function show($view, $loc = null, $title = '')
{
if (exponent_permissions_check('administrate', $loc) || exponent_permissions_check('create', $loc) || exponent_permissions_check('edit', $loc) || exponent_permissions_check('delete', $loc)) {
$template = new template('HTMLTemplateModule', $view, $loc);
$template->assign('noupload', 0);
$template->assign('uploadError', '');
if (!defined('SYS_FILES')) {
include_once BASE . 'subsystems/files.php';
}
$directory = 'files/HTMLTemplateModule/' . $loc->src;
if (!file_exists(BASE . $directory)) {
$err = exponent_files_makeDirectory($directory);
if ($err != SYS_FILES_SUCCESS) {
$template->assign('noupload', 1);
$template->assign('uploadError', $err);
}
}
global $db;
$templates = $db->selectObjects('htmltemplate');
for ($i = 0; $i < count($templates); $i++) {
$assocs = $db->selectObjects('htmltemplateassociation', 'template_id=' . $templates[$i]->id);
if (count($assocs) == 1 && $assocs[0]->global == 1) {
$templates[$i]->global_assoc = 1;
} else {
$templates[$i]->global_assoc = 0;
$templates[$i]->associations = $assocs;
}
}
$template->assign('moduletitle', $title);
$template->assign('templates', $templates);
$template->register_permissions(array('administrate', 'create', 'edit', 'delete'), exponent_core_makeLocation('HTMLTemplateModule'));
$template->output();
}
}
function update($values, $object, $loc)
{
global $db;
if (!isset($values['id'])) {
// Only deal with the inc/dec stuff if adding a module.
$src = "";
if (isset($values['i_src'])) {
if ($values['i_src'] == "new_source") {
$src = "@random" . uniqid("");
$object->is_existing = 0;
} else {
$src = $values[$values['i_src']];
$object->is_existing = 1;
}
} else {
$object->is_existing = 0;
}
$newInternal = exponent_core_makeLocation($values['i_mod'], $src);
// REFERENCES - Section and Location
//$sect = $db->selectObject('section','id='.$_POST['current_section']);
exponent_core_incrementLocationReference($newInternal, intval($_POST['current_section']));
// Rank is only updateable from the order action
$object->rank = $values['rank'];
if (isset($values['rerank'])) {
$db->increment("container", "rank", 1, "external='" . serialize($loc) . "' AND rank >= " . $values['rank']);
}
$object->internal = serialize($newInternal);
$object->external = serialize($loc);
}
$object->is_private = isset($_POST['is_private']) ? 1 : 0;
// UPDATE the container
$object->view = $values['view'];
$object->title = $values['title'];
return $object;
}
function getLocationHierarchy($loc)
{
if ($loc->int == '') {
return array($loc);
} else {
return array($loc, exponent_core_makeLocation($loc->mod, $loc->src));
}
}
function show($view, $loc = null, $title = "")
{
$loc = exponent_core_makeLocation('FileManagerModule');
global $db;
$collections = $db->selectObjects('file_collection');
$template = new template('FileManagerModule', $view, $loc);
$template->assign('collections', $collections);
$template->output();
}
function exponent_permissions_checkUser($user, $permission, $location, $explicitOnly = false)
{
global $db;
if ($user == null) {
return false;
}
if ($user->is_acting_admin == 1) {
return true;
}
$explicit = $db->selectObject("userpermission", "uid=" . $user->id . " AND module='" . $location->mod . "' AND source='" . $location->src . "' AND internal='" . $location->int . "' AND permission='{$permission}'");
if ($explicitOnly == true) {
return $explicit;
}
$implicit = false;
// Check locationHierarchy
if (is_callable(array($location->mod, "getLocationHierarchy"))) {
foreach (call_user_func(array($location->mod, "getLocationHierarchy"), $location) as $loc) {
if ($db->selectObject("userpermission", "uid=" . $user->id . " AND module='" . $loc->mod . "' AND source='" . $loc->src . "' AND internal='" . $loc->int . "' AND permission='{$permission}'")) {
