PHP Current_User::authorized Beispiele

Beispiel #1

Datei: Image_Manager.php Projekt: HaldunA/phpwebsite

 public function admin()
 {
     switch ($_REQUEST['iop']) {
         case 'delete_image':
             if (!$this->folder->id || !Current_User::secured('filecabinet', 'edit_folders', $this->folder->id, 'folder')) {
                 Current_User::disallow();
             }
             $this->loadImage(filter_input(INPUT_GET, 'file_id', FILTER_VALIDATE_INT));
             $this->image->delete();
             PHPWS_Core::goBack();
             break;
         case 'post_image_upload':
             if (!$this->folder->id || !Current_User::authorized('filecabinet', 'edit_folders', $this->folder->id, 'folder')) {
                 Current_User::disallow();
             }
             if (!$this->postImageUpload()) {
                 \Cabinet::setMessage('Failed to upload image. Check directory permissions.');
             }
             Layout::nakedDisplay();
             //\PHPWS_Core::goBack();
             break;
         case 'upload_image_form':
             if (!$this->folder->id || !Current_User::secured('filecabinet', 'edit_folders', $this->folder->id, 'folder')) {
                 Current_User::disallow();
             }
             $this->loadImage(filter_input(INPUT_GET, 'file_id', FILTER_VALIDATE_INT));
             $this->edit();
             echo Layout::wrap($this->content, 'Image Upload', true);
             exit;
     }
 }

Beispiel #2

Datei: Analytics.php Projekt: HaldunA/phpwebsite

 public static function process()
 {
     if (!Current_User::authorized('analytics')) {
         Current_User::disallow();
     }
     $panel = self::cpanel();
     if (isset($_REQUEST['command'])) {
         $command = $_REQUEST['command'];
     } else {
         $command = $panel->getCurrentTab();
     }
     switch ($command) {
         case 'list':
             $panel->setContent(self::listTrackers());
             break;
         case 'new':
             $panel->setContent(self::newTracker());
             break;
         case 'create':
             $panel->setContent(self::createTracker());
             break;
         case 'edit':
             $panel->setContent(self::editTracker());
             break;
         case 'delete':
             $panel->setContent(self::deleteTracker());
             break;
         case 'save_tracker':
             $panel->setContent(self::saveTracker());
             break;
     }
     Layout::add(PHPWS_ControlPanel::display($panel->display()));
 }

Beispiel #3

Datei: Whatsnew.php Projekt: HaldunA/phpwebsite

 function adminMenu()
 {
     if (!Current_User::allow('whatsnew')) {
         Current_User::disallow();
     }
     $this->loadPanel();
     $javascript = false;
     $this->loadMessage();
     switch ($_REQUEST['aop']) {
         case 'menu':
             if (!isset($_GET['tab'])) {
                 $this->loadForm('settings');
             } else {
                 $this->loadForm($_GET['tab']);
             }
             break;
         case 'post_settings':
             if (!Current_User::authorized('whatsnew')) {
                 Current_User::disallow();
             }
             if ($this->postSettings()) {
                 $this->forwardMessage(dgettext('whatsnew', 'Whatsnew settings saved.'));
                 PHPWS_Core::reroute('index.php?module=whatsnew&aop=menu');
             } else {
                 $this->loadForm('settings');
             }
             break;
         case 'flush_cache':
             if (!Current_User::authorized('whatsnew')) {
                 Current_User::disallow();
             }
             if ($this->flushCache()) {
                 $this->forwardMessage(dgettext('whatsnew', 'Cache flushed.'));
                 PHPWS_Core::reroute('index.php?module=whatsnew&aop=menu');
             } else {
                 $this->loadForm('settings');
             }
             break;
     }
     $tpl['TITLE'] = $this->title;
     $tpl['CONTENT'] = $this->content;
     $tpl['MESSAGE'] = $this->message;
     if ($javascript) {
         Layout::nakedDisplay(PHPWS_Template::process($tpl, 'whatsnew', 'main_admin.tpl'));
     } else {
         $this->panel->setContent(PHPWS_Template::process($tpl, 'whatsnew', 'main_admin.tpl'));
         Layout::add(PHPWS_ControlPanel::display($this->panel->display()));
     }
 }

Beispiel #4

Datei: Multimedia_Manager.php Projekt: HaldunA/phpwebsite

 public function admin()
 {
     switch ($_REQUEST['mop']) {
         case 'delete_multimedia':
             if (!$this->folder->id || !Current_User::authorized('filecabinet', 'edit_folders', $this->folder->id, 'folder')) {
                 Current_User::disallow();
             }
             $this->loadMultimedia(filter_input(INPUT_GET, 'file_id', FILTER_VALIDATE_INT));
             $this->multimedia->delete();
             PHPWS_Core::goBack();
             break;
         case 'post_multimedia_upload':
             if (!$this->folder->id || !Current_User::authorized('filecabinet', 'edit_folders', $this->folder->id, 'folder')) {
                 Current_User::disallow();
             }
             $this->postMultimediaUpload();
             \PHPWS_Core::goBack();
             break;
         case 'upload_multimedia_form':
             if (!Current_User::secured('filecabinet', 'edit_folders', $this->multimedia->folder_id, 'folder')) {
                 Current_User::disallow();
             }
             $this->loadMultimedia(filter_input(INPUT_GET, 'file_id', FILTER_VALIDATE_INT));
             if (!$this->multimedia->id) {
                 $this->multimedia->folder_id = filter_input(INPUT_GET, 'folder_id', FILTER_VALIDATE_INT);
             }
             $this->edit();
             echo json_encode(array('title' => $this->title, 'content' => $this->content));
             exit;
         case 'edit_rtmp':
             if (!Current_User::secured('filecabinet', 'edit_folders', $this->multimedia->folder_id, 'folder')) {
                 Current_User::disallow();
             }
             $this->loadMultimedia(filter_input(INPUT_GET, 'file_id', FILTER_VALIDATE_INT));
             $this->editRTMP();
             echo json_encode(array('title' => $this->title, 'content' => $this->content));
             exit;
         case 'post_rtmp':
             if (!Current_User::authorized('filecabinet', 'edit_folders', $this->multimedia->folder_id, 'folder')) {
                 Current_User::disallow();
             }
             if (!$this->postRTMP()) {
                 $this->editRTMP();
             }
             \PHPWS_Core::goBack();
             break;
     }
     return $this->content;
 }

Beispiel #5

Datei: OldWikiPage.php Projekt: Jopperi/wiki

 function remove()
 {
     if (!(Current_User::authorized('wiki', 'delete_page') && $this->getAllowEdit() && !$this->getVrCurrent())) {
         Current_User::disallow(dgettext('wiki', 'User attempted to remove previous page version.'));
         return;
     }
     PHPWS_Core::initModClass('version', 'Version.php');
     $version = new Version('wiki_pages', $this->getId());
     $version->delete(FALSE);
     WikiManager::sendMessage(dgettext('wiki', 'Old revision removed'), array('page' => $this->getTitle(FALSE)), FALSE);
 }

Beispiel #6

Datei: Checkin_Admin.php Projekt: HaldunA/phpwebsite

 public function process()
 {
     if (!Current_User::allow('checkin')) {
         Current_User::disallow();
     }
     if (isset($_REQUEST['aop'])) {
         if ($_REQUEST['aop'] == 'switch') {
             if (Current_User::allow('checkin', 'settings')) {
                 $cmd = 'settings';
             } elseif (Current_User::allow('checkin', 'assign_visitors')) {
                 $cmd = 'assign';
             } else {
                 $cmd = 'waiting';
             }
         } else {
             $cmd = $_REQUEST['aop'];
         }
     } elseif ($_REQUEST['tab']) {
         $cmd = $_REQUEST['tab'];
     } else {
         PHPWS_Core::errorPage('404');
     }
     $js = false;
     $js = isset($_GET['print']);
     switch ($cmd) {
         case 'finish_meeting':
             $this->finishMeeting();
             PHPWS_Core::goBack();
             break;
         case 'start_meeting':
             $this->startMeeting();
             PHPWS_Core::goBack();
             break;
         case 'sendback':
             $this->sendBack();
             PHPWS_Core::goBack();
             break;
         case 'unavailable':
             $this->unavailable();
             PHPWS_Core::goBack();
             break;
         case 'available':
             $this->available();
             PHPWS_Core::goBack();
             break;
         case 'report':
             if (!PHPWS_Settings::get('checkin', 'staff_see_reports') && !Current_User::allow('checkin', 'assign_visitors')) {
                 Current_User::disallow();
             }
             if (isset($_GET['daily_report'])) {
                 $this->dailyReport(isset($_GET['print']));
             } elseif (isset($_GET['summary_report'])) {
                 $this->summaryReport();
             } else {
                 $this->report();
             }
             //$this->report2();
             break;
         case 'daily_report':
             if (!PHPWS_Settings::get('checkin', 'staff_see_reports') && !Current_User::allow('checkin', 'assign_visitors')) {
                 Current_User::disallow();
             }
             break;
         case 'month_report':
             if (!Current_User::allow('checkin', 'assign_visitors')) {
                 Current_User::disallow();
             }
             $this->monthReport(isset($_GET['print']));
             break;
         case 'visitor_report':
             if (!Current_User::allow('checkin', 'assign_visitors')) {
                 Current_User::disallow();
             }
             $this->visitorReport(isset($_GET['print']));
             break;
         case 'reassign':
             // Called via ajax
             if (Current_User::authorized('checkin', 'assign_visitors')) {
                 if (isset($_GET['staff_id']) && $_GET['staff_id'] >= 0 && isset($_GET['visitor_id'])) {
                     $this->loadVisitor($_GET['visitor_id']);
                     $staff_id = $this->visitor->assigned;
                     $db = new PHPWS_DB('checkin_visitor');
                     $db->addValue('assigned', (int) $_GET['staff_id']);
                     $db->addWhere('id', (int) $_GET['visitor_id']);
                     PHPWS_Error::logIfError($db->update());
                     printf('staff_id %s, visitor_id %s', $_GET['staff_id'], $_GET['visitor_id']);
                     $this->loadStaff($staff_id);
                     /*
                      if ($this->staff->status == 3) {
                      $this->staff->status = 0;
                      $this->staff->save();
                      }
                     */
                 }
             }
             exit;
             break;
         case 'move_up':
             if (Current_User::allow('checkin', 'assign_visitors')) {
                 $db = new PHPWS_DB('checkin_staff');
                 $db->moveRow('view_order', 'id', $_GET['staff_id'], 'up');
             }
             PHPWS_Core::goBack();
             break;
         case 'move_down':
             if (Current_User::allow('checkin', 'assign_visitors')) {
                 $db = new PHPWS_DB('checkin_staff');
                 $db->moveRow('view_order', 'id', $_GET['staff_id'], 'down');
             }
             PHPWS_Core::goBack();
             break;
         case 'assign':
             if (Current_User::allow('checkin', 'assign_visitors')) {
                 $this->panel->setCurrentTab('assign');
                 $this->assign();
             }
             break;
         case 'post_note':
             $this->loadVisitor();
             $this->saveNote();
             PHPWS_Core::goBack();
             break;
         case 'hide_panel':
             PHPWS_Cookie::write('checkin_hide_panel', 1);
             PHPWS_Core::goBack();
             break;
         case 'show_panel':
             PHPWS_Cookie::delete('checkin_hide_panel');
             PHPWS_Core::goBack();
             $this->panel->setCurrentTab('assign');
             $this->assign();
             break;
         case 'hide_sidebar':
             PHPWS_Cookie::write('checkin_hide_sidebar', 1);
             PHPWS_Core::goBack();
             $this->panel->setCurrentTab('assign');
             $this->use_sidebar = false;
             $this->assign();
             break;
         case 'show_sidebar':
             PHPWS_Cookie::delete('checkin_hide_sidebar');
             PHPWS_Core::goBack();
             $this->panel->setCurrentTab('assign');
             $this->assign();
             break;
         case 'waiting':
             $this->panel->setCurrentTab('waiting');
             $this->loadCurrentStaff();
             $this->waiting();
             break;
         case 'repeats':
             $this->repeats();
             break;
         case 'small_wait':
             $this->loadCurrentStaff();
             $this->waiting(true);
             $js = true;
             break;
         case 'remove_visitor':
             if (Current_User::allow('checkin', 'remove_visitors')) {
                 $this->removeVisitor();
             }
             PHPWS_Core::goBack();
             break;
         case 'settings':
             if (Current_User::allow('checkin', 'settings')) {
                 $this->panel->setCurrentTab('settings');
                 $this->settings();
             }
             break;
         case 'reasons':
             if (Current_User::allow('checkin', 'settings')) {
                 $this->panel->setCurrentTab('reasons');
                 $this->reasons();
             }
             break;
         case 'post_reason':
             if (Current_User::allow('checkin', 'settings')) {
                 $this->loadReason();
                 if ($this->postReason()) {
                     $this->reason->save();
                     PHPWS_Core::reroute('index.php?module=checkin&tab=reasons');
                 } else {
                     $this->editReason();
                 }
             }
             break;
         case 'staff':
             $this->panel->setCurrentTab('staff');
             $this->staff();
             break;
         case 'edit_staff':
             if (Current_User::allow('checkin', 'settings')) {
                 $this->loadStaff(null, true);
                 $this->editStaff();
             }
             break;
         case 'search_users':
             $this->searchUsers();
             break;
         case 'update_reason':
             if (Current_User::allow('checkin', 'settings')) {
                 if (Current_User::authorized('checkin', 'settings')) {
                     $this->updateReason();
                 }
                 $this->panel->setCurrentTab('settings');
                 $this->settings();
             }
             break;
         case 'post_staff':
             if (!Current_User::authorized('checkin', 'settings')) {
                 Current_User::disallow();
             }
             if ($this->postStaff()) {
                 // save post
                 $this->staff->save();
                 $this->staff->saveReasons();
                 PHPWS_Core::reroute('index.php?module=checkin&tab=staff');
             } else {
                 // post failed
                 $this->loadStaff();
                 $this->editStaff();
             }
             break;
         case 'post_settings':
             // from Checkin_Admin::settings
             if (Current_User::authorized('checkin', 'settings')) {
                 $this->postSettings();
             }
             PHPWS_Core::reroute('index.php?module=checkin&tab=settings');
             break;
         case 'edit_reason':
             $this->loadReason();
             $this->editReason();
             break;
         case 'delete_reason':
             $this->loadReason();
             $this->reason->delete();
             PHPWS_Core::goBack();
             break;
         case 'deactivate_staff':
             PHPWS_Core::initModClass('checkin', 'Staff.php');
             $staff = new Checkin_Staff($_GET['id']);
             $staff->active = 0;
             $staff->save();
             PHPWS_Core::goBack();
             break;
         case 'activate_staff':
             PHPWS_Core::initModClass('checkin', 'Staff.php');
             $staff = new Checkin_Staff($_GET['id']);
             $staff->active = 1;
             $staff->save();
             PHPWS_Core::goBack();
             break;
             // This is for testing purposes and never happens in actual use
         // This is for testing purposes and never happens in actual use
         case 'unassignAll':
             $this->unassignAll();
             break;
             // This is for testing purposes and never happens in actual use
         // This is for testing purposes and never happens in actual use
         case 'auto_assign':
             $this->autoAssign();
             break;
     }
     if (empty($this->content)) {
         $this->content = dgettext('checkin', 'Command not recognized.');
     }
     if ($js) {
         $tpl['TITLE'] =& $this->title;
         $tpl['CONTENT'] =& $this->content;
         $tpl['MESSAGE'] =& $this->message;
         $content = PHPWS_Template::process($tpl, 'checkin', 'main.tpl');
         Layout::nakedDisplay($content, $this->title);
     } else {
         if (is_array($this->message)) {
             $this->message = implode('<br />', $this->message);
         }
         if (!$this->use_sidebar) {
             Layout::collapse();
         }
         if ($this->use_panel) {
             Layout::add(PHPWS_ControlPanel::display($this->panel->display($this->content, $this->title, $this->message)));
         } else {
             $tpl['TITLE'] =& $this->title;
             $tpl['CONTENT'] =& $this->content;
             $tpl['MESSAGE'] =& $this->message;
             Layout::add(PHPWS_Template::process($tpl, 'checkin', 'main.tpl'));
         }
     }
 }

