/**
* Saves the record from an edit form submit
* @param string The current GET/POST option
*/
function saveSyndicate($option)
{
global $database;
josSpoofCheck();
$params = mosGetParam($_POST, 'params', '');
if (is_array($params)) {
$txt = array();
foreach ($params as $k => $v) {
$txt[] = "{$k}={$v}";
}
$_POST['params'] = mosParameters::textareaHandling($txt);
}
$id = intval(mosGetParam($_POST, 'id', '17'));
$row = new mosComponent($database);
$row->load($id);
if (!$row->bind($_POST)) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$msg = 'Settings successfully Saved';
mosRedirect('index2.php?option=' . $option, $msg);
}
function pollAddVote($uid)
{
global $database;
// simple spoof check security
josSpoofCheck(0, 'poll');
$redirect = 1;
$sessionCookieName = mosMainFrame::sessionCookieName();
$sessioncookie = mosGetParam($_REQUEST, $sessionCookieName, '');
if (!$sessioncookie) {
echo '<h3>' . _ALERT_ENABLED . '</h3>';
echo '<input class="button" type="button" value="' . _CMN_CONTINUE . '" onClick="window.history.go(-1);">';
return;
}
$poll = new mosPoll($database);
if (!$poll->load((int) $uid)) {
echo '<h3>' . _NOT_AUTH . '</h3>';
echo '<input class="button" type="button" value="' . _CMN_CONTINUE . '" onClick="window.history.go(-1);">';
return;
}
$cookiename = "voted{$poll->id}";
$voted = mosGetParam($_COOKIE, $cookiename, '0');
if ($voted) {
echo "<h3>" . _ALREADY_VOTE . "</h3>";
echo "<input class=\"button\" type=\"button\" value=\"" . _CMN_CONTINUE . "\" onClick=\"window.history.go(-1);\">";
return;
}
$voteid = intval(mosGetParam($_POST, 'voteid', 0));
if (!$voteid) {
echo "<h3>" . _NO_SELECTION . "</h3>";
echo '<input class="button" type="button" value="' . _CMN_CONTINUE . '" onClick="window.history.go(-1);">';
return;
}
setcookie($cookiename, '1', time() + $poll->lag);
$query = "UPDATE #__poll_data" . "\n SET hits = hits + 1" . "\n WHERE pollid = " . (int) $poll->id . "\n AND id = " . (int) $voteid;
$database->setQuery($query);
$database->query();
$query = "UPDATE #__polls" . "\n SET voters = voters + 1" . "\n WHERE id = " . (int) $poll->id;
$database->setQuery($query);
$database->query();
$now = _CURRENT_SERVER_TIME;
$query = "INSERT INTO #__poll_date" . "\n SET date = " . $database->Quote($now) . ", vote_id = " . (int) $voteid . ", poll_id = " . (int) $poll->id;
$database->setQuery($query);
$database->query();
if ($redirect) {
mosRedirect(sefRelToAbs('index.php?option=com_poll&task=results&id=' . $uid), _THANKS);
} else {
echo '<h3>' . _THANKS . '</h3>';
echo '<form action="" method="GET">';
echo '<input class="button" type="button" value="' . _BUTTON_RESULTS . '" onClick="window.location=\'' . sefRelToAbs('index.php?option=com_poll&task=results&id=' . $uid) . '\'">';
echo '</form>';
}
}
function sendMail()
{
global $database, $my, $acl;
global $mosConfig_sitename;
global $mosConfig_mailfrom, $mosConfig_fromname;
josSpoofCheck();
$mode = intval(mosGetParam($_POST, 'mm_mode', 0));
$subject = strval(mosGetParam($_POST, 'mm_subject', ''));
$gou = mosGetParam($_POST, 'mm_group', NULL);
$recurse = strval(mosGetParam($_POST, 'mm_recurse', 'NO_RECURSE'));
// pulls message inoformation either in text or html format
if ($mode) {
$message_body = $_POST['mm_message'];
} else {
// automatically removes html formatting
$message_body = strval(mosGetParam($_POST, 'mm_message', ''));
}
$message_body = stripslashes($message_body);
if (!$message_body || !$subject || $gou === null) {
mosRedirect('index2.php?option=com_massmail&mosmsg=Please fill in the form correctly');
}
// get users in the group out of the acl
$to = $acl->get_group_objects($gou, 'ARO', $recurse);
$rows = array();
if (count($to['users']) || $gou === '0') {
// Get sending email address
$query = "SELECT email" . "\n FROM #__users" . "\n WHERE id = " . (int) $my->id;
$database->setQuery($query);
$my->email = $database->loadResult();
mosArrayToInts($to['users']);
$user_ids = 'id=' . implode(' OR id=', $to['users']);
// Get all users email and group except for senders
$query = "SELECT email" . "\n FROM #__users" . "\n WHERE id != " . (int) $my->id . ($gou !== '0' ? " AND ( {$user_ids} )" : '');
$database->setQuery($query);
$rows = $database->loadObjectList();
// Build e-mail message format
$message_header = sprintf(_MASSMAIL_MESSAGE, html_entity_decode($mosConfig_sitename, ENT_QUOTES));
$message = $message_header . $message_body;
$subject = html_entity_decode($mosConfig_sitename, ENT_QUOTES) . ' / ' . stripslashes($subject);
//Send email
foreach ($rows as $row) {
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $row->email, $subject, $message, $mode);
}
}
$msg = 'E-mail sent to ' . count($rows) . ' users';
mosRedirect('index2.php?option=com_massmail', $msg);
}
/**
* Custom install method
* @param int The id of the module
* @param string The URL option
* @param int The client id
*/
function uninstall($id, $option, $client = 0)
{
global $database, $mosConfig_absolute_path;
josSpoofCheck(null, null, 'request');
// Delete directories
$path = $mosConfig_absolute_path . ($client == 'admin' ? '/administrator' : '') . '/templates/' . $id;
$id = str_replace('..', '', $id);
if (trim($id)) {
if (is_dir($path)) {
return deldir(mosPathName($path));
} else {
HTML_installer::showInstallMessage('Directory does not exist, cannot remove files', 'Uninstall - error', $this->returnTo($option, 'template', $client));
}
} else {
HTML_installer::showInstallMessage('Template id is empty, cannot remove files', 'Uninstall - error', $this->returnTo($option, 'template', $client));
exit;
}
}
/**
* Custom install method
* @param int The id of the module
* @param string The URL option
* @param int The client id
*/
function uninstall($id, $option, $client = 0)
{
global $database, $mosConfig_absolute_path;
josSpoofCheck(null, null, 'request');
// Delete directories
$path = $mosConfig_absolute_path . ($client == 'admin' ? '/administrator' : '') . '/templates/' . $id;
$id = str_replace('..', '', $id);
if (trim($id)) {
if (is_dir($path)) {
return deldir(mosPathName($path));
} else {
