function editUser($uid = '0', $option = 'users')
{
global $database, $my, $acl, $adminLanguage;
$row = new mosUser($database);
// load the row from the db table
$row->load($uid);
if ($uid) {
$query = "SELECT * FROM #__contact_details WHERE user_id='" . $row->id . "'";
$database->setQuery($query);
$contact = $database->loadObjectList();
} else {
$contact = NULL;
}
$my_group = strtolower($acl->get_group_name($row->gid, 'ARO'));
if ($my_group == 'super administrator') {
$lists['gid'] = '<input type="hidden" name="gid" value="' . $my->gid . '" /><strong>' . $adminLanguage->A_COMP_USERS_SUPER_ADMIN . '</strong>';
} else {
// ensure user can't add group higher than themselves
$my_groups = $acl->get_object_groups('users', $my->id, 'ARO');
if (is_array($my_groups) && count($my_groups) > 0) {
$ex_groups = $acl->get_group_children($my_groups[0], 'ARO', 'RECURSE');
} else {
$ex_groups = array();
}
$gtree = $acl->get_group_children_tree(null, 'USERS', false);
// remove users 'above' me
$i = 0;
while ($i < count($gtree)) {
if (in_array($gtree[$i]->value, $ex_groups)) {
array_splice($gtree, $i, 1);
} else {
$i++;
}
}
$lists['gid'] = mosHTML::selectList($gtree, 'gid', 'size="4"', 'value', 'text', $row->gid);
}
// build the html select list
$lists['block'] = mosHTML::yesnoRadioList('block', 'class="inputbox" size="1"', $row->block);
// build the html select list
$lists['sendEmail'] = mosHTML::yesnoRadioList('sendEmail', 'class="inputbox" size="1"', $row->sendEmail);
HTML_users::edituser($row, $contact, $lists, $option, $uid);
}
/**
* Gets access levels of CMS for $user_id
*
* @param int $user_id
* @param boolean $recurse (DEPRECATED 1.8)
* @param boolean $cb1xNumbering (SINCE 1.8) DEFAULT: FALSE: (if $cb1xNumbering with CB 1.x's definition for standard levels 0,1,2)
* @return array of int
*/
function get_object_access($user_id, $recurse = false, $cb1xNumbering = true)
{
global $_CB_database;
if (checkJversion() == 2) {
$levels = $this->_acl->getAuthorisedViewLevels((int) $user_id);
// Keep backwards levels compatible: J1.6's 1 is CB 1.7-'s 0, 2 is 1, 3 is 2:
if ($cb1xNumbering) {
foreach ($levels as $k => $v) {
if ($v <= 3) {
--$levels[$k];
}
}
}
} else {
if (checkJversion() == 1) {
$user =& JFactory::getUser($user_id ? (int) $user_id : null);
$level = $user->get('aid', 0);
} else {
$user = new mosUser($_CB_database);
$user->load((int) $user_id);
$level = $user->gid;
}
$query = 'SELECT ' . $_CB_database->NameQuote('id') . "\n FROM " . $_CB_database->NameQuote('#__groups') . "\n WHERE " . $_CB_database->NameQuote('id') . " <= " . (int) $level . "\n ORDER BY " . $_CB_database->NameQuote('id');
$_CB_database->setQuery($query);
$levels = $_CB_database->loadResultArray();
if (!$cb1xNumbering) {
for ($i = 0, $n = count($levels); $i < $n; $i++) {
if (in_array($levels[$i], array(0, 1, 2))) {
++$levels[$i];
// J1.5's 0 is CB's 1, 1 is 2, 2 is 3.
