/** * Unlinks a local account from Twitter * * @access public * @return void **/ public function unlink_user($user_id = NULL) { // Grab reference to the userobject $_userobj =& get_userobject(); // -------------------------------------------------------------------------- if (NULL === $user_id) { $_uid = active_user('id'); } else { if (is_callable(array($_userobj, 'get_by_id'))) { $_u = get_userobject()->get_by_id($user_id); if (!empty($_u->id)) { $_uid = $_u->id; } else { return FALSE; } } else { return FALSE; } } // -------------------------------------------------------------------------- // Update our user if (is_callable(array($_userobj, 'update'))) { $_data = array(); $_data['tw_id'] = NULL; $_data['tw_token'] = NULl; $_data['tw_secret'] = NULl; return $_userobj->update($_uid, $_data); } else { return TRUE; } }
/** * Construct the model * * @access public * @return void **/ public function __construct() { parent::__construct(); // -------------------------------------------------------------------------- // Ensure models all have access to the global user_model if (function_exists('get_userobject')) { $this->user_model = get_userobject(); $this->user = get_userobject(); } // -------------------------------------------------------------------------- // Set the cache method // TODO: check for availability of things like memcached // TODO: apply same logic to CDN library $this->_cache_values = array(); $this->_cache_keys = array(); $this->_cache_method = 'LOCAL'; // -------------------------------------------------------------------------- // Define defaults $this->_errors = $this->clear_errors(); $this->_destructive_delete = TRUE; $this->_table_id_column = 'id'; $this->_table_slug_column = 'slug'; $this->_table_label_column = 'label'; $this->_table_auto_set_timestamps = TRUE; $this->_deleted_flag = 'is_deleted'; $this->_per_page = 50; }
function user_has_permission($permission, $user = NULL) { $_usr_obj = get_userobject(); if ($_usr_obj) { return $_usr_obj->has_permission($permission, $user); } else { return FALSE; } }
function show_401($message = '<strong>Sorry,</strong> you need to be logged in to see that page.') { $_usr = get_userobject(); // Logged in users can't be redirected to log in, they // simply get an unauthorised page if ($_usr->is_logged_in()) { show_error('The page you are trying to view is restricted. Sadly you don\'t have enough permissions to see it\'s content.', 401, 'Sorry, you are not authorised to view this page'); } $_ci =& get_instance(); $_ci->session->set_flashdata('message', $message); if ($_ci->input->server('REQUEST_URI')) { $_return = $_ci->input->server('REQUEST_URI'); } elseif (uri_string()) { $_return = uri_string(); } else { $_return = ''; } $_return = $_return ? '?return_to=' . urlencode($_return) : ''; redirect('auth/login' . $_return); }
// can make sure there'll be some output before we render the box header (i.e // if a user only has access to an unlisted method they won't have an options // here - e.g edit member - themselves - but not view members). $_options = array(); foreach ($config->funcs as $method => $label) { $_temp = new stdClass(); $_temp->is_active = FALSE; $_temp->label = $label; $_temp->method = $method; $_temp->url = 'admin/' . $module . '/' . $method; $_temp->notification = new stdClass(); $_temp->notification->type = ''; $_temp->notification->title = ''; $_temp->notification->value = ''; // Is the method enabled? if (get_userobject()->is_superuser() || isset($_acl['admin'][$module][$method])) { // Method enabled? $_temp->is_active = $this->uri->rsegment(1) == $module && $this->uri->rsegment(2) == $method ? 'current' : ''; // Notifications for this method? if (!empty($_notifications[$method])) { $_temp->notification->type = isset($_notifications[$method]['type']) ? $_notifications[$method]['type'] : 'neutral'; $_temp->notification->title = isset($_notifications[$method]['title']) ? $_notifications[$method]['title'] : ''; $_temp->notification->value = isset($_notifications[$method]['value']) ? $_notifications[$method]['value'] : ''; $_temp->notification->options = isset($_notifications[$method]['options']) ? $_notifications[$method]['options'] : ''; } // -------------------------------------------------------------------------- // Add to main $_options array $_options[] = $_temp; } } // --------------------------------------------------------------------------
/** * Create an event object * * @access public * @param string $type The type of event to create * @param int $created_by The event creator (NULL == system) * @param int/array $interested_party The ID of an interested aprty (array for multiple interested parties) * @param mixed $data Any data to store alongside the event object * @param int $ref A numeric reference to store alongside the event (e.g the id of the object the event relates to) * @param string $recorded A strtotime() friendly string of the date to use instead of NOW() for the created date * @return int or boolean **/ public function create($type, $created_by = NULL, $level = 0, $interested_parties = NULL, $data = NULL, $ref = NULL, $recorded = NULL) { // Admins logged in as people shouldn't be creating events, GHOST MODE, woooooooo // Ghost mode runs on production only, all other environments generate events (for testing) if (ENVIRONMENT == 'production' && get_userobject()->was_admin()) { return TRUE; } // -------------------------------------------------------------------------- if (empty($type)) { $this->_add_error('Event type not defined.'); return FALSE; } // -------------------------------------------------------------------------- if (!is_string($type)) { $this->_add_error('Event type must be a string.'); return FALSE; } // -------------------------------------------------------------------------- // Get the event type if (!isset($this->_event_type[$type])) { $this->db->select('id'); $this->db->where('slug', $type); $this->_event_type[$type] = $this->db->get(NAILS_DB_PREFIX . 