X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fadmin-inc.php;h=9360b73c8ae581708cb69e5f1327a36f3c1fa0d0;hp=a9ba79610137c0a415f9006d98b13535aaa9573b;hb=e5dffd4249c97200cbad02f3f4eaf5c373fdb89a;hpb=7052cc3bd3ca07281078acbbce6ce595d753def1

diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index a9ba796101..9360b73c8a 100644
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -16,7 +16,7 @@
  * $Author::                                                          $ *
  * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
- * Copyright (c) 2009 - 2012 by Mailer Developer Team                   *
+ * Copyright (c) 2009 - 2013 by Mailer Developer Team                   *
  * For more information visit: http://mxchange.org                      *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
@@ -41,30 +41,45 @@ if (!defined('__SECURITY')) {
 } // END - if
 
 // Register an administrator account
-function addAdminAccount ($adminLogin, $passHash, $adminEmail) {
+function addAdminAccount ($adminLogin, $passHash, $adminEmail, $accessLevel = 'deny') {
+	// Only let valid data pass
+	assert(in_array($accessLevel, array('allow', 'deny')));
+
 	// Login does already exist
 	$ret = 'already';
 
 	// Lookup the admin
-	$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
+	$result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
 		array($adminLogin), __FUNCTION__, __LINE__);
 
 	// Is the entry there?
-	if (SQL_HASZERONUMS($result)) {
-		// Ok, let's create the admin login
-		SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')",
-			array(
-				$adminLogin,
-				$passHash,
-				$adminEmail
-			), __FUNCTION__, __LINE__);
+	if (ifSqlHasZeroNums($result)) {
+		// Is ext-admins installed and version at least 0.3.0?
+		if (isExtensionInstalledAndNewer('admins', '0.3.0')) {
+			// Ok, let's create the admin login
+			sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`, `default_acl`) VALUES ('%s', '%s', '%s', '%s')",
+				array(
+					$adminLogin,
+					$passHash,
+					$adminEmail,
+					$accessLevel
+				), __FUNCTION__, __LINE__);
+		} else {
+			// Ok, let's create the admin login
+			sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_admins` (`login`, `password`, `email`) VALUES ('%s', '%s', '%s')",
+				array(
+					$adminLogin,
+					$passHash,
+					$adminEmail
+				), __FUNCTION__, __LINE__);
+		}
 
 		// All done
 		$ret = 'done';
 	} // END - if
 
 	// Free memory
-	SQL_FREERESULT($result);
+	sqlFreeResult($result);
 
 	// Return result
 	return $ret;
@@ -80,7 +95,7 @@ function ifAdminLoginDataIsValid ($adminLogin, $adminPassword) {
 	$adminId = getAdminId($adminLogin);
 
 	// Continue only with found admin ids
-	if ($adminId > 0) {
+	if (isValidId($adminId)) {
 		// Then we need to lookup the login name by getting the admin hash
 		$adminHash = getAdminHash($adminId);
 
@@ -175,7 +190,7 @@ function doAdminAction () {
 	loadTemplate('admin_main', FALSE, $content);
 
 	// Check if action/what pair is valid
-	$result_action = SQL_QUERY_ESC("SELECT
+	$result_action = sqlQueryEscaped("SELECT
 	`id`
 FROM
 	`{?_MYSQL_PREFIX?}_admin_menu`
@@ -200,7 +215,7 @@ LIMIT 1",
 		), __FUNCTION__, __LINE__);
 
 	// Is there an entry?
-	if (SQL_NUMROWS($result_action) == 1) {
+	if (sqlNumRows($result_action) == 1) {
 		// Is valid but does the inlcude file exists?
 		$inc = sprintf("inc/modules/admin/action-%s.php", $action);
 		if ((isIncludeReadable($inc)) && (isMenuActionValid('admin', $action, $what)) && ($GLOBALS['acl_allow'] === TRUE)) {
@@ -219,7 +234,7 @@ LIMIT 1",
 	}
 
 	// Free memory
-	SQL_FREERESULT($result_action);
+	sqlFreeResult($result_action);
 
 	// Tableset footer
 	loadTemplate('admin_main_footer', FALSE, $content);
@@ -252,7 +267,7 @@ function addAdminMenu ($action, $what) {
 	$GLOBALS['menu']['title']       = array();
 
 	// Build main menu
-	$result_main = SQL_QUERY("SELECT
+	$result_main = sqlQuery("SELECT
 	`action` AS `main_action`,
 	`title` AS `main_title`,
 	`descr` AS `main_descr`
@@ -265,11 +280,11 @@ ORDER BY
 	`id` DESC", __FUNCTION__, __LINE__);
 
 	// Are there entries?
-	if (!SQL_HASZERONUMS($result_main)) {
+	if (!ifSqlHasZeroNums($result_main)) {
 		$OUT .= '<ul class="admin_menu_main">';
 