}
}
}
// This makes sense only on J<1.6, thus it's only here:
if (!$recurse) {
$levels = array_slice($levels, -1);
}
}
return array_unique(cbArrayToInts($levels));
}
function userSave($option, $uid)
{
global $database, $my, $mosConfig_frontend_userparams;
$user_id = intval(mosGetParam($_POST, 'id', 0));
// do some security checks
if ($uid == 0 || $user_id == 0 || $user_id != $uid) {
mosNotAuth();
return;
}
// simple spoof check security
josSpoofCheck();
$row = new mosUser($database);
$row->load((int) $user_id);
$orig_password = $row->password;
$orig_username = $row->username;
if (!$row->bind($_POST, 'gid usertype')) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->name = trim($row->name);
$row->email = trim($row->email);
$row->username = trim($row->username);
mosMakeHtmlSafe($row);
if (isset($_POST['password']) && $_POST['password'] != '') {
if (isset($_POST['verifyPass']) && $_POST['verifyPass'] == $_POST['password']) {
$row->password = trim($row->password);
$salt = mosMakePassword(16);
$crypt = md5($row->password . $salt);
$row->password = $crypt . ':' . $salt;
} else {
echo "<script> alert(\"" . addslashes(_PASS_MATCH) . "\"); window.history.go(-1); </script>\n";
exit;
}
} else {
// Restore 'original password'
$row->password = $orig_password;
}
if ($mosConfig_frontend_userparams == '1' || $mosConfig_frontend_userparams == 1 || $mosConfig_frontend_userparams == NULL) {
// save params
$params = mosGetParam($_POST, 'params', '');
if (is_array($params)) {
$txt = array();
foreach ($params as $k => $v) {
$txt[] = "{$k}={$v}";
}
$row->params = implode("\n", $txt);
}
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// check if username has been changed
if ($orig_username != $row->username) {
// change username value in session table
$query = "UPDATE #__session" . "\n SET username = "******"\n WHERE username = "******"\n AND userid = " . (int) $my->id . "\n AND gid = " . (int) $my->gid . "\n AND guest = 0";
$database->setQuery($query);
$database->query();
}
mosRedirect('index.php', _USER_DETAILS_SAVE);
}
$query = "SELECT COUNT(*) FROM #__users WHERE block = '0' {$where}";
$database->setQuery($query);
$total = $database->loadResult();
$limit = jTipsGetParam($_REQUEST, 'limit', $jTips['NumMax']);
$pageNav = new mosPageNav($total, $offset, $limit);
$tpl->pageNav = $pageNav;
$direction = jTipsGetParam($_REQUEST, 'filter_order_Dir', 'asc');
if (empty($direction)) {
$direction = 'asc';
}
$orderby = jTipsGetParam($_REQUEST, 'filter_order', 'name');
if (empty($orderby)) {
$orderby = 'name';
}
// BUG 319 - creating users that don't require activation, or creating a user by admin leaves an activation code
//$query = "SELECT id FROM #__users WHERE activation = '' ORDER BY $orderby $direction";
$query = "SELECT id FROM #__users WHERE block = '0' {$where} ORDER BY {$orderby} {$direction}";
$database->setQuery($query, $pageNav->limitstart, $pageNav->limit);
$list = (array) $database->loadResultArray();
$users = array();
foreach ($list as $id) {
if (isJoomla15()) {
$JoomlaUser = new JUser();
} else {
$JoomlaUser = new mosUser($database);
}
$JoomlaUser->load($id);
$users[] = $JoomlaUser;
}
$tpl->users = $users;
$tpl->display();
function sendNotificationEmail($type)
{
jTipsLogger::_log('preparing to send ' . $type . ' notification email', 'INFO');
global $jTips, $database;
