X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-admins_add.php;h=4f7f51e59fcb844ca26fd013c36f77e59b96e640;hp=bb740c380eefb0837e2ce6f4e05cd90b0588cade;hb=b8c86fa12322603c24a88ea2b0fd3dbeba612752;hpb=5ef6ed7373ae85e5635e39e2a0adf9496a8add05 diff --git a/inc/modules/admin/what-admins_add.php b/inc/modules/admin/what-admins_add.php index bb740c380e..4f7f51e59f 100644 --- a/inc/modules/admin/what-admins_add.php +++ b/inc/modules/admin/what-admins_add.php @@ -32,55 +32,41 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } -// Add description as navigation point -ADD_DESCR("admin", basename(__FILE__)); -global $CACHE; +// Add description as navigation point +ADD_DESCR("admin", __FILE__); // Display form is default $FORM = true; -if ((isset($_POST['add'])) && (!empty($_POST['login'])) && (!empty($_POST['email'])) && (!empty($_POST['pass1'])) && (!empty($_POST['pass2'])) && ($_POST['pass1'] == $_POST['pass2'])) -{ +if ((REQUEST_ISSET_POST(('add'))) && (REQUEST_ISSET_POST(('login'))) && (REQUEST_ISSET_POST(('email'))) && (REQUEST_ISSET_POST(('pass1'))) && (REQUEST_ISSET_POST(('pass2'))) && (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) { // Add admin when not added already - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", - array($_POST['login']), __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 0) - { - // Login does not exist so we can create it. + if (REGISTER_ADMIN(REQUEST_POST('login'), generateHash(REQUEST_POST('pass1')), REQUEST_POST('email')) == "done") { + // Do not ouput any form! $FORM = false; - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s', '%s', '%s')", - array($_POST['login'], generateHash($_POST['pass1']), $_POST['email']), __FILE__, __LINE__); // Admin login saved - LOAD_TEMPLATE("admin_settings_saved", false, "".ADMIN_ADMINS_ADD_DONE.""); + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_ADMINS_ADD_DONE')); - // Remove cache file - if (EXT_IS_ACTIVE("cache")) - { - if ($CACHE->cache_file("admins", true)) $CACHE->cache_destroy(); - } - } - else - { - // Free memory - SQL_FREERESULT($result); - } -} + // Run filter chain + RUN_FILTER('post_admin_added', REQUEST_POST_ARRAY()); + } // END - if +} // END - if -if ($FORM) -{ - // Clear unset variables - if (empty($_POST['login'])) $_POST['login'] = ""; - if (empty($_POST['email'])) $_POST['email'] = ""; +// Shall we display the form? +if ($FORM === true) { + // Set missing elements + // @TODO Do we still need this ugly code here? + if (!REQUEST_ISSET_POST(('login'))) REQUEST_SET_POST('login', ""); + if (!REQUEST_ISSET_POST(('email'))) REQUEST_SET_POST('email', ""); // Load form from template LOAD_TEMPLATE("admin_admins_add"); -} +} // END - if + // ?>