HTML_installer::showInstallMessage('O diretório não existe, não é possível remover arquivos', 'Desinstalar - erro', $this->returnTo($option, 'template', $client));
}
} else {
HTML_installer::showInstallMessage('ID de Tema está vazio, não é possível remover arquivos', 'Desinstalar - erro', $this->returnTo($option, 'template', $client));
exit;
}
}
function saveConfigSource($option)
{
josSpoofCheck();
//$filecontent = mosGetParam( $_POST, 'filecontent', '', _MOS_ALLOWHTML );
$filecontent = isset($_POST['filecontent']) ? strval($_POST['filecontent']) : '';
$filecontent = get_magic_quotes_gpc() ? stripslashes($filecontent) : $filecontent;
// var_dump($filecontent);die;
if ($filecontent) {
$file = JPATH_SITE . '/components/com_joomla_lms/includes/config.inc.php';
$enable_write = mosGetParam($_POST, 'enable_write', 0);
$oldperms = fileperms($file);
if ($enable_write) {
@chmod($file, $oldperms | 0222);
}
clearstatcache();
if (is_writable($file) == false) {
mosRedirect('index.php?option=' . $option . '&task=dev_config', str_replace('{file}', $file, _JLMS_CFG_MSG_F_NOT_WRITABLE));
}
if ($fp = fopen($file, 'w')) {
fputs($fp, $filecontent, strlen($filecontent));
fclose($fp);
if ($enable_write) {
@chmod($file, $oldperms);
} else {
if (mosGetParam($_POST, 'disable_write', 0)) {
@chmod($file, $oldperms & 0777555);
}
}
// if
mosRedirect('index.php?option=' . $option . '&task=dev_config');
} else {
if ($enable_write) {
@chmod($file, $oldperms);
}
mosRedirect('index.php?option=' . $option . '&task=dev_config', _JLMS_CFG_MSG_F_FAILD_TO_OPEN);
}
} else {
mosRedirect('index.php?option=' . $option . '&task=dev_config', _JLMS_CFG_MSG_UNKNOWN_ERROR);
}
}
/**
* Custom install method
* @param int The id of the module
* @param string The URL option
* @param int The client id
*/
function uninstall($id, $option, $client = 0)
{
global $mosConfig_absolute_path;
josSpoofCheck(null, null, 'request');
$id = str_replace(array('\\', '/'), '', $id);
$basepath = $mosConfig_absolute_path . '/language/';
$xmlfile = $basepath . $id . '.xml';
// see if there is an xml install file, must be same name as element
if (file_exists($xmlfile)) {
$this->i_xmldoc = new DOMIT_Lite_Document();
$this->i_xmldoc->resolveErrors(true);
if ($this->i_xmldoc->loadXML($xmlfile, false, true)) {
$mosinstall =& $this->i_xmldoc->documentElement;
// get the files element
$files_element =& $mosinstall->getElementsByPath('files', 1);
if (!is_null($files_element)) {
$files = $files_element->childNodes;
foreach ($files as $file) {
// delete the files
$filename = $file->getText();
echo $filename;
if (file_exists($basepath . $filename)) {
echo '<br />Deletando: ' . $basepath . $filename;
$result = unlink($basepath . $filename);
}
echo intval($result);
}
}
}
} else {
HTML_installer::showInstallMessage('ID do idioma vazio, não é possível remover arquivos', 'Desistalação - erro', $this->returnTo($option, 'language', $client));
exit;
}
// remove XML file from front
@unlink($xmlfile);
return true;
}
public static function checkToken($method = 'post')
{
if (JCOMMENTS_JVERSION == '1.5') {
JRequest::checkToken($method) or jexit('Invalid Token');
} else {
if (JCOMMENTS_JVERSION == '1.7') {
JRequest::checkToken($method) or jexit(JText::_('JINVALID_TOKEN'));
} else {
josSpoofCheck(null, null, $method);
}
}
}
function saveRegistration()
{
global $database, $acl;
global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_useractivation, $mosConfig_allowUserRegistration;
global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailfrom, $mosConfig_fromname;
if ($mosConfig_allowUserRegistration == 0) {
mosNotAuth();
return;
}
// simple spoof check security
josSpoofCheck();
$row = new mosUser($database);
if (!$row->bind($_POST, 'usertype')) {
mosErrorAlert($row->getError());
}
$row->name = trim($row->name);
$row->email = trim($row->email);
$row->username = trim($row->username);
$row->password = trim($row->password);
mosMakeHtmlSafe($row);
$row->id = 0;
$row->usertype = '';
$row->gid = $acl->get_group_id('Registered', 'ARO');
if ($mosConfig_useractivation == 1) {
$row->activation = md5(mosMakePassword());
$row->block = '1';
}
if (!$row->check()) {
echo "<script> alert('" . html_entity_decode($row->getError()) . "'); window.history.go(-1); </script>\n";
exit;
}
$pwd = $row->password;
$salt = mosMakePassword(16);
$crypt = md5($row->password . $salt);
$row->password = $crypt . ':' . $salt;
$row->registerDate = date('Y-m-d H:i:s');
if (!$row->store()) {
echo "<script> alert('" . html_entity_decode($row->getError()) . "'); window.history.go(-1); </script>\n";
exit;
}
$row->checkin();
$name = trim($row->name);
$email = trim($row->email);
$username = trim($row->username);
$subject = sprintf(_SEND_SUB, $name, $mosConfig_sitename);
$subject = html_entity_decode($subject, ENT_QUOTES);
if ($mosConfig_useractivation == 1) {
$message = sprintf(_USEND_MSG_ACTIVATE, $name, $mosConfig_sitename, $mosConfig_live_site . "/index.php?option=com_registration&task=activate&activation=" . $row->activation, $mosConfig_live_site, $username, $pwd);
} else {
$message = sprintf(_USEND_MSG, $name, $mosConfig_sitename, $mosConfig_live_site);
}
$message = html_entity_decode($message, ENT_QUOTES);
// check if Global Config `mailfrom` and `fromname` values exist
if ($mosConfig_mailfrom != '' && $mosConfig_fromname != '') {
$adminName2 = $mosConfig_fromname;
$adminEmail2 = $mosConfig_mailfrom;
} else {
// use email address and name of first superadmin for use in email sent to user
$query = "SELECT name, email" . "\n FROM #__users" . "\n WHERE LOWER( usertype ) = 'superadministrator'" . "\n OR LOWER( usertype ) = 'super administrator'";
$database->setQuery($query);
$rows = $database->loadObjectList();
$row2 = $rows[0];
$adminName2 = $row2->name;
$adminEmail2 = $row2->email;
}
// Send email to user
mosMail($adminEmail2, $adminName2, $email, $subject, $message);
// Send notification to all administrators
$subject2 = sprintf(_SEND_SUB, $name, $mosConfig_sitename);
$message2 = sprintf(_ASEND_MSG, $adminName2, $mosConfig_sitename, $row->name, $email, $username);
$subject2 = html_entity_decode($subject2, ENT_QUOTES);
$message2 = html_entity_decode($message2, ENT_QUOTES);
