Absolut Engine PHP Cross Reference Web Portal Systems

Source: /admin/classengine.php - 1517 lines - 58272 bytes - Summary - Text - Print

   1  <?
   2  /**
   3   * @package absolutengine
   4   */
   5  /** Core engine class / base functions
   6   */
   7  class CEngine extends CAuth
   8  {
   9  
  10     /** Constructor
  11      * Set all variables
  12      */
  13     function CEngine()
  14     {
  15     $this->CAuth();
  16     if (!defined('TEMPDIR')) define('TEMPDIR','./');
  17     @include (TEMPDIR."variables.php");
  18     @include (TEMPDIR."settings.php");
  19     $this->server=$server;
  20     $this->path=$path;
  21     $this->pathimages=$pathimages;
  22     $this->pathfiles=$pathfiles;
  23     $this->timeout=$timeout;
  24     $this->dbserver=$dbserver;
  25     $this->dbuser=$dbuser;
  26     $this->dbpass=$dbpass;
  27     $this->dbname=$dbname;
  28     $this->tableprefix=$tableprefix;
  29     $this->tableprefixmod=$tableprefixmod;
  30     foreach ($table as $key=>$value)
  31             {
  32             $this->table[$key]=$this->tableprefix.$value;
  33             }
  34     $this->wysiwygeditor=$wysiwygeditor;
  35     $this->emailwebmaster=$emailwebmaster;
  36     $this->cleanurls=$cleanurls;
  37     $this->sizemaximages=$sizemaximages;
  38     $this->thumbwidth=$thumbwidth;
  39     $this->thumbheight=$thumbheight;
  40     $this->jpegquality=$jpegquality;
  41     $this->sizemaxfiles=$sizemaxfiles;
  42     $this->uploadforbid=$uploadforbid;
  43     $this->dateformat=$dateformat;
  44     $this->charset=$charset;
  45     $this->textbasic=$textbasic;
  46     $this->textwarning=$textwarning;
  47     // define non-existing variables
  48     $this->username=""; $this->action=""; $this->datefrom=""; $this->dateto="";
  49     $this->condition=""; $this->filtarticlenumber=""; $this->filttitle="";
  50     $this->filtuserID=""; $this->filtdatefrom=""; $this->filtdateto="";
  51     $this->sortby=""; $this->sortorder=""; $this->objectID=""; $this->command="";
  52     $this->articleID=""; $this->sectionID=""; $this->section=""; $this->moduleID="";
  53     $this->text=""; $this->adate=""; $this->filesetID=""; $this->uploadnumber="";
  54     $this->formerrors=""; $this->imagesetID=""; $this->beginning=""; $this->title="";
  55     $this->atime=""; $this->priority=""; $this->status=""; $this->filename="";
  56     $this->authorID=""; $this->author=""; $this->filtsectionID=""; $this->leavedb="";
  57     $this->hook=""; $this->GIFSupport=0; $this->JPGSupport=0; $this->PNGSupport=0;
  58     $this->_htaccessopen=0;
  59     // Checking for supported image types
  60     if (function_exists("imagetypes"))
  61        {
  62        $this->PrintDebugText("imagetypes(): TRUE");
  63        if (imagetypes() & IMG_GIF)
  64           {
  65           $this->GIFSupport=1;
  66           $this->PrintDebugText("GIF Support: ".$this->GIFSupport);
  67           }
  68        if (imagetypes() & IMG_JPG)
  69           {
  70           $this->JPGSupport=1;
  71           $this->PrintDebugText("JPG Support: ".$this->JPGSupport);
  72           }
  73        if (imagetypes() & IMG_PNG)
  74           {
  75           $this->PNGSupport=1;
  76           $this->PrintDebugText("PNG Support: ".$this->PNGSupport);
  77           }
  78        }
  79     else
  80        {
  81        $this->PrintDebugText("imagetypes(): FALSE (assuming full image support)");
  82        // Assuming full image support exists
  83        $this->GIFSupport=1;
  84        $this->JPGSupport=1;
  85        $this->PNGSupport=1;
  86        }
  87     // Check whether fmod function exists, if not create emulated fmod function
  88     if (!function_exists("fmod"))
  89        {
  90        $this->PrintDebugText("fmod(): FALSE (creating fmod function)");
  91        function fmod($x,$y)
  92        {
  93        $i = floor($x/$y);
  94        return $x - $i*$y;
  95        }
  96        }
  97     }
  98  
  99     /** Initialize engine
 100      * Connect to database and select user language
 101      */
 102     function EngineInitialize()
 103     {
 104     $this->DBConnect();
 105     $this->DBQuery("SELECT * FROM ".$this->table[5]." WHERE user='".$this->username."'");
 106     $this->DBGetRow();
 107     $languagedef=$this->access["language"];
 108     if (!$languagedef) $languagedef="EN";
 109     $languagedef=strtolower($languagedef);
 110     $file="variables-".$languagedef.".php";
 111     if ($file=="variables-en.php") $file="variables.php";
 112     if (file_exists(TEMPDIR.$file)) @include(TEMPDIR.$file); else @include(TEMPDIR.'variables.php');
 113     // Re-initialize variables to match user language
 114     $this->charset=$charset; $tempcharset=$this->charset;
 115     $this->textbasic=$textbasic;
 116     $this->textwarning=$textwarning;
 117     // Retrieve settings for modules
 118     $this->DBQuery("SELECT * FROM ".$this->table[8]." ORDER BY module");
 119     while ($this->DBGetRow())
 120           {
 121           $directory=$this->access["directory"];
 122           $messagename="text".$directory;
 123           $tablename="table".$directory;
 124           $variablename="var".$directory;
 125           $$messagename=""; $$tablename=""; $$variablename="";
 126           $file="variables-".$languagedef.".php";
 127           if ($file=="variables-en.php") $file="variables.php";
 128           if (file_exists(TEMPDIR.'modules/'.$directory.'/'.$file))
 129              {
 130              @include(TEMPDIR.'modules/'.$directory.'/'.$file);
 131              }
 132           elseif (file_exists(TEMPDIR.'modules/'.$directory.'/'.'variables.php'))
 133              {
 134              @include(TEMPDIR.'modules/'.$directory.'/'.'variables.php');
 135              }
 136           if ($charset<>$this->charset) $tempcharset=$charset;
 137           $this->$messagename=$$messagename;
 138           if (file_exists(TEMPDIR.'modules/'.$directory.'/'.'settings.php'))
 139              {
 140              @include(TEMPDIR.'modules/'.$directory.'/'.'settings.php');
 141              // Create object variables for DB tables
 142              if (is_array($$tablename))
 143                 {
 144                 foreach ($$tablename as $key=>$value)
 145                         {
 146                         $this->{$tablename}[$key]=$this->tableprefixmod.$value;
 147                         }
 148                 }
 149              // Create object variables for additional settings variables
 150              if (is_array($$variablename))
 151                 {
 152                 foreach ($$variablename as $key=>$value)
 153                         {
 154                         $this->{$variablename}[$key]=$value;
 155                         }
 156                 }
 157              }
 158           }
 159     $this->charset=$tempcharset;
 160     }
 161  
 162     /** Display basic information about Absolut Engine
 163      * @access public
 164      */
 165     function EngineInfo()
 166     {
 167     echo '<p>';
 168     echo '<strong>Absolut Engine</strong> by <a href="mailto:dusoft@staznostiNOSPAM.sk">Daniel Duris</a><br />';
 169     echo '<strong>Author:</strong> Daniel Duris<br />';
 170     echo '<strong>Version:</strong> '.AE_VERSION.'<br />';
 171     echo '<strong>Download:</strong> <a href="http://www.absolutengine.com" title="Absolut Engine Content Management System">www.absolutengine.com</a><hr>';
 172     echo '<strong>Support, questions, ideas, comments and general info at author\'s email or:</strong><br />';
 173     echo '<a href="http://www.absolutengine.com/faq/" title="Absolut Engine FAQ, Forums, Support, Help, Bugs, To-Do, Proposals">Forums</a> on Absolut Engine.<br />';
 174     echo '</p>';
 175     }
 176  
 177     /** Print debug text
 178      * @access private
 179      * @param $text message to be printed
 180      */
 181     function PrintDebugText($text)
 182     {
 183     if (DEBUG===1) echo $text,'<br />';
 184     }
 185  
 186     /** Save temporary data to table temporary
 187      * @param string $tempstring temporary data
 188      * @return integer $objectID ID of inserted element/object
 189      */
 190     function SaveTempData($tempstring)
 191     {
 192     $this->DBQuery("INSERT INTO ".$this->table[11]." VALUES (NULL,'".$tempstring."')");
 193     return $this->insertID;
 194     }
 195  
 196     /** Redirect user on error back to form page (e.g. missing form field etc.)
