function save() { $tpl = new templates(); $users = new user($_GET["login"]); if ($users->password != null) { writelogs("User already exists {$_GET["login"]} ", __FUNCTION__, __FILE__); echo $tpl->_ENGINE_parse_body('{account_already_exists}'); exit; } $ou = $_REQUEST["ou"]; $password = $_REQUEST["password"]; writelogs("Add new user {$_REQUEST["login"]} {$_REQUEST["ou"]} {$_REQUEST["gpid"]}", __FUNCTION__, __FILE__); $users->ou = $_REQUEST["ou"]; $users->password = $_REQUEST["password"]; $users->mail = "{$_REQUEST["email"]}@{$_REQUEST["internet_domain"]}"; $users->DisplayName = "{$_REQUEST["firstname"]} {$_REQUEST["lastname"]}"; $users->givenName = $_REQUEST["firstname"]; $users->sn = $_REQUEST["lastname"]; $users->group_id = $_REQUEST["gpid"]; if (is_numeric($_REQUEST["gpid"])) { $gp = new groups($_REQUEST["gpid"]); writelogs("privileges: {$_REQUEST["gpid"]} -> AsComplexPassword = \"{$gp->Privileges_array["AsComplexPassword"]}\"", __FUNCTION__, __FILE__, __LINE__); if ($gp->Privileges_array["AsComplexPassword"] == "yes") { $ldap = new clladp(); $hash = $ldap->OUDatas($ou); $privs = $ldap->_ParsePrivieleges($hash["ArticaGroupPrivileges"], array(), true); $policiespwd = unserialize(base64_decode($privs["PasswdPolicy"])); if (is_array($policiespwd)) { $priv = new privileges(); if (!$priv->PolicyPassword($password, $policiespwd)) { return false; } } } return false; } $users->add_user(); }
function create_user($filename) { $tpl = new templates(); $unix = new unix(); $nohup = null; $path = "/usr/share/artica-postfix/ressources/logs/web/create-users/{$filename}"; echo "Path:{$path}\n"; build_progress("Open {$filename}", 10); if (!is_file($path)) { echo "{$path} no such file...\n"; return false; } $MAIN = unserialize(base64_decode(@file_get_contents($path))); build_progress("Create new member {$MAIN["login"]}", 15); $users = new user($MAIN["login"]); if ($users->password != null) { echo "User already exists {$MAIN["login"]}\n"; build_progress("{account_already_exists}", 110); @unlink($path); return; } $ou = $MAIN["ou"]; $password = url_decode_special_tool($MAIN["password"]); $MAIN["firstname"] = url_decode_special_tool($MAIN["firstname"]); $MAIN["lastname"] = url_decode_special_tool($MAIN["lastname"]); build_progress("{$MAIN["firstname"]} {$MAIN["lastname"]}", 20); if (trim($MAIN["internet_domain"]) == null) { $MAIN["internet_domain"] = "localhost.localdomain"; } echo "Add new user {$MAIN["login"]} {$MAIN["ou"]} {$MAIN["gpid"]}\n"; $users->ou = $MAIN["ou"]; $users->password = url_decode_special_tool($MAIN["password"]); $users->mail = "{$MAIN["email"]}@{$MAIN["internet_domain"]}"; $users->DisplayName = "{$MAIN["firstname"]} {$MAIN["lastname"]}"; $users->givenName = $MAIN["firstname"]; $users->sn = $MAIN["lastname"]; $users->group_id = $MAIN["gpid"]; $users->homeDirectory = "/home/{$MAIN["login"]}"; if (is_numeric($MAIN["gpid"])) { $gp = new groups($MAIN["gpid"]); echo "privileges: {$MAIN["gpid"]} -> AsComplexPassword = \"{$gp->Privileges_array["AsComplexPassword"]}\"\n"; if ($gp->Privileges_array["AsComplexPassword"] == "yes") { $ldap = new clladp(); $hash = $ldap->OUDatas($ou); $privs = $ldap->_ParsePrivieleges($hash["ArticaGroupPrivileges"], array(), true); $policiespwd = unserialize(base64_decode($privs["PasswdPolicy"])); if (is_array($policiespwd)) { $priv = new privileges(); if (!$priv->PolicyPassword($password, $policiespwd)) { build_progress("Need complex password", 110); echo "Need complex password"; @unlink($path); return; } } } } build_progress("{$MAIN["firstname"]} {$MAIN["lastname"]} {save}", 25); if (!