// get email addresses of all admins and superadmins set to recieve system emails
$query = "SELECT email, sendEmail" . "\n FROM #__users" . "\n WHERE ( gid = 24 OR gid = 25 )" . "\n AND sendEmail = 1" . "\n AND block = 0";
$database->setQuery($query);
$admins = $database->loadObjectList();
foreach ($admins as $admin) {
// send email to admin & super admin set to recieve system emails
mosMail($adminEmail2, $adminName2, $admin->email, $subject2, $message2);
}
if ($mosConfig_useractivation == 1) {
echo _REG_COMPLETE_ACTIVATE;
} else {
echo _REG_COMPLETE;
}
}
function cancelPoll($option)
{
josSpoofCheck();
global $database;
$row = new mosPoll($database);
$row->bind($_POST);
$row->checkin();
mosRedirect('index2.php?option=' . $option);
}
function sendmail($con_id, $option)
{
global $mainframe, $database, $Itemid;
global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_db;
// simple spoof check security
josSpoofCheck(1);
$query = "SELECT *" . "\n FROM #__contact_details" . "\n WHERE id = " . (int) $con_id;
$database->setQuery($query);
$contact = $database->loadObjectList();
if (count($contact) > 0) {
$default = $mosConfig_sitename . ' ' . _ENQUIRY;
$email = strval(mosGetParam($_POST, 'email', ''));
$text = strval(mosGetParam($_POST, 'text', ''));
$name = strval(mosGetParam($_POST, 'name', ''));
$subject = strval(mosGetParam($_POST, 'subject', $default));
$email_copy = strval(mosGetParam($_POST, 'email_copy', 0));
$menu = $mainframe->get('menu');
$mparams = new mosParameters($menu->params);
$bannedEmail = $mparams->get('bannedEmail', '');
$bannedSubject = $mparams->get('bannedSubject', '');
$bannedText = $mparams->get('bannedText', '');
$sessionCheck = $mparams->get('sessionCheck', 1);
// check for session cookie
if ($sessionCheck) {
// Session Cookie `name`
$sessionCookieName = mosMainFrame::sessionCookieName();
// Get Session Cookie `value`
$sessioncookie = mosGetParam($_COOKIE, $sessionCookieName, null);
if (!(strlen($sessioncookie) == 32 || $sessioncookie == '-')) {
mosErrorAlert(_NOT_AUTH);
}
}
// Prevent form submission if one of the banned text is discovered in the email field
if ($bannedEmail) {
$bannedEmail = explode(';', $bannedEmail);
foreach ($bannedEmail as $value) {
if (stristr($email, $value)) {
mosErrorAlert(_NOT_AUTH);
}
}
}
// Prevent form submission if one of the banned text is discovered in the subject field
if ($bannedSubject) {
$bannedSubject = explode(';', $bannedSubject);
foreach ($bannedSubject as $value) {
if (stristr($subject, $value)) {
mosErrorAlert(_NOT_AUTH);
}
}
}
// Prevent form submission if one of the banned text is discovered in the text field
if ($bannedText) {
$bannedText = explode(';', $bannedText);
foreach ($bannedText as $value) {
if (stristr($text, $value)) {
mosErrorAlert(_NOT_AUTH);
}
}
}
// test to ensure that only one email address is entered
$check = explode('@', $email);
if (strpos($email, ';') || strpos($email, ',') || strpos($email, ' ') || count($check) > 2) {
mosErrorAlert(_CONTACT_MORE_THAN);
}
if (!$email || !$text || JosIsValidEmail($email) == false) {
mosErrorAlert(_CONTACT_FORM_NC);
}
$prefix = sprintf(_ENQUIRY_TEXT, $mosConfig_live_site);
$text = $prefix . "\n" . $name . ' <' . $email . '>' . "\n\n" . stripslashes($text);
$success = mosMail($email, $name, $contact[0]->email_to, $mosConfig_fromname . ': ' . $subject, $text);
if (!$success) {
mosErrorAlert(_CONTACT_FORM_NC);
}
// parameter check
$params = new mosParameters($contact[0]->params);
$emailcopyCheck = $params->get('email_copy', 0);
// check whether email copy function activated
if ($email_copy && $emailcopyCheck) {
$copy_text = sprintf(_COPY_TEXT, $contact[0]->name, $mosConfig_sitename);
$copy_text = $copy_text . "\n\n" . $text . '';
$copy_subject = _COPY_SUBJECT . $subject;
$success = mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email, $copy_subject, $copy_text);
if (!$success) {
mosErrorAlert(_CONTACT_FORM_NC);
}
}
$link = sefRelToAbs('index.php?option=com_contact&task=view&contact_id=' . $contact[0]->id . '&Itemid=' . $Itemid);
mosRedirect($link, _THANK_MESSAGE);
}
}
/**
* Cancels an edit operation
* @param string The current url option
*/
function cancelWeblink($option)
{
josSpoofCheck();
global $database;
$row = new mosWeblink($database);
$row->bind($_POST);
$row->checkin();
mosRedirect("index2.php?option={$option}");
}
function saveOrder(&$cid)
{
global $database;
josSpoofCheck();
$total = count($cid);
$order = josGetArrayInts('order');
$row = new mosContent($database);
$conditions = array();
// update ordering values
for ($i = 0; $i < $total; $i++) {
$row->load((int) $cid[$i]);
if ($row->ordering != $order[$i]) {
$row->ordering = $order[$i];
if (!$row->store()) {
echo "<script> alert('" . $database->getErrorMsg() . "'); window.history.go(-1); </script>\n";
exit;
}
// if
// remember to updateOrder this group
$condition = "catid=" . (int) $row->catid . " AND state >= 0";
$found = false;
foreach ($conditions as $cond) {
if ($cond[1] == $condition) {
$found = true;
break;
}
}
// if
if (!$found) {
$conditions[] = array($row->id, $condition);
}
}
// if
}
// for
// execute updateOrder for each group
foreach ($conditions as $cond) {
$row->load($cond[0]);
$row->updateOrder($cond[1]);
}
// foreach
// clean any existing cache files
mosCache::cleanCache('com_content');
$msg = 'New ordering saved';
mosRedirect('index2.php?option=com_typedcontent', $msg);
}
function userSave($option, $uid)
{
global $database, $my, $mosConfig_frontend_userparams;
$user_id = intval(mosGetParam($_POST, 'id', 0));
// do some security checks
if ($uid == 0 || $user_id == 0 || $user_id != $uid) {
mosNotAuth();
return;
}
// simple spoof check security
josSpoofCheck();
$row = new mosUser($database);
$row->load((int) $user_id);
$orig_password = $row->password;
$orig_username = $row->username;
if (!$row->bind($_POST, 'gid usertype')) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->name = trim($row->name);
$row->email = trim($row->email);
$row->username = trim($row->username);
mosMakeHtmlSafe($row);
if (isset($_POST['password']) && $_POST['password'] != '') {
if (isset($_POST['verifyPass']) && $_POST['verifyPass'] == $_POST['password']) {