 197      * @access public
 198      * @param integer $objectID ID of temporary object to put into URL
 199      */
 200     function RedirectOnError($objectID)
 201     {
 202     $referer=$_SERVER["HTTP_REFERER"];
 203     if (strpos($referer,"?")===FALSE) $char="?";
 204     else $char="&";
 205     $referer=ereg_replace($char."objectID=[0-9]{1,}","",$referer);
 206     header("location: ".$referer.$char."objectID=".$objectID);
 207     exit;
 208     }
 209  
 210     /** Add form error to queue
 211      * @param string variable name
 212      * @access private
 213      */
 214     function AddFormError($message)
 215     {
 216     if (!$this->formerrors) $this->formerrors=" ";
 217     else $this->formerrors.=", ";
 218     $this->formerrors.=$message;
 219     }
 220  
 221     /** Check for form errors (if manadatory fields have been filled)
 222      * @param mixed ,...
 223      * unlimited number of parameters available, parameters should contain variable name
 224      * to check (e.g. title, sectionID, etc...)
 225      */
 226     function CheckFormErrors()
 227     {
 228     $number=func_num_args();
 229     if ($number)
 230        {
 231        $arguments=func_get_args();
 232        foreach ($arguments as $value)
 233                {
 234                $this->$value;
 235                if (!$this->$value)
 236                   {
 237                   $this->AddFormError($value." ".$this->textbasic[50]);
 238                   }
 239                }
 240        }
 241     if ($this->formerrors)
 242        {
 243        $this->formerrors.=".";
 244        if (!$this->objectID)
 245           {
 246           $this->aecopy=$this->SerializeObject($this);
 247           $temparray=array($this->formerrors,$this->aecopy);
 248           $tempstring=implode("|",$temparray);
 249           $this->objectID=$this->SaveTempData($tempstring);
 250           }
 251        else $objectID=$this->objectID;
 252        $this->RedirectOnError($this->objectID);
 253        }
 254     }
 255  
 256     /** Display error message and optionally stop execution of the script
 257      * @param boolean $stop 0 to continue with script execution, otherwise 1 to stop/exit
 258      * @param string $required "title,sectionID" - comma delimited list of mandatory fields
 259      * @param string moduledir - when called from module, state module directory
 260      */
 261     function DisplayError($errorcode=0,$stop=0,$moduledir="")
 262     {
 263     if (!$this->objectID AND !$stop) return 0;
 264     if ($this->objectID)
 265        {
 266        $this->DBQuery("SELECT tempstring FROM ".$this->table[11]." WHERE ID='".$this->objectID."'");
 267        $this->DBGetRow();
 268        $temparray=explode("|",$this->access["tempstring"]);
 269        $missingfields=$temparray[0];
 270        $objectcopy=$this->UnserializeObject($temparray[1]);
 271        }
 272     elseif ($stop)
 273        {
 274        @include (TEMPDIR."header.php");
 275        }
 276     echo '<p class="error"><span>!</span>';
 277     if (!$moduledir)
 278        {
 279        echo $this->textwarning[$errorcode];
 280        }
 281     else
 282        {
 283        $variablename="text".$moduledir;
 284        echo $this->{$variablename}[$errorcode];
 285        }
 286     if ($this->objectID) echo $missingfields;
 287     echo '<br class="clear" /></p>';
 288     if ($stop)
 289        {
 290        @include (TEMPDIR."footer.php");
 291        exit;
 292        }
 293     $this->DBQuery("DELETE FROM ".$this->table[11]." WHERE ID='".$this->objectID."'");
 294     if ($this->rowsnumber) return $objectcopy;
 295     }
 296  
 297     /** Perform date conversion from custom date format (set in settings.php) to MySQL date format and back
 298      * @access public
 299      * @param string $adate date to be converted
 300      * @param integer $direction to DB = 1, to form = 2
 301      */
 302     function DateConversion($adate,$direction=1)
 303     {
 304     if (!$adate) return;
 305     $this->dateformat=strtoupper($this->dateformat); // Makes sure it's UPPERCASE
 306     if ($direction==1)
 307        {
 308        for ($i=32;$i<48;$i++)
 309        {
 310        $delimiter=strpos($this->dateformat,chr($i));
 311        if ($delimiter) break;
 312        }
 313        $delimiter=chr($i); // Get the delimiter used
 314        $formatparts=explode($delimiter,$this->dateformat);
 315        $adateparts=explode($delimiter,$adate);
 316        for ($i=0;$i<=2;$i++)
 317            {
 318            if ($formatparts[$i]=="DD") $day=sprintf("%02d",$adateparts[$i]);
 319            if ($formatparts[$i]=="MM") $month=sprintf("%02d",$adateparts[$i]);
 320            if ($formatparts[$i]=="YYYY") $year=$adateparts[$i];
 321            }
 322        $day=trim($day);
 323        $month=trim($month);
 324        $year=trim($year);
 325        $adate="$year-$month-$day";
 326        }
 327     else
 328        {
 329        $year=strval(substr($adate,0,4));
 330        $month=strval(substr($adate,5,2));
 331        $day=strval(substr($adate,8,2));
 332        $adate=str_replace("DD",$day,$this->dateformat);
 333        $adate=str_replace("MM",$month,$adate);
 334        $adate=str_replace("YYYY",$year,$adate);
 335        }
 336     return $this->adate=$adate;
 337     }
 338  
 339     /** Check for file handling error and stop the script on failure
 340      */
 341     function FileError()
 342     {
 343     if (!$this->error) $this->DisplayError(22,1);
 344     }
 345  
 346     /** Generate filename for file upload purposes
 347      * if filename exists, add -X, where X is previous existinf file number
 348      * @param string $filename original filename
 349      * @param string $path filepath (relative to admin/ directory)
 350      * @return string $filename generated filename
 351      */
 352     function GenerateFilename($filename,$path)
 353     {
 354     $testnumber=0;
 355     $fileparts=explode(".",$filename);
 356     $filename=$fileparts[0];
 357     $extension=$fileparts[1];
 358     $filename=ereg_replace('&#([0-9]{1,10});','',$filename);
 359     $filename=strtr($filename," 㥹弾","-AAACEEIIOOOUUYsaaaceeiiooouuyAaAaCcCcDdDdEeEeLlLlLlNnNnOoRrRrSsSsSsTtTtUuUuZzZzZz");
 360     for ($i=0;$i<strlen($filename);$i++)
 361         {
 362         if (ord($filename[$i])<32 OR (ord($filename[$i])>=33 AND ord($filename[$i])<=44) OR (ord($filename[$i])>=46 AND ord($filename[$i])<=47) OR (ord($filename[$i])>=58 AND ord($filename[$i])<=64) OR (ord($filename[$i])>=91 AND ord($filename[$i])<=94) OR ord($filename[$i])==96 OR ord($filename[$i])>122)
 363            {
 364            $filename=substr($filename,0,$i).substr($filename,$i+1,strlen($filename));
 365            }
 366         }
 367     $filename=str_replace('---','-',$filename);
 368     $filename=str_replace('--','-',$filename);
 369     $filename=strtolower($filename);
 370     $filename.=".".$extension;
 371     while (file_exists($path.$filename))
 372           {
 373           $filename=$fileparts[0]."-".$testnumber.".".$extension;
 374           $testnumber++;
 375           }
 376     return $filename;
 377     }
 378  
 379     /** Upload file
 380      * @param string $file original filename of the file to be uploaded
 381      * @param string $filenametmp temporary filename created by server during upload
 382      * @param integer $size size in bytes for maxsize check
 383      * @return string $filename filename created by engine from original filename
 384      */
 385     function SubmitFile($file,$filenametmp,$size)
 386     {
 387     $extforbid=explode(",",$this->uploadforbid);
 388     $fileparts=explode(".",$file);
 389     $filename=$fileparts[0];
 390     $extension=$fileparts[1];
 391     for ($i=0;$i<count($extforbid);$i++)
 392         {
 393         if ($extforbid[$i]==$extension) $this->DisplayError(21,1);
 394         }
 395     if ($size>$this->sizemaxfiles) $this->DisplayError(23,1);
 396     $filename=$this->GenerateFilename($file,$this->pathfiles);
