function show($view, $loc = null, $title = '')
 {
     if (exponent_permissions_check('administrate', $loc) || exponent_permissions_check('create', $loc) || exponent_permissions_check('edit', $loc) || exponent_permissions_check('delete', $loc)) {
         $template = new template('HTMLTemplateModule', $view, $loc);
         $template->assign('noupload', 0);
         $template->assign('uploadError', '');
         if (!defined('SYS_FILES')) {
             include_once BASE . 'subsystems/files.php';
         }
         $directory = 'files/HTMLTemplateModule/' . $loc->src;
         if (!file_exists(BASE . $directory)) {
             $err = exponent_files_makeDirectory($directory);
             if ($err != SYS_FILES_SUCCESS) {
                 $template->assign('noupload', 1);
                 $template->assign('uploadError', $err);
             }
         }
         global $db;
         $templates = $db->selectObjects('htmltemplate');
         for ($i = 0; $i < count($templates); $i++) {
             $assocs = $db->selectObjects('htmltemplateassociation', 'template_id=' . $templates[$i]->id);
             if (count($assocs) == 1 && $assocs[0]->global == 1) {
                 $templates[$i]->global_assoc = 1;
             } else {
                 $templates[$i]->global_assoc = 0;
                 $templates[$i]->associations = $assocs;
             }
         }
         $template->assign('moduletitle', $title);
         $template->assign('templates', $templates);
         $template->register_permissions(array('administrate', 'create', 'edit', 'delete'), exponent_core_makeLocation('HTMLTemplateModule'));
         $template->output();
     }
 }
 function update($values, $object, $loc)
 {
     global $db;
     if (!isset($values['id'])) {
         // Only deal with the inc/dec stuff if adding a module.
         $src = "";
         if (isset($values['i_src'])) {
             if ($values['i_src'] == "new_source") {
                 $src = "@random" . uniqid("");
                 $object->is_existing = 0;
             } else {
                 $src = $values[$values['i_src']];
                 $object->is_existing = 1;
             }
         } else {
             $object->is_existing = 0;
         }
         $newInternal = exponent_core_makeLocation($values['i_mod'], $src);
         // REFERENCES - Section and Location
         //$sect = $db->selectObject('section','id='.$_POST['current_section']);
         exponent_core_incrementLocationReference($newInternal, intval($_POST['current_section']));
         // Rank is only updateable from the order action
         $object->rank = $values['rank'];
         if (isset($values['rerank'])) {
             $db->increment("container", "rank", 1, "external='" . serialize($loc) . "' AND rank >= " . $values['rank']);
         }
         $object->internal = serialize($newInternal);
         $object->external = serialize($loc);
     }
     $object->is_private = isset($_POST['is_private']) ? 1 : 0;
     // UPDATE the container
     $object->view = $values['view'];
     $object->title = $values['title'];
     return $object;
 }
 function getLocationHierarchy($loc)
 {
     if ($loc->int == '') {
         return array($loc);
     } else {
         return array($loc, exponent_core_makeLocation($loc->mod, $loc->src));
     }
 }
 function show($view, $loc = null, $title = "")
 {
     $loc = exponent_core_makeLocation('FileManagerModule');
     global $db;
     $collections = $db->selectObjects('file_collection');
     $template = new template('FileManagerModule', $view, $loc);
     $template->assign('collections', $collections);
     $template->output();
 }
function exponent_permissions_checkUser($user, $permission, $location, $explicitOnly = false)
{
    global $db;
    if ($user == null) {
        return false;
    }
    if ($user->is_acting_admin == 1) {
        return true;
    }
    $explicit = $db->selectObject("userpermission", "uid=" . $user->id . " AND module='" . $location->mod . "' AND source='" . $location->src . "' AND internal='" . $location->int . "' AND permission='{$permission}'");
    if ($explicitOnly == true) {
        return $explicit;
    }
    $implicit = false;
    // Check locationHierarchy
    if (is_callable(array($location->mod, "getLocationHierarchy"))) {
