public function init()
{
if (Z_Auth::getInstance()->getUser()->getLogin() == 'guest') {
$this->_redirect('/admin');
return;
}
$role = Z_Auth::getInstance()->getUser()->getRole();
$acl = Z_Acl::getInstance();
$allowed = true;
try {
$allowed = $acl->isAllowed($role, 'z_backups', 'list');
} catch (Exception $e) {
$allowed = false;
}
if (!$allowed) {
$this->_redirect('/admin');
return;
}
if ($this->_getParam('action') != 'download' && !$this->getRequest()->isXmlHttpRequest()) {
$this->_redirect('/admin');
return;
}
$this->_helper->viewRenderer->setNoRender(true);
Zend_Layout::getMvcInstance()->disableLayout();
@ini_set("memory_limit", "-1");
$this->session = new Zend_Session_Namespace("z_backup");
}
public function preDispatch()
{
if (isset($_POST['z-ajax-form'])) {
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest';
}
//сменя лэйаута при аякс вызове
if ($this->getRequest()->isXmlHttpRequest()) {
$this->_helper->layout()->setLayout('ajax');
} else {
$action = $this->_request->getActionName();
$controller = $this->_request->getControllerName();
if ($action != 'index' || $controller != 'index') {
$this->_forward('index', 'index');
}
$this->disableRenderView();
}
$action = $this->_request->getActionName();
$controller = $this->_request->getControllerName();
$module = $this->_request->getModuleName();
if ($action != 'index' && $controller != 'index' && $controller != 'z_user' && $controller != 'z_menu' && $controller != 'error') {
$role = Z_Auth::getInstance()->getUser()->getRole();
$acl = Z_Acl::getInstance();
$allowed = true;
try {
$allowed = $acl->isAllowed($role, $controller, $action);
} catch (Exception $e) {
if (Z_Auth::getInstance()->getUser()->getRole() == 'root') {
Z_FlashMessenger::addMessage('Роль, ресурс или привилегия не существует.');
}
$allowed = false;
}
// if ($role=='root') $allowed=true;
if (!$allowed) {
$this->_forward('deny', 'error');
}
}
//конфиг
$this->_config = new Zend_Config($this->getInvokeArg('bootstrap')->getOptions());
$this->view->config = $this->_config;
//Аплоад файлов
$nameSpace = new Zend_Session_Namespace('Z-File-Uploader');
if ($nameSpace->files) {
$_FILES = $nameSpace->files;
$nameSpace->files = NULL;
}
}
/**
* Gets content panel for the Debugbar
*
* @return string
*/
public function getPanel()
{
if (!Z_Acl::getInstance()->isAllowed(Z_Auth::getInstance()->getUser()->getRole(), $this->_z_resourceId)) {
return;
}
$view = new Zend_View();
$modelSeo = new Z_Model_Titles();
$currentItem = $modelSeo->fetchRow(array('uri=?' => $_SERVER['REQUEST_URI']));
if ($currentItem) {
$adminUrl = '/admin/z_seo/edit/id/' . $currentItem->id;
$adminLinkText = 'Изменить';
} else {
$adminUrl = '/admin/z_seo/add/uri/' . base64_encode($_SERVER['REQUEST_URI']);
$adminLinkText = 'Добавить';
}
return '<h4>Текущие значения:</h4>' . '<strong>URI:</strong> ' . $_SERVER['REQUEST_URI'] . '<br />' . '<strong>Заголовок:</strong> ' . strip_tags($view->headTitle()) . '<br />' . '<strong>Мета:</strong> <br />' . nl2br($view->escape($view->headMeta())) . '<br />' . '<br /><a href="' . $adminUrl . '" target="_blank">' . $adminLinkText . '</a>';
}
private function getMenuArray($parentid = 0)
{
$items = $this->_model->fetchAll(array('parentid=?' => $parentid, 'visible=?' => 1), 'orderid')->toArray();
$retitems = array();
foreach ($items as $key => $item) {
$resource = $item['resourceId'];
if (!Z_Acl::getInstance()->has($resource)) {
continue;
}
$additem = array('label' => $item['title'], 'module' => $this->_getParam('module'), 'class' => 'z-ajax', 'controller' => $resource, 'action' => $item['actionId'], 'resource' => $resource, 'privilege' => 'view_menu', 'visible' => $item['visible'] == '1' ? true : false);
if ($sub = $this->getMenuArray($item['id'])) {
$additem['class'] = 'z-admin-menu-path';
$additem['pages'] = $sub;
}
$retitems[] = $additem;
}
return $retitems;
}
<?php
include '../../../../defines.php';