 		// Load all 'action' menus
-		while ($mainContent = SQL_FETCHARRAY($result_main)) {
+		while ($mainContent = sqlFetchArray($result_main)) {
 			// Filename
 			$inc = sprintf("inc/modules/admin/action-%s.php", $mainContent['main_action']);
 
@@ -319,7 +334,7 @@ ORDER BY
 		$OUT .= '</ul>';
 
 		// Free memory
-		SQL_FREERESULT($result_main);
+		sqlFreeResult($result_main);
 	} // END - if
 
 	// Return content
@@ -332,7 +347,7 @@ function addAdminSubMenu ($mainContent, $action, $what) {
 	$OUT = '';
 
 	// Check for menu entries
-	$result_what = SQL_QUERY_ESC("SELECT
+	$result_what = sqlQueryEscaped("SELECT
 	`what` AS `sub_what`,
 	`title` AS `sub_title`,
 	`descr` AS `sub_descr`
@@ -348,7 +363,7 @@ ORDER BY
 		array($mainContent['main_action']), __FUNCTION__, __LINE__);
 
 	// Remember the count for later checks
-	setAdminMenuHasEntries($mainContent['main_action'], ((!SQL_HASZERONUMS($result_what)) && (($action == $mainContent['main_action']) || (isAdminMenuJavascriptEnabled()))));
+	setAdminMenuHasEntries($mainContent['main_action'], ((!ifSqlHasZeroNums($result_what)) && (($action == $mainContent['main_action']) || (isAdminMenuJavascriptEnabled()))));
 
 	// Start li-tag for sub menu content
 	$OUT .= '<li class="admin_menu_sub" id="action_menu_' . $mainContent['main_action'] . '"' . addStyleMenuContent('admin', $mainContent['main_action'], $action) . '>';
@@ -359,12 +374,12 @@ ORDER BY
 		$SUB = TRUE;
 
 		// Are there entries?
-		if (!SQL_HASZERONUMS($result_what)) {
+		if (!ifSqlHasZeroNums($result_what)) {
 			// Start HTML code
 			$OUT .= '<ul class="admin_menu_sub">';
 
 			// Load all entries
-			while ($subContent = SQL_FETCHARRAY($result_what)) {
+			while ($subContent = sqlFetchArray($result_what)) {
 				// Filename
 				$inc = sprintf("inc/modules/admin/what-%s.php", $subContent['sub_what']);
 
@@ -409,7 +424,7 @@ ORDER BY
 		} // END - if
 
 		// Free memory
-		SQL_FREERESULT($result_what);
+		sqlFreeResult($result_what);
 	} // END - if
 
 	// Close li-tag
@@ -431,7 +446,7 @@ function addAdminSelectionBox ($adminId = NULL, $special = '') {
 	} // END - if
 
 	// Query all entries
-	$result = SQL_QUERY('SELECT
+	$result = sqlQuery('SELECT
 	`id`,
 	`login`
 	' . $ADD . '
@@ -444,7 +459,7 @@ ORDER BY
 	$OUT = '';
 
 	// Load all entries
-	while ($content = SQL_FETCHARRAY($result)) {
+	while ($content = sqlFetchArray($result)) {
 		// Default is none
 		$content['default'] = '';
 
@@ -459,7 +474,7 @@ ORDER BY
 	} // END - if
 
 	// Free memory
-	SQL_FREERESULT($result);
+	sqlFreeResult($result);
 
 	// Add form to content
 	$content['form_selection'] = $OUT;
@@ -471,7 +486,7 @@ ORDER BY
 // Create a member selection box
 function addMemberSelectionBox ($userid = NULL, $add_all = FALSE, $return = FALSE, $none = FALSE, $field = 'userid', $whereStatement = " WHERE `surname` NOT LIKE '{?tester_user_surname_prefix?}%'") {
 	// Output selection form with all confirmed user accounts listed
-	$result = SQL_QUERY('SELECT
+	$result = sqlQuery('SELECT
 	`userid`,
 	`surname`,
 	`family`
@@ -492,17 +507,17 @@ ORDER BY
 	}
 
 	// Load all entries
-	while ($content = SQL_FETCHARRAY($result)) {
+	while ($content = sqlFetchArray($result)) {
 		//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . intval($userid) . '/' . $content['userid']);
 		$OUT .= '<option value="' . bigintval($content['userid']) . '"';
-		if (bigintval($userid) === bigintval($content['userid'])) {
+		if ($userid === $content['userid']) {
 			$OUT .= ' selected="selected"';
 		} // END - if
-		$OUT .= '>' . $content['surname'] . ' ' . $content['family'] . ' (' . bigintval($content['userid']) . ')</option>';
+		$OUT .= '>' . $content['surname'] . ' ' . $content['family'] . ' (' . $content['userid'] . ')</option>';
 	} // END - while
 
