| [ Index ] |
|
Code source de Joomla 1.0.13 |
1 <?php 2 /** 3 * @version $Id: joomla.php 8078 2007-07-19 06:45:54Z robs $ 4 * @package Joomla 5 * @copyright Copyright (C) 2005 Open Source Matters. All rights reserved. 6 * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php 7 * Joomla! is free software. This version may have been modified pursuant 8 * to the GNU General Public License, and as distributed it includes or 9 * is derivative of works licensed under the GNU General Public License or 10 * other free or open source software licenses. 11 * See COPYRIGHT.php for copyright notices and details. 12 */ 13 14 // no direct access 15 defined( '_VALID_MOS' ) or die( 'Restricted access' ); 16 define( '_MOS_MAMBO_INCLUDED', 1 ); 17 18 /** 19 * Page generation time 20 * @package Joomla 21 */ 22 class mosProfiler { 23 /** @var int Start time stamp */ 24 var $start=0; 25 /** @var string A prefix for mark messages */ 26 var $prefix=''; 27 28 /** 29 * Constructor 30 * @param string A prefix for mark messages 31 */ 32 function mosProfiler( $prefix='' ) { 33 $this->start = $this->getmicrotime(); 34 $this->prefix = $prefix; 35 } 36 37 /** 38 * @return string A format message of the elapsed time 39 */ 40 function mark( $label ) { 41 return sprintf ( "\n<div class=\"profiler\">$this->prefix %.3f $label</div>", $this->getmicrotime() - $this->start ); 42 } 43 44 /** 45 * @return float The current time in milliseconds 46 */ 47 function getmicrotime(){ 48 list($usec, $sec) = explode(" ",microtime()); 49 return ((float)$usec + (float)$sec); 50 } 51 } 52 53 if (phpversion() < '4.2.0') { 54 require_once( dirname( __FILE__ ) . '/compat.php41x.php' ); 55 } 56 if (phpversion() < '4.3.0') { 57 require_once( dirname( __FILE__ ) . '/compat.php42x.php' ); 58 } 59 if (version_compare( phpversion(), '5.0' ) < 0) { 60 require_once( dirname( __FILE__ ) . '/compat.php50x.php' ); 61 } 62 63 @set_magic_quotes_runtime( 0 ); 64 65 if ( @$mosConfig_error_reporting === 0 || @$mosConfig_error_reporting === '0' ) { 66 error_reporting( 0 ); 67 } else if (@$mosConfig_error_reporting > 0) { 68 error_reporting( $mosConfig_error_reporting ); 69 } 70 71 require_once ( $mosConfig_absolute_path . '/includes/version.php' ); 72 require_once ( $mosConfig_absolute_path . '/includes/database.php' ); 73 require_once ( $mosConfig_absolute_path . '/includes/gacl.class.php' ); 74 require_once ( $mosConfig_absolute_path . '/includes/gacl_api.class.php' ); 75 require_once ( $mosConfig_absolute_path . '/includes/phpmailer/class.phpmailer.php' ); 76 require_once ( $mosConfig_absolute_path . '/includes/joomla.xml.php' ); 77 require_once ( $mosConfig_absolute_path . '/includes/phpInputFilter/class.inputfilter.php' ); 78 79 $database = new database( $mosConfig_host, $mosConfig_user, $mosConfig_password, $mosConfig_db, $mosConfig_dbprefix ); 80 if ($database->getErrorNum()) { 81 $mosSystemError = $database->getErrorNum(); 82 $basePath = dirname( __FILE__ ); 83 include $basePath . '/../configuration.php'; 84 include $basePath . '/../offline.php'; 85 exit(); 86 } 87 $database->debug( $mosConfig_debug ); 88 $acl = new gacl_api(); 89 90 // platform neurtral url handling 91 if ( isset( $_SERVER['REQUEST_URI'] ) ) { 92 $request_uri = $_SERVER['REQUEST_URI']; 93 } else { 94 $request_uri = $_SERVER['SCRIPT_NAME']; 95 // Append the query string if it exists and isn't null 96 if ( isset( $_SERVER['QUERY_STRING'] ) && !empty( $_SERVER['QUERY_STRING'] ) ) { 97 $request_uri .= '?' . $_SERVER['QUERY_STRING']; 98 } 99 } 100 $_SERVER['REQUEST_URI'] = $request_uri; 101 102 // current server time 103 $now = date( 'Y-m-d H:i', time() ); 104 DEFINE( '_CURRENT_SERVER_TIME', $now ); 105 DEFINE( '_CURRENT_SERVER_TIME_FORMAT', '%Y-%m-%d %H:%M:%S' ); 106 107 // Non http/https URL Schemes 108 $url_schemes = 'data:, file:, ftp:, gopher:, imap:, ldap:, mailto:, news:, nntp:, telnet:, javascript:, irc:, mms:'; 109 DEFINE( '_URL_SCHEMES', $url_schemes ); 110 111 // disable strict mode in MySQL 5 112 if (!defined( '_JOS_SET_SQLMODE' )) { 113 /** ensure that functions are declared only once */ 114 define( '_JOS_SET_SQLMODE', 1 ); 115 116 // if running mysql 5, set sql-mode to mysql40 - thereby circumventing strict mode problems 117 if ( strpos( $database->getVersion(), '5' ) === 0 ) { 118 $query = "SET sql_mode = 'MYSQL40'"; 119 $database->setQuery( $query ); 120 $database->query(); 121 } 122 } 123 124 /** 125 * @package Joomla 126 * @abstract 127 */ 128 class mosAbstractLog { 129 /** @var array */ 130 var $_log = null; 131 132 /** 133 * Constructor 134 */ 135 function mosAbstractLog() { 136 $this->__constructor(); 137 } 138 139 /** 140 * Generic constructor 141 */ 142 function __constructor() { 143 $this->_log = array(); 144 } 145 146 /** 147 * @param string Log message 148 * @param boolean True to append to last message 149 */ 150 function log( $text, $append=false ) { 151 $n = count( $this->_log ); 152 if ($append && $n > 0) { 153 $this->_log[count( $this->_log )-1] .= $text; 154 } else { 155 $this->_log[] = $text; 156 } 157 } 158 159 /** 160 * @param string The glue for each log item 161 * @return string Returns the log 162 */ 163 function getLog( $glue='<br/>', $truncate=9000, $htmlSafe=false ) { 164 $logs = array(); 165 foreach ($this->_log as $log) { 166 if ($htmlSafe) { 167 $log = htmlspecialchars( $log ); 168 } 169 $logs[] = substr( $log, 0, $truncate ); 170 } 171 return implode( $glue, $logs ); 172 } 173 } 174 175 /** 176 * Task routing class 177 * @package Joomla 178 * @abstract 179 */ 180 class mosAbstractTasker { 181 /** @var array An array of the class methods to call for a task */ 182 var $_taskMap = null; 183 /** @var string The name of the current task*/ 184 var $_task = null; 185 /** @var array An array of the class methods*/ 186 var $_methods = null; 187 /** @var string A url to redirect to */ 188 var $_redirect = null; 189 /** @var string A message about the operation of the task */ 190 var $_message = null; 191 192 // action based access control 193 194 /** @var string The ACO Section */ 195 var $_acoSection = null; 196 /** @var string The ACO Section value */ 197 var $_acoSectionValue = null; 198 199 /** 200 * Constructor 201 * @param string Set the default task 202 */ 203 function mosAbstractTasker( $default='' ) { 204 $this->_taskMap = array(); 205 $this->_methods = array(); 206 foreach (get_class_methods( get_class( $this ) ) as $method) { 207 if (substr( $method, 0, 1 ) != '_') { 208 $this->_methods[] = strtolower( $method ); 209 // auto register public methods as tasks 210 $this->_taskMap[strtolower( $method )] = $method; 211 } 212 } 213 $this->_redirect = ''; 214 $this->_message = ''; 215 if ($default) { 216 $this->registerDefaultTask( $default ); 217 } 218 } 219 220 /** 221 * Sets the access control levels 222 * @param string The ACO section (eg, the component) 223 * @param string The ACO section value (if using a constant value) 224 */ 225 function setAccessControl( $section, $value=null ) { 226 $this->_acoSection = $section; 227 $this->_acoSectionValue = $value; 228 } 229 /** 230 * Access control check 231 */ 232 function accessCheck( $task ) { 233 global $acl, $my; 234 235 // only check if the derived class has set these values 236 if ($this->_acoSection) { 237 // ensure user has access to this function 238 if ($this->_acoSectionValue) { 239 // use a 'constant' task for this task handler 240 $task = $this->_acoSectionValue; 241 } 242 return $acl->acl_check( $this->_acoSection, $task, 'users', $my->usertype ); 243 } else { 244 return true; 245 } 246 } 247 248 /** 249 * Set a URL to redirect the browser to 250 * @param string A URL 251 */ 252 function setRedirect( $url, $msg = null ) { 253 $this->_redirect = $url; 254 if ($msg !== null) { 255 $this->_message = $msg; 256 } 257 } 258 /** 259 * Redirects the browser 260 */ 261 function redirect() { 262 if ($this->_redirect) { 263 mosRedirect( $this->_redirect, $this->_message ); 264 } 265 } 266 /** 267 * Register (map) a task to a method in the class 268 * @param string The task 269 * @param string The name of the method in the derived class to perform for this task 270 */ 271 function registerTask( $task, $method ) { 272 if (in_array( strtolower( $method ), $this->_methods )) { 273 $this->_taskMap[strtolower( $task )] = $method; 274 } else { 275 $this->methodNotFound( $method ); 276 } 277 } 278 /** 279 * Register the default task to perfrom if a mapping is not found 280 * @param string The name of the method in the derived class to perform if the task is not found 281 */ 282 function registerDefaultTask( $method ) { 283 $this->registerTask( '__default', $method ); 284 } 285 /** 286 * Perform a task by triggering a method in the derived class 287 * @param string The task to perform 288 * @return mixed The value returned by the function 289 */ 290 function performTask( $task ) { 291 $this->_task = $task; 292 293 $task = strtolower( $task ); 294 if (isset( $this->_taskMap[$task] )) { 295 $doTask = $this->_taskMap[$task]; 296 } else if (isset( $this->_taskMap['__default'] )) { 297 $doTask = $this->_taskMap['__default']; 298 } else { 299 return $this->taskNotFound( $this->_task ); 300 } 301 302 if ($this->accessCheck( $doTask )) { 303 return call_user_func( array( &$this, $doTask ) ); 304 } else { 305 return $this->notAllowed( $task ); 306 } 307 } 308 /** 309 * Get the last task that was to be performed 310 * @return string The task that was or is being performed 311 */ 312 function getTask() { 313 return $this->_task; 314 } 315 /** 316 * Basic method if the task is not found 317 * @param string The task 318 * @return null 319 */ 320 function taskNotFound( $task ) { 321 echo 'Task ' . $task . ' not found'; 322 return null; 323 } 324 /** 325 * Basic method if the registered method is not found 326 * @param string The name of the method in the derived class 327 * @return null 328 */ 329 function methodNotFound( $name ) { 330 echo 'Method ' . $name . ' not found'; 331 return null; 332 } 333 /** 334 * Basic method if access is not permitted to the task 335 * @param string The name of the method in the derived class 336 * @return null 337 */ 338 function notAllowed( $name ) { 339 echo _NOT_AUTH; 340 341 return null; 342 } 343 } 344 /** 345 * Class to support function caching 346 * @package Joomla 347 */ 348 class mosCache { 349 /** 350 * @return object A function cache object 351 */ 352 function &getCache( $group='' ) { 353 global $mosConfig_absolute_path, $mosConfig_caching, $mosConfig_cachepath, $mosConfig_cachetime; 354 355 require_once ( $mosConfig_absolute_path . '/includes/joomla.cache.php' ); 356 357 $options = array( 358 'cacheDir' => $mosConfig_cachepath . '/', 359 'caching' => $mosConfig_caching, 360 'defaultGroup' => $group, 361 'lifeTime' => $mosConfig_cachetime 362 ); 363 $cache = new JCache_Lite_Function( $options ); 364 return $cache; 365 } 366 /** 367 * Cleans the cache 368 */ 369 function cleanCache( $group=false ) { 370 global $mosConfig_caching; 371 if ($mosConfig_caching) { 372 $cache =& mosCache::getCache( $group ); 373 $cache->clean( $group ); 374 } 375 } 376 } 377 /** 378 * Joomla! Mainframe class 379 * 380 * Provide many supporting API functions 381 * @package Joomla 382 */ 383 class mosMainFrame { 384 /** @var database Internal database class pointer */ 385 var $_db = null; 386 /** @var object An object of configuration variables */ 387 var $_config = null; 388 /** @var object An object of path variables */ 389 var $_path = null; 390 /** @var mosSession The current session */ 391 var $_session = null; 392 /** @var string The current template */ 393 var $_template = null; 394 /** @var array An array to hold global user state within a session */ 395 var $_userstate = null; 396 /** @var array An array of page meta information */ 397 var $_head = null; 398 /** @var string Custom html string to append to the pathway */ 399 var $_custom_pathway = null; 400 /** @var boolean True if in the admin client */ 401 var $_isAdmin = false; 402 403 404 /** 405 * Class constructor 406 * @param database A database connection object 407 * @param string The url option 408 * @param string The path of the mos directory 409 */ 410 function mosMainFrame( &$db, $option, $basePath, $isAdmin=false ) { 411 $this->_db =& $db; 412 413 // load the configuration values 414 $this->_setTemplate( $isAdmin ); 415 $this->_setAdminPaths( $option, $this->getCfg( 'absolute_path' ) ); 416 if (isset( $_SESSION['session_userstate'] )) { 417 $this->_userstate =& $_SESSION['session_userstate']; 418 } else { 419 $this->_userstate = null; 420 } 421 $this->_head = array(); 422 $this->_head['title'] = $GLOBALS['mosConfig_sitename']; 423 $this->_head['meta'] = array(); 424 $this->_head['custom'] = array(); 425 426 //set the admin check 427 $this->_isAdmin = (boolean) $isAdmin; 428 429 $now = date( 'Y-m-d H:i:s', time() ); 430 $this->set( 'now', $now ); 431 } 432 433 /** 434 * Gets the id number for a client 435 * @param mixed A client identifier 436 */ 437 function getClientID( $client ) { 438 switch ($client) { 439 case '2': 440 case 'installation': 441 return 2; 442 break; 443 444 case '1': 445 case 'admin': 446 case 'administrator': 447 return 1; 448 break; 449 450 case '0': 451 case 'site': 452 case 'front': 453 default: 454 return 0; 455 break; 456 } 457 } 458 459 /** 460 * Gets the client name 461 * @param int The client identifier 462 * @return strint The text name of the client 463 */ 464 function getClientName( $client_id ) { 465 // do not translate 466 $clients = array( 'site', 'admin', 'installer' ); 467 return mosGetParam( $clients, $client_id, 'unknown' ); 468 } 469 470 /** 471 * Gets the base path for the client 472 * @param mixed A client identifier 473 * @param boolean True (default) to add traling slash 474 */ 475 function getBasePath( $client=0, $addTrailingSlash=true ) { 476 global $mosConfig_absolute_path; 477 478 switch ($client) { 479 case '0': 480 case 'site': 481 case 'front': 482 default: 483 return mosPathName( $mosConfig_absolute_path, $addTrailingSlash ); 484 break; 485 486 case '2': 487 case 'installation': 488 return mosPathName( $mosConfig_absolute_path . '/installation', $addTrailingSlash ); 489 break; 490 491 case '1': 492 case 'admin': 493 case 'administrator': 494 return mosPathName( $mosConfig_absolute_path . '/administrator', $addTrailingSlash ); 495 break; 496 497 } 498 } 499 500 /** 501 * @param string 502 */ 503 function setPageTitle( $title=null ) { 504 if (@$GLOBALS['mosConfig_pagetitles']) { 505 $title = trim( htmlspecialchars( $title ) ); 506 $title = stripslashes($title); 507 $this->_head['title'] = $title ? $GLOBALS['mosConfig_sitename'] . ' - '. $title : $GLOBALS['mosConfig_sitename']; 508 } 509 } 510 /** 511 * @param string The value of the name attibute 512 * @param string The value of the content attibute 513 * @param string Text to display before the tag 514 * @param string Text to display after the tag 515 */ 516 function addMetaTag( $name, $content, $prepend='', $append='' ) { 517 $name = trim( htmlspecialchars( $name ) ); 518 $content = trim( htmlspecialchars( $content ) ); 519 $prepend = trim( $prepend ); 520 $append = trim( $append ); 521 $this->_head['meta'][] = array( $name, $content, $prepend, $append ); 522 } 523 /** 524 * @param string The value of the name attibute 525 * @param string The value of the content attibute to append to the existing 526 * Tags ordered in with Site Keywords and Description first 527 */ 528 function appendMetaTag( $name, $content ) { 529 $name = trim( htmlspecialchars( $name ) ); 530 $n = count( $this->_head['meta'] ); 531 for ($i = 0; $i < $n; $i++) { 532 if ($this->_head['meta'][$i][0] == $name) { 533 $content = trim( htmlspecialchars( $content ) ); 534 if ( $content ) { 535 if ( !$this->_head['meta'][$i][1] ) { 536 $this->_head['meta'][$i][1] = $content ; 537 } else { 538 $this->_head['meta'][$i][1] = $content .', '. $this->_head['meta'][$i][1]; 539 } 540 } 541 return; 542 } 543 } 544 $this->addMetaTag( $name , $content ); 545 } 546 547 /** 548 * @param string The value of the name attibute 549 * @param string The value of the content attibute to append to the existing 550 */ 551 function prependMetaTag( $name, $content ) { 552 $name = trim( htmlspecialchars( $name ) ); 553 $n = count( $this->_head['meta'] ); 554 for ($i = 0; $i < $n; $i++) { 555 if ($this->_head['meta'][$i][0] == $name) { 556 $content = trim( htmlspecialchars( $content ) ); 557 $this->_head['meta'][$i][1] = $content . $this->_head['meta'][$i][1]; 558 return; 559 } 560 } 561 $this->addMetaTag( $name, $content ); 562 } 563 /** 564 * Adds a custom html string to the head block 565 * @param string The html to add to the head 566 */ 567 function addCustomHeadTag( $html ) { 568 $this->_head['custom'][] = trim( $html ); 569 } 570 /** 571 * @return string 572 */ 573 function getHead() { 574 $head = array(); 575 $head[] = '<title>' . $this->_head['title'] . '</title>'; 576 foreach ($this->_head['meta'] as $meta) { 577 if ($meta[2]) { 578 $head[] = $meta[2]; 579 } 580 $head[] = '<meta name="' . $meta[0] . '" content="' . $meta[1] . '" />'; 581 if ($meta[3]) { 582 $head[] = $meta[3]; 583 } 584 } 585 foreach ($this->_head['custom'] as $html) { 586 $head[] = $html; 587 } 588 return implode( "\n", $head ) . "\n"; 589 } 590 591 592 /** 593 * @return string 594 */ 595 function getPageTitle() { 596 return $this->_head['title']; 597 } 598 599 /** 600 * @return string 601 */ 602 function getCustomPathWay() { 603 return $this->_custom_pathway; 604 } 605 606 function appendPathWay( $html ) { 607 $this->_custom_pathway[] = $html; 608 } 609 610 /** 611 * Gets the value of a user state variable 612 * @param string The name of the variable 613 */ 614 function getUserState( $var_name ) { 615 if (is_array( $this->_userstate )) { 616 return mosGetParam( $this->_userstate, $var_name, null ); 617 } else { 618 return null; 619 } 620 } 621 /** 622 * Gets the value of a user state variable 623 * @param string The name of the user state variable 624 * @param string The name of the variable passed in a request 625 * @param string The default value for the variable if not found 626 */ 627 function getUserStateFromRequest( $var_name, $req_name, $var_default=null ) { 628 if (is_array( $this->_userstate )) { 629 if (isset( $_REQUEST[$req_name] )) { 630 $this->setUserState( $var_name, $_REQUEST[$req_name] ); 631 } else if (!isset( $this->_userstate[$var_name] )) { 632 $this->setUserState( $var_name, $var_default ); 633 } 634 635 // filter input 636 $iFilter = new InputFilter(); 637 $this->_userstate[$var_name] = $iFilter->process( $this->_userstate[$var_name] ); 638 639 return $this->_userstate[$var_name]; 640 } else { 641 return null; 642 } 643 } 644 /** 645 * Sets the value of a user state variable 646 * @param string The name of the variable 647 * @param string The value of the variable 648 */ 649 function setUserState( $var_name, $var_value ) { 650 if (is_array( $this->_userstate )) { 651 $this->_userstate[$var_name] = $var_value; 652 } 653 } 654 /** 655 * Initialises the user session 656 * 657 * Old sessions are flushed based on the configuration value for the cookie 658 * lifetime. If an existing session, then the last access time is updated. 659 * If a new session, a session id is generated and a record is created in 660 * the jos_sessions table. 661 */ 662 function initSession() { 663 // initailize session variables 664 $session =& $this->_session; 665 $session = new mosSession( $this->_db ); 666 667 // purge expired sessions 668 $session->purge('core'); 669 670 // Session Cookie `name` 671 $sessionCookieName = mosMainFrame::sessionCookieName(); 672 // Get Session Cookie `value` 673 $sessioncookie = strval( mosGetParam( $_COOKIE, $sessionCookieName, null ) ); 674 675 // Session ID / `value` 676 $sessionValueCheck = mosMainFrame::sessionCookieValue( $sessioncookie ); 677 678 // Check if existing session exists in db corresponding to Session cookie `value` 679 // extra check added in 1.0.8 to test sessioncookie value is of correct length 680 if ( $sessioncookie && strlen($sessioncookie) == 32 && $sessioncookie != '-' && $session->load($sessionValueCheck) ) { 681 // update time in session table 682 $session->time = time(); 683 $session->update(); 684 } else { 685 // Remember Me Cookie `name` 686 $remCookieName = mosMainFrame::remCookieName_User(); 687 688 // test if cookie found 689 $cookie_found = false; 690 if ( isset($_COOKIE[$sessionCookieName]) || isset($_COOKIE[$remCookieName]) || isset($_POST['force_session']) ) { 691 $cookie_found = true; 692 } 693 694 // check if neither remembermecookie or sessioncookie found 695 if (!$cookie_found) { 696 // create sessioncookie and set it to a test value set to expire on session end 697 setcookie( $sessionCookieName, '-', false, '/' ); 698 } else { 699 // otherwise, sessioncookie was found, but set to test val or the session expired, prepare for session registration and register the session 700 $url = strval( mosGetParam( $_SERVER, 'REQUEST_URI', null ) ); 701 // stop sessions being created for requests to syndicated feeds 702 if ( strpos( $url, 'option=com_rss' ) === false && strpos( $url, 'feed=' ) === false ) { 703 $session->guest = 1; 704 $session->username = ''; 705 $session->time = time(); 706 $session->gid = 0; 707 // Generate Session Cookie `value` 708 $session->generateId(); 709 710 if (!$session->insert()) { 711 die( $session->getError() ); 712 } 713 714 // create Session Tracking Cookie set to expire on session end 715 setcookie( $sessionCookieName, $session->getCookie(), false, '/' ); 716 } 717 } 718 719 // Cookie used by Remember me functionality 720 $remCookieValue = strval( mosGetParam( $_COOKIE, $remCookieName, null ) ); 721 722 // test if cookie is correct length 723 if ( strlen($remCookieValue) > 64 ) { 724 // Separate Values from Remember Me Cookie 725 $remUser = substr( $remCookieValue, 0, 32 ); 726 $remPass = substr( $remCookieValue, 32, 32 ); 727 $remID = intval( substr( $remCookieValue, 64 ) ); 728 729 // check if Remember me cookie exists. Login with usercookie info. 730 if ( strlen($remUser) == 32 && strlen($remPass) == 32 ) { 731 $this->login( $remUser, $remPass, 1, $remID ); 732 } 733 } 734 } 735 } 736 737 /* 738 * Function used to conduct admin session duties 739 * Added as of 1.0.8 740 * Deprecated 1.1 741 */ 742 function initSessionAdmin($option, $task) { 743 global $_VERSION, $mosConfig_admin_expired; 744 745 // logout check 746 if ($option == 'logout') { 747 require $GLOBALS['mosConfig_absolute_path'] .'/administrator/logout.php'; 748 exit(); 749 } 750 751 $site = $GLOBALS['mosConfig_live_site']; 752 753 // check if session name corresponds to correct format 754 if ( session_name() != md5( $site ) ) { 755 echo "<script>document.location.href='index.php'</script>\n"; 756 exit(); 757 } 758 759 // restore some session variables 760 $my = new mosUser( $this->_db ); 761 $my->id = intval( mosGetParam( $_SESSION, 'session_user_id', '' ) ); 762 $my->username = strval( mosGetParam( $_SESSION, 'session_username', '' ) ); 763 $my->usertype = strval( mosGetParam( $_SESSION, 'session_usertype', '' ) ); 764 $my->gid = intval( mosGetParam( $_SESSION, 'session_gid', '' ) ); 765 $my->params = mosGetParam( $_SESSION, 'session_user_params', '' ); 766 767 $session_id = mosGetParam( $_SESSION, 'session_id', '' ); 768 $logintime = mosGetParam( $_SESSION, 'session_logintime', '' ); 769 770 // check to see if session id corresponds with correct format 771 if ($session_id == md5( $my->id . $my->username . $my->usertype . $logintime )) { 772 // if task action is to `save` or `apply` complete action before doing session checks. 