$row->password = trim($row->password);
$salt = mosMakePassword(16);
$crypt = md5($row->password . $salt);
$row->password = $crypt . ':' . $salt;
} else {
echo "<script> alert(\"" . addslashes(_PASS_MATCH) . "\"); window.history.go(-1); </script>\n";
exit;
}
} else {
// Restore 'original password'
$row->password = $orig_password;
}
if ($mosConfig_frontend_userparams == '1' || $mosConfig_frontend_userparams == 1 || $mosConfig_frontend_userparams == NULL) {
// save params
$params = mosGetParam($_POST, 'params', '');
if (is_array($params)) {
$txt = array();
foreach ($params as $k => $v) {
$txt[] = "{$k}={$v}";
}
$row->params = implode("\n", $txt);
}
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// check if username has been changed
if ($orig_username != $row->username) {
// change username value in session table
$query = "UPDATE #__session" . "\n SET username = "******"\n WHERE username = "******"\n AND userid = " . (int) $my->id . "\n AND gid = " . (int) $my->gid . "\n AND guest = 0";
$database->setQuery($query);
$database->query();
}
mosRedirect('index.php', _USER_DETAILS_SAVE);
}
/**
* Custom install method
* @param int The id of the module
* @param string The URL option
* @param int The client id
*/
function uninstall($id, $option, $client = 0)
{
global $database, $mosConfig_absolute_path;
josSpoofCheck();
$id = intval($id);
$query = "SELECT module, iscore, client_id" . "\n FROM #__modules WHERE id = " . (int) $id;
$database->setQuery($query);
$row = null;
$database->loadObject($row);
if ($row->iscore) {
HTML_installer::showInstallMessage($row->title . 'é um elemento do sistema e não pode ser desinstalado.<br />Caso não o pretenda continuar a utilizar será necessário retirar de publicação', 'Desinstalar - erro', $this->returnTo($option, 'module', $row->client_id ? '' : 'admin'));
exit;
}
$query = "SELECT id" . "\n FROM #__modules" . "\n WHERE module = " . $database->Quote($row->module) . " AND client_id = " . (int) $row->client_id;
$database->setQuery($query);
$modules = $database->loadResultArray();
if (count($modules)) {
mosArrayToInts($modules);
$modID = 'moduleid=' . implode(' OR moduleid=', $modules);
$query = "DELETE FROM #__modules_menu" . "\n WHERE ( {$modID} )";
$database->setQuery($query);
if (!$database->query()) {
$msg = $database->stderr;
die($msg);
}
$query = "DELETE FROM #__modules" . "\n WHERE module = " . $database->Quote($row->module) . " AND client_id = " . (int) $row->client_id;
$database->setQuery($query);
if (!$database->query()) {
$msg = $database->stderr;
die($msg);
}
if (!$row->client_id) {
$basepath = $mosConfig_absolute_path . '/modules/';
} else {
$basepath = $mosConfig_absolute_path . '/administrator/modules/';
}
$xmlfile = $basepath . $row->module . '.xml';
// see if there is an xml install file, must be same name as element
if (file_exists($xmlfile)) {
$this->i_xmldoc = new DOMIT_Lite_Document();
$this->i_xmldoc->resolveErrors(true);
if ($this->i_xmldoc->loadXML($xmlfile, false, true)) {
$mosinstall =& $this->i_xmldoc->documentElement;
// get the files element
$files_element =& $mosinstall->getElementsByPath('files', 1);
if (!is_null($files_element)) {
$files = $files_element->childNodes;
foreach ($files as $file) {
// delete the files
$filename = $file->getText();
if (file_exists($basepath . $filename)) {
$parts = pathinfo($filename);
$subpath = $parts['dirname'];
if ($subpath != '' && $subpath != '.' && $subpath != '..') {
echo '<br />Deletado: ' . $basepath . $subpath;
$result = deldir(mosPathName($basepath . $subpath . '/'));
} else {
echo '<br />Deletado: ' . $basepath . $filename;
$result = unlink(mosPathName($basepath . $filename, false));
}
echo intval($result);
}
}
// remove XML file from front
echo "Deletando arquivo XML: {$xmlfile}";
@unlink(mosPathName($xmlfile, false));
return true;
}
}
}
}
}
function removeMessage($cid, $option)
{
global $database;
josSpoofCheck();
if (!is_array($cid) || count($cid) < 1) {
echo "<script> alert('Select an item to delete'); window.history.go(-1);</script>\n";
exit;
}
if (count($cid)) {
mosArrayToInts($cid);
$cids = 'message_id=' . implode(' OR message_id=', $cid);
$query = "DELETE FROM #__messages" . "\n WHERE ( {$cids} )";
$database->setQuery($query);
if (!$database->query()) {
echo "<script> alert('" . $database->getErrorMsg() . "'); window.history.go(-1); </script>\n";
}
}
$limit = intval(mosGetParam($_REQUEST, 'limit', 10));
$limitstart = intval(mosGetParam($_REQUEST, 'limitstart', 0));
mosRedirect("index2.php?option={$option}&limit={$limit}&limitstart={$limitstart}");
}
/**
* @param string The name of the php (temporary) uploaded file
* @param string The name of the file to put in the temp directory
* @param string The message to return
*/
function uploadFile($filename, $userfile_name, &$msg)
{
josSpoofCheck();
global $mosConfig_absolute_path;
$baseDir = mosPathName($mosConfig_absolute_path . '/media');
if (file_exists($baseDir)) {
if (is_writable($baseDir)) {
if (move_uploaded_file($filename, $baseDir . $userfile_name)) {
if (mosChmod($baseDir . $userfile_name)) {
return true;
} else {
$msg = 'Falha ao alterar as permissões do arquivo enviado.';
}
} else {
$msg = 'Falha ao mover o arquivo enviado para o diretório <code>/media</code>.';
}
} else {
$msg = 'Falha no envio pois o diretório <code>/media</code> não tem permissão. É necessário atribuir permissões de escrita.';
}
} else {
$msg = 'Falha no envio pois o diretório <code>/media</code> não existe.';
}
return false;
}
/**
* Moves the order of a record
* @param integer The id of the record to move
* @param integer The direction to reorder, +1 down, -1 up
* @param string The current GET/POST option
*/
function orderNewsFeed($id, $inc, $option)
{
global $database;
josSpoofCheck();
$limit = intval(mosGetParam($_REQUEST, 'limit', 0));
$limitstart = intval(mosGetParam($_REQUEST, 'limitstart', 0));
$catid = intval(mosGetParam($_REQUEST, 'catid', 0));
$row = new mosNewsFeed($database);
$row->load((int) $id);
$row->move($inc);
mosRedirect('index2.php?option=' . $option);
}
/**
* Shows the email form for a given content item.