$users->add_user()) { echo $users->error . "\n" . $users->ldap_error; build_progress("{failed}", 110); @unlink($path); return; } @mkdir("{$users->homeDirectory}"); @chown("{$users->homeDirectory}", $users->uid); if ($MAIN["ByZarafa"] == "yes") { $terminated = " >/dev/null"; $zarafa_admin = $unix->find_program("zarafa-admin"); if (!$GLOBALS["WAIT"]) { $nohup = $unix->find_program("nohup"); $terminated = null; } if (isset($MAIN["ZARAFA_LANG"])) { $users->SaveZarafaMbxLang($MAIN["ZARAFA_LANG"]); $langcmd = " --lang {$MAIN["ZARAFA_LANG"]} "; } $ldap = new clladp(); $dn = "ou={$MAIN["ou"]},dc=organizations,{$ldap->suffix}"; $upd["objectClass"] = "zarafa-company"; $upd["cn"] = $MAIN["ou"]; if (!$ldap->Ldap_add_mod("{$dn}", $upd)) { echo $ldap->ldap_last_error; build_progress("{failed} OpenLDAP Error", 110); @unlink($path); return; } build_progress("{create_store} {language}: {$MAIN["ZARAFA_LANG"]}", 30); $cmd = "{$nohup} {$zarafa_admin} {$langcmd}--create-store {$MAIN["login"]} >/dev/null 2>&1 &"; system(trim($cmd)); if (!$GLOBALS["WAIT"]) { $sock = new sockets(); $sock->getFrameWork("cmd.php?zarafa-hash=yes&rebuild=yes"); return; } @unlink("/usr/share/artica-postfix/ressources/databases/ZARAFA_DB_STATUS.db"); @unlink("/etc/artica-postfix/zarafa-export.db"); $cmd = LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.zarafa.build.stores.php --export-hash"; build_progress("{export_stores_data}", 35); echo "{$cmd}\n"; system($cmd); } echo "Remove {$path}\n"; @unlink($path); return true; }
function USER_ADD() { $userid = $_REQUEST["new_userid"]; $password = $_REQUEST["password"]; $group_id = $_REQUEST["group_id"]; if (isset($_GET["encpass"])) { $password = url_decode_special_tool($password); } $ou = $_REQUEST["ou"]; $tpl = new templates(); if (preg_match("#(.+?)@(.+)#", $_REQUEST["email"], $re)) { $_REQUEST["user_domain"] = $re[2]; $_REQUEST["email"] = $re[1]; } $email = $_REQUEST["email"] . "@" . $_REQUEST["user_domain"]; $email = strtolower($email); $user = new usersMenus(); if ($user->EnableVirtualDomainsInMailBoxes == 1) { writelogs("Adding change {$userid} to \"{$email}\" in group {$group_id}", __FUNCTION__, __FILE__, __LINE__); $userid = $email; } if (is_numeric($group_id)) { $gp = new groups($group_id); writelogs("privileges: {$group_id} -> AsComplexPassword = \"{$gp->Privileges_array["AsComplexPassword"]}\"", __FUNCTION__, __FILE__, __LINE__); if ($gp->Privileges_array["AsComplexPassword"] == "yes") { $ldap = new clladp(); $hash = $ldap->OUDatas($ou); $privs = $ldap->_ParsePrivieleges($hash["ArticaGroupPrivileges"], array(), true); $policiespwd = unserialize(base64_decode($privs["PasswdPolicy"])); if (is_array($policiespwd)) { $priv = new privileges(); if (!$priv->PolicyPassword($password, $policiespwd)) { return false; } } } else { writelogs("privileges: {$group_id} -> AsComplexPassword = \"No\" -> continue", __FUNCTION__, __FILE__, __LINE__); } } $users = new user($userid); if ($users->UserExists) { echo $tpl->javascript_parse_text('ERROR: {account_already_exists}'); return false; } writelogs("Adding {$userid} in group {$group_id}", __FUNCTION__, __FILE__, __LINE__); $email = $_REQUEST["email"] . "@" . $_REQUEST["user_domain"]; if ($ou == null) { echo html_entity_decode($tpl->javascript_parse_text('ERROR:{error_no_ou}')); exit; } if ($userid == null) { echo html_entity_decode($tpl->javascript_parse_text('ERROR:{error_no_userid}')); exit; } if ($password == null) { echo html_entity_decode($tpl->javascript_parse_text('ERROR:{error_no_password}')); exit; } if ($email == null) { echo html_entity_decode($tpl->javascript_parse_text('ERROR:{error_no_email}')); exit; } $ldap = new clladp(); if (!is_numeric($group_id)) { writelogs("Groupid is not numeric", __FUNCTION__, __FILE__, __LINE__); $default_dn_group = "cn=nogroup,ou={$ou},dc=organizations,{$ldap->suffix}"; if (!