function __construct()
{
date_default_timezone_set('Asia/Jakarta');
parent::__construct();
check_address();
check_login();
if (!check_menu()) {
redirect(base_url() . 'dashboard/');
}
$this->load->model('Model_inventory_correction');
$this->load->model('Model_products_variant_detail');
}
public function get_data()
{
//param
$param['name'] = $this->input->post('name', TRUE) ? $this->input->post('name', TRUE) : "";
$param['code'] = $this->input->post('code', TRUE) ? $this->input->post('code', TRUE) : "";
$param['discount_type'] = $this->input->post('discount_type', TRUE) ? $this->input->post('discount_type', TRUE) : 0;
$param['transaction_type'] = $this->input->post('transaction_type', TRUE) ? $this->input->post('transaction_type', TRUE) : 0;
$param['active'] = $this->input->post('active', TRUE) ? $this->input->post('active', TRUE) : 0;
$param['order'] = $this->input->post('order', TRUE) ? $this->input->post('order', TRUE) : -1;
//end param
//paging
$get_data = $this->Model_voucher->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 10;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_voucher->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['id'][$temp] = $row->id;
$data['name'][$temp] = $row->name;
$data['code'][$temp] = $row->code;
$data['discount_type'][$temp] = $row->discount_type;
$data['transaction_type'][$temp] = $row->transaction_type;
$data['value'][$temp] = number_format($row->value);
$data['usage'][$temp] = number_format($row->usage);
$data['start_date'][$temp] = $row->start_date == NULL ? NULL : date_format(date_create($row->start_date), 'd F Y H:i:s');
$data['end_date'][$temp] = $row->end_date == NULL ? NULL : date_format(date_create($row->end_date), 'd F Y H:i:s');
$data['active'][$temp] = $row->active;
$data['cretime'][$temp] = date_format(date_create($row->cretime), 'd F Y H:i:s');
$data['creby'][$temp] = $row->creby;
$data['modtime'][$temp] = $row->modtime == NULL ? NULL : date_format(date_create($row->modtime), 'd F Y H:i:s');
$data['modby'][$temp] = $row->modby;
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['allowed_delete'] = check_menu("", 3);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Voucher";
}
echo json_encode($data);
}
public function get_data()
{
//param
$param['url'] = $this->input->post('url', TRUE) ? $this->input->post('url', TRUE) : '';
$param['link'] = $this->input->post('link', TRUE) ? $this->input->post('link', TRUE) : '';
$param['active'] = $this->input->post('active', TRUE) ? $this->input->post('active', TRUE) : 0;
$param['order'] = $this->input->post('order', TRUE) ? $this->input->post('order', TRUE) : -1;
//end param
//paging
$get_data = $this->Model_slider->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 10;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_slider->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['id'][$temp] = $row->id;
$data['show_order'][$temp] = $row->show_order;
$data['url'][$temp] = $row->url;
$data['link'][$temp] = $row->link;
$data['target'][$temp] = $row->target;
$data['title'][$temp] = $row->title;
$data['description'][$temp] = $row->description;
$data['additional_text'][$temp] = $row->additional_text;
$data['active'][$temp] = $row->active;
$data['cretime'][$temp] = date_format(date_create($row->cretime), 'd F Y H:i:s');
$data['creby'][$temp] = $row->creby;
$data['modtime'][$temp] = $row->modtime == NULL ? NULL : date_format(date_create($row->modtime), 'd F Y H:i:s');
$data['modby'][$temp] = $row->modby;
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['allowed_delete'] = check_menu("", 3);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Slider";
}
echo json_encode($data);
}
public function get_data()
{
//param
$param['name'] = $this->input->post('name', TRUE) ? $this->input->post('name', TRUE) : "";
$param['store_name'] = $this->input->post('store_name', TRUE) ? $this->input->post('store_name', TRUE) : "";
$param['email'] = $this->input->post('email', TRUE) ? $this->input->post('email', TRUE) : "";
$param['phone'] = $this->input->post('phone', TRUE) ? $this->input->post('phone', TRUE) : "";
$param['status'] = $this->input->post('status', TRUE) ? $this->input->post('status', TRUE) : -1;
$param['minimum_wallet'] = $this->input->post('minimum_wallet', TRUE) ? $this->input->post('minimum_wallet', TRUE) : -1;
$param['order'] = $this->input->post('order', TRUE) ? $this->input->post('order', TRUE) : -1;
//end param
//paging
$get_data = $this->Model_reseller->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 10;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_reseller->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['id'][$temp] = $row->id;
$data['name'][$temp] = $row->name;
$data['store_name'][$temp] = $row->store_name;
$data['email'][$temp] = $row->email;
$data['phone'][$temp] = $row->phone;
$data['wallet'][$temp] = number_format($row->wallet);
$data['status'][$temp] = $row->status;
$data['cretime'][$temp] = date_format(date_create($row->cretime), 'd F Y H:i:s');
$data['modtime'][$temp] = $row->modtime == NULL ? NULL : date_format(date_create($row->modtime), 'd F Y H:i:s');
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['allowed_delete'] = check_menu("", 3);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Reseller";
}
echo json_encode($data);
}
public function get_data()
{
//param
$param['purchase_code'] = $this->input->post('purchase_code', TRUE) ? $this->input->post('purchase_code', TRUE) : "";
$param['customer_email'] = $this->input->post('customer_email', TRUE) ? $this->input->post('customer_email', TRUE) : "";
$param['start_date'] = $this->input->post('start_date', TRUE) ? $this->input->post('start_date', TRUE) : "";
$param['end_date'] = $this->input->post('end_date', TRUE) ? $this->input->post('end_date', TRUE) : "";
$param['status_payment'] = $this->input->post('status_payment', TRUE) ? $this->input->post('status_payment', TRUE) : -1;
$param['status'] = $this->input->post('status', TRUE) ? $this->input->post('status', TRUE) : 0;
$param['order'] = $this->input->post('order', TRUE) ? $this->input->post('order', TRUE) : -1;
//end param
//paging
$get_data = $this->Model_order->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 10;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_order->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['id'][$temp] = $row->order_id;
$data['purchase_code'][$temp] = $row->purchase_code;
$data['customer_email'][$temp] = $row->customer_email;
$data['payment_name'][$temp] = $row->payment_name;
$data['confirm_transfer_by'][$temp] = $row->confirm_transfer_by == NULL ? "" : $row->confirm_transfer_by;
$data['confirm_transfer_bank'][$temp] = $row->confirm_transfer_bank == NULL ? "" : $row->confirm_transfer_bank;
$data['confirm_transfer_amount'][$temp] = $row->confirm_transfer_amount == NULL ? "" : number_format($row->confirm_transfer_amount);
$data['status'][$temp] = $row->status;
$data['purchase_date'][$temp] = date_format(date_create($row->purchase_date), 'd F Y H:i:s');
$data['updated_by'][$temp] = $row->updated_by == NULL ? "" : $row->updated_by;
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Order";
}
echo json_encode($data);
}
public function get_data()
{
//param
$param['purchase_code'] = $this->input->post('purchase_code', TRUE) ? $this->input->post('purchase_code', TRUE) : "";
$param['customer_email'] = $this->input->post('customer_email', TRUE) ? $this->input->post('customer_email', TRUE) : "";
$param['status'] = $this->input->post('status', TRUE) ? $this->input->post('status', TRUE) : 0;
$param['order'] = $this->input->post('order', TRUE) ? $this->input->post('order', TRUE) : -1;
//end param
//paging
$get_data = $this->Model_customer_return->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 10;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_customer_return->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['id'][$temp] = $row->id;
