public function create() { if (!isset($_POST['quantity']) || !isset($_POST['product_id']) || !isset($_POST['product_price'])) { return call('pages', 'error'); } if (isAdmin()) { $_SESSION['alert'] = "Admin is not able to buy products"; return header("Location: index.php?controller=products&action=index"); } if (!isset($_SESSION['id'])) { $_SESSION['alert'] = "Please log in before shopping"; return header("Location: index.php?controller=products&action=index"); } if (!Order::isValid($_SESSION['id'])) { $_SESSION['alert'] = "Before you can buy products, you must provide necessary perfonal information"; return header("Location: index.php?controller=products&action=index"); } if (!isset($_SESSION['orderID'])) { $_SESSION['orderID'] = Order::create($_SESSION['id']); } require_once 'models/order_detail.php'; if (OrderDetail::check($_SESSION['orderID'], $_POST['product_id'])) { OrderDetail::addQuantity($_SESSION['orderID'], $_POST['product_id'], $_POST['quantity']); } else { OrderDetail::create($_SESSION['orderID'], $_POST['product_id'], $_POST['product_price'], $_POST['quantity']); } $_SESSION['notice'] = "Added product to basket"; header("Location: index.php?controller=products&action=index"); }
public function find() { if (!$this->uri->segment(3)) { show_404(current_url(), FALSE); } else { if ($this->data['Treasure'] = $this->treasure_model->get_by('md5', $this->uri->segment(3))) { if (isFound($this->data['Treasure']->id, $this->session->userdata('id'))) { $found = TRUE; } else { $found = FALSE; if (isLoggedIn()) { if (!isBanned($this->session->userdata('id'))) { if (!isAdmin()) { $this->mytreasure_model->insert(array('pirate' => $this->session->userdata('id'), 'treasure' => $this->data['Treasure']->id, 'time' => time())); } } } } $this->data['found'] = $found; $this->template->write_view('content', 'views/treasure/find', $this->data); $this->template->render(); } else { show_404(current_url(), FALSE); } } }
/** * Generate admin page; * * @return : (text) - html presentation data; */ function _actionAdministration($sOptionApiKey, $sLangSettingsTitle, $sLangInfoTitle = '', $sLangInfoText = '') { $GLOBALS['iAdminPage'] = 1; if (!isAdmin()) { $this->_redirect(BX_DOL_URL_ROOT); } // get sys_option's category id; $iCatId = $this->_oDb->getSettingsCategoryId($sOptionApiKey); if (!$iCatId) { $sOptions = MsgBox(_t('_Empty')); } else { bx_import('BxDolAdminSettings'); $oSettings = new BxDolAdminSettings($iCatId); $mixedResult = ''; if (isset($_POST['save']) && isset($_POST['cat'])) { $mixedResult = $oSettings->saveChanges($_POST); } $sOptions = $oSettings->getForm(); if ($mixedResult !== true && !empty($mixedResult)) { $sOptions = $mixedResult . $sOptions; } } $sCssStyles = $this->_oTemplate->addCss('forms_adv.css', true); $this->_oTemplate->pageCodeAdminStart(); if ($sLangInfoText) { echo DesignBoxAdmin(_t($sLangInfoTitle), $GLOBALS['oSysTemplate']->parseHtmlByName('default_padding.html', array('content' => _t($sLangInfoText, BX_DOL_URL_ROOT)))); } echo DesignBoxAdmin(_t('_Settings'), $GLOBALS['oSysTemplate']->parseHtmlByName('default_padding.html', array('content' => $sCssStyles . $sOptions))); $this->_oTemplate->pageCodeAdmin(_t($sLangSettingsTitle)); }
