function view($id, $params)
{
global $my, $mainframe, $database, $option, $priTask, $subTask;
global $WBG_CONFIG, $wbGalleryDB_cat;
$limit = (int) mosGetParam($_REQUEST, 'limit', $params->get('list_limit', $mainframe->getCfg('list_limit', 15)));
$limitstart = (int) mosGetParam($_REQUEST, 'limitstart', 0);
$page = (int) mosGetParam($_REQUEST, 'page', 0);
// No ID.. Do we have a Parameter?
if (!$id) {
$id = $params->get('cid', 0);
}
// Ahh.. Page Defined... SEF is Talking
if ($page) {
$limitstart = $limit * ($page - 1);
}
// Load Category
$row = new wbGalleryDB_cat($database);
$row->load($id);
if ($row->id && $row->access > $my->gid) {
mosNotAuth();
return;
}
// Load Sub Categories
$query = "\r\n SELECT c.*, COUNT(DISTINCT sc.id) AS total_subcats\r\n FROM #__wbgallery_cat AS c\r\n LEFT JOIN #__wbgallery_cat AS sc ON (sc.parent_id = c.id AND c.published = 1)\r\n WHERE c.parent_id = " . (int) $id . "\r\n AND c.published = 1\r\n AND c.access <= " . (int) $my->gid . "\r\n GROUP BY c.id\r\n ORDER BY c.ordering ASC\r\n ";
$database->setQuery($query);
$subcats = $database->loadObjectList();
echo $database->getErrorMsg();
// Load Sub Category Thumbnails ( if not already found )
for ($i = 0; $i < count($subcats); $i++) {
if (!$sc->file) {
$imgData = $wbGalleryDB_cat->getSubCatImg($subcats[$i]->id);
$subcats[$i]->img_id = $imgData->img_id;
$subcats[$i]->img_file = $imgData->img_file;
$subcats[$i]->img_name = $imgData->img_name;
}
}
// Count Images
$database->setQuery("\r\n SELECT COUNT(DISTINCT i.id)\r\n FROM #__wbgallery_img AS i\r\n WHERE i.cat_id = " . (int) $id . "\r\n AND i.published = 1\r\n ");
$total = $database->loadResult();
// Load Images
$database->setQuery("\r\n SELECT i.*\r\n FROM #__wbgallery_img AS i\r\n WHERE i.cat_id = " . (int) $id . "\r\n AND i.published = 1\r\n ORDER BY i.ordering ASC\r\n LIMIT {$limitstart}, {$limit}\r\n ");
$images = $database->loadObjectList();
echo $database->getErrorMsg();
// Page Navigation
require_once $mainframe->getCfg('absolute_path') . '/includes/pageNavigation.php';
$pageNav = new mosPageNav($total, $limitstart, $limit);
wbGallery_cat_html::view($row, $subcats, $images, $pageNav, $params);
}
function view($id, $params)
{
global $my, $mainframe, $database, $option, $priTask, $subTask;
global $WBG_CONFIG, $wbGalleryDB_cat;
if (!$id) {
$id = $params->get('id', 0);
}
// Load Image
$row = new wbGalleryDB_img($database);
$row->load($id);
if (!$row->id) {
echo "<script> alert('Image Not Found'); window.history.go(-1); </script>\n";
exit;
}
// Track Hit
$row->hit();
// Load Category
if ($row->cat_id != '0') {
$cat = new wbGalleryDB_cat($database);
$cat->load($row->cat_id);
if (!$cat->id) {
echo "<script> alert('Category Not Found'); window.history.go(-1); </script>\n";
exit;
}
if ($cat->access > $my->gid) {
mosNotAuth();
exit;
}
}
// Load Prev / Next
$neighbors = $row->getNeighbors();
// Load Related Images
$database->setQuery("\r\r\n SELECT i.*\r\r\n FROM #__wbgallery_img AS i\r\r\n WHERE i.cat_id = " . (int) $row->cat_id . "\r\r\n AND i.id != " . (int) $row->id . "\r\r\n AND i.published = 1\r\r\n ORDER BY i.hits DESC\r\r\n , i.ordering ASC\r\r\n LIMIT 0, " . $params->get('related_list_limit', $mainframe->getCfg('list_limit', 15)) . "\r\r\n ");
$related = $database->loadObjectList();
echo $database->getErrorMsg();
wbGallery_img_html::view($row, $cat, $neighbors, $related, $params);
}
function dofreePDF()
{
global $mosConfig_live_site, $mosConfig_sitename, $mosConfig_offset;
global $mainframe, $database, $my;
$id = intval(mosGetParam($_REQUEST, 'id', 1));
$gid = $my->gid;
$now = _CURRENT_SERVER_TIME;
$nullDate = $database->getNullDate();
// query to check for state and access levels
$query = "SELECT a.*, cc.name AS category, s.name AS section, s.published AS sec_pub, cc.published AS cat_pub," . "\n s.access AS sec_access, cc.access AS cat_access, s.id AS sec_id, cc.id as cat_id" . "\n FROM #__content AS a" . "\n LEFT JOIN #__categories AS cc ON cc.id = a.catid" . "\n LEFT JOIN #__sections AS s ON s.id = cc.section AND s.scope = 'content'" . "\n WHERE a.id = " . (int) $id . "\n AND a.state = 1" . "\n AND a.access <= " . (int) $gid . "\n AND ( a.publish_up = " . $database->Quote($nullDate) . " OR a.publish_up <= " . $database->Quote($now) . " )" . "\n AND ( a.publish_down = " . $database->Quote($nullDate) . " OR a.publish_down >= " . $database->Quote($now) . " )";
$database->setQuery($query);
$row = NULL;
if ($database->loadObject($row)) {
/*
* check whether category is published
*/
if (!$row->cat_pub && $row->catid) {
mosNotAuth();
return;
}
/*
* check whether section is published
*/
if (!$row->sec_pub && $row->sectionid) {
mosNotAuth();
return;
}
/*
* check whether category access level allows access
*/
if ($row->cat_access > $gid && $row->catid) {
mosNotAuth();
return;
}
/*
* check whether section access level allows access
*/
if ($row->sec_access > $gid && $row->sectionid) {
mosNotAuth();
return;
}
include 'includes/class.ezpdf.php';
$params = new mosParameters($row->attribs);
$params->def('author', !$mainframe->getCfg('hideAuthor'));
$params->def('createdate', !$mainframe->getCfg('hideCreateDate'));
$params->def('modifydate', !$mainframe->getCfg('hideModifyDate'));
