Now all admin functions depend on admin id, before login/aid mixed
authorRoland Häder <roland@mxchange.org>
Wed, 22 Oct 2008 18:57:40 +0000 (18:57 +0000)
committerRoland Häder <roland@mxchange.org>
Wed, 22 Oct 2008 18:57:40 +0000 (18:57 +0000)
inc/databases.php
inc/functions.php
inc/loader/load_cache-admin.php
inc/modules/admin/admin-inc.php
inc/modules/admin/what-admins_contct.php
inc/modules/admin/what-unlock_sponsor.php
inc/mysql-manager.php

index d169b1e..af9a585 100644 (file)
@@ -114,7 +114,7 @@ define('USAGE_BASE', "usage");
 define('SERVER_URL', "http://www.mxchange.org");
 
 // This current patch level
-define('CURR_SVN_REVISION', "518");
+define('CURR_SVN_REVISION', "519");
 
 // Take a prime number which is long (if you know a longer one please try it out!)
 define('_PRIME', 591623);
index 291d865..73b15f5 100644 (file)
@@ -749,8 +749,11 @@ function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") {
 
        // Is the admin logged in?
        if (IS_ADMIN()) {
+               // Get admin id
+               $aid = GET_ADMIN_ID(get_session('admin_login'));
+
                // Load Admin data
-               $ADMIN = GET_ADMIN_EMAIL(get_session('admin_login'));
+               $ADMIN = GET_ADMIN_EMAIL($aid);
        } // END - if
 
        // Neutral email address is default
index 59d7a09..2de9487 100644 (file)
@@ -52,19 +52,27 @@ if (($cacheInstance->cache_file("admins", true) == true) && ($cacheInstance->ext
 
                        // The cache file seems to be fine
                        foreach ($cacheArray['admins']['login'] as $k => $login) {
-                               // Rewrite default_acl
-                               $cacheArray['admins']['aid'][$login]      = $cacheArray['admins']['aid'][$k];
-                               $cacheArray['admins']['password'][$login] = $cacheArray['admins']['password'][$k];
-                               $cacheArray['admins']['email'][$login]    = $cacheArray['admins']['email'][$k];
+                               // Rewrite admin id
+                               $cacheArray['admins']['aid'][$login]    = $cacheArray['admins']['aid'][$k];
+
+                               // Shortcut admin id
+                               $aid = $cacheArray['admins']['aid'][$login];
+
+                               // Rewrite others...
+                               $cacheArray['admins']['password'][$aid] = $cacheArray['admins']['password'][$k];
+                               $cacheArray['admins']['email'][$aid]    = $cacheArray['admins']['email'][$k];
 
                                // Some extra data depending on version
                                if (GET_EXT_VERSION("admins") >= "0.3") {
-                                       $cacheArray['admins']['def_acl'][$login]  = $cacheArray['admins']['def_acl'][$k];
+                                       // Default ACL
+                                       $cacheArray['admins']['def_acl'][$aid]  = $cacheArray['admins']['def_acl'][$k];
                                        if (GET_EXT_VERSION("admins") >= "0.6.7") {
-                                               $cacheArray['admins']['la_mode'][$login]  = $cacheArray['admins']['la_mode'][$k];
+                                               // "Logical Area" mode
+                                               $cacheArray['admins']['la_mode'][$aid]  = $cacheArray['admins']['la_mode'][$k];
                                                if (GET_EXT_VERSION("admins") >= "0.7.0") {
-                                                       $cacheArray['admins']['login_failtures'][$login] = $cacheArray['admins']['login_failtures'][$k];
-                                                       $cacheArray['admins']['last_failture'][$login]   = $cacheArray['admins']['last_failture'][$k];
+                                                       // Login failtures
+                                                       $cacheArray['admins']['login_failtures'][$aid] = $cacheArray['admins']['login_failtures'][$k];
+                                                       $cacheArray['admins']['last_failture'][$aid]   = $cacheArray['admins']['last_failture'][$k];
                                                } // END - if
                                        } // END - if
                                } // END - if
index c0ba4d3..395bc3e 100644 (file)
@@ -66,18 +66,21 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password)
        $ret = "404";
        $data = array();
 
+       // Get admin id
+       $aid = GET_ADMIN_ID($admin_login);
+
        // Is the cache valid?
-       if (!empty($cacheArray['admins']['password'][$admin_login])) {
+       if (!empty($cacheArray['admins']['password'][$aid])) {
                // Get password from cache
-               $data['password'] = $cacheArray['admins']['password'][$admin_login];
+               $data['password'] = $cacheArray['admins']['password'][$aid];
                $ret = "pass";
                if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
 