/** * Function will generate facebook's admin page; * * @return : (text) - html presentation data; */ function actionAdministration() { $GLOBALS['iAdminPage'] = 1; if (!isAdmin()) { header('location: ' . BX_DOL_URL_ROOT); } // get sys_option's category id; $iCatId = $this->_oDb->getSettingsCategoryId('bx_facebook_connect_api_key'); if (!$iCatId) { $sOptions = MsgBox(_t('_Empty')); } else { bx_import('BxDolAdminSettings'); $oSettings = new BxDolAdminSettings($iCatId); $mixedResult = ''; if (isset($_POST['save']) && isset($_POST['cat'])) { $mixedResult = $oSettings->saveChanges($_POST); } // get option's form; $sOptions = $oSettings->getForm(); if ($mixedResult !== true && !empty($mixedResult)) { $sOptions = $mixedResult . $sOptions; } } $sCssStyles = $this->_oTemplate->addCss('forms_adv.css', true); $this->_oTemplate->pageCodeAdminStart(); echo DesignBoxAdmin(_t('_bx_facebook_information'), $GLOBALS['oSysTemplate']->parseHtmlByName('default_padding.html', array('content' => _t('_bx_facebook_information_block', BX_DOL_URL_ROOT)))); echo DesignBoxAdmin(_t('_Settings'), $GLOBALS['oSysTemplate']->parseHtmlByName('default_padding.html', array('content' => $sCssStyles . $sOptions))); $this->_oTemplate->pageCodeAdmin(_t('_bx_facebook_settings')); }
public function serviceGetBlockFormInvite() { $iProfileId = $this->getProfileId(); $iAccountId = $this->getAccountId($iProfileId); $mixedAllowed = $this->isAllowedInvite($iProfileId); if ($mixedAllowed !== true) { return array('content' => MsgBox($mixedAllowed)); } $mixedInvites = false; if (!isAdmin($iAccountId)) { $iInvited = (int) $this->_oDb->getInvites(array('type' => 'count_by_account', 'value' => $iAccountId)); $mixedInvites = $this->_oConfig->getCountPerUser() - $iInvited; if ($mixedInvites <= 0) { return array('content' => MsgBox(_t('_bx_invites_err_limit_reached'))); } } $oForm = $this->getFormObjectInvite(); $oForm->aInputs['text']['value'] = _t('_bx_invites_msg_invitation'); $sResult = ''; $oForm->initChecker(); if ($oForm->isSubmittedAndValid()) { $sEmails = bx_process_input($oForm->getCleanValue('emails')); $sText = bx_process_pass($oForm->getCleanValue('text')); $mixedResult = $this->invite(BX_INV_TYPE_FROM_MEMBER, $sEmails, $sText, $mixedInvites, $oForm); if ($mixedResult !== false) { $sResult = _t('_bx_invites_msg_invitation_sent', (int) $mixedResult); } else { $sResult = _t('_bx_invites_err_not_available'); } $sResult = MsgBox($sResult); } return array('content' => $sResult . $oForm->getCode()); }
function getNavItem($key, $label) { $query =& Dataface_Application::getInstance()->getQuery(); if (!isAdmin()) { switch ($key) { case 'help': return array('href' => DATAFACE_SITE_HREF . '?-action=help', 'label' => $label, 'selected' => $query['-action'] == 'help'); // non-admin users can see these throw new Exception("Use default rendering"); } // Non-admin users can't see any other table. return null; } else { //Admin users can see everything.. switch ($key) { case 'help': // reports is not a table so we need to return custom properties. return array('href' => DATAFACE_SITE_HREF . '?-action=help', 'label' => $label, 'selected' => $query['-action'] == 'help'); } // For other actions we need to make sure that they aren't selected // if the current action is reports because we want the 'reports' // tab to be selected only in that case. return array('selected' => $query['-table'] == $key and $query['-action'] != 'help'); } }
function requireAdmin() { global $service, $session; if (isAdmin()) return true; if (empty($session['id']) || !isLoggedIn()) requireLogin(); func::printError(_t('이 페이지에 접근할 권한이 없습니다.')); requireLogin(); }
public function isRemoveAllowed($aCmt, $isPerformAction = false) { if (isAdmin()) { return true; } return false; }
function exec($args, $stdin, &$stdout, &$stderr, &$system) { if (!isAdmin()) { $stderr = ucf(i18n("not enough rights to set initial metadata")); return true; } if (empty($args)) { $stdout = "Usage: maddinit [class name] [metadata name] [value]\n"; $stdout .= "Example: maddinit file_folder view thumbnail"; } else { list($class_name, $name, $value) = splitArgs($args); $return = setInitialMetadata($class_name, $name, $value); if ($return === true) $stdout = "Updated metadata successfully"; else $stderr = $return; } return true; }