$row->fulltext = pdfCleaner($row->fulltext);
$row->introtext = pdfCleaner($row->introtext);
$pdf = new Cezpdf('a4', 'P');
//A4 Portrait
$pdf->ezSetCmMargins(2, 1.5, 1, 1);
$pdf->selectFont('./fonts/Helvetica.afm');
//choose font
$all = $pdf->openObject();
$pdf->saveState();
$pdf->setStrokeColor(0, 0, 0, 1);
// footer
$pdf->addText(250, 822, 6, $mosConfig_sitename);
$pdf->line(10, 40, 578, 40);
$pdf->line(10, 818, 578, 818);
$pdf->addText(30, 34, 6, $mosConfig_live_site);
$pdf->addText(250, 34, 6, _PDF_POWERED);
$pdf->addText(450, 34, 6, _PDF_GENERATED . ' ' . date('j F, Y, H:i', time() + $mosConfig_offset * 60 * 60));
$pdf->restoreState();
$pdf->closeObject();
$pdf->addObject($all, 'all');
$pdf->ezSetDy(30);
$txt1 = $row->title;
$pdf->ezText($txt1, 14);
$txt2 = AuthorDateLine($row, $params);
$pdf->ezText($txt2, 8);
$txt3 = $row->introtext . "\n" . $row->fulltext;
$pdf->ezText($txt3, 10);
$pdf->ezStream();
} else {
mosNotAuth();
return;
}
}
function saveRegistration($option)
{
global $database, $my, $acl;
global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_useractivation, $mosConfig_allowUserRegistration;
global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailfrom, $mosConfig_fromname;
if ($mosConfig_allowUserRegistration == "0") {
mosNotAuth();
return;
}
$row = new mosUser($database);
if (!$row->bind($_POST, "usertype")) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
mosMakeHtmlSafe($row);
$row->id = 0;
$row->usertype = '';
$row->gid = $acl->get_group_id('Registered', 'ARO');
if ($mosConfig_useractivation == "1") {
$row->activation = md5(mosMakePassword());
$row->block = "1";
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$pwd = $row->password;
$row->password = md5($row->password);
$row->registerDate = date("Y-m-d H:i:s");
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->checkin();
$name = $row->name;
$email = $row->email;
$username = $row->username;
$subject = sprintf(_SEND_SUB, $name, $mosConfig_sitename);
$subject = html_entity_decode($subject, ENT_QUOTES);
if ($mosConfig_useractivation == "1") {
$message = sprintf(_USEND_MSG_ACTIVATE, $name, $mosConfig_sitename, $mosConfig_live_site . "/index.php?option=com_registration&task=activate&activation=" . $row->activation, $mosConfig_live_site, $username, $pwd);
} else {
$message = sprintf(_USEND_MSG, $name, $mosConfig_sitename, $mosConfig_live_site);
}
$message = html_entity_decode($message, ENT_QUOTES);
// Send email to user
if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") {
$adminName2 = $mosConfig_fromname;
$adminEmail2 = $mosConfig_mailfrom;
} else {
$database->setQuery("SELECT name, email FROM #__users" . "\n WHERE usertype='superadministrator'");
$rows = $database->loadObjectList();
$row2 = $rows[0];
$adminName2 = $row2->name;
$adminEmail2 = $row2->email;
}
mosMail($adminEmail2, $adminName2, $email, $subject, $message);
// Send notification to all administrators
$subject2 = sprintf(_SEND_SUB, $name, $mosConfig_sitename);
$message2 = sprintf(_ASEND_MSG, $adminName2, $mosConfig_sitename, $row->name, $email, $username);
$subject2 = html_entity_decode($subject2, ENT_QUOTES);
$message2 = html_entity_decode($message2, ENT_QUOTES);
// get superadministrators id
$admins = $acl->get_group_objects(25, 'ARO');
foreach ($admins['users'] as $id) {
$database->setQuery("SELECT email, sendEmail FROM #__users" . "\n WHERE id='{$id}'");
$rows = $database->loadObjectList();
$row = $rows[0];
if ($row->sendEmail) {
mosMail($adminEmail2, $adminName2, $row->email, $subject2, $message2);
}
}
if ($mosConfig_useractivation == "1") {
echo _REG_COMPLETE_ACTIVATE;
} else {
echo _REG_COMPLETE;
}
}
function getFeedType($rawfeed)
{
global $mosConfig_absolute_path;
$feed = mosGetParam($_GET, 'feed', 'RSS2.0');
$feed = strtolower(str_replace('.', '', $feed));
$legal = array('rss20', 'rss10', 'rss091', 'atom10', 'opml');
if (in_array($feed, $legal)) {
return $mosConfig_absolute_path . '/cache/' . $feed . '.xml';
} else {
mosNotAuth();
return '';
}
}
function showFeed($feedid)
{
global $database, $mainframe, $mosConfig_absolute_path, $mosConfig_cachepath, $Itemid, $my;
// check if cache directory is writeable
$cacheDir = $mosConfig_cachepath . '/';
if (!is_writable($cacheDir)) {
echo 'Cache Directory Unwriteable';
return;
}
require_once $mainframe->getPath('class');
$newsfeed = new mosNewsFeed($database);
$newsfeed->load((int) $feedid);
/*
* Check if newsfeed is published
*/
if (!$newsfeed->published) {
mosNotAuth();
return;
}
$category = new mosCategory($database);
$category->load((int) $newsfeed->catid);
/*
* Check if newsfeed category is published
*/
if (!$category->published) {
mosNotAuth();
return;
}
/*
* check whether category access level allows access
*/
if ($category->access > $my->gid) {
mosNotAuth();
return;
}
// full RSS parser used to access image information
require_once $mosConfig_absolute_path . '/includes/domit/xml_domit_rss.php';
$LitePath = $mosConfig_absolute_path . '/includes/Cache/Lite.php';
// Adds parameter handling
$menu = $mainframe->get('menu');
$params = new mosParameters($menu->params);
$params->def('page_title', 1);
$params->def('header', $menu->name);
$params->def('pageclass_sfx', '');
