PageRenderTime 41ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 1ms

/administrator/components/com_patch/patch/administrator/components/com_jaclplus/patch/joomla.php

https://github.com/viollarr/alab
PHP | 6212 lines | 5335 code | 227 blank | 650 comment | 250 complexity | a0d7c6cfbf70d91d12fb69fb4836601d MD5 | raw file
Possible License(s): LGPL-2.1, GPL-2.0, AGPL-3.0, Apache-2.0, BSD-3-Clause, GPL-3.0 
    

  1. <?php


    2. 

  2. /**


    3. 

  3. * This file has been modified by Vincent Cheah, ByOS Technologies 2008-02-27 12:07 


    4. 

  4. * for integration with JACLPlus Component 


    5. 

  5. */


    6. 

  6. /**


    7. 

  7. * @version $Id: joomla.php 9997 2008-02-07 11:27:04Z eddieajau $


    8. 

  8. * @package Joomla


    9. 

  9. * @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.


    10. 

  10. * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php


    11. 

  11. * Joomla! is free software. This version may have been modified pursuant


    12. 

  12. * to the GNU General Public License, and as distributed it includes or


    13. 

  13. * is derivative of works licensed under the GNU General Public License or


    14. 

  14. * other free or open source software licenses.


    15. 

  15. * See COPYRIGHT.php for copyright notices and details.


    16. 

  16. */


    17. 

  17. 


    18. 

  18. // no direct access


    19. 

  19. defined( '_VALID_MOS' ) or die( 'Restricted access' );


    20. 

  20. define( '_MOS_MAMBO_INCLUDED', 1 );


    21. 

  21. 


    22. 

  22. /**


    23. 

  23.  * Page generation time


    24. 

  24.  * @package Joomla


    25. 

  25.  */


    26. 

  26. class mosProfiler {


    27. 

  27. 	/** @var int Start time stamp */


    28. 

  28. 	var $start=0;


    29. 

  29. 	/** @var string A prefix for mark messages */


    30. 

  30. 	var $prefix='';


    31. 

  31. 


    32. 

  32. 	/**


    33. 

  33. 	 * Constructor


    34. 

  34. 	 * @param string A prefix for mark messages


    35. 

  35. 	 */


    36. 

  36. 	function mosProfiler( $prefix='' ) {


    37. 

  37. 		$this->start = $this->getmicrotime();


    38. 

  38. 		$this->prefix = $prefix;


    39. 

  39. 	}


    40. 

  40. 


    41. 

  41. 	/**


    42. 

  42. 	 * @return string A format message of the elapsed time


    43. 

  43. 	 */


    44. 

  44. 	function mark( $label ) {


    45. 

  45. 		return sprintf ( "\n<div class=\"profiler\">$this->prefix %.3f $label</div>", $this->getmicrotime() - $this->start );


    46. 

  46. 	}


    47. 

  47. 


    48. 

  48. 	/**


    49. 

  49. 	 * @return float The current time in milliseconds


    50. 

  50. 	 */


    51. 

  51. 	function getmicrotime(){


    52. 

  52. 		list($usec, $sec) = explode(" ",microtime());


    53. 

  53. 		return ((float)$usec + (float)$sec);


    54. 

  54. 	}


    55. 

  55. }


    56. 

  56. 


    57. 

  57. if (phpversion() < '4.2.0') {


    58. 

  58. 	require_once( dirname( __FILE__ ) . '/compat.php41x.php' );


    59. 

  59. }


    60. 

  60. if (phpversion() < '4.3.0') {


    61. 

  61. 	require_once( dirname( __FILE__ ) . '/compat.php42x.php' );


    62. 

  62. }


    63. 

  63. if (version_compare( phpversion(), '5.0' ) < 0) {


    64. 

  64. 	require_once( dirname( __FILE__ ) . '/compat.php50x.php' );


    65. 

  65. }


    66. 

  66. 


    67. 

  67. @set_magic_quotes_runtime( 0 );


    68. 

  68. 


    69. 

  69. if ( @$mosConfig_error_reporting === 0 || @$mosConfig_error_reporting === '0' ) {


    70. 

  70. 	error_reporting( 0 );


    71. 

  71. } else if (@$mosConfig_error_reporting > 0) {


    72. 

  72. 	error_reporting( $mosConfig_error_reporting );


    73. 

  73. }


    74. 

  74. 


    75. 

  75. /* Hack for integration with JACLPlus Component */


    76. 

  76. if(file_exists($mosConfig_absolute_path . '/administrator/components/com_jaclplus/jaclplus.class.php')) {


    77. 

  77. 	require_once( $mosConfig_absolute_path . '/administrator/components/com_jaclplus/jaclplus.class.php' );


    78. 

  78. }


    79. 

  79. /* End of hack for JACLPlus Component */


    80. 

  80. require_once( $mosConfig_absolute_path . '/includes/version.php' );


    81. 

  81. require_once( $mosConfig_absolute_path . '/includes/database.php' );


    82. 

  82. require_once( $mosConfig_absolute_path . '/includes/gacl.class.php' );


    83. 

  83. require_once( $mosConfig_absolute_path . '/includes/gacl_api.class.php' );


    84. 

  84. require_once( $mosConfig_absolute_path . '/includes/phpmailer/class.phpmailer.php' );


    85. 

  85. require_once( $mosConfig_absolute_path . '/includes/joomla.xml.php' );


    86. 

  86. require_once( $mosConfig_absolute_path . '/includes/phpInputFilter/class.inputfilter.php' );


    87. 

  87. 


    88. 

  88. $database = new database( $mosConfig_host, $mosConfig_user, $mosConfig_password, $mosConfig_db, $mosConfig_dbprefix );


    89. 

  89. if ($database->getErrorNum()) {


    90. 

  90. 	$mosSystemError = $database->getErrorNum();


    91. 

  91. 	$basePath = dirname( __FILE__ );


    92. 

  92. 	include $basePath . '/../configuration.php';


    93. 

  93. 	include $basePath . '/../offline.php';


    94. 

  94. 	exit();


    95. 

  95. }


    96. 

  96. $database->debug( $mosConfig_debug );


    97. 

  97. $acl = new gacl_api();


    98. 

  98. 


    99. 

  99. // platform neurtral url handling


    100. 

  100. if ( isset( $_SERVER['REQUEST_URI'] ) ) {


    101. 

  101. 	$request_uri = $_SERVER['REQUEST_URI'];


    102. 

  102. } else {


    103. 

  103. 	$request_uri = $_SERVER['SCRIPT_NAME'];


    104. 

  104. 	// Append the query string if it exists and isn't null


    105. 

  105. 	if ( isset( $_SERVER['QUERY_STRING'] ) && !empty( $_SERVER['QUERY_STRING'] ) ) {


    106. 

  106. 		$request_uri .= '?' . $_SERVER['QUERY_STRING'];


    107. 

  107. 	}


    108. 

  108. }


    109. 

  109. $_SERVER['REQUEST_URI'] = $request_uri;


    110. 

  110. 


    111. 

  111. // current server time


    112. 

  112. $now = date( 'Y-m-d H:i', time() );


    113. 

  113. DEFINE( '_CURRENT_SERVER_TIME', $now );


    114. 

  114. DEFINE( '_CURRENT_SERVER_TIME_FORMAT', '%Y-%m-%d %H:%M:%S' );


    115. 

  115. 


    116. 

  116. // Non http/https URL Schemes


    117. 

  117. $url_schemes = 'data:, file:, ftp:, gopher:, imap:, ldap:, mailto:, news:, nntp:, telnet:, javascript:, irc:, mms:';


    118. 

  118. DEFINE( '_URL_SCHEMES', $url_schemes );


    119. 

  119. 


    120. 

  120. // disable strict mode in MySQL 5


    121. 

  121. if (!defined( '_JOS_SET_SQLMODE' )) {


    122. 

  122. 	/** ensure that functions are declared only once */


    123. 

  123. 	define( '_JOS_SET_SQLMODE', 1 );


    124. 

  124. 


    125. 

  125. 	// if running mysql 5, set sql-mode to mysql40 - thereby circumventing strict mode problems


    126. 

  126. 	if ( strpos( $database->getVersion(), '5' ) === 0 ) {


    127. 

  127. 		$query = "SET sql_mode = 'MYSQL40'";


    128. 

  128. 		$database->setQuery( $query );


    129. 

  129. 		$database->query();


    130. 

  130. 	}


    131. 

  131. }


    132. 

  132. 


    133. 

  133. /**


    134. 

  134.  * @package Joomla


    135. 

  135.  * @abstract


    136. 

  136.  */


    137. 

  137. class mosAbstractLog {


    138. 

  138. 	/** @var array */


    139. 

  139. 	var $_log	= null;


    140. 

  140. 


    141. 

  141. 	/**


    142. 

  142. 	 * Constructor


    143. 

  143. 	 */


    144. 

  144. 	function mosAbstractLog() {


    145. 

  145. 		$this->__constructor();


    146. 

  146. 	}


    147. 

  147. 


    148. 

  148. 	/**


    149. 

  149. 	 * Generic constructor


    150. 

  150. 	 */


    151. 

  151. 	function __constructor() {


    152. 

  152. 		$this->_log = array();


    153. 

  153. 	}


    154. 

  154. 


    155. 

  155. 	/**


    156. 

  156. 	 * @param string Log message


    157. 

  157. 	 * @param boolean True to append to last message


    158. 

  158. 	 */


    159. 

  159. 	function log( $text, $append=false ) {


    160. 

  160. 		$n = count( $this->_log );


    161. 

  161. 		if ($append && $n > 0) {


    162. 

  162. 			$this->_log[count( $this->_log )-1] .= $text;


    163. 

  163. 		} else {


    164. 

  164. 			$this->_log[] = $text;


    165. 

  165. 		}


    166. 

  166. 	}


    167. 

  167. 


    168. 

  168. 	/**


    169. 

  169. 	 * @param string The glue for each log item


    170. 

  170. 	 * @return string Returns the log


    171. 

  171. 	 */


    172. 

  172. 	function getLog( $glue='<br/>', $truncate=9000, $htmlSafe=false ) {


    173. 

  173. 		$logs = array();


    174. 

  174. 		foreach ($this->_log as $log) {


    175. 

  175. 			if ($htmlSafe) {


    176. 

  176. 				$log = htmlspecialchars( $log );


    177. 

  177. 			}


    178. 

  178. 			$logs[] = substr( $log, 0, $truncate );


    179. 

  179. 		}


    180. 

  180. 		return  implode( $glue, $logs );


    181. 

  181. 	}


    182. 

  182. }


    183. 

  183. 


    184. 

  184. /**


    185. 

  185.  * Task routing class


    186. 

  186.  * @package Joomla


    187. 

  187.  * @abstract


    188. 

  188.  */


    189. 

  189. class mosAbstractTasker {


    190. 

  190. 	/** @var array An array of the class methods to call for a task */


    191. 

  191. 	var $_taskMap 	= null;


    192. 

  192. 	/** @var string The name of the current task*/


    193. 

  193. 	var $_task 		= null;


    194. 

  194. 	/** @var array An array of the class methods*/


    195. 

  195. 	var $_methods 	= null;


    196. 

  196. 	/** @var string A url to redirect to */


    197. 

  197. 	var $_redirect 	= null;


    198. 

  198. 	/** @var string A message about the operation of the task */


    199. 

  199. 	var $_message 	= null;


    200. 

  200. 


    201. 

  201. 	// action based access control


    202. 

  202. 


    203. 

  203. 	/** @var string The ACO Section */


    204. 

  204. 	var $_acoSection 		= null;


    205. 

  205. 	/** @var string The ACO Section value */


    206. 

  206. 	var $_acoSectionValue 	= null;


    207. 

  207. 


    208. 

  208. 	/**


    209. 

  209. 	 * Constructor


    210. 

  210. 	 * @param string Set the default task


    211. 

  211. 	 */


    212. 

  212. 	function mosAbstractTasker( $default='' ) {


    213. 

  213. 		$this->_taskMap = array();


    214. 

  214. 		$this->_methods = array();


    215. 

  215. 		foreach (get_class_methods( get_class( $this ) ) as $method) {


    216. 

  216. 			if (substr( $method, 0, 1 ) != '_') {


    217. 

  217. 				$this->_methods[] = strtolower( $method );


    218. 

  218. 				// auto register public methods as tasks


    219. 

  219. 				$this->_taskMap[strtolower( $method )] = $method;


    220. 

  220. 			}


    221. 

  221. 		}


    222. 

  222. 		$this->_redirect = '';


    223. 

  223. 		$this->_message = '';


    224. 

  224. 		if ($default) {


    225. 

  225. 			$this->registerDefaultTask( $default );


    226. 

  226. 		}


    227. 

  227. 	}


    228. 

  228. 


    229. 

  229. 	/**


    230. 

  230. 	 * Sets the access control levels


    231. 

  231. 	 * @param string The ACO section (eg, the component)


    232. 

  232. 	 * @param string The ACO section value (if using a constant value)


    233. 

  233. 	 */


    234. 

  234. 	function setAccessControl( $section, $value=null ) {


    235. 

  235. 		$this->_acoSection = $section;


    236. 

  236. 		$this->_acoSectionValue = $value;


    237. 

  237. 	}


    238. 

  238. 	/**


    239. 

  239. 	 * Access control check


    240. 

  240. 	 */


    241. 

  241. 	function accessCheck( $task ) {


    242. 

  242. 		global $acl, $my;


    243. 

  243. 


    244. 

  244. 		// only check if the derived class has set these values


    245. 

  245. 		if ($this->_acoSection) {


    246. 

  246. 			// ensure user has access to this function


    247. 

  247. 			if ($this->_acoSectionValue) {


    248. 

  248. 				// use a 'constant' task for this task handler


    249. 

  249. 				$task = $this->_acoSectionValue;


    250. 

  250. 			}


    251. 

  251. 			return $acl->acl_check( $this->_acoSection, $task, 'users', $my->usertype );


    252. 

  252. 		} else {


    253. 

  253. 			return true;


    254. 

  254. 		}


    255. 

  255. 	}


    256. 

  256. 


    257. 

  257. 	/**


    258. 

  258. 	 * Set a URL to redirect the browser to


    259. 

  259. 	 * @param string A URL


    260. 

  260. 	 */


    261. 

  261. 	function setRedirect( $url, $msg = null ) {


    262. 

  262. 		$this->_redirect = $url;


    263. 

  263. 		if ($msg !== null) {


    264. 

  264. 			$this->_message = $msg;


    265. 

  265. 		}


    266. 

  266. 	}


    267. 

  267. 	/**


    268. 

  268. 	 * Redirects the browser


    269. 

  269. 	 */


    270. 

  270. 	function redirect() {


    271. 

  271. 		if ($this->_redirect) {


    272. 

  272. 			mosRedirect( $this->_redirect, $this->_message );


    273. 

  273. 		}


    274. 

  274. 	}


    275. 

  275. 	/**


    276. 

  276. 	 * Register (map) a task to a method in the class


    277. 

  277. 	 * @param string The task


    278. 

  278. 	 * @param string The name of the method in the derived class to perform for this task


    279. 

  279. 	 */


    280. 

  280. 	function registerTask( $task, $method ) {


    281. 

  281. 		if (in_array( strtolower( $method ), $this->_methods )) {


    282. 

  282. 			$this->_taskMap[strtolower( $task )] = $method;


    283. 

  283. 		} else {


    284. 

  284. 			$this->methodNotFound( $method );


    285. 

  285. 		}


    286. 

  286. 	}


    287. 

  287. 	/**


    288. 

  288. 	 * Register the default task to perfrom if a mapping is not found


    289. 

  289. 	 * @param string The name of the method in the derived class to perform if the task is not found


    290. 

  290. 	 */


    291. 

  291. 	function registerDefaultTask( $method ) {


    292. 

  292. 		$this->registerTask( '__default', $method );


    293. 

  293. 	}


    294. 

  294. 	/**


    295. 

  295. 	 * Perform a task by triggering a method in the derived class


    296. 

  296. 	 * @param string The task to perform


    297. 

  297. 	 * @return mixed The value returned by the function


    298. 

  298. 	 */


    299. 

  299. 	function performTask( $task ) {


    300. 

  300. 		$this->_task = $task;


    301. 

  301. 


    302. 

  302. 		$task = strtolower( $task );


    303. 

  303. 		if (isset( $this->_taskMap[$task] )) {


    304. 

  304. 			$doTask = $this->_taskMap[$task];


    305. 

  305. 		} else if (isset( $this->_taskMap['__default'] )) {


    306. 

  306. 			$doTask = $this->_taskMap['__default'];


    307. 

  307. 		} else {


    308. 

  308. 			return $this->taskNotFound( $this->_task );


    309. 

  309. 		}


    310. 

  310. 


    311. 

  311. 		if ($this->accessCheck( $doTask )) {


    312. 

  312. 			return call_user_func( array( &$this, $doTask ) );


    313. 

  313. 		} else {


    314. 

  314. 			return $this->notAllowed( $task );


    315. 

  315. 		}


    316. 

  316. 	}


    317. 

  317. 	/**


    318. 

  318. 	 * Get the last task that was to be performed


    319. 

  319. 	 * @return string The task that was or is being performed


    320. 

  320. 	 */


    321. 

  321. 	function getTask() {


    322. 

  322. 		return $this->_task;


    323. 

  323. 	}


    324. 

  324. 	/**


    325. 

  325. 	 * Basic method if the task is not found


    326. 

  326. 	 * @param string The task


    327. 

  327. 	 * @return null


    328. 

  328. 	 */


    329. 

  329. 	function taskNotFound( $task ) {


    330. 

  330. 		echo 'Task ' . $task . ' not found';


    331. 

  331. 		return null;


    332. 

  332. 	}


    333. 

  333. 	/**


    334. 

  334. 	 * Basic method if the registered method is not found


    335. 

  335. 	 * @param string The name of the method in the derived class


    336. 

  336. 	 * @return null


    337. 

  337. 	 */


    338. 

  338. 	function methodNotFound( $name ) {


    339. 

  339. 		echo 'Method ' . $name . ' not found';


    340. 

  340. 		return null;


    341. 

  341. 	}


    342. 

  342. 	/**


    343. 

  343. 	 * Basic method if access is not permitted to the task


    344. 

  344. 	 * @param string The name of the method in the derived class


    345. 

  345. 	 * @return null


    346. 

  346. 	 */


    347. 

  347. 	function notAllowed( $name ) {


    348. 

  348. 		echo _NOT_AUTH;


    349. 

  349. 


    350. 

  350. 		return null;


    351. 

  351. 	}


    352. 

  352. }


    353. 

  353. /**


    354. 

  354. * Class to support function caching


    355. 

  355. * @package Joomla


    356. 

  356. */


    357. 

  357. class mosCache {


    358. 

  358. 	/**


    359. 

  359. 	* @return object A function cache object


    360. 

  360. 	*/


    361. 

  361. 	function &getCache(  $group=''  ) {


    362. 

  362. 		global $mosConfig_absolute_path, $mosConfig_caching, $mosConfig_cachepath, $mosConfig_cachetime;


    363. 

  363. 


    364. 

  364. 		require_once( $mosConfig_absolute_path . '/includes/joomla.cache.php' );


    365. 

  365. 


    366. 

  366. 		$options = array(


    367. 

  367. 			'cacheDir' 		=> $mosConfig_cachepath . '/',


    368. 

  368. 			'caching' 		=> $mosConfig_caching,


    369. 

  369. 			'defaultGroup' 	=> $group,


    370. 

  370. 			'lifeTime' 		=> $mosConfig_cachetime


    371. 

  371. 		);


    372. 

  372. 		$cache = new JCache_Lite_Function( $options );


    373. 

  373. 		return $cache;


    374. 

  374. 	}


    375. 

  375. 	/**


    376. 

  376. 	* Cleans the cache


    377. 

  377. 	*/


    378. 

  378. 	function cleanCache( $group=false ) {


    379. 

  379. 		global $mosConfig_caching;


    380. 

  380. 		if ($mosConfig_caching) {


    381. 

  381. 			$cache =& mosCache::getCache( $group );


    382. 

  382. 			$cache->clean( $group );


    383. 

  383. 		}


    384. 

  384. 	}


    385. 

  385. }


    386. 

  386. /**


    387. 

  387. * Joomla! Mainframe class


    388. 

  388. *


    389. 

  389. * Provide many supporting API functions


    390. 

  390. * @package Joomla


    391. 

  391. */


    392. 

  392. class mosMainFrame {


    393. 

  393. 	/** @var database Internal database class pointer */


    394. 

  394. 	var $_db						= null;


    395. 

  395. 	/** @var object An object of configuration variables */


    396. 

  396. 	var $_config					= null;


    397. 

  397. 	/** @var object An object of path variables */


    398. 

  398. 	var $_path						= null;


    399. 

  399. 	/** @var mosSession The current session */


    400. 

  400. 	var $_session					= null;


    401. 

  401. 	/** @var string The current template */


    402. 

  402. 	var $_template					= null;


    403. 

  403. 	/** @var array An array to hold global user state within a session */


    404. 

  404. 	var $_userstate					= null;


    405. 

  405. 	/** @var array An array of page meta information */


    406. 

  406. 	var $_head						= null;


    407. 

  407. 	/** @var string Custom html string to append to the pathway */


    408. 

  408. 	var $_custom_pathway			= null;


    409. 

  409. 	/** @var boolean True if in the admin client */


    410. 

  410. 	var $_isAdmin 					= false;


    411. 

  411. 


    412. 

  412. 


    413. 

  413. 	/**


    414. 

  414. 	* Class constructor


    415. 

  415. 	* @param database A database connection object


    416. 

  416. 	* @param string The url option


    417. 

  417. 	* @param string The path of the mos directory


    418. 

  418. 	*/


    419. 

  419. 	function mosMainFrame( &$db, $option, $basePath, $isAdmin=false ) {


    420. 

  420. 		$this->_db =& $db;


    421. 

  421. 


    422. 

  422. 		// load the configuration values


    423. 

  423. 		$this->_setTemplate( $isAdmin );


    424. 

  424. 		$this->_setAdminPaths( $option, $this->getCfg( 'absolute_path' ) );


    425. 

  425. 		if (isset( $_SESSION['session_userstate'] )) {


    426. 

  426. 			$this->_userstate =& $_SESSION['session_userstate'];


    427. 

  427. 		} else {


    428. 

  428. 			$this->_userstate = null;


    429. 

  429. 		}


    430. 

  430. 		$this->_head = array();


    431. 

  431. 		$this->_head['title'] 	= $GLOBALS['mosConfig_sitename'];


    432. 

  432. 		$this->_head['meta'] 	= array();


    433. 

  433. 		$this->_head['custom'] 	= array();


    434. 

  434. 


    435. 

  435. 		//set the admin check


    436. 

  436. 		$this->_isAdmin 		= (boolean) $isAdmin;


    437. 

  437. 


    438. 

  438. 		$now = date( 'Y-m-d H:i:s', time() );


    439. 

  439. 		$this->set( 'now', $now );


    440. 

  440. 	}


    441. 

  441. 


    442. 

  442. 	/**


    443. 

  443. 	 * Gets the id number for a client


    444. 

  444. 	 * @param mixed A client identifier


    445. 

  445. 	 */


    446. 

  446. 	function getClientID( $client ) {


    447. 

  447. 		switch ($client) {


    448. 

  448. 			case '2':


    449. 

  449. 			case 'installation':


    450. 

  450. 				return 2;


    451. 

  451. 				break;


    452. 

  452. 


    453. 

  453. 			case '1':


    454. 

  454. 			case 'admin':


    455. 

  455. 			case 'administrator':


    456. 

  456. 				return 1;


    457. 

  457. 				break;


    458. 

  458. 


    459. 

  459. 			case '0':


    460. 

  460. 			case 'site':


    461. 

  461. 			case 'front':


    462. 

  462. 			default:


    463. 

  463. 				return 0;


    464. 

  464. 				break;


    465. 

  465. 		}


    466. 

  466. 	}


    467. 

  467. 


    468. 

  468. 	/**


    469. 

  469. 	 * Gets the client name


    470. 

  470. 	 * @param int The client identifier


    471. 

  471. 	 * @return strint The text name of the client


    472. 

  472. 	 */


    473. 

  473. 	function getClientName( $client_id ) {


    474. 

  474. 		 // do not translate


    475. 

  475. 		$clients = array( 'site', 'admin', 'installer' );


    476. 

  476. 		return mosGetParam( $clients, $client_id, 'unknown' );


    477. 

  477. 	}


    478. 

  478. 


    479. 

  479. 	/**


    480. 

  480. 	 * Gets the base path for the client


    481. 

  481. 	 * @param mixed A client identifier


    482. 

  482. 	 * @param boolean True (default) to add traling slash


    483. 

  483. 	 */


    484. 

  484. 	function getBasePath( $client=0, $addTrailingSlash=true ) {


    485. 

  485. 		global $mosConfig_absolute_path;


    486. 

  486. 


    487. 

  487. 		switch ($client) {


    488. 

  488. 			case '0':


    489. 

  489. 			case 'site':


    490. 

  490. 			case 'front':


    491. 

  491. 			default:


    492. 

  492. 				return mosPathName( $mosConfig_absolute_path, $addTrailingSlash );


    493. 

  493. 				break;


    494. 

  494. 


    495. 

  495. 			case '2':


    496. 

  496. 			case 'installation':


    497. 

  497. 				return mosPathName( $mosConfig_absolute_path . '/installation', $addTrailingSlash );


    498. 

  498. 				break;


    499. 

  499. 


    500. 

  500. 			case '1':


    501. 

  501. 			case 'admin':


    502. 

  502. 			case 'administrator':


    503. 

  503. 				return mosPathName( $mosConfig_absolute_path . '/administrator', $addTrailingSlash );


    504. 

  504. 				break;


    505. 

  505. 


    506. 

  506. 		}


    507. 

  507. 	}


    508. 

  508. 


    509. 

  509. 	/**


    510. 

  510. 	* @param string


    511. 

  511. 	*/


    512. 

  512. 	function setPageTitle( $title=null ) {


    513. 

  513. 		if (@$GLOBALS['mosConfig_pagetitles']) {


    514. 

  514. 			$title = trim( htmlspecialchars( $title ) );


    515. 

  515. 			$title = stripslashes($title);


    516. 

  516. 			$this->_head['title'] = $title ? $GLOBALS['mosConfig_sitename'] . ' - '. $title : $GLOBALS['mosConfig_sitename'];


    517. 

  517. 		}


    518. 

  518. 	}


    519. 

  519. 	/**


    520. 

  520. 	* @param string The value of the name attibute


    521. 

  521. 	* @param string The value of the content attibute


    522. 

  522. 	* @param string Text to display before the tag


    523. 

  523. 	* @param string Text to display after the tag


    524. 

  524. 	*/


    525. 

  525. 	function addMetaTag( $name, $content, $prepend='', $append='' ) {


    526. 

  526. 		$name = trim( htmlspecialchars( $name ) );


    527. 

  527. 		$content = trim( htmlspecialchars( $content ) );


    528. 

  528. 		$prepend = trim( $prepend );


    529. 

  529. 		$append = trim( $append );


    530. 

  530. 		$this->_head['meta'][] = array( $name, $content, $prepend, $append );


    531. 

  531. 	}


    532. 

  532. 	/**


    533. 

  533. 	* @param string The value of the name attibute


    534. 

  534. 	* @param string The value of the content attibute to append to the existing


    535. 

  535. 	* Tags ordered in with Site Keywords and Description first


    536. 

  536. 	*/


    537. 

  537. 	function appendMetaTag( $name, $content ) {


    538. 

  538. 		$name = trim( htmlspecialchars( $name ) );


    539. 

  539. 		$n = count( $this->_head['meta'] );


    540. 

  540. 		for ($i = 0; $i < $n; $i++) {


    541. 

  541. 			if ($this->_head['meta'][$i][0] == $name) {


    542. 

  542. 				$content = trim( htmlspecialchars( $content ) );


    543. 

  543. 				if ( $content ) {


    544. 

  544. 					if ( !$this->_head['meta'][$i][1] ) {


    545. 

  545. 						$this->_head['meta'][$i][1] = $content ;


    546. 

  546. 					} else {


    547. 

  547. 						$this->_head['meta'][$i][1] = $content .', '. $this->_head['meta'][$i][1];


    548. 

  548. 					}


    549. 

  549. 				}


    550. 

  550. 				return;


    551. 

  551. 			}


    552. 

  552. 		}


    553. 

  553. 		$this->addMetaTag( $name , $content );


    554. 

  554. 	}


    555. 

  555. 


    556. 

  556. 	/**


    557. 

  557. 	* @param string The value of the name attibute


    558. 

  558. 	* @param string The value of the content attibute to append to the existing


    559. 

  559. 	*/


    560. 

  560. 	function prependMetaTag( $name, $content ) {


    561. 

  561. 		$name = trim( htmlspecialchars( $name ) );


    562. 

  562. 		$n = count( $this->_head['meta'] );


    563. 

  563. 		for ($i = 0; $i < $n; $i++) {


    564. 

  564. 			if ($this->_head['meta'][$i][0] == $name) {


    565. 

  565. 				$content = trim( htmlspecialchars( $content ) );


    566. 

  566. 				$this->_head['meta'][$i][1] = $content . $this->_head['meta'][$i][1];


    567. 

  567. 				return;


    568. 

  568. 			}


    569. 

  569. 		}


    570. 

  570. 		$this->addMetaTag( $name, $content );


    571. 

  571. 	}


    572. 

  572. 	/**


    573. 

  573. 	 * Adds a custom html string to the head block


    574. 

  574. 	 * @param string The html to add to the head


    575. 

  575. 	 */


    576. 

  576. 	function addCustomHeadTag( $html ) {


    577. 

  577. 		$this->_head['custom'][] = trim( $html );


    578. 

  578. 	}


    579. 

  579. 	/**


    580. 

  580. 	* @return string


    581. 

  581. 	*/


    582. 

  582. 	function getHead() {


    583. 

  583. 		$head = array();


    584. 

  584. 		$head[] = '<title>' . $this->_head['title'] . '</title>';


    585. 

  585. 		foreach ($this->_head['meta'] as $meta) {


    586. 

  586. 			if ($meta[2]) {


    587. 

  587. 				$head[] = $meta[2];


    588. 

  588. 			}


    589. 

  589. 			$head[] = '<meta name="' . $meta[0] . '" content="' . $meta[1] . '" />';


    590. 

  590. 			if ($meta[3]) {


    591. 

  591. 				$head[] = $meta[3];


    592. 

  592. 			}


    593. 

  593. 		}


    594. 

  594. 		foreach ($this->_head['custom'] as $html) {


    595. 

  595. 			$head[] = $html;


    596. 

  596. 		}


    597. 

  597. 		return implode( "\n", $head ) . "\n";


    598. 

  598. 	}


    599. 

  599. 


    600. 

  600. 


    601. 

  601. 	/**


    602. 

  602. 	* @return string


    603. 

  603. 	*/


    604. 

  604. 	function getPageTitle() {


    605. 

  605. 		return $this->_head['title'];


    606. 

  606. 	}


    607. 

  607. 


    608. 

  608. 	/**


    609. 

  609. 	* @return string


    610. 

  610. 	*/


    611. 

  611. 	function getCustomPathWay() {


    612. 

  612. 		return $this->_custom_pathway;


    613. 

  613. 	}


    614. 

  614. 


    615. 

  615. 	function appendPathWay( $html ) {


    616. 

  616. 		$this->_custom_pathway[] = $html;


    617. 

  617. 	}


    618. 

  618. 


    619. 

  619.   /**


    620. 

  620. 	* Gets the value of a user state variable


    621. 

  621. 	* @param string The name of the variable


    622. 

  622. 	*/


    623. 

  623. 	function getUserState( $var_name ) {


    624. 

  624. 		if (is_array( $this->_userstate )) {


    625. 

  625. 			return mosGetParam( $this->_userstate, $var_name, null );


    626. 

  626. 		} else {


    627. 

  627. 			return null;


    628. 

  628. 		}


    629. 

  629. 	}


    630. 

  630. 	/**


    631. 

  631. 	* Gets the value of a user state variable


    632. 

  632. 	* @param string The name of the user state variable


    633. 

  633. 	* @param string The name of the variable passed in a request


    634. 

  634. 	* @param string The default value for the variable if not found


    635. 

  635. 	*/


    636. 

  636. 	function getUserStateFromRequest( $var_name, $req_name, $var_default=null ) {


    637. 

  637. 		if (is_array( $this->_userstate )) {


    638. 

  638. 			if (isset( $_REQUEST[$req_name] )) {


    639. 

  639. 				$this->setUserState( $var_name, $_REQUEST[$req_name] );


    640. 

  640. 			} else if (!isset( $this->_userstate[$var_name] )) {


    641. 

  641. 				$this->setUserState( $var_name, $var_default );


    642. 

  642. 			}


    643. 

  643. 


    644. 

  644. 			// filter input


    645. 

  645. 			$iFilter = new InputFilter();


    646. 

  646. 			$this->_userstate[$var_name] = $iFilter->process( $this->_userstate[$var_name] );


    647. 

  647. 


    648. 

  648. 			return $this->_userstate[$var_name];


    649. 

  649. 		} else {


    650. 

  650. 			return null;


    651. 

  651. 		}


    652. 

  652. 	}


    653. 

  653. 	/**


    654. 

  654. 	* Sets the value of a user state variable


    655. 

  655. 	* @param string The name of the variable


    656. 

  656. 	* @param string The value of the variable


    657. 

  657. 	*/


    658. 

  658. 	function setUserState( $var_name, $var_value ) {


    659. 

  659. 		if (is_array( $this->_userstate )) {


    660. 

  660. 			$this->_userstate[$var_name] = $var_value;


    661. 

  661. 		}


    662. 

  662. 	}


    663. 

  663. 	/**


    664. 

  664. 	* Initialises the user session


    665. 

  665. 	*


    666. 

  666. 	* Old sessions are flushed based on the configuration value for the cookie


    667. 

  667. 	* lifetime. If an existing session, then the last access time is updated.


    668. 

  668. 	* If a new session, a session id is generated and a record is created in


    669. 

  669. 	* the jos_sessions table.


    670. 

  670. 	*/


    671. 

  671. 	function initSession() {


    672. 

  672. 		// initailize session variables


    673. 

  673. 		$session 	=& $this->_session;


    674. 

  674. 		$session 	= new mosSession( $this->_db );


    675. 

  675. 


    676. 

  676. 		// purge expired sessions


    677. 

  677. 		$session->purge('core');


    678. 

  678. 


    679. 

  679. 		// Session Cookie `name`


    680. 

  680. 		$sessionCookieName 	= mosMainFrame::sessionCookieName();


    681. 

  681. 		// Get Session Cookie `value`


    682. 

  682. 		$sessioncookie 		= strval( mosGetParam( $_COOKIE, $sessionCookieName, null ) );


    683. 

  683. 


    684. 

  684. 		// Session ID / `value`


    685. 

  685. 		$sessionValueCheck 	= mosMainFrame::sessionCookieValue( $sessioncookie );


    686. 

  686. 


    687. 

  687. 		// Check if existing session exists in db corresponding to Session cookie `value`


    688. 

  688. 		// extra check added in 1.0.8 to test sessioncookie value is of correct length


    689. 

  689. 		if ( $sessioncookie && strlen($sessioncookie) == 32 && $sessioncookie != '-' && $session->load($sessionValueCheck) ) {


    690. 

  690. 			// update time in session table


    691. 

  691. 			$session->time = time();


    692. 

  692. 			$session->update();


    693. 

  693. 		} else {


    694. 

  694. 			// Remember Me Cookie `name`


    695. 

  695. 			$remCookieName = mosMainFrame::remCookieName_User();


    696. 

  696. 


    697. 

  697. 			// test if cookie found


    698. 

  698. 			$cookie_found = false;


    699. 

  699. 			if ( isset($_COOKIE[$sessionCookieName]) || isset($_COOKIE[$remCookieName]) || isset($_POST['force_session']) ) {


    700. 

  700. 				$cookie_found = true;


    701. 

  701. 			}


    702. 

  702. 


    703. 

  703. 			/* Hack for integration with JACLPlus Component */


    704. 

  704. 			if(class_exists('JACLPlus')) $session->jaclplus	= JACLPlus::DefaultAL();


    705. 

  705. 			/* End of hack for JACLPlus Component */


    706. 

  706. 			// check if neither remembermecookie or sessioncookie found


    707. 

  707. 			if (!$cookie_found) {


    708. 

  708. 				// create sessioncookie and set it to a test value set to expire on session end


    709. 

  709. 				setcookie( $sessionCookieName, '-', false, '/' );


    710. 

  710. 			} else {


    711. 

  711. 			// otherwise, sessioncookie was found, but set to test val or the session expired, prepare for session registration and register the session


    712. 

  712. 				$url = strval( mosGetParam( $_SERVER, 'REQUEST_URI', null ) );


    713. 

  713. 				// stop sessions being created for requests to syndicated feeds


    714. 

  714. 				if ( strpos( $url, 'option=com_rss' ) === false && strpos( $url, 'feed=' ) === false ) {


    715. 

  715. 					$session->guest 	= 1;


    716. 

  716. 					$session->username 	= '';


    717. 

  717. 					$session->time 		= time();


    718. 

  718. 					$session->gid 		= 0;


    719. 

  719. 					// Generate Session Cookie `value`


    720. 

  720. 					$session->generateId();


    721. 

  721. 


    722. 

  722. 					if (!$session->insert()) {


    723. 

  723. 						die( $session->getError() );


    724. 

  724. 					}


    725. 

  725. 


    726. 

  726. 					// create Session Tracking Cookie set to expire on session end


    727. 

  727. 					setcookie( $sessionCookieName, $session->getCookie(), false, '/' );


    728. 

  728. 				}


    729. 

  729. 			}


    730. 

  730. 


    731. 

  731. 			// Cookie used by Remember me functionality


    732. 

  732. 			$remCookieValue	= strval( mosGetParam( $_COOKIE, $remCookieName, null ) );


    733. 

  733. 


    734. 

  734. 			// test if cookie is correct length


    735. 

  735. 			if ( strlen($remCookieValue) > 64 ) {


    736. 

  736. 				// Separate Values from Remember Me Cookie


    737. 

  737. 				$remUser	= substr( $remCookieValue, 0, 32 );


    738. 

  738. 				$remPass	= substr( $remCookieValue, 32, 32 );


    739. 

  739. 				$remID		= intval( substr( $remCookieValue, 64  ) );


    740. 

  740. 


    741. 

  741. 				// check if Remember me cookie exists. Login with usercookie info.


    742. 

  742. 				if ( strlen($remUser) == 32 && strlen($remPass) == 32 ) {


    743. 

  743. 					$this->login( $remUser, $remPass, 1, $remID );


    744. 

  744. 				}


    745. 

  745. 			}


    746. 

  746. 		}


    747. 

  747. 	}


    748. 

  748. 


    749. 

  749. 	/*


    750. 

  750. 	* Function used to conduct admin session duties


    751. 

  751. 	* Added as of 1.0.8


    752. 

  752. 	* Deprecated 1.1


    753. 

  753. 	*/


    754. 

  754. 	function initSessionAdmin($option, $task) {


    755. 

  755. 		global $_VERSION, $mosConfig_admin_expired;


    756. 

  756. 


    757. 

  757. 		// logout check


    758. 

  758. 		if ($option == 'logout') {


    759. 

  759. 			require $GLOBALS['mosConfig_absolute_path'] .'/administrator/logout.php';


    760. 

  760. 			exit();


    761. 

  761. 		}


    762. 

  762. 


    763. 

  763. 		$site = $GLOBALS['mosConfig_live_site'];


    764. 

  764. 


    765. 

  765. 		// check if session name corresponds to correct format


    766. 

  766. 		if ( session_name() != md5( $site ) ) {


    767. 

  767. 			echo "<script>document.location.href='index.php'</script>\n";


    768. 

  768. 			exit();


    769. 

  769. 		}


    770. 

  770. 


    771. 

  771. 		// restore some session variables


    772. 

  772. 		$my 			= new mosUser( $this->_db );


    773. 

  773. 		$my->id 		= intval( mosGetParam( $_SESSION, 'session_user_id', '' ) );


    774. 

  774. 		$my->username 	= strval( mosGetParam( $_SESSION, 'session_username', '' ) );


    775. 

  775. 		$my->usertype 	= strval( mosGetParam( $_SESSION, 'session_usertype', '' ) );


    776. 

  776. 		$my->gid 		= intval( mosGetParam( $_SESSION, 'session_gid', '' ) );


    777. 

  777. 		$my->params		= mosGetParam( $_SESSION, 'session_user_params', '' );


    778. 

  778. 		/* Hack for integration with JACLPlus Component */


    779. 

  779. 		if(class_exists('JACLPlus')) $my->jaclplus	= mosGetParam( $_SESSION, 'session_jaclplus', '' );


    780. 

  780. 		/* End of hack for JACLPlus Component */


    781. 

  781. 


    782. 

  782. 		$session_id		= mosGetParam( $_SESSION, 'session_id', '' );


    783. 

  783. 		$logintime 		= mosGetParam( $_SESSION, 'session_logintime', '' );


    784. 

  784. 


    785. 

  785. 		if ($session_id != session_id()) {


    786. 

  786. 			// session id does not correspond to required session format


    787. 

  787. 			echo "<script>document.location.href='index.php?mosmsg=Invalid Session'</script>\n";


    788. 

  788. 			exit();


    789. 

  789. 		}


    790. 

  790. 


    791. 

  791. 		// check to see if session id corresponds with correct format


    792. 

  792. 		if ($session_id == md5( $my->id . $my->username . $my->usertype . $logintime )) {


    793. 

  793. 			// if task action is to `save` or `apply` complete action before doing session checks.


    794. 

  794. 			if ($task != 'save' && $task != 'apply') {


    795. 

  795. 				// test for session_life_admin


    796. 

  796. 				if ( @$GLOBALS['mosConfig_session_life_admin'] ) {


    797. 

  797. 					$session_life_admin = $GLOBALS['mosConfig_session_life_admin'];


    798. 

  798. 				} else {


    799. 

  799. 					$session_life_admin = 1800;


    800. 

  800. 				}


    801. 

  801. 


    802. 

  802. 				// purge expired admin sessions only


    803. 

  803. 				$past = time() - $session_life_admin;


    804. 

  804. 				$query = "DELETE FROM #__session"


    805. 

  805. 				. "\n WHERE time < '" . (int) $past . "'"


    806. 

  806. 				. "\n AND guest = 1"


    807. 

  807. 				//. "\n AND gid = 0"


    808. 

  808. 				. "\n AND userid <> 0"


    809. 

  809. 				;


    810. 

  810. 				$this->_db->setQuery( $query );


    811. 

  811. 				$this->_db->query();


    812. 

  812. 


    813. 

  813. 				$current_time	= time();


    814. 

  814. 


    815. 

  815. 				// update session timestamp


    816. 

  816. 				$query = "UPDATE #__session"


    817. 

  817. 				. "\n SET time = " . $this->_db->Quote( $current_time )


    818. 

  818. 				. "\n WHERE session_id = " . $this->_db->Quote( $session_id )


    819. 

  819. 				;


    820. 

  820. 				$this->_db->setQuery( $query );


    821. 

  821. 				$this->_db->query();


    822. 

  822. 


    823. 

  823. 				// set garbage cleaning timeout


    824. 

  824. 				$this->setSessionGarbageClean();


    825. 

  825. 


    826. 

  826. 				// check against db record of session


    827. 

  827. 				$query = "SELECT COUNT( session_id )"


    828. 

  828. 				. "\n FROM #__session"


    829. 

  829. 				. "\n WHERE session_id = " . $this->_db->Quote( $session_id )


    830. 

  830. 				. "\n AND username = ". $this->_db->Quote( $my->username )


    831. 

  831. 				. "\n AND userid = ". intval( $my->id )


    832. 

  832. 				;


    833. 

  833. 				$this->_db->setQuery( $query );


    834. 