        foreach (call_user_func(array($location->mod, "getLocationHierarchy"), $location) as $loc) {
            if ($db->selectObject("userpermission", "uid=" . $user->id . " AND module='" . $loc->mod . "' AND source='" . $loc->src . "' AND internal='" . $loc->int . "' AND permission='{$permission}'")) {
                $implicit = true;
                break;
            }
        }
    }
    if (!$implicit) {
        $memberships = $db->selectObjects("groupmembership", "member_id=" . $user->id);
        foreach ($memberships as $memb) {
            if ($db->selectObject("grouppermission", "gid=" . $memb->group_id . " AND module='" . $location->mod . "' AND source='" . $location->src . "' AND internal='" . $location->int . "' AND permission='{$permission}'")) {
                $implicit = true;
                break;
            }
            $section_perms = $db->selectObjects('grouppermission', 'gid=' . $memb->group_id . " AND module='NavigationModule' AND permission='manage'");
            foreach ($section_perms as $perm) {
                if ($db->countObjects('sectionref', 'is_original=1 AND section=' . $perm->internal . " AND module='" . $location->mod . "' AND source='" . $location->src . "'")) {
                    $implicit = true;
                    break;
                }
            }
        }
    }
    if (!$implicit && $location->mod != 'NavigationModule') {
        foreach ($db->selectObjects('sectionref', "is_original=1 AND module='" . $location->mod . "' AND source='" . $location->src . "'") as $secref) {
            if (exponent_permissions_checkUser($user, 'manage', exponent_core_makeLocation('NavigationModule', '', $secref->section))) {
                $implicit = true;
                break;
            }
        }
        // Now check the section management
        /*
        		$section_perms = $db->selectObjects('userpermission','uid='.$user->id." AND module='NavigationModule' AND permission='manage'");
        		foreach ($section_perms as $perm) {
        			if ($db->countObjects('sectionref','is_original=1 AND section='.$perm->internal." AND module='".$location->mod."' AND source='".$location->src."'")) {
        				$implicit = true;
        				break;
        			}
        		}*/
    }
    return $implicit || $explicit;
}
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the User Management category
if (!defined('EXPONENT')) {
    exit('');
}
// Sanitize required _GET parameters
$_GET['id'] = intval($_GET['id']);
$memb = $db->selectObject('groupmembership', 'member_id=' . $user->id . ' AND group_id=' . $_GET['id'] . ' AND is_admin=1');
if (exponent_permissions_check('user_management', exponent_core_makeLocation('administrationmodule')) || $memb) {
    $group = $db->selectObject('group', 'id=' . intval($_POST['id']));
    if ($group) {
        $db->delete('groupmembership', 'group_id=' . $group->id);
        $memb = null;
        $memb->group_id = $group->id;
        if ($_POST['membdata'] != "") {
            foreach (explode(',', $_POST['membdata']) as $str) {
                $str = explode(':', $str);
                $memb->member_id = $str[0];
                $memb->is_admin = $str[1];
                $db->insertObject($memb, 'groupmembership');
            }
        }
        exponent_permissions_triggerRefresh();
        exponent_flow_redirect();
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
    exit('');
}
$contact = null;
$iloc = null;
if (isset($_GET['id'])) {
    $contact = $db->selectObject('addressbook_contact', 'id=' . intval($_GET['id']));
    if ($contact) {
        $loc = unserialize($contact->location_data);
        $iloc = exponent_core_makeLocation($loc->mod, $loc->src, $contact->id);
    }
}
// FIXME: Replace with better use of getLocationHierarchy
if ($contact == null && exponent_permissions_check('post', $loc) || $contact != null && exponent_permissions_check('edit', $loc) || $iloc != null && exponent_permissions_check('edit', $iloc)) {
    $form = addressbook_contact::form($contact);
    $form->location($loc);
    $form->meta('action', 'save');
    $template = new template('addressbookmodule', '_form_edit', $loc);
    $template->assign('form_html', $form->toHTML());
    $template->assign('is_edit', $contact == null ? 0 : 1);
    $template->output();
} else {
    echo SITE_403_HTML;
}
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the User Management category
