function save()
{
$tpl = new templates();
$users = new user($_GET["login"]);
if ($users->password != null) {
writelogs("User already exists {$_GET["login"]} ", __FUNCTION__, __FILE__);
echo $tpl->_ENGINE_parse_body('{account_already_exists}');
exit;
}
$ou = $_REQUEST["ou"];
$password = $_REQUEST["password"];
writelogs("Add new user {$_REQUEST["login"]} {$_REQUEST["ou"]} {$_REQUEST["gpid"]}", __FUNCTION__, __FILE__);
$users->ou = $_REQUEST["ou"];
$users->password = $_REQUEST["password"];
$users->mail = "{$_REQUEST["email"]}@{$_REQUEST["internet_domain"]}";
$users->DisplayName = "{$_REQUEST["firstname"]} {$_REQUEST["lastname"]}";
$users->givenName = $_REQUEST["firstname"];
$users->sn = $_REQUEST["lastname"];
$users->group_id = $_REQUEST["gpid"];
if (is_numeric($_REQUEST["gpid"])) {
$gp = new groups($_REQUEST["gpid"]);
writelogs("privileges: {$_REQUEST["gpid"]} -> AsComplexPassword = \"{$gp->Privileges_array["AsComplexPassword"]}\"", __FUNCTION__, __FILE__, __LINE__);
if ($gp->Privileges_array["AsComplexPassword"] == "yes") {
$ldap = new clladp();
$hash = $ldap->OUDatas($ou);
$privs = $ldap->_ParsePrivieleges($hash["ArticaGroupPrivileges"], array(), true);
$policiespwd = unserialize(base64_decode($privs["PasswdPolicy"]));
if (is_array($policiespwd)) {
$priv = new privileges();
if (!$priv->PolicyPassword($password, $policiespwd)) {
return false;
}
}
}
return false;
}
$users->add_user();
}
function create_user($filename)
{
$tpl = new templates();
$unix = new unix();
$nohup = null;
$path = "/usr/share/artica-postfix/ressources/logs/web/create-users/{$filename}";
echo "Path:{$path}\n";
build_progress("Open {$filename}", 10);
if (!is_file($path)) {
echo "{$path} no such file...\n";
return false;
}
$MAIN = unserialize(base64_decode(@file_get_contents($path)));
build_progress("Create new member {$MAIN["login"]}", 15);
$users = new user($MAIN["login"]);
if ($users->password != null) {
echo "User already exists {$MAIN["login"]}\n";
build_progress("{account_already_exists}", 110);
@unlink($path);
return;
}
$ou = $MAIN["ou"];
$password = url_decode_special_tool($MAIN["password"]);
$MAIN["firstname"] = url_decode_special_tool($MAIN["firstname"]);
$MAIN["lastname"] = url_decode_special_tool($MAIN["lastname"]);
build_progress("{$MAIN["firstname"]} {$MAIN["lastname"]}", 20);
if (trim($MAIN["internet_domain"]) == null) {
$MAIN["internet_domain"] = "localhost.localdomain";
}
echo "Add new user {$MAIN["login"]} {$MAIN["ou"]} {$MAIN["gpid"]}\n";
$users->ou = $MAIN["ou"];
$users->password = url_decode_special_tool($MAIN["password"]);
$users->mail = "{$MAIN["email"]}@{$MAIN["internet_domain"]}";
$users->DisplayName = "{$MAIN["firstname"]} {$MAIN["lastname"]}";
$users->givenName = $MAIN["firstname"];
$users->sn = $MAIN["lastname"];
$users->group_id = $MAIN["gpid"];
$users->homeDirectory = "/home/{$MAIN["login"]}";
if (is_numeric($MAIN["gpid"])) {
$gp = new groups($MAIN["gpid"]);
echo "privileges: {$MAIN["gpid"]} -> AsComplexPassword = \"{$gp->Privileges_array["AsComplexPassword"]}\"\n";
if ($gp->Privileges_array["AsComplexPassword"] == "yes") {
$ldap = new clladp();
$hash = $ldap->OUDatas($ou);
$privs = $ldap->_ParsePrivieleges($hash["ArticaGroupPrivileges"], array(), true);
$policiespwd = unserialize(base64_decode($privs["PasswdPolicy"]));
if (is_array($policiespwd)) {
$priv = new privileges();
if (!$priv->PolicyPassword($password, $policiespwd)) {
build_progress("Need complex password", 110);
echo "Need complex password";
@unlink($path);
return;
}
}
}
}
build_progress("{$MAIN["firstname"]} {$MAIN["lastname"]} {save}", 25);
if (!$users->add_user()) {
echo $users->error . "\n" . $users->ldap_error;
build_progress("{failed}", 110);