function checkAdmin() { if (!isAdmin()) { header('Location: login.php?msg=notAdmin'); exit; } }
function Profile() { parent::Controller(); $this->load->library('validation'); $this->load->library('session'); $this->load->model('user'); $this->auth->verificaLogin(); /*-------------validações------------*/ $rules['nome'] = "trim|required|xss_clean"; if (!isAdmin()) { $rules['telefone'] = "trim|required|xss_clean"; } $requerido = $this->pass_check($this->input->post('senha2')); $rules['senha'] = "trim" . $requerido . "|callback_senha_check"; $requerido = $this->pass_check($this->input->post('senha')); $rules['senha2'] = "trim|matches[senha3]" . $requerido; $rules['senha3'] = "trim|" . $requerido; $this->validation->set_rules($rules); $fields['nome'] = 'Nome'; $fields['telefone'] = 'Telefone'; $fields['senha'] = 'Senha antiga'; $fields['senha2'] = 'Nova senha'; $fields['senha3'] = 'Confirmação da senha'; $this->validation->set_fields($fields); $this->validation->set_message('required', 'O campo <i>%s</i> não pode ser vazio!'); $this->validation->set_message('senha_check', '%s não confere!'); $this->validation->set_message('valid_email', 'O campo <i>%s</i> não contém um email válido!'); $this->validation->set_message('matches', 'Senhas não conferem!'); $this->validation->set_error_delimiters('<small class="error">', '</small>'); }
function login() { $data = array('logged' => $this->auth->logged(), 'page_title' => 'Login', 'titulo' => 'Efetuar login'); if ($this->validation->run()) { $dados = array('email' => $this->input->post('email'), 'senha' => md5($this->input->post('senha'))); $dados = $this->input->xss_clean($dados); if ($this->user->loginUser($dados)) { $user = $this->user->getUserDataByEmail($dados['email']); $session_data = array('email' => $user['email'], 'logado' => true, 'nome' => $user['nome'], 'ativo' => $user['status']); $this->session->set_userdata($session_data); if (isAdmin()) { if ($user['controle'] == 'first_login') { $this->messages->add('Verificamos que esta é a primeira vez que está acessando o sistema, você precisa trocar a senha neste momento.', 'warning'); // Atualiza o controle de promeiro acesso $dados = array('controle' => ""); $this->user->updateUser($dados); redirect('profile'); die; } else { redirect('admin'); die; } } else { redirect(getLastUri()); die; } } $this->messages->add("Usuário ou senha inválida!"); } $this->load->view('inicio', $data); return false; }
function getBlockCode_ActionList() { $sCode = null; $sMainPrefix = $this->oConfig->getMainPrefix(); bx_import('BxDolSubscription'); $oSubscription = BxDolSubscription::getInstance(); $aButton = $oSubscription->getButton($this->iProfileId, $sMainPrefix, '', (int) $this->aFileInfo['medID']); bx_import('BxDolAlbums'); $sProfileAlbumUri = BxDolAlbums::getAbumUri($this->oConfig->getGlParam('profile_album_name'), $this->iProfileId); $aReplacement = array('favorited' => $this->aFileInfo['favorited'] == false ? '' : 'favorited', 'featured' => (int) $this->aFileInfo['Featured'], 'featuredCpt' => '', 'approvedCpt' => '', 'approvedAct' => '', 'moduleUrl' => BX_DOL_URL_ROOT . $this->oConfig->getBaseUri(), 'fileUri' => $this->aFileInfo['medUri'], 'fileKey' => $this->aFileInfo['Hash'], 'fileExt' => $this->aFileInfo['medExt'], 'iViewer' => $this->iProfileId, 'ID' => (int) $this->aFileInfo['medID'], 'Owner' => (int) $this->aFileInfo['medProfId'], 'OwnerName' => $this->aFileInfo['NickName'], 'AlbumUri' => $this->aFileInfo['albumUri'], 'Tags' => bx_php_string_apos($this->aFileInfo['medTags']), 'TitleAvatar' => $this->aFileInfo['medProfId'] == $this->iProfileId && 'sys_avatar' == getParam('sys_member_info_thumb') ? _t('_' . $sMainPrefix . '_set_as_avatar') : '', 'SetAvatarCpt' => $this->aFileInfo['medProfId'] == $this->iProfileId && $sProfileAlbumUri == $this->aFileInfo['albumUri'] && 'bx_photos_thumb' == getParam('sys_member_info_thumb') ? _t('_' . $sMainPrefix . '_set_as_avatar') : '', 'sbs_' . $sMainPrefix . '_title' => $aButton['title'], 'sbs_' . $sMainPrefix . '_script' => $aButton['script'], 'shareCpt' => $this->oModule->isAllowedShare($this->aFileInfo) ? _t('_Share') : '', 'cropCpt' => $this->oModule->isAllowedEdit($this->aFileInfo) && $this->aFileInfo['medProfId'] == $this->iProfileId ? _t('_bx_photos_crop_action') : ''); if (isAdmin($this->iProfileId)) { $sMsg = $aReplacement['featured'] > 0 ? 'un' : ''; $aReplacement['featuredCpt'] = _t('_' . $sMainPrefix . '_action_' . $sMsg . 'feature'); } if ($this->oModule->isAllowedApprove($this->aFileInfo)) { $sMsg = ''; $iAppr = 1; if ($this->aFileInfo['Approved'] == 'approved') { $sMsg = 'de'; $iAppr = 0; } $aReplacement['approvedCpt'] = _t('_' . $sMainPrefix . '_admin_' . $sMsg . 'activate'); $aReplacement['approvedAct'] = $iAppr; } $sActionsList = $GLOBALS['oFunctions']->genObjectsActions($aReplacement, $sMainPrefix); if (!is_null($sActionsList)) { $sCode = $oSubscription->getData() . $sActionsList; } return $sCode; }
function popup() { $ou = $_GET["ou"]; $t = $_GET["t"]; $ldap = new clladp(); $tpl = new templates(); $page = CurrentPageName(); if (!is_numeric($t)) { $t = time(); } $EnCryptedFunction = $_GET["EnCryptedFunction"]; if (strlen($EnCryptedFunction) > 3) { $EnCryptedFunction = base64_decode($EnCryptedFunction) . "\n"; } else { $EnCryptedFunction = null; } if ($ou == null) { if (isAdmin()) { $OUS = $ldap->hash_get_ou(true); $FieldOu = Field_array_Hash($OUS, "ou-{$t}", null, null, null, 0, "font-size:18px"); } else { $FieldOu = Field_hidden("ou-{$t}", $_SESSION["ou"]) . "<span style='font-size:18px'>{$_SESSION["ou"]}</span>"; } } else { $FieldOu = Field_hidden("ou-{$t}", $ou) . "<span style='font-size:18px'>{$_SESSION["ou"]}</span>"; } $html = "\n\t\t\t\n\t<div id='animate-{$t}'></div>\t\t\n\t<table style='width:98%' class=form>\n\t\t<tr>\n\t\t <td class=legend style='font-size:18px'>{domain}:</td>\n\t\t <td>" . Field_text("domain-{$t}", null, "font-size:18px;font-weigth:bold", null, null, null, false, "AddDomainCk{$t}(event)") . "</td>\n\t\t</tr>\n\t\t<td class=legend style='font-size:18px'>{organization}:</td> \t\t\n\t\t <td>{$FieldOu}</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td colspan=2 align='right'>" . button("{add}", "AddDomain{$t}()", "20px") . "</td>\n\t\t</tr>\n\t</table>\n\t\t\t\t\t\n<script>\nvar x_AddDomain{$t}=function(obj){\n\tdocument.getElementById('animate-{$t}').innerHTML='';\n\tvar text;\n\ttext=obj.responseText;\n\tif(text.length>3){alert(text);return;}\n\t\$('#flexRT{$t}').flexReload();\n\tYahooUserHide();\n\t{$EnCryptedFunction}\n\t\n\t\n}\n\nfunction AddDomainCk{$t}(e){\n\tif(checkEnter(e)){ AddDomain{$t}();}\n}\n\nfunction AddDomain{$t}(){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('perform','yes');\n\tvar ou=document.getElementById('ou-{$t}').value;\n\tif(ou.length<3){alert('Organization:`'+ou+'` not supported');return;}\n\tXHR.appendData('ou',document.getElementById('ou-{$t}').value);\n\tXHR.appendData('domain',document.getElementById('domain-{$t}').value);\n\tAnimateDiv('animate-{$t}');\n\tXHR.sendAndLoad('{$page}', 'POST',x_AddDomain{$t}); \n}\n</script>\t\t\t\t\t\n"; echo $tpl->_ENGINE_parse_body($html); }
