function p_quickedit_html($id) { if (admin()) { return "<a style='z-index:9000' target=_blank href=admin/edit/pages/content/{$id}><img style='z-index:9000' src=images/edit.png></a>"; } return ""; }
public function login() { $login = parent::getLogin(); $password = parent::getPassword(); $identity = new AdminIdentity($login, $password); $identity->authenticate(); switch ($identity->errorCode) { case AdminIdentity::ERROR_USERNAME_INVALID: case AdminIdentity::ERROR_PASSWORD_INVALID: $this->addError('login', Yii::t('backend', 'Аккаунт не найден.')); break; case AdminIdentity::ERROR_STATUS_BANNED: $this->addError('login', Yii::t('backend', 'Аккаунт забанен.')); break; case AdminIdentity::ERROR_STATUS_INACTIVE: $this->addError('login', Yii::t('backend', 'Аккаунт не активирован.')); break; case AdminIdentity::ERROR_STATUS_IP_NO_ACCESS: $this->addError('login', Yii::t('backend', 'Доступ к аккаунту для вашего IP запрещён.')); break; default: $duration = 3600 * 24 * 7; // 7 days admin()->login($identity, $duration); return TRUE; } return FALSE; }
function page_by_title($title, $edit = false) { $ret = db_fetch_object(db_query("SELECT * FROM pages WHERE short='%s' LIMIT 1", $title)); if ($edit && admin()) { $ret->content = p_quickedit_html($ret->id) . $ret->content; } return $ret->content; }
public function isAdmin() { if (sys()->isSapcms1()) { return admin(); } else { return null; } }
function imagenes($print = true) { $data = admin(false) . '/assets/images'; if ($print) { echo $data; } else { return $data; } }
public function store() { $this->validate($this->request(), $rules = array('title' => 'required|max:255', 'description' => 'required', 'content' => 'required|min:10'), $message = ['title.required' => '请填写标题', 'title.max' => '标题太长', 'description.required' => '描述不能为空', 'content.required' => '文章内容不能为空', 'content.min' => '文章内容太短'], $customAttributes = []); $form = $this->request()->all(); $form['admin_id'] = admin()->admin_id; if ($model = with(new $this->model())->create($form)) { return $this->success('添加成功', $model); } return $this->error('添加失败'); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->guest()) { return redirect()->guest('login'); } else { if (!admin()) { return redirect()->back(); } } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->guest() || admin()->admin_role != AdminEnum::ROLE_SUPERADMIN) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { abort(404); } } return $next($request); }
function mcs_CreateAccount($params) { $serviceid = $params["serviceid"]; $pid = $params["pid"]; $producttype = $params["producttype"]; $domain = $params["domain"]; $username = $params["username"]; $password = $params["password"]; $clientsdetails = $params["clientsdetails"]; $customfields = $params["customfields"]; $configoptions = $params["configoptions"]; $clientid = $params["userid"]; $configoption1 = $params["configoption1"]; $configoption2 = $params["configoption2"]; $configoption3 = $params["configoption3"]; $configoption4 = $params["configoption4"]; $params["admin"] = admin(); $server = $params["server"]; $serverid = $params["serverid"]; $serverip = $params["serverip"]; $serverusername = $params["serverusername"]; $serverpassword = $params["serverpassword"]; $serveraccesshash = $params["serveraccesshash"]; $serversecure = $params["serversecure"]; $json = json_encode($params); $json = json_decode($json); $ip = $json->customfields; foreach ($ip as $j => $v) { $ipaddr = $v; } $hasil = json_encode(_getclientsproducts($clientid, $serviceid, $pid)); $billingcycle = _get_order_duration_months(json_decode($hasil)->products->product[0]->billingcycle); $data = array('api_key' => apikey(), 'ip' => $ipaddr, 'pname' => $configoption1, 'billingcycle' => $billingcycle); $buatorder = Mcs::exec('order', 'addorder', http_build_query($data)); if ($buatorder->result == 'success') { $result = 'success'; } else { $result = "error"; } return $result; }
function author_delete() { require_privs('admin.edit'); $user_id = assert_int(ps('user_id')); $name = fetch('Realname', 'txp_users', 'user_id', $user_id); if ($name) { $rs = safe_delete('txp_users', "user_id = {$user_id}"); if ($rs) { admin(gTxt('author_deleted', array('{name}' => $name))); } } }
