/** * @see ssciDatabase::query() */ function query($sql) { $param = func_get_args(); $param_count = count($param); for ($i = 1; $i < $param_count; $i++) { // Escape string's as needed if (is_string($param[$i]) || is_object($param[$i])) { $param[$i] = $this->escape_string($param[$i]); } } // Replace table name $param[0] = preg_replace('/#__(\\w+)/e', "sscAbstractDatabase::_set_table_prefix('\$1')", $sql); // Substitute in variables $sql = call_user_func_array('sprintf', $param); // Execute ssc_debug(array("title" => "database debug", "body" => $sql)); return $this->link->query($sql); }
/** * Session read handler * @param string $id Session identifier * @return string Session data */ function _login_sess_read($id) { global $ssc_database, $ssc_user; // Cookieless users / bots if (empty($_COOKIE[session_name()])) { $ssc_user = _login_anonymous(); // "Empty" session data to avoid saving at other end of script return ''; } // Proper user if ($result = $ssc_database->query("SELECT s.data sdata, s.uid id, u.useragent, u.username, u.fullname, u.displayname, u.gid, u.email, u.data FROM #__session s LEFT JOIN #__user u ON s.uid = u.id WHERE s.id = '%s' LIMIT 1", $id)) { // Invalid session id if (!($ssc_user = $ssc_database->fetch_object($result))) { $ssc_user = _login_anonymous(); return ''; } $data = $ssc_user->sdata; unset($ssc_user->sdata); // Check if logged in user if ($ssc_user->id < 0) { // Not logged in? $ssc_user = _login_anonymous(); return $data; } // Validate logged in user if ($ssc_user->useragent != md5($_SERVER['HTTP_USER_AGENT'])) { // Session hijack? ssc_debug(array('title' => 'Session Management', 'body' => 'Session hijacking? <br />Wanted ' . $ssc_user->useragent . ' but got ' . md5($_SERVER['HTTP_USER_AGENT']))); $ssc_user = _login_anonymous(); return ''; } $ssc_user->orig = $ssc_user->data; $ssc_user->data = unserialize($ssc_user->data); // Seems to be valid return $data; } // Fallthough, probably from bad DB $ssc_user = _login_anonymous(); return ''; }
/** * Loop through and load up each module as needed */ function module_load() { global $ssc_site_path, $ssc_database, $SSC_MODULES; // Make sure we only run once to avoid excess HDD usage / include_once overhead static $has_run = 0; if ($has_run == 1) { return; } // Set up modules "superglobal" $SSC_MODULES = array(); // Retrieve all enabled modules $result = $ssc_database->query("SELECT id, filename, weight FROM #__module WHERE status >= %d ORDER BY weight ASC", SSC_MODULE_ENABLED); // Load each module while ($data = $ssc_database->fetch_assoc($result)) { $SSC_MODULES[$data['filename']] = $data; ssc_debug(array('title' => 'module_load', 'body' => "Loading {$data['filename']}.module.php")); include "{$ssc_site_path}/modules/{$data['filename']}/{$data['filename']}.module.php"; } // Initialise module module_hook("init"); // Mark function as run $has_run = 1; }
/** * Stores a list of messages to show to the user * @param int $type Message importance level * @param string $msg Message to be stored */ function ssc_add_message($type, $msg) { if (!isset($_SESSION['message'])) { $_SESSION['message'] = array(); } ssc_debug(array('type' => 'add_message', 'body' => $msg)); $_SESSION['message'][] = array($type, $msg); }