/** * Constructor * * Loads language files and models needed for this controller */ function ProjectCases() { parent::Controller(); //Check For Admin Logged in if (!isAdmin()) { redirect_admin('login'); } //Get Config Details From Db $this->config->db_config_fetch(); //Debug Tool //$this->output->enable_profiler=true; // loading the lang files $this->lang->load('admin/common', $this->config->item('language_code')); $this->lang->load('admin/dispute', $this->config->item('language_code')); $this->lang->load('admin/validation', $this->config->item('language_code')); //Load Models Common to all the functions in this controller $this->load->model('common_model'); $this->load->model('admin_model'); $this->load->model('dispute_model'); $this->load->model('email_model'); $this->load->model('skills_model'); //Load helper files $this->load->helper('form'); $this->load->helper('projectcases'); $this->load->helper('users'); }
function getMainMenu() { if (!isAdmin()) { return ''; } $sUri = $_SERVER['REQUEST_URI']; $sPath = parse_url(BX_DOL_URL_ROOT, PHP_URL_PATH); if ($sPath && $sPath != '/' && 0 == strncmp($sPath, $sUri, strlen($sPath))) { $sUri = substr($sUri, strlen($sPath) - strlen($sUri)); } $sUri = BX_DOL_URL_ROOT . $sUri; $sFile = basename($_SERVER['PHP_SELF']); $oPermalinks = new BxDolPermalinks(); $aMenu = $GLOBALS['MySQL']->getAll("SELECT `id`, `name`, `title`, `url`, `icon` FROM `sys_menu_admin` WHERE `parent_id`='0' ORDER BY `order`"); $aItems = array(); foreach ($aMenu as $aMenuItem) { $aMenuItem['url'] = str_replace(array('{siteUrl}', '{siteAdminUrl}'), array(BX_DOL_URL_ROOT, BX_DOL_URL_ADMIN), $aMenuItem['url']); $bActiveCateg = $sFile == 'index.php' && !empty($_GET['cat']) && $_GET['cat'] == $aMenuItem['name']; $aSubmenu = $GLOBALS['MySQL']->getAll("SELECT * FROM `sys_menu_admin` WHERE `parent_id`='" . $aMenuItem['id'] . "' ORDER BY `order`"); $aSubitems = array(); foreach ($aSubmenu as $aSubmenuItem) { $aSubmenuItem['url'] = $oPermalinks->permalink($aSubmenuItem['url']); $aSubmenuItem['url'] = str_replace(array('{siteUrl}', '{siteAdminUrl}'), array(BX_DOL_URL_ROOT, BX_DOL_URL_ADMIN), $aSubmenuItem['url']); if (!defined('BX_DOL_ADMIN_INDEX') && $aSubmenuItem['url'] != '' && (strpos($sUri, $aSubmenuItem['url']) !== false || strpos($aSubmenuItem['url'], $sUri) !== false)) { $bActiveCateg = $bActiveItem = true; } else { $bActiveItem = false; } $aSubitems[] = BxDolAdminMenu::_getMainMenuSubitem($aSubmenuItem, $bActiveItem); } $aItems[] = BxDolAdminMenu::_getMainMenuItem($aMenuItem, $aSubitems, $bActiveCateg); } return $GLOBALS['oAdmTemplate']->parseHtmlByName('main_menu.html', array('bx_repeat:items' => $aItems)); }
function getRestriction() { $sWhereSQL = parent::getRestriction(); $oMain = $this->getAdsMain(); if (isset($this->aCurrent['third_restr']) && $this->aCurrent['third_restr'] != '') { $sWhereSQL .= " AND {$this->aCurrent['third_restr']} "; } if (isset($this->aCurrent['custom_filter1']) && $this->aCurrent['custom_filter1'] != '') { $sWhereSQL .= " AND {$this->aCurrent['custom_filter1']} "; } if (isset($this->aCurrent['custom_filter2']) && $this->aCurrent['custom_filter2'] != '') { $sWhereSQL .= " AND {$this->aCurrent['custom_filter2']} "; } $bSpec = isAdmin(); $sSign = "<"; $sTimeCheck = " AND UNIX_TIMESTAMP() - `{$oMain->_oConfig->sSQLPostsTable}`.`LifeTime`*24*60*60 __sign__ `{$oMain->_oConfig->sSQLPostsTable}`.`DateTime`"; switch ($this->aCurrent['second_restr']) { case 'expired': $sSign = ">"; $bSpec = FALSE; break; case 'manage': $sSign = "<"; $bSpec = FALSE; break; case 'outtime': $sTimeCheck = ""; break; } if (!$bSpec) { $sWhereSQL .= str_replace('__sign__', $sSign, $sTimeCheck); } return $sWhereSQL; }
public function index() { if (isAdmin()) { if (strtolower($_SERVER['REQUEST_METHOD']) == 'post') { $todo_with_post = $this->input->post('todo'); if ($todo_with_post == 'udeast003') { $this->Mdl_email_settings->setData('update', $this->input->post()); if ($this->Mdl_email_settings->update()) { setInformUser('success', 'Email settings updated successfully.'); redirect('Email_settings', 'refresh'); } else { setInformUser('error', 'Some error occured'); redirect('Email_settings', 'refresh'); } } } else { $data['active'] = 2; $data['email_settings'] = $this->Mdl_email_settings->toArray(); $this->load->view('admin/header', $data); $this->load->view('index', $data); $this->load->view('admin/footer'); } } else { setInformUser('error', 'You don\'t have the permission [\'access email settings \'].'); redirect(base_url('users')); } }