 397     @$this->error=copy($filenametmp,$this->pathfiles.$filename);
 398     $this->FileError();
 399     return $this->filename=$filename;
 400     }
 401  
 402     /** Delete a file
 403      * @param $file filename
 404      */
 405     function DeleteFile($file)
 406     {
 407     if (file_exists($this->pathfiles.$file))
 408        {
 409        @$this->error=unlink($this->pathfiles.$file);
 410        $this->FileError();
 411        }
 412     }
 413  
 414     /** Upload image, create thumbnail from image
 415      * @param string $file original filename of the file to be uploaded
 416      * @param string $filenametmp temporary filename created by server during upload
 417      * @param string $filetype filetype of image (GIF/PNG/JPEG)
 418      * @param integer $size size in bytes for maxsize check
 419      * @return string $filename filename created by engine from original filename
 420      */
 421     function SubmitImage($file,$filenametmp,$filetype,$size,$path="")
 422     {
 423     if (!$path) $path=$this->pathimages;
 424     if ($filetype=="image/gif" AND !$this->GIFSupport)
 425        {
 426        $this->DisplayError(24,1);
 427        }
 428     elseif (($filetype=="image/jpeg" OR $filetype=="image/pjpeg") AND !$this->JPGSupport)
 429        {
 430        $this->DisplayError(24,1);
 431        }
 432     elseif ($filetype=="image/png" AND !$this->PNGSupport)
 433        {
 434        $this->DisplayError(24,1);
 435        }
 436     if ($filetype=="image/gif") $extension=".gif";
 437     elseif ($filetype=="image/jpeg" OR $filetype=="image/pjpeg") $extension=".jpg";
 438     elseif ($filetype=="image/png") $extension=".png";
 439     else $this->DisplayError(20,1);
 440     if ($size>$this->sizemaxfiles) $this->DisplayError(20,1);
 441     $filename=$this->GenerateFilename($file,$path);
 442     @$this->error=copy($filenametmp,$path.$filename);
 443     $this->FileError();
 444     if ($extension==".gif") $image=imagecreatefromgif($path.$filename);
 445     if ($extension==".jpg") $image=imagecreatefromjpeg($path.$filename);
 446     if ($extension==".png") $image=imagecreatefrompng($path.$filename);
 447     $width=imagesx($image); $height=imagesy($image);
 448     $thumbw=$width; $thumbh=$height;
 449     if ($width>$this->thumbwidth OR $height>$this->thumbheight)
 450        {
 451        $ratiow=1; $ratioh=1;
 452        if ($width>$this->thumbwidth) $ratiow=$thumbw/$this->thumbwidth;
 453        if ($height>$this->thumbheight) $ratioh=$thumbh/$this->thumbheight;
 454        if ($ratiow>$ratioh)
 455           {
 456           $thumbw=$thumbw/$ratiow;
 457           $thumbh=$thumbh/$ratiow;
 458           }
 459        elseif ($ratioh>$ratiow)
 460               {
 461               $thumbw=$thumbw/$ratioh;
 462               $thumbh=$thumbh/$ratioh;
 463               }
 464        elseif ($ratioh==$ratiow)
 465           {
 466           $thumbw=$thumbw/$ratiow;
 467           $thumbh=$thumbh/$ratioh;
 468           }
 469        }
 470     $image2=imagecreatetruecolor($thumbw,$thumbh);
 471     imagecopyresampled($image2,$image,0,0,0,0,$thumbw,$thumbh,$width,$height);
 472     $thumbnail=$this->GetThumbnailName($filename);
 473     if ($extension==".gif")
 474        {
 475        $this->error=imagegif($image2,$path.$thumbnail);
 476        $this->FileError();
 477        }
 478     if ($extension==".jpg")
 479        {
 480        $this->error=imagejpeg($image2,$path.$thumbnail,$this->jpegquality);
 481        $this->FileError();
 482        }
 483     if ($extension==".png")
 484        {
 485        $this->error=imagepng($image2,$path.$thumbnail);
 486        $this->FileError();
 487        }
 488     imagedestroy($image);
 489     imagedestroy($image2);
 490     return $filename;
 491     }
 492  
 493     /** Delete image and its thumbnail
 494      * @param string $file image filename
 495      */
 496     function DeleteImage($file,$path)
 497     {
 498     if (file_exists($path.$file))
 499        {
 500        @$this->error=unlink($path.$file);
 501        $this->FileError();
 502        }
 503     $fileparts=explode(".",$file);
 504     $filename=$fileparts[0];
 505     $extension=$fileparts[1];
 506     $thumbnail=$this->GetThumbnailName($file);
 507     if (file_exists($path.$thumbnail))
 508        {
 509        @$this->error=unlink($path.$thumbnail);
 510        $this->FileError();
 511        }
 512     }
 513  
 514     /** Create thumbnail name from image name
 515      * @param string $file image name
 516      * @return string $thumbnail thumbnail name
 517      */
 518     function GetThumbnailName($file)
 519     {
 520     $fileparts=explode(".",$file);
 521     $filename=$fileparts[0];
 522     $extension=$fileparts[1];
 523     $thumbnail=$filename."a".".".$extension;
 524     return $thumbnail;
 525     }
 526  
 527     /** Create array of system message translations available
 528      * @access private
 529      */
 530     function RequestLanguageVersions()
 531     {
 532     $i=0;
 533     @$dirhandle=opendir(".");
 534     while (@$languageversion=readdir($dirhandle))
 535           {
 536           if (substr($languageversion,0,9)=="variables")
 537              {
 538              $languageversion=substr($languageversion,10,2);
 539              if ($languageversion=="ph")
 540                 {
 541                 $languageversion="en";
 542                 }
 543              $languagearray[$i]=strtoupper($languageversion);
 544              }
 545           ++$i;
 546           }
 547     @closedir($dirhandle);
 548     sort($languagearray);
 549     reset($languagearray);
 550     return $this->languagearray=$languagearray;
 551     }
 552  
 553     /** Genereates physical files from articles if $cleanurls set to 1
 554      * @deprecated from v1.71 DO NOT USE! This function is obsolete and will be deleted in next version
 555      * If you server support Apache mod_rewrite module, use $cleanurls=2 instead!
 556      * @todo prepare some static URL schema use - $cleanurls=3 in future
 557      */
 558     function GeneratePhysicalFile($articleID)
 559     {
 560     $content=join('',file('../showarticle.php'));
 561     $content=str_replace('$aepublic->articleID',$articleID,$content);
 562     $this->filename=str_replace('.php','',$this->filename);
 563     if (!$this->filename)
 564        {
 565        $this->filename=$this->title;
 566        }
 567     $this->filename=ereg_replace('&#([0-9]{1,10});','',$this->filename);
 568     $this->filename=strtr($this->filename," 㥹弾","-AAACEEIIOOOUUYsaaaceeiiooouuyAaAaCcCcDdDdEeEeLlLlLlNnNnOoRrRrSsSsSsTtTtUuUuZzZzZz");
 569     for ($i=0;$i<strlen($this->filename);$i++)
 570         {
 571         if (ord($this->filename[$i])<32 OR (ord($this->filename[$i])>=33 AND ord($this->filename[$i])<=44) OR (ord($this->filename[$i])>=46 AND ord($this->filename[$i])<=47) OR (ord($this->filename[$i])>=58 AND ord($this->filename[$i])<=64) OR (ord($this->filename[$i])>=91 AND ord($this->filename[$i])<=94) OR ord($this->filename[$i])==96 OR ord($this->filename[$i])>122)
 572            {
 573            $this->filename=substr($this->filename,0,$i).substr($this->filename,$i+1,strlen($this->filename));
 574            }
 575         }
 576     $this->filename=str_replace('---','-',$this->filename);
 577     $this->filename=str_replace('--','-',$this->filename);
 578     $this->filename.=".php";
 579     $this->filename=strtolower($this->filename);
 580     @$this->error=$handle=fopen('../'.$this->filename,'wb');
 581     $this->FileError();
 582     @$this->error=fwrite($handle,$content);
 583     $this->FileError();
 584     @$this->error=fclose($handle);
 585     $this->FileError();
 586     }
 587  
 588     /** Deletes physical files from articles if $cleanurls set to 1
 589      * @deprecated from v1.71 DO NOT USE! This function is obsolete and will be deleted in next version
 590      * If you server support Apache mod_rewrite module, use $cleanurls=2 instead!