$ldap->ExistsDN($default_dn_group)) { $ldap->AddGroup("nogroup", $ou); } $group_id = $ldap->GroupIDFromName($ou, "nogroup"); if (!is_numeric($group_id)) { $group_id = 0; } } $emT = explode('@', $email); //Verify domains --------------------------------------------------------------- 2008 10 05,P3 $hash_domains_table = $ldap->hash_get_domains_ou($ou); if (!isset($hash_domains_table[$_REQUEST["user_domain"]])) { writelogs("{$userid} have no domains", __FUNCTION__, __FILE__, __LINE__); writelogs("Create a new local domain by default", __FUNCTION__, __FILE__, __LINE__); $ldap->AddDomainEntity($ou, $_REQUEST["user_domain"]); } //------------------------------------------------------------------------------ $domains = $ldap->domains_get_locals_domains($ou); $dn = "cn={$userid},ou={$ou},dc=organizations,{$ldap->suffix}"; if ($ldap->ExistsDN($dn)) { writelogs("{$userid} ({$dn}) already exists", __FUNCTION__, __FILE__, __LINE__); echo $userid; exit; } $users = new user($userid); $users->mail = $email; $users->accountGroup = $group_id; $users->domainname = $_REQUEST["user_domain"]; if ($password != null) { $users->password = $password; } $users->ou = $ou; if ($domains[$_REQUEST["user_domain"]] == true) { $upd = array(); writelogs("is a local domain {$_REQUEST["user_domain"]}={$domains[$_REQUEST["user_domain"]]}", __FUNCTION__, __FILE__, __LINE__); $upd["ObjectClass"][] = 'ArticaSettings'; $users->MailboxActive = "TRUE"; } if (!$users->add_user()) { echo "ERROR: add_user(): " . $users->ldap_error . "\n" . basename(__FILE__) . "\nLine:" . __LINE__; exit; } writelogs("Success adding user, now, add user {$users->uid} to group {$group_id} ", __FUNCTION__, __FILE__, __LINE__); if ($group_id > 0) { $ldap->AddUserToGroup($group_id, $users->uid); } echo $users->uid; }
function checklogon($Aspost = false) { include_once dirname(__FILE__) . "/ressources/class.user.inc"; include "ressources/settings.inc"; $username = $_POST["username"]; $_POST["password"] = url_decode_special_tool($_POST["password"]); $password = trim($_POST["password"]); $users = new usersMenus(); if ($users->WEBSTATS_APPLIANCE) { $users->SQUID_INSTALLED = true; } //echo $username."\n$password\n"; if ($password == null) { if ($Aspost) { MainPage("Bad password"); return; } echo "Bad password"; return; } if (trim(strtolower($username)) == trim(strtolower($_GLOBAL["ldap_admin"]))) { $passwordMD = md5(trim($_GLOBAL["ldap_password"])); if ($password == $passwordMD) { $_SESSION["uid"] = '-100'; $_SESSION["groupid"] = '-100'; $_SESSION["passwd"] = $_GLOBAL["ldap_password"]; $_SESSION["CORP"] = $users->CORP_LICENSE; $_SESSION["privileges"]["ArticaGroupPrivileges"] = ' [AllowAddGroup]="yes" [AllowAddUsers]="yes" [AllowChangeKav]="yes" [AllowChangeKas]="yes" [AllowChangeUserPassword]="yes" [AllowEditAliases]="yes" [AllowEditAsWbl]="yes" [AsSystemAdministrator]="yes" [AsPostfixAdministrator]="yes" [AsArticaAdministrator]="yes"'; $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}"; $_SESSION["AsWebStatisticsAdministrator"] = true; if ($Aspost) { header("location:miniadm.index.php"); return; } return; } } if ($users->SQUID_INSTALLED) { $q = new mysql_squid_builder(); $passwordMD = md5($password); $sql = "SELECT webfilters_sqitems.gpid AS maingpid\n\t\t\tFROM webfilters_sqacllinks, webfilters_sqgroups, webfilters_sqitems, webfilters_sqacls\n\t\t\tWHERE webfilters_sqacllinks.gpid = webfilters_sqgroups.ID\n\t\t\tAND webfilters_sqacllinks.aclid = webfilters_sqacls.ID\n\t\t\tAND webfilters_sqgroups.ID = webfilters_sqitems.gpid\n\t\t\tAND webfilters_sqacls.enabled =1\n\t\t\tAND webfilters_sqgroups.enabled =1\n\t\t\tAND webfilters_sqitems.enabled =1\n\t\t\tAND webfilters_sqgroups.GroupType = 'dynamic_acls'\n\t\t\tAND webfilters_sqitems.pattern = '{$username}:{$passwordMD}'"; $results = $q->QUERY_SQL($sql); if (!