$params->def('back_button', $mainframe->getCfg('back_button'));
// Feed Display control
$params->def('feed_image', 1);
$params->def('feed_descr', 1);
$params->def('item_descr', 1);
$params->def('word_count', 0);
// Encoding
$params->def('utf8', 1);
if (!$params->get('page_title')) {
$params->set('header', '');
}
$and = '';
if ($feedid) {
$and = "\n AND id = {$feedid}";
}
$mainframe->SetPageTitle($menu->name);
HTML_newsfeed::showNewsfeeds($newsfeed, $LitePath, $cacheDir, $params);
}
/**
* Saves the record on an edit form submit
* @param database A database connector object
*/
function saveWeblink($option)
{
global $database, $my;
if ($my->gid < 1) {
mosNotAuth();
return;
}
// security check to see if link exists in a menu
$link = 'index.php?option=com_weblinks&task=new';
$query = "SELECT id" . "\n FROM #__menu" . "\n WHERE link LIKE '%{$link}%'" . "\n AND published = 1";
$database->setQuery($query);
$exists = $database->loadResult();
if (!$exists) {
mosNotAuth();
return;
}
// simple spoof check security
josSpoofCheck();
$row = new mosWeblink($database);
if (!$row->bind($_POST, 'published')) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// sanitise id field
// $row->id = (int) $row->id;
// until full edit capabilities are given for weblinks - limit saving to new weblinks only
$row->id = 0;
$isNew = $row->id < 1;
$row->date = date('Y-m-d H:i:s');
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->checkin();
// admin users gid
$gid = 25;
// list of admins
$query = "SELECT email, name" . "\n FROM #__users" . "\n WHERE gid = " . (int) $gid . "\n AND sendEmail = 1";
$database->setQuery($query);
if (!$database->query()) {
echo $database->stderr(true);
return;
}
$adminRows = $database->loadObjectList();
// send email notification to admins
foreach ($adminRows as $adminRow) {
mosSendAdminMail($adminRow->name, $adminRow->email, '', 'Weblink', $row->title, $my->username);
}
$msg = $isNew ? _THANK_SUB : '';
mosRedirect('index.php', $msg);
}
function activate($option)
{
global $database, $my;
global $mosConfig_useractivation, $mosConfig_allowUserRegistration;
if ($my->id) {
// They're already logged in, so redirect them to the home page
mosRedirect('index.php');
}
if ($mosConfig_allowUserRegistration == '0' || $mosConfig_useractivation == '0') {
mosNotAuth();
return;
}
$activation = stripslashes(mosGetParam($_REQUEST, 'activation', ''));
if (empty($activation)) {
echo _REG_ACTIVATE_NOT_FOUND;
return;
}
$query = "SELECT id" . "\n FROM #__users" . "\n WHERE activation = " . $database->Quote($activation) . "\n AND block = 1";
$database->setQuery($query);
$result = $database->loadResult();
if ($result) {
$query = "UPDATE #__users" . "\n SET block = 0, activation = ''" . "\n WHERE activation = " . $database->Quote($activation) . "\n AND block = 1";
$database->setQuery($query);
if (!$database->query()) {
if (!defined(_REG_ACTIVATE_FAILURE)) {
DEFINE('_REG_ACTIVATE_FAILURE', '<div class="componentheading">Activation Failed!</div><br />The system was unable to activate your account, please contact the site administrator.');
}
echo _REG_ACTIVATE_FAILURE;
} else {
echo _REG_ACTIVATE_COMPLETE;
}
} else {
echo _REG_ACTIVATE_NOT_FOUND;
}
}
/**
* Saves the record on an edit form submit
* @param database A database connector object
*/
function saveWeblink($option)
{
global $database, $my;
if ($my->gid < 1) {
mosNotAuth();
return;
}
$row = new mosWeblink($database);
if (!$row->bind($_POST, "approved published")) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$isNew = $row->id < 1;
$row->date = date("Y-m-d H:i:s");
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->checkin();
/** Notify admin's */
$query = "SELECT email, name" . "\n FROM #__users" . "\n WHERE usertype = 'superadministrator'" . "\n AND sendemail = '1'";
$database->setQuery($query);
if (!$database->query()) {
echo $database->stderr(true);
return;
}
$adminRows = $database->loadObjectList();
foreach ($adminRows as $adminRow) {
$type = "Weblink";
$title = $linktitle;
mosSendAdminMail($adminRow->name, $adminRow->email, "", $type, $row->title, $my->name);
}
$msg = $isNew ? _THANK_SUB : '';
$Itemid = mosGetParam($_POST, 'Returnid', '');
mosRedirect('index.php?Itemid=' . $Itemid . '&mosmsg=' . $msg);
}
function activate($option)
{
global $database;
global $mosConfig_useractivation, $mosConfig_allowUserRegistration;
if ($mosConfig_allowUserRegistration == '0' || $mosConfig_useractivation == '0') {
mosNotAuth();
return;
}
$activation = mosGetParam($_REQUEST, 'activation', '');
$activation = $database->getEscaped($activation);
if (empty($activation)) {
echo '<div class="componentheading">' . T_('Invalid Activation Link!') . '</div><br />';
echo T_('There is no such account in our database or the account has already been activated.');
return;
}
$database->setQuery("SELECT username FROM #__users" . "\n WHERE activation='{$activation}' AND block='1'");
$username = $database->loadResult();
if ($username) {
$database->setQuery("UPDATE #__users SET block='0', activation='' WHERE activation='{$activation}' AND block='1'");
if (!$database->query()) {
echo "SQL error" . $database->stderr(true);
}
echo '<div class="componentheading">' . T_('Activation Complete!') . '</div><br />';
