function requireLevel($level) { if (getUserLevel() > $level) { header("Location: sign_in_form.php?message=no permission"); die; } }
$ticketLevel = getUserLevel($ticket_id); if ($ticketLevel == 1 && ($status == 1 || $status == 4) || $ticketLevel == 2 && $status == 2) { changeTicketStatus($ticket_id, 3); } if (isset($_POST['uaction'])) { if ($_POST['uaction'] == "close") { // close ticket closeTicket($ticket_id); } elseif ($_POST['uaction'] == "open") { // open ticket openTicket($ticket_id); } elseif (empty($_POST['user_message'])) { // no message check->error set_page_message(tr('Please type your message!'), 'warning'); } else { $userLevel = getUserLevel($_GET['ticket_id']); updateTicket($ticket_id, $user_id, $_POST['urgency'], $_POST['subject'], $_POST['user_message'], $userLevel, 2); user_goto('ticket_system.php'); } } showTicketContent($tpl, $ticket_id, $user_id, $screenwidth); } else { set_page_message(tr('Ticket not found!'), 'error'); user_goto('ticket_system.php'); } // static page messages gen_logged_from($tpl); $tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - Reseller: Support System: View Ticket'), 'TR_VIEW_SUPPORT_TICKET' => tr('View support ticket'), 'TR_TICKET_URGENCY' => tr('Priority'), 'TR_TICKET_SUBJECT' => tr('Subject'), 'TR_TICKET_DATE' => tr('Date'), 'TR_DELETE' => tr('Delete'), 'TR_NEW_TICKET_REPLY' => tr('Send message reply'), 'TR_REPLY' => tr('Send reply'), 'TR_TICKET_FROM' => tr('From'), 'TR_OPEN_TICKETS' => tr('Open tickets'), 'TR_CLOSED_TICKETS' => tr('Closed tickets'))); gen_reseller_mainmenu($tpl, 'reseller/main_menu_ticket_system.tpl'); gen_reseller_menu($tpl, 'reseller/menu_ticket_system.tpl'); gen_page_message($tpl);
<?php require_once '../secret/db_user.php'; require_once '../_top.php'; // Load wp-config so that we can use the fact that the user is logged in. require_once '../wp-config.php'; include_once '../hp-includes/people_lib.php'; include_once '../hp-includes/user_utils.php'; // current_user is a variable set by Wordpress. $uid = is_user_logged_in() ? $current_user->ID : 0; if ($uid == 0) { die("You're not logged in"); } if (getUserLevel($uid) == 0) { die("Not enough privileges"); } // Sanitize the inputs a little bit. $name = mysql_real_escape_string($_GET['name_all']); $displayName = mysql_real_escape_string($_GET['display_name']); $photoUrl = mysql_real_escape_string($_GET['photo_url']); $person = new Person(); $person->setName($name); $person->addExtraNames($displayName); $person->setDisplayName($displayName); $person->addToDatabaseIfNobody(); // Now also set the image URL. if ($photoUrl != '') { downloadPersonPhoto($person->id, $photoUrl); } // Also record this in the moderation queue so we can see who added what. $ip = $_SERVER['REMOTE_ADDR'];
* @return {Array} The array of recently added people. */ function getMostRecentNewPeople() { $s = mysql_query("\n SELECT idperson, value, display_name, name, time\n FROM moderation_queue\n LEFT JOIN people ON people.id = moderation_queue.idperson\n WHERE type='add_person'\n ORDER BY time DESC\n LIMIT 8"); $results = array(); while ($r = mysql_fetch_array($s)) { array_push($results, $r); } return $results; } // current_user is a variable set by Wordpress. $uid = is_user_logged_in() ? $current_user->ID : 0; $user_login = is_user_logged_in() ? $current_user->user_login : ''; $title = 'Profil ' . $user_login; include 'header.php'; // Grab the tags that this user has created for the Senate and for Cdep. $senatTags = getTagsList('senat_2008_votes_details', $uid); $cdepTags = getTagsList('cdep_2008_votes_details', $uid); // Try to display everything. $t = new Smarty(); $t->assign('senatTags', $senatTags); $t->assign('cdepTags', $cdepTags); $t->assign('user_login', $user_login); $t->assign('user_is_admin', getUserLevel($uid) > 0); if (getUserLevel($uid) > 0) { // Also show the history of the most recent 5 people added. $t->assign('recent_people', getMostRecentNewPeople()); } $t->assign('followed_people', followedPeopleAsArray()); $t->display('my_account_summary.tpl');