if (!defined('EXPONENT')) {
    exit('');
}
if (exponent_permissions_check('user_management', exponent_core_makeLocation('AdministrationModule'))) {
    exponent_flow_set(SYS_FLOW_PROTECTED, SYS_FLOW_ACTION);
    $db->delete('sessionticket', 'last_active < ' . (time() - SESSION_TIMEOUT));
    if (!defined('SYS_USERS')) {
        require_once BASE . 'subsystems/users.php';
    }
    if (!defined('SYS_DATETIME')) {
        require_once BASE . 'subsystems/datetime.php';
    }
    $sessions = $db->selectObjects('sessionticket');
    for ($i = 0; $i < count($sessions); $i++) {
        $sessions[$i]->user = exponent_users_getUserById($sessions[$i]->uid);
        $sessions[$i]->duration = exponent_datetime_duration($sessions[$i]->last_active, $sessions[$i]->start_time);
    }
    $template = new template('AdministrationModule', '_sessionmanager', $loc);
    $template->assign('sessions', $sessions);
function pathos_core_makeLocation($mod = null, $src = null, $int = null)
{
    return exponent_core_makeLocation($mod, $src, $int);
}
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
    exit('');
}
if (exponent_permissions_check('database', exponent_core_makeLocation('AdministrationModule'))) {
    $exporters = array();
    $idh = opendir(BASE . 'modules/exporter/exporters');
    while (($imp = readdir($idh)) !== false) {
        if (substr($imp, 0, 1) != '.' && is_readable(BASE . 'modules/exporter/exporters/' . $imp . '/start.php') && is_readable(BASE . 'modules/exporter/exporters/' . $imp . '/info.php')) {
            $exporters[$imp] = (include BASE . 'modules/exporter/exporters/' . $imp . '/info.php');
        }
    }
    $template = new template('exporter', '_exporters');
    $template->assign('exporters', $exporters);
    $template->output();
} else {
    echo SITE_403_HTML;
}
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
    exit('');
}
$_GET['id'] = intval($_GET['id']);
$collection = null;
if (isset($_GET['id'])) {
    $collection = $db->selectObject('file_collection', 'id=' . $_GET['id']);
}
$loc = exponent_core_makeLocation('FileManagerModule');
if ($collection) {
    // PERM CHECK
    if (!defined('SYS_FORMS')) {
        require_once BASE . 'subsystems/forms.php';
    }
    exponent_forms_initialize();
    $form = new form();
    $form->meta('module', 'FileManagerModule');
    $form->meta('action', 'save_upload');
    $form->meta('collection_id', $collection->id);
    $form->register('name', 'Name', new textcontrol());
    $form->register('file', 'File', new uploadcontrol());
    $form->register('submit', '', new buttongroupcontrol('Save', '', 'Cancel'));
    echo $form->toHTML();
    // END PERM CHECK
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
    exit('');
}
$loc = exponent_core_makeLocation('sharedcoremodule');
if (exponent_permissions_check('manage_core', $loc) || exponent_permissions_check('manage_site', $loc)) {
    $site = null;
    if (isset($_GET['id'])) {
        $site = $db->selectObject('sharedcore_site', 'id=' . intval($_GET['id']));
    }
    if ($site) {
        if ($site->inactive == 0) {
            $core = $db->selectObject('sharedcore_core', 'id=' . $site->core_id);
            if ($core) {
                if (!defined('SYS_SHAREDCORE')) {
                    include_once BASE . 'subsystems/sharedcore.php';
                }
                exponent_sharedcore_clear($site->path);
                // Not full
                exponent_sharedcore_setup($core, $site);
<?php

##################################################
#
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
    exit('');
}
if (exponent_permissions_check('workflow', exponent_core_makeLocation('administrationmodule'))) {
    $db->switchValues('workflowaction', 'rank', intval($_GET['a']), intval($_GET['b']), "policy_id='" . intval($_GET['policy_id']) . "' AND type=" . $_GET['type']);
    exponent_flow_redirect();
} else {
    echo SITE_403_HTML;
}
 function show($view, $loc = null, $title = '')
 {
     global $db, $user;
     $config = $db->selectObject('newsmodule_config', "location_data='" . serialize($loc) . "'");
     if ($config == null) {
         $config->sortorder = 'ASC';
         $config->sortfield = 'posted';
         $config->item_limit = 10;
     }
     // Check permissions for AP link