function formAddChannels($form, $table, $column) { if (getOption('channels')) { if (admin()) { $form->set_field(array('name' => 'channels', 'type' => 'checkboxes', 'label' => getString('channels_label'), 'option_title' => 'title' . langExt(), 'options_table' => 'channels', 'linking_table' => $table . '_to_channels', 'object_id' => $column, 'option_id' => 'channel_id', 'default' => 'all')); } else { $form->set_field(array('name' => 'channels', 'type' => 'checkboxes', 'label' => getString('channels_label'), 'sql' => 'SELECT id, title' . langExt() . ' FROM channels WHERE is_active = 1 AND is_private = 0 ORDER BY title', 'default' => 'all')); } } }
function showNewsId($news, $db) { foreach ($news as $i => $row) { if ($i > 0) { //if repeating news (because of tags) echo " <a href=\"./?tag=" . $row['tagname'] . "\">#" . $row['tagname'] . "</a>"; } else { echo "<div class=\"noticia\" id=" . $row['id'] . ">"; if (loggedIn()) { //favorites if (hasFavorite($row['id'], $db)) { echo "<div class=\"del_favorite\" id=\"" . $row['id'] . "\"><img width=\"30px\" src=\"common/star_filled.png\">"; } else { echo "<div class=\"add_favorite\" id=\"" . $row['id'] . "\"><img width=\"30px\" src=\"common/star_empty.png\">"; } echo "</div>"; } echo "<h3>" . stripslashes($row['title']) . "</h3>\n\t\t\t\t<img src=\"http://lorempixel.com/300/200/\" alt=\"300x200\">\t\t\t\t\n\t\t\t\t<div class=\"newsbody\">" . nl2br(stripslashes($row['text'])) . "</div>\n\t\t\t\t<div class=\"newsdetails\">\n\t\t\t\t<br />"; if (!empty($row['url'])) { //display URL if news is imported echo "<b>URL original:</b> <a target=\"_blank\" href=\"" . stripslashes($row['url']) . "\">" . $row['url'] . "</a><br>"; } echo "<b>Submetida por:</b> " . getUserProfileLink($row['posted_by'], $db) . "<br>"; if (!empty($row['imported_by'])) { echo "<b>Importada por:</b> " . getUserProfileLink($row['imported_by'], $db) . "<br>"; } echo displayDate($row['date']); if ($row['tagname'] != "") { echo "</div><div class=\"newstags\"><a href=\"./?tag=" . stripslashes($row['tagname']) . "\">#" . stripslashes($row['tagname']) . "</a>"; } //first tag (close news details and start tags div) } if (++$i == sizeof($news)) { //if next row is the end echo "</div>"; echo "<div class=comment" . $row['id'] . "><h2>Comentários:</h2><div id=comments_server></div>"; echo "</div>"; if (isset($_SESSION['user_id'])) { echo "<div id=new_comment><textarea id=textarea_new_comment rows=4 placeholder=\"Novo Comentário...\"/></textarea><br><input id=send_comment type=button value=\"Enviar Comentário\"></div>"; } if (loggedIn() && (editor() || admin())) { echo "<ul>"; echo "<li><a href=./>Ver Todas</a></li>"; if (loggedIn() && (admin() || editor() && ($_SESSION['username'] == $row['posted_by'] || $_SESSION['username'] == $row['imported_by']))) { echo "<li><a href=\"editar_noticia.php?id=" . $row['id'] . "\">Editar</a></li><li><a href=\"apagar_noticia.php?id=" . $row['id'] . "\">Apagar</a></li>"; } echo "<li style=\"border:0;\"></li>"; //display full height <ul> echo "</ul>"; } echo "</div>"; } } }
function show_admin($dir) { // Execute Admin Action $pwd = ($GLOBALS["permissions"] & 2) == 2; $admin = ($GLOBALS["permissions"] & 4) == 4; if (!$GLOBALS["require_login"]) { show_error($GLOBALS["error_msg"]["miscnofunc"]); } if (!$pwd && !$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (isset($GLOBALS['__GET']["action2"])) { $action2 = $GLOBALS['__GET']["action2"]; } elseif (isset($GLOBALS['__POST']["action2"])) { $action2 = $GLOBALS['__POST']["action2"]; } else { $action2 = ""; } switch ($action2) { case "chpwd": changepwd($dir); break; case "adduser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } adduser($dir); break; case "edituser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } edituser($dir); break; case "rmuser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } removeuser($dir); break; default: admin($admin, $dir); } }
if (zalogowany()) { echo "<a class='navbar-brand' href='index.php?v=tresc/strona_glowna'><img src='img/logo.png'></a>"; } else { echo "<a class='navbar-brand' href='index.php'><img src='img/logo.png'></a>"; } ?> </div> <!-- Collect the nav links, forms, and other content for toggling --> <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1"> <ul class="nav navbar-nav navbar-right"> <?php // jeśli zalogowano, wyświetlamy inne menu if (zalogowany()) { standardowy_przycisk("?v=tresc/panele_userow/panel_glowny", "<b>{$_SESSION['imie']} {$_SESSION['nazwisko']}</b>"); // jeśli zalogowano jako admin lub nauczyciel, to wyświetlamy przycisk z zarządzniem kursami if (admin() || nauczyciel()) { standardowy_przycisk("?v=tresc/panele_userow/panel_glowny&prawa=tresc/panele_userow/nauczyciel/n_lista_kursow", "Zarządzanie kursami", 0); } else { standardowy_przycisk("?v=tresc/u_kursy/lista_kursow_uzytkownika", "Moje kursy"); } standardowy_przycisk("tresc/logowanie/wyloguj.php?wyloguj=tak", "Wyloguj"); } else { standardowy_przycisk("?v=tresc/logowanie/logowanie", "Logowanie"); standardowy_przycisk("index.php?v=tresc/rejestracja/rejestracja", "Rejestracja"); } ?> <!--<li><a href="index.php" class=""></a></li> --> </ul> </div><!-- /.navbar-collapse --> </div><!-- /.container-fluid -->
