public function __construct() { parent::__construct(); $this->load->model('mp_master'); if (!User::IsAuthenticated()) { redirect('/login'); } $this->user = User::GetCurrentUser(); $this->load->model('mp_pandora'); }
header("Pragma: no-cache"); header("Content-Type: text/html"); header("Connection:"); header("Content-length:"); echo "Vote successful."; Error::generate('debug', 'memcached delete ' . $params['cid']); $p = (int) $params['id']; $crs = new CourseDefn($p); $success = $crs->load(); $memcached->delete($crs->cid); } } } else { if ($action == 'post') { // post a comment if (!$params['owner'] || !User::IsAuthenticated()) { //check_perms(false); Error::generate('warn', 'Must be logged in to post a comment.', Error::$FLAGS['single']); die('Must be logged in to post a comment.'); } else { if (!($cid = Comment::Create(array('subject' => xssfilterstring($params['subject']), 'body' => xssfilterstring($params['body']), 'owner' => User::GetAuthenticatedID(), 'id' => xssfilterint($params['cid']))))) { Error::generate('warn', 'Could not create comment.', Error::$FLAGS['single']); } } } else { if ($action == 'check_lock') { // check the status of a comment lock header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache");
function IsUserInRole($username, $role) { if (empty($role)) { debug_print_backtrace(); return; } if (empty($username)) { //test myself if (!User::IsAuthenticated()) { return FALSE; } $username = $_SESSION["PANDORA_USERNAME"]; } if (isset(User::$userRole[$username . "_" . $role])) { return User::$userRole[$username . "_" . $role]; } $dbObj = $this->load->database('default', TRUE); $dbObj->where('role', $role); $dbObj->where('user_id', $username); $dbQuery = $dbObj->get('user_roles'); User::$userRole[$username . "_" . $role] = $dbQuery->num_rows() > 0; return User::$userRole[$username . "_" . $role]; }
$attribs = ResourceReport::Get($id); $args['info'] = array(); $attribs['user_name'] = User::GetAttrib($attribs['user_id'], 'name'); $attribs['resource_subject'] = get_subject($attribs['resource_id'], $attribs['type']); if (!$attribs) { Error::generate('notice', 'Invalid ID in action show.'); header("Location: {$PAGE_REL_URL}"); } else { foreach ($attribs as $k => $v) { $args['info'][] = array($k, $v); } include "views/show.view.php"; } } else { if ($action == 'create') { if (!$params['uid'] || !User::IsAuthenticated()) { check_perms(false); } else { if (!ResourceReport::Create(array('user_id' => User::GetAuthenticatedID(), 'resource_id' => $params['cid'], 'comments' => $params['comments'], 'type' => $params['type']))) { header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); header("Content-Type: text/html"); header("Connection:"); header("Content-length:"); echo "Could not report."; } else { header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache, must-revalidate");
redirect_raw($_SESSION['last_rendered_page']); } else { redirect(); } } } } else { if ($action == 'upload') { $fparts = explode('.', $_FILES['file']['name']); $ext = end($fparts); // TODO: Check file extension. if (!isset($_FILES['file'])) { Error::generate('notice', 'No file specified.'); include "views/upload.view.php"; } else { if (!User::IsAuthenticated()) { Error::generate('notice', 'Not logged in.'); include "views/upload.view.php"; } else { if ($_FILES['file']['error'] != UPLOAD_ERR_OK) { Error::generate('debug', 'File upload error: ' . $_FILES['file']['error']); switch ($_FILES['file']['error']) { case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: Error::generate('notice', 'File too big.'); include "views/upload.view.php"; break; case UPLOAD_ERR_PARTIAL: case UPLOAD_ERR_NO_TMP_DIR: case UPLOAD_ERR_CANT_WRITE: case UPLOAD_ERR_EXTENSION: