From 0e269568bd666186509e98594e83bac199ac26da Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Sat, 7 Nov 2009 19:30:39 +0000
Subject: [PATCH 1/1] Installation improved, first login: - Admin password must
 be entered twice on installation - sql_patches warning will be displayed in
 'welcome' menu only and below the 'you are here menu' - Admin registration
 template fixed to previous huge changes

---
 inc/functions.php                          |  4 +-
 inc/language/de.php                        | 17 ++++--
 inc/modules/admin.php                      | 70 +++++++++++-----------
 inc/modules/admin/admin-inc.php            | 16 ++---
 inc/modules/admin/what-overview.php        | 10 +++-
 templates/de/html/admin/admin_reg_form.tpl | 33 +++++-----
 6 files changed, 80 insertions(+), 70 deletions(-)
diff --git a/inc/functions.php b/inc/functions.php
index 29bbc8280e..c3ea163558 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -3656,7 +3656,7 @@ function isTemplateCached ($template) {
 // Flushes non-flushed template cache to disk
 function flushTemplateCache ($template, $eval) {
 	// Is this cache flushed?
-	if ((!isTemplateCached($template)) && ($eval != '404')) {
+	if ((isDebuggingTemplateCache() === false) && (isTemplateCached($template) === false) && ($eval != '404')) {
 		// Generate FQFN
 		$FQFN = sprintf("%s_compiled/templates/%s.tpl.cache", getConfig('CACHE_PATH'), $template);
 
@@ -3671,7 +3671,7 @@ function flushTemplateCache ($template, $eval) {
 // Reads a template cache
 function readTemplateCache ($template) {
 	// Check it again
-	if (isTemplateCached($template)) {
+	if ((isDebuggingTemplateCache() === false) && (isTemplateCached($template))) {
 		// Generate FQFN
 		$FQFN = sprintf("%s_compiled/templates/%s.tpl.cache", getConfig('CACHE_PATH'), $template);
 
diff --git a/inc/language/de.php b/inc/language/de.php
index d12af9383f..c049c46674 100644
--- a/inc/language/de.php
+++ b/inc/language/de.php
@@ -91,14 +91,21 @@ addMessages(array(
 	'LANG_MOD_REG_UNKNOWN' => "Der Return-Code <span class=\"data\">%s</span> ist unbekannt.",
 	'LANG_MOD_REG_LOCKED' => "Das Modul <span class=\"data\">%s</span> wurde gesperrt.",
 	'ADMIN_NOT_REGISTERED' => "Es ist noch kein Administrator-Account angelegt worden.",
-	'ADMIN_REGISTER_NOW' => "Legen Sie jetzt das Administrator-Account an:",
-	'ADMIN_LOGIN' => "Geben Sie ein Administrator-Login ein",
-	'ADMIN_PASS' => "Geben Sie das Passwort ein",
+	'ADMIN_REGISTER_NOW' => "Legen Sie das erste Administrator-Account an:",
+	'ADMIN_LOGIN' => "Geben Sie Ihren Loginnamen ein",
+	'ADMIN_PASS' => "Geben Sie Ihr Passwort ein",
+	'ADMIN_REG_LOGIN' => "Geben Sie einen Loginnamen ein",
+	'ADMIN_REG_PASS1' => "Vergeben Sie ein Passwort",
+	'ADMIN_REG_PASS2' => "Passwort wiederholen",
 	'CLEAR_FORM' => "Nochmal eingeben",
 	'ADMIN_REG_SUBMIT' => "Admin-Account erstellen",
 	'ADMIN_NO_LOGIN' => "Sie haben keinen Loginnamen eingegeben.",
-	'ADMIN_NO_PASS' => "Sie haben kein Passwort eingegeben.",
-	'ADMIN_SHORT_PASS' => "Das Passwort ist zu kurz! Mindestens 4 Zeichen.",
+	'ADMIN_NO_PASS1' => "Sie haben kein Passwort eingegeben.",
+	'ADMIN_NO_PASS2' => "Sie haben keine Passwortwiederholung eingegeben.",
+	'ADMIN_SHORT_PASS1' => "Das Passwort ist zu kurz! Mindestens 4 Zeichen.",
+	'ADMIN_SHORT_PASS2' => "Die Passwortwiederholung ist zu kurz! Mindestens 4 Zeichen.",
+	'ADMIN_PASS1_MISMATCH' => "Das Passwort stimmt nicht mit der Wiederholung &uuml;berein.",
+	'ADMIN_PASS2_MISMATCH' => "Die Passwortwiederholung stimmt nicht mit dem Passwort &uuml;berein.",
 	'ADMIN_LOGIN_ALREADY_REG' => "Das von Ihnen eingegebene Admin-Login existiert bereits.",
 	'ADMIN_REGISTER_FAILED' => "Bei der Registrierung eines Admin-Accounts ist ein unerwarteter Fehler unterlaufen.",
 	'ADMIN_REGISTER_DONE' => "Das Admin-Account wurde soeben erstellt. Sie k&ouml;nnen sich nun mit den eingegeben Login-Daten einloggen.",
diff --git a/inc/modules/admin.php b/inc/modules/admin.php
index 806035c74a..8b22bcb682 100644
--- a/inc/modules/admin.php
+++ b/inc/modules/admin.php
@@ -53,13 +53,13 @@ $ret = 'init';
 // Is no admin registered?
 if (!isAdminRegistered()) {
 	// Admin is not registered so we have to inform the user
-	if ((isFormSent()) && ((!isPostRequestElementSet('login')) || (!isPostRequestElementSet('pass')) || (strlen(postRequestElement('pass')) < 4))) {
+	if ((isFormSent()) && ((!isPostRequestElementSet('login')) || (!isPostRequestElementSet('pass1')) || (strlen(postRequestElement('pass1')) < 4) || (!isPostRequestElementSet('pass2')) || (strlen(postRequestElement('pass2')) < 4) || (postRequestElement('pass1') != postRequestElement('pass2')))) {
 		setRequestPostElement('ok', '***');
 	} // END - if
 