// Create application, bootstrap, and run
$application = new Zend_Application(APPLICATION_ENV, APPLICATION_PATH . '/configs/application.ini');
$application->bootstrap();
$role = Z_Auth::getInstance()->getUser()->getRole();
$acl = Z_Acl::getInstance();
try {
$allow = $acl->isAllowed($role, 'filesystem');
} catch (Exception $e) {
$allow = false;
}
if (!$allow) {
exit;
}
error_reporting(0);
// Set E_ALL for debuging
if (function_exists('date_default_timezone_set')) {
date_default_timezone_set('Europe/Moscow');
}
include_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'elFinder.class.php';
/**
* Simple example how to use logger with elFinder
**/
class elFinderLogger implements elFinderILogger
{
public function log($cmd, $ok, $context, $err = '', $errorData = array())
{
if (false != ($fp = fopen('./log.txt', 'a'))) {
if ($ok) {
/**
* @return Z_Acl
*/
public static function getInstance()
{
if (null === self::$_instance) {
$cache = Z_Cache::getInstance();
if (!($acl = $cache->load('z_acl'))) {
$acl = new Z_Acl();
$cache->save($acl, 'z_acl');
}
self::$_instance = $acl;
}
return self::$_instance;
}
/**
* Устанавливает все настройки контроллера на основании информации о ресурсе
*/
protected function exportResourceInfo(Zend_Db_Table_Row $info)
{
$fieldsToMove = array('resourceId', 'title', 'datatype', 'default_field', 'paginate', 'group', 'can_delete', 'can_edit', 'can_add', 'delete_confirm', 'delete_on_have_child', 'sortable', 'sortable_position', 'indexate');
//установка моделей
if (!$info->model) {
throw new Exception('Не указана модель');
}
$modelName = $info->model;
$this->z_model = new $modelName();
//колонки
$modelResourcecolumns = new Z_Model_Resourcecolumns();
$columns = $modelResourcecolumns->fetchAll(array('resourceid=?' => $info->id), 'orderid');
foreach ($columns as $column) {
//добавление фильтров в условие (если фильтры имеются)
$filterValue = $this->_getParam('filter_' . $info->resourceId . '_' . $column->field, NULL);
//var_dump(urldecode(base64_decode($filterValue)));
if (is_array($filterValue)) {
$filterValue = implode('{{}}', $filterValue);
}
$filterValue = $filterValue ? urldecode(base64_decode($filterValue)) : $filterValue;
if ($column->filter_query && $filterValue !== NULL) {
if (strpos($filterValue, '{{}}')) {
$this->z_conditions[] = array('condition' => $column->filter_query, 'value' => new Zend_Db_Expr(str_replace('{{}}', ',', $filterValue)));
} else {
$this->z_conditions[] = array('condition' => $column->filter_query, 'value' => strpos($column->filter_query, 'LIKE') > 0 ? '%' . $filterValue . '%' : $filterValue);
}
$info->sortable = false;
}
//добавление сортировки по параметрам
$orderdir = '';
$ordered = false;
if ($column->orderlink && $this->_getParam($info->resourceId . '_orderfield') == $column->field) {
$orderdir = $this->_getParam($info->resourceId . '_orderdir') == 'desc' ? 'DESC' : '';
$this->z_order[] = $column->field . ($orderdir ? ' ' . $orderdir : ' ASC');
$ordered = true;
$info->sortable = false;
}
$this->z_columns[$column->field] = array('title' => $column->title, 'width' => $column->width, 'orderlink' => $column->orderlink ? true : false, 'orderdir' => $orderdir, 'ordered' => $ordered, 'template' => $column->template ? $column->template : false, 'eval' => $column->eval ? $column->eval : false, 'escape' => $column->escape ? true : false, 'filter' => $column->filter_query ? $column->filter_query : false, 'filter_value' => $filterValue, 'filter_items' => $column->filter_items ? eval($column->filter_items) : false, 'on_have_subcat' => $column->on_have_subcat, 'visible' => $column->visible);
}
//добавление ссылок на дочерние таблицы
$childResources = $this->getResourceModel()->fetchAll(array('parentid=?' => $info->id, 'parent_field!=?' => '', 'model!=?' => ''), 'orderid');
foreach ($childResources as $childResource) {
//проверка на правдо доступа.