 	// Free memory
-	SQL_FREERESULT($result);
+	sqlFreeResult($result);
 
 	if ($return === FALSE) {
 		// Remeber options in constant
@@ -524,16 +539,16 @@ function adminMenuSelectionBox_DEPRECATED ($mode, $default = '', $defid = '') {
 	$what = "`what` != '' AND `what` IS NOT NULL";
 	if ($mode == 'action') $what = "(`what`='' OR `what` IS NULL) AND `action` != 'login'";
 
-	$result = SQL_QUERY_ESC("SELECT `%s` AS `menu`, `title` FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE ".$what." ORDER BY `sort` ASC",
+	$result = sqlQueryEscaped("SELECT `%s` AS `menu`, `title` FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE ".$what." ORDER BY `sort` ASC",
 		array($mode), __FUNCTION__, __LINE__);
-	if (!SQL_HASZERONUMS($result)) {
+	if (!ifSqlHasZeroNums($result)) {
 		// Load menu as selection
 		$OUT = '<select name="' . $mode . '_menu';
-		if ((!empty($defid)) || ($defid == '0')) $OUT .= '[' . $defid . ']';
+		if (!isValidId($defid)) $OUT .= '[' . intval($defid) . ']';
 		$OUT .= '" size="1" class="form_select">
 	<option value="">{--SELECT_NONE--}</option>';
 		// Load all entries
-		while ($content = SQL_FETCHARRAY($result)) {
+		while ($content = sqlFetchArray($result)) {
 			$OUT .= '<option value="' . $content['menu'] . '"';
 			if ((!empty($default)) && ($default == $content['menu'])) {
 				$OUT .= ' selected="selected"';
@@ -542,7 +557,7 @@ function adminMenuSelectionBox_DEPRECATED ($mode, $default = '', $defid = '') {
 		} // END - while
 
 		// Free memory
-		SQL_FREERESULT($result);
+		sqlFreeResult($result);
 
 		// Add closing select-tag
 		$OUT .= '</select>';
@@ -574,7 +589,7 @@ function adminSaveSettings (&$postData, $tableName = '_config', $whereStatement
 	//* BUG: */ reportBug(__FUNCTION__, __LINE__, '<pre>'.print_r(postRequestArray(), TRUE).'</pre>');
 	foreach ($postData as $id => $val) {
 		// Process only formular field but not submit buttons ;)
-		if ($id == 'ok') {
+		if ($id == 'save_config') {
 			// Skip this button
 			continue;
 		} // END - if
@@ -620,13 +635,13 @@ function adminSaveSettings (&$postData, $tableName = '_config', $whereStatement
 	$result = FALSE;
 	if ($alwaysAdd === FALSE) {
 		if (!empty($whereStatement)) {
-			$result = SQL_QUERY("SELECT * FROM `{?_MYSQL_PREFIX?}" . $tableName . "` WHERE " . $whereStatement . " LIMIT 1", __FUNCTION__, __LINE__);
+			$result = sqlQuery("SELECT * FROM `{?_MYSQL_PREFIX?}" . $tableName . "` WHERE " . $whereStatement . " LIMIT 1", __FUNCTION__, __LINE__);
 		} else {
-			$result = SQL_QUERY("SELECT * FROM `{?_MYSQL_PREFIX?}" . $tableName . "` LIMIT 1", __FUNCTION__, __LINE__);
+			$result = sqlQuery("SELECT * FROM `{?_MYSQL_PREFIX?}" . $tableName . "` LIMIT 1", __FUNCTION__, __LINE__);
 		}
 	} // END - if
 
-	if (SQL_NUMROWS($result) == 1) {
+	if (sqlNumRows($result) == 1) {
 		// "Implode" all data to single string
 		$updatedData = implode(', ', $tableData);
 
@@ -659,13 +674,13 @@ function adminSaveSettings (&$postData, $tableName = '_config', $whereStatement
 	}
 
 	// Free memory
-	SQL_FREERESULT($result);
+	sqlFreeResult($result);
 
 	// Simply run generated SQL string
-	SQL_QUERY($sql, __FUNCTION__, __LINE__);
+	sqlQuery($sql, __FUNCTION__, __LINE__);
 
 	// Remember affected rows
-	$affected = SQL_AFFECTEDROWS();
+	$affected = sqlAffectedRows();
 
 	// Rebuild cache
 	rebuildCache('config', 'config');
@@ -725,10 +740,10 @@ function generateUserProfileLink ($userid, $title = '', $what = '') {
 	// Is there cache?
 	if (!isset($GLOBALS[__FUNCTION__][$userid][$title . '_' . $what])) {
 		// Is title empty and valid userid?
-		if (($title == '') && (isValidUserId($userid))) {
+		if (($title == '') && (isValidId($userid))) {
 			// Set userid as title
 			$title = $userid;
-		} elseif (!isValidUserId($userid)) {
+		} elseif (!isValidId($userid)) {
 			// User id zero is invalid
 			return '<strong>' . convertNullToZero($userid) . '</strong>';
 		}
@@ -787,17 +802,17 @@ function adminGetMenuMode () {
 		incrementStatsEntry('cache_hits');
 	} elseif (isExtensionInstalledAndNewer('admins', '0.6.7')) {
 		// Load from database when version of 'admins' is enough
-		$result = SQL_QUERY_ESC("SELECT `la_mode` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
+		$result = sqlQueryEscaped("SELECT `la_mode` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
 			array($adminId), __FUNCTION__, __LINE__);
 
