function check($oSection)
{
$aPermissions = $this->_getAcceptedPermissions();
//no required permissions, we can show the section
if (empty($aPermissions)) {
return true;
}
$hasRequiredPermission = false;
for ($i = 0; $i < count($aPermissions); $i++) {
$hasRequiredPermission = OA_Permission::hasPermission($aPermissions[$i]);
if ($hasRequiredPermission) {
break;
}
}
return $hasRequiredPermission;
}
function OA_headerNavigation()
{
$oHeaderModel = buildAdvertiserHeaderModel($GLOBALS['clientid']);
if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
phpAds_PageHeader("advertiser-access", $oHeaderModel);
phpAds_ShowSections(array("4.1.2", "4.1.3", "4.1.5", "4.1.5.2"));
} else {
$sections = array();
if (OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) {
$sections[] = '2.2';
}
$sections[] = '2.3';
$sections[] = '2.3.2';
phpAds_PageHeader('advertiser-access', $oHeaderModel);
phpAds_ShowSections($sections);
}
}
/**
* The final "child" implementation of the parental abstract method.
*
* @see OA_Admin_Statistics_Common::start()
*/
function start()
{
// Get parameters
$advertiserId = $this->_getId('advertiser');
$placementId = $this->_getId('placement');
$adId = $this->_getId('ad');
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
$this->_checkAccess(array('advertiser' => $advertiserId, 'placement' => $placementId, 'ad' => $adId));
// Add standard page parameters
$this->aPageParams = array('clientid' => $advertiserId, 'campaignid' => $placementId, 'bannerid' => $adId);
// Load the period preset and stats breakdown parameters
$this->_loadPeriodPresetParam();
$this->_loadStatsBreakdownParam();
// Load $_GET parameters
$this->_loadParams();
// HTML Framework
if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
$this->pageId = '2.1.2.2.1';
$this->aPageSections = array('2.1.2.2.1', '2.1.2.2.2', '2.1.2.2.3');
} elseif (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
$this->pageId = '1.2.2.1';
$this->aPageSections[] = '1.2.2.1';
if (OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) {
$this->aPageSections[] = '1.2.2.2';
}
$this->aPageSections[] = '1.2.2.4';
}
// Add breadcrumbs
$this->_addBreadcrumbs('banner', $adId);
// Add context
$this->aPageContext = array('banners', $adId);
// Add shortcuts
if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
$this->_addShortcut($GLOBALS['strClientProperties'], 'advertiser-edit.php?clientid=' . $advertiserId, 'images/icon-advertiser.gif');
}
$this->_addShortcut($GLOBALS['strCampaignProperties'], 'campaign-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId, 'images/icon-campaign.gif');
$this->_addShortcut($GLOBALS['strBannerProperties'], 'banner-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-banner-stored.gif');
$this->_addShortcut($GLOBALS['strModifyBannerAcl'], 'banner-acl.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-acl.gif');
// Prepare the data for display by output() method
$aParams = array('ad_id' => $adId);
$this->prepare($aParams, 'stats.php');
}
OA_Permission::enforceAccessToObject('clients', $clientid);
/*-------------------------------------------------------*/
/* Store preferences */
/*-------------------------------------------------------*/
$session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'] = $clientid;
phpAds_SessionDataStore();
/*-------------------------------------------------------*/
/* HTML framework */
/*-------------------------------------------------------*/
$oHeaderModel = buildAdvertiserHeaderModel($clientid);
if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
phpAds_PageHeader('advertiser-access', $oHeaderModel);
phpAds_ShowSections(array("4.1.2", "4.1.3", "4.1.5", "4.1.5.1"));
} else {
$sections = array();
if (OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) {
$sections[] = '2.2';
}
$sections[] = '2.3';
$sections[] = '2.3.1';
phpAds_PageHeader('advertiser-access', $oHeaderModel);
phpAds_ShowSections($sections);
}
/*-------------------------------------------------------*/
/* Main code */
/*-------------------------------------------------------*/
require_once MAX_PATH . '/lib/OA/Admin/Template.php';