$subject = stripslashes($jTips["UserNotify" . $type . "Subject"]);
$message = stripslashes($jTips["UserNotify" . $type . "Message"]);
$from_name = $jTips['UserNotifyFromName'];
$from_email = $jTips['UserNotifyFromEmail'];
$variables = array();
$values = array();
foreach (get_object_vars($this) as $key => $val) {
if (is_string($key)) {
array_push($variables, $key);
$values[$key] = $val;
}
}
if (isJoomla15()) {
$user = new JUser();
} else {
$user = new mosUser($database);
}
$user->load($this->user_id);
foreach (get_object_vars($user) as $key => $val) {
if (is_string($key)) {
array_push($variables, $key);
$values[$key] = $val;
}
}
// find out which season this is for an add it to the avaialble variables
$query = "SELECT name FROM #__jtips_seasons WHERE id = '" . $this->season_id . "'";
$database->setQuery($query);
$season = $database->loadResult();
$values['competition'] = $season;
$values['season'] = $season;
$body = parseTemplate($message, $variables, $values);
jTipsLogger::_log('sending email: ' . $body, 'INFO');
if (jTipsMail($from_email, $from_name, $this->getUserField('email'), $subject, $body)) {
jTipsLogger::_log('notification email sent successfully', 'INFO');
return TRUE;
} else {
jTipsLogger::_log('sending notification email failed', 'ERROR');
return FALSE;
}
}
function UserView($option, $uid)
{
global $database;
if ($uid == 0) {
mosNotAuth();
return;
}
$user_id = intval(mosGetParam($_REQUEST, 'userid', 0));
if ($user_id == 0) {
$user_id = $uid;
}
// echo "<script>alert('$user_id');</script>";
include_once "administrator/components/com_user_extended/user_extended.class.php";
$row = new mosUser_Extended($database);
$row->load($user_id);
$urow = new mosUser($database);
$urow->load($user_id);
$u_name = $urow->name;
$u_username = $urow->username;
$u_email = $urow->email;
UserExtended_content::UserView($option, $row, $u_name, $u_username, $u_email);
}
function AuthorDateLine(&$row, &$params)
{
global $database;
$text = '';
if ($params->get('author')) {
// Display Author name
//Find Author Name
$users_rows = new mosUser($database);
$users_rows->load($row->created_by);
$row->author = $users_rows->name;
$row->usertype = $users_rows->usertype;
if ($row->usertype == 'administrator' || $row->usertype == 'superadministrator') {
$text .= "\n";
$text .= _WRITTEN_BY . ' ' . ($row->created_by_alias ? $row->created_by_alias : $row->author);
} else {
$text .= "\n";
$text .= _AUTHOR_BY . ' ' . ($row->created_by_alias ? $row->created_by_alias : $row->author);
}
}
if ($params->get('createdate') && $params->get('author')) {
// Display Separator
$text .= "\n";
}
if ($params->get('createdate')) {
// Display Created Date
if (intval($row->created)) {
$create_date = mosFormatDate($row->created);
$text .= $create_date;
}
}
if ($params->get('modifydate') && ($params->get('author') || $params->get('createdate'))) {
// Display Separator
$text .= "\n";
}
if ($params->get('modifydate')) {
// Display Modified Date
if (intval($row->modified)) {
$mod_date = mosFormatDate($row->modified);
$text .= _LAST_UPDATED . ' ' . $mod_date;
}
}
$text .= "\n\n";
return $text;
}
/**
* Check if users are of lower permissions than current user (if not super-admin) and if the user himself is not included
*
* @param array of userId $cid
* @param string $actionName to insert in message.
