The 'cometchat' folder should be placed at /cometchat"; exit; } include_once(dirname(dirname(dirname(__FILE__))).DIRECTORY_SEPARATOR.'configuration.php'); define('navigate_up','../'); }else{ include_once(dirname(dirname(__FILE__)).DIRECTORY_SEPARATOR.'configuration.php'); define('navigate_up',''); } $config = new JConfig; $secret = $config->secret; // DO NOT EDIT DATABASE VALUES BELOW // DO NOT EDIT DATABASE VALUES BELOW // DO NOT EDIT DATABASE VALUES BELOW define('DB_SERVER', $config->host ); define('DB_PORT', '3306' ); define('DB_USERNAME', $config->user ); define('DB_PASSWORD', $config->password ); define('DB_NAME', $config->db ); define('TABLE_PREFIX', $config->dbprefix ); define('DB_USERTABLE', 'users' ); define('DB_USERTABLE_NAME', 'name' ); define('DB_USERTABLE_USERID', 'id' ); define('DB_AVATARTABLE', " left join ".TABLE_PREFIX."community_users on ".TABLE_PREFIX."community_users.userid = ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID."" ); define('DB_AVATARFIELD', " ".TABLE_PREFIX."community_users.thumb " ); ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// /* FUNCTIONS */ function getUserID() { global $secret; $userid = 0; if (!empty($_SESSION['basedata']) && $_SESSION['basedata'] != 'null') { $_REQUEST['basedata'] = $_SESSION['basedata']; } if (!empty($_REQUEST['basedata'])) { if (function_exists('mcrypt_encrypt') && defined('ENCRYPT_USERID') && ENCRYPT_USERID == '1') { $key = ""; if( defined('KEY_A') && defined('KEY_B') && defined('KEY_C') ){ $key = KEY_A.KEY_B.KEY_C; } $uid = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode(rawurldecode($_REQUEST['basedata'])), MCRYPT_MODE_CBC, md5(md5($key))), "\0"); if (intval($uid) > 0) { $userid = $uid; } } else { $userid = $_REQUEST['basedata']; } } $hash = md5(md5($secret.'site')); if (!empty($_COOKIE[$hash])) { $sql = "SELECT userid FROM ".TABLE_PREFIX."session where session_id='".$_COOKIE[$hash]."'"; $res = mysqli_query($GLOBALS['dbh'],$sql); $row = mysqli_fetch_assoc($res); $userid = $row['userid']; } $userid = intval($userid); return $userid; } function chatLogin($userName,$userPass) { $userid = 0; if (filter_var($userName, FILTER_VALIDATE_EMAIL)) { $sql = ("SELECT * FROM ".TABLE_PREFIX.DB_USERTABLE." WHERE email ='".$userName."'"); } else { $sql = ("SELECT * FROM ".TABLE_PREFIX.DB_USERTABLE." WHERE username ='".$userName."'"); } $result = mysqli_query($GLOBALS['dbh'],$sql); $row = mysqli_fetch_assoc($result); $checkpass = 0; $hash = $row['password']; if (substr($hash, 0, 4) == '$2a$' || substr($hash, 0, 4) == '$2y$'){ if (substr($hash, 0, 4) == '$2y$'){ $type = '$2y$'; } else{ $type = '$2a$'; } $hash = $type . substr($hash, 4); $checkpass = (crypt($userPass, $hash) === $hash); } if (substr($hash, 0, 3) == '$1$'){ $checkpass = (crypt($userPass, $hash) === $hash); } if (preg_match('#[a-z0-9]{32}:[A-Za-z0-9]{32}#', $hash) === 1){ $checkpass = md5($userPass . substr($hash, 33)) == substr($hash, 0, 32); } if ($checkpass) { $userid = $row['id']; if (isset($_REQUEST['callbackfn']) && $_REQUEST['callbackfn'] == 'mobileapp') { $sql = ("insert into cometchat_status (userid,isdevice) values ('".mysqli_real_escape_string($GLOBALS['dbh'],$userid)."','1') on duplicate key update isdevice = '1'"); mysqli_query($GLOBALS['dbh'], $sql); } } if ($userid && function_exists('mcrypt_encrypt') && defined('ENCRYPT_USERID') && ENCRYPT_USERID == '1') { $key = ""; if( defined('KEY_A') && defined('KEY_B') && defined('KEY_C') ){ $key = KEY_A.KEY_B.KEY_C; } $userid = rawurlencode(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $userid, MCRYPT_MODE_CBC, md5(md5($key))))); } return $userid; } function getFriendsList($userid,$time) { global $hideOffline; $offlinecondition = ''; $sql = ("select DISTINCT ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." userid, ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_NAME." username, ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." link, ".DB_AVATARFIELD." avatar, cometchat_status.lastactivity lastactivity, cometchat_status.status, ".TABLE_PREFIX."community_users.status message, cometchat_status.isdevice from ".TABLE_PREFIX."community_connection join ".TABLE_PREFIX.DB_USERTABLE." on ".TABLE_PREFIX."community_connection.connect_to = ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." left join cometchat_status on ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." = cometchat_status.userid ".DB_AVATARTABLE." where ".TABLE_PREFIX."community_connection.status = '1' and ".TABLE_PREFIX."community_connection.connect_from = '".mysqli_real_escape_string($GLOBALS['dbh'],$userid)."' order by username asc"); if ((defined('MEMCACHE') && MEMCACHE <> 0) || DISPLAY_ALL_USERS == 1) { if ($hideOffline) { $offlinecondition = "where ((cometchat_status.lastactivity > (".mysqli_real_escape_string($GLOBALS['dbh'],$time)."-".((ONLINE_TIMEOUT)*2).")) OR cometchat_status.isdevice = 1) and (cometchat_status.status IS NULL OR cometchat_status.status <> 'invisible' OR cometchat_status.status <> 'offline')"; } $sql = ("select DISTINCT ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." userid, ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_NAME." username, ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." link, ".DB_AVATARFIELD." avatar, cometchat_status.lastactivity lastactivity, cometchat_status.status, ".TABLE_PREFIX."community_users.status message, cometchat_status.isdevice from ".TABLE_PREFIX.DB_USERTABLE." left join cometchat_status on ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." = cometchat_status.userid ".DB_AVATARTABLE." ".$offlinecondition." order by username asc"); } return $sql; } function getFriendsIds($userid) { $sql = ("select ".TABLE_PREFIX."community_connection.connect_to friendid from ".TABLE_PREFIX."community_connection where ".TABLE_PREFIX."community_connection.status = '1' and ".TABLE_PREFIX."community_connection.connect_from = '".mysqli_real_escape_string($GLOBALS['dbh'],$userid)."'"); return $sql; } function getUserDetails($userid) { $sql = ("select ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." userid, ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_NAME." username, ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." link, ".DB_AVATARFIELD." avatar, cometchat_status.lastactivity lastactivity, cometchat_status.status, cometchat_status.message, cometchat_status.isdevice from ".TABLE_PREFIX.DB_USERTABLE." left join cometchat_status on ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." = cometchat_status.userid ".DB_AVATARTABLE." where ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." = '".mysqli_real_escape_string($GLOBALS['dbh'],$userid)."'"); return $sql; } function updateLastActivity($userid) { $sql = ("insert into cometchat_status (userid,lastactivity) values ('".mysqli_real_escape_string($GLOBALS['dbh'],$userid)."','".getTimeStamp()."') on duplicate key update lastactivity = '".getTimeStamp()."'"); return $sql; } function getUserStatus($userid) { $sql = ("select ".TABLE_PREFIX."community_users.status message, cometchat_status.status from ".TABLE_PREFIX."community_users left join cometchat_status on ".TABLE_PREFIX."community_users.userid = cometchat_status.userid where ".TABLE_PREFIX."community_users.userid = ".mysqli_real_escape_string($GLOBALS['dbh'],$userid)); return $sql; } function fetchLink($link) { return BASE_URL.navigate_up.'../index.php?option=com_community&view=profile&userid='.$link; } function getAvatar($image) { if(empty($image)) { $image = 'components/com_community/assets/default_thumb.jpg'; } return BASE_URL.navigate_up.'../'.$image; } function getTimeStamp() { return time(); } function processTime($time) { return $time; } if (!function_exists('getLink')) { function getLink($userid) { return fetchLink($userid); } } ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// /* HOOKS */ function hooks_updateLastActivity($userid) { } function hooks_statusupdate($userid,$statusmessage) { $today = date("Y-m-d H:i:s"); $sql = ("insert into ".TABLE_PREFIX."community_activities (actor,target,title,app,cid,created,points) values ('".