public function store(CAppUI $AppUI)
{
$perms = $AppUI->acl();
$stored = false;
$errorMsgArray = $this->check();
if (count($errorMsgArray) > 0) {
return $errorMsgArray;
}
/*
* TODO: I don't like the duplication on each of these two branches, but I
* don't have a good idea on how to fix it at the moment...
*/
if ($this->field_id && canEdit('system')) {
if ($msg = parent::store()) {
return $msg;
}
$stored = true;
}
if (0 == $this->field_id && canEdit('system')) {
if ($msg = parent::store()) {
return $msg;
}
$stored = true;
}
return $stored;
}
function listACLsByPath($pathname)
{
$me = $_SERVER["PHP_SELF"];
if (!canEdit($pathname)) {
echo "Ihnen fehlt leider die Berechtigung, das Verzeichnis {$pathname} zu bearbeiten";
return false;
}
// Verzeichnisobjekt holen
$path = new Path();
if (!$path->selectByName($pathname)) {
fehlerausgabe("Das Verzeichnis {$pathname} konnte nicht aus der DB gewählt werden");
return false;
}
// ACLs fuer das Verzeichnis holen
$acllist = new ACLList();
if (!$acllist->selectByPath($pathname)) {
fehlerausgabe("Die zum Verzeichnis {$pathname} gehörigen ACLs konnten nicht aus der DB gewählt werden");
return false;
}
echo "ACLs für Pfad {$pathname}:";
echo <<<EOF
<form name="acleditor" method="post" action="{$me}">
<select name="cmd">
<option value="edit">Eine ACL bearbeiten</option>
<option value="del">Löschen</option>
</select>
<input type="hidden" name="pathname" value="{$pathname}" />
<input type="submit" value="Los" />
<br />
<table width="100%" border="0" cellspacing="0" cellpadding="0" style="table-layout:fixed">
<tr>
<td>User</td>
<td>Löschen</td>
<td>Schreiben</td>
<td>Lesen</td>
<td>Umbenennen</td>
</tr>
EOF;
$user = new User();
for ($i = 0; $i < count($acllist->list); $i++) {
$acl = $acllist->list[$i];
$user->selectByID($acl->user_id);
echo <<<EOF
<tr>
<td><input type="checkbox" name="aclid[]" value="{$acl->acl_id}" />{$user->loginname}</td>
<td>{$acl->delete_path}</td>
<td>{$acl->write_path}</td>
<td>{$acl->read_path}</td>
<td>{$acl->rename_path}</td>
</tr>
EOF;
}
echo <<<EOF
</table>
</form>
EOF;
return true;
}
public function process(\w2p_Core_CAppUI $AppUI, array $myArray)
{
if (!canEdit('users')) {
$this->resultPath = ACCESS_DENIED;
return $AppUI;
}
$action = $this->delete ? 'deleted' : 'stored';
$this->success = $this->delete ? $this->object->del_acl((int) $myArray['permission_id']) : $this->object->addUserPermission();
if ($this->success) {
$AppUI->setMsg($this->prefix . ' ' . $action, UI_MSG_OK, true);
$this->resultPath = $this->successPath;
$this->object->recalcPermissions(null, (int) $myArray['permission_user']);
} else {
$AppUI->setMsg($this->object->getError(), UI_MSG_ERROR);
$this->resultPath = $this->errorPath;
$AppUI->holdObject($this->object);
}
return $AppUI;
}
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
if (!canEdit('System')) {
$view = "error";
return;
}
$options = array("go" => $SLANG['DonateYes'], "hour" => $SLANG['DonateRemindHour'], "day" => $SLANG['DonateRemindDay'], "week" => $SLANG['DonateRemindWeek'], "month" => $SLANG['DonateRemindMonth'], "never" => $SLANG['DonateRemindNever'], "already" => $SLANG['DonateAlready']);
$focusWindow = true;
xhtmlHeaders(__FILE__, $SLANG['Donate']);
?>
<body>
<div id="page">
<div id="header">
<h2><?php
echo $SLANG['Donate'];
?>
</h2>
<h1>ZoneMinder - <?php
public function canUserEditTimeInformation()
{
global $AppUI;
$project = new CProject();
$project->load($this->task_project);
// Code to see if the current user is
// enabled to change time information related to task
$can_edit_time_information = false;
// Let's see if all users are able to edit task time information
if (w2PgetConfig('restrict_task_time_editing') == true && $this->task_id > 0) {
// Am I the task owner?
