function updatecontentobj(&$contentobj, $preview = false, $params = null) { if ($params == null) { $params = $_POST; } $userid = get_userid(); $adminaccess = check_ownership($userid, $contentobj->Id()) || check_permission($userid, 'Modify Any Page'); #Fill contentobj with parameters $contentobj->FillParams($params); if ($preview) { $error = $contentobj->ValidateData(); } if (isset($params["ownerid"])) { $contentobj->SetOwner($params["ownerid"]); } $contentobj->SetLastModifiedBy($userid); // #Fill Additional Editors (kind of kludgy) // if (isset($params["additional_editors"])) // { // $addtarray = array(); // foreach ($params["additional_editors"] as $addt_user_id) // { // $addtarray[] = $addt_user_id; // } // $contentobj->SetAdditionalEditors($addtarray); // } // else if ($adminaccess) // { // $contentobj->SetAdditionalEditors(array()); // } }
function TabNames() { $res = array(lang('main')); if (check_permission(get_userid(), 'Manage All Content')) { $res[] = lang('options'); } return $res; }
function __construct() { parent::__construct(); $this->page = "AssignProject"; if (check_permission("UserManagement", "n")) { $this->goFailPage(); } }
function __construct() { parent::__construct(); $this->page = "RoleManagement"; if (check_permission($this->page, "n")) { $this->goFailPage(); } }
function __construct() { parent::__construct(); $this->page = "QuestionManagement"; if (check_permission($this->page, "n")) { $this->goFailPage(); } if ($this->isSelectedProject() == FALSE) { redirect("PreviewSurvey"); } }
function __construct() { parent::__construct(); $this->page = "SurveyResult"; if (check_permission($this->page, "n")) { $this->goFailPage(); } if ($this->isSelectedProject() == FALSE) { redirect("PreviewSurvey"); } //$this->output->enable_profiler(TRUE); }
private static function _init() { $AC =& ac_utils::get_module('AdvancedContent'); self::$_tabs = array('main' => array('tab_id' => 'main', 'tab_name' => lang('main'), 'block_tabs' => array(), 'block_groups' => array(), 'content_blocks' => array())); if (check_permission(get_userid(), 'Manage All Content')) { self::$_tabs['options'] = array('tab_id' => 'options', 'tab_name' => lang('options'), 'block_tabs' => array(), 'block_groups' => array(), 'content_blocks' => array()); } if (check_permission(get_userid(), 'Manage AdvancedContent Options') && $AC->GetPreference('use_advanced_pageoptions', 0)) { self::$_tabs['AdvancedContent'] = array('tab_id' => 'AdvancedContent', 'tab_name' => $AC->lang('advancedcontent_tabname'), 'block_tabs' => array(), 'block_groups' => array(), 'content_blocks' => array()); } self::$_init = true; }
function get_delete_list($sel_nodes, &$parent, &$final_result, $depth = 0) { // get the list of items we should delete $userid = get_userid(); if (!check_permission($userid, 'Remove Pages')) { return FALSE; } global $mypages; $status = TRUE; foreach ($sel_nodes as $node) { if (check_ownership($userid, $node->getTag()) || quick_check_authorship($node->getTag(), $mypages)) { $content = $node->GetContent(false, false, true); if (!is_object($content)) { continue; } $children =& $node->getChildren(false, true); $child_status = array(); if (isset($children) && count($children)) { // we have children.. but we may not have access to // any or all of them. $tmp = array(); $child_status = get_delete_list($children, $node, $tmp, $depth + 1); if ($child_status === FALSE || count($tmp) == 0) { // there are children, but for one reason or another // we can't delete em. which means we can't delete this // parent either, or any of its parents. $status = FALSE; } else { if (!isset($final_result[$content->Id()])) { $final_result[$content->Id()] = $content; } } if (count($tmp)) { // there are children se can delete. foreach ($tmp as $content_id => $one) { if (!isset($final_result[$content_id])) { $final_result[$content_id] = $one; } } } } else { // no children if (!isset($final_result[$content->Id()])) { $final_result[$content->Id()] = $content; } } } else { $status = FALSE; } } return $status; }
function __construct() { parent::__construct(); $this->load->helper('admin/admin_menu'); $this->template->set_theme('admin'); $perm = check_permission(); if ($perm === FALSE) { $this->session->set_flashdata('redirect', $this->uri->uri_string()); redirect('user/login'); } elseif ($perm === NULL) { show_error('Yetkiniz yok.'); } }
function check_permission($dir) { $d = opendir($dir); while ($file = readdir($d)) { if ($file == '.' || $file == '..') { continue; } $file = $dir . '/' . $file; if (!is_readable($file) || !is_writeable($file) || is_dir($file) && (!is_executable($file) || check_permission($file))) { return TRUE; } } return FALSE; }
