/** * 初始化 */ public function init() { parent::init(); $this->topic = new TopicModel(); $this->referer = isset($_SERVER["HTTP_REFERER"]) ? str_replace('http://' . $_SERVER['HTTP_HOST'], '', $_SERVER["HTTP_REFERER"]) : '/admin/index/index'; //设置白名单(在白名单内不需要tid,否则需要提供tid //这样可以避免在专题相关的控制器和方法中再次判断 用户对专题权限 $url_arr = array("/admin/topic/index", "/admin/topic/index/", "/admin/topicdata/index", "/admin/topicdata/index/", "/admin/topic/add/", "/admin/topic/add", "/admin/topicdata/trashindex", "/admin/topicdata/trashindex/"); if (!in_array($_SERVER['REQUEST_URI'], $url_arr)) { $tid = $this->getRequest()->getQuery("tid"); //如果不存在tid 非法请求 if (!$tid) { Alert::danger("非法请求"); Yaf_Controller_Abstract::redirect("/admin/topic/index/"); exit; } //根据tid查询当前用户是否是管理员或者是该专题的所有者,如果不是则提示权限不足 if (!$this->checkrole($tid)) { Alert::danger("权限不足"); Yaf_Controller_Abstract::redirect("/admin/topic/index/"); exit; } } //判断是否是管理员 并赋值给模板 $this->getView()->assign("is_admin", $this->is_admin()); }
/** * 将专题文章导出为excel表格 */ public function export2excelAction() { $data = []; $where = ''; $startTime = $this->getRequest()->getQuery('starttime') ? $this->getRequest()->getQuery('starttime') : date('Ymd', time()); $endTime = $this->getRequest()->getQuery('endtime') ? $this->getRequest()->getQuery('endtime') : date('Ymd', time()); if (!$this->is_admin()) { $where .= "userid=" . $this->_user['uid']; $where .= " AND status=1"; } else { $where .= " status=1"; } if ((int) $this->getRequest()->getQuery('tid')) { $tid = (int) $this->getRequest()->getQuery('tid'); $data['topic_name'] = $this->topic->get('topic', 'topic_name', ['topic_id' => $tid]); $where .= " AND tid= '{$tid}'"; } else { Alert::danger("参数错误"); Yaf_Controller_Abstract::redirect($this->referer); exit; } if ($this->getRequest()->getPost('sid')) { $where .= " AND sid=" . $this->getRequest()->getPost('sid'); $this->getView()->assign('sid', $this->getRequest()->getPost('sid')); } elseif ($this->getRequest()->getQuery('sid')) { $where .= " AND sid=" . $this->getRequest()->getQuery('sid'); $this->getView()->assign('sid', $this->getRequest()->getQuery('sid')); } //判断是否有搜索条件 if ($this->getRequest()->getPost('id', 0)) { $where .= " AND id=" . $this->getRequest()->getPost('id'); $this->getView()->assign('id', $this->getRequest()->getPost('id')); } if ($this->getRequest()->getPost('title', 0)) { $where .= " AND title LIKE '%" . $this->getRequest()->getPost('title'); $where .= "%'"; $this->getView()->assign('title', $this->getRequest()->getPost('title')); } if ($startTime && $endTime) { $startTime = strtotime($startTime . '000000'); $endTime = strtotime($endTime . '235959'); if ($startTime < $endTime) { $where .= " AND (inputtime BETWEEN '{$startTime}' AND '{$endTime}')"; } else { Alert::danger("参数错误"); Yaf_Controller_Abstract::redirect($this->referer); exit; } } else { Alert::danger("参数错误"); Yaf_Controller_Abstract::redirect($this->referer); exit; } $where2 = $where; $where .= " ORDER BY id ASC"; $sql = "SELECT id,title,tid,sid,userid,username,status,inputtime FROM topic_data WHERE {$where}"; //echo $sql; $data['data'] = $this->topic->query($sql); //获取专题path foreach ($data['data'] as $k => $v) { $data['data'][$k]['topic_path'] = $this->topic->get("topic", "topic_path", ["topic_id" => $v['tid'], "LIMIT" => 1]); } unset($where); //获取当期用户所有的栏目 if (!$this->is_admin()) { $where['userid'] = $this->_user['uid']; } $where['ORDER'] = ["parent_id ASC", "id ASC"]; $subclass_list = $this->topic->select('topic_subclass', ['id', 'title', 'path'], $where); foreach ($subclass_list as $k => $v) { $subclass[$v['id']] = $v; } $this->getView()->assign('subclass', $subclass); $this->getView()->assign('subclass_list', $subclass_list); $this->getView()->assign('data', $data); }