if ($this->task_owner == $AppUI->user_id) {
$can_edit_time_information = true;
}
// Am I the project owner?
if ($project->project_owner == $AppUI->user_id) {
$can_edit_time_information = true;
}
// Am I sys admin?
if (canEdit('admin')) {
$can_edit_time_information = true;
}
} else {
if (w2PgetConfig('restrict_task_time_editing') == false || $this->task_id == 0) {
// If all users are able, then don't check anything
$can_edit_time_information = true;
}
}
return $can_edit_time_information;
}
echo arraySelect($projects, 'project_id', 'onchange="submitIt()" class="text" style="width:500px"', 0);
?>
</strong>
</font>
</td>
</tr>
</form>
</table>
<?php
} else {
// check permissions for this record
$canReadProject = $perms->checkModuleItem('projects', 'view', $project_id);
$canEditProject = $perms->checkModuleItem('projects', 'edit', $project_id);
$canViewTasks = canView('tasks');
$canAddTasks = canAdd('tasks');
$canEditTasks = canEdit('tasks');
$canDeleteTasks = canDelete('tasks');
if (!$canReadProject) {
$AppUI->redirect('m=public&a=access_denied');
}
// check if this record has dependencies to prevent deletion
$msg = '';
$obj = new CProject();
// Now check if the project is editable/viewable.
$denied = $obj->getDeniedRecords($AppUI->user_id);
if (in_array($project_id, $denied)) {
$AppUI->redirect('m=public&a=access_denied');
}
$canDeleteProject = $obj->canDelete($msg, $project_id);
// get critical tasks (criteria: task_end_date)
$criticalTasks = $project_id > 0 ? $obj->getCriticalTasks($project_id) : null;
<?php
/* $Id: billingcode.php 2016 2011-08-07 07:08:46Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/tags/version2.4/modules/system/billingcode.php $ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
##
## add or edit a user preferences
##
$company_id = 0;
$company_id = isset($_REQUEST['company_id']) ? w2PgetParam($_REQUEST, 'company_id', 0) : 0;
// Check permissions
$perms =& $AppUI->acl();
if (!canEdit('system')) {
$AppUI->redirect('m=public&a=access_denied');
}
$q = new w2p_Database_Query();
$q->addTable('billingcode', 'bc');
$q->addQuery('billingcode_id, billingcode_name, billingcode_value, billingcode_desc, billingcode_status');
$q->addOrder('billingcode_name ASC');
$q->addWhere('company_id = ' . (int) $company_id);
$billingcodes = $q->loadList();
$q->clear();
$q = new w2p_Database_Query();
$q->addTable('companies', 'c');
$q->addQuery('company_id, company_name');
$q->addOrder('company_name ASC');
$company_list = $q->loadHashList();
$company_list[0] = $AppUI->_('Select Company');
$q->clear();
$company_name = $company_list[$company_id];
$dImagePath = sprintf("%s/%0" . ZM_EVENT_IMAGE_DIGITS . "d-diag-d.jpg", $eventPath, $frame['FrameId']);
$rImagePath = sprintf("%s/%0" . ZM_EVENT_IMAGE_DIGITS . "d-diag-r.jpg", $eventPath, $frame['FrameId']);
$focusWindow = true;
xhtmlHeaders(__FILE__, translate('Frame') . " - " . $event['Id'] . " - " . $frame['FrameId']);
?>
<body>
<div id="page">
<div id="header">
<div id="headerButtons">
<?php
if (ZM_RECORD_EVENT_STATS && $alarmFrame) {
echo makePopupLink('?view=stats&eid=' . $event['Id'] . '&fid=' . $frame['FrameId'], 'zmStats', 'stats', translate('Stats'));
}
?>
<?php
if (canEdit('Events')) {
?>
<a href="?view=none&action=delete&markEid=<?php
echo $event['Id'];
?>
"><?php
echo translate('Delete');
?>
</a><?php
}
?>
<a href="#" onclick="closeWindow(); return( false );"><?php
echo translate('Close');
?>
</a>
</div>
<?php
/* $Id: chpwd.php 1971 2011-07-04 04:31:39Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/tags/version2.4/modules/public/chpwd.php $ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
