<?php
//zOOm Media Gallery//
/** 
-----------------------------------------------------------------------
|  zOOm Media Gallery! by Mike de Boer - a multi-gallery component    |
-----------------------------------------------------------------------

-----------------------------------------------------------------------
|                                                                     |
| Author: Mike de Boer, <http://www.mikedeboer.nl>                    |
| Copyright: copyright (C) 2007 by Mike de Boer                       |
| Description: zOOm Media Gallery, a multi-gallery component for      |
|              Joomla!. It's the most feature-rich gallery component  |
|              for Joomla!! For documentation and a detailed list     |
|              of features, check the zOOm homepage:                  |
|              http://www.zoomfactory.org                             |
| License: GPL                                                        |
| Filename: inserts.class.php                                         |
|                                                                     |
-----------------------------------------------------------------------
* @version $Id:inserts.class.php 119 2007-02-16 23:15:28Z kevinuru $
* @package zOOmGallery
* @author Mike de Boer <mailme@mikedeboer.nl> 
**/
// Turn off Magic quotes runtime, because it interferes with saving info to the 
// database and vice versa.
// MOS Intruder Alerts
defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );

//require_once('../../../globals.php');
include_once('../../../configuration.php');

/*-----------------------Start setting up needed Mambo framework-------------------------*/
/**
* function to sanitize input values from arrays
*
* This function provides a way to sanitize inputs, should be used to obtain values from 
* _POST, _GET, _COOKIES, etc; a default value can be passed to be used in case that not 
* values are founded to the element, a binary mask can be passed to discard some of  test,
*, this value is matched with _MOS_NOTRIM, _MOS_ALLOWHTML and, _MOS_ALLOWRAW, currently
* 3 test are do it, trim, strip html and convert the value to numeric when is possible.
*
* Example of use:
*
* To get task variable from the URL and select the view like default task, you can use:
*
* <code>$task = mosGetParam ($_GET,"task","view");</code>
*
* To get task variable from the URL, select the view like default task, allows HTML and 
* without trim you can use :
*
* <code>$task = mosGetParam ($_GET,"task","view",_MOS_NOTRIM+_MOS_ALLOWHTML);</code>
*
* @acces public
* @param array &$arr reference to array which contains the value
* @param string $name name of element searched
* @param mixed $def default value to use if nothing is founded
* @param int $mask mask to select checks that will do it
* @return mixed value from the selected element or default value if nothing was found 
*/
function mosGetParam( &$arr, $name, $def=null, $mask=0 ) {
    if (isset( $arr[$name] )) {
        if (is_array($arr[$name])) foreach ($arr[$name] as $key=>$element) $result[$key] = mosGetParam ($arr[$name], $key, $def, $mask);
        else {
            $result = $arr[$name];
            if (!($mask&_MOS_NOTRIM)) $result = trim($result);
            if (!is_numeric( $result)) {
                if (!($mask&_MOS_ALLOWHTML)) $result = strip_tags($result);
                if (!($mask&_MOS_ALLOWRAW)) {
                    if (is_numeric($def)) $result = intval($result);
                }
            }
            if (!get_magic_quotes_gpc()) {
                $result = addslashes( $result );
            }
        }
        return $result;
    } else {
        return $def;
    }
}


/**
* sets or returns the current side (frontend/backend) 
*
* This function returns TRUE when the user are in the backend area; this is set to
* TRUE when are invocated /administrator/index.php, /administrator/index2.php 
* or /administrator/index3.php, to set this value is not a normal use.
*
* @access public
* @param bool $val value used to set the adminSide value, not planned to be used by users
* @return bool TRUE when the user are in backend area, FALSE when are in frontend
*/
function adminSide($val='') {
    static $adminside;
    if (is_null($adminside)) {
        $adminside = ($val == '') ? 0 : $val;
    } else {
        $adminside = ($val == '') ? $adminside : $val;
    }
    return $adminside;
}


/**
* sets or returns the index type  
*
* This function returns 1, 2 or 3 depending of called file index.php, index2.php or index3.php.
*
* @access private
* @param int $val value used to set the indexType value, not planned to be used by users
* @return int return 1, 2 or 3 depending of called file 
*/

function indexType($val='') 
{
    static $indextype;
    if (is_null($indextype)) {
        $indextype = ($val == '') ? 1 : $val;
    } else {
        $indextype = ($val == '') ? $indextype : $val;
    }
    return $indextype;
}

if (!isset($adminside)) $adminside = 0;
if (!isset($indextype)) $indextype = 1;

adminSide($adminside);
indexType($indextype);