773 if ($task != 'save' && $task != 'apply') { 774 // test for session_life_admin 775 if ( @$GLOBALS['mosConfig_session_life_admin'] ) { 776 $session_life_admin = $GLOBALS['mosConfig_session_life_admin']; 777 } else { 778 $session_life_admin = 1800; 779 } 780 781 // purge expired admin sessions only 782 $past = time() - $session_life_admin; 783 $query = "DELETE FROM #__session" 784 . "\n WHERE time < '" . (int) $past . "'" 785 . "\n AND guest = 1" 786 . "\n AND gid = 0" 787 . "\n AND userid <> 0" 788 ; 789 $this->_db->setQuery( $query ); 790 $this->_db->query(); 791 792 // destroy the old session 793 $oldSession = $_SESSION; 794 session_destroy(); 795 796 // create a clean session 797 $current_time = time(); 798 $new_session_id = md5( $my->id . $my->username . $my->usertype . $current_time ); 799 session_id($new_session_id); 800 session_start(); 801 802 // restore the old session state with a new id 803 $_SESSION = $oldSession; 804 $_SESSION['session_id'] = $new_session_id; 805 $_SESSION['session_logintime'] = $current_time; 806 807 // update session timestamp 808 $query = "UPDATE #__session" 809 . "\n SET time = " . $this->_db->Quote( $current_time ) 810 . "\n , session_id = " . $this->_db->Quote( $new_session_id ) 811 . "\n WHERE session_id = " . $this->_db->Quote( $session_id ) 812 ; 813 $this->_db->setQuery( $query ); 814 $this->_db->query(); 815 816 // set garbage cleaning timeout 817 $this->setSessionGarbageClean(); 818 819 // check against db record of session 820 $query = "SELECT COUNT( session_id )" 821 . "\n FROM #__session" 822 . "\n WHERE session_id = " . $this->_db->Quote( $new_session_id ) 823 . "\n AND username = ". $this->_db->Quote( $my->username ) 824 . "\n AND userid = ". intval( $my->id ) 825 ; 826 $this->_db->setQuery( $query ); 827 $count = $this->_db->loadResult(); 828 829 // if no entry in session table that corresponds boot from admin area 830 if ( $count == 0 ) { 831 $link = NULL; 832 833 if ($_SERVER['QUERY_STRING']) { 834 $link = 'index2.php?'. $_SERVER['QUERY_STRING']; 835 } 836 837 // check if site designated as a production site 838 // for a demo site disallow expired page functionality 839 // link must also be a Joomla link to stop malicious redirection 840 if ( $link && strpos( $link, 'index2.php?option=com_' ) === 0 && $_VERSION->SITE == 1 && @$mosConfig_admin_expired === '1' ) { 841 $now = time(); 842 843 $file = $this->getPath( 'com_xml', 'com_users' ); 844 $params =& new mosParameters( $my->params, $file, 'component' ); 845 846 // return to expired page functionality 847 $params->set( 'expired', $link ); 848 $params->set( 'expired_time', $now ); 849 850 // param handling 851 if (is_array( $params->toArray() )) { 852 $txt = array(); 853 foreach ( $params->toArray() as $k=>$v) { 854 $txt[] = "$k=$v"; 855 } 856 $saveparams = implode( "\n", $txt ); 857 } 858 859 // save expired page info to user data 860 $query = "UPDATE #__users" 861 . "\n SET params = ". $this->_db->Quote( $saveparams ) 862 . "\n WHERE id = " . (int) $my->id 863 . "\n AND username = ". $this->_db->Quote( $my->username ) 864 . "\n AND usertype = ". $this->_db->Quote( $my->usertype ) 865 ; 866 $this->_db->setQuery( $query ); 867 $this->_db->query(); 868 } 869 870 echo "<script>document.location.href='index.php?mosmsg=Admin Session Expired'</script>\n"; 871 exit(); 872 } else { 873 // load variables into session, used to help secure /popups/ functionality 874 $_SESSION['option'] = $option; 875 $_SESSION['task'] = $task; 876 } 877 } 878 } else if ($session_id == '') { 879 // no session_id as user has not attempted to login, or session.auto_start is switched on 880 if (ini_get( 'session.auto_start' ) || !ini_get( 'session.use_cookies' )) { 881 echo "<script>document.location.href='index.php?mosmsg=You need to login. If PHP\'s session.auto_start setting is on or session.use_cookies setting is off, you may need to correct this before you will be able to login.'</script>\n"; 882 } else { 883 echo "<script>document.location.href='index.php?mosmsg=You need to login'</script>\n"; 884 } 885 exit(); 886 } else { 887 // session id does not correspond to required session format 888 echo "<script>document.location.href='index.php?mosmsg=Invalid Session'</script>\n"; 889 exit(); 890 } 891 892 return $my; 893 } 894 895 /* 896 * Function used to set Session Garbage Cleaning 897 * garbage cleaning set at configured session time + 600 seconds 898 * Added as of 1.0.8 899 * Deprecated 1.1 900 */ 901 function setSessionGarbageClean() { 902 /** ensure that funciton is only called once */ 903 if (!defined( '_JOS_GARBAGECLEAN' )) { 904 define( '_JOS_GARBAGECLEAN', 1 ); 905 906 $garbage_timeout = $this->getCfg('session_life_admin') + 600; 907 @ini_set('session.gc_maxlifetime', $garbage_timeout); 908 } 909 } 910 911 /* 912 * Static Function used to generate the Session Cookie Name 913 * Added as of 1.0.8 914 * Deprecated 1.1 915 */ 916 function sessionCookieName() { 917 global $mainframe, $mosConfig_live_site; 918 919 if( substr( $mosConfig_live_site, 0, 7 ) == 'http://' ) { 920 $hash = md5( 'site' . substr( $mosConfig_live_site, 7 ) ); 921 } elseif( substr( $mosConfig_live_site, 0, 8 ) == 'https://' ) { 922 $hash = md5( 'site' . substr( $mosConfig_live_site, 8 ) ); 923 } else { 924 $hash = md5( 'site' . $mainframe->getCfg( 'live_site' ) ); 925 } 926 927 return $hash; 928 } 929 930 /* 931 * Static Function used to generate the Session Cookie Value 932 * Added as of 1.0.8 933 * Deprecated 1.1 934 */ 935 function sessionCookieValue( $id=null ) { 936 global $mainframe; 937 938 $type = $mainframe->getCfg( 'session_type' ); 939 940 $browser = @$_SERVER['HTTP_USER_AGENT']; 941 942 switch ($type) { 943 case 2: 944 // 1.0.0 to 1.0.7 Compatibility 945 // lowest level security 946 $value = md5( $id . $_SERVER['REMOTE_ADDR'] ); 947 break; 948 949 case 1: 950 // slightly reduced security - 3rd level IP authentication for those behind IP Proxy 951 $remote_addr = explode('.',$_SERVER['REMOTE_ADDR']); 952 $ip = $remote_addr[0] .'.'. $remote_addr[1] .'.'. $remote_addr[2]; 953 $value = mosHash( $id . $ip . $browser ); 954 break; 955 956 default: 957 // Highest security level - new default for 1.0.8 and beyond 958 $ip = $_SERVER['REMOTE_ADDR']; 959 $value = mosHash( $id . $ip . $browser ); 960 break; 961 } 962 963 return $value; 964 } 965 966 /* 967 * Static Function used to generate the Rememeber Me Cookie Name for Username information 968 * Added as of 1.0.8 969 * Depreciated 1.1 970 */ 971 function remCookieName_User() { 972 $value = mosHash( 'remembermecookieusername'. mosMainFrame::sessionCookieName() ); 973 974 return $value; 975 } 976 977 /* 978 * Static Function used to generate the Rememeber Me Cookie Name for Password information 979 * Added as of 1.0.8 980 * Depreciated 1.1 981 */ 982 function remCookieName_Pass() { 983 $value = mosHash( 'remembermecookiepassword'. mosMainFrame::sessionCookieName() ); 984 985 return $value; 986 } 987 988 /* 989 * Static Function used to generate the Remember Me Cookie Value for Username information 990 * Added as of 1.0.8 991 * Depreciated 1.1 992 */ 993 function remCookieValue_User( $username ) { 994 $value = md5( $username . mosHash( @$_SERVER['HTTP_USER_AGENT'] ) ); 995 996 return $value; 997 } 998 999 /* 1000 * Static Function used to generate the Remember Me Cookie Value for Password information 1001 * Added as of 1.0.8 1002 * Depreciated 1.1 1003 */ 1004 function remCookieValue_Pass( $passwd ) { 1005 $value = md5( $passwd . mosHash( @$_SERVER['HTTP_USER_AGENT'] ) ); 1006 1007 return $value; 1008 } 1009 1010 /** 1011 * Login validation function 1012 * 1013 * Username and encoded password is compare to db entries in the jos_users 1014 * table. A successful validation updates the current session record with 1015 * the users details. 1016 */ 1017 function login( $username=null, $passwd=null, $remember=0, $userid=NULL ) { 1018 global $acl, $_VERSION; 1019 1020 $bypost = 0; 1021 $valid_remember = false; 1022 1023 // if no username and password passed from function, then function is being called from login module/component 1024 if (!$username || !$passwd) { 1025 $username = stripslashes( strval( mosGetParam( $_POST, 'username', '' ) ) ); 1026 $passwd = stripslashes( strval( mosGetParam( $_POST, 'passwd', '' ) ) ); 1027 1028 $bypost = 1; 1029 1030 // extra check to ensure that Joomla! sessioncookie exists 1031 if (!$this->_session->session_id) { 1032 mosErrorAlert( _ALERT_ENABLED ); 1033 return; 1034 } 1035 1036 josSpoofCheck(NULL,1); 1037 } 1038 1039 $row = null; 1040 if (!$username || !$passwd) { 1041 mosErrorAlert( _LOGIN_INCOMPLETE ); 1042 exit(); 1043 } else { 1044 if ( $remember && strlen($username) == 32 && $userid ) { 1045 // query used for remember me cookie 1046 $harden = mosHash( @$_SERVER['HTTP_USER_AGENT'] ); 1047 1048 $query = "SELECT id, name, username, password, usertype, block, gid" 1049 . "\n FROM #__users" 1050 . "\n WHERE id = " . (int) $userid 1051 ; 1052 $this->_db->setQuery( $query ); 1053 $this->_db->loadObject($user); 1054 1055 list($hash, $salt) = explode(':', $user->password); 1056 1057 $check_username = md5( $user->username . $harden ); 1058 $check_password = md5( $hash . $harden ); 1059 1060 if ( $check_username == $username && $check_password == $passwd ) { 1061 $row = $user; 1062 $valid_remember = true; 1063 } 1064 } else { 1065 // query used for login via login module 1066 $query = "SELECT id, name, username, password, usertype, block, gid" 1067 . "\n FROM #__users" 1068 . "\n WHERE username = ". $this->_db->Quote( $username ) 1069 ; 1070 1071 $this->_db->setQuery( $query ); 1072 $this->_db->loadObject( $row ); 1073 } 1074 1075 if (is_object($row)) { 1076 // user blocked from login 1077 if ($row->block == 1) { 1078 mosErrorAlert(_LOGIN_BLOCKED); 1079 } 1080 1081 if (!$valid_remember) { 1082 // Conversion to new type 1083 if ((strpos($row->password, ':') === false) && $row->password == md5($passwd)) { 1084 // Old password hash storage but authentic ... lets convert it 1085 $salt = mosMakePassword(16); 1086 $crypt = md5($passwd.$salt); 1087 $row->password = $crypt.':'.$salt; 1088 1089 // Now lets store it in the database 1090 $query = 'UPDATE #__users' 1091 . ' SET password = '.$this->_db->Quote($row->password) 1092 . ' WHERE id = '.(int)$row->id; 1093 $this->_db->setQuery($query); 1094 if (!$this->_db->query()) { 1095 // This is an error but not sure what to do with it ... we'll still work for now 1096 } 1097 } 1098 1099 list($hash, $salt) = explode(':', $row->password); 1100 $cryptpass = md5($passwd.$salt); 1101 if ($hash != $cryptpass) { 1102 if ( $bypost ) { 1103 mosErrorAlert(_LOGIN_INCORRECT); 1104 } else { 1105 $this->logout(); 1106 mosRedirect('index.php'); 1107 } 1108 exit(); 1109 } 1110 } 1111 1112 // fudge the group stuff 1113 $grp = $acl->getAroGroup( $row->id ); 1114 $row->gid = 1; 1115 if ($acl->is_group_child_of( $grp->name, 'Registered', 'ARO' ) || $acl->is_group_child_of( $grp->name, 'Public Backend', 'ARO' )) { 1116 // fudge Authors, Editors, Publishers and Super Administrators into the Special Group 1117 $row->gid = 2; 1118 } 1119 $row->usertype = $grp->name; 1120 1121 // initialize session data 1122 $session =& $this->_session; 1123 $session->guest = 0; 1124 $session->username = $row->username; 1125 $session->userid = intval( $row->id ); 1126 $session->usertype = $row->usertype; 1127 $session->gid = intval( $row->gid ); 1128 $session->update(); 1129 1130 // check to see if site is a production site 1131 // allows multiple logins with same user for a demo site 1132 if ( $_VERSION->SITE ) { 1133 // delete any old front sessions to stop duplicate sessions 1134 $query = "DELETE FROM #__session" 1135 . "\n WHERE session_id != ". $this->_db->Quote( $session->session_id ) 1136 . "\n AND username = ". $this->_db->Quote( $row->username ) 1137 . "\n AND userid = " . (int) $row->id 1138 . "\n AND gid = " . (int) $row->gid 1139 . "\n AND guest = 0" 1140 ; 1141 $this->_db->setQuery( $query ); 1142 $this->_db->query(); 1143 } 1144 1145 // update user visit data 1146 $currentDate = date("Y-m-d\TH:i:s"); 1147 1148 $query = "UPDATE #__users" 1149 . "\n SET lastvisitDate = ". $this->_db->Quote( $currentDate ) 1150 . "\n WHERE id = " . (int) $session->userid 1151 ; 1152 $this->_db->setQuery($query); 1153 if (!$this->_db->query()) { 1154 die($this->_db->stderr(true)); 1155 } 1156 1157 // set remember me cookie if selected 1158 $remember = strval( mosGetParam( $_POST, 'remember', '' ) ); 1159 if ( $remember == 'yes' ) { 1160 // cookie lifetime of 365 days 1161 $lifetime = time() + 365*24*60*60; 1162 $remCookieName = mosMainFrame::remCookieName_User(); 1163 $remCookieValue = mosMainFrame::remCookieValue_User( $row->username ) . mosMainFrame::remCookieValue_Pass( $hash ) . $row->id; 1164 setcookie( $remCookieName, $remCookieValue, $lifetime, '/' ); 1165 } 1166 mosCache::cleanCache(); 1167 } else { 1168 if ( $bypost ) { 1169 mosErrorAlert(_LOGIN_INCORRECT); 1170 } else { 1171 $this->logout(); 1172 mosRedirect('index.php'); 1173 } 1174 exit(); 1175 } 1176 } 1177 } 1178 1179 /** 1180 * User logout 1181 * 1182 * Reverts the current session record back to 'anonymous' parameters 1183 */ 1184 function logout() { 1185 mosCache::cleanCache(); 1186 1187 $session =& $this->_session; 1188 $session->guest = 1; 1189 $session->username = ''; 1190 $session->userid = ''; 1191 $session->usertype = ''; 1192 $session->gid = 0; 1193 1194 $session->update(); 1195 1196 // kill remember me cookie 1197 $lifetime = time() - 86400; 1198 $remCookieName = mosMainFrame::remCookieName_User(); 1199 setcookie( $remCookieName, ' ', $lifetime, '/' ); 1200 1201 @session_destroy(); 1202 } 1203 1204 /** 1205 * @return mosUser A user object with the information from the current session 1206 */ 1207 function getUser() { 1208 global $database; 1209 1210 $user = new mosUser( $this->_db ); 1211 1212 $user->id = intval( $this->_session->userid ); 1213 $user->username = $this->_session->username; 1214 $user->usertype = $this->_session->usertype; 1215 $user->gid = intval( $this->_session->gid ); 1216 1217 if ($user->id) { 1218 $query = "SELECT id, name, email, block, sendEmail, registerDate, lastvisitDate, activation, params" 1219 . "\n FROM #__users" 1220 . "\n WHERE id = " . (int) $user->id 1221 ; 1222 $database->setQuery( $query ); 1223 $database->loadObject( $my ); 1224 1225 $user->params = $my->params; 1226 $user->name = $my->name; 1227 $user->email = $my->email; 1228 $user->block = $my->block; 1229 $user->sendEmail = $my->sendEmail; 1230 $user->registerDate = $my->registerDate; 1231 $user->lastvisitDate = $my->lastvisitDate; 1232 $user->activation = $my->activation; 1233 } 1234 1235 return $user; 1236 } 1237 /** 1238 * @param string The name of the variable (from configuration.php) 1239 * @return mixed The value of the configuration variable or null if not found 1240 */ 1241 function getCfg( $varname ) { 1242 $varname = 'mosConfig_' . $varname; 1243 if (isset( $GLOBALS[$varname] )) { 1244 return $GLOBALS[$varname]; 1245 } else { 1246 return null; 1247 } 1248 } 1249 1250 function _setTemplate( $isAdmin=false ) { 1251 global $Itemid; 1252 $mosConfig_absolute_path = $this->getCfg( 'absolute_path' ); 1253 1254 if ($isAdmin) { 1255 $query = "SELECT template" 1256 . "\n FROM #__templates_menu" 1257 . "\n WHERE client_id = 1" 1258 . "\n AND menuid = 0" 1259 ; 1260 $this->_db->setQuery( $query ); 1261 $cur_template = $this->_db->loadResult(); 1262 $path = "$mosConfig_absolute_path/administrator/templates/$cur_template/index.php"; 1263 if (!file_exists( $path )) { 1264 $cur_template = 'joomla_admin'; 1265 } 1266 } else { 1267 $assigned = ( !empty( $Itemid ) ? " OR menuid = " . (int) $Itemid : '' ); 1268 1269 $query = "SELECT template" 1270 . "\n FROM #__templates_menu" 1271 . "\n WHERE client_id = 0" 1272 . "\n AND ( menuid = 0 $assigned )" 1273 . "\n ORDER BY menuid DESC" 1274 ; 1275 $this->_db->setQuery( $query, 0, 1 ); 1276 $cur_template = $this->_db->loadResult(); 1277 1278 // TemplateChooser Start 1279 $jos_user_template = strval( mosGetParam( $_COOKIE, 'jos_user_template', '' ) ); 1280 $jos_change_template = strval( mosGetParam( $_REQUEST, 'jos_change_template', $jos_user_template ) ); 1281 if ($jos_change_template) { 1282 // clean template name 1283 $jos_change_template = preg_replace( '#\W#', '', $jos_change_template ); 1284 if ( strlen( $jos_change_template ) >= 40 ) { 1285 $jos_change_template = substr($jos_change_template, 0 , 39); 1286 } 1287 1288 // check that template exists in case it was deleted 1289 if (file_exists( $mosConfig_absolute_path .'/templates/'. $jos_change_template .'/index.php' )) { 1290 $lifetime = 60*10; 1291 $cur_template = $jos_change_template; 1292 setcookie( 'jos_user_template', "$jos_change_template", time()+$lifetime); 1293 } else { 1294 setcookie( 'jos_user_template', '', time()-3600 ); 1295 } 1296 } 1297 // TemplateChooser End 1298 } 1299 1300 $this->_template = $cur_template; 1301 } 1302 1303 function getTemplate() { 1304 return $this->_template; 1305 } 1306 1307 /** 1308 * Determines the paths for including engine and menu files 1309 * @param string The current option used in the url 1310 * @param string The base path from which to load the configuration file 1311 */ 1312 function _setAdminPaths( $option, $basePath='.' ) { 1313 $option = strtolower( $option ); 1314 1315 $this->_path = new stdClass(); 1316 1317 // security check to disable use of `/`, `\\` and `:` in $options variable 1318 if (strpos($option, '/') !== false || strpos($option, '\\') !== false || strpos($option, ':') !== false) { 1319 mosErrorAlert( 'Restricted access' ); 1320 return; 1321 } 1322 1323 $prefix = substr( $option, 0, 4 ); 1324 if ($prefix != 'com_' && $prefix != 'mod_') { 1325 // ensure backward compatibility with existing links 1326 $name = $option; 1327 $option = "com_$option"; 1328 } else { 1329 $name = substr( $option, 4 ); 1330 } 1331 1332 // components 1333 if (file_exists( "$basePath/templates/$this->_template/components/$name.html.php" )) { 1334 $this->_path->front = "$basePath/components/$option/$name.php"; 1335 $this->_path->front_html = "$basePath/templates/$this->_template/components/$name.html.php"; 1336 } else if (file_exists( "$basePath/components/$option/$name.php" )) { 1337 $this->_path->front = "$basePath/components/$option/$name.php"; 1338 $this->_path->front_html = "$basePath/components/$option/$name.html.php"; 1339 } 1340 1341 if (file_exists( "$basePath/administrator/components/$option/admin.$name.php" )) { 1342 $this->_path->admin = "$basePath/administrator/components/$option/admin.$name.php"; 1343 $this->_path->admin_html = "$basePath/administrator/components/$option/admin.$name.html.php"; 1344 } 1345 1346 if (file_exists( "$basePath/administrator/components/$option/toolbar.$name.php" )) { 1347 $this->_path->toolbar = "$basePath/administrator/components/$option/toolbar.$name.php"; 1348 $this->_path->toolbar_html = "$basePath/administrator/components/$option/toolbar.$name.html.php"; 1349 $this->_path->toolbar_default = "$basePath/administrator/includes/toolbar.html.php"; 1350 } 1351 1352 if (file_exists( "$basePath/components/$option/$name.class.php" )) { 1353 $this->_path->class = "$basePath/components/$option/$name.class.php"; 1354 } else if (file_exists( "$basePath/administrator/components/$option/$name.class.php" )) { 1355 $this->_path->class = "$basePath/administrator/components/$option/$name.class.php"; 1356 } else if (file_exists( "$basePath/includes/$name.php" )) { 1357 $this->_path->class = "$basePath/includes/$name.php"; 1358 } 1359 1360 if ($prefix == 'mod_' && file_exists("$basePath/administrator/modules/$option.php")) { 1361 $this->_path->admin = "$basePath/administrator/modules/$option.php"; 1362 $this->_path->admin_html = "$basePath/administrator/modules/mod_$name.html.php"; 1363 } else if (file_exists("$basePath/administrator/components/$option/admin.$name.php" )) { 1364 $this->_path->admin = "$basePath/administrator/components/$option/admin.$name.php"; 1365 $this->_path->admin_html = "$basePath/administrator/components/$option/admin.$name.html.php"; 1366 } else { 1367 $this->_path->admin = "$basePath/administrator/components/com_admin/admin.admin.php"; 1368 $this->_path->admin_html = "$basePath/administrator/components/com_admin/admin.admin.html.php"; 1369 } 1370 } 1371 /** 1372 * Returns a stored path variable 1373 * 1374 */ 1375 function getPath( $varname, $option='' ) { 1376 global $mosConfig_absolute_path; 1377 if ($option) { 1378 $temp = $this->_path; 1379 $this->_setAdminPaths( $option, $this->getCfg( 'absolute_path' ) ); 1380 } 1381 $result = null; 1382 if (isset( $this->_path->$varname )) { 1383 $result = $this->_path->$varname; 1384 } else { 1385 switch ($varname) { 1386 case 'com_xml': 1387 $name = substr( $option, 4 ); 1388 $path = "$mosConfig_absolute_path/administrator/components/$option/$name.xml"; 1389 if (file_exists( $path )) { 1390 $result = $path; 1391 } else { 1392 $path = "$mosConfig_absolute_path/components/$option/$name.xml"; 1393 if (file_exists( $path )) { 1394 $result = $path; 1395 } 1396 } 1397 break; 1398 1399 case 'mod0_xml': 1400 // Site modules 1401 if ($option == '') { 1402 $path = $mosConfig_absolute_path . "/modules/custom.xml"; 1403 } else { 1404 $path = $mosConfig_absolute_path . "/modules/$option.xml"; 1405 } 1406 if (file_exists( $path )) { 1407 $result = $path; 1408 } 1409 break; 1410 1411 case 'mod1_xml': 1412 // admin modules 1413 if ($option == '') { 1414 $path = $mosConfig_absolute_path . '/administrator/modules/custom.xml'; 1415 } else { 1416 $path = $mosConfig_absolute_path . "/administrator/modules/$option.xml"; 1417 } 1418 if (file_exists( $path )) { 1419 $result = $path; 1420 } 1421 break; 1422 1423 case 'bot_xml': 1424 // Site mambots 1425 $path = $mosConfig_absolute_path . "/mambots/$option.xml"; 1426 if (file_exists( $path )) { 1427 $result = $path; 1428 } 1429 break; 1430 1431 case 'menu_xml': 1432 $path = $mosConfig_absolute_path . "/administrator/components/com_menus/$option/$option.xml"; 1433 if (file_exists( $path )) { 1434 $result = $path; 1435 } 1436 break; 1437 1438 case 'installer_html': 1439 $path = $mosConfig_absolute_path . "/administrator/components/com_installer/$option/$option.html.php"; 1440 if (file_exists( $path )) { 1441 $result = $path; 1442 } 1443 break; 1444 1445 case 'installer_class': 1446 $path = $mosConfig_absolute_path . "/administrator/components/com_installer/$option/$option.class.php"; 1447 if (file_exists( $path )) { 1448 $result = $path; 1449 } 1450 break; 1451 } 1452 } 1453 if ($option) { 1454 $this->_path = $temp; 1455 } 1456 return $result; 1457 } 1458 /** 1459 * Detects a 'visit' 1460 * 1461 * This function updates the agent and domain table hits for a particular 1462 * visitor. The user agent is recorded/incremented if this is the first visit. 1463 * A cookie is set to mark the first visit. 1464 */ 1465 function detect() { 1466 global $mosConfig_enable_stats; 1467 if ($mosConfig_enable_stats == 1) { 1468 if (mosGetParam( $_COOKIE, 'mosvisitor', 0 )) { 1469 return; 1470 } 1471 setcookie( 'mosvisitor', 1 ); 1472 1473 if (phpversion() <= '4.2.1') { 1474 $agent = getenv( 'HTTP_USER_AGENT' ); 1475 $domain = @gethostbyaddr( getenv( "REMOTE_ADDR" ) ); 1476 } else { 1477 if ( isset($_SERVER['HTTP_USER_AGENT']) ) { 1478 $agent = $_SERVER['HTTP_USER_AGENT']; 1479 } else { 1480 $agent = 'Unknown'; 1481 } 1482 1483 $domain = @gethostbyaddr( $_SERVER['REMOTE_ADDR'] ); 1484 } 1485 1486 $browser = mosGetBrowser( $agent ); 1487 1488 $query = "SELECT COUNT(*)" 1489 . "\n FROM #__stats_agents" 1490 . "\n WHERE agent = " . $this->_db->Quote( $browser ) 1491 . "\n AND type = 0" 1492 ; 1493 $this->_db->setQuery( $query ); 1494 if ($this->_db->loadResult()) { 1495 $query = "UPDATE #__stats_agents" 1496 . "\n SET hits = ( hits + 1 )" 1497 . "\n WHERE agent = " . $this->_db->Quote( $browser ) 1498 . "\n AND type = 0" 1499 ; 1500 $this->_db->setQuery( $query ); 1501 } else { 1502 $query = "INSERT INTO #__stats_agents" 1503 . "\n ( agent, type )" 1504 . "\n VALUES ( " . $this->_db->Quote( $browser ) . ", 0 )" 1505 ; 1506 $this->_db->setQuery( $query ); 1507 } 1508 $this->_db->query(); 1509 1510 $os = mosGetOS( $agent ); 1511 1512 $query = "SELECT COUNT(*)" 1513 . "\n FROM #__stats_agents" 1514 . "\n WHERE agent = " . $this->_db->Quote( $os ) 1515 . "\n AND type = 1" 1516 ; 1517 $this->_db->setQuery( $query ); 1518 if ($this->_db->loadResult()) { 1519 $query = "UPDATE #__stats_agents" 1520 . "\n SET hits = ( hits + 1 )" 1521 . "\n WHERE agent = " . $this->_db->Quote( $os ) 1522 . "\n AND type = 1" 1523 ; 1524 $this->_db->setQuery( $query ); 1525 } else { 1526 $query = "INSERT INTO #__stats_agents" 1527 . "\n ( agent, type )" 1528 . "\n VALUES ( " . $this->_db->Quote( $os ) . ", 1 )" 1529 ; 1530 $this->_db->setQuery( $query ); 1531 } 1532 $this->_db->query(); 1533 1534 // tease out the last element of the domain 1535 $tldomain = split( "\.", $domain ); 1536 $tldomain = $tldomain[count( $tldomain )-1]; 1537 1538 if (is_numeric( $tldomain )) { 1539 $tldomain = "Unknown"; 1540 } 1541 1542 $query = "SELECT COUNT(*)" 1543 . "\n FROM #__stats_agents" 1544 . "\n WHERE agent = " . $this->_db->Quote( $tldomain ) 1545 . "\n AND type = 2" 1546 ; 1547 $this->_db->setQuery( $query ); 1548 if ($this->_db->loadResult()) { 1549 $query = "UPDATE #__stats_agents" 1550 . "\n SET hits = ( hits + 1 )" 1551 . "\n WHERE agent = " . $this->_db->Quote( $tldomain ) 1552 . "\n AND type = 2" 1553 ; 1554 $this->_db->setQuery( $query ); 1555 } else { 1556 $query = "INSERT INTO #__stats_agents" 1557 . "\n ( agent, type )" 1558 . "\n VALUES ( " . $this->_db->Quote( $tldomain ) . ", 2 )" 1559 ; 1560 $this->_db->setQuery( $query ); 1561 } 1562 $this->_db->query(); 1563 } 1564 } 1565 1566 /** 1567 * @return correct Itemid for Content Item 1568 */ 1569 function getItemid( $id, $typed=1, $link=1, $bs=1, $bc=1, $gbs=1 ) { 1570 global $Itemid; 1571 1572 // getItemid compatibility mode, holds maintenance version number 1573 $compat = (int) $this->getCfg('itemid_compat'); 1574 $compat = ($compat == 0)? 12 : $compat; 1575 1576 $_Itemid = ''; 1577 1578 if ($_Itemid == '' && $typed && $this->getStaticContentCount()) { 1579 $exists = 0; 1580 foreach( $this->get( '_ContentTyped', array() ) as $key => $value ) { 1581 // check if id has been tested before, if it is pull from class variable store 1582 if ( $key == $id ) { 1583 $_Itemid = $value; 1584 $exists = 1; 1585 break; 1586 } 1587 } 1588 // if id hasnt been checked before initaite query 1589 if ( !$exists ) { 1590 // Search for typed link 1591 $query = "SELECT id" 1592 . "\n FROM #__menu" 1593 . "\n WHERE type = 'content_typed'" 1594 . "\n AND published = 1" 1595 . "\n AND link = 'index.php?option=com_content&task=view&id=" . (int) $id . "'" 1596 ; 1597 $this->_db->setQuery( $query ); 1598 // pull existing query storage into temp variable 1599 $ContentTyped = $this->get( '_ContentTyped', array() ); 1600 // add query result to temp array storage 1601 $ContentTyped[$id] = $this->_db->loadResult(); 1602 // save temp array to main array storage 1603 $this->set( '_ContentTyped', $ContentTyped ); 1604 1605 $_Itemid = $ContentTyped[$id]; 1606 } 1607 } 1608 1609 if ($_Itemid == '' && $link && $this->getContentItemLinkCount()) { 1610 $exists = 0; 1611 foreach( $this->get( '_ContentItemLink', array() ) as $key => $value ) { 1612 // check if id has been tested before, if it is pull from class variable store 1613 if ( $key == $id ) { 1614 $_Itemid = $value; 1615 $exists = 1; 1616 break; 1617 } 1618 } 1619 // if id hasnt been checked before initaite query 1620 if ( !$exists ) { 1621 // Search for item link 1622 $query = "SELECT id" 1623 ."\n FROM #__menu" 1624 ."\n WHERE type = 'content_item_link'" 1625 . "\n AND published = 1" 1626 . "\n AND link = 'index.php?option=com_content&task=view&id=" . (int) $id . "'" 1627 ; 1628 $this->_db->setQuery( $query ); 1629 // pull existing query storage into temp variable 1630 $ContentItemLink = $this->get( '_ContentItemLink', array() ); 1631 // add query result to temp array storage 1632 $ContentItemLink[$id] = $this->_db->loadResult(); 1633 // save temp array to main array storage 1634 $this->set( '_ContentItemLink', $ContentItemLink ); 1635 1636 $_Itemid = $ContentItemLink[$id]; 1637 } 1638 } 1639 1640 if ($_Itemid == '') { 1641 $exists = 0; 1642 foreach( $this->get( '_ContentSection', array() ) as $key => $value ) { 1643 // check if id has been tested before, if it is pull from class variable store 1644 if ( $key == $id ) { 1645 $_Itemid = $value; 1646 $exists = 1; 1647 break; 1648 } 1649 } 1650 // if id hasnt been checked before initaite query 1651 if ( !$exists ) { 1652 $query = "SELECT ms.id AS sid, ms.type AS stype, mc.id AS cid, mc.type AS ctype, i.id as sectionid, i.id As catid, ms.published AS spub, mc.published AS cpub" 1653 . "\n FROM #__content AS i" 1654 . "\n LEFT JOIN #__sections AS s ON i.sectionid = s.id" 1655 . "\n LEFT JOIN #__menu AS ms ON ms.componentid = s.id " 1656 . "\n LEFT JOIN #__categories AS c ON i.catid = c.id" 1657 . "\n LEFT JOIN #__menu AS mc ON mc.componentid = c.id " 1658 . "\n WHERE ( ms.type IN ( 'content_section', 'content_blog_section' ) OR mc.type IN ( 'content_blog_category', 'content_category' ) )" 1659 . "\n AND i.id = " . (int) $id 1660 . "\n ORDER BY ms.type DESC, mc.type DESC, ms.id, mc.id" 1661 ; 1662 $this->_db->setQuery( $query ); 1663 $links = $this->_db->loadObjectList(); 1664 1665 if (count($links)) { 1666 foreach($links as $link) { 1667 if ($link->stype == 'content_section' && $link->sectionid == $id && !isset($content_section) && $link->spub == 1) { 1668 $content_section = $link->sid; 1669 } 1670 1671 if ($link->stype == 'content_blog_section' && $link->sectionid == $id && !isset($content_blog_section) && $link->spub == 1) { 1672 $content_blog_section = $link->sid; 1673 } 1674 1675 if ($link->ctype == 'content_blog_category' && $link->catid == $id && !isset($content_blog_category) && $link->cpub == 1) { 1676 $content_blog_category = $link->cid; 1677 } 1678 1679 if ($link->ctype == 'content_category' && $link->catid == $id && !isset($content_category) && $link->cpub == 1) { 1680 $content_category = $link->cid; 1681 } 1682 } 1683 } 1684 1685 if (!isset($content_section)) { 1686 $content_section = null; 1687 } 1688 1689 // pull existing query storage into temp variable 1690 $ContentSection = $this->get( '_ContentSection', array() ); 1691 // add query result to temp array storage 1692 $ContentSection[$id] = $content_section; 1693 // save temp array to main array storage 1694 $this->set( '_ContentSection', $ContentSection ); 1695 1696 $_Itemid = $ContentSection[$id]; 1697 } 1698 } 1699 1700 if ( $compat <= 11 && $_Itemid == '') { 1701 $exists = 0; 1702 foreach( $this->get( '_ContentBlogSection', array() ) as $key => $value ) { 1703 // check if id has been tested before, if it is pull from class variable store 1704 if ( $key == $id ) { 1705 $_Itemid = $value; 1706 $exists = 1; 1707 break; 1708 } 1709 } 1710 // if id hasnt been checked before initaite query 1711 if ( !$exists ) { 1712 if (!isset($content_blog_section)) { 1713 $content_blog_section = null; 1714 } 1715 1716 // pull existing query storage into temp variable 1717 $ContentBlogSection = $this->get( '_ContentBlogSection', array() ); 1718 // add query result to temp array storage 1719 $ContentBlogSection[$id] = $content_blog_section; 1720 // save temp array to main array storage 1721 $this->set( '_ContentBlogSection', $ContentBlogSection ); 1722 1723 $_Itemid = $ContentBlogSection[$id]; 1724 } 1725 } 1726 1727 if ($_Itemid == '') { 1728 $exists = 0; 1729 foreach( $this->get( '_ContentBlogCategory', array() ) as $key => $value ) { 1730 // check if id has been tested before, if it is pull from class variable store 1731 if ( $key == $id ) { 1732 $_Itemid = $value; 1733 $exists = 1; 1734 break; 1735 } 1736 } 1737 // if id hasnt been checked before initaite query 1738 if ( !$exists ) { 1739 if (!isset($content_blog_category)) { 1740 $content_blog_category = null; 1741 } 1742 1743 // pull existing query storage into temp variable 1744 $ContentBlogCategory = $this->get( '_ContentBlogCategory', array() ); 1745 // add query result to temp array storage 1746 $ContentBlogCategory[$id] = $content_blog_category; 1747 // save temp array to main array storage 1748 $this->set( '_ContentBlogCategory', $ContentBlogCategory ); 1749 1750 $_Itemid = $ContentBlogCategory[$id]; 1751 } 1752 } 1753 1754 if ($_Itemid == '') { 1755 // ensure that query is only called once 1756 if ( !$this->get( '_GlobalBlogSection' ) && !defined( '_JOS_GBS' ) ) { 1757 define( '_JOS_GBS', 1 ); 1758 1759 // Search in global blog section 1760 $query = "SELECT id " 1761 . "\n FROM #__menu " 1762 . "\n WHERE type = 'content_blog_section'" 1763 . "\n AND published = 1" 1764 . "\n AND componentid = 0" 1765 ; 1766 $this->_db->setQuery( $query ); 1767 $this->set( '_GlobalBlogSection', $this->_db->loadResult() ); 1768 } 1769 1770 $_Itemid = $this->get( '_GlobalBlogSection' ); 1771 } 1772 1773 if ($compat >= 12 && $_Itemid == '') { 1774 $exists = 0; 1775 foreach( $this->get( '_ContentBlogSection', array() ) as $key => $value ) { 1776 // check if id has been tested before, if it is pull from class variable store 1777 if ( $key == $id ) { 1778 $_Itemid = $value; 1779 $exists = 1; 1780 break; 1781 } 1782 } 1783 // if id hasnt been checked before initaite query 1784 if ( !$exists ) { 1785 if (!isset($content_blog_section)) { 1786 $content_blog_section = null; 1787 } 1788 1789 // pull existing query storage into temp variable 1790 $ContentBlogSection = $this->get( '_ContentBlogSection', array() ); 1791 // add query result to temp array storage 1792 $ContentBlogSection[$id] = $content_blog_section; 1793 // save temp array to main array storage 1794 $this->set( '_ContentBlogSection', $ContentBlogSection ); 1795 1796 $_Itemid = $ContentBlogSection[$id]; 1797 } 1798 } 1799 1800 if ($_Itemid == '') { 1801 $exists = 0; 1802 foreach( $this->get( '_ContentCategory', array() ) as $key => $value ) { 1803 // check if id has been tested before, if it is pull from class variable store 1804 if ( $key == $id ) { 1805 $_Itemid = $value; 1806 $exists = 1; 1807 break; 1808 } 1809 } 1810 // if id hasnt been checked before initaite query 1811 if ( !$exists ) { 1812 if (!isset($content_category)) { 1813 $content_category = null; 1814 } 1815 1816 // pull existing query storage into temp variable 1817 $ContentCategory = $this->get( '_ContentCategory', array() ); 1818 // add query result to temp array storage 1819 //$ContentCategory[$id] = $this->_db->loadResult(); 1820 $ContentCategory[$id] = $content_category; 1821 // save temp array to main array storage 1822 $this->set( '_ContentCategory', $ContentCategory ); 1823 1824 $_Itemid = $ContentCategory[$id]; 1825 } 1826 } 1827 1828 if ($_Itemid == '') { 1829 // ensure that query is only called once 1830 if ( !$this->get( '_GlobalBlogCategory' ) && !defined( '_JOS_GBC' ) ) { 1831 define( '_JOS_GBC', 1 ); 1832 1833 // Search in global blog category 1834 $query = "SELECT id " 1835 . "\n FROM #__menu " 1836 . "\n WHERE type = 'content_blog_category'" 1837 . "\n AND published = 1" 1838 . "\n AND componentid = 0" 1839 ; 1840 $this->_db->setQuery( $query ); 1841 $this->set( '_GlobalBlogCategory', $this->_db->loadResult() ); 1842 } 1843 1844 $_Itemid = $this->get( '_GlobalBlogCategory' ); 1845 } 1846 1847 if ( $_Itemid != '' ) { 1848 // if Itemid value discovered by queries, return this value 1849 return $_Itemid; 1850 } else if ( $compat >= 12 && $Itemid != 99999999 && $Itemid > 0 ) { 1851 // if queries do not return Itemid value, return Itemid of page - if it is not 99999999 1852 return $Itemid; 1853 } else if ( $compat <= 11 && $Itemid === 0 ) { 1854 // if queries do not return Itemid value, return Itemid of page - if it is not 99999999 1855 return $Itemid; 1856 } 1857 } 1858 1859 /** 1860 * @return number of Published Blog Sections 1861 * Kept for Backward Compatability 1862 */ 1863 function getBlogSectionCount( ) { 1864 return 1; 1865 } 1866 1867 /** 1868 * @return number of Published Blog Categories 1869 * Kept for Backward Compatability 1870 */ 1871 function getBlogCategoryCount( ) { 1872 return 1; 1873 } 1874 1875 /** 1876 * @return number of Published Global Blog Sections 1877 * Kept for Backward Compatability 1878 */ 1879 function getGlobalBlogSectionCount( ) { 1880 return 1; 1881 } 1882 1883 /** 1884 * @return number of Static Content 1885 */ 1886 function getStaticContentCount( ) { 1887 // ensure that query is only called once 1888 if ( !$this->get( '_StaticContentCount' ) && !defined( '_JOS_SCC' ) ) { 1889 define( '_JOS_SCC', 1 ); 1890 1891 $query = "SELECT COUNT( id )" 1892 ."\n FROM #__menu " 1893 ."\n WHERE type = 'content_typed'" 1894 ."\n AND published = 1" 1895 ; 1896 $this->_db->setQuery( $query ); 1897 // saves query result to variable 1898 $this->set( '_StaticContentCount', $this->_db->loadResult() ); 1899 } 1900 1901 return $this->get( '_StaticContentCount' ); 1902 } 1903 1904 /** 1905 * @return number of Content Item Links 1906 */ 1907 function getContentItemLinkCount( ) { 1908 // ensure that query is only called once 1909 if ( !$this->get( '_ContentItemLinkCount' ) && !defined( '_JOS_CILC' ) ) { 1910 define( '_JOS_CILC', 1 ); 1911 1912 $query = "SELECT COUNT( id )" 1913 ."\n FROM #__menu " 1914 ."\n WHERE type = 'content_item_link'" 1915 ."\n AND published = 1" 1916 ; 1917 $this->_db->setQuery( $query ); 1918 // saves query result to variable 1919 $this->set( '_ContentItemLinkCount', $this->_db->loadResult() ); 1920 } 1921 1922 return $this->get( '_ContentItemLinkCount' ); 1923 } 1924 1925 /** 1926 * @param string The name of the property 1927 * @param mixed The value of the property to set 1928 */ 1929 function set( $property, $value=null ) { 1930 $this->$property = $value; 1931 } 1932 1933 /** 1934 * @param string The name of the property 1935 * @param mixed The default value 1936 * @return mixed The value of the property 1937 */ 1938 function get($property, $default=null) { 1939 if(isset($this->$property)) { 1940 return $this->$property; 1941 } else { 1942 return $default; 1943 } 1944 } 1945 1946 /** Is admin interface? 1947 * @return boolean 1948 * @since 1.0.2 1949 */ 1950 function isAdmin() { 1951 return $this->_isAdmin; 1952 } 1953 } 1954 1955 /** 1956 * Component database table class 1957 * @package Joomla 1958 */ 1959 class mosComponent extends mosDBTable { 1960 /** @var int Primary key */ 1961 var $id = null; 1962 /** @var string */ 1963 var $name = null; 1964 /** @var string */ 1965 var $link = null; 1966 /** @var int */ 1967 var $menuid = null; 1968 /** @var int */ 1969 var $parent = null; 1970 /** @var string */ 1971 var $admin_menu_link = null; 1972 /** @var string */ 1973 var $admin_menu_alt = null; 1974 /** @var string */ 1975 var $option = null; 1976 /** @var string */ 1977 var $ordering = null; 1978 /** @var string */ 1979 var $admin_menu_img = null; 1980 /** @var int */ 1981 var $iscore = null; 1982 /** @var string */ 1983 var $params = null; 1984 1985 /** 1986 * @param database A database connector object 1987 */ 1988 function mosComponent( &$db ) { 1989 $this->mosDBTable( '#__components', 'id', $db ); 1990 } 1991 } 1992 1993 /** 1994 * Utility class for all HTML drawing classes 1995 * @package Joomla 1996 */ 1997 class mosHTML { 1998 function makeOption( $value, $text='', $value_name='value', $text_name='text' ) { 1999 $obj = new stdClass; 2000 $obj->$value_name = $value; 2001 $obj->$text_name = trim( $text ) ? $text : $value; 2002 return $obj; 2003 } 2004 2005 function writableCell( $folder, $relative=1, $text='', $visible=1 ) { 2006 $writeable = '<b><font color="green">Writeable</font></b>'; 2007 $unwriteable = '<b><font color="red">Unwriteable</font></b>'; 2008 2009 echo '<tr>'; 2010 echo '<td class="item">'; 2011 echo $text; 2012 if ( $visible ) { 2013 echo $folder . '/'; 2014 } 2015 echo '</td>'; 2016 echo '<td align="left">'; 2017 if ( $relative ) { 2018 echo is_writable( "../$folder" ) ? $writeable : $unwriteable; 2019 } else { 2020 echo is_writable( "$folder" ) ? $writeable : $unwriteable; 2021 } 2022 echo '</td>'; 2023 echo '</tr>'; 2024 } 2025 2026 /** 2027 * Generates an HTML select list 2028 * @param array An array of objects 2029 * @param string The value of the HTML name attribute 2030 * @param string Additional HTML attributes for the <select> tag 2031 * @param string The name of the object variable for the option value 2032 * @param string The name of the object variable for the option text 2033 * @param mixed The key that is selected 2034 * @returns string HTML for the select list 2035 */ 2036 function selectList( &$arr, $tag_name, $tag_attribs, $key, $text, $selected=NULL ) { 2037 // check if array 2038 if ( is_array( $arr ) ) { 2039 reset( $arr ); 2040 } 2041 2042 $html = "\n<select name=\"$tag_name\" $tag_attribs>"; 2043 $count = count( $arr ); 2044 2045 for ($i=0, $n=$count; $i < $n; $i++ ) { 2046 $k = $arr[$i]->$key; 2047 $t = $arr[$i]->$text; 2048 $id = ( isset($arr[$i]->id) ? @$arr[$i]->id : null); 2049 2050 $extra = ''; 2051 $extra .= $id ? " id=\"" . $arr[$i]->id . "\"" : ''; 2052 if (is_array( $selected )) { 2053 foreach ($selected as $obj) { 2054 $k2 = $obj->$key; 2055 if ($k == $k2) { 2056 $extra .= " selected=\"selected\""; 2057 break; 2058 } 2059 } 2060 } else { 2061 $extra .= ($k == $selected ? " selected=\"selected\"" : ''); 2062 } 2063 $html .= "\n\t<option value=\"".$k."\"$extra>" . $t . "</option>"; 2064 } 2065 $html .= "\n</select>\n"; 2066 2067 return $html; 2068 } 2069 2070 /** 2071 * Writes a select list of integers 2072 * @param int The start integer 2073 * @param int The end integer 2074 * @param int The increment 2075 * @param string The value of the HTML name attribute 2076 * @param string Additional HTML attributes for the <select> tag 2077 * @param mixed The key that is selected 2078 * @param string The printf format to be applied to the number 2079 * @returns string HTML for the select list 2080 */ 2081 function integerSelectList( $start, $end, $inc, $tag_name, $tag_attribs, $selected, $format="" ) { 2082 $start = intval( $start ); 2083 $end = intval( $end ); 2084 $inc = intval( $inc ); 2085 $arr = array(); 2086 2087 for ($i=$start; $i <= $end; $i+=$inc) { 2088 $fi = $format ? sprintf( "$format", $i ) : "$i"; 2089 $arr[] = mosHTML::makeOption( $fi, $fi ); 2090 } 2091 2092 return mosHTML::selectList( $arr, $tag_name, $tag_attribs, 'value', 'text', $selected ); 2093 } 2094 2095 /** 2096 * Writes a select list of month names based on Language settings 2097 * @param string The value of the HTML name attribute 2098 * @param string Additional HTML attributes for the <select> tag 2099 * @param mixed The key that is selected 2100 * @returns string HTML for the select list values 2101 */ 2102 function monthSelectList( $tag_name, $tag_attribs, $selected ) { 2103 $arr = array( 2104 mosHTML::makeOption( '01', _JAN ), 2105 mosHTML::makeOption( '02', _FEB ), 2106 mosHTML::makeOption( '03', _MAR ), 2107 mosHTML::makeOption( '04', _APR ), 2108 mosHTML::makeOption( '05', _MAY ), 2109 mosHTML::makeOption( '06', _JUN ), 2110 mosHTML::makeOption( '07', _JUL ), 2111 mosHTML::makeOption( '08', _AUG ), 2112 mosHTML::makeOption( '09', _SEP ), 2113 mosHTML::makeOption( '10', _OCT ), 2114 mosHTML::makeOption( '11', _NOV ), 2115 mosHTML::makeOption( '12', _DEC ) 2116 ); 2117 2118 return mosHTML::selectList( $arr, $tag_name, $tag_attribs, 'value', 'text', $selected ); 2119 } 2120 2121 /** 2122 * Generates an HTML select list from a tree based query list 2123 * @param array Source array with id and parent fields 2124 * @param array The id of the current list item 2125 * @param array Target array. May be an empty array. 2126 * @param array An array of objects 2127 * @param string The value of the HTML name attribute 2128 * @param string Additional HTML attributes for the <select> tag 2129 * @param string The name of the object variable for the option value 2130 * @param string The name of the object variable for the option text 2131 * @param mixed The key that is selected 2132 * @returns string HTML for the select list 2133 */ 2134 function treeSelectList( &$src_list, $src_id, $tgt_list, $tag_name, $tag_attribs, $key, $text, $selected ) { 2135 2136 // establish the hierarchy of the menu 2137 $children = array(); 2138 // first pass - collect children 2139 foreach ($src_list as $v ) { 2140 $pt = $v->parent; 2141 $list = @$children[$pt] ? $children[$pt] : array(); 2142 array_push( $list, $v ); 2143 $children[$pt] = $list; 2144 } 2145 // second pass - get an indent list of the items 2146 $ilist = mosTreeRecurse( 0, '', array(), $children ); 2147 2148 // assemble menu items to the array 2149 $this_treename = ''; 2150 foreach ($ilist as $item) { 2151 if ($this_treename) { 2152 if ($item->id != $src_id && strpos( $item->treename, $this_treename ) === false) { 2153 $tgt_list[] = mosHTML::makeOption( $item->id, $item->treename ); 2154 } 2155 } else { 2156 if ($item->id != $src_id) { 2157 $tgt_list[] = mosHTML::makeOption( $item->id, $item->treename ); 2158 } else { 2159 $this_treename = "$item->treename/"; 2160 } 2161 } 2162 } 2163 // build the html select list 2164 return mosHTML::selectList( $tgt_list, $tag_name, $tag_attribs, $key, $text, $selected ); 2165 } 2166 2167 /** 2168 * Writes a yes/no select list 2169 * @param string The value of the HTML name attribute 2170 * @param string Additional HTML attributes for the <select> tag 2171 * @param mixed The key that is selected 2172 * @returns string HTML for the select list values 2173 */ 2174 function yesnoSelectList( $tag_name, $tag_attribs, $selected, $yes=_CMN_YES, $no=_CMN_NO ) { 2175 $arr = array( 2176 mosHTML::makeOption( '0', $no ), 2177 mosHTML::makeOption( '1', $yes ), 2178 ); 2179 2180 return mosHTML::selectList( $arr, $tag_name, $tag_attribs, 'value', 'text', $selected ); 2181 } 2182 2183 /** 2184 * Generates an HTML radio list 2185 * @param array An array of objects 2186 * @param string The value of the HTML name attribute 2187 * @param string Additional HTML attributes for the <select> tag 2188 * @param mixed The key that is selected 2189 * @param string The name of the object variable for the option value 2190 * @param string The name of the object variable for the option text 2191 * @returns string HTML for the select list 2192 */ 2193 function radioList( &$arr, $tag_name, $tag_attribs, $selected=null, $key='value', $text='text' ) { 2194 reset( $arr ); 2195 $html = ""; 2196 for ($i=0, $n=count( $arr ); $i < $n; $i++ ) { 2197 $k = $arr[$i]->$key; 2198 $t = $arr[$i]->$text; 2199 $id = ( isset($arr[$i]->id) ? @$arr[$i]->id : null); 2200 2201 $extra = ''; 2202 $extra .