if (!($user_id = w2PgetParam($_REQUEST, 'user_id', 0))) {
$user_id = $AppUI->user_id;
}
// check for a non-zero user id
if ($user_id) {
$old_pwd = db_escape(trim(w2PgetParam($_POST, 'old_pwd', null)));
$new_pwd1 = db_escape(trim(w2PgetParam($_POST, 'new_pwd1', null)));
$new_pwd2 = db_escape(trim(w2PgetParam($_POST, 'new_pwd2', null)));
$perms =& $AppUI->acl();
$canAdminEdit = canEdit('admin');
// has the change form been posted
if ($new_pwd1 && $new_pwd2 && $new_pwd1 == $new_pwd2) {
$user = new CUser();
if ($canAdminEdit || $user->validatePassword($user_id, $old_pwd)) {
$user->user_id = $user_id;
$user->user_password = $new_pwd1;
if ($msg = $user->store()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
?>
<script language="javascript" type="text/javascript">
window.onload = function() {
window.close();
}
</script>
<?php
<?php
include "../include/config.php";
$post_get = new GetVarClass();
$email = $post_get->getemail("email");
if (!$email) {
die("Редактирование заявки невозможно: введите корректный e-mail. ");
}
$editorid = loginbycookie();
if (!canEdit($editorid, $email)) {
die("У вас недостаточно прав доступа, чтобы редактировать заявку {$email}. ");
}
$userid = emailToId($email);
$name = $post_get->getvar("name");
$nick = $post_get->getvar("nick");
$city = $post_get->getvar("city");
$age = $post_get->getadate("age");
$contacts = $post_get->getvar("contacts");
$contraindication = $post_get->getvar("contraindication");
$chronicdesease = $post_get->getvar("chronicdesease");
$wishes = $post_get->getvar("wishes");
$publicity = $post_get->getenumkeys("publicity", $langPublicities);
$character_name = $post_get->getvar("character_name");
$character_age = $post_get->getadate("character_age");
$country = $post_get->getenumkeys("country", $langCountries);
$birth = $post_get->getenumkeys("birth", $langBirthes);
$rank = $post_get->getenumkeys("rank", $langRanks);
$quota = $post_get->getenumkeys("quota", $langQuotas);
$quenta = $post_get->getvar("quenta");
$wishes2 = $post_get->getvar("wishes2");
$go_royal_wedding = $post_get->getvar("go_royal_wedding", "0|1", "0");
</option>
<?php
}
}
?>
</select>
</td>
</tr>
</tbody>
</table>
<div id="contentButtons">
<input type="submit" value="<?php
echo translate('Save');
?>
"<?php
if (!canEdit('Groups')) {
?>
disabled="disabled"<?php
}
?>
/>
<input type="button" value="<?php
echo translate('Cancel');
?>
" onclick="closeWindow()"/>
</div>
</form>
</div>
</div>
</body>
</html>
echo $AppUI->_($fieldNames[$index]);
?>
<!-- </a>-->
</th><?php
}
echo '<th></th>';
?>
</tr>
<?php
// Pull the task comments
$task = new CTask();
//TODO: this method should be moved to CTaskLog
$logs = $task->getTaskLogs($task_id, $problem);
$s = '';
$hrs = 0;
$canEdit = canEdit('task_log');
$htmlHelper = new w2p_Output_HTMLHelper($AppUI);
$billingCategory = w2PgetSysVal('BudgetCategory');
$durnTypes = w2PgetSysVal('TaskDurationType');
$taskLogReference = w2PgetSysVal('TaskLogReference');
$status = w2PgetSysVal('TaskStatus');
$task_types = w2PgetSysVal('TaskType');
$customLookups = array('budget_category' => $billingCategory, 'task_duration_type' => $durnTypes, 'task_log_reference' => $taskLogReference, 'task_status' => $status, 'task_type' => $task_types);
if (count($logs)) {
foreach ($logs as $row) {
$s .= '<tr bgcolor="white" valign="top"><td>';
if ($canEdit) {
$s .= '<a href="?m=tasks&a=view&task_id=' . $task_id . '&tab=';
$s .= $tab == -1 ? $AppUI->getState('TaskLogVwTab') : '1';
$s .= '&task_log_id=' . $row['task_log_id'] . '">' . w2PshowImage('icons/stock_edit-16.png', 16, 16, '') . '</a>';
