function generateData() { global $current_user; $params = $this->params; $this->user_id = isset($params['user_id']) ? $params['user_id'] : false; $this->post_id = isset($params['post_id']) ? $params['post_id'] : false; $this->type = isset($params['type']) ? $params['type'] : 'self'; switch ($this->action) { case 'list': switch ($this->mode) { case 'last': $this->getEvents($all = true); break; case 'user': $this->getUserEvents(); break; default: $this->getEvents($all = false); break; } break; case 'new': Error::CheckThrowAuth(User::ROLE_READER_UNCONFIRMED); break; case 'show': $this->getEvent(); break; default: throw new Exception('no action #' . $this->action . ' for ' . $this->moduleName); break; } }
private static function parse($path) { $path = trim($path); $libmodules = array(); if (file_exists($path)) { convertXmlObjToArr($xml = simplexml_load_file($path), $structure); } else { throw new Exception('[' . $path . '] cant be loaded'); } $i = 0; foreach ($structure[0]['@children'] as $children) { if (in_array($children['@name'], array('stylesheet', 'javascript'))) { self::$data[$children['@name']][] = $children['@attributes']; } else { if (in_array($children['@name'], array('layout'))) { self::$data[$children['@name']]['file'] = $children['@attributes']['file']; } else { if (in_array($children['@name'], array('role'))) { self::$data[$children['@name']]['need'] = $children['@attributes']['need']; } else { self::$data[$children['@name']] = $children['@text']; } } } } if (isset(self::$data['role']['need'])) { Error::CheckThrowAuth(self::$data['role']['need']); } // вынимаем модули $i = 0; $j = 0; foreach ($structure[1]['@children'] as $data) { $container = $data['@name']; foreach ($data['@children'] as $module) { $i++; $libmodules[$i] = $module['@attributes']; $libmodules[$i]['container'] = $container; if (isset($module['@children'])) { foreach ($module['@children'] as $param) { if ($param['@name'] == 'param') { $libmodules[$i]['params'][$j++] = $param['@attributes']; } } } } } //navigations if (isset($structure[2])) { /* @var $xml SimpleXMLElement */ $dom = new DOMDocument(); self::$navigations_string = $xml->navigations->asXML(); $dom->loadXML(self::$navigations_string); self::$navigations = $dom->getElementsByTagName('navigations')->item(0); } foreach ($libmodules as $module) { self::$modules[] = $module; } }
public static function XMLToArray($path_to_structure, $path_to_default) { self::parse($path_to_default); self::parse($path_to_structure); self::$data['path'] = $path_to_structure; if (!self::getLayoutPath()) throw new Exception('missed layout header in structure file ' . $path_to_structure); if (isset(self::$data['role']['need'])) Error::CheckThrowAuth(self::$data['role']['need']); }
private static function parse($path) { $path = trim($path); $libmodules = array(); if (file_exists($path)) { convertXmlObjToArr(simplexml_load_file($path), $structure); } else { throw new Exception('[' . $path . '] cant be loaded'); } $i = 0; foreach ($structure[0]['@children'] as $children) { if (in_array($children['@name'], array('stylesheet', 'javascript'))) { self::$data[$children['@name']][] = $children['@attributes']; } else { if (in_array($children['@name'], array('layout'))) { self::$data[$children['@name']]['file'] = $children['@attributes']['file']; } else { if (in_array($children['@name'], array('role'))) { self::$data[$children['@name']]['need'] = $children['@attributes']['need']; } else { self::$data[$children['@name']] = $children['@text']; } } } } if (isset(self::$data['role']['need'])) { Error::CheckThrowAuth(self::$data['role']['need']); } // вынимаем модули $i = 0; $j = 0; foreach ($structure[1]['@children'] as $data) { $container = $data['@name']; foreach ($data['@children'] as $module) { $i++; $libmodules[$i] = $module['@attributes']; $libmodules[$i]['container'] = $container; if (isset($module['@children'])) { foreach ($module['@children'] as $param) { if ($param['@name'] == 'param') { $libmodules[$i]['params'][$j++] = $param['@attributes']; } } } } } foreach ($libmodules as $module) { self::$modules[] = $module; } }