 	if ((isFormSent()) && (postRequestElement('ok') != '***')) {
 		// Hash the password with the old function because we are here in install mode
-		$hashedPass = md5(postRequestElement('pass'));
+		$hashedPass = md5(postRequestElement('pass1'));
 
 		// Kill maybe existing session variables
 		destroyAdminSession(false);
@@ -79,37 +79,24 @@ if (!isAdminRegistered()) {
 				}
 				break;
 
-			case 'failed':
+			case 'failed': // Registration has failed
 				$ret = getMessage('ADMIN_REGISTER_FAILED');
 				break;
 
-			case 'already':
-			default:
-				if ($ret == 'already') {
-					// Admin does already exists!
-					$ret = getMessage('ADMIN_LOGIN_ALREADY_REG');
-				} else {
-					// Any other kind will be logged and interpreted as 'done'
-					logDebugMessage(__FILE__, __LINE__, sprintf("Unknown return code %s from ifAdminLoginDataIsValid() and interpreted as 'done'!", $ret));
-					// @TODO Why is this set to 'done'?
-					$ret = 'done';
-				}
-
-				// Admin still not registered?
-				if (!isAdminRegistered()) {
-					// Write to config that registration is done
-					changeDataInFile(getConfig('CACHE_PATH') . 'config-local.php', 'ADMIN-SETUP', "setConfigEntry('ADMIN_REGISTERED', '", "');", 'Y', 0);
+			case 'already': // Admin does already exists!
+				$ret = getMessage('ADMIN_LOGIN_ALREADY_REG');
+				break;
 
-					// Load URL for login
-					redirectToUrl('admin.php');
-				} // END - if
+			default:
+				// Any other kind will be logged
+				logDebugMessage(__FILE__, __LINE__, sprintf("Unknown return code %s from ifAdminLoginDataIsValid().", $ret));
 				break;
 		} // END - switch
-	}
+	} // END - if
 
 	// Whas that action okay?
 	if ($ret != 'done') {
-		// Fixes another notice
+		// Init login name
 		$content['login'] = '';
 		if (isPostRequestElementSet('login')) {
 			$content['login'] = postRequestElement('login');
@@ -117,28 +104,41 @@ if (!isAdminRegistered()) {
 