Beispiel #7

Datei: index.php Projekt: HaldunA/phpwebsite

<?php

/**
 * @version $Id$
 * @author Matthew McNaney <mcnaney at gmail dot com>
 */
if (!defined('PHPWS_SOURCE_DIR')) {
    include '../../core/conf/404.html';
    exit;
}
if (!Current_User::authorized('block')) {
    Current_User::disallow();
    return;
}
PHPWS_Core::initModClass('block', 'Block_Admin.php');
Block_Admin::action();

Beispiel #8

Datei: Block_Admin.php Projekt: HaldunA/phpwebsite

 public static function postBlock(Block_Item $block)
 {
     if (!Current_User::authorized('block', 'edit_block', $block->id)) {
         Current_User::disallow();
     }
     if (isset($_POST['pick_block'])) {
         self::lockBlock($_POST['block_list'], $_POST['key_id']);
         return true;
     }
     if (isset($_POST['hide_title'])) {
         $block->hide_title = 1;
     } else {
         $block->hide_title = 0;
     }
     if (isset($_POST['hide_narrow'])) {
         $block->hide_narrow = 1;
     } else {
         $block->hide_narrow = 0;
     }
     $block->setTitle($_POST['title']);
     $block->setContent($_POST['block_content']);
     if (empty($block->title)) {
         $content = trim(strip_tags($_POST['block_content']));
         if (!empty($content)) {
             try {
                 $offset = strpos($content, ' ', 10);
                 $title_sub = ucfirst(substr($content, 0, $offset));
             } catch (\Exception $e) {
                 /**
                  * strpos will throw a warning which, depending on error settings,
                  * is changed into an exception.
                  * The fastest way to check for a character in a string is strpos, so
                  * error checking cannot be done.
                  * 
                  */
                 if ($e->getCode() == 0) {
                     $title_sub = substr($content, 0, 15);
                 } else {
                     throw $e;
                 }
             }
             $block->setTitle($title_sub);
             $block->hide_title = 1;
         } else {
             $block->setTitle(t('Untitled'));
             $block->hide_title = 1;
         }
     }
     if (empty($block->content) && empty($block->title) && empty($block->file_id)) {
         return false;
     } else {
         return true;
     }
 }

Beispiel #9

Datei: Blog_Admin.php Projekt: HaldunA/phpwebsite

 public static function main()
 {
     if (!Current_User::authorized('blog')) {
         Current_User::disallow(dgettext('blog', 'User attempted access to Blog administration.'));
         return;
     }
     $title = $content = NULL;
     $message = Blog_Admin::getForward();
     $panel = Blog_Admin::cpanel();
     $panel->enableSecure();
     if (isset($_REQUEST['command'])) {
         $command = $_REQUEST['command'];
     } else {
         $command = $panel->getCurrentTab();
     }
     if (isset($_REQUEST['blog_id'])) {
         $blog = new Blog((int) $_REQUEST['blog_id']);
     } else {
         $blog = new Blog();
     }
     switch ($command) {
         case 'edit':
             $panel->setCurrentTab('list');
             if (!Current_User::isUser($blog->author_id) && !Current_User::authorized('blog', 'edit_blog', $_REQUEST['blog_id'], 'entry')) {
                 Current_User::disallow(dgettext('blog', 'User tried to edit a blog.'));
                 return;
             }
             $title = dgettext('blog', 'Update Blog Entry');
             $content = Blog_Form::edit($blog);
             break;
         case 'new':
             $title = dgettext('blog', 'New Blog Entry');
             $content = Blog_Form::edit($blog);
             break;
         case 'delete':
             //Blog_Admin::resetCache();
             $result = $blog->delete();
             Blog_Admin::setForward(dgettext('blog', 'Blog entry deleted.'), 'list');
             break;
         case 'list':
             $title = dgettext('blog', 'Blog Entries');
             $content = Blog_Admin::entry_list();
             break;
         case 'menu_submit_link':
             Menu::pinLink(dgettext('blog', 'Submit entry'), 'index.php?module=blog&action=user&action=submit');
             PHPWS_Core::reroute('index.php?module=blog&action=admin&tab=settings&authkey=' . Current_User::getAuthKey());
             break;
         case 'sticky':
             if (!Current_User::isUnrestricted('blog')) {
                 Current_User::disallow();
             }
             Blog_Admin::sticky($blog);
             PHPWS_Core::goBack();
             break;
         case 'unsticky':
             if (!Current_User::isUnrestricted('blog')) {
                 Current_User::disallow();
             }
             Blog_Admin::unsticky($blog);
             PHPWS_Core::goBack();
             break;
         case 'post_entry':
             $title = dgettext('blog', 'Blog Archive');
             $panel->setCurrentTab('list');
             $blog->post_entry();
             $link_back = PHPWS_Text::linkAddress('blog', array('action' => 'admin', 'tab' => 'list'), TRUE);
             if ($blog->_error) {
                 if (empty($blog->id)) {
                     $panel->setCurrentTab('new');
                 }
                 $content = Blog_Form::edit($blog);
             } else {
                 if (!isset($_POST['blog_id']) && PHPWS_Core::isPosted()) {
                     Blog_Admin::setForward(dgettext('blog', 'Entry saved successfully.'), 'list');
                 }
                 $result = $blog->save();
                 //Blog_Admin::resetCache();
                 if (PHPWS_Error::isError($result)) {
                     $message = dgettext('blog', 'An error occurred when trying to save your entry. Please check your logs.');
                     PHPWS_Error::log($result);
                     Blog_Admin::setForward($message, 'list');
                 }
                 if (!$blog->approved) {
                     Blog_Admin::setForward(dgettext('blog', 'Your entry is being held for approval.'), 'list');
                 } else {
                     PHPWS_Core::reroute($blog->getViewLink(true));
                 }
             }
             break;
         case 'reset_cache':
             Blog_Admin::resetCache();
             PHPWS_Core::goBack();
             break;
         case 'post_settings':
             if (!Current_User::authorized('blog', 'settings')) {
                 Current_User::disallow();
                 return;
             }
             if (Current_User::isDeity() && isset($_POST['purge_confirm'])) {
                 $title = dgettext('blog', 'Purge Blog Entries');
                 $content = Blog_Admin::confirmPurge($_POST['purge_date']);
                 break;
             }
             Blog_Admin::postSettings();
             $message = dgettext('blog', 'Blog settings saved.');
         case 'settings':
             if (!Current_User::allow('blog', 'settings')) {
                 Current_User::disallow();
                 return;
             }
             $panel->setCurrentTab('settings');
             $title = dgettext('blog', 'Blog Settings');
             $content = Blog_Form::settings();
             break;
         case 'purge_entries':
             if (Current_User::authorized('blog') && Current_User::isDeity()) {
                 Blog_Admin::purgeEntries($_GET['pd']);
                 $message = dgettext('blog', 'Blog entries purged.');
             }
             $content = Blog_Form::settings();
     }
     Layout::add(PHPWS_ControlPanel::display($panel->display($content, $title, $message)));
 }

