Permission::noAccess, PHP Exemples de code

Exemple #1

0

Afficher le fichier

Fichier : permission.class.php Projet : nahakiole/cloudrexx

 /**
  * Check access
  *
  * Check if the user has the required access id
  *
  * @access public
  * @param integer $accessId
  * @param string $type
  * @return boolean
  */
 public static function checkAccess($accessId, $type, $return = false)
 {
     if ($accessId === 0 && $type == 'static') {
         return true;
     }
     $objFWUser = FWUser::getFWUserObject();
     if ($objFWUser->objUser->login() && ($objFWUser->objUser->getAdminStatus() || $type == 'static' && in_array($accessId, $objFWUser->objUser->getStaticPermissionIds()) || $type == 'dynamic' && in_array($accessId, $objFWUser->objUser->getDynamicPermissionIds()))) {
         return true;
     }
     if ($return) {
         return false;
     }
     Permission::noAccess();
 }

Exemple #2

0

Afficher le fichier

Fichier : SystemComponentBackendController.class.php Projet : nahakiole/cloudrexx

 /**
  * Check and modify the cmd based on the permission
  * 
  * @param array $cmd
  * @param array $currentCommands
  */
 protected function checkAndModifyCmdByPermission(&$cmd, $currentCommands)
 {
     $command = array();
     $keys = array_keys($currentCommands);
     $cmd[1] = !isset($cmd[1]) ? '' : $cmd[1];
     foreach ($cmd as $cmdKey => $cmdValue) {
         $command[$cmdKey] = $cmdValue;
         while (!$this->hasAccessToCommand($command)) {
             $pos = array_search($cmdValue, $keys);
             if (!isset($keys[$pos + 1])) {
                 \Permission::noAccess();
                 exit;
             }
             $cmdValue = $command[$cmdKey] = $keys[$pos + 1];
         }
         $keys = isset($currentCommands[$cmdValue]['children']) ? array_keys($currentCommands[$cmdValue]['children']) : '';
     }
     $cmd = $command;
 }

