public function auth()
{
if (!identity::active_user()->admin) {
access::forbidden();
}
access::verify_csrf();
$form = self::_form();
$valid = $form->validate();
$user = identity::active_user();
if ($valid) {
module::event("user_auth", $user);
if (!request::is_ajax()) {
message::success(t("Successfully re-authenticated!"));
}
url::redirect(Session::instance()->get_once("continue_url"));
} else {
$name = $user->name;
log::warning("user", t("Failed re-authentication for %name", array("name" => $name)));
module::event("user_auth_failed", $name);
if (request::is_ajax()) {
$v = new View("reauthenticate.html");
$v->form = $form;
$v->user_name = identity::active_user()->name;
json::reply(array("html" => (string) $v));
} else {
self::_show_form($form);
}
}
}
public function __construct()
{
parent::__construct();
if (request::is_ajax()) {
$this->template = new View('blank');
}
}
/**
* Show shouts or shout
*/
public function index()
{
$shout = new Shout_Model();
$form_values = $shout->as_array();
$form_errors = array();
// Check post
if (csrf::valid() && ($post = $this->input->post())) {
$shout->author_id = $this->user->id;
$shout->shout = $post['shout'];
try {
$shout->save();
if (!request::is_ajax()) {
url::redirect(url::current());
}
} catch (ORM_Validation_Exception $e) {
$form_errors = $e->validation->errors();
$form_values = arr::overwrite($form_values, $post);
}
}
$shouts = ORM::factory('shout')->find_all(10);
$view = View_Mod::factory('generic/shout', array('mod_title' => __('Shouts'), 'shouts' => $shouts, 'can_shout' => ORM::factory('shout')->has_access(Shout_Model::ACCESS_WRITE, $this->user), 'errors' => $form_errors, 'values' => $form_values));
if (request::is_ajax()) {
echo $view;
return;
}
widget::add('main', $view);
}
/**
* Template loading and setup routine.
*/
public function __construct()
{
parent::__construct();
// checke request is ajax
$this->ajax_request = request::is_ajax();
// Load the template
$this->template = new View($this->template);
if ($this->auto_render == TRUE) {
Event::add('system.post_controller', array($this, '_render'));
}
/**
* 判断用户登录情况
*/
if (isset($_REQUEST['session_id'])) {
$session = Session::instance($_REQUEST['session_id']);
$manager = role::get_manager($_REQUEST['session_id']);
} else {
$session = Session::instance();
$manager = role::get_manager();
}
/* 当前请求的URL */
$current_url = urlencode(url::current(TRUE));
//当前用户管理的站点的ID
$this->site_id = site::id();
}
public function profile_pic()
{
if (request::is_ajax() && request::method() === 'post') {
$this->auto_render = FALSE;
$client_id = $this->auth->get_user()->id;
//print_r($_FILES['profile-image']);exit;
if (!empty($_FILES['profile-image']['name'])) {
$tempFile = $_FILES["profile-image"]["tmp_name"];
$filename = $_FILES["profile-image"]["name"];
$targetPath = 'assets/uploads/';
$temp = explode(".", $filename);
$extension = end($temp);
if (!is_dir($targetPath)) {
mkdir($targetPath, 0700);
$salt = 'user-' . $client_id . '-' . uniqid() . '-';
$targetFile = $targetPath . $salt . $filename;
$file_data_name = array("name" => $filename, "location" => $targetPath, "extension" => $extension);
$this->start_upload($targetFile, $tempFile);
$json = json_encode($file_data_name, TRUE);
} else {
$salt = 'user-' . $client_id . '-' . uniqid() . '-';
$targetFile = $targetPath . $salt . $filename;
$file_data_name = array("name" => $filename, "location" => $targetFile, "extension" => $extension);
$this->start_upload($targetFile, $tempFile);
$json = json_encode($file_data_name, TRUE);
}
} else {
$json = $this->auth->get_user()->user_avatar;
}
$data_profile_pic = array("user_avatar" => $json);
log_helper::add("2", $this->user_log, $this->user_id, "Profile Picture was Successfully Updated");
$this->setting_model->update_user($this->auth->get_user()->id, $data_profile_pic);
}
}
public function __construct()
{
parent::__construct();
//$this->session = Session::instance();
//$this->auth = new Auth;
// Check to see if the request is a HXR call
if (request::is_ajax()) {
// Send the 403 header
header('HTTP/1.1 403 Forbidden');
//$t = new View('blank');
return;
}
/*
if (Kohana::config_load('cw', true))
$this->cfg = Kohana::config('cw');
*/
/* if (IN_PRODUCTION === FALSE)
{
$this->profiler = new Profiler;
}*/
$t =& $this->template;
$t->header = new View('components/header');
$t->footer = new View('components/footer');
//$this->db = Database::instance();
}
public function delete_template()
{
if (request::is_ajax()) {
$this->auto_render = false;
$this->dstemplate_model->deleteTemplate($this->input->post('id'));
}
}
public function __construct()
{
parent::__construct();
$this->template->title = 'Kohana Forum';