}
echo translate('Submit');
?>
" onclick="submitToEvents( this );"/>
<input type="button" name="executeButton" id="executeButton" value="<?php
echo translate('Execute');
?>
" onclick="executeFilter( this );"/>
<?php
if (canEdit('Events')) {
?>
<input type="button" value="<?php
echo translate('Save');
?>
" onclick="saveFilter( this );"/><?php
}
if (canEdit('Events') && isset($dbFilter)) {
?>
<input type="button" value="<?php
echo translate('Delete');
?>
" onclick="deleteFilter( this, '<?php
echo $dbFilter['Name'];
?>
' );"/><?php
}
?>
<input type="button" value="<?php
echo translate('Reset');
?>
" onclick="submitToFilter( this, 1 );"/>
</div>
$userid = $AppUI->user_id;
$perms =& $AppUI->acl();
if ($action == 'add') {
if (!canAdd('history')) {
$AppUI->redirect('m=public&a=access_denied');
}
$q->addTable('history');
$q->addInsert('history_table', "history");
$q->addInsert('history_action', "add");
$q->addInsert('history_date', "'" . $q->dbfnNowWithTZ() . "'");
$q->addInsert('history_description', $history_description);
$q->addInsert('history_user', $userid);
$q->addInsert('history_project', $history_project);
$okMsg = 'History added';
} elseif ($action == 'update') {
if (!canEdit('history')) {
$AppUI->redirect('m=public&a=access_denied');
}
$q->addTable('history');
$q->addUpdate('history_description', $history_description);
$q->addUpdate('history_project', $history_project);
$q->addWhere('history_id =' . $history_id);
$okMsg = 'History updated';
} elseif ($action == 'del') {
if (!canDelete('history')) {
$AppUI->redirect('m=public&a=access_denied');
}
$q->setDelete('history');
$q->addWhere('history_id =' . $history_id);
$okMsg = 'History deleted';
}
<?php
/* $Id: view.php 1923 2011-05-10 06:02:37Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/tags/version2.4/modules/departments/view.php $ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
global $department, $min_view;
$dept_id = (int) w2PgetParam($_GET, 'dept_id', 0);
$tab = $AppUI->processIntState('DeptVwTab', $_GET, 'tab', 0);
// check permissions
$canRead = canView($m, $dept_id);
$canEdit = canEdit($m, $dept_id);
if (!$canRead) {
$AppUI->redirect('m=public&a=access_denied');
}
$department = new CDepartment();
$department->loadFull($AppUI, $dept_id);
if (!$department) {
$AppUI->setMsg('Department');
$AppUI->setMsg('invalidID', UI_MSG_ERROR, true);
$AppUI->redirect();
} else {
$AppUI->savePlace();
}
$countries = w2PgetSysVal('GlobalCountries');
$types = w2PgetSysVal('DepartmentType');
$titleBlock = new CTitleBlock('View Department', 'departments.png', $m, $m . '.' . $a);
if ($canEdit) {
$titleBlock->addCell();
$titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new department') . '">', '', '<form action="?m=departments&a=addedit&company_id=' . $department->dept_company . '&dept_parent=' . $dept_id . '" method="post" accept-charset="utf-8">', '</form>');
}
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
if (!canEdit('Monitors')) {
$view = "error";
return;
}
$cameras = array();
$cameras[0] = translate('ChooseDetectedCamera');
if (ZM_HAS_V4L2) {
// Probe Local Cameras
//
$command = getZmuCommand(" --query --device");
if (!empty($_REQUEST['device'])) {
$command .= "=" . escapeshellarg($_REQUEST['device']);
}
$result = exec(escapeshellcmd($command), $output, $status);
if ($status) {
Fatal("Unable to probe local cameras, status is '{$status}'");
* run for example the file module/directory1/directory2/file.php
* Also it won't be possible to run modules/module/abc.zyz.class.php for that dots are
* not allowed in the request parameters.