  834. 				$count = $this->_db->loadResult();


    835. 

  835. 


    836. 

  836. 				// if no entry in session table that corresponds boot from admin area


    837. 

  837. 				if ( $count == 0 ) {


    838. 

  838. 					$link 	= NULL;


    839. 

  839. 


    840. 

  840. 					if ($_SERVER['QUERY_STRING']) {


    841. 

  841. 						$link = 'index2.php?'. $_SERVER['QUERY_STRING'];


    842. 

  842. 					}


    843. 

  843. 


    844. 

  844. 					// check if site designated as a production site


    845. 

  845. 					// for a demo site disallow expired page functionality


    846. 

  846. 					// link must also be a Joomla link to stop malicious redirection


    847. 

  847. 					if ( $link && strpos( $link, 'index2.php?option=com_' ) === 0 && $_VERSION->SITE == 1 && @$mosConfig_admin_expired === '1' ) {


    848. 

  848. 						$now 	= time();


    849. 

  849. 


    850. 

  850. 						$file 	= $this->getPath( 'com_xml', 'com_users' );


    851. 

  851. 						$params =& new mosParameters( $my->params, $file, 'component' );


    852. 

  852. 


    853. 

  853. 						// return to expired page functionality


    854. 

  854. 						$params->set( 'expired', 		$link );


    855. 

  855. 						$params->set( 'expired_time', 	$now );


    856. 

  856. 


    857. 

  857. 						// param handling


    858. 

  858. 						if (is_array( $params->toArray() )) {


    859. 

  859. 							$txt = array();


    860. 

  860. 							foreach ( $params->toArray() as $k=>$v) {


    861. 

  861. 								$txt[] = "$k=$v";


    862. 

  862. 							}


    863. 

  863. 							$saveparams = implode( "\n", $txt );


    864. 

  864. 						}


    865. 

  865. 


    866. 

  866. 						// save expired page info to user data


    867. 

  867. 						$query = "UPDATE #__users"


    868. 

  868. 						. "\n SET params = ". $this->_db->Quote( $saveparams )


    869. 

  869. 						. "\n WHERE id = " . (int) $my->id


    870. 

  870. 						. "\n AND username = ". $this->_db->Quote( $my->username )


    871. 

  871. 						. "\n AND usertype = ". $this->_db->Quote( $my->usertype )


    872. 

  872. 						;


    873. 

  873. 						$this->_db->setQuery( $query );


    874. 

  874. 						$this->_db->query();


    875. 

  875. 					}


    876. 

  876. 


    877. 

  877. 					echo "<script>document.location.href='index.php?mosmsg=Admin Session Expired'</script>\n";


    878. 

  878. 					exit();


    879. 

  879. 				} else {


    880. 

  880. 					// load variables into session, used to help secure /popups/ functionality


    881. 

  881. 					$_SESSION['option'] = $option;


    882. 

  882. 					$_SESSION['task'] 	= $task;


    883. 

  883. 				}


    884. 

  884. 			}


    885. 

  885. 		} else if ($session_id == '') {


    886. 

  886. 			// no session_id as user has not attempted to login, or session.auto_start is switched on


    887. 

  887. 			if (ini_get( 'session.auto_start' ) || !ini_get( 'session.use_cookies' )) {


    888. 

  888. 				echo "<script>document.location.href='index.php?mosmsg=You need to login. If PHP\'s session.auto_start setting is on or session.use_cookies setting is off, you may need to correct this before you will be able to login.'</script>\n";


    889. 

  889. 			} else {


    890. 

  890. 				echo "<script>document.location.href='index.php?mosmsg=You need to login'</script>\n";


    891. 

  891. 			}


    892. 

  892. 			exit();


    893. 

  893. 		} else {


    894. 

  894. 			// session id does not correspond to required session format


    895. 

  895. 			echo "<script>document.location.href='index.php?mosmsg=Invalid Session'</script>\n";


    896. 

  896. 			exit();


    897. 

  897. 		}


    898. 

  898. 


    899. 

  899. 		/* Hack for integration with JACLPlus Component */


    900. 

  900. 		if(class_exists('JACLPlus')) JACLPlus::AccessChecking($my, 'backend');


    901. 

  901. 		/* End of hack for JACLPlus Component */


    902. 

  902. 		return $my;


    903. 

  903. 	}


    904. 

  904. 


    905. 

  905. 	/*


    906. 

  906. 	* Function used to set Session Garbage Cleaning


    907. 

  907. 	* garbage cleaning set at configured session time + 600 seconds


    908. 

  908. 	* Added as of 1.0.8


    909. 

  909. 	* Deprecated 1.1


    910. 

  910. 	*/


    911. 

  911. 	function setSessionGarbageClean() {


    912. 

  912. 		/** ensure that funciton is only called once */


    913. 

  913. 		if (!defined( '_JOS_GARBAGECLEAN' )) {


    914. 

  914. 			define( '_JOS_GARBAGECLEAN', 1 );


    915. 

  915. 


    916. 

  916. 			$garbage_timeout = $this->getCfg('session_life_admin') + 600;


    917. 

  917. 			@ini_set('session.gc_maxlifetime', $garbage_timeout);


    918. 

  918. 		}


    919. 

  919. 	}


    920. 

  920. 


    921. 

  921. 	/*


    922. 

  922. 	* Static Function used to generate the Session Cookie Name


    923. 

  923. 	* Added as of 1.0.8


    924. 

  924. 	* Deprecated 1.1


    925. 

  925. 	*/


    926. 

  926. 	function sessionCookieName() {


    927. 

  927. 		global $mainframe, $mosConfig_live_site;


    928. 

  928. 


    929. 

  929. 		if( substr( $mosConfig_live_site, 0, 7 ) == 'http://' ) {


    930. 

  930. 			$hash = md5( 'site' . substr( $mosConfig_live_site, 7 ) );


    931. 

  931. 		} elseif( substr( $mosConfig_live_site, 0, 8 ) == 'https://' ) {


    932. 

  932. 			$hash = md5( 'site' . substr( $mosConfig_live_site, 8 ) );


    933. 

  933. 		} else {


    934. 

  934. 			$hash = md5( 'site' . $mainframe->getCfg( 'live_site' ) );


    935. 

  935. 		}


    936. 

  936. 


    937. 

  937. 		return $hash;


    938. 

  938. 	}


    939. 

  939. 


    940. 

  940. 	/*


    941. 

  941. 	* Static Function used to generate the Session Cookie Value


    942. 

  942. 	* Added as of 1.0.8


    943. 

  943. 	* Deprecated 1.1


    944. 

  944. 	*/


    945. 

  945. 	function sessionCookieValue( $id=null ) {


    946. 

  946. 		global $mainframe;


    947. 

  947. 


    948. 

  948. 		$type 		= $mainframe->getCfg( 'session_type' );


    949. 

  949. 


    950. 

  950. 		$browser 	= @$_SERVER['HTTP_USER_AGENT'];


    951. 

  951. 


    952. 

  952. 		switch ($type) {


    953. 

  953. 			case 2:


    954. 

  954. 			// 1.0.0 to 1.0.7 Compatibility


    955. 

  955. 			// lowest level security


    956. 

  956. 				$value 			= md5( $id . $_SERVER['REMOTE_ADDR'] );


    957. 

  957. 				break;


    958. 

  958. 


    959. 

  959. 			case 1:


    960. 

  960. 			// slightly reduced security - 3rd level IP authentication for those behind IP Proxy


    961. 

  961. 				$remote_addr 	= explode('.',$_SERVER['REMOTE_ADDR']);


    962. 

  962. 				$ip				= $remote_addr[0] .'.'. $remote_addr[1] .'.'. $remote_addr[2];


    963. 

  963. 				$value 			= mosHash( $id . $ip . $browser );


    964. 

  964. 				break;


    965. 

  965. 


    966. 

  966. 			default:


    967. 

  967. 			// Highest security level - new default for 1.0.8 and beyond


    968. 

  968. 				$ip				= $_SERVER['REMOTE_ADDR'];


    969. 

  969. 				$value 			= mosHash( $id . $ip . $browser );


    970. 

  970. 				break;


    971. 

  971. 		}


    972. 

  972. 


    973. 

  973. 		return $value;


    974. 

  974. 	}


    975. 

  975. 


    976. 

  976. 	/*


    977. 

  977. 	* Static Function used to generate the Rememeber Me Cookie Name for Username information


    978. 

  978. 	* Added as of 1.0.8


    979. 

  979. 	* Depreciated 1.1


    980. 

  980. 	*/


    981. 

  981. 	function remCookieName_User() {


    982. 

  982. 		$value = mosHash( 'remembermecookieusername'. mosMainFrame::sessionCookieName() );


    983. 

  983. 


    984. 

  984. 		return $value;


    985. 

  985. 	}


    986. 

  986. 


    987. 

  987. 	/*


    988. 

  988. 	* Static Function used to generate the Rememeber Me Cookie Name for Password information


    989. 

  989. 	* Added as of 1.0.8


    990. 

  990. 	* Depreciated 1.1


    991. 

  991. 	*/


    992. 

  992. 	function remCookieName_Pass() {


    993. 

  993. 		$value = mosHash( 'remembermecookiepassword'. mosMainFrame::sessionCookieName() );


    994. 

  994. 


    995. 

  995. 		return $value;


    996. 

  996. 	}


    997. 

  997. 


    998. 

  998. 	/*


    999. 

  999. 	* Static Function used to generate the Remember Me Cookie Value for Username information


    1000. 

  1000. 	* Added as of 1.0.8


    1001. 

  1001. 	* Depreciated 1.1


    1002. 

  1002. 	*/


    1003. 

  1003. 	function remCookieValue_User( $username ) {


    1004. 

  1004. 		$value = md5( $username . mosHash( @$_SERVER['HTTP_USER_AGENT'] ) );


    1005. 

  1005. 


    1006. 

  1006. 		return $value;


    1007. 

  1007. 	}


    1008. 

  1008. 


    1009. 

  1009. 	/*


    1010. 

  1010. 	* Static Function used to generate the Remember Me Cookie Value for Password information


    1011. 

  1011. 	* Added as of 1.0.8


    1012. 

  1012. 	* Depreciated 1.1


    1013. 

  1013. 	*/


    1014. 

  1014. 	function remCookieValue_Pass( $passwd ) {


    1015. 

  1015. 		$value 	= md5( $passwd . mosHash( @$_SERVER['HTTP_USER_AGENT'] ) );


    1016. 

  1016. 


    1017. 

  1017. 		return $value;


    1018. 

  1018. 	}


    1019. 

  1019. 


    1020. 

  1020. 	/**


    1021. 

  1021. 	* Login validation function


    1022. 

  1022. 	*


    1023. 

  1023. 	* Username and encoded password is compare to db entries in the jos_users


    1024. 

  1024. 	* table. A successful validation updates the current session record with


    1025. 

  1025. 	* the users details.


    1026. 

  1026. 	*/


    1027. 

  1027. 	function login( $username=null, $passwd=null, $remember=0, $userid=NULL ) {


    1028. 

  1028. 		global $acl, $_VERSION;


    1029. 

  1029. 


    1030. 

  1030. 		$bypost = 0;


    1031. 

  1031. 		$valid_remember = false;


    1032. 

  1032. 


    1033. 

  1033. 		// if no username and password passed from function, then function is being called from login module/component


    1034. 

  1034. 		if (!$username || !$passwd) {


    1035. 

  1035. 			$username 	= stripslashes( strval( mosGetParam( $_POST, 'username', '' ) ) );


    1036. 

  1036. 			$passwd 	= stripslashes( strval( mosGetParam( $_POST, 'passwd', '' ) ) );


    1037. 

  1037. 


    1038. 

  1038. 			$bypost 	= 1;


    1039. 

  1039. 


    1040. 

  1040. 			// extra check to ensure that Joomla! sessioncookie exists


    1041. 

  1041. 			if (!$this->_session->session_id) {


    1042. 

  1042. 				mosErrorAlert( _ALERT_ENABLED );


    1043. 

  1043. 				return;


    1044. 

  1044. 			}


    1045. 

  1045. 


    1046. 

  1046. 			josSpoofCheck(NULL,1);


    1047. 

  1047. 		}


    1048. 

  1048. 


    1049. 

  1049. 		$row = null;


    1050. 

  1050. 		if (!$username || !$passwd) {


    1051. 

  1051. 			mosErrorAlert( _LOGIN_INCOMPLETE );


    1052. 

  1052. 			exit();


    1053. 

  1053. 		} else {


    1054. 

  1054. 			if ( $remember && strlen($username) == 32 && $userid ) {


    1055. 

  1055. 			// query used for remember me cookie


    1056. 

  1056. 				$harden = mosHash( @$_SERVER['HTTP_USER_AGENT'] );


    1057. 

  1057. 


    1058. 

  1058. 				$query = "SELECT id, name, username, password, usertype, block, gid"


    1059. 

  1059. 				. "\n FROM #__users"


    1060. 

  1060. 				. "\n WHERE id = " . (int) $userid


    1061. 

  1061. 				;


    1062. 

  1062. 				$this->_db->setQuery( $query );


    1063. 

  1063. 				$this->_db->loadObject($user);


    1064. 

  1064. 


    1065. 

  1065. 				list($hash, $salt) = explode(':', $user->password);


    1066. 

  1066. 


    1067. 

  1067. 				$check_username = md5( $user->username . $harden );


    1068. 

  1068. 				$check_password = md5( $hash . $harden );


    1069. 

  1069. 


    1070. 

  1070. 				if ( $check_username == $username && $check_password == $passwd ) {


    1071. 

  1071. 					$row = $user;


    1072. 

  1072. 					$valid_remember = true;


    1073. 

  1073. 				}


    1074. 

  1074. 			} else {


    1075. 

  1075. 			// query used for login via login module


    1076. 

  1076. 				$query = "SELECT id, name, username, password, usertype, block, gid"


    1077. 

  1077. 				. "\n FROM #__users"


    1078. 

  1078. 				. "\n WHERE username = ". $this->_db->Quote( $username )


    1079. 

  1079. 				;


    1080. 

  1080. 


    1081. 

  1081. 				$this->_db->setQuery( $query );


    1082. 

  1082. 				$this->_db->loadObject( $row );


    1083. 

  1083. 			}


    1084. 

  1084. 


    1085. 

  1085. 			if (is_object($row)) {


    1086. 

  1086. 				// user blocked from login


    1087. 

  1087. 				if ($row->block == 1) {


    1088. 

  1088. 					mosErrorAlert(_LOGIN_BLOCKED);


    1089. 

  1089. 				}


    1090. 

  1090. 


    1091. 

  1091. 				if (!$valid_remember) {


    1092. 

  1092. 					// Conversion to new type


    1093. 

  1093. 					if ((strpos($row->password, ':') === false) && $row->password == md5($passwd)) {


    1094. 

  1094. 						// Old password hash storage but authentic ... lets convert it


    1095. 

  1095. 						$salt = mosMakePassword(16);


    1096. 

  1096. 						$crypt = md5($passwd.$salt);


    1097. 

  1097. 						$row->password = $crypt.':'.$salt;


    1098. 

  1098. 


    1099. 

  1099. 						// Now lets store it in the database


    1100. 

  1100. 						$query	= 'UPDATE #__users'


    1101. 

  1101. 								. ' SET password = '.$this->_db->Quote($row->password)


    1102. 

  1102. 								. ' WHERE id = '.(int)$row->id;


    1103. 

  1103. 						$this->_db->setQuery($query);


    1104. 

  1104. 						if (!$this->_db->query()) {


    1105. 

  1105. 							// This is an error but not sure what to do with it ... we'll still work for now


    1106. 

  1106. 						}


    1107. 

  1107. 					}


    1108. 

  1108. 


    1109. 

  1109. 					list($hash, $salt) = explode(':', $row->password);


    1110. 

  1110. 					$cryptpass = md5($passwd.$salt);


    1111. 

  1111. 					if ($hash != $cryptpass) {


    1112. 

  1112. 						if ( $bypost ) {


    1113. 

  1113. 							mosErrorAlert(_LOGIN_INCORRECT);


    1114. 

  1114. 						} else {


    1115. 

  1115. 							$this->logout();


    1116. 

  1116. 							mosRedirect('index.php');


    1117. 

  1117. 						}


    1118. 

  1118. 						exit();


    1119. 

  1119. 					}


    1120. 

  1120. 				}


    1121. 

  1121. 


    1122. 

  1122. 				/* Hack for integration with JACLPlus Component */


    1123. 

  1123. 				// fudge the group stuff


    1124. 

  1124. 				$grp = $acl->getAroGroup( $row->id );


    1125. 

  1125. 				$row->gid = $grp->group_id;


    1126. 

  1126. 				if(!class_exists('JACLPlus')) {


    1127. 

  1127. 				$row->gid = 1;


    1128. 

  1128. 				if ($acl->is_group_child_of( $grp->name, 'Registered', 'ARO' ) || $acl->is_group_child_of( $grp->name, 'Public Backend', 'ARO' )) {


    1129. 

  1129. 					// fudge Authors, Editors, Publishers and Super Administrators into the Special Group


    1130. 

  1130. 					$row->gid = 2;


    1131. 

  1131. 				}


    1132. 

  1132. 				}


    1133. 

  1133. 				$row->usertype = $grp->name;


    1134. 

  1134. 


    1135. 

  1135. 				// initialize session data


    1136. 

  1136. 				$session 			=& $this->_session;


    1137. 

  1137. 				$session->guest 	= 0;


    1138. 

  1138. 				$session->username 	= $row->username;


    1139. 

  1139. 				$session->userid 	= intval( $row->id );


    1140. 

  1140. 				$session->usertype 	= $row->usertype;


    1141. 

  1141. 				$session->gid 		= intval( $row->gid );


    1142. 

  1142. 				if(class_exists('JACLPlus')) $session->jaclplus		= $grp->jaclplus;


    1143. 

  1143. 				/* End of hack for JACLPlus Component */


    1144. 

  1144. 


    1145. 

  1145. 				$session->update();


    1146. 

  1146. 


    1147. 

  1147. 				// check to see if site is a production site


    1148. 

  1148. 				// allows multiple logins with same user for a demo site


    1149. 

  1149. 				if ( $_VERSION->SITE ) {


    1150. 

  1150. 					// delete any old front sessions to stop duplicate sessions


    1151. 

  1151. 					$query = "DELETE FROM #__session"


    1152. 

  1152. 					. "\n WHERE session_id != ". $this->_db->Quote( $session->session_id )


    1153. 

  1153. 					. "\n AND username = ". $this->_db->Quote( $row->username )


    1154. 

  1154. 					. "\n AND userid = " . (int) $row->id


    1155. 

  1155. 					. "\n AND gid = " . (int) $row->gid


    1156. 

  1156. 					. "\n AND guest = 0"


    1157. 

  1157. 					;


    1158. 

  1158. 					$this->_db->setQuery( $query );


    1159. 

  1159. 					$this->_db->query();


    1160. 

  1160. 				}


    1161. 

  1161. 


    1162. 

  1162. 				// update user visit data


    1163. 

  1163. 				$currentDate = date("Y-m-d\TH:i:s");


    1164. 

  1164. 


    1165. 

  1165. 				$query = "UPDATE #__users"


    1166. 

  1166. 				. "\n SET lastvisitDate = ". $this->_db->Quote( $currentDate )


    1167. 

  1167. 				. "\n WHERE id = " . (int) $session->userid


    1168. 

  1168. 				;


    1169. 

  1169. 				$this->_db->setQuery($query);


    1170. 

  1170. 				if (!$this->_db->query()) {


    1171. 

  1171. 					die($this->_db->stderr(true));


    1172. 

  1172. 				}


    1173. 

  1173. 


    1174. 

  1174. 				// set remember me cookie if selected


    1175. 

  1175. 				$remember = strval( mosGetParam( $_POST, 'remember', '' ) );


    1176. 

  1176. 				if ( $remember == 'yes' ) {


    1177. 

  1177. 					// cookie lifetime of 365 days


    1178. 

  1178. 					$lifetime 		= time() + 365*24*60*60;


    1179. 

  1179. 					$remCookieName 	= mosMainFrame::remCookieName_User();


    1180. 

  1180. 					$remCookieValue = mosMainFrame::remCookieValue_User( $row->username ) . mosMainFrame::remCookieValue_Pass( $hash ) . $row->id;


    1181. 

  1181. 					setcookie( $remCookieName, $remCookieValue, $lifetime, '/' );


    1182. 

  1182. 				}


    1183. 

  1183. 				mosCache::cleanCache();


    1184. 

  1184. 			} else {


    1185. 

  1185. 				if ( $bypost ) {


    1186. 

  1186. 					mosErrorAlert(_LOGIN_INCORRECT);


    1187. 

  1187. 				} else {


    1188. 

  1188. 					$this->logout();


    1189. 

  1189. 					mosRedirect('index.php');


    1190. 

  1190. 				}


    1191. 

  1191. 				exit();


    1192. 

  1192. 			}


    1193. 

  1193. 		}


    1194. 

  1194. 	}


    1195. 

  1195. 


    1196. 

  1196. 	/**


    1197. 

  1197. 	* User logout


    1198. 

  1198. 	*


    1199. 

  1199. 	* Reverts the current session record back to 'anonymous' parameters


    1200. 

  1200. 	*/


    1201. 

  1201. 	function logout() {


    1202. 

  1202. 		mosCache::cleanCache();


    1203. 

  1203. 


    1204. 

  1204. 		$session 			=& $this->_session;


    1205. 

  1205. 		$session->guest 	= 1;


    1206. 

  1206. 		$session->username 	= '';


    1207. 

  1207. 		$session->userid 	= 0;//$session->userid 	= '';


    1208. 

  1208. 		$session->usertype 	= '';


    1209. 

  1209. 		$session->gid 		= 0;


    1210. 

  1210. 		/* Hack for integration with JACLPlus Component */


    1211. 

  1211. 		if(class_exists('JACLPlus')) $session->jaclplus	= JACLPlus::DefaultAL();


    1212. 

  1212. 		/* End of hack for JACLPlus Component */


    1213. 

  1213. 


    1214. 

  1214. 		$session->update();


    1215. 

  1215. 


    1216. 

  1216. 		// kill remember me cookie


    1217. 

  1217. 		$lifetime 		= time() - 86400;


    1218. 

  1218. 		$remCookieName 	= mosMainFrame::remCookieName_User();


    1219. 

  1219. 		setcookie( $remCookieName, ' ', $lifetime, '/' );


    1220. 

  1220. 


    1221. 

  1221. 		@session_destroy();


    1222. 

  1222. 	}


    1223. 

  1223. 


    1224. 

  1224. 	/**


    1225. 

  1225. 	* @return mosUser A user object with the information from the current session


    1226. 

  1226. 	*/


    1227. 

  1227. 	function getUser() {


    1228. 

  1228. 		global $database;


    1229. 

  1229. 


    1230. 

  1230. 		$user = new mosUser( $this->_db );


    1231. 

  1231. 


    1232. 

  1232. 		$user->id 			= intval( $this->_session->userid );


    1233. 

  1233. 		$user->username 	= $this->_session->username;


    1234. 

  1234. 		$user->usertype 	= $this->_session->usertype;


    1235. 

  1235. 		$user->gid 			= intval( $this->_session->gid );


    1236. 

  1236. 		/* Hack for integration with JACLPlus Component */


    1237. 

  1237. 		if(class_exists('JACLPlus')) {


    1238. 

  1238. 			$jaclplus = explode( ',', $this->_session->jaclplus );


    1239. 

  1239. 			mosArrayToInts( $jaclplus );


    1240. 

  1240. 			$user->jaclplus		= implode( ',', $jaclplus );


    1241. 

  1241. 		}


    1242. 

  1242. 		/* End of hack for JACLPlus Component */


    1243. 

  1243. 


    1244. 

  1244. 		if ($user->id) {


    1245. 

  1245. 			$query = "SELECT id, name, email, block, sendEmail, registerDate, lastvisitDate, activation, params"


    1246. 

  1246. 			. "\n FROM #__users"


    1247. 

  1247. 			. "\n WHERE id = " . (int) $user->id


    1248. 

  1248. 			;


    1249. 

  1249. 			$database->setQuery( $query );


    1250. 

  1250. 			$database->loadObject( $my );


    1251. 

  1251. 


    1252. 

  1252. 			$user->params 			= $my->params;


    1253. 

  1253. 			$user->name				= $my->name;


    1254. 

  1254. 			$user->email			= $my->email;


    1255. 

  1255. 			$user->block			= $my->block;


    1256. 

  1256. 			$user->sendEmail		= $my->sendEmail;


    1257. 

  1257. 			$user->registerDate		= $my->registerDate;


    1258. 

  1258. 			$user->lastvisitDate	= $my->lastvisitDate;


    1259. 

  1259. 			$user->activation		= $my->activation;


    1260. 

  1260. 		}


    1261. 

  1261. 


    1262. 

  1262. 		/* Hack for integration with JACLPlus Component */


    1263. 

  1263. 		if(class_exists('JACLPlus')) JACLPlus::AccessChecking($user, 'frontend');


    1264. 

  1264. 		/* End of hack for JACLPlus Component */


    1265. 

  1265. 		return $user;


    1266. 

  1266. 	}


    1267. 

  1267. 	/**


    1268. 

  1268. 	 * @param string The name of the variable (from configuration.php)


    1269. 

  1269. 	 * @return mixed The value of the configuration variable or null if not found


    1270. 

  1270. 	 */


    1271. 

  1271. 	function getCfg( $varname ) {


    1272. 

  1272. 		$varname = 'mosConfig_' . $varname;


    1273. 

  1273. 		if (isset( $GLOBALS[$varname] )) {


    1274. 

  1274. 			return $GLOBALS[$varname];


    1275. 

  1275. 		} else {


    1276. 

  1276. 			return null;


    1277. 

  1277. 		}


    1278. 

  1278. 	}


    1279. 

  1279. 


    1280. 

  1280. 	function _setTemplate( $isAdmin=false ) {


    1281. 

  1281. 		global $Itemid;


    1282. 

  1282. 		$mosConfig_absolute_path = $this->getCfg( 'absolute_path' );


    1283. 

  1283. 


    1284. 

  1284. 		if ($isAdmin) {


    1285. 

  1285. 			$query = "SELECT template"


    1286. 

  1286. 			. "\n FROM #__templates_menu"


    1287. 

  1287. 			. "\n WHERE client_id = 1"


    1288. 

  1288. 			. "\n AND menuid = 0"


    1289. 

  1289. 			;


    1290. 

  1290. 			$this->_db->setQuery( $query );


    1291. 

  1291. 			$cur_template = $this->_db->loadResult();


    1292. 

  1292. 			$path = "$mosConfig_absolute_path/administrator/templates/$cur_template/index.php";


    1293. 

  1293. 			if (!file_exists( $path )) {


    1294. 

  1294. 				$cur_template = 'joomla_admin';


    1295. 

  1295. 			}


    1296. 

  1296. 		} else {


    1297. 

  1297. 			$assigned = ( !empty( $Itemid ) ? " OR menuid = " . (int) $Itemid : '' );


    1298. 

  1298. 


    1299. 

  1299. 			$query = "SELECT template"


    1300. 

  1300. 			. "\n FROM #__templates_menu"


    1301. 

  1301. 			. "\n WHERE client_id = 0"


    1302. 

  1302. 			. "\n AND ( menuid = 0 $assigned )"


    1303. 

  1303. 			. "\n ORDER BY menuid DESC"


    1304. 

  1304. 			;


    1305. 

  1305. 			$this->_db->setQuery( $query, 0, 1 );


    1306. 

  1306. 			$cur_template = $this->_db->loadResult();


    1307. 

  1307. 


    1308. 

  1308. 			// TemplateChooser Start


    1309. 

  1309. 			$jos_user_template 		= strval( mosGetParam( $_COOKIE, 'jos_user_template', '' ) );


    1310. 

  1310. 			$jos_change_template 	= strval( mosGetParam( $_REQUEST, 'jos_change_template', $jos_user_template ) );


    1311. 

  1311. 			if ($jos_change_template) {


    1312. 

  1312. 				// clean template name


    1313. 

  1313. 				$jos_change_template = preg_replace( '#\W#', '', $jos_change_template );


    1314. 

  1314. 				if ( strlen( $jos_change_template ) >= 40 ) {


    1315. 

  1315. 					$jos_change_template = substr($jos_change_template, 0 , 39);


    1316. 

  1316. 				}


    1317. 

  1317. 


    1318. 

  1318. 				// check that template exists in case it was deleted


    1319. 

  1319. 				if (file_exists( $mosConfig_absolute_path .'/templates/'. $jos_change_template .'/index.php' )) {


    1320. 

  1320. 					$lifetime 		= 60*10;


    1321. 

  1321. 					$cur_template 	= $jos_change_template;


    1322. 

  1322. 					setcookie( 'jos_user_template', "$jos_change_template", time()+$lifetime);


    1323. 

  1323. 				} else {


    1324. 

  1324. 					setcookie( 'jos_user_template', '', time()-3600 );


    1325. 

  1325. 				}


    1326. 

  1326. 			}


    1327. 

  1327. 			// TemplateChooser End


    1328. 

  1328. 		}


    1329. 

  1329. 


    1330. 

  1330. 		$this->_template = $cur_template;


    1331. 

  1331. 	}


    1332. 

  1332. 


    1333. 

  1333. 	function getTemplate() {


    1334. 

  1334. 		return $this->_template;


    1335. 

  1335. 	}


    1336. 

  1336. 


    1337. 

  1337. 	/**


    1338. 

  1338. 	* Determines the paths for including engine and menu files


    1339. 

  1339. 	* @param string The current option used in the url


    1340. 

  1340. 	* @param string The base path from which to load the configuration file


    1341. 

  1341. 	*/


    1342. 

  1342. 	function _setAdminPaths( $option, $basePath='.' ) {


    1343. 

  1343. 		$option 		= strtolower( $option );


    1344. 

  1344. 


    1345. 

  1345. 		$this->_path 	= new stdClass();


    1346. 

  1346. 


    1347. 

  1347. 		// security check to disable use of `/`, `\\` and `:` in $options variable


    1348. 

  1348. 		if (strpos($option, '/') !== false || strpos($option, '\\') !== false || strpos($option, ':') !== false) {


    1349. 

  1349. 			mosErrorAlert( 'Restricted access' );


    1350. 

  1350. 			return;


    1351. 

  1351. 		}


    1352. 

  1352. 


    1353. 

  1353. 		$prefix = substr( $option, 0, 4 );


    1354. 

  1354. 		if ($prefix != 'com_' && $prefix != 'mod_') {


    1355. 

  1355. 			// ensure backward compatibility with existing links


    1356. 

  1356. 			$name 	= $option;


    1357. 

  1357. 			$option = "com_$option";


    1358. 

  1358. 		} else {


    1359. 

  1359. 			$name 	= substr( $option, 4 );


    1360. 

  1360. 		}


    1361. 

  1361. 


    1362. 

  1362. 		// components


    1363. 

  1363. 		if (file_exists( "$basePath/templates/$this->_template/components/$name.html.php" )) {


    1364. 

  1364. 			$this->_path->front 		= "$basePath/components/$option/$name.php";


    1365. 

  1365. 			$this->_path->front_html 	= "$basePath/templates/$this->_template/components/$name.html.php";


    1366. 

  1366. 		} else if (file_exists( "$basePath/components/$option/$name.php" )) {


    1367. 

  1367. 			$this->_path->front 		= "$basePath/components/$option/$name.php";


    1368. 

  1368. 			$this->_path->front_html 	= "$basePath/components/$option/$name.html.php";


    1369. 

  1369. 		}


    1370. 

  1370. 


    1371. 

  1371. 		if (file_exists( "$basePath/administrator/components/$option/admin.$name.php" )) {


    1372. 

  1372. 			$this->_path->admin 		= "$basePath/administrator/components/$option/admin.$name.php";


    1373. 

  1373. 			$this->_path->admin_html 	= "$basePath/administrator/components/$option/admin.$name.html.php";


    1374. 

  1374. 		}


    1375. 

  1375. 


    1376. 

  1376. 		if (file_exists( "$basePath/administrator/components/$option/toolbar.$name.php" )) {


    1377. 

  1377. 			$this->_path->toolbar 			= "$basePath/administrator/components/$option/toolbar.$name.php";


    1378. 

  1378. 			$this->_path->toolbar_html 		= "$basePath/administrator/components/$option/toolbar.$name.html.php";


    1379. 

  1379. 			$this->_path->toolbar_default 	= "$basePath/administrator/includes/toolbar.html.php";


    1380. 

  1380. 		}


    1381. 

  1381. 


    1382. 

  1382. 		if (file_exists( "$basePath/components/$option/$name.class.php" )) {


    1383. 

  1383. 			$this->_path->class = "$basePath/components/$option/$name.class.php";


    1384. 

  1384. 		} else if (file_exists( "$basePath/administrator/components/$option/$name.class.php" )) {


    1385. 

  1385. 			$this->_path->class = "$basePath/administrator/components/$option/$name.class.php";


    1386. 

  1386. 		} else if (file_exists( "$basePath/includes/$name.php" )) {


    1387. 

  1387. 			$this->_path->class = "$basePath/includes/$name.php";


    1388. 

  1388. 		}


    1389. 

  1389. 


    1390. 

  1390. 		if ($prefix == 'mod_' && file_exists("$basePath/administrator/modules/$option.php")) {


    1391. 

  1391. 			$this->_path->admin 		= "$basePath/administrator/modules/$option.php";


    1392. 

  1392. 			$this->_path->admin_html 	= "$basePath/administrator/modules/mod_$name.html.php";


    1393. 

  1393. 		} else if (file_exists("$basePath/administrator/components/$option/admin.$name.php" )) {


    1394. 

  1394. 			$this->_path->admin 		= "$basePath/administrator/components/$option/admin.$name.php";


    1395. 

  1395. 			$this->_path->admin_html 	= "$basePath/administrator/components/$option/admin.$name.html.php";


    1396. 

  1396. 		} else {


    1397. 

  1397. 			$this->_path->admin 		= "$basePath/administrator/components/com_admin/admin.admin.php";


    1398. 

  1398. 			$this->_path->admin_html 	= "$basePath/administrator/components/com_admin/admin.admin.html.php";


    1399. 

  1399. 		}


    1400. 

  1400. 	}


    1401. 

  1401. 	/**


    1402. 

  1402. 	* Returns a stored path variable


    1403. 

  1403. 	*


    1404. 

  1404. 	*/


    1405. 

  1405. 	function getPath( $varname, $option='' ) {


    1406. 

  1406. 		global $mosConfig_absolute_path;


    1407. 

  1407. 		if ($option) {


    1408. 

  1408. 			$temp = $this->_path;


    1409. 

  1409. 			$this->_setAdminPaths( $option, $this->getCfg( 'absolute_path' ) );


    1410. 

  1410. 		}


    1411. 

  1411. 		$result = null;


    1412. 

  1412. 		if (isset( $this->_path->$varname )) {


    1413. 

  1413. 			$result = $this->_path->$varname;


    1414. 

  1414. 		} else {


    1415. 

  1415. 			switch ($varname) {


    1416. 

  1416. 				case 'com_xml':


    1417. 

  1417. 					$name = substr( $option, 4 );


    1418. 

  1418. 					$path = "$mosConfig_absolute_path/administrator/components/$option/$name.xml";


    1419. 

  1419. 					if (file_exists( $path )) {


    1420. 

  1420. 						$result = $path;


    1421. 

  1421. 					} else {


    1422. 

  1422. 						$path = "$mosConfig_absolute_path/components/$option/$name.xml";


    1423. 

  1423. 						if (file_exists( $path )) {


    1424. 

  1424. 							$result = $path;


    1425. 

  1425. 						}


    1426. 

  1426. 					}


    1427. 

  1427. 					break;


    1428. 

  1428. 


    1429. 

  1429. 				case 'mod0_xml':


    1430. 

  1430. 					// Site modules


    1431. 

  1431. 					if ($option == '') {


    1432. 

  1432. 						$path = $mosConfig_absolute_path . "/modules/custom.xml";


    1433. 

  1433. 					} else {


    1434. 

  1434. 						$path = $mosConfig_absolute_path . "/modules/$option.xml";


    1435. 

  1435. 					}


    1436. 

  1436. 					if (file_exists( $path )) {


    1437. 

  1437. 						$result = $path;


    1438. 

  1438. 					}


    1439. 

  1439. 					break;


    1440. 

  1440. 


    1441. 

  1441. 				case 'mod1_xml':


    1442. 

  1442. 					// admin modules


    1443. 

  1443. 					if ($option == '') {


    1444. 

  1444. 						$path = $mosConfig_absolute_path . '/administrator/modules/custom.xml';


    1445. 

  1445. 					} else {


    1446. 

  1446. 						$path = $mosConfig_absolute_path . "/administrator/modules/$option.xml";


    1447. 

  1447. 					}


    1448. 

  1448. 					if (file_exists( $path )) {


    1449. 

  1449. 						$result = $path;


    1450. 

  1450. 					}


    1451. 

  1451. 					break;


    1452. 

  1452. 


    1453. 

  1453. 				case 'bot_xml':


    1454. 

  1454. 					// Site mambots


    1455. 

  1455. 					$path = $mosConfig_absolute_path . "/mambots/$option.xml";


    1456. 

  1456. 					if (file_exists( $path )) {


    1457. 

  1457. 						$result = $path;


    1458. 

  1458. 					}


    1459. 

  1459. 					break;


    1460. 

  1460. 


    1461. 

  1461. 				case 'menu_xml':


    1462. 

  1462. 					$path = $mosConfig_absolute_path . "/administrator/components/com_menus/$option/$option.xml";


    1463. 

  1463. 					if (file_exists( $path )) {


    1464. 

  1464. 						$result = $path;


    1465. 

  1465. 					}


    1466. 

  1466. 					break;


    1467. 

  1467. 


    1468. 

  1468. 				case 'installer_html':


    1469. 

  1469. 					$path = $mosConfig_absolute_path . "/administrator/components/com_installer/$option/$option.html.php";


    1470. 

  1470. 					if (file_exists( $path )) {


    1471. 

  1471. 						$result = $path;


    1472. 

  1472. 					}


    1473. 

  1473. 					break;


    1474. 

  1474. 


    1475. 

  1475. 				case 'installer_class':


    1476. 

  1476. 					$path = $mosConfig_absolute_path . "/administrator/components/com_installer/$option/$option.class.php";


    1477. 

  1477. 					if (file_exists( $path )) {


    1478. 

  1478. 						$result = $path;


    1479. 

  1479. 					}


    1480. 

  1480. 					break;


    1481. 

  1481. 			}


    1482. 

  1482. 		}


    1483. 

  1483. 		if ($option) {


    1484. 

  1484. 			$this->_path = $temp;


    1485. 

  1485. 		}


    1486. 

  1486. 		return $result;


    1487. 

  1487. 	}


    1488. 

  1488. 	/**


    1489. 

  1489. 	* Detects a 'visit'


    1490. 

  1490. 	*


    1491. 

  1491. 	* This function updates the agent and domain table hits for a particular


    1492. 

  1492. 	* visitor.  The user agent is recorded/incremented if this is the first visit.


    1493. 

  1493. 	* A cookie is set to mark the first visit.


    1494. 

  1494. 	*/


    1495. 

  1495. 	function detect() {


    1496. 

  1496. 		global $mosConfig_enable_stats;


    1497. 

  1497. 		if ($mosConfig_enable_stats == 1) {


    1498. 

  1498. 			if (mosGetParam( $_COOKIE, 'mosvisitor', 0 )) {


    1499. 

  1499. 				return;


    1500. 

  1500. 			}


    1501. 

  1501. 			setcookie( 'mosvisitor', 1 );


    1502. 

  1502. 


    1503. 

  1503. 			if (phpversion() <= '4.2.1') {


    1504. 

  1504. 				$agent = getenv( 'HTTP_USER_AGENT' );


    1505. 

  1505. 				$domain = @gethostbyaddr( getenv( "REMOTE_ADDR" ) );


    1506. 

  1506. 			} else {


    1507. 

  1507. 				if ( isset($_SERVER['HTTP_USER_AGENT']) ) {


    1508. 

  1508. 					$agent = $_SERVER['HTTP_USER_AGENT'];


    1509. 

  1509. 				} else {


    1510. 

  1510. 					$agent = 'Unknown';


    1511. 

  1511. 				}


    1512. 

  1512. 


    1513. 

  1513. 				$domain = @gethostbyaddr( $_SERVER['REMOTE_ADDR'] );


    1514. 

  1514. 			}


    1515. 

  1515. 


    1516. 

  1516. 			$browser = mosGetBrowser( $agent );


    1517. 

  1517. 


    1518. 

  1518. 			$query = "SELECT COUNT(*)"


    1519. 

  1519. 			. "\n FROM #__stats_agents"


    1520. 

  1520. 			. "\n WHERE agent = " . $this->_db->Quote( $browser )


    1521. 

  1521. 			. "\n AND type = 0"


    1522. 

  1522. 			;


    1523. 

  1523. 			$this->_db->setQuery( $query );


    1524. 

  1524. 			if ($this->_db->loadResult()) {


    1525. 

  1525. 				$query = "UPDATE #__stats_agents"


    1526. 

  1526. 				. "\n SET hits = ( hits + 1 )"


    1527. 

  1527. 				. "\n WHERE agent = " . $this->_db->Quote( $browser )


    1528. 

  1528. 				. "\n AND type = 0"


    1529. 

  1529. 				;


    1530. 

  1530. 				$this->_db->setQuery( $query );


    1531. 

  1531. 			} else {


    1532. 

  1532. 				$query = "INSERT INTO #__stats_agents"


    1533. 

  1533. 				. "\n ( agent, type )"


    1534. 

  1534. 				. "\n VALUES ( " . $this->_db->Quote( $browser ) . ", 0 )"


    1535. 

  1535. 				;


    1536. 

  1536. 				$this->_db->setQuery( $query );


    1537. 

  1537. 			}


    1538. 

  1538. 			$this->_db->query();


    1539. 

  1539. 


    1540. 

  1540. 			$os = mosGetOS( $agent );


    1541. 

  1541. 


    1542. 

  1542. 			$query = "SELECT COUNT(*)"


    1543. 

  1543. 			. "\n FROM #__stats_agents"


    1544. 

  1544. 			. "\n WHERE agent = " . $this->_db->Quote( $os )


    1545. 

  1545. 			. "\n AND type = 1"


    1546. 

  1546. 			;


    1547. 

  1547. 			$this->_db->setQuery( $query );


    1548. 

  1548. 			if ($this->_db->loadResult()) {


    1549. 

  1549. 				$query = "UPDATE #__stats_agents"


    1550. 

  1550. 				. "\n SET hits = ( hits + 1 )"


    1551. 

  1551. 				. "\n WHERE agent = " . $this->_db->Quote( $os )


    1552. 

  1552. 				. "\n AND type = 1"


    1553. 

  1553. 				;


    1554. 

  1554. 				$this->_db->setQuery( $query );


    1555. 

  1555. 			} else {


    1556. 

  1556. 				$query = "INSERT INTO #__stats_agents"


    1557. 

  1557. 				. "\n ( agent, type )"


    1558. 

  1558. 				. "\n VALUES ( " . $this->_db->Quote( $os ) . ", 1 )"


    1559. 

  1559. 				;


    1560. 

  1560. 				$this->_db->setQuery( $query );


    1561. 

  1561. 			}


    1562. 

  1562. 			$this->_db->query();


    1563. 

  1563. 


    1564. 

  1564. 			// tease out the last element of the domain


    1565. 

  1565. 			$tldomain = split( "\.", $domain );


    1566. 

  1566. 			$tldomain = $tldomain[count( $tldomain )-1];


    1567. 

  1567. 


    1568. 

  1568. 			if (is_numeric( $tldomain )) {


    1569. 

  1569. 				$tldomain = "Unknown";


    1570. 

  1570. 			}


    1571. 

  1571. 


    1572. 

  1572. 			$query = "SELECT COUNT(*)"


    1573. 