public function __construct() { $this->ci = get_instance(); $this->ci->load->library('asset'); $this->ci->load->helper('template'); if (get_option('debug') == 1 && check_permission('dummy')) { $this->ci->output->enable_profiler(TRUE); $this->debug = TRUE; error_reporting(E_ALL); } if (get_option('theme')) { $this->theme = get_option('theme'); } }
function smarty_cms_function_edit($params, &$smarty) { global $gCms; if (!check_permission(get_userid(false), 'Modify Any Page') && !quick_check_authorship($gCms->variables['content_id'], author_pages(get_userid(false)))) { return; } $urlext = '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY]; $text = isset($params['text']) ? $params['text'] : 'Edit This Page'; if (isset($params["showbutton"])) { return '<a href="' . $gCms->config['root_url'] . '/' . $gCms->config['admin_dir'] . '/editcontent.php' . $urlext . '&content_id=' . $gCms->variables['content_id'] . '"><img src="' . $gCms->config['root_url'] . '/images/cms/editbutton.png" alt="' . $text . '"/></a>'; } else { return '<a href="' . $gCms->config['root_url'] . '/' . $gCms->config['admin_dir'] . '/editcontent.php' . $urlext . '&content_id=' . $gCms->variables['content_id'] . '">' . $text . '</a>'; } /* global $gCms; $userid = get_userid(false); if(!$userid) return; $access = check_permission($userid, 'Modify Any Page'); if (!$access) return; $text = 'Edit This Page'; if (!empty($params['text'])) { $text = $params['text']; } //will this work if using htaccess? (Yes! -Wishy) if (isset($params["showbutton"])) { return '<a href="'.$gCms->config['root_url'].'/'.$gCms->config['admin_dir'].'/editcontent.php?content_id='.$gCms->variables['content_id'].'"><img src="'.$gCms->config['root_url'].'/images/cms/editbutton.png" alt="'.$text.'"/></a>'; } else { return '<a href="'.$gCms->config['root_url'].'/'.$gCms->config['admin_dir'].'/editcontent.php?content_id='.$gCms->variables['content_id'].'">'.$text.'</a>'; } */ }
function fetchPrefabTemplates() { global $AVE_Template; if (check_permission('template_new')) { $verzname = BASE_DIR . '/inc/data/prefabs/templates'; $dht = opendir($verzname); $sel_theme = ''; while (gettype($theme = readdir($dht)) != @boolean) { if (is_file($verzname . '/' . $theme) && $theme != '.' && $theme != '..') { $sel_theme .= '<option value="' . $theme . '">' . strtoupper(substr($theme, 0, -4)) . '</option>'; $theme = ''; } } $AVE_Template->assign('sel_theme', $sel_theme); if (!empty($_REQUEST['theme_pref'])) { ob_start(); @readfile(BASE_DIR . '/inc/data/prefabs/templates/' . $_REQUEST['theme_pref']); $prefab = ob_get_contents(); ob_end_clean(); $AVE_Template->assign('prefab', $prefab); } } }
if ($this->session->userdata('id') == 1 or check_permission('staff_list')) { ?> <li> <a href="<?php echo base_url(); ?> staff/index" class="waves-effect waves-button"> <span class="menu-icon fa fa-users fa-flip-horizontal"></span> <p>Staff</p> </a> </li> <?php } ?> <?php if ($this->session->userdata('id') == 1 or check_permission('log_menu')) { ?> <li> <a href="<?php echo base_url(); ?> kpitb_panel/logs" class="waves-effect waves-button"> <span class="menu-icon fa fa-lock fa-flip-horizontal"></span> <p>Logs</p> </a> </li> <?php } ?> </ul>
$contentobj->FillParams($_POST); } } catch (CmsEditContentException $e) { $error = $e->getMessage(); } } if (!$access) { echo "<div class=\"pageerrorcontainer pageoverflow\"><p class=\"pageerror\">" . lang('noaccessto', array(lang('addcontent'))) . "</p></div>"; } else { $tabnames = $contentobj->TabNames(); // Get a list of content_types and build the dropdown to select one $typesdropdown = '<select name="content_type" onchange="document.Edit_Content.submit()" class="standard">'; $cur_content_type = ''; $content_types = $contentops->ListContentTypes(false, true); foreach ($content_types as $onetype => $onetypename) { if ($onetype == 'errorpage' && !check_permission($userid, 'Manage All Content')) { continue; } $typesdropdown .= '<option value="' . $onetype . '"'; if ($onetype == $content_type) { $typesdropdown .= ' selected="selected" '; $cur_content_type = $onetype; } $typesdropdown .= ">" . $onetypename . "</option>"; } $typesdropdown .= "</select>"; cms_utils::set_app_data('editing_content', $contentobj); if (empty($error) && $contentobj->GetError()) { $error = $contentobj->GetError(); } if (FALSE == empty($error)) {
<?php global $current_section; $current_section = 'inventory'; require_once '../../init.php'; // Required files require_once MAD_PATH . '/www/cp/auth.php'; require_once MAD_PATH . '/functions/adminredirect.php'; require_once MAD_PATH . '/www/cp/restricted.php'; require_once MAD_PATH . '/www/cp/admin_functions.php'; require_once MAD_PATH . '/www/cp/templates/header.tpl.php'; if (!check_permission('inventory', $user_detail['user_id'])) { exit; } if (check_permission_simple('modify_publications', $user_detail['user_id'])) { if (isset($_GET['delete']) && $_GET['delete'] == 1 && is_numeric($_GET['id'])) { delete_publication($_GET['id']); } } ?> <div id="content"> <div id="contentHeader"> <h1>Inventory</h1> </div> <!-- #contentHeader --> <div class="container"> <div class="grid-24">