*/
$u = $AppUI->checkFileName(w2PgetCleanParam($_GET, 'u', ''));
// load module based locale settings
@(include_once W2P_BASE_DIR . '/locales/' . $AppUI->user_locale . '/locales.php');
include_once W2P_BASE_DIR . '/locales/core.php';
setlocale(LC_TIME, $AppUI->user_lang);
$m_config = w2PgetConfig($m);
// TODO: canRead/Edit assignements should be moved into each file
// check overall module permissions
// these can be further modified by the included action files
$canAccess = canAccess($m);
$canRead = canView($m);
$canEdit = canEdit($m);
$canAuthor = canAdd($m);
$canDelete = canDelete($m);
if (!$suppressHeaders) {
// output the character set header
if (isset($locale_char_set)) {
header('Content-type: text/html;charset=' . $locale_char_set);
}
}
// include the module class file - we use file_exists instead of @ so
// that any parse errors in the file are reported, rather than errors
// further down the track.
$modclass = $AppUI->getModuleClass($m);
if (file_exists($modclass)) {
include_once $modclass;
}
/**
* Method to test whether a history record can be deleted. Note that we check whether we have edit permissions
* for the content item row.
*
* @param JTableContenthistory $record A JTable object.
*
* @return boolean True if allowed to delete the record. Defaults to the permission set in the component.
*
* @since 3.6
*/
protected function canDelete($record)
{
return canEdit($record);
}
<?php
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
// @todo remove database query
global $AppUI, $role_id, $canEdit, $canDelete, $tab;
// Get the permissions for this module
$perms =& $AppUI->acl();
$canEdit = canEdit('roles');
if (!$canEdit) {
$AppUI->redirect(ACCESS_DENIED);
}
$module_list = $perms->getModuleList();
$pgo_list = $AppUI->getPermissionableModuleList();
$count = 0;
$offset = 0;
$pgos = array();
$modules = array();
foreach ($module_list as $module) {
$modules[$module['type'] . ',' . $module['id']] = $module['name'];
if ($module['type'] = 'mod' && isset($pgo_list[$module['name']])) {
$pgos[$offset] = $pgo_list[$module['name']]['permissions_item_table'];
}
$offset++;
}
//Pull User perms
$role_acls = $perms->getRoleACLs($role_id);
if (!is_array($role_acls)) {
$role_acls = array();
// Stops foreach complaining.