 		// Is there an entry?
-		if (SQL_NUMROWS($result) == 1) {
+		if (sqlNumRows($result) == 1) {
 			// Load data
-			list($adminMode) = SQL_FETCHROW($result);
+			list($adminMode) = sqlFetchRow($result);
 		} // END - if
 
 		// Free memory
-		SQL_FREERESULT($result);
+		sqlFreeResult($result);
 	}
 
 	// Check what the admin wants and set it when it's not the default mode
@@ -821,7 +836,7 @@ function adminChangeActivationStatus ($IDs, $table, $row, $idRow = 'id') {
 			// Should always be set... ;-)
 			if (!empty($selected)) {
 				// Determine new status
-				$result = SQL_QUERY_ESC("SELECT %s FROM `{?_MYSQL_PREFIX?}_%s` WHERE %s=%s LIMIT 1",
+				$result = sqlQueryEscaped("SELECT %s FROM `{?_MYSQL_PREFIX?}_%s` WHERE %s=%s LIMIT 1",
 					array(
 						$row,
 						$table,
@@ -830,15 +845,15 @@ function adminChangeActivationStatus ($IDs, $table, $row, $idRow = 'id') {
 					), __FUNCTION__, __LINE__);
 
 				// Row found?
-				if (SQL_NUMROWS($result) == 1) {
+				if (sqlNumRows($result) == 1) {
 					// Load the status
-					list($currStatus) = SQL_FETCHROW($result);
+					list($currStatus) = sqlFetchRow($result);
 
 					// And switch it N<->Y
 					$newStatus = convertBooleanToYesNo(!($currStatus == 'Y'));
 
 					// Change this status
-					SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s` SET %s='%s' WHERE %s=%s LIMIT 1",
+					sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_%s` SET %s='%s' WHERE %s=%s LIMIT 1",
 						array(
 							$table,
 							$row,
@@ -848,11 +863,11 @@ function adminChangeActivationStatus ($IDs, $table, $row, $idRow = 'id') {
 						), __FUNCTION__, __LINE__);
 
 					// Count up affected rows
-					$count += SQL_AFFECTEDROWS();
+					$count += sqlAffectedRows();
 				} // END - if
 
 				// Free the result
-				SQL_FREERESULT($result);
+				sqlFreeResult($result);
 			} // END - if
 		} // END - foreach
 
@@ -888,10 +903,10 @@ function adminBuilderStatusHandler ($mode, $tableName, $columns, $filterFunction
 	// "Walk" through all entries
 	foreach (postRequestElement($idColumn[0]) as $id => $sel) {
 		// Construct SQL query
-		$sql = sprintf("UPDATE `{?_MYSQL_PREFIX?}_%s` SET", SQL_ESCAPE($tableName[0]));
+		$sql = sprintf("UPDATE `{?_MYSQL_PREFIX?}_%s` SET", sqlEscapeString($tableName[0]));
 
 		// Load data of entry
-		$result = SQL_QUERY_ESC("SELECT * FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s`=%s LIMIT 1",
+		$result = sqlQueryEscaped("SELECT * FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s`=%s LIMIT 1",
 			array(
 				$tableName[0],
 				$idColumn[0],
@@ -899,10 +914,10 @@ function adminBuilderStatusHandler ($mode, $tableName, $columns, $filterFunction
 			), __FUNCTION__, __LINE__);
 
 		// Fetch the data
-		$content = SQL_FETCHARRAY($result);
+		$content = sqlFetchArray($result);
 
 		// Free the result
-		SQL_FREERESULT($result);
+		sqlFreeResult($result);
 
 		// Add all status entries (e.g. status column last_updated or so)
 		$newStatus = 'UNKNOWN';
@@ -912,7 +927,7 @@ function adminBuilderStatusHandler ($mode, $tableName, $columns, $filterFunction
 			// Does the entry exist?
 			if ((isset($content[$column])) && (isset($statusInfo[$content[$column]]))) {
 				// Add these entries for update
-				$sql .= sprintf(" `%s`='%s',", SQL_ESCAPE($column), SQL_ESCAPE($statusInfo[$content[$column]]));
+				$sql .= sprintf(" `%s`='%s',", sqlEscapeString($column), sqlEscapeString($statusInfo[$content[$column]]));
 
 				// Remember status
 				if ($statusColumn == 'unknown') {
@@ -930,22 +945,22 @@ function adminBuilderStatusHandler ($mode, $tableName, $columns, $filterFunction
 		// Add other columns as well
 		foreach (postRequestArray() as $key => $entries) {
 			// Debug message
-			logDebugMessage(__FUNCTION__, __LINE__, 'Found entry: ' . $key);
+			/* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Found entry: ' . $key);
 