                // Include more admins data?
                if (GET_EXT_VERSION("admins") >= "0.7.0") {
                        // Load them here
-                       $data['login_failtures'] = $cacheArray['admins']['login_failtures'][$admin_login];
-                       $data['last_failture']   = $cacheArray['admins']['last_failture'][$admin_login];
+                       $data['login_failtures'] = $cacheArray['admins']['login_failtures'][$aid];
+                       $data['last_failture']   = $cacheArray['admins']['last_failture'][$aid];
                } // END - if
        } elseif (!EXT_IS_ACTIVE("cache")) {
                $ADD = "";
@@ -87,8 +90,8 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password)
                } // END - if
 
                // Get password from DB
-               $result = SQL_QUERY_ESC("SELECT password".$ADD." FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
-                array($admin_login), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("SELECT password".$ADD." FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
+                array($aid), __FILE__, __LINE__);
                if (SQL_NUMROWS($result) == 1) {
                        // Login password found
                        $ret = "pass";
@@ -134,12 +137,12 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password)
                        set_session('mxchange_admin_last_fail', $data['last_failture']);
 
                        // Update password and reset login failtures
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s',login_failtures=0,last_failture='0000-00-00 00:00:00' WHERE login='%s' LIMIT 1",
-                               array($data['password'], $admin_login), __FILE__, __LINE__);
+                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s',login_failtures=0,last_failture='0000-00-00 00:00:00' WHERE id=%s LIMIT 1",
+                               array($data['password'], $aid), __FILE__, __LINE__);
                } else {
                        // Update password
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE login='%s' LIMIT 1",
-                               array($data['password'], $admin_login), __FILE__, __LINE__);
+                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s' WHERE id=%s LIMIT 1",
+                               array($data['password'], $aid), __FILE__, __LINE__);
                }
 
                // Rebuild cache
@@ -167,8 +170,8 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password)
        // Count login failture if admins extension version is 0.7.0+
        if (($ret == "pass") && (GET_EXT_VERSION("admins") >= "0.7.0")) {
                // Update counter
-               SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login_failtures=login_failtures+1,last_failture=NOW() WHERE login='%s' LIMIT 1",
-                       array($admin_login), __FILE__, __LINE__);
+               SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET login_failtures=login_failtures+1,last_failture=NOW() WHERE id=%s LIMIT 1",
+                       array($aid), __FILE__, __LINE__);
 
                // Rebuild cache
                REBUILD_CACHE("admins", "admin");
@@ -213,7 +216,7 @@ function CHECK_ADMIN_COOKIES ($admin_login, $password) {
        $ret = "404"; $pass = "";
 
        // Get hash
-       $pass = GET_ADMIN_HASH($admin_login);
+       $pass = GET_ADMIN_HASH(GET_ADMIN_ID($admin_login));
        if ($pass != "-1") $ret = "pass";
 
        //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):".generatePassString($pass)."(".strlen($pass).")/".$password."(".strlen($password).")<br />\n";
@@ -767,15 +770,18 @@ function ADMIN_CHECK_MENU_MODE() {
        // Set the global mode as the mode for all admins
        $MODE = $_CONFIG['admin_menu']; $ADMIN = $MODE;
 
+       // Get admin id
+       $aid = GET_ADMIN_ID(get_session('admin_login'));
+
        // Check individual settings of current admin
-       if (isset($cacheArray['admins']['la_mode'][get_session('admin_login')])) {
+       if (isset($cacheArray['admins']['la_mode'][$aid])) {
                // Load from cache
-               $ADMIN = $cacheArray['admins']['la_mode'][get_session('admin_login')];
+               $ADMIN = $cacheArray['admins']['la_mode'][$aid];
                if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
        } elseif (GET_EXT_VERSION("admins") >= "0.6.7") {
                // Load from database when version of "admins" is enough
-               $result = SQL_QUERY_ESC("SELECT la_mode FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
-                array(get_session('admin_login')), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("SELECT la_mode FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
+                array($aid), __FILE__, __LINE__);
                if (SQL_NUMROWS($result) == 1) {
                        // Load data
                        list($ADMIN) = SQL_FETCHROW($result);
index 9b525cc..c6341ea 100644 (file)
@@ -48,7 +48,7 @@ if ((isset($_POST['ok'])) && (!empty($_GET['admin']))) {
                SEND_ADMIN_MESSAGE($_GET['admin'], ADMINS_MSG_FROM_ADMIN, $msg);
        } else {
                // Load admin's email address
-               $email = GET_ADMIN_EMAIL(GET_ADMIN_LOGIN(bigintval($_GET['admin'])));
+               $email = GET_ADMIN_EMAIL(bigintval($_GET['admin']));
 