 		// Init array elements
 		$content['login_message']   = '';
-		$content['pass_message']    = '';
+		$content['pass1_message']    = '';
+		$content['pass2_message']    = '';
 
 		// Yet-another notice-fix
 		if ((isFormSent()) && (postRequestElement('ok') == '***')) {
+			// Init variables
+			$loginMessage = '';
+			$pass1Message = '';
+			$pass2Message = '';
+
 			// No login entered?
-			if (!isPostRequestElementSet('login')) $loginMessage = getMessage('ADMIN_NO_LOGIN');
+			if (empty($content['login'])) $loginMessage = getMessage('ADMIN_NO_LOGIN');
 
 			// An error comes back from registration?
-			if (!empty($ret)) $loginMessage = $ret;
+			if ((!empty($ret)) && ($ret != 'init')) $loginMessage = $ret;
 
-			// No password entered?
-			if (!isPostRequestElementSet('pass')) $passwdMessage = getMessage('ADMIN_NO_PASS');
+			// No password 1 entered or to short?
+			if (!isPostRequestElementSet('pass1')) $pass1Message = getMessage('ADMIN_NO_PASS1');
+			 elseif (strlen(postRequestElement('pass1')) < 4) $pass1Message = getMessage('ADMIN_SHORT_PASS1');
 
-			// Or password too short?
-			if (strlen(postRequestElement('pass')) < 4) $passwdMessage = getMessage('ADMIN_SHORT_PASS');
+			// No password 2 entered or to short?
+			if (!isPostRequestElementSet('pass2')) $pass2Message = getMessage('ADMIN_NO_PASS2');
+			 elseif (strlen(postRequestElement('pass2')) < 4) $pass2Message = getMessage('ADMIN_SHORT_PASS2');
+
+			// Both didn't match?
+			if (postRequestElement('pass1') != postRequestElement('pass2')) {
+				// No match
+				if (empty($pass1Message)) $pass1Message = getMessage('ADMIN_PASS1_MISMATCH');
+				if (empty($pass2Message)) $pass2Message = getMessage('ADMIN_PASS2_MISMATCH');
+			} // END - if
 
 			// Output error messages
 			$content['login_message'] = loadTemplate('admin_login_msg', true, $loginMessage);
-			$content['pass_message']  = loadTemplate('admin_login_msg', true, $passwdMessage);
-
-			// Reset variables
-			$loginMessage = ''; $passwdMessage = '';
+			$content['pass1_message'] = loadTemplate('admin_login_msg', true, $pass1Message);
+			$content['pass2_message'] = loadTemplate('admin_login_msg', true, $pass2Message);
 		} // END - if
 
 		// Output message in seperate template
diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index dd3f27a8ee..2f2d9bb0fc 100644
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -59,6 +59,8 @@ function addAdminAccount ($user, $md5, $email) {
 				$md5,
 				$email
 			), __FUNCTION__, __LINE__);
+
+		// All done
 		$ret = 'done';
 	} // END - if
 
@@ -270,12 +272,6 @@ function doAdminAction () {
 	// Tableset header
 	loadTemplate('admin_main_header', false, $content);
 
-	// Is sql_patches not yet installed?
-	if (!isExtensionInstalled('sql_patches')) {
-		// Output warning
-		loadTemplate('admin_settings_saved', false, getMessage('ADMIN_WARNING_SQL_PATCHES_MISSING'));
-	} // END - if
-
 	// Check if action/what pair is valid
 	$result_action = SQL_QUERY_ESC("SELECT
 	`id`
@@ -295,7 +291,13 @@ WHERE
 		)
 	)
 LIMIT 1",
-		array($action, $what, $what), __FUNCTION__, __LINE__);
+		array(
+			$action,
+			$what,
+			$what
+		), __FUNCTION__, __LINE__);
+
+	// Do we have an entry?
 	if (SQL_NUMROWS($result_action) == 1) {
 		// Is valid but does the inlcude file exists?
 		$inc = sprintf("inc/modules/admin/action-%s.php", $action);
diff --git a/inc/modules/admin/what-overview.php b/inc/modules/admin/what-overview.php
index 59c55b245f..6f9fee94ba 100644
--- a/inc/modules/admin/what-overview.php
+++ b/inc/modules/admin/what-overview.php
@@ -39,12 +39,18 @@
 // Some security stuff...
 if ((!defined('__SECURITY')) || (!isAdmin())) {
 	die();
-}
+} // END - if
 
