public function loadExtras(array &$storage, w2p_Core_CAppUI $AppUI, $m, $type = 'tabs')
{
//Set up extra $type
if (!isset($storage['all_' . $type][$m])) {
// For some reason on some systems if you don't set this up
// first you get recursive pointers to the all_$type array, creating
// phantom tabs.
if (!isset($storage['all_' . $type])) {
$storage['all_' . $type] = array();
}
$storage['all_' . $type][$m] = array();
$all_items =& $storage['all_' . $type][$m];
foreach ($AppUI->getActiveModules() as $dir => $notUsed) {
if (!canAccess($dir)) {
continue;
}
$loader = new w2p_FileSystem_Loader();
$modules_items = $loader->readFiles(W2P_BASE_DIR . '/modules/' . $dir . '/', '^' . $m . '_' . substr($type, 0, -1) . '.*\\.php');
foreach ($modules_items as $item) {
// Get the name as the subextension
// cut the module_tab. and the .php parts of the filename
// (begining and end)
$nameparts = explode('.', $item);
$filename = substr($item, 0, -4);
if (count($nameparts) > 3) {
$file = $nameparts[1];
if (!isset($all_items[$file])) {
$all_items[$file] = array();
}
$tabArray =& $all_items[$file];
$name = $nameparts[2];
} else {
$tabArray =& $all_items;
$name = $nameparts[1];
}
$tabArray[] = array('name' => ucfirst(str_replace('_', ' ', $name)), 'file' => W2P_BASE_DIR . '/modules/' . $dir . '/' . $filename, 'module' => $dir);
}
}
} else {
$all_items =& $storage['all_' . $type][$m];
}
}
public function buildHeaderNavigation($rootTag = '', $innerTag = '', $dividingToken = '')
{
$s = '';
$nav = $this->_AppUI->getMenuModules();
$s .= $rootTag != '' ? "<{$rootTag} id=\"headerNav\">" : '';
$links = array();
foreach ($nav as $module) {
if ($module['mod_directory'] == 'system' || $module['mod_directory'] == 'users') {
continue;
}
if (canAccess($module['mod_directory'])) {
$link = $innerTag != '' ? "<{$innerTag}>" : '';
$class = $this->_m == $module['mod_directory'] ? ' class="module"' : '';
$link .= '<a href="?m=' . $module['mod_directory'] . '"' . $class . '>' . $this->_AppUI->_($module['mod_ui_name']) . '</a>';
$link .= $innerTag != '' ? "</{$innerTag}>" : '';
$links[] = $link;
}
}
$s .= implode($dividingToken, $links);
$s .= $rootTag != '' ? "</{$rootTag}>" : '';
return $s;
}
"><span><?php
echo $AppUI->_('My Info');
?>
</span></a>
</td>
<?php
if (canAccess('tasks')) {
?>
<td nowrap="nowrap" align="right">
<a class="button" href="./index.php?m=tasks&a=todo"><span><b><?php
echo $AppUI->_('Todo');
?>
</b></span></a>
</td><?php
}
if (canAccess('calendar')) {
$now = new w2p_Utilities_Date();
?>
<td nowrap="nowrap" align="right">
<a class="button" href="./index.php?m=calendar&a=day_view&date=<?php
echo $now->format(FMT_TIMESTAMP_DATE);
?>
"><span><?php
echo $AppUI->_('Today');
?>
</span></a>
</td><?php
}
?>
<td nowrap="nowrap" align="right">
<a class="button" href="./index.php?logout=-1"><span><?php
function getReadableModule()
{
global $AppUI;
$perms =& $AppUI->acl();
$q = new w2p_Database_Query();
$q->addTable('modules');
$q->addQuery('mod_directory');
$q->addWhere('mod_active = 1');
$q->addOrder('mod_ui_order');
$modules = $q->loadColumn();
foreach ($modules as $mod) {
if (canAccess($mod)) {
return $mod;
}
}
return null;
}
include "pages/auditorMailPage.class.php";
include "pages/auditorMembersPage.class.php";
include "pages/auditorNotificationsPage.class.php";
include "pages/auditorAssetsPage.class.php";
include "pages/auditorJournalPage.class.php";
include "pages/auditorTransactionsPage.class.php";
include "pages/auditorOrdersPage.class.php";
include "pages/auditorContractsPage.class.php";
include "pages/auditorContactsPage.class.php";
foreach ($registered_pages as $name => $page) {
if (CORP_MODE && $page->GetAccMode() != ACC_CHAR_ONLY || !CORP_MODE && $page->GetAccMode() != ACC_CORP_ONLY) {
$eligible_pages[$page->GetName()] = $page;
$mask = $page->GetAccMask(CORP_MODE);
if (is_array($mask)) {
foreach ($mask as $submask) {
if (canAccess($submask)) {