# configure filters.
$url_array = $this->uri->segment_array();
$this->action = empty($url_array['2']) ? 'category' : $url_array['2'];
$this->filter = isset($url_array['3']) ? $url_array['3'] : '';
$this->filter2 = isset($url_array['4']) ? $url_array['4'] : '';
# configure sorters.
$this->sort = isset($_GET['sort']) ? $_GET['sort'] : 'newest';
$this->sort_by = (empty($_GET['sort']) or 'votes' == $_GET['sort']) ? 'vote_count' : 'created';
$this->order = (empty($_GET['sort']) or 'oldest' != $_GET['sort']) ? 'desc' : 'asc';
/*
* Notes:
* We make everything run through _index or _ajax
* because it's easier to delegate modular functionality
* based on whether a request is ajax or not.
* mapping publically (i.e. site.com/controller/method)
* would mean we'd have to have ajax/non-ajax logic within each method
* which i think is harder to maintain and read.
*/
# handle ajax requests of course =0
if (request::is_ajax()) {
die($this->_ajax());
}
# handle non-ajax.
die($this->_index());
}
/**
* Used to display the index page but also uses a jquery and the pagination to do preload of next pages
* of the news articles. Which are then displaye don scroll
* @param integer $page the page number (Matt are you sure this is needed, the pagination is smart enough not to need this).
*/
public function index($page = 1)
{
$total = orm::factory('news')->where('group', 'site')->where('status', 'approved')->count_all();
$paging = new Pagination(array('total_items' => $total, 'items_per_page' => 3));
$articles = orm::factory('news')->where('group', 'site')->where('status', 'approved')->find_all($paging->items_per_page, $paging->sql_offset);
$view = new View(url::location());
$view->articles = $articles;
$view->pagination = $paging->render();
$view->page_number = $paging->page_number();
// If the request is an ajax request, then the page is attempting to autoupdate
// the items with in the news, so just send through the news items.
if (request::is_ajax()) {
// if the ajax is attempting to get a page which doesnt exist, send 404
if ($page > $paging->total_pages) {
Event::run('system.404');
} else {
$this->ajax['view'] = $view;
}
} else {
// otherwise its a http request, send throught he entire page with template.
$this->template->title = 'About Us › News & Updates Archive';
$this->breadcrumbs->add()->url(false)->title('Archive');
$view->breadcrumbs = $this->breadcrumbs->cut();
$this->template->content = $view;
}
}
/**
* Template loading and setup routine.
*/
public function __construct()
{
parent::__construct();
$this->obj_session = Session::instance();
$this->obj_user_lib = User::instance();
// checke request is ajax
$this->ajax_request = request::is_ajax();
if ($this->auto_render == TRUE) {
Event::add('system.post_controller', array($this, '_render'));
}
//$session = Session::instance();
$user = array();
$user = $this->obj_session->get('USER');
//var_dump($_SESSION);
if (!empty($user)) {
$this->_user = $this->obj_user_lib->get_user_by_uid($user['id']);
}
unset($user);
$data = array();
$data['site_config'] = Kohana::config('site_config.site');
$host = $_SERVER['HTTP_HOST'];
$dis_site_config = Kohana::config('distribution_site_config');
if (array_key_exists($host, $dis_site_config) == true && isset($dis_site_config[$host])) {
$data['site_config']['site_title'] = $dis_site_config[$host]['site_name'];
$data['site_config']['keywords'] = $dis_site_config[$host]['keywords'];
$data['site_config']['description'] = $dis_site_config[$host]['description'];
}
$this->_site_config = $data;
}
public static function is_allowed($permission = 'default', $site_id = 0, $type = NULL)
{
$verify = true;
$site_ids = role::get_site_ids($type);
//超级管理员root不需要检查权限 zhu modify
if (role::is_root()) {
$verify = true;
} else {
if ($site_id > 0 && !in_array($site_id, $site_ids)) {
$verify = false;
}
$acl = Session::instance()->get(self::$acl_tag);
if ($acl) {
$acl = unserialize($acl);
} else {
$acl = self::acl_init();
}
$manager = role::get_manager();
$verify = $acl->is_allowed($manager["username"], $permission);
}
//验证操作
if ($verify) {
return $site_ids;
} else {
if (request::is_ajax()) {
$return_struct = array('status' => 0, 'code' => 501, 'msg' => Kohana::lang('o_global.access_denied'), 'content' => array());
die(json_encode($return_struct));
} else {
$referrer = tool::referrer_url();
remind::set('权限不足', $referrer, 'error');
}
}
}
/**
* constructor; set display template
*
* @author Andy Bennett
*/
function __construct()
{
Acl::instance()->redirect(Steamauth::instance()->get_role(), 'edit', null, '../');
parent::__construct();
parent::init();
$tpl = request::is_ajax() || isset($_GET['ajax']) ? 'template-ajax' : 'template-admin';
Display::instance()->set_template($tpl);
}
/**
* Sends an HTTP AUTH prompt.