$q->mysql_error) { echo $q->mysql_error; } $CountDerules = mysql_num_rows($results); writelogs("{$username}::webfilters_sqitems:: {$CountDerules} rules", __FUNCTION__, __FILE__, __LINE__); if ($CountDerules > 0) { writelogs("{$username}::webfilters_sqitems:: Building rules....", __FUNCTION__, __FILE__, __LINE__); while ($ligne = mysql_fetch_assoc($results)) { $_SESSION["SQUID_DYNAMIC_ACLS_VIRTUALS"][$ligne["maingpid"]] = true; } $_SESSION["InterfaceType"] = "{ARTICA_MINIADM}"; $_SESSION["VirtAclUser"] = true; $_SESSION["ou"] = "Proxy Service"; $_SESSION["CORP"] = $users->CORP_LICENSE; setcookie("mem-logon-user", $_POST["username-logon"], time() + 172800); $_SESSION["privileges_array"] = $privs->privs; $_SESSION["uid"] = $username; $_SESSION["privileges"]["ArticaGroupPrivileges"] = array(); BuildSession($username); if ($Aspost) { header("location:miniadm.index.php"); return; } return; } } writelogs("{$username}:: Continue, processing....", __FUNCTION__, __FILE__, __LINE__); $ldap = new clladp(); $IsKerbAuth = $ldap->IsKerbAuth(); writelogs("{$username}:: Is AD -> {$IsKerbAuth}", __FUNCTION__, __FILE__, __LINE__); if ($ldap->IsKerbAuth()) { $external_ad_search = new external_ad_search(); if ($external_ad_search->CheckUserAuth($username, $password)) { $users = new usersMenus(); $privs = new privileges($_POST["username-logon"]); $privileges_array = $privs->privs; $_SESSION["InterfaceType"] = "{ARTICA_MINIADM}"; $_SESSION["VirtAclUser"] = false; setcookie("mem-logon-user", $_POST["username-logon"], time() + 172800); $_SESSION["privileges_array"] = $privs->privs; $_SESSION["uid"] = $_POST["username-logon"]; $_SESSION["passwd"] = $_POST["username-logon"]; $_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content; BuildSession($username); if ($Aspost) { header("location:miniadm.index.php"); return; } return; } writelogs("{$username}:: Checks Active Directory failed, continue processing...", __FUNCTION__, __FILE__, __LINE__); } writelogs("{$username}:: Continue, processing....", __FUNCTION__, __FILE__, __LINE__); $q = new mysql(); $sql = "SELECT `username`,`value`,id FROM radcheck WHERE `username`='{$username}' AND `attribute`='Cleartext-Password' LIMIT 0,1"; writelogs("{$username}:: Is a RADIUS users \"{$sql}\"", __FUNCTION__, __FILE__, __LINE__); $ligne = mysql_fetch_array($q->QUERY_SQL($sql, "artica_backup")); if (!is_numeric($ligne["id"])) { $ligne["id"] = 0; } if (!$q->ok) { writelogs("{$username}:: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__); } writelogs("{$username}:: {$password} <> " . md5($ligne["value"]), __FUNCTION__, __FILE__, __LINE__); if ($ligne["id"] > 0) { $checkRadiusPass = false; if (md5($ligne["value"]) == $password) { writelogs("{$username}:: RADIUS Password true for no MD5", __FUNCTION__, __FILE__, __LINE__); $checkRadiusPass = true; } if (md5($ligne["value"]) == $passwordMD) { writelogs("{$username}:: RADIUS Password true for yes MD5", __FUNCTION__, __FILE__, __LINE__); $checkRadiusPass = true; } if ($checkRadiusPass) { writelogs("{$username}:: Authenticated as a RADIUS users id={$ligne["id"]}", __FUNCTION__, __FILE__, __LINE__); $privs = new privileges($_POST["username-logon"], null, $ligne["id"]); $privileges_array = $privs->privs; $_SESSION["CORP"] = $users->CORP_LICENSE; $_SESSION["InterfaceType"] = "{ARTICA_MINIADM}"; setcookie("mem-logon-user", $username, time() + 172800); $_SESSION["privileges_array"] = $privs->privs; while (list($key, $val) = each($_SESSION["privileges_array"])) { if (!isset($_SESSION[$key])) { $_SESSION[$key] = $val; } } reset($_SESSION["privileges_array"]); $_SESSION["uid"] = $username; $_SESSION["RADIUS_ID"] = $ligne["id"]; BuildSession($username); if ($Aspost) { header("location:miniadm.index.php"); return; } return; } } writelogs("{$username}::Finally Is LOCAL LDAP ? -> {$IsKerbAuth}", __FUNCTION__, __FILE__, __LINE__); $u = new user($username); $tpl = new templates(); $userPassword = $u->password; if (trim($u->uidNumber) == null) { writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__); if ($Aspost) { MainPage("Unknown user (" . __LINE__ . ")"); return; } echo "Unknown user (" . __LINE__ . ")"; die; } writelogs("{$username}:: Password match ? Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__); if ($Aspost) { if (trim($password) != trim($userPassword)) { writelogs("{$username}:: Password match NO Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__); MainPage("Bad password (" . __LINE__ . ")"); return; } } if (!$Aspost) { if (trim($password) != md5(trim($userPassword))) { writelogs("{$username}:: Password match NO Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__); writelogs("[{$_POST["username"]}]: The password typed is not the same in ldap database...", __FUNCTION__, __FILE__); artica_mysql_events("Failed to logon on the management console as user `{$username}` from {$_SERVER["REMOTE_HOST"]} (bad password)", @implode("\n", $notice), "security", "security"); if ($Aspost) { MainPage("Bad password (" . __LINE__ . ")"); return; } echo "Error: (" . __LINE__ . ") bad password"; return null; } } writelogs("{$username}:: Password match YES Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__); $ldap = new clladp(); $users = new usersMenus(); $_SESSION["CORP"] = $users->CORP_LICENSE; $privs = new privileges($u->uid); $privs->SearchPrivileges(); $privileges_array = $privs->privs; $_SESSION["VirtAclUser"] = false; $_SESSION["privileges_array"] = $privs->privs; $_SESSION["privs"] = $privileges_array; if (isset($privileges_array["ForceLanguageUsers"])) { $_SESSION["OU_LANG"] = $privileges_array["ForceLanguageUsers"]; } $_SESSION["uid"] = $username; $_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content; $_SESSION["groupid"] = $ldap->UserGetGroups($_POST["username"], 1); $_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled; $_SESSION["MailboxActive"] = $u->MailboxActive; $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}"; $_SESSION["ou"] = $u->ou; $_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas); include_once dirname(__FILE__) . "/ressources/class.translate.rights.inc"; $cr = new TranslateRights(null, null); $r = $cr->GetPrivsArray(); while (list($key, $val) = each($r)) { if ($users->{$key}) { $_SESSION[$key] = $users->{$key}; } } if (is_array($_SESSION["privs"])) { $r = $_SESSION["privs"]; while (list($key, $val) = each($r)) { $t[$key] = $val; $_SESSION[$key] = $val; } } if (!isset($_SESSION["OU_LANG"])) { $_SESSION["OU_LANG"] = null; } if (!isset($_SESSION["ASDCHPAdmin"])) { $_SESSION["ASDCHPAdmin"] = false; } if (trim($_SESSION["OU_LANG"]) != null) { $_SESSION["detected_lang"] = $_SESSION["OU_LANG"]; } else { include_once dirname(__FILE__) . "/ressources/class.langages.inc"; $lang = new articaLang(); $_SESSION["detected_lang"] = $lang->get_languages(); } if (isset($GLOBALS["FixedLanguage"])) { $sock = new sockets(); $GLOBALS["FixedLanguage"] = $sock->GET_INFO("FixedLanguage"); } if (trim($GLOBALS["FixedLanguage"]) != null) { $_SESSION["detected_lang"] = $GLOBALS["FixedLanguage"]; } if ($Aspost) { header("location:miniadm.index.php"); return; } }