     $canviewapproval = false;
     if ($user) {
         $canviewapproval = exponent_permissions_check('approve', $loc) || exponent_permissions_check('manage_approval', $loc);
     }
     if (!$canviewapproval) {
         // still not able to view
         foreach ($db->selectObjects('newsitem', "location_data='" . serialize($loc) . "' AND (publish = 0 or publish <= " . time() . ") AND (unpublish = 0 or unpublish > " . time() . ') AND approved != 0') as $post) {
             if ($user && $user->id == $post->poster) {
                 $canviewapproval = true;
                 break;
             }
         }
     }
     $template = new template('newsmodule', $view, $loc);
     $template->assign('moduletitle', $title);
     $template->register_permissions(array('administrate', 'configure', 'add_item', 'delete_item', 'edit_item', 'manage_approval', 'view_unpublished'), $loc);
     $news = $db->selectObjects('newsitem', "location_data='" . serialize($loc) . "' AND (publish = 0 or publish <= " . time() . ') AND (unpublish = 0 or unpublish > ' . time() . ') AND approved != 0 ORDER BY ' . $config->sortfield . ' ' . $config->sortorder . $db->limit($config->item_limit, 0));
     for ($i = 0; $i < count($news); $i++) {
         $news[$i]->real_posted = $news[$i]->publish != 0 ? $news[$i]->publish : $news[$i]->posted;
         $nloc = exponent_core_makeLocation($loc->mod, $loc->src, $news[$i]->id);
         $news[$i]->permissions = array('edit_item' => exponent_permissions_check('edit_item', $loc) || exponent_permissions_check('edit_item', $nloc) ? 1 : 0, 'delete_item' => exponent_permissions_check('delete_item', $loc) || exponent_permissions_check('delete_item', $nloc) ? 1 : 0, 'administrate' => exponent_permissions_check('administrate', $loc) || exponent_permissions_check('administrate', $nloc) ? 1 : 0);
     }
     // EVIL WORKFLOW
     $in_approval = $db->countObjects('newsitem_wf_info', "location_data='" . serialize($loc) . "'");
     $template->assign('canview_approval_link', $canviewapproval);
     $template->assign('in_approval', $in_approval);
     $template->assign('news', $news);
     $template->assign('morenews', count($news) < $db->countObjects('newsitem', "location_data='" . serialize($loc) . "' AND (publish = 0 or publish <= " . time() . ') AND (unpublish = 0 or unpublish > ' . time() . ') AND approved != 0'));
     $template->output();
 }
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the HTMLArea category
if (!defined('EXPONENT')) {
    exit('');
}
if (exponent_permissions_check('htmlarea', exponent_core_makeLocation('AdministrationModule'))) {
    $config = null;
    if (isset($_POST['id'])) {
        $config = $db->selectObject('toolbar_' . SITE_WYSIWYG_EDITOR, 'id=' . intval($_POST['id']));
    }
    $config->name = $_POST['config_name'];
    $config->data = $_POST['config'];
    if (isset($_POST['config_activate'])) {
        $active = $db->selectObject('toolbar_' . SITE_WYSIWYG_EDITOR, 'active=1');
        $active->active = 0;
        $db->updateObject($active, 'toolbar_' . SITE_WYSIWYG_EDITOR);
        $config->active = 1;
    }
    if (isset($config->id)) {
        $db->updateObject($config, 'toolbar_' . SITE_WYSIWYG_EDITOR);
    } else {
$i18n = exponent_lang_loadFile('modules/formbuilder/actions/save_form.php');
if (!defined('SYS_FORMS')) {
    include_once BASE . 'subsystems/forms.php';
}
exponent_forms_initialize();
$f = null;
if (isset($_POST['id'])) {
    $f = $db->selectObject('formbuilder_form', 'id=' . intval($_POST['id']));
}
if (exponent_permissions_check('editform', unserialize($f->location_data))) {
    $f = formbuilder_form::update($_POST, $f);
    $f->table_name = formbuilder_form::updateTable($f);
    if (isset($f->id)) {
        $db->updateObject($f, 'formbuilder_form');
    } else {
        $f->location_data = serialize(exponent_core_makeLocation($_POST['m'], $_POST['s'], $_POST['i']));
        $f->id = $db->insertObject($f, 'formbuilder_form');
        //Create Default Report;
        $rpt->name = $i18n['default_report'];
        $rpt->description = $i18n['auto_generated'];
        $rpt->location_data = $f->location_data;
        $rpt->text = '';
        $rpt->column_names = '';
        $rpt->form_id = $f->id;
        $db->insertObject($rpt, 'formbuilder_report');
    }
    //Delete All addresses as we will be rebuilding it.