* @return string of error if error, otherwise null
* Added 1.0.11
*/
function checkUserPermissions($cid, $actionName, $allowActionToMyself = false)
{
global $database, $acl, $my;
$msg = null;
if (is_array($cid) && count($cid)) {
$obj = new mosUser($database);
foreach ($cid as $id) {
if ($id != 0) {
$obj->load($id);
$groups = $acl->get_object_groups('users', $id, 'ARO');
$this_group = strtolower($acl->get_group_name($groups[0], 'ARO'));
} else {
$this_group = 'Registered';
// minimal user group
$obj->gid = $acl->get_group_id($this_group, 'ARO');
}
if (!$allowActionToMyself && $id == $my->id) {
$msg .= 'Não pode ' . $actionName . ' seu próprio nome!';
} else {
if ($obj->gid == $my->gid && !in_array($my->gid, array(24, 25)) || $obj->gid && !in_array($obj->gid, getGIDSChildren($my->gid))) {
$msg .= 'Não pode ' . $actionName . ' a `' . $this_group . '`. Apenas usuários com um nível de grupo superior têm esta permissão. ';
}
}
}
}
return $msg;
}
function get_object_access( $user_id, $recurse = false ) {
global $_CB_database;
$user_id = (int) $user_id;
if ( checkJversion() == 2 ) {
$levels = $this->_acl->getAuthorisedViewLevels( $user_id );
$return = ( $recurse ? $levels : array_slice( $levels, -1 ) );
} else {
if ( checkJversion() == 1 ) {
$user =& JFactory::getUser();
$user->load( $user_id );
$level = $user->get( 'aid', 0 );
} else {
$user = new mosUser( $_CB_database );
$user->load( $user_id );
$level = $user->gid;
}
$query = 'SELECT ' . $_CB_database->NameQuote( 'id' )
. "\n FROM " . $_CB_database->NameQuote( '#__groups' )
. "\n WHERE " . $_CB_database->NameQuote( 'id' ) . " <= " . (int) $level
. "\n ORDER BY " . $_CB_database->NameQuote( 'id' );
$_CB_database->setQuery( $query );
$levels = $_CB_database->loadResultArray();
for ( $i = 0, $n = count( $levels ); $i < $n; $i++ ) {
$levels[$i] = (int) $levels[$i];
}
$return = ( $recurse ? $levels : array_slice( $levels, -1 ) );
}
return $return;
}
function editUser($uid = '0', $option = 'users')
{
global $database, $my, $acl;
$row = new mosUser($database);
// load the row from the db table
$row->load($uid);
if ($uid) {
$query = "SELECT * FROM #__contact_details WHERE user_id='" . $row->id . "'";
$database->setQuery($query);
$contact = $database->loadObjectList();
} else {
$contact = NULL;
$row->block = 0;
}
// check to ensure only super admins can edit super admin info
if ($my->gid < 25 && $row->gid == 25) {
mosRedirect('index2.php?option=com_users', T_('You are not authorized to view this resource.'));
}
$my_group = strtolower($acl->get_group_name($row->gid, 'ARO'));
if ($my_group == 'super administrator') {
$lists['gid'] = '<input type="hidden" name="gid" value="' . $my->gid . '" /><strong>' . T_('Super Administrator') . '</strong>';
} else {
if ($my->gid == 24 && $row->gid == 24) {
$lists['gid'] = '<input type="hidden" name="gid" value="' . $my->gid . '" /><strong>' . T_('Administrator') . '</strong>';
} else {
// ensure user can't add group higher than themselves
$my_groups = $acl->get_object_groups('users', $my->id, 'ARO');
if (is_array($my_groups) && count($my_groups) > 0) {
$ex_groups = $acl->get_group_children($my_groups[0], 'ARO', 'RECURSE');
if (!$ex_groups) {
$ex_groups = array();
}
} else {
$ex_groups = array();
}
$gtree = $acl->get_group_children_tree(null, 'USERS', false);
// remove users 'above' me
$i = 0;
while ($i < count($gtree)) {
if (in_array($gtree[$i]->value, $ex_groups)) {
array_splice($gtree, $i, 1);
} else {
$i++;
}
}
$lists['gid'] = mosHTML::selectList($gtree, 'gid', 'size="10"', 'value', 'text', $row->gid);
}
}
// build the html select list
$lists['block'] = mosHTML::yesnoRadioList('block', 'class="inputbox" size="1"', $row->block);
// build the html select list
$lists['sendEmail'] = mosHTML::yesnoRadioList('sendEmail', 'class="inputbox" size="1"', $row->sendEmail);
HTML_users::edituser($row, $contact, $lists, $option, $uid);
}
/**
* Check if users are of lower permissions than current user (if not super-admin) and if the user himself is not included
*
* @param array of userId $cid
* @param string $actionName to insert in message.