Beispiel #10

Datei: Access.php Projekt: HaldunA/phpwebsite

 public static function postDenyAllow()
 {
     if (!Current_User::authorized('access', 'admin_options')) {
         Current_User::disallow();
         exit;
     }
     PHPWS_Core::initModClass('access', 'Allow_Deny.php');
     if (!empty($_POST['allow_deny_enabled'])) {
         PHPWS_Settings::set('access', 'allow_deny_enabled', 1);
     } else {
         PHPWS_Settings::set('access', 'allow_deny_enabled', 0);
     }
     PHPWS_Settings::save('access');
     if (isset($_POST['add_allow_address']) && !empty($_POST['allow_address'])) {
         $allow = new Access_Allow_Deny();
         $allow->allow_or_deny = 1;
         $result = $allow->setIpAddress($_POST['allow_address']);
         if (!$result) {
             return $result;
         }
         $allow->active = 1;
         return $allow->save();
     }
     if (isset($_POST['add_deny_address']) && !empty($_POST['deny_address'])) {
         $deny = new Access_Allow_Deny();
         $deny->allow_or_deny = 0;
         $result = $deny->setIpAddress($_POST['deny_address']);
         if (!$result) {
             return $result;
         }
         $deny->active = 1;
         return $deny->save();
     }
     if (isset($_POST['allow_action']) && $_POST['allow_action'] != 'none') {
         if ($_POST['allow_action'] == 'allow_all') {
             if (PHPWS_Settings::get('access', 'allow_all')) {
                 PHPWS_Settings::set('access', 'allow_all', 0);
             } else {
                 PHPWS_Settings::set('access', 'allow_all', 1);
             }
             PHPWS_Settings::save('access');
             return true;
         } elseif (!empty($_POST['allows'])) {
             $db = new PHPWS_DB('access_allow_deny');
             // just in case something goes wrong
             $db->addWhere('allow_or_deny', 1);
             $db->addWhere('id', $_POST['allows']);
             switch ($_POST['allow_action']) {
                 case 'active':
                     $db->addValue('active', 1);
                     return $db->update();
                     break;
                 case 'deactive':
                     $db->addValue('active', 0);
                     return $db->update();
                     break;
                 case 'delete':
                     return $db->delete();
                     break;
             }
         }
     }
     if ($_POST['deny_action'] == 'deny_all') {
         if (PHPWS_Settings::get('access', 'deny_all')) {
             PHPWS_Settings::set('access', 'deny_all', 0);
         } else {
             PHPWS_Settings::set('access', 'deny_all', 1);
         }
         PHPWS_Settings::save('access');
         return true;
     } elseif (!empty($_POST['denys'])) {
         $db = new PHPWS_DB('access_allow_deny');
         // just in case something goes wrong
         $db->addWhere('allow_or_deny', 0);
         $db->addWhere('id', $_POST['denys']);
         switch ($_POST['deny_action']) {
             case 'active':
                 $db->addValue('active', 1);
                 return $db->update();
                 break;
             case 'deactive':
                 $db->addValue('active', 0);
                 return $db->update();
                 break;
             case 'delete':
                 return $db->delete();
                 break;
         }
     }
     return true;
 }

Beispiel #11

Datei: LayoutAdmin.php Projekt: par-orillonsoft/phpwebsite

 public static function admin()
 {
     if (!Current_User::allow('layout')) {
         Current_User::disallow();
     }
     PHPWS_Core::initModClass('controlpanel', 'Panel.php');
     $title = $content = null;
     $panel = Layout_Admin::adminPanel();
     if (isset($_REQUEST['command'])) {
         $command = $_REQUEST['command'];
     } else {
         $command = $panel->getCurrentTab();
     }
     switch ($command) {
         case 'arrange':
             $title = dgettext('layout', 'Arrange Layout');
             $content[] = Layout_Admin::arrangeForm();
             break;
         case 'turn_off_box_move':
             Layout::moveBoxes(false);
             PHPWS_Core::goBack();
             break;
         case 'post_style_change':
             $result = Layout_Admin::postStyleChange();
             if (PHPWS_Error::isError($result)) {
                 PHPWS_Error::log($result);
             }
             javascript('close_refresh');
             break;
         case 'reset_boxes':
             if (!Current_User::authorized('layout')) {
                 Current_User::disallow();
             }
             Layout::resetDefaultBoxes();
             unset($_SESSION['Layout_Settings']);
             PHPWS_Core::reroute('index.php?module=layout&action=admin&authkey=' . Current_User::getAuthKey());
             break;
         case 'move_boxes_on':
             if (!Current_User::authorized('layout')) {
                 Current_User::disallow();
             }
             Layout::moveBoxes(true);
             PHPWS_Core::goBack();
             break;
         case 'move_boxes_off':
             if (!Current_User::authorized('layout')) {
                 Current_User::disallow();
             }
             Layout::moveBoxes(false);
             PHPWS_Core::goBack();
             break;
         case 'confirmThemeChange':
             $title = dgettext('layout', 'Themes');
             if (isset($_POST['confirm'])) {
                 Layout_Admin::changeTheme();
                 PHPWS_Core::reroute('index.php?module=layout&action=admin&tab=theme');
                 exit;
             } else {
                 Layout::reset();
             }
             $content[] = Layout_Admin::adminThemes();
             break;
         case 'meta':
             $title = dgettext('layout', 'Edit Meta Tags');
             $content[] = Layout_Admin::metaForm();
             break;
         case 'clear_templates':
             if (!Current_User::authorized('layout')) {
                 Current_User::disallow();
             }
             $files = PHPWS_File::readDirectory(PHPWS_SOURCE_DIR . 'templates/cache', false, true);
             if (!empty($files) && is_array($files)) {
                 foreach ($files as $fn) {
                     $delete_cache_path = "templates/cache/{$fn}";
                     if (is_file($delete_cache_path)) {
                         unlink('templates/cache/' . $fn);
                     }
                 }
             }
             PHPWS_Core::goBack();
             break;
         case 'clear_cache':
             if (!Current_User::authorized('layout')) {
                 Current_User::disallow();
             }
             PHPWS_Cache::clearCache();
             PHPWS_Core::goBack();
             break;
         case 'moveBox':
             $result = Layout_Admin::moveBox();
             PHPWS_Error::logIfError($result);
             javascript('close_refresh');
             Layout::nakedDisplay();
             break;
         case 'postMeta':
             if (!Current_User::authorized('layout')) {
                 Current_User::disallow();
             }
             Layout_Admin::postMeta();
             if (isset($_POST['key_id'])) {
                 javascript('close_refresh');
                 Layout::nakedDisplay();
                 exit;
             }
             Layout::reset();
             $title = dgettext('layout', 'Edit Meta Tags');
             $template['MESSAGE'] = dgettext('layout', 'Meta Tags updated.');
             $content[] = Layout_Admin::metaForm();
             break;
         case 'demo_fail':
             unset($_SESSION['Layout_Settings']);
             Layout::checkSettings();
             PHPWS_Core::reroute('index.php?module=layout&action=admin&command=confirmThemeChange');
             break;
         case 'demo_theme':
             $title = dgettext('layout', 'Confirm Theme Change');
             $content[] = dgettext('layout', 'If you are happy with the change, click the appropiate button.');
             $content[] = dgettext('layout', 'Failure to respond in ten seconds, reverts phpWebSite to the default theme.');
             $content[] = Layout_Admin::confirmThemeChange();
             break;
         case 'postTheme':
             if (!Current_User::authorized('layout')) {
                 Current_User::disallow();
             }
             if ($_POST['default_theme'] != $_SESSION['Layout_Settings']->current_theme) {
                 Layout::reset($_POST['default_theme']);
                 PHPWS_Core::reroute('index.php?module=layout&action=admin&command=demo_theme&authkey=' . Current_User::getAuthKey());
             } else {
                 PHPWS_Settings::set('layout', 'include_css_order', (int) $_POST['include_css_order']);
                 PHPWS_Settings::save('layout');
                 $title = dgettext('layout', 'Themes');
                 $content[] = Layout_Admin::adminThemes();
             }
             break;
         case 'theme':
             $title = dgettext('layout', 'Themes');
             $content[] = Layout_Admin::adminThemes();
             break;
         case 'js_style_change':
             $content = Layout_Admin::jsStyleChange();
             if (empty($content)) {
                 javascript('close_refresh');
             }
             Layout::nakedDisplay($content, dgettext('layout', 'Change CSS'));
             break;
         case 'page_meta_tags':
             $content = Layout_Admin::pageMetaTags((int) $_REQUEST['key_id']);
             if (empty($content)) {
                 javascript('close_refresh');
             }
             Layout::nakedDisplay($content, dgettext('layout', 'Set meta tags'));
             break;
         case 'move_popup':
             if (!Current_User::authorized('layout')) {
                 Current_User::disallow();
             }
             Layout_Admin::moveBoxMenu();
             break;
     }
     $template['TITLE'] = $title;
     if (isset($content)) {
         $template['CONTENT'] = implode('<br />', $content);
     }
     if (isset($message)) {
         $template['MESSAGE'] = $message;
     }
     $final = PHPWS_Template::process($template, 'layout', 'main.tpl');
     $panel->setContent($final);
     Layout::add(PHPWS_ControlPanel::display($panel->display()));
 }

Beispiel #12

Datei: index.php Projekt: HaldunA/phpwebsite

<?php

/**
 * @version $Id$
 * @author Matthew McNaney <mcnaney at gmail dot com>
 */
if (!defined('PHPWS_SOURCE_DIR')) {
    include '../../core/conf/404.html';
    exit;
}
PHPWS_Core::requireConfig('boost');
if (DEITY_ACCESS_ONLY && !Current_User::isDeity()) {
    Current_User::disallow();
}
if (!Current_User::authorized('boost')) {
    Current_User::disallow();
}
if (!isset($_REQUEST['action'])) {
    PHPWS_Core::errorPage(404);
}
$js = false;
$content = array();
PHPWS_Core::initModClass('boost', 'Form.php');
PHPWS_Core::initModClass('controlpanel', 'Panel.php');
PHPWS_Core::initModClass('boost', 'Action.php');
$boostPanel = new PHPWS_Panel('boost');
$boostPanel->enableSecure();
Boost_Form::setTabs($boostPanel);
$vars = array('action' => 'admin', 'tab' => $boostPanel->getCurrentTab());
$backToBoost = PHPWS_Text::secureLink(dgettext('boost', 'Return to Boost'), 'boost', $vars);
switch ($_REQUEST['action']) {

Beispiel #13

Datei: WikiImage.php Projekt: Jopperi/wiki

 /**
  * Delete
  *
  * @author Greg Meiste <*****@*****.**>
  */
 function delete()
 {
     if (!Current_User::authorized('wiki', 'upload_images') && !(PHPWS_Settings::get('wiki', 'allow_image_upload') && Current_User::isLogged())) {
         Current_User::disallow(dgettext('wiki', 'User attempted access to image delete.'));
         return;
     }
     if (isset($_REQUEST['yes'])) {
         @unlink(PHPWS_HOME_DIR . 'images/wiki/' . $this->getFilename());
         $db = new PHPWS_DB('wiki_images');
         $db->addWhere('id', $this->getId());
         if (PHPWS_Error::logIfError($db->delete())) {
             return dgettext('wiki', 'Error deleting image.');
         }
         return dgettext('wiki', 'Image deleted!');
     } else {
         if (isset($_REQUEST['no'])) {
             return dgettext('wiki', 'Image was not deleted!');
         }
     }
     $tags = array();
     $tags['MESSAGE'] = dgettext('wiki', 'Are you sure you want to delete this image?');
     $tags['YES'] = PHPWS_Text::secureLink(dgettext('wiki', 'Yes'), 'wiki', array('op' => 'doimagedelete', 'yes' => 1, 'id' => $this->getId()));
     $tags['NO'] = PHPWS_Text::secureLink(dgettext('wiki', 'No'), 'wiki', array('op' => 'doimagedelete', 'no' => 1, 'id' => $this->getId()));
     $tags['WIKIPAGE'] = '<img src="images/wiki/' . $this->getFilename() . '" alt="" />';
     return PHPWS_Template::processTemplate($tags, 'wiki', 'confirm.tpl');
 }