@unlink($path);
return;
}
@mkdir("{$users->homeDirectory}");
@chown("{$users->homeDirectory}", $users->uid);
if ($MAIN["ByZarafa"] == "yes") {
$terminated = " >/dev/null";
$zarafa_admin = $unix->find_program("zarafa-admin");
if (!$GLOBALS["WAIT"]) {
$nohup = $unix->find_program("nohup");
$terminated = null;
}
if (isset($MAIN["ZARAFA_LANG"])) {
$users->SaveZarafaMbxLang($MAIN["ZARAFA_LANG"]);
$langcmd = " --lang {$MAIN["ZARAFA_LANG"]} ";
}
$ldap = new clladp();
$dn = "ou={$MAIN["ou"]},dc=organizations,{$ldap->suffix}";
$upd["objectClass"] = "zarafa-company";
$upd["cn"] = $MAIN["ou"];
if (!$ldap->Ldap_add_mod("{$dn}", $upd)) {
echo $ldap->ldap_last_error;
build_progress("{failed} OpenLDAP Error", 110);
@unlink($path);
return;
}
build_progress("{create_store} {language}: {$MAIN["ZARAFA_LANG"]}", 30);
$cmd = "{$nohup} {$zarafa_admin} {$langcmd}--create-store {$MAIN["login"]} >/dev/null 2>&1 &";
system(trim($cmd));
if (!$GLOBALS["WAIT"]) {
$sock = new sockets();
$sock->getFrameWork("cmd.php?zarafa-hash=yes&rebuild=yes");
return;
}
@unlink("/usr/share/artica-postfix/ressources/databases/ZARAFA_DB_STATUS.db");
@unlink("/etc/artica-postfix/zarafa-export.db");
$cmd = LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.zarafa.build.stores.php --export-hash";
build_progress("{export_stores_data}", 35);
echo "{$cmd}\n";
system($cmd);
}
echo "Remove {$path}\n";
@unlink($path);
return true;
}
function USER_ADD()
{
$userid = $_REQUEST["new_userid"];
$password = $_REQUEST["password"];
$group_id = $_REQUEST["group_id"];
if (isset($_GET["encpass"])) {
$password = url_decode_special_tool($password);
}
$ou = $_REQUEST["ou"];
$tpl = new templates();
if (preg_match("#(.+?)@(.+)#", $_REQUEST["email"], $re)) {
$_REQUEST["user_domain"] = $re[2];
$_REQUEST["email"] = $re[1];
}
$email = $_REQUEST["email"] . "@" . $_REQUEST["user_domain"];
$email = strtolower($email);
$user = new usersMenus();
if ($user->EnableVirtualDomainsInMailBoxes == 1) {
writelogs("Adding change {$userid} to \"{$email}\" in group {$group_id}", __FUNCTION__, __FILE__, __LINE__);
$userid = $email;
}
if (is_numeric($group_id)) {
$gp = new groups($group_id);
writelogs("privileges: {$group_id} -> AsComplexPassword = \"{$gp->Privileges_array["AsComplexPassword"]}\"", __FUNCTION__, __FILE__, __LINE__);
if ($gp->Privileges_array["AsComplexPassword"] == "yes") {
$ldap = new clladp();
$hash = $ldap->OUDatas($ou);
$privs = $ldap->_ParsePrivieleges($hash["ArticaGroupPrivileges"], array(), true);
$policiespwd = unserialize(base64_decode($privs["PasswdPolicy"]));
if (is_array($policiespwd)) {
$priv = new privileges();
if (!$priv->PolicyPassword($password, $policiespwd)) {
return false;
}
}
} else {
writelogs("privileges: {$group_id} -> AsComplexPassword = \"No\" -> continue", __FUNCTION__, __FILE__, __LINE__);
}
}
$users = new user($userid);
if ($users->UserExists) {
echo $tpl->javascript_parse_text('ERROR: {account_already_exists}');
return false;
}
writelogs("Adding {$userid} in group {$group_id}", __FUNCTION__, __FILE__, __LINE__);
$email = $_REQUEST["email"] . "@" . $_REQUEST["user_domain"];
if ($ou == null) {
echo html_entity_decode($tpl->javascript_parse_text('ERROR:{error_no_ou}'));
exit;
}
if ($userid == null) {
echo html_entity_decode($tpl->javascript_parse_text('ERROR:{error_no_userid}'));
exit;
}
if ($password == null) {
echo html_entity_decode($tpl->javascript_parse_text('ERROR:{error_no_password}'));
exit;
}
if ($email == null) {
echo html_entity_decode($tpl->javascript_parse_text('ERROR:{error_no_email}'));
exit;
}
$ldap = new clladp();
if (!is_numeric($group_id)) {
writelogs("Groupid is not numeric", __FUNCTION__, __FILE__, __LINE__);
$default_dn_group = "cn=nogroup,ou={$ou},dc=organizations,{$ldap->suffix}";
if (!$ldap->ExistsDN($default_dn_group)) {
$ldap->AddGroup("nogroup", $ou);
}
$group_id = $ldap->GroupIDFromName($ou, "nogroup");
if (!is_numeric($group_id)) {
$group_id = 0;
}
}
$emT = explode('@', $email);
//Verify domains --------------------------------------------------------------- 2008 10 05,P3
$hash_domains_table = $ldap->hash_get_domains_ou($ou);
if (!isset($hash_domains_table[$_REQUEST["user_domain"]])) {
writelogs("{$userid} have no domains", __FUNCTION__, __FILE__, __LINE__);
writelogs("Create a new local domain by default", __FUNCTION__, __FILE__, __LINE__);
$ldap->AddDomainEntity($ou, $_REQUEST["user_domain"]);
}
//------------------------------------------------------------------------------
$domains = $ldap->domains_get_locals_domains($ou);
$dn = "cn={$userid},ou={$ou},dc=organizations,{$ldap->suffix}";
if ($ldap->ExistsDN($dn)) {
writelogs("{$userid} ({$dn}) already exists", __FUNCTION__, __FILE__, __LINE__);
echo $userid;
exit;
}
$users = new user($userid);
$users->mail = $email;
$users->accountGroup = $group_id;
$users->domainname = $_REQUEST["user_domain"];
if ($password != null) {
$users->password = $password;
}
$users->ou = $ou;
if ($domains[$_REQUEST["user_domain"]] == true) {
$upd = array();
writelogs("is a local domain {$_REQUEST["user_domain"]}={$domains[$_REQUEST["user_domain"]]}", __FUNCTION__, __FILE__, __LINE__);
$upd["ObjectClass"][] = 'ArticaSettings';
$users->MailboxActive = "TRUE";
}
if (!$users->add_user()) {
echo "ERROR: add_user(): " . $users->ldap_error . "\n" . basename(__FILE__) . "\nLine:" . __LINE__;
exit;
}
writelogs("Success adding user, now, add user {$users->uid} to group {$group_id} ", __FUNCTION__, __FILE__, __LINE__);
if ($group_id > 0) {
$ldap->AddUserToGroup($group_id, $users->uid);
}
echo $users->uid;
}
function checklogon($Aspost = false)
{
include_once dirname(__FILE__) . "/ressources/class.user.inc";
include "ressources/settings.inc";
$username = $_POST["username"];
$_POST["password"] = url_decode_special_tool($_POST["password"]);
$password = trim($_POST["password"]);
$users = new usersMenus();
if ($users->WEBSTATS_APPLIANCE) {
$users->SQUID_INSTALLED = true;
}
//echo $username."\n$password\n";
if ($password == null) {
if ($Aspost) {
MainPage("Bad password");
return;
}
echo "Bad password";
return;
}
if (trim(strtolower($username)) == trim(strtolower($_GLOBAL["ldap_admin"]))) {
$passwordMD = md5(trim($_GLOBAL["ldap_password"]));
if ($password == $passwordMD) {
$_SESSION["uid"] = '-100';
$_SESSION["groupid"] = '-100';
$_SESSION["passwd"] = $_GLOBAL["ldap_password"];
$_SESSION["CORP"] = $users->CORP_LICENSE;
$_SESSION["privileges"]["ArticaGroupPrivileges"] = '
[AllowAddGroup]="yes"
[AllowAddUsers]="yes"
[AllowChangeKav]="yes"
[AllowChangeKas]="yes"
[AllowChangeUserPassword]="yes"
[AllowEditAliases]="yes"
[AllowEditAsWbl]="yes"
[AsSystemAdministrator]="yes"
[AsPostfixAdministrator]="yes"
[AsArticaAdministrator]="yes"';
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
$_SESSION["AsWebStatisticsAdministrator"] = true;
if ($Aspost) {
header("location:miniadm.index.php");
return;
}
return;
}
}
if ($users->SQUID_INSTALLED) {
$q = new mysql_squid_builder();
$passwordMD = md5($password);
$sql = "SELECT webfilters_sqitems.gpid AS maingpid\n\t\t\tFROM webfilters_sqacllinks, webfilters_sqgroups, webfilters_sqitems, webfilters_sqacls\n\t\t\tWHERE webfilters_sqacllinks.gpid = webfilters_sqgroups.ID\n\t\t\tAND webfilters_sqacllinks.aclid = webfilters_sqacls.ID\n\t\t\tAND webfilters_sqgroups.ID = webfilters_sqitems.gpid\n\t\t\tAND webfilters_sqacls.enabled =1\n\t\t\tAND webfilters_sqgroups.enabled =1\n\t\t\tAND webfilters_sqitems.enabled =1\n\t\t\tAND webfilters_sqgroups.GroupType = 'dynamic_acls'\n\t\t\tAND webfilters_sqitems.pattern = '{$username}:{$passwordMD}'";