echo T_('Your account has been activated successfully. You can now login using the username and password you chose during registration.');
$loginfo = new mosLoginDetails($username);
$mambothandler =& mosMambotHandler::getInstance();
$mambothandler->loadBotGroup('authenticator');
$mambothandler->trigger('userActivate', array($loginfo));
} else {
echo '<div class="componentheading">' . T_('Invalid Activation Link!') . '</div><br />';
echo T_('There is no such account in our database or the account has already been activated.');
}
}
function vCard($id)
{
global $database;
global $mosConfig_sitename, $mosConfig_live_site;
$contact = new mosContact($database);
$contact->load((int) $id);
$params = new mosParameters($contact->params);
$show = $params->get('vcard', 0);
if ($show) {
// check to see if VCard option hsa been activated
$name = explode(' ', $contact->name);
$count = count($name);
// handles conversion of name entry into firstname, surname, middlename distinction
$surname = '';
$middlename = '';
switch ($count) {
case 1:
$firstname = $name[0];
break;
case 2:
$firstname = $name[0];
$surname = $name[1];
break;
default:
$firstname = $name[0];
$surname = $name[$count - 1];
for ($i = 1; $i < $count - 1; $i++) {
$middlename .= $name[$i] . ' ';
}
break;
}
$middlename = trim($middlename);
$v = new MambovCard();
$v->setPhoneNumber($contact->telephone, 'PREF;WORK;VOICE');
$v->setPhoneNumber($contact->fax, 'WORK;FAX');
$v->setName($surname, $firstname, $middlename, '');
$v->setAddress('', '', $contact->address, $contact->suburb, $contact->state, $contact->postcode, $contact->country, 'WORK;POSTAL');
$v->setEmail($contact->email_to);
$v->setNote($contact->misc);
$v->setURL($mosConfig_live_site, 'WORK');
$v->setTitle($contact->con_position);
$v->setOrg($mosConfig_sitename);
$filename = str_replace(' ', '_', $contact->name);
$v->setFilename($filename);
$output = $v->getVCard($mosConfig_sitename);
$filename = $v->getFileName();
// header info for page
header('Content-Disposition: attachment; filename=' . $filename);
header('Content-Length: ' . strlen($output));
header('Connection: close');
header('Content-Type: text/x-vCard; name=' . $filename);
header('Cache-Control: store, cache');
header('Pragma: cache');
print $output;
} else {
mosNotAuth();
return;
}
}
function CheckIn($userid, $access, $option)
{
global $database;
global $mosConfig_db;
if (!($access->canEdit || $access->canEditOwn || $userid > 0)) {
mosNotAuth();
return;
}
$lt = mysql_list_tables($mosConfig_db);
$k = 0;
echo "<table cellpadding=\"0\" cellspacing=\"0\" border=\"0\">";
while (list($tn) = mysql_fetch_array($lt)) {
// only check in the mos_* tables
if (strpos($tn, $database->_table_prefix) !== 0) {
continue;
}
$lf = mysql_list_fields($mosConfig_db, "{$tn}");
$nf = mysql_num_fields($lf);
$checked_out = false;
$editor = false;
for ($i = 0; $i < $nf; $i++) {
$fname = mysql_field_name($lf, $i);
if ($fname == "checked_out") {
$checked_out = true;
} else {
if ($fname == "editor") {
$editor = true;
}
}
}
if ($checked_out) {
if ($editor) {
$database->setQuery("SELECT checked_out, editor FROM {$tn} WHERE checked_out > 0 AND checked_out={$userid}");
} else {
$database->setQuery("SELECT checked_out FROM {$tn} WHERE checked_out > 0 AND checked_out={$userid}");
}
$res = $database->query();
$num = $database->getNumRows($res);
if ($editor) {
$database->setQuery("UPDATE {$tn} SET checked_out=0, checked_out_time='00:00:00', editor=NULL WHERE checked_out > 0");
} else {
$database->setQuery("UPDATE {$tn} SET checked_out=0, checked_out_time='0000-00-00 00:00:00' WHERE checked_out > 0");
}
$res = $database->query();
if ($res == 1) {
if ($num > 0) {
echo "\n<tr class=\"row{$k}\">";
echo "\n\t<td width=\"250\">";
echo T_('Checking table');
echo " - {$tn}</td>";
echo "\n\t<td>";
printf(Tn_('Checked in %d item', 'Checked in %d items', $num), $num);
echo T_();
echo "</td>";
echo "\n</tr>";
}
$k = 1 - $k;
}
}
}
?>
<tr>
<td colspan="2"><strong><?php
echo T_('All items checked out have now been checked in');
?>
</strong></td>
</tr>
</table>
<?php
}
function userSave($option, $uid)
{
global $database, $my, $mosConfig_frontend_userparams;
$user_id = intval(mosGetParam($_POST, 'id', 0));
// do some security checks
if ($uid == 0 || $user_id == 0 || $user_id != $uid) {
mosNotAuth();
return;
}
// simple spoof check security
josSpoofCheck();
$row = new mosUser($database);
$row->load((int) $user_id);
$orig_password = $row->password;
$orig_username = $row->username;
if (!$row->bind($_POST, 'gid usertype')) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->name = trim($row->name);
$row->email = trim($row->email);
$row->username = trim($row->username);
mosMakeHtmlSafe($row);
if (isset($_POST['password']) && $_POST['password'] != '') {
if (isset($_POST['verifyPass']) && $_POST['verifyPass'] == $_POST['password']) {
$row->password = trim($row->password);
$salt = mosMakePassword(16);
$crypt = md5($row->password . $salt);
$row->password = $crypt . ':' . $salt;
} else {
echo "<script> alert(\"" . addslashes(_PASS_MATCH) . "\"); window.history.go(-1); </script>\n";
exit;
}
} else {
// Restore 'original password'
$row->password = $orig_password;
}