Beispiel #14

Datei: Admin.php Projekt: HaldunA/phpwebsite

 public static function main()
 {
     if (!Current_User::allow('search')) {
         Current_User::disallow();
     }
     $panel = Search_Admin::cpanel();
     if (isset($_REQUEST['command'])) {
         $command = $_REQUEST['command'];
     } elseif (isset($_REQUEST['tab'])) {
         $command = $_REQUEST['tab'];
     } else {
         $command = $panel->getCurrentTab();
     }
     switch ($command) {
         case 'delete_keyword':
         case 'add_keyword':
         case 'remove_searchword':
         case 'add_ignore':
             if (!Current_User::authorized('search')) {
                 Current_User::disallow();
             }
             break;
     }
     switch ($command) {
         case 'keyword':
             $template = Search_Admin::keyword();
             break;
         case 'ignore':
             $template = Search_Admin::ignore();
             break;
         case 'settings':
             $template = Search_Admin::settings();
             break;
         case 'close_admin':
             unset($_SESSION['Search_Add_Words']);
             unset($_SESSION['Search_Admin']);
             PHPWS_Core::goBack();
             break;
         case 'delete_keyword':
             Search_Admin::deleteKeyword();
             PHPWS_Core::goBack();
             break;
         case 'add_parse_word':
             if (!isset($_REQUEST['keyword'])) {
                 PHPWS_Core::goBack();
             }
             Search_Admin::addParseWord($_REQUEST['keyword']);
             Search_Admin::sendMessage(dgettext('search', 'Keywords added to admin menu.'), 'keyword');
             break;
         case 'drop_keyword':
             if (isset($_SESSION['Search_Add_Words'])) {
                 $array_key = array_search($_REQUEST['kw'], $_SESSION['Search_Add_Words']);
                 if ($array_key !== FALSE) {
                     unset($_SESSION['Search_Add_Words'][$array_key]);
                 }
             }
             PHPWS_Core::goBack();
             break;
         case 'add_keyword':
             if (!isset($_GET['kw']) || !isset($_GET['key_id'])) {
                 PHPWS_Core::goBack();
             }
             Search_Admin::addKeyword($_GET['kw'], $_GET['key_id']);
             PHPWS_Core::goBack();
             break;
         case 'remove_searchword':
             if (!isset($_GET['kw']) || !isset($_GET['key_id'])) {
                 PHPWS_Core::goBack();
             }
             Search_Admin::removeSearchword($_GET['kw'], $_GET['key_id']);
             PHPWS_Core::goBack();
             break;
         case 'add_ignore':
             if (!isset($_GET['keyword'])) {
                 PHPWS_Core::goBack();
             }
             Search_Admin::setIgnore($_GET['keyword'], 1);
             PHPWS_Core::goBack();
             break;
         case 'remove_ignore':
             if (!isset($_GET['keyword'])) {
                 PHPWS_Core::goBack();
             }
             Search_Admin::setIgnore($_GET['keyword'], 0);
             PHPWS_Core::goBack();
             break;
         case 'save_settings':
             Search_Admin::saveSettings();
             Search_Admin::sendMessage(dgettext('search', 'Settings saved'), 'settings');
             break;
     }
     $template['MESSAGE'] = Search_Admin::getMessage();
     $final = PHPWS_Template::process($template, 'search', 'main.tpl');
     $panel->setContent($final);
     $finalPanel = $panel->display();
     Layout::add(PHPWS_ControlPanel::display($finalPanel));
 }

Beispiel #15

Datei: Document_Manager.php Projekt: HaldunA/phpwebsite

 public function admin()
 {
     switch ($_REQUEST['dop']) {
         case 'delete_document':
             if (!$this->folder->id || !Current_User::secured('filecabinet', 'edit_folders', $this->folder->id, 'folder')) {
                 Current_User::disallow();
             }
             $this->document->delete();
             PHPWS_Core::returnToBookmark();
             break;
         case 'post_document_upload':
             if (!$this->folder->id || !Current_User::authorized('filecabinet', 'edit_folders', $this->folder->id, 'folder')) {
                 Current_User::disallow();
             }
             $this->postDocumentUpload();
             javascript('close_refresh');
             Layout::nakedDisplay();
             //\PHPWS_Core::goBack();
             break;
         case 'upload_document_form':
             if (!$this->folder->id || !Current_User::secured('filecabinet', 'edit_folders', $this->folder->id, 'folder')) {
                 Current_User::disallow();
             }
             $this->loadDocument(filter_input(INPUT_GET, 'file_id', FILTER_VALIDATE_INT));
             $this->edit();
             echo Layout::wrap($this->content, 'Document Upload', true);
             exit;
         case 'add_access':
             if (!Current_User::authorized('filecabinet')) {
                 Current_User::disallow();
             }
             $keyword = null;
             $this->loadDocument();
             // document exists, try making a shortcut
             if ($this->document->id) {
                 PHPWS_Core::initModClass('access', 'Shortcut.php');
                 $shortcut = new Access_Shortcut();
                 if (isset($_GET['keyword'])) {
                     $keyword = $_GET['keyword'];
                 }
                 if (empty($keyword)) {
                     $keyword = $this->document->title;
                 }
                 $result = $shortcut->setKeyword($keyword);
                 $new_keyword = $shortcut->keyword;
                 // if setKeyword returns a false or error, we have them pick a different name
                 if (!$result || PHPWS_Error::isError($result)) {
                     $message = dgettext('filecabinet', 'Access shortcut name already in use. Please enter another.');
                     $success = false;
                 } else {
                     $shortcut->setUrl('filecabinet', $this->document->getViewLink());
                     $shortcut->save();
                     $success = true;
                     $message = '<p>' . dgettext('filecabinet', 'Access shortcut successful!') . '</p>';
                     $message .= '<a href="' . PHPWS_Core::getHomeHttp() . $shortcut->keyword . '">' . PHPWS_Core::getHomeHttp() . $shortcut->keyword . '</a>';
                 }
             } else {
                 $message = dgettext('filecabinet', 'File not found');
                 // not really a success but prevents a repost prompt
                 $success = true;
             }
             echo json_encode(array('success' => $success, 'message' => $message, 'keyword' => $new_keyword));
             exit;
     }
 }

Beispiel #16

Datei: InterWiki.php Projekt: Jopperi/wiki

 /**
  * Interwiki Setup
  *
  * @author Greg Meiste <*****@*****.**>
  */
 function setup()
 {
     if (!Current_User::authorized('wiki', 'edit_page') && !(PHPWS_Settings::get('wiki', 'allow_page_edit') && Current_User::isLogged())) {
         Current_User::disallow(dgettext('wiki', 'User attempted access to Interwiki setup.'));
         return;
     }
     PHPWS_Core::initCoreClass('DBPager.php');
     if ($_REQUEST['op'] == 'editinterwiki') {
         $tags = $this->edit();
     } else {
         if ($_REQUEST['op'] == 'deleteinterwiki') {
             $tags = $this->kill();
         } else {
             $tags = $this->add();
         }
     }
     if ($_REQUEST['op'] == 'addinterwiki' || $_REQUEST['op'] == 'saveinterwiki') {
         WikiManager::sendMessage($this->save(), 'interwikisetup');
     } else {
         if ($_REQUEST['op'] == 'dodeleteinterwiki') {
             WikiManager::sendMessage($this->kill(), 'interwikisetup');
         }
     }
     $tags['MESSAGE'] = WikiManager::getMessage();
     $tags['BACK'] = PHPWS_Text::moduleLink(dgettext('wiki', 'Back to Wiki'), 'wiki');
     $tags['SITE_LIST_LABEL'] = dgettext('wiki', 'Site list');
     $tags['USAGE'] = sprintf(dgettext('wiki', 'To link to an interwiki site, use %s.'), 'WikiName:PageName');
     $tags['LIST_LABEL'] = dgettext('wiki', 'Site Name');
     $tags['LIST_URL'] = dgettext('wiki', 'URL');
     $tags['LIST_UPDATED'] = dgettext('wiki', 'Updated');
     $tags['LIST_ACTIONS'] = dgettext('wiki', 'Actions');
     $pager = new DBPager('wiki_interwiki', 'InterWiki');
     $pager->setModule('wiki');
     $pager->setTemplate('interwiki/setup.tpl');
     $pager->addToggle(PHPWS_LIST_TOGGLE_CLASS);
     $pager->addPageTags($tags);
     $pager->addRowTags('getTpl');
     $pager->setSearch('label');
     $pager->setDefaultOrder('label', 'asc');
     $pager->cacheQueries();
     $template['TITLE'] = dgettext('wiki', 'Interwiki Setup');
     $template['CONTENT'] = $pager->get();
     Layout::add(PHPWS_Template::process($template, 'wiki', 'box.tpl'), 'wiki', 'wiki_mod', TRUE);
 }

Beispiel #17

Datei: Schedule.php Projekt: HaldunA/phpwebsite

 public function checkPermissions($authorized = false)
 {
     if ($this->public) {
         if ($authorized) {
             return Current_User::authorized('calendar', 'edit_public', $this->id, 'schedule');
         } else {
             return Current_User::allow('calendar', 'edit_public', $this->id, 'schedule');
         }
     } else {
         if ($authorized) {
             if (Current_User::getAuthKey() == $_REQUEST['authkey'] && $this->user_id == Current_User::getId()) {
                 return true;
             } else {
                 return Current_User::authorized('calendar', 'edit_private', $this->id, 'schedule');
             }
         } else {
             if ($this->user_id == Current_User::getId()) {
                 return true;
             } else {
                 return Current_User::allow('calendar', 'edit_private', $this->id, 'schedule');
             }
         }
     }
 }

Beispiel #18

Datei: Action.php Projekt: HaldunA/phpwebsite

 public static function update_settings()
 {
     $error = null;
     if (!Current_User::authorized('users', 'settings')) {
         Current_User::disallow();
         return;
     }
     if (!isset($_POST['site_contact'])) {
         $error = dgettext('users', 'You need to set a site contact address.');
     } elseif (!PHPWS_Text::isValidInput($_POST['site_contact'], 'email')) {
         $error = dgettext('users', 'Please enter a valid email address as a site contact.');
     }
     $settings['site_contact'] = $_POST['site_contact'];
     if (Current_User::isDeity()) {
         if (is_numeric($_POST['user_signup'])) {
             $settings['new_user_method'] = (int) $_POST['user_signup'];
         }
         $settings['session_warning'] = (int) isset($_POST['session_warning']);
         if (isset($_POST['show_login'])) {
             $settings['show_login'] = 1;
         } else {
             $settings['show_login'] = 0;
         }
         if (isset($_POST['allow_remember'])) {
             $settings['allow_remember'] = 1;
         } else {
             $settings['allow_remember'] = 0;
         }
         if (isset($_POST['graphic_confirm'])) {
             $settings['graphic_confirm'] = 1;
         } else {
             $settings['graphic_confirm'] = 0;
         }
         $settings['user_menu'] = $_POST['user_menu'];
         $settings['allow_new_users'] = (int) $_POST['allow_new_users'];
     }
     $settings['forbidden_usernames'] = str_replace(' ', "\n", strtolower(strip_tags($_POST['forbidden_usernames'])));
     PHPWS_Settings::set('users', $settings);
     if ($error) {
         return $error;
     } else {
         PHPWS_Settings::save('users');
         return true;
     }
 }

Beispiel #19

Datei: FC_Forms.php Projekt: HaldunA/phpwebsite

 public function uploadFile(\Request $request)
 {
     if (Current_User::authorized('filecabinet')) {
         return;
     }
     $folder_id = $request->getVar('folder_id');
     $folder = new Folder($folder_id);
     switch ($folder->ftype) {
         case DOCUMENT_FOLDER:
             $this->uploadDocumentToFolder($folder, 'file');
             break;
         case IMAGE_FOLDER:
             $this->uploadImageToFolder($folder, 'file');
             break;
         case MULTIMEDIA_FOLDER:
             $this->uploadMediaToFolder($folder, 'file');
             break;
     }
 }

Beispiel #20

Datei: index.php Projekt: HaldunA/phpwebsite

<?php

/**
 * @author Matthew McNaney <mcnaney at gmail dot com>
 * @version $Id$
 */
if (!Current_User::authorized('branch')) {
    Current_User::disallow();
}
PHPWS_Core::initModClass('branch', 'Branch_Admin.php');
$branch_admin = new Branch_Admin();
$branch_admin->main();

Beispiel #21

Datei: Admin.php Projekt: par-orillonsoft/phpwebsite

 public function post()
 {
     switch ($_POST['aop']) {
         case 'save_property':
             if (!\Current_User::authorized('properties')) {
                 Current_User::disallow('Action not allowed');
             }
             $this->loadProperty();
             if ($this->property->post()) {
                 try {
                     $this->property->save();
                     $this->setCarryMessage('Property saved successfully.');
                 } catch (\Exception $e) {
                     $this->setCarryMessage($e->getMessage());
                 }
                 \PHPWS_Core::reroute('index.php?module=properties&aop=properties');
             } else {
                 $this->editProperty();
             }
             break;
         case 'save_contact':
             if (!\Current_User::authorized('properties')) {
                 Current_User::disallow();
             }
             $this->loadContact();
             if ($this->contact->post()) {
                 try {
                     $this->contact->save();
                     if (isset($_POST['contact_contact'])) {
                         $this->emailContact($this->contact->username, $_POST['password'], $_POST['email_address']);
                     }
                     $this->setCarryMessage('Contact saved successfully.');
                     \PHPWS_Core::reroute('index.php?module=properties&aop=contacts');
                 } catch (\Exception $e) {
                     $this->setCarryMessage($e->getMessage());
                     $this->editContact();
                 }
             } else {
                 $this->editContact();
             }
             break;
         case 'post_photo':
             try {
                 $photo = new Photo();
                 $photo->post();
                 $this->setCarryMessage('Photo uploaded');
                 if (isset($_POST['v'])) {
                     $property = new Property($photo->pid);
                     $url = './properties/id/' . $photo->pid . '/photo/1';
                 } else {
                     $url = 'index.php?module=properties&aop=properties&pid=' . $photo->pid;
                 }
                 \PHPWS_Core::reroute($url);
             } catch (\Exception $e) {
                 $this->setCarryMessage($e->getMessage());
                 \PHPWS_Core::goBack();
             }
             break;
         case 'post_settings':
             if ($this->postSettings()) {
                 $this->setCarryMessage('Settings updated');
                 \PHPWS_Core::reroute('index.php?module=properties&aop=settings');
             } else {
                 $this->settingsForm();
             }
             break;
         case 'block_post':
             $this->blockPost();
             $this->viewReported();
             break;
     }
     $this->display();
 }