 591      * @todo prepare some static URL schema use - $cleanurls=3 in future
 592      */
 593     function DeletePhysicalFile($articleID)
 594     {
 595     $this->DBQuery("SELECT filename FROM ".$this->table[3]." WHERE ID='".$articleID."'");
 596     $this->DBGetRow();
 597     $filename=$this->access["filename"];
 598     if ($filename AND file_exists('../'.$filename))
 599        {
 600        @$this->error=unlink('../'.$filename);
 601        $this->FileError();
 602        }
 603     }
 604  
 605     /** Insert clean URL in clean URLs pool
 606      * @access public
 607      * @return void
 608      */
 609     function InsertCleanURL($url)
 610     {
 611     if (!$this->cleanurls) return;
 612     $this->DBQuery("INSERT INTO ".$this->table[10]." VALUES ('".$url."')");
 613     }
 614  
 615     /** Delete clean URL from clean URLs pool
 616      * @access public
 617      * @return void
 618      */
 619     function DeleteCleanURL($url)
 620     {
 621     if (!$this->cleanurls) return;
 622     $this->DBQuery("DELETE FROM ".$this->table[10]." WHERE cleanurl='".$url."'");
 623     }
 624  
 625     /** Look into clean URLs pool to check if URL exists
 626      * @access public
 627      * @return FALSE if URL is not found
 628      * @return TRUE if URL exists -> show error? (leave it to the module/system to decide what to do)
 629      */
 630     function LookUpCleanURL($url)
 631     {
 632     $this->DBQuery("SELECT cleanurl FROM ".$this->table[10]." WHERE cleanurl='".$url."'");
 633     if ($this->rowsnumber) return TRUE;
 634     else return FALSE;
 635     }
 636  
 637     /** Display parts of the pages (boxes) that should be added to the currently visited page
 638      *  Modules are able to insert their parts (forms, boxes, DB listings) into other parts of the system
 639      */
 640     function DisplayEngineModuleParts()
 641     {
 642     global $ae;
 643     $condition="";
 644     $path=pathinfo($_SERVER["PHP_SELF"]);
 645     $file=$path["basename"];
 646     $directory=str_replace("/".$this->path."admin/","",$path["dirname"]);
 647     if (strpos($directory,"modules")!==FALSE)
 648        {
 649        $directory=str_replace("modules/","",$directory);
 650        $condition="WHERE directory<>'".$directory."'";
 651        }
 652     $this->DBQuery("SELECT directory FROM ".$this->table[8]." ".$condition." ORDER BY module");
 653     while ($this->DBGetRow())
 654        {
 655        $directory=$this->access["directory"];
 656        if (file_exists(TEMPDIR.'modules/'.$directory.'/'.$file))
 657           {
 658           @include(TEMPDIR.'modules/'.$directory.'/coreclass.php');
 659           @include(TEMPDIR.'modules/'.$directory.'/'.$file);
 660           }
 661        }
 662     }
 663  
 664     /** Set hook
 665      * @access public
 666      * @param string $hook hook to set
 667      */
 668     function SetHook($hook)
 669     {
 670     $this->hook=$hook;
 671     }
 672  
 673     /** Execute currently set hook
 674      * @access public
 675      * @see SetHook()
 676      */
 677     function ExecuteHook()
 678     {
 679     if (!$this->hook) return;
 680     $elementpart=explode("-",$this->hook);
 681     $hook=$elementpart[0];
 682     $element=$elementpart[1];
 683     $this->DBQuery("SELECT * FROM ".$this->table[14]." WHERE hook='".$hook."'");
 684     if ($this->rowsnumber)
 685        {
 686        $this->DBGetRow();
 687        $action=trim($this->access["action"]);
 688        if ($action)
 689           {
 690           if (strpos($action,"?")!==FALSE) $character="&";
 691           else $character="?";
 692           header("location: http://".$this->server."/".$this->path."admin/".$action.$character."username=".$this->username."&session=".$this->session."&".$element."=".$this->$element);
 693           exit;
 694           }
 695        }
 696     }
 697  
 698     /** Create clean URL based on input string
 699      * @param string $input string to create valid clean URL from
 700      * @return string valid clean URL
 701      * @return void when clean URL feature is disabled
 702      */
 703     function CreateCleanURL($input)
 704     {
 705     if (!$this->cleanurls) return;
 706     if ($this->filename) $input=$this->filename;
 707     // drop any HTML entities
 708     $input=ereg_replace('&#([0-9]{1,10});','',$input);
 709     // do conversion of common characters
 710     $input=strtr($input," 㥹弾","-AAACEEIIOOOUUYsaaaceeiiooouuyAaAaCcCcDdDdEeEeLlLlLlNnNnOoRrRrSsSsSsTtTtUuUuZzZzZz");
 711     for ($i=0;$i<strlen($input);$i++)
 712         {
 713         if (ord($input[$i])<32 OR (ord($input[$i])>=33 AND ord($input[$i])<=44) OR ord($input[$i])==47 OR (ord($input[$i])>=58 AND ord($input[$i])<=64) OR (ord($input[$i])>=91 AND ord($input[$i])<=94) OR ord($input[$i])==96 OR ord($input[$i])>122)
 714            {
 715            $input=substr($input,0,$i).substr($input,$i+1,strlen($input));
 716            $i--;
 717            }
 718         }
 719     $input=str_replace('---','-',$input);
 720     $input=str_replace('--','-',$input);
 721     $input=strtolower($input);
 722     return $input;
 723     }
 724  
 725     /** Open and read .htaccess file for further processing by AddRewriteRule, DeleteRewriteRule etc.
 726      *  if $cleanurls is set to 2
 727      * @return void
 728      */
 729     function ReadHtaccess()
 730     {
 731     if (!$this->cleanurls) return;
 732     if (strpos($_SERVER["PHP_SELF"],"modules")!==FALSE) $modulecall=1;
 733     $this->_htaccessopen=1;
 734     if ($modulecall) $path="../../../";
 735     else $path="../";
 736     $this->_content=join('',file($path.'.htaccess'));
 737     @$this->error=$this->_handle=fopen($path.'.htaccess','wb');
 738     $this->FileError();
 739     }
 740  
 741     /** Write content to and close .htaccess file
 742      *  if $cleanurls is set to 2
 743      * @return void
 744      */
 745     function WriteHtaccess()
 746     {
 747     @$this->error=fwrite($this->_handle,$this->_content);
 748     $this->FileError();
 749     @$this->error=fclose($this->_handle);
 750     $this->FileError();
 751     $this->_htaccessopen=0;
 752     }
 753  
 754     /** Generate .htaccess file (with new rules) if $cleanurls is set to 2
 755      * @param integer $elementID ID of element
 756      * @param string $type = "file.php?elementID=" // e.g. showcar.php?carID=
 757      * @param string $prefix string to prefix clean URL with
 758      * @param string $suffix string to suffix clean URL with
 759      * @return void when clean URL feature is disabled
 760      * @todo !!!! test whether syndication is enabled and section is part of the central website
 761      * @todo if not return and do not create rule!!!
 762      */
 763     function AddRewriteRule($elementID,$type="showarticle.php?articleID",$prefix="",$suffix="")
 764     {
 765     if (!$this->cleanurls) return;
 766     // find whether ReadHtaccess has been called before
 767     $internal=0;
 768     if (!$this->_htaccessopen)
 769        {
 770        $internal=1; // ReadHtaccess has been called internally
 771        $this->ReadHtaccess();
 772        }
 773     // !!!! test whether syndication is enabled and section is part of the central website
 774     // if not return and do not create rule!!!