= $id ? " id=\"" . $arr[$i]->id . "\"" : ''; 2203 if (is_array( $selected )) { 2204 foreach ($selected as $obj) { 2205 $k2 = $obj->$key; 2206 if ($k == $k2) { 2207 $extra .= " selected=\"selected\""; 2208 break; 2209 } 2210 } 2211 } else { 2212 $extra .= ($k == $selected ? " checked=\"checked\"" : ''); 2213 } 2214 $html .= "\n\t<input type=\"radio\" name=\"$tag_name\" id=\"$tag_name$k\" value=\"".$k."\"$extra $tag_attribs />"; 2215 $html .= "\n\t<label for=\"$tag_name$k\">$t</label>"; 2216 } 2217 $html .= "\n"; 2218 2219 return $html; 2220 } 2221 2222 /** 2223 * Writes a yes/no radio list 2224 * @param string The value of the HTML name attribute 2225 * @param string Additional HTML attributes for the <select> tag 2226 * @param mixed The key that is selected 2227 * @returns string HTML for the radio list 2228 */ 2229 function yesnoRadioList( $tag_name, $tag_attribs, $selected, $yes=_CMN_YES, $no=_CMN_NO ) { 2230 $arr = array( 2231 mosHTML::makeOption( '0', $no ), 2232 mosHTML::makeOption( '1', $yes ) 2233 ); 2234 2235 return mosHTML::radioList( $arr, $tag_name, $tag_attribs, $selected ); 2236 } 2237 2238 /** 2239 * @param int The row index 2240 * @param int The record id 2241 * @param boolean 2242 * @param string The name of the form element 2243 * @return string 2244 */ 2245 function idBox( $rowNum, $recId, $checkedOut=false, $name='cid' ) { 2246 if ( $checkedOut ) { 2247 return ''; 2248 } else { 2249 return '<input type="checkbox" id="cb'.$rowNum.'" name="'.$name.'[]" value="'.$recId.'" onclick="isChecked(this.checked);" />'; 2250 } 2251 } 2252 2253 function sortIcon( $base_href, $field, $state='none' ) { 2254 global $mosConfig_live_site; 2255 2256 $alts = array( 2257 'none' => _CMN_SORT_NONE, 2258 'asc' => _CMN_SORT_ASC, 2259 'desc' => _CMN_SORT_DESC, 2260 ); 2261 $next_state = 'asc'; 2262 if ($state == 'asc') { 2263 $next_state = 'desc'; 2264 } else if ($state == 'desc') { 2265 $next_state = 'none'; 2266 } 2267 2268 $html = "<a href=\"$base_href&field=$field&order=$next_state\">" 2269 . "<img src=\"$mosConfig_live_site/images/M_images/sort_$state.png\" width=\"12\" height=\"12\" border=\"0\" alt=\"{$alts[$next_state]}\" />" 2270 . "</a>"; 2271 return $html; 2272 } 2273 2274 /** 2275 * Writes Close Button 2276 */ 2277 function CloseButton ( &$params, $hide_js=NULL ) { 2278 // displays close button in Pop-up window 2279 if ( $params->get( 'popup' ) && !$hide_js ) { 2280 ?> 2281 <script language="javascript" type="text/javascript"> 2282 <!-- 2283 document.write('<div align="center" style="margin-top: 30px; margin-bottom: 30px;">'); 2284 document.write('<a href="#" onclick="javascript:window.close();"><span class="small"><?php echo _PROMPT_CLOSE;?></span></a>'); 2285 document.write('</div>'); 2286 //--> 2287 </script> 2288 <?php 2289 } 2290 } 2291 2292 /** 2293 * Writes Back Button 2294 */ 2295 function BackButton ( &$params, $hide_js=NULL ) { 2296 // Back Button 2297 if ( $params->get( 'back_button' ) && !$params->get( 'popup' ) && !$hide_js) { 2298 ?> 2299 <div class="back_button"> 2300 <a href='javascript:history.go(-1)'> 2301 <?php echo _BACK; ?></a> 2302 </div> 2303 <?php 2304 } 2305 } 2306 2307 /** 2308 * Cleans text of all formating and scripting code 2309 */ 2310 function cleanText ( &$text ) { 2311 $text = preg_replace( "'<script[^>]*>.*?</script>'si", '', $text ); 2312 $text = preg_replace( '/<a\s+.*?href="([^"]+)"[^>]*>([^<]+)<\/a>/is', '\2 (\1)', $text ); 2313 $text = preg_replace( '/<!--.+?-->/', '', $text ); 2314 $text = preg_replace( '/{.+?}/', '', $text ); 2315 $text = preg_replace( '/ /', ' ', $text ); 2316 $text = preg_replace( '/&/', ' ', $text ); 2317 $text = preg_replace( '/"/', ' ', $text ); 2318 $text = strip_tags( $text ); 2319 $text = htmlspecialchars( $text ); 2320 2321 return $text; 2322 } 2323 2324 /** 2325 * Writes Print icon 2326 */ 2327 function PrintIcon( &$row, &$params, $hide_js, $link, $status=NULL ) { 2328 if ( $params->get( 'print' ) && !$hide_js ) { 2329 // use default settings if none declared 2330 if ( !$status ) { 2331 $status = 'status=no,toolbar=no,scrollbars=yes,titlebar=no,menubar=no,resizable=yes,width=640,height=480,directories=no,location=no'; 2332 } 2333 2334 // checks template image directory for image, if non found default are loaded 2335 if ( $params->get( 'icons' ) ) { 2336 $image = mosAdminMenus::ImageCheck( 'printButton.png', '/images/M_images/', NULL, NULL, _CMN_PRINT, _CMN_PRINT ); 2337 } else { 2338 $image = _ICON_SEP .' '. _CMN_PRINT. ' '. _ICON_SEP; 2339 } 2340 2341 if ( $params->get( 'popup' ) && !$hide_js ) { 2342 // Print Preview button - used when viewing page 2343 ?> 2344 <script language="javascript" type="text/javascript"> 2345 <!-- 2346 document.write('<td align="right" width="100%" class="buttonheading">'); 2347 document.write('<a href="#" onclick="javascript:window.print(); return false;" title="<?php echo _CMN_PRINT;?>">'); 2348 document.write('<?php echo $image;?>'); 2349 document.write('</a>'); 2350 document.write('</td>'); 2351 //--> 2352 </script> 2353 <?php 2354 } else { 2355 // Print Button - used in pop-up window 2356 ?> 2357 <td align="right" width="100%" class="buttonheading"> 2358 <a href="<?php echo $link; ?>" target="_blank" onclick="window.open('<?php echo $link; ?>','win2','<?php echo $status; ?>'); return false;" title="<?php echo _CMN_PRINT;?>"> 2359 <?php echo $image;?></a> 2360 </td> 2361 <?php 2362 } 2363 } 2364 } 2365 2366 /** 2367 * simple Javascript Cloaking 2368 * email cloacking 2369 * by default replaces an email with a mailto link with email cloacked 2370 */ 2371 function emailCloaking( $mail, $mailto=1, $text='', $email=1 ) { 2372 // convert text 2373 $mail = mosHTML::encoding_converter( $mail ); 2374 // split email by @ symbol 2375 $mail = explode( '@', $mail ); 2376 $mail_parts = explode( '.', $mail[1] ); 2377 // random number 2378 $rand = rand( 1, 100000 ); 2379 2380 $replacement = "\n <script language='JavaScript' type='text/javascript'>"; 2381 $replacement .= "\n <!--"; 2382 $replacement .= "\n var prefix = 'ma' + 'il' + 'to';"; 2383 $replacement .= "\n var path = 'hr' + 'ef' + '=';"; 2384 $replacement .= "\n var addy". $rand ." = '". @$mail[0] ."' + '@';"; 2385 $replacement .= "\n addy". $rand ." = addy". $rand ." + '". implode( "' + '.' + '", $mail_parts ) ."';"; 2386 2387 if ( $mailto ) { 2388 // special handling when mail text is different from mail addy 2389 if ( $text ) { 2390 if ( $email ) { 2391 // convert text 2392 $text = mosHTML::encoding_converter( $text ); 2393 // split email by @ symbol 2394 $text = explode( '@', $text ); 2395 $text_parts = explode( '.', $text[1] ); 2396 $replacement .= "\n var addy_text". $rand ." = '". @$text[0] ."' + '@' + '". implode( "' + '.' + '", @$text_parts ) ."';"; 2397 } else { 2398 $replacement .= "\n var addy_text". $rand ." = '". $text ."';"; 2399 } 2400 $replacement .= "\n document.write( '<a ' + path + '\'' + prefix + ':' + addy". $rand ." + '\'>' );"; 2401 $replacement .= "\n document.write( addy_text". $rand ." );"; 2402 $replacement .= "\n document.write( '<\/a>' );"; 2403 } else { 2404 $replacement .= "\n document.write( '<a ' + path + '\'' + prefix + ':' + addy". $rand ." + '\'>' );"; 2405 $replacement .= "\n document.write( addy". $rand ." );"; 2406 $replacement .= "\n document.write( '<\/a>' );"; 2407 } 2408 } else { 2409 $replacement .= "\n document.write( addy". $rand ." );"; 2410 } 2411 $replacement .= "\n //-->"; 2412 $replacement .= '\n </script>'; 2413 2414 // XHTML compliance `No Javascript` text handling 2415 $replacement .= "<script language='JavaScript' type='text/javascript'>"; 2416 $replacement .= "\n <!--"; 2417 $replacement .= "\n document.write( '<span style=\'display: none;\'>' );"; 2418 $replacement .= "\n //-->"; 2419 $replacement .= "\n </script>"; 2420 $replacement .= _CLOAKING; 2421 $replacement .= "\n <script language='JavaScript' type='text/javascript'>"; 2422 $replacement .= "\n <!--"; 2423 $replacement .= "\n document.write( '</' );"; 2424 $replacement .= "\n document.write( 'span>' );"; 2425 $replacement .= "\n //-->"; 2426 $replacement .= "\n </script>"; 2427 2428 return $replacement; 2429 } 2430 2431 function encoding_converter( $text ) { 2432 // replace vowels with character encoding 2433 $text = str_replace( 'a', 'a', $text ); 2434 $text = str_replace( 'e', 'e', $text ); 2435 $text = str_replace( 'i', 'i', $text ); 2436 $text = str_replace( 'o', 'o', $text ); 2437 $text = str_replace( 'u', 'u', $text ); 2438 2439 return $text; 2440 } 2441 } 2442 2443 /** 2444 * Category database table class 2445 * @package Joomla 2446 */ 2447 class mosCategory extends mosDBTable { 2448 /** @var int Primary key */ 2449 var $id = null; 2450 /** @var int */ 2451 var $parent_id = null; 2452 /** @var string The menu title for the Category (a short name)*/ 2453 var $title = null; 2454 /** @var string The full name for the Category*/ 2455 var $name = null; 2456 /** @var string */ 2457 var $image = null; 2458 /** @var string */ 2459 var $section = null; 2460 /** @var int */ 2461 var $image_position = null; 2462 /** @var string */ 2463 var $description = null; 2464 /** @var boolean */ 2465 var $published = null; 2466 /** @var boolean */ 2467 var $checked_out = null; 2468 /** @var time */ 2469 var $checked_out_time = null; 2470 /** @var int */ 2471 var $ordering = null; 2472 /** @var int */ 2473 var $access = null; 2474 /** @var string */ 2475 var $params = null; 2476 2477 /** 2478 * @param database A database connector object 2479 */ 2480 function mosCategory( &$db ) { 2481 $this->mosDBTable( '#__categories', 'id', $db ); 2482 } 2483 // overloaded check function 2484 function check() { 2485 // check for valid name 2486 if (trim( $this->title ) == '') { 2487 $this->_error = "Your Category must contain a title."; 2488 return false; 2489 } 2490 if (trim( $this->name ) == '') { 2491 $this->_error = "Your Category must have a name."; 2492 return false; 2493 } 2494 2495 $ignoreList = array('description'); 2496 $this->filter($ignoreList); 2497 2498 // check for existing name 2499 $query = "SELECT id" 2500 . "\n FROM #__categories " 2501 . "\n WHERE name = " . $this->_db->Quote( $this->name ) 2502 . "\n AND section = " . $this->_db->Quote( $this->section ) 2503 ; 2504 $this->_db->setQuery( $query ); 2505 2506 $xid = intval( $this->_db->loadResult() ); 2507 if ($xid && $xid != intval( $this->id )) { 2508 $this->_error = "There is a category already with that name, please try again."; 2509 return false; 2510 } 2511 return true; 2512 } 2513 } 2514 2515 /** 2516 * Section database table class 2517 * @package Joomla 2518 */ 2519 class mosSection extends mosDBTable { 2520 /** @var int Primary key */ 2521 var $id = null; 2522 /** @var string The menu title for the Section (a short name)*/ 2523 var $title = null; 2524 /** @var string The full name for the Section*/ 2525 var $name = null; 2526 /** @var string */ 2527 var $image = null; 2528 /** @var string */ 2529 var $scope = null; 2530 /** @var int */ 2531 var $image_position = null; 2532 /** @var string */ 2533 var $description = null; 2534 /** @var boolean */ 2535 var $published = null; 2536 /** @var boolean */ 2537 var $checked_out = null; 2538 /** @var time */ 2539 var $checked_out_time = null; 2540 /** @var int */ 2541 var $ordering = null; 2542 /** @var int */ 2543 var $access = null; 2544 /** @var string */ 2545 var $params = null; 2546 2547 /** 2548 * @param database A database connector object 2549 */ 2550 function mosSection( &$db ) { 2551 $this->mosDBTable( '#__sections', 'id', $db ); 2552 } 2553 // overloaded check function 2554 function check() { 2555 // check for valid name 2556 if (trim( $this->title ) == '') { 2557 $this->_error = "Your Section must contain a title."; 2558 return false; 2559 } 2560 if (trim( $this->name ) == '') { 2561 $this->_error = "Your Section must have a name."; 2562 return false; 2563 } 2564 2565 $ignoreList = array('description'); 2566 $this->filter($ignoreList); 2567 2568 // check for existing name 2569 $query = "SELECT id" 2570 . "\n FROM #__sections " 2571 . "\n WHERE name = " . $this->_db->Quote( $this->name ) 2572 . "\n AND scope = " . $this->_db->Quote( $this->scope ) 2573 ; 2574 $this->_db->setQuery( $query ); 2575 2576 $xid = intval( $this->_db->loadResult() ); 2577 if ($xid && $xid != intval( $this->id )) { 2578 $this->_error = "There is a section already with that name, please try again."; 2579 return false; 2580 } 2581 return true; 2582 } 2583 } 2584 2585 /** 2586 * Module database table class 2587 * @package Joomla 2588 */ 2589 class mosContent extends mosDBTable { 2590 /** @var int Primary key */ 2591 var $id = null; 2592 /** @var string */ 2593 var $title = null; 2594 /** @var string */ 2595 var $title_alias = null; 2596 /** @var string */ 2597 var $introtext = null; 2598 /** @var string */ 2599 var $fulltext = null; 2600 /** @var int */ 2601 var $state = null; 2602 /** @var int The id of the category section*/ 2603 var $sectionid = null; 2604 /** @var int DEPRECATED */ 2605 var $mask = null; 2606 /** @var int */ 2607 var $catid = null; 2608 /** @var datetime */ 2609 var $created = null; 2610 /** @var int User id*/ 2611 var $created_by = null; 2612 /** @var string An alias for the author*/ 2613 var $created_by_alias = null; 2614 /** @var datetime */ 2615 var $modified = null; 2616 /** @var int User id*/ 2617 var $modified_by = null; 2618 /** @var boolean */ 2619 var $checked_out = null; 2620 /** @var time */ 2621 var $checked_out_time = null; 2622 /** @var datetime */ 2623 var $frontpage_up = null; 2624 /** @var datetime */ 2625 var $frontpage_down = null; 2626 /** @var datetime */ 2627 var $publish_up = null; 2628 /** @var datetime */ 2629 var $publish_down = null; 2630 /** @var string */ 2631 var $images = null; 2632 /** @var string */ 2633 var $urls = null; 2634 /** @var string */ 2635 var $attribs = null; 2636 /** @var int */ 2637 var $version = null; 2638 /** @var int */ 2639 var $parentid = null; 2640 /** @var int */ 2641 var $ordering = null; 2642 /** @var string */ 2643 var $metakey = null; 2644 /** @var string */ 2645 var $metadesc = null; 2646 /** @var int */ 2647 var $access = null; 2648 /** @var int */ 2649 var $hits = null; 2650 2651 /** 2652 * @param database A database connector object 2653 */ 2654 function mosContent( &$db ) { 2655 $this->mosDBTable( '#__content', 'id', $db ); 2656 } 2657 2658 /** 2659 * Validation and filtering 2660 */ 2661 function check() { 2662 // filter malicious code 2663 $ignoreList = array( 'introtext', 'fulltext' ); 2664 $this->filter( $ignoreList ); 2665 2666 /* 2667 TODO: This filter is too rigorous, 2668 need to implement more configurable solution 2669 // specific filters 2670 $iFilter = new InputFilter( null, null, 1, 1 ); 2671 $this->introtext = trim( $iFilter->process( $this->introtext ) ); 2672 $this->fulltext = trim( $iFilter->process( $this->fulltext ) ); 2673 */ 2674 2675 if (trim( str_replace( ' ', '', $this->fulltext ) ) == '') { 2676 $this->fulltext = ''; 2677 } 2678 2679 return true; 2680 } 2681 2682 /** 2683 * Converts record to XML 2684 * @param boolean Map foreign keys to text values 2685 */ 2686 function toXML( $mapKeysToText=false ) { 2687 global $database; 2688 2689 if ($mapKeysToText) { 2690 $query = "SELECT name" 2691 . "\n FROM #__sections" 2692 . "\n WHERE id = " . (int) $this->sectionid 2693 ; 2694 $database->setQuery( $query ); 2695 $this->sectionid = $database->loadResult(); 2696 2697 $query = "SELECT name" 2698 . "\n FROM #__categories" 2699 . "\n WHERE id = " . (int) $this->catid 2700 ; 2701 $database->setQuery( $query ); 2702 $this->catid = $database->loadResult(); 2703 2704 $query = "SELECT name" 2705 . "\n FROM #__users" 2706 . "\n WHERE id = " . (int) $this->created_by 2707 ; 2708 $database->setQuery( $query ); 2709 $this->created_by = $database->loadResult(); 2710 } 2711 2712 return parent::toXML( $mapKeysToText ); 2713 } 2714 } 2715 2716 /** 2717 * Module database table class 2718 * @package Joomla 2719 */ 2720 class mosMenu extends mosDBTable { 2721 /** @var int Primary key */ 2722 var $id = null; 2723 /** @var string */ 2724 var $menutype = null; 2725 /** @var string */ 2726 var $name = null; 2727 /** @var string */ 2728 var $link = null; 2729 /** @var int */ 2730 var $type = null; 2731 /** @var int */ 2732 var $published = null; 2733 /** @var int */ 2734 var $componentid = null; 2735 /** @var int */ 2736 var $parent = null; 2737 /** @var int */ 2738 var $sublevel = null; 2739 /** @var int */ 2740 var $ordering = null; 2741 /** @var boolean */ 2742 var $checked_out = null; 2743 /** @var datetime */ 2744 var $checked_out_time = null; 2745 /** @var boolean */ 2746 var $pollid = null; 2747 /** @var string */ 2748 var $browserNav = null; 2749 /** @var int */ 2750 var $access = null; 2751 /** @var int */ 2752 var $utaccess = null; 2753 /** @var string */ 2754 var $params = null; 2755 2756 /** 2757 * @param database A database connector object 2758 */ 2759 function mosMenu( &$db ) { 2760 $this->mosDBTable( '#__menu', 'id', $db ); 2761 } 2762 2763 function check() { 2764 $this->id = (int) $this->id; 2765 $this->params = (string) trim( $this->params . ' ' ); 2766 2767 $ignoreList = array( 'link' ); 2768 $this->filter( $ignoreList ); 2769 2770 return true; 2771 } 2772 } 2773 2774 /** 2775 * Users Table Class 2776 * 2777 * Provides access to the jos_user table 2778 * @package Joomla 2779 */ 2780 class mosUser extends mosDBTable { 2781 /** @var int Unique id*/ 2782 var $id = null; 2783 /** @var string The users real name (or nickname)*/ 2784 var $name = null; 2785 /** @var string The login name*/ 2786 var $username = null; 2787 /** @var string email*/ 2788 var $email = null; 2789 /** @var string MD5 encrypted password*/ 2790 var $password = null; 2791 /** @var string */ 2792 var $usertype = null; 2793 /** @var int */ 2794 var $block = null; 2795 /** @var int */ 2796 var $sendEmail = null; 2797 /** @var int The group id number */ 2798 var $gid = null; 2799 /** @var datetime */ 2800 var $registerDate = null; 2801 /** @var datetime */ 2802 var $lastvisitDate = null; 2803 /** @var string activation hash*/ 2804 var $activation = null; 2805 /** @var string */ 2806 var $params = null; 2807 2808 /** 2809 * @param database A database connector object 2810 */ 2811 function mosUser( &$database ) { 2812 $this->mosDBTable( '#__users', 'id', $database ); 2813 } 2814 2815 /** 2816 * Validation and filtering 2817 * @return boolean True is satisfactory 2818 */ 2819 function check() { 2820 global $mosConfig_uniquemail; 2821 2822 // Validate user information 2823 if (trim( $this->name ) == '') { 2824 $this->_error = addslashes( _REGWARN_NAME ); 2825 return false; 2826 } 2827 2828 if (trim( $this->username ) == '') { 2829 $this->_error = addslashes( _REGWARN_UNAME ); 2830 return false; 2831 } 2832 2833 // check that username is not greater than 25 characters 2834 $username = $this->username; 2835 if ( strlen($username) > 25 ) { 2836 $this->username = substr( $username, 0, 25 ); 2837 } 2838 2839 // check that password is not greater than 50 characters 2840 $password = $this->password; 2841 if ( strlen($password) > 50 ) { 2842 $this->password = substr( $password, 0, 50 ); 2843 } 2844 2845 if (eregi( "[\<|\>|\"|\'|\%|\;|\(|\)|\&|\+|\-]", $this->username) || strlen( $this->username ) < 3) { 2846 $this->_error = sprintf( addslashes( _VALID_AZ09 ), addslashes( _PROMPT_UNAME ), 2 ); 2847 return false; 2848 } 2849 2850 if ((trim($this->email == "")) || (preg_match("/[\w\.\-]+@\w+[\w\.\-]*?\.\w{1,4}/", $this->email )==false)) { 2851 $this->_error = addslashes( _REGWARN_MAIL ); 2852 return false; 2853 } 2854 2855 // check for existing username 2856 $query = "SELECT id" 2857 . "\n FROM #__users " 2858 . "\n WHERE username = " . $this->_db->Quote( $this->username ) 2859 . "\n AND id != " . (int)$this->id 2860 ; 2861 $this->_db->setQuery( $query ); 2862 $xid = intval( $this->_db->loadResult() ); 2863 if ($xid && $xid != intval( $this->id )) { 2864 $this->_error = addslashes( _REGWARN_INUSE ); 2865 return false; 2866 } 2867 2868 if ($mosConfig_uniquemail) { 2869 // check for existing email 2870 $query = "SELECT id" 2871 . "\n FROM #__users " 2872 . "\n WHERE email = " . $this->_db->Quote( $this->email ) 2873 . "\n AND id != " . (int) $this->id 2874 ; 2875 $this->_db->setQuery( $query ); 2876 $xid = intval( $this->_db->loadResult() ); 2877 if ($xid && $xid != intval( $this->id )) { 2878 $this->_error = addslashes( _REGWARN_EMAIL_INUSE ); 2879 return false; 2880 } 2881 } 2882 2883 return true; 2884 } 2885 2886 function store( $updateNulls=false ) { 2887 global $acl, $migrate; 2888 $section_value = 'users'; 2889 2890 $k = $this->_tbl_key; 2891 $key = $this->$k; 2892 if( $key && !$migrate) { 2893 // existing record 2894 $ret = $this->_db->updateObject( $this->_tbl, $this, $this->_tbl_key, $updateNulls ); 2895 // syncronise ACL 2896 // single group handled at the moment 2897 // trivial to expand to multiple groups 2898 $groups = $acl->get_object_groups( $section_value, $this->$k, 'ARO' ); 2899 if(isset($groups[0])) $acl->del_group_object( $groups[0], $section_value, $this->$k, 'ARO' ); 2900 $acl->add_group_object( $this->gid, $section_value, $this->$k, 'ARO' ); 2901 2902 $object_id = $acl->get_object_id( $section_value, $this->$k, 'ARO' ); 2903 $acl->edit_object( $object_id, $section_value, $this->_db->getEscaped( $this->name ), $this->$k, 0, 0, 'ARO' ); 2904 } else { 2905 // new record 2906 $ret = $this->_db->insertObject( $this->_tbl, $this, $this->_tbl_key ); 2907 // syncronise ACL 2908 $acl->add_object( $section_value, $this->_db->getEscaped( $this->name ), $this->$k, null, null, 'ARO' ); 2909 $acl->add_group_object( $this->gid, $section_value, $this->$k, 'ARO' ); 2910 } 2911 if( !$ret ) { 2912 $this->_error = strtolower(get_class( $this ))."::store failed <br />" . $this->_db->getErrorMsg(); 2913 return false; 2914 } else { 2915 return true; 2916 } 2917 } 2918 2919 function delete( $oid=null ) { 2920 global $acl; 2921 2922 $k = $this->_tbl_key; 2923 if ($oid) { 2924 $this->$k = intval( $oid ); 2925 } 2926 $aro_id = $acl->get_object_id( 'users', $this->$k, 'ARO' ); 2927 $acl->del_object( $aro_id, 'ARO', true ); 2928 2929 $query = "DELETE FROM $this->_tbl" 2930 . "\n WHERE $this->_tbl_key = " . (int) $this->$k 2931 ; 2932 $this->_db->setQuery( $query ); 2933 2934 if ($this->_db->query()) { 2935 // cleanup related data 2936 2937 // :: private messaging 2938 $query = "DELETE FROM #__messages_cfg" 2939 . "\n WHERE user_id = " . (int) $this->$k 2940 ; 2941 $this->_db->setQuery( $query ); 2942 if (!$this->_db->query()) { 2943 $this->_error = $this->_db->getErrorMsg(); 2944 return false; 2945 } 2946 $query = "DELETE FROM #__messages" 2947 . "\n WHERE user_id_to = " . (int) $this->$k 2948 ; 2949 $this->_db->setQuery( $query ); 2950 if (!