$data['purchase_code'][$temp] = $row->purchase_code;
$data['products_name'][$temp] = $row->products_name;
$data['SKU'][$temp] = $row->SKU;
$data['qty'][$temp] = $row->qty;
$data['customer_email'][$temp] = $row->customer_email;
$data['status'][$temp] = $row->status;
$data['cretime'][$temp] = date_format(date_create($row->cretime), 'd F Y H:i:s');
$data['creby'][$temp] = $row->creby;
$data['modtime'][$temp] = $row->modtime == NULL ? NULL : date_format(date_create($row->modtime), 'd F Y H:i:s');
$data['modby'][$temp] = $row->modby;
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['allowed_delete'] = check_menu("", 3);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Customer Return";
}
echo json_encode($data);
}
public function get_data()
{
//param
$param['email'] = $this->input->post('email', TRUE) ? $this->input->post('email', TRUE) : "";
$param['type'] = $this->input->post('type', TRUE) ? $this->input->post('type', TRUE) : 0;
$param['credit_log_type'] = $this->input->post('credit_log_type', TRUE) ? $this->input->post('credit_log_type', TRUE) : 0;
$param['status'] = $this->input->post('status', TRUE) ? $this->input->post('status', TRUE) : 0;
$param['order'] = $this->input->post('order', TRUE) ? $this->input->post('order', TRUE) : -1;
//end param
//paging
$get_data = $this->Model_credit_log->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 20;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_credit_log->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['id'][$temp] = $row->id;
$data['email'][$temp] = $row->customer_email != NULL ? $row->customer_email : $row->email;
$data['credit_log_type'][$temp] = $row->id_customer == 1 ? 'Customer' : 'Reseller';
$data['amount'][$temp] = number_format($row->amount);
$data['type'][$temp] = $row->type;
$data['description'][$temp] = $row->description;
$data['payment_method'][$temp] = $row->payment_method;
$data['status'][$temp] = $row->status;
$data['cretime'][$temp] = date_format(date_create($row->cretime), 'd F Y H:i:s');
$data['modtime'][$temp] = $row->modtime == NULL ? NULL : date_format(date_create($row->modtime), 'd F Y H:i:s');
$data['modby'][$temp] = $row->modby;
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Credit_log";
}
echo json_encode($data);
}
public function get_data()
{
//param
$param['customer_email'] = $this->input->post('customer_email', TRUE) ? $this->input->post('customer_email', TRUE) : "";
$param['name'] = $this->input->post('name', TRUE) ? $this->input->post('name', TRUE) : "";
$param['customer_gender'] = $this->input->post('customer_gender', TRUE) ? $this->input->post('customer_gender', TRUE) : -1;
$param['customer_province'] = $this->input->post('customer_province', TRUE) ? $this->input->post('customer_province', TRUE) : "";
$param['customer_city'] = $this->input->post('customer_city', TRUE) ? $this->input->post('customer_city', TRUE) : "";
$param['customer_status'] = $this->input->post('customer_status', TRUE) ? $this->input->post('customer_status', TRUE) : 0;
$param['order'] = $this->input->post('order', TRUE) ? $this->input->post('order', TRUE) : -1;
//end param
//paging
$get_data = $this->Model_customer->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 10;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_customer->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['customer_id'][$temp] = $row->customer_id;
$data['customer_email'][$temp] = $row->customer_email;
$data['name'][$temp] = $row->customer_fname . " " . $row->customer_lname;
$data['customer_province'][$temp] = $row->customer_province;
$data['customer_city'][$temp] = $row->customer_city;
$data['customer_status'][$temp] = $row->customer_status;
$data['customer_registration_date'][$temp] = date_format(date_create($row->customer_registration_date), 'd F Y H:i:s');
$data['last_modified'][$temp] = $row->last_modified == NULL ? NULL : date_format(date_create($row->last_modified), 'd F Y H:i:s');
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Customer";
}
echo json_encode($data);
}
public function get_data()
{
//param
$param['products_name'] = $this->input->post('products_name', TRUE) ? $this->input->post('products_name', TRUE) : "";
$param['SKU'] = $this->input->post('SKU', TRUE) ? $this->input->post('SKU', TRUE) : "";
$param['reseller_email'] = $this->input->post('reseller_email', TRUE) ? $this->input->post('reseller_email', TRUE) : "";
$param['reseller_name'] = $this->input->post('reseller_name', TRUE) ? $this->input->post('reseller_name', TRUE) : "";
$param['order'] = $this->input->post('order', TRUE) ? $this->input->post('order', TRUE) : -1;
//end param
//paging
$get_data = $this->Model_order_item->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 10;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_order_item->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['id'][$temp] = $row->order_item_id;
$data['products_name'][$temp] = $row->products_name;
$data['SKU'][$temp] = $row->SKU;
$data['color_name'][$temp] = $row->color_name;
$data['reseller_email'][$temp] = $row->reseller_email;
$data['reseller_name'][$temp] = $row->reseller_name;
$data['quantity'][$temp] = $row->quantity;
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['allowed_delete'] = check_menu("", 3);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Data";
}
echo json_encode($data);
}
public function get_data()
{
//param
$param['id_category'] = $this->input->post('id_category', TRUE) ? $this->input->post('id_category', TRUE) : 0;
$param['name'] = $this->input->post('name', TRUE) ? $this->input->post('name', TRUE) : "";
$param['active'] = $this->input->post('active', TRUE) ? $this->input->post('active', TRUE) : 0;
$param['order'] = $this->input->post('order', TRUE) ? $this->input->post('order', TRUE) : -1;
//end param
//paging
$get_data = $this->Model_category_child->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 10;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_category_child->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['id'][$temp] = $row->id;
$data['name'][$temp] = $row->name;
$data['url'][$temp] = $row->url;
$data['active'][$temp] = $row->active;
$data['cretime'][$temp] = date_format(date_create($row->cretime), 'd F Y H:i:s');
$data['creby'][$temp] = $row->creby;
$data['modtime'][$temp] = $row->modtime == NULL ? NULL : date_format(date_create($row->modtime), 'd F Y H:i:s');
$data['modby'][$temp] = $row->modby;
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['allowed_delete'] = check_menu("", 3);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Categories";
}
echo json_encode($data);
}
function onAfterRoute()
{
//adding cACL Activate
$app =& JFactory::getApplication();
if (FALSE === strpos($this->_caclConfig->activate, $app->getName())) {
return;
}
global $mainframe;
if (!file_exists(JPATH_SITE . '/administrator/components/com_community_acl/community_acl.class.php')) {
return;
}
$back_end = false;
if ($app->getName() != 'site') {
$back_end = true;
}
/**
* This will return ajax calls from jomsocial popups.
*/
if ('community' == strtolower(JRequest::getVar('option')) && 'azrul_ajax' == strtolower(JRequest::getVar('task'))) {
return;
}
if ($back_end) {
$option = strtolower(JRequest::getVar('option', '', 'default', 'cmd'));
} else {
$option = strtolower(JRequest::getVar('option', 'com_content', 'default', 'cmd'));
}
$task = strtolower(JRequest::getCmd('task'));
$user =& JFactory::getUser();
if ($back_end && $option == 'com_cbcontact' && $task == '') {
$this->_syncCBContact();
}
if ($user->get('gid') == 25) {
return;
}
$db =& JFactory::getDBO();
require_once JPATH_SITE . '/administrator/components/com_community_acl/community_acl.class.php';
require_once JPATH_SITE . '/administrator/components/com_community_acl/community_acl.functions.php';