Exemple #3

0

Afficher le fichier

Fichier : MediaManager.class.php Projet : hbdsklf/LimeCMS

 /**
  * PHP5 constructor
  * @param  string  $objTemplate
  * @param  array   $_ARRAYLANG
  * @access public
  */
 function __construct()
 {
     global $_ARRAYLANG, $_FTPCONFIG, $objTemplate, $objDatabase;
     // sigma template
     $this->_objTpl = new \Cx\Core\Html\Sigma(ASCMS_CORE_MODULE_PATH . '/Media/View/Template/Backend');
     \Cx\Core\Csrf\Controller\Csrf::add_placeholder($this->_objTpl);
     $this->_objTpl->setErrorHandling(PEAR_ERROR_DIE);
     $this->arrPaths = array(ASCMS_MEDIA1_PATH . DIRECTORY_SEPARATOR, ASCMS_MEDIA2_PATH . DIRECTORY_SEPARATOR, ASCMS_MEDIA3_PATH . DIRECTORY_SEPARATOR, ASCMS_MEDIA4_PATH . DIRECTORY_SEPARATOR, ASCMS_FILESHARING_PATH . DIRECTORY_SEPARATOR, ASCMS_CONTENT_IMAGE_PATH . DIRECTORY_SEPARATOR, ASCMS_SHOP_IMAGES_PATH . DIRECTORY_SEPARATOR, ASCMS_THEMES_PATH . DIRECTORY_SEPARATOR, ASCMS_ATTACH_PATH . DIRECTORY_SEPARATOR, ASCMS_ACCESS_PATH . DIRECTORY_SEPARATOR, ASCMS_BLOG_IMAGES_PATH . DIRECTORY_SEPARATOR, ASCMS_CALENDAR_IMAGE_PATH . DIRECTORY_SEPARATOR, ASCMS_DOWNLOADS_IMAGES_PATH . DIRECTORY_SEPARATOR, ASCMS_GALLERY_PATH . DIRECTORY_SEPARATOR, ASCMS_MEDIADIR_IMAGES_PATH . DIRECTORY_SEPARATOR, ASCMS_PODCAST_IMAGES_PATH . DIRECTORY_SEPARATOR);
     $this->arrWebPaths = array('archive1' => ASCMS_MEDIA1_WEB_PATH . '/', 'archive2' => ASCMS_MEDIA2_WEB_PATH . '/', 'archive3' => ASCMS_MEDIA3_WEB_PATH . '/', 'archive4' => ASCMS_MEDIA4_WEB_PATH . '/', 'FileSharing' => ASCMS_FILESHARING_WEB_PATH . '/', 'content' => ASCMS_CONTENT_IMAGE_WEB_PATH . '/', 'Contact' => ASCMS_ATTACH_WEB_PATH . '/', 'Shop' => ASCMS_SHOP_IMAGES_WEB_PATH . '/', 'themes' => ASCMS_THEMES_WEB_PATH . '/', 'attach' => ASCMS_ATTACH_WEB_PATH . '/', 'Access' => ASCMS_ACCESS_WEB_PATH . '/', 'Blog' => ASCMS_BLOG_IMAGES_WEB_PATH . '/', 'Calendar' => ASCMS_CALENDAR_IMAGE_WEB_PATH . '/', 'Downloads' => ASCMS_DOWNLOADS_IMAGES_WEB_PATH . '/', 'Gallery' => ASCMS_GALLERY_WEB_PATH . '/', 'MediaDir' => ASCMS_MEDIADIR_IMAGES_WEB_PATH . '/', 'Podcast' => ASCMS_PODCAST_IMAGES_WEB_PATH . '/');
     $moduleMatchTable = array('archive1' => 'Media1', 'archive2' => 'Media2', 'archive3' => 'Media3', 'archive4' => 'Media4', 'content' => 'core', 'themes' => 'core', 'attach' => 'core');
     $license = \Cx\Core_Modules\License\License::getCached($_CONFIG, $objDatabase);
     $license->check();
     foreach ($this->arrWebPaths as $module => $path) {
         $moduleName = $module;
         if (isset($moduleMatchTable[$module])) {
             $moduleName = $moduleMatchTable[$module];
         }
         if (!$license->isInLegalComponents($moduleName)) {
             \DBG::msg('Module "' . $module . '" is deactivated');
             unset($this->arrWebPaths[$module]);
         }
     }
     if (empty($this->arrWebPaths)) {
         \Permission::noAccess();
     }
     if (isset($_REQUEST['archive']) && array_key_exists($_REQUEST['archive'], $this->arrWebPaths)) {
         $this->archive = $_REQUEST['archive'];
     } else {
         $this->archive = 'content';
     }
     // get variables
     $this->getAct = isset($_POST['deleteMedia']) && $_POST['deleteMedia'] ? 'delete' : (!empty($_GET['act']) ? trim($_GET['act']) : '');
     $this->getPath = isset($_GET['path']) ? \Cx\Lib\FileSystem\FileSystem::sanitizePath($_GET['path']) : false;
     if ($this->getPath === false) {
         $this->getPath = $this->arrWebPaths[$this->archive];
     }
     $this->getFile = isset($_REQUEST['file']) ? \Cx\Lib\FileSystem\FileSystem::sanitizeFile($_REQUEST['file']) : false;
     if ($this->getFile === false) {
         $this->getFile = '';
     }
     $this->getData = !empty($_GET['data']) ? $_GET['data'] : '';
     $this->sortBy = !empty($_GET['sort']) ? trim($_GET['sort']) : 'name';
     $this->sortDesc = !empty($_GET['sort_desc']);
     $this->shopEnabled = $this->checkModule('Shop');
     if ($this->archive == 'themes') {
         $_SESSION["skins"] = true;
     } else {
         $_SESSION["skins"] = false;
     }
     switch ($this->archive) {
         case 'themes':
             \Permission::checkAccess(21, 'static');
             $objTemplate->setVariable("CONTENT_NAVIGATION", "<a href='index.php?cmd=Media&amp;archive=content'>" . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . "</a>\n                    <a href='index.php?cmd=Media&amp;archive=attach'>" . $_ARRAYLANG['TXT_MODULE'] . "</a>\n                    <a href='index.php?cmd=Media&amp;archive=themes' class='active'>" . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . "</a>");
             break;
         case 'content':
             \Permission::checkAccess(32, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=content" class="active">' . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=attach">' . $_ARRAYLANG['TXT_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=themes">' . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . '</a>');
             break;
         case 'Contact':
             \Permission::checkAccess(84, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Contact" title="' . $_ARRAYLANG['TXT_CONTACT_CONTACT_FORMS'] . '">' . $_ARRAYLANG['TXT_FORMS'] . '</a>
                 <a hreF="index.php?cmd=Media&amp;archive=Contact" title="' . $_ARRAYLANG['TXT_FILE_UPLOADS'] . '" class="active">' . $_ARRAYLANG['TXT_FILE_UPLOADS'] . '</a>
                 <a href="index.php?cmd=Contact&amp;act=settings" title="' . $_ARRAYLANG['TXT_CONTACT_SETTINGS'] . '">' . $_ARRAYLANG['TXT_CONTACT_SETTINGS'] . '</a>
             ');
             break;
         case 'FileSharing':
             \Permission::checkAccess(8, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=FileSharing"' . (!isset($_GET['act']) || $_GET['act'] == 'filesharing' ? ' class="active"' : '') . '>' . $_ARRAYLANG['TXT_FILESHARING_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=FileSharing&amp;act=settings"' . (isset($_GET['act']) && $_GET['act'] == 'settings' ? ' class="active"' : '') . '>' . $_ARRAYLANG['TXT_MEDIA_SETTINGS'] . '</a>
             ');
             break;
         case 'attach':
             \Permission::checkAccess(84, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=content">' . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=attach" class="active">' . $_ARRAYLANG['TXT_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=themes">' . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . '</a>
             ');
             break;
         case 'Access':
             \Permission::checkAccess(18, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=content">' . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=attach" class="active">' . $_ARRAYLANG['TXT_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=themes">' . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . '</a>    
             ');
             break;
         case 'Blog':
             \Permission::checkAccess(119, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=content">' . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=attach" class="active">' . $_ARRAYLANG['TXT_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=themes">' . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . '</a>
             ');
             break;
         case 'Calendar':
             \Permission::checkAccess(16, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=content">' . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=attach" class="active">' . $_ARRAYLANG['TXT_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=themes">' . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . '</a>
             ');
             break;
         case 'Downloads':
             \Permission::checkAccess(141, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=content">' . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=attach" class="active">' . $_ARRAYLANG['TXT_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=themes">' . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . '</a>
             ');
             break;
         case 'Gallery':
             \Permission::checkAccess(12, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=content">' . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=attach" class="active">' . $_ARRAYLANG['TXT_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=themes">' . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . '</a>
             ');
             break;
         case 'MediaDir':
             \Permission::checkAccess(153, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=content">' . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=attach" class="active">' . $_ARRAYLANG['TXT_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=themes">' . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . '</a>
             ');
             break;
         case 'Podcast':
             \Permission::checkAccess(87, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=content">' . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=attach" class="active">' . $_ARRAYLANG['TXT_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=themes">' . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . '</a>
             ');
             break;
         case 'Shop':
             \Permission::checkAccess(13, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=content">' . $_ARRAYLANG['TXT_IMAGE_CONTENT'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=attach" class="active">' . $_ARRAYLANG['TXT_MODULE'] . '</a>
                 <a href="index.php?cmd=Media&amp;archive=themes">' . $_ARRAYLANG['TXT_MEDIA_LAYOUT'] . '</a>
             ');
             break;
         default:
             \Permission::checkAccess(7, 'static');
             $objTemplate->setVariable('CONTENT_NAVIGATION', '
                 <a href="index.php?cmd=Media&amp;archive=archive1" ' . ($this->archive == 'archive1' && !isset($_GET['act']) ? ' class="active"' : '') . '>' . $_ARRAYLANG['TXT_MEDIA_ARCHIVE'] . ' #1</a>
                 <a href="index.php?cmd=Media&amp;archive=archive2" ' . ($this->archive == 'archive2' ? ' class="active"' : '') . '>' . $_ARRAYLANG['TXT_MEDIA_ARCHIVE'] . ' #2</a>
                 <a href="index.php?cmd=Media&amp;archive=archive3" ' . ($this->archive == 'archive3' ? ' class="active"' : '') . '>' . $_ARRAYLANG['TXT_MEDIA_ARCHIVE'] . ' #3</a>
                 <a href="index.php?cmd=Media&amp;archive=archive4" ' . ($this->archive == 'archive4' ? ' class="active"' : '') . '>' . $_ARRAYLANG['TXT_MEDIA_ARCHIVE'] . ' #4</a>
                 <a href="index.php?cmd=Media&amp;archive=archive1&amp;act=settings" ' . ($this->archive == 'archive1' && $_GET['act'] == 'settings' ? ' class="active"' : '') . '>' . $_ARRAYLANG['TXT_MEDIA_SETTINGS'] . '</a>
             ');
             break;
     }
     $this->docRoot = \Env::get('cx')->getWebsiteDocumentRootPath();
     // with path offset
     $this->docRoot = \Env::get('cx')->getWebsitePath();
     // without path offset
     //paths
     $this->webPath = $this->_pathCheck($this->getPath);
     $this->path = $this->docRoot . $this->webPath;
     $this->_objImage = new \ImageManager();
 }