 // Add description as navigation point
 // In Opera browsers the menu is being displayed double: addMenuDescription('admin', __FILE__);
 
-// Otherwise load include file 'overview-inc' (old standard overview page)
+// Is sql_patches not yet installed?
+if (!isExtensionInstalled('sql_patches')) {
+	// Output warning
+	loadTemplate('admin_settings_saved', false, getMessage('ADMIN_WARNING_SQL_PATCHES_MISSING'));
+} // END - if
+
+ // Load include file 'overview-inc' (old standard overview page)
 loadIncludeOnce('inc/modules/admin/overview-inc.php');
 
 $jobsDone = true;
diff --git a/templates/de/html/admin/admin_reg_form.tpl b/templates/de/html/admin/admin_reg_form.tpl
index b6190f306d..d9c3a4a2eb 100644
--- a/templates/de/html/admin/admin_reg_form.tpl
+++ b/templates/de/html/admin/admin_reg_form.tpl
@@ -2,42 +2,37 @@
 <form accept-charset="utf-8" action="{?URL?}/modules.php?module=admin" method="post">
 <table border="0" cellspacing="0" cellpadding="0" class="admin_table dashed">
 	<tr>
-		<td colspan="2" align="center" class="admin_title">
+		<td colspan="2" align="center" class="admin_title bottom2" height="29">
 			<strong>{--ADMIN_REGISTER_NOW--}</strong>
 		</td>
 	</tr>
 	<tr>
-		<td colspan="2" height="14" class="seperator">&nbsp;</td>
-	</tr>
-	<tr>
-		<td align="right">{--ADMIN_LOGIN--}:&nbsp;&nbsp;</td>
-		<td>
-			<input type="text" name="login" size="10" maxlength="100" class="admin_normal" value="$content[login]" />
+		<td width="50%" align="right">{--ADMIN_REG_LOGIN--}:</td>
+		<td width="50%">
+			<input type="text" class="admin_normal" name="login" size="10" maxlength="100" value="$content[login]" />
 		</td>
 	</tr>
 	$content[login_message]
 	<tr>
-		<td colspan="2" height="14" class="seperator">&nbsp;</td>
-	</tr>
-	<tr>
-		<td align="right">{--ADMIN_PASS--}:&nbsp;&nbsp;</td>
-		<td>
-			<input type="password" class="admin_normal" name="pass" size="10" maxlength="100" />
+		<td width="50%" align="right">{--ADMIN_REG_PASS1--}:</td>
+		<td width="50%">
+			<input type="password" class="admin_normal" name="pass1" size="5" maxlength="255" />
 		</td>
 	</tr>
-	$content[pass_message]
+	$content[pass1_message]
 	<tr>
-		<td colspan="2" height="14" class="seperator">&nbsp;</td>
+		<td width="50%" align="right">{--ADMIN_REG_PASS2--}:</td>
+		<td width="50%">
+			<input type="password" class="admin_normal" name="pass2" size="5" maxlength="255" />
+		</td>
 	</tr>
+	$content[pass2_message]
 	<tr>
-		<td align="center" colspan="2">
+		<td align="center" colspan="2" class="admin_footer top2">
 			<input type="reset" class="admin_reset" value="{--CLEAR_FORM--}" />
 			<input type="submit" class="admin_submit submit" name="ok" value="{--ADMIN_REG_SUBMIT--}" />
 		</td>
 	</tr>
-	<tr>
-		<td colspan="2" height="14" class="seperator">&nbsp;</td>
-	</tr>
 </table>
 </form>
 </div>
-- 
2.30.2


+		{--ADMIN_REGISTER_NOW--}

{--ADMIN_LOGIN--}:	- +	{--ADMIN_REG_LOGIN--}:	+

{--ADMIN_PASS--}:	- +	{--ADMIN_REG_PASS1--}:	+
		{--ADMIN_REG_PASS2--}:	+ +
+