$config = new CACL_config($db);
$config->load();
if ($back_end) {
$redirect_url = $config->admin_redirect_url;
} else {
$redirect_url = $config->redirect_url;
}
//check to not go in redirect loop
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
if (!$back_end && $_SERVER['REQUEST_URI'] == '/' || $_SERVER['REQUEST_URI'] == '/index.php' || $_SERVER['REQUEST_URI'] == '/' . $redirect_url || substr_replace(JURI::root(), '', -1, 1) . $_SERVER['REQUEST_URI'] == $redirect_url) {
return;
}
if ($back_end && $_SERVER['REQUEST_URI'] == '/administrator/' || $_SERVER['REQUEST_URI'] == '/administrator/index.php' || $_SERVER['REQUEST_URI'] == $redirect_url || $_SERVER['REQUEST_URI'] == '/administrator/' . $redirect_url || substr_replace(JURI::root(), '', -1, 1) . $_SERVER['REQUEST_URI'] == $redirect_url) {
return;
}
}
$user_access = cacl_get_user_access($config);
$groups = $user_access['groups'];
$roles = $user_access['roles'];
$functions = $user_access['functions'];
$id = intval(JRequest::getInt('id'));
if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') {
$id = -1;
}
$cid = JRequest::getVar('cid', array(-1), '', 'array');
JArrayHelper::toInteger($cid, array(-1));
if ($id == -1 && isset($_REQUEST['cid'][0]) && $_REQUEST['cid'][0] != '') {
$id = $cid[0];
}
$view = strtolower(JRequest::getCmd('view'));
$layout = strtolower(JRequest::getCmd('layout'));
if ($back_end) {
$option = strtolower(JRequest::getVar('option', '', 'default', 'cmd'));
} else {
$option = strtolower(JRequest::getVar('option', 'com_content', 'default', 'cmd'));
}
$task = strtolower(JRequest::getCmd('task'));
$catid = -1;
$sectionid = -1;
if ($back_end && $option == 'com_content' || !$back_end && $option == 'com_content' && $view == 'article' && $id > 0) {
if ($id > 0) {
$cid[] = $id;
$query = "SELECT `catid`, `sectionid` FROM `#__content` WHERE `id` IN ('" . implode("','", $cid) . "')";
$db->setQuery($query);
$tmp = $db->loadAssoc();
$catid = $tmp['catid'];
$sectionid = $tmp['sectionid'];
}
} elseif ($back_end && $option == 'com_categories' || !$back_end && $option == 'com_content' && $view == 'category' && $id > 0) {
if ($id > 0) {
$cid[] = $id;
$query = "SELECT `section` FROM `#__categories` WHERE `id` IN ('" . implode("','", $cid) . "')";
$db->setQuery($query);
$sectionid = $db->loadResult();
$catid = $id;
}
} elseif (!$back_end && $option == 'com_content' && $view == 'section' && $id > 0) {
$sectionid = $id;
}
$catid_r = intval(JRequest::getInt('catid'));
if (!isset($_REQUEST['catid'])) {
$catid_r = -1;
}
$sectionid_r = intval(JRequest::getInt('sectionid'));
if (!isset($_REQUEST['sectionid'])) {
$sectionid_r = -1;
}
$lang =& JFactory::getLanguage();
$lang->load('plg_system_community_acl');
if (!$back_end && ($task == 'save' || $task == 'apply') && $option == 'com_content' && $id == '0') {
$this->_emailPublisher($sectionid_r, $catid_r, $config->default_action);
}
//no groups/roles/functions for user
if (!(count($groups) > 1 && count($roles) > 1)) {
return;
}
if ($back_end && $option == 'com_login' && ($task == 'login' || $task == 'logout')) {
return;
}
if ($option == 'com_sections' || $option == 'com_categories' || $option == 'com_content') {
$query = "SELECT * FROM `#__community_acl_access` WHERE `option` IN ('menu', 'com_sections', 'com_categories', 'com_content' ) AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND ( `group_id` IN ( '" . implode("','", $groups) . "') OR `role_id` IN ( '" . implode("','", $roles) . "') )";
} else {
$query = "SELECT * FROM `#__community_acl_access` WHERE `option` IN ( 'menu', '{$option}') AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND ( `group_id` IN ( '" . implode("','", $groups) . "') OR `role_id` IN ( '" . implode("','", $roles) . "') )";
}
$db->setQuery($query);
$access = $db->loadObjectList();
//What is a frole and fgroup???
$froles = array();
$fgroups = array();
if (is_array($access) && count($access) > 0) {
foreach ($access as $item) {
//forbidden components
//echo $item->name .', $option = '.$option. ' $item->role_id=' .$item->role_id; die();
/**
* Functions are not singling out articles
* Attempting to trigger the logic to run checking functions for articles.
* —BUR 8/2/2011
*/
if ('###' === $item->name && 'com_content' === $item->option && 'com_content' === $option && !empty($cid) && in_array($task, array('unarchive', 'archive', 'publish', 'unpublish', 'movesect', 'copy', 'remove', 'edit', 'add', 'apply', 'save', 'cancel'))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
/**
* end
*/
if ($item->name == '###' && $option == $item->option && ($option != 'com_content' && !($option == 'com_login' && $task == 'logout'))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($item->name == '###' && $item->option == 'menu') {
if (check_menu($item->value, $_REQUEST['Itemid'])) {
if ($config->default_action == 'allow') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
} elseif ($item->name != '###') {
//forbidden content, sections, categiries
if ($back_end) {
if ('com_content' === $item->option && $option == 'com_content' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_content' && ($item->option == 'com_sections' && $sectionid == $item->value || $item->option == 'com_categories' && $catid == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_sections' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_categories' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
/*
* This doesn't seem to do what it intended. -BUR 10/5/2010
if ($option == 'com_content' && $id == - 1) {
if ($item->role_id == '0')
$fgroups [] = $item->group_id;
else
$froles [] = $item->role_id;
}
if ($option == 'com_categories' && $id == - 1) {
if ($item->role_id == '0')
$fgroups [] = $item->group_id;
else
$froles [] = $item->role_id;
}
if ($option == 'com_sections' && $id == - 1) {
if ($item->role_id == '0')
$fgroups [] = $item->group_id;
else
$froles [] = $item->role_id;
}
if ($option == 'com_menus' && $id == - 1) {
if ($item->role_id == '0')
$fgroups [] = $item->group_id;
else
$froles [] = $item->role_id;
}*/
} else {
if ($option == 'com_content' && $view == 'section' && $item->option == 'com_sections' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'category' && $item->option == 'com_categories' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && $item->option == 'com_content' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'category' && $item->option == 'com_sections' && $sectionid == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && ($item->option == 'com_sections' && $sectionid == $item->value || $item->option == 'com_categories' && $catid == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'edit' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'new' && ($item->option == 'com_sections' && $sectionid_r == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'save' && ($item->option == 'com_sections' && $sectionid_r == $item->value) || $item->option == 'com_categories' && $catid_r == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && $layout == 'form' && $id == -1 && $config->default_action != 'allow') {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'frontpage' && $id == -1 && $config->default_action != 'allow') {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
}
}
}
}
$rows = $groups;
$rls = $roles;
if ($config->default_action == 'allow') {
if (is_array($rows) && count($rows) > 0) {
foreach ($rows as $i => $group) {
$ind = array_search($group, $groups);
if (in_array($group, $fgroups) && $ind !== false) {
unset($groups[$ind]);
unset($roles[$ind]);
unset($functions[$ind]);
}
$ind = array_search($rls[$i], $roles);
if (in_array($rls[$i], $froles) && $ind !== false) {
unset($groups[$ind]);
unset($roles[$ind]);
unset($functions[$ind]);
}
}
}
if (!(count($groups) > 1 && count($roles) > 1)) {
//Kobby corrected the redirect issue right here.