$enabled_pages[$page->GetName()] = $page;
break;
}
}
} else {
if (canAccess($mask)) {
$enabled_pages[$page->GetName()] = $page;
}
}
}
}
if (count($enabled_pages) > 1) {
$eligible_pages["onepage"] = "onepage";
$enabled_pages["onepage"] = "onepage";
}
', 'editFrm', null, true)">
<img src="<?php
echo w2PfindImage('calendar.gif');
?>
" width="24" height="12" alt="<?php
echo $AppUI->_('Calendar');
?>
" border="0" />
</a>
</td>
<td rowspan="6" valign="top">
<?php
if ($AppUI->isActiveModule('contacts') && canView('contacts')) {
echo '<input type="button" class="button" value="' . $AppUI->_('Select contacts...') . '" onclick="javascript:popContacts();" />';
}
if ($AppUI->isActiveModule('departments') && canAccess('departments')) {
//Build display list for departments
$company_id = $project->project_company;
$selected_departments = array();
if ($project_id) {
$myDepartments = CProject::getDepartments($AppUI, $project_id);
$selected_departments = count($myDepartments) > 0 ? array_keys($myDepartments) : array();
}
$departments_count = 0;
$department_selection_list = getDepartmentSelectionList($company_id, $selected_departments);
if ($department_selection_list != '' || $project_id) {
$department_selection_list = $AppUI->_('Departments') . '<br /><select name="project_departments[]" multiple="multiple" class="text"><option value="0"></option>' . $department_selection_list . '</select>';
} else {
$department_selection_list = '<input type="button" class="button" value="' . $AppUI->_('Select department...') . '" onclick="javascript:popDepartment();" /><input type="hidden" name="project_departments"';
}
// Let's check if the actual company has departments registered
function buildHeaderNavigation($AppUI, $rootTag = '', $innerTag = '', $dividingToken = '')
{
$s = '';
$nav = $AppUI->getMenuModules();
$perms = $AppUI->acl();
$s .= $rootTag != '' ? "<{$rootTag} id=\"headerNav\">" : '';
$links = array();
foreach ($nav as $module) {
if (canAccess($module['mod_directory'])) {
$link = $innerTag != '' ? "<{$innerTag}>" : '';
//$link .= '<a href="?m=' . $module['mod_directory'] . '">' . $AppUI->_($module['mod_ui_name']) . '</a>';
$link .= '<input type="button" class="button" value="' . $AppUI->_($module['mod_ui_name']) . '" onclick=\'javascript:window.location="?m=' . $module['mod_directory'] . '"\' />';
$link .= $innerTag != '' ? "</{$innerTag}>" : '';
$links[] = $link;
}
}
$s .= implode($dividingToken, $links);
$s .= $rootTag != '' ? "</{$rootTag}>" : '';
return $s;
}
<?php
/* $Id$ $URL$ */
global $a, $AppUI;
$links = array();
if (canAccess('users')) {
$links[] = '<a href="./index.php?m=admin">' . $AppUI->_('User Management') . '</a>';
}
if (canAccess('system')) {
$links[] = '<a href="./index.php?m=system">' . $AppUI->_('System Administration') . '</a>';
}
?>
</td>
</tr>
</table>
<hr />
<div class="center footer">
<?php
echo implode('|', $links);
?>
</div>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="./style/<?php
echo $uistyle;
?>
/assets/js/jquery.js"></script>
<script src="./style/<?php
echo $uistyle;
?>
public function loadFooterJS()
{
$s = '<script type="text/javascript">';
$s .= '$(document).ready(function() {';
// Attach tooltips to "span" elements
$s .= ' $("span").tipTip({maxWidth: "600px;", delay: 200, fadeIn: 150, fadeOut: 150});';
// Move the focus to the first textbox available, while avoiding the "Global Search..." textbox
if (canAccess('smartsearch')) {
$s .= ' $("input[type=\'text\']:eq(1)").focus();';
} else {
$s .= ' $("input[type=\'text\']:eq(0)").focus();';
}
$s .= '});';
$s .= '</script>';
if (is_array($this->footerJavascriptFiles) and !empty($this->footerJavascriptFiles)) {
while ($jsFile = array_pop($this->footerJavascriptFiles)) {
$s .= "<script type='text/javascript' src='" . $jsFile . "'></script>";
}
}
return $s;
}
/**
+----------------------------------------------------------
* 初始化当前登录用户信息