* @return string of error if error, otherwise null
* Added 1.0.11
*/
function checkUserPermissions($cid, $actionName, $allowActionToMyself = false)
{
global $database, $acl, $my;
$msg = null;
if (is_array($cid) && count($cid)) {
$obj = new mosUser($database);
foreach ($cid as $id) {
if ($id != 0) {
$obj->load($id);
$groups = $acl->get_object_groups('users', $id, 'ARO');
$this_group = strtolower($acl->get_group_name($groups[0], 'ARO'));
} else {
$this_group = 'Registered';
// minimal user group
$obj->gid = $acl->get_group_id($this_group, 'ARO');
}
if (!$allowActionToMyself && $id == $my->id) {
$msg .= 'You cannot ' . $actionName . ' Yourself!';
} else {
if ($obj->gid == $my->gid && !in_array($my->gid, array(24, 25)) || $obj->gid && !in_array($obj->gid, getGIDSChildren($my->gid))) {
$msg .= 'You cannot ' . $actionName . ' a `' . $this_group . '`. Only higher-level users have this power. ';
}
}
}
}
return $msg;
}
function userSave($option, $uid)
{
global $database;
$user_id = intval(mosGetParam($_POST, 'id', 0));
// do some security checks
if ($uid == 0 || $user_id == 0 || $user_id != $uid) {
mosNotAuth();
return;
}
$row = new mosUser($database);
$row->load($user_id);
$row->orig_password = $row->password;
if (!$row->bind($_POST, "gid usertype")) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
mosMakeHtmlSafe($row);
if (isset($_POST["password"]) && $_POST["password"] != "") {
if (isset($_POST["verifyPass"]) && $_POST["verifyPass"] == $_POST["password"]) {
$row->password = md5($_POST["password"]);
} else {
echo "<script> alert(\"" . T_('Passwords do not match') . "\"); window.history.go(-1); </script>\n";
exit;
}
} else {
// Restore 'original password'
$row->password = $row->orig_password;
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
unset($row->orig_password);
// prevent DB error!!
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$loginfo = new mosLoginDetails($row->username, $_POST['password']);
$mambothandler =& mosMambotHandler::getInstance();
$mambothandler->loadBotGroup('authenticator');
$mambothandler->trigger('userChange', array($loginfo));
mosRedirect("index.php?option={$option}", T_('Your settings have been saved.'));
}
function dofreePDF($database)
{
global $mosConfig_live_site, $mosConfig_sitename, $mosConfig_offset, $mosConfig_hideCreateDate, $mosConfig_hideAuthor, $mosConfig_hideModifyDate;
$id = intval(mosGetParam($_REQUEST, 'id', 1));
include 'includes/class.ezpdf.php';
$row = new mosContent($database);
$row->load($id);
//Find Author Name
$users_rows = new mosUser($database);
$users_rows->load($row->created_by);
$row->author = $users_rows->name;
$row->usertype = $users_rows->usertype;
// Ugly but needed to get rid of all the stuff the PDF class cant handle
$row->fulltext = str_replace('<p>', "\n\n", $row->fulltext);
$row->fulltext = str_replace('<P>', "\n\n", $row->fulltext);
$row->fulltext = str_replace('<br />', "\n", $row->fulltext);
$row->fulltext = str_replace('<br>', "\n", $row->fulltext);
$row->fulltext = str_replace('<BR />', "\n", $row->fulltext);
$row->fulltext = str_replace('<BR>', "\n", $row->fulltext);
$row->fulltext = str_replace('<li>', "\n - ", $row->fulltext);
$row->fulltext = str_replace('<LI>', "\n - ", $row->fulltext);
$row->fulltext = strip_tags($row->fulltext);