$implicit = true;
break;
}
}
}
if (!$implicit) {
$memberships = $db->selectObjects("groupmembership", "member_id=" . $user->id);
foreach ($memberships as $memb) {
if ($db->selectObject("grouppermission", "gid=" . $memb->group_id . " AND module='" . $location->mod . "' AND source='" . $location->src . "' AND internal='" . $location->int . "' AND permission='{$permission}'")) {
$implicit = true;
break;
}
$section_perms = $db->selectObjects('grouppermission', 'gid=' . $memb->group_id . " AND module='NavigationModule' AND permission='manage'");
foreach ($section_perms as $perm) {
if ($db->countObjects('sectionref', 'is_original=1 AND section=' . $perm->internal . " AND module='" . $location->mod . "' AND source='" . $location->src . "'")) {
$implicit = true;
break;
}
}
}
}
if (!$implicit && $location->mod != 'NavigationModule') {
foreach ($db->selectObjects('sectionref', "is_original=1 AND module='" . $location->mod . "' AND source='" . $location->src . "'") as $secref) {
if (exponent_permissions_checkUser($user, 'manage', exponent_core_makeLocation('NavigationModule', '', $secref->section))) {
$implicit = true;
break;
}
}
// Now check the section management
/*
$section_perms = $db->selectObjects('userpermission','uid='.$user->id." AND module='NavigationModule' AND permission='manage'");
foreach ($section_perms as $perm) {
if ($db->countObjects('sectionref','is_original=1 AND section='.$perm->internal." AND module='".$location->mod."' AND source='".$location->src."'")) {
$implicit = true;
break;
}
}*/
}
return $implicit || $explicit;
}
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the User Management category
if (!defined('EXPONENT')) {
exit('');
}
// Sanitize required _GET parameters
$_GET['id'] = intval($_GET['id']);
$memb = $db->selectObject('groupmembership', 'member_id=' . $user->id . ' AND group_id=' . $_GET['id'] . ' AND is_admin=1');
if (exponent_permissions_check('user_management', exponent_core_makeLocation('administrationmodule')) || $memb) {
$group = $db->selectObject('group', 'id=' . intval($_POST['id']));
if ($group) {
$db->delete('groupmembership', 'group_id=' . $group->id);
$memb = null;
$memb->group_id = $group->id;
if ($_POST['membdata'] != "") {
foreach (explode(',', $_POST['membdata']) as $str) {
$str = explode(':', $str);
$memb->member_id = $str[0];
$memb->is_admin = $str[1];
$db->insertObject($memb, 'groupmembership');
}
}
exponent_permissions_triggerRefresh();
exponent_flow_redirect();
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
$contact = null;
$iloc = null;
if (isset($_GET['id'])) {
$contact = $db->selectObject('addressbook_contact', 'id=' . intval($_GET['id']));
if ($contact) {
$loc = unserialize($contact->location_data);
$iloc = exponent_core_makeLocation($loc->mod, $loc->src, $contact->id);
}
}
// FIXME: Replace with better use of getLocationHierarchy
if ($contact == null && exponent_permissions_check('post', $loc) || $contact != null && exponent_permissions_check('edit', $loc) || $iloc != null && exponent_permissions_check('edit', $iloc)) {
$form = addressbook_contact::form($contact);
$form->location($loc);
$form->meta('action', 'save');
$template = new template('addressbookmodule', '_form_edit', $loc);
$template->assign('form_html', $form->toHTML());
$template->assign('is_edit', $contact == null ? 0 : 1);
$template->output();
} else {
echo SITE_403_HTML;
}
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the User Management category
if (!defined('EXPONENT')) {
exit('');
}
if (exponent_permissions_check('user_management', exponent_core_makeLocation('AdministrationModule'))) {
exponent_flow_set(SYS_FLOW_PROTECTED, SYS_FLOW_ACTION);
$db->delete('sessionticket', 'last_active < ' . (time() - SESSION_TIMEOUT));
