function gst_chats_main($p) { $acc = control_access(ADMIN_ACCESS); if ($acc) { //aggiungo la funzione per aggiungere il link per l'amministrazione $p->add_action('admin_menu', 'add_gstchats_link'); } }
static function master_adm_page() { global $t; $p = plugins::getinst(); //controllo che l'utente sia master control_access(MASTER_ACCESS) != 1 ? header('Location: ../logout') : NULL; $t = new template('template/master.tpl'); //eseguo l'azione master_menu $p->action('master_menu'); @$t->out(); }
/*************************/ require_once "lib/session.lib.php"; // connect to DB $connexion = mysql_pconnect(SERVEUR, NOM, PASSE); if (!$connexion) { echo "Sorry, connexion to " . SERVEUR . " failed\n"; exit; } if (!mysql_select_db(BASE, $connexion)) { echo "Sorry, connexion to database " . BASE . " failed\n"; exit; } if (!in_array($tb, array("home", ""))) { // authentification CleanOldSessions($connexion); $session = control_access($tb . ".php", $_POST, session_id(), $connexion); if (!is_object($session)) { exit; } // According to login: // Define priviledge options // to pass to phpMyEdit // //check that visitor is allowed to use this table if (($tb == "admin" || $tb == "add_box" || $tb == "publish_it") && $session->mode != "super") { echo "<p>Sorry, your session is not granted access to admin panel. Please logout and try again with appropriate login...</p>"; exit; } else { if ($session->target_table != $tb && $session->target_table != "all") { echo "<p>Sorry, your session is not granted access to table <B> {$tb} </B> in <B>{$session->mode}</B> mode (login must be <b>{$session->mode}{$tb}</b>). Please logout and try again with appropriate login...</p>"; exit;
static function chat_add() { global $t; $p = plugins::getinst(); $t = new template('template/new_chat.tpl'); $access = control_access(ADMIN_ACCESS); if (!$access) { $t->to_comp['not_admin'][] = array(); $t->out(); exit; } $name = mysql_real_escape_string($_POST['name']); $img = mysql_real_escape_string($_POST['img']); $desc = mysql_real_escape_string($_POST['desc']); $query = 'INSERT INTO stanze SET name="' . $name . '",image="' . $img . '",description="' . $desc . '";'; $new = $p->d->query($query); if (!$new) { $t->to_comp['is_admin'][0]['new_failed'][] = array(); } else { $t->to_comp['is_admin'][0]['new_success'][] = array(); } $p->action('chat_new'); $t->out(); }
static function edit_post($forum_id = 0, $id = 0) { $p = plugins::getinst(); if ($id != 0) { $t = new template('template/forum_message.tpl'); $t->assign_var('FORUM_ID', $forum_id); //controllo se la bacheca è riservata al master e in caso controllo che l'utente lo sia if ($p->d->getvar('SELECT master FROM forums WHERE id="' . $forum_id . '";') == 1 && control_access(MASTER_ACCESS) != 1) { $t->start_block('access_denied'); $t->end_block('access_denied'); } else { $post = $p->d->getrow('SELECT * FROM posts WHERE id="' . $id . '"'); if (!$_POST) { $t->start_block('message_form'); if ($post->title != NULL && $post->topic_id == 0) { $t->block_assign('is_topic', 'TOPIC_TITLE', $post->title); } $t->assign_block_var('TEXT', $post->text); $t->assign_block_var('SUBMIT_TEXT', 'modifica messaggio'); $t->assign_block_var('ACTION', '{ROOT}/plugins.php/edit_post/' . $forum_id . '/' . $id); $t->end_block('message_form'); } else { if (isset($_POST['title'])) { $title = mysql_real_escape_string(htmlentities($_POST['title'])); } else { $title = $post->title; } $text = $p->filter('topic_message_edited', mysql_real_escape_string(htmlentities($_POST['text']))); $query = 'UPDATE posts SET title="' . $title . '",text="' . $text . '" WHERE id="' . $id . '"'; $res = $p->d->query($query); if ($res > 0) { $t->block_assign('success', 'TEXT_SUCCESS', 'Messaggio modificato!'); } else { $t->block_assign('failed', 'TEXT_FAILED', 'Messaggio NON modificato: ' . mysql_error()); } } } $t->out(); } }