function check($str)
{
static $group = null;
if (!empty($str)) {
$user = JCommentsFactory::getUser();
$list = explode(',', $str);
if ($group === null) {
if (JCOMMENTS_JVERSION == '1.0') {
if ($user->id) {
$acl = new gacl_api();
$aroGroup = $acl->getAroGroup($user->id);
$group = $aroGroup->group_id ? $aroGroup->group_id : 29;
} else {
$group = 29;
}
} else {
if (JCOMMENTS_JVERSION == '1.5') {
$group = $user->id ? $user->gid : 29;
} else {
if (JCOMMENTS_JVERSION == '1.7') {
if ($user->id) {
$db = JFactory::getDbo();
// get highest group
$query = $db->getQuery(true)->select('a.id')->from('#__user_usergroup_map AS map')->leftJoin('#__usergroups AS a ON a.id = map.group_id')->where('map.user_id = ' . (int) $user->id)->order('a.lft desc');
$db->setQuery($query, 0, 1);
$group = $db->loadResult();
} else {
$group = JComponentHelper::getParams('com_users')->get('guest_usergroup', 1);
}
}
}
}
}
if (in_array($group, $list)) {
return 1;
}
}
return 0;
}
if (isset($_REQUEST['uid'])) {
$uid = intval(trim($_REQUEST['uid']));
} else {
if (isset($_REQUEST['dnd_uid'])) {
$uid = intval(trim($_REQUEST['dnd_uid']));
} else {
$uid = '0';
}
}
$my = $mainframe->getUser();
session_start();
$database->setQuery("SELECT id, gid, username, usertype FROM #__users WHERE id={$uid}");
$row = null;
if ($database->loadObject($row)) {
// fudge the group stuff
$grp = $acl->getAroGroup($row->id);
$row->gid = 1;
if ($acl->is_group_child_of($grp->name, 'Registered', 'ARO') || $acl->is_group_child_of($grp->name, 'Public Backend', 'ARO')) {
// fudge Authors, Editors, Publishers and Super Administrators into the Special Group
$row->gid = 2;
}
$row->usertype = $grp->name;
$my->id = intval($row->id);
$my->username = $row->username;
$my->usertype = $row->usertype;
$my->gid = intval($row->gid);
}
// Create zOOm Image Gallery object
require_once $mosConfig_absolute_path . '/components/com_zoom/lib/zoom.class.php';
require_once $mosConfig_absolute_path . '/components/com_zoom/lib/toolbox.class.php';
require_once $mosConfig_absolute_path . '/components/com_zoom/lib/ftplib.class.php';
if (!$pass) {
echo "<script>alert('" . $adminLanguage->A_ALERT_ENTER_PASSWORD . "'); document.location.href='index.php';</script>\n";
} else {
$pass = md5($pass);
}
$database->setQuery("SELECT COUNT(*)" . "\nFROM #__users" . "\nWHERE (usertype='administrator' OR usertype='superadministrator')");
$count = intval($database->loadResult());
if ($count < 1) {
echo "<script>alert(\"" . _LOGIN_NOADMINS . "\"); window.history.go(-1); </script>\n";
exit;
}
$database->setQuery("SELECT * FROM #__users WHERE username='******' AND block='0'");
$my = null;
$database->loadObject($my);
/** find the user group (or groups in the future) */
$grp = $acl->getAroGroup($my->id);
$my->gid = $grp->group_id;
$my->usertype = $grp->name;
if ($my->id) {
if (strcmp($my->password, $pass) || !$acl->acl_check('administration', 'login', 'users', $my->usertype)) {
echo "<script>alert('" . $adminLanguage->A_ALERT_INCORRECT . "'); document.location.href='index.php';</script>\n";
exit;
}
session_name('mosadmin');
session_start();
$logintime = time();
$session_id = md5("{$my->id}{$my->username}{$my->usertype}{$logintime}");
$database->setQuery("INSERT INTO #__session" . "\nSET time='{$logintime}', session_id='{$session_id}', " . "userid='{$my->id}', usertype='{$my->usertype}', username='******'");
if (!$database->query()) {
echo $database->stderr();
}
