/administrator/components/com_patch/patch/administrator/components/com_jaclplus/patch/joomla.php

Large files files are truncated, but you can click here to view the full file

<?php


/**


* This file has been modified by Vincent Cheah, ByOS Technologies 2008-02-27 12:07 


* for integration with JACLPlus Component 


*/


/**


* @version $Id: joomla.php 9997 2008-02-07 11:27:04Z eddieajau $


* @package Joomla


* @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.


* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php


* Joomla! is free software. This version may have been modified pursuant


* to the GNU General Public License, and as distributed it includes or


* is derivative of works licensed under the GNU General Public License or


* other free or open source software licenses.


* See COPYRIGHT.php for copyright notices and details.


*/





// no direct access


defined( '_VALID_MOS' ) or die( 'Restricted access' );


define( '_MOS_MAMBO_INCLUDED', 1 );





/**


 * Page generation time


 * @package Joomla


 */


class mosProfiler {


	/** @var int Start time stamp */


	var $start=0;


	/** @var string A prefix for mark messages */


	var $prefix='';





	/**


	 * Constructor


	 * @param string A prefix for mark messages


	 */


	function mosProfiler( $prefix='' ) {


		$this->start = $this->getmicrotime();


		$this->prefix = $prefix;


	}





	/**


	 * @return string A format message of the elapsed time


	 */


	function mark( $label ) {


		return sprintf ( "\n<div class=\"profiler\">$this->prefix %.3f $label</div>", $this->getmicrotime() - $this->start );


	}





	/**


	 * @return float The current time in milliseconds


	 */


	function getmicrotime(){


		list($usec, $sec) = explode(" ",microtime());


		return ((float)$usec + (float)$sec);


	}


}





if (phpversion() < '4.2.0') {


	require_once( dirname( __FILE__ ) . '/compat.php41x.php' );


}


if (phpversion() < '4.3.0') {


	require_once( dirname( __FILE__ ) . '/compat.php42x.php' );


}


if (version_compare( phpversion(), '5.0' ) < 0) {


	require_once( dirname( __FILE__ ) . '/compat.php50x.php' );


}





@set_magic_quotes_runtime( 0 );





if ( @$mosConfig_error_reporting === 0 || @$mosConfig_error_reporting === '0' ) {


	error_reporting( 0 );


} else if (@$mosConfig_error_reporting > 0) {


	error_reporting( $mosConfig_error_reporting );


}





/* Hack for integration with JACLPlus Component */


if(file_exists($mosConfig_absolute_path . '/administrator/components/com_jaclplus/jaclplus.class.php')) {


	require_once( $mosConfig_absolute_path . '/administrator/components/com_jaclplus/jaclplus.class.php' );


}


/* End of hack for JACLPlus Component */


require_once( $mosConfig_absolute_path . '/includes/version.php' );


require_once( $mosConfig_absolute_path . '/includes/database.php' );


require_once( $mosConfig_absolute_path . '/includes/gacl.class.php' );


require_once( $mosConfig_absolute_path . '/includes/gacl_api.class.php' );


require_once( $mosConfig_absolute_path . '/includes/phpmailer/class.phpmailer.php' );


require_once( $mosConfig_absolute_path . '/includes/joomla.xml.php' );


require_once( $mosConfig_absolute_path . '/includes/phpInputFilter/class.inputfilter.php' );





$database = new database( $mosConfig_host, $mosConfig_user, $mosConfig_password, $mosConfig_db, $mosConfig_dbprefix );


if ($database->getErrorNum()) {


	$mosSystemError = $database->getErrorNum();


	$basePath = dirname( __FILE__ );


	include $basePath . '/../configuration.php';


	include $basePath . '/../offline.php';


	exit();


}


$database->debug( $mosConfig_debug );


$acl = new gacl_api();





// platform neurtral url handling


if ( isset( $_SERVER['REQUEST_URI'] ) ) {


	$request_uri = $_SERVER['REQUEST_URI'];


} else {


	$request_uri = $_SERVER['SCRIPT_NAME'];


	// Append the query string if it exists and isn't null


	if ( isset( $_SERVER['QUERY_STRING'] ) && !empty( $_SERVER['QUERY_STRING'] ) ) {


		$request_uri .= '?' . $_SERVER['QUERY_STRING'];


	}


}


$_SERVER['REQUEST_URI'] = $request_uri;





// current server time


$now = date( 'Y-m-d H:i', time() );


DEFINE( '_CURRENT_SERVER_TIME', $now );


DEFINE( '_CURRENT_SERVER_TIME_FORMAT', '%Y-%m-%d %H:%M:%S' );





// Non http/https URL Schemes


$url_schemes = 'data:, file:, ftp:, gopher:, imap:, ldap:, mailto:, news:, nntp:, telnet:, javascript:, irc:, mms:';


DEFINE( '_URL_SCHEMES', $url_schemes );





// disable strict mode in MySQL 5


if (!defined( '_JOS_SET_SQLMODE' )) {


	/** ensure that functions are declared only once */


	define( '_JOS_SET_SQLMODE', 1 );





	// if running mysql 5, set sql-mode to mysql40 - thereby circumventing strict mode problems


	if ( strpos( $database->getVersion(), '5' ) === 0 ) {


		$query = "SET sql_mode = 'MYSQL40'";


		$database->setQuery( $query );


		$database->query();


	}


}





/**


 * @package Joomla


 * @abstract


 */


class mosAbstractLog {


	/** @var array */


	var $_log	= null;





	/**


	 * Constructor


	 */


	function mosAbstractLog() {


		$this->__constructor();


	}





	/**


	 * Generic constructor


	 */


	function __constructor() {


		$this->_log = array();


	}





	/**


	 * @param string Log message


	 * @param boolean True to append to last message


	 */


	function log( $text, $append=false ) {


		$n = count( $this->_log );


		if ($append && $n > 0) {


			$this->_log[count( $this->_log )-1] .= $text;


		} else {


			$this->_log[] = $text;


		}


	}





	/**


	 * @param string The glue for each log item


	 * @return string Returns the log


	 */


	function getLog( $glue='<br/>', $truncate=9000, $htmlSafe=false ) {


		$logs = array();


		foreach ($this->_log as $log) {


			if ($htmlSafe) {


				$log = htmlspecialchars( $log );


			}


			$logs[] = substr( $log, 0, $truncate );


		}


		return  implode( $glue, $logs );


