| 136 |
} |
} |
| 137 |
fclose($f); |
fclose($f); |
| 138 |
eval($code); |
eval($code); |
| 139 |
$subdir = dirname($_SERVER['PHP_SELF']); |
if (isset($_SERVER['DOCUMENT_ROOT']) AND strlen($_SERVER['DOCUMENT_ROOT'])) $docroot = $_SERVER['DOCUMENT_ROOT']; |
| 140 |
if ($adminside) $subdir = substr($subdir, 0, strrpos($subdir, '/')); |
else { |
| 141 |
if (strlen($subdir) == 1) $subdir = ''; |
// Find information about where execution started |
| 142 |
$this->subdirectory = str_replace('\\', '/', $subdir); |
$origin = array_pop(debug_backtrace()); |
| 143 |
|
// Find the PHP script at the start, with a fix for Windows slashes |
| 144 |
|
$absolutepath = str_replace('\\', '/', $origin['file']); |
| 145 |
|
$localpath = $_SERVER['PHP_SELF']; |
| 146 |
|
$docroot = substr($absolutepath,0,strpos($absolutepath,$localpath)); |
| 147 |
|
} |
| 148 |
|
$mamboroot = str_replace('\\', '/', dirname(__FILE__)); |
| 149 |
|
$this->subdirectory = substr($mamboroot, strlen($docroot)); |
| 150 |
$scheme = isset($_SERVER['HTTP_SCHEME']) ? $_SERVER['HTTP_SCHEME'] : ((isset($_SERVER['HTTPS']) AND strtolower($_SERVER['HTTPS'] != 'off')) ? 'https' : 'http'); |
$scheme = isset($_SERVER['HTTP_SCHEME']) ? $_SERVER['HTTP_SCHEME'] : ((isset($_SERVER['HTTPS']) AND strtolower($_SERVER['HTTPS'] != 'off')) ? 'https' : 'http'); |
| 151 |
if (isset($_SERVER['HTTP_HOST'])) { |
if (isset($_SERVER['HTTP_HOST'])) { |
| 152 |
$withport = explode(':', $_SERVER['HTTP_HOST']); |
$withport = explode(':', $_SERVER['HTTP_HOST']); |
| 1016 |
return $result; |
return $result; |
| 1017 |
} |
} |
| 1018 |
|
|
| 1019 |
|
function &getMenuTypes () { |
| 1020 |
|
$types = array(); |
| 1021 |
|
foreach ($this->_menus as $menu) { |
| 1022 |
|
if (!in_array($menu->menutype, $types)) $types[] = $menu->menutype; |
| 1023 |
|
} |
| 1024 |
|
return $types; |
| 1025 |
|
} |
| 1026 |
|
|
| 1027 |
function getIDByTypeLink ($type, $link) { |
function getIDByTypeLink ($type, $link) { |
| 1028 |
foreach ($this->_menus as $menu) { |
foreach ($this->_menus as $menu) { |
| 1029 |
if ($menu->published == 1 AND ($type == '*' OR $menu->type == $type) AND $menu->link == $link) return $menu->id; |
if ($menu->published == 1 AND ($type == '*' OR $menu->type == $type) AND $menu->link == $link) return $menu->id; |
| 1541 |
var $sendEmail=null; |
var $sendEmail=null; |
| 1542 |
/** @var int The group id number */ |
/** @var int The group id number */ |
| 1543 |
var $gid=null; |
var $gid=null; |
| 1544 |
|
/** @var int Group number from ACL */ |
| 1545 |
|
var $grp=null; |
| 1546 |
/** @var datetime */ |
/** @var datetime */ |
| 1547 |
var $registerDate=null; |
var $registerDate=null; |
| 1548 |
/** @var datetime */ |
/** @var datetime */ |
| 1561 |
} |
} |
| 1562 |
|
|
| 1563 |
/** |
/** |
| 1564 |
|
* Return true if this user is an administrator, false otherwise |
| 1565 |
|
*/ |
| 1566 |
|
function isAdmin() { |
| 1567 |
|
return ( strtolower( $this->usertype ) == 'superadministrator' || strtolower( $this->usertype ) == 'super administrator' || $this->grp == 16 ) ? true : false; |