$result = $db->Execute($query, array($id)); if ($result) { $line = $result->FetchRow(); $name = $line["css_name"]; } else { $error = lang('errorretrievingtemplate'); } } #****************************************************************************** # first getting all user permissions #****************************************************************************** $userid = get_userid(); $modify = check_permission($userid, 'Modify Stylesheet Assoc'); $modifytpl = check_permission($userid, 'Modify Templates'); $delasso = check_permission($userid, 'Remove Stylesheet Assoc'); $addasso = check_permission($userid, 'Add Stylesheet Assoc'); $query = "SELECT assoc_to_id, template_name FROM " . cms_db_prefix() . "css_assoc, " . cms_db_prefix() . "templates\n\t\tWHERE assoc_type=? AND assoc_css_id = ? AND assoc_to_id = template_id"; $result = $db->Execute($query, array($type, $id)); #****************************************************************************** # displaying erros if any #****************************************************************************** if (isset($_GET["message"])) { $message = preg_replace('/\\</', '', $_GET['message']); echo '<div class="pagemcontainer"><p class="pagemessage">' . $message . '</p></div>'; } if ("" != $error) { echo "<div class=\"pageerrorcontainer\"><p class=\"pageerror\">" . $error . "</p></div>"; } if (!$addasso && !$modify && !$delasso) { echo "<div class=\"pageerrorcontainer\"><p class=\"pageerror\">" . lang('noaccessto', array(lang('addcssassociation'))) . "</p></div>"; } else {
if (isset($templates_used) && $templates_used != "") { $template_list = $template_list.",".$templates_used; } $site_template->cache_templates($template_list);*/ //----------------------------------------------------- //--- Register Global Vars ---------------------------- //----------------------------------------------------- $total_images = 0; $total_categories = 0; $auth_cat_sql['auth_viewcat']['IN'] = 0; $auth_cat_sql['auth_viewcat']['NOTIN'] = 0; $cache_id = create_cache_id('data.auth_and_info', array($user_info[$user_table_fields['user_id']])); if (!($data = get_cache_file($cache_id, null))) { if (!empty($cat_cache)) { foreach ($cat_cache as $key => $val) { if (check_permission("auth_viewcat", $key)) { $total_categories++; if (isset($val['num_images'])) { $total_images += $val['num_images']; } else { $cat_cache[$key]['num_images'] = 0; } $auth_cat_sql['auth_viewcat']['IN'] .= ", " . $key; } else { $auth_cat_sql['auth_viewcat']['NOTIN'] .= ", " . $key; } } } $data = array(); $data['total_images'] = $total_images; $data['total_categories'] = $total_categories;
if ($remove && $oneuser->id != 1 && $oneuser->id != $userid) { echo "<td><a href=\"deleteuser.php" . $urlext . "&user_id=" . $oneuser->id . "\" onclick=\"return confirm('" . cms_html_entity_decode_utf8(lang('deleteconfirm', $oneuser->username), true) . "');\">"; echo $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon'); echo "</a></td>\n"; } else { echo "<td> </td>\n"; } echo "</tr>\n"; $currow == "row1" ? $currow = "row2" : ($currow = "row1"); } $counter++; } echo '</tbody>'; echo "</table>\n"; } if (check_permission($userid, 'Add Users')) { ?> <div class="pageoptions"> <p class="pageoptions"> <a href="adduser.php<?php echo $urlext; ?> "> <?php echo $themeObject->DisplayImage('icons/system/newobject.gif', lang('adduser'), '', '', 'systemicon') . '</a>'; echo ' <a class="pageoptions" href="adduser.php' . $urlext . '">' . lang("adduser"); ?> </a> </p> </div> </div>
if ($action == 'inactive') { $userid = get_userid(); $permission = check_permission($userid, 'Modify Templates'); foreach ($nodelist as $node) { if ($permission) { if ($node->active) { $node->active = false; $node->Save(); } } } redirect("listtemplates.php" . $urlext); } else { if ($action == 'active') { $userid = get_userid(); $permission = check_permission($userid, 'Modify Templates'); foreach ($nodelist as $node) { if ($permission) { if (!$node->active) { $node->active = true; $node->Save(); } } } redirect("listtemplates.php" . $urlext); } else { redirect("listtemplates.php" . $urlext); } } } }
<?php global $current_section; $current_section = 'configuration'; require_once '../../init.php'; // Required files require_once MAD_PATH . '/www/cp/auth.php'; require_once MAD_PATH . '/functions/adminredirect.php'; require_once MAD_PATH . '/www/cp/restricted.php'; require_once MAD_PATH . '/www/cp/admin_functions.php'; require_once MAD_PATH . '/www/cp/templates/header.tpl.php'; if (!check_permission('configuration', $user_detail['user_id'])) { exit; } ?> <div id="content"> <div id="contentHeader"> <h1>System Log</h1> </div> <!-- #contentHeader --> <div class="container"> <div class="grid-24"> <div class="widget widget-table"> <div class="widget-header">