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
/* * /
if(!isset($_REQUEST['load']))
$mainframe->redirect( $redirect_url.'?load=once', JText::_( 'ALERTNOTAUTH' ));
/* */
}
} else {
// What is going on here? Seriously. —BUR 8/2/2011
if (is_array($rows) && count($rows) > 0) {
foreach ($rows as $i => $group) {
$ind = array_search($group, $groups);
if (!in_array($group, $fgroups) && $ind !== false) {
$groups[$ind] = -1;
if (!in_array($roles[$ind], $froles)) {
$roles[$ind] = -1;
$functions[$ind] = -1;
}
}
$ind = array_search($rls[$i], $roles);
if (!in_array($rls[$i], $froles) && $ind !== false) {
$roles[$ind] = -1;
if (!in_array($groups[$ind], $fgroups)) {
$groups[$ind] = -1;
$functions[$ind] = -1;
}
}
}
}
$groups = array_unique($groups);
$roles = array_unique($roles);
$functions = array_unique($functions);
$restricted = true;
if (count($groups) == 1 && count($roles) == 1) {
//triggered bug BUT fixed now
if (JRequest::getVar('option') != 'com_content' && !$back_end) {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$query = "SELECT * FROM `#__community_acl_function_access` WHERE `option` = '{$option}' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `name` <> 'option' ORDER BY `grouping`";
$db->setQuery($query);
$f_access = $db->loadObjectList();
$Itemid = JRequest::getInt('Itemid');
$task = JRequest::getVar('task', '');
$view = JRequest::getVar('view', '');
foreach ($f_access as $access) {
if ($access->value == $Itemid) {
$restricted = false;
} elseif ($access->value == $task) {
$restricted = false;
} elseif ($access->value == $view) {
$restricted = false;
}
}
if ($task == '' && $view == '') {
$restricted = true;
}
//Do not restrict JomComment Component
if ($option == 'jomcomment') {
$restricted = false;
}
if ($restricted) {
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
}
}
$query = "SELECT COUNT(*) FROM `#__community_acl_content_actions` WHERE `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$count = (int) $db->loadResult();
$content_all = 0;
if ($option == 'com_content') {
$query = "SELECT COUNT(*) FROM `#__community_acl_function_access` WHERE `option` = 'com_content' AND `name` = '#any_key#' AND `value` = '#any_value#' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "')";
$db->setQuery($query);
$content_all = (int) $db->loadResult();
$count = $count && !$content_all;
}
if ($count && ($task == '' || $task == 'save' || $task == 'apply' || $task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect' || $task == 'edit' || $task == 'publish' || $task == 'unpublish' || $task == 'copy' || $task == 'movesect' || $task == 'archive' || $task == 'unarchive')) {
$acl =& JFactory::getACL();
$publish_array = array('com_content', 'publish', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$publish_index = array_search($publish_array, $acl->acl);
$edit_array = array('com_content', 'edit', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$edit_index = array_search($edit_array, $acl->acl);
/* * /
echo '<div style="background-color:white">';
echo 'FILE: '.__FILE__.' LINE: '.__LINE__;
echo '<pre style="white-space:pre">',
var_dump($publish_array),
var_dump($publish_index),
var_dump($edit_array),
var_dump($edit_index),
var_dump($option),
var_dump(JRequest::getCMD('option')),
'</pre></div>';
exit;
/* */
if ($option == 'com_sections' && ($sectionid > -1 || $sectionid_r > -1)) {
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` = 'section' AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
$bingo = false;
$bingo_publish = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect') && $item->action == 'add' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $sectionid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
if ($bingo_publish) {
if ($config->default_action == 'allow') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
if ($bingo) {
if ($config->default_action == 'allow') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} elseif ($config->default_action == 'deny') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
if ($option == 'com_categories' && ($catid > -1 || $catid_r > -1)) {
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` IN ('section', 'category') AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
$bingo = false;
$bingo_publish = false;
//echo "$sectionid, $sectionid_r, $catid, $catid_r";die;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->item_type == 'section') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $sectionid == $item->item_id) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $sectionid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo_publish = true;
}
}
if ($item->item_type == 'category') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $catid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
}
if ($bingo_publish) {
if ($config->default_action == 'allow') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny') {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
if ($bingo) {
if ($config->default_action == 'allow') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} elseif ($config->default_action == 'deny') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
if ($option == 'com_content') {
/* * /
echo '<div style="background-color:white">';
echo 'FILE: '.__FILE__.' LINE: '.__LINE__;
echo '<pre style="white-space:pre">',
var_dump($option),
'</pre></div>';
exit;
/* */
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` IN ('section', 'category', 'content') AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
/* * /
echo '<div style="background-color:white">';
echo 'FILE: '.__FILE__.' LINE: '.__LINE__;
echo '<pre style="white-space:pre">',
var_dump($function_access),
var_dump($task),
'</pre></div>';
exit;
/* */
$bingo = false;
$bingo_edit = false;
$bingo_publish = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->item_type == 'section') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'new' || $task == 'add' || $view == 'article' && $layout == 'form') && $item->action == 'add') {
//only in deny mode
if ($config->default_action == 'deny') {
$bingo = true;
$bingo_edit = true;
}
}
if (($task == 'save' || $task == 'apply') && ($item->action == 'add' || $item->action == 'edit') && $sectionid_r == $item->item_id) {
# - Kobby enhancement - Exception Catch : User is denied access to edit or publish but can add
/*if($item_type != 'add'){
$bingo = false;
}else{
$bingo = true;
}*/
$bingo = true;
$bingo_edit = true;
$bingo_publish = true;
}
if ($task == '' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo_edit = true;
}
if ($task == 'edit' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo_edit = true;
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'edit' || $task == '') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo_publish = true;
}
} elseif ($item->item_type == 'category') {
if (($task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $catid == $item->item_id) {
$bingo = true;
}
if (($task == 'new' || $task == 'add' || $view == 'article' && $layout == 'form') && $item->action == 'add') {
//only in deny mode
if ($config->default_action == 'deny') {
$bingo = true;
$bingo_edit = true;
}
}
if (($task == 'save' || $task == 'apply') && ($item->action == 'add' || $item->action == 'edit') && $catid_r == $item->item_id) {
$bingo = true;
$bingo_edit = true;
$bingo_publish = true;
}
if ($task == '' && $item->action == 'edit' && $catid == $item->item_id) {
$bingo_edit = true;
}
if ($task == 'edit' && $item->action == 'edit' && $catid == $item->item_id) {
$bingo = true;
$bingo_edit = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $catid == $item->item_id) {
$bingo = true;
}
if (($task == 'edit' || $task == '') && $item->action == 'publish' && $catid == $item->item_id) {
$bingo_publish = true;
}
} elseif ($item->item_type == 'content') {
if (($task == 'edit' || $task == 'archive' || $task == 'unarchive') && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
}
/* * /
echo '<div style="background-color:white">';
echo 'FILE: '.__FILE__.' LINE: '.__LINE__;
echo '<pre style="white-space:pre">',
var_dump($bingo),
var_dump($bingo_edit),
var_dump($bingo_publish),
var_dump($publish_index),
var_dump($edit_index),
var_dump($config->default_action),
var_dump($acl->acl),
'</pre></div>';
//exit;
/* */
# - Kobby needs to fix this bug for the Edit/Pub
if ($bingo_edit && $publish_index === 0) {
if ($config->default_action == 'allow') {
unset($acl->acl[$edit_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny' && $publish_index === 0) {