if (!defined('SYS_USERS')) {
require_once BASE . 'subsystems/users.php';
}
if (!defined('SYS_DATETIME')) {
require_once BASE . 'subsystems/datetime.php';
}
$sessions = $db->selectObjects('sessionticket');
for ($i = 0; $i < count($sessions); $i++) {
$sessions[$i]->user = exponent_users_getUserById($sessions[$i]->uid);
$sessions[$i]->duration = exponent_datetime_duration($sessions[$i]->last_active, $sessions[$i]->start_time);
}
$template = new template('AdministrationModule', '_sessionmanager', $loc);
$template->assign('sessions', $sessions);
function pathos_core_makeLocation($mod = null, $src = null, $int = null)
{
return exponent_core_makeLocation($mod, $src, $int);
}
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
if (exponent_permissions_check('database', exponent_core_makeLocation('AdministrationModule'))) {
$exporters = array();
$idh = opendir(BASE . 'modules/exporter/exporters');
while (($imp = readdir($idh)) !== false) {
if (substr($imp, 0, 1) != '.' && is_readable(BASE . 'modules/exporter/exporters/' . $imp . '/start.php') && is_readable(BASE . 'modules/exporter/exporters/' . $imp . '/info.php')) {
$exporters[$imp] = (include BASE . 'modules/exporter/exporters/' . $imp . '/info.php');
}
}
$template = new template('exporter', '_exporters');
$template->assign('exporters', $exporters);
$template->output();
} else {
echo SITE_403_HTML;
}
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
$_GET['id'] = intval($_GET['id']);
$collection = null;
if (isset($_GET['id'])) {
$collection = $db->selectObject('file_collection', 'id=' . $_GET['id']);
}
$loc = exponent_core_makeLocation('FileManagerModule');
if ($collection) {
// PERM CHECK
if (!defined('SYS_FORMS')) {
require_once BASE . 'subsystems/forms.php';
}
exponent_forms_initialize();
$form = new form();
$form->meta('module', 'FileManagerModule');
$form->meta('action', 'save_upload');
$form->meta('collection_id', $collection->id);
$form->register('name', 'Name', new textcontrol());
$form->register('file', 'File', new uploadcontrol());
$form->register('submit', '', new buttongroupcontrol('Save', '', 'Cancel'));
echo $form->toHTML();
// END PERM CHECK
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
$loc = exponent_core_makeLocation('sharedcoremodule');
if (exponent_permissions_check('manage_core', $loc) || exponent_permissions_check('manage_site', $loc)) {
$site = null;
if (isset($_GET['id'])) {
$site = $db->selectObject('sharedcore_site', 'id=' . intval($_GET['id']));
}
if ($site) {
if ($site->inactive == 0) {
$core = $db->selectObject('sharedcore_core', 'id=' . $site->core_id);
if ($core) {
if (!defined('SYS_SHAREDCORE')) {
include_once BASE . 'subsystems/sharedcore.php';
}
exponent_sharedcore_clear($site->path);
// Not full
exponent_sharedcore_setup($core, $site);
<?php
##################################################
#
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
if (exponent_permissions_check('workflow', exponent_core_makeLocation('administrationmodule'))) {
$db->switchValues('workflowaction', 'rank', intval($_GET['a']), intval($_GET['b']), "policy_id='" . intval($_GET['policy_id']) . "' AND type=" . $_GET['type']);
exponent_flow_redirect();
} else {
echo SITE_403_HTML;
}
function show($view, $loc = null, $title = '')
{
global $db, $user;
$config = $db->selectObject('newsmodule_config', "location_data='" . serialize($loc) . "'");
if ($config == null) {
$config->sortorder = 'ASC';
$config->sortfield = 'posted';
$config->item_limit = 10;
}
// Check permissions for AP link
$canviewapproval = false;
if ($user) {
$canviewapproval = exponent_permissions_check('approve', $loc) || exponent_permissions_check('manage_approval', $loc);
}
if (!$canviewapproval) {