'event_type')->row(); if (!$this->_event_type[$type]) { show_error('Unrecognised event type.'); } } // -------------------------------------------------------------------------- // Prep created by $created_by = (int) $created_by; if (!$created_by) { $created_by = active_user('id') ? (int) active_user('id') : NULL; } // -------------------------------------------------------------------------- // Prep data $_data = array(); $_data['type_id'] = (int) $this->_event_type[$type]->id; $_data['created_by'] = $created_by; $_data['url'] = uri_string(); $_data['data'] = $data ? serialize($data) : NULL; $_data['ref'] = (int) $ref; $_data['ref'] = $_data['ref'] ? $_data['ref'] : NULL; $_data['level'] = $level; // -------------------------------------------------------------------------- $this->db->set($_data); if ($recorded) { $_data['created'] = date('Y-m-d H:i:s', strtotime($recorded)); } else { $this->db->set('created', 'NOW()', FALSE); } // -------------------------------------------------------------------------- // Create the event $this->db->insert(NAILS_DB_PREFIX . 'event'); // -------------------------------------------------------------------------- if (!$this->db->affected_rows()) { $this->_add_error('Event could not be created'); return FALSE; } else { $_event_id = $this->db->insert_id(); } // -------------------------------------------------------------------------- /** * Add the interested parties. * The creator (if one is defined) will also be added as an interested party * however it will be immediately marked as read (so as not to generate a * notification badge for them. * **/ // Prep the $_data array $_data = array(); if ($created_by) { $_data[] = array('event_id' => $_event_id, 'user_id' => $created_by, 'is_read' => TRUE); } // -------------------------------------------------------------------------- // Add the other interested parties (if any) if ($interested_parties !== NULL) { if (is_numeric($interested_parties)) { $interested_parties = array($interested_parties); } // -------------------------------------------------------------------------- foreach ($interested_parties as $ip) { // Don't add the creator as an interested party if ($ip == $created_by) { continue; } // -------------------------------------------------------------------------- $_data[] = array('event_id' => $_event_id, 'user_id' => $ip, 'is_read' => FALSE); } } // -------------------------------------------------------------------------- if ($_data) { // Attempt to add interested parties $this->db->insert_batch(NAILS_DB_PREFIX . 'event_interested_party', $_data); if ($this->db->affected_rows()) { // All good! Return the new event ID return $_event_id; } else { $this->_add_error('Interested parties failed to add, event not created'); // Roll back the event $this->db->where('id', $_event_id); $this->db->delete(NAILS_DB_PREFIX . 'event'); return FALSE; } } else { // No interested parties, so simply return the event ID return $_event_id; } // -------------------------------------------------------------------------- // Return result return TRUE; }
/** * Unlinks a local account from Facebook * * @access public * @param int $user_id The ID of the user to unlink * @return void **/ public function unlink_user($user_id = NULL) { // Grab reference to the userobject $_userobj =& get_userobject(); // -------------------------------------------------------------------------- if (NULL === $user_id) { $_uid = active_user('id'); $_fb_id = active_user('fb_id'); } else { if (is_callable(array($_userobj, 'get_by_id'))) { $_u = get_userobject()->get_by_id($user_id); if (!empty($_u->fb_id)) { $_uid = $_u->id; $_fb_id = $_u->fb_id; } else { return FALSE; } } else { return FALSE; } } // -------------------------------------------------------------------------- // Attempt to revoke permissions on Facebook $this->_facebook->api('/' . $_fb_id . '/permissions', 'DELETE'); // -------------------------------------------------------------------------- $this->_facebook->destroySession(); // -------------------------------------------------------------------------- // Update our user if (is_callable(array($_userobj, 'update'))) { $_data = array(); $_data['fb_id'] = NULL; $_data['fb_token'] = NULl; return $_userobj->update($_uid, $_data); } else { return TRUE; } }