*
* @return void
*/
public function http_auth_prompt_login()
{
header('HTTP/1.0 401 Unauthorized');
// Avoid popping login box for ajax requests
if (!request::is_ajax()) {
header('WWW-Authenticate: Basic realm="Ushahidi API"');
}
}
public function getOne()
{
if (request::is_ajax() and request::method() == 'get') {
$this->auto_render = FALSE;
$setting = $this->setting_model->getOne();
echo json_encode($setting);
}
}
private static function _prompt_for_reauth($controller_name, $args)
{
if (request::method() == "get" && !request::is_ajax()) {
// Avoid anti-phishing protection by passing the url as session variable.
Session::instance()->set("continue_url", url::current(true));
}
url::redirect("reauthenticate");
}
/**
* Set page width
*
* @param string $width
*/
public function width($width)
{
$this->session->set('page_width', $width == 'wide' ? 'liquid' : 'fixed');
if (request::is_ajax()) {
return;
}
url::back();
}
public static function site($uri = '', $protocol = FALSE)
{
$url = parent::site($uri, $protocol);
if (!request::is_ajax()) {
return $url;
}
return str_replace('bakayarou.kungfudiscomonkey.net', 'b.kf-dm.net', $url);
}
public function getRequestsStatistics()
{
if (request::is_ajax()) {
$this->auto_render = FALSE;
$office_id = $this->auth->get_user()->office_id;
echo json_encode($this->request_model->office_report($office_id));
}
}
/**
* Build the controller
*/
public function __construct()
{
parent::__construct();
if (!request::is_ajax()) {
header('HTTP/1.1 403 Forbidden');
return;
}
}
public function delete($id)
{
if (request::is_ajax() && request::method() === 'post') {
$this->auto_render = FALSE;
$office = $this->office_model->with('district')->find($id);
log_helper::add("1", $this->user_log, $this->user_id, "Deleted Office named " . $office->name . ".");
echo $this->office_model->delete($id);
}
}
public function save()
{
if (request::is_ajax() && request::method() === 'post') {
$this->auto_render = FALSE;
$post = security::xss_clean($this->input->post());
log_helper::add("1", $this->user_log, $this->user_id, "Added New Purchase");
$this->purchase_model->insert($post);
}
}
public function delete($id)
{
if (request::is_ajax() and request::method() === 'post') {
$this->auto_render = FALSE;
$officeBudget = $this->budget_model->with('office')->find($id);
log_helper::add("2", $this->user_log, $this->user_id, "Deleted a Office Budget for " . $officeBudget->office->name . ".");
echo $this->budget_model->delete($id);
}
}
public function __construct()
{
parent::__construct();
parent::login();
$this->auto_render = FALSE;
if (!request::is_ajax()) {
return FALSE;
}
}
public function delete($id)
{
if (request::is_ajax() && request::method() === 'post') {
$this->auto_render = FALSE;
$request = $this->request_model->find($id);
log_helper::add("1", $this->user_log, $this->user_id, "Request deleted with reference no. " . $request->reference_no . ".");
echo $this->request_model->delete($id);
}
}
public function delete($id)
{
if (request::is_ajax() && request::method() === 'post') {
$this->auto_render = FALSE;
$category = $this->category_model->find($id);
echo $this->category_model->delete($category->id);
log_helper::add("1", $this->user_log, $this->user_id, "Deleted Category named " . $category->name . ".");
}
}
public function index()
{
$content = new View('admin/account_wrapper');
if (request::is_ajax()) {
die($content);
}
$this->shell->content = $content;
die($this->shell);
}
public function delete($id)
{
if (request::is_ajax() && request::method() === 'post') {
$this->auto_render = FALSE;
$supplier = $this->supplier_model->find($id);
log_helper::add("1", $this->user_log, $this->user_id, "Deleted Supplier named " . $supplier->name . ".");
echo $this->supplier_model->delete($id);
}
}
public function save()
{
if (request::is_ajax() && request::method() === 'post') {
$this->auto_render = FALSE;
$post = security::xss_clean($this->input->post());
$latest = json_helper::convert($this->district_model->insert($post));
echo json_encode($latest);
}
}
private static function _prompt_for_reauth($controller_name, $args)
{
if (request::method() == "get") {
// Avoid anti-phishing protection by passing the url as session variable.
Session::instance()->set("continue_url", url::abs_current(true));
}
// Save the is_ajax value as we lose it, if set, when we redirect
Session::instance()->set("is_ajax_request", request::is_ajax());
url::redirect("reauthenticate");
}
/**
* Méthode : verifie qu'on est login
*/
protected function login()
{
if (!$this->user) {
if (request::is_ajax()) {
die(html::anchor(NULL, 'Veuillez vous identifier'));
} else {
return url::redirect('auth');
}
}
}