// still not able to view
foreach ($db->selectObjects('newsitem', "location_data='" . serialize($loc) . "' AND (publish = 0 or publish <= " . time() . ") AND (unpublish = 0 or unpublish > " . time() . ') AND approved != 0') as $post) {
if ($user && $user->id == $post->poster) {
$canviewapproval = true;
break;
}
}
}
$template = new template('newsmodule', $view, $loc);
$template->assign('moduletitle', $title);
$template->register_permissions(array('administrate', 'configure', 'add_item', 'delete_item', 'edit_item', 'manage_approval', 'view_unpublished'), $loc);
$news = $db->selectObjects('newsitem', "location_data='" . serialize($loc) . "' AND (publish = 0 or publish <= " . time() . ') AND (unpublish = 0 or unpublish > ' . time() . ') AND approved != 0 ORDER BY ' . $config->sortfield . ' ' . $config->sortorder . $db->limit($config->item_limit, 0));
for ($i = 0; $i < count($news); $i++) {
$news[$i]->real_posted = $news[$i]->publish != 0 ? $news[$i]->publish : $news[$i]->posted;
$nloc = exponent_core_makeLocation($loc->mod, $loc->src, $news[$i]->id);
$news[$i]->permissions = array('edit_item' => exponent_permissions_check('edit_item', $loc) || exponent_permissions_check('edit_item', $nloc) ? 1 : 0, 'delete_item' => exponent_permissions_check('delete_item', $loc) || exponent_permissions_check('delete_item', $nloc) ? 1 : 0, 'administrate' => exponent_permissions_check('administrate', $loc) || exponent_permissions_check('administrate', $nloc) ? 1 : 0);
}
// EVIL WORKFLOW
$in_approval = $db->countObjects('newsitem_wf_info', "location_data='" . serialize($loc) . "'");
$template->assign('canview_approval_link', $canviewapproval);
$template->assign('in_approval', $in_approval);
$template->assign('news', $news);
$template->assign('morenews', count($news) < $db->countObjects('newsitem', "location_data='" . serialize($loc) . "' AND (publish = 0 or publish <= " . time() . ') AND (unpublish = 0 or unpublish > ' . time() . ') AND approved != 0'));
$template->output();
}
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the HTMLArea category
if (!defined('EXPONENT')) {
exit('');
}
if (exponent_permissions_check('htmlarea', exponent_core_makeLocation('AdministrationModule'))) {
$config = null;
if (isset($_POST['id'])) {
$config = $db->selectObject('toolbar_' . SITE_WYSIWYG_EDITOR, 'id=' . intval($_POST['id']));
}
$config->name = $_POST['config_name'];
$config->data = $_POST['config'];
if (isset($_POST['config_activate'])) {
$active = $db->selectObject('toolbar_' . SITE_WYSIWYG_EDITOR, 'active=1');
$active->active = 0;
$db->updateObject($active, 'toolbar_' . SITE_WYSIWYG_EDITOR);
$config->active = 1;
}
if (isset($config->id)) {
$db->updateObject($config, 'toolbar_' . SITE_WYSIWYG_EDITOR);
} else {
$i18n = exponent_lang_loadFile('modules/formbuilder/actions/save_form.php');
if (!defined('SYS_FORMS')) {
include_once BASE . 'subsystems/forms.php';
}
exponent_forms_initialize();
$f = null;
if (isset($_POST['id'])) {
$f = $db->selectObject('formbuilder_form', 'id=' . intval($_POST['id']));
}
if (exponent_permissions_check('editform', unserialize($f->location_data))) {
$f = formbuilder_form::update($_POST, $f);
$f->table_name = formbuilder_form::updateTable($f);
if (isset($f->id)) {
$db->updateObject($f, 'formbuilder_form');
} else {
$f->location_data = serialize(exponent_core_makeLocation($_POST['m'], $_POST['s'], $_POST['i']));
$f->id = $db->insertObject($f, 'formbuilder_form');
//Create Default Report;
$rpt->name = $i18n['default_report'];
$rpt->description = $i18n['auto_generated'];
$rpt->location_data = $f->location_data;
$rpt->text = '';
$rpt->column_names = '';
$rpt->form_id = $f->id;
$db->insertObject($rpt, 'formbuilder_report');
}
//Delete All addresses as we will be rebuilding it.
