/**
  * Display Solr results.
  */
 public function indexAction()
 {
     // Get pagination settings.
     $limit = get_option('per_page_public');
     $page = $this->_request->page ? $this->_request->page : 1;
     $start = ($page - 1) * $limit;
     // determine whether to display private items or not
     // items will only be displayed if:
     // solr_search_display_private_items has been enabled in the Solr Search admin panel
     // user is logged in
     // user_role has sufficient permissions
     $user = current_user();
     if (get_option('solr_search_display_private_items') && $user && is_allowed('Items', 'showNotPublic')) {
         // limit to public items
         $limitToPublicItems = false;
     } else {
         $limitToPublicItems = true;
     }
     // Execute the query.
     $results = $this->_search($start, $limit, $limitToPublicItems);
     // Set the pagination.
     Zend_Registry::set('pagination', array('page' => $page, 'total_results' => $results->response->numFound, 'per_page' => $limit));
     // Push results to the view.
     $this->view->results = $results;
 }
Exemple #2
0
/**
 * Get current Username .
 *
 */
function current_username()
{
    $user = current_user();
    if (isset($user->id)) {
        return isset($user->name) ? $user->name : $user->email;
    }
}
 /**
  * Saves a survey result to the database.
  * If the survey result is not saved yet, its srid will be added to the 
  * survey_result_entity.
  * @param Survey_result_entity (by reference)
  * 
  * @return boolean
  *   Whether or not the save was successful.
  */
 public function save(Survey_result_entity &$entity)
 {
     // To ensure date consistency.
     $date = Mongo_db::date();
     // Set update date:
     $entity->updated = $date;
     if ($entity->author === NULL) {
         $entity->author = current_user()->uid;
     }
     $prepared_data = array();
     foreach ($entity as $field_name => $field_value) {
         $prepared_data[$field_name] = $field_value;
     }
     if ($entity->is_new()) {
         // Add new properties.
         $entity->srid = increment_counter(self::COUNTER_COLLECTION);
         $entity->created = clone $date;
         // Add properties to prepared_data.
         $prepared_data['srid'] = $entity->srid;
         $prepared_data['created'] = $entity->created;
         $result = $this->mongo_db->insert(self::COLLECTION, $prepared_data);
         return $result !== FALSE ? TRUE : FALSE;
     } else {
         $result = $this->mongo_db->set($prepared_data)->where('srid', $entity->srid)->update(self::COLLECTION);
         return $result !== FALSE ? TRUE : FALSE;
     }
 }
Exemple #4
0
/**
 * Buttons to edit, delete post
 * 
 * @param type $post
 * @return type 
 */
function post_control($post)
{
    if (!user_signed_in()) {
        return;
    }
    $user = current_user();
    if ($user['banned']) {
        return;
    }
    $type = array_search($post['type'], blog_types());
    // now we have got 'news' key
    if (user_is('admin') or $user['id'] == $post['user_id']) {
        ?>
        <span class="post-control">
            <a href="<?php 
        echo site_url('post/form/' . $post['id']);
        ?>
"  title="Редактировать"><i class="icon-pencil"></i></a>
            <a href="#" class="delete" id="destroy-<?php 
        echo $post['id'];
        ?>
" title="Удалить"><i class="icon-trash"></i></a>
        </span>
        <?php 
    }
}
Exemple #5
0
function comment_form($post_id)
{
    if (!user_signed_in()) {
        ?>
        <p>
            Извините, комментарии могут оставлять только <a href="<?php 
        echo site_url('user/register');
        ?>
">зарегистрированные</a> пользователи.<br/>
            Если вы помните свой логин и пароль, то вы можете <a href="<?php 
        echo site_url('user/login');
        ?>
">войти здесь</a>
        </p>
        <?php 
        return;
    }
    $user = current_user();
    ?>
    <a name="comment_form"></a>
    <form method="POST" action="<?php 
    echo site_url('post/comment/' . $post_id);
    ?>
" onSubmit="return AC.comment.on_submit()">
        <input type="hidden" name="post_id" id="post_id" value="<?php 
    echo form_prep($post_id);
    ?>
"/>
        <input type="hidden" name="parent_id" id="parent_id" value="0" />
        <textarea name="text" id="text" style="width:90%;height:195px"></textarea><br/>
        <input type="submit" value="Написать" class="btn btn-success" />
    </form>
    <?php 
}
Exemple #6
0
function require_login(){
	if(!current_user()){
		$_SESSION['redirect_to'] = $_SESSION["REQUEST_URI"];
		header("Location: login.php?login_required=1");
		exit("you must log in.");
	}
}
Exemple #7
0
 public function setIsHeld($hold)
 {
     # Hack because the data comes in as a string:
     if ($hold === "false") {
         $hold = false;
     }
     $user = current_user();