  1573. 			. "\n FROM #__stats_agents"


    1574. 

  1574. 			. "\n WHERE agent = " . $this->_db->Quote( $tldomain )


    1575. 

  1575. 			. "\n AND type = 2"


    1576. 

  1576. 			;


    1577. 

  1577. 			$this->_db->setQuery( $query );


    1578. 

  1578. 			if ($this->_db->loadResult()) {


    1579. 

  1579. 				$query = "UPDATE #__stats_agents"


    1580. 

  1580. 				. "\n SET hits = ( hits + 1 )"


    1581. 

  1581. 				. "\n WHERE agent = " . $this->_db->Quote( $tldomain )


    1582. 

  1582. 				. "\n AND type = 2"


    1583. 

  1583. 				;


    1584. 

  1584. 				$this->_db->setQuery( $query );


    1585. 

  1585. 			} else {


    1586. 

  1586. 				$query = "INSERT INTO #__stats_agents"


    1587. 

  1587. 				. "\n ( agent, type )"


    1588. 

  1588. 				. "\n VALUES ( " . $this->_db->Quote( $tldomain ) . ", 2 )"


    1589. 

  1589. 				;


    1590. 

  1590. 				$this->_db->setQuery( $query );


    1591. 

  1591. 			}


    1592. 

  1592. 			$this->_db->query();


    1593. 

  1593. 		}


    1594. 

  1594. 	}


    1595. 

  1595. 


    1596. 

  1596. 	/**


    1597. 

  1597. 	* @return correct Itemid for Content Item


    1598. 

  1598. 	*/


    1599. 

  1599. 	function getItemid( $id, $typed=1, $link=1, $bs=1, $bc=1, $gbs=1 ) {


    1600. 

  1600. 		global $Itemid;


    1601. 

  1601. 


    1602. 

  1602. 		// getItemid compatibility mode, holds maintenance version number


    1603. 

  1603. 		$compat = (int) $this->getCfg('itemid_compat');


    1604. 

  1604. 		$compat = ($compat == 0)? 12 : $compat;


    1605. 

  1605. 


    1606. 

  1606. 		$_Itemid = '';


    1607. 

  1607. 


    1608. 

  1608. 		if ($_Itemid == '' && $typed && $this->getStaticContentCount()) {


    1609. 

  1609. 			$exists = 0;


    1610. 

  1610. 			foreach( $this->get( '_ContentTyped', array() ) as $key => $value ) {


    1611. 

  1611. 				// check if id has been tested before, if it is pull from class variable store


    1612. 

  1612. 				if ( $key == $id ) {


    1613. 

  1613. 					$_Itemid 	= $value;


    1614. 

  1614. 					$exists 	= 1;


    1615. 

  1615. 					break;


    1616. 

  1616. 				}


    1617. 

  1617. 			}


    1618. 

  1618. 			// if id hasnt been checked before initaite query


    1619. 

  1619. 			if ( !$exists ) {


    1620. 

  1620. 				// Search for typed link


    1621. 

  1621. 				$query = "SELECT id"


    1622. 

  1622. 				. "\n FROM #__menu"


    1623. 

  1623. 				. "\n WHERE type = 'content_typed'"


    1624. 

  1624. 				. "\n AND published = 1"


    1625. 

  1625. 				. "\n AND link = 'index.php?option=com_content&task=view&id=" . (int) $id . "'"


    1626. 

  1626. 				;


    1627. 

  1627. 				$this->_db->setQuery( $query );


    1628. 

  1628. 				// pull existing query storage into temp variable


    1629. 

  1629. 				$ContentTyped 		= $this->get( '_ContentTyped', array() );


    1630. 

  1630. 				// add query result to temp array storage


    1631. 

  1631. 				$ContentTyped[$id] 	= $this->_db->loadResult();


    1632. 

  1632. 				// save temp array to main array storage


    1633. 

  1633. 				$this->set( '_ContentTyped', $ContentTyped );


    1634. 

  1634. 


    1635. 

  1635. 				$_Itemid = $ContentTyped[$id];


    1636. 

  1636. 			}


    1637. 

  1637. 		}


    1638. 

  1638. 


    1639. 

  1639. 		if ($_Itemid == '' && $link && $this->getContentItemLinkCount()) {


    1640. 

  1640. 			$exists = 0;


    1641. 

  1641. 			foreach( $this->get( '_ContentItemLink', array() ) as $key => $value ) {


    1642. 

  1642. 			// check if id has been tested before, if it is pull from class variable store


    1643. 

  1643. 				if ( $key == $id ) {


    1644. 

  1644. 					$_Itemid 	= $value;


    1645. 

  1645. 					$exists 	= 1;


    1646. 

  1646. 					break;


    1647. 

  1647. 				}


    1648. 

  1648. 			}


    1649. 

  1649. 			// if id hasnt been checked before initaite query


    1650. 

  1650. 			if ( !$exists ) {


    1651. 

  1651. 				// Search for item link


    1652. 

  1652. 				$query = "SELECT id"


    1653. 

  1653. 				."\n FROM #__menu"


    1654. 

  1654. 				."\n WHERE type = 'content_item_link'"


    1655. 

  1655. 				. "\n AND published = 1"


    1656. 

  1656. 				. "\n AND link = 'index.php?option=com_content&task=view&id=" . (int) $id . "'"


    1657. 

  1657. 				;


    1658. 

  1658. 				$this->_db->setQuery( $query );


    1659. 

  1659. 				// pull existing query storage into temp variable


    1660. 

  1660. 				$ContentItemLink 		= $this->get( '_ContentItemLink', array() );


    1661. 

  1661. 				// add query result to temp array storage


    1662. 

  1662. 				$ContentItemLink[$id] 	= $this->_db->loadResult();


    1663. 

  1663. 				// save temp array to main array storage


    1664. 

  1664. 				$this->set( '_ContentItemLink', $ContentItemLink );


    1665. 

  1665. 


    1666. 

  1666. 				$_Itemid = $ContentItemLink[$id];


    1667. 

  1667. 			}


    1668. 

  1668. 		}


    1669. 

  1669. 


    1670. 

  1670. 		if ($_Itemid == '') {


    1671. 

  1671. 			$exists = 0;


    1672. 

  1672. 			foreach( $this->get( '_ContentSection', array() ) as $key => $value ) {


    1673. 

  1673. 			// check if id has been tested before, if it is pull from class variable store


    1674. 

  1674. 				if ( $key == $id ) {


    1675. 

  1675. 					$_Itemid 	= $value;


    1676. 

  1676. 					$exists 	= 1;


    1677. 

  1677. 					break;


    1678. 

  1678. 				}


    1679. 

  1679. 			}


    1680. 

  1680. 			// if id hasnt been checked before initaite query


    1681. 

  1681. 			if ( !$exists ) {


    1682. 

  1682. 				$query = "SELECT ms.id AS sid, ms.type AS stype, mc.id AS cid, mc.type AS ctype, i.id as sectionid, i.id As catid, ms.published AS spub, mc.published AS cpub"


    1683. 

  1683. 				. "\n FROM #__content AS i"


    1684. 

  1684. 				. "\n LEFT JOIN #__sections AS s ON i.sectionid = s.id"


    1685. 

  1685. 				. "\n LEFT JOIN #__menu AS ms ON ms.componentid = s.id "


    1686. 

  1686. 				. "\n LEFT JOIN #__categories AS c ON i.catid = c.id"


    1687. 

  1687. 				. "\n LEFT JOIN #__menu AS mc ON mc.componentid = c.id "


    1688. 

  1688. 				. "\n WHERE ( ms.type IN ( 'content_section', 'content_blog_section' ) OR mc.type IN ( 'content_blog_category', 'content_category' ) )"


    1689. 

  1689. 				. "\n AND i.id = " . (int) $id


    1690. 

  1690. 				. "\n ORDER BY ms.type DESC, mc.type DESC, ms.id, mc.id"


    1691. 

  1691. 				;


    1692. 

  1692. 				$this->_db->setQuery( $query );


    1693. 

  1693. 				$links = $this->_db->loadObjectList();


    1694. 

  1694. 


    1695. 

  1695. 				if (count($links)) {


    1696. 

  1696. 					foreach($links as $link) {


    1697. 

  1697. 						if ($link->stype == 'content_section' && $link->sectionid == $id && !isset($content_section) && $link->spub == 1) {


    1698. 

  1698. 							$content_section = $link->sid;


    1699. 

  1699. 						}


    1700. 

  1700. 


    1701. 

  1701. 						if ($link->stype == 'content_blog_section' && $link->sectionid == $id && !isset($content_blog_section) && $link->spub == 1) {


    1702. 

  1702. 							$content_blog_section = $link->sid;


    1703. 

  1703. 						}


    1704. 

  1704. 


    1705. 

  1705. 						if ($link->ctype == 'content_blog_category' && $link->catid == $id && !isset($content_blog_category) && $link->cpub == 1) {


    1706. 

  1706. 							$content_blog_category = $link->cid;


    1707. 

  1707. 						}


    1708. 

  1708. 


    1709. 

  1709. 						if ($link->ctype == 'content_category' && $link->catid == $id && !isset($content_category) && $link->cpub == 1) {


    1710. 

  1710. 							$content_category = $link->cid;


    1711. 

  1711. 						}


    1712. 

  1712. 					}


    1713. 

  1713. 				}


    1714. 

  1714. 


    1715. 

  1715. 				if (!isset($content_section)) {


    1716. 

  1716. 					$content_section = null;


    1717. 

  1717. 				}


    1718. 

  1718. 


    1719. 

  1719. 				// pull existing query storage into temp variable


    1720. 

  1720. 				$ContentSection 		= $this->get( '_ContentSection', array() );


    1721. 

  1721. 				// add query result to temp array storage


    1722. 

  1722. 				$ContentSection[$id] 	= $content_section;


    1723. 

  1723. 				// save temp array to main array storage


    1724. 

  1724. 				$this->set( '_ContentSection', $ContentSection );


    1725. 

  1725. 


    1726. 

  1726. 				$_Itemid = $ContentSection[$id];


    1727. 

  1727. 			}


    1728. 

  1728. 		}


    1729. 

  1729. 


    1730. 

  1730. 		if ( $compat <= 11 && $_Itemid == '') {


    1731. 

  1731. 			$exists = 0;


    1732. 

  1732. 			foreach( $this->get( '_ContentBlogSection', array() ) as $key => $value ) {


    1733. 

  1733. 				// check if id has been tested before, if it is pull from class variable store


    1734. 

  1734. 				if ( $key == $id ) {


    1735. 

  1735. 					$_Itemid 	= $value;


    1736. 

  1736. 					$exists 	= 1;


    1737. 

  1737. 					break;


    1738. 

  1738. 				}


    1739. 

  1739. 			}


    1740. 

  1740. 			// if id hasnt been checked before initaite query


    1741. 

  1741. 			if ( !$exists ) {


    1742. 

  1742. 				if (!isset($content_blog_section)) {


    1743. 

  1743. 					$content_blog_section = null;


    1744. 

  1744. 				}


    1745. 

  1745. 


    1746. 

  1746. 				// pull existing query storage into temp variable


    1747. 

  1747. 				$ContentBlogSection 		= $this->get( '_ContentBlogSection', array() );


    1748. 

  1748. 				// add query result to temp array storage


    1749. 

  1749. 				$ContentBlogSection[$id] 	= $content_blog_section;


    1750. 

  1750. 				// save temp array to main array storage


    1751. 

  1751. 				$this->set( '_ContentBlogSection', $ContentBlogSection );


    1752. 

  1752. 


    1753. 

  1753. 				$_Itemid = $ContentBlogSection[$id];


    1754. 

  1754. 			}


    1755. 

  1755. 		}


    1756. 

  1756. 


    1757. 

  1757. 		if ($_Itemid == '') {


    1758. 

  1758. 			$exists = 0;


    1759. 

  1759. 			foreach( $this->get( '_ContentBlogCategory', array() ) as $key => $value ) {


    1760. 

  1760. 				// check if id has been tested before, if it is pull from class variable store


    1761. 

  1761. 				if ( $key == $id ) {


    1762. 

  1762. 					$_Itemid 	= $value;


    1763. 

  1763. 					$exists 	= 1;


    1764. 

  1764. 					break;


    1765. 

  1765. 				}


    1766. 

  1766. 			}


    1767. 

  1767. 			// if id hasnt been checked before initaite query


    1768. 

  1768. 			if ( !$exists ) {


    1769. 

  1769. 				if (!isset($content_blog_category)) {


    1770. 

  1770. 					$content_blog_category = null;


    1771. 

  1771. 				}


    1772. 

  1772. 


    1773. 

  1773. 				// pull existing query storage into temp variable


    1774. 

  1774. 				$ContentBlogCategory 		= $this->get( '_ContentBlogCategory', array() );


    1775. 

  1775. 				// add query result to temp array storage


    1776. 

  1776. 				$ContentBlogCategory[$id] 	= $content_blog_category;


    1777. 

  1777. 				// save temp array to main array storage


    1778. 

  1778. 				$this->set( '_ContentBlogCategory', $ContentBlogCategory );


    1779. 

  1779. 


    1780. 

  1780. 				$_Itemid = $ContentBlogCategory[$id];


    1781. 

  1781. 			}


    1782. 

  1782. 		}


    1783. 

  1783. 


    1784. 

  1784. 		if ($_Itemid == '') {


    1785. 

  1785. 			// ensure that query is only called once


    1786. 

  1786. 			if ( !$this->get( '_GlobalBlogSection' ) && !defined( '_JOS_GBS' ) ) {


    1787. 

  1787. 				define( '_JOS_GBS', 1 );


    1788. 

  1788. 


    1789. 

  1789. 				// Search in global blog section


    1790. 

  1790. 				$query = "SELECT id "


    1791. 

  1791. 				. "\n FROM #__menu "


    1792. 

  1792. 				. "\n WHERE type = 'content_blog_section'"


    1793. 

  1793. 				. "\n AND published = 1"


    1794. 

  1794. 				. "\n AND componentid = 0"


    1795. 

  1795. 				;


    1796. 

  1796. 				$this->_db->setQuery( $query );


    1797. 

  1797. 				$this->set( '_GlobalBlogSection', $this->_db->loadResult() );


    1798. 

  1798. 			}


    1799. 

  1799. 


    1800. 

  1800. 			$_Itemid = $this->get( '_GlobalBlogSection' );


    1801. 

  1801. 		}


    1802. 

  1802. 


    1803. 

  1803. 		if ($compat >= 12 && $_Itemid == '') {


    1804. 

  1804. 			$exists = 0;


    1805. 

  1805. 			foreach( $this->get( '_ContentBlogSection', array() ) as $key => $value ) {


    1806. 

  1806. 				// check if id has been tested before, if it is pull from class variable store


    1807. 

  1807. 				if ( $key == $id ) {


    1808. 

  1808. 					$_Itemid 	= $value;


    1809. 

  1809. 					$exists 	= 1;


    1810. 

  1810. 					break;


    1811. 

  1811. 				}


    1812. 

  1812. 			}


    1813. 

  1813. 			// if id hasnt been checked before initaite query


    1814. 

  1814. 			if ( !$exists ) {


    1815. 

  1815. 				if (!isset($content_blog_section)) {


    1816. 

  1816. 					$content_blog_section = null;


    1817. 

  1817. 				}


    1818. 

  1818. 


    1819. 

  1819. 				// pull existing query storage into temp variable


    1820. 

  1820. 				$ContentBlogSection 		= $this->get( '_ContentBlogSection', array() );


    1821. 

  1821. 				// add query result to temp array storage


    1822. 

  1822. 				$ContentBlogSection[$id] 	= $content_blog_section;


    1823. 

  1823. 				// save temp array to main array storage


    1824. 

  1824. 				$this->set( '_ContentBlogSection', $ContentBlogSection );


    1825. 

  1825. 


    1826. 

  1826. 				$_Itemid = $ContentBlogSection[$id];


    1827. 

  1827. 			}


    1828. 

  1828. 		}


    1829. 

  1829. 


    1830. 

  1830. 		if ($_Itemid == '') {


    1831. 

  1831. 			$exists = 0;


    1832. 

  1832. 			foreach( $this->get( '_ContentCategory', array() ) as $key => $value ) {


    1833. 

  1833. 				// check if id has been tested before, if it is pull from class variable store


    1834. 

  1834. 				if ( $key == $id ) {


    1835. 

  1835. 					$_Itemid 	= $value;


    1836. 

  1836. 					$exists 	= 1;


    1837. 

  1837. 					break;


    1838. 

  1838. 				}


    1839. 

  1839. 			}


    1840. 

  1840. 			// if id hasnt been checked before initaite query


    1841. 

  1841. 			if ( !$exists ) {


    1842. 

  1842. 				if (!isset($content_category)) {


    1843. 

  1843. 					$content_category = null;


    1844. 

  1844. 				}


    1845. 

  1845. 


    1846. 

  1846. 				// pull existing query storage into temp variable


    1847. 

  1847. 				$ContentCategory 		= $this->get( '_ContentCategory', array() );


    1848. 

  1848. 				// add query result to temp array storage


    1849. 

  1849. 				//$ContentCategory[$id] 	= $this->_db->loadResult();


    1850. 

  1850. 				$ContentCategory[$id] 	= $content_category;


    1851. 

  1851. 				// save temp array to main array storage


    1852. 

  1852. 				$this->set( '_ContentCategory', $ContentCategory );


    1853. 

  1853. 


    1854. 

  1854. 				$_Itemid = $ContentCategory[$id];


    1855. 

  1855. 			}


    1856. 

  1856. 		}


    1857. 

  1857. 


    1858. 

  1858. 		if ($_Itemid == '') {


    1859. 

  1859. 			// ensure that query is only called once


    1860. 

  1860. 			if ( !$this->get( '_GlobalBlogCategory' ) && !defined( '_JOS_GBC' ) ) {


    1861. 

  1861. 				define( '_JOS_GBC', 1 );


    1862. 

  1862. 


    1863. 

  1863. 				// Search in global blog category


    1864. 

  1864. 				$query = "SELECT id "


    1865. 

  1865. 				. "\n FROM #__menu "


    1866. 

  1866. 				. "\n WHERE type = 'content_blog_category'"


    1867. 

  1867. 				. "\n AND published = 1"


    1868. 

  1868. 				. "\n AND componentid = 0"


    1869. 

  1869. 				;


    1870. 

  1870. 				$this->_db->setQuery( $query );


    1871. 

  1871. 				$this->set( '_GlobalBlogCategory', $this->_db->loadResult() );


    1872. 

  1872. 			}


    1873. 

  1873. 


    1874. 

  1874. 			$_Itemid = $this->get( '_GlobalBlogCategory' );


    1875. 

  1875. 		}


    1876. 

  1876. 


    1877. 

  1877. 		if ( $_Itemid != '' ) {


    1878. 

  1878. 		// if Itemid value discovered by queries, return this value


    1879. 

  1879. 			return $_Itemid;


    1880. 

  1880. 		} else if ( $compat >= 12 && $Itemid != 99999999 && $Itemid > 0 ) {


    1881. 

  1881. 		// if queries do not return Itemid value, return Itemid of page - if it is not 99999999


    1882. 

  1882. 			return $Itemid;


    1883. 

  1883. 		} else if ( $compat <= 11 && $Itemid === 0 ) {


    1884. 

  1884. 		// if queries do not return Itemid value, return Itemid of page - if it is not 99999999


    1885. 

  1885. 			return $Itemid;


    1886. 

  1886. 		}


    1887. 

  1887. 	}


    1888. 

  1888. 


    1889. 

  1889. 	/**


    1890. 

  1890. 	* @return number of Published Blog Sections


    1891. 

  1891. 	* Kept for Backward Compatability


    1892. 

  1892. 	*/


    1893. 

  1893. 	function getBlogSectionCount( ) {


    1894. 

  1894. 		return 1;


    1895. 

  1895. 	}


    1896. 

  1896. 


    1897. 

  1897. 	/**


    1898. 

  1898. 	* @return number of Published Blog Categories


    1899. 

  1899. 	* Kept for Backward Compatability


    1900. 

  1900. 	*/


    1901. 

  1901. 	function getBlogCategoryCount( ) {


    1902. 

  1902. 		return 1;


    1903. 

  1903. 	}


    1904. 

  1904. 


    1905. 

  1905. 	/**


    1906. 

  1906. 	* @return number of Published Global Blog Sections


    1907. 

  1907. 	* Kept for Backward Compatability


    1908. 

  1908. 	*/


    1909. 

  1909. 	function getGlobalBlogSectionCount( ) {


    1910. 

  1910. 		return 1;


    1911. 

  1911. 	}


    1912. 

  1912. 


    1913. 

  1913. 	/**


    1914. 

  1914. 	* @return number of Static Content


    1915. 

  1915. 	*/


    1916. 

  1916. 	function getStaticContentCount( ) {


    1917. 

  1917. 		// ensure that query is only called once


    1918. 

  1918. 		if ( !$this->get( '_StaticContentCount' ) && !defined( '_JOS_SCC' ) ) {


    1919. 

  1919. 			define( '_JOS_SCC', 1 );


    1920. 

  1920. 


    1921. 

  1921. 			$query = "SELECT COUNT( id )"


    1922. 

  1922. 			."\n FROM #__menu "


    1923. 

  1923. 			."\n WHERE type = 'content_typed'"


    1924. 

  1924. 			."\n AND published = 1"


    1925. 

  1925. 			;


    1926. 

  1926. 			$this->_db->setQuery( $query );


    1927. 

  1927. 			// saves query result to variable


    1928. 

  1928. 			$this->set( '_StaticContentCount', $this->_db->loadResult() );


    1929. 

  1929. 		}


    1930. 

  1930. 


    1931. 

  1931. 		return $this->get( '_StaticContentCount' );


    1932. 

  1932. 	}


    1933. 

  1933. 


    1934. 

  1934. 	/**


    1935. 

  1935. 	* @return number of Content Item Links


    1936. 

  1936. 	*/


    1937. 

  1937. 	function getContentItemLinkCount( ) {


    1938. 

  1938. 		// ensure that query is only called once


    1939. 

  1939. 		if ( !$this->get( '_ContentItemLinkCount' ) && !defined( '_JOS_CILC' ) ) {


    1940. 

  1940. 			define( '_JOS_CILC', 1 );


    1941. 

  1941. 


    1942. 

  1942. 			$query = "SELECT COUNT( id )"


    1943. 

  1943. 			."\n FROM #__menu "


    1944. 

  1944. 			."\n WHERE type = 'content_item_link'"


    1945. 

  1945. 			."\n AND published = 1"


    1946. 

  1946. 			;


    1947. 

  1947. 			$this->_db->setQuery( $query );


    1948. 

  1948. 			// saves query result to variable


    1949. 

  1949. 			$this->set( '_ContentItemLinkCount', $this->_db->loadResult() );


    1950. 

  1950. 		}


    1951. 

  1951. 


    1952. 

  1952. 		return $this->get( '_ContentItemLinkCount' );


    1953. 

  1953. 	}


    1954. 

  1954. 


    1955. 

  1955. 	/**


    1956. 

  1956. 	* @param string The name of the property


    1957. 

  1957. 	* @param mixed The value of the property to set


    1958. 

  1958. 	*/


    1959. 

  1959. 	function set( $property, $value=null ) {


    1960. 

  1960. 		$this->$property = $value;


    1961. 

  1961. 	}


    1962. 

  1962. 


    1963. 

  1963. 	/**


    1964. 

  1964. 	* @param string The name of the property


    1965. 

  1965. 	* @param mixed  The default value


    1966. 

  1966. 	* @return mixed The value of the property


    1967. 

  1967. 	*/


    1968. 

  1968. 	function get($property, $default=null) {


    1969. 

  1969. 		if(isset($this->$property)) {


    1970. 

  1970. 			return $this->$property;


    1971. 

  1971. 		} else {


    1972. 

  1972. 			return $default;


    1973. 

  1973. 		}


    1974. 

  1974. 	}


    1975. 

  1975. 


    1976. 

  1976. 	/** Is admin interface?


    1977. 

  1977. 	 * @return boolean


    1978. 

  1978. 	 * @since 1.0.2


    1979. 

  1979. 	 */


    1980. 

  1980. 	function isAdmin() {


    1981. 

  1981. 		return $this->_isAdmin;


    1982. 

  1982. 	}


    1983. 

  1983. }


    1984. 

  1984. 


    1985. 

  1985. /**


    1986. 

  1986. * Component database table class


    1987. 

  1987. * @package Joomla


    1988. 

  1988. */


    1989. 

  1989. class mosComponent extends mosDBTable {


    1990. 

  1990. 	/** @var int Primary key */


    1991. 

  1991. 	var $id					= null;


    1992. 

  1992. 	/** @var string */


    1993. 

  1993. 	var $name				= null;


    1994. 

  1994. 	/** @var string */


    1995. 

  1995. 	var $link				= null;


    1996. 

  1996. 	/** @var int */


    1997. 

  1997. 	var $menuid				= null;


    1998. 

  1998. 	/** @var int */


    1999. 

  1999. 	var $parent				= null;


    2000. 

  2000. 	/** @var string */


    2001. 

  2001. 	var $admin_menu_link	= null;


    2002. 

  2002. 	/** @var string */


    2003. 

  2003. 	var $admin_menu_alt		= null;


    2004. 

  2004. 	/** @var string */


    2005. 

  2005. 	var $option				= null;


    2006. 

  2006. 	/** @var string */


    2007. 

  2007. 	var $ordering			= null;


    2008. 

  2008. 	/** @var string */


    2009. 

  2009. 	var $admin_menu_img		= null;


    2010. 

  2010. 	/** @var int */


    2011. 

  2011. 	var $iscore				= null;


    2012. 

  2012. 	/** @var string */


    2013. 

  2013. 	var $params				= null;


    2014. 

  2014. 


    2015. 

  2015. 	/**


    2016. 

  2016. 	* @param database A database connector object


    2017. 

  2017. 	*/


    2018. 

  2018. 	function mosComponent( &$db ) {


    2019. 

  2019. 		$this->mosDBTable( '#__components', 'id', $db );


    2020. 

  2020. 	}


    2021. 

  2021. }


    2022. 

  2022. 


    2023. 

  2023. /**


    2024. 

  2024. * Utility class for all HTML drawing classes


    2025. 

  2025. * @package Joomla


    2026. 

  2026. */


    2027. 

  2027. class mosHTML {


    2028. 

  2028. 	function makeOption( $value, $text='', $value_name='value', $text_name='text' ) {


    2029. 

  2029. 		$obj = new stdClass;


    2030. 

  2030. 		$obj->$value_name = $value;


    2031. 

  2031. 		$obj->$text_name = trim( $text ) ? $text : $value;


    2032. 

  2032. 		return $obj;


    2033. 

  2033. 	}


    2034. 

  2034. 


    2035. 

  2035.   function writableCell( $folder, $relative=1, $text='', $visible=1 ) {


    2036. 

  2036. 	$writeable 		= '<b><font color="green">Writeable</font></b>';


    2037. 

  2037. 	$unwriteable 	= '<b><font color="red">Unwriteable</font></b>';


    2038. 

  2038. 


    2039. 

  2039.   	echo '<tr>';


    2040. 

  2040.   	echo '<td class="item">';


    2041. 

  2041. 	echo $text;


    2042. 

  2042. 	if ( $visible ) {


    2043. 

  2043. 		echo $folder . '/';


    2044. 

  2044. 	}


    2045. 

  2045. 	echo '</td>';


    2046. 

  2046.   	echo '<td align="left">';


    2047. 

  2047. 	if ( $relative ) {


    2048. 

  2048. 		echo is_writable( "../$folder" ) 	? $writeable : $unwriteable;


    2049. 

  2049. 	} else {


    2050. 

  2050. 		echo is_writable( "$folder" ) 		? $writeable : $unwriteable;


    2051. 

  2051. 	}


    2052. 

  2052. 	echo '</td>';


    2053. 

  2053.   	echo '</tr>';


    2054. 

  2054.   }


    2055. 

  2055. 


    2056. 

  2056. 	/**


    2057. 

  2057. 	* Generates an HTML select list


    2058. 

  2058. 	* @param array An array of objects


    2059. 

  2059. 	* @param string The value of the HTML name attribute


    2060. 

  2060. 	* @param string Additional HTML attributes for the <select> tag


    2061. 

  2061. 	* @param string The name of the object variable for the option value


    2062. 

  2062. 	* @param string The name of the object variable for the option text


    2063. 

  2063. 	* @param mixed The key that is selected


    2064. 

  2064. 	* @returns string HTML for the select list


    2065. 

  2065. 	*/


    2066. 

  2066. 	function selectList( &$arr, $tag_name, $tag_attribs, $key, $text, $selected=NULL ) {


    2067. 

  2067. 		// check if array


    2068. 

  2068. 		if ( is_array( $arr ) ) {


    2069. 

  2069. 			reset( $arr );


    2070. 

  2070. 		}


    2071. 

  2071. 


    2072. 

  2072. 		$html 	= "\n<select name=\"$tag_name\" $tag_attribs>";


    2073. 

  2073. 		$count 	= count( $arr );


    2074. 

  2074. 


    2075. 

  2075. 		for ($i=0, $n=$count; $i < $n; $i++ ) {


    2076. 

  2076. 			$k = $arr[$i]->$key;


    2077. 

  2077. 			$t = $arr[$i]->$text;


    2078. 

  2078. 			$id = ( isset($arr[$i]->id) ? @$arr[$i]->id : null);


    2079. 

  2079. 


    2080. 

  2080. 			$extra = '';


    2081. 

  2081. 			$extra .= $id ? " id=\"" . $arr[$i]->id . "\"" : '';


    2082. 

  2082. 			if (is_array( $selected )) {


    2083. 

  2083. 				foreach ($selected as $obj) {


    2084. 

  2084. 					$k2 = $obj->$key;


    2085. 

  2085. 					if ($k == $k2) {


    2086. 

  2086. 						$extra .= " selected=\"selected\"";


    2087. 

  2087. 						break;


    2088. 

  2088. 					}


    2089. 

  2089. 				}


    2090. 

  2090. 			} else {


    2091. 

  2091. 				$extra .= ($k == $selected ? " selected=\"selected\"" : '');


    2092. 

  2092. 			}


    2093. 

  2093. 			$html .= "\n\t<option value=\"".$k."\"$extra>" . $t . "</option>";


    2094. 

  2094. 		}


    2095. 

  2095. 		$html .= "\n</select>\n";


    2096. 

  2096. 


    2097. 

  2097. 		return $html;


    2098. 

  2098. 	}


    2099. 

  2099. 


    2100. 

  2100. 	/**


    2101. 

  2101. 	* Writes a select list of integers


    2102. 

  2102. 	* @param int The start integer


    2103. 

  2103. 	* @param int The end integer


    2104. 

  2104. 	* @param int The increment


    2105. 

  2105. 	* @param string The value of the HTML name attribute


    2106. 

  2106. 	* @param string Additional HTML attributes for the <select> tag


    2107. 

  2107. 	* @param mixed The key that is selected


    2108. 

  2108. 	* @param string The printf format to be applied to the number


    2109. 

  2109. 	* @returns string HTML for the select list


    2110. 

  2110. 	*/


    2111. 

  2111. 	function integerSelectList( $start, $end, $inc, $tag_name, $tag_attribs, $selected, $format="" ) {


    2112. 

  2112. 		$start 	= intval( $start );


    2113. 

  2113. 		$end 	= intval( $end );


    2114. 

  2114. 		$inc 	= intval( $inc );


    2115. 

  2115. 		$arr 	= array();


    2116. 

  2116. 


    2117. 

  2117. 		for ($i=$start; $i <= $end; $i+=$inc) {


    2118. 

  2118. 			$fi = $format ? sprintf( "$format", $i ) : "$i";


    2119. 

  2119. 			$arr[] = mosHTML::makeOption( $fi, $fi );


    2120. 

  2120. 		}


    2121. 

  2121. 


    2122. 

  2122. 		return mosHTML::selectList( $arr, $tag_name, $tag_attribs, 'value', 'text', $selected );


    2123. 

  2123. 	}


    2124. 

  2124. 


    2125. 

  2125. 	/**


    2126. 

  2126. 	* Writes a select list of month names based on Language settings


    2127. 

  2127. 	* @param string The value of the HTML name attribute


    2128. 

  2128. 	* @param string Additional HTML attributes for the <select> tag


    2129. 

  2129. 	* @param mixed The key that is selected


    2130. 

  2130. 	* @returns string HTML for the select list values


    2131. 

  2131. 	*/


    2132. 

  2132. 	function monthSelectList( $tag_name, $tag_attribs, $selected ) {


    2133. 

  2133. 		$arr = array(


    2134. 

  2134. 			mosHTML::makeOption( '01', _JAN ),


    2135. 

  2135. 			mosHTML::makeOption( '02', _FEB ),


    2136. 

  2136. 			mosHTML::makeOption( '03', _MAR ),


    2137. 

  2137. 			mosHTML::makeOption( '04', _APR ),


    2138. 

  2138. 			mosHTML::makeOption( '05', _MAY ),


    2139. 

  2139. 			mosHTML::makeOption( '06', _JUN ),


    2140. 

  2140. 			mosHTML::makeOption( '07', _JUL ),


    2141. 

  2141. 			mosHTML::makeOption( '08', _AUG ),


    2142. 

  2142. 			mosHTML::makeOption( '09', _SEP ),


    2143. 

  2143. 			mosHTML::makeOption( '10', _OCT ),


    2144. 

  2144. 			mosHTML::makeOption( '11', _NOV ),


    2145. 

  2145. 			mosHTML::makeOption( '12', _DEC )


    2146. 

  2146. 		);


    2147. 

  2147. 


    2148. 

  2148. 		return mosHTML::selectList( $arr, $tag_name, $tag_attribs, 'value', 'text', $selected );


    2149. 

  2149. 	}


    2150. 

  2150. 


    2151. 

  2151. 	/**


    2152. 

  2152. 	* Generates an HTML select list from a tree based query list


    2153. 

  2153. 	* @param array Source array with id and parent fields


    2154. 

  2154. 	* @param array The id of the current list item


    2155. 

  2155. 	* @param array Target array.  May be an empty array.


    2156. 

  2156. 	* @param array An array of objects


    2157. 

  2157. 	* @param string The value of the HTML name attribute


    2158. 

  2158. 	* @param string Additional HTML attributes for the <select> tag


    2159. 

  2159. 	* @param string The name of the object variable for the option value


    2160. 

  2160. 	* @param string The name of the object variable for the option text


    2161. 

  2161. 	* @param mixed The key that is selected


    2162. 

  2162. 	* @returns string HTML for the select list


    2163. 

  2163. 	*/


    2164. 

  2164. 	function treeSelectList( &$src_list, $src_id, $tgt_list, $tag_name, $tag_attribs, $key, $text, $selected ) {


    2165. 

  2165. 


    2166. 

  2166. 		// establish the hierarchy of the menu


    2167. 

  2167. 		$children = array();


    2168. 

  2168. 		// first pass - collect children


    2169. 

  2169. 		foreach ($src_list as $v ) {


    2170. 

  2170. 			$pt = $v->parent;


    2171. 

  2171. 			$list = @$children[$pt] ? $children[$pt] : array();


    2172. 

  2172. 			array_push( $list, $v );


    2173. 

  2173. 			$children[$pt] = $list;


    2174. 

  2174. 		}


    2175. 

  2175. 		// second pass - get an indent list of the items


    2176. 

  2176. 		$ilist = mosTreeRecurse( 0, '', array(), $children );


    2177. 

  2177. 


    2178. 

  2178. 		// assemble menu items to the array


    2179. 

  2179. 		$this_treename = '';


    2180. 

  2180. 		foreach ($ilist as $item) {


    2181. 

  2181. 			if ($this_treename) {


    2182. 

  2182. 				if ($item->id != $src_id && strpos( $item->treename, $this_treename ) === false) {


    2183. 

  2183. 					$tgt_list[] = mosHTML::makeOption( $item->id, $item->treename );


    2184. 

  2184. 				}


    2185. 

  2185. 			} else {


    2186. 

  2186. 				if ($item->id != $src_id) {


    2187. 

  2187. 					$tgt_list[] = mosHTML::makeOption( $item->id, $item->treename );


    2188. 

  2188. 				} else {


    2189. 

  2189. 					$this_treename = "$item->treename/";


    2190. 

  2190. 				}


    2191. 

  2191. 			}


    2192. 

  2192. 		}


    2193. 

  2193. 		// build the html select list


    2194. 

  2194. 		return mosHTML::selectList( $tgt_list, $tag_name, $tag_attribs, $key, $text, $selected );


    2195. 

  2195. 	}


    2196. 

  2196. 


    2197. 

  2197. 	/**


    2198. 

  2198. 	* Writes a yes/no select list


    2199. 

  2199. 	* @param string The value of the HTML name attribute


    2200. 

  2200. 	* @param string Additional HTML attributes for the <select> tag


    2201. 

  2201. 	* @param mixed The key that is selected


    2202. 

  2202. 	* @returns string HTML for the select list values


    2203. 

  2203. 	*/


    2204. 

  2204. 	function yesnoSelectList( $tag_name, $tag_attribs, $selected, $yes=_CMN_YES, $no=_CMN_NO ) {


    2205. 

  2205. 		$arr = array(


    2206. 

  2206. 		mosHTML::makeOption( '0', $no ),


    2207. 

  2207. 		mosHTML::makeOption( '1', $yes ),


    2208. 

  2208. 		);


    2209. 

  2209. 


    2210. 

  2210. 		return mosHTML::selectList( $arr, $tag_name, $tag_attribs, 'value', 'text', $selected );


    2211. 

  2211. 	}


    2212. 

  2212. 


    2213. 

  2213. 	/**


    2214. 

  2214. 	* Generates an HTML radio list


    2215. 

  2215. 	* @param array An array of objects


    2216. 

  2216. 	* @param string The value of the HTML name attribute


    2217. 

  2217. 	* @param string Additional HTML attributes for the <select> tag


    2218. 

  2218. 	* @param mixed The key that is selected


    2219. 

  2219. 	* @param string The name of the object variable for the option value


    2220. 

  2220. 	* @param string The name of the object variable for the option text


    2221. 

  2221. 	* @returns string HTML for the select list


    2222. 

  2222. 	*/


    2223. 

  2223. 	function radioList( &$arr, $tag_name, $tag_attribs, $selected=null, $key='value', $text='text' ) {


    2224. 

  2224. 		reset( $arr );


    2225. 

  2225. 		$html = "";


    2226. 

  2226. 		for ($i=0, $n=count( $arr ); $i < $n; $i++ ) {


    2227. 

  2227. 			$k = $arr[$i]->$key;


    2228. 

  2228. 			$t = $arr[$i]->$text;


    2229. 

  2229. 			$id = ( isset($arr[$i]->id) ? @$arr[$i]->id : null);


    2230. 

  2230. 


    2231. 

  2231. 			$extra = '';


    2232. 

  2232. 			$extra .= $id ? " id=\"" . $arr[$i]->id . "\"" : '';


    2233. 

  2233. 			if (is_array( $selected )) {


    2234. 

  2234. 				foreach ($selected as $obj) {


    2235. 

  2235. 					$k2 = $obj->$key;


    2236. 

  2236. 					if ($k == $k2) {


    2237. 

  2237. 						$extra .= " selected=\"selected\"";


    2238. 

  2238. 						break;


    2239. 

  2239. 					}


    2240. 

  2240. 				}


    2241. 

  2241. 			} else {


    2242. 

  2242. 				$extra .= ($k == $selected ? " checked=\"checked\"" : '');


    2243. 

  2243. 			}


    2244. 

  2244. 			$html .= "\n\t<input type=\"radio\" name=\"$tag_name\" id=\"$tag_name$k\" value=\"".$k."\"$extra $tag_attribs />";


    2245. 

  2245. 			$html .= "\n\t<label for=\"$tag_name$k\">$t</label>";


    2246. 

  2246. 		}


    2247. 

  2247. 		$html .= "\n";


    2248. 

  2248. 


    2249. 

  2249. 		return $html;


    2250. 

  2250. 	}


    2251. 

  2251. 


    2252. 

  2252. 	/**


    2253. 

  2253. 	* Writes a yes/no radio list


    2254. 

  2254. 	* @param string The value of the HTML name attribute


    2255. 

  2255. 	* @param string Additional HTML attributes for the <select> tag


    2256. 

  2256. 	* @param mixed The key that is selected


    2257. 

  2257. 	* @returns string HTML for the radio list


    2258. 

  2258. 	*/


    2259. 

  2259. 	function yesnoRadioList( $tag_name, $tag_attribs, $selected, $yes=_CMN_YES, $no=_CMN_NO ) {


    2260. 

  2260. 		$arr = array(


    2261. 

  2261. 			mosHTML::makeOption( '0', $no ),


    2262. 

  2262. 			mosHTML::makeOption( '1', $yes )


    2263. 

  2263. 		);


    2264. 

  2264. 


    2265. 

  2265. 		return mosHTML::radioList( $arr, $tag_name, $tag_attribs, $selected );


    2266. 

  2266. 	}


    2267. 

  2267. 


    2268. 

  2268. 	/**


    2269. 

  2269. 	* @param int The row index


    2270. 

  2270. 	* @param int The record id


    2271. 

  2271. 	* @param boolean


    2272. 

  2272. 	* @param string The name of the form element


    2273. 

  2273. 	* @return string


    2274. 

  2274. 	*/


    2275. 

  2275. 	function idBox( $rowNum, $recId, $checkedOut=false, $name='cid' ) {


    2276. 

  2276. 		if ( $checkedOut ) {


    2277. 

  2277. 			return '';


    2278. 

  2278. 		} else {


    2279. 

  2279. 			return '<input type="checkbox" id="cb'.$rowNum.'" name="'.$name.'[]" value="'.$recId.'" onclick="isChecked(this.checked);" />';


    2280. 

  2280. 		}


    2281. 

  2281. 	}


    2282. 

  2282. 


    2283. 

  2283. 	function sortIcon( $base_href, $field, $state='none' ) {


    2284. 

  2284. 		global $mosConfig_live_site;


    2285. 

  2285. 


    2286. 

  2286. 		$alts = array(


    2287. 

  2287. 			'none' 	=> _CMN_SORT_NONE,


    2288. 

  2288. 			'asc' 	=> _CMN_SORT_ASC,


    2289. 

  2289. 			'desc' 	=> _CMN_SORT_DESC,


    2290. 

  2290. 		);


    2291. 

  2291. 		$next_state = 'asc';


    2292. 

  2292. 		if ($state == 'asc') {


    2293. 

  2293. 			$next_state = 'desc';


    2294. 

  2294. 		} else if ($state == 'desc') {


    2295. 

  2295. 			$next_state = 'none';


    2296. 

  2296. 		}


    2297. 

  2297. 


    2298. 

  2298. 		$html = "<a href=\"$base_href&field=$field&order=$next_state\">"


    2299. 

  2299. 		. "<img src=\"$mosConfig_live_site/images/M_images/sort_$state.png\" width=\"12\" height=\"12\" border=\"0\" alt=\"{$alts[$next_state]}\" />"


    2300. 

  2300. 		. "</a>";


    2301. 

  2301. 		return $html;


    2302. 

  2302. 	}


    2303. 

  2303. 


    2304. 

  2304. 	/**


    2305. 

  2305. 	* Writes Close Button


    2306. 

  2306. 	*/


    2307. 

  2307. 	function CloseButton ( &$params, $hide_js=NULL ) {


    2308. 

  2308. 		// displays close button in Pop-up window


    2309. 

  2309. 		if ( $params->get( 'popup' ) && !$hide_js ) {


    2310. 

  2310. 			?>


    2311. 

  2311. 			<script language="javascript" type="text/javascript">


    2312. 

  2312. 			<!--


    2313. 

  2313. 			document.write('<div align="center" style="margin-top: 30px; margin-bottom: 30px;">');


    2314. 

  2314. 			document.write('<a href="#" onclick="javascript:window.close();"><span class="small"><?php echo _PROMPT_CLOSE;?></span></a>');


    2315. 

