execquery("SELECT DISTINCT obj_id FROM cms_lang ORDER BY obj_id ASC"); $id = 1; for($i=0;$iexecquery("SELECT lang FROM cms_lang_install"); $id=lang_getTableFreeID(); for($i=0;$iinsert_query_history($q); } return $id; } function lang_update($objId, $text,$allLang=false,$forcedLang=""){ $db_con = new db_connection; if(!$allLang){ $lang=iff($forcedLang=="",lang_get(),$forcedLang); $q="UPDATE cms_lang SET text='".$text."' WHERE obj_id='$objId' AND lang='".$lang."'"; $db_con->update_delete_query($q); }else{ $langs=$db_con->execquery("SELECT lang FROM cms_lang_install"); for($i=0;$iupdate_delete_query_history($q); } } } function lang_delete($objId){ $db_con = new db_connection; $q="DELETE FROM cms_lang WHERE obj_id='$objId'"; $db_con->update_delete_query_history($q); } function lang_getText($id,$forcedLang=""){ $db_con = new db_connection; $lang=iff($forcedLang=="",lang_get(),$forcedLang); $q="SELECT text FROM cms_lang WHERE obj_id='$id' AND lang='".$lang."'"; $rows = $db_con->execquery($q); if(count($rows)>0)return $rows[0]['text']; else return ""; } function lang_getID($objId, $tableName, $colNameIdObj, $colNameIdLang){ $db_con = new db_connection; $q="SELECT $colNameIdLang FROM $tableName WHERE $colNameIdObj='$objId'"; $rows = $db_con->execquery($q); return $rows[0][0]; } function lang_session_name(){ return iff(isFrontEnd(),SESSION_FRONTEND_LANG,SESSION_BACKEND_LANG); } function lang_get() { return arrays_get_string($_SESSION,lang_session_name()); } function lang_getAdmin() { $lang=arrays_get_generic($_SESSION,lang_session_name(),"en"); if($lang!="it" && $lang!="en"){ return "en"; } return $lang; } function lang_getLangLabel(){ $db_con = new db_connection; $lang=$_SESSION[lang_session_name()]; $rows = $db_con->execquery("SELECT lang_label FROM cms_lang_install WHERE lang='$lang'"); return $rows[0][0]; } function lang_set() { unset($lang); if(isset($_GET['lang'])){ $lang=$_GET['lang']; if(!lang_isValid($lang))$lang=lang_getDefault(); lang_setSession($lang); }else{ if(!isset($_SESSION[lang_session_name()])){ $lang=lang_getDefault(); lang_setSession($lang); }else if(!lang_isValid($_SESSION[lang_session_name()])){ $lang=lang_getDefault(); lang_setSession($lang); } } return; } function lang_setSession($lang){ //$GLOBALS['cms_lang']=$lang; //compatibility for old modules $_SESSION[lang_session_name()]=$lang; } function lang_isValid($lang){ $langlist=lang_list(!isLoggedAdmin()); for($i=0;$iexecquery("SELECT lang FROM cms_lang_install WHERE lang_default=1 AND published=1"); return $rows[0][0]; } } function lang_list($onlyPublished=true){ $db_con = new db_connection; $q="SELECT lang,lang_label FROM cms_lang_install"; if($onlyPublished){$q.=" WHERE published='1'";} $q.=" ORDER BY ordering ASC"; $rows = $db_con->execquery($q); $langs=array(); for($i=0;$iexecquery("SELECT lang_label FROM cms_lang_install WHERE lang='".lang_get()."'"); return $rows[0]['lang_label']; } function lang_loadFile($module,$lang){ //if not exists lang file try to get the frontend or admin lang file $langFile="modules/$module/$lang.php"; //check if already imported if(@file_exists($langFile)){ include_once($langFile); }else if(@file_exists("../".$langFile)){ //admin --> front-end include_once("../".$langFile); }else if(@file_exists("admin/".$langFile)){//front-end --> admin include_once("admin/".$langFile); } } function loadLanguageFile($module){ lang_loadFile($module,lang_get()); } function loadLanguageFileAdmin($module){ lang_loadFile($module,lang_getAdmin()); } ?>db_con = new db_connection; $this->idHomepage=-1; $this->idHomepage=false; $this->curDir=getcwd()."/"; $this->init(); } private function init(){ $this->unregister_GLOBALS(); $this->init_requestUri(); //check default module $curMod=arrays_GET("module"); $checkedMod=$this->checkModule($curMod); if($curMod!=$checkedMod)$_GET['module']=$checkedMod; //clean db history $this->db_con->cleanHistory(); } private function initAfterSession(){ //check www $hasHttps=false; if(homepage_forceWww()){ $hasWww=(substr($_SERVER['HTTP_HOST'],0,3)=="www"); if(!$hasWww){ //check https here $http="http://"; $forceHttps=homepage_forceHttps(); if($forceHttps)$http="https://"; //prevent to re-check after $hasHttps=$forceHttps; //build same query with www $url=$http."www.".$_SERVER['HTTP_HOST']."/".