Beispiel #22

Datei: Signup.php Projekt: HaldunA/phpwebsite

 public function adminMenu()
 {
     if (!Current_User::allow('signup')) {
         Current_User::disallow();
     }
     $this->loadPanel();
     $javascript = false;
     $this->loadMessage();
     $command = $_REQUEST['aop'];
     switch ($command) {
         case 'add_slot_peep':
             $javascript = true;
             $this->loadPeep();
             $this->loadForm('edit_peep');
             break;
         case 'menu':
             if (!isset($_GET['tab'])) {
                 $this->loadForm('list');
             } else {
                 $this->loadForm($_GET['tab']);
             }
             break;
         case 'delete_sheet':
             $this->loadSheet();
             $this->sheet->delete();
             $this->message = dgettext('signup', 'Signup sheet deleted.');
             $this->loadForm('list');
             break;
         case 'edit_sheet':
             $this->loadForm('edit_sheet');
             break;
         case 'edit_slot_peep':
             $javascript = true;
             $this->loadPeep();
             $this->loadForm('edit_peep');
             break;
         case 'edit_slot_popup':
             $javascript = true;
             $this->loadSlot();
             $this->loadForm('edit_slot_popup');
             break;
         case 'edit_peep_popup':
             $javascript = true;
             $this->loadSlot();
             $this->loadForm('edit_peep_popup');
             break;
         case 'print_applicants':
             if (!Current_User::authorized('signup')) {
                 Current_User::disallow();
             }
             $this->loadSheet();
             $this->printApplicants();
             exit;
             break;
         case 'email_applicants':
             if (!Current_User::authorized('signup')) {
                 Current_User::disallow();
             }
             $this->loadEmail();
             $this->loadSheet();
             $this->loadForm('email_applicants');
             break;
         case 'post_email':
             if (!Current_User::authorized('signup')) {
                 Current_User::disallow();
             }
             $this->loadEmail();
             $this->loadSheet();
             if ($this->postEmail()) {
                 $this->sendEmail();
             } else {
                 $this->loadForm('email_applicants');
             }
             break;
         case 'slot_listing':
             if (!Current_User::authorized('signup')) {
                 Current_User::disallow();
             }
             $this->loadSheet();
             $this->slotListing();
             exit;
             break;
         case 'csv_applicants':
             if (!Current_User::authorized('signup')) {
                 Current_User::disallow();
             }
             $this->loadSheet();
             $this->csvExport();
             exit;
             break;
         case 'send_email':
             if (!Current_User::authorized('signup')) {
                 Current_User::disallow();
             }
             $this->sendEmail();
             break;
         case 'edit_slots':
             $this->loadSheet();
             $this->loadForm('edit_slots');
             break;
         case 'search_slot':
             $this->searchSlots();
             break;
         case 'post_peep':
             $javascript = true;
             if (!Current_User::authorized('signup')) {
                 Current_User::disallow();
             }
             if ($this->postPeep()) {
                 // Since added by an admin, automatically registered
                 $this->peep->registered = 1;
                 if (PHPWS_Error::logIfError($this->peep->save())) {
                     $this->forwardMessage(dgettext('signup', 'Error occurred when saving applicant.'));
                 } else {
                     $this->forwardMessage(dgettext('signup', 'Applicant saved successfully.'));
                 }
                 javascript('close_refresh');
                 Layout::nakedDisplay();
             } else {
                 $this->loadForm('edit_peep');
             }
             break;
         case 'post_sheet':
             $this->loadSheet();
             if (!Current_User::authorized('signup', 'edit_sheet', $this->sheet->id, 'sheet')) {
                 Current_User::disallow();
             }
             if ($this->postSheet()) {
                 if (!$this->sheet->id && PHPWS_Core::isPosted()) {
                     $this->message = dgettext('signup', 'Sheet previously posted.');
                     $this->loadForm('edit_sheet');
                 } else {
                     $new_sheet = !$this->sheet->id;
                     if (PHPWS_Error::logIfError($this->sheet->save())) {
                         $this->forwardMessage(dgettext('signup', 'Error occurred when saving sheet.'));
                         PHPWS_Core::reroute('index.php?module=signup&aop=list');
                     } else {
                         $this->forwardMessage(dgettext('signup', 'Sheet saved successfully.'));
                         if ($new_sheet) {
                             PHPWS_Core::reroute('index.php?module=signup&aop=edit_slots&sheet_id=' . $this->sheet->id);
                         } else {
                             $this->loadForm('list');
                         }
                     }
                 }
             } else {
                 $this->loadForm('edit_sheet');
             }
             break;
         case 'post_slot':
             $javascript = true;
             if (!Current_User::authorized('signup')) {
                 Current_User::disallow();
             }
             if ($this->postSlot()) {
                 if (PHPWS_Error::logIfError($this->slot->save())) {
                     $this->forwardMessage(dgettext('signup', 'Error occurred when saving slot.'));
                 } else {
                     $this->forwardMessage(dgettext('signup', 'Slot saved successfully.'));
                 }
                 javascript('close_refresh');
                 Layout::nakedDisplay();
             } else {
                 $this->loadForm('edit_slot_popup');
             }
             break;
         case 'move_peep':
             $this->loadPeep();
             $result = $this->movePeep();
             if (PHPWS_Error::logIfError($result) || !$result) {
                 $this->forwardMessage(dgettext('signup', 'Error occurred when moving applicant. Slot may be full.'));
             }
             PHPWS_Core::goBack();
             break;
         case 'move_top':
             $this->loadSlot();
             $this->slot->moveTop();
             PHPWS_Core::goBack();
             break;
         case 'move_up':
             $this->loadSlot();
             $this->slot->moveUp();
             PHPWS_Core::goBack();
             break;
         case 'move_down':
             $this->loadSlot();
             $this->slot->moveDown();
             PHPWS_Core::goBack();
             break;
         case 'move_bottom':
             $this->loadSlot();
             $this->slot->moveBottom();
             PHPWS_Core::goBack();
             break;
         case 'delete_slot':
             $this->loadSlot();
             $this->deleteSlot();
             break;
         case 'delete_slot_peep':
             $this->loadPeep();
             $this->peep->delete();
             PHPWS_Core::goBack();
             break;
         case 'report':
             if (!Current_User::authorized('signup')) {
                 Current_User::disallow();
             }
             $this->loadSheet();
             $this->loadForm('report');
             break;
         case 'alpha_order':
         case 'reset_slot_order':
             if (!Current_User::authorized('signup')) {
                 Current_User::disallow();
             }
             $this->loadSheet();
             $this->resetSlots($command);
             $this->forwardMessage(dgettext('signup', 'Slot order reset.'));
             PHPWS_Core::reroute('index.php?module=signup&sheet_id=' . $this->sheet->id . '&aop=edit_slots&authkey=' . Current_User::getAuthKey());
             break;
     }
     $tpl['TITLE'] = $this->title;
     $tpl['CONTENT'] = $this->content;
     $tpl['MESSAGE'] = $this->message;
     if ($javascript) {
         $fonts = '<link rel="stylesheet" type="text/css" href="' . PHPWS_SOURCE_HTTP . 'themes/bootstrap/font-awesome/css/font-awesome.min.css" />
         <link rel="stylesheet" type="text/css" href="' . PHPWS_SOURCE_HTTP . 'themes/bootstrap/css/bootstrap.min.css" />';
         \Layout::addJSHeader($fonts);
         Layout::nakedDisplay(PHPWS_Template::process($tpl, 'signup', 'main.tpl'));
     } else {
         $this->panel->setContent(PHPWS_Template::process($tpl, 'signup', 'main.tpl'));
         Layout::add(PHPWS_ControlPanel::display($this->panel->display()));
     }
 }

Beispiel #23

Datei: Admin.php Projekt: par-orillonsoft/phpwebsite

 /**
  * routes administrative commands
  */
 public function main()
 {
     if (!Current_User::allow('calendar')) {
         Current_User::disallow();
         return;
     }
     $panel = $this->getPanel();
     if (isset($_REQUEST['aop'])) {
         $command = $_REQUEST['aop'];
     } elseif (isset($_REQUEST['tab'])) {
         $command = $_REQUEST['tab'];
     } else {
         $command = $panel->getCurrentTab();
     }
     switch ($command) {
         case 'get_event_json':
             $this->getEventJson();
             break;
         case 'post_event':
             if (!$this->calendar->schedule->checkPermissions(true)) {
                 Current_User::disallow();
             }
             $this->postEvent();
             break;
         case 'schedule_json':
             $this->scheduleJSON(filter_input(INPUT_GET, 'sch_id', FILTER_SANITIZE_NUMBER_INT));
             exit;
             break;
         case 'approval':
             $this->approval();
             break;
         case 'approve_suggestion':
             $this->approveSuggestion($_GET['suggestion_id']);
             PHPWS_Core::goBack();
             break;
         case 'create_event':
             $panel->setCurrentTab('schedules');
             $event = $this->calendar->schedule->loadEvent();
             if ($this->calendar->current_date) {
                 $event->start_time = mktime(12, 0, 0, $this->calendar->int_month, $this->calendar->int_day, $this->calendar->int_year);
                 $event->end_time = mktime(12, 0, 0, $this->calendar->int_month, $this->calendar->int_day, $this->calendar->int_year);
             }
             $this->editEvent($event);
             break;
         case 'create_schedule':
             if (!Current_User::allow('calendar') || !Current_User::allow('calendar', 'edit_public') && !PHPWS_Settings::get('calendar', 'personal_schedules')) {
                 Current_User::disallow();
             }
             $this->calendar->schedule = new Calendar_Schedule();
             $panel->setCurrentTab('schedules');
             $this->editSchedule();
             break;
         case 'blog_event':
             if (PHPWS_Core::moduleExists('blog') && Current_User::allow('blog', 'edit_blog') && $this->calendar->schedule->checkPermissions(true)) {
                 $event = $this->calendar->schedule->loadEvent();
                 $this->blogEvent();
             }
             break;
         case 'post_blog':
             if (PHPWS_Core::moduleExists('blog') && Current_User::allow('blog', 'edit_blog') && $this->calendar->schedule->checkPermissions(true)) {
                 $this->postBlog();
             }
             javascript('close_refresh');
             Layout::nakedDisplay();
             break;
         case 'edit_event':
             $panel->setCurrentTab('schedules');
             if (!$this->calendar->schedule->checkPermissions()) {
                 Current_User::disallow();
             }
             $event = $this->calendar->schedule->loadEvent();
             $this->editEvent($event);
             break;
         case 'delete_event':
             if ($this->calendar->schedule->checkPermissions(true)) {
                 $event = $this->calendar->schedule->loadEvent();
                 $result = $event->delete();
                 if (PHPWS_Error::isError($result)) {
                     PHPWS_Error::log($result);
                 }
             }
             PHPWS_Core::goBack();
             break;
         case 'delete_schedule':
             if (Current_User::authorized('calendar', 'delete_schedule') && Current_User::isUnrestricted('calendar')) {
                 $this->calendar->schedule->delete();
                 $this->sendMessage(dgettext('calendar', 'Schedule deleted.'), 'aop=schedules');
             } else {
                 Current_User::disallow();
             }
             break;
         case 'disapprove_suggestion':
             $this->disapproveSuggestion($_GET['suggestion_id']);
             PHPWS_Core::goBack();
             break;
         case 'edit_schedule':
             if (empty($_REQUEST['sch_id'])) {
                 PHPWS_Core::errorPage('404');
             }
             if (!$this->calendar->schedule->checkPermissions()) {
                 Current_User::disallow();
             }
             $panel->setCurrentTab('schedules');
             $this->editSchedule();
             break;
         case 'make_default_public':
             if (Current_User::isUnrestricted('calendar')) {
                 PHPWS_Settings::set('calendar', 'public_schedule', (int) $_REQUEST['sch_id']);
                 PHPWS_Settings::save('calendar');
                 $this->message = dgettext('calendar', 'Default public schedule set.');
             }
             $this->scheduleListing();
             break;
         case 'post_schedule':
             $this->postSchedule();
             break;
         case 'post_settings':
             if (!Current_User::authorized('calendar', 'settings')) {
                 Current_User::disallow();
             }
             $this->postSettings();
             $this->message = dgettext('calendar', 'Settings saved');
             $this->settings();
             break;
         case 'repeat_event':
             $panel->setCurrentTab('schedules');
             $event = $this->calendar->schedule->loadEvent();
             $this->repeatEvent($event);
             break;
         case 'reset_cache':
             if (!Current_User::allow('calendar')) {
                 Current_User::disallow();
             }
             PHPWS_Cache::remove($_REQUEST['key']);
             PHPWS_Core::goBack();
             break;
         case 'schedules':
             $panel->setCurrentTab('schedules');
             $this->scheduleListing();
             break;
         case 'settings':
             $this->settings();
             break;
         case 'upload_event':
             if (!$this->calendar->schedule->checkPermissions()) {
                 Current_User::disallow();
             }
             $this->uploadEvent();
             break;
         case 'post_upload':
             if (!$this->calendar->schedule->checkPermissions(true)) {
                 Current_User::disallow();
             }
             $this->postUpload();
             break;
     }
     $tpl['CONTENT'] = $this->content;
     $tpl['TITLE'] = $this->title;
     if (is_array($this->message)) {
         $tpl['MESSAGE'] = implode('<br />', $this->message);
     } else {
         $tpl['MESSAGE'] = $this->message;
     }
     // Clears in case of js window opening
     $this->content = $this->title = $this->message = null;
     $final = PHPWS_Template::process($tpl, 'calendar', 'admin/main.tpl');
     if (PHPWS_Calendar::isJS()) {
         Layout::nakedDisplay($final);
     } else {
         $panel->setContent($final);
         Layout::add(PHPWS_ControlPanel::display($panel->display()));
     }
 }