if ($_GET['topic']) { include 'login_status.php'; require_once 'csign.php'; $verified_corner_name = ""; $verified_room = ""; $verified_corner_name_1 = ""; if (login_check($mysqli) == true) { if (isset($_SESSION['u_ID'], $_SESSION['u_name'], $_SESSION['u_email'], $_SESSION['xploded_u_email'], $_SESSION['login_string'])) { $u_ID = $_SESSION['u_ID']; $xploded_u_email = $_SESSION['xploded_u_email']; $u_email = $_SESSION['u_email']; $u_name = $_SESSION['u_name']; $flag_options = "logged"; include 'infogiver.php'; $tumb_array = tumb(); $admin_array = admin("true"); $nav = navbar_info(); } } include_once "infogiver.php"; $config['topic_id'] = intval($_GET['topic']); $config['start'] = -10; $config['end'] = 0; if ($topic_array = topic_info_single_non($config)) { //print_r($topic_array); } else { if ($topic_array[0]['topic_id'] == '') { header("location:404.html"); } } }
include "adminDB.php"; $id = $_POST['id']; $passwd = $_POST['passwd']; $passwd = $_POST['passwdconfirm']; $name = $_POST['name']; $birthyear = $_POST['birthyear']; $birthmonth = $_POST['birthmonth']; $birthday = $_POST['birthday']; $userkind = $_POST['userkind']; $writetime = $_POST['writetime']; /*$now= date("Y-m-d H:i:s",time());*/ //초까지 현재시간 구해줌 /*$writetime= date("YmdHis",time());*/ $bir_date = $birthyear . "" . $birthmonth . "" . $birthday; /*if(is_id_ok($id, $passwd))*/ if (admin($id, $passwd, $name, $bir_date, $userkind, $writetime)) { /*$_SESSION['id']=$id; $_SESSION['name']=$name; $_SESSION['flash']=$name."님이 접속하였습니다.";*/ echo "<script>\talert(\"회원가입을 완료하였습니다.\")\r\n\t\twindow.location.href='temp.html';</script>"; /*header("Location:haniumboard.html");*/ } else { /*$_SESSION['flash']=$id."로그인이 실패! 다시입력해주세요";*/ echo "<script>window.alert(\"뭘 잘못입력했는데 다시 입력하세요.\")\r\n\t\twindow.location.href='haniumadmin.php';</script>"; } ?> <title><?php echo "Now:" . $now; ?> </title> <body><?php
<?php include 'includes/api.php'; logged_in(); admin(); include 'head.php'; include 'menu.php'; ?> <div class='container container-admin'> <div class='col-md-2'> <h3><?php echo $m['settings_menu']; ?> </h3> <nav> <ul class='nav nav-pills nav-stacked span2'> <li><a href='?page=main'><span class='glyphicon glyphicon-dashboard' aria-hidden='true'></span> <?php echo $m['main_menu']; ?> </a></li> <li><a href='?page=login'><span class='glyphicon glyphicon-log-in' aria-hidden='true'></span> <?php echo $m['login_menu']; ?> </a></li> <li><a href='?page=registration'><span class='glyphicon glyphicon-pencil' aria-hidden='true'></span> <?php echo $m['registration_menu']; ?> </a></li> <li><a href='?page=permissions'><span class='glyphicon glyphicon-asterisk' aria-hidden='true'></span> <?php echo $m['permissions_menu'];
function get_parser() { $conf = configurations(); if (!$_GET) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listprojects'); } if (isset($_GET['mod'])) { if (is_array(myfilter($_GET['mod'], 'mod'))) { trigger_error('potential attack using mod'); return deconnect(); } else { $mod = $_GET['mod']; } } else { $mod = null; } switch ($_GET['action']) { case 'adduser': if (admin(true)) { if ($_POST['usr_email'] && $_POST['username']) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'adduser', add_user(myfilter($_POST['usr_email'], 'email'), myfilter($_POST['username'], 'user'), myfilter($_POST['lvl'], 'lvl'))); } return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'adduser'); } break; case 'listusers': if (admin(true)) { $list_users = list_users(array(null)); return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listusers', $list_users); } break; case 'deco': return deconnect(); break; case 'modpass': if ($_POST['oldpass'] && $_POST['password1'] && $_POST['password2']) { $pass = array(myfilter($_POST['oldpass'], 'password'), myfilter($_POST['password1'], 'password'), myfilter($_POST['password2'], 'password')); if (is_string($pass[0]) && is_string($pass[1]) && is_string($pass[2])) { $change = change_password($_SESSION['db_data']['_id'], $pass); return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'changepass', $change); } } return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'changepass', null); break; case 'resetpass': if (isset($_GET['user_id']) && isset($_GET['resetcode']) && !is_array($_GET['user_id']) && !is_array($_GET['resetcode'])) { return reset_password($_GET['user_id'], $_GET['resetcode']); } elseif (isset($_GET['user_id']) && !is_array($_GET['user_id']) && admin(true)) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', reset_password($_GET['user_id'])); } break; case 'edituser': if (isset($_GET['user_id'])) { if (user(true) && $_GET['user_id'] == $_SESSION['db_data']['_id']) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', change_user_data($_SESSION['db_data'])); } if (admin(true) && !is_array($_GET['user_id'])) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', change_user_data(check_user(array('_id' => new MongoID(myfilter($_GET['user_id'], '_id')))))); } } break; case 'changemail': if (isset($_GET['user_id']) && isset($_GET['code'])) { $db = check_user(array('_id' => new MongoID(myfilter($_GET['user_id'], '_id')))); if ($db['mail_change_id'] == $_GET['code']) { return change_email_user(array('email' => $db['new_mail'], 'new_mail' => null, 'mail_change_id' => null), myfilter($_GET['user_id'], '_id'), 'postmail'); } } break; case 'deluser': if (admin(true) && !is_array($_GET['user_id'])) { return delete_user(myfilter($_GET['user_id'], '_id')); } break; case 'addproject': if (admin(true)) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'add_project', addproject()); } break; case 'project': if (isset($_GET['project_id'])) { if (!is_array(myfilter($_GET['project_id'], '_id'))) { $_SESSION['currentprojet'] = myfilter($_GET['project_id'], '_id'); return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'project', check_projects_mod($mod)); } } break; case 'getfile': if (isset($_GET['file']) && isset($_GET['key']) && isset($_GET['id']) && isset($_GET['os']) && isset($_GET['arch'])) { if (!is_array(myfilter($_GET['file'], 'sha1')) && !is_array(myfilter($_GET['key'], 'timestamp')) && !is_array(myfilter($_GET['id'], '_id')) && !is_array($_GET['os']) && !is_array($_GET['arch'])) { return down_file(myfilter($_GET['file'], 'sha1'), myfilter($_GET['key'], 'timestamp'), base64_decode(urldecode($_GET['os'])), base64_decode(urldecode($_GET['arch'])), myfilter($_GET['id'], '_id')); } } break; case 'addfile': if (admin(true) && isset($_GET['id'])) { if (!is_array(myfilter($_GET['id'], '_id'))) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'add_file', addfile(myfilter($_GET['id'], '_id'))); } } break; case 'deletefile': if (admin(true) && isset($_GET['id']) && isset($_GET['key'])) { if (!is_array(myfilter($_GET['id'], '_id')) && !is_array(myfilter($_GET['key'], 'timestamp'))) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'project', delete_file(myfilter($_GET['id'], '_id'), myfilter($_GET['key'], 'timestamp'))); } } break; case 'usersetting': if (isset($_GET['user_id'])) { if (user(true) && $_GET['user_id'] == $_SESSION['db_data']['_id']) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'setting', change_user_setting($_SESSION['db_data']['_id'])); } } break; case 'bug': if (isset($_GET['id'])) { if (!is_array(myfilter($_GET['id'], '_id'))) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'bug', check_bug($mod)); } } break; case 'submitbug': if (isset($_GET['id'])) { if (user(true) && in_array($_GET['id'], $_SESSION['db_data']['projects'])) { $_SESSION['idbug'] = $_GET['id']; return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'submitbug', add_bug($_POST, $_GET['id'])); } if (admin(true) || vip(true)) { if (!is_array(myfilter($_GET['id'], '_id'))) { $_SESSION['idbug'] = $_GET['id']; return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'submitbug', add_bug($_POST, $_GET['id'])); } } } break; case 'listprojects': return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listprojects', $mod); break; case 'editbug': if (strlen($_POST['status']) && isset($_GET['id']) && admin(true)) { if (!is_array($_POST['status']) && !is_array(myfilter($_GET['id'], '_id'))) { if (in_array($_POST['status'], $conf['bugs']['Open']) || in_array($_POST['status'], $conf['bugs']['Closed'])) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'bug', edit_bug($_POST['status'])); } } } break; case 'resetpassmail': if (strlen($_POST['usr_email'])) { return echo_front_page(reset_password_mail(myfilter($_POST['usr_email'], 'email'))); } break; case 'editproject': if (isset($_GET['id']) && admin(true)) { if (!is_array(myfilter($_GET['id'], '_id'))) { return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_project', edit_project($_POST)); } } break; } return echo_front_page(); }