* @param int The content item id
*/
function emailContentSend($uid, $gid)
{
global $database, $mainframe;
global $mosConfig_live_site, $mosConfig_sitename, $mosConfig_hideEmail;
$id = intval(mosGetParam($_REQUEST, 'id', 0));
if ($id) {
$query = 'SELECT attribs FROM #__content WHERE `id`=' . $id;
$database->setQuery($query);
$params = new mosParameters($database->loadResult());
} else {
$params = new mosParameters('');
}
$paramEmail = intval($params->get('email', 0));
if ($mosConfig_hideEmail && !$paramEmail) {
echo _NOT_AUTH;
return;
}
// simple spoof check security
josSpoofCheck(1);
// check for session cookie
// Session Cookie `name`
$sessionCookieName = mosMainFrame::sessionCookieName();
// Get Session Cookie `value`
$sessioncookie = mosGetParam($_COOKIE, $sessionCookieName, null);
if (!(strlen($sessioncookie) == 32 || $sessioncookie == '-')) {
mosErrorAlert(_NOT_AUTH);
}
$itemid = intval(mosGetParam($_POST, 'itemid', 0));
$now = _CURRENT_SERVER_TIME;
$nullDate = $database->getNullDate();
// query to check for state and access levels
$query = "SELECT a.*, cc.name AS category, s.name AS section, s.published AS sec_pub, cc.published AS cat_pub," . "\n s.access AS sec_access, cc.access AS cat_access, s.id AS sec_id, cc.id as cat_id" . "\n FROM #__content AS a" . "\n LEFT JOIN #__categories AS cc ON cc.id = a.catid" . "\n LEFT JOIN #__sections AS s ON s.id = cc.section AND s.scope = 'content'" . "\n WHERE a.id = " . (int) $uid . "\n AND a.state = 1" . "\n AND a.access <= " . (int) $gid . "\n AND ( a.publish_up = " . $database->Quote($nullDate) . " OR a.publish_up <= " . $database->Quote($now) . " )" . "\n AND ( a.publish_down = " . $database->Quote($nullDate) . " OR a.publish_down >= " . $database->Quote($now) . " )";
$database->setQuery($query);
$row = NULL;
if ($database->loadObject($row)) {
/*
* check whether category is published
*/
if (!$row->cat_pub && $row->catid) {
mosNotAuth();
return;
}
/*
* check whether section is published
*/
if (!$row->sec_pub && $row->sectionid) {
mosNotAuth();
return;
}
/*
* check whether category access level allows access
*/
if ($row->cat_access > $gid && $row->catid) {
mosNotAuth();
return;
}
/*
* check whether section access level allows access
*/
if ($row->sec_access > $gid && $row->sectionid) {
mosNotAuth();
return;
}
$email = strval(mosGetParam($_POST, 'email', ''));
$yourname = strval(mosGetParam($_POST, 'yourname', ''));
$youremail = strval(mosGetParam($_POST, 'youremail', ''));
$subject = strval(mosGetParam($_POST, 'subject', ''));
if (empty($subject)) {
$subject = _EMAIL_INFO . ' ' . $yourname;
}
if ($uid < 1 || !$email || !$youremail || JosIsValidEmail($email) == false || JosIsValidEmail($youremail) == false) {
mosErrorAlert(_EMAIL_ERR_NOINFO);
}
$query = "SELECT template" . "\n FROM #__templates_menu" . "\n WHERE client_id = 0" . "\n AND menuid = 0";
$database->setQuery($query);
$template = $database->loadResult();
// determine Itemid for Item
if ($itemid) {
$_itemid = '&Itemid=' . $itemid;
} else {
$itemid = $mainframe->getItemid($uid, 0, 0);
$_itemid = '&Itemid=' . $itemid;
}
// link sent in email
$link = sefRelToAbs('index.php?option=com_content&task=view&id=' . $uid . $_itemid);
// message text
$msg = sprintf(_EMAIL_MSG, html_entity_decode($mosConfig_sitename, ENT_QUOTES), $yourname, $youremail, $link);
// mail function
$success = mosMail($youremail, $yourname, $email, $subject, $msg);
if (!$success) {
mosErrorAlert(_EMAIL_ERR_NOINFO);
}
HTML_content::emailSent($email, $template);
} else {
mosNotAuth();
return;
}
}
function removeBannerClients($cid, $option)
{
global $database;
josSpoofCheck();
for ($i = 0; $i < count($cid); $i++) {
$query = "SELECT COUNT( bid )" . "\n FROM #__banner" . "\n WHERE cid = " . (int) $cid[$i];
$database->setQuery($query);
if (($count = $database->loadResult()) == null) {
echo "<script> alert('" . $database->getErrorMsg() . "'); window.history.go(-1); </script>\n";
}
if ($count != 0) {
mosRedirect("index2.php?option={$option}&task=listclients", "Não foi possível deletar o cliente neste momento porque ele ainda tem banner sendo exibido");
} else {
$query = "DELETE FROM #__bannerfinish" . "\n WHERE cid = " . (int) $cid[$i];
$database->setQuery($query);
$database->query();
$query = "DELETE FROM #__bannerclient" . "\n WHERE cid = " . (int) $cid[$i];
$database->setQuery($query);
$database->query();
}
}
mosRedirect("index2.php?option={$option}&task=listclients");
}
/** PT
* Cancels editing and checks in the record
*/
function cancelContact()
{
global $database;
josSpoofCheck();
$row = new mosContact($database);
$row->bind($_POST);
$row->checkin();
mosRedirect('index2.php?option=com_contact');
}
function do_upload($file, $dest_dir)
{
global $clearUploads;
josSpoofCheck();
if (empty($file['name'])) {
mosRedirect("index2.php?option=com_media&listdir=" . $_POST['dirPath'], "Não selecionado arquivo para enviar");
}
if (file_exists($dest_dir . $file['name'])) {
mosRedirect("index2.php?option=com_media&listdir=" . $_POST['dirPath'], "FALHA no carregamento. O arquivo já existe");
}
$format = substr($file['name'], -3);
$allowable = array('bmp', 'csv', 'doc', 'epg', 'gif', 'ico', 'jpg', 'odg', 'odp', 'ods', 'odt', 'pdf', 'png', 'ppt', 'swf', 'txt', 'xcf', 'xls');
$noMatch = 0;
