Checking for admin ACL now as filter

diff --git a/inc/databases.php b/inc/databases.php
index 1cb01137c7241a17bd91bd096d6154b0d6c77d7d..35128c568eda81c22db75485d986baf0ce4d90af 100644 (file)
--- a/inc/databases.php
+++ b/inc/databases.php
@@ -114,7 +114,7 @@ define('USAGE_BASE', "usage");
 define('SERVER_URL', "http://www.mxchange.org");
 
 // Current SVN revision
-define('CURR_SVN_REVISION', "654");
+define('CURR_SVN_REVISION', "655");
 
 // Take a prime number which is long (if you know a longer one please try it out!)
 define('_PRIME', 591623);

diff --git a/inc/filters.php b/inc/filters.php
index fe843fb8f0a74f9ad1c1835985e69490ba1bea1d..4a1575815672ad5022034245dd0f59035746f7dc 100644 (file)
--- a/inc/filters.php
+++ b/inc/filters.php
@@ -125,6 +125,9 @@ ORDER BY `filter_id` ASC", __FILE__, __LINE__);
        // Run SQLs
        REGISTER_FILTER('run_sqls', 'RUN_SQLS');
 
+       // Admin ACL check
+       REGISTER_FILTER('check_admin_acl', 'CHECK_ADMIN_ACL');
+
        // Register shutdown filters
        REGISTER_FILTER('shutdown', 'FLUSH_FILTERS');
 }
@@ -474,7 +477,7 @@ function FILTER_UPDATE_LOGIN_DATA () {
 
                        // Update last module / online time
                        $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET last_module='%s', last_online=UNIX_TIMESTAMP(), REMOTE_ADDR='%s' WHERE userid=%s LIMIT 1",
-                        array($GLOBALS['what'], GET_REMOTE_ADDR(), $GLOBALS['userid']), __FILE__, __LINE__);
+                               array($GLOBALS['what'], GET_REMOTE_ADDR(), $GLOBALS['userid']), __FILE__, __LINE__);
                }
        }  else {
                // Destroy session, we cannot update!
@@ -482,5 +485,27 @@ function FILTER_UPDATE_LOGIN_DATA () {
        }
 }
 
+// Filter for checking admin ACL
+function FILTER_CHECK_ADMIN_ACL () {
+       // Extension not installed so it's always allowed to access everywhere!
+       $ret = true;
+
+       // Ok, Cookie-Update done
+       if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2")) {
+               // Check if action GET variable was set
+               $action = SQL_ESCAPE($GLOBALS['action']);
+               if (!empty($GLOBALS['what'])) {
+                       // Get action value by what-value
+                       $action = GET_ACTION("admin", $GLOBALS['what']);
+               } // END - if
+
+               // Check for access control line of current menu entry
+               $ret = ADMINS_CHECK_ACL($action, $GLOBALS['what']);
+       } // END - if
+
+       // Return result
+       return $ret;
+}
+
 //
 ?>

diff --git a/inc/functions.php b/inc/functions.php
index 999c6e8e64c792af404dce3b14196a2a5f5fe32d..a1d9b344f625bbcb0694f77ce52c51c4464ce4df 100644 (file)
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -2004,7 +2004,7 @@ function ADD_CATEGORY_TABLE ($MODE, $return=false) {
        return REGISTER_ADD_CATEGORY_TABLE ($MODE, $return);
 }
 // Generate an email link
-function CREATE_EMAIL_LINK($email, $table="admins") {
+function CREATE_EMAIL_LINK ($email, $table = "admins") {
        // Default email link (INSECURE! Spammer can read this by harvester programs)
        $EMAIL = "mailto:".$email;
 

diff --git a/inc/language/admins_de.php b/inc/language/admins_de.php
index c71507218354765b3335a68e1a32567ca7847d87..28ef7b6a9af455015c52f0f8d2fa215a15cb677b 100644 (file)
--- a/inc/language/admins_de.php
+++ b/inc/language/admins_de.php
@@ -64,7 +64,6 @@ define('ADMINS_CONTACT_TYPE_MSG', "Nachricht");
 define('ADMINS_CONTACT_DEFAULT_MAIL', "Ihre Nachricht wird als Mail versendet.");
 define('ADMINS_MSG_FROM_ADMIN', "Nachricht von einem Admin");
 define('ADMINS_ADMIN_CONTACTED', "Administrator wurde benachrichtigt!");
-define('ADMINS_ACCESS_DENIED', "Zugriff nicht gestattet.");
 define('ADMIN_ADMINS_ADD_ACL', "Zugriffkontrollzeile hinzufügen");
 define('ADMIN_ADMINS_SELECT_LOGIN', "Admin-Login auswählen");
 define('ADMIN_ADMINS_SELECT_ACTION', "Hauptmenü");