function author_delete() { $user_id = ps('user_id'); $name = fetch('Realname', 'txp_users', 'user_id', $user_id); if ($name) { $rs = safe_delete("txp_users", "user_id = '{$user_id}'"); if ($rs) { admin(messenger('author', $name, 'deleted')); } } }
<?php require 'lib/common.php'; if (!admin()) { header("location: login.php"); } require 'inc/header.php'; require 'inc/menu.php'; if (empty($_GET['cat'])) { $category = 0; } else { $category = $_GET['cat']; } if (isset($_POST['insert_cat'])) { insert_category($_POST['category'], $category); } if (isset($_GET['deletecat'])) { delete_category($_GET['deletecat']); } ?> <div class='col-12'> <h1>Categories</h1> <?php $sql = "SELECT * FROM Categories WHERE parent_cat = ?"; $stm = $conn->prepare($sql); $stm->execute(array($cat)); $category = $stm->fetchAll();
<div class="row"> <div class="col-md-6 col-sm-12"> <h4>{{trans('labs.title')}}</h4> @foreach($result['labs'] as $lab) <div class="panel panel-default" style="background: #ECF0F1"> <div class="panel-body"> <?php if (status($lab->id)) { $color = "#1abc9c"; $btn = 'btn-primary'; $status = 'Disponível'; $title = ''; $txt = trans('interface.access'); } else { $color = "#f44336"; if (admin() || guest()) { $btn = 'btn-danger'; } else { $btn = 'btn-default disabled'; } $status = 'Indisponível'; $title = 'Este experimento está indisponível no momento'; $txt = trans('interface.test'); } ?> <div class="row"> <div class='col-lg-5 col-md-5 col-sm-2'> <img src="{{asset($lab->thumbnail)}}" class="img-responsive"> </div> <div class="col-lg-7 col-md-7 col-sm-10"> <h5>{{$lab->$name}}</h5>
$html .= '</div>'; $html .= '<div class="b_d_d">'; $html .= '<p class="b_d-desc b_d_d-desc">Adjunta los archivos de 700 x 400 px con máximo de 800k de peso.</p>'; foreach ($ubicacion->galeria as $k => $galeria) { $style_foto = $galeria !== '' ? 'style="background-image:url(' . $galeria . ')"' : ''; $html .= '<div id="galeria_ub_' . $k . '" data-name="galeria[]" data-value="' . $galeria . '" class="b_d-attach" ' . $style_foto . '></div>'; } $html .= '</div>'; $html .= '</div>'; $html .= '<div class="editor_texto">'; $html .= '<div class="cabecera">'; $html .= '<div class="editor_option subrayar">'; $html .= '<img src="' . imagenes(false) . '/subrayar.png" />'; $html .= '</div>'; $html .= '<div class="editor_option tachar">'; $html .= '<img src="' . imagenes(false) . '/tachar.png" />'; $html .= '</div>'; $html .= '<div class="editor_option negrita">'; $html .= '<img src="' . imagenes(false) . '/upercase.png" />'; $html .= '</div>'; /*$html.='<div class="editor_option">'; $html.='<img src="'.imagenes(false).'/subrayar.png" />'; $html.='</div>';*/ $html .= '</div>'; $html .= '</div>'; $html .= '<textarea class="gre" name="descripcion" placeholder="Escribe la descripcion de este estudio con un maximo de 500 caracteres">' . $ubicacion->descripcion . '</textarea>'; $html .= '</div>'; $html .= '<script type="text/javascript">$(".gre").gre({ content_css_url : "' . admin(false) . '/assets/js/gre/editor.css", width : "100%", });$("iframe.gre").width("100%");</script>';
<?php // $plik to adres do tego pliku. Zrobiono dla wygody $plik = "?v=tresc/panele_userow/panel_glowny"; // przyciski do podstron standardowy_przycisk("{$plik}&prawa=tresc/panele_userow/uczen/u_info", "Główne informacje"); standardowy_przycisk("{$plik}&prawa=tresc/panele_userow/uczen/u_zmiana_hasla", "Zmiana hasła"); // jeśli jesteśmy nauczycielem lub adminem, mamy dostęp do dodatkowych opcji (przycisków) if (nauczyciel() || admin()) { echo "<hr><center><p>Panel Nauczyciela</p></center>"; standardowy_przycisk("{$plik}&prawa=tresc/panele_userow/nauczyciel/n_lista_kursow", "Lista kursów"); standardowy_przycisk("{$plik}&prawa=tresc/panele_userow/nauczyciel/n_lista_lekcji_w_kursie", "Lista lekcji"); standardowy_przycisk("{$plik}&prawa=tresc/panele_userow/nauczyciel/n_podglad_lekcji", "Podgląd lekcji"); standardowy_przycisk("{$plik}&prawa=tresc/panele_userow/nauczyciel/n_stworz_kurs", "Stwórz nowy kurs"); standardowy_przycisk("{$plik}&prawa=tresc/panele_userow/nauczyciel/n_usun_z_kursu1", "Usuń użytkownika z kursu"); } if (admin()) { echo "<hr><center><p>Panel Administratora</p></center>"; standardowy_przycisk("{$plik}&prawa=tresc/panele_userow/admin/a_zarzadzanie_uzytkownikami", "Zarządzanie użytkownikami"); standardowy_przycisk("{$plik}&prawa=tresc/panele_userow/admin/a_dodawanie_usera_do_kursu1", "Dodaj użytkownika do kursu"); standardowy_przycisk("{$plik}&prawa=tresc/panele_userow/admin/a_zablokuj_kurs1", "Blokada kursu"); } ?> </ul> </div> <div id="z_panel_tresc_prawa" class="col-md-9"> <div class="thumbnail"> <?php // dołączmy plik z $_GET['prawa'] dolacz_plik("prawa", "tresc/panele_userow/uczen/u_info"); ?>