public static function can($user, $action, $target_user = false, $throwError = false) { /* @var $user User */ $user_role = max(User::ROLE_ANON, $user->getRole()); if (!isset(self::$actions[$user_role])) { throw new Exception('no role #' . $user_role . ' AccessRules::can()'); } if (!isset(self::$actions[$user_role][$action])) { throw new Exception('no action #' . $action . ' AccessRules::can() for role #' . $user_role); } $rule = self::$actions[$user_role][$action]; if ($rule === false) { return $throwError ? Error::CheckThrowAuth() : false; } if ($rule === true) { return true; } // if it is user's role if ($rule >= $target_user->getRole()) { return true; } return $throwError ? Error::CheckThrowAuth($rule) : false; }
function write() { global $current_user; /* @var $current_user CurrentUser */ if (!$current_user->authorized) { Error::CheckThrowAuth(); } $mask = array('id' => 'int', 'bday' => 'string', 'city_id' => 'int', 'role' => array('type' => 'int', '*' => true), 'link_fb' => array('type' => 'string', '*' => true), 'link_vk' => array('type' => 'string', '*' => true), 'link_lj' => array('type' => 'string', '*' => true), 'link_tw' => array('type' => 'string', '*' => true), 'quote' => array('type' => 'string', '*' => true), 'about' => array('type' => 'string', '*' => true)); $params = Request::checkPostParameters($mask); $uid = isset($params['id']) ? $params['id'] : 0; if (!$uid) { throw new Exception('illegal user id'); } if ($current_user->id != $params['id']) { if ($current_user->getRole() >= User::ROLE_SITE_ADMIN) { $editing_user = Users::getByIdsLoaded(array($params['id'])); $editing_user = isset($editing_user[$params['id']]) ? $editing_user[$params['id']] : false; } } else { $editing_user = $current_user; } if ($editing_user) { //avatar if (isset($_FILES['picture']) && $_FILES['picture']['tmp_name']) { $filename = Config::need('avatar_upload_path') . '/' . $editing_user->id . '.jpg'; $upload = new UploadAvatar($_FILES['picture']['tmp_name'], 50, 50, "simple", $filename); $filename = Config::need('avatar_upload_path') . '/big_' . $editing_user->id . '.jpg'; $upload = new UploadAvatar($_FILES['picture']['tmp_name'], 100, 100, "simple", $filename); if ($upload->out) { $editing_user->setProperty('avatar', 'jpg'); } else { throw new Exception('cant copy file to ' . $filename, 100); } } if ($editing_user->getRole() < User::ROLE_SITE_ADMIN) { if ($current_user->getRole() >= User::ROLE_SITE_ADMIN) { if (($new_role = (int) $params['role']) !== false) { foreach (Users::$rolenames as $id => $name) { if ($id == $new_role) { if ($new_role <= User::ROLE_SITE_ADMIN) { $editing_user->setRole($new_role); } } } } } } //bday $editing_user->setProperty('bday', max(0, (int) @strtotime($params['bday']))); // city $editing_user->setProperty('city_id', $params['city_id']); // facebook etc $editing_user->setPropertySerialized('link_fb', $params['link_fb']); $editing_user->setPropertySerialized('link_vk', $params['link_vk']); $editing_user->setPropertySerialized('link_tw', $params['link_tw']); $editing_user->setPropertySerialized('link_lj', $params['link_lj']); $params['quote'] = htmlspecialchars($params['quote']); $params['about'] = htmlspecialchars($params['about']); $editing_user->setPropertySerialized('quote', $params['quote']); $editing_user->setPropertySerialized('about', $params['about']); $editing_user->save(); // после редактирования профиля надо посбрасывать кеш со страницы профиля // и со страницы редактирования профиля // кеш в остальных модулях истечет сам Users::dropCache($editing_user->id); } else { Error::CheckThrowAuth(User::ROLE_SITE_ADMIN); } }