 775     // if path is set, add path to rewrite rule
 776     $this->_content.="\r\nRewriteRule ^".$prefix.$this->filename.$suffix."[/]*$ /".$this->path.$type."=".$elementID;
 777     $this->_content=str_replace("\r\n\r\n","\r\n",$this->_content);
 778     $this->_content=str_replace("\n\n","\n",$this->_content);
 779     if ($internal)
 780        {
 781        $this->InsertCleanURL($prefix.$this->filename.$suffix);
 782        $this->WriteHtaccess();
 783        }
 784     }
 785  
 786     /** Delete rewrite rule for element
 787      * @param integer $elementID ID of element to be deleted
 788      * @param string $table table where to search for the filename, if empty article table is assumed
 789      * @param string $type "file.php?elementID=" // e.g. showcar.php?carID=
 790      * @param string $prefix string to prefix clean URL with
 791      * @param string $suffix string to suffix clean URL with
 792      * @return void
 793      */
 794     function DeleteRewriteRule($elementID,$table="",$type="showarticle.php?articleID",$prefix="",$suffix="")
 795     {
 796     if (!$this->cleanurls) return;
 797     // find whether ReadHtaccess has been called before
 798     $internal=0;
 799     if (!$this->_htaccessopen)
 800        {
 801        $internal=1; // ReadHtaccess has been called internally
 802        $this->ReadHtaccess();
 803        }
 804     if (!$table) $table=$this->tableprefix."articles";
 805     $this->DBQuery("SELECT filename FROM ".$table." WHERE ID='".$elementID."'");
 806     $this->DBGetRow();
 807     $filename=$this->access["filename"];
 808     $this->_content=str_replace("RewriteRule ^".$prefix.$filename.$suffix."[/]*$ /".$this->path.$type."=".$elementID,"",$this->_content);
 809     $this->_content=str_replace("\r\n\r\n","\r\n",$this->_content);
 810     $this->_content=str_replace("\n\n","\n",$this->_content);
 811     if ($internal)
 812        {
 813        $this->DeleteCleanURL($prefix.$filename.$suffix);
 814        $this->WriteHtaccess();
 815        }
 816     }
 817  
 818     /** Serialize object for saving to database
 819      * used for keeping serialized copy of object for checking errors
 820      * when form error is encountered, use header to send back
 821      *
 822      */
 823     function SerializeObject($object)
 824     {
 825     // TO-DO: should we walk through variables in object and addslashes() them or base64 encode them?
 826     /*
 827     foreach ($_GET as $key=>$value)
 828             {
 829             $this->$key=$_GET[$key];
 830             if (!is_array($_GET[$key])) $this->$key=stripslashes($_GET[$key]);
 831             }
 832     */
 833     unset($object->username); unset($object->session); unset($object->access);
 834     unset($object->server); unset($object->path); unset($object->pathimages);
 835     unset($object->pathfiles); unset($object->timeout); unset($object->dbserver);
 836     unset($object->dbuser); unset($object->dbpass); unset($object->dbname);
 837     unset($object->tableprefixmod); unset($object->table); unset($object->emailwebmaster);
 838     unset($object->cleanurls); unset($object->sizemaximages); unset($object->thumbwidth);
 839     unset($object->thumbheight); unset($object->jpegquality); unset($object->sizemaxfiles);
 840     unset($object->uploadforbid); unset($object->dateformat); unset($object->charset);
 841     unset($object->textbasic); unset($object->textwarning); unset($object->JPGSupport);
 842     unset($object->GIFSupport); unset($object->PNGSupport); unset($object->rowsnumber);
 843     unset($object->outcome); unset($object->insertID); unset($object->currentuserID);
 844     unset($object->currentuserposition);
 845     $this->DBQuery("SELECT * FROM ".$this->table[8]." ORDER BY module");
 846     while ($this->DBGetRow())
 847           {
 848           $tablename="table".$this->access["directory"];
 849           $varname="var".$this->access["directory"];
 850           $textname="text".$this->access["directory"];
 851           unset($object->$tablename);
 852           unset($object->$varname);
 853           unset($object->$textname);
 854           }
 855     return serialize($object);
 856     }
 857  
 858     /** Serialize object for saving to database
 859      * used for keeping serialized copy of object for checking errors
 860      * when form error is encountered, use header to send back
 861      *
 862      */
 863     function UnserializeObject($object)
 864     {
 865     return unserialize($object);
 866     }
 867  
 868     /** Cleans up the HTML code created by WYSIWYG editor (Richt text editor)
 869      * Tries to make the code XHTML 1.0 Strict (web standards compliant)
 870      * @return string cleaned & formatted code
 871      */
 872     function WYSIWYGtoXHTML($text)
 873     {
 874     $text=stripslashes($text);
 875     $length=strlen($text);
 876     // Make HTML tags lowercase
 877     for ($i=0;$i<$length;$i++)
 878         {
 879         if ($text[$i]=="<")
 880            {
 881            while ($text[$i]<>">")
 882                  {
 883                  if (substr($text,$i,4)=="href" OR substr($text,$i,4)=="HREF")
 884                     {
 885                     $text=substr_replace($text,'href',$i,4);
 886                     $i=$i+6;
 887                     while ($text[$i]<>'"')
 888                           {
 889                           $i++;
 890                           }
 891                     continue;
 892                     }
 893                  if (substr($text,$i,5)=="title" OR substr($text,$i,5)=="TITLE")
 894                     {
 895                     $text=substr_replace($text,'title',$i,5);
 896                     $i=$i+7;
 897                     while ($text[$i]<>'"')
 898                           {
 899                           $i++;
 900                           }
 901                     continue;
 902                     }
 903                  if (substr($text,$i,3)=="alt" OR substr($text,$i,3)=="ALT")
 904                     {
 905                     $text=substr_replace($text,'alt',$i,3);
 906                     $i=$i+5;
 907                     while ($text[$i]<>'"')
 908                           {
 909                           $i++;
 910                           }
 911                     continue;
 912                     }
 913                  if (substr($text,$i,8)=="longdesc" OR substr($text,$i,8)=="LONGDESC")
 914                     {
 915                     $text=substr_replace($text,'longdesc',$i,8);
 916                     $i=$i+10;
 917                     while ($text[$i]<>'"')
 918                           {
 919                           $i++;
 920                           }
 921                     continue;
 922                     }
 923                  /** BUGGY - memery being exhausted sometimes when using:
 924                   * $text[$i]=strtolower($text[$i]);
 925                   * HACK for the strtolower
 926                   */
 927                  if (ord($text[$i])>=65 AND ord($text[$i])<=90) $text[$i]=chr(ord($text[$i])+32);
 928                  $i++;
 929                  }
 930            }
 931         }
 932     $conversiontable=array(
 933                           '<br>'=>'<br />',
 934                           '<hr>'=>'<hr />',
 935                           '<b>'=>'<strong>',
 936                           '</b>'=>'</strong>',
 937                           '<i>'=>'<em>',
 938                           '</i>'=>'</em>',
 939                           '<u>'=>'<span style="text-decoration: underline;">',
 940                           '</u>'=>'</span>',
 941                           '<font'=>'<span',
 942                           '</font>'=>'</span>',
 943                           'size="1"'=>'style="font-size: xx-small;"',
 944                           'size="2"'=>'style="font-size: x-small;"',
 945                           'size="3"'=>'style="font-size: small;"',
 946                           'size="4"'=>'style="font-size: medium;"',
 947                           'size="5"'=>'style="font-size: large;"',
 948                           'size="6"'=>'style="font-size: x-large;"',
 949                           'size="7"'=>'style="font-size: xx-large;"',
 950                           '&nbsp;'=>' ',
 951                           ' class="msonormal"'=>'',
 952                           ' class="sonormal"'=>'',
 953                           '<?xml:namespace prefix ="o" ns =""urn:schemas-microsoft-com:office:office"" />'=>'',
 954                           '<o:p>'=>'',
 955                           '</o:p>'=>''
 956                           );
 957     // Pre-processing - add quotes to enclose attributes in HTML tags (only IE)