function getContent($pageId, $action, $userId, $permission, $recursed = 0) { if ($action == "login") { if ($userId == 0) { ///Commented the requirement of login.lib.php because it is already included in /index.php //require_once("login.lib.php"); $newUserId = login(); if (is_numeric($newUserId)) { return getContent($pageId, "view", $newUserId, getPermissions($newUserId, $pageId, "view"), 0); } else { return $newUserId; } ///<The login page } else { displayinfo("You are logged in as " . getUserName($userId) . "! Click <a href=\"./+logout\">here</a> to logout."); } return getContent($pageId, "view", $userId, getPermissions($userId, $pageId, "view"), $recursed = 0); } if ($action == "profile") { if ($userId != 0) { require_once "profile.lib.php"; return profile($userId); } else { displayinfo("You need to <a href=\"./+login\">login</a> to view your profile.!"); } } if ($action == "logout") { if ($userId != 0) { $newUserId = resetAuth(); displayinfo("You have been logged out!"); global $openid_enabled; if ($openid_enabled == 'true') { displaywarning("If you logged in via Open ID, make sure you also log out from your Open ID service provider's website. Until then your session in this website will remain active !"); } return getContent($pageId, "view", $newUserId, getPermissions($newUserId, $pageId, "view"), 0); } else { displayinfo("You need to <a href=\"./+login\">login</a> first to logout!"); } } if ($action == "search") { require_once "search.lib.php"; $ret = getSearchBox(); if (isset($_POST['query'])) { $ret .= getSearchResultString($_POST['query']); } elseif (isset($_GET['query'])) { $ret .= getSearchResultString($_GET['query']); } return $ret; } if (isset($_GET['subaction']) && $_GET['subaction'] == 'getchildren') { if (isset($_GET['parentpath'])) { global $urlRequestRoot; require_once 'menu.lib.php'; $pidarr = array(); parseUrlReal(escape($_GET['parentpath']), $pidarr); $pid = $pidarr[count($pidarr) - 1]; $children = getChildren($pid, $userId); $response = array(); $response['path'] = escape($_GET['parentpath']); $response['items'] = array(); foreach ($children as $child) { $response['items'][] = array($urlRequestRoot . '/home' . escape($_GET['parentpath']) . $child[1], $child[2]); } //echo json_encode($response); exit; } } if ($permission != true) { if ($userId == 0) { $suggestion = "(Try <a href=\"./+login\">logging in?</a>)"; } else { $suggestion = ""; } displayerror("You do not have the permissions to view this page. {$suggestion}<br /><input type=\"button\" onclick=\"history.go(-1)\" value=\"Go back\" />"); return ''; } if ($action == "admin") { require_once "admin.lib.php"; return admin($pageId, $userId); } ///default actions also to be defined here (and not outside) /// Coz work to be done after these actions do involve the page $pagetype_query = "SELECT page_module, page_modulecomponentid FROM " . MYSQL_DATABASE_PREFIX . "pages WHERE page_id='" . escape($pageId) . "'"; $pagetype_result = mysql_query($pagetype_query); $pagetype_values = mysql_fetch_assoc($pagetype_result); if (!$pagetype_values) { displayerror("The requested page does not exist."); return ""; } $moduleType = $pagetype_values['page_module']; $moduleComponentId = $pagetype_values['page_modulecomponentid']; if ($action == "settings") { ///<done here because we needed to check if the page exists for sure. require_once "pagesettings.lib.php"; return pagesettings($pageId, $userId); } if ($action == "widgets") { return handleWidgetPageSettings($pageId); } if ($recursed == 0) { $pagetypeupdate_query = "UPDATE " . MYSQL_DATABASE_PREFIX . "pages SET page_lastaccesstime=NOW() WHERE page_id='" . escape($pageId) . "'"; $pagetypeupdate_result = mysql_query($pagetypeupdate_query); if (!$pagetypeupdate_result) { return '<div class="cms-error">Error No. 563 - An error has occured. Contact the site administators.