  2315. 			document.write('</div>');


    2316. 

  2316. 			//-->


    2317. 

  2317. 			</script>


    2318. 

  2318. 			<?php


    2319. 

  2319. 		}


    2320. 

  2320. 	}


    2321. 

  2321. 


    2322. 

  2322. 	/**


    2323. 

  2323. 	* Writes Back Button


    2324. 

  2324. 	*/


    2325. 

  2325. 	function BackButton ( &$params, $hide_js=NULL ) {


    2326. 

  2326. 		// Back Button


    2327. 

  2327. 		if ( $params->get( 'back_button' ) && !$params->get( 'popup' ) && !$hide_js) {


    2328. 

  2328. 			?>


    2329. 

  2329. 			<div class="back_button">


    2330. 

  2330. 				<a href='javascript:history.go(-1)'>


    2331. 

  2331. 					<?php echo _BACK; ?></a>


    2332. 

  2332. 			</div>


    2333. 

  2333. 			<?php


    2334. 

  2334. 		}


    2335. 

  2335. 	}


    2336. 

  2336. 


    2337. 

  2337. 	/**


    2338. 

  2338. 	* Cleans text of all formating and scripting code


    2339. 

  2339. 	*/


    2340. 

  2340. 	function cleanText ( &$text ) {


    2341. 

  2341. 		$text = preg_replace( "'<script[^>]*>.*?</script>'si", '', $text );


    2342. 

  2342. 		$text = preg_replace( '/<a\s+.*?href="([^"]+)"[^>]*>([^<]+)<\/a>/is', '\2 (\1)', $text );


    2343. 

  2343. 		$text = preg_replace( '/<!--.+?-->/', '', $text );


    2344. 

  2344. 		$text = preg_replace( '/{.+?}/', '', $text );


    2345. 

  2345. 		$text = preg_replace( '/&nbsp;/', ' ', $text );


    2346. 

  2346. 		$text = preg_replace( '/&amp;/', ' ', $text );


    2347. 

  2347. 		$text = preg_replace( '/&quot;/', ' ', $text );


    2348. 

  2348. 		$text = strip_tags( $text );


    2349. 

  2349. 		$text = htmlspecialchars( $text );


    2350. 

  2350. 


    2351. 

  2351. 		return $text;


    2352. 

  2352. 	}


    2353. 

  2353. 


    2354. 

  2354. 	/**


    2355. 

  2355. 	* Writes Print icon


    2356. 

  2356. 	*/


    2357. 

  2357. 	function PrintIcon( &$row, &$params, $hide_js, $link, $status=NULL ) {


    2358. 

  2358. 		if ( $params->get( 'print' )  && !$hide_js ) {


    2359. 

  2359. 			// use default settings if none declared


    2360. 

  2360. 			if ( !$status ) {


    2361. 

  2361. 				$status = 'status=no,toolbar=no,scrollbars=yes,titlebar=no,menubar=no,resizable=yes,width=640,height=480,directories=no,location=no';


    2362. 

  2362. 			}


    2363. 

  2363. 


    2364. 

  2364. 			// checks template image directory for image, if non found default are loaded


    2365. 

  2365. 			if ( $params->get( 'icons' ) ) {


    2366. 

  2366. 				$image = mosAdminMenus::ImageCheck( 'printButton.png', '/images/M_images/', NULL, NULL, _CMN_PRINT, _CMN_PRINT );


    2367. 

  2367. 			} else {


    2368. 

  2368. 				$image = _ICON_SEP .'&nbsp;'. _CMN_PRINT. '&nbsp;'. _ICON_SEP;


    2369. 

  2369. 			}


    2370. 

  2370. 


    2371. 

  2371. 			if ( $params->get( 'popup' ) && !$hide_js ) {


    2372. 

  2372. 				// Print Preview button - used when viewing page


    2373. 

  2373. 				?>


    2374. 

  2374. 				<script language="javascript" type="text/javascript">


    2375. 

  2375. 				<!--


    2376. 

  2376. 				document.write('<td align="right" width="100%" class="buttonheading">');


    2377. 

  2377. 				document.write('<a href="#" onclick="javascript:window.print(); return false;" title="<?php echo _CMN_PRINT;?>">');


    2378. 

  2378. 				document.write('<?php echo $image;?>');


    2379. 

  2379. 				document.write('</a>');


    2380. 

  2380. 				document.write('</td>');


    2381. 

  2381. 				//-->


    2382. 

  2382. 				</script>


    2383. 

  2383. 				<?php


    2384. 

  2384. 			} else {


    2385. 

  2385. 				// Print Button - used in pop-up window


    2386. 

  2386. 				?>


    2387. 

  2387. 				<td align="right" width="100%" class="buttonheading">


    2388. 

  2388. 					<a href="<?php echo $link; ?>" target="_blank" onclick="window.open('<?php echo $link; ?>','win2','<?php echo $status; ?>'); return false;" title="<?php echo _CMN_PRINT;?>">


    2389. 

  2389. 						<?php echo $image;?></a>


    2390. 

  2390. 				</td>


    2391. 

  2391. 				<?php


    2392. 

  2392. 			}


    2393. 

  2393. 		}


    2394. 

  2394. 	}


    2395. 

  2395. 


    2396. 

  2396. 	/**


    2397. 

  2397. 	* simple Javascript Cloaking


    2398. 

  2398. 	* email cloacking


    2399. 

  2399.  	* by default replaces an email with a mailto link with email cloacked


    2400. 

  2400. 	*/


    2401. 

  2401. 	function emailCloaking( $mail, $mailto=1, $text='', $email=1 ) {


    2402. 

  2402. 		// convert text


    2403. 

  2403. 		$mail 			= mosHTML::encoding_converter( $mail );


    2404. 

  2404. 		// split email by @ symbol


    2405. 

  2405. 		$mail			= explode( '@', $mail );


    2406. 

  2406. 		$mail_parts		= explode( '.', $mail[1] );


    2407. 

  2407. 		// random number


    2408. 

  2408. 		$rand			= rand( 1, 100000 );


    2409. 

  2409. 


    2410. 

  2410. 		$replacement 	= "\n <script language='JavaScript' type='text/javascript'>";


    2411. 

  2411. 		$replacement 	.= "\n <!--";


    2412. 

  2412. 		$replacement 	.= "\n var prefix = '&#109;a' + 'i&#108;' + '&#116;o';";


    2413. 

  2413. 		$replacement 	.= "\n var path = 'hr' + 'ef' + '=';";


    2414. 

  2414. 		$replacement 	.= "\n var addy". $rand ." = '". @$mail[0] ."' + '&#64;';";


    2415. 

  2415. 		$replacement 	.= "\n addy". $rand ." = addy". $rand ." + '". implode( "' + '&#46;' + '", $mail_parts ) ."';";


    2416. 

  2416. 


    2417. 

  2417. 		if ( $mailto ) {


    2418. 

  2418. 			// special handling when mail text is different from mail addy


    2419. 

  2419. 			if ( $text ) {


    2420. 

  2420. 				if ( $email ) {


    2421. 

  2421. 					// convert text


    2422. 

  2422. 					$text 			= mosHTML::encoding_converter( $text );


    2423. 

  2423. 					// split email by @ symbol


    2424. 

  2424. 					$text 			= explode( '@', $text );


    2425. 

  2425. 					$text_parts		= explode( '.', $text[1] );


    2426. 

  2426. 					$replacement 	.= "\n var addy_text". $rand ." = '". @$text[0] ."' + '&#64;' + '". implode( "' + '&#46;' + '", @$text_parts ) ."';";


    2427. 

  2427. 				} else {


    2428. 

  2428. 					$replacement 	.= "\n var addy_text". $rand ." = '". $text ."';";


    2429. 

  2429. 				}


    2430. 

  2430. 				$replacement 	.= "\n document.write( '<a ' + path + '\'' + prefix + ':' + addy". $rand ." + '\'>' );";


    2431. 

  2431. 				$replacement 	.= "\n document.write( addy_text". $rand ." );";


    2432. 

  2432. 				$replacement 	.= "\n document.write( '<\/a>' );";


    2433. 

  2433. 			} else {


    2434. 

  2434. 				$replacement 	.= "\n document.write( '<a ' + path + '\'' + prefix + ':' + addy". $rand ." + '\'>' );";


    2435. 

  2435. 				$replacement 	.= "\n document.write( addy". $rand ." );";


    2436. 

  2436. 				$replacement 	.= "\n document.write( '<\/a>' );";


    2437. 

  2437. 			}


    2438. 

  2438. 		} else {


    2439. 

  2439. 			$replacement 	.= "\n document.write( addy". $rand ." );";


    2440. 

  2440. 		}


    2441. 

  2441. 		$replacement 	.= "\n //-->";


    2442. 

  2442. 		$replacement 	.= '\n </script>';


    2443. 

  2443. 


    2444. 

  2444. 		// XHTML compliance `No Javascript` text handling


    2445. 

  2445. 		$replacement 	.= "<script language='JavaScript' type='text/javascript'>";


    2446. 

  2446. 		$replacement 	.= "\n <!--";


    2447. 

  2447. 		$replacement 	.= "\n document.write( '<span style=\'display: none;\'>' );";


    2448. 

  2448. 		$replacement 	.= "\n //-->";


    2449. 

  2449. 		$replacement 	.= "\n </script>";


    2450. 

  2450. 		$replacement 	.= _CLOAKING;


    2451. 

  2451. 		$replacement 	.= "\n <script language='JavaScript' type='text/javascript'>";


    2452. 

  2452. 		$replacement 	.= "\n <!--";


    2453. 

  2453. 		$replacement 	.= "\n document.write( '</' );";


    2454. 

  2454. 		$replacement 	.= "\n document.write( 'span>' );";


    2455. 

  2455. 		$replacement 	.= "\n //-->";


    2456. 

  2456. 		$replacement 	.= "\n </script>";


    2457. 

  2457. 


    2458. 

  2458. 		return $replacement;


    2459. 

  2459. 	}


    2460. 

  2460. 


    2461. 

  2461. 	function encoding_converter( $text ) {


    2462. 

  2462. 		// replace vowels with character encoding


    2463. 

  2463. 		$text 	= str_replace( 'a', '&#97;', $text );


    2464. 

  2464. 		$text 	= str_replace( 'e', '&#101;', $text );


    2465. 

  2465. 		$text 	= str_replace( 'i', '&#105;', $text );


    2466. 

  2466. 		$text 	= str_replace( 'o', '&#111;', $text );


    2467. 

  2467. 		$text	= str_replace( 'u', '&#117;', $text );


    2468. 

  2468. 


    2469. 

  2469. 		return $text;


    2470. 

  2470. 	}


    2471. 

  2471. }


    2472. 

  2472. 


    2473. 

  2473. /**


    2474. 

  2474. * Category database table class


    2475. 

  2475. * @package Joomla


    2476. 

  2476. */


    2477. 

  2477. class mosCategory extends mosDBTable {


    2478. 

  2478. 	/** @var int Primary key */


    2479. 

  2479. 	var $id					= null;


    2480. 

  2480. 	/** @var int */


    2481. 

  2481. 	var $parent_id			= null;


    2482. 

  2482. 	/** @var string The menu title for the Category (a short name)*/


    2483. 

  2483. 	var $title				= null;


    2484. 

  2484. 	/** @var string The full name for the Category*/


    2485. 

  2485. 	var $name				= null;


    2486. 

  2486. 	/** @var string */


    2487. 

  2487. 	var $image				= null;


    2488. 

  2488. 	/** @var string */


    2489. 

  2489. 	var $section			= null;


    2490. 

  2490. 	/** @var int */


    2491. 

  2491. 	var $image_position		= null;


    2492. 

  2492. 	/** @var string */


    2493. 

  2493. 	var $description		= null;


    2494. 

  2494. 	/** @var boolean */


    2495. 

  2495. 	var $published			= null;


    2496. 

  2496. 	/** @var boolean */


    2497. 

  2497. 	var $checked_out		= null;


    2498. 

  2498. 	/** @var time */


    2499. 

  2499. 	var $checked_out_time	= null;


    2500. 

  2500. 	/** @var int */


    2501. 

  2501. 	var $ordering			= null;


    2502. 

  2502. 	/** @var int */


    2503. 

  2503. 	var $access				= null;


    2504. 

  2504. 	/** @var string */


    2505. 

  2505. 	var $params				= null;


    2506. 

  2506. 


    2507. 

  2507. 	/**


    2508. 

  2508. 	* @param database A database connector object


    2509. 

  2509. 	*/


    2510. 

  2510. 	function mosCategory( &$db ) {


    2511. 

  2511. 		$this->mosDBTable( '#__categories', 'id', $db );


    2512. 

  2512. 	}


    2513. 

  2513. 	// overloaded check function


    2514. 

  2514. 	function check() {


    2515. 

  2515. 		// check for valid name


    2516. 

  2516. 		if (trim( $this->title ) == '') {


    2517. 

  2517. 			$this->_error = "Your Category must contain a title.";


    2518. 

  2518. 			return false;


    2519. 

  2519. 		}


    2520. 

  2520. 		if (trim( $this->name ) == '') {


    2521. 

  2521. 			$this->_error = "Your Category must have a name.";


    2522. 

  2522. 			return false;


    2523. 

  2523. 		}


    2524. 

  2524. 


    2525. 

  2525. 		$ignoreList = array('description');


    2526. 

  2526. 		$this->filter($ignoreList);


    2527. 

  2527. 


    2528. 

  2528. 		// check for existing name


    2529. 

  2529. 		$query = "SELECT id"


    2530. 

  2530. 		. "\n FROM #__categories "


    2531. 

  2531. 		. "\n WHERE name = " . $this->_db->Quote( $this->name )


    2532. 

  2532. 		. "\n AND section = " . $this->_db->Quote( $this->section )


    2533. 

  2533. 		;


    2534. 

  2534. 		$this->_db->setQuery( $query );


    2535. 

  2535. 


    2536. 

  2536. 		$xid = intval( $this->_db->loadResult() );


    2537. 

  2537. 		if ($xid && $xid != intval( $this->id )) {


    2538. 

  2538. 			$this->_error = "There is a category already with that name, please try again.";


    2539. 

  2539. 			return false;


    2540. 

  2540. 		}


    2541. 

  2541. 		return true;


    2542. 

  2542. 	}


    2543. 

  2543. }


    2544. 

  2544. 


    2545. 

  2545. /**


    2546. 

  2546. * Section database table class


    2547. 

  2547. * @package Joomla


    2548. 

  2548. */


    2549. 

  2549. class mosSection extends mosDBTable {


    2550. 

  2550. 	/** @var int Primary key */


    2551. 

  2551. 	var $id					= null;


    2552. 

  2552. 	/** @var string The menu title for the Section (a short name)*/


    2553. 

  2553. 	var $title				= null;


    2554. 

  2554. 	/** @var string The full name for the Section*/


    2555. 

  2555. 	var $name				= null;


    2556. 

  2556. 	/** @var string */


    2557. 

  2557. 	var $image				= null;


    2558. 

  2558. 	/** @var string */


    2559. 

  2559. 	var $scope				= null;


    2560. 

  2560. 	/** @var int */


    2561. 

  2561. 	var $image_position		= null;


    2562. 

  2562. 	/** @var string */


    2563. 

  2563. 	var $description		= null;


    2564. 

  2564. 	/** @var boolean */


    2565. 

  2565. 	var $published			= null;


    2566. 

  2566. 	/** @var boolean */


    2567. 

  2567. 	var $checked_out		= null;


    2568. 

  2568. 	/** @var time */


    2569. 

  2569. 	var $checked_out_time	= null;


    2570. 

  2570. 	/** @var int */


    2571. 

  2571. 	var $ordering			= null;


    2572. 

  2572. 	/** @var int */


    2573. 

  2573. 	var $access				= null;


    2574. 

  2574. 	/** @var string */


    2575. 

  2575. 	var $params				= null;


    2576. 

  2576. 


    2577. 

  2577. 	/**


    2578. 

  2578. 	* @param database A database connector object


    2579. 

  2579. 	*/


    2580. 

  2580. 	function mosSection( &$db ) {


    2581. 

  2581. 		$this->mosDBTable( '#__sections', 'id', $db );


    2582. 

  2582. 	}


    2583. 

  2583. 	// overloaded check function


    2584. 

  2584. 	function check() {


    2585. 

  2585. 		// check for valid name


    2586. 

  2586. 		if (trim( $this->title ) == '') {


    2587. 

  2587. 			$this->_error = "Your Section must contain a title.";


    2588. 

  2588. 			return false;


    2589. 

  2589. 		}


    2590. 

  2590. 		if (trim( $this->name ) == '') {


    2591. 

  2591. 			$this->_error = "Your Section must have a name.";


    2592. 

  2592. 			return false;


    2593. 

  2593. 		}


    2594. 

  2594. 


    2595. 

  2595. 		$ignoreList = array('description');


    2596. 

  2596. 		$this->filter($ignoreList);


    2597. 

  2597. 


    2598. 

  2598. 		// check for existing name


    2599. 

  2599. 		$query = "SELECT id"


    2600. 

  2600. 		. "\n FROM #__sections "


    2601. 

  2601. 		. "\n WHERE name = " . $this->_db->Quote( $this->name )


    2602. 

  2602. 		. "\n AND scope = " . $this->_db->Quote( $this->scope )


    2603. 

  2603. 		;


    2604. 

  2604. 		$this->_db->setQuery( $query );


    2605. 

  2605. 


    2606. 

  2606. 		$xid = intval( $this->_db->loadResult() );


    2607. 

  2607. 		if ($xid && $xid != intval( $this->id )) {


    2608. 

  2608. 			$this->_error = "There is a section already with that name, please try again.";


    2609. 

  2609. 			return false;


    2610. 

  2610. 		}


    2611. 

  2611. 		return true;


    2612. 

  2612. 	}


    2613. 

  2613. }


    2614. 

  2614. 


    2615. 

  2615. /**


    2616. 

  2616. * Module database table class


    2617. 

  2617. * @package Joomla


    2618. 

  2618. */


    2619. 

  2619. class mosContent extends mosDBTable {


    2620. 

  2620. 	/** @var int Primary key */


    2621. 

  2621. 	var $id					= null;


    2622. 

  2622. 	/** @var string */


    2623. 

  2623. 	var $title				= null;


    2624. 

  2624. 	/** @var string */


    2625. 

  2625. 	var $title_alias		= null;


    2626. 

  2626. 	/** @var string */


    2627. 

  2627. 	var $introtext			= null;


    2628. 

  2628. 	/** @var string */


    2629. 

  2629. 	var $fulltext			= null;


    2630. 

  2630. 	/** @var int */


    2631. 

  2631. 	var $state				= null;


    2632. 

  2632. 	/** @var int The id of the category section*/


    2633. 

  2633. 	var $sectionid			= null;


    2634. 

  2634. 	/** @var int DEPRECATED */


    2635. 

  2635. 	var $mask				= null;


    2636. 

  2636. 	/** @var int */


    2637. 

  2637. 	var $catid				= null;


    2638. 

  2638. 	/** @var datetime */


    2639. 

  2639. 	var $created			= null;


    2640. 

  2640. 	/** @var int User id*/


    2641. 

  2641. 	var $created_by			= null;


    2642. 

  2642. 	/** @var string An alias for the author*/


    2643. 

  2643. 	var $created_by_alias	= null;


    2644. 

  2644. 	/** @var datetime */


    2645. 

  2645. 	var $modified			= null;


    2646. 

  2646. 	/** @var int User id*/


    2647. 

  2647. 	var $modified_by		= null;


    2648. 

  2648. 	/** @var boolean */


    2649. 

  2649. 	var $checked_out		= null;


    2650. 

  2650. 	/** @var time */


    2651. 

  2651. 	var $checked_out_time	= null;


    2652. 

  2652. 	/** @var datetime */


    2653. 

  2653. 	var $frontpage_up		= null;


    2654. 

  2654. 	/** @var datetime */


    2655. 

  2655. 	var $frontpage_down		= null;


    2656. 

  2656. 	/** @var datetime */


    2657. 

  2657. 	var $publish_up			= null;


    2658. 

  2658. 	/** @var datetime */


    2659. 

  2659. 	var $publish_down		= null;


    2660. 

  2660. 	/** @var string */


    2661. 

  2661. 	var $images				= null;


    2662. 

  2662. 	/** @var string */


    2663. 

  2663. 	var $urls				= null;


    2664. 

  2664. 	/** @var string */


    2665. 

  2665. 	var $attribs			= null;


    2666. 

  2666. 	/** @var int */


    2667. 

  2667. 	var $version			= null;


    2668. 

  2668. 	/** @var int */


    2669. 

  2669. 	var $parentid			= null;


    2670. 

  2670. 	/** @var int */


    2671. 

  2671. 	var $ordering			= null;


    2672. 

  2672. 	/** @var string */


    2673. 

  2673. 	var $metakey			= null;


    2674. 

  2674. 	/** @var string */


    2675. 

  2675. 	var $metadesc			= null;


    2676. 

  2676. 	/** @var int */


    2677. 

  2677. 	var $access				= null;


    2678. 

  2678. 	/** @var int */


    2679. 

  2679. 	var $hits				= null;


    2680. 

  2680. 


    2681. 

  2681. 	/**


    2682. 

  2682. 	* @param database A database connector object


    2683. 

  2683. 	*/


    2684. 

  2684. 	function mosContent( &$db ) {


    2685. 

  2685. 		$this->mosDBTable( '#__content', 'id', $db );


    2686. 

  2686. 	}


    2687. 

  2687. 


    2688. 

  2688. 	/**


    2689. 

  2689. 	 * Validation and filtering


    2690. 

  2690. 	 */


    2691. 

  2691. 	function check() {


    2692. 

  2692. 		// filter malicious code


    2693. 

  2693. 		$ignoreList = array( 'introtext', 'fulltext' );


    2694. 

  2694. 		$this->filter( $ignoreList );


    2695. 

  2695. 


    2696. 

  2696. 		/*


    2697. 

  2697. 		TODO: This filter is too rigorous,


    2698. 

  2698. 		need to implement more configurable solution


    2699. 

  2699. 		// specific filters


    2700. 

  2700. 		$iFilter = new InputFilter( null, null, 1, 1 );


    2701. 

  2701. 		$this->introtext = trim( $iFilter->process( $this->introtext ) );


    2702. 

  2702. 		$this->fulltext =  trim( $iFilter->process( $this->fulltext ) );


    2703. 

  2703. 		*/


    2704. 

  2704. 


    2705. 

  2705. 		if (trim( str_replace( '&nbsp;', '', $this->fulltext ) ) == '') {


    2706. 

  2706. 			$this->fulltext = '';


    2707. 

  2707. 		}


    2708. 

  2708. 


    2709. 

  2709. 		return true;


    2710. 

  2710. 	}


    2711. 

  2711. 


    2712. 

  2712. 	/**


    2713. 

  2713. 	* Converts record to XML


    2714. 

  2714. 	* @param boolean Map foreign keys to text values


    2715. 

  2715. 	*/


    2716. 

  2716. 	function toXML( $mapKeysToText=false ) {


    2717. 

  2717. 		global $database;


    2718. 

  2718. 


    2719. 

  2719. 		if ($mapKeysToText) {


    2720. 

  2720. 			$query = "SELECT name"


    2721. 

  2721. 			. "\n FROM #__sections"


    2722. 

  2722. 			. "\n WHERE id = " . (int) $this->sectionid


    2723. 

  2723. 			;


    2724. 

  2724. 			$database->setQuery( $query );


    2725. 

  2725. 			$this->sectionid = $database->loadResult();


    2726. 

  2726. 


    2727. 

  2727. 			$query = "SELECT name"


    2728. 

  2728. 			. "\n FROM #__categories"


    2729. 

  2729. 			. "\n WHERE id = " . (int) $this->catid


    2730. 

  2730. 			;


    2731. 

  2731. 			$database->setQuery( $query );


    2732. 

  2732. 			$this->catid = $database->loadResult();


    2733. 

  2733. 


    2734. 

  2734. 			$query = "SELECT name"


    2735. 

  2735. 			. "\n FROM #__users"


    2736. 

  2736. 			. "\n WHERE id = " . (int) $this->created_by


    2737. 

  2737. 			;


    2738. 

  2738. 			$database->setQuery( $query );


    2739. 

  2739. 			$this->created_by = $database->loadResult();


    2740. 

  2740. 		}


    2741. 

  2741. 


    2742. 

  2742. 		return parent::toXML( $mapKeysToText );


    2743. 

  2743. 	}


    2744. 

  2744. }


    2745. 

  2745. 


    2746. 

  2746. /**


    2747. 

  2747. * Module database table class


    2748. 

  2748. * @package Joomla


    2749. 

  2749. */


    2750. 

  2750. class mosMenu extends mosDBTable {


    2751. 

  2751. 	/** @var int Primary key */


    2752. 

  2752. 	var $id					= null;


    2753. 

  2753. 	/** @var string */


    2754. 

  2754. 	var $menutype			= null;


    2755. 

  2755. 	/** @var string */


    2756. 

  2756. 	var $name				= null;


    2757. 

  2757. 	/** @var string */


    2758. 

  2758. 	var $link				= null;


    2759. 

  2759. 	/** @var int */


    2760. 

  2760. 	var $type				= null;


    2761. 

  2761. 	/** @var int */


    2762. 

  2762. 	var $published			= null;


    2763. 

  2763. 	/** @var int */


    2764. 

  2764. 	var $componentid		= null;


    2765. 

  2765. 	/** @var int */


    2766. 

  2766. 	var $parent				= null;


    2767. 

  2767. 	/** @var int */


    2768. 

  2768. 	var $sublevel			= null;


    2769. 

  2769. 	/** @var int */


    2770. 

  2770. 	var $ordering			= null;


    2771. 

  2771. 	/** @var boolean */


    2772. 

  2772. 	var $checked_out		= null;


    2773. 

  2773. 	/** @var datetime */


    2774. 

  2774. 	var $checked_out_time	= null;


    2775. 

  2775. 	/** @var boolean */


    2776. 

  2776. 	var $pollid				= null;


    2777. 

  2777. 	/** @var string */


    2778. 

  2778. 	var $browserNav			= null;


    2779. 

  2779. 	/** @var int */


    2780. 

  2780. 	var $access				= null;


    2781. 

  2781. 	/** @var int */


    2782. 

  2782. 	var $utaccess			= null;


    2783. 

  2783. 	/** @var string */


    2784. 

  2784. 	var $params				= null;


    2785. 

  2785. 


    2786. 

  2786. 	/**


    2787. 

  2787. 	* @param database A database connector object


    2788. 

  2788. 	*/


    2789. 

  2789. 	function mosMenu( &$db ) {


    2790. 

  2790. 		$this->mosDBTable( '#__menu', 'id', $db );


    2791. 

  2791. 	}


    2792. 

  2792. 


    2793. 

  2793. 	function check() {


    2794. 

  2794. 		$this->id = (int) $this->id;


    2795. 

  2795. 		$this->params = (string) trim( $this->params . ' ' );


    2796. 

  2796. 


    2797. 

  2797. 		$ignoreList = array( 'link' );


    2798. 

  2798. 		$this->filter( $ignoreList );


    2799. 

  2799. 


    2800. 

  2800. 		return true;


    2801. 

  2801. 	}


    2802. 

  2802. }


    2803. 

  2803. 


    2804. 

  2804. /**


    2805. 

  2805. * Users Table Class


    2806. 

  2806. *


    2807. 

  2807. * Provides access to the jos_user table


    2808. 

  2808. * @package Joomla


    2809. 

  2809. */


    2810. 

  2810. class mosUser extends mosDBTable {


    2811. 

  2811. 	/** @var int Unique id*/


    2812. 

  2812. 	var $id				= null;


    2813. 

  2813. 	/** @var string The users real name (or nickname)*/


    2814. 

  2814. 	var $name			= null;


    2815. 

  2815. 	/** @var string The login name*/


    2816. 

  2816. 	var $username		= null;


    2817. 

  2817. 	/** @var string email*/


    2818. 

  2818. 	var $email			= null;


    2819. 

  2819. 	/** @var string MD5 encrypted password*/


    2820. 

  2820. 	var $password		= null;


    2821. 

  2821. 	/** @var string */


    2822. 

  2822. 	var $usertype		= null;


    2823. 

  2823. 	/** @var int */


    2824. 

  2824. 	var $block			= null;


    2825. 

  2825. 	/** @var int */


    2826. 

  2826. 	var $sendEmail		= null;


    2827. 

  2827. 	/** @var int The group id number */


    2828. 

  2828. 	var $gid			= null;


    2829. 

  2829. 	/** @var datetime */


    2830. 

  2830. 	var $registerDate	= null;


    2831. 

  2831. 	/** @var datetime */


    2832. 

  2832. 	var $lastvisitDate	= null;


    2833. 

  2833. 	/** @var string activation hash*/


    2834. 

  2834. 	var $activation		= null;


    2835. 

  2835. 	/** @var string */


    2836. 

  2836. 	var $params			= null;


    2837. 

  2837. 


    2838. 

  2838. 	/**


    2839. 

  2839. 	* @param database A database connector object


    2840. 

  2840. 	*/


    2841. 

  2841. 	function mosUser( &$database ) {


    2842. 

  2842. 		$this->mosDBTable( '#__users', 'id', $database );


    2843. 

  2843. 	}


    2844. 

  2844. 


    2845. 

  2845. 	/**


    2846. 

  2846. 	 * Validation and filtering


    2847. 

  2847. 	 * @return boolean True is satisfactory


    2848. 

  2848. 	 */


    2849. 

  2849. 	function check() {


    2850. 

  2850. 		global $mosConfig_uniquemail;


    2851. 

  2851. 


    2852. 

  2852. 		// Validate user information


    2853. 

  2853. 		if (trim( $this->name ) == '') {


    2854. 

  2854. 			$this->_error = addslashes( _REGWARN_NAME );


    2855. 

  2855. 			return false;


    2856. 

  2856. 		}


    2857. 

  2857. 


    2858. 

  2858. 		if (trim( $this->username ) == '') {


    2859. 

  2859. 			$this->_error = addslashes( _REGWARN_UNAME );


    2860. 

  2860. 			return false;


    2861. 

  2861. 		}


    2862. 

  2862. 


    2863. 

  2863. 		// check that username is not greater than 25 characters


    2864. 

  2864. 		$username = $this->username;


    2865. 

  2865. 		if ( strlen($username) > 25 ) {


    2866. 

  2866. 			$this->username = substr( $username, 0, 25 );


    2867. 

  2867. 		}


    2868. 

  2868. 


    2869. 

  2869. 		// check that password is not greater than 50 characters


    2870. 

  2870. 		$password = $this->password;


    2871. 

  2871. 		if ( strlen($password) > 50 ) {


    2872. 

  2872. 			$this->password = substr( $password, 0, 50 );


    2873. 

  2873. 		}


    2874. 

  2874. 


    2875. 

  2875. 		if (eregi( "[\<|\>|\"|\'|\%|\;|\(|\)|\&|\+|\-]", $this->username) || strlen( $this->username ) < 3) {


    2876. 

  2876. 			$this->_error = sprintf( addslashes( _VALID_AZ09 ), addslashes( _PROMPT_UNAME ), 2 );


    2877. 

  2877. 			return false;


    2878. 

  2878. 		}


    2879. 

  2879. 


    2880. 

  2880. 		if ((trim($this->email == "")) || (preg_match("/[\w\.\-]+@\w+[\w\.\-]*?\.\w{1,4}/", $this->email )==false)) {


    2881. 

  2881. 			$this->_error = addslashes( _REGWARN_MAIL );


    2882. 

  2882. 			return false;


    2883. 

  2883. 		}


    2884. 

  2884. 


    2885. 

  2885. 		// check for existing username


    2886. 

  2886. 		$query = "SELECT id"


    2887. 

  2887. 		. "\n FROM #__users "


    2888. 

  2888. 		. "\n WHERE username = " . $this->_db->Quote( $this->username )


    2889. 

  2889. 		. "\n AND id != " . (int)$this->id


    2890. 

  2890. 		;


    2891. 

  2891. 		$this->_db->setQuery( $query );


    2892. 

  2892. 		$xid = intval( $this->_db->loadResult() );


    2893. 

  2893. 		if ($xid && $xid != intval( $this->id )) {


    2894. 

  2894. 			$this->_error = addslashes( _REGWARN_INUSE );


    2895. 

  2895. 			return false;


    2896. 

  2896. 		}


    2897. 

  2897. 


    2898. 

  2898. 		if ($mosConfig_uniquemail) {


    2899. 

  2899. 			// check for existing email


    2900. 

  2900. 			$query = "SELECT id"


    2901. 

  2901. 			. "\n FROM #__users "


    2902. 

  2902. 			. "\n WHERE email = " . $this->_db->Quote( $this->email )


    2903. 

  2903. 			. "\n AND id != " . (int) $this->id


    2904. 

  2904. 			;


    2905. 

  2905. 			$this->_db->setQuery( $query );


    2906. 

  2906. 			$xid = intval( $this->_db->loadResult() );


    2907. 

  2907. 			if ($xid && $xid != intval( $this->id )) {


    2908. 

  2908. 				$this->_error = addslashes( _REGWARN_EMAIL_INUSE );


    2909. 

  2909. 				return false;


    2910. 

  2910. 			}


    2911. 

  2911. 		}


    2912. 

  2912. 


    2913. 

  2913. 		return true;


    2914. 

  2914. 	}


    2915. 

  2915. 


    2916. 

  2916. 	function store( $updateNulls=false ) {


    2917. 

  2917. 		global $acl, $migrate;


    2918. 

  2918. 		$section_value = 'users';


    2919. 

  2919. 


    2920. 

  2920. 		$k = $this->_tbl_key;


    2921. 

  2921. 		$key =  $this->$k;


    2922. 

  2922. 		if( $key && !$migrate) {


    2923. 

  2923. 			// existing record


    2924. 

  2924. 			$ret = $this->_db->updateObject( $this->_tbl, $this, $this->_tbl_key, $updateNulls );


    2925. 

  2925. 			// syncronise ACL


    2926. 

  2926. 			// single group handled at the moment


    2927. 

  2927. 			// trivial to expand to multiple groups


    2928. 

  2928. 			$groups = $acl->get_object_groups( $section_value, $this->$k, 'ARO' );


    2929. 

  2929. 			if(isset($groups[0])) $acl->del_group_object( $groups[0], $section_value, $this->$k, 'ARO' );


    2930. 

  2930. 			$acl->add_group_object( $this->gid, $section_value, $this->$k, 'ARO' );


    2931. 

  2931. 


    2932. 

  2932. 			$object_id = $acl->get_object_id( $section_value, $this->$k, 'ARO' );


    2933. 

  2933. 			$acl->edit_object( $object_id, $section_value, $this->_db->getEscaped( $this->name ), $this->$k, 0, 0, 'ARO' );


    2934. 

  2934. 		} else {


    2935. 

  2935. 			// new record


    2936. 

  2936. 			$ret = $this->_db->insertObject( $this->_tbl, $this, $this->_tbl_key );


    2937. 

  2937. 			// syncronise ACL


    2938. 

  2938. 			$acl->add_object( $section_value, $this->_db->getEscaped( $this->name ), $this->$k, null, null, 'ARO' );


    2939. 

  2939. 			$acl->add_group_object( $this->gid, $section_value, $this->$k, 'ARO' );


    2940. 

  2940. 		}


    2941. 

  2941. 		if( !$ret ) {


    2942. 

  2942. 			$this->_error = strtolower(get_class( $this ))."::store failed <br />" . $this->_db->getErrorMsg();


    2943. 

  2943. 			return false;


    2944. 

  2944. 		} else {


    2945. 

  2945. 			return true;


    2946. 

  2946. 		}


    2947. 

  2947. 	}


    2948. 

  2948. 


    2949. 

  2949. 	function delete( $oid=null ) {


    2950. 

  2950. 		global $acl;


    2951. 

  2951. 


    2952. 

  2952. 		$k = $this->_tbl_key;


    2953. 

  2953. 		if ($oid) {


    2954. 

  2954. 			$this->$k = intval( $oid );


    2955. 

  2955. 		}


    2956. 

  2956. 		$aro_id = $acl->get_object_id( 'users', $this->$k, 'ARO' );


    2957. 

  2957. 		$acl->del_object( $aro_id, 'ARO', true );


    2958. 

  2958. 


    2959. 

  2959. 		$query = "DELETE FROM $this->_tbl"


    2960. 

  2960. 		. "\n WHERE $this->_tbl_key = " . (int) $this->$k


    2961. 

  2961. 		;


    2962. 

  2962. 		$this->_db->setQuery( $query );


    2963. 

  2963. 


    2964. 

  2964. 		if ($this->_db->query()) {


    2965. 

  2965. 			// cleanup related data


    2966. 

  2966. 


    2967. 

  2967. 			// :: private messaging


    2968. 

  2968. 			$query = "DELETE FROM #__messages_cfg"


    2969. 

  2969. 			. "\n WHERE user_id = " . (int) $this->$k


    2970. 

  2970. 			;


    2971. 

  2971. 			$this->_db->setQuery( $query );


    2972. 

  2972. 			if (!$this->_db->query()) {


    2973. 

  2973. 				$this->_error = $this->_db->getErrorMsg();


    2974. 

  2974. 				return false;


    2975. 

  2975. 			}


    2976. 

  2976. 			$query = "DELETE FROM #__messages"


    2977. 

  2977. 			. "\n WHERE user_id_to = " . (int) $this->$k


    2978. 

  2978. 			;


    2979. 

  2979. 			$this->_db->setQuery( $query );


    2980. 

  2980. 			if (!$this->_db->query()) {


    2981. 

  2981. 				$this->_error = $this->_db->getErrorMsg();


    2982. 

  2982. 				return false;


    2983. 

  2983. 			}


    2984. 

  2984. 


    2985. 

  2985. 			return true;


    2986. 

  2986. 		} else {


    2987. 

  2987. 			$this->_error = $this->_db->getErrorMsg();


    2988. 

  2988. 			return false;


    2989. 

  2989. 		}


    2990. 

  2990. 	}


    2991. 

  2991. 


    2992. 

  2992. 	/**


    2993. 

  2993. 	 * Gets the users from a group


    2994. 

  2994. 	 * @param string The value for the group (not used 1.0)


    2995. 

  2995. 	 * @param string The name for the group


    2996. 

  2996. 	 * @param string If RECURSE, will drill into child groups


    2997. 

  2997. 	 * @param string Ordering for the list


    2998. 

  2998. 	 * @return array


    2999. 

  2999. 	 */


    3000. 

  3000. 	function getUserListFromGroup( $value, $name, $recurse='NO_RECURSE', $order='name' ) {


    3001. 

  3001. 		global $acl;


    3002. 

  3002. 


    3003. 

  3003. 		// Change back in


    3004. 

  3004. 		//$group_id = $acl->get_group_id( $value, $name, $group_type = 'ARO');


    3005. 

  3005. 		$group_id = $acl->get_group_id( $name, $group_type = 'ARO');


    3006. 

  3006. 		$objects = $acl->get_group_objects( $group_id, 'ARO', 'RECURSE');


    3007. 

  3007. 


    3008. 

  3008. 		if (isset( $objects['users'] )) {


    3009. 

  3009. 			mosArrayToInts( $objects['users'] );


    3010. 

  3010. 			$gWhere = '(id =' . implode( ' OR id =', $objects['users'] ) . ')';


    3011. 

  3011. 


    3012. 

  3012. 			$query = "SELECT id AS value, name AS text"


    3013. 

  3013. 			. "\n FROM #__users"


    3014. 

  3014. 			. "\n WHERE block = '0'"


    3015. 

  3015. 			. "\n AND " . $gWhere


    3016. 

  3016. 			. "\n ORDER BY ". $order


    3017. 

  3017. 			;


    3018. 

  3018. 			$this->_db->setQuery( $query );


    3019. 

  3019. 			$options = $this->_db->loadObjectList();


    3020. 

  3020. 			return $options;


    3021. 

  3021. 		} else {


    3022. 

  3022. 			return array();


    3023. 

  3023. 		}


    3024. 

  3024. 	}


    3025. 

  3025. }


    3026. 

  3026. 


    3027. 

  3027. /**


    3028. 

  3028. * Template Table Class


    3029. 

  3029. *


    3030. 

  3030. * Provides access to the jos_templates table


    3031. 

  3031. * @package Joomla


    3032. 

  3032. */


    3033. 

  3033. class mosTemplate extends mosDBTable {


    3034. 

  3034. 	/** @var int */


    3035. 

  3035. 	var $id				= null;


    3036. 

  3036. 	/** @var string */


    3037. 

  3037. 	var $cur_template	= null;


    3038. 

  3038. 	/** @var int */


    3039. 

  3039. 	var $col_main		= null;


    3040. 

  3040. 


    3041. 

  3041. 	/**


    3042. 

  3042. 	* @param database A database connector object


    3043. 

  3043. 	*/


    3044. 

  3044. 	function mosTemplate( &$database ) {


    3045. 

  3045. 		$this->mosDBTable( '#__templates', 'id', $database );


    3046. 

  3046. 	}


    3047. 

  3047. }


    3048. 

  3048. 


    3049. 

  3049. /**


    3050. 

  3050.  * Utility function to return a value from a named array or a specified default


    3051. 

  3051.  * @param array A named array


    3052. 

  3052.  * @param string The key to search for


    3053. 

  3053.  * @param mixed The default value to give if no key found


    3054. 

  3054.  * @param int An options mask: _MOS_NOTRIM prevents trim, _MOS_ALLOWHTML allows safe html, _MOS_ALLOWRAW allows raw input


    3055. 

  3055.  */


    3056. 

  3056. define( "_MOS_NOTRIM", 0x0001 );


    3057. 

  3057. define( "_MOS_ALLOWHTML", 0x0002 );


    3058. 

  3058. define( "_MOS_ALLOWRAW", 0x0004 );


    3059. 

  3059. function mosGetParam( &$arr, $name, $def=null, $mask=0 ) {


    3060. 

  3060. 	static $noHtmlFilter 	= null;


    3061. 

  3061. 	static $safeHtmlFilter 	= null;


    3062. 

  3062. 


    3063. 

  3063. 	$return = null;


    3064. 

  3064. 	if (isset( $arr[$name] )) {


    3065. 

  3065. 		$return = $arr[$name];


    3066. 

  3066. 


    3067. 

  3067. 		if (is_string( $return )) {


    3068. 

  3068. 			// trim data


    3069. 

  3069. 			if (!($mask&_MOS_NOTRIM)) {


    3070. 

  3070. 				$return = trim( $return );


    3071. 

  3071. 			}


    3072. 

  3072. 


    3073. 

  3073. 			if ($mask&_MOS_ALLOWRAW) {


    3074. 

  3074. 				// do nothing


    3075. 

  3075. 			} else if ($mask&_MOS_ALLOWHTML) {


    3076. 

  3076. 				// do nothing - compatibility mode


    3077. 

  3077. 			} else {


    3078. 

  3078. 				// send to inputfilter


    3079. 

  3079. 				if (is_null( $noHtmlFilter )) {


    3080. 

  3080. 					$noHtmlFilter = new InputFilter( /* $tags, $attr, $tag_method, $attr_method, $xss_auto */ );


    3081. 

  3081. 				}


    3082. 

  3082. 				$return = $noHtmlFilter->process( $return );


    3083. 

  3083. 


    3084. 

  3084. 				if (!empty($return) && is_numeric($def)) {


    3085. 

  3085. 				// if value is defined and default value is numeric set variable type to integer


    3086. 

  3086. 					$return = intval($return);


    3087. 

  3087. 				}


    3088. 

  3088. 			}


    3089. 

  3089. 


    3090. 

  3090. 			// account for magic quotes setting


    3091. 

  3091. 			if (!get_magic_quotes_gpc()) {


    3092. 

  3092. 				$return = addslashes( $return );


    3093. 

  3093. 			}


    3094. 

  3094. 		}


    3095. 