} else { echo "<a href='#' class='ui secondary button disabled'>Install</a><br><br>"; } $step = 1; $done = false; /* * Step 1 * Install database */ if (isset($_POST["post1"])) { $sql_host = $_POST["sql_host"]; $sql_name = $_POST["sql_name"]; $sql_user = $_POST["sql_user"]; $sql_pass = $_POST["sql_pass"]; if (empty($sql_host) || empty($sql_name) || empty($sql_user) || empty($sql_pass)) { echo $alert->danger("Tous les champs sont requis!"); } else { try { $pdo = new PDO("mysql:host={$sql_host};dbname={$sql_name};", $sql_user, $sql_pass, array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION)); $sql_error = false; } catch (PDOException $ex) { $sql_error = true; } if ($sql_error == true) { echo $alert->danger("Erreur MySQL!"); } else { $dbFile = fopen("../app/Config/database.php", "w"); $databaseStructure = "<?php\nclass DATABASE_CONFIG {\n public \$default = array(\n 'datasource' => 'Database/Mysql',\n 'persistent' => false,\n 'host' => '{$sql_host}', // Hôte\n 'login' => '{$sql_user}', // Nom d'utilisateur\n 'password' => '{$sql_pass}', // Mot de passe\n 'database' => '{$sql_name}', // Database\n 'prefix' => 'extaz_',\n 'encoding' => 'utf8',\n );\n}"; fwrite($dbFile, $databaseStructure); fclose($dbFile); $sql = file_get_contents("ExtazCMS.sql");
/** * 删除栏目 * @param void * @return void */ function deleteAction() { //接收参数 $category_id = (int) $_GET['cid']; //暂不考虑管理员权限 if ($category_id) { $result = $this->category->delete_category($category_id); if (!$result) { Alert::danger('删除失败'); Yaf_Controller_Abstract::redirect("/admin/category/index/"); } else { Alert::success('删除成功'); Yaf_Controller_Abstract::redirect("/admin/category/index/"); } } else { Yaf_Controller_Abstract::redirect("/admin/category/index/"); } exit; }
/** * 改变专题状态 */ public function changeTopicStatusAction() { (int) ($topic_id = $this->getRequest()->getQuery('tid')); $data['is_show'] = $this->getRequest()->getQuery('isshow'); if (!$topic_id) { Alert::danger("非法请求"); Yaf_Controller_Abstract::redirect($this->referer); exit; } //判断当前操作者是否具有权限 if (!$this->checkrole($topic_id)) { Alert::danger("权限错误"); Yaf_Controller_Abstract::redirect($this->referer); exit; } if ($this->topic->update('topic', $data, ['topic_id' => $topic_id])) { Alert::success("操作成功"); Yaf_Controller_Abstract::redirect($this->referer); } else { Alert::danger("操作失败"); Yaf_Controller_Abstract::redirect($this->referer); } exit; }
/** * 改变子类的状态 */ public function changeSubStatus() { $subclass_id = $this->getRequest()->getQuery('sid'); if (!$subclass_id) { Alert::danger("非法请求"); Yaf_Controller_Abstract::redirect($this->referer); exit; } //判断当前操作者是否具有权限 if (!$this->checkrole($subclass_id, "topic_subclass")) { Alert::danger("权限出错"); Yaf_Controller_Abstract::redirect($this->referer); exit; } $data['status'] = $this->getRequest()->getQuery('status'); if ($this->topic->update_subclass($subclass_id, $data)) { Alert::success("权限出错"); } else { Alert::danger("权限出错"); } Yaf_Controller_Abstract::redirect("/admin/topicsubclass/index/"); exit; }
/** * 将回收站里面的文章还原到文章列表中 * @author maczhis@gmail.com */ public function reductionAction() { $id = $this->getRequest()->getQuery('id'); if ($id) { $data['status'] = 99; $data['updatetime'] = $_SERVER['time']; if ($this->db_document->document_trash($id, $data)) { $memkey = MEMPREFIX . 'article:detail' . $id; $this->memcache->delete($memkey); Alert::success("操作成功"); } else { Alert::danger("操作失败"); } Yaf_Controller_Abstract::redirect("/admin/document/trashindex"); exit; } }
public function statusToggle($id) { $user = $this->usersRepo->findOrFail($id); if ($user->isBlocked()) { $user->blocked_at = null; \Alert::success("CMS::users.msg_user_unblocked"); } else { if ($user->id == $this->current_user->id) { \Alert::danger("CMS::users.msg_you_cant_block_yourself"); return redirect()->back(); } $user->blocked_at = Carbon::now(); \Alert::success("CMS::users.msg_user_blocked"); } $this->usersRepo->save($user); return redirect()->route('CMS::admin.users.edit', $user->id); }