$db->delete('formbuilder_address', 'form_id=' . $f->id);
$data->group_id = 0;
$data->user_id = 0;
$data->email = '';
function show($view, $loc, $title = '')
{
if (!defined('SYS_FILES')) {
require_once BASE . 'subsystems/files.php';
}
$template = new template('ResourceModule', $view, $loc);
$directory = 'files/ResourceModule/' . $loc->src;
if (!file_exists(BASE . $directory)) {
$err = exponent_files_makeDirectory($directory);
if ($err != SYS_FILES_SUCCESS) {
$template->assign('noupload', 1);
$template->assign('uploadError', $err);
}
}
global $db;
$location = serialize($loc);
if (!isset($_SESSION['resource_cache'][$location])) {
$resources = $db->selectObjects('resourceitem', "location_data='" . serialize($loc) . "'");
$_SESSION['resource_cache'][$location] = $resources;
} else {
$resources = $_SESSION['resource_cache'][$location];
}
$iloc = exponent_core_makeLocation($loc->mod, $loc->src);
for ($i = 0; $i < count($resources); $i++) {
$iloc->int = $resources[$i]->id;
$resources[$i]->permissions = array('administrate' => exponent_permissions_check('administrate', $iloc), 'edit' => exponent_permissions_check('edit', $iloc), 'delete' => exponent_permissions_check('delete', $iloc));
}
if (!defined('SYS_SORTING')) {
require_once BASE . 'subsystems/sorting.php';
}
usort($resources, 'exponent_sorting_byRankAscending');
$rfiles = array();
foreach ($db->selectObjects('file', "directory='{$directory}'") as $file) {
$file->mimetype = $db->selectObject('mimetype', "mimetype='" . $file->mimetype . "'");
$rfiles[$file->id] = $file;
}
$template->assign('moduletitle', $title);
$template->assign('resources', $resources);
$template->assign('files', $rfiles);
$template->register_permissions(array('administrate', 'configure', 'post', 'edit', 'delete'), $loc);
$template->output($view);
}
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
include_once '../../../exponent.php';
$collection = null;
if (isset($_POST['collection_id'])) {
$collection = $db->selectObject('file_collection', 'id=' . intval($_POST['collection_id']));
} else {
$collection->id = 0;
$collection->name = 'Uncategorized Files';
$collection->description = 'Theses files have not been categorized yet,';
}
$loc = exponent_core_makeLocation('filemanagermodule');
// PERM CHECK
$file = file::update('file', 'files', null);
if (is_object($file)) {
$file->name = $_POST['name'];
$file->collection_id = $collection->id;
$file_id = $db->insertObject($file, 'file');
header('Location: ' . URL_FULL . 'modules/filemanagermodule/actions/picker.php?id=' . $collection->id . '&highlight_file=' . $file_id);
} else {
echo $file;
}
// END PERM CHECK
function canView($section)
{
global $db;
if ($section->public == 0) {
// Not a public section. Check permissions.
return exponent_permissions_check('view', exponent_core_makeLocation('NavigationModule', '', $section->id));
} else {
// Is public. check parents.
if ($section->parent <= 0) {
// Out of parents, and since we are still checking, we haven't hit a private section.