 958     // change HTML tags as per conversion table
 959     $browser=$_SERVER['HTTP_USER_AGENT'];
 960     if (strpos($browser,'MSIE')===TRUE) $text=ereg_replace('=([^\ |^>]+)','="\\1"',$text);
 961     while (eregi('&nbsp;&nbsp;',$text))
 962           {
 963           $text=ereg_replace('&nbsp;&nbsp;','&nbsp;',$text);
 964           }
 965     $text=strtr($text,$conversiontable);
 966     // Processing - change few tags with values
 967     $text=ereg_replace('<img ([^>]+)>','<img \\1 />',$text);
 968     $text=ereg_replace(' valign="([^"]+)"','',$text);
 969     $text=ereg_replace('align="([^"]+)"','style="text-align: \\1;"',$text);
 970     $text=ereg_replace('face="([^"]+)"','style="font-family: \\1;"',$text);
 971     $text=ereg_replace('color="([^"]+)"','style="color: \\1;"',$text);
 972     $text=ereg_replace('border="([^"]+)"','style="border: \\1px;"',$text);
 973     $text=ereg_replace('cellpadding="([^"]+)"','style="padding: \\1px;"',$text);
 974     $text=ereg_replace(' cellspacing="([^"]+)"','',$text);
 975     $text=ereg_replace(' lang="([^"]+)"','',$text);
 976     $text=ereg_replace(' style="mso-([^"]+)"','',$text);
 977     $text=str_replace('<b style="">','<strong>',$text);
 978     // Post-processing - redundant tag attributes are joined into one tag
 979     // comment tags, empty paragraphs and span tags are removed
 980     $text=ereg_replace('<!--([^>]+)>','',$text);
 981     while (eregi('<span style="font-weight: bold;">([^<]+)</span>',$text))
 982           {
 983           $text=ereg_replace('<span style="font-weight: bold;">([^<]+)</span>','<strong>\\1</strong>',$text);
 984           }
 985     while (eregi('style="([^"]+)" style="([^"]+)"',$text))
 986           {
 987           $text=ereg_replace('style="([^"]+)" style="([^"]+)"','style="\\1 \\2"',$text);
 988           }
 989     while (eregi('<span style="([^"]+)"><span style="([^"]+)">([^<]+)</span></span>',$text))
 990           {
 991           $text=ereg_replace('<span style="([^"]+)"><span style="([^"]+)">([^<]+)</span></span>','<span style="\\1 \\2">\\3</span>',$text);
 992           }
 993     // while (eregi('style="\s([A-Za-z]+)\s"'
 994     $text=ereg_replace('style="\s([A-Za-z]+)\s"','\\1',$text);
 995     $text=ereg_replace('<span>([^>]+)</span>','\\1',$text);
 996     $text=ereg_replace('<span></span>','',$text);
 997     $text=ereg_replace('<span>[ ]{1,}</span>','',$text);
 998     $text=ereg_replace('<span[^>]+></span>','',$text);
 999     $text=ereg_replace('<span[^>]+>[ ]{1,}</span>','',$text);
1000     // NEXT LINE IS BUGGY - CHECK!!!!!
1001     //$text=ereg_replace('<span[^>]+>(.[^<]+)</span>','\\1',$text);
1002     while (eregi('<p[^>]+></p>',$text))
1003           {
1004           $text=ereg_replace('<p[^>]+></p>','',$text);
1005           }
1006     $text=ereg_replace('<p[^>]+>[ ]{1,}</p>','',$text);
1007     /** UNFINISHED: Post-processing - double breaks are converted to paragraphs
1008      * @todo: complete paragraph counting with stack and jumps
1009      * $text=str_replace('<br /><br />','</p><p>',$text);
1010      * paragraph counting is done to ensure both opening and closing tags are present
1011     /*
1012     $parcount=0;
1013     for ($i=0;$i<$length;$i++)
1014         {
1015         if ($text[$i]=="<")
1016            {
1017            if ($text[$i+1]=='p' AND $text[$i+2]=='>') $parcount++;
1018            if ($text[$i+1]=='/' AND $text[$i+2]=='p') $parcount--;
1019            $i=$i+2;
1020            }
1021         if ($parcount<0)
1022            {
1023            // find position where opening paragraph tag should be inserted
1024            }
1025         }
1026     */
1027     $text=addslashes($text);
1028     return $text;
1029     }
1030  
1031     /** Searches for modules available in the system
1032      * @access private
1033      * @param array $requestedmodules requested modules for (un)installation (directory name)
1034      * if empty, then traverse the module directory to fetch all modules
1035      * @return array
1036      */
1037     function RetrieveModules($requestedmodules="")
1038     {
1039     $modules=array();
1040     if (!$requestedmodules)
1041        {
1042        @$dirhandle=opendir('modules/');
1043        while ((@$moduledir=readdir($dirhandle))!==false)
1044              {
1045              if ($moduledir=='.' OR $moduledir=='..') continue;
1046              if (file_exists('modules/'.$moduledir.'/module.xml'))
1047                 {
1048                 @$moduleinfo=join('',file('modules/'.$moduledir.'/module.xml'));
1049                 eregi("[^<]+<name>([^<]+)</name>",$moduleinfo,$regs);
1050                 $name=trim($regs[1]);
1051                 $regs[1]="";
1052                 eregi("[^<]+<minversion>([^<]+)</minversion>",$moduleinfo,$regs);
1053                 $minversion=$regs[1];
1054                 $regs[1]="";
1055                 eregi("[^<]+<author>([^<]+)</author>",$moduleinfo,$regs);
1056                 $author=$regs[1];
1057                 $regs[1]="";
1058                 eregi("[^<]+<website>([^<]+)</website>",$moduleinfo,$regs);
1059                 $website=$regs[1];
1060                 $regs[1]="";
1061                 eregi("[^<]+<description>([^<]+)</description>",$moduleinfo,$regs);
1062                 $description=$regs[1];
1063                 }
1064                 else continue;
1065             if ($minversion>AE_VERSION) continue;
1066             $guestmodify=0;
1067             if (file_exists('modules/'.$moduledir.'/'.'menu1.php')) $menu[1]=1; else $menu[1]=0;
1068             if (file_exists('modules/'.$moduledir.'/'.'menu2.php')) $menu[2]=1; else $menu[2]=0;
1069             if (file_exists('modules/'.$moduledir.'/'.'menu3.php')) $menu[3]=1; else $menu[3]=0;
1070             if (file_exists('modules/'.$moduledir.'/'.'menu4.php')) $menu[4]=1; else $menu[4]=0;
1071             if (file_exists('modules/'.$moduledir.'/'.'menu5.php')) $menu[5]=1; else $menu[5]=0;
1072             if (file_exists('modules/'.$moduledir.'/'.'guestmodify.php')) $guestmodify=1;
1073             $modules[]=array("name"=>$name,"minversion"=>$minversion,"author"=>$author,"website"=>$website,"description"=>$description,"moduledir"=>$moduledir,"menu1"=>$menu[1],"menu2"=>$menu[2],"menu3"=>$menu[3],"menu4"=>$menu[4],"menu5"=>$menu[5],"guestmodify"=>$guestmodify);
1074             }
1075        }
1076     else
1077        {
1078        foreach ($requestedmodules as $moduledir)
1079                {
1080                if (file_exists('modules/'.$moduledir.'/module.xml'))
1081                   {
1082                   @$moduleinfo=join('',file('modules/'.$moduledir.'/module.xml'));
1083                   eregi("[^<]+<name>([^<]+)</name>",$moduleinfo,$regs);
1084                   $name=trim($regs[1]);
1085                   $regs[1]="";
1086                   eregi("[^<]+<minversion>([^<]+)</minversion>",$moduleinfo,$regs);
1087                   $minversion=$regs[1];
1088                   $regs[1]="";
1089                   eregi("[^<]+<author>([^<]+)</author>",$moduleinfo,$regs);
1090                   $author=$regs[1];
1091                   $regs[1]="";
1092                   eregi("[^<]+<website>([^<]+)</website>",$moduleinfo,$regs);
1093                   $website=$regs[1];
1094                   $regs[1]="";
1095                   eregi("[^<]+<description>([^<]+)</description>",$moduleinfo,$regs);
1096                   $description=$regs[1];
1097                   }
1098                else continue;
1099                if ($minversion>AE_VERSION) continue;
1100                $guestmodify=0;
1101                if (file_exists('modules/'.$moduledir.'/'.'menu1.php')) $menu[1]=1; else $menu[1]=0;
1102                if (file_exists('modules/'.$moduledir.'/'.'menu2.php')) $menu[2]=1; else $menu[2]=0;
1103                if (file_exists('modules/'.$moduledir.'/'.'menu3.php')) $menu[3]=1; else $menu[3]=0;
1104                if (file_exists('modules/'.$moduledir.'/'.'menu4.php')) $menu[4]=1; else $menu[4]=0;
1105                if (file_exists('modules/'.$moduledir.'/'.'menu5.php')) $menu[5]=1; else $menu[5]=0;
1106                if (file_exists('modules/'.$moduledir.'/'.'guestmodify.php')) $guestmodify=1;
1107                $modules[]=array("name"=>$name,"minversion"=>$minversion,"author"=>$author,"website"=>$website,"description"=>$description,"moduledir"=>$moduledir,"menu1"=>$menu[1],"menu2"=>$menu[2],"menu3"=>$menu[3],"menu4"=>$menu[4],"menu5"=>$menu[5],"guestmodify"=>$guestmodify);
1108                }
1109        }
1110     return $modules;
1111     }
1112  
1113     /** Install hooks for the module entered, if no module, then core hooks ???