foreach ($allowable as $ext) {
if (strcasecmp($format, $ext) == 0) {
$noMatch = 1;
}
}
if (!$noMatch) {
mosRedirect("index2.php?option=com_media&listdir=" . $_POST['dirPath'], 'Este tipo de arquivo não é suportado');
}
if (!move_uploaded_file($file['tmp_name'], $dest_dir . strtolower($file['name']))) {
mosRedirect("index2.php?option=com_media&listdir=" . $_POST['dirPath'], "Falha ao enviar arquivo");
} else {
mosChmod($dest_dir . strtolower($file['name']));
mosRedirect("index2.php?option=com_media&listdir=" . $_POST['dirPath'], "Envio Completo");
}
$clearUploads = true;
}
function saveLanguageSource($option)
{
josSpoofCheck();
$language = mosGetParam($_POST, 'language', '');
$filecontent = mosGetParam($_POST, 'filecontent', '', _MOS_ALLOWHTML);
if (!$language) {
mosRedirect("index2.php?option={$option}&mosmsg=Operation failed: No language specified.");
}
if (!$filecontent) {
mosRedirect("index2.php?option={$option}&mosmsg=Operation failed: Content empty.");
}
$file = "../language/{$language}.php";
$enable_write = mosGetParam($_POST, 'enable_write', 0);
$oldperms = fileperms($file);
if ($enable_write) {
@chmod($file, $oldperms | 0222);
}
clearstatcache();
if (is_writable($file) == false) {
mosRedirect("index2.php?option={$option}&mosmsg=Operation failed: The file is not writable.");
}
if ($fp = fopen($file, "w")) {
fputs($fp, stripslashes($filecontent));
fclose($fp);
if ($enable_write) {
@chmod($file, $oldperms);
} else {
if (mosGetParam($_POST, 'disable_write', 0)) {
@chmod($file, $oldperms & 0777555);
}
}
// if
mosRedirect("index2.php?option={$option}");
} else {
if ($enable_write) {
@chmod($file, $oldperms);
}
mosRedirect("index2.php?option={$option}&mosmsg=Operation failed: Failed to open file for writing.");
}
}
/**
* Custom install method
* @param int The id of the module
* @param string The URL option
* @param int The client id
*/
function uninstall($cid, $option, $client = 0)
{
global $database, $mosConfig_absolute_path;
josSpoofCheck();
$uninstallret = '';
$sql = "SELECT *" . "\n FROM #__components" . "\n WHERE id = " . (int) $cid;
$database->setQuery($sql);
$row = null;
if (!$database->loadObject($row)) {
HTML_installer::showInstallMessage($database->stderr(true), 'Uninstall - error', $this->returnTo($option, 'component', $client));
exit;
}
if ($row->iscore) {
HTML_installer::showInstallMessage("Component {$row->name} is a core component, and can not be uninstalled.<br />You need to unpublish it if you don't want to use it", 'Uninstall - error', $this->returnTo($option, 'component', $client));
exit;
}
// Delete entries in the DB
$sql = "DELETE FROM #__components" . "\n WHERE parent = " . (int) $row->id;
$database->setQuery($sql);
if (!$database->query()) {
HTML_installer::showInstallMessage($database->stderr(true), 'Uninstall - error', $this->returnTo($option, 'component', $client));
exit;
}
$sql = "DELETE FROM #__components" . "\n WHERE id = " . (int) $row->id;
$database->setQuery($sql);
if (!$database->query()) {
HTML_installer::showInstallMessage($database->stderr(true), 'Uninstall - error', $this->returnTo($option, 'component', $client));
exit;
}
// Try to find the uninstall file
$filesindir = mosReadDirectory($mosConfig_absolute_path . '/administrator/components/' . $row->option, 'uninstall');
if (count($filesindir) > 0) {
$uninstall_file = $filesindir[0];
if (file_exists($mosConfig_absolute_path . '/administrator/components/' . $row->option . '/' . $uninstall_file)) {
require_once $mosConfig_absolute_path . '/administrator/components/' . $row->option . '/' . $uninstall_file;
$uninstallret = com_uninstall();
}
}
// Try to find the XML file
$filesindir = mosReadDirectory(mosPathName($mosConfig_absolute_path . '/administrator/components/' . $row->option), '.xml$');
if (count($filesindir) > 0) {
$ismosinstall = false;
$found = 0;
foreach ($filesindir as $file) {
$xmlDoc = new DOMIT_Lite_Document();
$xmlDoc->resolveErrors(true);
if (!$xmlDoc->loadXML($mosConfig_absolute_path . "/administrator/components/" . $row->option . "/" . $file, false, true)) {
return false;
}
$root =& $xmlDoc->documentElement;
if ($root->getTagName() != 'mosinstall') {
continue;
}
$found = 1;
$query_element =& $root->getElementsbyPath('uninstall/queries', 1);
if (!is_null($query_element)) {
$queries = $query_element->childNodes;
foreach ($queries as $query) {
$database->setQuery($query->getText());
if (!$database->query()) {
HTML_installer::showInstallMessage($database->stderr(true), 'Uninstall - error', $this->returnTo($option, 'component', $client));
exit;
}
}
}
}
if (!$found) {
HTML_installer::showInstallMessage('XML File invalid', 'Uninstall - error', $this->returnTo($option, 'component', $client));
exit;
}
} else {
/*
HTML_installer::showInstallMessage( 'Não foi possível encontrar um arquivo XML de instalação em '.$mosConfig_absolute_path.'/administrator/components/'.$row->option,
'Uninstall - error', $option, 'component' );
exit();
*/
}
// Delete directories
if (trim($row->option)) {
$result = 0;
$path = mosPathName($mosConfig_absolute_path . '/administrator/components/' . $row->option);
if (is_dir($path)) {
$result |= deldir($path);
}
$path = mosPathName($mosConfig_absolute_path . '/components/' . $row->option);
if (is_dir($path)) {
$result |= deldir($path);
}
return $result;