    $db->delete('formbuilder_address', 'form_id=' . $f->id);
    $data->group_id = 0;
    $data->user_id = 0;
    $data->email = '';
 function show($view, $loc, $title = '')
 {
     if (!defined('SYS_FILES')) {
         require_once BASE . 'subsystems/files.php';
     }
     $template = new template('ResourceModule', $view, $loc);
     $directory = 'files/ResourceModule/' . $loc->src;
     if (!file_exists(BASE . $directory)) {
         $err = exponent_files_makeDirectory($directory);
         if ($err != SYS_FILES_SUCCESS) {
             $template->assign('noupload', 1);
             $template->assign('uploadError', $err);
         }
     }
     global $db;
     $location = serialize($loc);
     if (!isset($_SESSION['resource_cache'][$location])) {
         $resources = $db->selectObjects('resourceitem', "location_data='" . serialize($loc) . "'");
         $_SESSION['resource_cache'][$location] = $resources;
     } else {
         $resources = $_SESSION['resource_cache'][$location];
     }
     $iloc = exponent_core_makeLocation($loc->mod, $loc->src);
     for ($i = 0; $i < count($resources); $i++) {
         $iloc->int = $resources[$i]->id;
         $resources[$i]->permissions = array('administrate' => exponent_permissions_check('administrate', $iloc), 'edit' => exponent_permissions_check('edit', $iloc), 'delete' => exponent_permissions_check('delete', $iloc));
     }
     if (!defined('SYS_SORTING')) {
         require_once BASE . 'subsystems/sorting.php';
     }
     usort($resources, 'exponent_sorting_byRankAscending');
     $rfiles = array();
     foreach ($db->selectObjects('file', "directory='{$directory}'") as $file) {
         $file->mimetype = $db->selectObject('mimetype', "mimetype='" . $file->mimetype . "'");
         $rfiles[$file->id] = $file;
     }
     $template->assign('moduletitle', $title);
     $template->assign('resources', $resources);
     $template->assign('files', $rfiles);
     $template->register_permissions(array('administrate', 'configure', 'post', 'edit', 'delete'), $loc);
     $template->output($view);
 }
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
include_once '../../../exponent.php';
$collection = null;
if (isset($_POST['collection_id'])) {
    $collection = $db->selectObject('file_collection', 'id=' . intval($_POST['collection_id']));
} else {
    $collection->id = 0;
    $collection->name = 'Uncategorized Files';
    $collection->description = 'Theses files have not been categorized yet,';
}
$loc = exponent_core_makeLocation('filemanagermodule');
// PERM CHECK
$file = file::update('file', 'files', null);
if (is_object($file)) {
    $file->name = $_POST['name'];
    $file->collection_id = $collection->id;
    $file_id = $db->insertObject($file, 'file');
    header('Location: ' . URL_FULL . 'modules/filemanagermodule/actions/picker.php?id=' . $collection->id . '&highlight_file=' . $file_id);
} else {
    echo $file;
}
// END PERM CHECK
 function canView($section)
 {
     global $db;
     if ($section->public == 0) {
         // Not a public section.  Check permissions.
         return exponent_permissions_check('view', exponent_core_makeLocation('NavigationModule', '', $section->id));
     } else {
         // Is public.  check parents.
         if ($section->parent <= 0) {
             // Out of parents, and since we are still checking, we haven't hit a private section.