  3095. 


    3096. 

  3096. 		return $return;


    3097. 

  3097. 	} else {


    3098. 

  3098. 		return $def;


    3099. 

  3099. 	}


    3100. 

  3100. }


    3101. 

  3101. 


    3102. 

  3102. /**


    3103. 

  3103.  * Strip slashes from strings or arrays of strings


    3104. 

  3104.  * @param mixed The input string or array


    3105. 

  3105.  * @return mixed String or array stripped of slashes


    3106. 

  3106.  */


    3107. 

  3107. function mosStripslashes( &$value ) {


    3108. 

  3108. 	$ret = '';


    3109. 

  3109. 	if (is_string( $value )) {


    3110. 

  3110. 		$ret = stripslashes( $value );


    3111. 

  3111. 	} else {


    3112. 

  3112. 		if (is_array( $value )) {


    3113. 

  3113. 			$ret = array();


    3114. 

  3114. 			foreach ($value as $key => $val) {


    3115. 

  3115. 				$ret[$key] = mosStripslashes( $val );


    3116. 

  3116. 			}


    3117. 

  3117. 		} else {


    3118. 

  3118. 			$ret = $value;


    3119. 

  3119. 		}


    3120. 

  3120. 	}


    3121. 

  3121. 	return $ret;


    3122. 

  3122. }


    3123. 

  3123. 


    3124. 

  3124. /**


    3125. 

  3125. * Copy the named array content into the object as properties


    3126. 

  3126. * only existing properties of object are filled. when undefined in hash, properties wont be deleted


    3127. 

  3127. * @param array the input array


    3128. 

  3128. * @param obj byref the object to fill of any class


    3129. 

  3129. * @param string


    3130. 

  3130. * @param boolean


    3131. 

  3131. */


    3132. 

  3132. function mosBindArrayToObject( $array, &$obj, $ignore='', $prefix=NULL, $checkSlashes=true ) {


    3133. 

  3133. 	if (!is_array( $array ) || !is_object( $obj )) {


    3134. 

  3134. 		return (false);


    3135. 

  3135. 	}


    3136. 

  3136. 


    3137. 

  3137. 	$ignore = ' ' . $ignore . ' ';


    3138. 

  3138. 	foreach (get_object_vars($obj) as $k => $v) {


    3139. 

  3139. 		if( substr( $k, 0, 1 ) != '_' ) {			// internal attributes of an object are ignored


    3140. 

  3140. 			if (strpos( $ignore, ' ' . $k . ' ') === false) {


    3141. 

  3141. 				if ($prefix) {


    3142. 

  3142. 					$ak = $prefix . $k;


    3143. 

  3143. 				} else {


    3144. 

  3144. 					$ak = $k;


    3145. 

  3145. 				}


    3146. 

  3146. 				if (isset($array[$ak])) {


    3147. 

  3147. 					$obj->$k = ($checkSlashes && get_magic_quotes_gpc()) ? mosStripslashes( $array[$ak] ) : $array[$ak];


    3148. 

  3148. 				}


    3149. 

  3149. 			}


    3150. 

  3150. 		}


    3151. 

  3151. 	}


    3152. 

  3152. 


    3153. 

  3153. 	return true;


    3154. 

  3154. }


    3155. 

  3155. 


    3156. 

  3156. /**


    3157. 

  3157. * Utility function to read the files in a directory


    3158. 

  3158. * @param string The file system path


    3159. 

  3159. * @param string A filter for the names


    3160. 

  3160. * @param boolean Recurse search into sub-directories


    3161. 

  3161. * @param boolean True if to prepend the full path to the file name


    3162. 

  3162. */


    3163. 

  3163. function mosReadDirectory( $path, $filter='.', $recurse=false, $fullpath=false  ) {


    3164. 

  3164. 	$arr = array();


    3165. 

  3165. 	if (!@is_dir( $path )) {


    3166. 

  3166. 		return $arr;


    3167. 

  3167. 	}


    3168. 

  3168. 	$handle = opendir( $path );


    3169. 

  3169. 


    3170. 

  3170. 	while ($file = readdir($handle)) {


    3171. 

  3171. 		$dir = mosPathName( $path.'/'.$file, false );


    3172. 

  3172. 		$isDir = is_dir( $dir );


    3173. 

  3173. 		if (($file != ".") && ($file != "..")) {


    3174. 

  3174. 			if (preg_match( "/$filter/", $file )) {


    3175. 

  3175. 				if ($fullpath) {


    3176. 

  3176. 					$arr[] = trim( mosPathName( $path.'/'.$file, false ) );


    3177. 

  3177. 				} else {


    3178. 

  3178. 					$arr[] = trim( $file );


    3179. 

  3179. 				}


    3180. 

  3180. 			}


    3181. 

  3181. 			if ($recurse && $isDir) {


    3182. 

  3182. 				$arr2 = mosReadDirectory( $dir, $filter, $recurse, $fullpath );


    3183. 

  3183. 				$arr = array_merge( $arr, $arr2 );


    3184. 

  3184. 			}


    3185. 

  3185. 		}


    3186. 

  3186. 	}


    3187. 

  3187. 	closedir($handle);


    3188. 

  3188. 	asort($arr);


    3189. 

  3189. 	return $arr;


    3190. 

  3190. }


    3191. 

  3191. 


    3192. 

  3192. /**


    3193. 

  3193. * Utility function redirect the browser location to another url


    3194. 

  3194. *


    3195. 

  3195. * Can optionally provide a message.


    3196. 

  3196. * @param string The file system path


    3197. 

  3197. * @param string A filter for the names


    3198. 

  3198. */


    3199. 

  3199. function mosRedirect( $url, $msg='' ) {


    3200. 

  3200. 


    3201. 

  3201.    global $mainframe;


    3202. 

  3202. 


    3203. 

  3203.     // specific filters


    3204. 

  3204. 	$iFilter = new InputFilter();


    3205. 

  3205. 	$url = $iFilter->process( $url );


    3206. 

  3206. 	if (!empty($msg)) {


    3207. 

  3207. 		$msg = $iFilter->process( $msg );


    3208. 

  3208. 	}


    3209. 

  3209. 


    3210. 

  3210. 	// Strip out any line breaks and throw away the rest


    3211. 

  3211. 	$url = preg_split("/[\r\n]/", $url);


    3212. 

  3212. 	$url = $url[0];


    3213. 

  3213. 


    3214. 

  3214. 	if ($iFilter->badAttributeValue( array( 'href', $url ))) {


    3215. 

  3215. 		$url = $GLOBALS['mosConfig_live_site'];


    3216. 

  3216. 	}


    3217. 

  3217. 


    3218. 

  3218. 	if (trim( $msg )) {


    3219. 

  3219. 	 	if (strpos( $url, '?' )) {


    3220. 

  3220. 			$url .= '&mosmsg=' . urlencode( $msg );


    3221. 

  3221. 		} else {


    3222. 

  3222. 			$url .= '?mosmsg=' . urlencode( $msg );


    3223. 

  3223. 		}


    3224. 

  3224. 	}


    3225. 

  3225. 


    3226. 

  3226. 	if (headers_sent()) {


    3227. 

  3227. 		echo "<script>document.location.href='$url';</script>\n";


    3228. 

  3228. 	} else {


    3229. 

  3229. 		@ob_end_clean(); // clear output buffer


    3230. 

  3230. 		header( 'HTTP/1.1 301 Moved Permanently' );


    3231. 

  3231. 		header( "Location: ". $url );


    3232. 

  3232. 	}


    3233. 

  3233. 	exit();


    3234. 

  3234. }


    3235. 

  3235. 


    3236. 

  3236. function mosErrorAlert( $text, $action='window.history.go(-1);', $mode=1 ) {


    3237. 

  3237. 	$text = nl2br( $text );


    3238. 

  3238. 	$text = addslashes( $text );


    3239. 

  3239. 	$text = strip_tags( $text );


    3240. 

  3240. 


    3241. 

  3241. 	switch ( $mode ) {


    3242. 

  3242. 		case 2:


    3243. 

  3243. 			echo "<script>$action</script> \n";


    3244. 

  3244. 			break;


    3245. 

  3245. 


    3246. 

  3246. 		case 1:


    3247. 

  3247. 		default:


    3248. 

  3248. 			echo "<meta http-equiv=\"Content-Type\" content=\"text/html; "._ISO."\" />";


    3249. 

  3249. 			echo "<script>alert('$text'); $action</script> \n";


    3250. 

  3250. 			//echo '<noscript>';


    3251. 

  3251. 			//mosRedirect( @$_SERVER['HTTP_REFERER'], $text );


    3252. 

  3252. 			//echo '</noscript>';


    3253. 

  3253. 			break;


    3254. 

  3254. 	}


    3255. 

  3255. 


    3256. 

  3256. 	exit;


    3257. 

  3257. }


    3258. 

  3258. 


    3259. 

  3259. function mosTreeRecurse( $id, $indent, $list, &$children, $maxlevel=9999, $level=0, $type=1 ) {


    3260. 

  3260. 


    3261. 

  3261. 	if (@$children[$id] && $level <= $maxlevel) {


    3262. 

  3262. 		foreach ($children[$id] as $v) {


    3263. 

  3263. 			$id = $v->id;


    3264. 

  3264. 


    3265. 

  3265. 			if ( $type ) {


    3266. 

  3266. 				$pre 	= '<sup>L</sup>&nbsp;';


    3267. 

  3267. 				$spacer = '.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';


    3268. 

  3268. 			} else {


    3269. 

  3269. 				$pre 	= '- ';


    3270. 

  3270. 				$spacer = '&nbsp;&nbsp;';


    3271. 

  3271. 			}


    3272. 

  3272. 


    3273. 

  3273. 			if ( $v->parent == 0 ) {


    3274. 

  3274. 				$txt 	= $v->name;


    3275. 

  3275. 			} else {


    3276. 

  3276. 				$txt 	= $pre . $v->name;


    3277. 

  3277. 			}


    3278. 

  3278. 			$pt = $v->parent;


    3279. 

  3279. 			$list[$id] = $v;


    3280. 

  3280. 			$list[$id]->treename = "$indent$txt";


    3281. 

  3281. 			$list[$id]->children = count( @$children[$id] );


    3282. 

  3282. 


    3283. 

  3283. 			$list = mosTreeRecurse( $id, $indent . $spacer, $list, $children, $maxlevel, $level+1, $type );


    3284. 

  3284. 		}


    3285. 

  3285. 	}


    3286. 

  3286. 	return $list;


    3287. 

  3287. }


    3288. 

  3288. 


    3289. 

  3289. /**


    3290. 

  3290. * Function to strip additional / or \ in a path name


    3291. 

  3291. * @param string The path


    3292. 

  3292. * @param boolean Add trailing slash


    3293. 

  3293. */


    3294. 

  3294. function mosPathName($p_path,$p_addtrailingslash = true) {


    3295. 

  3295. 	$retval = "";


    3296. 

  3296. 


    3297. 

  3297. 	$isWin = (substr(PHP_OS, 0, 3) == 'WIN');


    3298. 

  3298. 


    3299. 

  3299. 	if ($isWin)	{


    3300. 

  3300. 		$retval = str_replace( '/', '\\', $p_path );


    3301. 

  3301. 		if ($p_addtrailingslash) {


    3302. 

  3302. 			if (substr( $retval, -1 ) != '\\') {


    3303. 

  3303. 				$retval .= '\\';


    3304. 

  3304. 			}


    3305. 

  3305. 		}


    3306. 

  3306. 


    3307. 

  3307. 		// Check if UNC path


    3308. 

  3308. 		$unc = substr($retval,0,2) == '\\\\' ? 1 : 0;


    3309. 

  3309. 


    3310. 

  3310. 		// Remove double \\


    3311. 

  3311. 		$retval = str_replace( '\\\\', '\\', $retval );


    3312. 

  3312. 


    3313. 

  3313. 		// If UNC path, we have to add one \ in front or everything breaks!


    3314. 

  3314. 		if ( $unc == 1 ) {


    3315. 

  3315. 			$retval = '\\'.$retval;


    3316. 

  3316. 		}


    3317. 

  3317. 	} else {


    3318. 

  3318. 		$retval = str_replace( '\\', '/', $p_path );


    3319. 

  3319. 		if ($p_addtrailingslash) {


    3320. 

  3320. 			if (substr( $retval, -1 ) != '/') {


    3321. 

  3321. 				$retval .= '/';


    3322. 

  3322. 			}


    3323. 

  3323. 		}


    3324. 

  3324. 


    3325. 

  3325. 		// Check if UNC path


    3326. 

  3326. 		$unc = substr($retval,0,2) == '//' ? 1 : 0;


    3327. 

  3327. 


    3328. 

  3328. 		// Remove double //


    3329. 

  3329. 		$retval = str_replace('//','/',$retval);


    3330. 

  3330. 


    3331. 

  3331. 		// If UNC path, we have to add one / in front or everything breaks!


    3332. 

  3332. 		if ( $unc == 1 ) {


    3333. 

  3333. 			$retval = '/'.$retval;


    3334. 

  3334. 		}


    3335. 

  3335. 	}


    3336. 

  3336. 


    3337. 

  3337. 	return $retval;


    3338. 

  3338. }


    3339. 

  3339. 


    3340. 

  3340. /**


    3341. 

  3341. * Class mosMambot


    3342. 

  3342. * @package Joomla


    3343. 

  3343. */


    3344. 

  3344. class mosMambot extends mosDBTable {


    3345. 

  3345. 	/** @var int */


    3346. 

  3346. 	var $id					= null;


    3347. 

  3347. 	/** @var varchar */


    3348. 

  3348. 	var $name				= null;


    3349. 

  3349. 	/** @var varchar */


    3350. 

  3350. 	var $element			= null;


    3351. 

  3351. 	/** @var varchar */


    3352. 

  3352. 	var $folder				= null;


    3353. 

  3353. 	/** @var tinyint unsigned */


    3354. 

  3354. 	var $access				= null;


    3355. 

  3355. 	/** @var int */


    3356. 

  3356. 	var $ordering			= null;


    3357. 

  3357. 	/** @var tinyint */


    3358. 

  3358. 	var $published			= null;


    3359. 

  3359. 	/** @var tinyint */


    3360. 

  3360. 	var $iscore				= null;


    3361. 

  3361. 	/** @var tinyint */


    3362. 

  3362. 	var $client_id			= null;


    3363. 

  3363. 	/** @var int unsigned */


    3364. 

  3364. 	var $checked_out		= null;


    3365. 

  3365. 	/** @var datetime */


    3366. 

  3366. 	var $checked_out_time	= null;


    3367. 

  3367. 	/** @var text */


    3368. 

  3368. 	var $params				= null;


    3369. 

  3369. 


    3370. 

  3370. 	function mosMambot( &$db ) {


    3371. 

  3371. 		$this->mosDBTable( '#__mambots', 'id', $db );


    3372. 

  3372. 	}


    3373. 

  3373. }


    3374. 

  3374. 


    3375. 

  3375. /**


    3376. 

  3376. * Module database table class


    3377. 

  3377. * @package Joomla


    3378. 

  3378. */


    3379. 

  3379. class mosModule extends mosDBTable {


    3380. 

  3380. 	/** @var int Primary key */


    3381. 

  3381. 	var $id					= null;


    3382. 

  3382. 	/** @var string */


    3383. 

  3383. 	var $title				= null;


    3384. 

  3384. 	/** @var string */


    3385. 

  3385. 	var $showtitle			= null;


    3386. 

  3386. 	/** @var int */


    3387. 

  3387. 	var $content			= null;


    3388. 

  3388. 	/** @var int */


    3389. 

  3389. 	var $ordering			= null;


    3390. 

  3390. 	/** @var string */


    3391. 

  3391. 	var $position			= null;


    3392. 

  3392. 	/** @var boolean */


    3393. 

  3393. 	var $checked_out		= null;


    3394. 

  3394. 	/** @var time */


    3395. 

  3395. 	var $checked_out_time	= null;


    3396. 

  3396. 	/** @var boolean */


    3397. 

  3397. 	var $published			= null;


    3398. 

  3398. 	/** @var string */


    3399. 

  3399. 	var $module				= null;


    3400. 

  3400. 	/** @var int */


    3401. 

  3401. 	var $numnews			= null;


    3402. 

  3402. 	/** @var int */


    3403. 

  3403. 	var $access				= null;


    3404. 

  3404. 	/** @var string */


    3405. 

  3405. 	var $params				= null;


    3406. 

  3406. 	/** @var string */


    3407. 

  3407. 	var $iscore				= null;


    3408. 

  3408. 	/** @var string */


    3409. 

  3409. 	var $client_id			= null;


    3410. 

  3410. 


    3411. 

  3411. 	/**


    3412. 

  3412. 	* @param database A database connector object


    3413. 

  3413. 	*/


    3414. 

  3414. 	function mosModule( &$db ) {


    3415. 

  3415. 		$this->mosDBTable( '#__modules', 'id', $db );


    3416. 

  3416. 	}


    3417. 

  3417. 	// overloaded check function


    3418. 

  3418. 	function check() {


    3419. 

  3419. 		// check for valid name


    3420. 

  3420. 		if (trim( $this->title ) == '') {


    3421. 

  3421. 			$this->_error = "Your Module must contain a title.";


    3422. 

  3422. 			return false;


    3423. 

  3423. 		}


    3424. 

  3424. 


    3425. 

  3425. 		return true;


    3426. 

  3426. 	}


    3427. 

  3427. }


    3428. 

  3428. 


    3429. 

  3429. /**


    3430. 

  3430. * Session database table class


    3431. 

  3431. * @package Joomla


    3432. 

  3432. */


    3433. 

  3433. class mosSession extends mosDBTable {


    3434. 

  3434. 	/** @var int Primary key */


    3435. 

  3435. 	var $session_id			= null;


    3436. 

  3436. 	/** @var string */


    3437. 

  3437. 	var $time				= null;


    3438. 

  3438. 	/** @var string */


    3439. 

  3439. 	var $userid				= null;


    3440. 

  3440. 	/** @var string */


    3441. 

  3441. 	var $usertype			= null;


    3442. 

  3442. 	/** @var string */


    3443. 

  3443. 	var $username			= null;


    3444. 

  3444. 	/** @var time */


    3445. 

  3445. 	var $gid				= null;


    3446. 

  3446. 	/* Hack for integration with JACLPlus Component */


    3447. 

  3447. 	/** @var string */


    3448. 

  3448. 	var $jaclplus			= null;


    3449. 

  3449. 	/* End of hack for JACLPlus Component */


    3450. 

  3450. 	/** @var int */


    3451. 

  3451. 	var $guest				= null;


    3452. 

  3452. 	/** @var string */


    3453. 

  3453. 	var $_session_cookie	= null;


    3454. 

  3454. 


    3455. 

  3455. 	/**


    3456. 

  3456. 	* @param database A database connector object


    3457. 

  3457. 	*/


    3458. 

  3458. 	function mosSession( &$db ) {


    3459. 

  3459. 		$this->mosDBTable( '#__session', 'session_id', $db );


    3460. 

  3460. 	}


    3461. 

  3461. 


    3462. 

  3462. 	/**


    3463. 

  3463. 	 * @param string Key search for


    3464. 

  3464. 	 * @param mixed Default value if not set


    3465. 

  3465. 	 * @return mixed


    3466. 

  3466. 	 */


    3467. 

  3467. 	function get( $key, $default=null ) {


    3468. 

  3468. 		return mosGetParam( $_SESSION, $key, $default );


    3469. 

  3469. 	}


    3470. 

  3470. 


    3471. 

  3471. 	/**


    3472. 

  3472. 	 * @param string Key to set


    3473. 

  3473. 	 * @param mixed Value to set


    3474. 

  3474. 	 * @return mixed The new value


    3475. 

  3475. 	 */


    3476. 

  3476. 	function set( $key, $value ) {


    3477. 

  3477. 		$_SESSION[$key] = $value;


    3478. 

  3478. 		return $value;


    3479. 

  3479. 	}


    3480. 

  3480. 


    3481. 

  3481. 	/**


    3482. 

  3482. 	 * Sets a key from a REQUEST variable, otherwise uses the default


    3483. 

  3483. 	 * @param string The variable key


    3484. 

  3484. 	 * @param string The REQUEST variable name


    3485. 

  3485. 	 * @param mixed The default value


    3486. 

  3486. 	 * @return mixed


    3487. 

  3487. 	 */


    3488. 

  3488. 	function setFromRequest( $key, $varName, $default=null ) {


    3489. 

  3489. 		if (isset( $_REQUEST[$varName] )) {


    3490. 

  3490. 			return mosSession::set( $key, $_REQUEST[$varName] );


    3491. 

  3491. 		} else if (isset( $_SESSION[$key] )) {


    3492. 

  3492. 			return $_SESSION[$key];


    3493. 

  3493. 		} else {


    3494. 

  3494. 			return mosSession::set( $key, $default );


    3495. 

  3495. 		}


    3496. 

  3496. 	}


    3497. 

  3497. 


    3498. 

  3498. 	/**


    3499. 

  3499. 	 * Insert a new row


    3500. 

  3500. 	 * @return boolean


    3501. 

  3501. 	 */


    3502. 

  3502. 	function insert() {


    3503. 

  3503. 		$ret = $this->_db->insertObject( $this->_tbl, $this );


    3504. 

  3504. 


    3505. 

  3505. 		if( !$ret ) {


    3506. 

  3506. 			$this->_error = strtolower(get_class( $this ))."::store failed <br />" . $this->_db->stderr();


    3507. 

  3507. 			return false;


    3508. 

  3508. 		} else {


    3509. 

  3509. 			return true;


    3510. 

  3510. 		}


    3511. 

  3511. 	}


    3512. 

  3512. 


    3513. 

  3513. 	/**


    3514. 

  3514. 	 * Update an existing row


    3515. 

  3515. 	 * @return boolean


    3516. 

  3516. 	 */


    3517. 

  3517. 	function update( $updateNulls=false ) {


    3518. 

  3518. 		$ret = $this->_db->updateObject( $this->_tbl, $this, 'session_id', $updateNulls );


    3519. 

  3519. 


    3520. 

  3520. 		if( !$ret ) {


    3521. 

  3521. 			$this->_error = strtolower(get_class( $this ))."::store failed <br />" . $this->_db->stderr();


    3522. 

  3522. 			return false;


    3523. 

  3523. 		} else {


    3524. 

  3524. 			return true;


    3525. 

  3525. 		}


    3526. 

  3526. 	}


    3527. 

  3527. 


    3528. 

  3528. 	/**


    3529. 

  3529. 	 * Generate a unique session id


    3530. 

  3530. 	 * @return string


    3531. 

  3531. 	 */


    3532. 

  3532. 	function generateId() {


    3533. 

  3533. 		$failsafe 	= 20;


    3534. 

  3534. 		$randnum 	= 0;


    3535. 

  3535. 


    3536. 

  3536. 		while ($failsafe--) {


    3537. 

  3537. 			$randnum 		= md5( uniqid( microtime(), 1 ) );


    3538. 

  3538. 			$new_session_id = mosMainFrame::sessionCookieValue( $randnum );


    3539. 

  3539. 


    3540. 

  3540. 			if ($randnum != '') {


    3541. 

  3541. 				$query = "SELECT $this->_tbl_key"


    3542. 

  3542. 				. "\n FROM $this->_tbl"


    3543. 

  3543. 				. "\n WHERE $this->_tbl_key = " . $this->_db->Quote( $new_session_id )


    3544. 

  3544. 				;


    3545. 

  3545. 				$this->_db->setQuery( $query );


    3546. 

  3546. 				if(!$result = $this->_db->query()) {


    3547. 

  3547. 					die( $this->_db->stderr( true ));


    3548. 

  3548. 				}


    3549. 

  3549. 


    3550. 

  3550. 				if ($this->_db->getNumRows($result) == 0) {


    3551. 

  3551. 					break;


    3552. 

  3552. 				}


    3553. 

  3553. 			}


    3554. 

  3554. 		}


    3555. 

  3555. 


    3556. 

  3556. 		$this->_session_cookie 	= $randnum;


    3557. 

  3557. 		$this->session_id 		= $new_session_id;


    3558. 

  3558. 	}


    3559. 

  3559. 


    3560. 

  3560. 	/**


    3561. 

  3561. 	 * @return string The name of the session cookie


    3562. 

  3562. 	 */


    3563. 

  3563. 	function getCookie() {


    3564. 

  3564. 		return $this->_session_cookie;


    3565. 

  3565. 	}


    3566. 

  3566. 


    3567. 

  3567. 	/**


    3568. 

  3568. 	 * Purge lapsed sessions


    3569. 

  3569. 	 * @return boolean


    3570. 

  3570. 	 */


    3571. 

  3571. 	function purge( $inc=1800, $and='' ) {


    3572. 

  3572. 		global $mainframe;


    3573. 

  3573. 


    3574. 

  3574. 		if ($inc == 'core') {


    3575. 

  3575. 			$past_logged 	= time() - $mainframe->getCfg( 'lifetime' );


    3576. 

  3576. 			$past_guest 	= time() - 900;


    3577. 

  3577. 


    3578. 

  3578. 			$query = "DELETE FROM $this->_tbl"


    3579. 

  3579. 			. "\n WHERE ("


    3580. 

  3580. 			// purging expired logged sessions


    3581. 

  3581. 			. "\n ( time < '" . (int) $past_logged . "' )"


    3582. 

  3582. 			. "\n AND guest = 0"


    3583. 

  3583. 			. "\n AND gid > 0"


    3584. 

  3584. 			. "\n ) OR ("


    3585. 

  3585. 			// purging expired guest sessions


    3586. 

  3586. 			. "\n ( time < '" . (int) $past_guest . "' )"


    3587. 

  3587. 			. "\n AND guest = 1"


    3588. 

  3588. 			. "\n AND userid = 0"


    3589. 

  3589. 			. "\n )"


    3590. 

  3590. 			;


    3591. 

  3591. 		} else {


    3592. 

  3592. 		// kept for backward compatability


    3593. 

  3593. 			$past = time() - $inc;


    3594. 

  3594. 			$query = "DELETE FROM $this->_tbl"


    3595. 

  3595. 			. "\n WHERE ( time < '" . (int) $past . "' )"


    3596. 

  3596. 			. $and


    3597. 

  3597. 			;


    3598. 

  3598. 		}


    3599. 

  3599. 		$this->_db->setQuery($query);


    3600. 

  3600. 


    3601. 

  3601. 		return $this->_db->query();


    3602. 

  3602. 	}


    3603. 

  3603. }


    3604. 

  3604. 


    3605. 

  3605. 


    3606. 

  3606. function mosObjectToArray($p_obj) {


    3607. 

  3607. 	$retarray = null;


    3608. 

  3608. 	if(is_object($p_obj))


    3609. 

  3609. 	{


    3610. 

  3610. 		$retarray = array();


    3611. 

  3611. 		foreach (get_object_vars($p_obj) as $k => $v)


    3612. 

  3612. 		{


    3613. 

  3613. 			if(is_object($v))


    3614. 

  3614. 			$retarray[$k] = mosObjectToArray($v);


    3615. 

  3615. 			else


    3616. 

  3616. 			$retarray[$k] = $v;


    3617. 

  3617. 		}


    3618. 

  3618. 	}


    3619. 

  3619. 	return $retarray;


    3620. 

  3620. }


    3621. 

  3621. /**


    3622. 

  3622. * Checks the user agent string against known browsers


    3623. 

  3623. */


    3624. 

  3624. function mosGetBrowser( $agent ) {


    3625. 

  3625. 	global $mosConfig_absolute_path;


    3626. 

  3626. 


    3627. 

  3627. 	require( $mosConfig_absolute_path .'/includes/agent_browser.php' );


    3628. 

  3628. 


    3629. 

  3629. 	if (preg_match( "/msie[\/\sa-z]*([\d\.]*)/i", $agent, $m )


    3630. 

  3630. 	&& !preg_match( "/webtv/i", $agent )


    3631. 

  3631. 	&& !preg_match( "/omniweb/i", $agent )


    3632. 

  3632. 	&& !preg_match( "/opera/i", $agent )) {


    3633. 

  3633. 		// IE


    3634. 

  3634. 		return "MS Internet Explorer $m[1]";


    3635. 

  3635. 	} else if (preg_match( "/netscape.?\/([\d\.]*)/i", $agent, $m )) {


    3636. 

  3636. 		// Netscape 6.x, 7.x ...


    3637. 

  3637. 		return "Netscape $m[1]";


    3638. 

  3638. 	} else if ( preg_match( "/mozilla[\/\sa-z]*([\d\.]*)/i", $agent, $m )


    3639. 

  3639. 	&& !preg_match( "/gecko/i", $agent )


    3640. 

  3640. 	&& !preg_match( "/compatible/i", $agent )


    3641. 

  3641. 	&& !preg_match( "/opera/i", $agent )


    3642. 

  3642. 	&& !preg_match( "/galeon/i", $agent )


    3643. 

  3643. 	&& !preg_match( "/safari/i", $agent )) {


    3644. 

  3644. 		// Netscape 3.x, 4.x ...


    3645. 

  3645. 		return "Netscape $m[1]";


    3646. 

  3646. 	} else {


    3647. 

  3647. 		// Other


    3648. 

  3648. 		$found = false;


    3649. 

  3649. 		foreach ($browserSearchOrder as $key) {


    3650. 

  3650. 			if (preg_match( "/$key.?\/([\d\.]*)/i", $agent, $m )) {


    3651. 

  3651. 				$name = "$browsersAlias[$key] $m[1]";


    3652. 

  3652. 				return $name;


    3653. 

  3653. 				break;


    3654. 

  3654. 			}


    3655. 

  3655. 		}


    3656. 

  3656. 	}


    3657. 

  3657. 


    3658. 

  3658. 	return 'Unknown';


    3659. 

  3659. }


    3660. 

  3660. 


    3661. 

  3661. /**


    3662. 

  3662. * Checks the user agent string against known operating systems


    3663. 

  3663. */


    3664. 

  3664. function mosGetOS( $agent ) {


    3665. 

  3665. 	global $mosConfig_absolute_path;


    3666. 

  3666. 


    3667. 

  3667. 	require( $mosConfig_absolute_path .'/includes/agent_os.php' );


    3668. 

  3668. 


    3669. 

  3669. 	foreach ($osSearchOrder as $key) {


    3670. 

  3670. 		if (preg_match( "/$key/i", $agent )) {


    3671. 

  3671. 			return $osAlias[$key];


    3672. 

  3672. 			break;


    3673. 

  3673. 		}


    3674. 

  3674. 	}


    3675. 

  3675. 


    3676. 

  3676. 	return 'Unknown';


    3677. 

  3677. }


    3678. 

  3678. 


    3679. 

  3679. /**


    3680. 

  3680. * @param string SQL with ordering As value and 'name field' AS text


    3681. 

  3681. * @param integer The length of the truncated headline


    3682. 

  3682. */


    3683. 

  3683. function mosGetOrderingList( $sql, $chop='30' ) {


    3684. 

  3684. 	global $database;


    3685. 

  3685. 


    3686. 

  3686. 	$order = array();


    3687. 

  3687. 	$database->setQuery( $sql );


    3688. 

  3688. 	if (!($orders = $database->loadObjectList())) {


    3689. 

  3689. 		if ($database->getErrorNum()) {


    3690. 

  3690. 			echo $database->stderr();


    3691. 

  3691. 			return false;


    3692. 

  3692. 		} else {


    3693. 

  3693. 			$order[] = mosHTML::makeOption( 1, 'first' );


    3694. 

  3694. 			return $order;


    3695. 

  3695. 		}


    3696. 

  3696. 	}


    3697. 

  3697. 	$order[] = mosHTML::makeOption( 0, '0 first' );


    3698. 

  3698. 	for ($i=0, $n=count( $orders ); $i < $n; $i++) {


    3699. 

  3699. 


    3700. 

  3700. 		if (strlen($orders[$i]->text) > $chop) {


    3701. 

  3701. 			$text = substr($orders[$i]->text,0,$chop)."...";


    3702. 

  3702. 		} else {


    3703. 

  3703. 			$text = $orders[$i]->text;


    3704. 

  3704. 		}


    3705. 

  3705. 


    3706. 

  3706. 		$order[] = mosHTML::makeOption( $orders[$i]->value, $orders[$i]->value.' ('.$text.')' );


    3707. 

  3707. 	}


    3708. 

  3708. 	$order[] = mosHTML::makeOption( $orders[$i-1]->value+1, ($orders[$i-1]->value+1).' last' );


    3709. 

  3709. 


    3710. 

  3710. 	return $order;


    3711. 

  3711. }


    3712. 

  3712. 


    3713. 

  3713. /**


    3714. 

  3714. * Makes a variable safe to display in forms


    3715. 

  3715. *


    3716. 

  3716. * Object parameters that are non-string, array, object or start with underscore


    3717. 

  3717. * will be converted


    3718. 

  3718. * @param object An object to be parsed


    3719. 

  3719. * @param int The optional quote style for the htmlspecialchars function


    3720. 

  3720. * @param string|array An optional single field name or array of field names not


    3721. 

  3721. *					 to be parsed (eg, for a textarea)


    3722. 

  3722. */


    3723. 

  3723. function mosMakeHtmlSafe( &$mixed, $quote_style=ENT_QUOTES, $exclude_keys='' ) {


    3724. 

  3724. 	if (is_object( $mixed )) {


    3725. 

  3725. 		foreach (get_object_vars( $mixed ) as $k => $v) {


    3726. 

  3726. 			if (is_array( $v ) || is_object( $v ) || $v == NULL || substr( $k, 1, 1 ) == '_' ) {


    3727. 

  3727. 				continue;


    3728. 

  3728. 			}


    3729. 

  3729. 			if (is_string( $exclude_keys ) && $k == $exclude_keys) {


    3730. 

  3730. 				continue;


    3731. 

  3731. 			} else if (is_array( $exclude_keys ) && in_array( $k, $exclude_keys )) {


    3732. 

  3732. 				continue;


    3733. 

  3733. 			}


    3734. 

  3734. 			$mixed->$k = htmlspecialchars( $v, $quote_style );


    3735. 

  3735. 		}


    3736. 

  3736. 	}


    3737. 

  3737. }


    3738. 

  3738. 


    3739. 

  3739. /* Hack for integration with JACLPlus Component */


    3740. 

  3740. /**


    3741. 

  3741. * Checks whether a menu option is within the users access level


    3742. 

  3742. * @param int Item id number


    3743. 

  3743. * @param string The menu option


    3744. 

  3744. * @param int The users group ID number


    3745. 

  3745. * @param database A database connector object


    3746. 

  3746. * @return boolean True if the visitor's group at least equal to the menu access


    3747. 

  3747. */


    3748. 

  3748. function mosMenuCheck( $Itemid, $menu_option, $task, $gid ) {


    3749. 

  3749. 	global $database, $mainframe, $my;


    3750. 

  3750. 


    3751. 

  3751. 	if ( $Itemid != '' && $Itemid != 0 && $Itemid != 99999999 ) {


    3752. 

  3752. 		$query = "SELECT *"


    3753. 

  3753. 		. "\n FROM #__menu"


    3754. 

  3754. 		. "\n WHERE id = " . (int) $Itemid


    3755. 

  3755. 		;


    3756. 

  3756. 	} else {


    3757. 

  3757. 		$dblink = "index.php?option=" . $database->getEscaped( $menu_option, true );


    3758. 

  3758. 


    3759. 

  3759. 		if ($task != '') {


    3760. 

  3760. 			$dblink	.= "&task=" . $database->getEscaped( $task, true );


    3761. 

  3761. 		}


    3762. 

  3762. 


    3763. 

  3763. 		$query = "SELECT *"


    3764. 

  3764. 		. "\n FROM #__menu"


    3765. 

  3765. 		. "\n WHERE published = 1 AND"


    3766. 

  3766. 		. "\n link LIKE '$dblink%'"


    3767. 

  3767. 		;


    3768. 

  3768. 	}


    3769. 

  3769. 	$database->setQuery( $query );


    3770. 

  3770. 	$results 	= $database->loadObjectList();


    3771. 

  3771. 	if(class_exists('JACLPlus')) {


    3772. 

  3772. 		$access 	= true;


    3773. 

  3773. 		foreach ($results as $result) {


    3774. 

  3774. 			if( !JACLPlus::InList( $result->access, $my->jaclplus ) ) {


    3775. 

  3775. 				$access = false;


    3776. 

  3776. 				break;


    3777. 

  3777. 			}


    3778. 

  3778. 		}


    3779. 

  3779. 	} else {


    3780. 

  3780. 		$access 	= 0;


    3781. 

  3781. 		foreach ($results as $result) {


    3782. 

  3782. 			$access = max( $access, $result->access );


    3783. 

  3783. 		}


    3784. 

  3784. 	}


    3785. 

  3785. 


    3786. 

  3786. 	// save menu information to global mainframe


    3787. 

  3787. 	if(isset($results[0])) {


    3788. 

  3788. 		// loads menu info of particular Itemid


    3789. 

  3789. 		$mainframe->set( 'menu', $results[0] );


    3790. 

  3790. 	} else {


    3791. 

  3791. 		// loads empty Menu info


    3792. 

  3792. 		$mainframe->set( 'menu', new mosMenu($database) );


    3793. 

  3793. 	}


    3794. 

  3794. 	if(class_exists('JACLPlus')) return $access;


    3795. 

  3795. 	else return ($access <= $gid);


    3796. 

  3796. }


    3797. 

  3797. /* End of hack for JACLPlus Component */


    3798. 

  3798. 


    3799. 

  3799. /**


    3800. 

  3800. * Returns formated date according to current local and adds time offset


    3801. 

  3801. * @param string date in datetime format


    3802. 

  3802. * @param string format optional format for strftime


    3803. 

  3803. * @param offset time offset if different than global one


    3804. 

  3804. * @returns formated date


    3805. 

  3805. */


    3806. 

  3806. function mosFormatDate( $date, $format="", $offset=NULL ){


    3807. 

  3807. 	global $mosConfig_offset;


    3808. 

  3808. 	if ( $format == '' ) {


    3809. 

  3809. 		// %Y-%m-%d %H:%M:%S


    3810. 

  3810. 		$format = _DATE_FORMAT_LC;


    3811. 

  3811. 	}


    3812. 

  3812. 	if ( is_null($offset) ) {


    3813. 

  3813. 		$offset = $mosConfig_offset;


    3814. 

  3814. 	}


    3815. 

  3815. 	if ( $date && ereg( "([0-9]{4})-([0-9]{2})-([0-9]{2})[ ]([0-9]{2}):([0-9]{2}):([0-9]{2})", $date, $regs ) ) {


    3816. 

  3816. 		$date = mktime( $regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1] );


    3817. 

  3817. 		$date = $date > -1 ? strftime( $format, $date + ($offset*60*60) ) : '-';


    3818. 

  3818. 	}


    3819. 

  3819. 	return $date;


    3820. 

  3820. }


    3821. 

  3821. 


    3822. 

  3822. /**


    3823. 

  3823. * Returns current date according to current local and time offset


    3824. 

  3824. * @param string format optional format for strftime


    3825. 

  3825. * @returns current date


    3826. 

  3826. */


    3827. 

  3827. function mosCurrentDate( $format="" ) {


    3828. 

  3828. 	global $mosConfig_offset;


    3829. 

  3829. 	if ($format=="") {


    3830. 

  3830. 		$format = _DATE_FORMAT_LC;


    3831. 

  3831. 	}


    3832. 

  3832. 	$date = strftime( $format, time() + ($mosConfig_offset*60*60) );


    3833. 

  3833. 	return $date;


    3834. 

  3834. }


    3835. 

  3835. 


    3836. 

  3836. /**


    3837. 

  3837. * Utility function to provide ToolTips


    3838. 

  3838. * @param string ToolTip text


    3839. 

  3839. * @param string Box title


    3840. 

  3840. * @returns HTML code for ToolTip


    3841. 

  3841. */


    3842. 

  3842. function mosToolTip( $tooltip, $title='', $width='', $image='tooltip.png', $text='', $href='#', $link=1 ) {


    3843. 

  3843. 	global $mosConfig_live_site;


    3844. 

  3844. 


    3845. 

  3845. 	if ( $width ) {


    3846. 

  3846. 		$width = ', WIDTH, \''.$width .'\'';


    3847. 

  3847. 	}


    3848. 

  3848. 	if ( $title ) {


    3849. 

  3849. 		$title = ', CAPTION, \''.$title .'\'';


    3850. 

  3850. 	}


    3851. 

  3851. 	if ( !$text ) {


    3852. 

  3852. 		$image 	= $mosConfig_live_site . '/includes/js/ThemeOffice/'. $image;


    3853. 

  3853. 		$text 	= '<img src="'. $image .'" border="0" alt="tooltip"/>';


    3854. 

  3854. 	}


    3855. 

  3855. 	$style = 'style="text-decoration: none; color: #333;"';


    3856. 

  3856. 	if ( $href ) {


    3857. 

  3857. 		$style = '';


    3858. 

  3858. 	} else{


    3859. 

  3859. 		$href = '#';


    3860. 

  3860. 	}


    3861. 

  3861. 


    3862. 

  3862. 	$mousover = 'return overlib(\''. $tooltip .'\''. $title .', BELOW, RIGHT'. $width .');';


    3863. 

  3863. 


    3864. 

  3864. 	$tip = "<!-- Tooltip -->\n";


    3865. 

  3865. 	if ( $link ) {


    3866. 

  3866. 		$tip .= '<a href="'. $href .'" onmouseover="'. $mousover .'" onmouseout="return nd();" '. $style .'>'. $text .'</a>';


    3867. 

  3867. 	} else {


    3868. 

  3868. 		$tip .= '<span onmouseover="'. $mousover .'" onmouseout="return nd();" '. $style .'>'. $text .'</span>';


    3869. 

  3869. 	}


    3870. 

  3870. 


    3871. 

  3871. 	return $tip;


    3872. 

  3872. }


    3873. 

  3873. 


    3874. 

  3874. /**


    3875. 

  3875. * Utility function to provide Warning Icons


    3876. 

  3876. * @param string Warning text


    3877. 

  3877. * @param string Box title


    3878. 

  3878. * @returns HTML code for Warning


    3879. 

  3879. */


    3880. 

  3880. function mosWarning($warning, $title='Joomla! Warning') {


    3881. 

  3881. 	global $mosConfig_live_site;


    3882. 

  3882. 


    3883. 

  3883. 	$mouseover 	= 'return overlib(\''. $warning .'\', CAPTION, \''. $title .'\', BELOW, RIGHT);';


    3884. 

  3884. 


    3885. 

  3885. 	$tip 		= "<!-- Warning -->\n";


    3886. 

  3886. 	$tip 		.= '<a href="javascript:void(0)" onmouseover="'. $mouseover .'" onmouseout="return nd();">';


    3887. 

  3887. 	$tip 		.= '<img src="'. $mosConfig_live_site .'/includes/js/ThemeOffice/warning.png" border="0"  alt="warning"/></a>';


    3888. 

  3888. 


    3889. 

  3889. 	return $tip;


    3890. 

  3890. }


    3891. 

  3891. 


    3892. 

  3892. function mosCreateGUID(){


    3893. 

  3893. 	srand((double)microtime()*1000000);


    3894. 

  3894. 	$r = rand();


    3895. 

  3895. 	$u = uniqid(getmypid() . $r . (double)microtime()*1000000,1);


    3896. 

  3896. 	$m = md5 ($u);


    3897. 

  3897. 	return($m);


    3898. 

  3898. }


    3899. 

  3899. 


    3900. 

  3900. function mosCompressID( $ID ){


    3901. 

  3901. 	return(Base64_encode(pack("H*",$ID)));


    3902. 

  3902. }


    3903. 

  3903. 


    3904. 

  3904. function mosExpandID( $ID ) {


    3905. 

  3905. 	return ( implode(unpack("H*",Base64_decode($ID)), '') );


    3906. 

  3906. }


    3907. 

  3907. 


    3908. 

  3908. /**


    3909. 