return true;
} else {
$s = $db->selectObject('section', 'id=' . $section->parent);
return NavigationModule::canView($s);
}
}
}
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
$t = null;
$loc = exponent_core_makeLocation('htmltemplatemodule');
if (isset($_POST['id'])) {
$t = $db->selectObject('htmltemplate', 'id=' . intval($_POST['id']));
}
if (!$t && exponent_permissions_check('create', $loc) || $t && exponent_permissions_check('edit', $loc)) {
$t = htmltemplate::update($_POST, $t);
if (isset($t->id)) {
$db->updateObject($t, 'htmltemplate');
} else {
$db->insertObject($t, 'htmltemplate');
}
exponent_flow_redirect();
} else {
echo SITE_403_HTML;
}
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
define('SCRIPT_EXP_RELATIVE', '');
define('SCRIPT_FILENAME', 'popup.php');
ob_start();
// Initialize the Exponent Framework
require_once 'exponent.php';
// Initialize the Theme Subsystem
if (!defined('SYS_THEME')) {
require_once BASE . 'subsystems/theme.php';
}
$loc = exponent_core_makeLocation(isset($_GET['module']) ? $_GET['module'] : '', isset($_GET['src']) ? $_GET['src'] : '', isset($_GET['int']) ? $_GET['int'] : '');
$SYS_FLOW_REDIRECTIONPATH = 'popup';
if (exponent_theme_inAction()) {
exponent_theme_runAction();
} else {
if (isset($_GET['module']) && isset($_GET['view'])) {
exponent_flow_set(SYS_FLOW_PUBLIC, SYS_FLOW_SECTIONAL);
$mod = new $_GET['module']();
$mod->show($_GET['view'], $loc, isset($_GET['title']) ? $_GET['title'] : '');
}
}
$str = ob_get_contents();
ob_end_clean();
$template = new standalonetemplate('popup_' . (isset($_GET['template']) ? $_GET['template'] : 'general'));
$template->assign('output', $str);
$template->output();
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the User Management category
if (!defined('EXPONENT')) {
exit('');
}
if (isset($_GET['id']) && exponent_permissions_check('user_management', exponent_core_makeLocation('administrationmodule'))) {
if (!defined('SYS_USERS')) {
require_once BASE . 'subsystems/users.php';
}
$u = exponent_users_getUserById(intval($_GET['id']));
if ($u) {
$groups = exponent_users_getAllGroups();
$admin = array();
$membership = array();
foreach ($db->selectObjects('groupmembership', 'member_id=' . $u->id) as $m) {
$membership[] = $m->group_id;
if ($m->is_admin == 1) {
$admin[] = $m->group_id;
}
}
for ($i = 0; $i < count($groups); $i++) {
<?php
##################################################
#
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the Configuration category
if (!defined('EXPONENT')) {
exit('');
}
if (exponent_permissions_check('configuration', exponent_core_makeLocation('AdministrationModule'))) {
if (!defined('SYS_CONFIG')) {
require_once BASE . 'subsystems/config.php';
}
exponent_config_deleteProfile($_GET['configname']);
exponent_flow_redirect();
} else {
echo SITE_403_HTML;
}
function show($view, $loc = null, $title = '')
{
$template = new template('WeblogModule', $view, $loc);
global $db;
global $user;
$user_id = $user ? $user->id : -1;
$config = $db->selectObject('WeblogModule_config', "location_data='" . serialize($loc) . "'");
if ($config == null) {
$config->allow_comments = 1;
$config->items_per_page = 10;
}
$viewconfig = array('type' => 'default');
if (is_readable($template->viewdir . "/{$view}.config")) {
$viewconfig = (include $template->viewdir . "/{$view}.config");
}
$where = '(is_draft = 0 OR poster = ' . $user_id . ") AND location_data='" . serialize($loc) . "'";
if (!exponent_permissions_check('view_private', $loc)) {
$where .= ' AND is_private = 0';
}
if ($viewconfig['type'] == 'monthlist') {
$months = array();
$min_date = $db->min('weblog_post', 'posted', 'location_data', $where);
$max_date = $db->max('weblog_post', 'posted', 'location_data', $where);
$months = array();
if (!defined('SYS_DATETIME')) {
require_once BASE . 'subsystems/datetime.php';
}
$start_month = exponent_datetime_startOfMonthTimestamp($min_date);
$end_month = exponent_datetime_endOfMonthTimestamp($min_date) + 86399;
do {
$count = $db->countObjects('weblog_post', $where . ' AND posted >= ' . $start_month . ' AND posted <= ' . $end_month);
if ($count) {
$months[$start_month] = $count;
}
$start_month = $end_month + 1;
$end_month = exponent_datetime_endOfMonthTimestamp($start_month) + 86399;
} while ($start_month < $max_date);
$template->assign('months', array_reverse($months, true));
} else {
if ($viewconfig['type'] == 'calendar') {
if (!defined('SYS_DATETIME')) {
require_once BASE . 'subsystems/datetime.php';
}
$month_days = exponent_datetime_monthlyDaysTimestamp(time());
for ($i = 0; $i < count($month_days); $i++) {
foreach ($month_days[$i] as $mday => $timestamp) {
if ($mday > 0) {
// Got a valid one. Go with it.