	}


}





/**


 * Task routing class


 * @package Joomla


 * @abstract


 */


class mosAbstractTasker {


	/** @var array An array of the class methods to call for a task */


	var $_taskMap 	= null;


	/** @var string The name of the current task*/


	var $_task 		= null;


	/** @var array An array of the class methods*/


	var $_methods 	= null;


	/** @var string A url to redirect to */


	var $_redirect 	= null;


	/** @var string A message about the operation of the task */


	var $_message 	= null;





	// action based access control





	/** @var string The ACO Section */


	var $_acoSection 		= null;


	/** @var string The ACO Section value */


	var $_acoSectionValue 	= null;





	/**


	 * Constructor


	 * @param string Set the default task


	 */


	function mosAbstractTasker( $default='' ) {


		$this->_taskMap = array();


		$this->_methods = array();


		foreach (get_class_methods( get_class( $this ) ) as $method) {


			if (substr( $method, 0, 1 ) != '_') {


				$this->_methods[] = strtolower( $method );


				// auto register public methods as tasks


				$this->_taskMap[strtolower( $method )] = $method;


			}


		}


		$this->_redirect = '';


		$this->_message = '';


		if ($default) {


			$this->registerDefaultTask( $default );


		}


	}





	/**


	 * Sets the access control levels


	 * @param string The ACO section (eg, the component)


	 * @param string The ACO section value (if using a constant value)


	 */


	function setAccessControl( $section, $value=null ) {


		$this->_acoSection = $section;


		$this->_acoSectionValue = $value;


	}


	/**


	 * Access control check


	 */


	function accessCheck( $task ) {


		global $acl, $my;





		// only check if the derived class has set these values


		if ($this->_acoSection) {


			// ensure user has access to this function


			if ($this->_acoSectionValue) {


				// use a 'constant' task for this task handler


				$task = $this->_acoSectionValue;


			}


			return $acl->acl_check( $this->_acoSection, $task, 'users', $my->usertype );


		} else {


			return true;


		}


	}





	/**


	 * Set a URL to redirect the browser to


	 * @param string A URL


	 */


	function setRedirect( $url, $msg = null ) {


		$this->_redirect = $url;


		if ($msg !== null) {


			$this->_message = $msg;


		}


	}


	/**


	 * Redirects the browser


	 */


	function redirect() {


		if ($this->_redirect) {


			mosRedirect( $this->_redirect, $this->_message );


		}


	}


	/**


	 * Register (map) a task to a method in the class


	 * @param string The task


	 * @param string The name of the method in the derived class to perform for this task


	 */


	function registerTask( $task, $method ) {


		if (in_array( strtolower( $method ), $this->_methods )) {


			$this->_taskMap[strtolower( $task )] = $method;


		} else {


			$this->methodNotFound( $method );


		}


	}


	/**


	 * Register the default task to perfrom if a mapping is not found


	 * @param string The name of the method in the derived class to perform if the task is not found


	 */


	function registerDefaultTask( $method ) {


		$this->registerTask( '__default', $method );


	}


	/**


	 * Perform a task by triggering a method in the derived class


	 * @param string The task to perform


	 * @return mixed The value returned by the function


	 */


	function performTask( $task ) {


		$this->_task = $task;





		$task = strtolower( $task );


		if (isset( $this->_taskMap[$task] )) {


			$doTask = $this->_taskMap[$task];


		} else if (isset( $this->_taskMap['__default'] )) {


			$doTask = $this->_taskMap['__default'];


		} else {


			return $this->taskNotFound( $this->_task );


		}





		if ($this->accessCheck( $doTask )) {


			return call_user_func( array( &$this, $doTask ) );


		} else {


			return $this->notAllowed( $task );


		}


	}


	/**


	 * Get the last task that was to be performed


	 * @return string The task that was or is being performed


	 */


	function getTask() {


		return $this->_task;


	}


	/**


	 * Basic method if the task is not found


	 * @param string The task


	 * @return null


	 */


	function taskNotFound( $task ) {


		echo 'Task ' . $task . ' not found';


		return null;


	}


	/**


	 * Basic method if the registered method is not found


	 * @param string The name of the method in the derived class


	 * @return null


	 */


	function methodNotFound( $name ) {


		echo 'Method ' . $name . ' not found';


		return null;


	}


	/**


	 * Basic method if access is not permitted to the task


	 * @param string The name of the method in the derived class


	 * @return null


	 */


	function notAllowed( $name ) {


		echo _NOT_AUTH;





		return null;


	}


}


/**


* Class to support function caching


* @package Joomla


*/


class mosCache {


	/**


	* @return object A function cache object


	*/


	function &getCache(  $group=''  ) {


		global $mosConfig_absolute_path, $mosConfig_caching, $mosConfig_cachepath, $mosConfig_cachetime;





		require_once( $mosConfig_absolute_path . '/includes/joomla.cache.php' );





		$options = array(


			'cacheDir' 		=> $mosConfig_cachepath . '/',


			'caching' 		=> $mosConfig_caching,


			'defaultGroup' 	=> $group,


			'lifeTime' 		=> $mosConfig_cachetime


		);


		$cache = new JCache_Lite_Function( $options );


		return $cache;


	}


	/**


	* Cleans the cache


	*/


	function cleanCache( $group=false ) {


		global $mosConfig_caching;


		if ($mosConfig_caching) {


			$cache =& mosCache::getCache( $group );


			$cache->clean( $group );


		}


	}


}


/**


* Joomla! Mainframe class


*


* Provide many supporting API functions


* @package Joomla


*/


class mosMainFrame {


	/** @var database Internal database class pointer */


	var $_db						= null;


	/** @var object An object of configuration variables */


	var $_config					= null;


	/** @var object An object of path variables */


	var $_path						= null;


	/** @var mosSession The current session */


	var $_session					= null;


	/** @var string The current template */


	var $_template					= null;


	/** @var array An array to hold global user state within a session */


	var $_userstate					= null;


	/** @var array An array of page meta information */


	var $_head						= null;


	/** @var string Custom html string to append to the pathway */


	var $_custom_pathway			= null;


	/** @var boolean True if in the admin client */


	var $_isAdmin 					= false;








	/**


	* Class constructor


	* @param database A database connection object


	* @param string The url option


	* @param string The path of the mos directory


	*/


	function mosMainFrame( &$db, $option, $basePath, $isAdmin=false ) {


		$this->_db =& $db;