/** * @return string * @desc Create the HTML body of the Media Manager. * @access public */ function createMediaEditForm($option, $page, $Itemid, $catid, $backend, $PageNo = 1) { global $mosConfig_live_site, $mosConfig_absolute_path; $this->createCheckAllScript(); $i = 0; $this->_counter = 0; $table_class = ""; $header_class = " class=\"sectiontableheader\""; if ($this->_isBackend) { $table_class = " class=\"adminlist\""; $header_class = ""; $this->_tabclass = array("row0", "row1"); } $i = 1; $startRow = 0; $PageSize = empty($_SESSION['zoom_mediapp']) ? 10 : $_SESSION['zoom_mediapp']; //Set the page no $startRow = ($PageNo - 1) * $PageSize; //Total of record $RecordCount = $this->_gallery->getNumOfImages(); //Number of files in gallery $endRow = $startRow + $PageSize - 1; // subtract one or it's one more than requested if ($endRow >= $RecordCount) { $endRow = $RecordCount - 1; } //Set Maximum Page $MaxPage = ceil($RecordCount % $PageSize); if ($RecordCount % $PageSize == 0) { $MaxPage = ceil($RecordCount / $PageSize); } else { $MaxPage = ceil($RecordCount / $PageSize); } //Set the counter start $CounterStart = 1; //Counter End $CounterEnd = $MaxPage; ?> <table width="80%" border="0" cellpadding="0" cellspacing="0"> <tr> <td align="center" width="50%"> <?php $c = 0; //Print Page No for ($c = $CounterStart; $c <= $CounterEnd; $c++) { if ($c < $MaxPage) { if ($c == $PageNo) { if ($c % $RecordCount == 0) { echo "<u><strong>{$c}</strong></u> "; } else { echo "<u><strong>{$c}</strong></u> | "; } } elseif ($c % $RecordCount == 0) { echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> "; } else { echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> | "; } //END IF } else { if ($PageNo == $MaxPage) { echo "<u><strong>{$c}</strong></u> "; } else { echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> "; } } } echo $this->createMediaPPDropdown($PageSize); ?> </td> <?php if (!$this->_isBackend) { ?> <td align="right"> <div align="right"> <?php if ($this->_isAdmin || $this->privileges->hasPrivilege('priv_upload')) { ?> <a href="<?php echo $this->_isBackend ? "index" . $backend . ".php?option=com_zoom&page=upload&return=mediamgr&catid=" . $catid . "&Itemid=" . $Itemid . "&PageNo=" . $PageNo : sefReltoAbs("index.php?option=com_zoom&page=upload&return=mediamgr&catid=" . $catid . "&Itemid=" . $Itemid . "&PageNo=" . $PageNo); ?> " onmouseover="return overlib('<?php echo _ZOOM_UPLOAD; ?> ');" onmouseout="return nd();"><img src="<?php echo $mosConfig_live_site; ?> /components/com_zoom/www/images/admin/new.png" alt="" border="0" onmouseover="MM_swapImage('new','','<?php echo $mosConfig_live_site; ?> /components/com_zoom/www/images/admin/new_f2.png',1);" onmouseout="MM_swapImgRestore();" name="new" /></a> <?php } if ($this->_isAdmin || $this->privileges->hasPrivilege('priv_editmedium')) { ?> <a href="javascript:submitbutton('edtimg');" onmouseover="return overlib('<?php echo _ZOOM_BUTTON_EDIT; ?> ');" onmouseout="return nd();"><img src="<?php echo $mosConfig_live_site; ?> /components/com_zoom/www/images/admin/edit.png" alt="" border="0" onmouseover="MM_swapImage('edit','','<?php echo $mosConfig_live_site; ?> /components/com_zoom/www/images/admin/edit_f2.png',1);" onmouseout="MM_swapImgRestore();" name="edit" /></a> <?php } if ($this->_isAdmin) { ?> <a href="javascript:submitbutton('move');" onmouseover="return overlib('<?php echo _ZOOM_MOVEFILES; ?> ');" onmouseout="return nd();"><img src="<?php echo $mosConfig_live_site; ?