbers -function adminDeleteEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $deleteNow = array(false), $idColumn = array('id'), $userIdColumn = array('userid'), $rawUserId = array('userid'), $cacheFiles = array()) { +function adminDeleteEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $deleteNow = array(FALSE), $idColumn = array('id'), $userIdColumn = array('userid'), $rawUserId = array('userid'), $cacheFiles = array(), $content = array()) { // $tableName must be an array if ((!is_array($tableName)) || (count($tableName) != 1)) { // No tableName specified @@ -963,7 +997,7 @@ function adminDeleteEntriesConfirm ($tableName, $columns = array(), $filterFunct } // END - if // Shall we delete here or list for deletion? - if ($deleteNow[0] === true) { + if ($deleteNow[0] === TRUE) { // Call generic function $affected = doGenericDeleteEntriesConfirm($tableName, $columns, $filterFunctions, $extraValues, $deleteNow, $idColumn, $userIdColumn, $rawUserId, $cacheFiles); @@ -977,12 +1011,12 @@ function adminDeleteEntriesConfirm ($tableName, $columns = array(), $filterFunct } } else { // List for deletion confirmation - adminListBuilder('delete', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); + adminListBuilder('delete', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId, $content); } } // Edit rows by given id numbers -function adminEditEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $timeColumns = array(), $editNow = array(false), $idColumn = array('id'), $userIdColumn = array('userid'), $rawUserId = array('userid'), $cacheFiles = array()) { +function adminEditEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $timeColumns = array(), $editNow = array(FALSE), $idColumn = array('id'), $userIdColumn = array('userid'), $rawUserId = array('userid'), $cacheFiles = array(), $content = array()) { // $tableName must be an array if ((!is_array($tableName)) || (count($tableName) != 1)) { // No tableName specified @@ -999,7 +1033,7 @@ function adminEditEntriesConfirm ($tableName, $columns = array(), $filterFunctio } // END - if // Shall we change here or list for editing? - if ($editNow[0] === true) { + if ($editNow[0] === TRUE) { // Call generic change method $affected = doGenericEditEntriesConfirm($tableName, $columns, $filterFunctions, $extraValues, $timeColumns, $editNow, $idColumn, $userIdColumn, $rawUserId, $cacheFiles); @@ -1013,12 +1047,13 @@ function adminEditEntriesConfirm ($tableName, $columns = array(), $filterFunctio } } else { // List for editing - adminListBuilder('edit', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn); + adminListBuilder('edit', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId, $content); } } // Un-/lock rows by given id numbers -function adminLockEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $statusArray = array(), $lockNow = array(false), $idColumn = array('id'), $userIdColumn = array('userid')) { +// @TODO rawUserId/content is not yet supported +function adminLockEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $statusArray = array(), $lockNow = array(FALSE), $idColumn = array('id'), $userIdColumn = array('userid')) { // $tableName must be an array if ((!is_array($tableName)) || (count($tableName) != 1)) { // No tableName specified @@ -1032,7 +1067,7 @@ function adminLockEntriesConfirm ($tableName, $columns = array(), $filterFunctio } // END - if // Shall we un-/lock here or list for locking? - if ($lockNow[0] === true) { + if ($lockNow[0] === TRUE) { // Un-/lock entries adminBuilderStatusHandler('lock', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray); } else { @@ -1042,7 +1077,8 @@ function adminLockEntriesConfirm ($tableName, $columns = array(), $filterFunctio } // Undelete rows by given id numbers -function adminUndeleteEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $statusArray = array(), $undeleteNow = array(false), $idColumn = array('id'), $userIdColumn = array('userid')) { +// @TODO