} else {
HTML_installer::showInstallMessage('Option field empty, cannot remove files', 'Uninstall - error', $option, 'component');
exit;
}
return $uninstallret;
}
/**
* Saves the record on an edit form submit
* @param database A database connector object
*/
function saveWeblink($option)
{
global $database, $my;
if ($my->gid < 1) {
mosNotAuth();
return;
}
// security check to see if link exists in a menu
$link = 'index.php?option=com_weblinks&task=new';
$query = "SELECT id" . "\n FROM #__menu" . "\n WHERE link LIKE '%{$link}%'" . "\n AND published = 1";
$database->setQuery($query);
$exists = $database->loadResult();
if (!$exists) {
mosNotAuth();
return;
}
// simple spoof check security
josSpoofCheck();
$row = new mosWeblink($database);
if (!$row->bind($_POST, 'published')) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// sanitise id field
// $row->id = (int) $row->id;
// until full edit capabilities are given for weblinks - limit saving to new weblinks only
$row->id = 0;
$isNew = $row->id < 1;
$row->date = date('Y-m-d H:i:s');
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->checkin();
// admin users gid
$gid = 25;
// list of admins
$query = "SELECT email, name" . "\n FROM #__users" . "\n WHERE gid = " . (int) $gid . "\n AND sendEmail = 1";
$database->setQuery($query);
if (!$database->query()) {
echo $database->stderr(true);
return;
}
$adminRows = $database->loadObjectList();
// send email notification to admins
foreach ($adminRows as $adminRow) {
mosSendAdminMail($adminRow->name, $adminRow->email, '', 'Weblink', $row->title, $my->username);
}
$msg = $isNew ? _THANK_SUB : '';
mosRedirect('index.php', $msg);
}
function logout() {
global $_POST, $_CB_framework, $_CB_database, $_PLUGINS;
$return = trim( stripslashes( cbGetParam( $_POST, 'return', null ) ) );
if ( cbStartOfStringMatch( $return, 'B:' ) ) {
$return = base64_decode( substr( $return, 2 ) );
$arrToClean = array( 'B' => get_magic_quotes_gpc() ? addslashes( $return ) : $return );
$return = cbGetParam( $arrToClean, 'B', '' );
}
$message = trim( cbGetParam( $_POST, 'message', 0 ) );
if ($return || $message) {
$spoofCheckOk = false;
if ( cbSpoofCheck( 'logout', 'POST', 2 ) ) {
$spoofCheckOk = true;
} else {
if ( is_callable("josSpoofCheck") && is_callable("josSpoofValue") ) {
$validate = josSpoofValue();
if ( cbGetParam( $_POST, $validate ) ) {
josSpoofCheck(1);
$spoofCheckOk = true;
}
}
}
if ( ! $spoofCheckOk ) {
echo _UE_SESSION_EXPIRED . ' ' . _UE_PLEASE_REFRESH;
return;
}
}
// Do the logout including all authentications and event firing:
cbimport( 'cb.authentication' );
$cbAuthenticate = new CBAuthentication();
$resultError = $cbAuthenticate->logout( $return );
if ( $resultError ) {
echo "<script type=\"text/javascript\">alert('".addslashes($_PLUGINS->getErrorMSG())."');</script>\n";
echo "<div class=\"message\">".$_PLUGINS->getErrorMSG()."</div>";;
return;
}
cbRedirect( cbSef( ( $return ? $return : 'index.php' ), false ), ( $message ? stripslashes( _LOGOUT_SUCCESS ) : '' ) );
}
/**
*/
function savePositions($option)
{
global $database;
josSpoofCheck();
$positions = mosGetParam($_POST, 'position', array());
$descriptions = mosGetParam($_POST, 'description', array());
$query = "DELETE FROM #__template_positions";
$database->setQuery($query);
$database->query();
foreach ($positions as $id => $position) {
$position = trim($position);
if (get_magic_quotes_gpc()) {
$position = stripslashes($position);
}
$description = stripslashes(strval(mosGetParam($descriptions, $id, '')));
if ($position != '') {
$query = "INSERT INTO #__template_positions" . "\n VALUES ( " . (int) $id . ", " . $database->Quote($position) . ", " . $database->Quote($description) . " )";
$database->setQuery($query);
$database->query();
}
}
mosRedirect('index2.php?option=' . $option . '&task=positions', 'Posições Salvas');
}
/**
* Save the configuration
*/
function saveconfig($task)
{
global $database, $mosConfig_absolute_path, $mosConfig_password, $mosConfig_session_type;
josSpoofCheck();
$row = new mosConfig();
if (!$row->bind($_POST)) {
mosRedirect('index2.php', $row->getError());
}
// if Session Authentication Type changed, delete all old Frontend sessions only - which used old Authentication Type
if ($mosConfig_session_type != $row->config_session_type) {
$past = time();
$query = "DELETE FROM #__session" . "\n WHERE time < " . $database->Quote($past) . "\n AND (" . "\n ( guest = 1 AND userid = 0 ) OR ( guest = 0 AND gid > 0 )" . "\n )";
$database->setQuery($query);
$database->query();
}
$server_time = date('O') / 100;
$offset = $_POST['config_offset_user'] - $server_time;
$row->config_offset = $offset;
//override any possible database password change
$row->config_password = $mosConfig_password;
// handling of special characters
$row->config_sitename = htmlspecialchars($row->config_sitename, ENT_QUOTES);
// handling of quotes (double and single) and amp characters
// htmlspecialchars not used to preserve ability to insert other html characters
$row->config_offline_message = ampReplace($row->config_offline_message);
$row->config_offline_message = str_replace('"', '"', $row->config_offline_message);
$row->config_offline_message = str_replace("'", ''', $row->config_offline_message);
// handling of quotes (double and single) and amp characters