$results = $q->QUERY_SQL($sql);
if (!$q->mysql_error) {
echo $q->mysql_error;
}
$CountDerules = mysql_num_rows($results);
writelogs("{$username}::webfilters_sqitems:: {$CountDerules} rules", __FUNCTION__, __FILE__, __LINE__);
if ($CountDerules > 0) {
writelogs("{$username}::webfilters_sqitems:: Building rules....", __FUNCTION__, __FILE__, __LINE__);
while ($ligne = mysql_fetch_assoc($results)) {
$_SESSION["SQUID_DYNAMIC_ACLS_VIRTUALS"][$ligne["maingpid"]] = true;
}
$_SESSION["InterfaceType"] = "{ARTICA_MINIADM}";
$_SESSION["VirtAclUser"] = true;
$_SESSION["ou"] = "Proxy Service";
$_SESSION["CORP"] = $users->CORP_LICENSE;
setcookie("mem-logon-user", $_POST["username-logon"], time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["uid"] = $username;
$_SESSION["privileges"]["ArticaGroupPrivileges"] = array();
BuildSession($username);
if ($Aspost) {
header("location:miniadm.index.php");
return;
}
return;
}
}
writelogs("{$username}:: Continue, processing....", __FUNCTION__, __FILE__, __LINE__);
$ldap = new clladp();
$IsKerbAuth = $ldap->IsKerbAuth();
writelogs("{$username}:: Is AD -> {$IsKerbAuth}", __FUNCTION__, __FILE__, __LINE__);
if ($ldap->IsKerbAuth()) {
$external_ad_search = new external_ad_search();
if ($external_ad_search->CheckUserAuth($username, $password)) {
$users = new usersMenus();
$privs = new privileges($_POST["username-logon"]);
$privileges_array = $privs->privs;
$_SESSION["InterfaceType"] = "{ARTICA_MINIADM}";
$_SESSION["VirtAclUser"] = false;
setcookie("mem-logon-user", $_POST["username-logon"], time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["uid"] = $_POST["username-logon"];
$_SESSION["passwd"] = $_POST["username-logon"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content;
BuildSession($username);
if ($Aspost) {
header("location:miniadm.index.php");
return;
}
return;
}
writelogs("{$username}:: Checks Active Directory failed, continue processing...", __FUNCTION__, __FILE__, __LINE__);
}
writelogs("{$username}:: Continue, processing....", __FUNCTION__, __FILE__, __LINE__);
$q = new mysql();
$sql = "SELECT `username`,`value`,id FROM radcheck WHERE `username`='{$username}' AND `attribute`='Cleartext-Password' LIMIT 0,1";
writelogs("{$username}:: Is a RADIUS users \"{$sql}\"", __FUNCTION__, __FILE__, __LINE__);
$ligne = mysql_fetch_array($q->QUERY_SQL($sql, "artica_backup"));
if (!is_numeric($ligne["id"])) {
$ligne["id"] = 0;
}
if (!$q->ok) {
writelogs("{$username}:: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__);
}
writelogs("{$username}:: {$password} <> " . md5($ligne["value"]), __FUNCTION__, __FILE__, __LINE__);
if ($ligne["id"] > 0) {
$checkRadiusPass = false;
if (md5($ligne["value"]) == $password) {
writelogs("{$username}:: RADIUS Password true for no MD5", __FUNCTION__, __FILE__, __LINE__);
$checkRadiusPass = true;
}
if (md5($ligne["value"]) == $passwordMD) {
writelogs("{$username}:: RADIUS Password true for yes MD5", __FUNCTION__, __FILE__, __LINE__);
$checkRadiusPass = true;
}
if ($checkRadiusPass) {
writelogs("{$username}:: Authenticated as a RADIUS users id={$ligne["id"]}", __FUNCTION__, __FILE__, __LINE__);
$privs = new privileges($_POST["username-logon"], null, $ligne["id"]);
$privileges_array = $privs->privs;
$_SESSION["CORP"] = $users->CORP_LICENSE;
$_SESSION["InterfaceType"] = "{ARTICA_MINIADM}";
setcookie("mem-logon-user", $username, time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
while (list($key, $val) = each($_SESSION["privileges_array"])) {