1114      * @access private
1115      * @param string module module directory
1116      * @return boolean true on success
1117      */
1118     function InstallHooks($moduledir="")
1119     {
1120     if ($moduledir) $moduledirfull="modules/".$moduledir."/";
1121     if (file_exists(TEMPDIR.$moduledirfull."hooks.txt"))
1122        {
1123        @$hooks=file(TEMPDIR.$moduledirfull."hooks.txt");
1124        foreach ($hooks as $value)
1125                {
1126                $temp=explode(" ",$value);
1127                // Hook module on the hook
1128                if (strpos($temp[0],"*")===FALSE)
1129                   {
1130                   $this->DBQuery("SELECT * FROM ".$this->table[14]." WHERE hook='".$temp[0]."'");
1131                   // If hook is already active, find alternative hook
1132                   // (last hook related to original hook)
1133                   if ($this->rowsnumber)
1134                      {
1135                      // Find action (add/update/delete) in case, when more hooks available
1136                      $action=explode("_",$temp[0]);
1137                      $action=$action[0];
1138                      while ($this->DBGetRow())
1139                            {
1140                            $tempmoduledir=$this->access["moduledir"];
1141                            $this->DBQuery("SELECT hook FROM ".$this->table[15]." WHERE moduledir='".$tempmoduledir."' AND hook LIKE '%".$action."%'");
1142                            // If required action does not exist, try to find first available
1143                            if (!$this->rowsnumber) $this->DBQuery("SELECT hook FROM ".$this->table[15]." WHERE moduledir='".$tempmoduledir."'");
1144                            $this->DBGetRow();
1145                            $hook=$this->access["hook"];
1146                            $this->DBQuery("SELECT * FROM ".$this->table[14]." WHERE hook='".$hook."'");
1147                            }
1148                      $this->DBQuery("INSERT INTO ".$this->table[14]." VALUES ('".$moduledir."','".$hook."','".$temp[1]."')");
1149                      }
1150                   // Hook is not active, continue and create active hook
1151                   else
1152                      {
1153                      $this->DBQuery("INSERT INTO ".$this->table[14]." VALUES ('".$moduledir."','".$temp[0]."','".$temp[1]."')");
1154                      }
1155                   }
1156                // Module offers new public hooks (when * asterisk is the 0th char)
1157                else
1158                   {
1159                   $temp[0]=str_replace("*","",$temp[0]);
1160                   $this->DBQuery("INSERT INTO ".$this->table[15]." VALUES ('".$moduledir."','".$temp[0]."','".$temp[1]."')");
1161                   }
1162                 }
1163        }
1164     return TRUE;
1165     }
1166  
1167     /** Uninstall hooks for the module entered, if no module, then core hooks ???
1168      * @access private
1169      * @param string module module directory
1170      * @return boolean true on success
1171      */
1172     function UninstallHooks($moduledir="")
1173     {
1174     if ($moduledir) $moduledirfull="modules/".$moduledir."/";
1175     $this->DBQuery("SELECT hook FROM ".$this->table[15]." WHERE moduledir='".$moduledir."'");
1176     while ($this->DBGetRow())
1177           {
1178           $temp=$this->outcome;
1179           $hook=$this->access["hook"];
1180           $action=explode("_",$temp[0]);
1181           $action=$action[0];
1182           // find, if there is module hooked on module being unistalled
1183           $this->DBQuery("SELECT moduledir FROM ".$this->table[14]." WHERE hook='".$hook."'");
1184           $this->DBGetRow();
1185           $tempmoduledir=$this->access["moduledir"]; // da nam seo
1186           // check whether module is related to module uninstalled or original hook
1187           if (file_exists(TEMPDIR."modules/".$tempmoduledir."/hooks.txt"))
1188              {
1189              @$temphooks=join('',file(TEMPDIR."modules/".$tempmoduledir."/hooks.txt"));
1190              // if there is no direct relation between modules
1191              // move last module close to original hook
1192              if (strpos($temphooks,$hook)===FALSE)
1193                 {
1194                 $this->DBQuery("SELECT hook FROM ".$this->table[14]." WHERE moduledir='".$moduledir."' AND hook LIKE '%".$action."%'");
1195                 $this->DBGetRow();
1196                 $hook=$this->access["hook"];
1197                 $this->DBQuery("UPDATE ".$this->table[14]." SET hook='".$hook."' WHERE moduledir='".$tempmoduledir."'");
1198                 }
1199              // if direct hook exists, delete it
1200              else
1201                 {
1202                 $this->DBQuery("DELETE FROM ".$this->table[14]." WHERE moduledir='".$tempmoduledir."'");
1203                 }
1204              }
1205           $this->outcome=$temp;
1206           }
1207     $this->DBQuery("DELETE FROM ".$this->table[14]." WHERE moduledir='".$moduledir."'");
1208     $this->DBQuery("DELETE FROM ".$this->table[15]." WHERE moduledir='".$moduledir."'");
1209     return TRUE;
1210     }
1211  
1212     /** Install system.sql for the module entered, if no module, then core system.sql
1213      * @access private
1214      * @param string module module directory
1215      * @return boolean true on success
1216      */
1217     function InstallSQL($moduledir="")
1218     {
1219     if ($moduledir) $moduledirfull="modules/".$moduledir."/";
1220     @include (TEMPDIR.$moduledirfull."settings.php");
1221     $tablename="table".$moduledir;
1222     if (is_array($$tablename))
1223        {
1224        foreach ($$tablename as $value)
1225                {
1226                if (!$moduledir) $value=$this->tableprefix.$value;
1227                else $value=$this->tableprefixmod.$value;
1228                $this->DBQuery("DROP TABLE IF EXISTS ".$value);
1229                }
1230        }
1231     if (file_exists(TEMPDIR.$moduledirfull."system.sql")) @$sql=join('',file(TEMPDIR.$moduledirfull."system.sql"));
1232     $sql=explode(";",$sql);
1233     if (is_array($sql))
1234        {
1235        foreach ($sql as $value)
1236                {
1237                $value=trim($value);
1238                if ($value) $this->DBQuery($value);
1239                }
1240        }
1241     return TRUE;
1242     }
1243  
1244     /** Uninstall database tables for the module entered, if no module, then core tables
1245      * @access private
1246      * @param string module module directory
1247      * @return boolean true on success
1248      */
1249     function UninstallSQL($moduledir="")
1250     {
1251     if ($moduledir) $moduledirfull="modules/".$moduledir."/";
1252     @include (TEMPDIR.$moduledirfull."settings.php");
1253     $tablename="table".$moduledir;
1254     if (is_array($$tablename))
1255        {
1256        foreach ($$tablename as $value)
1257                {
1258                if (!$moduledir ) $value=$this->tableprefix.$value;
1259                else $value=$this->tableprefixmod.$value;
1260                $this->DBQuery("DROP TABLE IF EXISTS ".$value);
1261                }
1262        }
1263     return TRUE;
1264     }
1265  
1266  
1267  
1268     // Sets variables received through POST/GET/COOKIE (forms and links mostly)
1269     // Add slashes if $mode=1, strip slashes when $mode=0 (by default)
1270     function RequestVariables($mode=0)
1271     {
1272     // Strip slashes
1273     if ($mode==0)
1274        {
1275        if (!ini_get('magic_quotes_gpc'))
1276           {
1277           foreach ($_COOKIE as $key=>$value)
1278                   {
1279                   if (!is_array($value))
1280                      {
1281                      $this->$key=stripslashes($value);
1282                      }
1283                   else
1284                      {
1285                      foreach ($value as $keyarr=>$valuearr)
1286                              {
1287                              if (!is_array($valuearr))
1288                                 {
1289                                 $this->{$key}[$keyarr]=stripslashes($valuearr);
1290                                 }
1291                              else
1292                                 {
1293                                 foreach ($valuearr as $keyarr2=>$valuearr2)
1294                                         {
1295                                         $this->{$key}[$keyarr][$keyarr2]=stripslashes($valuearr2);
1296                                         }
1297                                 }
1298                              }
1299                      }
1300                   }
1301           foreach ($_GET as $key=>$value)
1302                   {
1303                   if (!is_array($value))
1304                      {
1305                      $this->$key=stripslashes($value);
1306                      }
1307                   else