//Если нет доступа на этот ресурс, пропускаем добавление ссылки на него
if (!Z_Acl::getInstance()->isAllowed(Z_Auth::getInstance()->getUser()->getRole(), $childResource->resourceId, 'list')) {
continue;
}
$this->z_child_resources[] = $childResource->toArray();
$this->z_columns[$childResource->resourceId . '_resource'] = array('title' => $childResource->title, 'eval' => 'return "<a class=\\"z-ajax\\" href=\\"".$this->url(array("controller"=>"' . $childResource->resourceId . '","action"=>"' . $childResource->actionId . '","' . $childResource->resourceId . '_parentid"=>{{id}},"z_catalog_sysparentid"=>NULL))."\\">' . $childResource->title . '</a>";', 'on_have_subcat' => $childResource->on_have_subcat);
}
$this->view->columns = $this->z_columns;
//89649415502
//Джойны
$modelResourcejoins = new Z_Model_Resourcejoins();
$joins = $modelResourcejoins->fetchAll(array('resourceid=?' => $info->id), 'orderid');
foreach ($joins as $join) {
$modelName = $join->model;
if (class_exists($modelName)) {
$model = new $modelName();
$joinTableName = $model->info('name');
} else {
$joinTableName = $modelName;
}
$fields = array();
$fieldsArray = explode(';', $join->fields);
foreach ($fieldsArray as $fiendPair) {
$fieldPairArray = explode('|', $fiendPair);
$realfield = $fieldPairArray[0];
$logicfield = isset($fieldPairArray[1]) ? $fieldPairArray[1] : $realfield;
$fields[$logicfield] = $realfield;
}
$template = new Z_View_Template($join->condition, array('table' => $this->z_model->info('name'), 'jointable' => $joinTableName));
$this->z_joins[] = array('table' => $joinTableName, 'condition' => $template->render(), 'fields' => $fields);
}
//условия
$modelResourceconditions = new Z_Model_Resourceconditions();
$condidtions = $modelResourceconditions->fetchAll(array('resourceid=?' => $info->id));
foreach ($condidtions as $condidtion) {
$this->z_conditions[] = array('condition' => $condidtion->condition, 'value' => $condidtion->value);
}
//условия при наличии родительского ресурса
if ($info->parent_field && ($parentid = $this->_getParam($info->resourceId . '_parentid'))) {
$this->z_conditions[] = array('condition' => $this->z_model->info('name') . '.' . $info->parent_field . '=?', 'value' => $parentid);
$this->z_addfields[$info->parent_field] = $parentid;
}
$modelRasourceRefers = new Z_Model_Resourcerefers();
foreach ($modelRasourceRefers->fetchAll(array('resourceid=?' => $info->id)) as $refer) {
$this->z_refers[$refer->field] = $refer->toArray();
}
//копирование параметров во вью и в атрибуты класса
if ($info->sortable_position != 'top' && $info->sortable_position != 'bottom') {
$info->sortable_position = 'bottom';
}
foreach ($fieldsToMove as $field) {
$zField = 'z_' . $field;
if ($this->{$zField} !== NULL) {
$info->{$field} = $this->{$zField};
}
$this->{$zField} = $info->{$field};
$this->view->{$field} = $info->{$field};
}
//
//сортировка
if ($this->z_sortable) {
$this->z_order[] = 'orderid asc';
} else {
$orderArray = explode(';', $info->order);
foreach ($orderArray as $order) {
if ($order = trim($order)) {
$this->z_order[] = $order;
}
}
}
//доп кнопки вверху
$modelButtons = new Z_Model_Resourcebuttons();
$buttons = $modelButtons->fetchAll(array('resourceid=?' => $info->id), 'orderid');
foreach ($buttons->toArray() as $button) {
$button['url'] = eval($button['url']);
$this->z_additional_buttons[] = $button;
}
// $this->z_additional_buttons = array_merge($buttons->toArray(),$this->z_additional_buttons);
$this->view->additional_buttons = $this->z_additional_buttons;
$modelForms = new Z_Model_Resourceforms();
$elements = $modelForms->fetchAll(array('resourceid=?' => $this->z_resourceInfo->id, 'type=?' => 'MultiImage'));
//ech(count($elements));
if (count($elements)) {
$this->view->multibutton = true;
} else {
$this->view->multibutton = false;
}
}
public function FormMce($name, $value = null, $attribs = null)
{
$info = $this->_getInfo($name, $value, $attribs);
extract($info);
// name, value, attribs, options, listsep, disable
$role = Z_Auth::getInstance()->getUser()->getRole();