if (!isset($_SESSION[$key])) {
$_SESSION[$key] = $val;
}
}
reset($_SESSION["privileges_array"]);
$_SESSION["uid"] = $username;
$_SESSION["RADIUS_ID"] = $ligne["id"];
BuildSession($username);
if ($Aspost) {
header("location:miniadm.index.php");
return;
}
return;
}
}
writelogs("{$username}::Finally Is LOCAL LDAP ? -> {$IsKerbAuth}", __FUNCTION__, __FILE__, __LINE__);
$u = new user($username);
$tpl = new templates();
$userPassword = $u->password;
if (trim($u->uidNumber) == null) {
writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
if ($Aspost) {
MainPage("Unknown user (" . __LINE__ . ")");
return;
}
echo "Unknown user (" . __LINE__ . ")";
die;
}
writelogs("{$username}:: Password match ? Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__);
if ($Aspost) {
if (trim($password) != trim($userPassword)) {
writelogs("{$username}:: Password match NO Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__);
MainPage("Bad password (" . __LINE__ . ")");
return;
}
}
if (!$Aspost) {
if (trim($password) != md5(trim($userPassword))) {
writelogs("{$username}:: Password match NO Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__);
writelogs("[{$_POST["username"]}]: The password typed is not the same in ldap database...", __FUNCTION__, __FILE__);
artica_mysql_events("Failed to logon on the management console as user `{$username}` from {$_SERVER["REMOTE_HOST"]} (bad password)", @implode("\n", $notice), "security", "security");
if ($Aspost) {
MainPage("Bad password (" . __LINE__ . ")");
return;
}
echo "Error: (" . __LINE__ . ") bad password";
return null;
}
}
writelogs("{$username}:: Password match YES Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__);
$ldap = new clladp();
$users = new usersMenus();
$_SESSION["CORP"] = $users->CORP_LICENSE;
$privs = new privileges($u->uid);
$privs->SearchPrivileges();
$privileges_array = $privs->privs;
$_SESSION["VirtAclUser"] = false;
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["privs"] = $privileges_array;
if (isset($privileges_array["ForceLanguageUsers"])) {
$_SESSION["OU_LANG"] = $privileges_array["ForceLanguageUsers"];
}
$_SESSION["uid"] = $username;
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content;
$_SESSION["groupid"] = $ldap->UserGetGroups($_POST["username"], 1);
$_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled;
$_SESSION["MailboxActive"] = $u->MailboxActive;
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
$_SESSION["ou"] = $u->ou;
$_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas);
include_once dirname(__FILE__) . "/ressources/class.translate.rights.inc";
$cr = new TranslateRights(null, null);
$r = $cr->GetPrivsArray();
while (list($key, $val) = each($r)) {
if ($users->{$key}) {
$_SESSION[$key] = $users->{$key};
}
}
if (is_array($_SESSION["privs"])) {
$r = $_SESSION["privs"];
while (list($key, $val) = each($r)) {
$t[$key] = $val;
$_SESSION[$key] = $val;
}
}
if (!isset($_SESSION["OU_LANG"])) {
$_SESSION["OU_LANG"] = null;
}
if (!isset($_SESSION["ASDCHPAdmin"])) {
$_SESSION["ASDCHPAdmin"] = false;
}
if (trim($_SESSION["OU_LANG"]) != null) {
$_SESSION["detected_lang"] = $_SESSION["OU_LANG"];
} else {
include_once dirname(__FILE__) . "/ressources/class.langages.inc";
$lang = new articaLang();
$_SESSION["detected_lang"] = $lang->get_languages();
}
if (isset($GLOBALS["FixedLanguage"])) {
$sock = new sockets();
$GLOBALS["FixedLanguage"] = $sock->GET_INFO("FixedLanguage");
}
if (trim($GLOBALS["FixedLanguage"]) != null) {
$_SESSION["detected_lang"] = $GLOBALS["FixedLanguage"];
}
if ($Aspost) {
header("location:miniadm.index.php");
return;
}
}
/**
* @return string
* @desc Create the HTML body of the Media Manager.