<?php require_once '../lib/header_ajax.php'; require_once '../lib/lib_books.php'; try { check_permission(PERM_ADDER); if (!isset($_POST['sid']) || !isset($_POST['book_id'])) { throw new UnexpectedValueException(); } $sid = $_POST['sid']; $book_id = $_POST['book_id']; sql_begin(); //creating book if necessary if ($book_id == -1) { //find the parent id $res = sql_pe("SELECT book_id, url FROM sources WHERE source_id = (SELECT parent_id FROM sources WHERE source_id=? LIMIT 1) LIMIT 1", array($sid)); if (!isset($_POST['book_name']) || !$res[0]['book_id']) { throw new UnexpectedValueException(); } $book_id = books_add($_POST['book_name'], $res[0]['book_id']); $res = sql_pe("SELECT url FROM sources WHERE source_id=? LIMIT 1", array($sid)); books_add_tag($book_id, 'url:' . $res[0]['url']); download_url($res[0]['url']); } //bind sql_pe("UPDATE sources SET book_id=? WHERE source_id=? LIMIT 1", array($book_id, $sid)); sql_commit(); $res = sql_pe("SELECT book_name FROM books WHERE book_id=? LIMIT 1", array($book_id)); $result['title'] = htmlspecialchars($res[0]['book_name']); $result['book_id'] = $book_id; } catch (Exception $e) {
<div class="modal-content"> <h4>Are you sure you want to delete?</h4> <p>Once you delete this post there will be no way to recover it</p> </div> <div class="modal-footer"> <div class="row right"> <div class="col l12 s12"> <a href="#!" class="modal-close waves-effect waves-blue btn blue ">Cancel</a> <a href="blog.php?delpost=" id="del_button" class="modal-close waves-effect waves-red btn red ">Delete</a> </div> </div> </div> </div> <?php } else { if (check_permission("Blog", "post_blog")) { ?> <br><a class="btn green" href="new_blog_post.php">New</a><br /><br /> <?php } ?> <p>There are no blog posts!</p> <?php } ?> <div> <div class="row"> <?php if ($num_pages > 1) { echo_page($num_pages, $current_page, $page['name']);
#This program is distributed in the hope that it will be useful, #but WITHOUT ANY WARRANTY; without even the implied warranty of #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #GNU General Public License for more details. #You should have received a copy of the GNU General Public License #along with this program; if not, write to the Free Software #Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # #$Id: supportinfo.php 4216 2007-10-06 19:28:55Z wishy $ $CMS_ADMIN_PAGE = 1; require_once "../include.php"; $urlext = '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY]; @set_time_limit(9999); // this may not work on all hosts $userid = get_userid(); $access = check_permission($userid, "Modify Site Preferences"); if (!$access) { die('Permission Denied'); return; } include_once "header.php"; define('CMS_BASE', dirname(dirname(__FILE__))); require_once cms_join_path(CMS_BASE, 'lib', 'test.functions.php'); function checksum_lang($params, &$smarty) { if (isset($params['key'])) { return lang($params['key']); } } function check_checksum_data(&$report) {
function method_insertpin($params, $error) { if (!isset($_SESSION['username'])) { die("Not logged in"); } if (!check_permission($_SESSION['member_id'], "AMEND_PINS")) { $error->SetError(JsonRpcError_PermissionDenied, "Permission Denied (AMEND_PINS)"); return $error; } $err = ""; $link = db_link(); if (strlen($params[1]) <= 1) { $d = ""; } else { $exp_date = new DateTime($params[1]); $d = date_format($exp_date, 'd/m/Y H:i:s'); } $ret = $link->sp_pin_insert($params[0], $d, $params[2], $params[3], $err); $link->close(); if (strlen($err) > 0) { $ret = $err; } else { if (!$ret) { $ret = "Failed to insert"; } else { $ret = ""; } } return $ret; }
function display_content_list($themeObject = null) { $gCms = cmsms(); global $thisurl; global $urlext; check_login(); $userid = get_userid(); // setup which columns to display. $mypages = author_pages($userid); $columnstodisplay = array(); $columnstodisplay['expand'] = 1; $columnstodisplay['hier'] = 1; $columnstodisplay['page'] = 1; $columnstodisplay['alias'] = get_site_preference('listcontent_showalias', 1); $columnstodisplay['url'] = get_site_preference('listcontent_showurl', 1); $columnstodisplay['template'] = 1; $columnstodisplay['friendlyname'] = 1; $columnstodisplay['owner'] = 1; $columnstodisplay['active'] = check_permission($userid, 'Manage All Content'); $columnstodisplay['default'] = check_permission($userid, 'Manage All Content'); $columnstodisplay['move'] = check_permission($userid, 'Manage All Content') || check_permission($userid, 'Reorder Content'); $columnstodisplay['view'] = 1; $columnstodisplay['copy'] = check_permission($userid, 'Add Pages') || check_permission($userid, 'Manage All Content'); $columnstodisplay['edit'] = 1; $columnstodisplay['delete'] = check_permission($userid, 