Beispiel #24

Datei: Menu_Admin.php Projekt: HaldunA/phpwebsite

 public function main()
 {
     $request = \Server::getCurrentRequest();
     $title = $content = $message = NULL;
     PHPWS_Core::initModClass('menu', 'Menu_Item.php');
     if (!Current_User::allow('menu')) {
         Current_User::disallow(dgettext('menu', 'User attempted access to Menu administration.'));
         return;
     }
     if (isset($_REQUEST['command'])) {
         $command = $_REQUEST['command'];
     } else {
         $command = 'list';
     }
     // This is the AJAX switch. Byproduct of old module design :(
     switch ($command) {
         case 'adminlinks':
             $this->adminLinks($request);
             exit;
         case 'delete_link':
             $this->deleteLink($request);
             exit;
         case 'key_select':
             $this->keySelect();
             exit;
         case 'post_link':
             $this->postLink($request);
             exit;
         case 'move_link':
             $this->moveLink($request);
             exit;
         case 'move_menu':
             $this->moveMenu($request);
             exit;
         case 'menu_options':
             $this->menuOptions($request);
             exit;
         case 'move_under':
             $this->moveUnder($request);
             exit;
         case 'transfer_link':
             $this->transferLink($request);
             exit;
         case 'add_key_link':
             $this->addKeyLink($request);
             exit;
         case 'remove_key_link':
             $this->removeKeyLink($request);
             exit;
         case 'delete_menu':
             $this->deleteMenu($request);
             exit;
         case 'post_menu':
             $this->postMenu($request);
             \PHPWS_Core::goBack();
             exit;
         case 'pin_menu':
             $this->pinMenu($request);
             exit;
         case 'unpin_menu':
             $this->unpinMenu($request);
             exit;
         case 'change_display_type':
             $this->changeDisplayType($request);
             exit;
         case 'menu_data':
             $this->menuData($request);
             exit;
         case 'pin_all':
             $this->menuPinAll($request);
             exit;
         case 'clear_image':
             $this->clearImage($request);
             exit;
         case 'update_character_limit':
             $this->updateCharacterLimit($request);
             exit;
         case 'new_link_menu':
             $this->updateNewLink($request);
             exit;
         case 'link_icons':
             $this->updateLinkIcons($request);
             exit;
         case 'force_shortcut':
             $this->forceShortcut();
             exit;
     }
     // This is the display switch or the HTML view switch
     switch ($command) {
         case 'list':
             $title = 'Menus';
             $content = $this->menuList();
             break;
         case 'reset_menu':
             if (!\Current_User::isDeity() && !\Current_User::authorized('menu')) {
                 throw new \Http\MethodNotAllowedException();
             }
             $this->resetMenu();
             PHPWS_Core::goBack();
             exit;
         default:
             throw new \Http\MethodNotAllowedException();
     }
     $tpl['title'] = $title;
     $tpl['content'] = $content;
     if (!empty($message)) {
         $tpl['message'] = $message;
     }
     $template = new \Template($tpl);
     $template->setModuleTemplate('menu', 'admin/main.html');
     Layout::add(PHPWS_ControlPanel::display($template->get()));
 }

Beispiel #25

Datei: Cabinet.php Projekt: HaldunA/phpwebsite

 /**
  * Handles admin functions outside of file manager.
  * Expects an 'aop' command.
  */
 public function admin()
 {
     $javascript = false;
     // if true, sends to nakedDisplay
     $this->loadPanel();
     if (isset($_REQUEST['aop'])) {
         $aop = $_REQUEST['aop'];
     } else {
         $aop = $this->panel->getCurrentTab();
     }
     if (!Current_User::isLogged()) {
         Current_User::disallow();
         return;
     }
     if ($aop != 'edit_image' && $aop != 'get_images' && !Current_User::allow('filecabinet')) {
         Current_User::disallow();
         return;
     }
     // Requires an unrestricted user
     switch ($aop) {
         case 'delete_folder':
         case 'unpin':
             if (Current_User::isRestricted('filecabinet')) {
                 Current_User::disallow();
             }
     }
     switch ($aop) {
         case 'image':
             $this->panel->setCurrentTab('image');
             $this->title = dgettext('filecabinet', 'Image folders');
             $this->loadForms();
             $this->forms->getFolders(IMAGE_FOLDER);
             break;
         case 'multimedia':
             $this->panel->setCurrentTab('multimedia');
             $this->title = dgettext('filecabinet', 'Multimedia folders');
             $this->loadForms();
             $this->forms->getFolders(MULTIMEDIA_FOLDER);
             break;
         case 'add_folder':
             if (!Current_User::allow('filecabinet', 'edit_folders', null, null, true)) {
                 Current_User::disallow();
             }
             $javascript = true;
             $this->loadFolder();
             $this->addFolder();
             break;
         case 'classify':
             if (!Current_User::isDeity()) {
                 Current_User::errorPage();
             }
             $this->loadForms();
             $this->forms->classifyFileList();
             break;
         case 'classify_action':
             if (!Current_User::isDeity() || !Current_User::verifyAuthKey()) {
                 Current_User::errorPage();
             }
             $this->classifyAction();
             break;
         case 'classify_file':
             if (!Current_User::isDeity() || !Current_User::verifyAuthKey()) {
                 Current_User::disallow();
             }
             $this->loadForms();
             if (!empty($_POST['file_list'])) {
                 $this->forms->classifyFile($_POST['file_list']);
             } elseif (isset($_GET['file'])) {
                 $this->forms->classifyFile($_GET['file']);
             } else {
                 $this->forms->classifyFileList();
             }
             break;
         case 'post_classifications':
             if (!Current_User::isDeity()) {
                 Current_User::errorPage();
             }
             $result = $this->classifyFiles();
             if (is_array($result)) {
                 $this->message = implode('<br />', $result);
             }
             $this->loadForms();
             $this->forms->classifyFileList();
             break;
         case 'unpin':
             if (!Current_User::authorized('filecabinet')) {
                 Current_User::disallow();
             }
             Cabinet::unpinFolder();
             PHPWS_Core::goBack();
             break;
         case 'pin_form':
             $javascript = true;
             @($key_id = (int) $_GET['key_id']);
             if (!$key_id) {
                 javascript('close_refresh', array('refresh' => 0));
                 break;
             }
             $this->loadForms();
             $this->forms->pinFolder($key_id);
             break;
         case 'delete_folder':
             if (!Current_User::authorized('filecabinet', 'delete_folders', null, null, true)) {
                 Current_User::disallow();
             }
             $this->loadFolder();
             $this->folder->delete();
             PHPWS_Core::goBack();
             break;
         case 'delete_incoming':
             if (!Current_User::isDeity()) {
                 Current_User::errorPage();
             }
             $this->deleteIncoming();
             $this->loadForms();
             $this->forms->classifyFileList();
             break;
         case 'document':
             $this->panel->setCurrentTab('document');
             $this->title = dgettext('filecabinet', 'Document folders');
             $this->loadForms();
             $this->forms->getFolders(DOCUMENT_FOLDER);
             break;
         case 'edit_folder_modal':
             $javascript = true;
             $this->loadFolder();
             // permission check in function below
             $this->editFolder(false);
             break;
         case 'edit_folder':
             $javascript = true;
             $this->loadFolder();
             // permission check in function below
             $this->editFolder(true);
             break;
         case 'change_tn':
             $javascript = true;
             $this->changeTN();
             break;
         case 'post_thumbnail':
             $javascript = true;
             if ($this->postTN()) {
                 javascript('close_refresh');
             } else {
                 $this->message = dgettext('filecabinet', 'Could not save thumbnail image.');
                 $this->changeTN();
             }
             break;
         case 'post_folder':
             if (!Current_User::authorized('filecabinet', 'edit_folders')) {
                 Current_User::disallow();
             }
             $this->loadFolder();
             if ($this->folder->post()) {
                 if (!$this->folder->save()) {
                     self::setMessage(dgettext('filecabinet', 'Failed to create folder. Please check your logs.'));
                 }
             } else {
                 self::setMessage(dgettext('filecabinet', 'Failed to create folder. Please check your logs.'));
             }
             if (filter_input(INPUT_POST, 'js') == 1) {
                 javascript('close_refresh');
             } else {
                 PHPWS_Core::goBack();
             }
             break;
         case 'post_allowed_files':
             if (!Current_User::isDeity()) {
                 Current_User::disallow();
             }
             $this->loadForms();
             $this->forms->postAllowedFiles();
             $this->message = dgettext('filecabinet', 'File types saved.');
             $this->title = dgettext('filecabinet', 'Allowed file types');
             $this->content = $this->forms->fileTypes();
             break;
         case 'save_settings':
             if (!Current_User::isDeity()) {
                 Current_User::disallow();
             }
             $this->loadForms();
             $result = $this->forms->saveSettings();
             if (is_array($result)) {
                 $this->message = implode('<br />', $result);
             } else {
                 $this->message = dgettext('filecabinet', 'Settings saved.');
             }
         case 'settings':
             if (!Current_User::isDeity()) {
                 Current_User::disallow();
             }
             $this->loadForms();
             $this->title = dgettext('filecabinet', 'Settings');
             $this->content = $this->forms->settings();
             break;
         case 'view_folder':
             $this->viewFolder();
             break;
         case 'file_types':
             if (!Current_User::isDeity()) {
                 Current_User::disallow();
             }
             $this->loadForms();
             $this->title = dgettext('filecabinet', 'Allowed file types');
             $this->content = $this->forms->fileTypes();
             break;
         case 'fix_document_dir':
             if (!Current_User::isDeity() || !Current_User::verifyAuthKey()) {
                 Current_User::disallow();
             }
             if (strtolower($_GET['confirm']) == 'yes') {
                 $this->fixDocumentDirectories();
             }
             PHPWS_Core::reroute('index.php?module=filecabinet&tab=settings');
     }
     $template['TITLE'] =& $this->title;
     $template['MESSAGE'] =& $this->message;
     $template['CONTENT'] =& $this->content;
     if ($javascript) {
         $main = PHPWS_Template::process($template, 'filecabinet', 'javascript.tpl');
         Layout::nakedDisplay($main);
     } else {
         $main = PHPWS_Template::process($template, 'filecabinet', 'main.tpl');
         $this->panel->setContent($main);
         $finalPanel = $this->panel->display();
         Layout::add(PHPWS_ControlPanel::display($finalPanel));
     }
 }