             return true;
         } else {
             $s = $db->selectObject('section', 'id=' . $section->parent);
             return NavigationModule::canView($s);
         }
     }
 }
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
    exit('');
}
$t = null;
$loc = exponent_core_makeLocation('htmltemplatemodule');
if (isset($_POST['id'])) {
    $t = $db->selectObject('htmltemplate', 'id=' . intval($_POST['id']));
}
if (!$t && exponent_permissions_check('create', $loc) || $t && exponent_permissions_check('edit', $loc)) {
    $t = htmltemplate::update($_POST, $t);
    if (isset($t->id)) {
        $db->updateObject($t, 'htmltemplate');
    } else {
        $db->insertObject($t, 'htmltemplate');
    }
    exponent_flow_redirect();
} else {
    echo SITE_403_HTML;
}
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
define('SCRIPT_EXP_RELATIVE', '');
define('SCRIPT_FILENAME', 'popup.php');
ob_start();
// Initialize the Exponent Framework
require_once 'exponent.php';
// Initialize the Theme Subsystem
if (!defined('SYS_THEME')) {
    require_once BASE . 'subsystems/theme.php';
}
$loc = exponent_core_makeLocation(isset($_GET['module']) ? $_GET['module'] : '', isset($_GET['src']) ? $_GET['src'] : '', isset($_GET['int']) ? $_GET['int'] : '');
$SYS_FLOW_REDIRECTIONPATH = 'popup';
if (exponent_theme_inAction()) {
    exponent_theme_runAction();
} else {
    if (isset($_GET['module']) && isset($_GET['view'])) {
        exponent_flow_set(SYS_FLOW_PUBLIC, SYS_FLOW_SECTIONAL);
        $mod = new $_GET['module']();
        $mod->show($_GET['view'], $loc, isset($_GET['title']) ? $_GET['title'] : '');
    }
}
$str = ob_get_contents();
ob_end_clean();
$template = new standalonetemplate('popup_' . (isset($_GET['template']) ? $_GET['template'] : 'general'));
$template->assign('output', $str);
$template->output();
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the User Management category
if (!defined('EXPONENT')) {
    exit('');
}
if (isset($_GET['id']) && exponent_permissions_check('user_management', exponent_core_makeLocation('administrationmodule'))) {
    if (!defined('SYS_USERS')) {
        require_once BASE . 'subsystems/users.php';
    }
    $u = exponent_users_getUserById(intval($_GET['id']));
    if ($u) {
        $groups = exponent_users_getAllGroups();
        $admin = array();
        $membership = array();
        foreach ($db->selectObjects('groupmembership', 'member_id=' . $u->id) as $m) {
            $membership[] = $m->group_id;
            if ($m->is_admin == 1) {
                $admin[] = $m->group_id;
            }
        }
        for ($i = 0; $i < count($groups); $i++) {
<?php

##################################################
#
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the Configuration category
if (!defined('EXPONENT')) {
    exit('');
}
if (exponent_permissions_check('configuration', exponent_core_makeLocation('AdministrationModule'))) {
    if (!defined('SYS_CONFIG')) {
        require_once BASE . 'subsystems/config.php';
    }
    exponent_config_deleteProfile($_GET['configname']);
    exponent_flow_redirect();
} else {
    echo SITE_403_HTML;
}
 function show($view, $loc = null, $title = '')
 {
     $template = new template('WeblogModule', $view, $loc);
     global $db;
     global $user;
     $user_id = $user ? $user->id : -1;
     $config = $db->selectObject('WeblogModule_config', "location_data='" . serialize($loc) . "'");
     if ($config == null) {
         $config->allow_comments = 1;
         $config->items_per_page = 10;
     }
     $viewconfig = array('type' => 'default');
     if (is_readable($template->viewdir . "/{$view}.config")) {
         $viewconfig = (include $template->viewdir . "/{$view}.config");
     }
     $where = '(is_draft = 0 OR poster = ' . $user_id . ") AND location_data='" . serialize($loc) . "'";
     if (!exponent_permissions_check('view_private', $loc)) {
         $where .= ' AND is_private = 0';
     }
     if ($viewconfig['type'] == 'monthlist') {
         $months = array();
         $min_date = $db->min('weblog_post', 'posted', 'location_data', $where);
         $max_date = $db->max('weblog_post', 'posted', 'location_data', $where);
         $months = array();
         if (!defined('SYS_DATETIME')) {
             require_once BASE . 'subsystems/datetime.php';
         }
         $start_month = exponent_datetime_startOfMonthTimestamp($min_date);
         $end_month = exponent_datetime_endOfMonthTimestamp($min_date) + 86399;
         do {
             $count = $db->countObjects('weblog_post', $where . ' AND posted >= ' . $start_month . ' AND posted <= ' . $end_month);
             if ($count) {
                 $months[$start_month] = $count;
             }
             $start_month = $end_month + 1;
             $end_month = exponent_datetime_endOfMonthTimestamp($start_month) + 86399;
         } while ($start_month < $max_date);
         $template->assign('months', array_reverse($months, true));
     } else {
         if ($viewconfig['type'] == 'calendar') {
             if (!defined('SYS_DATETIME')) {
                 require_once BASE . 'subsystems/datetime.php';
             }
             $month_days = exponent_datetime_monthlyDaysTimestamp(time());
             for ($i = 0; $i < count($month_days); $i++) {
                 foreach ($month_days[$i] as $mday => $timestamp) {
                     if ($mday > 0) {
                         // Got a valid one.  Go with it.