unset($acl->acl[$edit_index]);
$acl->acl_count--;
//die('bingo_edit');
}
if ($bingo_publish) {
if ($config->default_action == 'allow' && $publish_index === 0) {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
}
} elseif ($config->default_action == 'deny' && $publish_index === 0) {
unset($acl->acl[$publish_index]);
$acl->acl_count--;
//die('bingo_publish');
}
if ($bingo) {
if ($config->default_action == 'allow') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} elseif ($config->default_action == 'deny' && ($task != '' || $view == 'article' && $layout == 'form')) {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
if ($task != 'save') {
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
}
} elseif ($config->default_action == 'deny') {
//This section modifies wether or not the edit article button is displayed on the front end. -BUR
//This is running on the back-end too —BUR 8/3/2011
if (!$content_all) {
$acl =& JFactory::getACL();
$publish_array = array('com_content', 'publish', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$publish_index = array_search($publish_array, $acl->acl);
$edit_array = array('com_content', 'edit', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$edit_index = array_search($edit_array, $acl->acl);
unset($acl->acl[$publish_index]);
$acl->acl_count--;
unset($acl->acl[$edit_index]);
$acl->acl_count--;
if ($task == 'save' || $task == 'apply' || $task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect' || $task == 'edit' || $task == 'publish' || $task == 'unpublish' || $task == 'copy' || $task == 'movesect' || $task == 'archive' || $task == 'unarchive' || $view == 'article' && $layout == 'form') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
//$mainframe->redirect( $redirect_url,JText::_( 'ALERTNOTAUTH' ));
}
}
}
$query = "SELECT * FROM `#__community_acl_function_access` WHERE `option` = '{$option}' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "') AND `name` <> 'option' ORDER BY `grouping`";
$db->setQuery($query);
$function_access = $db->loadObjectList();
// (isset($_REQUEST['searchword']) || isset($_REQUEST['action']) || isset($_REQUEST['view']) || isset($_REQUEST['task']) || isset($_REQUEST['id']) || isset($_REQUEST['cid']) || isset($_REQUEST['mode'])) &&
if (is_array($function_access) && count($function_access) > 0) {
$query = "SELECT `grouping` FROM `#__community_acl_function_access` WHERE `option` = '{$option}' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "') AND `name` <> 'option' GROUP BY `grouping` ORDER BY `grouping`";
$db->setQuery($query);
$groupings = $db->loadObjectList();
$allow_pass = false;
if (is_array($groupings) && count($groupings) > 0) {
foreach ($groupings as $g) {
$allow_pass = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->grouping != $g->grouping) {
continue;
}
//Kobby modification to fix the function issue
if ($_REQUEST['option'] == $item->option && !isset($_REQUEST[$item->name]) && $config->default_action == 'deny') {
$allow_pass = true;
}
//End
if ($item->name == '#any_key#') {
$allow_pass = false;
continue;
}
if (!isset($_REQUEST[$item->name]) && $config->default_action == 'allow') {
$allow_pass = true;
continue;
}
if (!isset($_REQUEST[$item->name]) && $config->default_action == 'deny') {
continue;
}
if ($item->name == 'id') {
if (((int) $_REQUEST[$item->name] != $item->value && $item->value && $item->extra != '1' || (int) $_REQUEST[$item->name] == $item->value && $item->extra == '1') && $item->value != '#any_value#') {
//echo 1;die;
$allow_pass = true;
continue;
}
} elseif (is_array($_REQUEST[$item->name])) {
if ((!in_array($item->value, $_REQUEST[$item->name]) && $item->value && $item->extra != '1' || in_array($item->value, $_REQUEST[$item->name]) && $item->extra == '1') && $item->value != '#any_value#') {
//echo 2;die;
$allow_pass = true;
continue;
}
} else {
if (($_REQUEST[$item->name] != $item->value && $item->value && $item->extra != '1' || $_REQUEST[$item->name] == $item->value && $item->extra == '1') && $item->value != '#any_value#') {
//echo 3;die;
$allow_pass = true;
continue;
}
}
}
}
if ($config->default_action == 'allow') {
if (!$allow_pass) {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
} else {
if (!$allow_pass) {
return;
}
}
}
}
} else {
// Backend user has nothing defined in group/role/function and site set to deny all... why is it still allowed? —BUR 8/3/2011
return;
}
if ($config->default_action == 'deny') {
$_SESSION['cacl_redirect_url'] = $_SERVER['REQUEST_URI'];
$mainframe->redirect($redirect_url, JText::_('ALERTNOTAUTH'));
}
}
<?php
/**
* Sidebar Plugins Template
*
* @package GetSimple
*/
?>
<ul class="snav">
<li id="sb_plugins" ><a href="plugins.php" <?php
check_menu('plugins');
?>
accesskey="<?php
echo find_accesskey(i18n_r('SHOW_PLUGINS'));
?>
" ><?php
i18n('SHOW_PLUGINS');
?>
</a></li>
<?php
exec_action("plugins-sidebar");
?>
<li id="sb_extend" ><a href="http://get-simple.info/extend/" target="_blank" accesskey="<?php
echo find_accesskey(i18n_r('GET_PLUGINS_LINK'));
?>
" ><?php
i18n('GET_PLUGINS_LINK');
?>
</a></li>
</ul>
?>
accesskey="<?php
echo find_accesskey(i18n_r('SIDE_SUPPORT_LOG'));
?>
" ><?php
i18n('SIDE_SUPPORT_LOG');
?>
</a></li>
<?php
if (get_filename_id() === 'log') {
?>
<li id="sb_log" ><a href="#" class="current" ><?php
i18n('SIDE_VIEW_LOG');
?>
</a></li><?php
}
?>
<li id="sb_healthcheck" ><a href="health-check.php" <?php
check_menu('health-check');
?>
accesskey="<?php
echo find_accesskey(i18n_r('SIDE_HEALTH_CHK'));
?>
" ><?php
i18n('SIDE_HEALTH_CHK');
?>
</a></li>
<?php
exec_action("support-sidebar");
?>
</ul>
public function get_data()
{
//param
$param['type'] = $this->input->post('type', TRUE) ? $this->input->post('type', TRUE) : 0;
//end param
//paging
$get_data = $this->Model_static_content->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 20;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_static_content->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['id'][$temp] = $row->id;
$data['name'][$temp] = $row->name;
$data['type'][$temp] = $row->type;
$data['type_name'][$temp] = $this->get_type_name($row->type);
$data['modtime'][$temp] = $row->modtime == NULL ? NULL : date_format(date_create($row->modtime), 'd F Y H:i:s');
$data['modby'][$temp] = $row->modby;
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['allowed_delete'] = check_menu("", 3);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Data";
}
echo json_encode($data);
}
?>
accesskey="<?php
echo find_accesskey(i18n_r('SIDE_PAGE_BAK'));
?>
" ><?php
i18n('SIDE_PAGE_BAK');
?>
</a></li>
<?php
if (get_filename_id() === 'backup-edit') {
?>
<li id="sb_viewbackup" ><a href="#" class="current"><?php
i18n('SIDE_VIEW_BAK');
?>
</a></li><?php
}
?>
<li id="sb_archives" ><a href="archive.php" <?php
check_menu('archive');
?>
accesskey="<?php
echo find_accesskey(i18n_r('SIDE_WEB_ARCHIVES'));
?>
" ><?php
i18n('SIDE_WEB_ARCHIVES');
?>
</a></li>
<?php
exec_action("backups-sidebar");
?>
</ul>
<option value="0">New</option>
<option value="1">Processed</option>
<option value="2">Finished</option>
<option value="3">Refused</option>
</select>
<select id="sel_order" name="sel_order" class="form-control input-sm" style="margin-right: 7px;width: 200px;">
<option value="-1">Order by Latest Data</option>
<option value="1">Order by Oldest Data</option>
<option value="2">Order by Customer Email A-Z</option>
<option value="3">Order by Customer Email Z-A</option>
<option value="4">Order by Purchase Code A-Z</option>
<option value="5">Order by Purchase Code A-Z</option>
</select>
<button id="btn_filter" type="submit" class="btn btn-default btn-sm">Filter</button>
<?php
if (check_menu("", 1)) {
?>
<div class="input-group-btn">
<a id="btn_add_data" href="#modal_data" data-toggle="modal" class="btn btn-info btn-sm pull-right">Add Customer Return</a>
</div>
<?php
}
?>
</div>
</div>
<table class="table table-hover">
<div id="div_hidden" style="display: none;"></div>
<tbody id="table_content">
</tbody>
</table>
?>
</a></li>
<?php
if (isset($_GET['id']) && $_GET['id'] != '' && get_filename_id() === 'edit') {
?>
<li id="sb_pageedit" ><a href="#" class="current"><?php
i18n('EDITPAGE_TITLE');
?>
</a></li><?php
}
?>
<li id="sb_menumanager" class="last_sb"><a href="menu-manager.php" accesskey="<?php
echo find_accesskey(i18n_r('MENU_MANAGER'));
?>
" <?php
check_menu('menu-manager');
?>
><?php
i18n('MENU_MANAGER');
?>
</a></li>
<?php
exec_action("pages-sidebar");
// @hook pages-sidebar sidebar list html output