$acl = Z_Acl::getInstance();
$filemanager = isset($attribs['filemanager']) ? $attribs['filemanager'] : true;
try {
$allowFileManager = $acl->isAllowed($role, 'filemanager');
} catch (Exception $e) {
$allowFileManager = false;
}
$filemanager = $filemanager && $allowFileManager;
$filemanagerScript = '
mode : "textareas",
file_browser_callback: function(field_name, url, type, win) {
aFieldName = field_name, aWin = win;
if($("#elfinder").length == 0)
{
$("body").append($("<div/>").attr("id", "elfinder"));
$("#elfinder").elfinder({
url : "/sys/elfinder/connectors/php/connector.php",
lang: "ru",
dialog : { width: 800, modal: true, title: "Файловый менеджер", zIndex: 400001 }, // open in dialog window
editorCallback: function(url)
{
aWin.document.forms[0].elements[aFieldName].value = url;
},
closeOnEditorCallback: true
});
}
else
{
$("#elfinder").elfinder("open");
}
},
';
$toolbar = isset($attribs['toolbar']) ? $attribs['toolbar'] : $this->_mce_default_toolbar;
$toolbar = isset($this->_mce_toolbar[$toolbar]) ? $toolbar : $this->_mce_default_toolbar;
$script = '$("#' . $id . '").tinymce({
theme : "advanced",
language : "ru",
' . $this->_mce_toolbar[$toolbar] . '
' . ($filemanager ? $filemanagerScript : '') . '
' . (isset($attribs['content_css']) ? 'content_css : "' . $attribs['content_css'] . '",' : '') . '
theme_advanced_toolbar_location : "top",
theme_advanced_toolbar_align : "left",
theme_advanced_statusbar_location : "bottom",
theme_advanced_resizing : true,
theme_advanced_resize_horizontal : false,
extended_valid_elements : "iframe[name|src|framespacing|border|frameborder|scrolling|title|height|width|style],object[declare|classid|codebase|data|type|codetype|archive|standby|height|width|usemap|name|tabindex|align|border|hspace|vspace],div[id|style|class]",
media_strict: false,
// force_br_newlines : true,
// force_p_newlines : false,
// forced_root_block : "",
width: "100%",
height: "' . (isset($attribs['height']) ? $attribs['height'] : '300px') . '",
onchange_callback: "z_mce_save",
execcommand_callback: "z_mce_save_event",
remove_script_host: true,
relative_urls: false
});';
jQuery::evalScript($script);
unset($attribs['toolbar']);
// build the element
$xhtml = '<textarea name="' . $this->view->escape($name) . '"' . ' id="' . $this->view->escape($id) . '"' . $this->_htmlAttribs($attribs) . '>' . $value . '</textarea><a href="#" class="" onclick="tinymce.execCommand(\'mceToggleEditor\',false,\'' . $id . '\');">Вкл/Выкл редактор.</a>';
return $xhtml;
}
/**
* Defined by Zend_Controller_Plugin_Abstract
*/
public function dispatchLoopShutdown()
{
$html = '';
if ($this->getRequest()->isXmlHttpRequest() || isset($_POST['z-ajax-form'])) {
return;
}
if (Zend_Controller_Front::getInstance()->getRequest()->getModuleName() == 'admin') {
return;
}
if (!Z_Acl::getInstance()->isAllowed(Z_Auth::getInstance()->getUser()->getRole(), 'z_adminpanel')) {
return;
}
/**
* Creating menu tab for all registered plugins
*/
foreach ($this->_plugins as $plugin) {
$panel = $plugin->getPanel();
if ($panel == '') {
continue;
}
/* @var $plugin ZAdminPanel_Controller_Plugin_Debug_Plugin_Interface */
$html .= '<div id="ZAdminPanel_' . $plugin->getIdentifier() . '" class="ZAdminPanel_panel">' . $panel . '</div>';
}
$html .= '<div id="ZAdminPanel_info">';
/**
* Creating panel content for all registered plugins
*/
foreach ($this->_plugins as $plugin) {
$tab = $plugin->getTab();
if ($tab == '') {
continue;
}
/* @var $plugin ZAdminPanel_Controller_Plugin_Debug_Plugin_Interface */
$html .= '<span class="ZAdminPanel_span clickable" onclick="ZAdminPanelPanel(\'ZAdminPanel_' . $plugin->getIdentifier() . '\');">';
$html .= '<img src="' . $this->_icon($plugin->getIdentifier()) . '" style="vertical-align:middle" alt="' . $plugin->getIdentifier() . '" title="' . $plugin->getIdentifier() . '" /> ';
$html .= $tab . '</span>';
}
$html .= '<span class="ZAdminPanel_span ZAdminPanel_last clickable" id="ZAdminPanel_toggler" onclick="ZAdminPanelSlideBar()">«</span>';
$html .= '</div>';
$this->_output($html);
}