 			// Skip id, raw userid and 'do_$mode'
 			if (!in_array($key, array($idColumn[0], $rawUserId[0], ('do_' . $mode)))) {
 				// Are there brackets () at the end?
 				if (substr($entries[$id], -2, 2) == '()') {
 					// Direct SQL command found
-					$sql .= sprintf(" `%s`=%s,", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id]));
+					$sql .= sprintf(" `%s`=%s,", sqlEscapeString($key), sqlEscapeString($entries[$id]));
 				} else {
 					// Add regular entry
-					$sql .= sprintf(" `%s`='%s',", SQL_ESCAPE($key), SQL_ESCAPE($entries[$id]));
+					$sql .= sprintf(" `%s`='%s',", sqlEscapeString($key), sqlEscapeString($entries[$id]));
 
 					// Add entry
 					$content[$key] = $entries[$id];
 				}
-			} else {
+			} elseif (isDebugModeEnabled()) {
 				// Skipped entry
 				logDebugMessage(__FUNCTION__, __LINE__, 'Skipped: ' . $key);
 			}
@@ -960,7 +975,7 @@ function adminBuilderStatusHandler ($mode, $tableName, $columns, $filterFunction
 		);
 
 		// Run the SQL
-		SQL_QUERY($sql, __FUNCTION__, __LINE__);
+		sqlQuery($sql, __FUNCTION__, __LINE__);
 
 		// Send "build mails" out
 		sendGenericBuildMails($mode, $tableName, $content, $id, $statusInfo[$content[$column]], $userIdColumn);
@@ -995,7 +1010,7 @@ function adminDeleteEntriesConfirm ($tableName, $columns = array(), $filterFunct
 			displayMessage('{--ADMIN_ALL_ENTRIES_REMOVED--}');
 		} else {
 			// Some are still there :(
-			displayMessage(sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_DELETED'), SQL_AFFECTEDROWS(), countPostSelection($idColumn[0])));
+			displayMessage(sprintf(getMessage('ADMIN_SOME_ENTRIES_NOT_DELETED'), sqlAffectedRows(), countPostSelection($idColumn[0])));
 		}
 	} else {
 		// List for deletion confirmation
@@ -1101,7 +1116,7 @@ function adminAddEntries ($tableName, $columns = array(), $filterFunctions = arr
 	doGenericAddEntries($tableName, $columns, $filterFunctions, $extraValues, $timeColumns, $columnIndex);
 
 	// Entry has been added?
-	if ((!SQL_HASZEROAFFECTED()) && ($GLOBALS['__XML_PARSE_RESULT'] === TRUE)) {
+	if ((!ifSqlHasZeroAffectedRows()) && ($GLOBALS['__XML_PARSE_RESULT'] === TRUE)) {
 		// Display success message
 		displayMessage('{--ADMIN_ENTRY_ADDED--}');
 	} else {
@@ -1116,7 +1131,7 @@ function adminTestProxySettings ($settingsArray) {
 	mergeConfig($settingsArray);
 
 	// Now get the test URL
-	$content = sendGetRequest('check-updates3.php');
+	$content = sendHttpGetRequest('check-updates3.php');
 
 	// Is the first line with "200 OK"?
 	$valid = isInString('200 OK', $content[0]);
@@ -1131,20 +1146,20 @@ function sendAdminPasswordResetLink ($email) {
 	$OUT = '';
 
 	// Look up administator login
-	$result = SQL_QUERY_ESC("SELECT `id`, `login`, `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE '%s' REGEXP `email` LIMIT 1",
+	$result = sqlQueryEscaped("SELECT `id`, `login`, `password` FROM `{?_MYSQL_PREFIX?}_admins` WHERE '%s' REGEXP `email` LIMIT 1",
 		array($email), __FUNCTION__, __LINE__);
 
 	// Is there an account?
-	if (SQL_HASZERONUMS($result)) {
+	if (ifSqlHasZeroNums($result)) {
 		// No account found
 		return '{--ADMIN_NO_LOGIN_WITH_EMAIL--}';
 	} // END - if
 
 	// Load all data
-	$content = SQL_FETCHARRAY($result);
+	$content = sqlFetchArray($result);
 
 	// Free result
-	SQL_FREERESULT($result);
+	sqlFreeResult($result);
 
 	// Generate hash for reset link
 	$content['hash'] = generateHash(getUrl() . getEncryptSeparator() . $content['id'] . getEncryptSeparator() . $content['login'] . getEncryptSeparator() . $content['password'], substr($content['password'], getSaltLength()));
@@ -1169,13 +1184,13 @@ function adminResetValidateHashLogin ($hash, $login) {
 	$valid = FALSE;
 
 	// Then try to find that user
-	$result = SQL_QUERY_ESC("SELECT `id`, `password`, `email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
+	$result = sqlQueryEscaped("SELECT `id`, `password`, `email` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `login`='%s' LIMIT 1",
 		array($login), __FUNCTION__, __LINE__);
 