if ($mosConfig_frontend_userparams == '1' || $mosConfig_frontend_userparams == 1 || $mosConfig_frontend_userparams == NULL) {
// save params
$params = mosGetParam($_POST, 'params', '');
if (is_array($params)) {
$txt = array();
foreach ($params as $k => $v) {
$txt[] = "{$k}={$v}";
}
$row->params = implode("\n", $txt);
}
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// check if username has been changed
if ($orig_username != $row->username) {
// change username value in session table
$query = "UPDATE #__session" . "\n SET username = "******"\n WHERE username = "******"\n AND userid = " . (int) $my->id . "\n AND gid = " . (int) $my->gid . "\n AND guest = 0";
$database->setQuery($query);
$database->query();
}
mosRedirect('index.php', _USER_DETAILS_SAVE);
}
/**
* Saves the record on an edit form submit
* @param database A database connector object
*/
function saveWeblink($option)
{
global $database, $my, $mosConfig_absolute_path, $mosConfig_mailfrom;
if ($my->gid < 1) {
mosNotAuth();
return;
}
$row = new mosWeblink($database);
if (!$row->bind($_POST, "approved published")) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// sanitize
$row->id = intval($row->id);
$isNew = $row->id < 1;
$row->date = date("Y-m-d H:i:s");
$row->title = $database->getEscaped($row->title);
$row->catid = $database->getEscaped($row->catid);
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->checkin();
// messaging for new items
require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php';
$query = "SELECT id,email FROM #__users WHERE sendEmail = '1'";
$database->setQuery($query);
$rows = $database->loadObjectList();
foreach ($rows as $user) {
// admin message
$msg = new mosMessage($database);
$msg->send($my->id, $user->id, T_("New Item"), sprintf(T_('A new WebLink has been submitted by [ %s ] titled [ %s ] '), $my->username, $row->title));
// email message
mosMail($mosConfig_mailfrom, $mosConfig_mailfrom, $user->email, "A new Web Link has been submitted", 'A new WebLink has been submitted by [' . $my->username . '] titled [' . $row->title . ']. Please login to view and approve it.');
}
$msg = $isNew ? T_('Thanks for your submission; it will be reviewed before being posted to the site.') : '';
$Itemid = mosGetParam($_POST, 'Returnid', '');
mosRedirect('index.php?Itemid=' . $Itemid, $msg);
}
function saveEditTab($tab, &$user, $ui, $postdata)
{
if (ACA_CMSTYPE) {
// joomla 15
$my =& JFactory::getUser();
if ($my->get('id') < 1) {
echo JText::_('ALERTNOTAUTH');
echo "<br />" . JText::_('You need to login.');
return;
}
} else {
//joomla 1x
global $my;
if (intval($my->id) < 1) {
mosNotAuth();
return;
}
}
//endif
require_once ACA_JPATH_ROOT_NO_ADMIN . '/administrator/components/com_acajoom/classes/class.acajoom.php';
if (!subscribers::updateOneSubscriber($user->user_id, $user)) {
$this->_setErrorMSG(_ACA_ERROR);
}
}
function UserView($option, $uid)
{
global $database;
if ($uid == 0) {
mosNotAuth();
return;
}
$user_id = intval(mosGetParam($_REQUEST, 'userid', 0));
if ($user_id == 0) {
$user_id = $uid;
}
// echo "<script>alert('$user_id');</script>";
include_once "administrator/components/com_user_extended/user_extended.class.php";
$row = new mosUser_Extended($database);
$row->load($user_id);
$urow = new mosUser($database);
$urow->load($user_id);
$u_name = $urow->name;
$u_username = $urow->username;
$u_email = $urow->email;
UserExtended_content::UserView($option, $row, $u_name, $u_username, $u_email);
}
/**
* The function from com_registration!
* Registers a user into Mambo/Joomla
*
* @return boolean True when the registration process was successful, False when not
*/
function saveRegistration()
{
global $database, $acl, $vmLogger, $mosConfig_useractivation, $mosConfig_allowUserRegistration, $mosConfig_live_site;
if ($mosConfig_allowUserRegistration == '0') {
mosNotAuth();
return false;
}
$row = new mosUser($database);
if (!$row->bind($_POST, 'usertype')) {
$error = vmHtmlEntityDecode($row->getError());
$vmLogger->err($error);
echo "<script type=\"text/javascript\"> alert('" . $error . "');</script>\n";
return false;
}
mosMakeHtmlSafe($row);
$usergroup = 'Registered';
$row->id = 0;
$row->usertype = $usergroup;
$row->gid = $acl->get_group_id($usergroup, 'ARO');
if ($mosConfig_useractivation == '1') {
$row->activation = md5(vmGenRandomPassword());
$row->block = '1';
}
if (!$row->check()) {
$error = vmHtmlEntityDecode($row->getError());
$vmLogger->err($error);
echo "<script type=\"text/javascript\"> alert('" . $error . "');</script>\n";
return false;
}
$pwd = $row->password;
$row->password = md5($row->password);
$row->registerDate = date('Y-m-d H:i:s');
if (!$row->store()) {
$error = vmHtmlEntityDecode($row->getError());
$vmLogger->err($error);
echo "<script type=\"text/javascript\"> alert('" . $error . "');</script>\n";
return false;
}
$row->checkin();
$name = $row->name;
$email = $row->email;
$username = $row->username;
$component = vmIsJoomla(1.5) ? 'com_user' : 'com_registration';
$activation_link = $mosConfig_live_site . "/index.php?option={$component}&task=activate&activation=" . $row->activation;
// Send the registration email
$this->_sendMail($name, $email, $username, $pwd, $activation_link);
return true;
}
/**
* Shows the email form for a given content item.