Exemple #4

0

Afficher le fichier

Fichier : News.class.php Projet : nahakiole/cloudrexx

 /**
  * Gets the news details
  *
  * @global    array
  * @global    ADONewConnection
  * @global    array
  * @return    string    parsed content
  */
 private function getDetails()
 {
     global $_CONFIG, $objDatabase, $_ARRAYLANG;
     $newsid = intval($_GET['newsid']);
     if (!$newsid) {
         header('Location: ' . \Cx\Core\Routing\Url::fromModuleAndCmd('News'));
         exit;
     }
     $whereStatus = '';
     $newsAccess = \Permission::checkAccess(10, 'static', true);
     $newsPreview = !empty($_GET['newsPreview']) ? intval($_GET['newsPreview']) : 0;
     $base64Redirect = base64_encode(\Env::get('cx')->getRequest()->getUrl());
     if ($newsPreview && !$newsAccess) {
         \Permission::noAccess($base64Redirect);
     } else {
         if (!$newsAccess) {
             $whereStatus = 'news.status = 1 AND';
         }
     }
     // TODO: add error handler to load the fallback-language version of the news message
     //       in case the message doesn't exist in the requested language. But only try load the
     //       the message in the fallback-language in case the associated news-detail content page
     //       is setup to use the content of the fallback-language
     $objResult = $objDatabase->SelectLimit('SELECT  news.id                 AS id,
                                                     news.userid             AS userid,
                                                     news.redirect           AS redirect,
                                                     news.source             AS source,
                                                     news.changelog          AS changelog,
                                                     news.url1               AS url1,
                                                     news.url2               AS url2,
                                                     news.date               AS date,
                                                     news.publisher          AS publisher,
                                                     news.publisher_id       AS publisherid,
                                                     news.author             AS author,
                                                     news.author_id          AS authorid,
                                                     news.changelog          AS changelog,
                                                     news.teaser_image_path  AS newsimage,
                                                     news.enable_related_news AS enableRelatedNews,
                                                     news.enable_tags         AS enableTags,
                                                     news.teaser_image_thumbnail_path AS newsThumbImg,
                                                     news.typeid             AS typeid,
                                                     news.allow_comments     AS commentactive,
                                                     locale.text,
                                                     locale.title            AS title,
                                                     locale.teaser_text
                                               FROM  ' . DBPREFIX . 'module_news AS news
                                         INNER JOIN  ' . DBPREFIX . 'module_news_locale AS locale ON news.id = locale.news_id
                                             WHERE   ' . $whereStatus . '
                                                     news.id = ' . $newsid . ' AND
                                                     locale.is_active=1 AND
                                                     locale.lang_id =' . FRONTEND_LANG_ID . (!$newsPreview ? ' AND (news.startdate <= \'' . date('Y-m-d H:i:s') . '\' OR news.startdate="0000-00-00 00:00:00") AND
                                                     (news.enddate >= \'' . date('Y-m-d H:i:s') . '\' OR news.enddate="0000-00-00 00:00:00")' : '') . ($this->arrSettings['news_message_protection'] == '1' && !\Permission::hasAllAccess() ? ($objFWUser = \FWUser::getFWUserObject()) && $objFWUser->objUser->login() ? " AND (frontend_access_id IN (" . implode(',', array_merge(array(0), $objFWUser->objUser->getDynamicPermissionIds())) . ") OR userid = " . $objFWUser->objUser->getId() . ") " : " AND frontend_access_id=0 " : ''), 1);
     if (!$objResult || $objResult->EOF) {
         header('Location: ' . \Cx\Core\Routing\Url::fromModuleAndCmd('News'));
         exit;
     }
     $newsCommentActive = $objResult->fields['commentactive'];
     $lastUpdate = $objResult->fields['changelog'];
     $text = $objResult->fields['text'];
     $redirect = contrexx_raw2xhtml($objResult->fields['redirect']);
     $sourceHref = contrexx_raw2xhtml($objResult->fields['source']);
     $url1Href = contrexx_raw2xhtml($objResult->fields['url1']);
     $url2Href = contrexx_raw2xhtml($objResult->fields['url2']);
     $source = contrexx_raw2xhtml($objResult->fields['source']);
     $url1 = contrexx_raw2xhtml($objResult->fields['url1']);
     $url2 = contrexx_raw2xhtml($objResult->fields['url2']);
     $newsUrl = '';
     $newsSource = '';
     $newsLastUpdate = '';
     if (!empty($url1)) {
         $strUrl1 = contrexx_raw2xhtml($objResult->fields['url1']);
         if (strlen($strUrl1) > 40) {
             $strUrl1 = substr($strUrl1, 0, 26) . '...' . substr($strUrl1, strrpos($strUrl1, '.'));
         }
         $newsUrl = $_ARRAYLANG['TXT_IMPORTANT_HYPERLINKS'] . '<br /><a target="_blank" href="' . $url1Href . '" title="' . $url1 . '">' . $strUrl1 . '</a><br />';
     }
     if (!empty($url2)) {
         $strUrl2 = contrexx_raw2xhtml($objResult->fields['url2']);
         if (strlen($strUrl2) > 40) {
             $strUrl2 = substr($strUrl2, 0, 26) . '...' . substr($strUrl2, strrpos($strUrl2, '.'));
         }
         $newsUrl .= '<a target="_blank" href="' . $url2Href . '" title="' . $url2 . '">' . $strUrl2 . '</a><br />';
     }
     if (!empty($source)) {
         $strSource = contrexx_raw2xhtml($objResult->fields['source']);
         if (strlen($strSource) > 40) {
             $strSource = substr($strSource, 0, 26) . '...' . substr($strSource, strrpos($strSource, '.'));
         }
         $newsSource = $_ARRAYLANG['TXT_NEWS_SOURCE'] . '<br /><a target="_blank" href="' . $sourceHref . '" title="' . $source . '">' . $strSource . '</a><br />';
     }
     if (!empty($lastUpdate)) {
         $newsLastUpdate = $_ARRAYLANG['TXT_LAST_UPDATE'] . '<br />' . date(ASCMS_DATE_FORMAT, $objResult->fields['changelog']);
     }
     $this->newsTitle = $objResult->fields['title'];
     $newstitle = $this->newsTitle;
     $newsTeaser = nl2br($objResult->fields['teaser_text']);
     \LinkGenerator::parseTemplate($newsTeaser);
     $objSubResult = $objDatabase->Execute('SELECT count(`id`) AS `countComments` FROM `' . DBPREFIX . 'module_news_comments` WHERE `newsid` = ' . $newsid);
     //Get the Category list
     $newsCategories = $this->getCategoriesByNewsId($newsid);
     if (!empty($newsCategories) && $this->_objTpl->blockExists('news_category_list')) {
         foreach ($newsCategories as $catId => $catTitle) {
             $this->_objTpl->setVariable(array('NEWS_CATEGORY_TITLE' => contrexx_raw2xhtml($catTitle), 'NEWS_CATEGORY_ID' => contrexx_input2int($catId)));
             $this->_objTpl->parse('news_category');
         }
     }
     $this->_objTpl->setVariable(array('NEWS_LONG_DATE' => date(ASCMS_DATE_FORMAT, $objResult->fields['date']), 'NEWS_DATE' => date(ASCMS_DATE_FORMAT_DATE, $objResult->fields['date']), 'NEWS_TIME' => date(ASCMS_DATE_FORMAT_TIME, $objResult->fields['date']), 'NEWS_TITLE' => $newstitle, 'NEWS_TEASER_TEXT' => $newsTeaser, 'NEWS_LASTUPDATE' => $newsLastUpdate, 'NEWS_SOURCE' => $newsSource, 'NEWS_URL' => $newsUrl, 'NEWS_CATEGORY_NAME' => implode(', ', contrexx_raw2xhtml($newsCategories)), 'NEWS_COUNT_COMMENTS' => $newsCommentActive && $this->arrSettings['news_comments_activated'] ? contrexx_raw2xhtml($objSubResult->fields['countComments'] . ' ' . $_ARRAYLANG['TXT_NEWS_COMMENTS']) : ''));
     if (!$newsCommentActive || !$this->arrSettings['news_comments_activated']) {
         if ($this->_objTpl->blockExists('news_comments_count')) {
             $this->_objTpl->hideBlock('news_comments_count');
         }
     }
     if ($this->arrSettings['news_use_teaser_text'] != '1' && $this->_objTpl->blockExists('news_use_teaser_text')) {
         $this->_objTpl->hideBlock('news_use_teaser_text');
     }
     // parse author
     self::parseUserAccountData($this->_objTpl, $objResult->fields['authorid'], $objResult->fields['author'], 'news_author');
     // parse publisher
     self::parseUserAccountData($this->_objTpl, $objResult->fields['publisherid'], $objResult->fields['publisher'], 'news_publisher');
     // show comments
     $this->parseMessageCommentForm($newsid, $newstitle, $newsCommentActive);
     $this->parseCommentsOfMessage($newsid, $newsCommentActive);
     // Show related_messages
     $this->parseRelatedMessagesOfMessage($newsid, 'category', array_keys($newsCategories));
     $this->parseRelatedMessagesOfMessage($newsid, 'type', $objResult->fields['typeid']);
     $this->parseRelatedMessagesOfMessage($newsid, 'publisher', $objResult->fields['publisherid']);
     $this->parseRelatedMessagesOfMessage($newsid, 'author', $objResult->fields['authorid']);
     /*
      * save the teaser text.
      * purpose of this: @link news::getTeaser()
      */
     $this->_teaser = contrexx_raw2xhtml($newsTeaser);
     if (!empty($this->arrSettings['news_use_tags']) && !empty($objResult->fields['enableTags'])) {
         $this->parseNewsTags($this->_objTpl, $newsid);
     }
     if (!empty($this->arrSettings['use_related_news']) && !empty($objResult->fields['enableRelatedNews'])) {
         $this->parseRelatedNews($this->_objTpl, $newsid, FRONTEND_LANG_ID, 'related_news', 3);
     }
     if (!empty($objResult->fields['newsimage'])) {
         $this->_objTpl->setVariable(array('NEWS_IMAGE' => '<img src="' . $objResult->fields['newsimage'] . '" alt="' . $newstitle . '" />', 'NEWS_IMAGE_SRC' => $objResult->fields['newsimage'], 'NEWS_IMAGE_ALT' => $newstitle));
         if ($this->_objTpl->blockExists('news_image')) {
             $this->_objTpl->parse('news_image');
         }
     } else {
         if ($this->_objTpl->blockExists('news_image')) {
             $this->_objTpl->hideBlock('news_image');
         }
     }
     self::parseImageBlock($this->_objTpl, $objResult->fields['newsThumbImg'], $newstitle, $newsUrl, 'image_thumbnail');
     self::parseImageBlock($this->_objTpl, $objResult->fields['newsimage'], $newstitle, $newsUrl, 'image_detail');
     //previous next newslink
     if ($this->_objTpl->blockExists('previousNextLink')) {
         $this->parseNextAndPreviousLinks($this->_objTpl);
     }
     if (empty($redirect)) {
         $text = preg_replace('/\\[\\[([A-Z0-9_-]+)\\]\\]/', '{\\1}', $text);
         $newsTeaser = preg_replace('/\\[\\[([A-Z0-9_-]+)\\]\\]/', '{\\1}', $newsTeaser);
         \LinkGenerator::parseTemplate($text);
         $this->_objTpl->setVariable('NEWS_TEXT', $text);
         if ($this->_objTpl->blockExists('news_text')) {
             $this->_objTpl->parse('news_text');
         }
         if ($this->_objTpl->blockExists('news_redirect')) {
             $this->_objTpl->hideBlock('news_redirect');
         }
     } else {
         if (\FWValidator::isUri($redirect)) {
             $redirectName = preg_replace('#^https?://#', '', $redirect);
             //} elseif (\FWValidator::isEmail($redirect)) {
             //$redirectName
         } else {
             $redirectName = basename($redirect);
         }
         $this->_objTpl->setVariable(array('TXT_NEWS_REDIRECT_INSTRUCTION' => $_ARRAYLANG['TXT_NEWS_REDIRECT_INSTRUCTION'], 'NEWS_REDIRECT_URL' => $redirect, 'NEWS_REDIRECT_NAME' => $redirectName));
         if ($this->_objTpl->blockExists('news_redirect')) {
             $this->_objTpl->parse('news_redirect');
         }
         if ($this->_objTpl->blockExists('news_text')) {
             $this->_objTpl->hideBlock('news_text');
         }
     }
     $this->countNewsMessageView($newsid);
     $objResult->MoveNext();
     return $this->_objTpl->get();
 }

