public function fetch_all_by_pfid($pfid, $name = '', $limit = 0, $orderby = '', $order = '', $start = 0, $count = false) { global $_G; $limitsql = $limit ? DB::limit($start, $limit) : ''; $data = array(); $wheresql = ''; $where = array(); $para = array($this->_table); $where[] = ' isdelete<1 '; if ($name) { $where[] = 'name like %s'; $para[] = '%' . $name . '%'; } if (is_array($pfid)) { $arr = array(); foreach ($pfid as $fid) { $arr[] = ' pfid = %d '; $para[] = $fid; } if ($arr) { $where[] = '(' . implode(' OR ', $arr) . ')'; } } elseif ($pfid) { $where[] = 'pfid= %d'; $para[] = $pfid; } if ($folder = C::t('folder')->fetch_by_fid($pfid)) { $where1 = array(); if ($folder['gid'] > 0) { $folder['perm'] = perm_check::getPerm($folder['fid']); if ($folder['perm'] > 0) { if (perm_binPerm::havePower('read1', $folder['perm'])) { $where1[] = "uid='{$_G[uid]}'"; } if (perm_binPerm::havePower('read2', $folder['perm'])) { if ($where1) { $where1 = array(); } else { $where1[] = "uid!='{$_G[uid]}'"; } } } } if ($where1) { $where = array_merge($where, $where1); } } if ($where) { $wheresql = 'WHERE ' . implode(' AND ', $where); } else { return false; } //exit($wheresql); if ($count) { return DB::result_first("SELECT COUNT(*) FROM %t {$wheresql} ", $para); } $ordersql = ''; if (is_array($orderby)) { foreach ($orderby as $key => $value) { $orderby[$key] = $value . ' ' . $order; } $ordersql = ' ORDER BY ' . implode(',', $orderby); } elseif ($orderby) { $ordersql = ' ORDER BY ' . $orderby . ' ' . $order; } foreach (DB::fetch_all("SELECT icoid FROM %t {$wheresql} {$ordersql} {$limitsql}", $para) as $value) { if ($arr = self::fetch_by_icoid($value['icoid'])) { $data[$value['icoid']] = $arr; } } return $data; }
function userPerm($fid, $action) { //判断容器有没有指定的权限 global $_G; if ($_G['adminid'] == 1) { //是管理员 return true; } if (!$_G['uid']) { //如果不是登录用户,返回false; return false; } if ($folder = C::t('folder')->fetch($fid)) { if ($action == 'admin') { if ($folder['uid'] == $_G['uid']) { return true; } } if ($action == 'rename') { $action = 'edit'; } if (in_array($action, array('read', 'delete', 'edit', 'download', 'copy'))) { if ($_G['uid'] == $folder['uid']) { $action .= '1'; } else { $action .= '2'; } } } //if($action=='download' || $action=='saveto' || $action=='copy' ) return true; $perm = self::getuserPerm(); //exit($perm.'===='.$action); return perm_binPerm::havePower($action, $perm); if ($perm < 5) { if ($action == 'view') { return true; } else { return false; } } /*if($perm>0){ $power=new perm_binPerm($perm); return $power->isPower($action); }*/ return true; }
$info['path'] = $icoarr['path']; } else { $arr1 = getPathByPfid($icoarr['tdata']['pfid']); $patharr1 = array(); while ($arr1) { $patharr1[] = array_pop($arr1); } $info['path'] = implode('/', $patharr1) . '/' . $icoarr['tdata']['name']; } $info['size'] = '-'; if ($icoarr['tdata']['type'] == 'folder') { $info['icon'] = 'dzz/images/default/system/folder.png'; } break; case 'folder': if ($icoarr['gid'] > 0 && ($pfolder = C::t('folder')->fetch_by_fid($icoarr['pfid'])) && perm_binPerm::havePower('read2', $pfolder['perm1']) && (C::t('organization_admin')->ismoderator_by_uid_orgid($icoarr['gid'], $_G['uid']) || $_G['adminid'] == 1)) { $folder = C::t('folder')->fetch($icoarr['oid']); $ismoderator = 1; $permtitle = perm_binPerm::getGroupTitleByPower($icoarr['perm1']); $permarr = perm_binPerm::groupPowerPack(); } $info['icon'] = $icoarr['img'] ? $icoarr['img'] : 'dzz/images/default/system/folder.png'; $contains = getContainsByFid($icoarr['oid']); $info['size'] = lang('template', 'property_info_size', array('fsize' => formatsize($contains['size']), 'size' => $contains['size'])); $info['contain'] = lang('template', 'property_info_contain', array('filenum' => $contains['contain'][0], 'foldernum' => $contains['contain'][1])); break; case 'dzzdoc': $info['path'] = implode('/', $patharr) . '/' . $icoarr['name']; $info['size'] = lang('template', 'property_info_size', array('fsize' => formatsize($icoarr['size']), 'size' => $icoarr['size'])); break; case 'link':
} } else { $arr = array(); $icos = array(); $icosdata = array(); $folderdata = array(); $folderids = array(); if ($folder = DB::fetch_first('select * from ' . DB::table('folder') . " where fid='{$id}'")) { $sql = ''; if ($folder['gid'] > 0) { $folder['perm'] = perm_check::getPerm($folder['fid']); if ($folder['perm'] > 0) { if (perm_binPerm::havePower('read1', $folder['perm'])) { $sql .= " and uid='{$_G[uid]}'"; } if (perm_binPerm::havePower('read2', $folder['perm'])) { if ($sql) { $sql = ''; } else { $sql .= " and uid!='{$_G[uid]}'"; } } } } $query = DB::query("select * from " . DB::table('folder') . " where innav>0 and pfid='{$folder[fid]}' and isdelete<1 {$sql} order by display"); while ($value = DB::fetch($query)) { if ($value['gid'] && $value['flag'] == 'organization') { $uids = C::t('organization_user')->fetch_uids_by_orgid($value['gid']); $ismoderator = C::t('organization_admin')->ismoderator_by_uid_orgid($value['gid'], $_G['uid']); if (!in_array($_G['uid'], $uids) && !$ismoderator && $_G['adminid'] != 1) { continue;