$_SERVER['PHP_SELF']; $params=$_SERVER['QUERY_STRING']; if($params!="")$url.="?".$params; header("Location: ".$url); exit(); } } //check https if(homepage_forceHttps() && !$hasHttps){ $protocol=$_SERVER['HTTPS']; if($protocol==""){ $url="https://".$_SERVER['HTTP_HOST']."/".$_SERVER['PHP_SELF']; $params=$_SERVER['QUERY_STRING']; if($params!="")$url.="?".$params; header("Location: ".$url); exit(); } } } public function initSession($siteName="frontend"){ //here you session has already created by login manager session_name(md5($_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']).$siteName)); session_start(); //init before check session $this->initAfterSession(); if(homepage_checkSession()){ sessions_garbageClean_set(); //do purge action sessions_purge(); //now check if you session id is valid $session=sessions_get(getCurrentUserId()); if($session){ //check is must delete concurrent login if(!homepage_isSiteDemo()){ sessions_purgeSameUser(getCurrentUserId()); } //update session login time sessions_update(null,null,time()); }elseif(isLogged() || isLoggedAdmin()){ //bounce out $login=new login(); $login->performLogout(); }else{ //create new session into db //create new session sessions_create(getCurrentUserId(),"",time()); } } } public function initSessionAdmin(){ $this->initSession("backend"); } private function init_requestUri(){ if ( empty( $_SERVER['REQUEST_URI'] ) ) { $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME']; // Does this work under CGI? // Append the query string if it exists and isn't null if (isset($_SERVER['QUERY_STRING']) && !empty($_SERVER['QUERY_STRING'])) { $_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING']; } } } private function unregister_GLOBALS() { if ( !ini_get('register_globals') ) return; if ( isset($_REQUEST['GLOBALS']) ) die('GLOBALS overwrite attempt detected'); /* // Variables that shouldn't be unset $noUnset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES', 'table_prefix'); $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array()); foreach ( $input as $k => $v ) if ( !in_array($k, $noUnset) && isset($GLOBALS[$k]) ) { $GLOBALS[$k] = NULL; unset($GLOBALS[$k]); } */ } public function generalCheckMsg(){ $msg=array(); //ADMIN if(!isFrontEnd()){ if(!functions_isWritable("../repository"))$msg[]=CORE_ADMIN_GENERAL_CHECK_REPOSITORY_NO_WRITE; } return $msg; } public function getHomepageId(){ return $this->idHomepage; } public function isHomepage(){ return $this->isHomepage; } public function setLanguage() { lang_set(); } public function isLoggedAdmin(){ return isLoggedAdmin(); } private function RemoveExtension($strName){ $ext=strrchr($strName,'.'); $strName=substr($strName,0,-strlen($ext)); return $strName; } private function factory($type){ $classname = $type; $operation = arrays_get_string($_GET,'operation'); //$modules = arrays_get_string($_GET,'module'); return new $classname($type,$operation); } //load all the modules public function loadContainer($container = 'left'){ $out=''; $GLOBALS['load_container']=$container; $q="SELECT module,id,ordering,published FROM cms_modules WHERE position='".$container."' AND published='1' ORDER BY ordering"; $res=$this->db_con->execquery($q); for($i=0;$i0)$out.="
"; if(permission_mod::moduleHasPermission($res[$i]['module'])){ $obj=$this->loadComponent($res[$i]['module'],$res[$i]['id']); $out.=$obj->output(); } } unset($GLOBALS['load_container']); return $out; } private function registerModulesPermissions(){ //register all modules permissions settings $q="SELECT * FROM cms_modules"; if(isFrontEnd())$q.=" WHERE published='1'"; $res=$this->db_con->execquery($q); for($i=0;$ihasMethod("registerPermissions")){ $class->getMethod("registerPermissions")->invoke(null); } //register exec files if($class->hasMethod("registerExecFiles")){ $this->_execModFile[$mod]=$class->getMethod("registerExecFiles")->invoke(null); } } } //add core files $this->_execModFile['core_mod']=array("includes/captcha/CaptchaSecurityImages.php");; } private $_execModFile=array(); public function execModuleFile(){ $module=arrays_GET("module"); if(array_key_exists($module,$this->_execModFile)){ $modFile=arrays_GET("core_mod_file"); if($modFile!="" && array_search($modFile,$this->_execModFile[$module])!==false){ if($module!="core_mod")$modFile="modules/".$module."/".