$adminside = adminSide();
$indextype = indexType();

require_once ('../../../includes/database.php');
require_once('../../../includes/core.classes.php');
$configuration =& mamboCore::getMamboCore();
$configuration->handleGlobals();

if (phpversion() < '4.2.0') require_once( $configuration->rootPath() . '/includes/compat.php41x.php' );
if (phpversion() < '4.3.0') require_once( $configuration->rootPath() . '/includes/compat.php42x.php' );
if (phpversion() < '5.0.0') require_once( $configuration->rootPath() . '/includes/compat.php5xx.php' );

// Start ACL
require_once($configuration->rootPath().'/includes/gacl.class.php' );
require_once($configuration->rootPath().'/includes/gacl_api.class.php' );
// restore some session variables
$my = new mosUser();
$my->getSession();
mamboCore::set('currentUser', $my);
/*-----------------------End setting up needed Mambo framework---------------------------*/


$database = new database($mosConfig_host, $mosConfig_user, $mosConfig_password, $mosConfig_db, $mosConfig_dbprefix);

$mainframe = new mosMainFrame( $database, 'com_zoom', '..', true );
$mainframe->initSession();

error_reporting(E_ALL);  
set_magic_quotes_runtime(0);

if (file_exists($mosConfig_absolute_path."/version.php")) {
	include_once($mosConfig_absolute_path."/version.php");
} elseif (file_exists($mosConfig_absolute_path."/includes/version.php")) {
	include_once($mosConfig_absolute_path."/includes/version.php");
}
	
$acl = new gacl_api();

if (isset($_REQUEST['uid'])) {
	$uid = intval(trim($_REQUEST['uid']));
} else if (isset($_REQUEST['dnd_uid'])) {
    $uid = intval(trim($_REQUEST['dnd_uid']));
} else {
	$uid = '0';
}
$my = $mainframe->getUser();

session_start();

$database->setQuery( "SELECT id, gid, username, usertype FROM #__users WHERE id=$uid");
$row = null;
if ($database->loadObject( $row )) {
	// fudge the group stuff
	$grp = $acl->getAroGroup( $row->id );
	$row->gid = 1;

	if ($acl->is_group_child_of( $grp->name, 'Registered', 'ARO' ) ||
	$acl->is_group_child_of( $grp->name, 'Public Backend', 'ARO' )) {
		// fudge Authors, Editors, Publishers and Super Administrators into the Special Group
		$row->gid = 2;
	}
	$row->usertype = $grp->name;
	
	$my->id = intval( $row->id );
    $my->username = $row->username;
    $my->usertype = $row->usertype;
    $my->gid = intval( $row->gid );
}

// Create zOOm Image Gallery object
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/zoom.class.php');
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/toolbox.class.php');
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/ftplib.class.php');
//require_once($mosConfig_absolute_path.'/components/com_zoom/lib/pdf.class.php'); // Caused headers to stop being sent
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/editmon.class.php'); //like a common session-monitor...
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/gallery.class.php');
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/image.class.php');
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/comment.class.php');
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/ecard.class.php');
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/lightbox.class.php');
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/privileges.class.php');
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/iptc/Unicode.php');
require_once($mosConfig_absolute_path.'/components/com_zoom/lib/mime/mime.class.php');


// Load configuration file...
require($mosConfig_absolute_path.'/components/com_zoom/etc/zoom_config.php');

$zoom = new zoom();
if ($zoom->isWin()) {
    require_once($mosConfig_absolute_path.'/components/com_zoom/lib/WinNtPlatform.class.php');
    $zoom->platform = new WinNtPlatform();
} else {
    require_once($mosConfig_absolute_path.'/components/com_zoom/lib/UnixPlatform.class.php');
    $zoom->platform = new UnixPlatform();
}
// now create an instance of the ToolBox!
$zoom->toolbox = new toolbox(false);
// Start session for the LightBox...
if ($zoom->_CONFIG['lightbox']) {
    @ini_set('session.save_handler', 'files'); 
    session_name('zoom');
	if(session_id()) {
		@session_destroy();
	}
	@ini_set('session.save_handler', 'files');
	session_start();
    if (!isset($_SESSION['lightbox'])) {
        $_SESSION['lightbox'] = new lightbox();
        // for test purposes:
        $_SESSION['lb_checked_out'] = false;
    }
}

// list of common inclusions:
if (file_exists($mosConfig_absolute_path."/components/com_zoom/lib/language/".$mosConfig_lang.".php")) { 
    include_once($mosConfig_absolute_path."/components/com_zoom/lib/language/".$mosConfig_lang.".php");
} else { 
    include_once($mosConfig_absolute_path."/components/com_zoom/lib/language/english.php");
}
if (file_exists($mosConfig_absolute_path."/language/".$mosConfig_lang.".php")) { 
    include_once($mosConfig_absolute_path."/language/".$mosConfig_lang.".php");
} else { 
    include_once($mosConfig_absolute_path."/language/english.php");
}