Exemple #5

0

Afficher le fichier

Fichier : Downloads.class.php Projet : Cloudrexx/cloudrexx

 private function download()
 {
     global $objInit;
     $objDownload = new Download();
     $objDownload->load(!empty($_GET['download']) ? intval($_GET['download']) : 0);
     if (!$objDownload->EOF) {
         // check if the download is expired
         if ($objDownload->getExpirationDate() && $objDownload->getExpirationDate() < time() || !$objDownload->getActiveStatus()) {
             \Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_DIRECTORY_INDEX . "?section=Error&id=404");
             exit;
         }
         // check access to download-file
         if (!$this->hasUserAccessToCategoriesOfDownload($objDownload)) {
             \Permission::noAccess(base64_encode($objInit->getPageUri()));
         }
         // check access to download-file
         if ($objDownload->getAccessId() && !\Permission::checkAccess(143, 'static', true) && !\Permission::checkAccess($objDownload->getAccessId(), 'dynamic', true) && $objDownload->getOwnerId() != $this->userId) {
             \Permission::noAccess(base64_encode($objInit->getPageUri()));
         }
         $objDownload->incrementDownloadCount();
         if ($objDownload->getType() == 'file') {
             $objDownload->send();
         } else {
             // add socket -> prevent to hide the source from the customer
             \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . $objDownload->getSource());
         }
     }
 }