* @access public
*/
function createMediaEditForm($option, $page, $Itemid, $catid, $backend, $PageNo = 1)
{
global $mosConfig_live_site, $mosConfig_absolute_path;
$this->createCheckAllScript();
$i = 0;
$this->_counter = 0;
$table_class = "";
$header_class = " class=\"sectiontableheader\"";
if ($this->_isBackend) {
$table_class = " class=\"adminlist\"";
$header_class = "";
$this->_tabclass = array("row0", "row1");
}
$i = 1;
$startRow = 0;
$PageSize = empty($_SESSION['zoom_mediapp']) ? 10 : $_SESSION['zoom_mediapp'];
//Set the page no
$startRow = ($PageNo - 1) * $PageSize;
//Total of record
$RecordCount = $this->_gallery->getNumOfImages();
//Number of files in gallery
$endRow = $startRow + $PageSize - 1;
// subtract one or it's one more than requested
if ($endRow >= $RecordCount) {
$endRow = $RecordCount - 1;
}
//Set Maximum Page
$MaxPage = ceil($RecordCount % $PageSize);
if ($RecordCount % $PageSize == 0) {
$MaxPage = ceil($RecordCount / $PageSize);
} else {
$MaxPage = ceil($RecordCount / $PageSize);
}
//Set the counter start
$CounterStart = 1;
//Counter End
$CounterEnd = $MaxPage;
?>
<table width="80%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align="center" width="50%">
<?php
$c = 0;
//Print Page No
for ($c = $CounterStart; $c <= $CounterEnd; $c++) {
if ($c < $MaxPage) {
if ($c == $PageNo) {
if ($c % $RecordCount == 0) {
echo "<u><strong>{$c}</strong></u> ";
} else {
echo "<u><strong>{$c}</strong></u> | ";
}
} elseif ($c % $RecordCount == 0) {
echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> ";
} else {
echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> | ";
}
//END IF
} else {
if ($PageNo == $MaxPage) {
echo "<u><strong>{$c}</strong></u> ";
} else {
echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> ";
}
}
}
echo $this->createMediaPPDropdown($PageSize);
?>
</td>
<?php
if (!$this->_isBackend) {
?>
<td align="right">
<div align="right">
<?php
if ($this->_isAdmin || $this->privileges->hasPrivilege('priv_upload')) {
?>
<a href="<?php
echo $this->_isBackend ? "index" . $backend . ".php?option=com_zoom&page=upload&return=mediamgr&catid=" . $catid . "&Itemid=" . $Itemid . "&PageNo=" . $PageNo : sefReltoAbs("index.php?option=com_zoom&page=upload&return=mediamgr&catid=" . $catid . "&Itemid=" . $Itemid . "&PageNo=" . $PageNo);
?>
" onmouseover="return overlib('<?php
echo _ZOOM_UPLOAD;
?>
');" onmouseout="return nd();"><img src="<?php
echo $mosConfig_live_site;
?>
/components/com_zoom/www/images/admin/new.png" alt="" border="0" onmouseover="MM_swapImage('new','','<?php
echo $mosConfig_live_site;
?>
/components/com_zoom/www/images/admin/new_f2.png',1);" onmouseout="MM_swapImgRestore();" name="new" /></a>
<?php
}
if ($this->_isAdmin || $this->privileges->hasPrivilege('priv_editmedium')) {
?>
<a href="javascript:submitbutton('edtimg');" onmouseover="return overlib('<?php
echo _ZOOM_BUTTON_EDIT;
?>
');" onmouseout="return nd();"><img src="<?php
echo $mosConfig_live_site;
?>
/components/com_zoom/www/images/admin/edit.png" alt="" border="0" onmouseover="MM_swapImage('edit','','<?php
echo $mosConfig_live_site;
?>
/components/com_zoom/www/images/admin/edit_f2.png',1);" onmouseout="MM_swapImgRestore();" name="edit" /></a>
<?php
}
if ($this->_isAdmin) {
?>
<a href="javascript:submitbutton('move');" onmouseover="return overlib('<?php
echo _ZOOM_MOVEFILES;
?>
');" onmouseout="return nd();"><img src="<?php
echo $mosConfig_live_site;
?>
/components/com_zoom/www/images/admin/move.png" alt="" border="0" onmouseover="MM_swapImage('movefiles','','<?php
echo $mosConfig_live_site;
?>