$oTpl = new OA_Admin_Template('advertiser-user-start.html');
OA_Admin_UI_UserAccess::assignUserStartTemplateVariables($oTpl);
$oTpl->assign('action', 'advertiser-user.php');
$oTpl->assign('entityIdName', 'clientid');
$title = $setPref[$prefSection]['name'];
// Display the settings page's header and sections
$oHeaderModel = new OA_Admin_UI_Model_PageHeaderModel($title);
phpAds_PageHeader('account-user-index', $oHeaderModel);
if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN)) {
// Show all "Preferences" sections
phpAds_ShowSections(array("5.1", "5.2", "5.3", "5.5", "5.6", "5.4"));
} else {
if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
// Show the "Account Preferences", "User Log" and "Channel Management" sections of the "Preferences" sections
phpAds_ShowSections(array("5.1", "5.2", "5.4", "5.7"));
} else {
if (OA_Permission::isAccount(OA_ACCOUNT_TRAFFICKER, OA_ACCOUNT_ADVERTISER)) {
// Show the "User Preferences" section of the "Preferences" sections
$sections = array("5.1", "5.2");
if (OA_Permission::hasPermission(OA_PERM_USER_LOG_ACCESS)) {
$sections[] = "5.4";
}
phpAds_ShowSections($sections);
}
}
}
// Get the current logged in user details
$oUser = OA_Permission::getCurrentUser();
$aUser = $oUser->aUser;
//$aLanguages = MAX_Admin_Languages::AvailableLanguages();
$aLanguages = new MAX_Admin_Languages();
// Prepare an array of HTML elements to display for the form, and
// output using the $oOption object
$aSettings = array(array('text' => $strUserDetails, 'items' => array(array('type' => 'plaintext', 'name' => 'username', 'value' => $aUser['username'], 'text' => $strUsername, 'size' => 35), array('type' => 'break'), array('type' => 'plaintext', 'name' => 'email_address', 'value' => $aUser['email_address'], 'text' => $strEmailAddress, 'size' => 35), array('type' => 'break'), array('type' => 'text', 'name' => 'contact_name', 'value' => $aUser['contact_name'], 'text' => $strFullName, 'size' => 35))), array('text' => $strLanguage, 'items' => array(array('type' => 'select', 'name' => 'language', 'text' => $strLanguage, 'items' => $aLanguages->AvailableLanguages(), 'value' => $GLOBALS['_MAX']['PREF']['language']))));
$oOptions->show($aSettings, $aErrormessage);
$banners[$key]['url_trimmed'] = substr_replace($banner['url'], ' ...', 40);
}
}
}
$oTpl->assign('clientId', $clientid);
$oTpl->assign('campaignId', $campaignid);
$oTpl->assign('aBanners', $banners);
$oTpl->assign('aCount', $aCount);
$oTpl->assign('hideinactive', $hideinactive);
$oTpl->assign('listorder', $listorder);
$oTpl->assign('orderdirection', $orderdirection);
$oTpl->assign('isManager', OA_Permission::isAccount(OA_ACCOUNT_MANAGER));
$oTpl->assign('canACL', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER));
$oTpl->assign('canEdit', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT));
$oTpl->assign('canActivate', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER) || OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE));
$oTpl->assign('canDeactivate', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER) || OA_Permission::hasPermission(OA_PERM_BANNER_DEACTIVATE));
$oTpl->assign('canDelete', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER));
/*-------------------------------------------------------*/
/* Store preferences */
/*-------------------------------------------------------*/
$session['prefs']['campaign-banners.php'][$campaignid]['hideinactive'] = $hideinactive;
$session['prefs']['campaign-banners.php'][$campaignid]['listorder'] = $listorder;
$session['prefs']['campaign-banners.php'][$campaignid]['orderdirection'] = $orderdirection;
$session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'] = $clientid;
$session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['campaignid'][$clientid] = $campaignid;
phpAds_SessionDataStore();
/*-------------------------------------------------------*/
/* HTML framework */
/*-------------------------------------------------------*/
$oTpl->display();
phpAds_PageFooter();
/**
* The final "child" implementation of the parental abstract method.