$month_days[$i][$mday] = array('number' => $db->countObjects('weblog_post', $where . ' AND posted >= ' . $timestamp . ' AND posted < ' . strtotime('+1 day', $timestamp)), 'ts' => $timestamp);
}
}
}
$template->assign('days', $month_days);
$template->assign('now', time());
} else {
$total = $db->countObjects('weblog_post', $where);
$posts = $db->selectObjects('weblog_post', $where . ' ORDER BY posted DESC ' . $db->limit($config->items_per_page, 0));
if (!defined('SYS_SORTING')) {
require_once BASE . 'subsystems/sorting.php';
}
for ($i = 0; $i < count($posts); $i++) {
$ploc = exponent_core_makeLocation($loc->mod, $loc->src, $posts[$i]->id);
$posts[$i]->permissions = array('administrate' => exponent_permissions_check('administrate', $ploc), 'edit' => exponent_permissions_check('edit', $ploc), 'delete' => exponent_permissions_check('delete', $ploc), 'comment' => exponent_permissions_check('comment', $ploc), 'edit_comments' => exponent_permissions_check('edit_comments', $ploc), 'delete_comments' => exponent_permissions_check('delete_comments', $ploc), 'view_private' => exponent_permissions_check('view_private', $ploc));
$comments = $db->selectObjects('weblog_comment', 'parent_id=' . $posts[$i]->id);
usort($comments, 'exponent_sorting_byPostedDescending');
$posts[$i]->comments = $comments;
}
usort($posts, 'exponent_sorting_byPostedDescending');
$template->assign('posts', $posts);
$template->assign('total_posts', $total);
}
}
$template->register_permissions(array('administrate', 'configure', 'post', 'edit', 'delete', 'comment', 'edit_comments', 'delete_comments', 'view_private'), $loc);
$template->assign('config', $config);
$template->assign('moduletitle', $title);
$template->output();
}
<?php
##################################################
#
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the Administration Control Panel : Files Subsystem category
if (!defined('EXPONENT')) {
exit('');
}
if (exponent_permissions_check('files_subsystem', exponent_core_makeLocation('AdministrationModule'))) {
exponent_flow_set(SYS_FLOW_PROTECTED, SYS_FLOW_ACTION);
$template = new template('filemanager', '_mimetypes', $loc);
$template->assign('types', $db->selectObjects('mimetype'));
$template->output();
} else {
echo SITE_403_HTML;
}
if ($config == null) {
$config->allow_comments = 1;
$config->items_per_page = 10;
}
if (isset($_GET['single'])) {
$config->items_per_page = 1;
}
$where = "location_data='" . serialize($loc) . "' AND (is_draft = 0 OR poster = " . ($user ? $user->id : -1) . ")";
if (!exponent_permissions_check('view_private', $loc)) {
$where .= ' AND is_private = 0';
}
$total = $db->countObjects('weblog_post', $where);
$posts = $db->selectObjects('weblog_post', $where . ' ORDER BY posted DESC ' . $db->limit($config->items_per_page, $_GET['page'] * $config->items_per_page));
if (!defined('SYS_SORTING')) {
require_once BASE . 'subsystems/sorting.php';
}
for ($i = 0; $i < count($posts); $i++) {
$ploc = exponent_core_makeLocation($loc->mod, $loc->src, $posts[$i]->id);
$posts[$i]->permissions = array('administrate' => exponent_permissions_check('administrate', $ploc), 'edit' => exponent_permissions_check('edit', $ploc), 'delete' => exponent_permissions_check('delete', $ploc), 'comment' => exponent_permissions_check('comment', $ploc), 'edit_comments' => exponent_permissions_check('edit_comments', $ploc), 'delete_comments' => exponent_permissions_check('delete_comments', $ploc), 'view_private' => exponent_permissions_check('view_private', $ploc));
$comments = $db->selectObjects('weblog_comment', 'parent_id=' . $posts[$i]->id);
usort($comments, 'exponent_sorting_byPostedDescending');
$posts[$i]->comments = $comments;
}
usort($posts, 'exponent_sorting_byPostedDescending');
$template->assign('posts', $posts);
$template->assign('total_posts', $total);
$template->assign('shownext', ($_GET['page'] + 1) * $config->items_per_page < $total);
$template->assign('page', $_GET['page']);
$template->register_permissions(array('administrate', 'configure', 'post', 'edit', 'delete', 'comment', 'edit_comments', 'delete_comments', 'view_private'), $loc);
$template->assign('config', $config);
$template->output();
exit('');
}
$check_id = -1;
$section = null;
$old_parent = null;
if (isset($_POST['id'])) {
// Saving an existing content page. Read it from the database.