</div>'; } } if ($moduleType == "link") { return getContent($moduleComponentId, $action, $userId, true, 1); } if ($action == "grant") { return grantPermissions($userId, $pageId); } if ($moduleType == "menu") { return getContent(getParentPage($pageId), $action, $userId, true, 1); } if ($moduleType == "external") { $query = "SELECT `page_extlink` FROM `" . MYSQL_DATABASE_PREFIX . "external` WHERE `page_modulecomponentid` =\n\t\t\t\t\t(SELECT `page_modulecomponentid` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_id`= '" . escape($pageId) . "')"; $result = mysql_query($query); $values = mysql_fetch_array($result); $link = $values[0]; header("Location: {$link}"); } global $sourceFolder; global $moduleFolder; require_once $sourceFolder . "/" . $moduleFolder . "/" . $moduleType . ".lib.php"; $page = new $moduleType(); if (!$page instanceof module) { displayerror("The module \"{$moduleType}\" does not implement the inteface module</div>"); return ""; } $createperms_query = " SELECT * FROM " . MYSQL_DATABASE_PREFIX . "permissionlist where perm_action = 'create' AND page_module = '" . $moduleType . "'"; $createperms_result = mysql_query($createperms_query); if (mysql_num_rows($createperms_result) < 1) { displayerror("The action \"create\" does not exist in the module \"{$moduleType}\"</div>"); return ""; } $availableperms_query = "SELECT * FROM " . MYSQL_DATABASE_PREFIX . "permissionlist where perm_action != 'create' AND page_module = '" . $moduleType . "'"; $availableperms_result = mysql_query($availableperms_query); $permlist = array(); while ($value = mysql_fetch_assoc($availableperms_result)) { array_push($permlist, $value['perm_action']); } array_push($permlist, "view"); $class_methods = get_class_methods($moduleType); foreach ($permlist as $perm) { if (!in_array("action" . ucfirst($perm), $class_methods)) { displayerror("The action \"{$perm}\" does not exist in the module \"{$moduleType}\"</div>"); return ""; } } if ($action == "pdf") { if (isset($_GET['depth'])) { $depth = $_GET['depth']; } else { $depth = 0; } if (!is_numeric($depth)) { $depth = 0; } global $TITLE; global $sourceFolder; require_once "{$sourceFolder}/modules/pdf/html2fpdf.php"; $pdf = new HTML2FPDF(); $pdf->setModuleComponentId($moduleComponentId); $pdf->AddPage(); $pdf->WriteHTML($page->getHtml($userId, $moduleComponentId, "view")); $cp = array(); $j = 0; if ($depth == -1) { $cp = child($pageId, $userId, $depth); if ($cp[0][0]) { for ($i = 0; $cp[$i][0] != NULL; $i++) { require_once $sourceFolder . "/" . $moduleFolder . "/" . $cp[$i][2] . ".lib.php"; $page1 = new $cp[$i][2](); $modCompId = $cp[$i][5]; $pdf->setModuleComponentId($modCompId); $pdf->AddPage(); $pdf->WriteHTML($page1->getHtml($userId, $modCompId, "view")); } } } else { if ($depth > 0) { $cp = child($pageId, $userId, $depth); --$depth; while ($depth > 0) { $count = count($cp); for ($j; $j < $count; $j++) { $cp = array_merge((array) $cp, (array) child($cp[$j][0], $userId, $depth)); } --$depth; } if ($cp[0][0]) { for ($i = 0; isset($cp[$i]); $i++) { require_once $sourceFolder . "/" . $moduleFolder . "/" . $cp[$i][2] . ".lib.php"; $page1 = new $cp[$i][2](); $modCompId = $cp[$i][5]; $pdf->setModuleComponentId($modCompId); $pdf->AddPage(); $pdf->WriteHTML($page1->getHtml($userId, $modCompId, "view")); } } } } $filePath = $sourceFolder . "/uploads/temp/" . $TITLE . ".pdf"; while (file_exists($filePath)) { $filePath = $sourceFolder . "/uploads/temp/" . $TITLE . "-" . rand() . ".pdf"; } $pdf->Output($filePath); header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: private", false); header("Content-Type: application/pdf"); header("Content-Disposition: attachment; filename=\"" . basename($filePath) . "\";"); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($filePath)); @readfile("{$filePath}"); unlink($filePath); } return $page->getHtml($userId, $moduleComponentId, $action); }
function admin_multi_edit() { global $txp_user; require_privs('admin.edit'); $selected = ps('selected'); $method = ps('edit_method'); $changed = array(); if (!$selected or !is_array($selected)) { return admin(); } $names = safe_column('name', 'txp_users', "name IN ('" . join("','", doSlash($selected)) . "') AND name != '" . doSlash($txp_user) . "'"); if (!