     # Only the original poster can hold or unhold a post.
     if (!$user || !$user->has_permission($this)) {
         return;
     }
     if ($hold) {
         # A post can only be held within one minute of posting (except by a moderator);
         # this is intended to be used on initial posting, before it shows up in the index.
         if ($this->created_at && strtotime($this->created_at) < strtotime('-1 minute')) {
             return;
         }
     }
     $was_held = $this->is_held;
     $this->attributes['is_held'] = $hold;
     # When a post is unheld, bump it.
     if ($was_held && !$hold) {
         $this->touch_index_timestamp();
     }
     return $hold;
 }
Exemple #8
0
 /**
  * Initializer.
  *
  * @access   public
  * @return BaseController
  */
 public function __construct()
 {
     $is_admin = Request::is('admin*');
     $is_backend = Request::is('backend*');
     /* Set middleware(s) based on route URLs */
     if ($is_admin || $is_backend) {
         $this->middleware('auth');
         if ($is_backend) {
             // Backend specific middleware
             $this->middleware('auth.backend');
         }
         $this->middleware('auth.permissions');
         if (!Request::is('*users/change-password')) {
             // No validation for stale password if password is being changed
             $this->middleware('auth.pw_6_months');
         }
     }
     list($this->link_type, $this->link, $this->layout, $this->current_theme) = current_section();
     View::share('link_type', $this->link_type);
     View::share('current_theme', $this->current_theme);
     $website_settings = Setting::lists('value', 'name')->all();
     View::share('website_settings', $website_settings);
     $locale = Setting::value('language');
     App::setLocale($locale);
     Lang::setLocale($locale);
     $this->user = current_user();
     View::share('current_user', $this->user);
     View::share('current_user_companies', current_user_companies());
 }
 /**
  * Add authorization check before calling any action
  *
  * @return
  *   a HTTP status code. This method add only authorization checks
  *   so it can return No2_HTTP::UNAUTHORIZED, No2_HTTP::FORBIDDEN or
  *   No2_HTTP::OK.
  */
 protected function before_filter()
 {
     // csrf check
     $csrf_methods = ['POST', 'PUT', 'PATCH', 'DELETE'];
     if ($this->check_csrf() && in_array($this->http_method, $csrf_methods)) {
         $req_http_headers = array_change_key_case(getallheaders(), CASE_LOWER);
         if (array_key_exists('x-csrf-token', $req_http_headers)) {
             $token = $req_http_headers['x-csrf-token'];
         } else {
             if (array_key_exists('_csrf', $_REQUEST)) {
                 $token = $_REQUEST['_csrf'];
             } else {
                 $token = "";
             }
         }
         if (!csrf_token_check($token)) {
             No2_Logger::warn(sprintf('bad CSRF token: expected [%s] but got [%s]', csrf_token(), $token));
             return No2_HTTP::BAD_REQUEST;
         }
     }
     // authorization check
     if (!$this->authorize(current_user(), $this->action)) {
         return current_user()->is_anonymous() ? No2_HTTP::UNAUTHORIZED : No2_HTTP::FORBIDDEN;
     }
     return parent::before_filter();
 }
 public function handle($request, Closure $next)
 {
     if (current_user()) {
         return redirect()->to(current_user()->getHomeUrl());
     }
     return $next($request);
 }
Exemple #11
0
 public function register()
 {
     Menu::macro('back', function () {
         return Menu::new()->setActiveClass('-active')->setActiveFromRequest('/blender');
     });
     Menu::macro('moduleGroup', function ($title) {
         return Menu::back()->addParentClass('menu__group')->setParentAttribute('data-menu-group', fragment("back.nav.{$title}"))->registerFilter(function (Link $link) {
             $link->addParentClass('menu__group__item');
         });
     });
     Menu::macro('module', function (string $action, string $name) {
         return $this->action("Back\\{$action}", fragment("back.{$name}"));
     });
     Menu::macro('backMain', function () {
         return Menu::back()->addClass('menu__groups')->setAttribute('data-menu-groups')->add(Menu::moduleGroup('content')->module('ArticlesController@index', 'articles.title')->module('NewsController@index', 'news.title')->module('PeopleController@index', 'people.title'))->add(Menu::moduleGroup('modules')->module('FragmentsController@index', 'fragments.title')->module('FormResponsesController@showDownloadButton', 'formResponses.title')->module('TagsController@index', 'tags.title'))->add(Menu::moduleGroup('users')->module('MembersController@index', 'members.title')->module('AdministratorsController@index', 'administrators.title'))->add(Menu::moduleGroup('system')->module('ActivitylogController@index', 'log.title')->module('RedirectsController@index', 'redirects.title')->module('StatisticsController@index', 'statistics.menuTitle'));
