Debug messages changed, isAdmin() added to isAdminCookieValid()

diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index 37af59ab4ce66ec8ea2bcc26a5b54e470d5b29d9..a1df0f22779c2760f020bae54e9a341dba6586b4 100644 (file)
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -228,7 +228,7 @@ function ifAdminCookiesAreValid ($admin, $password) {
        //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):".generatePassString($pass).'('.strlen($pass).")/".$password.'('.strlen($password).")<br />");
 
        // Check if password matches
        //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):".generatePassString($pass).'('.strlen($pass).")/".$password.'('.strlen($password).")<br />");
 
        // Check if password matches

-       if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass)))) {
+       if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass))) && (isAdmin())) {

                // Passwords matches!
                $ret = 'done';
        } // END - if
                // Passwords matches!
                $ret = 'done';
        } // END - if

diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index 7c8d7b4947b49e6e4cec558ccde9637ee6459e08..7088fec5ae0bc4740908ed26e467a4db9ac98fb7 100644 (file)
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -641,7 +641,7 @@ function isMember () {
 function isAdmin ($admin = '') {
        // Init variables
        $ret = false; $passCookie = ''; $valPass = '';
 function isAdmin ($admin = '') {
        // Init variables
        $ret = false; $passCookie = ''; $valPass = '';

-       //* DEBUG: */ print(__LINE__."ADMIN:".$admin."<br />");
+       //* DEBUG: */ print(__FUNCTION__.':'.$admin."<br />");

 
        // If admin login is not given take current from cookies...
        if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {
 
        // If admin login is not given take current from cookies...
        if ((empty($admin)) && (isSessionVariableSet('admin_login')) && (isSessionVariableSet('admin_md5'))) {


@@ -649,7 +649,7 @@ function isAdmin ($admin = '') {
                $admin = getSession('admin_login');
                $passCookie = getSession('admin_md5');
        } // END - if
                $admin = getSession('admin_login');
                $passCookie = getSession('admin_md5');
        } // END - if

-       //* DEBUG: */ print(__LINE__."ADMIN:".$admin.'/'.$passCookie."<br />");
+       //* DEBUG: */ print(__FUNCTION__.':'.$admin.'/'.$passCookie."<br />");

 
        // Search in array for entry
        if (isset($GLOBALS['admin_hash'])) {
 
        // Search in array for entry
        if (isset($GLOBALS['admin_hash'])) {


@@ -688,7 +688,7 @@ function isAdmin ($admin = '') {
 
        if (!empty($valPass)) {
                // Check if password is valid
 
        if (!empty($valPass)) {
                // Check if password is valid

-               //* DEBUG: */ print(__FUNCTION__ . ':' . $valPass . '/' . $passCookie . '<br />');
+               //* DEBUG: */ print(__FUNCTION__ . ':(' . $valPass . '==' . $passCookie . ')='.intval($valPass == $passCookie).'<br />');

                $ret = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
        } // END - if
 
                $ret = (($valPass == $passCookie) || ((strlen($valPass) == 32) && ($valPass == md5($passCookie))) || (($valPass == '*FAILED*') && (!isExtensionActive('cache'))));
        } // END - if