Beispiel #26

Datei: WikiPage.php Projekt: Jopperi/wiki

 function doMove()
 {
     if (!Current_User::authorized('wiki', 'edit_page') && !(PHPWS_Settings::get('wiki', 'allow_page_edit') && Current_User::isLogged()) || !$this->allow_edit) {
         Current_User::disallow(dgettext('wiki', 'User attempted to execute a wiki page move.'));
         return;
     }
     if (strlen($_POST['newpage']) == 0) {
         WikiManager::sendMessage(dgettext('wiki', 'Please supply a new page title'), array('page_op' => 'move', 'page' => $this->getTitle(FALSE)));
     }
     $db = new PHPWS_DB('wiki_pages');
     $db->addWhere('title', $_POST['newpage']);
     $result = $db->select();
     if ($result != NULL) {
         WikiManager::sendMessage(dgettext('wiki', 'Page with that name already exists!'), array('page_op' => 'move', 'page' => $this->getTitle(FALSE)));
     }
     $this->setTitle($_POST['newpage']);
     $db->reset();
     $db->saveObject($this);
     $db2 = new PHPWS_DB('wiki_pages_version');
     $db2->addWhere('title', $_POST['page']);
     $db2->addValue('title', $this->getTitle(FALSE));
     $db2->update();
     $db3 = new PHPWS_DB('phpws_key');
     $db3->addWhere('item_id', $this->getId());
     $db3->addWhere('module', 'wiki');
     $db3->addValue('title', $this->getTitle());
     $db3->addValue('url', (MOD_REWRITE_ENABLED ? 'wiki/' : 'index.php?module=wiki&page=') . $this->getTitle(FALSE));
     $db3->update();
     // Create redirect page
     $redirect = new WikiPage($_POST['page']);
     $redirect->setPagetext(sprintf(dgettext('wiki', 'This page has moved to %s.  Please modify links to point to the new location.'), $this->getTitle(FALSE)));
     $redirect->setOwnerId(Current_User::getId());
     $redirect->setEditorId(Current_User::getId());
     $redirect->setCreated(mktime());
     $redirect->setUpdated(mktime());
     $redirect->setComment(sprintf(dgettext('wiki', 'Moved page to %s.'), $this->getTitle(FALSE)));
     $redirect->save();
     PHPWS_Core::initModClass('version', 'Version.php');
     $version = new Version('wiki_pages');
     $version->setSource($redirect);
     $version->setApproved(1);
     $version->save();
     WikiManager::sendMessage(dgettext('wiki', 'Wiki Page Moved!'), array('page' => $this->getTitle(FALSE)), FALSE);
 }

Beispiel #27

Datei: WikiManager.php Projekt: Jopperi/wiki

 /**
  * Image upload
  *
  * @author Greg Meiste <*****@*****.**>
  */
 function imageUpload()
 {
     if (!Current_User::authorized('wiki', 'upload_images') && !(PHPWS_Settings::get('wiki', 'allow_image_upload') && Current_User::isLogged())) {
         Current_User::disallow(dgettext('wiki', 'User attempted access to image upload.'));
         return;
     }
     PHPWS_Core::initModClass('wiki', 'WikiImage.php');
     PHPWS_Core::initCoreClass('DBPager.php');
     if (isset($_POST['op']) && $_POST['op'] == 'doimageupload') {
         $newImage = new WikiImage();
         WikiManager::sendMessage($newImage->save(), 'imageupload');
     }
     if ($_REQUEST['op'] == 'doimagedelete') {
         $delImage = new WikiImage($_REQUEST['id']);
         WikiManager::sendMessage($delImage->delete(), 'imageupload');
     }
     $tags = WikiImage::add();
     $tags['BACK'] = PHPWS_Text::moduleLink(dgettext('wiki', 'Back to Wiki'), 'wiki');
     $tags['MESSAGE'] = WikiManager::getMessage();
     $tags['IMAGE_UPLOAD_LABEL'] = dgettext('wiki', 'Image Upload');
     $tags['IMAGE_LIST_LABEL'] = dgettext('wiki', 'Image List');
     $tags['USAGE'] = sprintf(dgettext('wiki', 'To include an image in a page, use %s.'), '[[image picture.jpg]]');
     $tags['LIST_FILENAME'] = dgettext('wiki', 'Filename');
     $tags['LIST_SIZE'] = dgettext('wiki', 'Size');
     $tags['LIST_TYPE'] = dgettext('wiki', 'Type');
     $tags['LIST_OWNER'] = dgettext('wiki', 'Uploader');
     $tags['LIST_CREATED'] = dgettext('wiki', 'Upload Date');
     $tags['LIST_ACTIONS'] = dgettext('wiki', 'Actions');
     $pager = new DBPager('wiki_images', 'WikiImage');
     $pager->setModule('wiki');
     $pager->setTemplate('images/admin.tpl');
     $pager->addToggle(PHPWS_LIST_TOGGLE_CLASS);
     $pager->addPageTags($tags);
     $pager->addRowTags('getTpl');
     $pager->setSearch('filename', 'summary');
     $pager->setDefaultOrder('filename', 'asc');
     $pager->setEmptyMessage(dgettext('wiki', 'No images found.'));
     $pager->cacheQueries();
     $template['TITLE'] = dgettext('wiki', 'Wiki Images');
     $template['CONTENT'] = $pager->get();
     Layout::add(PHPWS_Template::process($template, 'wiki', 'box.tpl'), 'wiki', 'wiki_mod', TRUE);
 }

Beispiel #28

Datei: PageSmith.php Projekt: par-orillonsoft/phpwebsite

 public function admin()
 {
     if (!Current_User::allow('pagesmith')) {
         Current_User::disallow();
     }
     $this->loadPanel();
     $javascript = false;
     switch ($_REQUEST['aop']) {
         case 'block_info':
             $this->getTextBlockData($_GET['bid'], $_GET['pid'], $_GET['section_id']);
             exit;
         case 'save_block':
             $this->saveBlockData($_POST['pid'], $_POST['bid'], $_POST['section_id'], $_POST['content']);
             PHPWS_Cache::clearCache();
             exit;
         case 'get_undo':
             $this->getLastUndo($_GET['pid'], $_GET['bid'], $_GET['section_id']);
             exit;
         case 'menu':
             $this->loadForms();
             if (!isset($_GET['tab'])) {
                 $tab = $this->panel->getCurrentTab();
             } else {
                 $tab =& $_GET['tab'];
             }
             switch ($tab) {
                 case 'new':
                     $this->resetUndoSession(0);
                     $this->clearPageSession();
                     $this->loadPage();
                     $this->forms->editPage();
                     break;
                 case 'list':
                     $this->forms->pageList();
                     break;
                 case 'settings':
                     if (!Current_User::allow('pagesmith', null, null, null, true)) {
                         Current_User::disallow();
                     }
                     $this->forms->settings();
                     break;
             }
             break;
         case 'edit_page':
             $this->resetUndoSession(0);
             $this->loadPage();
             if (!$this->page->id) {
                 $this->title = dgettext('pagesmith', 'Sorry');
                 $this->content = dgettext('pagesmith', 'Page not found');
                 break;
             }
             $this->loadForms();
             if (!Current_User::allow('pagesmith', 'edit_page', $this->page->id)) {
                 Current_User::disallow();
             }
             $this->page->loadSections(true);
             $this->forms->pageLayout();
             break;
         case 'pick_template':
             $this->resetUndoSession(0);
             $this->loadForms();
             $this->loadPage();
             $this->page->loadTemplate();
             $this->page->loadSections(true);
             $this->killSaved($this->page->id);
             $this->forms->editPage();
             break;
         case 'delete_page':
             if (!Current_User::authorized('pagesmith', 'delete_page')) {
                 Current_User::disallow();
             }
             $this->loadPage();
             $this->page->delete();
             PHPWS_Cache::clearCache();
             $this->loadForms();
             $this->forms->pageList();
             break;
         case 'edit_page_header':
             $this->loadPage();
             $this->loadForms();
             $this->forms->editPageHeader();
             $javascript = true;
             break;
         case 'delete_section':
             $this->deleteSection($_GET['sec_id']);
             exit;
             break;
         case 'post_header':
             $this->postHeader();
             break;
         case 'post_text':
             $this->postText();
             break;
         case 'post_page':
             $result = $this->postPage();
             switch ($result) {
                 case -1:
                     $this->loadForms();
                     $this->page->loadSections(true);
                     $this->forms->editPage();
                     break;
                 case 0:
                     $this->message = dgettext('pagesmith', 'Not enough content to create a page.');
                     $this->loadForms();
                     $this->page->loadSections(true);
                     $this->forms->editPage();
                     break;
                 case 1:
                     $this->killSaved($this->page->id);
                     PHPWS_Cache::clearCache();
                     PHPWS_Core::reroute($this->page->url());
                     break;
             }
             break;
         case 'front_page_toggle':
             $db = \Database::newDB();
             $db->addTable('ps_page')->addValue('front_page', 0);
             $db->update();
             $this->loadPage();
             $this->page->front_page = (bool) $_GET['fp'];
             $this->page->save();
             PHPWS_Cache::clearCache();
             $this->removeFromMenu();
             $this->loadForms();
             $this->forms->pageList();
             break;
         case 'shorten_links':
             if (!Current_User::authorized('pagesmith', 'settings', null, null, true)) {
                 Current_User::disallow();
             }
             $this->shortenLinks();
             PHPWS_Core::goBack();
             break;
         case 'lengthen_links':
             if (!Current_User::authorized('pagesmith', 'settings', null, null, true)) {
                 Current_User::disallow();
             }
             $this->lengthenLinks();
             PHPWS_Core::goBack();
             break;
         case 'post_settings':
             if (!Current_User::authorized('pagesmith', 'settings', null, null, true)) {
                 Current_User::disallow();
             }
             $this->postSettings();
             $this->message = dgettext('pagesmith', 'Settings saved');
             $this->loadForms();
             $this->forms->settings();
             break;
         default:
             PHPWS_Core::errorPage('404');
             break;
     }
     if ($javascript) {
         $tpl['TITLE'] = $this->title;
         $tpl['CONTENT'] = $this->content;
         $tpl['MESSAGE'] = $this->message;
         Layout::nakedDisplay(PHPWS_Template::process($tpl, 'pagesmith', 'admin_main.tpl'));
     } else {
         Layout::add(PHPWS_ControlPanel::display($this->panel->display($this->content, $this->title, $this->message)));
     }
 }