  3909. * Function to create a mail object for futher use (uses phpMailer)


    3910. 

  3910. * @param string From e-mail address


    3911. 

  3911. * @param string From name


    3912. 

  3912. * @param string E-mail subject


    3913. 

  3913. * @param string Message body


    3914. 

  3914. * @return object Mail object


    3915. 

  3915. */


    3916. 

  3916. function mosCreateMail( $from='', $fromname='', $subject, $body ) {


    3917. 

  3917. 	global $mosConfig_absolute_path, $mosConfig_sendmail;


    3918. 

  3918. 	global $mosConfig_smtpauth, $mosConfig_smtpuser;


    3919. 

  3919. 	global $mosConfig_smtppass, $mosConfig_smtphost;


    3920. 

  3920. 	global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailer;


    3921. 

  3921. 


    3922. 

  3922. 	$mail = new mosPHPMailer();


    3923. 

  3923. 


    3924. 

  3924. 	$mail->PluginDir = $mosConfig_absolute_path .'/includes/phpmailer/';


    3925. 

  3925. 	$mail->SetLanguage( 'en', $mosConfig_absolute_path . '/includes/phpmailer/language/' );


    3926. 

  3926. 	$mail->CharSet 	= substr_replace(_ISO, '', 0, 8);


    3927. 

  3927. 	$mail->IsMail();


    3928. 

  3928. 	$mail->From 	= $from ? $from : $mosConfig_mailfrom;


    3929. 

  3929. 	$mail->FromName = $fromname ? $fromname : $mosConfig_fromname;


    3930. 

  3930. 	$mail->Mailer 	= $mosConfig_mailer;


    3931. 

  3931. 


    3932. 

  3932. 	// Add smtp values if needed


    3933. 

  3933. 	if ( $mosConfig_mailer == 'smtp' ) {


    3934. 

  3934. 		$mail->SMTPAuth = $mosConfig_smtpauth;


    3935. 

  3935. 		$mail->Username = $mosConfig_smtpuser;


    3936. 

  3936. 		$mail->Password = $mosConfig_smtppass;


    3937. 

  3937. 		$mail->Host 	= $mosConfig_smtphost;


    3938. 

  3938. 	} else


    3939. 

  3939. 


    3940. 

  3940. 	// Set sendmail path


    3941. 

  3941. 	if ( $mosConfig_mailer == 'sendmail' ) {


    3942. 

  3942. 		if (isset($mosConfig_sendmail))


    3943. 

  3943. 			$mail->Sendmail = $mosConfig_sendmail;


    3944. 

  3944. 	} // if


    3945. 

  3945. 


    3946. 

  3946. 	$mail->Subject 	= $subject;


    3947. 

  3947. 	$mail->Body 	= $body;


    3948. 

  3948. 


    3949. 

  3949. 	return $mail;


    3950. 

  3950. }


    3951. 

  3951. 


    3952. 

  3952. /**


    3953. 

  3953. * Mail function (uses phpMailer)


    3954. 

  3954. * @param string From e-mail address


    3955. 

  3955. * @param string From name


    3956. 

  3956. * @param string/array Recipient e-mail address(es)


    3957. 

  3957. * @param string E-mail subject


    3958. 

  3958. * @param string Message body


    3959. 

  3959. * @param boolean false = plain text, true = HTML


    3960. 

  3960. * @param string/array CC e-mail address(es)


    3961. 

  3961. * @param string/array BCC e-mail address(es)


    3962. 

  3962. * @param string/array Attachment file name(s)


    3963. 

  3963. * @param string/array ReplyTo e-mail address(es)


    3964. 

  3964. * @param string/array ReplyTo name(s)


    3965. 

  3965. * @return boolean


    3966. 

  3966. */


    3967. 

  3967. function mosMail( $from, $fromname, $recipient, $subject, $body, $mode=0, $cc=NULL, $bcc=NULL, $attachment=NULL, $replyto=NULL, $replytoname=NULL ) {


    3968. 

  3968. 	global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_debug;


    3969. 

  3969. 


    3970. 

  3970. 	// Allow empty $from and $fromname settings (backwards compatibility)


    3971. 

  3971. 	if ($from == '') {


    3972. 

  3972. 		$from = $mosConfig_mailfrom;


    3973. 

  3973. 	}


    3974. 

  3974. 	if ($fromname == '') {


    3975. 

  3975. 		$fromname = $mosConfig_fromname;


    3976. 

  3976. 	}


    3977. 

  3977. 


    3978. 

  3978. 	// Filter from, fromname and subject


    3979. 

  3979. 	if (!JosIsValidEmail( $from ) || !JosIsValidName( $fromname ) || !JosIsValidName( $subject )) {


    3980. 

  3980. 		return false;


    3981. 

  3981. 	}


    3982. 

  3982. 


    3983. 

  3983. 	$mail = mosCreateMail( $from, $fromname, $subject, $body );


    3984. 

  3984. 


    3985. 

  3985. 	// activate HTML formatted emails


    3986. 

  3986. 	if ( $mode ) {


    3987. 

  3987. 		$mail->IsHTML(true);


    3988. 

  3988. 	}


    3989. 

  3989. 


    3990. 

  3990. 	if (is_array( $recipient )) {


    3991. 

  3991. 		foreach ($recipient as $to) {


    3992. 

  3992. 			if (!JosIsValidEmail( $to )) {


    3993. 

  3993. 				return false;


    3994. 

  3994. 			}


    3995. 

  3995. 			$mail->AddAddress( $to );


    3996. 

  3996. 		}


    3997. 

  3997. 	} else {


    3998. 

  3998. 		if (!JosIsValidEmail( $recipient )) {


    3999. 

  3999. 			return false;


    4000. 

  4000. 		}


    4001. 

  4001. 		$mail->AddAddress( $recipient );


    4002. 

  4002. 	}


    4003. 

  4003. 	if (isset( $cc )) {


    4004. 

  4004. 		if (is_array( $cc )) {


    4005. 

  4005. 			foreach ($cc as $to) {


    4006. 

  4006. 				if (!JosIsValidEmail( $to )) {


    4007. 

  4007. 					return false;


    4008. 

  4008. 				}


    4009. 

  4009. 				$mail->AddCC($to);


    4010. 

  4010. 			}


    4011. 

  4011. 		} else {


    4012. 

  4012. 			if (!JosIsValidEmail( $cc )) {


    4013. 

  4013. 				return false;


    4014. 

  4014. 			}


    4015. 

  4015. 			$mail->AddCC($cc);


    4016. 

  4016. 		}


    4017. 

  4017. 	}


    4018. 

  4018. 	if (isset( $bcc )) {


    4019. 

  4019. 		if (is_array( $bcc )) {


    4020. 

  4020. 			foreach ($bcc as $to) {


    4021. 

  4021. 				if (!JosIsValidEmail( $to )) {


    4022. 

  4022. 					return false;


    4023. 

  4023. 				}


    4024. 

  4024. 				$mail->AddBCC( $to );


    4025. 

  4025. 			}


    4026. 

  4026. 		} else {


    4027. 

  4027. 			if (!JosIsValidEmail( $bcc )) {


    4028. 

  4028. 				return false;


    4029. 

  4029. 			}


    4030. 

  4030. 			$mail->AddBCC( $bcc );


    4031. 

  4031. 		}


    4032. 

  4032. 	}


    4033. 

  4033. 	if ($attachment) {


    4034. 

  4034. 		if (is_array( $attachment )) {


    4035. 

  4035. 			foreach ($attachment as $fname) {


    4036. 

  4036. 				$mail->AddAttachment( $fname );


    4037. 

  4037. 			}


    4038. 

  4038. 		} else {


    4039. 

  4039. 			$mail->AddAttachment($attachment);


    4040. 

  4040. 		}


    4041. 

  4041. 	}


    4042. 

  4042. 	//Important for being able to use mosMail without spoofing...


    4043. 

  4043. 	if ($replyto) {


    4044. 

  4044. 		if (is_array( $replyto )) {


    4045. 

  4045. 			reset( $replytoname );


    4046. 

  4046. 			foreach ($replyto as $to) {


    4047. 

  4047. 				$toname = ((list( $key, $value ) = each( $replytoname )) ? $value : '');


    4048. 

  4048. 				if (!JosIsValidEmail( $to ) || !JosIsValidName( $toname )) {


    4049. 

  4049. 					return false;


    4050. 

  4050. 				}


    4051. 

  4051. 				$mail->AddReplyTo( $to, $toname );


    4052. 

  4052. 			}


    4053. 

  4053.         } else {


    4054. 

  4054. 			if (!JosIsValidEmail( $replyto ) || !JosIsValidName( $replytoname )) {


    4055. 

  4055. 				return false;


    4056. 

  4056. 			}


    4057. 

  4057. 			$mail->AddReplyTo($replyto, $replytoname);


    4058. 

  4058. 		}


    4059. 

  4059.     }


    4060. 

  4060. 


    4061. 

  4061. 	$mailssend = $mail->Send();


    4062. 

  4062. 


    4063. 

  4063. 	if( $mosConfig_debug ) {


    4064. 

  4064. 		//$mosDebug->message( "Mails send: $mailssend");


    4065. 

  4065. 	}


    4066. 

  4066. 	if( $mail->error_count > 0 ) {


    4067. 

  4067. 		//$mosDebug->message( "The mail message $fromname <$from> about $subject to $recipient <b>failed</b><br /><pre>$body</pre>", false );


    4068. 

  4068. 		//$mosDebug->message( "Mailer Error: " . $mail->ErrorInfo . "" );


    4069. 

  4069. 	}


    4070. 

  4070. 	return $mailssend;


    4071. 

  4071. } // mosMail


    4072. 

  4072. 


    4073. 

  4073. /**


    4074. 

  4074.  * Checks if a given string is a valid email address


    4075. 

  4075.  *


    4076. 

  4076.  * @param	string	$email	String to check for a valid email address


    4077. 

  4077.  * @return	boolean


    4078. 

  4078.  */


    4079. 

  4079. function JosIsValidEmail( $email ) {


    4080. 

  4080. 	$valid = preg_match( '/^[\w\.\-]+@\w+[\w\.\-]*?\.\w{1,4}$/', $email );


    4081. 

  4081. 


    4082. 

  4082. 	return $valid;


    4083. 

  4083. }


    4084. 

  4084. 


    4085. 

  4085. /**


    4086. 

  4086.  * Checks if a given string is a valid (from-)name or subject for an email


    4087. 

  4087.  *


    4088. 

  4088.  * @since		1.0.11


    4089. 

  4089.  * @deprecated	1.5


    4090. 

  4090.  * @param		string		$string		String to check for validity


    4091. 

  4091.  * @return		boolean


    4092. 

  4092.  */


    4093. 

  4093. function JosIsValidName( $string ) {


    4094. 

  4094. 	/*


    4095. 

  4095. 	 * The following regular expression blocks all strings containing any low control characters:


    4096. 

  4096. 	 * 0x00-0x1F, 0x7F


    4097. 

  4097. 	 * These should be control characters in almost all used charsets.


    4098. 

  4098. 	 * The high control chars in ISO-8859-n (0x80-0x9F) are unused (e.g. http://en.wikipedia.org/wiki/ISO_8859-1)


    4099. 

  4099. 	 * Since they are valid UTF-8 bytes (e.g. used as the second byte of a two byte char),


    4100. 

  4100. 	 * they must not be filtered.


    4101. 

  4101. 	 */


    4102. 

  4102. 	$invalid = preg_match( '/[\x00-\x1F\x7F]/', $string );


    4103. 

  4103. 	if ($invalid) {


    4104. 

  4104. 		return false;


    4105. 

  4105. 	} else {


    4106. 

  4106. 		return true;


    4107. 

  4107. 	}


    4108. 

  4108. }


    4109. 

  4109. 


    4110. 

  4110. /**


    4111. 

  4111.  * Initialise GZIP


    4112. 

  4112.  */


    4113. 

  4113. function initGzip() {


    4114. 

  4114. 	global $mosConfig_gzip, $do_gzip_compress;


    4115. 

  4115. 


    4116. 

  4116. 	$do_gzip_compress = FALSE;


    4117. 

  4117. 	if ($mosConfig_gzip == 1) {


    4118. 

  4118. 		$phpver 	= phpversion();


    4119. 

  4119. 		$useragent 	= mosGetParam( $_SERVER, 'HTTP_USER_AGENT', '' );


    4120. 

  4120. 		$canZip 	= mosGetParam( $_SERVER, 'HTTP_ACCEPT_ENCODING', '' );


    4121. 

  4121. 


    4122. 

  4122. 		$gzip_check 	= 0;


    4123. 

  4123. 		$zlib_check 	= 0;


    4124. 

  4124. 		$gz_check		= 0;


    4125. 

  4125. 		$zlibO_check	= 0;


    4126. 

  4126. 		$sid_check		= 0;


    4127. 

  4127. 		if ( strpos( $canZip, 'gzip' ) !== false) {


    4128. 

  4128. 			$gzip_check = 1;


    4129. 

  4129. 		}


    4130. 

  4130. 		if ( extension_loaded( 'zlib' ) ) {


    4131. 

  4131. 			$zlib_check = 1;


    4132. 

  4132. 		}


    4133. 

  4133. 		if ( function_exists('ob_gzhandler') ) {


    4134. 

  4134. 			$gz_check = 1;


    4135. 

  4135. 		}


    4136. 

  4136. 		if ( ini_get('zlib.output_compression') ) {


    4137. 

  4137. 			$zlibO_check = 1;


    4138. 

  4138. 		}


    4139. 

  4139. 		if ( ini_get('session.use_trans_sid') ) {


    4140. 

  4140. 			$sid_check = 1;


    4141. 

  4141. 		}


    4142. 

  4142. 


    4143. 

  4143. 		if ( $phpver >= '4.0.4pl1' && ( strpos($useragent,'compatible') !== false || strpos($useragent,'Gecko')	!== false ) ) {


    4144. 

  4144. 			// Check for gzip header or northon internet securities or session.use_trans_sid


    4145. 

  4145. 			if ( ( $gzip_check || isset( $_SERVER['---------------']) ) && $zlib_check && $gz_check && !$zlibO_check && !$sid_check ) {


    4146. 

  4146. 				// You cannot specify additional output handlers if


    4147. 

  4147. 				// zlib.output_compression is activated here


    4148. 

  4148. 				ob_start( 'ob_gzhandler' );


    4149. 

  4149. 				return;


    4150. 

  4150. 			}


    4151. 

  4151. 		} else if ( $phpver > '4.0' ) {


    4152. 

  4152. 			if ( $gzip_check ) {


    4153. 

  4153. 				if ( $zlib_check ) {


    4154. 

  4154. 					$do_gzip_compress = TRUE;


    4155. 

  4155. 					ob_start();


    4156. 

  4156. 					ob_implicit_flush(0);


    4157. 

  4157. 


    4158. 

  4158. 					header( 'Content-Encoding: gzip' );


    4159. 

  4159. 					return;


    4160. 

  4160. 				}


    4161. 

  4161. 			}


    4162. 

  4162. 		}


    4163. 

  4163. 	}


    4164. 

  4164. 	ob_start();


    4165. 

  4165. }


    4166. 

  4166. 


    4167. 

  4167. /**


    4168. 

  4168. * Perform GZIP


    4169. 

  4169. */


    4170. 

  4170. function doGzip() {


    4171. 

  4171. 	global $do_gzip_compress;


    4172. 

  4172. 	if ( $do_gzip_compress ) {


    4173. 

  4173. 		/**


    4174. 

  4174. 		*Borrowed from php.net!


    4175. 

  4175. 		*/


    4176. 

  4176. 		$gzip_contents = ob_get_contents();


    4177. 

  4177. 		ob_end_clean();


    4178. 

  4178. 


    4179. 

  4179. 		$gzip_size = strlen($gzip_contents);


    4180. 

  4180. 		$gzip_crc = crc32($gzip_contents);


    4181. 

  4181. 


    4182. 

  4182. 		$gzip_contents = gzcompress($gzip_contents, 9);


    4183. 

  4183. 		$gzip_contents = substr($gzip_contents, 0, strlen($gzip_contents) - 4);


    4184. 

  4184. 


    4185. 

  4185. 		echo "\x1f\x8b\x08\x00\x00\x00\x00\x00";


    4186. 

  4186. 		echo $gzip_contents;


    4187. 

  4187. 		echo pack('V', $gzip_crc);


    4188. 

  4188. 		echo pack('V', $gzip_size);


    4189. 

  4189. 	} else {


    4190. 

  4190. 		ob_end_flush();


    4191. 

  4191. 	}


    4192. 

  4192. }


    4193. 

  4193. 


    4194. 

  4194. /**


    4195. 

  4195. * Random password generator


    4196. 

  4196. * @return password


    4197. 

  4197. */


    4198. 

  4198. function mosMakePassword($length=8) {


    4199. 

  4199. 	$salt 		= "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";


    4200. 

  4200. 	$makepass	= '';


    4201. 

  4201. 	mt_srand(10000000*(double)microtime());


    4202. 

  4202. 	for ($i = 0; $i < $length; $i++)


    4203. 

  4203. 		$makepass .= $salt[mt_rand(0,61)];


    4204. 

  4204. 	return $makepass;


    4205. 

  4205. }


    4206. 

  4206. 


    4207. 

  4207. if (!function_exists('html_entity_decode')) {


    4208. 

  4208. 	/**


    4209. 

  4209. 	* html_entity_decode function for backward compatability in PHP


    4210. 

  4210. 	* @param string


    4211. 

  4211. 	* @param string


    4212. 

  4212. 	*/


    4213. 

  4213. 	function html_entity_decode ($string, $opt = ENT_COMPAT) {


    4214. 

  4214. 


    4215. 

  4215. 		$trans_tbl = get_html_translation_table (HTML_ENTITIES);


    4216. 

  4216. 		$trans_tbl = array_flip ($trans_tbl);


    4217. 

  4217. 


    4218. 

  4218. 		if ($opt & 1) { // Translating single quotes


    4219. 

  4219. 			// Add single quote to translation table;


    4220. 

  4220. 			// doesn't appear to be there by default


    4221. 

  4221. 			$trans_tbl["&apos;"] = "'";


    4222. 

  4222. 		}


    4223. 

  4223. 


    4224. 

  4224. 		if (!($opt & 2)) { // Not translating double quotes


    4225. 

  4225. 			// Remove double quote from translation table


    4226. 

  4226. 			unset($trans_tbl["&quot;"]);


    4227. 

  4227. 		}


    4228. 

  4228. 


    4229. 

  4229. 		return strtr ($string, $trans_tbl);


    4230. 

  4230. 	}


    4231. 

  4231. }


    4232. 

  4232. 


    4233. 

  4233. /**


    4234. 

  4234. * Plugin handler


    4235. 

  4235. * @package Joomla


    4236. 

  4236. */


    4237. 

  4237. class mosMambotHandler {


    4238. 

  4238. 	/** @var array An array of functions in event groups */


    4239. 

  4239. 	var $_events			= null;


    4240. 

  4240. 	/** @var array An array of lists */


    4241. 

  4241. 	var $_lists				= null;


    4242. 

  4242. 	/** @var array An array of mambots */


    4243. 

  4243. 	var $_bots				= null;


    4244. 

  4244. 	/** @var int Index of the mambot being loaded */


    4245. 

  4245. 	var $_loading			= null;


    4246. 

  4246. 


    4247. 

  4247. 	/** Added as of 1.0.8 to ensure queries are only called once **/


    4248. 

  4248. 


    4249. 

  4249. 	/** @var array An array of the content mambots in the system */


    4250. 

  4250. 	var $_content_mambots	= null;


    4251. 

  4251. 	/** @var array An array of the content mambot params */


    4252. 

  4252. 	var $_content_mambot_params	= array();


    4253. 

  4253. 	/** @var array An array of the content mambot params */


    4254. 

  4254. 	var $_search_mambot_params	= array();


    4255. 

  4255. 


    4256. 

  4256. 	/**


    4257. 

  4257. 	* Constructor


    4258. 

  4258. 	*/


    4259. 

  4259. 	function mosMambotHandler() {


    4260. 

  4260. 		$this->_events = array();


    4261. 

  4261. 	}


    4262. 

  4262. 	/**


    4263. 

  4263. 	* Loads all the bot files for a particular group


    4264. 

  4264. 	* @param string The group name, relates to the sub-directory in the mambots directory


    4265. 

  4265. 	*/


    4266. 

  4266. 	function loadBotGroup( $group ) {


    4267. 

  4267. 		global $database, $my;


    4268. 

  4268. 


    4269. 

  4269. 		/* Hack for integration with JACLPlus Component */


    4270. 

  4270. 		$group = trim( $group );


    4271. 

  4271. 		if (is_object( $my )) {


    4272. 

  4272. 			$gid = $my->gid;


    4273. 

  4273. 			if(class_exists('JACLPlus')) $jaclplus = $my->jaclplus;


    4274. 

  4274. 		} else {


    4275. 

  4275. 			$gid = 0;


    4276. 

  4276. 			if(class_exists('JACLPlus')) $jaclplus = JACLPlus::DefaultAL();


    4277. 

  4277. 		}


    4278. 

  4278. 


    4279. 

  4279. 		$group = trim( $group );


    4280. 

  4280. 


    4281. 

  4281. 		switch ( $group ) {


    4282. 

  4282. 			case 'content':


    4283. 

  4283. 				if (!defined( '_JOS_CONTENT_MAMBOTS' )) {


    4284. 

  4284. 					/** ensure that query is only called once */


    4285. 

  4285. 					define( '_JOS_CONTENT_MAMBOTS', 1 );


    4286. 

  4286. 


    4287. 

  4287. 					$query = "SELECT folder, element, published, params"


    4288. 

  4288. 					. "\n FROM #__mambots"


    4289. 

  4289. 					//. "\n WHERE access <= " . (int) $gid


    4290. 

  4290. 					. "\n WHERE access ".(class_exists('JACLPlus') ? "IN ( $jaclplus )" : "<= " . (int) $gid)


    4291. 

  4291. 					. "\n AND folder = 'content'"


    4292. 

  4292. 					. "\n ORDER BY ordering"


    4293. 

  4293. 					;


    4294. 

  4294. 					$database->setQuery( $query );


    4295. 

  4295. 


    4296. 

  4296. 					// load query into class variable _content_mambots


    4297. 

  4297. 					if (!($this->_content_mambots = $database->loadObjectList())) {


    4298. 

  4298. 						//echo "Error loading Mambots: " . $database->getErrorMsg();


    4299. 

  4299. 						return false;


    4300. 

  4300. 					}


    4301. 

  4301. 				}


    4302. 

  4302. 


    4303. 

  4303. 				// pull bots to be processed from class variable


    4304. 

  4304. 				$bots = $this->_content_mambots;


    4305. 

  4305. 				break;


    4306. 

  4306. 


    4307. 

  4307. 			default:


    4308. 

  4308. 				$query = "SELECT folder, element, published, params"


    4309. 

  4309. 				. "\n FROM #__mambots"


    4310. 

  4310. 				. "\n WHERE published >= 1"


    4311. 

  4311. 				//. "\n AND access <= " . (int) $gid


    4312. 

  4312. 				. "\n AND access ".(class_exists('JACLPlus') ? "IN ( $jaclplus )" : "<= " . (int) $gid)


    4313. 

  4313. 				. "\n AND folder = " . $database->Quote( $group )


    4314. 

  4314. 				. "\n ORDER BY ordering"


    4315. 

  4315. 				;


    4316. 

  4316. 				$database->setQuery( $query );


    4317. 

  4317. 		/* End of hack for JACLPlus Component */


    4318. 

  4318. 


    4319. 

  4319. 				if (!($bots = $database->loadObjectList())) {


    4320. 

  4320. 					//echo "Error loading Mambots: " . $database->getErrorMsg();


    4321. 

  4321. 					return false;


    4322. 

  4322. 				}


    4323. 

  4323. 				break;


    4324. 

  4324. 		}


    4325. 

  4325. 


    4326. 

  4326. 		// load bots found by queries


    4327. 

  4327. 		$n = count( $bots);


    4328. 

  4328. 		for ($i = 0; $i < $n; $i++) {


    4329. 

  4329. 			$this->loadBot( $bots[$i]->folder, $bots[$i]->element, $bots[$i]->published, $bots[$i]->params );


    4330. 

  4330. 		}


    4331. 

  4331. 


    4332. 

  4332. 		return true;


    4333. 

  4333. 	}


    4334. 

  4334. 	/**


    4335. 

  4335. 	 * Loads the bot file


    4336. 

  4336. 	 * @param string The folder (group)


    4337. 

  4337. 	 * @param string The elements (name of file without extension)


    4338. 

  4338. 	 * @param int Published state


    4339. 

  4339. 	 * @param string The params for the bot


    4340. 

  4340. 	 */


    4341. 

  4341. 	function loadBot( $folder, $element, $published, $params='' ) {


    4342. 

  4342. 		global $mosConfig_absolute_path;


    4343. 

  4343. 		global $_MAMBOTS;


    4344. 

  4344. 


    4345. 

  4345. 		$path = $mosConfig_absolute_path . '/mambots/' . $folder . '/' . $element . '.php';


    4346. 

  4346. 		if (file_exists( $path )) {


    4347. 

  4347. 			$this->_loading = count( $this->_bots );


    4348. 

  4348. 			$bot = new stdClass;


    4349. 

  4349. 			$bot->folder 	= $folder;


    4350. 

  4350. 			$bot->element 	= $element;


    4351. 

  4351. 			$bot->published = $published;


    4352. 

  4352. 			$bot->lookup 	= $folder . '/' . $element;


    4353. 

  4353. 			$bot->params 	= $params;


    4354. 

  4354. 			$this->_bots[] 	= $bot;


    4355. 

  4355. 


    4356. 

  4356. 			require_once( $path );


    4357. 

  4357. 


    4358. 

  4358. 			$this->_loading = null;


    4359. 

  4359. 		}


    4360. 

  4360. 	}


    4361. 

  4361. 	/**


    4362. 

  4362. 	* Registers a function to a particular event group


    4363. 

  4363. 	* @param string The event name


    4364. 

  4364. 	* @param string The function name


    4365. 

  4365. 	*/


    4366. 

  4366. 	function registerFunction( $event, $function ) {


    4367. 

  4367. 		$this->_events[$event][] = array( $function, $this->_loading );


    4368. 

  4368. 	}


    4369. 

  4369. 	/**


    4370. 

  4370. 	* Makes a option for a particular list in a group


    4371. 

  4371. 	* @param string The group name


    4372. 

  4372. 	* @param string The list name


    4373. 

  4373. 	* @param string The value for the list option


    4374. 

  4374. 	* @param string The text for the list option


    4375. 

  4375. 	*/


    4376. 

  4376. 	function addListOption( $group, $listName, $value, $text='' ) {


    4377. 

  4377. 		$this->_lists[$group][$listName][] = mosHTML::makeOption( $value, $text );


    4378. 

  4378. 	}


    4379. 

  4379. 	/**


    4380. 

  4380. 	* @param string The group name


    4381. 

  4381. 	* @param string The list name


    4382. 

  4382. 	* @return array


    4383. 

  4383. 	*/


    4384. 

  4384. 	function getList( $group, $listName ) {


    4385. 

  4385. 		return $this->_lists[$group][$listName];


    4386. 

  4386. 	}


    4387. 

  4387. 	/**


    4388. 

  4388. 	* Calls all functions associated with an event group


    4389. 

  4389. 	* @param string The event name


    4390. 

  4390. 	* @param array An array of arguments


    4391. 

  4391. 	* @param boolean True is unpublished bots are to be processed


    4392. 

  4392. 	* @return array An array of results from each function call


    4393. 

  4393. 	*/


    4394. 

  4394. 	function trigger( $event, $args=null, $doUnpublished=false ) {


    4395. 

  4395. 		$result = array();


    4396. 

  4396. 


    4397. 

  4397. 		if ($args === null) {


    4398. 

  4398. 			$args = array();


    4399. 

  4399. 		}


    4400. 

  4400. 		if ($doUnpublished) {


    4401. 

  4401. 			// prepend the published argument


    4402. 

  4402. 			array_unshift( $args, null );


    4403. 

  4403. 		}


    4404. 

  4404. 		if (isset( $this->_events[$event] )) {


    4405. 

  4405. 			foreach ($this->_events[$event] as $func) {


    4406. 

  4406. 				if (function_exists( $func[0] )) {


    4407. 

  4407. 					if ($doUnpublished) {


    4408. 

  4408. 						$args[0] = $this->_bots[$func[1]]->published;


    4409. 

  4409. 						$result[] = call_user_func_array( $func[0], $args );


    4410. 

  4410. 					} else if ($this->_bots[$func[1]]->published) {


    4411. 

  4411. 						$result[] = call_user_func_array( $func[0], $args );


    4412. 

  4412. 					}


    4413. 

  4413. 				}


    4414. 

  4414. 			}


    4415. 

  4415. 		}


    4416. 

  4416. 		return $result;


    4417. 

  4417. 	}


    4418. 

  4418. 	/**


    4419. 

  4419. 	* Same as trigger but only returns the first event and


    4420. 

  4420. 	* allows for a variable argument list


    4421. 

  4421. 	* @param string The event name


    4422. 

  4422. 	* @return array The result of the first function call


    4423. 

  4423. 	*/


    4424. 

  4424. 	function call( $event ) {


    4425. 

  4425. 		$doUnpublished=false;


    4426. 

  4426. 


    4427. 

  4427. 		$args =& func_get_args();


    4428. 

  4428. 		array_shift( $args );


    4429. 

  4429. 


    4430. 

  4430. 		if (isset( $this->_events[$event] )) {


    4431. 

  4431. 			foreach ($this->_events[$event] as $func) {


    4432. 

  4432. 				if (function_exists( $func[0] )) {


    4433. 

  4433. 					if ($this->_bots[$func[1]]->published) {


    4434. 

  4434. 						return call_user_func_array( $func[0], $args );


    4435. 

  4435. 					}


    4436. 

  4436. 				}


    4437. 

  4437. 			}


    4438. 

  4438. 		}


    4439. 

  4439. 		return null;


    4440. 

  4440. 	}


    4441. 

  4441. }


    4442. 

  4442. 


    4443. 

  4443. /**


    4444. 

  4444. * Tab Creation handler


    4445. 

  4445. * @package Joomla


    4446. 

  4446. */


    4447. 

  4447. class mosTabs {


    4448. 

  4448. 	/** @var int Use cookies */


    4449. 

  4449. 	var $useCookies = 0;


    4450. 

  4450. 


    4451. 

  4451. 	/**


    4452. 

  4452. 	* Constructor


    4453. 

  4453. 	* Includes files needed for displaying tabs and sets cookie options


    4454. 

  4454. 	* @param int useCookies, if set to 1 cookie will hold last used tab between page refreshes


    4455. 

  4455. 	*/


    4456. 

  4456. 	function mosTabs( $useCookies, $xhtml=NULL ) {


    4457. 

  4457. 		global $mosConfig_live_site, $mainframe;


    4458. 

  4458. 


    4459. 

  4459. 		if ( $xhtml ) {


    4460. 

  4460. 			$mainframe->addCustomHeadTag( '<link rel="stylesheet" type="text/css" media="all" href="includes/js/tabs/tabpane.css" id="luna-tab-style-sheet" />' );


    4461. 

  4461. 		} else {


    4462. 

  4462. 			echo "<link id=\"luna-tab-style-sheet\" type=\"text/css\" rel=\"stylesheet\" href=\"" . $mosConfig_live_site. "/includes/js/tabs/tabpane.css\" />";


    4463. 

  4463. 		}


    4464. 

  4464. 


    4465. 

  4465. 		echo "<script type=\"text/javascript\" src=\"". $mosConfig_live_site . "/includes/js/tabs/tabpane_mini.js\"></script>";


    4466. 

  4466. 


    4467. 

  4467. 		$this->useCookies = $useCookies;


    4468. 

  4468. 	}


    4469. 

  4469. 


    4470. 

  4470. 	/**


    4471. 

  4471. 	* creates a tab pane and creates JS obj


    4472. 

  4472. 	* @param string The Tab Pane Name


    4473. 

  4473. 	*/


    4474. 

  4474. 	function startPane($id){


    4475. 

  4475. 		echo "<div class=\"tab-page\" id=\"".$id."\">";


    4476. 

  4476. 		echo "<script type=\"text/javascript\">\n";


    4477. 

  4477. 		echo "	var tabPane1 = new WebFXTabPane( document.getElementById( \"".$id."\" ), ".$this->useCookies." )\n";


    4478. 

  4478. 		echo "</script>\n";


    4479. 

  4479. 	}


    4480. 

  4480. 


    4481. 

  4481. 	/**


    4482. 

  4482. 	* Ends Tab Pane


    4483. 

  4483. 	*/


    4484. 

  4484. 	function endPane() {


    4485. 

  4485. 		echo "</div>";


    4486. 

  4486. 	}


    4487. 

  4487. 


    4488. 

  4488. 	/*


    4489. 

  4489. 	* Creates a tab with title text and starts that tabs page


    4490. 

  4490. 	* @param tabText - This is what is displayed on the tab


    4491. 

  4491. 	* @param paneid - This is the parent pane to build this tab on


    4492. 

  4492. 	*/


    4493. 

  4493. 	function startTab( $tabText, $paneid ) {


    4494. 

  4494. 		echo "<div class=\"tab-page\" id=\"".$paneid."\">";


    4495. 

  4495. 		echo "<h2 class=\"tab\">".$tabText."</h2>";


    4496. 

  4496. 		echo "<script type=\"text/javascript\">\n";


    4497. 

  4497. 		echo "  tabPane1.addTabPage( document.getElementById( \"".$paneid."\" ) );";


    4498. 

  4498. 		echo "</script>";


    4499. 

  4499. 	}


    4500. 

  4500. 


    4501. 

  4501. 	/*


    4502. 

  4502. 	* Ends a tab page


    4503. 

  4503. 	*/


    4504. 

  4504. 	function endTab() {


    4505. 

  4505. 		echo "</div>";


    4506. 

  4506. 	}


    4507. 

  4507. }


    4508. 

  4508. 


    4509. 

  4509. /**


    4510. 

  4510. * Common HTML Output Files


    4511. 

  4511. * @package Joomla


    4512. 

  4512. */


    4513. 

  4513. class mosAdminMenus {


    4514. 

  4514. 	/**


    4515. 

  4515. 	* build the select list for Menu Ordering


    4516. 

  4516. 	*/


    4517. 

  4517. 	function Ordering( &$row, $id ) {


    4518. 

  4518. 		global $database;


    4519. 

  4519. 


    4520. 

  4520. 		if ( $id ) {


    4521. 

  4521. 			$query = "SELECT ordering AS value, name AS text"


    4522. 

  4522. 			. "\n FROM #__menu"


    4523. 

  4523. 			. "\n WHERE menutype = " . $database->Quote ( $row->menutype )


    4524. 

  4524. 			. "\n AND parent = " . (int) $row->parent


    4525. 

  4525. 			. "\n AND published != -2"


    4526. 

  4526. 			. "\n ORDER BY ordering"


    4527. 

  4527. 			;


    4528. 

  4528. 			$order = mosGetOrderingList( $query );


    4529. 

  4529. 			$ordering = mosHTML::selectList( $order, 'ordering', 'class="inputbox" size="1"', 'value', 'text', intval( $row->ordering ) );


    4530. 

  4530. 		} else {


    4531. 

  4531. 			$ordering = '<input type="hidden" name="ordering" value="'. $row->ordering .'" />'. _CMN_NEW_ITEM_LAST;


    4532. 

  4532. 		}


    4533. 

  4533. 		return $ordering;


    4534. 

  4534. 	}


    4535. 

  4535. 


    4536. 

  4536. 	/**


    4537. 

  4537. 	* build the select list for access level


    4538. 

  4538. 	*/


    4539. 

  4539. 	function Access( &$row ) {


    4540. 

  4540. 		global $database;


    4541. 

  4541. 


    4542. 

  4542. 		$query = "SELECT id AS value, name AS text"


    4543. 

  4543. 		. "\n FROM #__groups"


    4544. 

  4544. 		. "\n ORDER BY id"


    4545. 

  4545. 		;


    4546. 

  4546. 		$database->setQuery( $query );


    4547. 

  4547. 		$groups = $database->loadObjectList();


    4548. 

  4548. 		$access = mosHTML::selectList( $groups, 'access', 'class="inputbox" size="3"', 'value', 'text', intval( $row->access ) );


    4549. 

  4549. 


    4550. 

  4550. 		return $access;


    4551. 

  4551. 	}


    4552. 

  4552. 


    4553. 

  4553. 	/**


    4554. 

  4554. 	* build the select list for parent item


    4555. 

  4555. 	*/


    4556. 

  4556. 	function Parent( &$row ) {


    4557. 

  4557. 		global $database;


    4558. 

  4558. 


    4559. 

  4559. 		$id = '';


    4560. 

  4560. 		if ( $row->id ) {


    4561. 

  4561. 			$id = "\n AND id != " . (int) $row->id;


    4562. 

  4562. 		}


    4563. 

  4563. 


    4564. 

  4564. 		// get a list of the menu items


    4565. 

  4565. 		// excluding the current menu item and its child elements


    4566. 

  4566. 		$query = "SELECT m.*"


    4567. 

  4567. 		. "\n FROM #__menu m"


    4568. 

  4568. 		. "\n WHERE menutype = " . $database->Quote( $row->menutype )


    4569. 

  4569. 		. "\n AND published != -2"


    4570. 

  4570. 		. $id


    4571. 

  4571. 		. "\n ORDER BY parent, ordering"


    4572. 

  4572. 		;


    4573. 

  4573. 		$database->setQuery( $query );


    4574. 

  4574. 		$mitems = $database->loadObjectList();


    4575. 

  4575. 


    4576. 

  4576. 		// establish the hierarchy of the menu


    4577. 

  4577. 		$children = array();


    4578. 

  4578. 


    4579. 

  4579. 		if ( $mitems ) {


    4580. 

  4580. 			// first pass - collect children


    4581. 

  4581. 			foreach ( $mitems as $v ) {


    4582. 

  4582. 				$pt 	= $v->parent;


    4583. 

  4583. 				$list 	= @$children[$pt] ? $children[$pt] : array();


    4584. 

  4584. 				array_push( $list, $v );


    4585. 

  4585. 				$children[$pt] = $list;


    4586. 

  4586. 			}


    4587. 

  4587. 		}


    4588. 

  4588. 


    4589. 

  4589. 		// second pass - get an indent list of the items


    4590. 

  4590. 		$list = mosTreeRecurse( 0, '', array(), $children, 20, 0, 0 );


    4591. 

  4591. 


    4592. 

  4592. 		// assemble menu items to the array


    4593. 

  4593. 		$mitems 	= array();


    4594. 

  4594. 		$mitems[] 	= mosHTML::makeOption( '0', 'Top' );


    4595. 

  4595. 


    4596. 

  4596. 		foreach ( $list as $item ) {


    4597. 

  4597. 			$mitems[] = mosHTML::makeOption( $item->id, '&nbsp;&nbsp;&nbsp;'. $item->treename );


    4598. 

  4598. 		}


    4599. 

  4599. 


    4600. 

  4600. 		$output = mosHTML::selectList( $mitems, 'parent', 'class="inputbox" size="10"', 'value', 'text', $row->parent );


    4601. 

  4601. 


    4602. 

  4602. 		return $output;


    4603. 

  4603. 	}


    4604. 

  4604. 


    4605. 

  4605. 	/**


    4606. 

  4606. 	* build a radio button option for published state


    4607. 

  4607. 	*/


    4608. 

  4608. 	function Published( &$row ) {


    4609. 

  4609. 		$published = mosHTML::yesnoRadioList( 'published', 'class="inputbox"', $row->published );


    4610. 

  4610. 		return $published;


    4611. 

  4611. 	}


    4612. 

  4612. 


    4613. 

  4613. 	/**


    4614. 

  4614. 	* build the link/url of a menu item


    4615. 

  4615. 	*/


    4616. 

  4616. 	function Link( &$row, $id, $link=NULL ) {


    4617. 

  4617. 		global $mainframe;


    4618. 

  4618. 


    4619. 

  4619. 		if ( $id ) {


    4620. 

  4620. 			switch ($row->type) {


    4621. 

  4621. 				case 'content_item_link':


    4622. 

  4622. 				case 'content_typed':


    4623. 

  4623. 					// load menu params


    4624. 

  4624. 					$params = new mosParameters( $row->params, $mainframe->getPath( 'menu_xml', $row->type ), 'menu' );


    4625. 

  4625. 


    4626. 

  4626. 					if ( $params->get( 'unique_itemid' ) ) {


    4627. 

  4627. 						$row->link .= '&Itemid='. $row->id;


    4628. 

  4628. 					} else {


    4629. 

  4629. 						$temp = split( '&task=view&id=', $row->link);


    4630. 

  4630. 						$row->link .= '&Itemid='. $mainframe->getItemid($temp[1], 0, 0);


    4631. 

  4631. 					}


    4632. 

  4632. 


    4633. 

  4633. 					$link = $row->link;


    4634. 

  4634. 					break;


    4635. 

  4635. 


    4636. 

  4636. 				default:


    4637. 

  4637. 					if ( $link ) {


    4638. 

  4638. 						$link = $row->link;


    4639. 

  4639. 					} else {


    4640. 

  4640. 						$link = $row->link .'&amp;Itemid='. $row->id;


    4641. 

  4641. 					}


    4642. 

  4642. 					break;


    4643. 

  4643. 			}


    4644. 

  4644. 		} else {


    4645. 

  4645. 			$link = NULL;


    4646. 

  4646. 		}


    4647. 

  4647. 


    4648. 

  4648. 		return $link;


    4649. 

  4649. 	}


    4650. 

  4650. 


    4651. 

  4651. 	/**


    4652. 

  4652. 	* build the select list for target window


    4653. 

  4653. 	*/


    4654. 

  4654. 	function Target( &$row ) {


    4655. 

  4655. 		$click[] = mosHTML::makeOption( '0', 'Parent Window With Browser Navigation' );


    4656. 

  4656. 		$click[] = mosHTML::makeOption( '1', 'New Window With Browser Navigation' );


    4657. 

  4657. 		$click[] = mosHTML::makeOption( '2', 'New Window Without Browser Navigation' );


    4658. 

  4658. 		$target = mosHTML::selectList( $click, 'browserNav', 'class="inputbox" size="4"', 'value', 'text', intval( $row->browserNav ) );


    4659. 

  4659. 		return $target;


    4660. 

  4660. 	}


    4661. 

  4661. 


    4662. 

  4662. 	/**


    4663. 

  4663. 	* build the multiple select list for Menu Links/Pages


    4664. 

  4664. 	*/


    4665. 

  4665. 	function MenuLinks( &$lookup, $all=NULL, $none=NULL, $unassigned=1 ) {


    4666. 

  4666. 		global $database;


    4667. 

  4667. 


    4668. 

  4668. 		// get a list of the menu items


    4669. 

  4669. 		$query = "SELECT m.*"


    4670. 

  4670. 		. "\n FROM #__menu AS m"


    4671. 

  4671. 		. "\n WHERE m.published = 1"


    4672. 

  4672. 		//. "\n AND m.type != 'separator'"


    4673. 

  4673. 		//. "\n AND NOT ("


    4674. 

  4674. 		//	. "\n ( m.type = 'url' )"


    4675. 

  4675. 		//	. "\n AND ( m.link LIKE '%index.php%' )"


    4676. 

  4676. 		//	. "\n AND ( m.link LIKE '%Itemid=%' )"


    4677. 

  4677. 		//. "\n )"


    4678. 

  4678. 		. "\n ORDER BY m.menutype, m.parent, m.ordering"


    4679. 

  4679. 		;


    4680. 

  4680. 		$database->setQuery( $query );


    4681. 

  4681. 		$mitems = $database->loadObjectList();


    4682. 

  4682. 		$mitems_temp = $mitems;


    4683. 

  4683. 


    4684. 