/** * Smarty function * ------------------------------------------------------------- * Purpose: Output multilang string * add [{ oxmultilang ident="..." }] where you want to display content * ------------------------------------------------------------- * * @param array $params params * @param Smarty &$smarty clever simulation of a method * * @return string */ function smarty_function_oxmultilang($params, &$smarty) { startProfile("smarty_function_oxmultilang"); $sIdent = isset($params['ident']) ? $params['ident'] : 'IDENT MISSING'; $iLang = null; $blAdmin = isAdmin(); $oLang = oxLang::getInstance(); if ($blAdmin) { $iLang = $oLang->getTplLanguage(); if (!isset($iLang)) { $iLang = 0; } } try { $sTranslation = $oLang->translateString($sIdent, $iLang, $blAdmin); } catch (oxLanguageException $oEx) { // is thrown in debug mode and has to be caught here, as smarty hangs otherwise! } if ($blAdmin && $sTranslation == $sIdent && (!isset($params['noerror']) || !$params['noerror'])) { $sTranslation = '<b>ERROR : Translation for ' . $sIdent . ' not found!</b>'; } if ($sTranslation == $sIdent && isset($params['alternative'])) { $sTranslation = $params['alternative']; } stopProfile("smarty_function_oxmultilang"); return $sTranslation; }
/** * Check if menu items are visible with extended checking * @param $a menu item array * @return boolean */ protected function _isVisible($a) { if ($a['name'] == 'studio' && !isAdmin()) { return false; } return parent::_isVisible($a); }
/** * Change password */ public function actionChangepassword() { if (isAdmin()) { $this->layout = '//layouts/main'; } $model = new UserChangePassword(); if (Yii::app()->user->id) { // ajax validator if (isset($_POST['ajax']) && $_POST['ajax'] === 'changepassword-form') { echo UActiveForm::validate($model); Yii::app()->end(); } if (isset($_POST['UserChangePassword'])) { $model->attributes = $_POST['UserChangePassword']; if ($model->validate()) { //$new_password = User::model()->notsafe()->findbyPk(Yii::app()->user->id); $new_password = User::model()->findbyPk(Yii::app()->user->id); $new_password->password = UserModule::encrypting($model->password); $new_password->activkey = UserModule::encrypting(microtime() . $model->password); if ($new_password->save()) { Yii::app()->user->setFlash('success', UserModule::t("Thay đổi mật khẩu thành công")); $this->redirect(array("profile")); } else { Yii::app()->user->setFlash('error', UserModule::t("Thay đổi mật khẩu không thành công")); } } } $this->render('changepassword', array('model' => $model)); } }
public function __construct() { parent::__construct(); if (!isAdmin()) { redirect('admin/login'); } }
function service($aToken) { if (!isAdmin($aToken['user_id'])) { $this->errorOutput(403, 'access_denied', 'Only admin can access service endpoint'); return false; } bx_login($aToken['user_id'], false, false); $sUri = bx_get('uri'); $sMethod = bx_get('method'); if (!($aParams = bx_get('params'))) { $aParams = array(); } elseif (is_string($aParams) && preg_match('/^a:[\\d+]:\\{/', $aParams)) { $aParams = @unserialize($aParams); } if (!is_array($aParams)) { $aParams = array($aParams); } if (!($sClass = bx_get('class'))) { $sClass = 'Module'; } if (!BxDolRequest::serviceExists($sUri, $sMethod, $sClass)) { $this->errorOutput(404, 'not_found', 'Service was not found'); return false; } $mixedRet = BxDolService::call($sUri, $sMethod, $aParams, $sClass); $this->output(array('uri' => $sUri, 'method' => $sMethod, 'data' => $mixedRet)); }