$names) { return admin(); } switch ($method) { case 'delete': if (safe_delete('txp_users', "name IN ('" . join("','", doSlash($names)) . "')")) { $changed = $names; $msg = 'author_deleted'; } break; case 'changeprivilege': global $levels; $privilege = ps('privs'); if (!isset($levels[$privilege])) { return admin(); } if (safe_update('txp_users', 'privs = ' . intval($privilege), "name IN ('" . join("','", doSlash($names)) . "')")) { $changed = $names; $msg = 'author_updated'; } break; case 'resetpassword': $failed = array(); foreach ($names as $name) { $passwd = generate_password(6); if (safe_update('txp_users', "pass = password(lower('" . doSlash($passwd) . "'))", "name = '" . doSlash($name) . "'")) { } $email = safe_field('email', 'txp_users', "name = '" . doSlash($name) . "'"); if (send_new_password($passwd, $email, $name)) { $changed[] = $name; $msg = 'author_updated'; } else { return admin(gTxt('could_not_mail') . ' ' . htmlspecialchars($name)); } } break; } if ($changed) { return admin(gTxt($msg, array('{name}' => htmlspecialchars(join(', ', $changed))))); } admin(); }
function requires_admin() { global $apptitle; if (admin()) { set_lang("ru"); return true; } else { $pass = db_result(db_query("SELECT admin_pass FROM settings")); if ($pass == "") { session_set("admin", true); return true; } redir("admin/login"); } }
function w_osatnie_lekcje($id_usera, $ilosc = 3) { // wyświetlenie nagłówka echo '<div class="thumbnail">' . '<div class="caption">' . '<h4>Ostatnio dodane lekcje</h4><br>' . '<table class="table">' . '<tbody>'; // wyświetlenie małej tabelki z ostatnimi (ostatnio dodanymi) lekcjami dla danego użytkownika // pierwsza pętla podaje tylko te kursy, do których jest zapisany użytkownik. $wynik = mysql_query("SELECT * FROM `zapisy` WHERE id_uzytkownika={$id_usera} ORDER BY id_zapisu DESC LIMIT {$ilosc}"); while ($r = mysql_fetch_assoc($wynik)) { // druga pętla wyświetla po dwie ostatnie lekcje z każdego kursu $nazwa_lekcji = mysql_query("SELECT * FROM `lekcje` WHERE id_kursu={$r['id_kursu']} ORDER BY id_lekcji DESC LIMIT 2"); while ($g = mysql_fetch_assoc($nazwa_lekcji)) { // trzecia pętla sprawdza, jak nazywa się dany kurs $nazwa_kursu = mysql_query("SELECT * FROM `kursy` WHERE id_kursu={$r['id_kursu']}"); while ($gg = mysql_fetch_assoc($nazwa_kursu)) { $kursik = $gg['nazwa']; } $link = "?v=tresc/u_kursy/dana_lekcja&id={$g['id_lekcji']}&id_kursu={$g['id_kursu']}"; echo '<tr>'; // wyświetlenie wiersza w tabelce z linkiem do lekcji echo "<td><a href='{$link}'>{$g['temat']}</a> <br><small><b>{$kursik}</b>, <i>{$r['data_zapisu']}</i></small><td>"; echo '</tr>'; } } // jeżeli to nauczyciel lub admin, nie wyświetlamy ich kursów, tylko komunikat if (nauczyciel() || admin()) { komunikat("Aby zobaczyć lekcje, przejdź do zarządzania"); } // zakończenie tabeli i ramki echo '</tbody>' . '</table>' . '</div>' . '</div>'; }
<?php require_once 'common/functions.php'; if (!loggedIn() || !admin()) { //if not logged in or not administrator, go away redirectMsg("./", 'Operação não permitida'); } require_once 'db/db.php'; if (!isset($_POST['submit_insert'])) { ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>Obter Notícias</title> <link rel="stylesheet" href="common/style.css"> <link rel="stylesheet" href="http://code.jquery.com/ui/1.9.2/themes/base/jquery-ui.css" /> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script> <script src="//ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js"></script> <script src="https://raw.github.com/jquery/jquery-ui/master/ui/i18n/jquery.ui.datepicker-pt.js"></script> <script src="common/get_news.js"></script> </head> <body> <?php showHeader('Obter notícias de outros servidores'); ?> <div id="menu"> <ul> <a href="./"><img src="common/home.png"></a> </ul> <ul style="display:inline;" class="login"> <!-- had to define style because there was a bug in Chrome where the display:inline wouldnt work from the css file-->
public function actionLogout() { admin()->logout(); $this->redirect(array('/index/default/index')); }
function show_admin($dir) { $admin = permissions_grant(NULL, NULL, "admin"); if (!login_is_user_logged_in()) { show_error($GLOBALS["error_msg"]["miscnofunc"]); } if (!$admin && !permissions_grant(NULL, NULL, "password")) { show_error($GLOBALS["error_msg"]["accessfunc"]); } if (isset($GLOBALS['__GET']["action2"])) { $action2 = $GLOBALS['__GET']["action2"]; } elseif (isset($GLOBALS['__POST']["action2"])) { $action2 = $GLOBALS['__POST']["action2"]; } else { $action2 = ""; } switch ($action2) { case "chpwd": changepwd($dir); break; case "adduser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } adduser($dir); break; case "edituser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } edituser($dir); break; case "rmuser": if (!$admin) { show_error($GLOBALS["error_msg"]["accessfunc"]); } removeuser($dir); break; default: admin($admin, $dir); } }