'Remove Pages') || check_permission($userid, 'Manage All Content'); $columnstodisplay['multiselect'] = check_permission($userid, 'Remove Pages') || check_permission($userid, 'Manage All Content'); $page = 1; if (isset($_GET['page'])) { $page = $_GET['page']; } //$limit = get_preference($userid, 'paging', 0); $limit = 0; //Took out pagination $thelist = ''; $count = 0; $currow = "row1"; if ($themeObject == null) { $themeObject = AdminTheme::GetThemeObject(); } // construct true/false button images $image_true = $themeObject->DisplayImage('icons/system/true.gif', lang('true'), '', '', 'systemicon'); $image_set_false = $themeObject->DisplayImage('icons/system/true.gif', lang('setfalse'), '', '', 'systemicon'); $image_set_true = $themeObject->DisplayImage('icons/system/false.gif', lang('settrue'), '', '', 'systemicon'); $expandImg = $themeObject->DisplayImage('icons/system/expand.gif', lang('expand'), '', '', 'systemicon'); $contractImg = $themeObject->DisplayImage('icons/system/contract.gif', lang('contract'), '', '', 'systemicon'); $downImg = $themeObject->DisplayImage('icons/system/arrow-d.gif', lang('down'), '', '', 'systemicon'); $upImg = $themeObject->DisplayImage('icons/system/arrow-u.gif', lang('up'), '', '', 'systemicon'); $viewImg = $themeObject->DisplayImage('icons/system/view.gif', lang('view'), '', '', 'systemicon'); $editImg = $themeObject->DisplayImage('icons/system/edit.gif', lang('edit'), '', '', 'systemicon'); $copyImg = $themeObject->DisplayImage('icons/system/copy.gif', lang('copy'), '', '', 'systemicon'); $deleteImg = $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon'); #Setup array so we don't load more templates than we need to $templateops = TemplateOperations::get_instance()->LoadTemplates(); #Ditto with users $users = array(); $menupos = array(); $openedArray = array(); if (get_preference($userid, 'collapse', '') != '') { $tmp = explode('.', get_preference($userid, 'collapse')); foreach ($tmp as $thisCol) { $colind = substr($thisCol, 0, strpos($thisCol, '=')); if ($colind != "") { $openedArray[] = $colind; } } } debug_buffer('At Start of Display Content List'); $hierarchy = $gCms->GetHierarchyManager(); $rowcount = 0; if ($hierarchy->hasChildren()) { $pagelist = array(); $children = $hierarchy->getChildren(false, true); $author_allpages = check_permission($userid, 'Reorder Content') && check_peer_authorship($userid, $children[0]->getId()); foreach ($children as $child) { display_hierarchy($child, $userid, check_modify_all($userid), $users, $menupos, $openedArray, $pagelist, $image_true, $image_set_false, $image_set_true, $upImg, $downImg, $viewImg, $editImg, $copyImg, $deleteImg, $expandImg, $contractImg, $mypages, $page, $columnstodisplay, $author_allpages); } $rowcount += count($pagelist); foreach ($pagelist as $item) { $thelist .= $item; } $thelist .= '</tbody>'; $thelist .= "</table>\n"; } $headoflist = ''; $headoflist .= '<div class="pageoverflow"><p class="pageoptions">'; if (check_permission($userid, 'Add Pages') || check_permission($userid, 'Manage All Content')) { $headoflist .= '<a href="addcontent.php' . $urlext . '" class="pageoptions">'; $headoflist .= $themeObject->DisplayImage('icons/system/newobject.gif', lang('addcontent'), '', '', 'systemicon') . '</a>'; $headoflist .= ' <a class="pageoptions" href="addcontent.php' . $urlext . '">' . lang("addcontent") . '</a>'; } $headoflist .= '<a style="margin-left: 10px;" href="' . $thisurl . '&expandall=1" onclick="xajax_content_expandall(); return false;">'; $headoflist .= $themeObject->DisplayImage('icons/system/expandall.gif', lang('expandall'), '', '', 'systemicon') . '</a>'; $headoflist .= ' <a class="pageoptions" href="' . $thisurl . '&expandall=1" onclick="xajax_content_expandall(); return false;">' . lang("expandall") . '</a> '; $headoflist .= ' <a href="' . $thisurl . '&collapseall=1" onclick="xajax_content_collapseall(); return false;">'; $headoflist .= $themeObject->DisplayImage('icons/system/contractall.gif', lang('contractall'), '', '', 'systemicon') . '</a>'; $headoflist .= ' <a class="pageoptions" href="' . $thisurl . '&collapseall=1" onclick="xajax_content_collapseall(); return false;">' . lang("contractall") . '</a>'; if (check_permission($userid, 'Manage All Content')) { $reorderurl = "ordercontent.php?" . CMS_SECURE_PARAM_NAME . "=" . $_SESSION[CMS_USER_KEY]; $headoflist .= ' <a href="' . $reorderurl . '">'; $headoflist .= $themeObject->DisplayImage('icons/system/reorder.gif', lang('reorderpages'), '', '', 'systemicon') . '</a>'; $headoflist .= ' <a class="pageoptions" href="' . $reorderurl . '">' . lang('reorderpages') . '</a>'; } $headoflist .= '</p></div>'; $headoflist .= '<form action="multicontent.php" method="post">'; $headoflist .= '<div class="hidden" ><input type="hidden" name="' . CMS_SECURE_PARAM_NAME . '" value="' . $_SESSION[CMS_USER_KEY] . '"/></div>' . "\n"; $headoflist .