Exemple #6

0

Afficher le fichier

Fichier : Config.class.php Projet : nahakiole/cloudrexx

 /**
  * Perform the requested function depending on $_GET['act']
  *
  * @global  array   Core language
  * @global  \Cx\Core\Html\Sigma
  * @return  void
  */
 function getPage()
 {
     global $_ARRAYLANG, $objTemplate;
     if (!isset($_GET['act'])) {
         $_GET['act'] = '';
     }
     $boolShowStatus = true;
     switch ($_GET['act']) {
         case 'Ftp':
             $this->showFtp();
             break;
         case 'cache':
             if (in_array('CacheManager', \Env::get('cx')->getLicense()->getLegalComponentsList())) {
                 $boolShowStatus = false;
                 $objCache = new \Cx\Core_Modules\Cache\Controller\CacheManager();
                 $objCache->showSettings();
             } else {
                 \Permission::noAccess();
             }
             break;
         case 'Wysiwyg':
             if (in_array('Wysiwyg', \Env::get('cx')->getLicense()->getLegalComponentsList())) {
                 $boolShowStatus = false;
                 $this->showWysiwyg();
             } else {
                 \Permission::noAccess();
             }
             break;
         case 'cache_update':
             $boolShowStatus = false;
             $objCache = new \Cx\Core_Modules\Cache\Controller\CacheManager();
             $objCache->updateSettings();
             $objCache->showSettings();
             break;
         case 'cache_empty':
             $boolShowStatus = false;
             $objCache = new \Cx\Core_Modules\Cache\Controller\CacheManager();
             $objCache->forceClearCache(isset($_GET['cache']) ? contrexx_input2raw($_GET['cache']) : null);
             $objCache->showSettings();
             break;
         case 'smtp':
             $this->smtp();
             break;
         case 'image':
             try {
                 $this->image($_POST);
             } catch (Exception $e) {
                 \DBG::msg('Image settings: ' . $e->getMessage);
             }
             break;
         case 'thumbnail':
             $this->editThumbnails($_POST);
             break;
         case 'generateThumbnail':
             $this->generateThumbnail($_POST);
             break;
         case 'getThumbProgress':
             $this->getThumbProgress();
             break;
         default:
             $this->showSettings();
     }
     if ($boolShowStatus) {
         $objTemplate->setVariable(array('CONTENT_TITLE' => $this->strPageTitle, 'CONTENT_OK_MESSAGE' => $this->strOkMessage, 'CONTENT_STATUS_MESSAGE' => implode("<br />\n", $this->strErrMessage)));
     }
     $this->act = isset($_REQUEST['act']) ? $_REQUEST['act'] : '';
     $this->setNavigation();
 }