*
* @see OA_Admin_Statistics_Common::start()
*/
function start()
{
// Get the preferences
$aPref = $GLOBALS['_MAX']['PREF'];
// Get parameters
$advertiserId = $this->_getId('advertiser');
$placementId = $this->_getId('placement');
$adId = $this->_getId('ad');
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
$this->_checkAccess(array('advertiser' => $advertiserId, 'placement' => $placementId, 'ad' => $adId));
// Add standard page parameters
$this->aPageParams = array('clientid' => $advertiserId, 'campaignid' => $placementId, 'bannerid' => $adId);
// Load the period preset and stats breakdown parameters
$this->_loadPeriodPresetParam();
$this->_loadStatsBreakdownParam();
// Load $_GET parameters
$this->_loadParams();
// HTML Framework
if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
$this->pageId = '2.1.2.2.2';
$this->aPageSections = array('2.1.2.2.1', '2.1.2.2.2', '2.1.2.2.3');
} elseif (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
$this->pageId = '1.2.2.4';
$this->aPageSections[] = '1.2.2.1';
if (OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) {
$this->aPageSections[] = '1.2.2.2';
}
$this->aPageSections[] = '1.2.2.4';
}
// Add breadcrumbs
$this->_addBreadcrumbs('banner', $adId);
// Add context
$this->aPageContext = array('banners', $adId);
// Add shortcuts
if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
$this->_addShortcut($GLOBALS['strClientProperties'], 'advertiser-edit.php?clientid=' . $advertiserId, 'images/icon-advertiser.gif');
}
$this->_addShortcut($GLOBALS['strCampaignProperties'], 'campaign-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId, 'images/icon-campaign.gif');
$this->_addShortcut($GLOBALS['strBannerProperties'], 'banner-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-banner-stored.gif');
$this->_addShortcut($GLOBALS['strModifyBannerAcl'], 'banner-acl.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-acl.gif');
// Fix entity links
$this->entityLinks['p'] = 'stats.php?entity=banner&breakdown=affiliate-history';
$this->entityLinks['z'] = 'stats.php?entity=banner&breakdown=zone-history';
$this->hideInactive = MAX_getStoredValue('hideinactive', $aPref['ui_hide_inactive'] == true, null, true);
$this->showHideInactive = true;
$this->startLevel = MAX_getStoredValue('startlevel', 0, null, true);
// Init nodes
$this->aNodes = MAX_getStoredArray('nodes', array());
$expand = MAX_getValue('expand', '');
$collapse = MAX_getValue('collapse');
// Adjust which nodes are opened closed...
MAX_adjustNodes($this->aNodes, $expand, $collapse);
$aParams = array();
$aParams['ad_id'] = $adId;
switch ($this->startLevel) {
case 1:
$this->aEntitiesData = $this->getZones($aParams, $this->startLevel, $expand, true);
break;
default:
$this->startLevel = 0;
$this->aEntitiesData = $this->getPublishers($aParams, $this->startLevel, $expand);
break;
}
// Summarise the values into a the totals array, & format
$this->_summariseTotalsAndFormat($this->aEntitiesData);
$this->showHideLevels = array();
switch ($this->startLevel) {
case 1:
$this->showHideLevels = array(0 => array('text' => $GLOBALS['strShowParentAffiliates'], 'icon' => 'images/icon-affiliate.gif'));
$this->hiddenEntitiesText = "{$this->hiddenEntities} {$GLOBALS['strInactiveZonesHidden']}";
break;
case 0:
$this->showHideLevels = array(1 => array('text' => $GLOBALS['strHideParentAffiliates'], 'icon' => 'images/icon-affiliate-d.gif'));
$this->hiddenEntitiesText = "{$this->hiddenEntities} {$GLOBALS['strInactiveAffiliatesHidden']}";
break;
}
// Save prefs
$this->aPagePrefs['startlevel'] = $this->startLevel;
$this->aPagePrefs['nodes'] = implode(",", $this->aNodes);