 	// Is an account here?
-	if (SQL_NUMROWS($result) == 1) {
+	if (sqlNumRows($result) == 1) {
 		// Load all data
-		$content = SQL_FETCHARRAY($result);
+		$content = sqlFetchArray($result);
 
 		// Generate hash again
 		$hashFromData = generateHash(getUrl() . getEncryptSeparator() . $content['id'] . getEncryptSeparator() . $login . getEncryptSeparator() . $content['password'], substr($content['password'], getSaltLength()));
@@ -1185,7 +1200,7 @@ function adminResetValidateHashLogin ($hash, $login) {
 	} // END - if
 
 	// Free result
-	SQL_FREERESULT($result);
+	sqlFreeResult($result);
 
 	// Return result
 	return $valid;
@@ -1240,7 +1255,7 @@ function adminUpdateTaskData ($id, $row, $data) {
 	} // END - if
 
 	// Update the task
-	SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_task_system` SET `%s`='%s' WHERE `id`=%s LIMIT 1",
+	sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_task_system` SET `%s`='%s' WHERE `id`=%s LIMIT 1",
 		array(
 			$row,
 			$data,
@@ -1272,7 +1287,7 @@ function setAdminMenuHasEntries ($action, $hasEntries) {
 // Creates a link to the user's admin-profile
 function adminCreateUserLink ($userid) {
 	// Is the userid set correctly?
-	if (isValidUserId($userid)) {
+	if (isValidId($userid)) {
 		// Create a link to that profile
 		return '{%url=modules.php?module=admin&amp;what=list_user&amp;userid=' . bigintval($userid) . '%}';
 	} // END - if
@@ -1287,7 +1302,7 @@ function generateAdminLink ($adminId) {
 	$adminLink = '{--ADMIN_NO_ADMIN_ASSIGNED--}';
 
 	// Zero? = Not assigned
-	if (isValidUserId($adminId)) {
+	if (isValidId($adminId)) {
 		// Load admin's login
 		$login = getAdminLogin($adminId);
 
@@ -1333,7 +1348,7 @@ function doVerifyExpertSettings () {
 			// Okay, does he want to see them?
 			if (isAdminsExpertWarningEnabled()) {
 				// Ask for them
-				if (isFormSent()) {
+				if (isFormSent('save_expert')) {
 					// Is the element set, then we need to change the admin
 					if (isPostRequestElementSet('expert_settings')) {
 						// Get it and prepare final post data array
@@ -1384,14 +1399,14 @@ function doVerifyExpertSettings () {
 }
 
 // Generate link to unconfirmed mails for admin
-function generateUnconfirmedAdminLink ($id, $unconfirmed, $type = 'bid') {
+function generateUnconfirmedAdminLink ($id, $unconfirmed, $type) {
 	// Init output
 	$OUT = $unconfirmed;
 
 	// Is there unconfirmed mails?
 	if ($unconfirmed > 0) {
 		// Add link to list_unconfirmed what-file
-		$OUT = '<a href="{%url=modules.php?module=admin&amp;what=list_unconfirmed&amp;' . $type . '=' . $id . '%}">{%pipe,translateComma=' . $unconfirmed . '%}</a>';
+		$OUT = '<a href="{%url=modules.php?module=admin&amp;what=list_unconfirmed&amp;type=' . $type . '&amp;id=' . $id . '%}">{%pipe,translateComma=' . $unconfirmed . '%}</a>';
 	} // END - if
 
 	// Return it
@@ -1422,7 +1437,7 @@ function addEmailNavigation ($numPages, $offset, $show_form, $colspan, $return=f
 			$NAV .= '<a href="{%url=modules.php?module=admin&amp;what=' . getWhat() . '&amp;page=' . $page . '&amp;offset=' . $offset;
 
 			// Add userid when we shall show all mails from a single member
-			if ((isGetRequestElementSet('userid')) && (isValidUserId(getRequestElement('userid')))) $NAV .= '&amp;userid=' . bigintval(getRequestElement('userid'));
+			if ((isGetRequestElementSet('userid')) && (isValidId(getRequestElement('userid')))) $NAV .= '&amp;userid=' . bigintval(getRequestElement('userid'));
 
 			// Close open anchor tag
 			$NAV .= '%}">';
@@ -1436,7 +1451,7 @@ function addEmailNavigation ($numPages, $offset, $show_form, $colspan, $return=f
 			$NAV .= '</a>';
 		}
 
