Ejemplo n.º 1
0
 /**
  * check level permission
  * check permission based on user's level group id and page name and action.
  * 
  * @param string $page_name
  * @param string $action
  * @param integer $account_id
  * @return boolean
  */
 private static function checkLevelPermission($page_name = '', $action = '', $account_id = '')
 {
     // check for required attribute
     if (!is_numeric($account_id) || $page_name == null || $action == null) {
         return false;
     }
     if ($account_id == '1') {
         return true;
     }
     // permanent owner's account
     $site_id = \Model_Sites::getSiteId(false);
     $cache_name = 'model.accountLevelPermission-checkLevelPermission-' . $site_id . '-' . \Extension\Security::formatString($page_name, 'alphanum_dash_underscore') . '-' . \Extension\Security::formatString($action, 'alphanum_dash_underscore') . '-' . $account_id;
     $cached = \Extension\Cache::getSilence($cache_name);
     if (false === $cached) {
         // get current user levels from db.
         $result = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $account_id)->execute();
         if (count($result) > 0) {
             // loop each level of this user.
             foreach ($result as $row) {
                 if ($row->level_group_id == '1') {
                     // this user is in super admin group.
                     unset($result, $row);
                     \Cache::set($cache_name, true, 2592000);
                     return true;
                 }
                 // check this level group in permission db.
                 $result2 = \DB::select()->from(static::$_table_name)->where('level_group_id', $row->level_group_id)->where('permission_page', $page_name)->where('permission_action', $action)->execute();
                 if (count($result2) > 0) {
                     // found.
                     unset($result, $result2, $row);
                     \Cache::set($cache_name, true, 2592000);
                     return true;
                 }
                 unset($result2);
             }
             // endforeach;
             // not found in permission db. did not given any permission.
             unset($result, $row);
             \Cache::set($cache_name, 'false', 2592000);
             return false;
         }
         // not found this user role?
         unset($result);
         \Cache::set($cache_name, 'false', 2592000);
         return false;
     }
     if ('false' === $cached) {
         return false;
     } else {
         return $cached;
     }
 }
Ejemplo n.º 2
0
 /**
  * check account permission.
  * This will be check permission per user.
  * 
  * @param string $page_name
  * @param string $action
  * @param integer $account_id
  * @return boolean
  */
 public static function checkAccountPermission($page_name = '', $action = '', $account_id = '')
 {
     // check for required attribute
     if (!is_numeric($account_id) || $page_name == null || $action == null) {
         return false;
     }
     if ($account_id == '1') {
         return true;
     }
     // permanent owner's account
     $site_id = \Model_Sites::getSiteId(false);
     $cache_name = 'model.accountPermission-checkAccountPermission-' . $site_id . '-' . \Extension\Security::formatString($page_name, 'alphanum_dash_underscore') . '-' . \Extension\Security::formatString($action, 'alphanum_dash_underscore') . '-' . $account_id;
     $cached = \Extension\Cache::getSilence($cache_name);
     if (false === $cached) {
         // get current user from db.
         $result = \DB::select()->as_object()->from('accounts')->where('account_id', $account_id)->execute();
         if (count($result) > 0) {
             $row = $result->current();
             // check this account in permission db.
             $result2 = \DB::select()->from(static::$_table_name)->where('account_id', $row->account_id)->where('permission_page', $page_name)->where('permission_action', $action)->execute();
             if (count($result2) > 0) {
                 // found.
                 unset($result, $result2, $row);
                 \Cache::set($cache_name, true, 2592000);
                 return true;
             }
             unset($result, $result2, $row);
         }
         // endif not found account.
         // not found this user or not found permission in db.
         unset($result);
         \Cache::set($cache_name, 'false', 2592000);
         return false;
     }
     // endif cached
     if ('false' === $cached) {
         return false;
     } else {
         return $cached;
     }
 }
Ejemplo n.º 3
0
 /**
  * check account is logged in correctly and status is enabled. also call to check simultaneous login.
