<?php
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL('news', 'delete')) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
$id = fRequest::encode('id', 'string');
if (strstr($id, ",")) {
fORMDatabase::retrieve()->query("DELETE FROM economic_units WHERE economic_unit_id IN ({$id})");
} else {
$author = new EconomicUnit($id);
$author->delete();
}
fORMDatabase::retrieve()->query("DELETE FROM economic_units_has_economic_unit_categories WHERE economic_units_economic_unit_id IN ({$id})");
<?php
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL('banner', 'add')) {
if (empty($idUser)) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
}
//echo fRequest::encode('id_zone','integer');
//echo fRequest::encode('id_section','integer');
/*
* Add Article
*/
$banner = new Banner();
$banner->setId_zone(fRequest::encode('id_zone', 'integer'));
$banner->setLink(fRequest::encode('link', 'string'));
$banner->setOrder(fRequest::encode('order', 'integer'));
$banner->setId_section(fRequest::encode('id_section', 'integer'));
/* Limited By User Permissions */
$banner->setStatus(fRequest::get('id_state', 'integer'));
try {
$banner->store();
} catch (Exception $e) {
exit("Ha ocurrido un error.");
}
$lastId = $banner->prepareIdBanner();
/*
* Add Region
* Limited By User Permissions
<?php
$typeOfUser = fAuthorization::checkAuthLevel('super');
$where = " WHERE ";
$canEdit = fAuthorization::checkACL('banner', 'edit');
$canDelete = fAuthorization::checkACL('banner', 'delete');
$section = 'banners';
$section_id = 1;
$sub = 'list';
$query = fRequest::encode('query', 'string');
?>
<?php
$limit = fRequest::encode('limit', 'integer');
$page = fRequest::encode('p', 'integer');
if ($page < 1) {
exit;
}
$start = ($page - 1) * $limit;
//echo $start; echo $page;
$banners = fRecordSet::buildFromSQL('Banner', "SELECT * FROM banner {$where} (link LIKE '%{$query}%' OR id_section IN (SELECT id_section FROM section WHERE name LIKE '%{$query}%')) LIMIT {$start},{$limit}", "SELECT count(*) FROM banner {$where} (link LIKE '%{$query}%' OR id_section IN (SELECT id_section FROM section WHERE name LIKE '%{$query}%'))", $limit, $page);
$p = new Pagination($banners->getPages(), $banners->getPage(), 3);
$pagination = $p->getPaginationLinks();
?>
<center>
<table class="contenttoc" style="width:auto; float:left">
<tr>
<th> <input type="checkbox" name="check" id="check" /> </th>
<th> Imagen </th>
<th> Link </th>
<th> Seccióln </th>
<?php
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL('geolocation', 'edit')) {
exit("No se ha podido acceder a esta secci&oacite;n");
}
$id = fRequest::encode('id', 'integer');
if (empty($id)) {
exit("Ha ocurrido un error");
}
if (!fAuthorization::checkAuthLevel('super')) {
$isOwner = fRecordSet::build('EconomicUnit', array('economic_unit_id =' => $id, 'economic_unit_region=' => fSession::get('regs')));
$count = $isxOwner->count() > 0;
if (!$count) {
header('Location: ' . SITE);
}
}
try {
$av = new EconomicUnit($id);
} catch (Exception $e) {
header("Location: " . SITE);
}
$av->setEconomicUnitName(fRequest::encode('title', 'string'));
//$av->setCreatedAt(date('Y-m-d H:m:s'));
$av->setEconomicUnitStreetType(fRequest::encode('type', 'string'));
$av->setEconomicUnitLatitude(fRequest::encode('latitude', 'string'));
$av->setEconomicUnitLongitude(fRequest::encode('longitude', 'string'));
$av->setEconomicUnitDescription(fRequest::encode('description', 'string'));
$av->setEconomicUnitStreetName(fRequest::encode('street', 'string'));
$av->setEconomicUnitLocationNumber(fRequest::encode('number', 'string'));
<?php
require_once '../init.php';
$section = 'observatorio';
$sub = 'addObs';
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL($section, "add")) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
require_once INCLUDES . 'header.php';
?>
<link rel="stylesheet" href="<?php
echo CSS;
?>
ui-lightness/jquery-ui-1.8.16.custom.css" type="text/css" />
<link rel="stylesheet" href="<?php
echo JS;
?>
jwysiwyg/jquery.wysiwyg.css" type="text/css" />
<script type="text/javascript" src="<?php
echo JS;
?>
jwysiwyg/jquery.wysiwyg.js"></script>
<script type="text/javascript" src="<?php
echo JS;
<?php
if (fAuthorization::checkACL('geolocation', 'edit') || fAuthorization::checkACL('geolocation', 'delete')) {
?>
<li<?php