  4684. 		// establish the hierarchy of the menu


    4685. 

  4685. 		$children = array();


    4686. 

  4686. 		// first pass - collect children


    4687. 

  4687. 		foreach ( $mitems as $v ) {


    4688. 

  4688. 			$id = $v->id;


    4689. 

  4689. 			$pt = $v->parent;


    4690. 

  4690. 			$list = @$children[$pt] ? $children[$pt] : array();


    4691. 

  4691. 			array_push( $list, $v );


    4692. 

  4692. 			$children[$pt] = $list;


    4693. 

  4693. 		}


    4694. 

  4694. 		// second pass - get an indent list of the items


    4695. 

  4695. 		$list = mosTreeRecurse( intval( $mitems[0]->parent ), '', array(), $children, 20, 0, 0 );


    4696. 

  4696. 


    4697. 

  4697. 		// Code that adds menu name to Display of Page(s)


    4698. 

  4698. 		$text_count 	= 0;


    4699. 

  4699. 		$mitems_spacer 	= $mitems_temp[0]->menutype;


    4700. 

  4700. 		foreach ($list as $list_a) {


    4701. 

  4701. 			foreach ($mitems_temp as $mitems_a) {


    4702. 

  4702. 				if ($mitems_a->id == $list_a->id) {


    4703. 

  4703. 					// Code that inserts the blank line that seperates different menus


    4704. 

  4704. 					if ($mitems_a->menutype != $mitems_spacer) {


    4705. 

  4705. 						$list_temp[] 	= mosHTML::makeOption( -999, '----' );


    4706. 

  4706. 						$mitems_spacer 	= $mitems_a->menutype;


    4707. 

  4707. 					}


    4708. 

  4708. 


    4709. 

  4709. 					// do not display `url` menu item types that contain `index.php` and `Itemid`


    4710. 

  4710. 					if (!($mitems_a->type == 'url' && strpos($mitems_a->link, 'index.php') !== false && strpos($mitems_a->link, 'Itemid=') !== false)) {


    4711. 

  4711. 						$text 			= $mitems_a->menutype .' | '. $list_a->treename;


    4712. 

  4712. 						$list_temp[] 	= mosHTML::makeOption( $list_a->id, $text );


    4713. 

  4713. 


    4714. 

  4714. 						if ( strlen($text) > $text_count) {


    4715. 

  4715. 							$text_count = strlen($text);


    4716. 

  4716. 						}


    4717. 

  4717. 					}


    4718. 

  4718. 				}


    4719. 

  4719. 			}


    4720. 

  4720. 		}


    4721. 

  4721. 		$list = $list_temp;


    4722. 

  4722. 


    4723. 

  4723. 		$mitems = array();


    4724. 

  4724. 		if ( $all ) {


    4725. 

  4725. 			// prepare an array with 'all' as the first item


    4726. 

  4726. 			$mitems[] = mosHTML::makeOption( 0, 'All' );


    4727. 

  4727. 			// adds space, in select box which is not saved


    4728. 

  4728. 			$mitems[] = mosHTML::makeOption( -999, '----' );


    4729. 

  4729. 		}


    4730. 

  4730. 		if ( $none ) {


    4731. 

  4731. 			// prepare an array with 'all' as the first item


    4732. 

  4732. 			$mitems[] = mosHTML::makeOption( -999, 'None' );


    4733. 

  4733. 			// adds space, in select box which is not saved


    4734. 

  4734. 			$mitems[] = mosHTML::makeOption( -999, '----' );


    4735. 

  4735. 		}


    4736. 

  4736. 		if ( $unassigned ) {


    4737. 

  4737. 			// prepare an array with 'all' as the first item


    4738. 

  4738. 			$mitems[] = mosHTML::makeOption( 99999999, 'Unassigned' );


    4739. 

  4739. 			// adds space, in select box which is not saved


    4740. 

  4740. 			$mitems[] = mosHTML::makeOption( -999, '----' );


    4741. 

  4741. 		}


    4742. 

  4742. 


    4743. 

  4743. 		// append the rest of the menu items to the array


    4744. 

  4744. 		foreach ($list as $item) {


    4745. 

  4745. 			$mitems[] = mosHTML::makeOption( $item->value, $item->text );


    4746. 

  4746. 		}


    4747. 

  4747. 		$pages = mosHTML::selectList( $mitems, 'selections[]', 'class="inputbox" size="26" multiple="multiple"', 'value', 'text', $lookup );


    4748. 

  4748. 		return $pages;


    4749. 

  4749. 	}


    4750. 

  4750. 


    4751. 

  4751. 


    4752. 

  4752. 	/**


    4753. 

  4753. 	* build the select list to choose a category


    4754. 

  4754. 	*/


    4755. 

  4755. 	function Category( &$menu, $id, $javascript='' ) {


    4756. 

  4756. 		global $database;


    4757. 

  4757. 


    4758. 

  4758. 		$query = "SELECT c.id AS `value`, c.section AS `id`, CONCAT_WS( ' / ', s.title, c.title) AS `text`"


    4759. 

  4759. 		. "\n FROM #__sections AS s"


    4760. 

  4760. 		. "\n INNER JOIN #__categories AS c ON c.section = s.id"


    4761. 

  4761. 		. "\n WHERE s.scope = 'content'"


    4762. 

  4762. 		. "\n ORDER BY s.name, c.name"


    4763. 

  4763. 		;


    4764. 

  4764. 		$database->setQuery( $query );


    4765. 

  4765. 		$rows = $database->loadObjectList();


    4766. 

  4766. 		$category = '';


    4767. 

  4767. 		if ( $id ) {


    4768. 

  4768. 			foreach ( $rows as $row ) {


    4769. 

  4769. 				if ( $row->value == $menu->componentid ) {


    4770. 

  4770. 					$category = $row->text;


    4771. 

  4771. 				}


    4772. 

  4772. 			}


    4773. 

  4773. 			$category .= '<input type="hidden" name="componentid" value="'. $menu->componentid .'" />';


    4774. 

  4774. 			$category .= '<input type="hidden" name="link" value="'. $menu->link .'" />';


    4775. 

  4775. 		} else {


    4776. 

  4776. 			$category = mosHTML::selectList( $rows, 'componentid', 'class="inputbox" size="10"'. $javascript, 'value', 'text' );


    4777. 

  4777. 			$category .= '<input type="hidden" name="link" value="" />';


    4778. 

  4778. 		}


    4779. 

  4779. 		return $category;


    4780. 

  4780. 	}


    4781. 

  4781. 


    4782. 

  4782. 	/**


    4783. 

  4783. 	* build the select list to choose a section


    4784. 

  4784. 	*/


    4785. 

  4785. 	function Section( &$menu, $id, $all=0 ) {


    4786. 

  4786. 		global $database;


    4787. 

  4787. 


    4788. 

  4788. 		$query = "SELECT s.id AS `value`, s.id AS `id`, s.title AS `text`"


    4789. 

  4789. 		. "\n FROM #__sections AS s"


    4790. 

  4790. 		. "\n WHERE s.scope = 'content'"


    4791. 

  4791. 		. "\n ORDER BY s.name"


    4792. 

  4792. 		;


    4793. 

  4793. 		$database->setQuery( $query );


    4794. 

  4794. 		if ( $all ) {


    4795. 

  4795. 			$rows[] = mosHTML::makeOption( 0, '- All Sections -' );


    4796. 

  4796. 			$rows = array_merge( $rows, $database->loadObjectList() );


    4797. 

  4797. 		} else {


    4798. 

  4798. 			$rows = $database->loadObjectList();


    4799. 

  4799. 		}


    4800. 

  4800. 


    4801. 

  4801. 		if ( $id ) {


    4802. 

  4802. 			foreach ( $rows as $row ) {


    4803. 

  4803. 				if ( $row->value == $menu->componentid ) {


    4804. 

  4804. 					$section = $row->text;


    4805. 

  4805. 				}


    4806. 

  4806. 			}


    4807. 

  4807. 			$section .= '<input type="hidden" name="componentid" value="'. $menu->componentid .'" />';


    4808. 

  4808. 			$section .= '<input type="hidden" name="link" value="'. $menu->link .'" />';


    4809. 

  4809. 		} else {


    4810. 

  4810. 			$section = mosHTML::selectList( $rows, 'componentid', 'class="inputbox" size="10"', 'value', 'text' );


    4811. 

  4811. 			$section .= '<input type="hidden" name="link" value="" />';


    4812. 

  4812. 		}


    4813. 

  4813. 		return $section;


    4814. 

  4814. 	}


    4815. 

  4815. 


    4816. 

  4816. 	/**


    4817. 

  4817. 	* build the select list to choose a component


    4818. 

  4818. 	*/


    4819. 

  4819. 	function Component( &$menu, $id ) {


    4820. 

  4820. 		global $database;


    4821. 

  4821. 


    4822. 

  4822. 		$query = "SELECT c.id AS value, c.name AS text, c.link"


    4823. 

  4823. 		. "\n FROM #__components AS c"


    4824. 

  4824. 		. "\n WHERE c.link != ''"


    4825. 

  4825. 		. "\n ORDER BY c.name"


    4826. 

  4826. 		;


    4827. 

  4827. 		$database->setQuery( $query );


    4828. 

  4828. 		$rows = $database->loadObjectList( );


    4829. 

  4829. 


    4830. 

  4830. 		if ( $id ) {


    4831. 

  4831. 			// existing component, just show name


    4832. 

  4832. 			foreach ( $rows as $row ) {


    4833. 

  4833. 				if ( $row->value == $menu->componentid ) {


    4834. 

  4834. 					$component = $row->text;


    4835. 

  4835. 				}


    4836. 

  4836. 			}


    4837. 

  4837. 			$component .= '<input type="hidden" name="componentid" value="'. $menu->componentid .'" />';


    4838. 

  4838. 		} else {


    4839. 

  4839. 			$component = mosHTML::selectList( $rows, 'componentid', 'class="inputbox" size="10"', 'value', 'text' );


    4840. 

  4840. 		}


    4841. 

  4841. 		return $component;


    4842. 

  4842. 	}


    4843. 

  4843. 


    4844. 

  4844. 	/**


    4845. 

  4845. 	* build the select list to choose a component


    4846. 

  4846. 	*/


    4847. 

  4847. 	function ComponentName( &$menu, $id ) {


    4848. 

  4848. 		global $database;


    4849. 

  4849. 


    4850. 

  4850. 		$query = "SELECT c.id AS value, c.name AS text, c.link"


    4851. 

  4851. 		. "\n FROM #__components AS c"


    4852. 

  4852. 		. "\n WHERE c.link != ''"


    4853. 

  4853. 		. "\n ORDER BY c.name"


    4854. 

  4854. 		;


    4855. 

  4855. 		$database->setQuery( $query );


    4856. 

  4856. 		$rows = $database->loadObjectList( );


    4857. 

  4857. 


    4858. 

  4858. 		$component = 'Component';


    4859. 

  4859. 		foreach ( $rows as $row ) {


    4860. 

  4860. 			if ( $row->value == $menu->componentid ) {


    4861. 

  4861. 				$component = $row->text;


    4862. 

  4862. 			}


    4863. 

  4863. 		}


    4864. 

  4864. 


    4865. 

  4865. 		return $component;


    4866. 

  4866. 	}


    4867. 

  4867. 


    4868. 

  4868. 	/**


    4869. 

  4869. 	* build the select list to choose an image


    4870. 

  4870. 	*/


    4871. 

  4871. 	function Images( $name, &$active, $javascript=NULL, $directory=NULL ) {


    4872. 

  4872. 		global $mosConfig_absolute_path;


    4873. 

  4873. 


    4874. 

  4874. 		if ( !$directory ) {


    4875. 

  4875. 			$directory = '/images/stories';


    4876. 

  4876. 		}


    4877. 

  4877. 


    4878. 

  4878. 		if ( !$javascript ) {


    4879. 

  4879. 			$javascript = "onchange=\"javascript:if (document.forms[0].image.options[selectedIndex].value!='') {document.imagelib.src='..$directory/' + document.forms[0].image.options[selectedIndex].value} else {document.imagelib.src='../images/blank.png'}\"";


    4880. 

  4880. 		}


    4881. 

  4881. 


    4882. 

  4882. 		$imageFiles = mosReadDirectory( $mosConfig_absolute_path . $directory );


    4883. 

  4883. 		$images 	= array(  mosHTML::makeOption( '', '- Select Image -' ) );


    4884. 

  4884. 		foreach ( $imageFiles as $file ) {


    4885. 

  4885. 			if ( eregi( "bmp|gif|jpg|png", $file ) ) {


    4886. 

  4886. 				$images[] = mosHTML::makeOption( $file );


    4887. 

  4887. 			}


    4888. 

  4888. 		}


    4889. 

  4889. 		$images = mosHTML::selectList( $images, $name, 'class="inputbox" size="1" '. $javascript, 'value', 'text', $active );


    4890. 

  4890. 


    4891. 

  4891. 		return $images;


    4892. 

  4892. 	}


    4893. 

  4893. 


    4894. 

  4894. 	/**


    4895. 

  4895. 	* build the select list for Ordering of a specified Table


    4896. 

  4896. 	*/


    4897. 

  4897. 	function SpecificOrdering( &$row, $id, $query, $neworder=0 ) {


    4898. 

  4898. 		global $database;


    4899. 

  4899. 


    4900. 

  4900. 		if ( $neworder ) {


    4901. 

  4901. 			$text = _CMN_NEW_ITEM_FIRST;


    4902. 

  4902. 		} else {


    4903. 

  4903. 			$text = _CMN_NEW_ITEM_LAST;


    4904. 

  4904. 		}


    4905. 

  4905. 


    4906. 

  4906. 		if ( $id ) {


    4907. 

  4907. 			$order = mosGetOrderingList( $query );


    4908. 

  4908. 			$ordering = mosHTML::selectList( $order, 'ordering', 'class="inputbox" size="1"', 'value', 'text', intval( $row->ordering ) );


    4909. 

  4909. 		} else {


    4910. 

  4910. 			$ordering = '<input type="hidden" name="ordering" value="'. $row->ordering .'" />'. $text;


    4911. 

  4911. 		}


    4912. 

  4912. 		return $ordering;


    4913. 

  4913. 	}


    4914. 

  4914. 


    4915. 

  4915. 	/**


    4916. 

  4916. 	* Select list of active users


    4917. 

  4917. 	*/


    4918. 

  4918. 	function UserSelect( $name, $active, $nouser=0, $javascript=NULL, $order='name', $reg=1 ) {


    4919. 

  4919. 		global $database, $my;


    4920. 

  4920. 


    4921. 

  4921. 		$and = '';


    4922. 

  4922. 		if ( $reg ) {


    4923. 

  4923. 		// does not include registered users in the list


    4924. 

  4924. 			$and = "\n AND gid > 18";


    4925. 

  4925. 		}


    4926. 

  4926. 


    4927. 

  4927. 		$query = "SELECT id AS value, name AS text"


    4928. 

  4928. 		. "\n FROM #__users"


    4929. 

  4929. 		. "\n WHERE block = 0"


    4930. 

  4930. 		. $and


    4931. 

  4931. 		. "\n ORDER BY $order"


    4932. 

  4932. 		;


    4933. 

  4933. 		$database->setQuery( $query );


    4934. 

  4934. 		if ( $nouser ) {


    4935. 

  4935. 			$users[] = mosHTML::makeOption( '0', '- No User -' );


    4936. 

  4936. 			$users = array_merge( $users, $database->loadObjectList() );


    4937. 

  4937. 		} else {


    4938. 

  4938. 			$users = $database->loadObjectList();


    4939. 

  4939. 		}


    4940. 

  4940. 


    4941. 

  4941. 		$users = mosHTML::selectList( $users, $name, 'class="inputbox" size="1" '. $javascript, 'value', 'text', $active );


    4942. 

  4942. 


    4943. 

  4943. 		return $users;


    4944. 

  4944. 	}


    4945. 

  4945. 


    4946. 

  4946. 	/**


    4947. 

  4947. 	* Select list of positions - generally used for location of images


    4948. 

  4948. 	*/


    4949. 

  4949. 	function Positions( $name, $active=NULL, $javascript=NULL, $none=1, $center=1, $left=1, $right=1 ) {


    4950. 

  4950. 		if ( $none ) {


    4951. 

  4951. 			$pos[] = mosHTML::makeOption( '', _CMN_NONE );


    4952. 

  4952. 		}


    4953. 

  4953. 		if ( $center ) {


    4954. 

  4954. 			$pos[] = mosHTML::makeOption( 'center', _CMN_CENTER );


    4955. 

  4955. 		}


    4956. 

  4956. 		if ( $left ) {


    4957. 

  4957. 			$pos[] = mosHTML::makeOption( 'left', _CMN_LEFT );


    4958. 

  4958. 		}


    4959. 

  4959. 		if ( $right ) {


    4960. 

  4960. 			$pos[] = mosHTML::makeOption( 'right', _CMN_RIGHT );


    4961. 

  4961. 		}


    4962. 

  4962. 


    4963. 

  4963. 		$positions = mosHTML::selectList( $pos, $name, 'class="inputbox" size="1"'. $javascript, 'value', 'text', $active );


    4964. 

  4964. 


    4965. 

  4965. 		return $positions;


    4966. 

  4966. 	}


    4967. 

  4967. 


    4968. 

  4968. 	/**


    4969. 

  4969. 	* Select list of active categories for components


    4970. 

  4970. 	*/


    4971. 

  4971. 	function ComponentCategory( $name, $section, $active=NULL, $javascript=NULL, $order='ordering', $size=1, $sel_cat=1, $selfonly=false ) {


    4972. 

  4972. 		global $database;


    4973. 

  4973. 


    4974. 

  4974. 		$query = "SELECT id AS value, name AS text"


    4975. 

  4975. 		. "\n FROM #__categories"


    4976. 

  4976. 		. "\n WHERE section = " . $database->Quote( $section )


    4977. 

  4977. 		//. "\n AND published = 1"


    4978. 

  4978. 		. ( ($selfonly) ? "\n AND id = $active" : "")


    4979. 

  4979. 		. "\n ORDER BY $order"


    4980. 

  4980. 		;


    4981. 

  4981. 		$database->setQuery( $query );


    4982. 

  4982. 		if ( $sel_cat ) {


    4983. 

  4983. 			$categories[] = mosHTML::makeOption( '0', _SEL_CATEGORY );


    4984. 

  4984. 			$categories = array_merge( $categories, $database->loadObjectList() );


    4985. 

  4985. 		} else {


    4986. 

  4986. 			$categories = $database->loadObjectList();


    4987. 

  4987. 		}


    4988. 

  4988. 


    4989. 

  4989. 		if ( count( $categories ) < 1 ) {


    4990. 

  4990. 			mosRedirect( 'index2.php?option=com_categories&section='. $section, 'You must create a category first.' );


    4991. 

  4991. 		}


    4992. 

  4992. 


    4993. 

  4993. 		$category = mosHTML::selectList( $categories, $name, 'class="inputbox" size="'. $size .'" '. $javascript, 'value', 'text', $active );


    4994. 

  4994. 


    4995. 

  4995. 		return $category;


    4996. 

  4996. 	}


    4997. 

  4997. 


    4998. 

  4998. 	/**


    4999. 

  4999. 	* Select list of active sections


    5000. 

  5000. 	*/


    5001. 

  5001. 	function SelectSection( $name, $active=NULL, $javascript=NULL, $order='ordering' ) {


    5002. 

  5002. 		global $database;


    5003. 

  5003. 


    5004. 

  5004. 		$categories[] = mosHTML::makeOption( '0', _SEL_SECTION );


    5005. 

  5005. 		$query = "SELECT id AS value, title AS text"


    5006. 

  5006. 		. "\n FROM #__sections"


    5007. 

  5007. 		. "\n WHERE published = 1"


    5008. 

  5008. 		. "\n ORDER BY $order"


    5009. 

  5009. 		;


    5010. 

  5010. 		$database->setQuery( $query );


    5011. 

  5011. 		$sections = array_merge( $categories, $database->loadObjectList() );


    5012. 

  5012. 


    5013. 

  5013. 		$category = mosHTML::selectList( $sections, $name, 'class="inputbox" size="1" '. $javascript, 'value', 'text', $active );


    5014. 

  5014. 


    5015. 

  5015. 		return $category;


    5016. 

  5016. 	}


    5017. 

  5017. 


    5018. 

  5018. 	/**


    5019. 

  5019. 	* Select list of menu items for a specific menu


    5020. 

  5020. 	*/


    5021. 

  5021. 	function Links2Menu( $type, $and ) {


    5022. 

  5022. 		global $database;


    5023. 

  5023. 


    5024. 

  5024. 		$query = "SELECT *"


    5025. 

  5025. 		. "\n FROM #__menu"


    5026. 

  5026. 		. "\n WHERE type = " . $database->Quote( $type )


    5027. 

  5027. 		. "\n AND published = 1"


    5028. 

  5028. 		. $and


    5029. 

  5029. 		;


    5030. 

  5030. 		$database->setQuery( $query );


    5031. 

  5031. 		$menus = $database->loadObjectList();


    5032. 

  5032. 


    5033. 

  5033. 		return $menus;


    5034. 

  5034. 	}


    5035. 

  5035. 


    5036. 

  5036. 	/**


    5037. 

  5037. 	 * Select list of menus


    5038. 

  5038. 	 * @param string The control name


    5039. 

  5039. 	 * @param string Additional javascript


    5040. 

  5040. 	 * @return string A select list


    5041. 

  5041. 	 */


    5042. 

  5042. 	function MenuSelect( $name='menuselect', $javascript=NULL ) {


    5043. 

  5043. 		global $database;


    5044. 

  5044. 


    5045. 

  5045. 		$query = "SELECT params"


    5046. 

  5046. 		. "\n FROM #__modules"


    5047. 

  5047. 		. "\n WHERE module = 'mod_mainmenu'"


    5048. 

  5048. 		;


    5049. 

  5049. 		$database->setQuery( $query );


    5050. 

  5050. 		$menus = $database->loadObjectList();


    5051. 

  5051. 		$total = count( $menus );


    5052. 

  5052. 		$menuselect = array();


    5053. 

  5053. 		for( $i = 0; $i < $total; $i++ ) {


    5054. 

  5054. 			$params = mosParseParams( $menus[$i]->params );


    5055. 

  5055. 			$menuselect[$i]->value 	= $params->menutype;


    5056. 

  5056. 			$menuselect[$i]->text 	= $params->menutype;


    5057. 

  5057. 		}


    5058. 

  5058. 		// sort array of objects


    5059. 

  5059. 		SortArrayObjects( $menuselect, 'text', 1 );


    5060. 

  5060. 


    5061. 

  5061. 		$menus = mosHTML::selectList( $menuselect, $name, 'class="inputbox" size="10" '. $javascript, 'value', 'text' );


    5062. 

  5062. 


    5063. 

  5063. 		return $menus;


    5064. 

  5064. 	}


    5065. 

  5065. 


    5066. 

  5066. 	/**


    5067. 

  5067. 	* Internal function to recursive scan the media manager directories


    5068. 

  5068. 	* @param string Path to scan


    5069. 

  5069. 	* @param string root path of this folder


    5070. 

  5070. 	* @param array  Value array of all existing folders


    5071. 

  5071. 	* @param array  Value array of all existing images


    5072. 

  5072. 	*/


    5073. 

  5073. 	function ReadImages( $imagePath, $folderPath, &$folders, &$images ) {


    5074. 

  5074. 		$imgFiles = mosReadDirectory( $imagePath );


    5075. 

  5075. 


    5076. 

  5076. 		foreach ($imgFiles as $file) {


    5077. 

  5077. 			$ff_ 	= $folderPath . $file .'/';


    5078. 

  5078. 			$ff 	= $folderPath . $file;


    5079. 

  5079. 			$i_f 	= $imagePath .'/'. $file;


    5080. 

  5080. 


    5081. 

  5081. 			if ( is_dir( $i_f ) && $file != 'CVS' && $file != '.svn') {


    5082. 

  5082. 				$folders[] = mosHTML::makeOption( $ff_ );


    5083. 

  5083. 				mosAdminMenus::ReadImages( $i_f, $ff_, $folders, $images );


    5084. 

  5084. 			} else if ( eregi( "bmp|gif|jpg|png", $file ) && is_file( $i_f ) ) {


    5085. 

  5085. 				// leading / we don't need


    5086. 

  5086. 				$imageFile = substr( $ff, 1 );


    5087. 

  5087. 				$images[$folderPath][] = mosHTML::makeOption( $imageFile, $file );


    5088. 

  5088. 			}


    5089. 

  5089. 		}


    5090. 

  5090. 	}


    5091. 

  5091. 


    5092. 

  5092. 	/**


    5093. 

  5093. 	* Internal function to recursive scan the media manager directories


    5094. 

  5094. 	* @param string Path to scan


    5095. 

  5095. 	* @param string root path of this folder


    5096. 

  5096. 	* @param array  Value array of all existing folders


    5097. 

  5097. 	* @param array  Value array of all existing images


    5098. 

  5098. 	*/


    5099. 

  5099. 	function ReadImagesX( &$folders, &$images ) {


    5100. 

  5100. 		global $mosConfig_absolute_path;


    5101. 

  5101. 


    5102. 

  5102. 		if ( $folders[0]->value != '*0*' ) {


    5103. 

  5103. 			foreach ( $folders as $folder ) {


    5104. 

  5104. 				$imagePath 	= $mosConfig_absolute_path .'/images/stories' . $folder->value;


    5105. 

  5105. 				$imgFiles 	= mosReadDirectory( $imagePath );


    5106. 

  5106. 				$folderPath = $folder->value .'/';


    5107. 

  5107. 


    5108. 

  5108. 				foreach ($imgFiles as $file) {


    5109. 

  5109. 					$ff 	= $folderPath . $file;


    5110. 

  5110. 					$i_f 	= $imagePath .'/'. $file;


    5111. 

  5111. 


    5112. 

  5112. 					if ( eregi( "bmp|gif|jpg|png", $file ) && is_file( $i_f ) ) {


    5113. 

  5113. 						// leading / we don't need


    5114. 

  5114. 						$imageFile = substr( $ff, 1 );


    5115. 

  5115. 						$images[$folderPath][] = mosHTML::makeOption( $imageFile, $file );


    5116. 

  5116. 					}


    5117. 

  5117. 				}


    5118. 

  5118. 			}


    5119. 

  5119. 		} else {


    5120. 

  5120. 			$folders 	= array();


    5121. 

  5121. 			$folders[] 	= mosHTML::makeOption( 'None' );


    5122. 

  5122. 		}


    5123. 

  5123. 	}


    5124. 

  5124. 


    5125. 

  5125. 	function GetImageFolders( &$temps, $path ) {


    5126. 

  5126. 		if ( $temps[0]->value != 'None' ) {


    5127. 

  5127. 			foreach( $temps as $temp ) {


    5128. 

  5128. 				if ( substr( $temp->value, -1, 1 ) != '/' ) {


    5129. 

  5129. 					$temp 		= $temp->value .'/';


    5130. 

  5130. 					$folders[] 	= mosHTML::makeOption( $temp, $temp );


    5131. 

  5131. 				} else {


    5132. 

  5132. 					$temp 		= $temp->value;


    5133. 

  5133. 					$temp 		= ampReplace( $temp );


    5134. 

  5134. 					$folders[] 	= mosHTML::makeOption( $temp, $temp );


    5135. 

  5135. 				}


    5136. 

  5136. 			}


    5137. 

  5137. 		} else {


    5138. 

  5138. 			$folders[] 	= mosHTML::makeOption( 'None Selected' );


    5139. 

  5139. 		}


    5140. 

  5140. 


    5141. 

  5141. 		$javascript 	= "onchange=\"changeDynaList( 'imagefiles', folderimages, document.adminForm.folders.options[document.adminForm.folders.selectedIndex].value, 0, 0);\"";


    5142. 

  5142. 		$getfolders 	= mosHTML::selectList( $folders, 'folders', 'class="inputbox" size="1" '. $javascript, 'value', 'text', '/' );


    5143. 

  5143. 


    5144. 

  5144. 		return $getfolders;


    5145. 

  5145. 	}


    5146. 

  5146. 


    5147. 

  5147. 	function GetImages( &$images, $path, $base='/' ) {


    5148. 

  5148. 		if ( is_array($base) && count($base) > 0 ) {


    5149. 

  5149. 			if ( $base[0]->value != '/' ) {


    5150. 

  5150. 				$base = $base[0]->value .'/';


    5151. 

  5151. 			} else {


    5152. 

  5152. 				$base = $base[0]->value;


    5153. 

  5153. 			}


    5154. 

  5154. 		} else {


    5155. 

  5155. 			$base = '/';


    5156. 

  5156. 		}


    5157. 

  5157. 


    5158. 

  5158. 		if ( !isset($images[$base] ) ) {


    5159. 

  5159. 			$images[$base][] = mosHTML::makeOption( '' );


    5160. 

  5160. 		}


    5161. 

  5161. 


    5162. 

  5162. 		$javascript	= "onchange=\"previewImage( 'imagefiles', 'view_imagefiles', '$path/' )\" onfocus=\"previewImage( 'imagefiles', 'view_imagefiles', '$path/' )\"";


    5163. 

  5163. 		$getimages	= mosHTML::selectList( $images[$base], 'imagefiles', 'class="inputbox" size="10" multiple="multiple" '. $javascript , 'value', 'text', null );


    5164. 

  5164. 


    5165. 

  5165. 		return $getimages;


    5166. 

  5166. 	}


    5167. 

  5167. 


    5168. 

  5168. 	function GetSavedImages( &$row, $path ) {


    5169. 

  5169. 		$images2 = array();


    5170. 

  5170. 


    5171. 

  5171. 		foreach( $row->images as $file ) {


    5172. 

  5172. 			$temp = explode( '|', $file );


    5173. 

  5173. 			if( strrchr($temp[0], '/') ) {


    5174. 

  5174. 				$filename = substr( strrchr($temp[0], '/' ), 1 );


    5175. 

  5175. 			} else {


    5176. 

  5176. 				$filename = $temp[0];


    5177. 

  5177. 			}


    5178. 

  5178. 			$images2[] = mosHTML::makeOption( $file, $filename );


    5179. 

  5179. 		}


    5180. 

  5180. 


    5181. 

  5181. 		$javascript	= "onchange=\"previewImage( 'imagelist', 'view_imagelist', '$path/' ); showImageProps( '$path/' ); \"";


    5182. 

  5182. 		$imagelist 	= mosHTML::selectList( $images2, 'imagelist', 'class="inputbox" size="10" '. $javascript, 'value', 'text' );


    5183. 

  5183. 


    5184. 

  5184. 		return $imagelist;


    5185. 

  5185. 	}


    5186. 

  5186. 


    5187. 

  5187. 	/**


    5188. 

  5188. 	* Checks to see if an image exists in the current templates image directory


    5189. 

  5189.  	* if it does it loads this image.  Otherwise the default image is loaded.


    5190. 

  5190. 	* Also can be used in conjunction with the menulist param to create the chosen image


    5191. 

  5191. 	* load the default or use no image


    5192. 

  5192. 	*/


    5193. 

  5193. 	function ImageCheck( $file, $directory='/images/M_images/', $param=NULL, $param_directory='/images/M_images/', $alt=NULL, $name=NULL, $type=1, $align='middle', $title=NULL, $admin=NULL ) {


    5194. 

  5194. 		global $mosConfig_absolute_path, $mosConfig_live_site, $mainframe;


    5195. 

  5195. 


    5196. 

  5196. 		$cur_template = $mainframe->getTemplate();


    5197. 

  5197. 


    5198. 

  5198. 		$name 	= ( $name 	? ' name="'. $name .'"' 	: '' );


    5199. 

  5199. 		$title 	= ( $title 	? ' title="'. $title .'"' 	: '' );


    5200. 

  5200. 		$alt 	= ( $alt 	? ' alt="'. $alt .'"' 		: ' alt=""' );


    5201. 

  5201. 		$align 	= ( $align 	? ' align="'. $align .'"' 	: '' );


    5202. 

  5202. 


    5203. 

  5203. 		// change directory path from frontend or backend


    5204. 

  5204. 		if ($admin) {


    5205. 

  5205. 			$path 	= '/administrator/templates/'. $cur_template .'/images/';


    5206. 

  5206. 		} else {


    5207. 

  5207. 			$path 	= '/templates/'. $cur_template .'/images/';


    5208. 

  5208. 		}


    5209. 

  5209. 


    5210. 

  5210. 		if ( $param ) {


    5211. 

  5211. 			$image = $mosConfig_live_site. $param_directory . $param;


    5212. 

  5212. 			if ( $type ) {


    5213. 

  5213. 				$image = '<img src="'. $image .'" '. $alt . $name . $align .' border="0" />';


    5214. 

  5214. 			}


    5215. 

  5215. 		} else if ( $param == -1 ) {


    5216. 

  5216. 			$image = '';


    5217. 

  5217. 		} else {


    5218. 

  5218. 			if ( file_exists( $mosConfig_absolute_path . $path . $file ) ) {


    5219. 

  5219. 				$image = $mosConfig_live_site . $path . $file;


    5220. 

  5220. 			} else {


    5221. 

  5221. 				// outputs only path to image


    5222. 

  5222. 				$image = $mosConfig_live_site. $directory . $file;


    5223. 

  5223. 			}


    5224. 

  5224. 


    5225. 

  5225. 			// outputs actual html <img> tag


    5226. 

  5226. 			if ( $type ) {


    5227. 

  5227. 				$image = '<img src="'. $image .'" '. $alt . $name . $title . $align .' border="0" />';


    5228. 

  5228. 			}


    5229. 

  5229. 		}


    5230. 

  5230. 


    5231. 

  5231. 		return $image;


    5232. 

  5232. 	}


    5233. 

  5233. 


    5234. 

  5234. 	/**


    5235. 

  5235. 	* Checks to see if an image exists in the current templates image directory


    5236. 

  5236.  	* if it does it loads this image.  Otherwise the default image is loaded.


    5237. 

  5237. 	* Also can be used in conjunction with the menulist param to create the chosen image


    5238. 

  5238. 	* load the default or use no image


    5239. 

  5239. 	*/


    5240. 

  5240. 	function ImageCheckAdmin( $file, $directory='/administrator/images/', $param=NULL, $param_directory='/administrator/images/', $alt=NULL, $name=NULL, $type=1, $align='middle', $title=NULL ) {


    5241. 

  5241. /*


    5242. 

  5242. 		global $mosConfig_absolute_path, $mosConfig_live_site, $mainframe;


    5243. 

  5243. 


    5244. 

  5244. 		$cur_template = $mainframe->getTemplate();


    5245. 

  5245. 


    5246. 

  5246. 		$name 	= ( $name 	? ' name="'. $name .'"' 	: '' );


    5247. 

  5247. 		$title 	= ( $title 	? ' title="'. $title .'"' 	: '' );


    5248. 

  5248. 		$alt 	= ( $alt 	? ' alt="'. $alt .'"' 		: ' alt=""' );


    5249. 

  5249. 		$align 	= ( $align 	? ' align="'. $align .'"' 	: '' );


    5250. 

  5250. 


    5251. 

  5251. 		$path 	= '/administrator/templates/'. $cur_template .'/images/';


    5252. 

  5252. 


    5253. 

  5253. 		if ( $param ) {


    5254. 

  5254. 			$image = $mosConfig_live_site. $param_directory . $param;


    5255. 

  5255. 			if ( $type ) {


    5256. 

  5256. 				$image = '<img src="'. $image .'" '. $alt . $name . $align .' border="0" />';


    5257. 

  5257. 			}


    5258. 

  5258. 		} else if ( $param == -1 ) {


    5259. 

  5259. 			$image = '';


    5260. 

  5260. 		} else {


    5261. 

  5261. 			if ( file_exists( $mosConfig_absolute_path . $path . $file ) ) {


    5262. 

  5262. 				$image = $mosConfig_live_site . $path . $file;


    5263. 

  5263. 			} else {


    5264. 

  5264. 				// outputs only path to image


    5265. 

  5265. 				$image = $mosConfig_live_site. $directory . $file;


    5266. 

  5266. 			}


    5267. 

  5267. 


    5268. 

  5268. 			// outputs actual html <img> tag


    5269. 

  5269. 			if ( $type ) {


    5270. 

  5270. 				$image = '<img src="'. $image .'" '. $alt . $name . $title . $align .' border="0" />';


    5271. 

  5271. 			}


    5272. 

  5272. 		}


    5273. 

  5273. */


    5274. 

  5274. 		// functionality consolidated into ImageCheck


    5275. 

  5275. 		$image = mosAdminMenus::ImageCheck( $file, $directory, $param, $param_directory, $alt, $name, $type, $align, $title, $admin=1 );


    5276. 

  5276. 


    5277. 

  5277. 		return $image;


    5278. 

  5278. 	}


    5279. 

  5279. 


    5280. 

  5280. 	function menutypes() {


    5281. 

  5281. 		global $database;


    5282. 

  5282. 


    5283. 

  5283. 		$query = "SELECT params"


    5284. 

  5284. 		. "\n FROM #__modules"


    5285. 

  5285. 		. "\n WHERE module = 'mod_mainmenu'"


    5286. 

  5286. 		. "\n ORDER BY title"


    5287. 

  5287. 		;


    5288. 

  5288. 		$database->setQuery( $query	);


    5289. 

  5289. 		$modMenus = $database->loadObjectList();


    5290. 

  5290. 


    5291. 

  5291. 		$query = "SELECT menutype"


    5292. 

  5292. 		. "\n FROM #__menu"


    5293. 

  5293. 		. "\n GROUP BY menutype"


    5294. 

  5294. 		. "\n ORDER BY menutype"


    5295. 

  5295. 		;


    5296. 

  5296. 		$database->setQuery( $query	);


    5297. 

  5297. 		$menuMenus = $database->loadObjectList();


    5298. 

  5298. 


    5299. 

  5299. 		$menuTypes = '';


    5300. 

  5300. 		foreach ( $modMenus as $modMenu ) {


    5301. 

  5301. 			$check = 1;


    5302. 

  5302. 			mosMakeHtmlSafe( $modMenu) ;


    5303. 

  5303. 			$modParams 	= mosParseParams( $modMenu->params );


    5304. 

  5304. 			$menuType 	= @$modParams->menutype;


    5305. 

  5305. 			if (!$menuType) {


    5306. 

  5306. 				$menuType = 'mainmenu';


    5307. 

  5307. 			}


    5308. 

  5308. 


    5309. 

  5309. 			// stop duplicate menutype being shown


    5310. 

  5310. 			if ( !is_array( $menuTypes) ) {


    5311. 

  5311. 				// handling to create initial entry into array


    5312. 

  5312. 				$menuTypes[] = $menuType;


    5313. 

  5313. 			} else {


    5314. 

  5314. 				$check = 1;


    5315. 

  5315. 				foreach ( $menuTypes as $a ) {


    5316. 

  5316. 					if ( $a == $menuType ) {


    5317. 

  5317. 						$check = 0;


    5318. 

  5318. 					}


    5319. 

  5319. 				}


    5320. 

  5320. 				if ( $check ) {


    5321. 

  5321. 					$menuTypes[] = $menuType;


    5322. 

  5322. 				}


    5323. 

  5323. 			}


    5324. 

  5324. 


    5325. 

  5325. 		}


    5326. 

  5326. 		// add menutypes from jos_menu


    5327. 

  5327. 		foreach ( $menuMenus as $menuMenu ) {


    5328. 

  5328. 			$check = 1;


    5329. 

  5329. 			foreach ( $menuTypes as $a ) {


    5330. 

  5330. 				if ( $a == $menuMenu->menutype ) {


    5331. 

  5331. 					$check = 0;


    5332. 

  5332. 				}


    5333. 

  5333. 			}


    5334. 

  5334. 			if ( $check ) {


    5335. 

  5335. 				$menuTypes[] = $menuMenu->menutype;


    5336. 

  5336. 			}


    5337. 

  5337. 		}


    5338. 

  5338. 


    5339. 

  5339. 		// sorts menutypes


    5340. 

  5340. 		asort( $menuTypes );


    5341. 

  5341. 


    5342. 

  5342. 		return $menuTypes;


    5343. 

  5343. 	}


    5344. 

  5344. 


    5345. 

  5345. 	/*


    5346. 

  5346. 	* loads files required for menu items


    5347. 

  5347. 	*/


    5348. 

  5348. 	function menuItem( $item ) {


    5349. 

  5349. 		global $mosConfig_absolute_path;


    5350. 

  5350. 


    5351. 

  5351. 		$path = $mosConfig_absolute_path .'/administrator/components/com_menus/'. $item .'/';


    5352. 

  5352. 		include_once( $path . $item .'.class.php' );


    5353. 

  5353. 		include_once( $path . $item .'.menu.html.php' );


    5354. 

  5354. 	}


    5355. 

  5355. }


    5356. 

  5356. 


    5357. 

  5357. 


    5358. 

  5358. class mosCommonHTML {


    5359. 

  5359. 


    5360. 

  5360. 	function ContentLegend( ) {


    5361. 

  5361. 		?>


    5362. 

  5362. 		<table cellspacing="0" cellpadding="4" border="0" align="center">


    5363. 

  5363. 		<tr align="center">


    5364. 

  5364. 			<td>


    5365. 

  5365. 			<img src="images/publish_y.png" width="12" height="12" border="0" alt="Pending" />


    5366. 

  5366. 			</td>


    5367. 

  5367. 			<td>


    5368. 

  5368. 			Published, but is <u>Pending</u> |


    5369. 

  5369. 			</td>


    5370. 

  5370. 			<td>


    5371. 

  5371. 			<img src="images/publish_g.png" width="12" height="12" border="0" alt="Visible" />


    5372. 

  5372. 			</td>


    5373. 

  5373. 			<td>


    5374. 

  5374. 			Published and is <u>Current</u> |


    5375. 

  5375. 			</td>


    5376. 

  5376. 			<td>


    5377. 

  5377. 			<img src="images/publish_r.png" width="12" height="12" border="0" alt="Finished" />


    5378. 

  5378. 			</td>


    5379. 

  5379. 			<td>


    5380. 

  5380. 			Published, but has <u>Expired</u> |


    5381. 

  5381. 			</td>


    5382. 

  5382. 			<td>


    5383. 

  5383. 			<img src="images/publish_x.png" width="12" height="12" border="0" alt="Finished" />


    5384. 

  5384. 			</td>


    5385. 

  5385. 			<td>


    5386. 

  5386. 			Not Published


    5387. 

  5387. 			</td>


    5388. 

  5388. 		</tr>


    5389. 

  5389. 		<tr>


    5390. 

  5390. 			<td colspan="8" align="center">


    5391. 

  5391. 			Click on icon to toggle state.


    5392. 

  5392. 			</td>


    5393. 

  5393. 		</tr>


    5394. 

  5394. 		</table>


    5395. 

  5395. 		<?php


    5396. 

  5396. 	}


    5397. 

  5397. 


    5398. 

  5398. 	function menuLinksContent( &$menus ) {


    5399. 

  5399. 		?>


    5400. 

  5400. 		<script language="javascript" type="text/javascript">


    5401. 

  5401. 		function go2( pressbutton, menu, id ) {


    5402. 

  5402. 			var form = document.adminForm;


    5403. 

  5403. 


    5404. 

  5404. 			// assemble the images back into one field


    5405. 

  5405. 			var temp = new Array;


    5406. 

  5406. 			for (var i=0, n=form.imagelist.options.length; i < n; i++) {


    5407. 

  5407. 				temp[i] = form.imagelist.options[i].value;


    5408. 

  5408. 			}


    5409. 

  5409. 			form.images.value = temp.join( '\n' );


    5410. 

  5410. 


    5411. 

  5411. 			if (pressbutton == 'go2menu') {


    5412. 

  5412. 				form.menu.value = menu;


    5413. 

  5413. 				submitform( pressbutton );


    5414. 

  5414. 				return;


    5415. 

  5415. 			}


    5416. 

  5416. 


    5417. 