diff --git a/inc/language/de.php b/inc/language/de.php
index 74ecd9dcb7f10986e5a8293d7115c4166391923c..8ce3b7db2fbc741bd4c5233e0f332ecab6d4a80f 100644 (file)
--- a/inc/language/de.php
+++ b/inc/language/de.php
@@ -1197,6 +1197,7 @@ define('ADMIN_BUILD_STATUS_HANDLER', "Status-Handler");
 define('TASK_SUBJ_EXTENSION_DEACTIVATED', "Erweiterung deaktiviert");
 define('ADMIN_SUBJECT_EXTENSION_DEACTIVATED', "Automatische Deaktivierung einer Erweiterung");
 define('FATAL_EXTENSION_LOADED', "Erweiterung <u>%s/u> bereits geladen!");
+define('ADMIN_ACCESS_DENIED', "Zugriff auf diesen Adminmen&uuml;punkt nicht gestattet.");
 
 define('MEMBER_MAIL_BONUS_CONFIRMED_ON', "Sie haben diese Bonusmail <span class=\"data\">%s</span> best&auml;tigt.");
 define('MEMBER_MAIL_NORMAL_CONFIRMED_ON', "Sie haben diese Klickmail <span class=\"data\">%s</span> best&auml;tigt.");

diff --git a/inc/modules/admin.php b/inc/modules/admin.php
index cccd51af5adeb4efed3c25cc53f7045cdf09e239..1c58a7b53eadfbce3112962e32662bf2016feb8b 100644 (file)
--- a/inc/modules/admin.php
+++ b/inc/modules/admin.php
@@ -334,20 +334,8 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
                // Cookie-Data accepted
                if ((set_session("admin_md5", get_session('admin_md5'))) && (set_session("admin_login", get_session('admin_login'))) && (set_session("admin_last", time())) && (set_session("admin_to", bigintval(get_session('admin_to'))))) {
                        // Ok, Cookie-Update done
-                       if ((EXT_IS_ACTIVE("admins")) && (GET_EXT_VERSION("admins") > "0.2")) {
-                               // Check if action GET variable was set
-                               $act = SQL_ESCAPE($GLOBALS['action']);
-                               if (!empty($GLOBALS['what'])) {
-                                       // Get action value by what-value
-                                       $act = GET_ACTION("admin", $GLOBALS['what']);
-                               }
-
-                               // Check for access control line of current menu entry
-                               define('__ACL_ALLOW', ADMINS_CHECK_ACL($act, $GLOBALS['what']));
-                       } else {
-                               // Extension not installed so it's always allowed to access everywhere!
-                               define('__ACL_ALLOW', true);
-                       }
+                       // Check for access control line of current menu entry
+                       define('__ACL_ALLOW', RUN_FILTER('check_admin_acl'));
 
                        // When type of admin menu is not set fallback to old menu system
                        if (getConfig('admin_menu') == null) $_CONFIG['admin_menu'] = "OLD";

diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index 9aa13b1b54c04609bea2cb6cb428ac9bf8c63b9a..4937318b2e01cf8bf8436101012f3bd053140bf2 100644 (file)
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -352,8 +352,8 @@ LIMIT 1", array($act, $wht, $wht), __FILE__, __LINE__);
                        include($INC);
                } elseif (__ACL_ALLOW == false) {
                        // Access denied
-                       LOAD_TEMPLATE("admin_menu_failed", false, ADMINS_ACCESS_DENIED);
-                       ADD_FATAL(ADMINS_ACCESS_DENIED);
+                       LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_ACCESS_DENIED);
+                       ADD_FATAL(ADMIN_ACCESS_DENIED);
                } else {
                        // Include file not found! :-(
                        LOAD_TEMPLATE("admin_menu_failed", false, ADMIN_404_ACTION);