		// load the configuration values


		$this->_setTemplate( $isAdmin );


		$this->_setAdminPaths( $option, $this->getCfg( 'absolute_path' ) );


		if (isset( $_SESSION['session_userstate'] )) {


			$this->_userstate =& $_SESSION['session_userstate'];


		} else {


			$this->_userstate = null;


		}


		$this->_head = array();


		$this->_head['title'] 	= $GLOBALS['mosConfig_sitename'];


		$this->_head['meta'] 	= array();


		$this->_head['custom'] 	= array();





		//set the admin check


		$this->_isAdmin 		= (boolean) $isAdmin;





		$now = date( 'Y-m-d H:i:s', time() );


		$this->set( 'now', $now );


	}





	/**


	 * Gets the id number for a client


	 * @param mixed A client identifier


	 */


	function getClientID( $client ) {


		switch ($client) {


			case '2':


			case 'installation':


				return 2;


				break;





			case '1':


			case 'admin':


			case 'administrator':


				return 1;


				break;





			case '0':


			case 'site':


			case 'front':


			default:


				return 0;


				break;


		}


	}





	/**


	 * Gets the client name


	 * @param int The client identifier


	 * @return strint The text name of the client


	 */


	function getClientName( $client_id ) {


		 // do not translate


		$clients = array( 'site', 'admin', 'installer' );


		return mosGetParam( $clients, $client_id, 'unknown' );


	}





	/**


	 * Gets the base path for the client


	 * @param mixed A client identifier


	 * @param boolean True (default) to add traling slash


	 */


	function getBasePath( $client=0, $addTrailingSlash=true ) {


		global $mosConfig_absolute_path;





		switch ($client) {


			case '0':


			case 'site':


			case 'front':


			default:


				return mosPathName( $mosConfig_absolute_path, $addTrailingSlash );


				break;





			case '2':


			case 'installation':


				return mosPathName( $mosConfig_absolute_path . '/installation', $addTrailingSlash );


				break;





			case '1':


			case 'admin':


			case 'administrator':


				return mosPathName( $mosConfig_absolute_path . '/administrator', $addTrailingSlash );


				break;





		}


	}





	/**


	* @param string


	*/


	function setPageTitle( $title=null ) {


		if (@$GLOBALS['mosConfig_pagetitles']) {


			$title = trim( htmlspecialchars( $title ) );


			$title = stripslashes($title);


			$this->_head['title'] = $title ? $GLOBALS['mosConfig_sitename'] . ' - '. $title : $GLOBALS['mosConfig_sitename'];


		}


	}


	/**


	* @param string The value of the name attibute


	* @param string The value of the content attibute


	* @param string Text to display before the tag


	* @param string Text to display after the tag


	*/


	function addMetaTag( $name, $content, $prepend='', $append='' ) {


		$name = trim( htmlspecialchars( $name ) );


		$content = trim( htmlspecialchars( $content ) );


		$prepend = trim( $prepend );


		$append = trim( $append );


		$this->_head['meta'][] = array( $name, $content, $prepend, $append );


	}


	/**


	* @param string The value of the name attibute


	* @param string The value of the content attibute to append to the existing


	* Tags ordered in with Site Keywords and Description first


	*/


	function appendMetaTag( $name, $content ) {


		$name = trim( htmlspecialchars( $name ) );


		$n = count( $this->_head['meta'] );


		for ($i = 0; $i < $n; $i++) {


			if ($this->_head['meta'][$i][0] == $name) {


				$content = trim( htmlspecialchars( $content ) );


				if ( $content ) {


					if ( !$this->_head['meta'][$i][1] ) {


						$this->_head['meta'][$i][1] = $content ;


					} else {


						$this->_head['meta'][$i][1] = $content .', '. $this->_head['meta'][$i][1];


					}


				}


				return;


			}


		}


		$this->addMetaTag( $name , $content );


	}





	/**


	* @param string The value of the name attibute


	* @param string The value of the content attibute to append to the existing


	*/


	function prependMetaTag( $name, $content ) {


		$name = trim( htmlspecialchars( $name ) );


		$n = count( $this->_head['meta'] );


		for ($i = 0; $i < $n; $i++) {


			if ($this->_head['meta'][$i][0] == $name) {


				$content = trim( htmlspecialchars( $content ) );


				$this->_head['meta'][$i][1] = $content . $this->_head['meta'][$i][1];


				return;


			}


		}


		$this->addMetaTag( $name, $content );


	}


	/**


	 * Adds a custom html string to the head block


	 * @param string The html to add to the head


	 */


	function addCustomHeadTag( $html ) {


		$this->_head['custom'][] = trim( $html );


	}


	/**


	* @return string


	*/


	function getHead() {


		$head = array();


		$head[] = '<title>' . $this->_head['title'] . '</title>';


		foreach ($this->_head['meta'] as $meta) {


			if ($meta[2]) {


				$head[] = $meta[2];


			}


			$head[] = '<meta name="' . $meta[0] . '" content="' . $meta[1] . '" />';


			if ($meta[3]) {


				$head[] = $meta[3];


			}


		}


		foreach ($this->_head['custom'] as $html) {


			$head[] = $html;


		}


		return implode( "\n", $head ) . "\n";


	}








	/**


	* @return string


	*/


	function getPageTitle() {


		return $this->_head['title'];


	}





	/**


	* @return string


	*/


	function getCustomPathWay() {


		return $this->_custom_pathway;


	}





	function appendPathWay( $html ) {


		$this->_custom_pathway[] = $html;


	}





  /**


	* Gets the value of a user state variable


	* @param string The name of the variable


	*/


	function getUserState( $var_name ) {


		if (is_array( $this->_userstate )) {


			return mosGetParam( $this->_userstate, $var_name, null );


		} else {


			return null;


		}


	}


	/**


	* Gets the value of a user state variable


	* @param string The name of the user state variable


	* @param string The name of the variable passed in a request


	* @param string The default value for the variable if not found


	*/


	function getUserStateFromRequest( $var_name, $req_name, $var_default=null ) {


		if (is_array( $this->_userstate )) {


			if (isset( $_REQUEST[$req_name] )) {


				$this->setUserState( $var_name, $_REQUEST[$req_name] );


			} else if (!isset( $this->_userstate[$var_name] )) {


				$this->setUserState( $var_name, $var_default );


			}





			// filter input


			$iFilter = new InputFilter();


			$this->_userstate[$var_name] = $iFilter->process( $this->_userstate[$var_name] );





			return $this->_userstate[$var_name];


		} else {


			return null;


		}


	}


	/**


	* Sets the value of a user state variable


	* @param string The name of the variable


	* @param string The value of the variable


	*/


	function setUserState( $var_name, $var_value ) {


		if (is_array( $this->_userstate )) {


			$this->_userstate[$var_name] = $var_value;


		}


	}


	/**


	* Initialises the user session


	*


	* Old sessions are flushed based on the configuration value for the cookie


	* lifetime. If an existing session, then the last access time is updated.