$isNewUser = !$user_id;
$perms =& $AppUI->acl();
if ($del) {
} elseif ($isNewUser) {
if (!canAdd('admin')) {
$AppUI->redirect('m=public&a=access_denied');
}
if (!canAdd('users')) {
$AppUI->redirect('m=public&a=access_denied');
}
} else {
if ($user_id != $AppUI->user_id) {
if (!canEdit('admin')) {
$AppUI->redirect('m=public&a=access_denied');
}
if (!canEdit('users')) {
$AppUI->redirect('m=public&a=access_denied');
}
}
}
$obj->user_username = strtolower($obj->user_username);
// !User's contact information not deleted - left for history.
if ($del) {
$result = $obj->delete($AppUI);
$message = $result ? 'User deleted' : $obj->getError();
$path = $result ? 'm=admin' : 'm=public&a=access_denied';
$status = $result ? UI_MSG_ALERT : UI_MSG_ERROR;
$AppUI->setMsg($message, $status);
$AppUI->redirect($path);
}
$contact->contact_owner = $contact->contact_owner ? $contact->contact_owner : $AppUI->user_id;
xml_tag_val("GD", gdExists());
xml_tag_val("FVCODEC", ZM_EYEZM_FEED_VCODEC);
xml_tag_val("FVTMT", ZM_EYEZM_H264_TIMEOUT);
xml_tag_val("USER", $user['Username']);
xml_tag_val("UID", $user['Id']);
/* Permissions block */
xml_tag_sec("PERMS", 1);
xml_tag_val("STREAM", $user['Stream']);
xml_tag_val("EVENTS", $user['Events']);
xml_tag_val("CONTROL", $user['Control']);
xml_tag_val("MONITORS", $user['Monitors']);
xml_tag_val("DEVICES", $user['Devices']);
xml_tag_val("SYSTEM", $user['System']);
xml_tag_sec("PERMS", 0);
/* End permissions block */
if (canEdit('System')) {
if ($running) {
xml_tag_val("STATE", "stop");
xml_tag_val("STATE", "restart");
} else {
xml_tag_val("STATE", "start");
}
foreach ($states as $state) {
xml_tag_val("STATE", $state['Name']);
}
}
/* End general section */
xml_tag_sec("GENERAL", 0);
/* Print out the monitors section */
xml_tag_sec("MONITOR_LIST", 1);
foreach ($displayMonitors as $monitor) {
function controlPresets($monitor, $cmds)
{
global $SLANG;
define("MAX_PRESETS", "12");
$sql = "select * from ControlPresets where MonitorId = '" . $monitor['Id'] . "'";
$labels = array();
foreach (dbFetchAll($sql) as $row) {
$labels[$row['Preset']] = $row['Label'];
}
$presetBreak = (int) (($monitor['NumPresets'] + 1) / ((int) (($monitor['NumPresets'] - 1) / MAX_PRESETS) + 1));
ob_start();
?>
<div class="presetControls">
<!--<div><?php
echo $SLANG['Presets'];
?>
</div>-->
<div>
<?php
for ($i = 1; $i <= $monitor['NumPresets']; $i++) {
?>
<input type="button" class="ptzNumBtn" title="<?php
echo isset($labels[$i]) ? $labels[$i] : "";
?>
" value="<?php
echo $i;
?>
" onclick="controlCmd('<?php
echo $cmds['PresetGoto'];
echo $i;
?>
');"/><?php
if ($i && $i % $presetBreak == 0) {
?>
<br/><?php
}
}
?>
</div>
<div>
<?php
if ($monitor['HasHomePreset']) {
?>
<input type="button" class="ptzTextBtn" value="<?php
echo $SLANG['Home'];
?>
" onclick="controlCmd('<?php
echo $cmds['PresetHome'];
?>
');"/>
<?php
}
if (canEdit('Monitors') && $monitor['CanSetPresets']) {
?>
<input type="button" class="ptzTextBtn" value="<?php
echo $SLANG['Set'];
?>
" onclick="createPopup( '?view=controlpreset&mid=<?php
echo $monitor['Id'];
?>
', 'zmPreset', 'preset' );"/>
<?php
}
?>
</div>
</div>
<?php
return ob_get_clean();
}
<?php
/* $Id$ $URL$ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
// check permissions
$perms =& $AppUI->acl();
if (!canEdit('roles')) {
$AppUI->redirect('m=public&a=access_denied');
}
$del = (int) w2PgetParam($_POST, 'del', 0);
$copy_role_id = w2PgetParam($_POST, 'copy_role_id', null);
$role = new CRole();
if ($msg = $role->bind($_POST)) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
$AppUI->redirect();
}
if ($del) {
if ($role->delete()) {
$AppUI->setMsg('Role deleted', UI_MSG_ALERT);
} else {
$AppUI->setMsg('This Role could not be deleted', UI_MSG_ERROR);
}
} else {
//Reformulated the store method to return the id of the role if sucessful, because the ids are managed by phpGALC
//and therefore when we store the role, the role id is empty. So we need the id returned by phpGACL to be able to
//copy permissions from other Roles.