$this->aPagePrefs['hideinactive'] = $this->hideInactive;
}
/**
* Checks if user has access to specific area (for example admin or agency area)
* Permissions are defined in www/admin/lib-permissions.inc.php file
*
* @access public
*
* @param integer $permissions
* @param string $table Table name
* @param integer $id Id (or empty if new is created)
* @param unknown $allowed check allowed
*
* @return boolean True if has access
*/
function checkPermissions($permissions, $table = '', $id = null, $allowed = null)
{
$isError = false;
if (isset($permissions) && !OA_Permission::isAccount($permissions)) {
if (!OA_Permission::attemptToSwitchToAccount($permissions)) {
$isError = true;
}
}
if (!empty($id) && !$this->checkIdExistence($table, $id)) {
return false;
}
if (isset($id) && !OA_Permission::hasAccessToObject($table, $id)) {
if (!OA_Permission::attemptToSwitchForAccess($table, $id)) {
$isError = true;
}
}
if (isset($allowed)) {
if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER) && !OA_Permission::hasPermission($allowed)) {
$isError = true;
}
}
if ($isError) {
$this->raiseError('Access forbidden');
return false;
} else {
return true;
}
}
require_once MAX_PATH . '/lib/OA/Admin/UI/UserAccess.php';
require_once MAX_PATH . '/lib/max/other/html.php';
OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER);
OA_Permission::enforceAccountPermission(OA_ACCOUNT_MANAGER, OA_PERM_SUPER_ACCOUNT);
OA_Permission::enforceAccessToObject('agency', $agencyid);
$userAccess = new OA_Admin_UI_UserAccess();
$userAccess->init();
function OA_HeaderNavigation()
{
global $agencyid;
if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN)) {
phpAds_PageHeader("agency-access");
$doAgency = OA_Dal::staticGetDO('agency', $agencyid);
MAX_displayInventoryBreadcrumbs(array(array("name" => $doAgency->name)), "agency");
} else {
phpAds_PageHeader("agency-user");
}
}
$userAccess->setNavigationHeaderCallback('OA_HeaderNavigation');
$accountId = OA_Permission::getAccountIdForEntity('agency', $agencyid);
$userAccess->setAccountId($accountId);
$userAccess->setPagePrefix('agency');
$aAllowedPermissions = array();
if (OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT, $accountId)) {
$aAllowedPermissions[OA_PERM_SUPER_ACCOUNT] = array($strAllowCreateAccounts, false);
}
$userAccess->setAllowedPermissions($aAllowedPermissions);
$userAccess->setHiddenFields(array('agencyid' => $agencyid));
$userAccess->setRedirectUrl('agency-access.php?agencyid=' . $agencyid);
$userAccess->setBackUrl('agency-user-start.php?agencyid=' . $agencyid);
$userAccess->process();
function addZonePageTools($affiliateid, $zoneid, $aOtherPublishers, $aEntities)
{
global $phpAds_TextDirection;
//duplicate
if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_ADD)) {
addPageLinkTool($GLOBALS["strDuplicate"], MAX::constructUrl(MAX_URL_ADMIN, "zone-modify.php?duplicate=true&affiliateid={$affiliateid}&zoneid={$zoneid}&returnurl=" . urlencode(basename($_SERVER['SCRIPT_NAME']))), "iconZoneDuplicate");
}
//move to
if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
$form = "<form action='" . MAX::constructUrl(MAX_URL_ADMIN, 'zone-modify.php') . "'>\n <input type='hidden' name='affiliateid' value='{$affiliateid}'>\n <input type='hidden' name='zoneid' value='{$zoneid}'>\n <input type='hidden' name='returnurl' value='" . htmlspecialchars(basename($_SERVER['SCRIPT_NAME'])) . "'>\n <select name='newaffiliateid'>";
$aOtherPublishers = _multiSort($aOtherPublishers, 'name', 'publisher_id');
foreach ($aOtherPublishers as $otherPublisherId => $aOtherPublisher) {
$otherPublisherName = MAX_buildName($aOtherPublisher['publisher_id'], $aOtherPublisher['name']);