= '<table cellspacing="0" class="pagetable">' . "\n"; $headoflist .= '<thead>'; $headoflist .= "<tr>\n"; // setup column titles. if ($columnstodisplay['expand']) { $headoflist .= "<th> </th>"; } if ($columnstodisplay['hier']) { $headoflist .= "<th> </th>"; } if ($columnstodisplay['page']) { $str = lang('menutext'); if (get_site_preference('listcontent_showtitle')) { $str = lang('title'); } $headoflist .= '<th scope="col" class="pagew25" title="' . lang('lctitle_page') . '">' . lang('page') . " <em>({$str})</em></th>\n"; } if ($columnstodisplay['alias']) { $headoflist .= '<th scope="col" title="' . lang('lctitle_alias') . '">' . lang('pagealias') . "</th>\n"; } if ($columnstodisplay['url']) { $headoflist .= '<th scope="col" title="' . lang('lctitle_url') . '">' . lang('url') . "</th>\n"; } if ($columnstodisplay['template']) { $headoflist .= '<th scope="col" title="' . lang('lctitle_template') . '">' . lang('template') . "</th>\n"; } if ($columnstodisplay['friendlyname']) { $headoflist .= "<th scope=\"col\" >" . lang('type') . "</th>\n"; } if ($columnstodisplay['owner']) { $headoflist .= '<th scope="col" title="' . lang('lctitle_owner') . '">' . lang('owner') . "</th>\n"; } if ($columnstodisplay['active']) { $headoflist .= '<th scope="col" title="' . lang('lctitle_active') . '" class="pagepos">' . lang('active') . "</th>\n"; } if ($columnstodisplay['default']) { $headoflist .= '<th scope="col" title="' . lang('lctitle_default') . '" class="pagepos">' . lang('default') . "</th>\n"; } if ($columnstodisplay['move']) { $headoflist .= '<th scope="col" title="' . lang('lctitle_move') . '" class="move">' . lang('move') . "</th>\n"; } if ($columnstodisplay['view']) { $headoflist .= "<th class=\"pageicon\"> </th>\n"; } if ($columnstodisplay['copy']) { $headoflist .= "<th class=\"pageicon\"> </th>\n"; } if ($columnstodisplay['edit']) { $headoflist .= "<th class=\"pageicon\"> </th>\n"; } if ($columnstodisplay['delete']) { $headoflist .= "<th class=\"pageicon\"> </th>\n"; } if ($columnstodisplay['multiselect']) { $headoflist .= '<th scope="col" title="' . lang('lctitle_multiselect') . '" class="checkbox"><input id="selectall" type="checkbox" onclick="select_all();" /><label for="selectall" class="invisible">' . lang('toggle') . '</label></th>' . "\n"; // checkbox column } $headoflist .= "</tr>\n"; $headoflist .= '</thead>'; $headoflist .= '<tbody>'; ob_start(); $opts = array(); if (check_permission($userid, 'Remove Pages') || check_permission($userid, 'Manage All Content')) { bulkcontentoperations::register_function(lang('delete'), 'delete'); } if (check_permission($userid, 'Manage All Content')) { bulkcontentoperations::register_function(lang('active'), 'active'); bulkcontentoperations::register_function(lang('inactive'), 'inactive'); bulkcontentoperations::register_function(lang('cachable'), 'setcachable'); bulkcontentoperations::register_function(lang('noncachable'), 'setnoncachable'); bulkcontentoperations::register_function(lang('showinmenu'), 'showinmenu'); bulkcontentoperations::register_function(lang('hidefrommenu'), 'hidefrommenu'); bulkcontentoperations::register_function(lang('secure'), 'secure'); bulkcontentoperations::register_function(lang('insecure'), 'insecure'); bulkcontentoperations::register_function(lang('settemplate'), 'settemplate'); bulkcontentoperations::register_function(lang('changeowner'), 'changeowner'); } $opts = bulkcontentoperations::get_operation_list(); if (!empty($opts)) { echo '<div class="pageoptions">' . "\n"; echo '<div style="margin-top: 0; float: right; text-align: right">' . "\n"; echo '<label for="multiaction">' . lang('selecteditems') . '</label>: '; echo '<select name="multiaction" id="multiaction">'; foreach ($opts as $key => $value) { echo '<option value="' . $key . '">' . $value . '</option>'; } echo '</select>' . "\n"; echo '<input type="submit" accesskey="s" value="' . lang('submit') . '"/></div></div>' . "\n"; } /* } */ ?> <div style="float: left;"> <?php if (check_permission($userid, 'Add Pages') || check_permission($userid, 'Manage All Content')) { ?> <a href="addcontent.php<?php echo $urlext; ?> " class="pageoptions"> <?php echo $themeObject->DisplayImage('icons/system/newobject.gif', lang('addcontent'), '', '', 'systemicon') . '</a>'; echo ' <a class="pageoptions" href="addcontent.php' . $urlext . '">' . lang("addcontent"); ?> </a> <?php } ?> <a style="margin-left: 10px;" href="'.$thisurl.'&expandall=1" onclick="xajax_content_expandall(); return false;"> <?php echo $themeObject->DisplayImage('icons/system/expandall.gif', lang('expandall'), '', '', 'systemicon') . '</a>'; echo ' <a class="pageoptions" href="' . $thisurl . '&expandall=1" onclick="xajax_content_expandall(); return false;">' . lang("expandall"); ?