	* If a new session, a session id is generated and a record is created in


	* the jos_sessions table.


	*/


	function initSession() {


		// initailize session variables


		$session 	=& $this->_session;


		$session 	= new mosSession( $this->_db );





		// purge expired sessions


		$session->purge('core');





		// Session Cookie `name`


		$sessionCookieName 	= mosMainFrame::sessionCookieName();


		// Get Session Cookie `value`


		$sessioncookie 		= strval( mosGetParam( $_COOKIE, $sessionCookieName, null ) );





		// Session ID / `value`


		$sessionValueCheck 	= mosMainFrame::sessionCookieValue( $sessioncookie );





		// Check if existing session exists in db corresponding to Session cookie `value`


		// extra check added in 1.0.8 to test sessioncookie value is of correct length


		if ( $sessioncookie && strlen($sessioncookie) == 32 && $sessioncookie != '-' && $session->load($sessionValueCheck) ) {


			// update time in session table


			$session->time = time();


			$session->update();


		} else {


			// Remember Me Cookie `name`


			$remCookieName = mosMainFrame::remCookieName_User();





			// test if cookie found


			$cookie_found = false;


			if ( isset($_COOKIE[$sessionCookieName]) || isset($_COOKIE[$remCookieName]) || isset($_POST['force_session']) ) {


				$cookie_found = true;


			}





			/* Hack for integration with JACLPlus Component */


			if(class_exists('JACLPlus')) $session->jaclplus	= JACLPlus::DefaultAL();


			/* End of hack for JACLPlus Component */


			// check if neither remembermecookie or sessioncookie found


			if (!$cookie_found) {


				// create sessioncookie and set it to a test value set to expire on session end


				setcookie( $sessionCookieName, '-', false, '/' );


			} else {


			// otherwise, sessioncookie was found, but set to test val or the session expired, prepare for session registration and register the session


				$url = strval( mosGetParam( $_SERVER, 'REQUEST_URI', null ) );


				// stop sessions being created for requests to syndicated feeds


				if ( strpos( $url, 'option=com_rss' ) === false && strpos( $url, 'feed=' ) === false ) {


					$session->guest 	= 1;


					$session->username 	= '';


					$session->time 		= time();


					$session->gid 		= 0;


					// Generate Session Cookie `value`


					$session->generateId();





					if (!$session->insert()) {


						die( $session->getError() );


					}





					// create Session Tracking Cookie set to expire on session end


					setcookie( $sessionCookieName, $session->getCookie(), false, '/' );


				}


			}





			// Cookie used by Remember me functionality


			$remCookieValue	= strval( mosGetParam( $_COOKIE, $remCookieName, null ) );





			// test if cookie is correct length


			if ( strlen($remCookieValue) > 64 ) {


				// Separate Values from Remember Me Cookie


				$remUser	= substr( $remCookieValue, 0, 32 );


				$remPass	= substr( $remCookieValue, 32, 32 );


				$remID		= intval( substr( $remCookieValue, 64  ) );





				// check if Remember me cookie exists. Login with usercookie info.


				if ( strlen($remUser) == 32 && strlen($remPass) == 32 ) {


					$this->login( $remUser, $remPass, 1, $remID );


				}


			}


		}


	}





	/*


	* Function used to conduct admin session duties


	* Added as of 1.0.8


	* Deprecated 1.1


	*/


	function initSessionAdmin($option, $task) {


		global $_VERSION, $mosConfig_admin_expired;





		// logout check


		if ($option == 'logout') {


			require $GLOBALS['mosConfig_absolute_path'] .'/administrator/logout.php';


			exit();


		}





		$site = $GLOBALS['mosConfig_live_site'];





		// check if session name corresponds to correct format


		if ( session_name() != md5( $site ) ) {


			echo "<script>document.location.href='index.php'</script>\n";


			exit();


		}





		// restore some session variables


		$my 			= new mosUser( $this->_db );


		$my->id 		= intval( mosGetParam( $_SESSION, 'session_user_id', '' ) );


		$my->username 	= strval( mosGetParam( $_SESSION, 'session_username', '' ) );


		$my->usertype 	= strval( mosGetParam( $_SESSION, 'session_usertype', '' ) );


		$my->gid 		= intval( mosGetParam( $_SESSION, 'session_gid', '' ) );


		$my->params		= mosGetParam( $_SESSION, 'session_user_params', '' );


		/* Hack for integration with JACLPlus Component */


		if(class_exists('JACLPlus')) $my->jaclplus	= mosGetParam( $_SESSION, 'session_jaclplus', '' );


		/* End of hack for JACLPlus Component */





		$session_id		= mosGetParam( $_SESSION, 'session_id', '' );


		$logintime 		= mosGetParam( $_SESSION, 'session_logintime', '' );





		if ($session_id != session_id()) {


			// session id does not correspond to required session format


			echo "<script>document.location.href='index.php?mosmsg=Invalid Session'</script>\n";


			exit();


		}





		// check to see if session id corresponds with correct format


		if ($session_id == md5( $my->id . $my->username . $my->usertype . $logintime )) {


			// if task action is to `save` or `apply` complete action before doing session checks.


			if ($task != 'save' && $task != 'apply') {


				// test for session_life_admin


				if ( @$GLOBALS['mosConfig_session_life_admin'] ) {


					$session_life_admin = $GLOBALS['mosConfig_session_life_admin'];


				} else {


					$session_life_admin = 1800;


				}





				// purge expired admin sessions only


				$past = time() - $session_life_admin;


				$query = "DELETE FROM #__session"


				. "\n WHERE time < '" . (int) $past . "'"


				. "\n AND guest = 1"


				//. "\n AND gid = 0"


				. "\n AND userid <> 0"


				;


				$this->_db->setQuery( $query );


				$this->_db->query();





				$current_time	= time();