if ($aOtherPublisher['publisher_id'] != $affiliateid) {
$form .= "<option value='" . $aOtherPublisher['publisher_id'] . "'>" . htmlspecialchars($otherPublisherName) . "</option>";
}
}
$form .= "</select><input type='image' class='submit' src='" . OX::assetPath() . "/images/" . $phpAds_TextDirection . "/go_blue.gif'></form>";
addPageFormTool($GLOBALS['strMoveTo'], 'iconZoneMove', $form);
}
//delete
if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_DELETE)) {
$deleteConfirm = phpAds_DelConfirm($GLOBALS['strConfirmDeleteZone']);
addPageLinkTool($GLOBALS["strDelete"], MAX::constructUrl(MAX_URL_ADMIN, "zone-delete.php?token=" . urlencode(phpAds_SessionGetToken()) . "&affiliateid={$affiliateid}&zoneid={$zoneid}&returnurl=affiliate-zones.php"), "iconDelete", null, $deleteConfirm);
}
//shortcut
addPageShortcut($GLOBALS['strBackToZones'], MAX::constructUrl(MAX_URL_ADMIN, "affiliate-zones.php?affiliateid={$affiliateid}"), "iconBack");
$entityString = _getEntityString($aEntities);
addPageShortcut($GLOBALS['strZoneHistory'], MAX::constructUrl(MAX_URL_ADMIN, "stats.php?entity=zone&breakdown=history&{$entityString}"), 'iconStatistics');
}
phpAds_PageHeader("affiliate-access");
MAX_displayWebsiteBreadcrumbs($affiliateid);
}
$userAccess->setNavigationHeaderCallback('OA_headerNavigation');
function OA_footerNavigation()
{
echo "\n <script language='JavaScript'>\n <!--\n ";
if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
echo "function MMM_cascadePermissionsChange()\n {\n var e = findObj('permissions_" . OA_PERM_ZONE_EDIT . "');\n var a = findObj('permissions_" . OA_PERM_ZONE_ADD . "');\n var d = findObj('permissions_" . OA_PERM_ZONE_DELETE . "');\n\n a.disabled = d.disabled = !e.checked;\n if (!e.checked) {\n a.checked = d.checked = false;\n }\n }\n MMM_cascadePermissionsChange();\n //-->";
}
echo "</script>";
}
$userAccess->setNavigationFooterCallback('OA_footerNavigation');
$accountId = OA_Permission::getAccountIdForEntity('affiliates', $affiliateid);
$userAccess->setAccountId($accountId);
$userAccess->setPagePrefix('affiliate');
$aAllowedPermissions = array();
if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT, $accountId)) {
$aAllowedPermissions[OA_PERM_SUPER_ACCOUNT] = array($strAllowCreateAccounts, false);
}
$aAllowedPermissions[OA_PERM_ZONE_EDIT] = array($strAllowAffiliateModifyZones, false, 'MMM_cascadePermissionsChange()');
$aAllowedPermissions[OA_PERM_ZONE_ADD] = array($strAllowAffiliateAddZone, true, false);
$aAllowedPermissions[OA_PERM_ZONE_DELETE] = array($strAllowAffiliateDeleteZone, true, false);
$aAllowedPermissions[OA_PERM_ZONE_LINK] = array($strAllowAffiliateLinkBanners, false, false);
$aAllowedPermissions[OA_PERM_ZONE_INVOCATION] = array($strAllowAffiliateGenerateCode, false, false);
$aAllowedPermissions[OA_PERM_USER_LOG_ACCESS] = array($strAllowAuditTrailAccess, false, false);
$userAccess->setAllowedPermissions($aAllowedPermissions);
$userAccess->setHiddenFields(array('affiliateid' => $affiliateid));
$userAccess->setRedirectUrl('affiliate-access.php?affiliateid=' . $affiliateid);
$userAccess->setBackUrl('affiliate-user-start.php?affiliateid=' . $affiliateid);
$userAccess->process();
/**
* Checks if user has access to specific area (for example admin or agency area)
* Permissions are defined in www/admin/lib-permissions.inc.php file
*
* @access public
*
* @param integer $permissions
* @param string $table Table name
* @param integer $id Id (or empty if new is created)
* @param unknown $allowed check allowed
* @param OA_Permission Does the current call require only a subset of the permissions?