Beispiel #29

Datei: WikiSettings.php Projekt: Jopperi/wiki

 /**
  * Settings Administration
  *
  * @author Greg Meiste <*****@*****.**>
  */
 function admin()
 {
     if (!Current_User::authorized('wiki', 'edit_settings')) {
         Current_User::disallow(dgettext('wiki', 'User attempted access to Wiki Settings administration.'));
         return;
     }
     javascript('jquery');
     PHPWS_Core::initModClass('wiki', 'WikiPage.php');
     PHPWS_Core::initCoreClass('DBPager.php');
     if (isset($_POST['op']) && $_POST['op'] == 'savesettings') {
         WikiManager::sendMessage(WikiSettings::save(), 'admin');
     }
     $tabs = 1;
     $form = new PHPWS_Form();
     $msg = dgettext('wiki', 'Enabling this setting will show the default wiki page on the home page of the web site.');
     $form->addCheck('show_on_home');
     $form->setMatch('show_on_home', PHPWS_Settings::get('wiki', 'show_on_home'));
     $form->addTplTag('SHOW_ON_HOME_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Show on home page'), 'id' => 'show_on_home_info', 'message' => $msg)));
     $form->setTab('show_on_home', $tabs++);
     $msg = dgettext('wiki', 'Enabling this setting will allow all visitors to view the wiki.
                              When disabled, only registered users can view the wiki.');
     $form->addCheck('allow_anon_view');
     $form->setMatch('allow_anon_view', PHPWS_Settings::get('wiki', 'allow_anon_view'));
     $form->addTplTag('ALLOW_ANON_VIEW_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Allow anonymous viewing'), 'id' => 'allow_anon_view_info', 'message' => $msg)));
     $form->setTab('allow_anon_view', $tabs++);
     $msg = dgettext('wiki', 'Enabling this setting will allow all registered users to edit pages.  When disabled, only
                              registered users with admin privileges can edit pages. Anonymous visitors can never edit pages.');
     $form->addCheck('allow_page_edit');
     $form->setMatch('allow_page_edit', PHPWS_Settings::get('wiki', 'allow_page_edit'));
     $form->addTplTag('ALLOW_PAGE_EDIT_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Allow all registered users to edit pages'), 'id' => 'allow_page_edit_info', 'message' => $msg)));
     $form->setTab('allow_page_edit', $tabs++);
     $msg = dgettext('wiki', 'Enabling this setting will allow all registered users to upload images.  When disabled, only
                              registered users with admin privileges can upload images.  Anonymous visitors can never upload images.');
     $form->addCheck('allow_image_upload');
     $form->setMatch('allow_image_upload', PHPWS_Settings::get('wiki', 'allow_image_upload'));
     $form->addTplTag('ALLOW_IMAGE_UPLOAD_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Allow all registered users to upload images'), 'id' => 'allow_image_upload_info', 'message' => $msg)));
     $form->setTab('allow_image_upload', $tabs++);
     $msg = dgettext('wiki', 'When enabled, the page text will also be parsed by the BBCode parser instead of just the Text_Wiki
                              parser. Keep in mind that everything you can do with BBCode can be done with wikitax.');
     $form->addCheck('allow_bbcode');
     $form->setMatch('allow_bbcode', PHPWS_Settings::get('wiki', 'allow_bbcode'));
     $form->addTplTag('ALLOW_BBCODE_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Enable BBCode parser'), 'id' => 'allow_bbcode_info', 'message' => $msg)));
     $form->setTab('allow_bbcode', $tabs++);
     $msg = dgettext('wiki', 'When enabled, the extended character set will be supported for wiki page names.  For example,
                              German umlauts would be allowed in a wiki page name.');
     $form->addCheck('ext_chars_support');
     $form->setMatch('ext_chars_support', PHPWS_Settings::get('wiki', 'ext_chars_support'));
     $form->addTplTag('EXT_CHARS_SUPPORT_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Enable extended character set'), 'id' => 'ext_chars_support_info', 'message' => $msg)));
     $form->setTab('ext_chars_support', $tabs++);
     $msg = dgettext('wiki', 'Enabling this setting will add the current wiki page title to the site title which appears in the
                              browser title bar.  The site title is sometimes used in themes meaning this setting would add the
                              wiki page title to the theme as well.');
     $form->addCheck('add_to_title');
     $form->setMatch('add_to_title', PHPWS_Settings::get('wiki', 'add_to_title'));
     $form->addTplTag('ADD_TO_TITLE_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Add wiki page title to site title'), 'id' => 'add_to_title_info', 'message' => $msg)));
     $form->setTab('add_to_title', $tabs++);
     $msg = dgettext('wiki', 'Enabling this setting will format the current wiki page title before being displayed anywhere
                              (excluding the wiki page text) by the module.  The page title in the page text will have to be formatted
                              manually if you do not like the standard WordsSmashedTogether default. The automatic formatting by the
                              module will add spaces to the WikiPageTitle, making it Wiki Page Title.<br /><br />Remember, you will
                              still have to refer to the page as WikiPageTitle in the page text, but you can change its appearance by
                              using [WikiPageTitle Your Formatted Title Here].<br /><br />If this is confusing to you or others, it is
                              recommended to not use this feature.');
     $form->addCheck('format_title');
     $form->setMatch('format_title', PHPWS_Settings::get('wiki', 'format_title'));
     $form->addTplTag('FORMAT_TITLE_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Format the wiki page title before displaying'), 'id' => 'format_title_info', 'message' => $msg)));
     $form->setTab('format_title', $tabs++);
     $msg = dgettext('wiki', 'Enabling this setting will show the <b>Last modified by</b> information on each wiki page. However,
                              if UPDATED_INFO tag is not in the view template, the information will never show up, regardless of how
                              this option is set.');
     $form->addCheck('show_modified_info');
     $form->setMatch('show_modified_info', PHPWS_Settings::get('wiki', 'show_modified_info'));
     $form->addTplTag('SHOW_MODIFIED_INFO_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Show page modified information'), 'id' => 'show_modified_info_info', 'message' => $msg)));
     $form->setTab('show_modified_info', $tabs++);
     $msg = dgettext('wiki', 'By default, when comparing two page revisions, the changes will be presented in a two column format.
                              On fixed width layouts this could cause excessive horizontal scrolling.  Setting this option will change
                              the comparison to a single column format.');
     $form->addCheck('diff_type');
     $form->setMatch('diff_type', PHPWS_Settings::get('wiki', 'diff_type') == 'one_col');
     $form->addTplTag('DIFF_TYPE_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Use single column diff'), 'id' => 'diff_type_info', 'message' => $msg)));
     $form->setTab('diff_type', $tabs++);
     $msg = dgettext('wiki', 'Enabling this setting will email a notification to the Wiki Administrator email address on every page edit.');
     $form->addCheck('monitor_edits');
     $form->setMatch('monitor_edits', PHPWS_Settings::get('wiki', 'monitor_edits'));
     $form->addTplTag('MONITOR_EDITS_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Monitor Edits'), 'id' => 'monitor_edits_info', 'message' => $msg)));
     $form->setTab('monitor_edits', $tabs++);
     $msg = dgettext('wiki', 'Enter in the email address of the Wiki administrator.  If this field is left blank or has an invalid email
                              address, then the change will be ignored.');
     $form->addText('admin_email', PHPWS_Settings::get('wiki', 'admin_email'));
     $form->setSize('admin_email', 25);
     $form->addTplTag('ADMIN_EMAIL_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Wiki Admin Email'), 'id' => 'admin_email_info', 'message' => $msg)));
     $form->setTab('admin_email', $tabs++);
     $msg = dgettext('wiki', 'This is the body text of the email sent when wiki pages are edited.  HTML will be stripped out as the email
                              will be sent as Plain Text.  You can use variables [page] and [url] to represent the name of the wiki page
                              and the url to view the page, respectively.');
     $form->addTextArea('email_text', PHPWS_Settings::get('wiki', 'email_text'));
     $form->setWidth('email_text', '80%');
     $form->setRows('email_text', 5);
     $form->addTplTag('EMAIL_TEXT_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Email Notification Text'), 'id' => 'email_text_info', 'message' => $msg)));
     $form->setTab('email_text', $tabs++);
     $msg = dgettext('wiki', 'The default page to display when no instructions are passed to the Wiki module.');
     $form->addText('default_page', PHPWS_Settings::get('wiki', 'default_page'));
     $form->setSize('default_page', 25, 100);
     $form->addTplTag('DEFAULT_PAGE_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Default page'), 'id' => 'default_page_info', 'message' => $msg)));
     $form->setTab('default_page', $tabs++);
     $msg = dgettext('wiki', 'This controls where external pages will appear. _blank opens the new page in a new window. _parent is
                              used in the situation where a frameset file is nested inside another frameset file. A link in one of
                              the inner frameset documents which uses _parent will load the new page where the inner frameset file had
                              been. If the current page\'s frameset file does not have any parent, then _parent works exactly like
                              _top - the new document is loaded in the full window. _self puts the new page in the same window and
                              frame as the current page.');
     $options = array('_blank' => '_blank', '_parent' => '_parent', '_self' => '_self', '_top' => '_top');
     $form->addSelect('ext_page_target', $options);
     $form->setMatch('ext_page_target', PHPWS_Settings::get('wiki', 'ext_page_target'));
     $form->addTplTag('EXT_PAGE_TARGET_LABEL', javascript('slider', array('link' => dgettext('wiki', 'Target for external links'), 'id' => 'ext_page_target_info', 'message' => $msg)));
     $form->setTab('ext_page_target', $tabs++);
     $form->addCheck('immutable_page');
     $form->setMatch('immutable_page', PHPWS_Settings::get('wiki', 'immutable_page'));
     $form->setLabel('immutable_page', dgettext('wiki', 'Show immutable page text (if applicable)'));
     $form->setTab('immutable_page', $tabs++);
     $form->addCheck('raw_text');
     $form->setMatch('raw_text', PHPWS_Settings::get('wiki', 'raw_text'));
     $form->setLabel('raw_text', dgettext('wiki', 'Show raw text link'));
     $form->setTab('raw_text', $tabs++);
     $form->addCheck('print_view');
     $form->setMatch('print_view', PHPWS_Settings::get('wiki', 'print_view'));
     $form->setLabel('print_view', dgettext('wiki', 'Show print view link'));
     $form->setTab('print_view', $tabs++);
     $form->addCheck('what_links_here');
     $form->setMatch('what_links_here', PHPWS_Settings::get('wiki', 'what_links_here'));
     $form->setLabel('what_links_here', dgettext('wiki', 'Show what links here link'));
     $form->setTab('what_links_here', $tabs++);
     $form->addCheck('recent_changes');
     $form->setMatch('recent_changes', PHPWS_Settings::get('wiki', 'recent_changes'));
     $form->setLabel('recent_changes', dgettext('wiki', 'Show recent changes link'));
     $form->setTab('recent_changes', $tabs++);
     $form->addCheck('random_page');
     $form->setMatch('random_page', PHPWS_Settings::get('wiki', 'random_page'));
     $form->setLabel('random_page', dgettext('wiki', 'Show random page link'));
     $form->setTab('random_page', $tabs++);
     $form->addCheck('discussion');
     $form->setMatch('discussion', PHPWS_Settings::get('wiki', 'discussion'));
     $form->setLabel('discussion', dgettext('wiki', 'Enable discussion for registered users'));
     $form->setTab('discussion', $tabs++);
     $form->addCheck('discussion_anon');
     $form->setMatch('discussion_anon', PHPWS_Settings::get('wiki', 'discussion_anon'));
     $form->setLabel('discussion_anon', dgettext('wiki', 'Allow anonymous discussion'));
     $form->setTab('discussion_anon', $tabs++);
     $form->addSubmit('save', dgettext('wiki', 'Save Settings'));
     $form->setTab('save', $tabs);
     $form->addHidden('module', 'wiki');
     $form->addHidden('op', 'savesettings');
     $tags = $form->getTemplate();
     $tags['BACK'] = PHPWS_Text::moduleLink(dgettext('wiki', 'Back to Wiki'), 'wiki');
     $tags['MESSAGE'] = WikiManager::getMessage();
     $tags['MENU_ITEMS_LABEL'] = dgettext('wiki', 'Menu Items');
     $tags['DISCUSSION_SECTION_LABEL'] = dgettext('wiki', 'Discussion');
     $tags['SETTINGS_LABEL'] = dgettext('wiki', 'Settings');
     $tags['PAGES_LABEL'] = dgettext('wiki', 'Wiki Pages');
     $tags['TITLE'] = dgettext('wiki', 'Page Name');
     $tags['UPDATED'] = dgettext('wiki', 'Updated');
     $tags['VERSION'] = dgettext('wiki', 'Version');
     $tags['HITS'] = dgettext('wiki', 'Hits');
     $tags['ORPHANED'] = dgettext('wiki', 'Orphaned');
     $tags['ACTIONS'] = dgettext('wiki', 'Actions');
     $pager = new DBPager('wiki_pages', 'WikiPage');
     $pager->setModule('wiki');
     $pager->setTemplate('admin.tpl');
     $pager->addToggle(PHPWS_LIST_TOGGLE_CLASS);
     $pager->addPageTags($tags);
     $pager->addRowTags('getTpl');
     $pager->setSearch('title', 'pagetext');
     $pager->setDefaultOrder('title', 'asc');
     $pager->cacheQueries();
     $template['TITLE'] = dgettext('wiki', 'Wiki Administration');
     $template['CONTENT'] = $pager->get();
     Layout::add(PHPWS_Template::process($template, 'wiki', 'box.tpl'), 'wiki', 'wiki_mod', TRUE);
 }

Beispiel #30

Datei: index.php Projekt: HaldunA/phpwebsite

<?php

/**
 * @version $Id$
 * @author Matthew McNaney <mcnaney at gmail dot com>
 */
if (!defined('PHPWS_SOURCE_DIR')) {
    include '../../core/conf/404.html';
    exit;
}
PHPWS_Core::initModClass('access', 'Access.php');
if (Current_User::authorized('access')) {
    Access::main();
} else {
    Current_User::disallow();
    exit;
}