$this->_db->query()) { 2951 $this->_error = $this->_db->getErrorMsg(); 2952 return false; 2953 } 2954 2955 return true; 2956 } else { 2957 $this->_error = $this->_db->getErrorMsg(); 2958 return false; 2959 } 2960 } 2961 2962 /** 2963 * Gets the users from a group 2964 * @param string The value for the group (not used 1.0) 2965 * @param string The name for the group 2966 * @param string If RECURSE, will drill into child groups 2967 * @param string Ordering for the list 2968 * @return array 2969 */ 2970 function getUserListFromGroup( $value, $name, $recurse='NO_RECURSE', $order='name' ) { 2971 global $acl; 2972 2973 // Change back in 2974 //$group_id = $acl->get_group_id( $value, $name, $group_type = 'ARO'); 2975 $group_id = $acl->get_group_id( $name, $group_type = 'ARO'); 2976 $objects = $acl->get_group_objects( $group_id, 'ARO', 'RECURSE'); 2977 2978 if (isset( $objects['users'] )) { 2979 mosArrayToInts( $objects['users'] ); 2980 $gWhere = '(id =' . implode( ' OR id =', $objects['users'] ) . ')'; 2981 2982 $query = "SELECT id AS value, name AS text" 2983 . "\n FROM #__users" 2984 . "\n WHERE block = '0'" 2985 . "\n AND " . $gWhere 2986 . "\n ORDER BY ". $order 2987 ; 2988 $this->_db->setQuery( $query ); 2989 $options = $this->_db->loadObjectList(); 2990 return $options; 2991 } else { 2992 return array(); 2993 } 2994 } 2995 } 2996 2997 /** 2998 * Template Table Class 2999 * 3000 * Provides access to the jos_templates table 3001 * @package Joomla 3002 */ 3003 class mosTemplate extends mosDBTable { 3004 /** @var int */ 3005 var $id = null; 3006 /** @var string */ 3007 var $cur_template = null; 3008 /** @var int */ 3009 var $col_main = null; 3010 3011 /** 3012 * @param database A database connector object 3013 */ 3014 function mosTemplate( &$database ) { 3015 $this->mosDBTable( '#__templates', 'id', $database ); 3016 } 3017 } 3018 3019 /** 3020 * Utility function to return a value from a named array or a specified default 3021 * @param array A named array 3022 * @param string The key to search for 3023 * @param mixed The default value to give if no key found 3024 * @param int An options mask: _MOS_NOTRIM prevents trim, _MOS_ALLOWHTML allows safe html, _MOS_ALLOWRAW allows raw input 3025 */ 3026 define( "_MOS_NOTRIM", 0x0001 ); 3027 define( "_MOS_ALLOWHTML", 0x0002 ); 3028 define( "_MOS_ALLOWRAW", 0x0004 ); 3029 function mosGetParam( &$arr, $name, $def=null, $mask=0 ) { 3030 static $noHtmlFilter = null; 3031 static $safeHtmlFilter = null; 3032 3033 $return = null; 3034 if (isset( $arr[$name] )) { 3035 $return = $arr[$name]; 3036 3037 if (is_string( $return )) { 3038 // trim data 3039 if (!($mask&_MOS_NOTRIM)) { 3040 $return = trim( $return ); 3041 } 3042 3043 if ($mask&_MOS_ALLOWRAW) { 3044 // do nothing 3045 } else if ($mask&_MOS_ALLOWHTML) { 3046 // do nothing - compatibility mode 3047 } else { 3048 // send to inputfilter 3049 if (is_null( $noHtmlFilter )) { 3050 $noHtmlFilter = new InputFilter( /* $tags, $attr, $tag_method, $attr_method, $xss_auto */ ); 3051 } 3052 $return = $noHtmlFilter->process( $return ); 3053 3054 if (empty($return) && is_numeric($def)) { 3055 // if value is defined and default value is numeric set variable type to integer 3056 $return = intval($return); 3057 } 3058 } 3059 3060 // account for magic quotes setting 3061 if (!get_magic_quotes_gpc()) { 3062 $return = addslashes( $return ); 3063 } 3064 } 3065 3066 return $return; 3067 } else { 3068 return $def; 3069 } 3070 } 3071 3072 /** 3073 * Strip slashes from strings or arrays of strings 3074 * @param mixed The input string or array 3075 * @return mixed String or array stripped of slashes 3076 */ 3077 function mosStripslashes( &$value ) { 3078 $ret = ''; 3079 if (is_string( $value )) { 3080 $ret = stripslashes( $value ); 3081 } else { 3082 if (is_array( $value )) { 3083 $ret = array(); 3084 foreach ($value as $key => $val) { 3085 $ret[$key] = mosStripslashes( $val ); 3086 } 3087 } else { 3088 $ret = $value; 3089 } 3090 } 3091 return $ret; 3092 } 3093 3094 /** 3095 * Copy the named array content into the object as properties 3096 * only existing properties of object are filled. when undefined in hash, properties wont be deleted 3097 * @param array the input array 3098 * @param obj byref the object to fill of any class 3099 * @param string 3100 * @param boolean 3101 */ 3102 function mosBindArrayToObject( $array, &$obj, $ignore='', $prefix=NULL, $checkSlashes=true ) { 3103 if (!is_array( $array ) || !is_object( $obj )) { 3104 return (false); 3105 } 3106 3107 $ignore = ' ' . $ignore . ' '; 3108 foreach (get_object_vars($obj) as $k => $v) { 3109 if( substr( $k, 0, 1 ) != '_' ) { // internal attributes of an object are ignored 3110 if (strpos( $ignore, ' ' . $k . ' ') === false) { 3111 if ($prefix) { 3112 $ak = $prefix . $k; 3113 } else { 3114 $ak = $k; 3115 } 3116 if (isset($array[$ak])) { 3117 $obj->$k = ($checkSlashes && get_magic_quotes_gpc()) ? mosStripslashes( $array[$ak] ) : $array[$ak]; 3118 } 3119 } 3120 } 3121 } 3122 3123 return true; 3124 } 3125 3126 /** 3127 * Utility function to read the files in a directory 3128 * @param string The file system path 3129 * @param string A filter for the names 3130 * @param boolean Recurse search into sub-directories 3131 * @param boolean True if to prepend the full path to the file name 3132 */ 3133 function mosReadDirectory( $path, $filter='.', $recurse=false, $fullpath=false ) { 3134 $arr = array(); 3135 if (!@is_dir( $path )) { 3136 return $arr; 3137 } 3138 $handle = opendir( $path ); 3139 3140 while ($file = readdir($handle)) { 3141 $dir = mosPathName( $path.'/'.$file, false ); 3142 $isDir = is_dir( $dir ); 3143 if (($file != ".") && ($file != "..")) { 3144 if (preg_match( "/$filter/", $file )) { 3145 if ($fullpath) { 3146 $arr[] = trim( mosPathName( $path.'/'.$file, false ) ); 3147 } else { 3148 $arr[] = trim( $file ); 3149 } 3150 } 3151 if ($recurse && $isDir) { 3152 $arr2 = mosReadDirectory( $dir, $filter, $recurse, $fullpath ); 3153 $arr = array_merge( $arr, $arr2 ); 3154 } 3155 } 3156 } 3157 closedir($handle); 3158 asort($arr); 3159 return $arr; 3160 } 3161 3162 /** 3163 * Utility function redirect the browser location to another url 3164 * 3165 * Can optionally provide a message. 3166 * @param string The file system path 3167 * @param string A filter for the names 3168 */ 3169 function mosRedirect( $url, $msg='' ) { 3170 3171 global $mainframe; 3172 3173 // specific filters 3174 $iFilter = new InputFilter(); 3175 $url = $iFilter->process( $url ); 3176 if (!empty($msg)) { 3177 $msg = $iFilter->process( $msg ); 3178 } 3179 3180 // Strip out any line breaks and throw away the rest 3181 $url = preg_split("/[\r\n]/", $url); 3182 $url = $url[0]; 3183 3184 if ($iFilter->badAttributeValue( array( 'href', $url ))) { 3185 $url = $GLOBALS['mosConfig_live_site']; 3186 } 3187 3188 if (trim( $msg )) { 3189 if (strpos( $url, '?' )) { 3190 $url .= '&mosmsg=' . urlencode( $msg ); 3191 } else { 3192 $url .= '?mosmsg=' . urlencode( $msg ); 3193 } 3194 } 3195 3196 if (headers_sent()) { 3197 echo "<script>document.location.href='$url';</script>\n"; 3198 } else { 3199 @ob_end_clean(); // clear output buffer 3200 header( 'HTTP/1.1 301 Moved Permanently' ); 3201 header( "Location: ". $url ); 3202 } 3203 exit(); 3204 } 3205 3206 function mosErrorAlert( $text, $action='window.history.go(-1);', $mode=1 ) { 3207 $text = nl2br( $text ); 3208 $text = addslashes( $text ); 3209 $text = strip_tags( $text ); 3210 3211 switch ( $mode ) { 3212 case 2: 3213 echo "<script>$action</script> \n"; 3214 break; 3215 3216 case 1: 3217 default: 3218 echo "<meta http-equiv=\"Content-Type\" content=\"text/html; "._ISO."\" />"; 3219 echo "<script>alert('$text'); $action</script> \n"; 3220 //echo '<noscript>'; 3221 //mosRedirect( @$_SERVER['HTTP_REFERER'], $text ); 3222 //echo '</noscript>'; 3223 break; 3224 } 3225 3226 exit; 3227 } 3228 3229 function mosTreeRecurse( $id, $indent, $list, &$children, $maxlevel=9999, $level=0, $type=1 ) { 3230 3231 if (@$children[$id] && $level <= $maxlevel) { 3232 foreach ($children[$id] as $v) { 3233 $id = $v->id; 3234 3235 if ( $type ) { 3236 $pre = '<sup>L</sup> '; 3237 $spacer = '. '; 3238 } else { 3239 $pre = '- '; 3240 $spacer = ' '; 3241 } 3242 3243 if ( $v->parent == 0 ) { 3244 $txt = $v->name; 3245 } else { 3246 $txt = $pre . $v->name; 3247 } 3248 $pt = $v->parent; 3249 $list[$id] = $v; 3250 $list[$id]->treename = "$indent$txt"; 3251 $list[$id]->children = count( @$children[$id] ); 3252 3253 $list = mosTreeRecurse( $id, $indent . $spacer, $list, $children, $maxlevel, $level+1, $type ); 3254 } 3255 } 3256 return $list; 3257 } 3258 3259 /** 3260 * Function to strip additional / or \ in a path name 3261 * @param string The path 3262 * @param boolean Add trailing slash 3263 */ 3264 function mosPathName($p_path,$p_addtrailingslash = true) { 3265 $retval = ""; 3266 3267 $isWin = (substr(PHP_OS, 0, 3) == 'WIN'); 3268 3269 if ($isWin) { 3270 $retval = str_replace( '/', '\\', $p_path ); 3271 if ($p_addtrailingslash) { 3272 if (substr( $retval, -1 ) != '\\') { 3273 $retval .= '\\'; 3274 } 3275 } 3276 3277 // Check if UNC path 3278 $unc = substr($retval,0,2) == '\\\\' ? 1 : 0; 3279 3280 // Remove double \\ 3281 $retval = str_replace( '\\\\', '\\', $retval ); 3282 3283 // If UNC path, we have to add one \ in front or everything breaks! 3284 if ( $unc == 1 ) { 3285 $retval = '\\'.$retval; 3286 } 3287 } else { 3288 $retval = str_replace( '\\', '/', $p_path ); 3289 if ($p_addtrailingslash) { 3290 if (substr( $retval, -1 ) != '/') { 3291 $retval .= '/'; 3292 } 3293 } 3294 3295 // Check if UNC path 3296 $unc = substr($retval,0,2) == '//' ? 1 : 0; 3297 3298 // Remove double // 3299 $retval = str_replace('//','/',$retval); 3300 3301 // If UNC path, we have to add one / in front or everything breaks! 3302 if ( $unc == 1 ) { 3303 $retval = '/'.$retval; 3304 } 3305 } 3306 3307 return $retval; 3308 } 3309 3310 /** 3311 * Class mosMambot 3312 * @package Joomla 3313 */ 3314 class mosMambot extends mosDBTable { 3315 /** @var int */ 3316 var $id = null; 3317 /** @var varchar */ 3318 var $name = null; 3319 /** @var varchar */ 3320 var $element = null; 3321 /** @var varchar */ 3322 var $folder = null; 3323 /** @var tinyint unsigned */ 3324 var $access = null; 3325 /** @var int */ 3326 var $ordering = null; 3327 /** @var tinyint */ 3328 var $published = null; 3329 /** @var tinyint */ 3330 var $iscore = null; 3331 /** @var tinyint */ 3332 var $client_id = null; 3333 /** @var int unsigned */ 3334 var $checked_out = null; 3335 /** @var datetime */ 3336 var $checked_out_time = null; 3337 /** @var text */ 3338 var $params = null; 3339 3340 function mosMambot( &$db ) { 3341 $this->mosDBTable( '#__mambots', 'id', $db ); 3342 } 3343 } 3344 3345 /** 3346 * Module database table class 3347 * @package Joomla 3348 */ 3349 class mosModule extends mosDBTable { 3350 /** @var int Primary key */ 3351 var $id = null; 3352 /** @var string */ 3353 var $title = null; 3354 /** @var string */ 3355 var $showtitle = null; 3356 /** @var int */ 3357 var $content = null; 3358 /** @var int */ 3359 var $ordering = null; 3360 /** @var string */ 3361 var $position = null; 3362 /** @var boolean */ 3363 var $checked_out = null; 3364 /** @var time */ 3365 var $checked_out_time = null; 3366 /** @var boolean */ 3367 var $published = null; 3368 /** @var string */ 3369 var $module = null; 3370 /** @var int */ 3371 var $numnews = null; 3372 /** @var int */ 3373 var $access = null; 3374 /** @var string */ 3375 var $params = null; 3376 /** @var string */ 3377 var $iscore = null; 3378 /** @var string */ 3379 var $client_id = null; 3380 3381 /** 3382 * @param database A database connector object 3383 */ 3384 function mosModule( &$db ) { 3385 $this->mosDBTable( '#__modules', 'id', $db ); 3386 } 3387 // overloaded check function 3388 function check() { 3389 // check for valid name 3390 if (trim( $this->title ) == '') { 3391 $this->_error = "Your Module must contain a title."; 3392 return false; 3393 } 3394 3395 return true; 3396 } 3397 } 3398 3399 /** 3400 * Session database table class 3401 * @package Joomla 3402 */ 3403 class mosSession extends mosDBTable { 3404 /** @var int Primary key */ 3405 var $session_id = null; 3406 /** @var string */ 3407 var $time = null; 3408 /** @var string */ 3409 var $userid = null; 3410 /** @var string */ 3411 var $usertype = null; 3412 /** @var string */ 3413 var $username = null; 3414 /** @var time */ 3415 var $gid = null; 3416 /** @var int */ 3417 var $guest = null; 3418 /** @var string */ 3419 var $_session_cookie = null; 3420 3421 /** 3422 * @param database A database connector object 3423 */ 3424 function mosSession( &$db ) { 3425 $this->mosDBTable( '#__session', 'session_id', $db ); 3426 } 3427 3428 /** 3429 * @param string Key search for 3430 * @param mixed Default value if not set 3431 * @return mixed 3432 */ 3433 function get( $key, $default=null ) { 3434 return mosGetParam( $_SESSION, $key, $default ); 3435 } 3436 3437 /** 3438 * @param string Key to set 3439 * @param mixed Value to set 3440 * @return mixed The new value 3441 */ 3442 function set( $key, $value ) { 3443 $_SESSION[$key] = $value; 3444 return $value; 3445 } 3446 3447 /** 3448 * Sets a key from a REQUEST variable, otherwise uses the default 3449 * @param string The variable key 3450 * @param string The REQUEST variable name 3451 * @param mixed The default value 3452 * @return mixed 3453 */ 3454 function setFromRequest( $key, $varName, $default=null ) { 3455 if (isset( $_REQUEST[$varName] )) { 3456 return mosSession::set( $key, $_REQUEST[$varName] ); 3457 } else if (isset( $_SESSION[$key] )) { 3458 return $_SESSION[$key]; 3459 } else { 3460 return mosSession::set( $key, $default ); 3461 } 3462 } 3463 3464 /** 3465 * Insert a new row 3466 * @return boolean 3467 */ 3468 function insert() { 3469 $ret = $this->_db->insertObject( $this->_tbl, $this ); 3470 3471 if( !$ret ) { 3472 $this->_error = strtolower(get_class( $this ))."::store failed <br />" . $this->_db->stderr(); 3473 return false; 3474 } else { 3475 return true; 3476 } 3477 } 3478 3479 /** 3480 * Update an existing row 3481 * @return boolean 3482 */ 3483 function update( $updateNulls=false ) { 3484 $ret = $this->_db->updateObject( $this->_tbl, $this, 'session_id', $updateNulls ); 3485 3486 if( !$ret ) { 3487 $this->_error = strtolower(get_class( $this ))."::store failed <br />" . $this->_db->stderr(); 3488 return false; 3489 } else { 3490 return true; 3491 } 3492 } 3493 3494 /** 3495 * Generate a unique session id 3496 * @return string 3497 */ 3498 function generateId() { 3499 $failsafe = 20; 3500 $randnum = 0; 3501 3502 while ($failsafe--) { 3503 $randnum = md5( uniqid( microtime(), 1 ) ); 3504 $new_session_id = mosMainFrame::sessionCookieValue( $randnum ); 3505 3506 if ($randnum != '') { 3507 $query = "SELECT $this->_tbl_key" 3508 . "\n FROM $this->_tbl" 3509 . "\n WHERE $this->_tbl_key = " . $this->_db->Quote( $new_session_id ) 3510 ; 3511 $this->_db->setQuery( $query ); 3512 if(!$result = $this->_db->query()) { 3513 die( $this->_db->stderr( true )); 3514 } 3515 3516 if ($this->_db->getNumRows($result) == 0) { 3517 break; 3518 } 3519 } 3520 } 3521 3522 $this->_session_cookie = $randnum; 3523 $this->session_id = $new_session_id; 3524 } 3525 3526 /** 3527 * @return string The name of the session cookie 3528 */ 3529 function getCookie() { 3530 return $this->_session_cookie; 3531 } 3532 3533 /** 3534 * Purge lapsed sessions 3535 * @return boolean 3536 */ 3537 function purge( $inc=1800, $and='' ) { 3538 global $mainframe; 3539 3540 if ($inc == 'core') { 3541 $past_logged = time() - $mainframe->getCfg( 'lifetime' ); 3542 $past_guest = time() - 900; 3543 3544 $query = "DELETE FROM $this->_tbl" 3545 . "\n WHERE (" 3546 // purging expired logged sessions 3547 . "\n ( time < '" . (int) $past_logged . "' )" 3548 . "\n AND guest = 0" 3549 . "\n AND gid > 0" 3550 . "\n ) OR (" 3551 // purging expired guest sessions 3552 . "\n ( time < '" . (int) $past_guest . "' )" 3553 . "\n AND guest = 1" 3554 . "\n AND userid = 0" 3555 . "\n )" 3556 ; 3557 } else { 3558 // kept for backward compatability 3559 $past = time() - $inc; 3560 $query = "DELETE FROM $this->_tbl" 3561 . "\n WHERE ( time < '" . (int) $past . "' )" 3562 . $and 3563 ; 3564 } 3565 $this->_db->setQuery($query); 3566 3567 return $this->_db->query(); 3568 } 3569 } 3570 3571 3572 function mosObjectToArray($p_obj) { 3573 $retarray = null; 3574 if(is_object($p_obj)) 3575 { 3576 $retarray = array(); 3577 foreach (get_object_vars($p_obj) as $k => $v) 3578 { 3579 if(is_object($v)) 3580 $retarray[$k] = mosObjectToArray($v); 3581 else 3582 $retarray[$k] = $v; 3583 } 3584 } 3585 return $retarray; 3586 } 3587 /** 3588 * Checks the user agent string against known browsers 3589 */ 3590 function mosGetBrowser( $agent ) { 3591 global $mosConfig_absolute_path; 3592 3593 require ( $mosConfig_absolute_path .'/includes/agent_browser.php' ); 3594 3595 if (preg_match( "/msie[\/\sa-z]*([\d\.]*)/i", $agent, $m ) 3596 && !preg_match( "/webtv/i", $agent ) 3597 && !preg_match( "/omniweb/i", $agent ) 3598 && !preg_match( "/opera/i", $agent )) { 3599 // IE 3600 return "MS Internet Explorer $m[1]"; 3601 } else if (preg_match( "/netscape.?\/([\d\.]*)/i", $agent, $m )) { 3602 // Netscape 6.x, 7.x ... 3603 return "Netscape $m[1]"; 3604 } else if ( preg_match( "/mozilla[\/\sa-z]*([\d\.]*)/i", $agent, $m ) 3605 && !preg_match( "/gecko/i", $agent ) 3606 && !preg_match( "/compatible/i", $agent ) 3607 && !preg_match( "/opera/i", $agent ) 3608 && !preg_match( "/galeon/i", $agent ) 3609 && !preg_match( "/safari/i", $agent )) { 3610 // Netscape 3.x, 4.x ... 3611 return "Netscape $m[1]"; 3612 } else { 3613 // Other 3614 $found = false; 3615 foreach ($browserSearchOrder as $key) { 3616 if (preg_match( "/$key.?\/([\d\.]*)/i", $agent, $m )) { 3617 $name = "$browsersAlias[$key] $m[1]"; 3618 return $name; 3619 break; 3620 } 3621 } 3622 } 3623 3624 return 'Unknown'; 3625 } 3626 3627 /** 3628 * Checks the user agent string against known operating systems 3629 */ 3630 function mosGetOS( $agent ) { 3631 global $mosConfig_absolute_path; 3632 3633 require ( $mosConfig_absolute_path .'/includes/agent_os.php' ); 3634 3635 foreach ($osSearchOrder as $key) { 3636 if (preg_match( "/$key/i", $agent )) { 3637 return $osAlias[$key]; 3638 break; 3639 } 3640 } 3641 3642 return 'Unknown'; 3643 } 3644 3645 /** 3646 * @param string SQL with ordering As value and 'name field' AS text 3647 * @param integer The length of the truncated headline 3648 */ 3649 function mosGetOrderingList( $sql, $chop='30' ) { 3650 global $database; 3651 3652 $order = array(); 3653 $database->setQuery( $sql ); 3654 if (!($orders = $database->loadObjectList())) { 3655 if ($database->getErrorNum()) { 3656 echo $database->stderr(); 3657 return false; 3658 } else { 3659 $order[] = mosHTML::makeOption( 1, 'first' ); 3660 return $order; 3661 } 3662 } 3663 $order[] = mosHTML::makeOption( 0, '0 first' ); 3664 for ($i=0, $n=count( $orders ); $i < $n; $i++) { 3665 3666 if (strlen($orders[$i]->text) > $chop) { 3667 $text = substr($orders[$i]->text,0,$chop)."..."; 3668 } else { 3669 $text = $orders[$i]->text; 3670 } 3671 3672 $order[] = mosHTML::makeOption( $orders[$i]->value, $orders[$i]->value.' ('.$text.')' ); 3673 } 3674 $order[] = mosHTML::makeOption( $orders[$i-1]->value+1, ($orders[$i-1]->value+1).' last' ); 3675 3676 return $order; 3677 } 3678 3679 /** 3680 * Makes a variable safe to display in forms 3681 * 3682 * Object parameters that are non-string, array, object or start with underscore 3683 * will be converted 3684 * @param object An object to be parsed 3685 * @param int The optional quote style for the htmlspecialchars function 3686 * @param string|array An optional single field name or array of field names not 3687 * to be parsed (eg, for a textarea) 3688 */ 3689 function mosMakeHtmlSafe( &$mixed, $quote_style=ENT_QUOTES, $exclude_keys='' ) { 3690 if (is_object( $mixed )) { 3691 foreach (get_object_vars( $mixed ) as $k => $v) { 3692 if (is_array( $v ) || is_object( $v ) || $v == NULL || substr( $k, 1, 1 ) == '_' ) { 3693 continue; 3694 } 3695 if (is_string( $exclude_keys ) && $k == $exclude_keys) { 3696 continue; 3697 } else if (is_array( $exclude_keys ) && in_array( $k, $exclude_keys )) { 3698 continue; 3699 } 3700 $mixed->$k = htmlspecialchars( $v, $quote_style ); 3701 } 3702 } 3703 } 3704 3705 /** 3706 * Checks whether a menu option is within the users access level 3707 * @param int Item id number 3708 * @param string The menu option 3709 * @param int The users group ID number 3710 * @param database A database connector object 3711 * @return boolean True if the visitor's group at least equal to the menu access 3712 */ 3713 function mosMenuCheck( $Itemid, $menu_option, $task, $gid ) { 3714 global $database, $mainframe; 3715 3716 if ( $Itemid != '' && $Itemid != 0 && $Itemid != 99999999 ) { 3717 $query = "SELECT *" 3718 . "\n FROM #__menu" 3719 . "\n WHERE id = " . (int) $Itemid 3720 ; 3721 } else { 3722 $dblink = "index.php?option=" . $database->getEscaped( $menu_option ); 3723 3724 if ($task != '') { 3725 $dblink .= "&task=" . $database->getEscaped( $task ); 3726 } 3727 3728 $query = "SELECT *" 3729 . "\n FROM #__menu" 3730 . "\n WHERE published = 1 AND" 3731 . "\n link LIKE '$dblink%'" 3732 ; 3733 } 3734 $database->setQuery( $query ); 3735 $results = $database->loadObjectList(); 3736 $access = 0; 3737 3738 foreach ($results as $result) { 3739 $access = max( $access, $result->access ); 3740 } 3741 3742 // save menu information to global mainframe 3743 if(isset($results[0])) { 3744 // loads menu info of particular Itemid 3745 $mainframe->set( 'menu', $results[0] ); 3746 } else { 3747 // loads empty Menu info 3748 $mainframe->set( 'menu', new mosMenu($database) ); 3749 } 3750 3751 return ($access <= $gid); 3752 } 3753 3754 /** 3755 * Returns formated date according to current local and adds time offset 3756 * @param string date in datetime format 3757 * @param string format optional format for strftime 3758 * @param offset time offset if different than global one 3759 * @returns formated date 3760 */ 3761 function mosFormatDate( $date, $format="", $offset=NULL ){ 3762 global $mosConfig_offset; 3763 if ( $format == '' ) { 3764 // %Y-%m-%d %H:%M:%S 3765 $format = _DATE_FORMAT_LC; 3766 } 3767 if ( is_null($offset) ) { 3768 $offset = $mosConfig_offset; 3769 } 3770 if ( $date && ereg( "([0-9]{4})-([0-9]{2})-([0-9]{2})[ ]([0-9]{2}):([0-9]{2}):([0-9]{2})", $date, $regs ) ) { 3771 $date = mktime( $regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1] ); 3772 $date = $date > -1 ? strftime( $format, $date + ($offset*60*60) ) : '-'; 3773 } 3774 return $date; 3775 } 3776 3777 /** 3778 * Returns current date according to current local and time offset 3779 * @param string format optional format for strftime 3780 * @returns current date 3781 */ 3782 function mosCurrentDate( $format="" ) { 3783 global $mosConfig_offset; 3784 if ($format=="") { 3785 $format = _DATE_FORMAT_LC; 3786 } 3787 $date = strftime( $format, time() + ($mosConfig_offset*60*60) ); 3788 return $date; 3789 } 3790 3791 /** 3792 * Utility function to provide ToolTips 3793 * @param string ToolTip text 3794 * @param string Box title 3795 * @returns HTML code for ToolTip 3796 */ 3797 function mosToolTip( $tooltip, $title='', $width='', $image='tooltip.png', $text='', $href='#', $link=1 ) { 3798 global $mosConfig_live_site; 3799 3800 if ( $width ) { 3801 $width = ', WIDTH, \''.$width .'\''; 3802 } 3803 if ( $title ) { 3804 $title = ', CAPTION, \''.$title .'\''; 3805 } 3806 if ( !$text ) { 3807 $image = $mosConfig_live_site . '/includes/js/ThemeOffice/'. $image; 3808 $text = '<img src="'. $image .'" border="0" alt="tooltip"/>'; 3809 } 3810 $style = 'style="text-decoration: none; color: #333;"'; 3811 if ( $href ) { 3812 $style = ''; 3813 } else{ 3814 $href = '#'; 3815 } 3816 3817 $mousover = 'return overlib(\''. $tooltip .'\''. $title .', BELOW, RIGHT'. $width .');'; 3818 3819 $tip = "<!-- Tooltip -->\n"; 3820 if ( $link ) { 3821 $tip .= '<a href="'. $href .'" onmouseover="'. $mousover .'" onmouseout="return nd();" '. $style .'>'. $text .'</a>'; 3822 } else { 3823 $tip .