function userNav() { global $_COOKIE; $n['View realtime logs'] = "/"; $n['Settings'] = "/settings"; $n['Feedbacks'] = "/feedbacks"; if (isAdmin()) { $n['Admin'] = "/admin"; } $c = 1; foreach ($n as $title => $link) { if ($_SERVER['REQUEST_URI'] == $link || strpos($_SERVER['REQUEST_URI'], $link . "?") === 0) { echo "<strong>" . htmlentities($title) . "</strong> "; } else { echo "<a href=\"{$link}\">" . htmlentities($title) . "</a> "; } if ($c++ != count($n)) { echo " | "; } } $allowed = getAllowed(); if (count($allowed)) { $ru = isset($_COOKIE['requser']) ? $_COOKIE['requser'] : userName(); echo " | <select id=\"seluser\" onchange=\"switchUser()\">"; echo "<option value=\"\">" . utf8entities(userName()) . "</option>"; foreach ($allowed as $id) { $name = getUsernameById($id); $selected = $ru == $name ? "selected" : ""; echo "<option {$selected} value=\"" . urlencode($name) . "\">" . utf8entities($name) . "</option>"; } echo "</select>"; } }
public function POST($args) { if (!isAdmin()) { return; } if (!isset($_POST['tournamentId'])) { echo 'No tournament id given'; return; } if (!isset($_POST['teamAId'])) { echo 'No team a id given'; return; } if (!isset($_POST['teamBId'])) { echo 'No team b id given'; return; } if (!isset($_POST['date'])) { echo 'No date given'; return; } if (!isset($_POST['finalType'])) { echo 'No final type given'; return; } global $database; try { $id = $database->addMatch($_POST['teamAId'], $_POST['teamBId'], -1, -1, NULL, strtotime($_POST['date']), $_POST['tournamentId'], $_POST['finalType']); header('Location: ' . SITE_URL . 'admin/match/' . $id . '/edit'); } catch (exception $e) { $this->theme = 'error.php'; } }
public function files() { if (!isAdmin()) { exit(L('all.notlogin')); } $folders = F('folders'); $foldersoption = F('foldersoption'); $folderrow = $folders[I('get.folderid')]; import('ORG.Util.Page'); $attach = D('attachments'); $count = $attach->where($map)->count(); $Page = new \Org\Util\Page($count, 10); $Page->rollPage = 5; $show = $Page->show(); // 进行分页数据查询 $page = intval(I('get.page')); $nowPage = isset($page) ? $page : 1; $list = $attach->order('uploadtime DESC')->where('folderid=' . I('get.folderid'))->page($nowPage . ',' . $Page->listRows)->select(); $this->assign('list', $list); // 赋值数据集 $this->assign('page', $show); // 赋值分页输出 $this->assign('folderrow', $folderrow); $this->assign('foldersoption', $foldersoption); $this->display(); // 输出模板 }
function getBlockCode_ActionList() { $sCode = null; $sMainPrefix = $this->oConfig->getMainPrefix(); bx_import('BxDolSubscription'); $oSubscription = BxDolSubscription::getInstance(); $aButton = $oSubscription->getButton($this->iProfileId, $sMainPrefix, '', (int) $this->aFileInfo['medID']); $sCode .= $oSubscription->getData(); $aReplacement = array('favorited' => $this->aFileInfo['favorited'] == false ? '' : 'favorited', 'featured' => (int) $this->aFileInfo['Featured'], 'featuredCpt' => '', 'approvedCpt' => '', 'approvedAct' => '', 'moduleUrl' => BX_DOL_URL_ROOT . $this->oConfig->getBaseUri(), 'fileUri' => $this->aFileInfo['medUri'], 'iViewer' => $this->iProfileId, 'ID' => (int) $this->aFileInfo['medID'], 'Owner' => (int) $this->aFileInfo['medProfId'], 'OwnerName' => $this->aFileInfo['NickName'], 'AlbumUri' => $this->aFileInfo['albumUri'], 'sbs_' . $sMainPrefix . '_title' => $aButton['title'], 'sbs_' . $sMainPrefix . '_script' => $aButton['script'], 'shareCpt' => $this->oModule->isAllowedShare($this->aFileInfo) ? _t('_Share') : '', 'downloadCpt' => $this->oModule->isAllowedDownload($this->aFileInfo) ? _t('_Download') : ''); if (isAdmin($this->iProfileId)) { $sMsg = $aReplacement['featured'] > 0 ? 'un' : ''; $aReplacement['featuredCpt'] = _t('_' . $sMainPrefix . '_action_' . $sMsg . 