     });
     Menu::macro('backUser', function () {
         $avatar = Html::avatar(current_user(), '-small') . el('span.:response-desktop-only', current_user()->email);
         return Menu::new()->action('Back\\AdministratorsController@edit', $avatar, [current_user()->id])->html(view('back.auth._partials.logoutForm'));
     });
     Menu::macro('breadcrumbs', function (array $breadcrumbs) {
         return Menu::build($breadcrumbs, function (Menu $menu, $actionWithParameters, $label) {
             if (!is_array($actionWithParameters)) {
                 $actionWithParameters = [$actionWithParameters];
             }
             $action = array_shift($actionWithParameters);
             return $menu->action($action, $label, $actionWithParameters);
         })->addClass('breadcrumb')->setActiveFromRequest('/blender');
     });
 }
 public function getRepresentation(Omeka_Record_AbstractRecord $comment)
 {
     $user = current_user();
     if ($user->role == 'admin' || $user->role == 'super') {
         $allowAll = true;
     } else {
         $allowAll = false;
     }
     $representation = array('id' => $comment->id, 'url' => self::getResourceUrl("/comments/{$comment->id}"), 'record_id' => $comment->record_id, 'record_type' => $comment->record_type, 'path' => $comment->path, 'added' => self::getDate($comment->added), 'body' => $comment->body, 'author_name' => $comment->author_name, 'author_url' => $comment->author_url, 'approved' => (bool) $comment->approved);
     if ($allowAll) {
         $representation['ip'] = $comment->ip;
         $representation['user_agent'] = $comment->user_agent;
         $representation['flagged'] = $comment->flagged;
         $representation['is_spam'] = $comment->is_spam;
     }
     if ($comment->parent_comment_id) {
         $representation['parent_comment'] = array('id' => $comment->parent_comment_id, 'resource' => 'comments', 'url' => self::getResourceUrl("/comments/{$comment->parent_comment_id}"));
     } else {
         $representation['parent_comment'] = null;
     }
     $typeResource = Inflector::tableize($comment->record_type);
     $representation['record_url'] = array('id' => $comment->record_id, 'resource' => $typeResource, 'url' => self::getResourceUrl("/{$typeResource}/{$comment->record_id}"));
     if ($comment->user_id) {
         $representation['user'] = array('id' => $comment->user_id, 'url' => self::getResourceUrl("/users/{$comment->user_id}"));
     } else {
         $representation['user'] = null;
     }
     if ($user && is_allowed('Commenting_Comment', 'update-approved')) {
         $representation['author_email'] = $comment->author_email;
     }
     return $representation;
 }
Exemple #13
0
 public function todo()
 {
     if (!is_login()) {
         return redirect(site_url('login?url=' . site_url('cart')));
     }
     // 如果购物车为空则返回出错提示
     $cart_items = $this->cart->contents();
     if (empty($cart_items)) {
         return redirect(site_url('cart'));
     }
     // 添加订单
     $order = array('user_id' => current_user()->id, 'subject' => '', 'status' => 0, 'total' => $this->cart->total());
     // 添加订单详情
     $order_subject = array();
     $order_details = array();
     foreach ($this->cart->contents() as $items) {
         $order_subject[] = $items['name'];
         $detail = array('user_id' => current_user()->id, 'price' => $items['price'], 'quantity' => $items['qty'], 'name' => $items['name'], 'goods_type' => $items['goods_type'], 'goods_id' => $items['goods_id'], 'url' => $items['url']);
         $order_details[] = $detail;
     }
     $order['subject'] = join(' / ', $order_subject);
     $this->load->model('Order_model', 'order');
     $order_obj = $this->order->create($order, $order_details);
     // 清除购物车
     $this->cart->destroy();
     // 到支付宝支付,应该还有一个确认订单的过程
     $this->load->model('alipay_model', 'alipay');
     header("content-Type: text/html; charset=Utf-8");
     $alipay_form = array('order_id' => $order_obj->id, 'subject' => $order_obj->subject, 'body' => '', 'show_url' => site_url('orders/' . $order_obj->id), 'price' => $order_obj->total);
     echo $this->alipay->build_form($alipay_form);
     // 还应该配置收货地址等,这样用户不用在支付宝去做这个事情了(用户支付宝就用地址?)