$section = $db->selectObject('section', 'id=' . intval($_POST['id']));
if ($section) {
$old_parent = $section->parent;
$check_id = $section->id;
}
} else {
$check_id = $_POST['parent'];
}
if ($check_id != -1 && exponent_permissions_check('manage', exponent_core_makeLocation('NavigationModule', '', $check_id))) {
$i18n = exponent_lang_loadFile('modules/NavigationModule/actions/save_internalalias.php');
// Update the section from the _POST data.
$section = section::updateInternalAlias($_POST, $section);
if ($section->active == 0) {
// User tried to link to an inactive section. This makes little or no sense in
// this context, so throw them back to the edit form, with an error message.
$_POST['_formError'] = $i18n['internal_link_err'];
exponent_sessions_set('last_POST', $_POST);
header('Location: ' . $_SERVER['HTTP_REFERER']);
exit('');
}
if (isset($section->id)) {
if ($section->parent != $old_parent) {
// Old_parent id was different than the new parent id. Need to decrement the ranks
// of the old children (after ours), and then add
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the Administration Control Panel : Extensions category
if (!defined('EXPONENT')) {
exit('');
}
if (exponent_permissions_check('extensions', exponent_core_makeLocation('administrationmodule'))) {
if (!defined('SYS_INFO')) {
require_once BASE . 'subsystems/info.php';
}
$files = exponent_info_files($_GET['type'], $_GET['name']);
if (is_array($files)) {
ksort($files);
}
$template = new template('info', '_checksums', $loc);
if (is_array($files)) {
$actual = exponent_info_fileChecksums($files);
foreach (array_keys($files) as $f) {
if (is_int($files[$f])) {
$files[$f] = "";
}
}
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
if (exponent_permissions_check('manage_core', exponent_core_makeLocation('sharedcoremodule'))) {
$core = null;
if (isset($_GET['id'])) {
$core = $db->selectObject('sharedcore_core', 'id=' . intval($_GET['id']));
}
if ($core) {
$db->delete('sharedcore_core', 'id=' . $core->id);
if (!defined('SYS_SHAREDCORE')) {
include_once BASE . 'subsystems/sharedcore.php';
}
foreach ($db->selectObjects('sharedcore_site', 'core_id=' . $core->id) as $site) {
$db->delete('sharedcore_extension', 'site_id=' . $site->id);
exponent_sharedcore_clear($site->path, true);
}
$db->delete('sharedcore_site', 'core_id=' . $core->id);
exponent_flow_redirect();
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined("EXPONENT")) {
exit("");
}
$item = null;
$iloc = null;
if (isset($_POST['id'])) {
$item = $db->selectObject("calendar", "id=" . intval($_POST['id']));
$loc = unserialize($item->location_data);
$iloc = exponent_core_makeLocation($loc->mod, $loc->src, $item->id);
}
if ($item == null && exponent_permissions_check("post", $loc) || $item != null && exponent_permissions_check("edit", $loc) || $iloc != null && exponent_permissions_check("edit", $iloc)) {
$item = calendar::update($_POST, $item);
$item->location_data = serialize($loc);
if (isset($_POST['category'])) {
$item->category_id = $_POST['category'];
} else {
$item->category_id = 0;
}
//Check to see if the feedback form is enabled and/or being used for this event.
if (isset($_POST['feedback_form'])) {
$item->feedback_form = $_POST['feedback_form'];
$item->feedback_email = $_POST['feedback_email'];
} else {
$item->feedback_form = "";