= '<span onmouseover="'. $mousover .'" onmouseout="return nd();" '. $style .'>'. $text .'</span>'; 3824 } 3825 3826 return $tip; 3827 } 3828 3829 /** 3830 * Utility function to provide Warning Icons 3831 * @param string Warning text 3832 * @param string Box title 3833 * @returns HTML code for Warning 3834 */ 3835 function mosWarning($warning, $title='Joomla! Warning') { 3836 global $mosConfig_live_site; 3837 3838 $mouseover = 'return overlib(\''. $warning .'\', CAPTION, \''. $title .'\', BELOW, RIGHT);'; 3839 3840 $tip = "<!-- Warning -->\n"; 3841 $tip .= '<a href="javascript:void(0)" onmouseover="'. $mouseover .'" onmouseout="return nd();">'; 3842 $tip .= '<img src="'. $mosConfig_live_site .'/includes/js/ThemeOffice/warning.png" border="0" alt="warning"/></a>'; 3843 3844 return $tip; 3845 } 3846 3847 function mosCreateGUID(){ 3848 srand((double)microtime()*1000000); 3849 $r = rand(); 3850 $u = uniqid(getmypid() . $r . (double)microtime()*1000000,1); 3851 $m = md5 ($u); 3852 return($m); 3853 } 3854 3855 function mosCompressID( $ID ){ 3856 return(Base64_encode(pack("H*",$ID))); 3857 } 3858 3859 function mosExpandID( $ID ) { 3860 return ( implode(unpack("H*",Base64_decode($ID)), '') ); 3861 } 3862 3863 /** 3864 * Function to create a mail object for futher use (uses phpMailer) 3865 * @param string From e-mail address 3866 * @param string From name 3867 * @param string E-mail subject 3868 * @param string Message body 3869 * @return object Mail object 3870 */ 3871 function mosCreateMail( $from='', $fromname='', $subject, $body ) { 3872 global $mosConfig_absolute_path, $mosConfig_sendmail; 3873 global $mosConfig_smtpauth, $mosConfig_smtpuser; 3874 global $mosConfig_smtppass, $mosConfig_smtphost; 3875 global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailer; 3876 3877 $mail = new mosPHPMailer(); 3878 3879 $mail->PluginDir = $mosConfig_absolute_path .'/includes/phpmailer/'; 3880 $mail->SetLanguage( 'en', $mosConfig_absolute_path . '/includes/phpmailer/language/' ); 3881 $mail->CharSet = substr_replace(_ISO, '', 0, 8); 3882 $mail->IsMail(); 3883 $mail->From = $from ? $from : $mosConfig_mailfrom; 3884 $mail->FromName = $fromname ? $fromname : $mosConfig_fromname; 3885 $mail->Mailer = $mosConfig_mailer; 3886 3887 // Add smtp values if needed 3888 if ( $mosConfig_mailer == 'smtp' ) { 3889 $mail->SMTPAuth = $mosConfig_smtpauth; 3890 $mail->Username = $mosConfig_smtpuser; 3891 $mail->Password = $mosConfig_smtppass; 3892 $mail->Host = $mosConfig_smtphost; 3893 } else 3894 3895 // Set sendmail path 3896 if ( $mosConfig_mailer == 'sendmail' ) { 3897 if (isset($mosConfig_sendmail)) 3898 $mail->Sendmail = $mosConfig_sendmail; 3899 } // if 3900 3901 $mail->Subject = $subject; 3902 $mail->Body = $body; 3903 3904 return $mail; 3905 } 3906 3907 /** 3908 * Mail function (uses phpMailer) 3909 * @param string From e-mail address 3910 * @param string From name 3911 * @param string/array Recipient e-mail address(es) 3912 * @param string E-mail subject 3913 * @param string Message body 3914 * @param boolean false = plain text, true = HTML 3915 * @param string/array CC e-mail address(es) 3916 * @param string/array BCC e-mail address(es) 3917 * @param string/array Attachment file name(s) 3918 * @param string/array ReplyTo e-mail address(es) 3919 * @param string/array ReplyTo name(s) 3920 * @return boolean 3921 */ 3922 function mosMail( $from, $fromname, $recipient, $subject, $body, $mode=0, $cc=NULL, $bcc=NULL, $attachment=NULL, $replyto=NULL, $replytoname=NULL ) { 3923 global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_debug; 3924 3925 // Allow empty $from and $fromname settings (backwards compatibility) 3926 if ($from == '') { 3927 $from = $mosConfig_mailfrom; 3928 } 3929 if ($fromname == '') { 3930 $fromname = $mosConfig_fromname; 3931 } 3932 3933 // Filter from, fromname and subject 3934 if (!JosIsValidEmail( $from ) || !JosIsValidName( $fromname ) || !JosIsValidName( $subject )) { 3935 return false; 3936 } 3937 3938 $mail = mosCreateMail( $from, $fromname, $subject, $body ); 3939 3940 // activate HTML formatted emails 3941 if ( $mode ) { 3942 $mail->IsHTML(true); 3943 } 3944 3945 if (is_array( $recipient )) { 3946 foreach ($recipient as $to) { 3947 if (!JosIsValidEmail( $to )) { 3948 return false; 3949 } 3950 $mail->AddAddress( $to ); 3951 } 3952 } else { 3953 if (!JosIsValidEmail( $recipient )) { 3954 return false; 3955 } 3956 $mail->AddAddress( $recipient ); 3957 } 3958 if (isset( $cc )) { 3959 if (is_array( $cc )) { 3960 foreach ($cc as $to) { 3961 if (!JosIsValidEmail( $to )) { 3962 return false; 3963 } 3964 $mail->AddCC($to); 3965 } 3966 } else { 3967 if (!JosIsValidEmail( $cc )) { 3968 return false; 3969 } 3970 $mail->AddCC($cc); 3971 } 3972 } 3973 if (isset( $bcc )) { 3974 if (is_array( $bcc )) { 3975 foreach ($bcc as $to) { 3976 if (!JosIsValidEmail( $to )) { 3977 return false; 3978 } 3979 $mail->AddBCC( $to ); 3980 } 3981 } else { 3982 if (!JosIsValidEmail( $bcc )) { 3983 return false; 3984 } 3985 $mail->AddBCC( $bcc ); 3986 } 3987 } 3988 if ($attachment) { 3989 if (is_array( $attachment )) { 3990 foreach ($attachment as $fname) { 3991 $mail->AddAttachment( $fname ); 3992 } 3993 } else { 3994 $mail->AddAttachment($attachment); 3995 } 3996 } 3997 //Important for being able to use mosMail without spoofing... 3998 if ($replyto) { 3999 if (is_array( $replyto )) { 4000 reset( $replytoname ); 4001 foreach ($replyto as $to) { 4002 $toname = ((list( $key, $value ) = each( $replytoname )) ? $value : ''); 4003 if (!JosIsValidEmail( $to ) || !JosIsValidName( $toname )) { 4004 return false; 4005 } 4006 $mail->AddReplyTo( $to, $toname ); 4007 } 4008 } else { 4009 if (!JosIsValidEmail( $replyto ) || !JosIsValidName( $replytoname )) { 4010 return false; 4011 } 4012 $mail->AddReplyTo($replyto, $replytoname); 4013 } 4014 } 4015 4016 $mailssend = $mail->Send(); 4017 4018 if( $mosConfig_debug ) { 4019 //$mosDebug->message( "Mails send: $mailssend"); 4020 } 4021 if( $mail->error_count > 0 ) { 4022 //$mosDebug->message( "The mail message $fromname <$from> about $subject to $recipient <b>failed</b><br /><pre>$body</pre>", false ); 4023 //$mosDebug->message( "Mailer Error: " . $mail->ErrorInfo . "" ); 4024 } 4025 return $mailssend; 4026 } // mosMail 4027 4028 /** 4029 * Checks if a given string is a valid email address 4030 * 4031 * @param string $email String to check for a valid email address 4032 * @return boolean 4033 */ 4034 function JosIsValidEmail( $email ) { 4035 $valid = preg_match( '/^[\w\.\-]+@\w+[\w\.\-]*?\.\w{1,4}$/', $email ); 4036 4037 return $valid; 4038 } 4039 4040 /** 4041 * Checks if a given string is a valid (from-)name or subject for an email 4042 * 4043 * @since 1.0.11 4044 * @deprecated 1.5 4045 * @param string $string String to check for validity 4046 * @return boolean 4047 */ 4048 function JosIsValidName( $string ) { 4049 /* 4050 * The following regular expression blocks all strings containing any low control characters: 4051 * 0x00-0x1F, 0x7F 4052 * These should be control characters in almost all used charsets. 4053 * The high control chars in ISO-8859-n (0x80-0x9F) are unused (e.g. http://en.wikipedia.org/wiki/ISO_8859-1) 4054 * Since they are valid UTF-8 bytes (e.g. used as the second byte of a two byte char), 4055 * they must not be filtered. 4056 */ 4057 $invalid = preg_match( '/[\x00-\x1F\x7F]/', $string ); 4058 if ($invalid) { 4059 return false; 4060 } else { 4061 return true; 4062 } 4063 } 4064 4065 /** 4066 * Initialise GZIP 4067 */ 4068 function initGzip() { 4069 global $mosConfig_gzip, $do_gzip_compress; 4070 4071 $do_gzip_compress = FALSE; 4072 if ($mosConfig_gzip == 1) { 4073 $phpver = phpversion(); 4074 $useragent = mosGetParam( $_SERVER, 'HTTP_USER_AGENT', '' ); 4075 $canZip = mosGetParam( $_SERVER, 'HTTP_ACCEPT_ENCODING', '' ); 4076 4077 $gzip_check = 0; 4078 $zlib_check = 0; 4079 $gz_check = 0; 4080 $zlibO_check = 0; 4081 $sid_check = 0; 4082 if ( strpos( $canZip, 'gzip' ) !== false) { 4083 $gzip_check = 1; 4084 } 4085 if ( extension_loaded( 'zlib' ) ) { 4086 $zlib_check = 1; 4087 } 4088 if ( function_exists('ob_gzhandler') ) { 4089 $gz_check = 1; 4090 } 4091 if ( ini_get('zlib.output_compression') ) { 4092 $zlibO_check = 1; 4093 } 4094 if ( ini_get('session.use_trans_sid') ) { 4095 $sid_check = 1; 4096 } 4097 4098 if ( $phpver >= '4.0.4pl1' && ( strpos($useragent,'compatible') !== false || strpos($useragent,'Gecko') !== false ) ) { 4099 // Check for gzip header or northon internet securities or session.use_trans_sid 4100 if ( ( $gzip_check || isset( $_SERVER['---------------']) ) && $zlib_check && $gz_check && !$zlibO_check && !$sid_check ) { 4101 // You cannot specify additional output handlers if 4102 // zlib.output_compression is activated here 4103 ob_start( 'ob_gzhandler' ); 4104 return; 4105 } 4106 } else if ( $phpver > '4.0' ) { 4107 if ( $gzip_check ) { 4108 if ( $zlib_check ) { 4109 $do_gzip_compress = TRUE; 4110 ob_start(); 4111 ob_implicit_flush(0); 4112 4113 header( 'Content-Encoding: gzip' ); 4114 return; 4115 } 4116 } 4117 } 4118 } 4119 ob_start(); 4120 } 4121 4122 /** 4123 * Perform GZIP 4124 */ 4125 function doGzip() { 4126 global $do_gzip_compress; 4127 if ( $do_gzip_compress ) { 4128 /** 4129 *Borrowed from php.net! 4130 */ 4131 $gzip_contents = ob_get_contents(); 4132 ob_end_clean(); 4133 4134 $gzip_size = strlen($gzip_contents); 4135 $gzip_crc = crc32($gzip_contents); 4136 4137 $gzip_contents = gzcompress($gzip_contents, 9); 4138 $gzip_contents = substr($gzip_contents, 0, strlen($gzip_contents) - 4); 4139 4140 echo "\x1f\x8b\x08\x00\x00\x00\x00\x00"; 4141 echo $gzip_contents; 4142 echo pack('V', $gzip_crc); 4143 echo pack('V', $gzip_size); 4144 } else { 4145 ob_end_flush(); 4146 } 4147 } 4148 4149 /** 4150 * Random password generator 4151 * @return password 4152 */ 4153 function mosMakePassword($length=8) { 4154 $salt = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; 4155 $makepass = ''; 4156 mt_srand(10000000*(double)microtime()); 4157 for ($i = 0; $i < $length; $i++) 4158 $makepass .= $salt[mt_rand(0,61)]; 4159 return $makepass; 4160 } 4161 4162 if (!function_exists('html_entity_decode')) { 4163 /** 4164 * html_entity_decode function for backward compatability in PHP 4165 * @param string 4166 * @param string 4167 */ 4168 function html_entity_decode ($string, $opt = ENT_COMPAT) { 4169 4170 $trans_tbl = get_html_translation_table (HTML_ENTITIES); 4171 $trans_tbl = array_flip ($trans_tbl); 4172 4173 if ($opt & 1) { // Translating single quotes 4174 // Add single quote to translation table; 4175 // doesn't appear to be there by default 4176 $trans_tbl["'"] = "'"; 4177 } 4178 4179 if (!($opt & 2)) { // Not translating double quotes 4180 // Remove double quote from translation table 4181 unset($trans_tbl["""]); 4182 } 4183 4184 return strtr ($string, $trans_tbl); 4185 } 4186 } 4187 4188 /** 4189 * Plugin handler 4190 * @package Joomla 4191 */ 4192 class mosMambotHandler { 4193 /** @var array An array of functions in event groups */ 4194 var $_events = null; 4195 /** @var array An array of lists */ 4196 var $_lists = null; 4197 /** @var array An array of mambots */ 4198 var $_bots = null; 4199 /** @var int Index of the mambot being loaded */ 4200 var $_loading = null; 4201 4202 /** Added as of 1.0.8 to ensure queries are only called once **/ 4203 4204 /** @var array An array of the content mambots in the system */ 4205 var $_content_mambots = null; 4206 /** @var array An array of the content mambot params */ 4207 var $_content_mambot_params = array(); 4208 /** @var array An array of the content mambot params */ 4209 var $_search_mambot_params = array(); 4210 4211 /** 4212 * Constructor 4213 */ 4214 function mosMambotHandler() { 4215 $this->_events = array(); 4216 } 4217 /** 4218 * Loads all the bot files for a particular group 4219 * @param string The group name, relates to the sub-directory in the mambots directory 4220 */ 4221 function loadBotGroup( $group ) { 4222 global $database, $my; 4223 4224 $group = trim( $group ); 4225 if (is_object( $my )) { 4226 $gid = $my->gid; 4227 } else { 4228 $gid = 0; 4229 } 4230 4231 $group = trim( $group ); 4232 4233 switch ( $group ) { 4234 case 'content': 4235 if (!defined( '_JOS_CONTENT_MAMBOTS' )) { 4236 /** ensure that query is only called once */ 4237 define( '_JOS_CONTENT_MAMBOTS', 1 ); 4238 4239 $query = "SELECT folder, element, published, params" 4240 . "\n FROM #__mambots" 4241 . "\n WHERE access <= " . (int) $gid 4242 . "\n AND folder = 'content'" 4243 . "\n ORDER BY ordering" 4244 ; 4245 $database->setQuery( $query ); 4246 4247 // load query into class variable _content_mambots 4248 if (!($this->_content_mambots = $database->loadObjectList())) { 4249 //echo "Error loading Mambots: " . $database->getErrorMsg(); 4250 return false; 4251 } 4252 } 4253 4254 // pull bots to be processed from class variable 4255 $bots = $this->_content_mambots; 4256 break; 4257 4258 default: 4259 $query = "SELECT folder, element, published, params" 4260 . "\n FROM #__mambots" 4261 . "\n WHERE published >= 1" 4262 . "\n AND access <= " . (int) $gid 4263 . "\n AND folder = " . $database->Quote( $group ) 4264 . "\n ORDER BY ordering" 4265 ; 4266 $database->setQuery( $query ); 4267 4268 if (!($bots = $database->loadObjectList())) { 4269 //echo "Error loading Mambots: " . $database->getErrorMsg(); 4270 return false; 4271 } 4272 break; 4273 } 4274 4275 // load bots found by queries 4276 $n = count( $bots); 4277 for ($i = 0; $i < $n; $i++) { 4278 $this->loadBot( $bots[$i]->folder, $bots[$i]->element, $bots[$i]->published, $bots[$i]->params ); 4279 } 4280 4281 return true; 4282 } 4283 /** 4284 * Loads the bot file 4285 * @param string The folder (group) 4286 * @param string The elements (name of file without extension) 4287 * @param int Published state 4288 * @param string The params for the bot 4289 */ 4290 function loadBot( $folder, $element, $published, $params='' ) { 4291 global $mosConfig_absolute_path; 4292 global $_MAMBOTS; 4293 4294 $path = $mosConfig_absolute_path . '/mambots/' . $folder . '/' . $element . '.php'; 4295 if (file_exists( $path )) { 4296 $this->_loading = count( $this->_bots ); 4297 $bot = new stdClass; 4298 $bot->folder = $folder; 4299 $bot->element = $element; 4300 $bot->published = $published; 4301 $bot->lookup = $folder . '/' . $element; 4302 $bot->params = $params; 4303 $this->_bots[] = $bot; 4304 4305 require_once( $path ); 4306 4307 $this->_loading = null; 4308 } 4309 } 4310 /** 4311 * Registers a function to a particular event group 4312 * @param string The event name 4313 * @param string The function name 4314 */ 4315 function registerFunction( $event, $function ) { 4316 $this->_events[$event][] = array( $function, $this->_loading ); 4317 } 4318 /** 4319 * Makes a option for a particular list in a group 4320 * @param string The group name 4321 * @param string The list name 4322 * @param string The value for the list option 4323 * @param string The text for the list option 4324 */ 4325 function addListOption( $group, $listName, $value, $text='' ) { 4326 $this->_lists[$group][$listName][] = mosHTML::makeOption( $value, $text ); 4327 } 4328 /** 4329 * @param string The group name 4330 * @param string The list name 4331 * @return array 4332 */ 4333 function getList( $group, $listName ) { 4334 return $this->_lists[$group][$listName]; 4335 } 4336 /** 4337 * Calls all functions associated with an event group 4338 * @param string The event name 4339 * @param array An array of arguments 4340 * @param boolean True is unpublished bots are to be processed 4341 * @return array An array of results from each function call 4342 */ 4343 function trigger( $event, $args=null, $doUnpublished=false ) { 4344 $result = array(); 4345 4346 if ($args === null) { 4347 $args = array(); 4348 } 4349 if ($doUnpublished) { 4350 // prepend the published argument 4351 array_unshift( $args, null ); 4352 } 4353 if (isset( $this->_events[$event] )) { 4354 foreach ($this->_events[$event] as $func) { 4355 if (function_exists( $func[0] )) { 4356 if ($doUnpublished) { 4357 $args[0] = $this->_bots[$func[1]]->published; 4358 $result[] = call_user_func_array( $func[0], $args ); 4359 } else if ($this->_bots[$func[1]]->published) { 4360 $result[] = call_user_func_array( $func[0], $args ); 4361 } 4362 } 4363 } 4364 } 4365 return $result; 4366 } 4367 /** 4368 * Same as trigger but only returns the first event and 4369 * allows for a variable argument list 4370 * @param string The event name 4371 * @return array The result of the first function call 4372 */ 4373 function call( $event ) { 4374 $doUnpublished=false; 4375 4376 $args =& func_get_args(); 4377 array_shift( $args ); 4378 4379 if (isset( $this->_events[$event] )) { 4380 foreach ($this->_events[$event] as $func) { 4381 if (function_exists( $func[0] )) { 4382 if ($this->_bots[$func[1]]->published) { 4383 return call_user_func_array( $func[0], $args ); 4384 } 4385 } 4386 } 4387 } 4388 return null; 4389 } 4390 } 4391 4392 /** 4393 * Tab Creation handler 4394 * @package Joomla 4395 */ 4396 class mosTabs { 4397 /** @var int Use cookies */ 4398 var $useCookies = 0; 4399 4400 /** 4401 * Constructor 4402 * Includes files needed for displaying tabs and sets cookie options 4403 * @param int useCookies, if set to 1 cookie will hold last used tab between page refreshes 4404 */ 4405 function mosTabs( $useCookies, $xhtml=NULL ) { 4406 global $mosConfig_live_site, $mainframe; 4407 4408 if ( $xhtml ) { 4409 $mainframe->addCustomHeadTag( '<link rel="stylesheet" type="text/css" media="all" href="includes/js/tabs/tabpane.css" id="luna-tab-style-sheet" />' ); 4410 } else { 4411 echo "<link id=\"luna-tab-style-sheet\" type=\"text/css\" rel=\"stylesheet\" href=\"" . $mosConfig_live_site. "/includes/js/tabs/tabpane.css\" />"; 4412 } 4413 4414 echo "<script type=\"text/javascript\" src=\"". $mosConfig_live_site . "/includes/js/tabs/tabpane_mini.js\"></script>"; 4415 4416 $this->useCookies = $useCookies; 4417 } 4418 4419 /** 4420 * creates a tab pane and creates JS obj 4421 * @param string The Tab Pane Name 4422 */ 4423 function startPane($id){ 4424 echo "<div class=\"tab-page\" id=\"".$id."\">"; 4425 echo "<script type=\"text/javascript\">\n"; 4426 echo " var tabPane1 = new WebFXTabPane( document.getElementById( \"".$id."\" ), ".$this->useCookies." )\n"; 4427 echo "</script>\n"; 4428 } 4429 4430 /** 4431 * Ends Tab Pane 4432 */ 4433 function endPane() { 4434 echo "</div>"; 4435 } 4436 4437 /* 4438 * Creates a tab with title text and starts that tabs page 4439 * @param tabText - This is what is displayed on the tab 4440 * @param paneid - This is the parent pane to build this tab on 4441 */ 4442 function startTab( $tabText, $paneid ) { 4443 echo "<div class=\"tab-page\" id=\"".$paneid."\">"; 4444 echo "<h2 class=\"tab\">".$tabText."</h2>"; 4445 echo "<script type=\"text/javascript\">\n"; 4446 echo " tabPane1.addTabPage( document.getElementById( \"".$paneid."\" ) );"; 4447 echo "</script>"; 4448 } 4449 4450 /* 4451 * Ends a tab page 4452 */ 4453 function endTab() { 4454 echo "</div>"; 4455 } 4456 } 4457 4458 /** 4459 * Common HTML Output Files 4460 * @package Joomla 4461 */ 4462 class mosAdminMenus { 4463 /** 4464 * build the select list for Menu Ordering 4465 */ 4466 function Ordering( &$row, $id ) { 4467 global $database; 4468 4469 if ( $id ) { 4470 $query = "SELECT ordering AS value, name AS text" 4471 . "\n FROM #__menu" 4472 . "\n WHERE menutype = " . $database->Quote ( $row->menutype ) 4473 . "\n AND parent = " . (int) $row->parent 4474 . "\n AND published != -2" 4475 . "\n ORDER BY ordering" 4476 ; 4477 $order = mosGetOrderingList( $query ); 4478 $ordering = mosHTML::selectList( $order, 'ordering', 'class="inputbox" size="1"', 'value', 'text', intval( $row->ordering ) ); 4479 } else { 4480 $ordering = '<input type="hidden" name="ordering" value="'. $row->ordering .'" />'. _CMN_NEW_ITEM_LAST; 4481 } 4482 return $ordering; 4483 } 4484 4485 /** 4486 * build the select list for access level 4487 */ 4488 function Access( &$row ) { 4489 global $database; 4490 4491 $query = "SELECT id AS value, name AS text" 4492 . "\n FROM #__groups" 4493 . "\n ORDER BY id" 4494 ; 4495 $database->setQuery( $query ); 4496 $groups = $database->loadObjectList(); 4497 $access = mosHTML::selectList( $groups, 'access', 'class="inputbox" size="3"', 'value', 'text', intval( $row->access ) ); 4498 4499 return $access; 4500 } 4501 4502 /** 4503 * build the select list for parent item 4504 */ 4505 function Parent( &$row ) { 4506 global $database; 4507 4508 $id = ''; 4509 if ( $row->id ) { 4510 $id = "\n AND id != " . (int) $row->id; 4511 } 4512 4513 // get a list of the menu items 4514 // excluding the current menu item and its child elements 4515 $query = "SELECT m.*" 4516 . "\n FROM #__menu m" 4517 . "\n WHERE menutype = " . $database->Quote( $row->menutype ) 4518 . "\n AND published != -2" 4519 . $id 4520 . "\n ORDER BY parent, ordering" 4521 ; 4522 $database->setQuery( $query ); 4523 $mitems = $database->loadObjectList(); 4524 4525 // establish the hierarchy of the menu 4526 $children = array(); 4527 4528 if ( $mitems ) { 4529 // first pass - collect children 4530 foreach ( $mitems as $v ) { 4531 $pt = $v->parent; 4532 $list = @$children[$pt] ? $children[$pt] : array(); 4533 array_push( $list, $v ); 4534 $children[$pt] = $list; 4535 } 4536 } 4537 4538 // second pass - get an indent list of the items 4539 $list = mosTreeRecurse( 0, '', array(), $children, 20, 0, 0 ); 4540 4541 // assemble menu items to the array 4542 $mitems = array(); 4543 $mitems[] = mosHTML::makeOption( '0', 'Top' ); 4544 4545 foreach ( $list as $item ) { 4546 $mitems[] = mosHTML::makeOption( $item->id, ' '. $item->treename ); 4547 } 4548 4549 $output = mosHTML::selectList( $mitems, 'parent', 'class="inputbox" size="10"', 'value', 'text', $row->parent ); 4550 4551 return $output; 4552 } 4553 4554 /** 4555 * build a radio button option for published state 4556 */ 4557 function Published( &$row ) { 4558 $published = mosHTML::yesnoRadioList( 'published', 'class="inputbox"', $row->published ); 4559 return $published; 4560 } 4561 4562 /** 4563 * build the link/url of a menu item 4564 */ 4565 function Link( &$row, $id, $link=NULL ) { 4566 global $mainframe; 4567 4568 if ( $id ) { 4569 switch ($row->type) { 4570 case 'content_item_link': 4571 case 'content_typed': 4572 // load menu params 4573 $params = new mosParameters( $row->params, $mainframe->getPath( 'menu_xml', $row->type ), 'menu' ); 4574 4575 if ( $params->get( 'unique_itemid' ) ) { 4576 $row->link .= '&Itemid='. $row->id; 4577 } else { 4578 $temp = split( '&task=view&id=', $row->link); 4579 $row->link .= '&Itemid='. $mainframe->getItemid($temp[1], 0, 0); 4580 } 4581 4582 $link = $row->link; 4583 break; 4584 4585 default: 4586 if ( $link ) { 4587 $link = $row->link; 4588 } else { 4589 $link = $row->link .'&Itemid='. $row->id; 4590 } 4591 break; 4592 } 4593 } else { 4594 $link = NULL; 4595 } 4596 4597 return $link; 4598 } 4599 4600 /** 4601 * build the select list for target window 4602 */ 4603 function Target( &$row ) { 4604 $click[] = mosHTML::makeOption( '0', 'Parent Window With Browser Navigation' ); 4605 $click[] = mosHTML::makeOption( '1', 'New Window With Browser Navigation' ); 4606 $click[] = mosHTML::makeOption( '2', 'New Window Without Browser Navigation' ); 4607 $target = mosHTML::selectList( $click, 'browserNav', 'class="inputbox" size="4"', 'value', 'text', intval( $row->browserNav ) ); 4608 return $target; 4609 } 4610 4611 /** 4612 * build the multiple select list for Menu Links/Pages 4613 */ 4614 function MenuLinks( &$lookup, $all=NULL, $none=NULL, $unassigned=1 ) { 4615 global $database; 4616 4617 // get a list of the menu items 4618 $query = "SELECT m.