Exemple #7

0

Afficher le fichier

Fichier : BlogManager.class.php Projet : Niggu/cloudrexx

 /**
  * Shows the "Edit Entry" page.
  *
  * @global  array
  * @global  array
  * @global  array
  * @global  FWLanguage
  * @param   integer     $intEntryId: The values of this entry will be loaded into the form.
  */
 function editEntry($intEntryId)
 {
     global $_CORELANG, $_ARRAYLANG, $objDatabase;
     $count = $objDatabase->Execute('SELECT message_id
                                     FROM ' . DBPREFIX . 'module_blog_messages
                                     WHERE message_id = "' . $intEntryId . '"');
     if ($count->RecordCount() != 1) {
         \Permission::noAccess();
     }
     $this->_strPageTitle = $_ARRAYLANG['TXT_BLOG_ENTRY_EDIT_TITLE'];
     $this->_objTpl->loadTemplateFile('module_blog_entries_edit.html', true, true);
     $options = array('type' => 'button', 'data-cx-mb-views' => 'filebrowser', 'data-cx-mb-startmediatype' => 'blog', 'id' => 'mediabrowser_button', 'style' => 'display:none');
     $mediaBrowser = self::getMediaBrowserButton($_ARRAYLANG['TXT_BLOG_ENTRY_ADD_IMAGE_BROWSE'], $options, 'blogSetUrl');
     $this->_objTpl->setVariable(array('TXT_EDIT_LANGUAGES' => $_ARRAYLANG['TXT_BLOG_CATEGORY_ADD_LANGUAGES'], 'TXT_EDIT_SUBMIT' => $_ARRAYLANG['TXT_BLOG_SAVE'], 'BLOG_MEDIABROWSER_BUTTON' => $mediaBrowser));
     $arrCategories = $this->createCategoryArray();
     $arrEntries = $this->createEntryArray();
     $intEntryId = intval($intEntryId);
     $forcedLanguage = null;
     if (isset($_GET['langId']) && in_array(contrexx_input2raw($_GET['langId']), \FWLanguage::getIdArray())) {
         $forcedLanguage = contrexx_input2raw($_GET['langId']);
     }
     if ($intEntryId > 0 && key_exists($intEntryId, $arrEntries)) {
         if (count($this->_arrLanguages) > 0) {
             $intLanguageCounter = 0;
             $boolFirstLanguage = true;
             $arrLanguages = array(0 => '', 1 => '', 2 => '');
             $strJsTabToDiv = '';
             foreach ($this->_arrLanguages as $intLanguageId => $arrTranslations) {
                 $boolLanguageIsActive = $arrEntries[$intEntryId]['translation'][$intLanguageId]['is_active'];
                 if (!$boolLanguageIsActive && $forcedLanguage == $intLanguageId) {
                     $boolLanguageIsActive = true;
                 }
                 $arrLanguages[$intLanguageCounter % 3] .= '<input ' . ($boolLanguageIsActive ? 'checked="checked"' : '') . ' type="checkbox" name="frmEditEntry_Languages[]" value="' . $intLanguageId . '" onclick="switchBoxAndTab(this, \'addEntry_' . $arrTranslations['long'] . '\');" />' . $arrTranslations['long'] . ' [' . $arrTranslations['short'] . ']<br />';
                 $strJsTabToDiv .= 'arrTabToDiv["addEntry_' . $arrTranslations['long'] . '"] = "' . $arrTranslations['long'] . '";' . "\n";
                 $activeTab = $boolFirstLanguage;
                 if ($forcedLanguage) {
                     $activeTab = $forcedLanguage == $intLanguageId;
                 }
                 //Parse the TABS at the top of the language-selection
                 $this->_objTpl->setVariable(array('TABS_LINK_ID' => 'addEntry_' . $arrTranslations['long'], 'TABS_DIV_ID' => $arrTranslations['long'], 'TABS_CLASS' => $activeTab && $boolLanguageIsActive ? 'active' : 'inactive', 'TABS_DISPLAY_STYLE' => $boolLanguageIsActive ? 'display: inline;' : 'display: none;', 'TABS_NAME' => $arrTranslations['long']));
                 $this->_objTpl->parse('showLanguageTabs');
                 //Parse the DIVS for every language
                 $this->_objTpl->setVariable(array('TXT_DIV_SUBJECT' => $_ARRAYLANG['TXT_BLOG_ENTRY_ADD_SUBJECT'], 'TXT_DIV_KEYWORDS' => $_ARRAYLANG['TXT_BLOG_ENTRY_ADD_KEYWORDS'], 'TXT_DIV_IMAGE' => $_ARRAYLANG['TXT_BLOG_ENTRY_ADD_IMAGE'], 'TXT_DIV_IMAGE_BROWSE' => $_ARRAYLANG['TXT_BLOG_ENTRY_ADD_IMAGE_BROWSE'], 'TXT_DIV_CATEGORIES' => $_ARRAYLANG['TXT_BLOG_ENTRY_ADD_CATEGORIES']));
                 //Filter out active categories for this language
                 $intCategoriesCounter = 0;
                 $arrCategoriesContent = array(0 => '', 1 => '', 2 => '');
                 foreach ($arrCategories as $intCategoryId => $arrCategoryValues) {
                     if ($arrCategoryValues[$intLanguageId]['is_active']) {
                         $arrCategoriesContent[$intCategoriesCounter % 3] .= '<input type="checkbox" name="frmEditEntry_Categories_' . $intLanguageId . '[]" value="' . $intCategoryId . '" ' . (key_exists($intCategoryId, $arrEntries[$intEntryId]['categories'][$intLanguageId]) ? 'checked="checked"' : '') . ' />' . $arrCategoryValues[$intLanguageId]['name'] . '<br />';
                         ++$intCategoriesCounter;
                     }
                 }
                 $this->_objTpl->setVariable(array('DIV_ID' => $arrTranslations['long'], 'DIV_LANGUAGE_ID' => $intLanguageId, 'DIV_DISPLAY_STYLE' => $boolFirstLanguage && $boolLanguageIsActive ? 'display: block;' : 'display: none;', 'DIV_TITLE' => $arrTranslations['long'], 'DIV_SUBJECT' => $arrEntries[$intEntryId]['translation'][$intLanguageId]['subject'], 'DIV_KEYWORDS' => $arrEntries[$intEntryId]['translation'][$intLanguageId]['tags'], 'DIV_IMAGE' => $arrEntries[$intEntryId]['translation'][$intLanguageId]['image'], 'DIV_CATEGORIES_1' => $arrCategoriesContent[0], 'DIV_CATEGORIES_2' => $arrCategoriesContent[1], 'DIV_CATEGORIES_3' => $arrCategoriesContent[2], 'DIV_CONTENT' => new \Cx\Core\Wysiwyg\Wysiwyg('frmEditEntry_Content_' . $intLanguageId, $arrEntries[$intEntryId]['translation'][$intLanguageId]['content'], 'full', $intLanguageId)));
                 $this->_objTpl->parse('showLanguageDivs');
                 if ($boolLanguageIsActive) {
                     $boolFirstLanguage = false;
                 }
                 ++$intLanguageCounter;
             }
             $this->_objTpl->setVariable(array('EDIT_POST_ACTION' => '?cmd=Blog&amp;act=updateEntry', 'EDIT_MESSAGE_ID' => $intEntryId, 'EDIT_LANGUAGES_1' => $arrLanguages[0], 'EDIT_LANGUAGES_2' => $arrLanguages[1], 'EDIT_LANGUAGES_3' => $arrLanguages[2], 'EDIT_JS_TAB_TO_DIV' => $strJsTabToDiv));
         }
     } else {
         $this->_strErrMessage = $_ARRAYLANG['TXT_BLOG_ENTRY_EDIT_ERROR_ID'];
     }
 }

Exemple #8

0

Afficher le fichier

Fichier : AccessManager.class.php Projet : Cloudrexx/cloudrexx

 function _configDeleteMail()
 {
     global $_ARRAYLANG;
     // only administrators are allowed to modify the config
     if (!\Permission::hasAllAccess()) {
         \Permission::noAccess();
     }
     if (empty($_REQUEST['type'])) {
         return;
     }
     $objFWUser = \FWUser::getFWUserObject();
     $objUserMail = $objFWUser->getMail();
     if (!$objUserMail->load(contrexx_addslashes($_REQUEST['type']), !empty($_REQUEST['access_mail_lang']) ? intval($_REQUEST['access_mail_lang']) : null)) {
         return;
     }
     // TODO: Do you really need to reinitialize that?
     $objFWUser = \FWUser::getFWUserObject();
     if ($objUserMail->delete()) {
         self::$arrStatusMsg['ok'][] = $_ARRAYLANG['TXT_ACCESS_EMAIL_DEL_SUCCESS'];
     } else {
         self::$arrStatusMsg['error'] = array_merge(self::$arrStatusMsg['error'], $objUserMail->getErrorMsg());
     }
 }

Exemple #9

0

Afficher le fichier

Fichier : DatabaseManager.class.php Projet : Cloudrexx/cloudrexx

 /**
  * Dispatches to the desired function.
  * @global  \Cx\Core\Html\Sigma $objTemplate
  */
 function getPage()
 {
     global $objTemplate;
     if (!isset($_GET['act'])) {
         $_GET['act'] = '';
     }
     // Check permission to access this module
     \Permission::checkAccess(20, 'static');
     switch ($_GET['act']) {
         case 'showTable':
             if (\Permission::hasAllAccess()) {
                 $this->showTable($_GET['table']);
             } else {
                 \Permission::noAccess();
             }
             break;
         case 'optimize':
             \Permission::checkAccess(41, 'static');
             $this->optimizeDatabase();
             $this->showMaintenance();
             break;
         case 'repair':
             \Permission::checkAccess(41, 'static');
             $this->repairDatabase();
             $this->showMaintenance();
             break;
         case 'status':
             if (\Permission::hasAllAccess()) {
                 $this->showStatus();
             } else {
                 \Permission::noAccess();
             }
             break;
         default:
             \Permission::checkAccess(41, 'static');
             $this->showMaintenance();
             break;
     }
     $objTemplate->setVariable(array('CONTENT_TITLE' => $this->_strPageTitle, 'CONTENT_OK_MESSAGE' => self::$strOkMessage));
     $this->act = $_REQUEST['act'];
     $this->setNavigation();
 }