 }
 /**
  * Handle an incoming request.
  * Check whether the user has backend access or not
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (!current_user()->hasAccess('backend')) {
         return Redirect::to('admin');
     }
     return $next($request);
 }
 public function addAction()
 {
     //require CORRECTIONS_DIR . '/forms/Correction.php';
     $this->view->addHelperPath(CORRECTIONS_DIR . '/helpers', 'Corrections_View_Helper_');
     $itemId = $this->getParam('item_id');
     $item = $this->_helper->db->getTable('Item')->find($itemId);
     $this->view->item = $item;
     $elements = $this->getElements();
     $this->view->elements = $elements;
     $user = current_user();
     if (!$user) {
         $captcha = Omeka_Captcha::getCaptcha();
         $this->captcha = $captcha;
         $this->view->captchaScript = $captcha->render(new Zend_View());
     }
     if ($this->getRequest()->isPost()) {
         if ($user || $this->captcha->isValid(null, $_POST)) {
             $this->_helper->flashMessenger(__("Thank you for the correction. It is under review."), 'success');
             parent::addAction();
         } else {
             $this->_helper->flashMessenger(__('Your CAPTCHA submission was invalid, please try again.'), 'error');
             $this->view->corrections_correction = new CorrectionsCorrection();
         }
     } else {
         parent::addAction();
     }
 }
 function hookAdminItemsShow($args)
 {
     $item = $args['item'];
     if (!get_option('audio_recorder_item_show')) {
         return;
     }
     $user = current_user();
     $role = is_object($user) ? $user->role : false;
     switch (get_option('audio_recorder_role')) {
         case 'admins':
             if ($role !== 'admin' && $role !== 'super') {
                 return;
             }
             break;
         case 'guests':
         case 'public':
             return;
             break;
         case 'editors':
             if (!get_acl()->isAllowed($user, 'edit', $item)) {
                 return;
             }
             break;
     }
     $this->showWidget($item);
 }
 /**
  * Helper function to change logged in user.
  */
 public function _change_user($uid)
 {
     // Change user.
     self::$CI->session->set_userdata(array('user_uid' => $uid));
     // Force user reloading.
     current_user(TRUE);
 }
 public function statusAction()
 {
     //get user exports
     $user_id = current_user()->id;
     $exports = $this->getTable('Spreadsheet')->findSpreadsheetsByUserId($user_id);
     $this->view->exports = $exports;
 }
Exemple #19
0
 /**
  * Determine if a user has permission to perform some action.
  *
  * @param array|string $permissions Comma or pipe separated list of permission handles,
  *                                  or an array of handles.