'feature'); } if ($this->oModule->isAllowedApprove($this->aFileInfo)) { $sMsg = ''; $iAppr = 1; if ($this->aFileInfo['Approved'] == 'approved') { $sMsg = 'de'; $iAppr = 0; } $aReplacement['approvedCpt'] = _t('_' . $sMainPrefix . '_admin_' . $sMsg . 'activate'); $aReplacement['approvedAct'] = $iAppr; } $aReplacement['repostCpt'] = $aReplacement['repostScript'] = ''; if (BxDolRequest::serviceExists('wall', 'get_repost_js_click')) { $sCode .= BxDolService::call('wall', 'get_repost_js_script'); $aReplacement['repostCpt'] = _t('_Repost'); $aReplacement['repostScript'] = BxDolService::call('wall', 'get_repost_js_click', array($this->iProfileId, $sMainPrefix, 'add', (int) $this->aFileInfo['medID'])); } $sActionsList = $GLOBALS['oFunctions']->genObjectsActions($aReplacement, $sMainPrefix); if (is_null($sActionsList)) { return ''; } return $sCode . $sActionsList; }
function index($info = "") { $menuList[] = array('id' => 1, 'name' => $this->spTextPanel['Website Manager'], 'url_section' => 'websites'); if (isAdmin()) { $menuList[] = array('id' => 2, 'name' => $this->spTextPanel['User Manager'], 'url_section' => 'users'); } if (isLoggedIn()) { $menuList[] = array('id' => 3, 'name' => $this->spTextPanel['Reports Manager'], 'url_section' => 'report-manager'); } if (isAdmin()) { $menuList[] = array('id' => 4, 'name' => $this->spTextPanel['Seo Tools Manager'], 'url_section' => 'seo-tools-manager'); $menuList[] = array('id' => 5, 'name' => $this->spTextPanel['Seo Plugins Manager'], 'url_section' => 'seo-plugin-manager'); $menuList[] = array('id' => 6, 'name' => $this->spTextPanel['Directory Manager'], 'url_section' => 'directory-manager'); $menuList[] = array('id' => 11, 'name' => $this->spTextPanel['Search Engine Manager'], 'url_section' => 'se-manager'); $menuList[] = array('id' => 9, 'name' => $this->spTextPanel['Proxy Manager'], 'url_section' => 'proxy-manager'); $menuList[] = array('id' => 7, 'name' => $this->spTextPanel['System Settings'], 'url_section' => 'settings'); } $menuList[] = array('id' => 8, 'name' => $this->spTextPanel['My Profile'], 'url_section' => 'my-profile'); $menuList[] = array('id' => 10, 'name' => $this->spTextPanel['About Us'], 'url_section' => 'about-us'); $menuSelected = empty($info['menu_selected']) ? 'websites' : urldecode($info['menu_selected']); $this->set('menuList', $menuList); $this->set('menuSelected', $menuSelected); $startScript = empty($info['start_script']) ? "websites.php" : urldecode($info['start_script']); if (!stristr($startScript, '.php')) { $startScript .= ".php"; } $arguments = ""; foreach ($info as $key => $value) { if (!in_array($key, array('menu_selected', 'start_script'))) { $arguments .= "&{$key}=" . urldecode($value); } } $this->set('startFunction', "scriptDoLoad('{$startScript}', 'content', '{$arguments}')"); $this->render('adminpanel/adminpanel'); }
/** * Displays the login page */ public function actionLogin() { if (Yii::app()->user->isGuest) { $model = new UserLogin(); // collect user input data if (isset($_POST['UserLogin'])) { $model->attributes = $_POST['UserLogin']; // validate user input and redirect to previous page if valid if ($model->validate()) { $this->lastViset(); if (Yii::app()->user->returnUrl == '/index.php') { $this->redirect(Yii::app()->controller->module->returnUrl); } else { if (isAdmin()) { $this->redirect(PIUrl::createUrl('/admin')); } $this->redirect(Yii::app()->user->returnUrl); } } } // display the login form $this->render('/user/login', array('model' => $model)); } else { if (isAdmin()) { $this->redirect(PIUrl::createUrl('/admin')); } $this->redirect(Yii::app()->controller->module->returnUrl); } }
function guestOnly() { global $config; if (isAdmin()) { redirect($config['url']); } }