*" 4619 . "\n FROM #__menu AS m" 4620 . "\n WHERE m.published = 1" 4621 //. "\n AND m.type != 'separator'" 4622 //. "\n AND NOT (" 4623 // . "\n ( m.type = 'url' )" 4624 // . "\n AND ( m.link LIKE '%index.php%' )" 4625 // . "\n AND ( m.link LIKE '%Itemid=%' )" 4626 //. "\n )" 4627 . "\n ORDER BY m.menutype, m.parent, m.ordering" 4628 ; 4629 $database->setQuery( $query ); 4630 $mitems = $database->loadObjectList(); 4631 $mitems_temp = $mitems; 4632 4633 // establish the hierarchy of the menu 4634 $children = array(); 4635 // first pass - collect children 4636 foreach ( $mitems as $v ) { 4637 $id = $v->id; 4638 $pt = $v->parent; 4639 $list = @$children[$pt] ? $children[$pt] : array(); 4640 array_push( $list, $v ); 4641 $children[$pt] = $list; 4642 } 4643 // second pass - get an indent list of the items 4644 $list = mosTreeRecurse( intval( $mitems[0]->parent ), '', array(), $children, 20, 0, 0 ); 4645 4646 // Code that adds menu name to Display of Page(s) 4647 $text_count = 0; 4648 $mitems_spacer = $mitems_temp[0]->menutype; 4649 foreach ($list as $list_a) { 4650 foreach ($mitems_temp as $mitems_a) { 4651 if ($mitems_a->id == $list_a->id) { 4652 // Code that inserts the blank line that seperates different menus 4653 if ($mitems_a->menutype != $mitems_spacer) { 4654 $list_temp[] = mosHTML::makeOption( -999, '----' ); 4655 $mitems_spacer = $mitems_a->menutype; 4656 } 4657 4658 // do not display `url` menu item types that contain `index.php` and `Itemid` 4659 if (!($mitems_a->type == 'url' && strpos($mitems_a->link, 'index.php') !== false && strpos($mitems_a->link, 'Itemid=') !== false)) { 4660 $text = $mitems_a->menutype .' | '. $list_a->treename; 4661 $list_temp[] = mosHTML::makeOption( $list_a->id, $text ); 4662 4663 if ( strlen($text) > $text_count) { 4664 $text_count = strlen($text); 4665 } 4666 } 4667 } 4668 } 4669 } 4670 $list = $list_temp; 4671 4672 $mitems = array(); 4673 if ( $all ) { 4674 // prepare an array with 'all' as the first item 4675 $mitems[] = mosHTML::makeOption( 0, 'All' ); 4676 // adds space, in select box which is not saved 4677 $mitems[] = mosHTML::makeOption( -999, '----' ); 4678 } 4679 if ( $none ) { 4680 // prepare an array with 'all' as the first item 4681 $mitems[] = mosHTML::makeOption( -999, 'None' ); 4682 // adds space, in select box which is not saved 4683 $mitems[] = mosHTML::makeOption( -999, '----' ); 4684 } 4685 if ( $unassigned ) { 4686 // prepare an array with 'all' as the first item 4687 $mitems[] = mosHTML::makeOption( 99999999, 'Unassigned' ); 4688 // adds space, in select box which is not saved 4689 $mitems[] = mosHTML::makeOption( -999, '----' ); 4690 } 4691 4692 // append the rest of the menu items to the array 4693 foreach ($list as $item) { 4694 $mitems[] = mosHTML::makeOption( $item->value, $item->text ); 4695 } 4696 $pages = mosHTML::selectList( $mitems, 'selections[]', 'class="inputbox" size="26" multiple="multiple"', 'value', 'text', $lookup ); 4697 return $pages; 4698 } 4699 4700 4701 /** 4702 * build the select list to choose a category 4703 */ 4704 function Category( &$menu, $id, $javascript='' ) { 4705 global $database; 4706 4707 $query = "SELECT c.id AS `value`, c.section AS `id`, CONCAT_WS( ' / ', s.title, c.title) AS `text`" 4708 . "\n FROM #__sections AS s" 4709 . "\n INNER JOIN #__categories AS c ON c.section = s.id" 4710 . "\n WHERE s.scope = 'content'" 4711 . "\n ORDER BY s.name, c.name" 4712 ; 4713 $database->setQuery( $query ); 4714 $rows = $database->loadObjectList(); 4715 $category = ''; 4716 if ( $id ) { 4717 foreach ( $rows as $row ) { 4718 if ( $row->value == $menu->componentid ) { 4719 $category = $row->text; 4720 } 4721 } 4722 $category .= '<input type="hidden" name="componentid" value="'. $menu->componentid .'" />'; 4723 $category .= '<input type="hidden" name="link" value="'. $menu->link .'" />'; 4724 } else { 4725 $category = mosHTML::selectList( $rows, 'componentid', 'class="inputbox" size="10"'. $javascript, 'value', 'text' ); 4726 $category .= '<input type="hidden" name="link" value="" />'; 4727 } 4728 return $category; 4729 } 4730 4731 /** 4732 * build the select list to choose a section 4733 */ 4734 function Section( &$menu, $id, $all=0 ) { 4735 global $database; 4736 4737 $query = "SELECT s.id AS `value`, s.id AS `id`, s.title AS `text`" 4738 . "\n FROM #__sections AS s" 4739 . "\n WHERE s.scope = 'content'" 4740 . "\n ORDER BY s.name" 4741 ; 4742 $database->setQuery( $query ); 4743 if ( $all ) { 4744 $rows[] = mosHTML::makeOption( 0, '- All Sections -' ); 4745 $rows = array_merge( $rows, $database->loadObjectList() ); 4746 } else { 4747 $rows = $database->loadObjectList(); 4748 } 4749 4750 if ( $id ) { 4751 foreach ( $rows as $row ) { 4752 if ( $row->value == $menu->componentid ) { 4753 $section = $row->text; 4754 } 4755 } 4756 $section .= '<input type="hidden" name="componentid" value="'. $menu->componentid .'" />'; 4757 $section .= '<input type="hidden" name="link" value="'. $menu->link .'" />'; 4758 } else { 4759 $section = mosHTML::selectList( $rows, 'componentid', 'class="inputbox" size="10"', 'value', 'text' ); 4760 $section .= '<input type="hidden" name="link" value="" />'; 4761 } 4762 return $section; 4763 } 4764 4765 /** 4766 * build the select list to choose a component 4767 */ 4768 function Component( &$menu, $id ) { 4769 global $database; 4770 4771 $query = "SELECT c.id AS value, c.name AS text, c.link" 4772 . "\n FROM #__components AS c" 4773 . "\n WHERE c.link != ''" 4774 . "\n ORDER BY c.name" 4775 ; 4776 $database->setQuery( $query ); 4777 $rows = $database->loadObjectList( ); 4778 4779 if ( $id ) { 4780 // existing component, just show name 4781 foreach ( $rows as $row ) { 4782 if ( $row->value == $menu->componentid ) { 4783 $component = $row->text; 4784 } 4785 } 4786 $component .= '<input type="hidden" name="componentid" value="'. $menu->componentid .'" />'; 4787 } else { 4788 $component = mosHTML::selectList( $rows, 'componentid', 'class="inputbox" size="10"', 'value', 'text' ); 4789 } 4790 return $component; 4791 } 4792 4793 /** 4794 * build the select list to choose a component 4795 */ 4796 function ComponentName( &$menu, $id ) { 4797 global $database; 4798 4799 $query = "SELECT c.id AS value, c.name AS text, c.link" 4800 . "\n FROM #__components AS c" 4801 . "\n WHERE c.link != ''" 4802 . "\n ORDER BY c.name" 4803 ; 4804 $database->setQuery( $query ); 4805 $rows = $database->loadObjectList( ); 4806 4807 $component = 'Component'; 4808 foreach ( $rows as $row ) { 4809 if ( $row->value == $menu->componentid ) { 4810 $component = $row->text; 4811 } 4812 } 4813 4814 return $component; 4815 } 4816 4817 /** 4818 * build the select list to choose an image 4819 */ 4820 function Images( $name, &$active, $javascript=NULL, $directory=NULL ) { 4821 global $mosConfig_absolute_path; 4822 4823 if ( !$directory ) { 4824 $directory = '/images/stories'; 4825 } 4826 4827 if ( !$javascript ) { 4828 $javascript = "onchange=\"javascript:if (document.forms[0].image.options[selectedIndex].value!='') {document.imagelib.src='..$directory/' + document.forms[0].image.options[selectedIndex].value} else {document.imagelib.src='../images/blank.png'}\""; 4829 } 4830 4831 $imageFiles = mosReadDirectory( $mosConfig_absolute_path . $directory ); 4832 $images = array( mosHTML::makeOption( '', '- Select Image -' ) ); 4833 foreach ( $imageFiles as $file ) { 4834 if ( eregi( "bmp|gif|jpg|png", $file ) ) { 4835 $images[] = mosHTML::makeOption( $file ); 4836 } 4837 } 4838 $images = mosHTML::selectList( $images, $name, 'class="inputbox" size="1" '. $javascript, 'value', 'text', $active ); 4839 4840 return $images; 4841 } 4842 4843 /** 4844 * build the select list for Ordering of a specified Table 4845 */ 4846 function SpecificOrdering( &$row, $id, $query, $neworder=0 ) { 4847 global $database; 4848 4849 if ( $neworder ) { 4850 $text = _CMN_NEW_ITEM_FIRST; 4851 } else { 4852 $text = _CMN_NEW_ITEM_LAST; 4853 } 4854 4855 if ( $id ) { 4856 $order = mosGetOrderingList( $query ); 4857 $ordering = mosHTML::selectList( $order, 'ordering', 'class="inputbox" size="1"', 'value', 'text', intval( $row->ordering ) ); 4858 } else { 4859 $ordering = '<input type="hidden" name="ordering" value="'. $row->ordering .'" />'. $text; 4860 } 4861 return $ordering; 4862 } 4863 4864 /** 4865 * Select list of active users 4866 */ 4867 function UserSelect( $name, $active, $nouser=0, $javascript=NULL, $order='name', $reg=1 ) { 4868 global $database, $my; 4869 4870 $and = ''; 4871 if ( $reg ) { 4872 // does not include registered users in the list 4873 $and = "\n AND gid > 18"; 4874 } 4875 4876 $query = "SELECT id AS value, name AS text" 4877 . "\n FROM #__users" 4878 . "\n WHERE block = 0" 4879 . $and 4880 . "\n ORDER BY $order" 4881 ; 4882 $database->setQuery( $query ); 4883 if ( $nouser ) { 4884 $users[] = mosHTML::makeOption( '0', '- No User -' ); 4885 $users = array_merge( $users, $database->loadObjectList() ); 4886 } else { 4887 $users = $database->loadObjectList(); 4888 } 4889 4890 $users = mosHTML::selectList( $users, $name, 'class="inputbox" size="1" '. $javascript, 'value', 'text', $active ); 4891 4892 return $users; 4893 } 4894 4895 /** 4896 * Select list of positions - generally used for location of images 4897 */ 4898 function Positions( $name, $active=NULL, $javascript=NULL, $none=1, $center=1, $left=1, $right=1 ) { 4899 if ( $none ) { 4900 $pos[] = mosHTML::makeOption( '', _CMN_NONE ); 4901 } 4902 if ( $center ) { 4903 $pos[] = mosHTML::makeOption( 'center', _CMN_CENTER ); 4904 } 4905 if ( $left ) { 4906 $pos[] = mosHTML::makeOption( 'left', _CMN_LEFT ); 4907 } 4908 if ( $right ) { 4909 $pos[] = mosHTML::makeOption( 'right', _CMN_RIGHT ); 4910 } 4911 4912 $positions = mosHTML::selectList( $pos, $name, 'class="inputbox" size="1"'. $javascript, 'value', 'text', $active ); 4913 4914 return $positions; 4915 } 4916 4917 /** 4918 * Select list of active categories for components 4919 */ 4920 function ComponentCategory( $name, $section, $active=NULL, $javascript=NULL, $order='ordering', $size=1, $sel_cat=1 ) { 4921 global $database; 4922 4923 $query = "SELECT id AS value, name AS text" 4924 . "\n FROM #__categories" 4925 . "\n WHERE section = " . $database->Quote( $section ) 4926 . "\n AND published = 1" 4927 . "\n ORDER BY $order" 4928 ; 4929 $database->setQuery( $query ); 4930 if ( $sel_cat ) { 4931 $categories[] = mosHTML::makeOption( '0', _SEL_CATEGORY ); 4932 $categories = array_merge( $categories, $database->loadObjectList() ); 4933 } else { 4934 $categories = $database->loadObjectList(); 4935 } 4936 4937 if ( count( $categories ) < 1 ) { 4938 mosRedirect( 'index2.php?option=com_categories§ion='. $section, 'You must create a category first.' ); 4939 } 4940 4941 $category = mosHTML::selectList( $categories, $name, 'class="inputbox" size="'. $size .'" '. $javascript, 'value', 'text', $active ); 4942 4943 return $category; 4944 } 4945 4946 /** 4947 * Select list of active sections 4948 */ 4949 function SelectSection( $name, $active=NULL, $javascript=NULL, $order='ordering' ) { 4950 global $database; 4951 4952 $categories[] = mosHTML::makeOption( '0', _SEL_SECTION ); 4953 $query = "SELECT id AS value, title AS text" 4954 . "\n FROM #__sections" 4955 . "\n WHERE published = 1" 4956 . "\n ORDER BY $order" 4957 ; 4958 $database->setQuery( $query ); 4959 $sections = array_merge( $categories, $database->loadObjectList() ); 4960 4961 $category = mosHTML::selectList( $sections, $name, 'class="inputbox" size="1" '. $javascript, 'value', 'text', $active ); 4962 4963 return $category; 4964 } 4965 4966 /** 4967 * Select list of menu items for a specific menu 4968 */ 4969 function Links2Menu( $type, $and ) { 4970 global $database; 4971 4972 $query = "SELECT *" 4973 . "\n FROM #__menu" 4974 . "\n WHERE type = " . $database->Quote( $type ) 4975 . "\n AND published = 1" 4976 . $and 4977 ; 4978 $database->setQuery( $query ); 4979 $menus = $database->loadObjectList(); 4980 4981 return $menus; 4982 } 4983 4984 /** 4985 * Select list of menus 4986 * @param string The control name 4987 * @param string Additional javascript 4988 * @return string A select list 4989 */ 4990 function MenuSelect( $name='menuselect', $javascript=NULL ) { 4991 global $database; 4992 4993 $query = "SELECT params" 4994 . "\n FROM #__modules" 4995 . "\n WHERE module = 'mod_mainmenu'" 4996 ; 4997 $database->setQuery( $query ); 4998 $menus = $database->loadObjectList(); 4999 $total = count( $menus ); 5000 $menuselect = array(); 5001 for( $i = 0; $i < $total; $i++ ) { 5002 $params = mosParseParams( $menus[$i]->params ); 5003 $menuselect[$i]->value = $params->menutype; 5004 $menuselect[$i]->text = $params->menutype; 5005 } 5006 // sort array of objects 5007 SortArrayObjects( $menuselect, 'text', 1 ); 5008 5009 $menus = mosHTML::selectList( $menuselect, $name, 'class="inputbox" size="10" '. $javascript, 'value', 'text' ); 5010 5011 return $menus; 5012 } 5013 5014 /** 5015 * Internal function to recursive scan the media manager directories 5016 * @param string Path to scan 5017 * @param string root path of this folder 5018 * @param array Value array of all existing folders 5019 * @param array Value array of all existing images 5020 */ 5021 function ReadImages( $imagePath, $folderPath, &$folders, &$images ) { 5022 $imgFiles = mosReadDirectory( $imagePath ); 5023 5024 foreach ($imgFiles as $file) { 5025 $ff_ = $folderPath . $file .'/'; 5026 $ff = $folderPath . $file; 5027 $i_f = $imagePath .'/'. $file; 5028 5029 if ( is_dir( $i_f ) && $file != 'CVS' && $file != '.svn') { 5030 $folders[] = mosHTML::makeOption( $ff_ ); 5031 mosAdminMenus::ReadImages( $i_f, $ff_, $folders, $images ); 5032 } else if ( eregi( "bmp|gif|jpg|png", $file ) && is_file( $i_f ) ) { 5033 // leading / we don't need 5034 $imageFile = substr( $ff, 1 ); 5035 $images[$folderPath][] = mosHTML::makeOption( $imageFile, $file ); 5036 } 5037 } 5038 } 5039 5040 /** 5041 * Internal function to recursive scan the media manager directories 5042 * @param string Path to scan 5043 * @param string root path of this folder 5044 * @param array Value array of all existing folders 5045 * @param array Value array of all existing images 5046 */ 5047 function ReadImagesX( &$folders, &$images ) { 5048 global $mosConfig_absolute_path; 5049 5050 if ( $folders[0]->value != '*0*' ) { 5051 foreach ( $folders as $folder ) { 5052 $imagePath = $mosConfig_absolute_path .'/images/stories' . $folder->value; 5053 $imgFiles = mosReadDirectory( $imagePath ); 5054 $folderPath = $folder->value .'/'; 5055 5056 foreach ($imgFiles as $file) { 5057 $ff = $folderPath . $file; 5058 $i_f = $imagePath .'/'. $file; 5059 5060 if ( eregi( "bmp|gif|jpg|png", $file ) && is_file( $i_f ) ) { 5061 // leading / we don't need 5062 $imageFile = substr( $ff, 1 ); 5063 $images[$folderPath][] = mosHTML::makeOption( $imageFile, $file ); 5064 } 5065 } 5066 } 5067 } else { 5068 $folders = array(); 5069 $folders[] = mosHTML::makeOption( 'None' ); 5070 } 5071 } 5072 5073 function GetImageFolders( &$temps, $path ) { 5074 if ( $temps[0]->value != 'None' ) { 5075 foreach( $temps as $temp ) { 5076 if ( substr( $temp->value, -1, 1 ) != '/' ) { 5077 $temp = $temp->value .'/'; 5078 $folders[] = mosHTML::makeOption( $temp, $temp ); 5079 } else { 5080 $temp = $temp->value; 5081 $temp = ampReplace( $temp ); 5082 $folders[] = mosHTML::makeOption( $temp, $temp ); 5083 } 5084 } 5085 } else { 5086 $folders[] = mosHTML::makeOption( 'None Selected' ); 5087 } 5088 5089 $javascript = "onchange=\"changeDynaList( 'imagefiles', folderimages, document.adminForm.folders.options[document.adminForm.folders.selectedIndex].value, 0, 0);\""; 5090 $getfolders = mosHTML::selectList( $folders, 'folders', 'class="inputbox" size="1" '. $javascript, 'value', 'text', '/' ); 5091 5092 return $getfolders; 5093 } 5094 5095 function GetImages( &$images, $path, $base='/' ) { 5096 if ( is_array($base) && count($base) > 0 ) { 5097 if ( $base[0]->value != '/' ) { 5098 $base = $base[0]->value .'/'; 5099 } else { 5100 $base = $base[0]->value; 5101 } 5102 } else { 5103 $base = '/'; 5104 } 5105 5106 if ( !isset($images[$base] ) ) { 5107 $images[$base][] = mosHTML::makeOption( '' ); 5108 } 5109 5110 $javascript = "onchange=\"previewImage( 'imagefiles', 'view_imagefiles', '$path/' )\" onfocus=\"previewImage( 'imagefiles', 'view_imagefiles', '$path/' )\""; 5111 $getimages = mosHTML::selectList( $images[$base], 'imagefiles', 'class="inputbox" size="10" multiple="multiple" '. $javascript , 'value', 'text', null ); 5112 5113 return $getimages; 5114 } 5115 5116 function GetSavedImages( &$row, $path ) { 5117 $images2 = array(); 5118 5119 foreach( $row->images as $file ) { 5120 $temp = explode( '|', $file ); 5121 if( strrchr($temp[0], '/') ) { 5122 $filename = substr( strrchr($temp[0], '/' ), 1 ); 5123 } else { 5124 $filename = $temp[0]; 5125 } 5126 $images2[] = mosHTML::makeOption( $file, $filename ); 5127 } 5128 5129 $javascript = "onchange=\"previewImage( 'imagelist', 'view_imagelist', '$path/' ); showImageProps( '$path/' ); \""; 5130 $imagelist = mosHTML::selectList( $images2, 'imagelist', 'class="inputbox" size="10" '. $javascript, 'value', 'text' ); 5131 5132 return $imagelist; 5133 } 5134 5135 /** 5136 * Checks to see if an image exists in the current templates image directory 5137 * if it does it loads this image. Otherwise the default image is loaded. 5138 * Also can be used in conjunction with the menulist param to create the chosen image 5139 * load the default or use no image 5140 */ 5141 function ImageCheck( $file, $directory='/images/M_images/', $param=NULL, $param_directory='/images/M_images/', $alt=NULL, $name=NULL, $type=1, $align='middle', $title=NULL, $admin=NULL ) { 5142 global $mosConfig_absolute_path, $mosConfig_live_site, $mainframe; 5143 5144 $cur_template = $mainframe->getTemplate(); 5145 5146 $name = ( $name ? ' name="'. $name .'"' : '' ); 5147 $title = ( $title ? ' title="'. $title .'"' : '' ); 5148 $alt = ( $alt ? ' alt="'. $alt .'"' : ' alt=""' ); 5149 $align = ( $align ? ' align="'. $align .'"' : '' ); 5150 5151 // change directory path from frontend or backend 5152 if ($admin) { 5153 $path = '/administrator/templates/'. $cur_template .'/images/'; 5154 } else { 5155 $path = '/templates/'. $cur_template .'/images/'; 5156 } 5157 5158 if ( $param ) { 5159 $image = $mosConfig_live_site. $param_directory . $param; 5160 if ( $type ) { 5161 $image = '<img src="'. $image .'" '. $alt . $name . $align .' border="0" />'; 5162 } 5163 } else if ( $param == -1 ) { 5164 $image = ''; 5165 } else { 5166 if ( file_exists( $mosConfig_absolute_path . $path . $file ) ) { 5167 $image = $mosConfig_live_site . $path . $file; 5168 } else { 5169 // outputs only path to image 5170 $image = $mosConfig_live_site. $directory . $file; 5171 } 5172 5173 // outputs actual html <img> tag 5174 if ( $type ) { 5175 $image = '<img src="'. $image .'" '. $alt . $name . $title . $align .' border="0" />'; 5176 } 5177 } 5178 5179 return $image; 5180 } 5181 5182 /** 5183 * Checks to see if an image exists in the current templates image directory 5184 * if it does it loads this image. Otherwise the default image is loaded. 5185 * Also can be used in conjunction with the menulist param to create the chosen image 5186 * load the default or use no image 5187 */ 5188 function ImageCheckAdmin( $file, $directory='/administrator/images/', $param=NULL, $param_directory='/administrator/images/', $alt=NULL, $name=NULL, $type=1, $align='middle', $title=NULL ) { 5189 /* 5190 global $mosConfig_absolute_path, $mosConfig_live_site, $mainframe; 5191 5192 $cur_template = $mainframe->getTemplate(); 5193 5194 $name = ( $name ? ' name="'. $name .'"' : '' ); 5195 $title = ( $title ? ' title="'. $title .'"' : '' ); 5196 $alt = ( $alt ? ' alt="'. $alt .'"' : ' alt=""' ); 5197 $align = ( $align ? ' align="'. $align .'"' : '' ); 5198 5199 $path = '/administrator/templates/'. $cur_template .'/images/'; 5200 5201 if ( $param ) { 5202 $image = $mosConfig_live_site. $param_directory . $param; 5203 if ( $type ) { 5204 $image = '<img src="'. $image .'" '. $alt . $name . $align .' border="0" />'; 5205 } 5206 } else if ( $param == -1 ) { 5207 $image = ''; 5208 } else { 5209 if ( file_exists( $mosConfig_absolute_path . $path . $file ) ) { 5210 $image = $mosConfig_live_site . $path . $file; 5211 } else { 5212 // outputs only path to image 5213 $image = $mosConfig_live_site. $directory . $file; 5214 } 5215 5216 // outputs actual html <img> tag 5217 if ( $type ) { 5218 $image = '<img src="'. $image .'" '. $alt . $name . $title . $align .' border="0" />'; 5219 } 5220 } 5221 */ 5222 // functionality consolidated into ImageCheck 5223 $image = mosAdminMenus::ImageCheck( $file, $directory, $param, $param_directory, $alt, $name, $type, $align, $title, $admin=1 ); 5224 5225 return $image; 5226 } 5227 5228 function menutypes() { 5229 global $database; 5230 5231 $query = "SELECT params" 5232 . "\n FROM #__modules" 5233 . "\n WHERE module = 'mod_mainmenu'" 5234 . "\n ORDER BY title" 5235 ; 5236 $database->setQuery( $query ); 5237 $modMenus = $database->loadObjectList(); 5238 5239 $query = "SELECT menutype" 5240 . "\n FROM #__menu" 5241 . "\n GROUP BY menutype" 5242 . "\n ORDER BY menutype" 5243 ; 5244 $database->setQuery( $query ); 5245 $menuMenus = $database->loadObjectList(); 5246 5247 $menuTypes = ''; 5248 foreach ( $modMenus as $modMenu ) { 5249 $check = 1; 5250 mosMakeHtmlSafe( $modMenu) ; 5251 $modParams = mosParseParams( $modMenu->params ); 5252 $menuType = @$modParams->menutype; 5253 if (!$menuType) { 5254 $menuType = 'mainmenu'; 5255 } 5256 5257 // stop duplicate menutype being shown 5258 if ( !is_array( $menuTypes) ) { 5259 // handling to create initial entry into array 5260 $menuTypes[] = $menuType; 5261 } else { 5262 $check = 1; 5263 foreach ( $menuTypes as $a ) { 5264 if ( $a == $menuType ) { 5265 $check = 0; 5266 } 5267 } 5268 if ( $check ) { 5269 $menuTypes[] = $menuType; 5270 } 5271 } 5272 5273 } 5274 // add menutypes from jos_menu 5275 foreach ( $menuMenus as $menuMenu ) { 5276 $check = 1; 5277 foreach ( $menuTypes as $a ) { 5278 if ( $a == $menuMenu->menutype ) { 5279 $check = 0; 5280 } 5281 } 5282 if ( $check ) { 5283 $menuTypes[] = $menuMenu->menutype; 5284 } 5285 } 5286 5287 // sorts menutypes 5288 asort( $menuTypes ); 5289 5290 return $menuTypes; 5291 } 5292 5293 /* 5294 * loads files required for menu items 5295 */ 5296 function menuItem( $item ) { 5297 global $mosConfig_absolute_path; 5298 5299 $path = $mosConfig_absolute_path .'/administrator/components/com_menus/'. $item .'/'; 5300 include_once( $path . $item .'.class.php' ); 5301 include_once( $path . $item .'.menu.html.php' ); 5302 } 5303 } 5304 5305 5306 class mosCommonHTML { 5307 5308 function ContentLegend( ) { 5309 ?> 5310 <table cellspacing="0" cellpadding="4" border="0" align="center"> 5311 <tr align="center"> 5312 <td> 5313 <img src="images/publish_y.png" width="12" height="12" border="0" alt="Pending" /> 5314 </td> 5315 <td> 5316 Published, but is <u>Pending</u> | 5317 </td> 5318 <td> 5319 <img src="images/publish_g.png" width="12" height="12" border="0" alt="Visible" /> 5320 </td> 5321 <td> 5322 Published and is <u>Current</u> | 5323 </td> 5324 <td> 5325 <img src="images/publish_r.png" width="12" height="12" border="0" alt="Finished" /> 5326 </td> 5327 <td> 5328 Published, but has <u>Expired</u> | 5329 </td> 5330 <td> 5331 <img src="images/publish_x.png" width="12" height="12" border="0" alt="Finished" /> 5332 </td> 5333 <td> 5334 Not Published 5335 </td> 5336 </tr> 5337 <tr> 5338 <td colspan="8" align="center"> 5339 Click on icon to toggle state. 