				// update session timestamp


				$query = "UPDATE #__session"


				. "\n SET time = " . $this->_db->Quote( $current_time )


				. "\n WHERE session_id = " . $this->_db->Quote( $session_id )


				;


				$this->_db->setQuery( $query );


				$this->_db->query();





				// set garbage cleaning timeout


				$this->setSessionGarbageClean();





				// check against db record of session


				$query = "SELECT COUNT( session_id )"


				. "\n FROM #__session"


				. "\n WHERE session_id = " . $this->_db->Quote( $session_id )


				. "\n AND username = ". $this->_db->Quote( $my->username )


				. "\n AND userid = ". intval( $my->id )


				;


				$this->_db->setQuery( $query );


				$count = $this->_db->loadResult();





				// if no entry in session table that corresponds boot from admin area


				if ( $count == 0 ) {


					$link 	= NULL;





					if ($_SERVER['QUERY_STRING']) {


						$link = 'index2.php?'. $_SERVER['QUERY_STRING'];


					}





					// check if site designated as a production site


					// for a demo site disallow expired page functionality


					// link must also be a Joomla link to stop malicious redirection


					if ( $link && strpos( $link, 'index2.php?option=com_' ) === 0 && $_VERSION->SITE == 1 && @$mosConfig_admin_expired === '1' ) {


						$now 	= time();





						$file 	= $this->getPath( 'com_xml', 'com_users' );


						$params =& new mosParameters( $my->params, $file, 'component' );





						// return to expired page functionality


						$params->set( 'expired', 		$link );


						$params->set( 'expired_time', 	$now );





						// param handling


						if (is_array( $params->toArray() )) {


							$txt = array();


							foreach ( $params->toArray() as $k=>$v) {


								$txt[] = "$k=$v";


							}


							$saveparams = implode( "\n", $txt );


						}





						// save expired page info to user data


						$query = "UPDATE #__users"


						. "\n SET params = ". $this->_db->Quote( $saveparams )


						. "\n WHERE id = " . (int) $my->id


						. "\n AND username = ". $this->_db->Quote( $my->username )


						. "\n AND usertype = ". $this->_db->Quote( $my->usertype )


						;


						$this->_db->setQuery( $query );


						$this->_db->query();


					}





					echo "<script>document.location.href='index.php?mosmsg=Admin Session Expired'</script>\n";


					exit();


				} else {


					// load variables into session, used to help secure /popups/ functionality


					$_SESSION['option'] = $option;


					$_SESSION['task'] 	= $task;


				}


			}


		} else if ($session_id == '') {


			// no session_id as user has not attempted to login, or session.auto_start is switched on


			if (ini_get( 'session.auto_start' ) || !ini_get( 'session.use_cookies' )) {


				echo "<script>document.location.href='index.php?mosmsg=You need to login. If PHP\'s session.auto_start setting is on or session.use_cookies setting is off, you may need to correct this before you will be able to login.'</script>\n";


			} else {


				echo "<script>document.location.href='index.php?mosmsg=You need to login'</script>\n";


			}


			exit();


		} else {


			// session id does not correspond to required session format


			echo "<script>document.location.href='index.php?mosmsg=Invalid Session'</script>\n";


			exit();


		}





		/* Hack for integration with JACLPlus Component */


		if(class_exists('JACLPlus')) JACLPlus::AccessChecking($my, 'backend');


		/* End of hack for JACLPlus Component */


		return $my;


	}





	/*


	* Function used to set Session Garbage Cleaning


	* garbage cleaning set at configured session time + 600 seconds


	* Added as of 1.0.8


	* Deprecated 1.1


	*/


	function setSessionGarbageClean() {


		/** ensure that funciton is only called once */


		if (!defined( '_JOS_GARBAGECLEAN' )) {


			define( '_JOS_GARBAGECLEAN', 1 );





			$garbage_timeout = $this->getCfg('session_life_admin') + 600;


			@ini_set('session.gc_maxlifetime', $garbage_timeout);


		}


	}





	/*


	* Static Function used to generate the Session Cookie Name


	* Added as of 1.0.8


	* Deprecated 1.1


	*/


	function sessionCookieName() {


		global $mainframe, $mosConfig_live_site;





		if( substr( $mosConfig_live_site, 0, 7 ) == 'http://' ) {


			$hash = md5( 'site' . substr( $mosConfig_live_site, 7 ) );


		} elseif( substr( $mosConfig_live_site, 0, 8 ) == 'https://' ) {


			$hash = md5( 'site' . substr( $mosConfig_live_site, 8 ) );


		} else {


			$hash = md5( 'site' . $mainframe->getCfg( 'live_site' ) );


		}





		return $hash;


	}





	/*


	* Static Function used to generate the Session Cookie Value


	* Added as of 1.0.8


	* Deprecated 1.1


	*/


	function sessionCookieValue( $id=null ) {


		global $mainframe;





		$type 		= $mainframe->getCfg( 'session_type' );





		$browser 	= @$_SERVER['HTTP_USER_AGENT'];





		switch ($type) {


			case 2:


			// 1.0.0 to 1.0.7 Compatibility


			// lowest level security


				$value 			= md5( $id . $_SERVER['REMOTE_ADDR'] );


				break;





			case 1:


			// slightly reduced security - 3rd level IP authentication for those behind IP Proxy


				$remote_addr 	= explode('.',$_SERVER['REMOTE_ADDR']);


				$ip				= $remote_addr[0] .'.'. $remote_addr[1] .'.'. $remote_addr[2];


				$value 			= mosHash( $id . $ip . $browser );


				break;





			default:


			// Highest security level - new default for 1.0.8 and beyond


				$ip				= $_SERVER['REMOTE_ADDR'];


				$value 			= mosHash( $id . $ip . $browser );


				break;


		}





		return $value;


	}





	/*


	* Static Function used to generate the Rememeber Me Cookie Name for Username information


	* Added as of 1.0.8


	* Depreciated 1.1


	*/


	function remCookieName_User() {


		$value = mosHash( 'remembermecookieusername'. mosMainFrame::sessionCookieName() );





		return $value;


	}





	/*


	* Static Function used to generate the Rememeber Me Cookie Name for Password information


	* Added as of 1.0.8


	* Depreciated 1.1


	*/


	function remCookieName_Pass() {


		$value = mosHash( 'remembermecookiepassword'. mosMainFrame::sessionCookieName() );





		return $value;


	}





	/*


	* Static Function used to generate the Remember Me Cookie Value for Username information


	* Added as of 1.0.8


	* Depreciated 1.1


	*/


	function remCookieValue_User( $username ) {


		$value = md5( $username . mosHash( @$_SERVER['HTTP_USER_AGENT'] ) );





		return $value;


	}





	/*


	* Static Function used to generate the Remember Me Cookie Value for Password information


	* Added as of 1.0.8


	* Depreciated 1.1


	*/


	function remCookieValue_Pass( $passwd ) {


		$value 	= md5( $passwd . mosHash( @$_SERVER['HTTP_USER_AGENT'] ) );





		return $value;


	}





	/**


	* Login validation function


	*


	* Username and encoded password is compare to db entries in the jos_users


	* table. A successful validation updates the current session record with


	* the users details.


