/**
* Create a backend confirmation link.
*
* @param string $title The link title.
* @param array|string $url The url to link to.
* @param array $options Options passed to the html link helper method.
* @param bool $displayLinkTextIfUnauthorized Whether to display the link title if the user is
* not authorized to access the link.
* @return string
*/
public function protectedConfirmationLink($title, $url, $options, $displayLinkTextIfUnauthorized = false)
{
if (!isset($options['confirm-message'])) {
user_error('\'confirm-message\' option is not set on protectedConfirmationLink.');
$options['confirm-message'] = '';
}
if (!isset($options['confirm-title'])) {
user_error('\'confirm-title\' option is not set on protectedConfirmationLink.');
$options['confirm-title'] = '';
}
$url = $this->_getUrl($url);
if (!guardian()->hasAccess($url)) {
if ($displayLinkTextIfUnauthorized) {
return $title;
}
return '';
}
$linkOptions = ['data-modal-header' => $options['confirm-title'], 'data-modal-body' => '<p>' . $options['confirm-message'] . '</p>', 'data-method' => 'post', 'data-toggle' => 'confirm'];
unset($options['confirm-title'], $options['confirm-message']);
if (isset($options['ajax']) && $options['ajax'] === true) {
$linkOptions['data-modal-ajax'] = 1;
unset($options['ajax']);
if (isset($options['notify'])) {
$linkOptions['data-modal-notify'] = $options['notify'];
unset($options['notify']);
}
if (isset($options['event'])) {
$linkOptions['data-modal-event'] = $options['event'];
unset($options['event']);
}
}
if (isset($options['void']) && $options['void'] === true) {
$linkOptions['data-modal-action'] = Router::url($url);
$url = 'javascript:void(0)';
}
$linkOptions = Hash::merge($linkOptions, $options);
return $this->link($title, $url, $linkOptions);
}
/**
* Create a new GroupPermission entity for the provided $groupId, $path and $allowed setting.
*
* @param int $groupId The group id
* @param string $path The plugin controller action path.
* @param bool|int $allowed The access level.
* @return GroupPermission
*/
public function newEntityFor($groupId, $path, $allowed)
{
if (empty($this->_actionMap)) {
$this->_actionMap = guardian()->getActionMap();
}
return $this->newEntity(['group_id' => $groupId, 'path' => $path, 'allowed' => $allowed, 'plugin' => $this->_actionMap[$path]['plugin'], 'controller' => $this->_actionMap[$path]['controller'], 'action' => $this->_actionMap[$path]['action']]);
}
/**
* Returns the access level of the user for the given plugin controller action path.
*
* @param array $url The url to get the access level for.
* @return int|bool
*/
public function getAccessLevel($url = null)
{
if ($url === null) {
$url = Wasabi::getCurrentUrlArray();
}
$path = guardian()->getPathFromUrl($url);
if (!array_key_exists($path, $this->permissions)) {
return 0;
}
return $this->permissions[$path];
}
<?php
$base_url = 'http://' . $_SERVER['SERVER_NAME'] . dirname($_SERVER['REQUEST_URI']) . '/';
$_SERVER['REQUEST_METHOD'] != 'POST' && header("Location: {$base_url}") && exit;
$image = make_poster('../template/1.png', upload_guardian(), guardian());
$path = 'posters/' . md5(uniqid(mt_rand(), true)) . '.png';
!($fh = fopen($path, 'w')) && die('>.^');
fwrite($fh, $image) === FALSE && die('>.^');
fclose($fh);
/* response by accpeted type */
if (strstr($_SERVER['HTTP_ACCEPT'], 'json') || strstr($_SERVER['HTTP_ACCEPT'], 'javascript')) {
echo json_encode(array('path' => $path));
} else {
echo <<<SUCCESS
<html>
<head>
\t<script type="text/javascript">
\t\twindow.top.window.submit_ok('{$path}')
\t</script>
</head>
<body>
\t<img src="{$path}" alt="The Poster." title="Right-click to save." />
</body>
</html>
SUCCESS;
}
/* end */
function upload_guardian()
{
$path = 'images/unknown.png';
$file = $_FILES['picture'];