* @param int The content item id
*/
function emailContentSend($uid, $gid)
{
global $database, $mainframe;
global $mosConfig_live_site, $mosConfig_sitename, $mosConfig_hideEmail;
$id = intval(mosGetParam($_REQUEST, 'id', 0));
if ($id) {
$query = 'SELECT attribs FROM #__content WHERE `id`=' . $id;
$database->setQuery($query);
$params = new mosParameters($database->loadResult());
} else {
$params = new mosParameters('');
}
$paramEmail = intval($params->get('email', 0));
if ($mosConfig_hideEmail && !$paramEmail) {
echo _NOT_AUTH;
return;
}
// simple spoof check security
josSpoofCheck(1);
// check for session cookie
// Session Cookie `name`
$sessionCookieName = mosMainFrame::sessionCookieName();
// Get Session Cookie `value`
$sessioncookie = mosGetParam($_COOKIE, $sessionCookieName, null);
if (!(strlen($sessioncookie) == 32 || $sessioncookie == '-')) {
mosErrorAlert(_NOT_AUTH);
}
$itemid = intval(mosGetParam($_POST, 'itemid', 0));
$now = _CURRENT_SERVER_TIME;
$nullDate = $database->getNullDate();
// query to check for state and access levels
$query = "SELECT a.*, cc.name AS category, s.name AS section, s.published AS sec_pub, cc.published AS cat_pub," . "\n s.access AS sec_access, cc.access AS cat_access, s.id AS sec_id, cc.id as cat_id" . "\n FROM #__content AS a" . "\n LEFT JOIN #__categories AS cc ON cc.id = a.catid" . "\n LEFT JOIN #__sections AS s ON s.id = cc.section AND s.scope = 'content'" . "\n WHERE a.id = " . (int) $uid . "\n AND a.state = 1" . "\n AND a.access <= " . (int) $gid . "\n AND ( a.publish_up = " . $database->Quote($nullDate) . " OR a.publish_up <= " . $database->Quote($now) . " )" . "\n AND ( a.publish_down = " . $database->Quote($nullDate) . " OR a.publish_down >= " . $database->Quote($now) . " )";
$database->setQuery($query);
$row = NULL;
if ($database->loadObject($row)) {
/*
* check whether category is published
*/
if (!$row->cat_pub && $row->catid) {
mosNotAuth();
return;
}
/*
* check whether section is published
*/
if (!$row->sec_pub && $row->sectionid) {
mosNotAuth();
return;
}
/*
* check whether category access level allows access
*/
if ($row->cat_access > $gid && $row->catid) {
mosNotAuth();
return;
}
/*
* check whether section access level allows access
*/
if ($row->sec_access > $gid && $row->sectionid) {
mosNotAuth();
return;
}
$email = strval(mosGetParam($_POST, 'email', ''));
$yourname = strval(mosGetParam($_POST, 'yourname', ''));
$youremail = strval(mosGetParam($_POST, 'youremail', ''));
$subject = strval(mosGetParam($_POST, 'subject', ''));
if (empty($subject)) {
$subject = _EMAIL_INFO . ' ' . $yourname;
}
if ($uid < 1 || !$email || !$youremail || JosIsValidEmail($email) == false || JosIsValidEmail($youremail) == false) {
mosErrorAlert(_EMAIL_ERR_NOINFO);
}
$query = "SELECT template" . "\n FROM #__templates_menu" . "\n WHERE client_id = 0" . "\n AND menuid = 0";
$database->setQuery($query);
$template = $database->loadResult();
// determine Itemid for Item
if ($itemid) {
$_itemid = '&Itemid=' . $itemid;
} else {
$itemid = $mainframe->getItemid($uid, 0, 0);
$_itemid = '&Itemid=' . $itemid;
}
// link sent in email
$link = sefRelToAbs('index.php?option=com_content&task=view&id=' . $uid . $_itemid);
// message text
$msg = sprintf(_EMAIL_MSG, html_entity_decode($mosConfig_sitename, ENT_QUOTES), $yourname, $youremail, $link);
// mail function
$success = mosMail($youremail, $yourname, $email, $subject, $msg);
if (!$success) {
mosErrorAlert(_EMAIL_ERR_NOINFO);
}
HTML_content::emailSent($email, $template);
} else {
mosNotAuth();
return;
}
}
function CheckIn($userid, $access, $option)
{
global $database;
global $mosConfig_db;
$nullDate = $database->getNullDate();
if (!($access->canEdit || $access->canEditOwn || $userid > 0)) {
mosNotAuth();
return;
}
// security check to see if link exists in a menu
$link = 'index.php?option=com_user&task=CheckIn';
$query = "SELECT id" . "\n FROM #__menu" . "\n WHERE link LIKE '%{$link}%'" . "\n AND published = 1";
$database->setQuery($query);
$exists = $database->loadResult();
if (!$exists) {
mosNotAuth();
return;
}
$lt = mysql_list_tables($mosConfig_db);
$k = 0;
echo "<table cellpadding=\"0\" cellspacing=\"0\" border=\"0\">";
while (list($tn) = mysql_fetch_array($lt)) {
// only check in the jos_* tables
if (strpos($tn, $database->_table_prefix) !== 0) {
continue;
}
$lf = mysql_list_fields($mosConfig_db, "{$tn}");
$nf = mysql_num_fields($lf);
$checked_out = false;
$editor = false;
for ($i = 0; $i < $nf; $i++) {
$fname = mysql_field_name($lf, $i);
if ($fname == "checked_out") {
$checked_out = true;
} else {
if ($fname == "editor") {
$editor = true;
}
}
}
if ($checked_out) {
if ($editor) {
$query = "SELECT checked_out, editor" . "\n FROM `{$tn}`" . "\n WHERE checked_out > 0" . "\n AND checked_out = " . (int) $userid;
$database->setQuery($query);
} else {
$query = "SELECT checked_out" . "\n FROM `{$tn}`" . "\n WHERE checked_out > 0" . "\n AND checked_out = " . (int) $userid;
$database->setQuery($query);
}
$res = $database->query();
$num = $database->getNumRows($res);
if ($editor) {
$query = "UPDATE `{$tn}`" . "\n SET checked_out = 0, checked_out_time = " . $database->Quote($nullDate) . ", editor = NULL" . "\n WHERE checked_out > 0" . "\n AND checked_out = " . (int) $userid;
$database->setQuery($query);
} else {
$query = "UPDATE `{$tn}`" . "\n SET checked_out = 0, checked_out_time = " . $database->Quote($nullDate) . "\n WHERE checked_out > 0" . "\n AND checked_out = " . (int) $userid;
$database->setQuery($query);
}
$res = $database->query();
if ($res == 1) {
if ($num > 0) {
echo "\n<tr class=\"row{$k}\">";
echo "\n\t<td width=\"250\">";
echo _CHECK_TABLE;
echo " - {$tn}</td>";
echo "\n\t<td>";
echo _CHECKED_IN;
echo "<b>{$num}</b>";
echo _CHECKED_IN_ITEMS;
echo "</td>";
echo "\n</tr>";
}
$k = 1 - $k;
}
}
}
?>
<tr>
<td colspan="2">
<b><?php
echo _CONF_CHECKED_IN;
?>
</b>
</td>
</tr>
</table>
<?php
}
/**
* Shows the email form for a given content item.