	*/


	function login( $username=null, $passwd=null, $remember=0, $userid=NULL ) {


		global $acl, $_VERSION;





		$bypost = 0;


		$valid_remember = false;





		// if no username and password passed from function, then function is being called from login module/component


		if (!$username || !$passwd) {


			$username 	= stripslashes( strval( mosGetParam( $_POST, 'username', '' ) ) );


			$passwd 	= stripslashes( strval( mosGetParam( $_POST, 'passwd', '' ) ) );





			$bypost 	= 1;





			// extra check to ensure that Joomla! sessioncookie exists


			if (!$this->_session->session_id) {


				mosErrorAlert( _ALERT_ENABLED );


				return;


			}





			josSpoofCheck(NULL,1);


		}





		$row = null;


		if (!$username || !$passwd) {


			mosErrorAlert( _LOGIN_INCOMPLETE );


			exit();


		} else {


			if ( $remember && strlen($username) == 32 && $userid ) {


			// query used for remember me cookie


				$harden = mosHash( @$_SERVER['HTTP_USER_AGENT'] );





				$query = "SELECT id, name, username, password, usertype, block, gid"


				. "\n FROM #__users"


				. "\n WHERE id = " . (int) $userid


				;


				$this->_db->setQuery( $query );


				$this->_db->loadObject($user);





				list($hash, $salt) = explode(':', $user->password);





				$check_username = md5( $user->username . $harden );


				$check_password = md5( $hash . $harden );





				if ( $check_username == $username && $check_password == $passwd ) {


					$row = $user;


					$valid_remember = true;


				}


			} else {


			// query used for login via login module


				$query = "SELECT id, name, username, password, usertype, block, gid"


				. "\n FROM #__users"


				. "\n WHERE username = ". $this->_db->Quote( $username )


				;





				$this->_db->setQuery( $query );


				$this->_db->loadObject( $row );


			}





			if (is_object($row)) {


				// user blocked from login


				if ($row->block == 1) {


					mosErrorAlert(_LOGIN_BLOCKED);


				}





				if (!$valid_remember) {


					// Conversion to new type


					if ((strpos($row->password, ':') === false) && $row->password == md5($passwd)) {


						// Old password hash storage but authentic ... lets convert it


						$salt = mosMakePassword(16);


						$crypt = md5($passwd.$salt);


						$row->password = $crypt.':'.$salt;





						// Now lets store it in the database


						$query	= 'UPDATE #__users'


								. ' SET password = '.$this->_db->Quote($row->password)


								. ' WHERE id = '.(int)$row->id;


						$this->_db->setQuery($query);


						if (!$this->_db->query()) {


							// This is an error but not sure what to do with it ... we'll still work for now


						}


					}





					list($hash, $salt) = explode(':', $row->password);


					$cryptpass = md5($passwd.$salt);


					if ($hash != $cryptpass) {


						if ( $bypost ) {


							mosErrorAlert(_LOGIN_INCORRECT);


						} else {


							$this->logout();


							mosRedirect('index.php');


						}


						exit();


					}


				}





				/* Hack for integration with JACLPlus Component */


				// fudge the group stuff


				$grp = $acl->getAroGroup( $row->id );


				$row->gid = $grp->group_id;


				if(!class_exists('JACLPlus')) {


				$row->gid = 1;


				if ($acl->is_group_child_of( $grp->name, 'Registered', 'ARO' ) || $acl->is_group_child_of( $grp->name, 'Public Backend', 'ARO' )) {


					// fudge Authors, Editors, Publishers and Super Administrators into the Special Group


					$row->gid = 2;


				}


				}


				$row->usertype = $grp->name;





				// initialize session data


				$session 			=& $this->_session;


				$session->guest 	= 0;


				$session->username 	= $row->username;


				$session->userid 	= intval( $row->id );


				$session->usertype 	= $row->usertype;


				$session->gid 		= intval( $row->gid );


				if(class_exists('JACLPlus')) $session->jaclplus		= $grp->jaclplus;


				/* End of hack for JACLPlus Component */





				$session->update();





				// check to see if site is a production site


				// allows multiple logins with same user for a demo site


				if ( $_VERSION->SITE ) {


					// delete any old front sessions to stop duplicate sessions


					$query = "DELETE FROM #__session"


					. "\n WHERE session_id != ". $this->_db->Quote( $session->session_id )


					. "\n AND username = ". $this->_db->Quote( $row->username )


					. "\n AND userid = " . (int) $row->id


					. "\n AND gid = " . (int) $row->gid


					. "\n AND guest = 0"


					;


					$this->_db->setQuery( $query );


					$this->_db->query();


				}





				// update user visit data


				$currentDate = date("Y-m-d\TH:i:s");





				$query = "UPDATE #__users"


				. "\n SET lastvisitDate = ". $this->_db->Quote( $currentDate )


				. "\n WHERE id = " . (int) $session->userid


				;


				$this->_db->setQuery($query);


				if (!$this->_db->query()) {


					die($this->_db->stderr(true));


				}





				// set remember me cookie if selected


				$remember = strval( mosGetParam( $_POST, 'remember', '' ) );


				if ( $remember == 'yes' ) {


					// cookie lifetime of 365 days


					$lifetime 		= time() + 365*24*60*60;


					$remCookieName 	= mosMainFrame::remCookieName_User();


					$remCookieValue = mosMainFrame::remCookieValue_User( $row->username ) . mosMainFrame::remCookieValue_Pass( $hash ) . $row->id;


					setcookie( $remCookieName, $remCookieValue, $lifetime, '/' );


				}


				mosCache::cleanCache();