//If no valid id (by that I mean an integer value) is returned, then we trigger the Error Message $msg (not an integer).
if (!(int) ($msg = $role_id = $role->store())) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
echo translate('New');
?>
" onclick="newGroup()"<?php
echo canEdit('System') ? '' : ' disabled="disabled"';
?>
/>
<input type="button" name="editBtn" value="<?php
echo translate('Edit');
?>
" onclick="editGroup( this )"<?php
echo $selected && canEdit('System') ? '' : ' disabled="disabled"';
?>
/>
<input type="button" name="deleteBtn" value="<?php
echo translate('Delete');
?>
" onclick="deleteGroup( this )"<?php
echo $selected && canEdit('System') ? '' : ' disabled="disabled"';
?>
/>
<input type="button" value="<?php
echo translate('Cancel');
?>
" onclick="closeWindow();"/>
</div>
</form>
</div>
</div>
</body>
</html>
$bulk_task_allow_other_user_tasklogs = w2PgetParam($_POST, 'bulk_task_allow_other_user_tasklogs', '');
if ($bulk_task_start_date) {
$start_date = new w2p_Utilities_Date($bulk_task_start_date);
$bulk_start_date = $start_date->format(FMT_DATETIME_MYSQL);
$bulk_start_date = $AppUI->convertToSystemTZ($bulk_start_date);
}
$bulk_task_end_date = w2PgetParam($_POST, 'add_task_bulk_end_date', '');
if ($bulk_task_end_date) {
$end_date = new w2p_Utilities_Date($bulk_task_end_date);
$bulk_end_date = $end_date->format(FMT_DATETIME_MYSQL);
$bulk_end_date = $AppUI->convertToSystemTZ($bulk_end_date);
}
$bulk_move_date = (int) w2PgetParam($_POST, 'bulk_move_date', '0');
$bulk_task_percent_complete = w2PgetParam($_POST, 'bulk_task_percent_complete', '');
$perms =& $AppUI->acl();
if (!canEdit('tasks')) {
$AppUI->redirect('m=public&a=access_denied');
}
//Lets store the panels view options of the user:
$pdo = new CProjectDesignerOptions();
$pdo->pd_option_user = $AppUI->user_id;
$pdo->pd_option_view_project = w2PgetParam($_POST, 'opt_view_project', 0);
$pdo->pd_option_view_gantt = w2PgetParam($_POST, 'opt_view_gantt', 0);
$pdo->pd_option_view_tasks = w2PgetParam($_POST, 'opt_view_tasks', 0);
$pdo->pd_option_view_actions = w2PgetParam($_POST, 'opt_view_actions', 0);
$pdo->pd_option_view_addtasks = w2PgetParam($_POST, 'opt_view_addtsks', 0);
$pdo->pd_option_view_files = w2PgetParam($_POST, 'opt_view_files', 0);
$pdo->store();
if (is_array($selected) && count($selected)) {
$upd_task = new CTask();
foreach ($selected as $key => $val) {
<div class="priority-card">
<div class="priority-name"><h4>Finance Committee Members Cannot Have A Budget.</h4></div>
<hr class="not-mobile">
<div class="priority-name">Select an organization to begin budget management.</div>
</div>
</div>
<?php
} else {
?>
<div class="event-area">
<div class="priority-card">
<i title="Highest Priority" class="material-icons priority-icon">arrow_upward</i>
<div class="priority-name">Highest Priority</div>
</div>
<ul <?php
if (canEdit()) {
echo 'class="sortable-event list"';
}
?>
>
<?php
require "sidebarQueries/sidebarQuery.php";
?>
</ul>
<div class="priority-card">
<i title="Lowest Priority" class="material-icons priority-icon">arrow_downward</i>
<div class="priority-name">Lowest Priority</div>