                         $month_days[$i][$mday] = array('number' => $db->countObjects('weblog_post', $where . ' AND posted >= ' . $timestamp . ' AND posted < ' . strtotime('+1 day', $timestamp)), 'ts' => $timestamp);
                     }
                 }
             }
             $template->assign('days', $month_days);
             $template->assign('now', time());
         } else {
             $total = $db->countObjects('weblog_post', $where);
             $posts = $db->selectObjects('weblog_post', $where . ' ORDER BY posted DESC ' . $db->limit($config->items_per_page, 0));
             if (!defined('SYS_SORTING')) {
                 require_once BASE . 'subsystems/sorting.php';
             }
             for ($i = 0; $i < count($posts); $i++) {
                 $ploc = exponent_core_makeLocation($loc->mod, $loc->src, $posts[$i]->id);
                 $posts[$i]->permissions = array('administrate' => exponent_permissions_check('administrate', $ploc), 'edit' => exponent_permissions_check('edit', $ploc), 'delete' => exponent_permissions_check('delete', $ploc), 'comment' => exponent_permissions_check('comment', $ploc), 'edit_comments' => exponent_permissions_check('edit_comments', $ploc), 'delete_comments' => exponent_permissions_check('delete_comments', $ploc), 'view_private' => exponent_permissions_check('view_private', $ploc));
                 $comments = $db->selectObjects('weblog_comment', 'parent_id=' . $posts[$i]->id);
                 usort($comments, 'exponent_sorting_byPostedDescending');
                 $posts[$i]->comments = $comments;
             }
             usort($posts, 'exponent_sorting_byPostedDescending');
             $template->assign('posts', $posts);
             $template->assign('total_posts', $total);
         }
     }
     $template->register_permissions(array('administrate', 'configure', 'post', 'edit', 'delete', 'comment', 'edit_comments', 'delete_comments', 'view_private'), $loc);
     $template->assign('config', $config);
     $template->assign('moduletitle', $title);
     $template->output();
 }
<?php

##################################################
#
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the Administration Control Panel : Files Subsystem category
if (!defined('EXPONENT')) {
    exit('');
}
if (exponent_permissions_check('files_subsystem', exponent_core_makeLocation('AdministrationModule'))) {
    exponent_flow_set(SYS_FLOW_PROTECTED, SYS_FLOW_ACTION);
    $template = new template('filemanager', '_mimetypes', $loc);
    $template->assign('types', $db->selectObjects('mimetype'));
    $template->output();
} else {
    echo SITE_403_HTML;
}
if ($config == null) {
    $config->allow_comments = 1;
    $config->items_per_page = 10;
}
if (isset($_GET['single'])) {
    $config->items_per_page = 1;
}
$where = "location_data='" . serialize($loc) . "' AND (is_draft = 0 OR poster = " . ($user ? $user->id : -1) . ")";
if (!exponent_permissions_check('view_private', $loc)) {
    $where .= ' AND is_private = 0';
}
$total = $db->countObjects('weblog_post', $where);
$posts = $db->selectObjects('weblog_post', $where . ' ORDER BY posted DESC ' . $db->limit($config->items_per_page, $_GET['page'] * $config->items_per_page));
if (!defined('SYS_SORTING')) {
    require_once BASE . 'subsystems/sorting.php';
}
for ($i = 0; $i < count($posts); $i++) {
    $ploc = exponent_core_makeLocation($loc->mod, $loc->src, $posts[$i]->id);
    $posts[$i]->permissions = array('administrate' => exponent_permissions_check('administrate', $ploc), 'edit' => exponent_permissions_check('edit', $ploc), 'delete' => exponent_permissions_check('delete', $ploc), 'comment' => exponent_permissions_check('comment', $ploc), 'edit_comments' => exponent_permissions_check('edit_comments', $ploc), 'delete_comments' => exponent_permissions_check('delete_comments', $ploc), 'view_private' => exponent_permissions_check('view_private', $ploc));
    $comments = $db->selectObjects('weblog_comment', 'parent_id=' . $posts[$i]->id);
    usort($comments, 'exponent_sorting_byPostedDescending');
    $posts[$i]->comments = $comments;
}
usort($posts, 'exponent_sorting_byPostedDescending');
$template->assign('posts', $posts);
$template->assign('total_posts', $total);
$template->assign('shownext', ($_GET['page'] + 1) * $config->items_per_page < $total);
$template->assign('page', $_GET['page']);
$template->register_permissions(array('administrate', 'configure', 'post', 'edit', 'delete', 'comment', 'edit_comments', 'delete_comments', 'view_private'), $loc);
$template->assign('config', $config);
$template->output();
    exit('');
}
$check_id = -1;
$section = null;
$old_parent = null;
if (isset($_POST['id'])) {
    // Saving an existing content page.  Read it from the database.