*/
function emailContentForm($uid)
{
global $database, $mainframe, $my;
$row = new mosContent($database);
$row->load($uid);
if ($row->id === null || $row->access > $my->gid) {
mosNotAuth();
return;
} else {
$template = '';
$database->setQuery("SELECT template FROM #__templates_menu WHERE client_id = '0' AND menuid = '0'");
$template = $database->loadResult();
HTML_content::emailForm($row->id, $row->title, $template);
}
}
function pollresult($uid)
{
global $database, $Itemid;
global $mainframe;
$poll = new mosPoll($database);
$poll->load((int) $uid);
// if id value is passed and poll not published then exit
if ($poll->id != '' && !$poll->published) {
mosNotAuth();
return;
}
$first_vote = '';
$last_vote = '';
$votes = '';
/*
Check if there is a poll corresponding to id
and if poll is published
*/
if (isset($poll->id) && $poll->id != '' && $poll->published == 1) {
if (empty($poll->title)) {
$poll->id = '';
$poll->title = _SELECT_POLL;
}
$query = "SELECT MIN( date ) AS mindate, MAX( date ) AS maxdate" . "\n FROM #__poll_date" . "\n WHERE poll_id = " . (int) $poll->id;
$database->setQuery($query);
$dates = $database->loadObjectList();
if (isset($dates[0]->mindate)) {
$first_vote = mosFormatDate($dates[0]->mindate, _DATE_FORMAT_LC2);
$last_vote = mosFormatDate($dates[0]->maxdate, _DATE_FORMAT_LC2);
}
$query = "SELECT a.id, a.text, a.hits, b.voters" . "\n FROM #__poll_data AS a" . "\n INNER JOIN #__polls AS b ON b.id = a.pollid" . "\n WHERE a.pollid = " . (int) $poll->id . "\n AND a.text != ''" . "\n AND b.published = 1";
$database->setQuery($query);
$votes = $database->loadObjectList();
}
// list of polls for dropdown selection
$query = "SELECT id, title" . "\n FROM #__polls" . "\n WHERE published = 1" . "\n ORDER BY id";
$database->setQuery($query);
$polls = $database->loadObjectList();
// Itemid for dropdown
$_Itemid = '';
if ($Itemid && $Itemid != 99999999) {
$_Itemid = '&Itemid=' . $Itemid;
}
// dropdown output
$link = sefRelToAbs('index.php?option=com_poll&task=results&id=\' + this.options[selectedIndex].value + \'' . $_Itemid . '\' + \'');
$pollist = '<select name="id" class="inputbox" size="1" style="width:200px" onchange="if (this.options[selectedIndex].value != \'\') {document.location.href=\'' . $link . '\'}">';
$pollist .= '<option value="">' . _SELECT_POLL . '</option>';
for ($i = 0, $n = count($polls); $i < $n; $i++) {
$k = $polls[$i]->id;
$t = $polls[$i]->title;
$sel = $k == intval($poll->id) ? " selected=\"selected\"" : '';
$pollist .= "\n\t<option value=\"" . $k . "\"{$sel}>" . $t . "</option>";
}
$pollist .= '</select>';
// Adds parameter handling
$menu = $mainframe->get('menu');
$params = new mosParameters($menu->params);
$params->def('page_title', 1);
$params->def('pageclass_sfx', '');
$params->def('back_button', $mainframe->getCfg('back_button'));
$params->def('header', $menu->name);
$mainframe->SetPageTitle($poll->title);
poll_html::showResults($poll, $votes, $first_vote, $last_vote, $pollist, $params);
}
function feedFrontpage($showFeed)
{
global $database, $mainframe;
global $mosConfig_live_site, $mosConfig_cachepath;
$nullDate = $database->getNullDate();
// pull id of syndication component
$query = "SELECT a.id" . "\n FROM #__components AS a" . "\n WHERE ( a.admin_menu_link = 'option=com_syndicate' OR a.admin_menu_link = 'option=com_syndicate&hidemainmenu=1' )" . "\n AND a.option = 'com_syndicate'";
$database->setQuery($query);
$id = $database->loadResult();
// load syndication parameters
$component = new mosComponent($database);
$component->load((int) $id);
$params = new mosParameters($component->params);
// test if security check is enbled
$check = $params->def('check', 1);
if ($check) {
// test if rssfeed module is published
// if not disable access
$query = "SELECT m.id" . "\n FROM #__modules AS m" . "\n WHERE m.module = 'mod_rssfeed'" . "\n AND m.published = 1";
$database->setQuery($query);
$check = $database->loadResultArray();
if (empty($check)) {
mosNotAuth();
return;
}
}
$now = _CURRENT_SERVER_TIME;
$iso = split('=', _ISO);
// parameter intilization
$info['date'] = date('r');
$info['year'] = date('Y');
$info['encoding'] = $iso[1];
$info['link'] = htmlspecialchars($mosConfig_live_site);
$info['cache'] = $params->def('cache', 1);
$info['cache_time'] = $params->def('cache_time', 3600);
$info['count'] = $params->def('count', 5);
$info['orderby'] = $params->def('orderby', '');
$info['title'] = $params->def('title', 'Joomla! powered Site');
$info['description'] = $params->def('description', 'Joomla! site syndication');
$info['image_file'] = $params->def('image_file', 'joomla_rss.png');
if ($info['image_file'] == -1) {
$info['image'] = NULL;
} else {
$info['image'] = $mosConfig_live_site . '/images/M_images/' . $info['image_file'];
}
$info['image_alt'] = $params->def('image_alt', 'Powered by Joomla!');
$info['limit_text'] = $params->def('limit_text', 0);
$info['text_length'] = $params->def('text_length', 20);
// get feed type from url
$info['feed'] = strval(mosGetParam($_GET, 'feed', 'RSS2.0'));
// live bookmarks
$info['live_bookmark'] = $params->def('live_bookmark', '');
$info['bookmark_file'] = $params->def('bookmark_file', '');
// set filename for live bookmarks feed
if (!$showFeed & $info['live_bookmark']) {
if ($info['bookmark_file']) {
// custom bookmark filename
$filename = $info['bookmark_file'];
} else {
// standard bookmark filename
$filename = $info['live_bookmark'];
}
} else {
// set filename for rss feeds
$info['file'] = strtolower(str_replace('.', '', $info['feed']));
// security check to limit arbitrary file creation.