			} else {


				if ( $bypost ) {


					mosErrorAlert(_LOGIN_INCORRECT);


				} else {


					$this->logout();


					mosRedirect('index.php');


				}


				exit();


			}


		}


	}





	/**


	* User logout


	*


	* Reverts the current session record back to 'anonymous' parameters


	*/


	function logout() {


		mosCache::cleanCache();





		$session 			=& $this->_session;


		$session->guest 	= 1;


		$session->username 	= '';


		$session->userid 	= 0;//$session->userid 	= '';


		$session->usertype 	= '';


		$session->gid 		= 0;


		/* Hack for integration with JACLPlus Component */


		if(class_exists('JACLPlus')) $session->jaclplus	= JACLPlus::DefaultAL();


		/* End of hack for JACLPlus Component */





		$session->update();





		// kill remember me cookie


		$lifetime 		= time() - 86400;


		$remCookieName 	= mosMainFrame::remCookieName_User();


		setcookie( $remCookieName, ' ', $lifetime, '/' );





		@session_destroy();


	}





	/**


	* @return mosUser A user object with the information from the current session


	*/


	function getUser() {


		global $database;





		$user = new mosUser( $this->_db );





		$user->id 			= intval( $this->_session->userid );


		$user->username 	= $this->_session->username;


		$user->usertype 	= $this->_session->usertype;


		$user->gid 			= intval( $this->_session->gid );


		/* Hack for integration with JACLPlus Component */


		if(class_exists('JACLPlus')) {


			$jaclplus = explode( ',', $this->_session->jaclplus );


			mosArrayToInts( $jaclplus );


			$user->jaclplus		= implode( ',', $jaclplus );


		}


		/* End of hack for JACLPlus Component */





		if ($user->id) {


			$query = "SELECT id, name, email, block, sendEmail, registerDate, lastvisitDate, activation, params"


			. "\n FROM #__users"


			. "\n WHERE id = " . (int) $user->id


			;


			$database->setQuery( $query );


			$database->loadObject( $my );





			$user->params 			= $my->params;


			$user->name				= $my->name;


			$user->email			= $my->email;


			$user->block			= $my->block;


			$user->sendEmail		= $my->sendEmail;


			$user->registerDate		= $my->registerDate;


			$user->lastvisitDate	= $my->lastvisitDate;


			$user->activation		= $my->activation;


		}





		/* Hack for integration with JACLPlus Component */


		if(class_exists('JACLPlus')) JACLPlus::AccessChecking($user, 'frontend');


		/* End of hack for JACLPlus Component */


		return $user;


	}


	/**


	 * @param string The name of the variable (from configuration.php)


	 * @return mixed The value of the configuration variable or null if not found


	 */


	function getCfg( $varname ) {


		$varname = 'mosConfig_' . $varname;


		if (isset( $GLOBALS[$varname] )) {


			return $GLOBALS[$varname];


		} else {


			return null;


		}


	}





	function _setTemplate( $isAdmin=false ) {


		global $Itemid;


		$mosConfig_absolute_path = $this->getCfg( 'absolute_path' );





		if ($isAdmin) {


			$query = "SELECT template"


			. "\n FROM #__templates_menu"


			. "\n WHERE client_id = 1"


			. "\n AND menuid = 0"


			;


			$this->_db->setQuery( $query );


			$cur_template = $this->_db->loadResult();


			$path = "$mosConfig_absolute_path/administrator/templates/$cur_template/index.php";


			if (!file_exists( $path )) {


				$cur_template = 'joomla_admin';


			}


		} else {


			$assigned = ( !empty( $Itemid ) ? " OR menuid = " . (int) $Itemid : '' );





			$query = "SELECT template"


			. "\n FROM #__templates_menu"


			. "\n WHERE client_id = 0"


			. "\n AND ( menuid = 0 $assigned )"


			. "\n ORDER BY menuid DESC"


			;


			$this->_db->setQuery( $query, 0, 1 );


			$cur_template = $this->_db->loadResult();





			// TemplateChooser Start


			$jos_user_template 		= strval( mosGetParam( $_COOKIE, 'jos_user_template', '' ) );


			$jos_change_template 	= strval( mosGetParam( $_REQUEST, 'jos_change_template', $jos_user_template ) );


			if ($jos_change_template) {


				// clean template name


				$jos_change_template = preg_replace( '#\W#', '', $jos_change_template );


				if ( strlen( $jos_change_template ) >= 40 ) {


					$jos_change_template = substr($jos_change_template, 0 , 39);


				}





				// check that template exists in case it was deleted


				if (file_exists( $mosConfig_absolute_path .'/templates/'. $jos_change_template .'/index.php' )) {


					$lifetime 		= 60*10;


					$cur_template 	= $jos_change_template;


					setcookie( 'jos_user_template', "$jos_change_template", time()+$lifetime);


				} else {


					setcookie( 'jos_user_template', '', time()-3600 );


				}


			}


			// TemplateChooser End


		}





		$this->_template = $cur_template;


	}





	function getTemplate() {


		return $this->_template;


	}





	/**


	* Determines the paths for including engine and menu files


	* @param string The current option used in the url


	* @param string The base path from which to load the configuration file


	*/


	function _setAdminPaths( $option, $basePath='.' ) {


		$option 		= strtolower( $option );





		$this->_path 	= new stdClass();





		// security check to disable use of `/`, `\\` and `:` in $options variable


		if (strpos($option, '/') !== false || strpos($option, '\\') !== false || strpos($option, ':') !== false) {


			mosErrorAlert( 'Restricted access' );


			return;


		}





		$prefix = substr( $option, 0, 4 );


		if ($prefix != 'com_' && $prefix != 'mod_') {


			// ensure backward compatibility with existing links


			$name 	= $option;


			$option = "com_$option";


		} else {


			$name 	= substr( $option, 4 );


		}





		// components


		if (file_exists( "$basePath/templates/$this->_template/components/$name.html.php" )) {


			$this->_path->front 		= "$basePath/components/$option/$name.php";


			$this->_path->front_html 	= "$basePath/templates/$this->_template/components/$name.html.php";


		} else if (file_exists( "$basePath/components/$option/$name.php" )) {


			$this->_path->front 		= "$basePath/components/$option/$name.php";


			$this->_path->front_html 	= "$basePath/components/$option/$name.html.php";


		}





		if (file_exists( "$basePath/administrator/components/$option/admin.$name.php" )) {