5340 </td> 5341 </tr> 5342 </table> 5343 <?php 5344 } 5345 5346 function menuLinksContent( &$menus ) { 5347 ?> 5348 <script language="javascript" type="text/javascript"> 5349 function go2( pressbutton, menu, id ) { 5350 var form = document.adminForm; 5351 5352 // assemble the images back into one field 5353 var temp = new Array; 5354 for (var i=0, n=form.imagelist.options.length; i < n; i++) { 5355 temp[i] = form.imagelist.options[i].value; 5356 } 5357 form.images.value = temp.join( '\n' ); 5358 5359 if (pressbutton == 'go2menu') { 5360 form.menu.value = menu; 5361 submitform( pressbutton ); 5362 return; 5363 } 5364 5365 if (pressbutton == 'go2menuitem') { 5366 form.menu.value = menu; 5367 form.menuid.value = id; 5368 submitform( pressbutton ); 5369 return; 5370 } 5371 } 5372 </script> 5373 <?php 5374 foreach( $menus as $menu ) { 5375 ?> 5376 <tr> 5377 <td colspan="2"> 5378 <hr /> 5379 </td> 5380 </tr> 5381 <tr> 5382 <td width="90px" valign="top"> 5383 Menu 5384 </td> 5385 <td> 5386 <a href="javascript:go2( 'go2menu', '<?php echo $menu->menutype; ?>' );" title="Go to Menu"> 5387 <?php echo $menu->menutype; ?> 5388 </a> 5389 </td> 5390 </tr> 5391 <tr> 5392 <td width="90px" valign="top"> 5393 Link Name 5394 </td> 5395 <td> 5396 <strong> 5397 <a href="javascript:go2( 'go2menuitem', '<?php echo $menu->menutype; ?>', '<?php echo $menu->id; ?>' );" title="Go to Menu Item"> 5398 <?php echo $menu->name; ?> 5399 </a> 5400 </strong> 5401 </td> 5402 </tr> 5403 <tr> 5404 <td width="90px" valign="top"> 5405 State 5406 </td> 5407 <td> 5408 <?php 5409 switch ( $menu->published ) { 5410 case -2: 5411 echo '<font color="red">Trashed</font>'; 5412 break; 5413 case 0: 5414 echo 'UnPublished'; 5415 break; 5416 case 1: 5417 default: 5418 echo '<font color="green">Published</font>'; 5419 break; 5420 } 5421 ?> 5422 </td> 5423 </tr> 5424 <?php 5425 } 5426 ?> 5427 <input type="hidden" name="menu" value="" /> 5428 <input type="hidden" name="menuid" value="" /> 5429 <?php 5430 } 5431 5432 function menuLinksSecCat( &$menus ) { 5433 ?> 5434 <script language="javascript" type="text/javascript"> 5435 function go2( pressbutton, menu, id ) { 5436 var form = document.adminForm; 5437 5438 if (pressbutton == 'go2menu') { 5439 form.menu.value = menu; 5440 submitform( pressbutton ); 5441 return; 5442 } 5443 5444 if (pressbutton == 'go2menuitem') { 5445 form.menu.value = menu; 5446 form.menuid.value = id; 5447 submitform( pressbutton ); 5448 return; 5449 } 5450 } 5451 </script> 5452 <?php 5453 foreach( $menus as $menu ) { 5454 ?> 5455 <tr> 5456 <td colspan="2"> 5457 <hr/> 5458 </td> 5459 </tr> 5460 <tr> 5461 <td width="90px" valign="top"> 5462 Menu 5463 </td> 5464 <td> 5465 <a href="javascript:go2( 'go2menu', '<?php echo $menu->menutype; ?>' );" title="Go to Menu"> 5466 <?php echo $menu->menutype; ?> 5467 </a> 5468 </td> 5469 </tr> 5470 <tr> 5471 <td width="90px" valign="top"> 5472 Type 5473 </td> 5474 <td> 5475 <?php echo $menu->type; ?> 5476 </td> 5477 </tr> 5478 <tr> 5479 <td width="90px" valign="top"> 5480 Item Name 5481 </td> 5482 <td> 5483 <strong> 5484 <a href="javascript:go2( 'go2menuitem', '<?php echo $menu->menutype; ?>', '<?php echo $menu->id; ?>' );" title="Go to Menu Item"> 5485 <?php echo $menu->name; ?> 5486 </a> 5487 </strong> 5488 </td> 5489 </tr> 5490 <tr> 5491 <td width="90px" valign="top"> 5492 State 5493 </td> 5494 <td> 5495 <?php 5496 switch ( $menu->published ) { 5497 case -2: 5498 echo '<font color="red">Trashed</font>'; 5499 break; 5500 case 0: 5501 echo 'UnPublished'; 5502 break; 5503 case 1: 5504 default: 5505 echo '<font color="green">Published</font>'; 5506 break; 5507 } 5508 ?> 5509 </td> 5510 </tr> 5511 <?php 5512 } 5513 ?> 5514 <input type="hidden" name="menu" value="" /> 5515 <input type="hidden" name="menuid" value="" /> 5516 <?php 5517 } 5518 5519 function checkedOut( &$row, $overlib=1 ) { 5520 $hover = ''; 5521 if ( $overlib ) { 5522 $date = mosFormatDate( $row->checked_out_time, '%A, %d %B %Y' ); 5523 $time = mosFormatDate( $row->checked_out_time, '%H:%M' ); 5524 $editor = addslashes( htmlspecialchars( html_entity_decode( $row->editor, ENT_QUOTES ) ) ); 5525 $checked_out_text = '<table>'; 5526 $checked_out_text .= '<tr><td>'. $editor .'</td></tr>'; 5527 $checked_out_text .= '<tr><td>'. $date .'</td></tr>'; 5528 $checked_out_text .= '<tr><td>'. $time .'</td></tr>'; 5529 $checked_out_text .= '</table>'; 5530 $hover = 'onMouseOver="return overlib(\''. $checked_out_text .'\', CAPTION, \'Checked Out\', BELOW, RIGHT);" onMouseOut="return nd();"'; 5531 } 5532 $checked = '<img src="images/checked_out.png" '. $hover .'/>'; 5533 5534 return $checked; 5535 } 5536 5537 /* 5538 * Loads all necessary files for JS Overlib tooltips 5539 */ 5540 function loadOverlib() { 5541 global $mosConfig_live_site, $mainframe; 5542 5543 if ( !$mainframe->get( 'loadOverlib' ) ) { 5544 // check if this function is already loaded 5545 ?> 5546 <script language="javascript" type="text/javascript" src="<?php echo $mosConfig_live_site;?>/includes/js/overlib_mini.js"></script> 5547 <script language="javascript" type="text/javascript" src="<?php echo $mosConfig_live_site;?>/includes/js/overlib_hideform_mini.js"></script> 5548 <?php 5549 // change state so it isnt loaded a second time 5550 $mainframe->set( 'loadOverlib', true ); 5551 } 5552 } 5553 5554 5555 /* 5556 * Loads all necessary files for JS Calendar 5557 */ 5558 function loadCalendar() { 5559 global $mosConfig_live_site; 5560 ?> 5561 <link rel="stylesheet" type="text/css" media="all" href="<?php echo $mosConfig_live_site;?>/includes/js/calendar/calendar-mos.css" title="green" /> 5562 <!-- import the calendar script --> 5563 <script type="text/javascript" src="<?php echo $mosConfig_live_site;?>/includes/js/calendar/calendar_mini.js"></script> 5564 <!-- import the language module --> 5565 <script type="text/javascript" src="<?php echo $mosConfig_live_site;?>/includes/js/calendar/lang/calendar-en.js"></script> 5566 <?php 5567 } 5568 5569 function AccessProcessing( &$row, $i ) { 5570 if ( !$row->access ) { 5571 $color_access = 'style="color: green;"'; 5572 $task_access = 'accessregistered'; 5573 } else if ( $row->access == 1 ) { 5574 $color_access = 'style="color: red;"'; 5575 $task_access = 'accessspecial'; 5576 } else { 5577 $color_access = 'style="color: black;"'; 5578 $task_access = 'accesspublic'; 5579 } 5580 5581 $href = ' 5582 <a href="javascript: void(0);" onclick="return listItemTask(\'cb'. $i .'\',\''. $task_access .'\')" '. $color_access .'> 5583 '. $row->groupname .' 5584 </a>' 5585 ; 5586 5587 return $href; 5588 } 5589 5590 function CheckedOutProcessing( &$row, $i ) { 5591 global $my; 5592 5593 if ( $row->checked_out) { 5594 $checked = mosCommonHTML::checkedOut( $row ); 5595 } else { 5596 $checked = mosHTML::idBox( $i, $row->id, ($row->checked_out && $row->checked_out != $my->id ) ); 5597 } 5598 5599 return $checked; 5600 } 5601 5602 function PublishedProcessing( &$row, $i ) { 5603 $img = $row->published ? 'publish_g.png' : 'publish_x.png'; 5604 $task = $row->published ? 'unpublish' : 'publish'; 5605 $alt = $row->published ? 'Published' : 'Unpublished'; 5606 $action = $row->published ? 'Unpublish Item' : 'Publish item'; 5607 5608 $href = ' 5609 <a href="javascript: void(0);" onclick="return listItemTask(\'cb'. $i .'\',\''. $task .'\')" title="'. $action .'"> 5610 <img src="images/'. $img .'" border="0" alt="'. $alt .'" /> 5611 </a>' 5612 ; 5613 5614 return $href; 5615 } 5616 5617 /* 5618 * Special handling for newfeed encoding and possible conflicts with page encoding and PHP version 5619 * Added 1.0.8 5620 * Static Function 5621 */ 5622 function newsfeedEncoding( $rssDoc, $text ) { 5623 if (!defined( '_JOS_FEED_ENCODING' )) { 5624 // determine encoding of feed 5625 $feed = $rssDoc->toNormalizedString(true); 5626 $feed = strtolower( substr( $feed, 0, 150 ) ); 5627 $feedEncoding = strpos( $feed, 'encoding="utf-8"' ); 5628 5629 if ( $feedEncoding !== false ) { 5630 // utf-8 feed 5631 $utf8 = 1; 5632 } else { 5633 // non utf-8 page 5634 $utf8 = 0; 5635 } 5636 5637 define( '_JOS_FEED_ENCODING', $utf8 ); 5638 } 5639 5640 if (!defined( '_JOS_SITE_ENCODING' )) { 5641 // determine encoding of page 5642 if ( strpos( strtolower( _ISO ), 'utf' ) !== false ) { 5643 // utf-8 page 5644 $utf8 = 1; 5645 } else { 5646 // non utf-8 page 5647 $utf8 = 0; 5648 } 5649 5650 define( '_JOS_SITE_ENCODING', $utf8 ); 5651 5652 } 5653 5654 if ( phpversion() >= 5 ) { 5655 // handling for PHP 5 5656 if ( _JOS_FEED_ENCODING ) { 5657 // handling for utf-8 feed 5658 if ( _JOS_SITE_ENCODING ) { 5659 // utf-8 page 5660 $encoding = 'html_entity_decode'; 5661 } else { 5662 // non utf-8 page 5663 $encoding = 'utf8_decode'; 5664 } 5665 } else { 5666 // handling for non utf-8 feed 5667 if ( _JOS_SITE_ENCODING ) { 5668 // utf-8 page 5669 $encoding = ''; 5670 } else { 5671 // non utf-8 page 5672 $encoding = 'utf8_decode'; 5673 } 5674 } 5675 } else { 5676 // handling for PHP 4 5677 if ( _JOS_FEED_ENCODING ) { 5678 // handling for utf-8 feed 5679 if ( _JOS_SITE_ENCODING ) { 5680 // utf-8 page 5681 $encoding = ''; 5682 } else { 5683 // non utf-8 page 5684 $encoding = 'utf8_decode'; 5685 } 5686 } else { 5687 // handling for non utf-8 feed 5688 if ( _JOS_SITE_ENCODING ) { 5689 // utf-8 page 5690 $encoding = 'utf8_encode'; 5691 } else { 5692 // non utf-8 page 5693 $encoding = 'html_entity_decode'; 5694 } 5695 } 5696 } 5697 5698 if ( $encoding ) { 5699 $text = $encoding( $text ); 5700 } 5701 $text = str_replace(''', "'", $text); 5702 5703 return $text; 5704 } 5705 } 5706 5707 /** 5708 * Sorts an Array of objects 5709 */ 5710 function SortArrayObjects_cmp( &$a, &$b ) { 5711 global $csort_cmp; 5712 5713 if ( $a->$csort_cmp['key'] > $b->$csort_cmp['key'] ) { 5714 return $csort_cmp['direction']; 5715 } 5716 5717 if ( $a->$csort_cmp['key'] < $b->$csort_cmp['key'] ) { 5718 return -1 * $csort_cmp['direction']; 5719 } 5720 5721 return 0; 5722 } 5723 5724 /** 5725 * Sorts an Array of objects 5726 * sort_direction [1 = Ascending] [-1 = Descending] 5727 */ 5728 function SortArrayObjects( &$a, $k, $sort_direction=1 ) { 5729 global $csort_cmp; 5730 5731 $csort_cmp = array( 5732 'key' => $k, 5733 'direction' => $sort_direction 5734 ); 5735 5736 usort( $a, 'SortArrayObjects_cmp' ); 5737 5738 unset( $csort_cmp ); 5739 } 5740 5741 /** 5742 * Sends mail to admin 5743 */ 5744 function mosSendAdminMail( $adminName, $adminEmail, $email, $type, $title, $author ) { 5745 global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_live_site; 5746 5747 $subject = _MAIL_SUB." '$type'"; 5748 $message = _MAIL_MSG; 5749 eval ("\$message = \"$message\";"); 5750 5751 mosMail($mosConfig_mailfrom, $mosConfig_fromname, $adminEmail, $subject, $message); 5752 } 5753 5754 /* 5755 * Includes pathway file 5756 */ 5757 function mosPathWay() { 5758 global $mosConfig_absolute_path; 5759 5760 $Itemid = intval( mosGetParam( $_REQUEST, 'Itemid', '' ) ); 5761 require_once ( $mosConfig_absolute_path . '/includes/pathway.php' ); 5762 } 5763 5764 /** 5765 * Displays a not authorised message 5766 * 5767 * If the user is not logged in then an addition message is displayed. 5768 */ 5769 function mosNotAuth() { 5770 global $my; 5771 5772 echo _NOT_AUTH; 5773 if ($my->id < 1) { 5774 echo "<br />" . _DO_LOGIN; 5775 } 5776 } 5777 5778 /** 5779 * Replaces & with & for xhtml compliance 5780 * 5781 * Needed to handle unicode conflicts due to unicode conflicts 5782 */ 5783 function ampReplace( $text ) { 5784 $text = str_replace( '&&', '*--*', $text ); 5785 $text = str_replace( '&#', '*-*', $text ); 5786 $text = str_replace( '&', '&', $text ); 5787 $text = preg_replace( '|&(?![\w]+;)|', '&', $text ); 5788 $text = str_replace( '*-*', '&#', $text ); 5789 $text = str_replace( '*--*', '&&', $text ); 5790 5791 return $text; 5792 } 5793 /** 5794 * Prepares results from search for display 5795 * @param string The source string 5796 * @param int Number of chars to trim 5797 * @param string The searchword to select around 5798 * @return string 5799 */ 5800 function mosPrepareSearchContent( $text, $length=200, $searchword ) { 5801 // strips tags won't remove the actual jscript 5802 $text = preg_replace( "'<script[^>]*>.*?</script>'si", "", $text ); 5803 $text = preg_replace( '/{.+?}/', '', $text); 5804 5805 //$text = preg_replace( '/<a\s+.*?href="([^"]+)"[^>]*>([^<]+)<\/a>/is','\2', $text ); 5806 5807 // replace line breaking tags with whitespace 5808 $text = preg_replace( "'<(br[^/>]*?/|hr[^/>]*?/|/(div|h[1-6]|li|p|td))>'si", ' ', $text ); 5809 5810 $text = mosSmartSubstr( strip_tags( $text ), $length, $searchword ); 5811 5812 return $text; 5813 } 5814 5815 /** 5816 * returns substring of characters around a searchword 5817 * @param string The source string 5818 * @param int Number of chars to return 5819 * @param string The searchword to select around 5820 * @return string 5821 */ 5822 function mosSmartSubstr($text, $length=200, $searchword) { 5823 $wordpos = strpos(strtolower($text), strtolower($searchword)); 5824 $halfside = intval($wordpos - $length/2 - strlen($searchword)); 5825 if ($wordpos && $halfside > 0) { 5826 return '...' . substr($text, $halfside, $length) . '...'; 5827 } else { 5828 return substr( $text, 0, $length); 5829 } 5830 } 5831 5832 /** 5833 * Chmods files and directories recursively to given permissions. Available from 1.0.0 up. 5834 * @param path The starting file or directory (no trailing slash) 5835 * @param filemode Integer value to chmod files. NULL = dont chmod files. 5836 * @param dirmode Integer value to chmod directories. NULL = dont chmod directories. 5837 * @return TRUE=all succeeded FALSE=one or more chmods failed 5838 */ 5839 function mosChmodRecursive($path, $filemode=NULL, $dirmode=NULL) 5840 { 5841 $ret = TRUE; 5842 if (is_dir($path)) { 5843 $dh = opendir($path); 5844 while ($file = readdir($dh)) { 5845 if ($file != '.' && $file != '..') { 5846 $fullpath = $path.'/'.$file; 5847 if (is_dir($fullpath)) { 5848 if (!mosChmodRecursive($fullpath, $filemode, $dirmode)) 5849 $ret = FALSE; 5850 } else { 5851 if (isset($filemode)) 5852 if (!@chmod($fullpath, $filemode)) 5853 $ret = FALSE; 5854 } // if 5855 } // if 5856 } // while 5857 closedir($dh); 5858 if (isset($dirmode)) 5859 if (!@chmod($path, $dirmode)) 5860 $ret = FALSE; 5861 } else { 5862 if (isset($filemode)) 5863 $ret = @chmod($path, $filemode); 5864 } // if 5865 return $ret; 5866 } // mosChmodRecursive 5867 5868 /** 5869 * Chmods files and directories recursively to mos global permissions. Available from 1.0.0 up. 5870 * @param path The starting file or directory (no trailing slash) 5871 * @param filemode Integer value to chmod files. NULL = dont chmod files. 5872 * @param dirmode Integer value to chmod directories. NULL = dont chmod directories. 5873 * @return TRUE=all succeeded FALSE=one or more chmods failed 5874 */ 5875 function mosChmod($path) { 5876 global $mosConfig_fileperms, $mosConfig_dirperms; 5877 $filemode = NULL; 5878 if ($mosConfig_fileperms != '') 5879 $filemode = octdec($mosConfig_fileperms); 5880 $dirmode = NULL; 5881 if ($mosConfig_dirperms != '') 5882 $dirmode = octdec($mosConfig_dirperms); 5883 if (isset($filemode) || isset($dirmode)) 5884 return mosChmodRecursive($path, $filemode, $dirmode); 5885 return TRUE; 5886 } // mosChmod 5887 5888 /** 5889 * Function to convert array to integer values 5890 * @param array 5891 * @param int A default value to assign if $array is not an array 5892 * @return array 5893 */ 5894 function mosArrayToInts( &$array, $default=null ) { 5895 if (is_array( $array )) { 5896 foreach( $array as $key => $value ) { 5897 $array[$key] = (int) $value; 5898 } 5899 } else { 5900 if (is_null( $default )) { 5901 $array = array(); 5902 return array(); // Kept for backwards compatibility 5903 } else { 5904 $array = array( (int) $default ); 5905 return array( $default ); // Kept for backwards compatibility 5906 } 5907 } 5908 } 5909 5910 /* 5911 * Function to handle an array of integers 5912 * Added 1.0.11 5913 */ 5914 function josGetArrayInts( $name, $type=NULL ) { 5915 if ( $type == NULL ) { 5916 $type = $_POST; 5917 } 5918 5919 $array = mosGetParam( $type, $name, array(0) ); 5920 5921 mosArrayToInts( $array ); 5922 5923 if (!is_array( $array )) { 5924 $array = array(0); 5925 } 5926 5927 return $array; 5928 } 5929 5930 /** 5931 * Utility class for helping with patTemplate 5932 */ 5933 class patHTML { 5934 /** 5935 * Converts a named array to an array or named rows suitable to option lists 5936 * @param array The source array[key] = value 5937 * @param mixed A value or array of selected values 5938 * @param string The name for the value field 5939 * @param string The name for selected attribute (use 'checked' for radio of box lists) 5940 */ 5941 function selectArray( &$source, $selected=null, $valueName='value', $selectedAttr='selected' ) { 5942 if (!is_array( $selected )) { 5943 $selected = array( $selected ); 5944 } 5945 foreach ($source as $i => $row) { 5946 if (is_object( $row )) { 5947 $source[$i]->selected = in_array( $row->$valueName, $selected ) ? $selectedAttr . '="true"' : ''; 5948 } else { 5949 $source[$i]['selected'] = in_array( $row[$valueName], $selected ) ? $selectedAttr . '="true"' : ''; 5950 } 5951 } 5952 } 5953 5954 /** 5955 * Converts a named array to an array or named rows suitable to checkbox or radio lists 5956 * @param array The source array[key] = value 5957 * @param mixed A value or array of selected values 5958 * @param string The name for the value field 5959 */ 5960 function checkArray( &$source, $selected=null, $valueName='value' ) { 5961 patHTML::selectArray( $source, $selected, $valueName, 'checked' ); 5962 } 5963 5964 /** 5965 * @param mixed The value for the option 5966 * @param string The text for the option 5967 * @param string The name of the value parameter (default is value) 5968 * @param string The name of the text parameter (default is text) 5969 */ 5970 function makeOption( $value, $text, $valueName='value', $textName='text' ) { 5971 return array( 5972 $valueName => $value, 5973 $textName => $text 5974 ); 5975 } 5976 5977 /** 5978 * Writes a radio pair 5979 * @param object Template object 5980 * @param string The template name 5981 * @param string The field name 5982 * @param int The value of the field 5983 * @param array Array of options 5984 * @param string Optional template variable name 5985 */ 5986 function radioSet( &$tmpl, $template, $name, $value, $a, $varname=null ) { 5987 patHTML::checkArray( $a, $value ); 5988 5989 $tmpl->addVar( 'radio-set', 'name', $name ); 5990 $tmpl->addRows( 'radio-set', $a ); 5991 $tmpl->parseIntoVar( 'radio-set', $template, is_null( $varname ) ? $name : $varname ); 5992 } 5993 5994 /** 5995 * Writes a radio pair 5996 * @param object Template object 5997 * @param string The template name 5998 * @param string The field name 5999 * @param int The value of the field 6000 * @param string Optional template variable name 6001 */ 6002 function yesNoRadio( &$tmpl, $template, $name, $value, $varname=null ) { 6003 $a = array( 6004 patHTML::makeOption( 0, 'No' ), 6005 patHTML::makeOption( 1, 'Yes' ) 6006 ); 6007 patHTML::radioSet( $tmpl, $template, $name, $value, $a, $varname ); 6008 } 6009 } 6010 6011 /** 6012 * Provides a secure hash based on a seed 6013 * @param string Seed string 6014 * @return string 6015 */ 6016 function mosHash( $seed ) { 6017 return md5( $GLOBALS['mosConfig_secret'] . md5( $seed ) ); 6018 } 6019 6020 /** 6021 * Format a backtrace error 6022 * @since 1.0.5 6023 */ 6024 function mosBackTrace() { 6025 if (function_exists( 'debug_backtrace' )) { 6026 echo '<div align="left">'; 6027 foreach( debug_backtrace() as $back) { 6028 if (@$back['file']) { 6029 echo '<br />' . str_replace( $GLOBALS['mosConfig_absolute_path'], '', $back['file'] ) . ':' . $back['line']; 6030 } 6031 } 6032 echo '</div>'; 6033 } 6034 } 6035 6036 function josSpoofCheck( $header=NULL, $alt=NULL ) { 6037 $validate = mosGetParam( $_POST, josSpoofValue($alt), 0 ); 6038 6039 // probably a spoofing attack 6040 if (!$validate) { 6041 header( 'HTTP/1.0 403 Forbidden' ); 6042 mosErrorAlert( _NOT_AUTH ); 6043 return; 6044 } 6045 6046 // First, make sure the form was posted from a browser. 6047 // For basic web-forms, we don't care about anything 6048 // other than requests from a browser: 6049 if (!isset( $_SERVER['HTTP_USER_AGENT'] )) { 6050 header( 'HTTP/1.0 403 Forbidden' ); 6051 mosErrorAlert( _NOT_AUTH ); 6052 return; 6053 } 6054 6055 // Make sure the form was indeed POST'ed: 6056 // (requires your html form to use: action="post") 6057 if (!$_SERVER['REQUEST_METHOD'] == 'POST' ) { 6058 header( 'HTTP/1.0 403 Forbidden' ); 6059 mosErrorAlert( _NOT_AUTH ); 6060 return; 6061 } 6062 6063 if ($header) { 6064 // Attempt to defend against header injections: 6065 $badStrings = array( 6066 'Content-Type:', 6067 'MIME-Version:', 6068 'Content-Transfer-Encoding:', 6069 'bcc:', 6070 'cc:' 6071 ); 6072 6073 // Loop through each POST'ed value and test if it contains 6074 // one of the $badStrings: 6075 _josSpoofCheck( $_POST, $badStrings ); 6076 } 6077 } 6078 6079 function _josSpoofCheck( $array, $badStrings ) { 6080 // Loop through each $array value and test if it contains 6081 // one of the $badStrings 6082 foreach( $array as $v ) { 6083 if (is_array( $v )) { 6084 _josSpoofCheck( $v, $badStrings ); 6085 } else { 6086 foreach ( $badStrings as $v2 ) { 6087 if ( stripos( $v, $v2 ) !== false ) { 6088 header( 'HTTP/1.0 403 Forbidden' ); 6089 mosErrorAlert( _NOT_AUTH ); 6090 exit(); // mosErrorAlert dies anyway, double check just to make sure 6091 } 6092 } 6093 } 6094 } 6095 } 6096 6097 /** 6098 * Method to determine a hash for anti-spoofing variable names 6099 * 6100 * @return string Hashed var name 6101 * @static 6102 */ 6103 function josSpoofValue($alt=NULL) { 6104 global $mainframe; 6105 6106 if ($alt) { 6107 if ( $alt == 1 ) { 6108 $random = date( 'Ymd' ); 6109 } else { 6110 $random = $alt . date( 'Ymd' ); 6111 } 6112 } else { 6113 $random = date( 'dmY' ); 6114 } 6115 // the prefix ensures that the hash is non-numeric 6116 // otherwise it will be intercepted by globals.php 6117 $validate = 'j' . mosHash( $mainframe->getCfg( 'db' ) . $random ); 6118 6119 return $validate; 6120 } 6121 6122 /** 6123 * A simple helper function to salt and hash a clear-text password. 6124 * 6125 * @since 1.0.13 6126 * @param string $password A plain-text password 6127 * @return string An md5 hashed password with salt 6128 */ 6129 function josHashPassword($password) 6130 { 6131 // Salt and hash the password 6132 $salt = mosMakePassword(16); 6133 $crypt = md5($password.$salt); 6134 $hash = $crypt.':'.$salt; 6135 6136 return $hash; 6137 } 6138 6139 // ----- NO MORE CLASSES OR FUNCTIONS PASSED THIS POINT ----- 6140 // Post class declaration initialisations 6141 // some version of PHP don't allow the instantiation of classes 6142 // before they are defined 6143 6144 /** @global mosPlugin $_MAMBOTS */ 6145 $_MAMBOTS = new mosMambotHandler(); 6146 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Wed Nov 21 14:43:32 2007 | par Balluche grâce à PHPXref 0.7 |
|
|