> </a> <a href="<?php echo $thisurl; ?> &collapseall=1" onclick="xajax_content_collapseall(); return false;"> <?php echo $themeObject->DisplayImage('icons/system/contractall.gif', lang('contractall'), '', '', 'systemicon') . '</a>'; echo ' <a class="pageoptions" href="' . $thisurl . '&collapseall=1" onclick="xajax_content_collapseall(); return false;">' . lang("contractall") . '</a>'; if (check_permission($userid, 'Manage All Content')) { $image_reorder = $themeObject->DisplayImage('icons/system/reorder.gif', lang('reorderpages'), '', '', 'systemicon'); $reorderurl = "ordercontent.php?" . CMS_SECURE_PARAM_NAME . "=" . $_SESSION[CMS_USER_KEY]; echo ' <a class="pageoptions" href="' . $reorderurl . '">' . $image_reorder . '</a> <a class="pageoptions" href="' . $reorderurl . '">' . lang('reorderpages') . '</a>'; } ?> </div> <br /> <div class="clearb"></div> <?php $footer = ob_get_contents(); ob_end_clean(); return $headoflist . $thelist . $footer . '</form></div>'; }
/** * Create a hierarchical ordered dropdown of all the content objects in the system for use * in the admin and various modules. If $current or $parent variables are passed, care is taken * to make sure that children which could cause a loop are hidden, in cases of when you're creating * a dropdown for changing a content object's parent. * * @param string $current The currently selected content object. If none is given, we show all items. * @param string $parent The parent of the currently selected content object. If none is given, we show all items. * @param string $name The html name of the dropdown * @param boolean $allowcurrent Overrides the logic if $current and/or $parent are passed. Defaults to false. * @param boolean $use_perms If true, checks authorship permissions on pages and only shows those the current * user has access to. * @param boolean $ignore_current Ignores the value of $current totally by not marking any items as invalid. * @param boolean $allow_all If true, show all items, even if the content object * doesn't have a valid link. Defaults to false. * @param boolean $use_name if true use Name() else use MenuText() Defaults to using the system preference. * @return string The html dropdown of the hierarchy */ function CreateHierarchyDropdown($current = '', $parent = '', $name = 'parent_id', $allowcurrent = 0, $use_perms = 0, $ignore_current = 0, $allow_all = false, $use_name = null) { $result = ''; $userid = -1; if (is_null($use_name)) { $use_name = get_site_preference('listcontent_showtitle', true); } $allcontent = $this->GetAllContent(false); if ($allcontent !== FALSE && count($allcontent) > 0) { if ($use_perms) { $userid = get_userid(); } if ($userid > 0 && check_permission($userid, 'Manage All Content') || $userid == -1 || $parent == -1) { $result .= '<option value="-1">' . lang('none') . '</option>'; } $curhierarchy = ''; foreach ($allcontent as $one) { if (!is_object($one)) { continue; } $value = $one->Id(); if ($value == $current) { // Grab hierarchy just in case we need to check children // (which will always be after) $curhierarchy = $one->Hierarchy(); if (!$allowcurrent) { // Then jump out. We don't want ourselves in the list. continue; } $value = -1; } // If it doesn't have a valid link... // don't include it. if (!$allow_all && !$one->HasUsableLink()) { continue; } // If it's a child of the current, we don't want to show it as it // could cause a deadlock. if (!$allowcurrent && $curhierarchy != '' && strstr($one->Hierarchy() . '.', $curhierarchy . '.') == $one->Hierarchy() . '.') { continue; } // If we have a valid userid... only include pages where this user // has write access... or is an admin user... or has appropriate permission. if ($userid > 0 && $one->Id() != $parent) { if (!check_permission($userid, 'Manage All Content') && !check_authorship($userid, $one->Id())) { continue; } } // Don't include content types that do not want children either... if (!$one->WantsChildren()) { continue; } $result .= '<option value="' . $value . '"'; // Select current parent if it exists if ($one->Id() == $parent) { $result .= ' selected="selected"'; } $txt = $use_name ? $one->Name() : $one->MenuText(); if ($value == -1 && $ignore_current == 0) { $result .= '>' . $one->Hierarchy() . '. - ' . $txt . ' (' . lang('invalid') . ')</option>'; } else { $result .= '>' . $one->Hierarchy() . '. - ' . $txt . '</option>'; } } } if (!empty($result)) { $result = '<select name="' . $name . '" id="' . $name . '">' . $result . '</select>'; } return $result; }