                // Load email template and send the mail to the admin
                $msg = LOAD_EMAIL_TEMPLATE("admins_mail_contct_admin", $_POST['text'], "0");
index 0aaba45..81328dc 100644 (file)
@@ -72,17 +72,16 @@ ORDER BY sp.pay_name",
                                        // Payment does exist
                                        while(list($aid, $count, $ordered, $status, $pname, $prate, $pcurr) = SQL_FETCHROW($result))
                                        {
-                                               if ($aid == "0") {
-                                                       // No admin assigned!
-                                                       $aid = SPONSOR_NO_ADMIN;
-                                               } else {
+                                               // Set default email
+                                               $email = SPONSOR_NO_ADMIN;
+                                               if ($aid > "0") {
                                                        // Load admin's email address for contact
-                                                       $aid = GET_ADMIN_EMAIL(GET_ADMIN_LOGIN(($aid));
+                                                       $email = GET_ADMIN_EMAIL($aid);
                                                }
 
                                                // Transfer data to array
                                                $content = array(
-                                                       'aid'   => $aid,
+                                                       'aid'   => $email,
                                                        'order' => ($count * $prate)." ".$pcurr,
                                                        'stamp' => MAKE_DATETIME($ordered, "2"),
                                                        'pname' => $pname,
index b47722f..00f7d15 100644 (file)
@@ -1390,7 +1390,7 @@ WHERE sid='%s' LIMIT 1",
         array($_CONFIG['online_timeout']), __FILE__, __LINE__);
 }
 // OBSULETE: Sends out mail to all administrators
-function SEND_ADMIN_EMAILS($subj, $msg) {
+function SEND_ADMIN_EMAILS ($subj, $msg) {
        // Load all admin email addresses
        $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id ASC", __FILE__, __LINE__);
        while (list($email) = SQL_FETCHROW($result)) {
@@ -1404,7 +1404,7 @@ function SEND_ADMIN_EMAILS($subj, $msg) {
        // Really simple... ;-)
 }
 // Get ID number from administrator's login name
-function GET_ADMIN_ID($login) {
+function GET_ADMIN_ID ($login) {
        global $cacheArray, $_CONFIG;
        $ret = "-1";
        if (!empty($cacheArray['admins']['aid'][$login])) {
@@ -1428,26 +1428,26 @@ function GET_ADMIN_ID($login) {
 }
 //
 // Get password hash from administrator's login name
-function GET_ADMIN_HASH($login)
+function GET_ADMIN_HASH ($aid)
 {
        global $cacheArray, $_CONFIG;
        $ret = "-1";
-       if (!empty($cacheArray['admins']['password'][$login])) {
+       if (!empty($cacheArray['admins']['password'][$aid])) {
                // Check cache
-               $ret = $cacheArray['admins']['password'][$login];
+               $ret = $cacheArray['admins']['password'][$aid];
 
                // Update cache hits
                if (isset($_CONFIG['cache_hits'])) { $_CONFIG['cache_hits']++; } else { $_CONFIG['cache_hits'] = 1; }
        } elseif (!EXT_IS_ACTIVE("cache")) {
                // Load from database
-               $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
-                array($login), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("SELECT password FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
+                array($aid), __FILE__, __LINE__);
                if (SQL_NUMROWS($result) == 1) {
                        // Fetch data
                        list($ret) = SQL_FETCHROW($result);
 
                        // Set cache
-                       $cacheArray['admins']['password'][$login] = $ret;
+                       $cacheArray['admins']['password'][$aid] = $ret;
                }
 
                // Free result
@@ -1487,7 +1487,7 @@ function GET_ADMIN_EMAIL ($aid) {
        global $cacheArray, $_CONFIG;
 
        $ret = "***";
-       if (!empty($cacheArray['admins']['email'])) {
+       if (!empty($cacheArray['admins']['email'][$aid])) {
                // Get cache
                $ret = $cacheArray['admins']['email'][$aid];
 
@@ -1517,7 +1517,7 @@ function GET_ADMIN_DEFAULT_ACL ($aid) {
        global $cacheArray, $_CONFIG;
 
        $ret = "***";
-       if (!empty($cacheArray['admins']['def_acl'])) {
+       if (!empty($cacheArray['admins']['def_acl'][$aid])) {
                // Use cache
                $ret = $cacheArray['admins']['def_acl'][$aid];