* If set to null, equivalent to asking permission to do everything on the object
*
* @return boolean True if has access
*/
function checkPermissions($permissions, $table = '', $id = null, $allowed = null, $operationAccessType = OA_Permission::OPERATION_ALL)
{
$isError = false;
if (isset($permissions) && !OA_Permission::isAccount($permissions)) {
if (!OA_Permission::attemptToSwitchToAccount($permissions)) {
$isError = true;
}
}
// Should this check also be part of checkPermissions?
if (!empty($id) && !$this->checkIdExistence($table, $id)) {
return false;
}
if (isset($id) && !OA_Permission::hasAccessToObject($table, $id, $operationAccessType)) {
if (!OA_Permission::attemptToSwitchForAccess($table, $id)) {
$isError = true;
}
}
if (isset($allowed)) {
if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER) && !OA_Permission::hasPermission($allowed)) {
$isError = true;
}
}
if ($isError) {
$this->raiseError('Access forbidden');
return false;
} else {
// Set system timezone and return
OA_setTimeZoneLocal();
return true;
}
}
function _builPermissionFields()
{
$aPermissionsFields = array();
$c = 0;
foreach ($this->aAllowedPermissions as $permissionId => $aPermission) {
if (is_array($aPermission)) {
list($permissionName, $indent, $onClick) = $aPermission;
} else {
$permissionName = $aPermission;
$indent = false;
$onClick = false;
}
$aPermissionsFields[$c] = array('name' => 'permissions[]', 'label' => $permissionName, 'type' => 'checkbox', 'value' => $permissionId, 'checked' => OA_Permission::hasPermission($permissionId, $this->accountId, $this->userid), 'hidden' => $isTrafficker, 'break' => false, 'id' => 'permissions_' . $permissionId, 'indent' => $indent);
if ($onClick) {
$aPermissionsFields[$c]['onclick'] = $onClick;
}
$c++;
}
return $aPermissionsFields;
}
$aZoneAds = OA_Dal_Delivery_getZoneLinkedAds($row_zones['zoneid']);
if ($aZoneAds['count_active'] > 0 && $row_zones['delivery'] == phpAds_ZoneBanner && count($aZoneAds['lAds']) == 0) {
$aZones[$row_zones['zoneid']]['lowPriorityWarning'] = true;
}
$aZones[$row_zones['zoneid']]['active'] = $aZoneAds['count_active'] > 0;
}
$oTpl->assign('affiliateId', $affiliateid);
$oTpl->assign('aAdvertisers', $clients);
$oTpl->assign('aZones', $aZones);
$oTpl->assign('listorder', $listorder);
$oTpl->assign('orderdirection', $orderdirection);
$oTpl->assign('canAdd', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_ADD));
$oTpl->assign('canEdit', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_EDIT));
$oTpl->assign('canLink', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_LINK));
$oTpl->assign('canInvocation', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_INVOCATION));
$oTpl->assign('canDelete', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_DELETE));
/*-------------------------------------------------------*/
/* Store preferences */
/*-------------------------------------------------------*/
$session['prefs']['affiliate-zones.php']['listorder'] = $listorder;
$session['prefs']['affiliate-zones.php']['orderdirection'] = $orderdirection;
$session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['affiliateid'] = $affiliateid;
phpAds_SessionDataStore();
/*-------------------------------------------------------*/
/* HTML framework */
/*-------------------------------------------------------*/
$oTpl->display();
phpAds_PageFooter();
function buildHeaderModel($websiteId)
{
if ($websiteId) {
$oHeaderModel = MAX_displayWebsiteBreadcrumbs($affiliateid);
if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
// Get other affiliates
$doAffiliates = OA_Dal::factoryDO('affiliates');
$doAffiliates->addSessionListOrderBy('affiliate-zones.php');
$doAffiliates->agencyid = $agencyid;
$doAffiliates->find();
while ($doAffiliates->fetch() && ($row = $doAffiliates->toArray())) {
phpAds_PageContext(MAX_buildName($row['affiliateid'], $row['name']), "affiliate-invocation.php?affiliateid=" . $row['affiliateid'], $affiliateid == $row['affiliateid']);
}
addWebsitePageTools($affiliateid);
phpAds_PageHeader("4.2.5", $oHeaderModel);
} else {
$sections = array();
$sections[] = "2.1";
if (OA_Permission::hasPermission(OA_PERM_ZONE_INVOCATION)) {
$sections[] = "2.2";