  5417. 			if (pressbutton == 'go2menuitem') {


    5418. 

  5418. 				form.menu.value 	= menu;


    5419. 

  5419. 				form.menuid.value 	= id;


    5420. 

  5420. 				submitform( pressbutton );


    5421. 

  5421. 				return;


    5422. 

  5422. 			}


    5423. 

  5423. 		}


    5424. 

  5424. 		</script>


    5425. 

  5425. 		<?php


    5426. 

  5426. 		foreach( $menus as $menu ) {


    5427. 

  5427. 			?>


    5428. 

  5428. 			<tr>


    5429. 

  5429. 				<td colspan="2">


    5430. 

  5430. 				<hr />


    5431. 

  5431. 				</td>


    5432. 

  5432. 			</tr>


    5433. 

  5433. 			<tr>


    5434. 

  5434. 				<td width="90px" valign="top">


    5435. 

  5435. 				Menu


    5436. 

  5436. 				</td>


    5437. 

  5437. 				<td>


    5438. 

  5438. 				<a href="javascript:go2( 'go2menu', '<?php echo $menu->menutype; ?>' );" title="Go to Menu">


    5439. 

  5439. 				<?php echo $menu->menutype; ?>


    5440. 

  5440. 				</a>


    5441. 

  5441. 				</td>


    5442. 

  5442. 			</tr>


    5443. 

  5443. 			<tr>


    5444. 

  5444. 				<td width="90px" valign="top">


    5445. 

  5445. 				Link Name


    5446. 

  5446. 				</td>


    5447. 

  5447. 				<td>


    5448. 

  5448. 				<strong>


    5449. 

  5449. 				<a href="javascript:go2( 'go2menuitem', '<?php echo $menu->menutype; ?>', '<?php echo $menu->id; ?>' );" title="Go to Menu Item">


    5450. 

  5450. 				<?php echo $menu->name; ?>


    5451. 

  5451. 				</a>


    5452. 

  5452. 				</strong>


    5453. 

  5453. 				</td>


    5454. 

  5454. 			</tr>


    5455. 

  5455. 			<tr>


    5456. 

  5456. 				<td width="90px" valign="top">


    5457. 

  5457. 				State


    5458. 

  5458. 				</td>


    5459. 

  5459. 				<td>


    5460. 

  5460. 				<?php


    5461. 

  5461. 				switch ( $menu->published ) {


    5462. 

  5462. 					case -2:


    5463. 

  5463. 						echo '<font color="red">Trashed</font>';


    5464. 

  5464. 						break;


    5465. 

  5465. 					case 0:


    5466. 

  5466. 						echo 'UnPublished';


    5467. 

  5467. 						break;


    5468. 

  5468. 					case 1:


    5469. 

  5469. 					default:


    5470. 

  5470. 						echo '<font color="green">Published</font>';


    5471. 

  5471. 						break;


    5472. 

  5472. 				}


    5473. 

  5473. 				?>


    5474. 

  5474. 				</td>


    5475. 

  5475. 			</tr>


    5476. 

  5476. 			<?php


    5477. 

  5477. 		}


    5478. 

  5478. 		?>


    5479. 

  5479. 		<input type="hidden" name="menu" value="" />


    5480. 

  5480. 		<input type="hidden" name="menuid" value="" />


    5481. 

  5481. 		<?php


    5482. 

  5482. 	}


    5483. 

  5483. 


    5484. 

  5484. 	function menuLinksSecCat( &$menus ) {


    5485. 

  5485. 		?>


    5486. 

  5486. 		<script language="javascript" type="text/javascript">


    5487. 

  5487. 		function go2( pressbutton, menu, id ) {


    5488. 

  5488. 			var form = document.adminForm;


    5489. 

  5489. 


    5490. 

  5490. 			if (pressbutton == 'go2menu') {


    5491. 

  5491. 				form.menu.value = menu;


    5492. 

  5492. 				submitform( pressbutton );


    5493. 

  5493. 				return;


    5494. 

  5494. 			}


    5495. 

  5495. 


    5496. 

  5496. 			if (pressbutton == 'go2menuitem') {


    5497. 

  5497. 				form.menu.value 	= menu;


    5498. 

  5498. 				form.menuid.value 	= id;


    5499. 

  5499. 				submitform( pressbutton );


    5500. 

  5500. 				return;


    5501. 

  5501. 			}


    5502. 

  5502. 		}


    5503. 

  5503. 		</script>


    5504. 

  5504. 		<?php


    5505. 

  5505. 		foreach( $menus as $menu ) {


    5506. 

  5506. 			?>


    5507. 

  5507. 			<tr>


    5508. 

  5508. 				<td colspan="2">


    5509. 

  5509. 				<hr/>


    5510. 

  5510. 				</td>


    5511. 

  5511. 			</tr>


    5512. 

  5512. 			<tr>


    5513. 

  5513. 				<td width="90px" valign="top">


    5514. 

  5514. 				Menu


    5515. 

  5515. 				</td>


    5516. 

  5516. 				<td>


    5517. 

  5517. 				<a href="javascript:go2( 'go2menu', '<?php echo $menu->menutype; ?>' );" title="Go to Menu">


    5518. 

  5518. 				<?php echo $menu->menutype; ?>


    5519. 

  5519. 				</a>


    5520. 

  5520. 				</td>


    5521. 

  5521. 			</tr>


    5522. 

  5522. 			<tr>


    5523. 

  5523. 				<td width="90px" valign="top">


    5524. 

  5524. 				Type


    5525. 

  5525. 				</td>


    5526. 

  5526. 				<td>


    5527. 

  5527. 				<?php echo $menu->type; ?>


    5528. 

  5528. 				</td>


    5529. 

  5529. 			</tr>


    5530. 

  5530. 			<tr>


    5531. 

  5531. 				<td width="90px" valign="top">


    5532. 

  5532. 				Item Name


    5533. 

  5533. 				</td>


    5534. 

  5534. 				<td>


    5535. 

  5535. 				<strong>


    5536. 

  5536. 				<a href="javascript:go2( 'go2menuitem', '<?php echo $menu->menutype; ?>', '<?php echo $menu->id; ?>' );" title="Go to Menu Item">


    5537. 

  5537. 				<?php echo $menu->name; ?>


    5538. 

  5538. 				</a>


    5539. 

  5539. 				</strong>


    5540. 

  5540. 				</td>


    5541. 

  5541. 			</tr>


    5542. 

  5542. 			<tr>


    5543. 

  5543. 				<td width="90px" valign="top">


    5544. 

  5544. 				State


    5545. 

  5545. 				</td>


    5546. 

  5546. 				<td>


    5547. 

  5547. 				<?php


    5548. 

  5548. 				switch ( $menu->published ) {


    5549. 

  5549. 					case -2:


    5550. 

  5550. 						echo '<font color="red">Trashed</font>';


    5551. 

  5551. 						break;


    5552. 

  5552. 					case 0:


    5553. 

  5553. 						echo 'UnPublished';


    5554. 

  5554. 						break;


    5555. 

  5555. 					case 1:


    5556. 

  5556. 					default:


    5557. 

  5557. 						echo '<font color="green">Published</font>';


    5558. 

  5558. 						break;


    5559. 

  5559. 				}


    5560. 

  5560. 				?>


    5561. 

  5561. 				</td>


    5562. 

  5562. 			</tr>


    5563. 

  5563. 			<?php


    5564. 

  5564. 		}


    5565. 

  5565. 		?>


    5566. 

  5566. 		<input type="hidden" name="menu" value="" />


    5567. 

  5567. 		<input type="hidden" name="menuid" value="" />


    5568. 

  5568. 		<?php


    5569. 

  5569. 	}


    5570. 

  5570. 


    5571. 

  5571. 	function checkedOut( &$row, $overlib=1 ) {


    5572. 

  5572. 		$hover = '';


    5573. 

  5573. 		if ( $overlib ) {


    5574. 

  5574. 			$date 				= mosFormatDate( $row->checked_out_time, '%A, %d %B %Y' );


    5575. 

  5575. 			$time				= mosFormatDate( $row->checked_out_time, '%H:%M' );


    5576. 

  5576. 			$editor				= addslashes( htmlspecialchars( html_entity_decode( $row->editor, ENT_QUOTES ) ) );


    5577. 

  5577. 			$checked_out_text 	= '<table>';


    5578. 

  5578. 			$checked_out_text 	.= '<tr><td>'. $editor .'</td></tr>';


    5579. 

  5579. 			$checked_out_text 	.= '<tr><td>'. $date .'</td></tr>';


    5580. 

  5580. 			$checked_out_text 	.= '<tr><td>'. $time .'</td></tr>';


    5581. 

  5581. 			$checked_out_text 	.= '</table>';


    5582. 

  5582. 			$hover = 'onMouseOver="return overlib(\''. $checked_out_text .'\', CAPTION, \'Checked Out\', BELOW, RIGHT);" onMouseOut="return nd();"';


    5583. 

  5583. 		}


    5584. 

  5584. 		$checked	 		= '<img src="images/checked_out.png" '. $hover .'/>';


    5585. 

  5585. 


    5586. 

  5586. 		return $checked;


    5587. 

  5587. 	}


    5588. 

  5588. 


    5589. 

  5589. 	/*


    5590. 

  5590. 	* Loads all necessary files for JS Overlib tooltips


    5591. 

  5591. 	*/


    5592. 

  5592. 	function loadOverlib() {


    5593. 

  5593. 		global  $mosConfig_live_site, $mainframe;


    5594. 

  5594. 


    5595. 

  5595. 		if ( !$mainframe->get( 'loadOverlib' ) ) {


    5596. 

  5596. 		// check if this function is already loaded


    5597. 

  5597. 			?>


    5598. 

  5598. 			<script language="javascript" type="text/javascript" src="<?php echo $mosConfig_live_site;?>/includes/js/overlib_mini.js"></script>


    5599. 

  5599. 			<script language="javascript" type="text/javascript" src="<?php echo $mosConfig_live_site;?>/includes/js/overlib_hideform_mini.js"></script>


    5600. 

  5600. 			<?php


    5601. 

  5601. 			// change state so it isnt loaded a second time


    5602. 

  5602. 			$mainframe->set( 'loadOverlib', true );


    5603. 

  5603. 		}


    5604. 

  5604. 	}


    5605. 

  5605. 


    5606. 

  5606. 


    5607. 

  5607. 	/*


    5608. 

  5608. 	* Loads all necessary files for JS Calendar


    5609. 

  5609. 	*/


    5610. 

  5610. 	function loadCalendar() {


    5611. 

  5611. 		global  $mosConfig_live_site;


    5612. 

  5612. 		?>


    5613. 

  5613. 		<link rel="stylesheet" type="text/css" media="all" href="<?php echo $mosConfig_live_site;?>/includes/js/calendar/calendar-mos.css" title="green" />


    5614. 

  5614. 		<!-- import the calendar script -->


    5615. 

  5615. 		<script type="text/javascript" src="<?php echo $mosConfig_live_site;?>/includes/js/calendar/calendar_mini.js"></script>


    5616. 

  5616. 		<!-- import the language module -->


    5617. 

  5617. 		<script type="text/javascript" src="<?php echo $mosConfig_live_site;?>/includes/js/calendar/lang/calendar-en.js"></script>


    5618. 

  5618. 		<?php


    5619. 

  5619. 	}


    5620. 

  5620. 


    5621. 

  5621. 	function AccessProcessing( &$row, $i ) {


    5622. 

  5622. 		if ( !$row->access ) {


    5623. 

  5623. 			$color_access = 'style="color: green;"';


    5624. 

  5624. 			$task_access = 'accessregistered';


    5625. 

  5625. 		} else if ( $row->access == 1 ) {


    5626. 

  5626. 			$color_access = 'style="color: red;"';


    5627. 

  5627. 			$task_access = 'accessspecial';


    5628. 

  5628. 		} else {


    5629. 

  5629. 			$color_access = 'style="color: black;"';


    5630. 

  5630. 			$task_access = 'accesspublic';


    5631. 

  5631. 		}


    5632. 

  5632. 


    5633. 

  5633. 		$href = '


    5634. 

  5634. 		<a href="javascript: void(0);" onclick="return listItemTask(\'cb'. $i .'\',\''. $task_access .'\')" '. $color_access .'>


    5635. 

  5635. 		'. $row->groupname .'


    5636. 

  5636. 		</a>'


    5637. 

  5637. 		;


    5638. 

  5638. 


    5639. 

  5639. 		return $href;


    5640. 

  5640. 	}


    5641. 

  5641. 


    5642. 

  5642. 	function CheckedOutProcessing( &$row, $i ) {


    5643. 

  5643. 		global $my;


    5644. 

  5644. 


    5645. 

  5645. 		if ( $row->checked_out) {


    5646. 

  5646. 			$checked = mosCommonHTML::checkedOut( $row );


    5647. 

  5647. 		} else {


    5648. 

  5648. 			$checked = mosHTML::idBox( $i, $row->id, ($row->checked_out && $row->checked_out != $my->id ) );


    5649. 

  5649. 		}


    5650. 

  5650. 


    5651. 

  5651. 		return $checked;


    5652. 

  5652. 	}


    5653. 

  5653. 


    5654. 

  5654. 	function PublishedProcessing( &$row, $i ) {


    5655. 

  5655. 		$img 	= $row->published ? 'publish_g.png' : 'publish_x.png';


    5656. 

  5656. 		$task 	= $row->published ? 'unpublish' : 'publish';


    5657. 

  5657. 		$alt 	= $row->published ? 'Published' : 'Unpublished';


    5658. 

  5658. 		$action	= $row->published ? 'Unpublish Item' : 'Publish item';


    5659. 

  5659. 


    5660. 

  5660. 		$href = '


    5661. 

  5661. 		<a href="javascript: void(0);" onclick="return listItemTask(\'cb'. $i .'\',\''. $task .'\')" title="'. $action .'">


    5662. 

  5662. 		<img src="images/'. $img .'" border="0" alt="'. $alt .'" />


    5663. 

  5663. 		</a>'


    5664. 

  5664. 		;


    5665. 

  5665. 


    5666. 

  5666. 		return $href;


    5667. 

  5667. 	}


    5668. 

  5668. 


    5669. 

  5669. 	/*


    5670. 

  5670. 	* Special handling for newfeed encoding and possible conflicts with page encoding and PHP version


    5671. 

  5671. 	* Added 1.0.8


    5672. 

  5672. 	* Static Function


    5673. 

  5673. 	*/


    5674. 

  5674. 	function newsfeedEncoding( $rssDoc, $text ) {


    5675. 

  5675. 		if (!defined( '_JOS_FEED_ENCODING' )) {


    5676. 

  5676. 		// determine encoding of feed


    5677. 

  5677. 			$feed 			= $rssDoc->toNormalizedString(true);


    5678. 

  5678. 			$feed 			= strtolower( substr( $feed, 0, 150 ) );


    5679. 

  5679. 			$feedEncoding 	= strpos( $feed, 'encoding=&quot;utf-8&quot;' );


    5680. 

  5680. 


    5681. 

  5681. 			if ( $feedEncoding !== false ) {


    5682. 

  5682. 			// utf-8 feed


    5683. 

  5683. 				$utf8 = 1;


    5684. 

  5684. 			} else {


    5685. 

  5685. 			// non utf-8 page


    5686. 

  5686. 				$utf8 = 0;


    5687. 

  5687. 			}


    5688. 

  5688. 


    5689. 

  5689. 			define( '_JOS_FEED_ENCODING', $utf8 );


    5690. 

  5690. 		}


    5691. 

  5691. 


    5692. 

  5692. 		if (!defined( '_JOS_SITE_ENCODING' )) {


    5693. 

  5693. 		// determine encoding of page


    5694. 

  5694. 			if ( strpos( strtolower( _ISO ), 'utf' ) !== false ) {


    5695. 

  5695. 			// utf-8 page


    5696. 

  5696. 				$utf8 = 1;


    5697. 

  5697. 			} else {


    5698. 

  5698. 			// non utf-8 page


    5699. 

  5699. 				$utf8 = 0;


    5700. 

  5700. 			}


    5701. 

  5701. 


    5702. 

  5702. 			define( '_JOS_SITE_ENCODING', $utf8 );


    5703. 

  5703. 


    5704. 

  5704. 		}


    5705. 

  5705. 


    5706. 

  5706. 		if ( phpversion() >= 5 ) {


    5707. 

  5707. 		// handling for PHP 5


    5708. 

  5708. 			if ( _JOS_FEED_ENCODING ) {


    5709. 

  5709. 			// handling for utf-8 feed


    5710. 

  5710. 				if ( _JOS_SITE_ENCODING ) {


    5711. 

  5711. 				// utf-8 page


    5712. 

  5712. 					$encoding = 'html_entity_decode';


    5713. 

  5713. 				} else {


    5714. 

  5714. 				// non utf-8 page


    5715. 

  5715. 					$encoding = 'utf8_decode';


    5716. 

  5716. 				}


    5717. 

  5717. 			} else {


    5718. 

  5718. 			// handling for non utf-8 feed


    5719. 

  5719. 				if ( _JOS_SITE_ENCODING ) {


    5720. 

  5720. 					// utf-8 page


    5721. 

  5721. 					$encoding = '';


    5722. 

  5722. 				} else {


    5723. 

  5723. 					// non utf-8 page


    5724. 

  5724. 					$encoding = 'utf8_decode';


    5725. 

  5725. 				}


    5726. 

  5726. 			}


    5727. 

  5727. 		} else {


    5728. 

  5728. 		// handling for PHP 4


    5729. 

  5729. 			if ( _JOS_FEED_ENCODING ) {


    5730. 

  5730. 			// handling for utf-8 feed


    5731. 

  5731. 				if ( _JOS_SITE_ENCODING ) {


    5732. 

  5732. 				// utf-8 page


    5733. 

  5733. 					$encoding = '';


    5734. 

  5734. 				} else {


    5735. 

  5735. 				// non utf-8 page


    5736. 

  5736. 					$encoding = 'utf8_decode';


    5737. 

  5737. 				}


    5738. 

  5738. 			} else {


    5739. 

  5739. 			// handling for non utf-8 feed


    5740. 

  5740. 				if ( _JOS_SITE_ENCODING ) {


    5741. 

  5741. 				// utf-8 page


    5742. 

  5742. 					$encoding = 'utf8_encode';


    5743. 

  5743. 				} else {


    5744. 

  5744. 				// non utf-8 page


    5745. 

  5745. 					$encoding = 'html_entity_decode';


    5746. 

  5746. 				}


    5747. 

  5747. 			}


    5748. 

  5748. 		}


    5749. 

  5749. 


    5750. 

  5750. 		if ( $encoding ) {


    5751. 

  5751. 			$text = $encoding( $text );


    5752. 

  5752. 		}


    5753. 

  5753. 		$text = str_replace('&apos;', "'", $text);


    5754. 

  5754. 


    5755. 

  5755. 		return $text;


    5756. 

  5756. 	}


    5757. 

  5757. }


    5758. 

  5758. 


    5759. 

  5759. /**


    5760. 

  5760. * Sorts an Array of objects


    5761. 

  5761. */


    5762. 

  5762. function SortArrayObjects_cmp( &$a, &$b ) {


    5763. 

  5763. 	global $csort_cmp;


    5764. 

  5764. 


    5765. 

  5765. 	if ( $a->$csort_cmp['key'] > $b->$csort_cmp['key'] ) {


    5766. 

  5766. 		return $csort_cmp['direction'];


    5767. 

  5767. 	}


    5768. 

  5768. 


    5769. 

  5769. 	if ( $a->$csort_cmp['key'] < $b->$csort_cmp['key'] ) {


    5770. 

  5770. 		return -1 * $csort_cmp['direction'];


    5771. 

  5771. 	}


    5772. 

  5772. 


    5773. 

  5773. 	return 0;


    5774. 

  5774. }


    5775. 

  5775. 


    5776. 

  5776. /**


    5777. 

  5777. * Sorts an Array of objects


    5778. 

  5778. * sort_direction [1 = Ascending] [-1 = Descending]


    5779. 

  5779. */


    5780. 

  5780. function SortArrayObjects( &$a, $k, $sort_direction=1 ) {


    5781. 

  5781. 	global $csort_cmp;


    5782. 

  5782. 


    5783. 

  5783. 	$csort_cmp = array(


    5784. 

  5784. 		'key'		  => $k,


    5785. 

  5785. 		'direction'	=> $sort_direction


    5786. 

  5786. 	);


    5787. 

  5787. 


    5788. 

  5788. 	usort( $a, 'SortArrayObjects_cmp' );


    5789. 

  5789. 


    5790. 

  5790. 	unset( $csort_cmp );


    5791. 

  5791. }


    5792. 

  5792. 


    5793. 

  5793. /**


    5794. 

  5794. * Sends mail to admin


    5795. 

  5795. */


    5796. 

  5796. function mosSendAdminMail( $adminName, $adminEmail, $email, $type, $title, $author ) {


    5797. 

  5797. 	global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_live_site;


    5798. 

  5798. 


    5799. 

  5799. 	$subject = _MAIL_SUB." '$type'";


    5800. 

  5800. 	$message = _MAIL_MSG;


    5801. 

  5801. 	eval ("\$message = \"$message\";");


    5802. 

  5802. 


    5803. 

  5803. 	mosMail($mosConfig_mailfrom, $mosConfig_fromname, $adminEmail, $subject, $message);


    5804. 

  5804. }


    5805. 

  5805. 


    5806. 

  5806. /*


    5807. 

  5807. * Includes pathway file


    5808. 

  5808. */


    5809. 

  5809. function mosPathWay() {


    5810. 

  5810. 	global $mosConfig_absolute_path;


    5811. 

  5811. 


    5812. 

  5812. 	$Itemid = intval( mosGetParam( $_REQUEST, 'Itemid', '' ) );


    5813. 

  5813. 	require_once ( $mosConfig_absolute_path . '/includes/pathway.php' );


    5814. 

  5814. }


    5815. 

  5815. 


    5816. 

  5816. /**


    5817. 

  5817. * Displays a not authorised message


    5818. 

  5818. *


    5819. 

  5819. * If the user is not logged in then an addition message is displayed.


    5820. 

  5820. */


    5821. 

  5821. function mosNotAuth() {


    5822. 

  5822. 	global $my;


    5823. 

  5823. 


    5824. 

  5824. 	echo _NOT_AUTH;


    5825. 

  5825. 	if ($my->id < 1) {


    5826. 

  5826. 		echo "<br />" . _DO_LOGIN;


    5827. 

  5827. 	}


    5828. 

  5828. }


    5829. 

  5829. 


    5830. 

  5830. /**


    5831. 

  5831. * Replaces &amp; with & for xhtml compliance


    5832. 

  5832. *


    5833. 

  5833. * Needed to handle unicode conflicts due to unicode conflicts


    5834. 

  5834. */


    5835. 

  5835. function ampReplace( $text ) {


    5836. 

  5836. 	$text = str_replace( '&&', '*--*', $text );


    5837. 

  5837. 	$text = str_replace( '&#', '*-*', $text );


    5838. 

  5838. 	$text = str_replace( '&amp;', '&', $text );


    5839. 

  5839. 	$text = preg_replace( '|&(?![\w]+;)|', '&amp;', $text );


    5840. 

  5840. 	$text = str_replace( '*-*', '&#', $text );


    5841. 

  5841. 	$text = str_replace( '*--*', '&&', $text );


    5842. 

  5842. 


    5843. 

  5843. 	return $text;


    5844. 

  5844. }


    5845. 

  5845. /**


    5846. 

  5846. * Prepares results from search for display


    5847. 

  5847. * @param string The source string


    5848. 

  5848. * @param int Number of chars to trim


    5849. 

  5849. * @param string The searchword to select around


    5850. 

  5850. * @return string


    5851. 

  5851. */


    5852. 

  5852. function mosPrepareSearchContent( $text, $length=200, $searchword ) {


    5853. 

  5853. 	// strips tags won't remove the actual jscript


    5854. 

  5854. 	$text = preg_replace( "'<script[^>]*>.*?</script>'si", "", $text );


    5855. 

  5855. 	$text = preg_replace( '/{.+?}/', '', $text);


    5856. 

  5856. 


    5857. 

  5857. 	//$text = preg_replace( '/<a\s+.*?href="([^"]+)"[^>]*>([^<]+)<\/a>/is','\2', $text );


    5858. 

  5858. 


    5859. 

  5859. 	// replace line breaking tags with whitespace


    5860. 

  5860. 	$text = preg_replace( "'<(br[^/>]*?/|hr[^/>]*?/|/(div|h[1-6]|li|p|td))>'si", ' ', $text );


    5861. 

  5861. 


    5862. 

  5862. 	$text = mosSmartSubstr( strip_tags( $text ), $length, $searchword );


    5863. 

  5863. 


    5864. 

  5864. 	return $text;


    5865. 

  5865. }


    5866. 

  5866. 


    5867. 

  5867. /**


    5868. 

  5868. * returns substring of characters around a searchword


    5869. 

  5869. * @param string The source string


    5870. 

  5870. * @param int Number of chars to return


    5871. 

  5871. * @param string The searchword to select around


    5872. 

  5872. * @return string


    5873. 

  5873. */


    5874. 

  5874. function mosSmartSubstr($text, $length=200, $searchword) {


    5875. 

  5875.   $wordpos = strpos(strtolower($text), strtolower($searchword));


    5876. 

  5876.   $halfside = intval($wordpos - $length/2 - strlen($searchword));


    5877. 

  5877.   if ($wordpos && $halfside > 0) {


    5878. 

  5878. 	return '...' . substr($text, $halfside, $length) . '...';


    5879. 

  5879.   } else {


    5880. 

  5880. 	return substr( $text, 0, $length);


    5881. 

  5881.   }


    5882. 

  5882. }


    5883. 

  5883. 


    5884. 

  5884. /**


    5885. 

  5885. * Chmods files and directories recursively to given permissions. Available from 1.0.0 up.


    5886. 

  5886. * @param path The starting file or directory (no trailing slash)


    5887. 

  5887. * @param filemode Integer value to chmod files. NULL = dont chmod files.


    5888. 

  5888. * @param dirmode Integer value to chmod directories. NULL = dont chmod directories.


    5889. 

  5889. * @return TRUE=all succeeded FALSE=one or more chmods failed


    5890. 

  5890. */


    5891. 

  5891. function mosChmodRecursive($path, $filemode=NULL, $dirmode=NULL)


    5892. 

  5892. {


    5893. 

  5893. 	$ret = TRUE;


    5894. 

  5894. 	if (is_dir($path)) {


    5895. 

  5895. 		$dh = opendir($path);


    5896. 

  5896. 		while ($file = readdir($dh)) {


    5897. 

  5897. 			if ($file != '.' && $file != '..') {


    5898. 

  5898. 				$fullpath = $path.'/'.$file;


    5899. 

  5899. 				if (is_dir($fullpath)) {


    5900. 

  5900. 					if (!mosChmodRecursive($fullpath, $filemode, $dirmode))


    5901. 

  5901. 						$ret = FALSE;


    5902. 

  5902. 				} else {


    5903. 

  5903. 					if (isset($filemode))


    5904. 

  5904. 						if (!@chmod($fullpath, $filemode))


    5905. 

  5905. 							$ret = FALSE;


    5906. 

  5906. 				} // if


    5907. 

  5907. 			} // if


    5908. 

  5908. 		} // while


    5909. 

  5909. 		closedir($dh);


    5910. 

  5910. 		if (isset($dirmode))


    5911. 

  5911. 			if (!@chmod($path, $dirmode))


    5912. 

  5912. 				$ret = FALSE;


    5913. 

  5913. 	} else {


    5914. 

  5914. 		if (isset($filemode))


    5915. 

  5915. 			$ret = @chmod($path, $filemode);


    5916. 

  5916. 	} // if


    5917. 

  5917. 	return $ret;


    5918. 

  5918. } // mosChmodRecursive


    5919. 

  5919. 


    5920. 

  5920. /**


    5921. 

  5921. * Chmods files and directories recursively to mos global permissions. Available from 1.0.0 up.


    5922. 

  5922. * @param path The starting file or directory (no trailing slash)


    5923. 

  5923. * @param filemode Integer value to chmod files. NULL = dont chmod files.


    5924. 

  5924. * @param dirmode Integer value to chmod directories. NULL = dont chmod directories.


    5925. 

  5925. * @return TRUE=all succeeded FALSE=one or more chmods failed


    5926. 

  5926. */


    5927. 

  5927. function mosChmod($path) {


    5928. 

  5928. 	global $mosConfig_fileperms, $mosConfig_dirperms;


    5929. 

  5929. 	$filemode = NULL;


    5930. 

  5930. 	if ($mosConfig_fileperms != '')


    5931. 

  5931. 		$filemode = octdec($mosConfig_fileperms);


    5932. 

  5932. 	$dirmode = NULL;


    5933. 

  5933. 	if ($mosConfig_dirperms != '')


    5934. 

  5934. 		$dirmode = octdec($mosConfig_dirperms);


    5935. 

  5935. 	if (isset($filemode) || isset($dirmode))


    5936. 

  5936. 		return mosChmodRecursive($path, $filemode, $dirmode);


    5937. 

  5937. 	return TRUE;


    5938. 

  5938. } // mosChmod


    5939. 

  5939. 


    5940. 

  5940. /**


    5941. 

  5941.  * Function to convert array to integer values


    5942. 

  5942.  * @param array


    5943. 

  5943.  * @param int A default value to assign if $array is not an array


    5944. 

  5944.  * @return array


    5945. 

  5945.  */


    5946. 

  5946. function mosArrayToInts( &$array, $default=null ) {


    5947. 

  5947. 	if (is_array( $array )) {


    5948. 

  5948. 		foreach( $array as $key => $value ) {


    5949. 

  5949. 			$array[$key] = (int) $value;


    5950. 

  5950. 		}


    5951. 

  5951. 	} else {


    5952. 

  5952. 		if (is_null( $default )) {


    5953. 

  5953. 			$array = array();


    5954. 

  5954. 			return array(); // Kept for backwards compatibility


    5955. 

  5955. 		} else {


    5956. 

  5956. 			$array = array( (int) $default );


    5957. 

  5957. 			return array( $default ); // Kept for backwards compatibility


    5958. 

  5958. 		}


    5959. 

  5959. 	}


    5960. 

  5960. }


    5961. 

  5961. 


    5962. 

  5962. /*


    5963. 

  5963. * Function to handle an array of integers


    5964. 

  5964. * Added 1.0.11


    5965. 

  5965. */


    5966. 

  5966. function josGetArrayInts( $name, $type=NULL ) {


    5967. 

  5967. 	if ( $type == NULL ) {


    5968. 

  5968. 		$type = $_POST;


    5969. 

  5969. 	}


    5970. 

  5970. 


    5971. 

  5971. 	$array = mosGetParam( $type, $name, array(0) );


    5972. 

  5972. 


    5973. 

  5973. 	mosArrayToInts( $array );


    5974. 

  5974. 


    5975. 

  5975. 	if (!is_array( $array )) {


    5976. 

  5976. 		$array = array(0);


    5977. 

  5977. 	}


    5978. 

  5978. 


    5979. 

  5979. 	return $array;


    5980. 

  5980. }


    5981. 

  5981. 


    5982. 

  5982. /**


    5983. 

  5983.  * Utility class for helping with patTemplate


    5984. 

  5984.  */


    5985. 

  5985. class patHTML {


    5986. 

  5986. 	/**


    5987. 

  5987. 	 * Converts a named array to an array or named rows suitable to option lists


    5988. 

  5988. 	 * @param array The source array[key] = value


    5989. 

  5989. 	 * @param mixed A value or array of selected values


    5990. 

  5990. 	 * @param string The name for the value field


    5991. 

  5991. 	 * @param string The name for selected attribute (use 'checked' for radio of box lists)


    5992. 

  5992. 	 */


    5993. 

  5993. 	function selectArray( &$source, $selected=null, $valueName='value', $selectedAttr='selected' ) {


    5994. 

  5994. 		if (!is_array( $selected )) {


    5995. 

  5995. 			$selected = array( $selected );


    5996. 

  5996. 		}


    5997. 

  5997. 		foreach ($source as $i => $row) {


    5998. 

  5998. 			if (is_object( $row )) {


    5999. 

  5999. 				$source[$i]->selected = in_array( $row->$valueName, $selected ) ? $selectedAttr . '="true"' : '';


    6000. 

  6000. 			} else {


    6001. 

  6001. 				$source[$i]['selected'] = in_array( $row[$valueName], $selected ) ? $selectedAttr . '="true"' : '';


    6002. 

  6002. 			}


    6003. 

  6003. 		}


    6004. 

  6004. 	}


    6005. 

  6005. 


    6006. 

  6006. 	/**


    6007. 

  6007. 	 * Converts a named array to an array or named rows suitable to checkbox or radio lists


    6008. 

  6008. 	 * @param array The source array[key] = value


    6009. 

  6009. 	 * @param mixed A value or array of selected values


    6010. 

  6010. 	 * @param string The name for the value field


    6011. 

  6011. 	 */


    6012. 

  6012. 	function checkArray( &$source, $selected=null, $valueName='value' ) {


    6013. 

  6013. 		patHTML::selectArray( $source, $selected, $valueName, 'checked' );


    6014. 

  6014. 	}


    6015. 

  6015. 


    6016. 

  6016. 	/**


    6017. 

  6017. 	 * @param mixed The value for the option


    6018. 

  6018. 	 * @param string The text for the option


    6019. 

  6019. 	 * @param string The name of the value parameter (default is value)


    6020. 

  6020. 	 * @param string The name of the text parameter (default is text)


    6021. 

  6021. 	 */


    6022. 

  6022. 	function makeOption( $value, $text, $valueName='value', $textName='text' ) {


    6023. 

  6023. 		return array(


    6024. 

  6024. 			$valueName => $value,


    6025. 

  6025. 			$textName => $text


    6026. 

  6026. 		);


    6027. 

  6027. 	}


    6028. 

  6028. 


    6029. 

  6029. 	/**


    6030. 

  6030. 	 * Writes a radio pair


    6031. 

  6031. 	 * @param object Template object


    6032. 

  6032. 	 * @param string The template name


    6033. 

  6033. 	 * @param string The field name


    6034. 

  6034. 	 * @param int The value of the field


    6035. 

  6035. 	 * @param array Array of options


    6036. 

  6036. 	 * @param string Optional template variable name


    6037. 

  6037. 	 */


    6038. 

  6038. 	function radioSet( &$tmpl, $template, $name, $value, $a, $varname=null ) {


    6039. 

  6039. 		patHTML::checkArray( $a, $value );


    6040. 

  6040. 


    6041. 

  6041. 		$tmpl->addVar( 'radio-set', 'name', $name );


    6042. 

  6042. 		$tmpl->addRows( 'radio-set', $a );


    6043. 

  6043. 		$tmpl->parseIntoVar( 'radio-set', $template, is_null( $varname ) ? $name : $varname );


    6044. 

  6044. 	}


    6045. 

  6045. 


    6046. 

  6046. 	/**


    6047. 

  6047. 	 * Writes a radio pair


    6048. 

  6048. 	 * @param object Template object


    6049. 

  6049. 	 * @param string The template name


    6050. 

  6050. 	 * @param string The field name


    6051. 

  6051. 	 * @param int The value of the field


    6052. 

  6052. 	 * @param string Optional template variable name


    6053. 

  6053. 	 */


    6054. 

  6054. 	function yesNoRadio( &$tmpl, $template, $name, $value, $varname=null ) {


    6055. 

  6055. 		$a = array(


    6056. 

  6056. 			patHTML::makeOption( 0, 'No' ),


    6057. 

  6057. 			patHTML::makeOption( 1, 'Yes' )


    6058. 

  6058. 		);


    6059. 

  6059. 		patHTML::radioSet( $tmpl, $template, $name, $value, $a, $varname );


    6060. 

  6060. 	}


    6061. 

  6061. }


    6062. 

  6062. 


    6063. 

  6063. /**


    6064. 

  6064.  * Provides a secure hash based on a seed


    6065. 

  6065.  * @param string Seed string


    6066. 

  6066.  * @return string


    6067. 

  6067.  */


    6068. 

  6068. function mosHash( $seed ) {


    6069. 

  6069. 	return md5( $GLOBALS['mosConfig_secret'] . md5( $seed ) );


    6070. 

  6070. }


    6071. 

  6071. 


    6072. 

  6072. /**


    6073. 

  6073.  * Format a backtrace error


    6074. 

  6074.  * @since 1.0.5


    6075. 

  6075.  */


    6076. 

  6076. function mosBackTrace() {


    6077. 

  6077. 	if (function_exists( 'debug_backtrace' )) {


    6078. 

  6078. 		echo '<div align="left">';


    6079. 

  6079. 		foreach( debug_backtrace() as $back) {


    6080. 

  6080. 			if (@$back['file']) {


    6081. 

  6081. 				echo '<br />' . str_replace( $GLOBALS['mosConfig_absolute_path'], '', $back['file'] ) . ':' . $back['line'];


    6082. 

  6082. 			}


    6083. 

  6083. 		}


    6084. 

  6084. 		echo '</div>';


    6085. 

  6085. 	}


    6086. 

  6086. }


    6087. 

  6087. 


    6088. 

  6088. function josSpoofCheck( $header=NULL, $alt=NULL , $method = 'post')


    6089. 

  6089. {


    6090. 

  6090. 	switch(strtolower($method)) {


    6091. 

  6091. 		case "get":


    6092. 

  6092. 			$validate 	= mosGetParam( $_GET, josSpoofValue($alt), 0 );


    6093. 

  6093. 			break;


    6094. 

  6094. 		case "request":


    6095. 

  6095. 			$validate 	= mosGetParam( $_REQUEST, josSpoofValue($alt), 0 );


    6096. 

  6096. 			break;


    6097. 

  6097. 		case "post":


    6098. 

  6098. 		default:


    6099. 

  6099. 			$validate 	= mosGetParam( $_POST, josSpoofValue($alt), 0 );


    6100. 

  6100. 			break;


    6101. 

  6101. 	}


    6102. 

  6102. 


    6103. 

  6103. 	// probably a spoofing attack


    6104. 

  6104. 	if (!$validate) {


    6105. 

  6105. 		header( 'HTTP/1.0 403 Forbidden' );


    6106. 

  6106. 		mosErrorAlert( _NOT_AUTH );


    6107. 

  6107. 		return;


    6108. 

  6108. 	}


    6109. 

  6109. 


    6110. 

  6110. 	// First, make sure the form was posted from a browser.


    6111. 

  6111. 	// For basic web-forms, we don't care about anything


    6112. 

  6112. 	// other than requests from a browser:


    6113. 

  6113. 	if (!isset( $_SERVER['HTTP_USER_AGENT'] )) {


    6114. 

  6114. 		header( 'HTTP/1.0 403 Forbidden' );


    6115. 

  6115. 		mosErrorAlert( _NOT_AUTH );


    6116. 

  6116. 		return;


    6117. 

  6117. 	}


    6118. 

  6118. 


    6119. 

  6119. 	// Make sure the form was indeed POST'ed:


    6120. 

  6120. 	//  (requires your html form to use: action="post")


    6121. 

  6121. 	if (!$_SERVER['REQUEST_METHOD'] == 'POST' ) {


    6122. 

  6122. 		header( 'HTTP/1.0 403 Forbidden' );


    6123. 

  6123. 		mosErrorAlert( _NOT_AUTH );


    6124. 

  6124. 		return;


    6125. 

  6125. 	}


    6126. 

  6126. 


    6127. 

  6127. 	if ($header) {


    6128. 

  6128. 	// Attempt to defend against header injections:


    6129. 

  6129. 		$badStrings = array(


    6130. 

  6130. 			'Content-Type:',


    6131. 

  6131. 			'MIME-Version:',


    6132. 

  6132. 			'Content-Transfer-Encoding:',


    6133. 

  6133. 			'bcc:',


    6134. 

  6134. 			'cc:'


    6135. 

  6135. 		);


    6136. 

  6136. 


    6137. 

  6137. 		// Loop through each POST'ed value and test if it contains


    6138. 

  6138. 		// one of the $badStrings:


    6139. 

  6139. 		_josSpoofCheck( $_POST, $badStrings );


    6140. 

  6140. 	}


    6141. 

  6141. }


    6142. 

  6142. 


    6143. 

  6143. function _josSpoofCheck( $array, $badStrings )


    6144. 

  6144. {


    6145. 

  6145. 	// Loop through each $array value and test if it contains


    6146. 

  6146. 	// one of the $badStrings


    6147. 

  6147. 	foreach( $array as $v ) {


    6148. 

  6148. 		if (is_array( $v )) {


    6149. 

  6149. 			_josSpoofCheck( $v, $badStrings );


    6150. 

  6150. 		} else {


    6151. 

  6151. 			foreach ( $badStrings as $v2 ) {


    6152. 

  6152. 				if ( stripos( $v, $v2 ) !== false ) {


    6153. 

  6153. 					header( 'HTTP/1.0 403 Forbidden' );


    6154. 

  6154. 					mosErrorAlert( _NOT_AUTH );


    6155. 

  6155. 					exit(); // mosErrorAlert dies anyway, double check just to make sure


    6156. 

  6156. 				}


    6157. 

  6157. 			}


    6158. 

  6158. 		}


    6159. 

  6159. 	}


    6160. 

  6160. }


    6161. 

  6161. 


    6162. 

  6162. /**


    6163. 

  6163.  * Method to determine a hash for anti-spoofing variable names


    6164. 

  6164.  *


    6165. 

  6165.  * @return	string	Hashed var name


    6166. 

  6166.  * @static


    6167. 

  6167.  */


    6168. 

  6168. function josSpoofValue($alt=NULL)


    6169. 

  6169. {


    6170. 

  6170. 	global $mainframe, $my;


    6171. 

  6171. 


    6172. 

  6172. 	if ($alt) {


    6173. 

  6173. 		if ( $alt == 1 ) {


    6174. 

  6174. 			$random		= date( 'Ymd' );


    6175. 

  6175. 		} else {


    6176. 

  6176. 			$random		= $alt . date( 'Ymd' );


    6177. 

  6177. 		}


    6178. 

  6178. 	} else {


    6179. 

  6179. 		$random		= date( 'dmY' );


    6180. 

  6180. 	}


    6181. 

  6181. 	// the prefix ensures that the hash is non-numeric


    6182. 

  6182. 	// otherwise it will be intercepted by globals.php


    6183. 

  6183. 	$validate 	= 'j' . mosHash( $mainframe->getCfg( 'db' ) . $random . $my->id );


    6184. 

  6184. 


    6185. 

  6185. 	return $validate;


    6186. 

  6186. }


    6187. 

  6187. 


    6188. 

  6188. /**


    6189. 

  6189.  * A simple helper function to salt and hash a clear-text password.


    6190. 

  6190.  *


    6191. 

  6191.  * @since	1.0.13


    6192. 

  6192.  * @param	string	$password	A plain-text password


    6193. 

  6193.  * @return	string	An md5 hashed password with salt


    6194. 

  6194.  */


    6195. 

  6195. function josHashPassword($password)


    6196. 

  6196. {


    6197. 

  6197. 	// Salt and hash the password


    6198. 

  6198. 	$salt	= mosMakePassword(16);


    6199. 

  6199. 	$crypt	= md5($password.$salt);


    6200. 

  6200. 	$hash	= $crypt.':'.$salt;


    6201. 

  6201. 


    6202. 

  6202. 	return $hash;


    6203. 

  6203. }


    6204. 

  6204. 


    6205. 

  6205. // ----- NO MORE CLASSES OR FUNCTIONS PASSED THIS POINT -----


    6206. 

  6206. // Post class declaration initialisations


    6207. 

  6207. // some version of PHP don't allow the instantiation of classes


    6208. 

  6208. // before they are defined


    6209. 

  6209. 


    6210. 

  6210. /** @global mosPlugin $_MAMBOTS */


    6211. 

  6211. $_MAMBOTS = new mosMambotHandler();


    6212. 

  6212. ?>


    6213. 

  6213.