-		// Add separator if we have not yet reached total pages
+		// Add separator if total pages has not been reached
 		if ($page < $numPages) {
 			// Add it
 			$NAV .= '|';
@@ -1477,7 +1492,7 @@ function adminProcessMenuEditForm ($type, $subMenu) {
 				// Shall we update a menu or sub menu?
 				if (!isGetRequestElementSet('sub')) {
 					// Update with 'what'=null
-					SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `title`='%s',`action`='%s',`what`=NULL WHERE ".$AND." AND `id`=%s LIMIT 1",
+					sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `title`='%s',`action`='%s',`what`=NULL WHERE ".$AND." AND `id`=%s LIMIT 1",
 						array(
 							$type,
 							$menu,
@@ -1486,7 +1501,7 @@ function adminProcessMenuEditForm ($type, $subMenu) {
 						), __FUNCTION__, __LINE__);
 				} else {
 					// Update with selected 'what'
-					SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `title`='%s',`action`='%s',`what`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1",
+					sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `title`='%s',`action`='%s',`what`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1",
 						array(
 							$type,
 							$menu,
@@ -1498,7 +1513,7 @@ function adminProcessMenuEditForm ($type, $subMenu) {
 				break;
 
 			case 'delete': // Delete menu
-				SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE ".$AND." AND `id`=%s LIMIT 1",
+				sqlQueryEscaped("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE ".$AND." AND `id`=%s LIMIT 1",
 					array(
 						$type,
 						$sel
@@ -1506,7 +1521,7 @@ function adminProcessMenuEditForm ($type, $subMenu) {
 				break;
 
 			case 'status': // Change status of menus
-				SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `visible`='%s',`locked`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1",
+				sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `visible`='%s',`locked`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1",
 					array(
 						$type,
 						postRequestElement('visible', $sel),
@@ -1536,49 +1551,49 @@ function doAdminProcessMenuWeightning ($type, $AND) {
 		// Get ids
 		if (isGetRequestElementSet('w')) {
 			// Sub menus selected
-			$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `sort`=%s LIMIT 1",
+			$result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `sort`=%s LIMIT 1",
 				array(
 					$type,
 					getRequestElement('act'),
 					bigintval(getRequestElement('tid'))
 				), __FUNCTION__, __LINE__);
-			list($tid) = SQL_FETCHROW($result);
-			SQL_FREERESULT($result);
-			$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `sort`=%s LIMIT 1",
+			list($tid) = sqlFetchRow($result);
+			sqlFreeResult($result);
+			$result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `action`='%s' AND `sort`=%s LIMIT 1",
 				array(
 					$type,
 					getRequestElement('act'),
 					bigintval(getRequestElement('fid'))
 				), __FUNCTION__, __LINE__);
-			list($fid) = SQL_FETCHROW($result);
-			SQL_FREERESULT($result);
+			list($fid) = sqlFetchRow($result);
+			sqlFreeResult($result);
 		} else {
 			// Main menu selected
-			$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL) AND `sort`=%s LIMIT 1",
+			$result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL) AND `sort`=%s LIMIT 1",
 				array(
 					$type,
 					bigintval(getRequestElement('tid'))
 				), __FUNCTION__, __LINE__);
-			list($tid) = SQL_FETCHROW($result);
-			SQL_FREERESULT($result);
-			$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL) AND `sort`=%s LIMIT 1",
+			list($tid) = sqlFetchRow($result);
+			sqlFreeResult($result);
+			$result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE (`what`='' OR `what` IS NULL) AND `sort`=%s LIMIT 1",
 				array(
 					$type,
 					bigintval(getRequestElement('fid'))
 				), __FUNCTION__, __LINE__);
-			list($fid) = SQL_FETCHROW($result);
-			SQL_FREERESULT($result);
+			list($fid) = sqlFetchRow($result);
+			sqlFreeResult($result);
 		}
 
 		if ((!empty($tid)) && (!empty($fid))) {
 			// Sort menu
-			SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `sort`=%s WHERE ".$AND." AND `id`=%s LIMIT 1",
+			sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `sort`=%s WHERE ".$AND." AND `id`=%s LIMIT 1",
 				array(
 					$type,
 					bigintval(getRequestElement('tid')),
 					bigintval($fid)
 				), __FUNCTION__, __LINE__);
-			SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `sort`=%s WHERE ".$AND." AND `id`=%s LIMIT 1",
+			sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_%s_menu` SET `sort`=%s WHERE ".$AND." AND `id`=%s LIMIT 1",
 				array(
 					$type,
 					bigintval(getRequestElement('fid')),
@@ -1588,5 +1603,141 @@ function doAdminProcessMenuWeightning ($type, $AND) {
 	} // END - if
 }
 