/** * Creates a new bucket * * @access public * @param string * @return boolean **/ public function bucket_create($bucket) { $_dir = DEPLOY_CDN_PATH . $bucket; if (is_dir($_dir) && is_writeable($_dir)) { return TRUE; } // -------------------------------------------------------------------------- if (@mkdir($_dir)) { return TRUE; } else { if (get_userobject()->is_superuser()) { $this->cdn->set_error(lang('cdn_error_bucket_mkdir_su', $_dir)); } else { $this->cdn->set_error(lang('cdn_error_bucket_mkdir')); } return FALSE; } }
/** * Determines whether the active_user() can access the specified module * * @access static * @param $module A reference to the module definition * @param $file The file we're checking * @return mixed * **/ static function _can_access(&$module, $file) { $_acl = active_user('acl'); $_module = basename($file, '.php'); // -------------------------------------------------------------------------- // Super users can see what they like if (get_userobject()->is_superuser()) { return $module; } // -------------------------------------------------------------------------- // Everyone else needs to have the correct ACL if (isset($_acl['admin'][$_module])) { return $module; } else { return NULL; } }
/** * Send an email * * @access public * @param object $input The input object * @param bool $graceful Whether to gracefully fail or not * @return void **/ public function send($input, $graceful = FALSE) { // We got something to work with? if (empty($input)) { $this->_set_error('EMAILER: No input'); return FALSE; } // -------------------------------------------------------------------------- // Ensure $input is an object if (!is_object($input)) { $input = (object) $input; } // -------------------------------------------------------------------------- // Check we have at least a user_id/email and an email type if (empty($input->to_id) && empty($input->to_email) || empty($input->type)) { $this->_set_error('EMAILER: Missing user ID, user email or email type'); return FALSE; } // -------------------------------------------------------------------------- // If no email has been given make sure it's NULL if (empty($input->to_email)) { $input->to_email = NULL; } // -------------------------------------------------------------------------- // If no id has been given make sure it's NULL if (empty($input->to_id)) { $input->to_id = NULL; } // -------------------------------------------------------------------------- // If no internal_ref has been given make sure it's NULL if (empty($input->internal_ref)) { $input->internal_ref = NULL; } // -------------------------------------------------------------------------- // Make sure that at least empty data is available if (empty($input->data)) { $input->data = array(); } // -------------------------------------------------------------------------- // Lookup the email type (caching it as we go) if (empty($this->email_type[$input->type])) { $this->db->where('et.slug', $input->type); $this->email_type[$input->type] = $this->db->get(NAILS_DB_PREFIX . 'email_type et')->row(); if (!$this->email_type[$input->type]) { if (!$graceful) { show_error('EMAILER: Invalid Email Type "' . $input->type . '"'); } else { $this->_set_error('EMAILER: Invalid Email Type "' . $input->type . '"'); } return FALSE; } } // -------------------------------------------------------------------------- // If we're sending to an email address, try and associate it to a registered user if ($input->to_email) { $_user = get_userobject()->get_by_email($input->to_email); if ($_user) { $input->to_id = $_user->id; } } else { // Sending to an ID, fetch the user's email $_user = get_userobject()->get_by_id($input->to_id); if (!empty($_user->email)) { $input->to_email = $_user->email; } } // -------------------------------------------------------------------------- // Check to see if the user has opted out of receiving these emails if ($input->to_id) { if ($this->user_has_unsubscribed($input->to_id, $this->email_type[$input->type]->id)) { // User doesn't want to receive these notifications; abort. return TRUE; } } // -------------------------------------------------------------------------- // Generate a unique reference - ref is sent in each email and can allow the // system to generate 'view online' links $input->ref = $this->_generate_reference(); // -------------------------------------------------------------------------- // Double check we have an email address (a user may exist but not have an // email address set) if (empty($input->to_email)) { if (!$graceful) { show_error('EMAILER: No email address to send to.'); } else { $this->_set_error('EMAILER: No email address to send to.'); FALSE; } } // -------------------------------------------------------------------------- // Add to the archive table $this->db->set('ref', $input->ref); $this->db->set('user_id', $input->to_id); $this->db->set('user_email', $input->to_email); $this->db->set('type_id', $this->email_type[$input->type]->id); $this->db->set('email_vars', serialize($input->data)); $this->db->set('internal_ref', $input->internal_ref); $this->db->insert(NAILS_DB_PREFIX . 'email_archive'); if ($this->db->affected_rows()) { $input->id = $this->db->insert_id(); } else { if (!$graceful) { show_error('EMAILER: Insert Failed.'); } else { $this->_set_error('EMAILER: Insert Failed.'); FALSE; } } if ($this->_send($input->id, $graceful)) { return $input->ref; } else { return FALSE; } }