// htmlspecialchars not used to preserve ability to insert other html characters
$row->config_error_message = ampReplace($row->config_error_message);
$row->config_error_message = str_replace('"', '"', $row->config_error_message);
$row->config_error_message = str_replace("'", ''', $row->config_error_message);
$config = "<?php \n";
$RGEmulation = intval(mosGetParam($_POST, 'rgemulation', 0));
$config .= "if(!defined('RG_EMULATION')) { define( 'RG_EMULATION', {$RGEmulation} ); }\n";
$config .= $row->getVarText();
$config .= "setlocale (LC_TIME, \$mosConfig_locale);\n";
$config .= '?>';
$fname = $mosConfig_absolute_path . '/configuration.php';
$enable_write = intval(mosGetParam($_POST, 'enable_write', 0));
$oldperms = fileperms($fname);
if ($enable_write) {
@chmod($fname, $oldperms | 0222);
}
if ($fp = fopen($fname, 'w')) {
fputs($fp, $config, strlen($config));
fclose($fp);
if ($enable_write) {
@chmod($fname, $oldperms);
} else {
if (mosGetParam($_POST, 'disable_write', 0)) {
@chmod($fname, $oldperms & 0777555);
}
}
// if
$msg = 'Configuração atualizada com sucesso';
// apply file and directory permissions if requested by user
$applyFilePerms = mosGetParam($_POST, 'applyFilePerms', 0) && $row->config_fileperms != '';
$applyDirPerms = mosGetParam($_POST, 'applyDirPerms', 0) && $row->config_dirperms != '';
if ($applyFilePerms || $applyDirPerms) {
$mosrootfiles = array('administrator', 'cache', 'components', 'images', 'language', 'mambots', 'media', 'modules', 'templates', 'configuration.php');
$filemode = NULL;
if ($applyFilePerms) {
$filemode = octdec($row->config_fileperms);
}
$dirmode = NULL;
if ($applyDirPerms) {
$dirmode = octdec($row->config_dirperms);
}
foreach ($mosrootfiles as $file) {
mosChmodRecursive($mosConfig_absolute_path . '/' . $file, $filemode, $dirmode);
}
}
// if
switch ($task) {
case 'apply':
mosRedirect('index2.php?option=com_config&hidemainmenu=1', $msg);
break;
case 'save':
default:
mosRedirect('index2.php', $msg);
break;
}
} else {
if ($enable_write) {
@chmod($fname, $oldperms);
}
mosRedirect('index2.php', 'Ocorreu um Erro! Não foi possível abrir o arquivo de configuração em modo de escrita!');
}
}
/**
* Restores items selected to normal - restores to an unpublished state
*/
function restoreTrash($cid, $option)
{
global $database;
josSpoofCheck();
$type = mosGetParam($_POST, 'type', array(0));
$total = count($cid);
// restores to an unpublished state
$state = 0;
$ordering = 9999;
if ($type == 'content') {
// query to restore content items
mosArrayToInts($cid);
$cids = 'id=' . implode(' OR id=', $cid);
$query = "UPDATE #__content" . "\n SET state = " . (int) $state . ", ordering = " . (int) $ordering . "\n WHERE ( {$cids} )";
$database->setQuery($query);
if (!$database->query()) {
echo "<script> alert('" . $database->getErrorMsg() . "'); window.history.go(-1); </script>\n";
exit;
}
} else {
if ($type == 'menu') {
sort($cid);
foreach ($cid as $id) {
$check = 1;
$row = new mosMenu($database);
$row->load($id);
// check if menu item is a child item
if ($row->parent != 0) {
$query = "SELECT id" . "\n FROM #__menu" . "\n WHERE id = " . (int) $row->parent . "\n AND ( published = 0 OR published = 1 )";
$database->setQuery($query);
$check = $database->loadResult();
if (!$check) {
// if menu items parent is not found that are published/unpublished make it a root menu item
$query = "UPDATE #__menu" . "\n SET parent = 0, published = " . (int) $state . ", ordering = 9999" . "\n WHERE id = " . (int) $id;
}
}
if ($check) {
// query to restore menu items
$query = "UPDATE #__menu" . "\n SET published = " . (int) $state . ", ordering = 9999" . "\n WHERE id = " . (int) $id;
}
$database->setQuery($query);
if (!$database->query()) {
echo "<script> alert('" . $database->getErrorMsg() . "'); window.history.go(-1); </script>\n";
exit;
}
}
}
}
$msg = $total . " Iten(s) restaurados com sucesso!";
mosRedirect("index2.php?option={$option}&mosmsg=" . $msg . "");
}
/**
* @param array An array of unique user id numbers
* @param string The current url option
*/
function logoutUser($cid = null, $option, $task)
{
global $database, $my;
josSpoofCheck(null, null, 'request');
if (is_array($cid)) {
if (count($cid) < 1) {
mosRedirect('index2.php?option=' . $option, 'Please select a user');
}
foreach ($cid as $cidA) {
$temp = new mosUser($database);
$temp->load($cidA);
// check to see whether a Administrator is attempting to log out a Super Admin
if (!($my->gid == 24 && $temp->gid == 25)) {
$id[] = $cidA;
}
}
mosArrayToInts($cid);
$ids = 'userid=' . implode(' OR userid=', $cid);
} else {
$temp = new mosUser($database);
$temp->load($cid);
// check to see whether a Administrator is attempting to log out a Super Admin
if ($my->gid == 24 && $temp->gid == 25) {
echo "<script> alert('You cannot log out a Super Administrator'); window.history.go(-1); </script>\n";
exit;
}
$ids = 'userid=' . (int) $cid;
}
$query = "DELETE FROM #__session" . "\n WHERE ( {$ids} )";
$database->setQuery($query);
$database->query();
switch ($task) {
case 'flogout':
mosRedirect('index2.php', $database->getErrorMsg());
break;
case 'remove':
case 'block':
case 'change':
return;
break;
default:
mosRedirect('index2.php?option=' . $option, $database->getErrorMsg());
break;
}
}