#$Id: listusertags.php 7396 2011-09-15 12:57:25Z rolf1 $ $CMS_ADMIN_PAGE = 1; require_once "../include.php"; require_once cms_join_path($dirname, 'lib', 'html_entity_decode_utf8.php'); $urlext = '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY]; check_login(); $plugin = ''; if (isset($_GET['plugin'])) { $plugin = $_GET['plugin']; } $action = ''; if (isset($_GET['action'])) { $action = $_GET['action']; } $userid = get_userid(); $access = check_permission($userid, 'Modify User-defined Tags'); if (!$access) { die('Permission Denied'); return; } $smarty = cmsms()->GetSmarty(); include_once "header.php"; function listudt_summarize($str, $numwords, $ets = '...') { $str = strip_tags($str); $stringarray = explode(" ", $str); if ($numwords >= count($stringarray)) { return $str; } $tmp = array_slice($stringarray, 0, $numwords); $tmp = implode(' ', $tmp) . $ets;
<?php include "../../../lib/start.php"; check_session(); check_permission(DOC_PERM); //$sel_alunni = "SELECT alunni.*, indirizzo, telefono1, telefono2, telefono3, email, messenger, blog FROM alunni LEFT JOIN indirizzi_alunni ON alunni.id_alunno = indirizzi_alunni.id_alunno LEFT JOIN profili_alunni ON indirizzi_alunni.id_alunno = profili_alunni.id_alunno WHERE id_classe = ".$_SESSION['__classe__']->get_ID()." ORDER BY cognome, nome"; $sel_alunni = "SELECT alunni.* FROM alunni WHERE id_classe = " . $_SESSION['__classe__']->get_ID() . " ORDER BY cognome, nome"; $res_alunni = $db->execute($sel_alunni); include "elenco_alunni.html.php";
} elseif ($is_image_owner) { $admin_links .= $config['user_edit_comments'] != 1 ? "" : "<a href=\"" . $site_sess->url(ROOT_PATH . "member.php?action=editcomment&" . URL_COMMENT_ID . "=" . $comment_row[$i]['comment_id']) . "\">" . $lang['edit'] . "</a> "; $admin_links .= $config['user_delete_comments'] != 1 ? "" : "<a href=\"" . $site_sess->url(ROOT_PATH . "member.php?action=removecomment&" . URL_COMMENT_ID . "=" . $comment_row[$i]['comment_id']) . "\">" . $lang['delete'] . "</a>"; } $site_template->register_vars(array("comment_id" => $comment_row[$i]['comment_id'], "comment_user_id" => $comment_user_id, "comment_user_status_img" => $comment_user_status_img, "comment_user_name" => $comment_user_name, "comment_user_info" => $comment_user_info, "comment_user_profile_button" => $comment_user_profile_button, "comment_user_email" => $comment_user_email, "comment_user_email_save" => $comment_user_email_save, "comment_user_mailform_link" => $comment_user_mailform_link, "comment_user_email_button" => $comment_user_email_button, "comment_user_homepage_button" => $comment_user_homepage_button, "comment_user_icq_button" => $comment_user_icq_button, "comment_user_ip" => $comment_user_ip, "comment_headline" => format_text($comment_row[$i]['comment_headline'], 0, $config['wordwrap_comments'], 0, 0), "comment_text" => format_text($comment_row[$i]['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']), "comment_date" => format_date($config['date_format'] . " " . $config['time_format'], $comment_row[$i]['comment_date']), "row_bg_number" => $row_bg_number, "admin_links" => $admin_links)); $comments .= $site_template->parse_template("comment_bit"); } // end while } //end else $site_template->register_vars("comments", $comments); unset($comments); //----------------------------------------------------- //--- BBCode & Form ----------------------------------- //----------------------------------------------------- $allow_posting = check_permission("auth_postcomment", $cat_id); $bbcode = ""; if ($config['bb_comments'] == 1 && $allow_posting) { $site_template->register_vars(array("lang_bbcode" => $lang['bbcode'], "lang_tag_prompt" => $lang['tag_prompt'], "lang_link_text_prompt" => $lang['link_text_prompt'], "lang_link_url_prompt" => $lang['link_url_prompt'], "lang_link_email_prompt" => $lang['link_email_prompt'], "lang_list_type_prompt" => $lang['list_type_prompt'], "lang_list_item_prompt" => $lang['list_item_prompt'])); $bbcode = $site_template->parse_template("bbcode"); } if (!$allow_posting) { $comment_form = ""; } else { $user_name = isset($HTTP_POST_VARS['user_name']) && $error ? format_text(trim(stripslashes($HTTP_POST_VARS['user_name'])), 2) : ($user_info['user_level'] != GUEST ? format_text($user_info['user_name'], 2) : ""); $comment_headline = isset($HTTP_POST_VARS['comment_headline']) && $error ? format_text(trim(stripslashes($HTTP_POST_VARS['comment_headline'])), 2) : ""; $comment_text = isset($HTTP_POST_VARS['comment_text']) && $error ? format_text(trim(stripslashes($HTTP_POST_VARS['comment_text'])), 2) : ""; $site_template->register_vars(array("bbcode" => $bbcode, "user_name" => $user_name, "comment_headline" => $comment_headline, "comment_text" => $comment_text, "lang_post_comment" => $lang['post_comment'], "lang_name" => $lang['name'], "lang_headline" => $lang['headline'], "lang_comment" => $lang['comment'], "lang_captcha" => $lang['captcha'], "lang_captcha_desc" => $lang['captcha_desc'], "captcha_comments" => (bool) $captcha_enable_comments)); $comment_form = $site_template->parse_template("comment_form"); } $site_template->register_vars("comment_form", $comment_form);