> /components/com_zoom/www/images/admin/move.png" alt="" border="0" onmouseover="MM_swapImage('movefiles','','<?php echo $mosConfig_live_site; ?> /components/com_zoom/www/images/admin/move_f2.png',1);" onmouseout="MM_swapImgRestore();" name="movefiles" /></a> <?php } if ($this->_isAdmin || $this->privileges->hasPrivilege('priv_delmedium')) { ?> <a href="javascript:submitbutton('delete');" onmouseover="return overlib('<?php echo _ZOOM_DELETE; ?> ');" onmouseout="return nd();"><img src="<?php echo $mosConfig_live_site; ?> /components/com_zoom/www/images/admin/delete.png" alt="" border="0" onmouseover="MM_swapImage('delete','','<?php echo $mosConfig_live_site; ?> /components/com_zoom/www/images/admin/delete_f2.png',1);" onmouseout="MM_swapImgRestore();" name="delete" /></a> <?php } ?> </div> </td> <?php } ?> </tr> </table> <form name="mediamgr" action="<?php echo $this->_isBackend ? "index2.php?option=com_zoom&page=mediamgr&Itemid=" . $Itemid : sefReltoAbs("index.php?option=com_zoom&page=mediamgr&Itemid=" . $Itemid); ?> " method="post"> <input type="hidden" name="task" value="" /> <input type="hidden" name="return" value="mediamgr" /> <input type="hidden" name="catid" value="<?php echo $this->_gallery->_id; ?> " /> <input type="hidden" name="mediapp" value="" /> <input type="hidden" name="PageNo" value="<?php echo $PageNo; ?> " /> <table width="80%" border="0" cellspacing="0" cellpadding="0"> <tr> <td align="center"> <div align="center"> <?php echo "\t\t\t<table cellpadding=\"3\" cellspacing=\"0\" border=\"0\" width=\"100%\"{$table_class}>\n" . "\t\t\t<tr{$header_class}>\n" . "\t\t\t\t<th width=\"50\"> </th>\n" . "\t\t\t\t<th align=\"left\">" . _ZOOM_NAME . "</th>\n" . "\t\t\t\t<th align=\"left\">" . _ZOOM_FILENAME . "</th>\n" . "\t\t\t\t<th align=\"left\">" . _ZOOM_HD_PREVIEW . "</th>\n" . "\t\t\t</tr>\n"; if ($this->privileges->hasPrivilege('priv_editmedium') | $this->privileges->hasPrivilege('priv_delmedium') || $this->_isAdmin) { for ($counter = $startRow; $counter <= $endRow; $counter++) { $image = $this->_gallery->_images[$counter]; $i++; $image->getInfo(); $bgcolor = $i & 1 ? $this->_tabclass[1] : $this->_tabclass[0]; if ($this->_isAdmin || $this->privileges->hasPrivilege('priv_editmedium')) { if ($this->_isBackend) { $edit_link = "index2.php?option=com_zoom&page=mediamgr&task=edtimg&catid=" . $image->_catid . "&key=" . $counter . "&Itemid=" . $Itemid . "&PageNo=" . $PageNo; } else { $edit_link = sefReltoAbs("index.php?option=com_zoom&page=mediamgr&task=edtimg&catid=" . $image->_catid . "&key=" . $counter . "&Itemid=" . $Itemid . "&PageNo=" . $PageNo); } } else { $edit_link = "javascript:void(0);"; } echo "\t\t\t<tr class=\"" . $bgcolor . "\">\n" . "\t\t\t\t<td align=\"center\" width=\"10\"><input type=\"checkbox\" name=\"keys[]\" value=\"" . $counter . "\" id=\"mediumno_{$i}\" /></td>\n" . "\t\t\t\t<td onmousedown=\"document.getElementById('mediumno_{$i}').checked = (document.getElementById('mediumno_{$i}').checked ? false : true);\"><a href=\"" . $edit_link . "\">" . $image->_name . "</a><br /></td>\n" . "\t\t\t\t<td onmousedown=\"document.getElementById('mediumno_{$i}').checked = (document.getElementById('mediumno_{$i}').checked ? false : true);\">" . $image->_filename . "<br />\n" . "\t\t\t\t</td>\n" . "\t\t\t\t<td onmousedown=\"document.getElementById('mediumno_{$i}').checked = (document.getElementById('mediumno_{$i}').checked ? false : true);\"><img src=\"" . $this->hotlinkImage($catid, '2', $image->_id, null) . "\" alt=\"\" border=\"0\" /></td>\n" . "\t\t\t</tr>\n"; $this->_counter++; } } echo "\t\t\t<tr{$header_class}>\n" . "\t\t\t\t<th height=\"20\" align=\"center\"><input type=\"checkbox\" name=\"checkall\" onclick=\"checkUncheckAll(this, 'keys[]');\" id=\"checkall\" /></th>\n" . "\t\t\t\t<th height=\"20\" align=\"left\" onmousedown=\"document.getElementById('checkall').checked = (document.getElementById('checkall').checked ? false : true);checkUncheckAll(document.getElementById('checkall'), 'keys[]');\">\n" . "\t\t\t<strong><label onclick=\"javascript: return (document.getElementById('checkall') ? false : true);checkUncheckAll(document.getElementById('checkall'), 'keys[]');\" for=\"checkall\">" . _ZOOM_HD_CHECKALL . "</label></strong>\n" . "\t\t\t\t</th>\n" . "\t\t\t\t<th height=\"20\" align=\"center\">"; $c = 0; //Print Page No for ($c = $CounterStart; $c <= $CounterEnd; $c++) { if ($c < $MaxPage) { if ($c == $PageNo) { if ($c % $RecordCount == 0) { echo "<u><strong>{$c}</strong></u> "; } else { echo "<u><strong>{$c}</strong></u> | "; } } elseif ($c % $RecordCount == 0) { echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> "; } else { echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> | "; } //END IF } else { if ($PageNo == $MaxPage) { echo "<u><strong>{$c}</strong></u> "; } else { echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> "; } } } echo $this->createMediaPPDropdown($PageSize); echo "</th>\n" . "\t\t\t\t<th height=\"20\" align=\"center\"> </th>\n" . "\t\t\t</tr>\n" . "\t\t\t</table>\n" . "\t\t\t</div>" . "\t\t</td>" . "\t</tr>" . "\t</table>" . "\t</form>"; }
$header_class = " class=\"sectiontableheader\""; if ($zoom->_isBackend) { $table_class = " class=\"adminlist\""; $header_class = ""; $zoom->_tabclass = array("row0", "row1"); } $gtree = $acl->get_group_children_tree(null, 'USERS', false); $html = "\n\t<table width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"3\"{$table_class}>\n" . "\t<tr{$header_class}>\n" . "\t\t<th height=\"20\" align=\"left\">" . _ZOOM_SETTINGS_GROUP . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_UPLOAD . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_EDITPIC . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_DELETE . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_HD_NEW . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_EDIT . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_DEL . "</th>\n" . "\t</tr>"; foreach ($gtree as $group) { $i++; $bgcolor = $i & 1 ? $zoom->_tabclass[1] : $zoom->_tabclass[0]; $html .= "\t<tr class=\"{$bgcolor}\">\n" . "\t\t<td>" . $group->text . "</td>\n"; if ($group->value == 29 || $group->value == 30) { $html .= "\t\t<td colspan=\"6\"> </td>\n"; } else { $privileges = new privileges($database, $group->value); foreach ($privileges->getPrivileges() as $privilege => $value) { $html .= "\t\t<td align=\"center\">\n" . "\t\t<a href=\"javascript:void(0);\""; if (!strstr(strtolower($group->text), 'administrator')) { $html .= "onclick=\"swap_priv('" . $privilege . "_" . $group->value . "');\""; } $html .= ">\n"; if ($value == 1) { $html .= "\t\t<img src=\"{$mosConfig_live_site}/components/com_zoom/www/images/priv_yes.png\" width=\"16\" height=\"16\" alt=\"\" border=\"0\" name=\"img_" . $privilege . "_" . $group->value . "\" />\n"; } else { $html .= "\t\t<img src=\"{$mosConfig_live_site}/components/com_zoom/www/images/delete.png\" width=\"16\" height=\"16\" alt=\"\" border=\"0\" name=\"img_" . $privilege . "_" . $group->value . "\" />\n"; } $html .= "\t\t</a>\n" . "\t\t<input type=\"hidden\" name=\"" . $privilege . "_" . $group->value . "\" id=\"" . $privilege . "_" . $group->value . "\" value=\"{$value}\" />\n" . "\t\t</td>\n"; } $html .= "\t</tr>\n"; }