public function CanView()
{
$superuser = Generic::isSuperAdmin();
$user_role = Generic::getUserRole();
if ($superuser || $user_role >= 5) {
return true;
}
return false;
}
/**
* Determines whether access to specific action is allowed or not.
* @param string $action the action to which the access is validated
* @return boolean true if access to specific action is allowed; false otherwise
*/
private function CanAccess($action = "")
{
$superuser = Generic::isSuperAdmin();
$user_role = Generic::getUserRole();
$allowed = false;
if ($user_role >= 5) {
$allowed = true;
}
if ($action == 'index') {
} else {
if ($action == 'admin') {
} else {
if ($action == 'create') {
} else {
if ($action == 'update') {
} else {
if ($action == 'delete') {
} else {
if ($action == 'view') {
} else {
if ($action == 'activate') {
} else {
if ($action == 'deactivate') {
} else {
if ($action == 'import') {
if (!$superuser) {
$allowed = false;
}
} else {
if ($action == 'export') {
if (!$superuser) {
$allowed = false;
}
}
}
}
}
}
}
}
}
}
}
return $allowed;
}
<div class="navbar navbar-inverse navbar-fixed-top">
<div class="navbar-inner">
<div class="container">
<?php
$superuser = Generic::isSuperAdmin();
$user_role = Generic::getUserRole();
$is_coordinator = false;
if ($user_role >= 5) {
$is_coordinator = Generic::isCoordinator();
}
$selectedCompany = null;
if (Yii::app()->user->getState("currentCompany")) {
// s$selectedCompany = Company::model()->findByPk(Yii::app()->user->getState("currentCompany"));
}
$leftMenu = array();
$rightMenu = array();
$showSystem = false;
if ($superuser == 1) {
$showSystem = true;
}
if ($user_role != null && $user_role > 0) {
if ($superuser == 0) {
if ($user_role == 10) {
$country_admin = Country::model()->search();
$showSystem = true;
}
/*
$modelData = Company::model()->search();
foreach ($modelData->getData() as $company)
{
/**
* Retrieves a list of models based on the current search/filter conditions.
* @return CActiveDataProvider the data provider that can return the models based on the search/filter conditions.
*/
public function search($show_all = false)
{
// Warning: Please modify the following code to remove attributes that
// should not be searched.
$criteria = new CDbCriteria();
if ($this->level_of_education == 0) {
$this->level_of_education = NULL;
}
$criteria->compare('id', $this->id);
$criteria->compare('active', $this->active);
$criteria->compare('country_id', $this->country_id);
$criteria->compare('name', $this->name, true);
$criteria->compare('level_of_education', $this->level_of_education);
$criteria->compare('class_from', $this->class_from);
$criteria->compare('class_to', $this->class_to);
$criteria->together = true;
$criteria->with = array('country');
$criteria->compare('`country`.`country`', $this->country_search, true);
$superuser = Generic::isSuperAdmin();
$user_role = Generic::getUserRole();
if ($superuser) {
// ok
} else {
if ($user_role == 10) {
// $countryAministrator = CountryAdministrator::model()->findAll('user_id=:user_id', array(':user_id' => Yii::app()->user->id));
$criteria->with[] = 'country.countryAdministrators';
$criteria->compare('`countryAdministrators`.`user_id`', Yii::app()->user->id);
$criteria->together = true;
}
}
$pagination = true;
if ($show_all) {
$pagination = false;
}
$options = array('criteria' => $criteria, 'sort' => array('attributes' => array('country_search' => array('asc' => 'country.name', 'desc' => 'country.name DESC'), '*')));
if ($pagination == false) {
$options['pagination'] = false;
}
return new CActiveDataProvider($this, $options);
}
public function actionGet()
{
$starttime = microtime(true);
if ($this->CanAccess('get')) {
$keys = array_keys($_GET);
if (count($keys) == 0) {
die;
}
$question_id = $keys[0];
$superuser = Generic::isSuperAdmin();
$user_role = Generic::getUserRole();
$allow = false;
if ($superuser || $user_role >= 10) {
$allow = true;
}
$competition_user_id = isset(Yii::app()->session['competition_user_id']) ? Yii::app()->session['competition_user_id'] : 0;
Yii::app()->session->close();
$criteria = new CDbCriteria();
$criteria->limit = 1;
$criteria->join = 'INNER JOIN competition_question on t.competition_question_id = competition_question.id';
$criteria->condition = 't.competition_user_id = :competition_user_id AND competition_question.question_id = :question_id';
$criteria->params = array(':question_id' => $question_id, ':competition_user_id' => $competition_user_id);
$competition_user_question = CompetitionUserQuestion::model()->find($criteria);
//$competition_user_question = CompetitionUserQuestion::model()->with('competitionQuestion')->find('competitionQuestion.question_id=:question_id and t.competition_user_id=:competition_user_id', array(':question_id' => $question_id, ':competition_user_id' => $competition_user_id));
if ($competition_user_question != null) {
$allow = true;
}
if ($allow) {
$path = '';
foreach ($_GET as $key => $value) {
$path .= $key . '/';
if ($value != '') {
$path .= $value . '/';
}
}
$path = trim(mb_substr($path, mb_strpos($path, '/', 0, 'UTF-8') + 1, mb_strlen($path, 'UTF-8'), 'UTF-8'), '/');
$filename = trim(mb_substr($path, mb_strrpos($path, '/', 0, 'UTF-8'), mb_strlen($path, 'UTF-8'), 'UTF-8'), '/');
$language_code = mb_substr($path, 0, mb_strpos($path, '/', 0, 'UTF-8'), 'UTF-8');
$path = ltrim(mb_substr($path, mb_strpos($path, '/', 0, 'UTF-8'), mb_strrpos($path, '/', 0, 'UTF-8') - mb_strpos($path, '/', 0, 'UTF-8'), 'UTF-8'), '/');
if ($path != '') {
$path .= '/';
}
/*
echo "<pre>";
echo "Question ID: ";
print_r($question_id);
echo "\n";
echo "Language code: ";
print_r($language_code);
echo "\n";
var_dump($path);
echo "\n";
print_r($filename);
echo "</pre>";
die(); */
$cache_id = 'bober-' . $question_id . '-' . $language_code . '-' . $path . '-' . $filename;
$questionResourceArray = Yii::app()->cache->get($cache_id);
if ($questionResourceArray === false) {
$questionResource = QuestionResource::model()->with('language')->find('question_id=:question_id and language.short=:language_code and path=:path and filename=:filename', array(':question_id' => $question_id, ':filename' => $filename, ':path' => $path, ':language_code' => $language_code));
if ($questionResource == null) {
$questionResource = new QuestionResource();
die;
}
$questionResourceArray = array('data' => $questionResource->data, 'file_type' => $questionResource->file_type, 'length' => strlen($questionResource->data));
if ($questionResourceArray['length'] > 1000000) {
// cannot go to memcache
} else {
Yii::app()->cache->set($cache_id, $questionResourceArray, 1800);
}
}
if (isset($questionResourceArray['length'])) {
header('Pragma: public');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Content-Transfer-Encoding: binary');
header('Content-length: ' . $questionResourceArray['length']);
header('Content-Type: ' . $questionResourceArray['file_type']);
header('X-Content-Type-Options: nosniff');
header('X-Frame-Options: SAMEORIGIN');
header('Connection: close');
echo $questionResourceArray['data'];
}
die;
} else {
die;
}
} else {
die;
}
}