    $section = $db->selectObject('section', 'id=' . intval($_POST['id']));
    if ($section) {
        $old_parent = $section->parent;
        $check_id = $section->id;
    }
} else {
    $check_id = $_POST['parent'];
}
if ($check_id != -1 && exponent_permissions_check('manage', exponent_core_makeLocation('NavigationModule', '', $check_id))) {
    $i18n = exponent_lang_loadFile('modules/NavigationModule/actions/save_internalalias.php');
    // Update the section from the _POST data.
    $section = section::updateInternalAlias($_POST, $section);
    if ($section->active == 0) {
        // User tried to link to an inactive section.  This makes little or no sense in
        // this context, so throw them back to the edit form, with an error message.
        $_POST['_formError'] = $i18n['internal_link_err'];
        exponent_sessions_set('last_POST', $_POST);
        header('Location: ' . $_SERVER['HTTP_REFERER']);
        exit('');
    }
    if (isset($section->id)) {
        if ($section->parent != $old_parent) {
            // Old_parent id was different than the new parent id.  Need to decrement the ranks
            // of the old children (after ours), and then add
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the Administration Control Panel : Extensions category
if (!defined('EXPONENT')) {
    exit('');
}
if (exponent_permissions_check('extensions', exponent_core_makeLocation('administrationmodule'))) {
    if (!defined('SYS_INFO')) {
        require_once BASE . 'subsystems/info.php';
    }
    $files = exponent_info_files($_GET['type'], $_GET['name']);
    if (is_array($files)) {
        ksort($files);
    }
    $template = new template('info', '_checksums', $loc);
    if (is_array($files)) {
        $actual = exponent_info_fileChecksums($files);
        foreach (array_keys($files) as $f) {
            if (is_int($files[$f])) {
                $files[$f] = "";
            }
        }
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
    exit('');
}
if (exponent_permissions_check('manage_core', exponent_core_makeLocation('sharedcoremodule'))) {
    $core = null;
    if (isset($_GET['id'])) {
        $core = $db->selectObject('sharedcore_core', 'id=' . intval($_GET['id']));
    }
    if ($core) {
        $db->delete('sharedcore_core', 'id=' . $core->id);
        if (!defined('SYS_SHAREDCORE')) {
            include_once BASE . 'subsystems/sharedcore.php';
        }
        foreach ($db->selectObjects('sharedcore_site', 'core_id=' . $core->id) as $site) {
            $db->delete('sharedcore_extension', 'site_id=' . $site->id);
            exponent_sharedcore_clear($site->path, true);
        }
        $db->delete('sharedcore_site', 'core_id=' . $core->id);
        exponent_flow_redirect();
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined("EXPONENT")) {
    exit("");
}
$item = null;
$iloc = null;
if (isset($_POST['id'])) {
    $item = $db->selectObject("calendar", "id=" . intval($_POST['id']));
    $loc = unserialize($item->location_data);
    $iloc = exponent_core_makeLocation($loc->mod, $loc->src, $item->id);
}
if ($item == null && exponent_permissions_check("post", $loc) || $item != null && exponent_permissions_check("edit", $loc) || $iloc != null && exponent_permissions_check("edit", $iloc)) {
    $item = calendar::update($_POST, $item);
    $item->location_data = serialize($loc);
    if (isset($_POST['category'])) {
        $item->category_id = $_POST['category'];
    } else {
        $item->category_id = 0;
    }
    //Check to see if the feedback form is enabled and/or being used for this event.
    if (isset($_POST['feedback_form'])) {
        $item->feedback_form = $_POST['feedback_form'];
        $item->feedback_email = $_POST['feedback_email'];
    } else {
        $item->feedback_form = "";