if ($sub == 'list') {
echo ' class="active"';
}
?>
><a href="<?php
echo GEOLOCATION;
?>
list.php">Listar</a></li><?php
}
?>
<?php
if (fAuthorization::checkACL('geolocation', 'add')) {
?>
<li<?php
if ($sub == 'add') {
echo ' class="active"';
}
?>
><a href="<?php
echo GEOLOCATION;
?>
add.php">Agregar</a></li><?php
}
?>
</div>
</ul>
public function testCheckUserACLs()
{
$acls = array('news' => array('*'), 'events' => array('read'));
fAuthorization::setUserACLs($acls);
$this->assertEquals(TRUE, fAuthorization::checkACL('news', 'foo'));
$this->assertEquals(TRUE, fAuthorization::checkACL('news', 'anything'));
$this->assertEquals(TRUE, fAuthorization::checkACL('events', 'read'));
$this->assertEquals(FALSE, fAuthorization::checkACL('events', 'write'));
}
<?php
/* if (fAuthorization::checkAuthLevel('super') && fAuthorization::checkAuthLevel('admin'))
header("Location: " . SITE);
*/
/*
$typeOfUser = (fAuthorization::checkAuthLevel('admin') || fAuthorization::checkAuthLevel('super'));
$where = "";
if (!$typeOfUser) $where = " WHERE id_user = $idUser";
*/
$canEdit = fAuthorization::checkACL('geolocation', 'edit');
$canDelete = fAuthorization::checkACL('geolocation', 'delete');
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL("geolocation", "delete") && !fAuthorization::checkACL("geolocation", "edit")) {
//header('Location: '.SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
$canEdit = true;
$canDelete = true;
$typeOfUser = fAuthorization::checkAuthLevel('super');
$where = " WHERE ";
if (!$typeOfUser) {
$where = " WHERE " . fSession::get('where_at') . " AND ";
}
$section = 'geolocation';
$section_id = 25;
$sub = 'list';
?>
<?php
<?php
require_once '../init.php';
$section = 'banner';
$sub = 'add';
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL($section, $sub)) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
require_once INCLUDES . 'header.php';
?>
<link rel="stylesheet" href="<?php
echo JS;
?>
jwysiwyg/jquery.wysiwyg.css" type="text/css" />
<link rel="stylesheet" href="<?php
echo CSS;
?>
ui-lightness/jquery-ui-1.8.16.custom.css" type="text/css" />
<script type="text/javascript" src="<?php
echo JS;
?>
jwysiwyg/jquery.wysiwyg.js"></script>
<script type="text/javascript" src="<?php
echo JS;
?>
upload/jquery.MultiFile.js"></script>
<?php
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL('user', 'edit')) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
$id = fRequest::encode('id', 'integer');
if (empty($id)) {
exit;
}
$u = new User($id);
$p = fRequest::encode('password', 'string');
if (!empty($p)) {
$p = md5($p . SALT);
$p = base64_encode($p);
$p = hash('sha256', $p);
$u->setPassword($p);
}
$u->setIdRole(fRequest::encode('role', 'integer'));
$u->setEmail(fRequest::encode('email', 'string'));
$u->setFirstName(fRequest::encode('firstName', 'string'));
$u->setLastName(fRequest::encode('lastName', 'string'));
$u->setBirthday(fRequest::encode('birthday', 'date'));
$u->setPhone(fRequest::encode('phone', 'string'));
$u->setCellphone(fRequest::encode('cellphone', 'string'));
$u->setNextel(fRequest::encode('nextel', 'string'));
$u->setFax(fRequest::encode('fax', 'string'));
$u->setAddress(fRequest::encode('address', 'string'));
try {
<?php
require_once '../init.php';
$section = 'geolocation';
$section_id = 25;
$sub = 'list';
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL($section, "delete") && !fAuthorization::checkACL($section, "edit")) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
require_once INCLUDES . 'header.php';
?>
<script type="text/javascript" src="<?php
echo SCRIPT . $section . "/" . "list";
?>
.js"></script>
<!-- MAIN CONTAINER -->
<div id="ja-container" class="wrap ja-r2">
<div class="main clearfix">
<input type="text" value="Búsqueda.." class="text" title="Búsqueda.." name="query" id="query" style="width:200px;margin-left:930px" />
<br/>
?>
</td>
<?php
if (fAuthorization::checkACL('user', 'edit')) {
?>
<td><a href="<?php
echo USER . 'edit.php?id=' . $item->getIdUser();
?>
" title="edit" class="edit"><img src="<?php
echo ICON;
?>
edit.png" /></a></td><?php
}
?>
<?php
if (fAuthorization::checkACL('user', 'delete')) {
?>
<td><a href="" title="<?php
echo $item->getIdUser();
?>
" class="delete"><img src="<?php
echo ICON;
?>
delete.png" /></a></td><?php
}
?>
</tr>
<?php
}
?>
</table>