/components/com_zoom/www/images/admin/move_f2.png',1);" onmouseout="MM_swapImgRestore();" name="movefiles" /></a>
<?php
}
if ($this->_isAdmin || $this->privileges->hasPrivilege('priv_delmedium')) {
?>
<a href="javascript:submitbutton('delete');" onmouseover="return overlib('<?php
echo _ZOOM_DELETE;
?>
');" onmouseout="return nd();"><img src="<?php
echo $mosConfig_live_site;
?>
/components/com_zoom/www/images/admin/delete.png" alt="" border="0" onmouseover="MM_swapImage('delete','','<?php
echo $mosConfig_live_site;
?>
/components/com_zoom/www/images/admin/delete_f2.png',1);" onmouseout="MM_swapImgRestore();" name="delete" /></a>
<?php
}
?>
</div>
</td>
<?php
}
?>
</tr>
</table>
<form name="mediamgr" action="<?php
echo $this->_isBackend ? "index2.php?option=com_zoom&page=mediamgr&Itemid=" . $Itemid : sefReltoAbs("index.php?option=com_zoom&page=mediamgr&Itemid=" . $Itemid);
?>
" method="post">
<input type="hidden" name="task" value="" />
<input type="hidden" name="return" value="mediamgr" />
<input type="hidden" name="catid" value="<?php
echo $this->_gallery->_id;
?>
" />
<input type="hidden" name="mediapp" value="" />
<input type="hidden" name="PageNo" value="<?php
echo $PageNo;
?>
" />
<table width="80%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="center">
<div align="center">
<?php
echo "\t\t\t<table cellpadding=\"3\" cellspacing=\"0\" border=\"0\" width=\"100%\"{$table_class}>\n" . "\t\t\t<tr{$header_class}>\n" . "\t\t\t\t<th width=\"50\"> </th>\n" . "\t\t\t\t<th align=\"left\">" . _ZOOM_NAME . "</th>\n" . "\t\t\t\t<th align=\"left\">" . _ZOOM_FILENAME . "</th>\n" . "\t\t\t\t<th align=\"left\">" . _ZOOM_HD_PREVIEW . "</th>\n" . "\t\t\t</tr>\n";
if ($this->privileges->hasPrivilege('priv_editmedium') | $this->privileges->hasPrivilege('priv_delmedium') || $this->_isAdmin) {
for ($counter = $startRow; $counter <= $endRow; $counter++) {
$image = $this->_gallery->_images[$counter];
$i++;
$image->getInfo();
$bgcolor = $i & 1 ? $this->_tabclass[1] : $this->_tabclass[0];
if ($this->_isAdmin || $this->privileges->hasPrivilege('priv_editmedium')) {
if ($this->_isBackend) {
$edit_link = "index2.php?option=com_zoom&page=mediamgr&task=edtimg&catid=" . $image->_catid . "&key=" . $counter . "&Itemid=" . $Itemid . "&PageNo=" . $PageNo;
} else {
$edit_link = sefReltoAbs("index.php?option=com_zoom&page=mediamgr&task=edtimg&catid=" . $image->_catid . "&key=" . $counter . "&Itemid=" . $Itemid . "&PageNo=" . $PageNo);
}
} else {
$edit_link = "javascript:void(0);";
}
echo "\t\t\t<tr class=\"" . $bgcolor . "\">\n" . "\t\t\t\t<td align=\"center\" width=\"10\"><input type=\"checkbox\" name=\"keys[]\" value=\"" . $counter . "\" id=\"mediumno_{$i}\" /></td>\n" . "\t\t\t\t<td onmousedown=\"document.getElementById('mediumno_{$i}').checked = (document.getElementById('mediumno_{$i}').checked ? false : true);\"><a href=\"" . $edit_link . "\">" . $image->_name . "</a><br /></td>\n" . "\t\t\t\t<td onmousedown=\"document.getElementById('mediumno_{$i}').checked = (document.getElementById('mediumno_{$i}').checked ? false : true);\">" . $image->_filename . "<br />\n" . "\t\t\t\t</td>\n" . "\t\t\t\t<td onmousedown=\"document.getElementById('mediumno_{$i}').checked = (document.getElementById('mediumno_{$i}').checked ? false : true);\"><img src=\"" . $this->hotlinkImage($catid, '2', $image->_id, null) . "\" alt=\"\" border=\"0\" /></td>\n" . "\t\t\t</tr>\n";
$this->_counter++;
}
}