| 1568 |
|
} |
| 1569 |
|
|
| 1570 |
|
/** |
| 1571 |
* Fill a user object with information from the current session |
* Fill a user object with information from the current session |
| 1572 |
*/ |
*/ |
| 1573 |
function getSessionData() { |
function getSessionData() { |
| 1577 |
$this->usertype = $session->usertype; |
$this->usertype = $session->usertype; |
| 1578 |
$this->gid = intval( $session->gid ); |
$this->gid = intval( $session->gid ); |
| 1579 |
} |
} |
| 1580 |
|
|
| 1581 |
|
function getSession () { |
| 1582 |
|
$this->id = mosGetParam( $_SESSION, 'session_user_id', 0 ); |
| 1583 |
|
$this->username = mosGetParam( $_SESSION, 'session_username', '' ); |
| 1584 |
|
$this->usertype = mosGetParam( $_SESSION, 'session_usertype', '' ); |
| 1585 |
|
$this->gid = mosGetParam( $_SESSION, 'session_gid', 0 ); |
| 1586 |
|
$this->grp = mosGetParam( $_SESSION, 'session_grp', 0); |
| 1587 |
|
} |
| 1588 |
/** |
/** |
| 1589 |
* Validation and filtering |
* Validation and filtering |
| 1590 |
* @return boolean True is satisfactory |
* @return boolean True is satisfactory |
| 2174 |
class mosSession extends mosDBTable { |
class mosSession extends mosDBTable { |
| 2175 |
/** @var int Primary key */ |
/** @var int Primary key */ |
| 2176 |
var $session_id=null; |
var $session_id=null; |
| 2177 |
/** @var string */ |
/** @var time */ |
| 2178 |
var $time=null; |
var $time=null; |
| 2179 |
/** @var string */ |
/** @var int User ID */ |
| 2180 |
var $userid=0; |
var $userid=0; |
| 2181 |
/** @var string */ |
/** @var string */ |
| 2182 |
var $usertype=null; |
var $usertype=null; |
| 2183 |
/** @var string */ |
/** @var string */ |
| 2184 |
var $username=''; |
var $username=''; |
| 2185 |
/** @var time */ |
/** @var int User group ID */ |
| 2186 |
var $gid=0; |
var $gid=0; |
| 2187 |
/** @var int */ |
/** @var int */ |
| 2188 |
var $guest=1; |
var $guest=1; |
| 2198 |
$this->time = time(); |
$this->time = time(); |
| 2199 |
} |
} |
| 2200 |
|
|
| 2201 |
|
function validate ($user) { |
| 2202 |
|
// check against db record of session |
| 2203 |
|
$session_id = mosGetParam( $_SESSION, 'session_id', '' ); |
| 2204 |
|
$logintime = mosGetParam( $_SESSION, 'session_logintime', '' ); |
| 2205 |
|
if ($session_id == md5( $user->id.$user->username.$user->usertype.$logintime )) { |
| 2206 |
|
$current_time = time(); |
| 2207 |
|
$database = mamboDatabase::getInstance(); |
| 2208 |
|
$database->setQuery ("UPDATE #__session" |
| 2209 |
|
. "\nSET time='$current_time'" |
| 2210 |
|
. "\nWHERE session_id='$session_id'" |
| 2211 |
|
. " AND username = '" . $database->getEscaped( $user->username ) . "'" |
| 2212 |
|
. " AND userid = " . intval( $user->id ) |
| 2213 |
|
); |
| 2214 |
|
if (!$result = $database->query()) echo $database->stderr(); |
| 2215 |
|
elseif ($database->getAffectedRows() == 1) return true; |
| 2216 |
|
} |
| 2217 |
|
return false; |
| 2218 |
|
} |
| 2219 |
|
|
| 2220 |
function &getCurrent () { |
function &getCurrent () { |
| 2221 |