+// Function to register first admin
+function registerFirstAdmin () {
+	// Make sure that no admin is registered
+	assert(!isAdminRegistered());
+
+	// Admin is not registered so we have to inform the user
+	if ((isFormSent('add_first_admin')) && ((!isPostRequestElementSet('admin_login')) || (!isPostRequestElementSet('admin_password1')) || (strlen(postRequestElement('admin_password1')) < getConfig('minium_admin_pass_length')) || (!isPostRequestElementSet('admin_password2')) || (strlen(postRequestElement('admin_password2')) < getConfig('minium_admin_pass_length')) || (postRequestElement('admin_password1') != postRequestElement('admin_password2')))) {
+		setPostRequestElement('add_first_admin', '***');
+	} // END - if
+
+	// Clear error message
+	$errorMessage = '';
+	$ret = 'init';
+
+	// Is form for first admin sent?
+	if ((isFormSent('add_first_admin')) && (postRequestElement('add_first_admin') != '***')) {
+		// Hash the password with the old function because we are here in install mode
+		$hashedPass = md5(postRequestElement('admin_password1'));
+
+		// Kill maybe existing session variables
+		destroyAdminSession();
+
+		// Do registration
+		$ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster(), 'allow');
+
+		// Check if registration wents fine
+		switch ($ret) {
+			case 'done':
+				// Change ADMIN_REGISTERED entry
+				$done = changeDataInLocalConfigurationFile('ADMIN-SETUP', "setConfigEntry('ADMIN_REGISTERED', '", "');", 'Y', 0);
+
+				// Was it successfull?
+				if ($done === TRUE) {
+					// Registering is done
+					redirectToUrl('modules.php?module=admin&amp;register=done');
+				} else {
+					// Registration incomplete
+					$errorMessage = '{--ADMIN_CANNOT_COMPLETE--}';
+
+					// Set this to have our error message displayed
+					setPostRequestElement('add_first_admin', '***');
+				}
+				break;
+
+			case 'failed': // Registration has failed
+				$errorMessage = '{--ADMIN_REGISTER_FAILED--}';
+
+				// Set this to have our error message displayed
+				setPostRequestElement('add_first_admin', '***');
+				break;
+
+			case 'already': // Admin does already exists!
+				$errorMessage = '{--ADMIN_LOGIN_ALREADY_REG--}';
+
+				// Set this to have our error message displayed
+				setPostRequestElement('add_first_admin', '***');
+				break;
+
+			default:
+				// Any other kind will be logged
+				$errorMessage = sprintf("Unknown return code %s from ifAdminLoginDataIsValid().", $ret);
+				logDebugMessage(__FUNCTION__, __LINE__, $errorMessage);
+
+				// Set this to have our error message displayed
+				setPostRequestElement('add_first_admin', '***');
+				break;
+		} // END - switch
+	} // END - if
+
+	// Whas that action okay?
+	if ($ret != 'done') {
+		// Init login name
+		$content['admin_login'] = '';
+		if (isPostRequestElementSet('admin_login')) {
+			$content['admin_login'] = postRequestElement('admin_login');
+		} // END - if
+
+		// Init array elements
+		$content['login_message'] = '';
+		$content['password1_message'] = '';
+		$content['password2_message'] = '';
+		$content['error_message'] = '';
+
+		// Yet-another notice-fix
+		if ((isFormSent('add_first_admin')) && (postRequestElement('add_first_admin') == '***')) {
+			// Init variables
+			$loginMessage = '';
+			$password1Message = '';
+			$password2Message = '';
+
+			// No login entered?
+			if (empty($content['admin_login'])) {
+				$loginMessage = '{--ADMIN_NO_LOGIN--}';
+			} // END - if
+
+			// An error comes back from registration?
+			if ((!empty($ret)) && ($ret != 'init')) {
+				$loginMessage = $errorMessage;
+			} // END - if
+
+			// No password 1 entered or to short?
+			if (!isPostRequestElementSet('admin_password1')) {
+				$password1Message = '{--ADMIN_NO_PASSWORD1--}';
+			} elseif (!isStrongPassword(postRequestElement('admin_password1'))) {
+				$password1Message = '{--ADMIN_WEAK_PASSWORD1--}';
+			}
+
+			// No password 2 entered or to short?
+			if (!isPostRequestElementSet('admin_password2')) {
+				$password2Message = '{--ADMIN_NO_PASSWORD2--}';
+			} elseif (!isStrongPassword(postRequestElement('admin_password2'))) {
+				$password2Message = '{--ADMIN_WEAK_PASSWORD2--}';
+			}
+
+			// Both didn't match?
+			if (postRequestElement('admin_password1') != postRequestElement('admin_password2')) {
+				// No match
+				if (empty($password1Message)) $password1Message = '{--ADMIN_PASSWORD1_MISMATCH--}';
+				if (empty($password2Message)) $password2Message = '{--ADMIN_PASSWORD2_MISMATCH--}';
+			} // END - if
+
+			// Output error messages
+			$content['login_message']     = loadTemplate('admin_login_msg', TRUE, $loginMessage);
+			$content['password1_message'] = loadTemplate('admin_login_msg', TRUE, $password1Message);
+			$content['password2_message'] = loadTemplate('admin_login_msg', TRUE, $password2Message);
+			$content['error_message']     = loadTemplate('admin_login_msg', TRUE, $errorMessage);
+		} // END - if
+
+		// Output message in seperate template
+		displayMessage('{--ADMIN_ACCOUNT_NOT_REGISTERED_YET--}');
+
+		// Load register template
+		loadTemplate('admin_reg_form', FALSE, $content);
+	} // END - if
+}
+
 // [EOF]
 ?>