1308                      {
1309                      foreach ($value as $keyarr=>$valuearr)
1310                              {
1311                              if (!is_array($valuearr))
1312                                 {
1313                                 $this->{$key}[$keyarr]=stripslashes($valuearr);
1314                                 }
1315                              else
1316                                 {
1317                                 foreach ($valuearr as $keyarr2=>$valuearr2)
1318                                         {
1319                                         $this->{$key}[$keyarr][$keyarr2]=stripslashes($valuearr2);
1320                                         }
1321                                 }
1322                              }
1323                      }
1324                   }
1325           foreach ($_POST as $key=>$value)
1326                   {
1327                   if (!is_array($value))
1328                      {
1329                      $this->$key=stripslashes($value);
1330                      }
1331                   else
1332                      {
1333                      foreach ($value as $keyarr=>$valuearr)
1334                              {
1335                              if (!is_array($valuearr))
1336                                 {
1337                                 $this->{$key}[$keyarr]=stripslashes($valuearr);
1338                                 }
1339                              else
1340                                 {
1341                                 foreach ($valuearr as $keyarr2=>$valuearr2)
1342                                         {
1343                                         $this->{$key}[$keyarr][$keyarr2]=stripslashes($valuearr2);
1344                                         }
1345                                 }
1346                              }
1347                      }
1348                   }
1349           }
1350        else
1351           {
1352           foreach ($_COOKIE as $key=>$value)
1353                   {
1354                   $this->$key=$_COOKIE[$key];
1355                   }
1356           foreach ($_GET as $key=>$value)
1357                   {
1358                   $this->$key=$_GET[$key];
1359                   }
1360           foreach ($_POST as $key=>$value)
1361                   {
1362                   $this->$key=$_POST[$key];
1363                   }
1364           }
1365        }
1366     // Add slashes
1367     if ($mode==1)
1368        {
1369        if (!ini_get('magic_quotes_gpc'))
1370           {
1371           foreach ($_COOKIE as $key=>$value)
1372                   {
1373                   if (!is_array($value))
1374                      {
1375                      $this->$key=addslashes($value);
1376                      }
1377                   else
1378                      {
1379                      foreach ($value as $keyarr=>$valuearr)
1380                              {
1381                              if (!is_array($valuearr))
1382                                 {
1383                                 $this->{$key}[$keyarr]=addslashes($valuearr);
1384                                 }
1385                              else
1386                                 {
1387                                 foreach ($valuearr as $keyarr2=>$valuearr2)
1388                                         {
1389                                         $this->{$key}[$keyarr][$keyarr2]=addslashes($valuearr2);
1390                                         }
1391                                 }
1392                              }
1393                      }
1394                   }
1395           foreach ($_POST as $key=>$value)
1396                   {
1397                   if (!is_array($value))
1398                      {
1399                      $this->$key=addslashes($value);
1400                      }
1401                   else
1402                      {
1403                      foreach ($value as $keyarr=>$valuearr)
1404                              {
1405                              if (!is_array($valuearr))
1406                                 {
1407                                 $this->{$key}[$keyarr]=addslashes($valuearr);
1408                                 }
1409                              else
1410                                 {
1411                                 foreach ($valuearr as $keyarr2=>$valuearr2)
1412                                         {
1413                                         $this->{$key}[$keyarr][$keyarr2]=addslashes($valuearr2);
1414                                         }
1415                                 }
1416                              }
1417                      }
1418                   }
1419           foreach ($_GET as $key=>$value)
1420                   {
1421                   if (!is_array($value))
1422                      {
1423                      $this->$key=addslashes($value);
1424                      }
1425                   else
1426                      {
1427                      foreach ($value as $keyarr=>$valuearr)
1428                              {
1429                              if (!is_array($valuearr))
1430                                 {
1431                                 $this->{$key}[$keyarr]=addslashes($valuearr);
1432                                 }
1433                              else
1434                                 {
1435                                 foreach ($valuearr as $keyarr2=>$valuearr2)
1436                                         {
1437                                         $this->{$key}[$keyarr][$keyarr2]=addslashes($valuearr2);
1438                                         }
1439                                 }
1440                              }
1441                      }
1442                   }
1443           }
1444        else
1445           {
1446           foreach ($_COOKIE as $key=>$value)
1447                   {
1448                   $this->$key=$_COOKIE[$key];
1449                   }
1450           foreach ($_POST as $key=>$value)
1451                   {
1452                   $this->$key=$_POST[$key];
1453                   }
1454           foreach ($_GET as $key=>$value)
1455                   {
1456                   $this->$key=$_GET[$key];
1457                   }
1458           }
1459        foreach ($_FILES as $key=>$value)
1460                {
1461                $this->$key=$_FILES[$key];
1462                }
1463        }
1464     }
1465  
1466  /* ****************************************************************************************
1467  *******************************************************************************************
1468  ******************************** FUNCTIONS FOR PUBLIC PAGES *******************************
1469  *******************************************************************************************
1470  **************************************************************************************** */
1471  
1472     // Initializes variables for use in public pages
1473     function PublicInitialize()
1474     {
1475     $this->DBConnect();
1476     $this->pathimages=str_replace("../","",$this->pathimages);
1477     $this->pathfiles=str_replace("../","",$this->pathfiles);
1478     $this->DBQuery("SELECT * FROM ".$this->table[8]." ORDER BY module");
1479     while ($this->DBGetRow())
1480           {
1481           $directory=$this->access["directory"];
1482           $variablename="var".$directory;
1483           $tablename="table".$directory;
1484           $file="variables.php";
1485           if (file_exists(TEMPDIR.'modules/'.$directory.'/'.$file))
1486              {
1487              @include(TEMPDIR.'modules/'.$directory.'/'.$file);
1488              }
1489           elseif (file_exists(TEMPDIR.'modules/'.$directory.'/'.'variables.php'))
1490              {
1491              @include(TEMPDIR.'modules/'.directory.'/'.'variables.php');
1492              }
1493           $this->charset=$charset;
1494           if (file_exists(TEMPDIR.'modules/'.$directory.'/'.'settings.php'))
1495              {
1496              @include(TEMPDIR.'modules/'.$directory.'/'.'settings.php');
1497              if (isset($$tablename) AND is_array($$tablename))
1498                 {
1499                 foreach ($$tablename as $key=>$value)
1500                         {
1501                         $this->{$tablename}[$key]=$this->tableprefixmod.$value;
1502                         }
1503                 }
1504              if (isset($$variablename) AND is_array($$variablename))
1505                 {
1506                 foreach ($$variablename as $key=>$value)
1507                         {
1508                         $this->{$variablename}[$key]=$value;
1509                         }
1510                 }
1511              }
1512           }
1513     }
1514  
1515  }
1516  
1517  ?>

title

Description

title

Description

title

Description

title

title

Body