+----------------------------------------------------------
* @access protected
+----------------------------------------------------------
*/
protected function initUser()
{
$this->mid = intval($_SESSION['mid']);
$this->uid = intval($_REQUEST['uid']);
if ($this->uid == 0) {
$this->uid = $this->mid;
}
// 获取userInfo数据
if ($this->mid > 0 && (empty($_SESSION['userInfo']) || !$_SESSION['userInfo']['is_init'] || !$_SESSION['userInfo']['is_active'])) {
$_SESSION['userInfo'] = D('User', 'home')->getUserByIdentifier($this->mid);
} else {
if (empty($_SESSION['userInfo'])) {
return true;
}
D('User', 'home')->setUserObjectCache(array($_SESSION['userInfo']));
}
//缓存登录用户个人资料
$userInfo = D('User', 'home')->getUserInfoCache($this->mid);
$this->assign('userInfoCache', $userInfo);
// 赋值当前用户
$this->user = $_SESSION['userInfo'];
global $ts;
$ts['user'] = $this->user;
$this->assign('mid', $this->mid);
$this->assign('uid', $this->uid);
$this->assign('user', $this->user);
//add By lenghaoran 2011-01-16 判断用户是否为管理员
$isSystemAdmin = service('SystemPopedom')->hasPopedom($this->user['uid'], 'admin/*/*', false);
$this->assign('isSystemAdmin', $isSystemAdmin);
// 检查是否用户初始化
if (!$ts['user']['is_init'] && !canAccess()) {
$this->assign('jumpUrl', U('home/Public/userinfo'));
$this->error('请先完善个人资料');
exit;
}
}
<?php
/* $Id$ $URL$ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly');
}
ob_start();
if (isset($perms)) {
foreach ($AppUI->getActiveModules() as $dir => $module) {
if (!canAccess($dir)) {
continue;
}
$modules_tabs_crumbs = $AppUI->readFiles(W2P_BASE_DIR . '/modules/' . $dir . '/', '^' . $m . '_(tab|crumb).*\\.php');
if (count($modules_tabs_crumbs) > 0) {
if (file_exists(W2P_BASE_DIR . '/modules/' . $dir . '/locales/' . $AppUI->user_locale . '/' . $dir . '.inc')) {
readfile(W2P_BASE_DIR . '/modules/' . $dir . '/locales/' . $AppUI->user_locale . '/' . $dir . '.inc');
} elseif (file_exists(W2P_BASE_DIR . '/locales/' . $AppUI->user_locale . '/' . $dir . '.inc')) {
readfile(W2P_BASE_DIR . '/locales/' . $AppUI->user_locale . '/' . $dir . '.inc');
} elseif (file_exists(W2P_BASE_DIR . '/modules/' . $dir . '/locales/' . $AppUI->user_locale . '.inc')) {
readfile(W2P_BASE_DIR . '/modules/' . $dir . '/locales/' . $AppUI->user_locale . '.inc');
}
}
}
}
if (W2P_BASE_DIR . '/locales/' . $AppUI->user_locale . '/common.inc') {
readfile(W2P_BASE_DIR . '/locales/' . $AppUI->user_locale . '/common.inc');
}
// language files for specific locales and specific modules (for external modules) should be
// put in modules/[the-module]/locales/[the-locale]/[the-module].inc or
// modules/[the-module]/locales/[the-locale].inc
// this allows for module specific translations to be distributed with the module
/**
+----------------------------------------------------------
* 用户访问权限验证
+----------------------------------------------------------
* @access private
+----------------------------------------------------------
* @return void
+----------------------------------------------------------
*/
private static function checkUser()
{
global $ts;
// 邀请
if ($_GET['validationcode'] && $_GET['validationid']) {
service('Validation')->dispatchValidation();
}
// 验证登陆
if (!service('Passport')->isLogged()) {
// 未登陆
// 邀请
if (APP_NAME == 'home' && MODULE_NAME == 'Index' && ACTION_NAME == 'index' && isset($_REQUEST['invite'])) {
redirect(SITE_URL . '/index.php?app=home&mod=Public&act=register&invite=' . $_REQUEST['invite']);
}
// 是否开启游客访问
if (APP_NAME == 'home' && MODULE_NAME == 'Space' && !$ts['site']['site_anonymous']) {
redirect(U('home/Public/login'));
}
// 匿名访问控制
if (!canAccess()) {
if (App::isAjax() || strpos($_SERVER['REQUEST_URI'], "addon") != FALSE) {
// Ajax访问禁止匿名的资源时, 不做自动跳转
exit;
} else {
// 记录登陆前的url地址
$_SESSION['refer_url'] = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
redirect(U('home/Public/login'));
}
}
} else {
// 已登录
// 设为在线
setOnline($_SESSION['mid']);
// 检查用户权限. 管理后台的权限由它自己控制.