// and to allow disabling/enabling of selected feed types
switch ($info['file']) {
case 'rss091':
if (!$params->get('rss091', 1)) {
echo _NOT_AUTH;
return;
}
break;
case 'rss10':
if (!$params->get('rss10', 1)) {
echo _NOT_AUTH;
return;
}
break;
case 'rss20':
if (!$params->get('rss20', 1)) {
echo _NOT_AUTH;
return;
}
break;
case 'atom03':
if (!$params->get('atom03', 1)) {
echo _NOT_AUTH;
return;
}
break;
case 'opml':
if (!$params->get('opml', 1)) {
echo _NOT_AUTH;
return;
}
break;
default:
echo _NOT_AUTH;
return;
break;
}
}
$filename = $info['file'] . '.xml';
// security check to stop server path disclosure
if (strstr($filename, '/')) {
echo _NOT_AUTH;
return;
}
$info['file'] = $mosConfig_cachepath . '/' . $filename;
// load feed creator class
$rss = new UniversalFeedCreator();
// load image creator class
$image = new FeedImage();
// loads cache file
if ($showFeed && $info['cache']) {
$rss->useCached($info['feed'], $info['file'], $info['cache_time']);
}
$rss->title = $info['title'];
$rss->description = $info['description'];
$rss->link = $info['link'];
$rss->syndicationURL = $info['link'];
$rss->cssStyleSheet = NULL;
$rss->encoding = $info['encoding'];
if ($info['image']) {
$image->url = $info['image'];
$image->link = $info['link'];
$image->title = $info['image_alt'];
$image->description = $info['description'];
// loads image info into rss array
$rss->image = $image;
}
// Determine ordering for sql
switch (strtolower($info['orderby'])) {
case 'date':
$orderby = 'a.created';
break;
case 'rdate':
$orderby = 'a.created DESC';
break;
case 'alpha':
$orderby = 'a.title';
break;
case 'ralpha':
$orderby = 'a.title DESC';
break;
case 'hits':
$orderby = 'a.hits DESC';
break;
case 'rhits':
$orderby = 'a.hits ASC';
break;
case 'front':
$orderby = 'f.ordering';
break;
default:
$orderby = 'f.ordering';
break;
}
// query of frontpage content items
$query = "SELECT a.*, u.name AS author, u.usertype, UNIX_TIMESTAMP( a.created ) AS created_ts, cat.title AS cat_title, sec.title AS section_title" . "\n FROM #__content AS a" . "\n INNER JOIN #__content_frontpage AS f ON f.content_id = a.id" . "\n LEFT JOIN #__users AS u ON u.id = a.created_by" . "\n LEFT JOIN #__categories AS cat ON cat.id = a.catid" . "\n LEFT JOIN #__sections AS sec ON sec.id = a.sectionid" . "\n WHERE a.state = 1" . "\n AND cat.published = 1" . "\n AND sec.published = 1" . "\n AND a.access = 0" . "\n AND cat.access = 0" . "\n AND sec.access = 0" . "\n AND ( a.publish_up = " . $database->Quote($nullDate) . " OR a.publish_up <= " . $database->Quote($now) . " )" . "\n AND ( a.publish_down = " . $database->Quote($nullDate) . " OR a.publish_down >= " . $database->Quote($now) . " )" . "\n ORDER BY {$orderby}";
$database->setQuery($query, 0, $info['count']);
$rows = $database->loadObjectList();
foreach ($rows as $row) {
// title for particular item
$item_title = htmlspecialchars($row->title);
$item_title = html_entity_decode($item_title);
// url link to article
// & used instead of & as this is converted by feed creator
$_Itemid = '';
$itemid = $mainframe->getItemid($row->id);
if ($itemid) {
$_Itemid = '&Itemid=' . $itemid;
}
$item_link = 'index.php?option=com_content&task=view&id=' . $row->id . $_Itemid;
$item_link = sefRelToAbs($item_link);
// removes all formating from the intro text for the description text
$item_description = $row->introtext;
$item_description = mosHTML::cleanText($item_description);
$item_description = html_entity_decode($item_description);
if ($info['limit_text']) {
if ($info['text_length']) {
// limits description text to x words
$item_description_array = split(' ', $item_description);
$count = count($item_description_array);
if ($count > $info['text_length']) {
$item_description = '';
for ($a = 0; $a < $info['text_length']; $a++) {
$item_description .= $item_description_array[$a] . ' ';
}
$item_description = trim($item_description);
$item_description .= '...';
}
} else {
// do not include description when text_length = 0
$item_description = NULL;
}
}
// load individual item creator class
$item = new FeedItem();
// item info
$item->title = $item_title;
$item->link = $item_link;
$item->description = $item_description;
$item->source = $info['link'];
$item->date = date('r', $row->created_ts);
$item->category = $row->section_title . ' - ' . $row->cat_title;
// loads item info into rss array
$rss->addItem($item);
}
// save feed file
$rss->saveFeed($info['feed'], $info['file'], $showFeed);
}
$gid = intval($my->gid);
// gets template for page
$cur_template = $mainframe->getTemplate();
/** temp fix - this feature is currently disabled */
/** @global A places to store information from processing of the component */
$_MOS_OPTION = array();
// precapture the output of the component
require_once $mosConfig_absolute_path . '/editor/editor.php';
ob_start();
if ($path = $mainframe->getPath('front')) {
$task = mosGetParam($_REQUEST, 'task', '');
$ret = mosMenuCheck($Itemid, $option, $task, $gid);
if ($ret) {
require_once $path;
} else {
mosNotAuth();
}
} else {
echo _NOT_EXIST;
}
$_MOS_OPTION['buffer'] = ob_get_contents();
ob_end_clean();
initGzip();
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
// loads template file
if (!file_exists('templates/' . $cur_template . '/index.php')) {
echo _TEMPLATE_WARN . $cur_template;
function saveEditTab($tab, &$user, $ui, $postdata)
{
global $my;
if (intval($my->id) < 1) {
mosNotAuth();
return;
}
require_once $GLOBALS['mosConfig_absolute_path'] . '/administrator/components/com_acajoom/classes/class.acajoom.php';
if (!subscribers::updateOneSubscriber($user->user_id, $user)) {
$this->_setErrorMSG(_ACA_ERROR);
}
}