</div>
</div>
<?php
}
echo translate('BackgroundFilter');
?>
</label><input type="checkbox" id="background" name="background" value="1"<?php
if (!empty($filterData['Background'])) {
?>
checked="checked"<?php
}
?>
/>
</p>
<div id="contentButtons">
<input type="submit" value="<?php
echo translate('Save');
?>
"<?php
if (!canEdit('Events')) {
?>
disabled="disabled"<?php
}
?>
/><input type="button" value="<?php
echo translate('Cancel');
?>
" onclick="closeWindow();"/>
</div>
</form>
</div>
</div>
</body>
</html>
<?php
/* $Id: viewmods.php 1504 2010-12-01 07:07:21Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/trunk/modules/system/viewmods.php $ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
// check permissions
$perms =& $AppUI->acl();
$canEdit = canEdit('system');
$canRead = canView('system');
if (!$canRead) {
$AppUI->redirect('m=public&a=access_denied');
}
$AppUI->savePlace();
$hidden_modules = array('public', 'install');
$q = new w2p_Database_Query();
$q->addQuery('*');
$q->addTable('modules');
foreach ($hidden_modules as $no_show) {
$q->addWhere('mod_directory <> \'' . $no_show . '\'');
}
$q->addOrder('mod_ui_order');
$modules = $q->loadList();
// get the modules actually installed on the file system
$modFiles = $AppUI->readDirs('modules');
$titleBlock = new CTitleBlock('Modules', 'power-management.png', $m, "{$m}.{$a}");
$titleBlock->addCrumb('?m=system', 'System Admin');
$titleBlock->show();
?>
<table border="0" cellpadding="2" cellspacing="1" width="100%" class="tbl">
</tr>
<?php
}
?>
</tbody>
</table>
<?php
if ($pagination) {
?>
<h3 class="pagination"><?php
echo $pagination;
?>
</h3>
<?php
}
if (true || canEdit('Events')) {
?>
<div id="contentButtons">
<input type="button" name="viewBtn" value="<?php
echo translate('View');
?>
" onclick="viewEvents( this, 'markEids' );" disabled="disabled"/>
<input type="button" name="archiveBtn" value="<?php
echo translate('Archive');
?>
" onclick="archiveEvents( this, 'markEids' )" disabled="disabled"/>
<input type="button" name="unarchiveBtn" value="<?php
echo translate('Unarchive');
?>
" onclick="unarchiveEvents( this, 'markEids' );" disabled="disabled"/>
<input type="button" name="editBtn" value="<?php
<?php
/* $Id$ $URL$ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
$AppUI->savePlace();
$obj = new CResource();
$perms =& $AppUI->acl();
$canEdit = canEdit('resources');
$titleBlock = new w2p_Theme_TitleBlock('Resources', 'resources.png', $m, $m . '.' . $a);
if ($canEdit) {
$titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new resource') . '">', '', '<form action="?m=resources&a=addedit" method="post" accept-charset="utf-8">', '</form>');
}
$titleBlock->show();
if (isset($_GET['tab'])) {
$AppUI->setState('ResourcesIdxTab', w2PgetParam($_GET, 'tab', null));
}
$resourceTab = $AppUI->getState('ResourcesIdxTab', 0);
$tabBox = new CTabBox('?m=resources', W2P_BASE_DIR . '/modules/resources/', $resourceTab);
$tabbed = $tabBox->isTabbed();
foreach ($obj->loadTypes() as $type) {
if ($type['resource_type_id'] == 0 && !$tabbed) {
continue;
}
$tabBox->add('vw_resources', $type['resource_type_name']);
}
$tabBox->show();