?>
</ul>
<p id="js_submit_line" ></p>
<?php
if (get_filename_id() === 'edit') {
?>
><a href="components.php" <?php
check_menu('components');
?>
accesskey="<?php
echo find_accesskey(i18n_r('SIDE_COMPONENTS'));
?>
" ><?php
i18n('SIDE_COMPONENTS');
?>
</a></li>
<?php
if (!getDef('GSNOSITEMAP')) {
?>
<li id="sb_sitemap" class="last_sb"><a href="sitemap.php" <?php
check_menu('sitemap');
?>
accesskey="<?php
echo find_accesskey(i18n_r('SIDE_VIEW_SITEMAP'));
?>
" ><?php
i18n('SIDE_VIEW_SITEMAP');
?>
</a></li> <?php
}
?>
<?php
exec_action("theme-sidebar");
?>
</ul>
<?php
/**
* Sidebar Pages Template
*
* @package * @CORE
*/
?>
<ul class="snav">
<li id="sb_pages" ><a href="cpages.php" accesskey="<?php
echo find_accesskey(i18n_r('SIDE_VIEW_CONTENT'));
?>
" <?php
check_menu('cpages');
?>
><?php
i18n('SIDE_VIEW_CONTENT');
?>
</a></li>
<li id="sb_newpage" ><a href="cedit.php" accesskey="<?php
echo find_accesskey(i18n_r('SIDE_CREATE_NEW_CONTENT'));
?>
" <?php
if (!isset($_GET['id']) && get_filename_id() === 'cedit') {
echo 'class="current"';
}
?>
><?php
i18n('SIDE_CREATE_NEW_CONTENT');
?>
</a></li>
function check_menu($id, $subdir, $ebene = "")
{
global $db, $cfg, $sql, $ausgaben, $buffer;
$sql = "SELECT *\n FROM site_menu\n WHERE refid=" . $id;
$result = $db->query($sql);
$return = False;
while ($data = $db->fetch_array($result, 1)) {
$new_ebene = $ebene . $data["entry"];
$file = $cfg["migrate"]["path"] . $subdir . "/txt/" . $new_ebene . ".odt";
$return = check_menu($data["mid"], $subdir, $new_ebene . "_");
if (file_exists($file) || $return == True) {
$sql = "UPDATE site_menu\n SET hide='0'\n WHERE mid=" . $data["mid"];
$return = True;
$ausgaben["output"] .= " - SHOW " . $new_ebene . "<br>";
} else {
$sql = "UPDATE site_menu\n SET hide='-1'\n WHERE mid=" . $data["mid"];
$ausgaben["output"] .= " - HIDE " . $new_ebene . "<br>";
}
$res = $db->query($sql);
}
return $return;
}
if ($check_menu == 0) {
$get_discount = get_discount($member_id, $menu_id);
//echo $get_discount;
$tnt_discount = $get_discount / 100 * $get_menu_price['menu_price'];
$tnt_grand_price = $get_menu_price['menu_price'] - $tnt_discount;
$data = "'',\n\t\t\t\t\t'{$table_id}',\n\t\t\t\t\t'" . $_SESSION['user_id'] . "',\n\t\t\t\t\t'{$member_id}', \n\t\t\t\t\t'{$menu_id}',\n\t\t\t\t\t'" . $get_menu_price['menu_price'] . "',\n\t\t\t\t\t'{$tnt_discount}',\n\t\t\t\t\t'{$tnt_grand_price}',\n\t\t\t\t\t'1',\n\t\t\t\t\t'{$tnt_grand_price}'\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t";
create_config("transaction_new_tmp", $data);
}
header("Location: transaction_new.php?page=list&table_id={$table_id}&member_id={$member_id}");
break;
case 'add_menu_edit':
$member_id = get_isset($_GET['member_id']);
$menu_id = get_isset($_GET['menu_id']);
$table_id = get_isset($_GET['table_id']);
$get_menu_price = get_menu_price($menu_id);
$check_menu = check_menu($table_id, $menu_id);
if ($check_menu == 0) {
$get_discount = get_discount($member_id, $menu_id);
//echo $get_discount;
$tnt_discount = $get_discount / 100 * $get_menu_price['menu_price'];
$tnt_grand_price = $get_menu_price['menu_price'] - $tnt_discount;
$get_transaction_id = get_transaction_id($table_id);
$data = "'',\n\t\t\t\t\t'{$get_transaction_id}',\n\t\t\t\t\t'{$menu_id}', \n\t\t\t\t\t'" . $get_menu_price['menu_original_price'] . "',\n\t\t\t\t\t'" . $get_menu_price['menu_margin_price'] . "',\n\t\t\t\t\t'" . $get_menu_price['menu_price'] . "',\n\t\t\t\t\t'" . $tnt_discount . "',\n\t\t\t\t\t'{$tnt_grand_price}',\n\t\t\t\t\t'1',\n\t\t\t\t\t'{$tnt_grand_price}'\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t";
create_config("transaction_tmp_details", $data);
}
header("Location: transaction_new.php?page=list_edit&table_id={$table_id}");
break;
case 'save':
extract($_POST);
$i_date = get_isset($_GET['date']);
$i_date = format_back_date($i_date);
<?php
/**
* Sidebar Files Template
*/
$path = isset($_GET['path']) ? $_GET['path'] : "";
?>
<ul class="snav">
<li id="sb_upload" ><a href="upload.php" <?php
check_menu('upload');
?>
><?php
i18n('FILE_MANAGEMENT');
?>
</a></li>
<?php
if (isset($_GET['i']) && $_GET['i'] != '') {
?>
<li id="sb_image" ><a href="#" class="current"><?php
i18n('IMG_CONTROl_PANEL');
?>
</a></li><?php
}
?>
<?php
exec_action("files-sidebar");
?>
<?php
if (!defined('GSNOUPLOADIFY')) {
" ><?php
i18n('SIDE_CHOOSE_THEME');
?>
</a></li>
<li><a href="theme-edit.php" <?php
check_menu('theme-edit');
?>
accesskey="<?php
echo find_accesskey(i18n_r('SIDE_EDIT_THEME'));
?>
" ><?php
i18n('SIDE_EDIT_THEME');
?>
</a></li>
<li><a href="components.php" <?php
check_menu('components');
?>
accesskey="<?php
echo find_accesskey(i18n_r('SIDE_COMPONENTS'));
?>
" ><?php
i18n('SIDE_COMPONENTS');
?>
</a></li>
<li><a id="waittrigger" href="sitemap.php?s=<?php
echo $SESSIONHASH;
?>
" accesskey="<?php
echo find_accesskey(i18n_r('SIDE_GEN_SITEMAP'));
?>
" ><?php
<?php
}
?>
<?php
if (check_menu("Static_content", $type = 0)) {
?>
<li class="<?php
echo $page == "Static_content" ? "active" : "";
?>
"><a href="<?php
echo base_url();
?>
static_content/"><i class="fa fa-bookmark"></i> <span>Static Content</span></a></li>
<?php
}
?>
<?php
if (check_menu("Voucher", $type = 0)) {
?>
<li class="<?php
echo $page == "Voucher" ? "active" : "";
?>
"><a href="<?php
echo base_url();
?>
voucher/"><i class="fa fa-money"></i> <span>Voucher</span></a></li>
<?php
}
?>
</ul>
*/
?>
<ul class="snav">
<li id="sb_settings" ><a href="settings.php" accesskey="<?php
echo find_accesskey(i18n_r('SIDE_GEN_SETTINGS'));
?>
" <?php
check_menu('settings');
?>
><?php
i18n('SIDE_GEN_SETTINGS');
?>
</a></li>
<li id="sb_settingsprofile" class="last_sb"><a href="profile.php" accesskey="<?php
echo find_accesskey(i18n_r('SIDE_USER_PROFILE'));
?>
" <?php
check_menu('profile');
?>
><?php
i18n('SIDE_USER_PROFILE');
?>
</a></li>
<?php
exec_action("settings-sidebar");
// @hook settings-sidebar sidebar list html output
?>
</ul>
<p id="js_submit_line" ></p>
echo find_accesskey(i18n_r('SIDE_SUPPORT_LOG'));
?>
" ><?php
i18n('SIDE_SUPPORT_LOG');
?>
</a></li>
<li id="sb_healthcheck"><a href="health-check.php" <?php
check_menu('health-check');
?>
accesskey="<?php
echo find_accesskey(i18n_r('SIDE_HEALTH_CHK'));
?>
" ><?php
i18n('SIDE_HEALTH_CHK');
?>
</a></li>
<li id="sb_log" class="last_sb"><a href="log.php" <?php
check_menu('log');
?>
><?php
i18n('SIDE_VIEW_LOG');
?>
</a></li>
<?php
exec_action("support-sidebar");
// @hook support-sidebar sidebar list html output
?>
</ul>
<p id="js_submit_line" ></p>
<?php
/**
* Sidebar Settings Template
*
* @package GetSimple
*/
?>
<ul class="snav">
<li><a href="settings.php" accesskey="<?php
echo find_accesskey(i18n_r('SIDE_GEN_SETTINGS'));
?>
" <?php
check_menu('settings');
?>
><?php
i18n('SIDE_GEN_SETTINGS');
?>
</a></li>
<li><a href="settings.php#profile" accesskey="<?php
echo find_accesskey(i18n_r('SIDE_USER_PROFILE'));
?>
" ><?php
i18n('SIDE_USER_PROFILE');
?>
</a></li>
<?php
exec_action("settings-sidebar");
?>
</ul>
function check_place(&$request)
{
$option = isset($request['option']) ? $request['option'] : '';
$task = isset($request['task']) ? $request['task'] : '';
$view = isset($request['view']) ? $request['view'] : '';
$id = isset($request['id']) ? intval($request['id']) : 0;
$cid = isset($request['cid']) && is_array($request['cid']) ? JArrayHelper::toInteger($request['cid'], array(0)) : isset($request['cid']) ? array(intval($request['id'])) : array(0);
$catid_r = isset($request['catid']) ? intval($request['catid']) : -1;
intval(JRequest::getInt('catid'));
$sectionid_r = isset($request['sectionid']) ? intval($request['sectionid']) : -1;
$app =& JFactory::getApplication();
$db =& JFactory::getDBO();
$user =& JFactory::getUser();
require_once JPATH_SITE . '/administrator/components/com_community_acl/community_acl.class.php';
$config = new CACL_config($db);
$config->load();
if ($user->get('gid') == 25) {
return true;
}
$back_end = false;
if ($app->getName() != 'site') {
$back_end = true;
}
$groups = array(-1);
$roles = array(-1);
$functions = array(-1);
if ($user->get('id') > 0) {
$query = "SELECT * FROM #__community_acl_users WHERE user_id = '" . $user->get('id') . "' ";
$db->setQuery($query);
$grf = $db->loadObjectList();
if (is_array($grf) && count($grf) > 0) {
foreach ($grf as $row) {
$groups[] = $row->group_id;
$roles[] = $row->role_id;
$functions[] = $row->function_id;
}
}
if (!(count($groups) > 1 && count($roles) > 1)) {
if ($config->get(strtolower($user->get('usertype')) . '_group') > 0) {
$groups[] = $config->get(strtolower($user->get('usertype')) . '_group');