			$this->_path->admin 		= "$basePath/administrator/components/$option/admin.$name.php";


			$this->_path->admin_html 	= "$basePath/administrator/components/$option/admin.$name.html.php";


		}





		if (file_exists( "$basePath/administrator/components/$option/toolbar.$name.php" )) {


			$this->_path->toolbar 			= "$basePath/administrator/components/$option/toolbar.$name.php";


			$this->_path->toolbar_html 		= "$basePath/administrator/components/$option/toolbar.$name.html.php";


			$this->_path->toolbar_default 	= "$basePath/administrator/includes/toolbar.html.php";


		}





		if (file_exists( "$basePath/components/$option/$name.class.php" )) {


			$this->_path->class = "$basePath/components/$option/$name.class.php";


		} else if (file_exists( "$basePath/administrator/components/$option/$name.class.php" )) {


			$this->_path->class = "$basePath/administrator/components/$option/$name.class.php";


		} else if (file_exists( "$basePath/includes/$name.php" )) {


			$this->_path->class = "$basePath/includes/$name.php";


		}





		if ($prefix == 'mod_' && file_exists("$basePath/administrator/modules/$option.php")) {


			$this->_path->admin 		= "$basePath/administrator/modules/$option.php";


			$this->_path->admin_html 	= "$basePath/administrator/modules/mod_$name.html.php";


		} else if (file_exists("$basePath/administrator/components/$option/admin.$name.php" )) {


			$this->_path->admin 		= "$basePath/administrator/components/$option/admin.$name.php";


			$this->_path->admin_html 	= "$basePath/administrator/components/$option/admin.$name.html.php";


		} else {


			$this->_path->admin 		= "$basePath/administrator/components/com_admin/admin.admin.php";


			$this->_path->admin_html 	= "$basePath/administrator/components/com_admin/admin.admin.html.php";


		}


	}


	/**


	* Returns a stored path variable


	*


	*/


	function getPath( $varname, $option='' ) {


		global $mosConfig_absolute_path;


		if ($option) {


			$temp = $this->_path;


			$this->_setAdminPaths( $option, $this->getCfg( 'absolute_path' ) );


		}


		$result = null;


		if (isset( $this->_path->$varname )) {


			$result = $this->_path->$varname;


		} else {


			switch ($varname) {


				case 'com_xml':


					$name = substr( $option, 4 );


					$path = "$mosConfig_absolute_path/administrator/components/$option/$name.xml";


					if (file_exists( $path )) {


						$result = $path;


					} else {


						$path = "$mosConfig_absolute_path/components/$option/$name.xml";


						if (file_exists( $path )) {


							$result = $path;


						}


					}


					break;





				case 'mod0_xml':


					// Site modules


					if ($option == '') {


						$path = $mosConfig_absolute_path . "/modules/custom.xml";


					} else {


						$path = $mosConfig_absolute_path . "/modules/$option.xml";


					}


					if (file_exists( $path )) {


						$result = $path;


					}


					break;





				case 'mod1_xml':


					// admin modules


					if ($option == '') {


						$path = $mosConfig_absolute_path . '/administrator/modules/custom.xml';


					} else {


						$path = $mosConfig_absolute_path . "/administrator/modules/$option.xml";


					}


					if (file_exists( $path )) {


						$result = $path;


					}


					break;





				case 'bot_xml':


					// Site mambots


					$path = $mosConfig_absolute_path . "/mambots/$option.xml";


					if (file_exists( $path )) {


						$result = $path;


					}


					break;





				case 'menu_xml':


					$path = $mosConfig_absolute_path . "/administrator/components/com_menus/$option/$option.xml";


					if (file_exists( $path )) {


						$result = $path;


					}


					break;





				case 'installer_html':


					$path = $mosConfig_absolute_path . "/administrator/components/com_installer/$option/$option.html.php";


					if (file_exists( $path )) {


						$result = $path;


					}


					break;





				case 'installer_class':


					$path = $mosConfig_absolute_path . "/administrator/components/com_installer/$option/$option.class.php";


					if (file_exists( $path )) {


						$result = $path;


					}


					break;


			}


		}


		if ($option) {


			$this->_path = $temp;


		}


		return $result;


	}


	/**


	* Detects a 'visit'


	*


	* This function updates the agent and domain table hits for a particular


	* visitor.  The user agent is recorded/incremented if this is the first visit.


	* A cookie is set to mark the first visit.


	*/


	function detect() {


		global $mosConfig_enable_stats;


		if ($mosConfig_enable_stats == 1) {


			if (mosGetParam( $_COOKIE, 'mosvisitor', 0 )) {


				return;


			}


			setcookie( 'mosvisitor', 1 );





			if (phpversion() <= '4.2.1') {


				$agent = getenv( 'HTTP_USER_AGENT' );


				$domain = @gethostbyaddr( getenv( "REMOTE_ADDR" ) );


			} else {


				if ( isset($_SERVER['HTTP_USER_AGENT']) ) {


					$agent = $_SERVER['HTTP_USER_AGENT'];


				} else {


					$agent = 'Unknown';


				}





				$domain = @gethostbyaddr( $_SERVER['REMOTE_ADDR'] );


			}





			$browser = mosGetBrowser( $agent );





			$query = "SELECT COUNT(*)"


			. "\n FROM #__stats_agents"


			. "\n WHERE agent = " . $this->_db->Quote( $browser )


			. "\n AND type = 0"


			;


			$this->_db->setQuery( $query );


			if ($this->_db->loadResult()) {


				$query = "UPDATE #__stats_agents"


				. "\n SET hits = ( hits + 1 )"


				. "\n WHERE agent = " . $this->_db->Quote( $browser )


				. "\n AND type = 0"


				;


				$this->_db->setQuery( $query );


			} else {


				$query = "INSERT INTO #__stats_agents"


				. "\n ( agent, type )"


				. "\n VALUES ( " . $this->_db->Quote( $browser ) . ", 0 )"


				;


				$this->_db->setQuery( $query );


			}


			$this->_db->query();





			$os = mosGetOS( $agent );





			$query = "SELECT COUNT(*)"


			. "\n FROM #__stats_agents"


			. "\n WHERE agent = " . $this->_db->Quote( $os )


			. "\n AND type = 1"


			;


			$this->_db->setQuery( $query );


			if ($this->_db->loadResult()) {


				$query = "UPDATE #__stats_agents"


				. "\n SET…