Exemple #1
0
 }
 if (!nv_admin_checkip()) {
     $nv_Request->unset_request('admin,online', 'session');
     $info = 'Note: You are not signed in as admin!<br />Your IP address is incorrect!';
     $info .= '<meta http-equiv="Refresh" content="5;URL=' . NV_BASE_SITEURL . '" />';
     die($info);
 }
 if (defined('NV_ADMIN')) {
     if (!nv_admin_checkfirewall()) {
         $nv_Request->unset_request('admin,online', 'session');
         $info = 'Note: You are not signed in as admin!<br />This Firewall system does not accept your login information!';
         $info .= '<meta http-equiv="Refresh" content="5;URL=' . NV_BASE_SITEURL . '" />';
         die($info);
     }
 }
 $admin_info = nv_admin_checkdata($admin_cookie);
 if ($admin_info == array()) {
     $nv_Request->unset_request('admin,online', 'session');
     $info = 'Note: You are not signed in as admin!<br />Session Expired! Please Re-Login!';
     $info .= '<meta http-equiv="Refresh" content="5;URL=' . NV_BASE_SITEURL . '" />';
     die($info);
 }
 //Admin thoat
 if ($nv_Request->isset_request('second', 'get') and $nv_Request->get_string('second', 'get') == 'admin_logout') {
     if (defined('NV_IS_USER_FORUM')) {
         define('NV_IS_MOD_USER', true);
         require_once NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet/logout.php';
     } else {
         $nv_Request->unset_request('nvloginhash', 'cookie');
     }
     require_once NV_ROOTDIR . '/includes/core/admin_logout.php';
function cp_check_permission($nv_Request)
{
    global $db, $db_config;
    $cp_admin = $nv_Request->get_string('admin', 'session');
    $admin_info = nv_admin_checkdata($cp_admin);
    $cp_admin_id = $admin_info['admin_id'];
    $can_write = 0;
    $can_publish = 0;
    // Check if SP ADMIN
    if ($admin_info['level'] == 1) {
        $can_write = 1;
        $can_publish = 1;
    } else {
        $cp_select_users = "SELECT `userid`, `in_groups` FROM `" . $db_config['prefix'] . "_users` WHERE `userid` =" . $cp_admin_id;
        $cp_result = $db->sql_query($cp_select_users);
        list($cp_user_id, $cp_in_groups) = $db->sql_fetchrow($cp_result);
        $cp_group_array = explode(",", $cp_in_groups);
        foreach ($cp_group_array as $cp_group_id) {
            $cp_select_permission = "SELECT `can_write`, `can_publish` FROM `cp_permissions` WHERE `gid` =" . $cp_group_id;
            $cp_results = $db->sql_query($cp_select_permission);
            list($out_can_write, $out_can_publish) = $db->sql_fetchrow($cp_results);
            $can_write |= $out_can_write;
            $can_publish |= $out_can_publish;
        }
    }
    // update session
    $cp_permissions = array();
    $cp_permissions['can_write'] = $can_write;
    $cp_permissions['can_publish'] = $can_publish;
    $nv_Request->set_Session('cp_permission', serialize($cp_permissions));
}