$modFile; if(file_exists($modFile)){ include($modFile); exit(); } } } } public function registerModulesPermissionsFrontEnd(){ $this->changeCurrentDirAdmin(); include_once("modules/acl_mod/acl_mod.php"); $this->restoreCurrentDir(); $this->registerModulesPermissions(); } public function registerModulesPermissionsBackEnd(){ include_once("modules/acl_mod/acl_mod.php"); $this->registerModulesPermissions(); } public function loadComponent($module,$id){ $module=$this->checkModule($module); $modulePath="./modules/$module/$module.php"; if($handle = file_exists($modulePath)){ include_once($modulePath); $classname=$this->factory($module); if(!$this->check_methods_exists($classname)) return null; if($module=='menu_mod'){ $classname->setid($id); } return $classname; } return null; } public function checkOffline(){ //check first is is offline if(homepage_get_offlineFlag()){ //check if user has logged from offline page if(!users_isLoggedOffline() && !isLogged())header("Location: offline.php"); } return true; } public function checkHomepage($module){ $modulePath="./modules/$module/$module.php"; $homepageMod="modules/homepage_mod/homepage_mod.php"; include_once($homepageMod); if($module=="homepage_mod" || (!file_exists($modulePath) && $module!="core_mod")){ if(file_exists($homepageMod)){ //check static homepage $idS=homepage_get_homepage(); if($idS>0){ $_GET['module']="content_mod"; $_GET['itemid']=$idS; } //check menu link homepage $idM=homepage_get_homepageMenu(); if($idS<=0 && $idM>0){ $menu=menu_listItems($idM); $menu=$menu[0]; if($menu['link_type']=="static"){ $_GET['module']="content_mod"; $_GET['itemid']=$menu['link_inside_id']; }else if($menu['link_type']=="module"){ $_GET['module']=module_module_get($menu['link_module']); if($menu['link_inside_id']>0)$_GET['itemid']=$menu['link_inside_id']; if($menu['link_params']!=""){ $a=explode("&",$menu['link_params']); foreach ($a as $key => $value) { $ts=split("=",$value); $_GET[$ts[0]]=$ts[1]; } } } } $this->idHomepage=-1; $this->isHomepage=true; return -1; } }else{ //check if is the homepage if(file_exists($homepageMod)){ $id=homepage_get_homepage(); if($module=="content_mod" && $_GET['itemid']==$id){ $this->idHomepage=$id; $this->isHomepage=true; return $id; } } } $this->idHomepage=-1; return -1; } private function checkModule($module){ //backwards compatibility if(!defined("MS3_DEFAULT_HOMEPAGE_ADMIN"))define("MS3_DEFAULT_HOMEPAGE_ADMIN",MS3_DEFAULT_HOMEPAGE); if($module==null || $module==""){ if(isFrontEnd())return MS3_DEFAULT_HOMEPAGE; else return MS3_DEFAULT_HOMEPAGE_ADMIN; } return $module; } private function check_methods_exists($classname){ if(!method_exists($classname,'operation')){ return false; } if(!method_exists($classname,'output')){ return false; } return true; } public function changeCurrentDirAdmin(){ chdir($this->curDir."/admin"); } public function restoreCurrentDir(){ chdir($this->curDir); } public function printTitle(){ if(isset($_GET['module'])){ $module=arrays_GET("module"); if($_GET['module']=='content_mod'){ $q="SELECT cms_content.title FROM cms_content WHERE cms_content.id='".$_GET['itemid']."'"; $rows=$this->db_con->execquery($q); $this->translate($rows,"title"); return $rows[0]['title']; }else if($_GET['module']=='gallery_mod'){ $q="SELECT cms_gallery_rubrique.nom FROM cms_gallery_rubrique WHERE cms_gallery_rubrique.id_rub='".$_GET['itemid']."'"; $rows=$this->db_con->execquery($q); return $rows[0]['nom']; }else if($_GET['module']=='contact_mod'){ $q="SELECT title FROM cms_contact_item WHERE id_ci='".$_GET['itemid']."'"; $rows=$this->db_con->execquery($q); $this->translate($rows,"title"); return $rows[0]['title']; }else if($_GET['module']=='news_mod' && arrays_GET("itemid")>0){ $q="SELECT name FROM cms_news_categories WHERE id_ca='".arrays_GET("itemid")."'"; $rows=$this->db_con->execquery($q); $this->translate($rows,"name"); return $rows[0]['name']; }else{ //check if specific function in includes/custom.inc.php file exists if(function_exists($module."_customTitle")){ return call_user_func($module."_customTitle"); }else{ //default module title $q="SELECT cms_modules.title FROM cms_modules WHERE cms_modules.module='".$module."'"; $rows=$this->db_con->execquery($q); $this->translate($rows,"title"); return $rows[0]['title']; } } } else return null; } private function translate(&$rows,$colName){ for($i=0;$i