function getProfile($edit = false) { global $current_user; /* @var $current_user CurrentUser */ /* @var $user User */ $user = $current_user->id === $this->id ? $current_user : Users::getById($this->id); if ($edit && $user->id != $current_user->id) { Error::CheckThrowAuth(User::ROLE_SITE_ADMIN); } if ($edit) { foreach (Users::$rolenames as $id => $role) { $this->data['roles'][] = array('id' => $id, 'title' => $role); } } $this->data['profile'] = $user->getXMLInfo(); $this->data['profile']['role'] = $user->getRole(); $this->data['profile']['nickname'] = $user->getNickName(); $this->data['profile']['lang'] = $user->getLanguage(); $this->data['profile']['city_id'] = $user->getProperty('city_id'); $this->data['profile']['city'] = Database::sql2single('SELECT `name` FROM `lib_city` WHERE `id`=' . (int) $user->getProperty('city_id')); $this->data['profile']['picture'] = $user->getAvatar(); $this->data['profile']['rolename'] = $user->getRoleName(); $this->data['profile']['bday'] = $user->getBday(date('d-m-Y'), 'd-m-Y'); $this->data['profile']['path'] = $user->getUrl(); $this->data['profile']['path_edit'] = $user->getUrl() . '/edit'; $this->data['profile']['bdays'] = $user->getBday('неизвестно', 'd.m.Y'); // additional $this->data['profile']['link_fb'] = $user->getPropertySerialized('link_fb'); $this->data['profile']['link_vk'] = $user->getPropertySerialized('link_vk'); $this->data['profile']['link_tw'] = $user->getPropertySerialized('link_tw'); $this->data['profile']['link_lj'] = $user->getPropertySerialized('link_lj'); $this->data['profile']['quote'] = $user->getPropertySerialized('quote'); $this->data['profile']['about'] = $user->getPropertySerialized('about'); // $this->data['profile']['path_message'] = Config::need('www_path').'/me/messages?to='.$user->id; $this->data['profile']['path_message'] = Config::need('www_path') . '/user/' . $user->getNickName() . '/contact'; }
function write() { global $current_user; /* @var $current_user CurrentUser */ $mask = array('id' => 'int', 'nickname' => array('type' => 'string', 'regexp' => '/^[A-Za-z][A-Za-z0-9_]+$/', 'min_length' => 3, 'max_length' => 26, '*' => true), 'role' => array('type' => 'int', '*' => true), 'link_fb' => array('type' => 'string', '*' => true), 'link_vk' => array('type' => 'string', '*' => true), 'link_lj' => array('type' => 'string', '*' => true), 'link_tw' => array('type' => 'string', '*' => true), 'quote' => array('type' => 'string', '*' => true), 'about' => array('type' => 'string', '*' => true)); $params = Request::checkPostParameters($mask); $uid = isset($params['id']) ? $params['id'] : 0; if (!$uid) { throw new Exception('illegal user id'); } if ($current_user->id != $params['id']) { if ($current_user->getRole() >= User::ROLE_BIBER) { $editing_user = Users::getByIdsLoaded(array($params['id'])); $editing_user = isset($editing_user[$params['id']]) ? $editing_user[$params['id']] : false; } } else { $editing_user = $current_user; } $current_user->can_throw('users_edit', $editing_user); if ($editing_user) { if (trim($params['nickname']) != $editing_user->getNickName()) { if (!$editing_user->checkNickChanging()) { throw new Exception('You can\'t change your nickname'); } } //avatar if (isset($_FILES['picture']) && $_FILES['picture']['tmp_name']) { $filename = Config::need('avatar_upload_path') . '/' . $editing_user->id . '.jpg'; $folder = Config::need('avatar_upload_path'); $filename_normal = $folder . '/default_' . $editing_user->id . '.jpg'; $filename_small = $folder . '/small_' . $editing_user->id . '.jpg'; $filename_big = $folder . '/big_' . $editing_user->id . '.jpg'; $filename_orig = $folder . '/orig_' . $editing_user->id . '.jpg'; $thumb = new Thumb(); $thumb->createThumbnails($_FILES['picture']['tmp_name'], array($filename_small, $filename_normal, $filename_big, $filename_orig), self::$cover_sizes); $editing_user->setProperty('picture', 1); $editing_user->setProperty('lastSave', time()); } if ($editing_user->getRole() < User::ROLE_SITE_ADMIN) { if ($current_user->getRole() == User::ROLE_BIBER) { if (($new_role = (int) $params['role']) !== false) { foreach (Users::$rolenames as $id => $name) { if ($id == $new_role) { if ($new_role < User::ROLE_SITE_ADMIN) { $editing_user->setRole($new_role); } } } } } if ($current_user->getRole() > User::ROLE_BIBER) { if (($new_role = (int) $params['role']) !== false) { foreach (Users::$rolenames as $id => $name) { if ($id == $new_role) { if ($new_role <= User::ROLE_SITE_ADMIN) { $editing_user->setRole($new_role); } } } } } } $editing_user->save(); // после редактирования профиля надо посбрасывать кеш со страницы профиля // и со страницы редактирования профиля // кеш в остальных модулях истечет сам Users::dropCache($editing_user->id); } else { Error::CheckThrowAuth(User::ROLE_SITE_ADMIN); } }