rawUserId/cacheFiles/content is not yet supported +function adminUndeleteEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $statusArray = array(), $undeleteNow = array(FALSE), $idColumn = array('id'), $userIdColumn = array('userid')) { // $tableName must be an array if ((!is_array($tableName)) || (count($tableName) != 1)) { // No tableName specified @@ -1056,7 +1092,7 @@ function adminUndeleteEntriesConfirm ($tableName, $columns = array(), $filterFun } // END - if // Shall we un-/lock here or list for locking? - if ($undeleteNow[0] === true) { + if ($undeleteNow[0] === TRUE) { // Undelete entries adminBuilderStatusHandler('undelete', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $statusArray); } else { @@ -1067,11 +1103,17 @@ function adminUndeleteEntriesConfirm ($tableName, $columns = array(), $filterFun // Adds a given entry to the database function adminAddEntries ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $timeColumns = array(), $columnIndex = NULL) { + // Is the userid set? + if (!isPostRequestElementSet('userid')) { + // Then set NULL here + setPostRequestElement('userid', NULL); + } // END - if + // Call inner function doGenericAddEntries($tableName, $columns, $filterFunctions, $extraValues, $timeColumns, $columnIndex); // Entry has been added? - if ((!SQL_HASZEROAFFECTED()) && ($GLOBALS['__XML_PARSE_RESULT'] === true)) { + if ((!SQL_HASZEROAFFECTED()) && ($GLOBALS['__XML_PARSE_RESULT'] === TRUE)) { // Display success message displayMessage('{--ADMIN_ENTRY_ADDED--}'); } else { @@ -1086,7 +1128,7 @@ function adminTestProxySettings ($settingsArray) { mergeConfig($settingsArray); // Now get the test URL - $content = sendGetRequest('check-updates3.php'); + $content = sendHttpGetRequest('check-updates3.php'); // Is the first line with "200 OK"? $valid = isInString('200 OK', $content[0]); @@ -1101,7 +1143,7 @@ function sendAdminPasswordResetLink ($email) { $OUT = ''; // Look up administator login - $result = SQL_QUERY_ESC("SELECT `id`,`login`,`password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE '%s' REGEXP `email` LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `id`, `login`, `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE '%s' REGEXP `email` LIMIT 1", array($email), __FUNCTION__, __LINE__); // Is there an account? @@ -1136,10 +1178,10 @@ function sendAdminPasswordResetLink ($email) { // Validate hash and login for password reset function adminResetValidateHashLogin ($hash, $login) { // By default nothing validates... ;) - $valid = false; + $valid = FALSE; // Then try to find that user - $result = SQL_QUERY_ESC("SELECT `id`,`password`,`email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT `id`, `password`, `email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1", array($login), __FUNCTION__, __LINE__); // Is an account here? @@ -1163,7 +1205,7 @@ function adminResetValidateHashLogin ($hash, $login) { // Reset the password for the login. Do NOT call this function without calling above function first! function doResetAdminPassword ($login, $password) { - // Generate hash (we already check for sql_patches in generateHash()) + // Generate hash (we already check for ext-sql_patches in generateHash()) $passHash = generateHash($password); // Prepare fake POST data @@ -1173,7 +1215,7 @@ function doResetAdminPassword ($login, $password) { ); // Update database - $message = adminsChangeAdminAccount($postData, '', false); + $message = adminsChangeAdminAccount($postData, '', FALSE); // Run filters runFilterChain('post_form_reset_pass', array('login' => $login, 'hash' => $passHash, 'message' => $message)); @@ -1226,7 +1268,7 @@ function ifAdminMenuHasEntries ($action) { isset($GLOBALS['admin_menu_has_entries'][$action]) ) && ( // And do we have a menu for this action? - $GLOBALS['admin_menu_has_entries'][$action] === true + $GLOBALS['admin_menu_has_entries'][$action] === TRUE )) || ( // Login has always a menu $action == 'login' @@ -1242,7 +1284,7 @@ function setAdminMenuHasEntries ($action, $hasEntries) { // Creates a link to the user's admin-profile function adminCreateUserLink ($userid) { // Is the userid set correctly? - if (isValidUserId($userid)) { + if (isValidId($userid)) { // Create a link to that profile return '{%url=modules.php?module=admin&what=list_user&userid=' . bigintval($userid) . '%}'; } // END - if @@ -1257,7 +1299,7 @@ function generateAdminLink ($adminId) { $adminLink = '{--ADMIN_NO_ADMIN_ASSIGNED--}'; // Zero? = Not assigned - if (isValidUserId($adminId)) { + if (isValidId($adminId)) { // Load admin's login $login = getAdminLogin($adminId); @@ -1303,7 +1345,7 @@ function doVerifyExpertSettings () { // Okay, does he want to see them? if (isAdminsExpertWarningEnabled()) { // Ask for them - if (isFormSent()) { + if (isFormSent('save_expert')) { // Is the element set, then we need to change the admin if (isPostRequestElementSet('expert_settings')) { // Get it and prepare final post data array @@ -1312,9 +1354,6 @@ function doVerifyExpertSettings () { // Change it in the admin adminsChangeAdminAccount($postData, 'expert_warning'); - - // Clear form - unsetPostRequestElement('ok'); } // END - if // All fine! @@ -1330,6 +1369,13 @@ function doVerifyExpertSettings () { // Do not display $return = 'agreed'; } + + // Is a form sent? + if ((isFormSent()) && (isPostRequestElementSet('expert_settings'))) { + // Clear form + unsetPostRequestElement('ok'); + unsetPostRequestElement('expert_settings'); + } // END - if } else { // Forbidden $return = 'forbidden'; @@ -1350,14 +1396,14 @@ function doVerifyExpertSettings () { } // Generate link to unconfirmed mails for admin -function generateUnconfirmedAdminLink ($id, $unconfirmed, $type = 'bid') { +function generateUnconfirmedAdminLink ($id, $unconfirmed, $type) { // Init output $OUT = $unconfirmed; // Is there unconfirmed mails? if ($unconfirmed > 0) { // Add link to list_unconfirmed what-file - $OUT = '{%pipe,translateComma=' . $unconfirmed . '%}'; + $OUT = '{%pipe,translateComma=' . $unconfirmed . '%}'; } // END - if // Return it @@ -1373,7 +1419,7 @@ function addEmailNavigation ($numPages, $offset, $show_form, $colspan, $return=f } // END - if $TOP = ''; - if ($show_form === false) { + if ($show_form === FALSE) { $TOP = ' top'; } // END - if @@ -1388,7 +1434,7 @@ function addEmailNavigation ($numPages, $offset, $show_form, $colspan, $return=f $NAV .= ''; @@ -1415,9 +1461,9 @@ function addEmailNavigation ($numPages, $offset, $show_form, $colspan, $return=f $content['top'] = $TOP; // Load navigation template - $OUT = loadTemplate('admin_email_nav_row', true, $content); + $OUT = loadTemplate('admin_email_nav_row', TRUE, $content); - if ($return === true) { + if ($return === TRUE) { // Return generated HTML-Code return $OUT; } else { @@ -1554,5 +1600,141 @@ function doAdminProcessMenuWeightning ($type, $AND) { } // END - if } +// Function to register first admin +function registerFirstAdmin () { + // Make sure that no admin is registered + assert(!isAdminRegistered()); + + // Admin is not registered so we have to inform the user + if ((isFormSent('add_first_admin')) && ((!isPostRequestElementSet('admin_login')) || (!isPostRequestElementSet('admin_password1')) || (strlen(postRequestElement('admin_password1')) < getConfig('minium_admin_pass_length')) || (!isPostRequestElementSet('admin_password2')) || (strlen(postRequestElement('admin_password2')) < getConfig('minium_admin_pass_length')) || (postRequestElement('admin_password1') != postRequestElement('admin_password2')))) { + setPostRequestElement('add_first_admin', '***'); + } // END - if + + // Clear error message + $errorMessage = ''; + $ret = 'init'; + + // Is form for first admin sent? + if ((isFormSent('add_first_admin')) && (postRequestElement('add_first_admin') != '***')) { + // Hash the password with the old function because we are here in install mode + $hashedPass = md5(postRequestElement('admin_password1')); + + // Kill maybe existing session variables + destroyAdminSession(); + + // Do registration + $ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster(), 'allow'); + + // Check if registration wents fine + switch ($ret) { + case 'done': + // Change ADMIN_REGISTERED entry + $done = changeDataInLocalConfigurationFile('ADMIN-SETUP', "setConfigEntry('ADMIN_REGISTERED', '", "');", 'Y', 0); + + // Was it successfull? + if ($done === TRUE) { + // Registering is done + redirectToUrl('modules.php?module=admin&register=done'); + } else { + // Registration incomplete + $errorMessage = '{--ADMIN_CANNOT_COMPLETE--}'; + + // Set this to have our error message displayed + setPostRequestElement('add_first_admin', '***'); + } + break; + + case 'failed': // Registration has failed + $errorMessage = '{--ADMIN_REGISTER_FAILED--}'; + + // Set this to have our error message displayed + setPostRequestElement('add_first_admin', '***'); + break; + + case 'already': // Admin does already exists! + $errorMessage = '{--ADMIN_LOGIN_ALREADY_REG--}'; + + // Set this to have our error message displayed + setPostRequestElement('add_first_admin', '***'); + break; + + default: + // Any other kind will be logged + $errorMessage = sprintf("Unknown return code %s from ifAdminLoginDataIsValid().", $ret); + logDebugMessage(__FUNCTION__, __LINE__, $errorMessage); + + // Set this to have our error message displayed + setPostRequestElement('add_first_admin', '***'); + break; + } // END - switch + } // END - if + + // Whas that action okay? + if ($ret != 'done') { + // Init login name + $content['admin_login'] = ''; + if (isPostRequestElementSet('admin_login')) { + $content['admin_login'] = postRequestElement('admin_login'); + } // END - if + + // Init array elements + $content['login_message'] = ''; + $content['password1_message'] = ''; + $content['password2_message'] = ''; + $content['error_message'] = ''; + + // Yet-another notice-fix + if ((isFormSent('add_first_admin')) && (postRequestElement('add_first_admin') == '***')) { + // Init variables + $loginMessage = ''; + $password1Message = ''; + $password2Message = ''; + + // No login entered? + if (empty($content['admin_login'])) { + $loginMessage = '{--ADMIN_NO_LOGIN--}'; + } // END - if + + // An error comes back from registration? + if ((!empty($ret)) && ($ret != 'init')) { + $loginMessage = $errorMessage; + } // END - if + + // No password 1 entered or to short? + if (!isPostRequestElementSet('admin_password1')) { + $password1Message = '{--ADMIN_NO_PASSWORD1--}'; + } elseif (strlen(postRequestElement('admin_password1')) < getConfig('minium_admin_pass_length')) { + $password1Message = '{--ADMIN_SHORT_PASSWORD1--}'; + } + + // No password 2 entered or to short? + if (!isPostRequestElementSet('admin_password2')) { + $password2Message = '{--ADMIN_NO_PASSWORD2--}'; + } elseif (strlen(postRequestElement('admin_password2')) < getConfig('minium_admin_pass_length')) { + $password2Message = '{--ADMIN_SHORT_PASSWORD2--}'; + } + + // Both didn't match? + if (postRequestElement('admin_password1') != postRequestElement('admin_password2')) { + // No match + if (empty($password1Message)) $password1Message = '{--ADMIN_PASSWORD1_MISMATCH--}'; + if (empty($password2Message)) $password2Message = '{--ADMIN_PASSWORD2_MISMATCH--}'; + } // END - if + + // Output error messages + $content['login_message'] = loadTemplate('admin_login_msg', TRUE, $loginMessage); + $content['password1_message'] = loadTemplate('admin_login_msg', TRUE, $password1Message); + $content['password2_message'] = loadTemplate('admin_login_msg', TRUE, $password2Message); + $content['error_message'] = loadTemplate('admin_login_msg', TRUE, $errorMessage); + } // END - if + + // Output message in seperate template + displayMessage('{--ADMIN_ACCOUNT_NOT_REGISTERED_YET--}'); + + // Load register template + loadTemplate('admin_reg_form', FALSE, $content); + } // END - if +} + // [EOF] ?>