echo "\t\t\t<tr{$header_class}>\n" . "\t\t\t\t<th height=\"20\" align=\"center\"><input type=\"checkbox\" name=\"checkall\" onclick=\"checkUncheckAll(this, 'keys[]');\" id=\"checkall\" /></th>\n" . "\t\t\t\t<th height=\"20\" align=\"left\" onmousedown=\"document.getElementById('checkall').checked = (document.getElementById('checkall').checked ? false : true);checkUncheckAll(document.getElementById('checkall'), 'keys[]');\">\n" . "\t\t\t<strong><label onclick=\"javascript: return (document.getElementById('checkall') ? false : true);checkUncheckAll(document.getElementById('checkall'), 'keys[]');\" for=\"checkall\">" . _ZOOM_HD_CHECKALL . "</label></strong>\n" . "\t\t\t\t</th>\n" . "\t\t\t\t<th height=\"20\" align=\"center\">";
$c = 0;
//Print Page No
for ($c = $CounterStart; $c <= $CounterEnd; $c++) {
if ($c < $MaxPage) {
if ($c == $PageNo) {
if ($c % $RecordCount == 0) {
echo "<u><strong>{$c}</strong></u> ";
} else {
echo "<u><strong>{$c}</strong></u> | ";
}
} elseif ($c % $RecordCount == 0) {
echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> ";
} else {
echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> | ";
}
//END IF
} else {
if ($PageNo == $MaxPage) {
echo "<u><strong>{$c}</strong></u> ";
} else {
echo "<a href=\"" . ($this->_isBackend ? "index2.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c : sefReltoAbs("index.php?option=com_zoom&page=" . $page . "&Itemid=" . $Itemid . "&catid=" . $catid . "&PageNo=" . $c)) . "\"><strong>{$c}</strong></a> ";
}
}
}
echo $this->createMediaPPDropdown($PageSize);
echo "</th>\n" . "\t\t\t\t<th height=\"20\" align=\"center\"> </th>\n" . "\t\t\t</tr>\n" . "\t\t\t</table>\n" . "\t\t\t</div>" . "\t\t</td>" . "\t</tr>" . "\t</table>" . "\t</form>";
}
$header_class = " class=\"sectiontableheader\"";
if ($zoom->_isBackend) {
$table_class = " class=\"adminlist\"";
$header_class = "";
$zoom->_tabclass = array("row0", "row1");
}
$gtree = $acl->get_group_children_tree(null, 'USERS', false);
$html = "\n\t<table width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"3\"{$table_class}>\n" . "\t<tr{$header_class}>\n" . "\t\t<th height=\"20\" align=\"left\">" . _ZOOM_SETTINGS_GROUP . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_UPLOAD . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_EDITPIC . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_DELETE . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_HD_NEW . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_EDIT . "</th>\n" . "\t\t<th align=\"center\">" . _ZOOM_DEL . "</th>\n" . "\t</tr>";
foreach ($gtree as $group) {
$i++;
$bgcolor = $i & 1 ? $zoom->_tabclass[1] : $zoom->_tabclass[0];
$html .= "\t<tr class=\"{$bgcolor}\">\n" . "\t\t<td>" . $group->text . "</td>\n";
if ($group->value == 29 || $group->value == 30) {
$html .= "\t\t<td colspan=\"6\"> </td>\n";
} else {
$privileges = new privileges($database, $group->value);
foreach ($privileges->getPrivileges() as $privilege => $value) {
$html .= "\t\t<td align=\"center\">\n" . "\t\t<a href=\"javascript:void(0);\"";
if (!strstr(strtolower($group->text), 'administrator')) {
$html .= "onclick=\"swap_priv('" . $privilege . "_" . $group->value . "');\"";
}
$html .= ">\n";
if ($value == 1) {
$html .= "\t\t<img src=\"{$mosConfig_live_site}/components/com_zoom/www/images/priv_yes.png\" width=\"16\" height=\"16\" alt=\"\" border=\"0\" name=\"img_" . $privilege . "_" . $group->value . "\" />\n";
} else {
$html .= "\t\t<img src=\"{$mosConfig_live_site}/components/com_zoom/www/images/delete.png\" width=\"16\" height=\"16\" alt=\"\" border=\"0\" name=\"img_" . $privilege . "_" . $group->value . "\" />\n";
}
$html .= "\t\t</a>\n" . "\t\t<input type=\"hidden\" name=\"" . $privilege . "_" . $group->value . "\" id=\"" . $privilege . "_" . $group->value . "\" value=\"{$value}\" />\n" . "\t\t</td>\n";
}
$html .= "\t</tr>\n";
}