  * @param object       $model       [Optional]
  * @param string       $column      [Optional]
  *
  * @return bool
  * @throws IncorrectParameterType
  */
 function current_user_can($permissions, $model = null, $column = null)
 {
     if (!is_logged_in()) {
         return false;
     }
     return current_user()->can($permissions, $model, $column);
 }
Exemple #20
0
 /**
  * Render an exception into an HTTP response.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Exception  $e
  * @return \Illuminate\Http\Response
  */
 public function render($request, Exception $exception)
 {
     if ($exception && method_exists($exception, 'getStatusCode')) {
         $code = $exception->getStatusCode();
     } else {
         $code = 500;
     }
     if (App::environment() != 'local') {
         list($link_type, $link, $layout, $theme) = current_section();
         View::share('current_theme', $theme);
         $current_user = current_user();
         if ($exception instanceof Illuminate\Database\Eloquent\ModelNotFoundException) {
             return response(view("{$link_type}.{$theme}.404", array('title' => 'Page Not Found', 'current_user' => $current_user), array(404)));
         }
         switch ($code) {
             case 401:
                 return response(view("{$link_type}.{$theme}.401", array('title' => 'Unauthorized access', 'current_user' => $current_user), array(401)));
                 break;
             case 404:
                 return response(view("{$link_type}.{$theme}.404", array('title' => 'Page Not Found', 'current_user' => $current_user), array(404)));
                 break;
             case 503:
                 return response(view('503', array('title' => 'Site Offline', 'link_type' => $link_type, 'current_user' => $current_user), array(503)));
                 break;
             default:
                 return response(view("{$link_type}.{$theme}.500", array('title' => 'Error', 'current_user' => $current_user), array($code)));
                 break;
         }
     }
     return parent::render($request, $exception);
 }
Exemple #21
0
 /**
  * Update unique token
  *
  * @access	private
  */
 private function _csrf_refresh()
 {
     // Only refresh if it was posted
     if (!($sent = $this->input->get_post('act_s'))) {
         $this->load->helper('cookie');
         // Work out transaction signature for this uri
         $random = ']rnu<^hdgg%y|\\T$w?lva$~U3+hM0Jp{HOr!<,qSdxM-!fEE07q_IwRO"B1=5.~';
         $csrf_token = md5($_SERVER['PATH_INFO'] . $this->input->user_agent() . $random . $this->input->ip_address());
         // Store relevant data
         set_cookie('act_s', $csrf_token, 2 * 60 * 60);
         $this->session->set_userdata('token_time', $this->config->item('request_time'));
     } else {
         // Keep the current one
         $csrf_token = $this->input->cookie('act_s');
     }
     // Set response data
     $this->javascript->set_constant('act_s', $csrf_token);
     $this->javascript->add_response('act_s', $csrf_token);
     // Add user information
     if ($this->access->logged_in()) {
         $user_js = current_user('js');
         $this->javascript->set_constant('user', $user_js['user']);
         $this->javascript->set_constant('interface', $user_js['interface']);
     }
 }
Exemple #22
0
 public function mark_as_read()
 {
     $this->updateAttribute('has_seen', true);
     if (!Dmail::where("to_id = ? AND has_seen = false", current_user()->id)->exists()) {
         current_user()->updateAttribute('has_mail', false);
     }
 }
Exemple #23
0
 public function construct()
 {
     $this->user_id = current_user()->id;
     $this->file_name = "OmekaExport" . time() . ".xls";
     $this->status = SPREADSHEET_STATUS_INIT;
     $this->added = date('Y-m-d H:i:s');
 }
Exemple #24
0
function user_is($role)
{
    if (!user_signed_in()) {
        return FALSE;
    }
    $user = current_user();
    return strtolower($user['role']) == strtolower($role) ? TRUE : FALSE;
}
Exemple #25
0
function require_login_json(&$app)
{
    if ($user = current_user()) {
        return $user;
    }
    json_response($app, array('error' => 'not_logged_in'));
    return false;
}
Exemple #26
0
 function get($criteria = null)
 {
     $user = current_user();
     $projects = new Project();
     $activity = new Activity();
     $this->projects = $projects->get();
     $this->activity = $activity->get();
 }
Exemple #27
0
 /**
  * Check if the users password was changed within last 6 months or not
  * If not ask to change the password, before the user can log in
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $last_pw_changed = new Carbon(current_user()->last_pw_changed);
     if (Carbon::now()->diffInDays(current_user()->created_at) >= 180 && Carbon::now()->diffInDays($last_pw_changed) > 180) {
         return Redirect::to(Request::segment(1) . '/users/change-password')->with('error_message', trans('users.pw_change_6_months'));
     }
     return $next($request);
 }
Exemple #28
0
function require_login()
{
    if (current_user()) {
        // redirect to login
    } else {
        return true;
    }
}
Exemple #29
0
 /**
  * Check if the users password was changed within last 6 months or not
  * If not ask to change the password, before the user can log in
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $last_pw_changed = new Carbon(current_user()->last_pw_changed);
     if (Carbon::now()->diffInDays(current_user()->created_at) >= 180 && Carbon::now()->diffInDays($last_pw_changed) > 180) {
         return Redirect::to(Request::segment(1) . '/users/change-password')->with('error_message', 'It has been more than 6 months since you last changed your password. You need to change it before you can log in.');
     }
     return $next($request);
 }
Exemple #30
0
 function modify_sql_for_user_type($sql, $type = null)
 {
     $current_user = current_user();
     if (!$current_user->is('admin')) {
         $sql .= " AND {$type}.client_id = {$current_user->client_id}";
     }
     return $sql;
 }