$roles[] = $config->get(strtolower($user->get('usertype')) . '_role');
$functions[] = $config->get(strtolower($user->get('usertype')) . '_function');
}
}
} else {
if ($config->public_group > 0 && $config->public_function >= 0) {
$groups[] = $config->public_group;
$roles[] = $config->public_role;
$functions[] = $config->public_function;
}
}
//no groups/roles/functions for user
if (!(count($groups) > 1 && count($roles) > 1)) {
return true;
}
$catid = -1;
$sectionid = -1;
if ($back_end && $option == 'com_content' || !$back_end && $option == 'com_content' && $view == 'article' && $id > 0) {
if ($id > 0) {
$cid[] = $id;
}
$query = "SELECT `catid`, `sectionid` FROM `#__content` WHERE `id` IN ('" . implode("','", $cid) . "')";
$db->setQuery($query);
$tmp = $db->loadAssoc();
$catid = $tmp['catid'];
$sectionid = $tmp['sectionid'];
} elseif ($back_end && $option == 'com_categories' || !$back_end && $option == 'com_content' && $view == 'category' && $id > 0) {
if ($id > 0) {
$cid[] = $id;
}
$query = "SELECT `section` FROM `#__categories` WHERE `id` IN ('" . implode("','", $cid) . "')";
$db->setQuery($query);
$sectionid = $db->loadResult();
}
$query = "SELECT `value` FROM `#__community_acl_config` WHERE `name` = 'default_action' ";
$db->setQuery($query);
$default_action = $db->loadResult();
if ($default_action == null) {
$default_action = 'deny';
}
$query = "SELECT a.*, b.link FROM `#__community_acl_access` AS a LEFT JOIN `#__menu` AS b ON a.value = b.id WHERE a.option IN ('menu') AND " . ($back_end ? ' a.isbackend = 1 ' : ' a.isfrontend = 1 ') . " AND ( a.group_id IN ( '" . implode("','", $groups) . "') OR a.role_id IN ( '" . implode("','", $roles) . "') )";
$db->setQuery($query);
$menus = $db->loadObjectList();
if ($back_end && $option == 'com_login' && ($task == 'login' || $task == 'logout')) {
return true;
}
if ($option == 'com_sections' || $option == 'com_categories' || $option == 'com_content') {
$query = "SELECT * FROM `#__community_acl_access` WHERE `option` IN ('menu', 'com_sections', 'com_categories', 'com_content' ) AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND ( `group_id` IN ( '" . implode("','", $groups) . "') OR `role_id` IN ( '" . implode("','", $roles) . "') )";
} else {
$query = "SELECT * FROM `#__community_acl_access` WHERE `option` IN ( 'menu', '{$option}') AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND ( `group_id` IN ( '" . implode("','", $groups) . "') OR `role_id` IN ( '" . implode("','", $roles) . "') )";
}
$db->setQuery($query);
$access = $db->loadObjectList();
$froles = array();
$fgroups = array();
if (is_array($access) && count($access) > 0) {
foreach ($access as $item) {
//forbidden components
if ($item->name == '###' && $option == $item->option && ($option != 'com_content' && !($option == 'com_login' && $task == 'logout'))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($item->name == '###' && $item->option == 'menu') {
if (check_menu($item->value, $request)) {
if ($default_action == 'allow') {
return false;
}
}
} elseif ($item->name != '###') {
//forbidden content, sections, categiries
if ($back_end) {
if ($option == 'com_content' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_content' && ($item->option == 'com_sections' && $sectionid == $item->value || $item->option == 'com_categories' && $catid == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_sections' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
} elseif ($option == 'com_categories' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $id == -1) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_categories' && $id == -1) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_sections' && $id == -1) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
} else {
if ($option == 'com_content' && $view == 'section' && $item->option == 'com_sections' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'category' && $item->option == 'com_categories' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && $item->option == 'com_content' && $id == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'category' && $item->option == 'com_sections' && $sectionid == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && ($item->option == 'com_sections' && $sectionid == $item->value || $item->option == 'com_categories' && $catid == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'edit' && ($id == $item->value || in_array($item->value, $cid))) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'new' && ($item->option == 'com_sections' && $sectionid_r == $item->value)) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $task == 'save' && ($item->option == 'com_sections' && $sectionid_r == $item->value) || $item->option == 'com_categories' && $catid_r == $item->value) {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'article' && $layout == 'form' && $id == -1 && $config->default_action != 'allow') {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
if ($option == 'com_content' && $view == 'frontpage' && $id == -1 && $config->default_action != 'allow') {
if ($item->role_id == '0') {
$fgroups[] = $item->group_id;
} else {
$froles[] = $item->role_id;
}
}
}
}
}
}
$rows = $groups;
$rls = $roles;
if ($config->default_action == 'allow') {
if (is_array($rows) && count($rows) > 0) {
foreach ($rows as $i => $group) {
$ind = array_search($group, $groups);
if (in_array($group, $fgroups) && $ind !== false) {
unset($groups[$ind]);
unset($roles[$ind]);
unset($functions[$ind]);
}
$ind = array_search($rls[$i], $roles);
if (in_array($rls[$i], $froles) && $ind !== false) {
unset($groups[$ind]);
unset($roles[$ind]);
unset($functions[$ind]);
}
}
}
if (!(count($groups) > 1 && count($roles) > 1)) {
return false;
}
} else {
if (is_array($rows) && count($rows) > 0) {
foreach ($rows as $i => $group) {
$ind = array_search($group, $groups);
if (!in_array($group, $fgroups) && $ind !== false) {
$groups[$ind] = -1;
if (!in_array($roles[$ind], $froles)) {
$roles[$ind] = -1;
$functions[$ind] = -1;
}
}
$ind = array_search($rls[$i], $roles);
if (!in_array($rls[$i], $froles) && $ind !== false) {
$roles[$ind] = -1;
if (!in_array($groups[$ind], $fgroups)) {
$groups[$ind] = -1;
$functions[$ind] = -1;
}
}
}
}
$groups = array_unique($groups);
$roles = array_unique($roles);
$functions = array_unique($functions);
if (count($groups) == 1 && count($roles) == 1) {
return false;
}
}
$query = "SELECT COUNT(*) FROM `#__community_acl_content_actions` WHERE `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$count = (int) $db->loadResult();
if ($option == 'com_content') {
$query = "SELECT COUNT(*) FROM `#__community_acl_function_access` WHERE `option` = 'com_content' AND `name` = '#any_key#' AND `value` = '#any_value#' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "')";
$db->setQuery($query);
$count = $count && !(int) $db->loadResult();
}
if ($count && ($task == '' || $task == 'save' || $task == 'apply' || $task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect' || $task == 'edit' || $task == 'publish' || $task == 'unpublish' || $task == 'copy' || $task == 'movesect' || $task == 'archive' || $task == 'unarchive')) {
$acl =& JFactory::getACL();
$publish_array = array('com_content', 'publish', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$publish_index = array_search($publish_array, $acl->acl);
$edit_array = array('com_content', 'edit', 'users', strtolower($user->get('usertype')), 'content', 'all', NULL);
$edit_index = array_search($edit_array, $acl->acl);
if ($option == 'com_sections' && ($sectionid > -1 || $sectionid_r > -1)) {
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` = 'section' AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
$bingo = false;
$bingo_publish = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect') && $item->action == 'add' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $sectionid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
if ($bingo_publish) {
if ($config->default_action == 'allow') {
//unset($acl->acl[$publish_index]);
//$acl->acl_count--;
}
} elseif ($config->default_action == 'deny') {
//unset($acl->acl[$publish_index]);
//$acl->acl_count--;
}
if ($bingo) {
if ($default_action == 'allow') {
return false;
}
} elseif ($default_action == 'deny') {
return false;
}
}
if ($option == 'com_categories' && ($catid > -1 || $catid_r > -1)) {
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` IN ('section', 'category') AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