if (!service('SystemPopedom')->hasPopedom()) {
if (APP_NAME == 'admin') {
redirect(U('home/Public/adminlogin'), 5, '您无权查看');
} else {
redirect(U('home'), 5, '您无权查看');
}
}
}
return;
}
function character_select($Db, $chars)
{
if (canAccess(33554432)) {
$account = new eveApiAccount($Db);
if (!$account->fetch(USER_ID, API_KEY)) {
$account = false;
}
} else {
$account = false;
}
if (!$chars || count($chars) == 0) {
fatal_error("Failed to load characters. Verify API is valid and account has characters.");
} else {
insert_header("API Jackknife: Char Selection");
?>
<h3>Select character</h3><table><tr>
<?php
if (isset($_GET['key'])) {
$auth = SELF_URL . "key=" . $_GET['key'];
} else {
$auth = SELF_URL . "usid=" . USER_ID . "&apik=" . API_KEY;
}
foreach ($chars as $ch_id => $char) {
echo "<td align=center><a href=\"" . $auth . "&chid={$ch_id}" . (isset($_GET['fittingid']) ? "&fittingid={$_GET['fittingid']}" : "") . (isset($_GET['save']) && $_GET['save'] == "1" ? "&save=1" : "") . "\">";
echo "<img src=\"http://image.eveonline.com/Character/" . $ch_id . "_256.jpg\" height=150 width=150><br>";
echo "<b>" . $char["name"] . "</b></a><br><span style=\"font-size:70%\">" . $char["corporationName"] . ($char["allianceID"] != 0 ? "<br>" . $char["allianceName"] : "<br> ") . "</span>";
if (!LOGGED_IN) {
echo "<br><input style=\"font-size:80%;align:left\" type=\"button\" onclick=\"getCharacterInfo({$ch_id}," . USER_ID . ",'" . API_KEY . "');this.style.display='none';document.getElementById('iskTable" . $ch_id . "').style.display='block' \" value='Load Char Info'/>";
$Hide = ";display:none;";
} else {
$Hide = "";
echo "<script type=\"text/javascript\">getCharacterInfo({$ch_id}," . USER_ID . ",'" . API_KEY . "')</script>";
}
echo "<br><table id=\"iskTable" . $ch_id . "\" style=\"font-size:90%;align:left;width:100%" . $Hide . "\"> <tr><td>Isk: </td><td id=\"isk" . $ch_id . "\"></td></tr>";
echo "<tr><td>SP: </td><td id=\"sp" . $ch_id . "\"></td></tr>";
echo "<tr><td>Born: </td><td id=\"bday" . $ch_id . "\"></td></tr>";
echo "</table>";
echo "</td>\n";
}
?>
</tr></table>
<br><table style="font-size:80%"><tr><td>Total Isk: </td><td id="tIsk"></td></tr>
<tr><td>Total SP: </td><td id="tSp"></td></tr>
</table>
<?php
if ($account) {
?>
<span style="font-size:80%">Created <?php
echo date("Y-m-d", strtotime($account->created));
?>
, <?php
echo $account->paidUntil;
?>
of subscription left</span>
<?php
}
?>
<br><span style="font-size:80%"><a href="<?php
SELF_URL . (isset($_GET['fittingid']) ? "&fittingid={$_GET['fittingid']}" : "");
?>
">back</a></span><br>
</body>
</html>
<?php
$Db->close();
exit;
}
/// END CHAR SELECT ///////////////////////////////////////////////////////////////////////////////
}
/* This check for $u implies that a file located in a subdirectory of higher depth than 1
* in relation to the module base can't be executed. So it would'nt be possible to
* run for example the file module/directory1/directory2/file.php
* Also it won't be possible to run modules/module/abc.zyz.class.php for that dots are
* not allowed in the request parameters.