Exemple #10

0

Afficher le fichier

Fichier : DownloadsManager.class.php Projet : Niggu/cloudrexx

 /**
  * categories list
  * @global array
  * @global integer
  * @global array
  * @global object
  * @global object
  */
 private function categories()
 {
     global $_ARRAYLANG, $_LANGID, $_CONFIG, $objInit;
     $objCategory = Category::getCategory($this->parentCategoryId);
     $objFWUser = \FWUser::getFWUserObject();
     $this->_pageTitle = $_ARRAYLANG['TXT_DOWNLOADS_CATEGORIES'];
     $this->objTemplate->addBlockFile('DOWNLOADS_CATEGORY_TEMPLATE', 'module_downloads_categories', 'module_downloads_categories.html');
     // check access permission
     if (!\Permission::checkAccess(143, 'static', true) && $objCategory->getReadAccessId() && !\Permission::checkAccess($objCategory->getReadAccessId(), 'dynamic', true) && $objCategory->getOwnerId() != $objFWUser->objUser->getId()) {
         return \Permission::noAccess();
     }
     // get passed parameters
     $pos = isset($_GET['pos']) ? intval($_GET['pos']) : 0;
     $categoryLimitOffset = isset($_GET['category_pos']) ? intval($_GET['category_pos']) : $pos;
     $categoryOrderDirection = !empty($_GET['category_sort']) ? $_GET['category_sort'] : 'asc';
     $categoryOrderBy = !empty($_GET['category_by']) ? $_GET['category_by'] : '';
     $downloadLimitOffset = isset($_GET['download_pos']) ? intval($_GET['download_pos']) : $pos;
     $downloadOrderDirection = !empty($_GET['download_sort']) ? $_GET['download_sort'] : 'asc';
     $downloadOrderBy = !empty($_GET['download_by']) ? $_GET['download_by'] : '';
     $searchTerm = !empty($_GET['search_term']) ? $_GET['search_term'] : '';
     $searchTerm = $searchTerm == $_ARRAYLANG['TXT_DOWNLOADS_SEARCH_DOWNLOAD'] ? '' : $searchTerm;
     // parse categories multi action
     if (isset($_POST['downloads_category_select_action'])) {
         switch ($_POST['downloads_category_select_action']) {
             case 'order':
                 $this->updateCategoryOrder(isset($_POST['downloads_category_order']) && is_array($_POST['downloads_category_order']) ? $_POST['downloads_category_order'] : array());
                 break;
             case 'delete':
                 $this->deleteCategories(isset($_POST['downloads_category_id']) && is_array($_POST['downloads_category_id']) ? $_POST['downloads_category_id'] : array(), isset($_POST['downloads_category_delete_recursive']) && $_POST['downloads_category_delete_recursive']);
                 break;
         }
     }
     // process downloads multi action
     if (isset($_POST['downloads_download_select_action'])) {
         if (!\Permission::checkAccess(143, 'static', true) && $objCategory->getManageFilesAccessId() && !\Permission::checkAccess($objCategory->getManageFilesAccessId(), 'dynamic', true) && $objCategory->getOwnerId() != $objFWUser->objUser->getId()) {
             return \Permission::noAccess();
         }
         switch ($_POST['downloads_download_select_action']) {
             case 'order':
                 if ($objCategory->updateDownloadOrder(isset($_POST['downloads_download_order']) && is_array($_POST['downloads_download_order']) ? $_POST['downloads_download_order'] : array())) {
                     $this->arrStatusMsg['ok'][] = $_ARRAYLANG['TXT_DOWNLOADS_DOWNLOAD_ORDER_SET_SUCCESS'];
                 } else {
                     $this->arrStatusMsg['error'] = array_merge($this->arrStatusMsg['error'], $objCategory->getErrorMsg());
                 }
                 break;
             case 'unlink':
                 $this->unlinkDownloadsFromCategory($objCategory, isset($_POST['downloads_download_id']) && is_array($_POST['downloads_download_id']) ? $_POST['downloads_download_id'] : array());
                 break;
         }
     }
     $this->objTemplate->setGlobalVariable(array('TXT_DOWNLOADS_EDIT' => $_ARRAYLANG['TXT_DOWNLOADS_EDIT'], 'TXT_DOWNLOADS_DELETE' => $_ARRAYLANG['TXT_DOWNLOADS_DELETE']));
     //        // check if user is allowed to add a subcategory
     //        if (// managers are allowed to add subcategories
     //            \Permission::checkAccess(143, 'static', true)
     //            // the selected category must be valid to proceed future permission checks.
     //            // this is required to protect the overview section from non-admins
     //            || $objCategory->getId() && (
     //                // the category isn't protected => everyone is allowed to add subcategories
     //                !$objCategory->getAddSubcategoriesAccessId()
     //                // the category is protected => only those who have the sufficent permissions are allowed to add subcategories
     //                || \Permission::checkAccess($objCategory->getAddSubcategoriesAccessId(), 'dynamic', true)
     //                // the owner is allowed to add subcategories
     //                || ($objFWUser = \FWUser::getFWUserObject()) && $objFWUser->objUser->login() && $objCategory->getOwnerId() == $objFWUser->objUser->getId()
     //            )
     //        ) {
     //            $this->objTemplate->setVariable(array(
     //                'DOWNLOADS_CATEGORY_ID' => $objCategory->getId(),
     //                // TODO: rename
     //                //'TXT_ADD_CATEGORY'      => $_ARRAYLANG['TXT_ADD_CATEGORY']
     //            ));
     //            $this->objTemplate->parse('downloads_category_add_buttom');
     //        } else {
     //            $this->objTemplate->hideBlock('downloads_category_add_buttom');
     //        }
     // parse categories
     $this->parseCategories($objCategory, $downloadOrderBy, $downloadOrderDirection, $downloadLimitOffset, $categoryOrderBy, $categoryOrderDirection, $categoryLimitOffset);
     if (!$objCategory->getId()) {
         $this->objTemplate->setVariable('TXT_DOWNLOADS_ALL_CATEGORIES', $_ARRAYLANG['TXT_DOWNLOADS_ALL_CATEGORIES']);
     }
     // parse frontend preview link
     if ($objCategory->getId()) {
         $categoryFrontendURI = ASCMS_PATH_OFFSET . '/' . \FWLanguage::getLanguageCodeById(FRONTEND_LANG_ID) . '/' . CONTREXX_DIRECTORY_INDEX . '?section=Downloads&amp;category=' . $objCategory->getId();
         $this->objTemplate->setVariable(array('TXT_DOWNLOADS_OPEN_CATEGORY_FRONTEND' => $_ARRAYLANG['TXT_DOWNLOADS_OPEN_CATEGORY_FRONTEND'], 'DOWNLOADS_CATEGORY_FRONTEND_URI' => $categoryFrontendURI));
         $this->objTemplate->parse('downloads_category_frontend_link');
     } else {
         $this->objTemplate->hideBlock('downloads_category_frontend_link');
     }
     // parse downloads
     $this->parseCategoryDownloads($objCategory, $downloadOrderBy, $downloadOrderDirection, $downloadLimitOffset, $categoryOrderBy, $categoryOrderDirection, $categoryLimitOffset, $searchTerm);
     $this->objTemplate->setVariable(array('DOWNLOADS_CONFIRM_UNLINK_DOWNLOAD_TXT' => preg_replace('#\\n#', '\\n', addslashes($_ARRAYLANG['TXT_DOWNLOADS_CONFIRM_UNLINK_DOWNLOAD']))));
     // parse add downloads buttons
     if ($objCategory->getId() && (\Permission::checkAccess(143, 'static', true) || !$objCategory->getAddFilesAccessId() || \Permission::checkAccess($objCategory->getAddFilesAccessId(), 'dynamic', true))) {
         $this->objTemplate->setVariable(array('DOWNLOADS_CATEGORY_ID' => $objCategory->getId(), 'TXT_DOWNLOADS_ADD_NEW_DOWNLOAD_TO_CATEGORY' => sprintf($_ARRAYLANG['TXT_DOWNLOADS_ADD_NEW_DOWNLOAD_TO_CATEGORY'], htmlentities($objCategory->getName(LANG_ID), ENT_QUOTES, CONTREXX_CHARSET)), 'TXT_DOWNLOADS_ADD_DOWNLOADS_TO_CATEGORY' => sprintf($_ARRAYLANG['TXT_DOWNLOADS_ADD_DOWNLOADS_TO_CATEGORY'], htmlentities($objCategory->getName(LANG_ID), ENT_QUOTES, CONTREXX_CHARSET)), 'DOWNLOADS_DOWNLOAD_CATEGORY_SORT' => $categoryOrderDirection, 'DOWNLOADS_DOWNLOAD_CATEGORY_SORT_BY' => $categoryOrderBy, 'DOWNLOADS_DOWNLOAD_DOWNLOAD_SORT' => $downloadOrderDirection, 'DOWNLOADS_DOWNLOAD_DOWNLOAD_BY' => $downloadOrderBy, 'DOWNLOADS_DOWNLOAD_CATEGORY_OFFSET' => $categoryLimitOffset, 'DOWNLOADS_DOWNLOAD_DOWNLOAD_OFFSET' => $downloadLimitOffset));
         $this->objTemplate->parse('downloads_add_downloads_button');
     } else {
         $this->objTemplate->hideBlock('downloads_add_downloads_button');
     }
     // parse category menu
     // parse category id (will be used as the parent_id when creating a new directory
     $this->objTemplate->setVariable(array('TXT_DOWNLOADS_CATEGORY' => $_ARRAYLANG['TXT_DOWNLOADS_CATEGORY'], 'DOWNLOADS_CATEGORY_ID' => $objCategory->getId(), 'DOWNLOADS_CATEGORY_MENU' => $this->getCategoryMenu('read', $objCategory->getId(), $_ARRAYLANG['TXT_DOWNLOADS_ALL_CATEGORIES']), 'DOWNLOADS_SEARCH_TERM' => !empty($_GET['search_term']) ? $_GET['search_term'] : $_ARRAYLANG['TXT_DOWNLOADS_SEARCH_DOWNLOAD'], 'TXT_DOWNLOADS_SEARCH_DOWNLOAD' => $_ARRAYLANG['TXT_DOWNLOADS_SEARCH_DOWNLOAD'], 'TXT_DOWNLOADS_FILTER' => $_ARRAYLANG['TXT_DOWNLOADS_FILTER'], 'TXT_DOWNLOADS_SEARCH' => $_ARRAYLANG['TXT_DOWNLOADS_SEARCH']));
     return true;
 }