$row->fulltext = str_replace('{mosimage}', '', $row->fulltext);
$row->fulltext = str_replace('{mospagebreak}', '', $row->fulltext);
$row->fulltext = decodeHTML($row->fulltext);
$row->introtext = str_replace('<p>', "\n\n", $row->introtext);
$row->introtext = str_replace('<P>', "\n\n", $row->introtext);
$row->introtext = str_replace('<li>', "\n - ", $row->introtext);
$row->introtext = str_replace('<LI>', "\n - ", $row->introtext);
$row->introtext = strip_tags($row->introtext);
$row->introtext = str_replace('{mosimage}', '', $row->introtext);
$row->introtext = str_replace('{mospagebreak}', '', $row->introtext);
$row->introtext = decodeHTML($row->introtext);
$pdf =& new Cezpdf('a4', 'P');
//A4 Portrait
$pdf->ezSetCmMargins(2, 1.5, 1, 1);
$pdf->selectFont('./fonts/Helvetica.afm');
//choose font
$all = $pdf->openObject();
$pdf->saveState();
$pdf->setStrokeColor(0, 0, 0, 1);
// footer
$pdf->line(10, 40, 578, 40);
$pdf->line(10, 822, 578, 822);
$pdf->addText(30, 34, 6, $mosConfig_live_site . ' - ' . $mosConfig_sitename);
$pdf->addText(250, 34, 6, 'Powered by Mambo');
$pdf->addText(450, 34, 6, 'Generated: ' . date('j F, Y, H:i', time() + $mosConfig_offset * 60 * 60));
$pdf->restoreState();
$pdf->closeObject();
$pdf->addObject($all, 'all');
$pdf->ezSetDy(30);
$txt1 = $row->title;
$pdf->ezText($txt1, 14);
$txt2 = NULL;
$mod_date = NULL;
$create_date = NULL;
if (intval($row->modified) != 0) {
$mod_date = mosFormatDate($row->modified);
}
if (intval($row->created) != 0) {
$create_date = mosFormatDate($row->created);
}
if ($mosConfig_hideCreateDate == '0') {
$txt2 .= '(' . $create_date . ') - ';
}
if ($mosConfig_hideAuthor == "0") {
if ($row->author != '' && $mosConfig_hideAuthor == '0') {
if ($row->usertype == 'administrator' || $row->usertype == 'superadministrator') {
$txt2 .= _WRITTEN_BY . ' ' . ($row->created_by_alias ? $row->created_by_alias : $row->author);
} else {
$txt2 .= _AUTHOR_BY . ' ' . ($row->created_by_alias ? $row->created_by_alias : $row->author);
}
}
}
if ($mosConfig_hideModifyDate == "0") {
$txt2 .= ' - ' . _LAST_UPDATED . ' (' . $mod_date . ') ';
}
$txt2 .= "\n\n";
$pdf->ezText($txt2, 8);
$txt3 = $row->introtext . "\n" . $row->fulltext;
$pdf->ezText($txt3, 10);
$pdf->ezStream();
}
function dofreePDF($database)
{
global $mosConfig_live_site, $mosConfig_sitename, $mosConfig_offset, $mosConfig_hideCreateDate, $mosConfig_hideAuthor, $mosConfig_hideModifyDate;
$id = intval(mosGetParam($_REQUEST, 'id', 1));
// Access check
global $gid;
$now = date('Y-m-d H:i:s', time() + $mosConfig_offset * 60 * 60);
$query = "SELECT COUNT(a.id)" . "\n FROM #__content AS a" . "\n LEFT JOIN #__categories AS cc ON cc.id = a.catid" . "\n LEFT JOIN #__sections AS s ON s.id = cc.section AND s.scope='content'" . "\n LEFT JOIN #__users AS u ON u.id = a.created_by" . "\n LEFT JOIN #__content_rating AS v ON a.id = v.content_id" . "\n LEFT JOIN #__groups AS g ON a.access = g.id" . "\n WHERE a.id='" . $id . "' " . "\n AND (a.state = '1' OR a.state = '-1')" . "\n AND (publish_up = '0000-00-00 00:00:00' OR publish_up <= '{$now}')" . "\n AND (publish_down = '0000-00-00 00:00:00' OR publish_down >= '{$now}')" . "\n AND a.access <= " . intval($gid);
$database->setQuery($query);
if (!$database->loadResult()) {
exit(T_('You are not authorized to view this resource.'));
}
include 'includes/class.ezpdf.php';
$row = new mosContent($database);
$row->load($id);
//Find Author Name
$users_rows = new mosUser($database);
$users_rows->load($row->created_by);
$row->author = $users_rows->name;
$row->usertype = $users_rows->usertype;
// Ugly but needed to get rid of all the stuff the PDF class cant handle
$row->fulltext = str_replace('<p>', "\n\n", $row->fulltext);
$row->fulltext = str_replace('<P>', "\n\n", $row->fulltext);
$row->fulltext = str_replace('<br />', "\n", $row->fulltext);
$row->fulltext = str_replace('<br>', "\n", $row->fulltext);
$row->fulltext = str_replace('<BR />', "\n", $row->fulltext);
$row->fulltext = str_replace('<BR>', "\n", $row->fulltext);
$row->fulltext = str_replace('<li>', "\n - ", $row->fulltext);
$row->fulltext = str_replace('<LI>', "\n - ", $row->fulltext);
$row->fulltext = strip_tags($row->fulltext);
$row->fulltext = str_replace('{mosimage}', '', $row->fulltext);
$row->fulltext = str_replace('{mospagebreak}', '', $row->fulltext);
$row->fulltext = decodeHTML($row->fulltext);
$row->introtext = str_replace('<p>', "\n\n", $row->introtext);
$row->introtext = str_replace('<P>', "\n\n", $row->introtext);
$row->introtext = str_replace('<li>', "\n - ", $row->introtext);
$row->introtext = str_replace('<LI>', "\n - ", $row->introtext);
$row->introtext = strip_tags($row->introtext);
$row->introtext = str_replace('{mosimage}', '', $row->introtext);
$row->introtext = str_replace('{mospagebreak}', '', $row->introtext);
$row->introtext = decodeHTML($row->introtext);
$pdf =& new Cezpdf('a4', 'P');
//A4 Portrait
$pdf->ezSetCmMargins(2, 1.5, 1, 1);
$pdf->selectFont('./fonts/Helvetica.afm');
//choose font
$all = $pdf->openObject();
$pdf->saveState();
$pdf->setStrokeColor(0, 0, 0, 1);
// footer
$pdf->line(10, 40, 578, 40);
$pdf->line(10, 822, 578, 822);
$pdf->addText(30, 34, 6, $mosConfig_live_site . ' - ' . $mosConfig_sitename);
$pdf->addText(250, 34, 6, T_('Powered by Mambo'));
$pdf->addText(450, 34, 6, T_('Generated:') . date('j F, Y, H:i', time() + $mosConfig_offset * 60 * 60));
$pdf->restoreState();
$pdf->closeObject();
$pdf->addObject($all, 'all');
$pdf->ezSetDy(30);
$txt1 = $row->title;
$pdf->ezText($txt1, 14);
$txt2 = NULL;
$mod_date = NULL;
$create_date = NULL;
if (intval($row->modified) != 0) {
$mod_date = mosFormatDate($row->modified);
}
if (intval($row->created) != 0) {
$create_date = mosFormatDate($row->created);
}
if ($mosConfig_hideCreateDate == '0') {
$txt2 .= '(' . $create_date . ') - ';
}
if ($mosConfig_hideAuthor == "0") {
if ($row->author != '' && $mosConfig_hideAuthor == '0') {
if ($row->usertype == 'administrator' || $row->usertype == 'superadministrator') {
$txt2 .= T_('Written by') . ' ' . ($row->created_by_alias ? $row->created_by_alias : $row->author);
} else {
$txt2 .= T_('Contributed by') . ' ' . ($row->created_by_alias ? $row->created_by_alias : $row->author);
}
}
}
if ($mosConfig_hideModifyDate == "0") {
$txt2 .= ' - ' . T_('Last Updated') . ' (' . $mod_date . ') ';
}
$txt2 .= "\n\n";
$pdf->ezText($txt2, 8);
$txt3 = $row->introtext . "\n" . $row->fulltext;
$pdf->ezText($txt3, 10);
$pdf->ezStream();
}
/**
* Returns a reference to the global {@link JUser} object,
* only creating it if it doesn't already exist.
*
* @param int $id An user identifier
* @return JUser
*/
public static function getUser($id = null)
{
if (JCOMMENTS_JVERSION == '1.0') {
if (!is_null($id)) {
global $database;
$user = new mosUser($database);
$user->load($id);
} else {
global $mainframe;
$user = $mainframe->getUser();
}
} else {
$user = JFactory::getUser($id);
}
return $user;
}
/**
* Function to remove a user from Joomla
*/
function removeUsers($cid)
{
global $database, $acl, $my, $vmLogger, $VM_LANG;
if (!is_array($cid)) {
$cid = array($cid);
}
if (count($cid)) {
$obj = new mosUser($database);
foreach ($cid as $id) {
// check for a super admin ... can't delete them
//TODO: Find out the group name of the User to be deleted
// $groups = $acl->get_object_groups( 'users', $id, 'ARO' );
// $this_group = strtolower( $acl->get_group_name( $groups[0], 'ARO' ) );
$obj->load($id);
$this_group = strtolower($obj->get('usertype'));
if ($this_group == 'super administrator') {
$vmLogger->err($VM_LANG->_('VM_USER_DELETE_ERR_SUPERADMIN'));
return false;
} else {
if ($id == $my->id) {
$vmLogger->err($VM_LANG->_('VM_USER_DELETE_ERR_YOURSELF'));
return false;
} else {
if ($this_group == 'administrator' && $my->gid == 24) {
$vmLogger->err($VM_LANG->_('VM_USER_DELETE_ERR_ADMIN'));
return false;
} else {
$obj->delete($id);
$err = $obj->getError();
if ($err) {
$vmLogger->err($err);
return false;
}
return true;
}
}
}
}
}
}
if (!isset($ps_shopper_group)) {
$ps_shopper_group = new ps_shopper_group();
}
$user_id = intval(vmGet($_REQUEST, 'user_id'));
$cid = vmRequest::getVar('cid', array(0), '', 'array');
if (!empty($user_id)) {
$q = "SELECT * FROM #__users AS u LEFT JOIN #__{vm}_user_info AS ui ON id=user_id ";
$q .= "WHERE id={$user_id} ";
$q .= "AND (address_type='BT' OR address_type IS NULL ) ";
$q .= "AND gid <= " . $my->gid;
$db->query($q);
$db->next_record();
}
// Set up the CMS General User Information
$row = new mosUser($database);
$row->load((int) $user_id);
if ($user_id) {
$query = "SELECT *" . "\n FROM #__contact_details" . "\n WHERE user_id = " . (int) $row->id;
$database->setQuery($query);
$contact = $database->loadObjectList();
$row->name = trim($row->name);
$row->email = trim($row->email);
$row->username = trim($row->username);
$row->password = trim($row->password);
} else {
$contact = NULL;
$row->block = 0;
}
// check to ensure only super admins can edit super admin info
if ($my->gid < 25 && $row->gid == 25) {
vmRedirect('index2.php?option=com_users', _NOT_AUTH);
function userSave($option, $uid)
{
global $database;
$user_id = intval(mosGetParam($_POST, 'id', 0));
// do some security checks
if ($uid == 0 || $user_id == 0 || $user_id != $uid) {
mosNotAuth();
return;
}
$row = new mosUser($database);
$row->load($user_id);
$row->orig_password = $row->password;
if (!$row->bind($_POST, "gid usertype")) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
mosMakeHtmlSafe($row);
if (isset($_POST["password"]) && $_POST["password"] != "") {
if (isset($_POST["verifyPass"]) && $_POST["verifyPass"] == $_POST["password"]) {
$row->password = md5($_POST["password"]);
} else {
echo "<script> alert(\"" . _PASS_MATCH . "\"); window.history.go(-1); </script>\n";
exit;
}
} else {
// Restore 'original password'
$row->password = $row->orig_password;
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
unset($row->orig_password);
// prevent DB error!!
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
mosRedirect("index.php?option={$option}", _USER_DETAILS_SAVE);
}