*/
$u = $AppUI->checkFileName(w2PgetCleanParam($_GET, 'u', ''));
// load module based locale settings
@(include_once W2P_BASE_DIR . '/locales/' . $AppUI->user_locale . '/locales.php');
include_once W2P_BASE_DIR . '/locales/core.php';
setlocale(LC_TIME, $AppUI->user_lang);
$m_config = w2PgetConfig($m);
// TODO: canRead/Edit assignements should be moved into each file
// check overall module permissions
// these can be further modified by the included action files
$canAccess = canAccess($m);
$canRead = canView($m);
$canEdit = canEdit($m);
$canAuthor = canAdd($m);
$canDelete = canDelete($m);
if (!$suppressHeaders) {
// output the character set header
if (isset($locale_char_set)) {
header('Content-type: text/html;charset=' . $locale_char_set);
}
}
// include the module class file - we use file_exists instead of @ so
// that any parse errors in the file are reported, rather than errors
// further down the track.
$modclass = $AppUI->getModuleClass($m);
if (file_exists($modclass)) {
<?php
/* $Id$ $URL$ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
$AppUI->savePlace();
// pull all the key types
$perms =& $AppUI->acl();
// Get the permissions for this module
$canAccess = canAccess('roles');
if (!$canAccess) {
$AppUI->redirect('m=public&a=access_denied');
}
$canRead = canView('roles');
$canAdd = canAdd('roles');
$canEdit = canEdit('roles');
$canDelete = canDelete('roles');
$crole = new CSystem_Role();
$roles = $crole->getRoles();
$role_id = (int) w2PgetParam($_GET, 'role_id', 0);
// setup the title block
$titleBlock = new w2p_Theme_TitleBlock('Roles', 'main-settings.png', $m, $m . '.' . $a);
$titleBlock->addCrumb('?m=system', 'System Admin');
$titleBlock->show();
$crumbs = array();
$crumbs['?m=system'] = 'System Admin';
?>
<script language="javascript" type="text/javascript">
<?php
echo $AppUI->_('Item');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Type');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Status');
?>
</th>
<th> </th>
</tr>
<?php
$canDelete = canAccess('system');
foreach ($role_acls as $acl) {
$buf = '';
$permission = $perms->get_acl($acl);
$style = '';
// TODO: Do we want to make the colour depend on the allow/deny/inherit flag?
// Module information.
if (is_array($permission)) {
$buf .= '<td ' . $style . '>';
$modlist = array();
$itemlist = array();
if (is_array($permission['axo_groups'])) {
foreach ($permission['axo_groups'] as $group_id) {
$group_data = $perms->get_group_data($group_id, 'axo');
$modlist[] = $AppUI->_($group_data[3]);
}
break;
//show the list of versions for this document
//show the list of versions for this document
default:
$rows = null;
$current = null;
if ($id > 0) {
$group_id = 0;
//check that the user is authorized to approve
if (function_exists('getParameterValue')) {
$group_id = (int) getParameterValue('approval_user_group');
}
if ($group_id > 0) {
$user =& JFactory::getUser();
//if they are at or above the selected user group
if (canAccess($user->gid, $group_id)) {
$query = "SELECT * FROM #__version WHERE content_id=" . $id . " AND (autosaved != '1' or autosaved is null) ORDER BY id DESC";
} else {
//no access to staging versions
$query = "SELECT * FROM #__version WHERE content_id=" . $id . " AND (stage != '1' or stage is null) AND (autosaved != '1' or autosaved is null) ORDER BY id DESC";
}
} else {
$query = "SELECT * FROM #__version WHERE content_id=" . $id . " AND (autosaved != '1' or autosaved is null) ORDER BY id DESC";
}
$db->setQuery($query);
$rows = $db->loadObjectList();
//get the current article
$query = "SELECT * FROM #__content WHERE id=" . $id . " LIMIT 1";
$db->setQuery($query);
$current = $db->loadObject();
}