static $currentSession; |
static $currentSession; |
| 2222 |
if (!is_object($currentSession)) { |
if (!is_object($currentSession)) { |
| 2454 |
} |
} |
| 2455 |
} |
} |
| 2456 |
|
|
| 2457 |
|
|
| 2458 |
require($configuration->rootPath().'/includes/version.php'); |
require($configuration->rootPath().'/includes/version.php'); |
| 2459 |
$_VERSION =& new version(); |
$_VERSION =& new version(); |
| 2460 |
|
|
| 2543 |
$_SESSION['simple_editing'] = mosGetParam($_POST, 'simple_editing', $admin_mode); |
$_SESSION['simple_editing'] = mosGetParam($_POST, 'simple_editing', $admin_mode); |
| 2544 |
// Include admin side functions, check that we have a valid admin side session |
// Include admin side functions, check that we have a valid admin side session |
| 2545 |
require_once($configuration->rootPath().'/administrator/includes/admin.php'); |
require_once($configuration->rootPath().'/administrator/includes/admin.php'); |
| 2546 |
$my = checkAdminSession($database); |
// restore some session variables |
| 2547 |
|
$my = new mosUser(); |
| 2548 |
|
$my->getSession(); |
| 2549 |
|
if (mosSession::validate($my)) mosSession::purge(); |
| 2550 |
|
else $my = null; |
| 2551 |
} |
} |
| 2552 |
// We can now create the mainframe object |
// We can now create the mainframe object |
| 2553 |
$mainframe =& new mosMainFrame($database, $option, '..', true); |
$mainframe =& new mosMainFrame($database, $option, '..', true); |
| 2580 |
else { |
else { |
| 2581 |
if (!isset($popup)) { |
if (!isset($popup)) { |
| 2582 |
$pop = mosGetParam($_REQUEST, 'pop', ''); |
$pop = mosGetParam($_REQUEST, 'pop', ''); |
| 2583 |
if ($pop) require_once($configuration->rootPath()."/administrator/popups/$pop"); |
if ($pop) require($configuration->rootPath()."/administrator/popups/$pop"); |
| 2584 |
else require_once($configuration->rootPath()."/administrator/popups/index3pop.php"); |
else require($configuration->rootPath()."/administrator/popups/index3pop.php"); |
| 2585 |
$configuration->doGzip(); |
$configuration->doGzip(); |
| 2586 |
} |
} |
| 2587 |
} |
} |
| 2612 |
elseif ($option == 'logout') $configuration->handleLogout(); |
elseif ($option == 'logout') $configuration->handleLogout(); |
| 2613 |
|
|
| 2614 |
$session =& mosSession::getCurrent(); |
$session =& mosSession::getCurrent(); |
| 2615 |
$my =& new mosUser($database); |
$my =& new mosUser(); |
| 2616 |
$my->getSessionData(); |
$my->getSessionData(); |
| 2617 |
mamboCore::set('currentUser',$my); |
mamboCore::set('currentUser',$my); |
| 2618 |
$configuration->offlineCheck($my, $database); |
$configuration->offlineCheck($my, $database); |
| 2708 |
$configuration->doGzip(); |
$configuration->doGzip(); |
| 2709 |
} |
} |
| 2710 |
// displays queries performed for page |
// displays queries performed for page |
| 2711 |
if ($configuration->get('mosConfig_debug')) $database->displayLogged(); |
if ($configuration->get('mosConfig_debug') AND $adminside != 3) $database->displayLogged(); |
| 2712 |
|
|
| 2713 |
?> |
?> |
Parent Directory
| 
Revision Log
| 
Patch
