private function _adminAccess()
{
require BASE_DIR . BACKEND_DIR . 'db.php';
if (!isset($_REQUEST['username'])) {
return false;
}
if (!isset($_REQUEST['password'])) {
return false;
}
//check log in
if (isset($_REQUEST['username']) && isset($_REQUEST['password'])) {
if (\Backend\Db::incorrectLoginCount($_REQUEST['username'] . '(' . $_SERVER['REMOTE_ADDR'] . ')') > 2) {
\Backend\Db::log('system', 'backend login suspended (menu management)', $_REQUEST['username'] . '(' . $_SERVER['REMOTE_ADDR'] . ')', 2);
return false;
} else {
$id = \Backend\Db::userId($_REQUEST['username'], $_REQUEST['password']);
if ($id !== false) {
$module = \Db::getModule(null, $groupName = 'standard', $moduleName = 'menu_management');
if (\Backend\Db::allowedModule($moduleId = $module['id'], $userId = $id)) {
\Backend\Db::log('system', 'backend login (menu management)', $_REQUEST['username'] . ' (' . $_SERVER['REMOTE_ADDR'] . ')', 0);
return true;
} else {
\Backend\Db::log('system', 'this user is not allowed to access menu management module', $_REQUEST['username'] . '(' . $_SERVER['REMOTE_ADDR'] . ')', 1);
return false;
}
} else {
\Backend\Db::log('system', 'backend login incorrect (menu management)', $_REQUEST['username'] . '(' . $_SERVER['REMOTE_ADDR'] . ')', 1);
return false;
}
}
}
//check log in
return false;
}
/**
* Output management tools
*
* @access public
* @return string Option
*/
function manage()
{
global $parametersMod;
//log off
if (isset($_REQUEST['action']) && $_REQUEST['action'] == "logout" && !isset($_REQUEST['module_id'])) {
$this->session->logout();
$this->html->headerModules();
$this->html->html('<script type="text/javascript">window.top.location=\'admin.php\';</script>');
$this->deleteTmpFiles();
$this->html->footer();
$this->html->send();
\db::disconnect();
exit;
}
//eof log off
//log in
if (isset($_REQUEST['action']) && isset($_REQUEST['f_name']) && isset($_REQUEST['f_pass']) && $_REQUEST['action'] == "login" && !isset($_REQUEST['module_id'])) {
if (\Backend\Db::incorrectLoginCount($_REQUEST['f_name'] . '(' . $_SERVER['REMOTE_ADDR'] . ')') > 2) {
$this->loginError = $parametersMod->getValue('standard', 'configuration', 'system_translations', 'login_suspended');
\Backend\Db::log('system', 'backend login suspended', $_REQUEST['f_name'] . '(' . $_SERVER['REMOTE_ADDR'] . ')', 2);
} else {
$id = \Backend\Db::userId($_REQUEST['f_name'], $_REQUEST['f_pass']);
if ($id !== false) {
$this->session->login($id);
\Backend\Db::log('system', 'backend login', $_REQUEST['f_name'] . ' (' . $_SERVER['REMOTE_ADDR'] . ')', 0);
header("location:ip_backend_frames.php");
} else {
$this->loginError = $parametersMod->getValue('standard', 'configuration', 'system_translations', 'login_incorrect');
\Backend\Db::log('system', 'backend login incorrect', $_REQUEST['f_name'] . '(' . $_SERVER['REMOTE_ADDR'] . ')', 1);
}
}
}
//eof log in
if ($this->session->loggedIn()) {
//login check
//create module
if (isset($_GET['module_id']) && $_GET['module_id'] != '' && \Backend\Db::allowedModule($_GET['module_id'], $this->session->userId())) {
/*new module*/
$newModule = \Db::getModule($_GET['module_id']);
if ($newModule['core']) {
require MODULE_DIR . $newModule['g_name'] . '/' . $newModule['m_name'] . '/manager.php';
} else {
require PLUGIN_DIR . $newModule['g_name'] . '/' . $newModule['m_name'] . '/manager.php';
}
$this->curModId = $newModule['id'];
eval('$this->module = new \\Modules\\' . $newModule['g_name'] . '\\' . $newModule['m_name'] . '\\Manager();');
} else {
if (isset($_GET['action']) && $_GET['action'] == 'first_module') {
/*first module*/
$newModule = \Backend\Db::firstAllowedModule($this->session->userId());
if ($newModule != false) {
$this->curModId = $newModule['id'];
if ($newModule['core']) {
require MODULE_DIR . $newModule['g_name'] . '/' . $newModule['m_name'] . '/manager.php';
} else {
require PLUGIN_DIR . $newModule['g_name'] . '/' . $newModule['m_name'] . '/manager.php';
}
eval('$this->module = new \\Modules\\' . $newModule['g_name'] . '\\' . $newModule['m_name'] . '\\Manager();');
}
} elseif (isset($_GET['action']) && ($_GET['action'] = 'ping')) {
$this->html->html('');
} elseif (!isset($_GET['action'])) {
$this->html->html('<html><body><script type="text/javascript">parent.window.top.location=\'ip_backend_frames.php\';</script></body></html>');
}
}
//eof create module
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'tep_modules') {
$this->html->headerModules();
$this->html->modules(\Backend\Db::modules(true, $this->session->userId()));
$this->html->footer();
} else {
if ($this->module) {
$this->html->html($this->module->manage());
}
}
} else {
if (strpos(BASE_URL, $_SERVER['HTTP_HOST']) != 7 && strpos(BASE_URL, $_SERVER['HTTP_HOST']) != 8) {
/*check if we are in correct subdomain. www.yoursite.com not allways equal to yoursite.com from session perspective)*/
header("location: " . BASE_URL . "admin.php");
\db::disconnect();
exit;
}
$this->html->headerLogin();
$this->html->html('<script type="text/javascript">if(parent.header && parent.content)parent.window.top.location=\'admin.php\';</script>');
$this->html->loginForm($this->loginError);
//login window
$this->html->footer();
}
$this->html->send();
}