<span class="icon-bar"></span> </button> <a class="navbar-brand" href="home.php"><?php echo $s_project_name; ?> </a> </div> <div class="navbar-collapse collapse navbar-responsive-collapse"> <ul class="nav navbar-nav"> <li><a href="home.php">Home</a></li> <li><a href="sale.php">Sale</a></li> <li><a href="shipping.php">Shipping</a></li> <?php if (getUserLevel() == 0) { ?> <li><a href="admin.php">Admin</a></li> <?php } ?> </ul> <ul class="nav navbar-nav navbar-right"> <li> <?php if (!isSignin()) { ?> <a href="sign_in_form.php"> <span class="glyphicon glyphicon-log-in" aria-hidden="true"></span> <?php
<?php include_once '../_top.php'; include_once '../functions.php'; include_once '../hp-includes/people_lib.php'; include_once '../hp-includes/party_class.php'; // Load wp-config so that we can use the fact that the user is logged in. require_once '../wp-config.php'; // current_user is a variable set by Wordpress. $uid = is_user_logged_in() ? $current_user->ID : 0; if ($uid == 0 || getUserLevel($uid) == 0) { // If we're not logged in or is a logged in user with no privileges, check // the api key. For logged in users with admin privileges we don't check // this key. include_once '../secret/read_api_key.php'; } /** * @param {Person} $person * @return array */ function getOutputObjectForPerson($person) { $p = array(); $p["id"] = $person->id; $p["name"] = $person->displayName; $p["party"] = $person->getFact("party"); $p["snippet"] = $person->getHistorySnippet(); if ($p["party"]) { $party = new Party($p["party"]); $p["party_name"] = $party->name; } else {
echo '<div class="gift_action"><input type="radio" name="gift" value="' . $k . '" id="radio' . getAttr('name', $xml) . '"/></div></li>'; } function levelLessShow($xml) { echo '<li class="giftLocked"><div class="gift_img">'; echo '<img src="../static/images/giftIcon/' . getAttr('icon', $xml) . '" class="giftIconImg" style="width: 90px; margin-left: 0px;"/></div>'; echo '<div class="gift_name"><strong><span>' . getAttr('name', $xml) . '</span></strong></div>'; echo '<div class="gift_action">' . getAttr('level', $xml) . '级后可赠送</div></li>'; } function getUserLevel() { $ses = TTGenid::getbypid($_REQUEST['pid']); $user = new TTUser($ses['id']); return $user->getLevel(); } $level = getUserLevel(); foreach ($gift as $k => $child) { if ($level >= getAttr('level', $child)) { levelEnoughShow($k, $child); } else { levelLessShow($child); } } ?> </ul> <br/> <div style="width: 700px; text-align: center;" > <input type="hidden" name="sessionK" value="<?php echo $_REQUEST['sessionK']; ?>
* Main script */ // include core library require_once 'imscp-lib.php'; require_once LIBRARY_PATH . '/Functions/Tickets.php'; iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onClientScriptStart); check_login('user'); /** @var $cfg iMSCP_Config_Handler_File */ $cfg = iMSCP_Registry::get('config'); $userId = $_SESSION['user_id']; customerHasFeature('support') or showBadRequestErrorPage(); if (isset($_GET['ticket_id']) && !empty($_GET['ticket_id'])) { $userId = $_SESSION['user_id']; $ticketId = (int) $_GET['ticket_id']; $status = getTicketStatus($ticketId); $ticketLevel = getUserLevel($ticketId); if (getTicketStatus($ticketId) == 2) { changeTicketStatus($ticketId, 3); } if (isset($_POST['uaction'])) { if ($_POST['uaction'] == 'close') { closeTicket($ticketId); } elseif (isset($_POST['user_message'])) { if (empty($_POST['user_message'])) { set_page_message(tr('Please type your message.'), 'error'); } else { updateTicket($ticketId, $userId, $_POST['urgency'], $_POST['subject'], $_POST['user_message'], 1, 1); } } redirectTo('ticket_system.php'); }