}
phpAds_PageHeader('2.2', $oHeaderModel);
phpAds_ShowSections($sections);
}
/*-------------------------------------------------------*/
/* Main code */
/*-------------------------------------------------------*/
require_once MAX_PATH . '/lib/max/Admin/Invocation/Publisher.php';
$maxInvocation = new MAX_Admin_Invocation_Publisher();
$maxInvocation->placeInvocationForm();
/*-------------------------------------------------------*/
/* HTML framework */
/*-------------------------------------------------------*/
phpAds_PageFooter();
// There are no restrictions on users that are applied to the autocomplete
// list, as the admin account can see all accounts and therefore users in
// its realm
$oDbh =& OA_DB::singleton();
$query = $oDbh->quote('%' . $q . '%');
$doUsers = OA_Dal::factoryDO('users');
$doUsers->whereAdd('username LIKE ' . $query . ' OR email_address LIKE ' . $query);
$doUsers->limit($limit);
$doUsers->find();
while ($doUsers->fetch()) {
echo htmlspecialchars($doUsers->user_id) . '|' . htmlspecialchars($doUsers->email_address) . '|' . htmlspecialchars($doUsers->username) . "\n";
}
break;
case OA_ACCOUNT_MANAGER:
// Check that they have the super account permission
if (!OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT)) {
break;
}
// A manager account can only "see" those users that are already linked to the
// current account, and to the advertiser and trafficker accounts that are in the
// current account's realm -- display only these users -- but also exclude any
// user that is also linked to the admin account
$aAdminUserIds = array();
$aUserIds = array();
$oDbh =& OA_DB::singleton();
// Get the ID of all users linked to the admin account
$adminAccountId = OA_Dal_ApplicationVariables::get('admin_account_id');
$doAccount_user_assoc = OA_Dal::factoryDO('account_user_assoc');
$doAccount_user_assoc->account_id = $adminAccountId;
$doAccount_user_assoc->find();
while ($doAccount_user_assoc->fetch() > 0) {
$aCount['campaigns']++;
if ($hideinactive == true && ($campaign['status'] != OA_ENTITY_STATUS_RUNNING || $campaign['status'] == OA_ENTITY_STATUS_RUNNING && count($campaign['banners']) == 0 && count($campaign['banners']) < $campaign['count'])) {
$aCount['campaigns_hidden']++;
unset($aCampaigns[$key]);
}
}
}
$oTpl->assign('clientId', $clientid);
$oTpl->assign('aCampaigns', $aCampaigns);
$oTpl->assign('aCount', $aCount);
$oTpl->assign('hideinactive', $hideinactive);
$oTpl->assign('listorder', $listorder);
$oTpl->assign('orderdirection', $orderdirection);
$oTpl->assign('showconversions', $conf['logging']['trackerImpressions']);
$oTpl->assign('isAdvertiser', OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER));
$oTpl->assign('canEdit', OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT));
$oTpl->assign('isManager', OA_Permission::isAccount(OA_ACCOUNT_MANAGER));
/*-------------------------------------------------------*/
/* Store preferences */
/*-------------------------------------------------------*/
$session['prefs']['advertiser-campaigns.php'][$clientid]['hideinactive'] = $hideinactive;
$session['prefs']['advertiser-campaigns.php'][$clientid]['listorder'] = $listorder;
$session['prefs']['advertiser-campaigns.php'][$clientid]['orderdirection'] = $orderdirection;
$session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'] = $clientid;
phpAds_SessionDataStore();
/*-------------------------------------------------------*/
/* HTML framework */
/*-------------------------------------------------------*/
/** add view hooks **/
OX_Admin_UI_ViewHooks::registerPageView($oTpl, 'advertiser-campaigns', array('advertiserId' => $clientid));
$oTpl->display();
/**
* A method to show an error if the user doesn't have specific permissions to
* perform an action on his account. This method only performs a permission check
* if user is working as an accountType
*
* @static
* @param string $permission See OA_PERM_* constants
* @param int $accountId Defaults to the current active account
*/
function enforceAccountPermission($accountType, $permission)
{
if (OA_Permission::isAccount($accountType)) {
OA_Permission::enforceTrue(OA_Permission::hasPermission($permission));
}
return true;
}