$userid."','".$userid."','".mysqli_real_escape_string($GLOBALS['dbh'],sanitize($statusmessage))."','profile',$userid,NOW(),1)"); $query = mysqli_query($GLOBALS['dbh'],$sql); $last_id = mysqli_insert_id($GLOBALS['dbh']); $sql1 = mysqli_query($GLOBALS['dbh'],"SELECT * FROM ".TABLE_PREFIX."community_activities LIMIT 1"); $query1 = mysqli_fetch_assoc($sql1); if($query1['like_id']){ $sql=("update ".TABLE_PREFIX."community_activities set like_id ='".$last_id."',like_type='profile.status' where id='".$last_id."'"); $query=mysqli_query($GLOBALS['dbh'],$sql); } if($query1['comment_id']){ $sql=("update ".TABLE_PREFIX."community_activities set comment_id ='".$last_id."',comment_type='profile.status' where id='".$last_id."'"); $query=mysqli_query($GLOBALS['dbh'],$sql); } $sql = ("update ".TABLE_PREFIX."community_users set status = '".mysqli_real_escape_string($GLOBALS['dbh'],sanitize($statusmessage))."' where ".TABLE_PREFIX."community_users.userid = ".mysqli_real_escape_string($GLOBALS['dbh'],$userid)); $query = mysqli_query($GLOBALS['dbh'],$sql); } function hooks_forcefriends() { } function hooks_activityupdate($userid,$status) { } function hooks_message($userid,$to,$unsanitizedmessage) { if($userid <= 10000000 && !empty($_COOKIE['sync_inbox'])){ $hts = date("Y-m-d H:i:s"); $sql = "SELECT ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_NAME." as name FROM `".TABLE_PREFIX.DB_USERTABLE."` WHERE ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." = ".$userid." "; $res = mysqli_query($GLOBALS['dbh'],$sql); $row = mysqli_fetch_assoc($res); $uname = $row['name']; $sql = ("SELECT max(parent) as parent FROM ".TABLE_PREFIX."community_msg left join ".TABLE_PREFIX."community_msg_recepient on ".TABLE_PREFIX."community_msg.id= ".TABLE_PREFIX."community_msg_recepient.msg_id where ".TABLE_PREFIX."community_msg.subject = 'Chat' and ".TABLE_PREFIX."community_msg.deleted = 0 and ".TABLE_PREFIX."community_msg_recepient.deleted = 0 and ( (".TABLE_PREFIX."community_msg_recepient.msg_from =".$userid." and ".TABLE_PREFIX."community_msg_recepient.to = ".$to.") or (".TABLE_PREFIX."community_msg_recepient.msg_from =".$to." and ".TABLE_PREFIX."community_msg_recepient.to = ".$userid.") ) " ); $res = mysqli_query($GLOBALS['dbh'],$sql); $row = mysqli_fetch_assoc($res); if($row['parent']==null){ $sql = ("INSERT INTO `".TABLE_PREFIX."community_msg`(`from`, `parent`, `deleted`, `from_name`, `posted_on`, `subject`, `body`) VALUES (".$userid.",1000000,0,'".$uname."','".$hts."','Chat','".$unsanitizedmessage."')"); $res=mysqli_query($GLOBALS['dbh'],$sql); $msg_id = mysqli_insert_id($GLOBALS['dbh']); $parent = $msg_id; $sql="UPDATE `".TABLE_PREFIX."community_msg` SET `parent`= ".$parent." WHERE id = ".$msg_id." "; $res=mysqli_query($GLOBALS['dbh'],$sql); }else{ $parent = $row['parent']; $sql = ("INSERT INTO `".TABLE_PREFIX."community_msg`(`from`, `parent`, `deleted`, `from_name`, `posted_on`, `subject`, `body`) VALUES (".$userid.",".$parent.",0,'".$uname."','".$hts."','RE:Chat','".$unsanitizedmessage."')"); $res=mysqli_query($GLOBALS['dbh'],$sql); $msg_id =mysqli_insert_id($GLOBALS['dbh']); } $sql = ("INSERT INTO `".TABLE_PREFIX."community_msg_recepient`(`msg_id`, `msg_parent`, `msg_from`, `to`, `bcc`, `is_read`, `deleted`) VALUES (".$msg_id.",".$parent.",".$userid.",".$to.",0,0,0)"); $res=mysqli_query($GLOBALS['dbh'],$sql); $sql = (" INSERT INTO `".TABLE_PREFIX."communitymessage_approve_track` ( `msg_id`,`published`,`approved_date` ) VALUES ( ".$msg_id.",1,'".$hts6."' ) "); $res = mysqli_query($GLOBALS['dbh'],$sql); } } ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// /* LICENSE */ $p_ = 4; /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////