  *
  * @param intger $account_id
  * @param string $account_username
  * @param string $account_email
  * @param string $account_online_code
  * @return boolean
  */
 public function checkAccount($account_id = '', $account_username = '', $account_email = '', $account_online_code = '')
 {
     // check all required data
     if ($account_id == null || $account_username == null || $account_email == null || $account_online_code == null) {
         return false;
     }
     $site_id = \Model_Sites::getSiteId(false);
     $cache_name = 'model.accounts-checkAccount-' . $site_id . '-' . $account_id . '-' . \Extension\Security::formatString($account_username, 'alphanum_dash_underscore') . '-' . \Extension\Security::formatString($account_email, 'alphanum_dash_underscore') . '-' . \Extension\Security::formatString($account_online_code, 'alphanum_dash_underscore');
     $cached = \Extension\Cache::getSilence($cache_name);
     if (false === $cached) {
         // check for matches id username and email. ---------------------------------------------------------------
         $result = \DB::select()->from(static::$_table_name)->where('account_id', $account_id)->where('account_username', $account_username)->where('account_email', $account_email)->where('account_status', 1)->execute();
         if (count($result) > 0) {
             unset($result);
             // if not allow simultaneous login. (if not allow login from many places)
             if (\Model_Config::getval('simultaneous_login') == '0') {
                 if ($this->isSimultaneousLogin($account_id, $account_online_code, $site_id) == true) {
                     // log out
                     static::logout(array('remove_online_code' => false));
                     // load langauge for set error msg.
                     \Lang::load('account');
                     // set error message.
                     \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('account_simultaneous_login_detected')));
                     return false;
                 }
             }
             // check account passed! with or without simultaneous login check.
             \Cache::set($cache_name, true, 2592000);
             return true;
         }
         // not found account in db. or found but disabled
         unset($result);
         // log out
         static::logout();
         return false;
     }
     return $cached;
 }
Ejemplo n.º 4
0
 /**
  * get multiple config values from config_name field in config table
  *
  * @param array $config_name
  * @return array|null array if exists, null if not exists.
  */
 public static function getvalues($config_name = array())
 {
     if (!is_array($config_name) || is_array($config_name) && empty($config_name)) {
         return null;
     }
     $cache_name = 'model.config-getvalues-' . \Model_Sites::getSiteId(false) . '-' . \Extension\Security::formatString(md5(json_encode($config_name)), 'alphanum_dash_underscore');
     $cached = \Extension\Cache::getSilence($cache_name);
     if (false === $cached) {
         // because FuelPHP ORM cannot get multiple results if that table has no primary key.
         // we will use DB class
         $output = array();
         $result = \DB::select('*')->from(static::$_table_name)->as_object()->where('config_name', 'IN', $config_name)->execute();
         if ((is_array($result) || is_object($result)) && !empty($result)) {
             foreach ($result as $row) {
                 $output[$row->config_name]['value'] = $row->config_value;
                 $output[$row->config_name]['core'] = $row->config_core;
                 $output[$row->config_name]['description'] = $row->config_description;
             }
             // endforeach;
         }
         // endif;
         unset($result, $row);
         \Cache::set($cache_name, $output, 2592000);
         return $output;
         // end get values by array loop.
     }
     return $cached;
 }
Ejemplo n.º 5
0
 /**
  * check if current site is enabled
  * 
  * @return boolean
  */
 public static function isSiteEnabled()
 {
     // always return true if it is main site. (site id 1).
     $site_id = static::getSiteId(false);
     if (1 == $site_id) {
         return true;
     }
     // get domain
     if (isset($_SERVER['HTTP_HOST'])) {
         $site_domain = $_SERVER['HTTP_HOST'];
     } elseif (isset($_SERVER['SERVER_NAME'])) {
         $site_domain = $_SERVER['SERVER_NAME'];
     } else {
         $site_domain = 'localhost';
     }
     $cache_name = 'model.sites-isSiteEnabled-' . \Extension\Security::formatString($site_domain, 'alphanum_dash_underscore');
     $cached = \Extension\Cache::getSilence($cache_name);
     if (false === $cached) {
         $result = \DB::select()->from(static::$_table_name)->where('site_domain', $site_domain)->where('site_status', 1)->execute();
         $total = count($result);
         unset($result, $site_domain);
         if ($total > 0) {
             \Cache::set($cache_name, true, 2592000);
             return true;
         }
         \Cache::set($cache_name, 'false', 2592000);
         return false;
     }
     if ('false' === $cached) {
         return false;
     } else {
         return $cached;
     }
 }