$bingo = false;
$bingo_publish = false;
//echo "$sectionid, $sectionid_r, $catid, $catid_r";die;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->item_type == 'section') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $sectionid == $item->item_id) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $sectionid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo_publish = true;
}
}
if ($item->item_type == 'category') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'new' && $item->action == 'add' && $catid_r == $item->item_id) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
}
if ($bingo_publish) {
if ($config->default_action == 'allow') {
//unset($acl->acl[$publish_index]);
//$acl->acl_count--;
}
} elseif ($config->default_action == 'deny') {
//unset($acl->acl[$publish_index]);
//$acl->acl_count--;
}
if ($bingo) {
if ($default_action == 'allow') {
return false;
}
} elseif ($default_action == 'deny') {
return false;
}
}
if ($option == 'com_content') {
$query = "SELECT * FROM `#__community_acl_content_actions` WHERE `item_type` IN ('section', 'category', 'content') AND `func_id` IN ( '" . implode("','", $functions) . "') ";
$db->setQuery($query);
$function_access = $db->loadObjectList();
$bingo = false;
$bingo_edit = false;
$bingo_publish = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->item_type == 'section') {
if (($task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'new' || $task == 'add' || $view == 'article' && $layout == 'form') && $item->action == 'add') {
$bingo = true;
$bingo_edit = true;
}
if (($task == 'save' || $task == 'apply') && ($item->action == 'add' || $item->action == 'edit') && $sectionid_r == $item->item_id) {
$bingo = true;
$bingo_edit = true;
$bingo_publish = true;
}
if ($task == '' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo_edit = true;
}
if ($task == 'edit' && $item->action == 'edit' && $sectionid == $item->item_id) {
$bingo_edit = true;
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo = true;
}
if (($task == 'edit' || $task == '') && $item->action == 'publish' && $sectionid == $item->item_id) {
$bingo_publish = true;
}
} elseif ($item->item_type == 'category') {
if (($task == 'new' || $task == 'add' || $task == 'remove' || $task == 'copyselect' || $task == 'moveselect') && $item->action == 'add' && $catid == $item->item_id) {
$bingo = true;
}
if (($task == 'new' || $task == 'add' || $view == 'article' && $layout == 'form') && $item->action == 'add') {
$bingo = true;
$bingo_edit = true;
}
if (($task == 'save' || $task == 'apply') && ($item->action == 'add' || $item->action == 'edit') && $catid_r == $item->item_id) {
$bingo = true;
$bingo_edit = true;
$bingo_publish = true;
}
if ($task == '' && $item->action == 'edit' && $catid == $item->item_id) {
$bingo_edit = true;
}
if ($task == 'edit' && $item->action == 'edit' && $catid == $item->item_id) {
$bingo = true;
$bingo_edit = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && $catid == $item->item_id) {
$bingo = true;
}
if (($task == 'edit' || $task == '') && $item->action == 'publish' && $catid == $item->item_id) {
$bingo_publish = true;
}
} elseif ($item->item_type == 'content') {
if (($task == 'edit' || $task == 'archive' || $task == 'unarchive') && $item->action == 'edit' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if (($task == 'publish' || $task == 'unpublish') && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo = true;
}
if ($task == 'edit' && $item->action == 'publish' && ($id == $item->item_id || in_array($item->item_id, $cid))) {
$bingo_publish = true;
}
}
}
}
if ($bingo_edit) {
if ($config->default_action == 'allow') {
//unset($acl->acl[$edit_index]);
//$acl->acl_count--;
}
} elseif ($config->default_action == 'deny') {
//unset($acl->acl[$edit_index]);
//$acl->acl_count--;//die('bingo_edit');
}
if ($bingo_publish) {
if ($config->default_action == 'allow') {
//unset($acl->acl[$publish_index]);
//$acl->acl_count--;
}
} elseif ($config->default_action == 'deny') {
//unset($acl->acl[$publish_index]);
//$acl->acl_count--;//die('bingo_publish');
}
if ($bingo) {
if ($default_action == 'allow') {
return false;
}
} elseif ($default_action == 'deny' && ($task != '' || $view == 'article' && $layout == 'form')) {
return false;
}
}
}
$query = "SELECT * FROM `#__community_acl_function_access` WHERE `option` = '{$option}' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "') AND `name` <> 'option' ORDER BY `grouping`";
$db->setQuery($query);
$function_access = $db->loadObjectList();
// (isset($_REQUEST['searchword']) || isset($_REQUEST['action']) || isset($_REQUEST['view']) || isset($_REQUEST['task']) || isset($_REQUEST['id']) || isset($_REQUEST['cid']) || isset($_REQUEST['mode'])) &&
if (is_array($function_access) && count($function_access) > 0) {
$query = "SELECT `grouping` FROM `#__community_acl_function_access` WHERE `option` = '{$option}' AND " . ($back_end ? ' `isbackend` = 1 ' : ' `isfrontend` = 1 ') . " AND `func_id` IN ( '" . implode("','", $functions) . "') AND `name` <> 'option' GROUP BY `grouping` ORDER BY `grouping`";
$db->setQuery($query);
$groupings = $db->loadObjectList();
$allow_pass = false;
if (is_array($groupings) && count($groupings) > 0) {
foreach ($groupings as $g) {
$allow_pass = false;
if (is_array($function_access) && count($function_access) > 0) {
foreach ($function_access as $item) {
if ($item->grouping != $g->grouping) {
continue;
}
if ($item->name == '#any_key#') {
$allow_pass = false;
continue;
}
if (!isset($request[$item->name]) && $config->default_action == 'allow') {
$allow_pass = true;
continue;
}
if (!isset($request[$item->name]) && $config->default_action == 'deny') {
continue;
}
if ($item->name == 'id') {
if (((int) $request[$item->name] != $item->value && $item->value && $item->extra != '1' || (int) $request[$item->name] == $item->value && $item->extra == '1') && $item->value != '#any_value#') {
//echo 1;die;
$allow_pass = true;
continue;
}
} elseif (is_array($request[$item->name])) {
if ((!in_array($item->value, $request[$item->name]) && $item->value && $item->extra != '1' || in_array($item->value, $request[$item->name]) && $item->extra == '1') && $item->value != '#any_value#') {
//echo 2;die;
$allow_pass = true;
continue;
}
} else {
if (($request[$item->name] != $item->value && $item->value && $item->extra != '1' || $request[$item->name] == $item->value && $item->extra == '1') && $item->value != '#any_value#') {
//echo 3;die;
$allow_pass = true;
continue;
}
}
}
}
if (!$allow_pass) {
return $default_action == 'deny' ? true : false;
}
}
}
} else {
return true;
}
return $default_action == 'deny' ? false : true;
}
public function get_data()
{
//param
$param['id_products'] = $this->input->post('id_products', TRUE) ? $this->input->post('id_products', TRUE) : 0;
$param['order'] = $this->input->post('order', TRUE) ? $this->input->post('order', TRUE) : -1;
//end param
//paging
$get_data = $this->Model_products_variant->get_data($param);
$page = $this->input->post('page', TRUE) ? $this->input->post('page', TRUE) : 1;
$size = $this->input->post('size', TRUE) ? $this->input->post('size', TRUE) : 10;
$limit = ($page - 1) * $size;
//End Set totalpaging
if ($get_data->num_rows() > 0) {
$get_data_paging = $this->Model_products_variant->get_data($param, $limit, $size);
$temp = 0;
foreach ($get_data_paging->result() as $row) {
$data['result'] = "r1";
$data['id_products'][$temp] = $row->id_products;
$data['id_color'][$temp] = $row->id_color;
$data['color_name'][$temp] = $row->color_name;
$data['total_size'][$temp] = $row->total_size;
$data['total_quantity'][$temp] = $row->total_quantity;
$data['total_images'][$temp] = $row->total_images;
$temp++;
}
$data['allowed_edit'] = check_menu("", 2);
$data['allowed_delete'] = check_menu("", 3);
$data['total'] = $temp;
$data['size'] = $size;
$data['totalpage'] = ceil($get_data->num_rows() / $size);
} else {
$data['result'] = "r2";
$data['message'] = "No Variants";
}
echo json_encode($data);
}
<ul class="snav">
<li><a href="pages.php" accesskey="p" <?php
check_menu('pages');
?>
><?php
echo $i18n['SIDE_VIEW_PAGES'];
?>
</a></li>
<li><a href="edit.php" accesskey="c" <?php
if (@$_GET['id'] == "" && get_filename_id() === 'edit') {
echo 'class="current"';
}
?>
><?php
echo $i18n['SIDE_CREATE_NEW'];
?>
</a></li>
<?php
if (@$_GET['id'] != '' && get_filename_id() === 'edit') {
?>
<li><a href="#" class="current"><?php
echo $i18n['EDITPAGE_TITLE'];
?>
</a></li><?php
}
?>
<?php
exec_action("pages-sidebar");
?>
</ul>