Exemple #11

0

Afficher le fichier

Fichier : CrmTask.class.php Projet : Cloudrexx/cloudrexx

 /**
  * delete the task
  *
  * @global array $_ARRAYLANG
  * @global object $objDatabase
  * @return true
  */
 function deleteTask()
 {
     global $objDatabase;
     $id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
     $redirect = isset($_REQUEST['redirect']) ? $_REQUEST['redirect'] : base64_encode('&act=task');
     if (!empty($id)) {
         $objResult = $objDatabase->Execute("SELECT `added_by`,\n                                                       `assigned_to`\n                                                    FROM `" . DBPREFIX . "module_{$this->moduleNameLC}_task`\n                                                 WHERE `id` = '{$id}'\n                                               ");
         if ($objResult) {
             list($task_edit_permission, $task_delete_permission) = $this->getTaskPermission((int) $objResult->fields['added_by'], (int) $objResult->fields['assigned_to']);
             if (!$task_delete_permission) {
                 \Permission::noAccess();
             }
         }
     }
     if (!empty($id)) {
         $objResult = $objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_{$this->moduleNameLC}_task WHERE id = '{$id}'");
         \Cx\Core\Csrf\Controller\Csrf::header("Location:index.php?cmd=" . $this->moduleName . base64_decode($redirect) . "&mes=" . base64_encode('taskDeleted'));
     }
 }

Exemple #12

0

Afficher le fichier

Fichier : CrmManager.class.php Projet : nahakiole/cloudrexx

 /**
  * Set the backend page
  *
  * @access public
  * @global object $objTemplate
  * @global array $_ARRAYLANG
  *
  * @return null
  */
 function getPage()
 {
     global $objTemplate, $_ARRAYLANG;
     if (!isset($_GET['act'])) {
         $_GET['act'] = '';
     }
     switch ($_GET['act']) {
         case 'customersearch':
             $this->getCustomerSearch();
             break;
         case 'checkuseravailablity':
             $this->checkUserAvailablity();
             break;
         case 'uploadProfilePhoto':
             $this->uploadProfilePhoto();
             break;
         case 'updateProfileImage':
             $this->updateProfilePhoto();
             break;
         case 'fileupload':
             $this->uploadFiles();
             break;
         case 'getcontactdocuments':
             $this->getContactDocuments();
             break;
         case 'addcontact':
             $this->addContact();
             break;
         case 'getcustomers':
             $this->getCustomers();
             break;
         case 'autosuggest':
             $this->autoSuggest();
             break;
         case 'getdomains':
             $this->getCustomerDomains();
             break;
         case 'deals':
             $this->dealsOverview();
             break;
         case 'getcontacttasks':
             $this->getContactTasks();
             break;
         case 'getcontactprojects':
             $this->getcontactprojects();
             break;
         case 'getcontactdeals':
             $this->getContactDeals();
             break;
         case 'deleteContacts':
             $this->deleteContacts();
             break;
         case 'getlinkcontacts':
             $this->getLinkContacts();
             break;
         case 'customertooltipdetail':
             $this->customerTooltipDetail();
             break;
         case 'notesdetail':
             $this->notesDetail();
             break;
         case 'changecontactstatus':
             $this->changeCustomerContactStatus();
             break;
         case 'exportvcf':
             $this->exportVcf();
             break;
         case 'changecustomerstatus':
             $this->changeCustomerStatus();
             break;
         case 'deleteCustomers':
             $this->deleteCustomers();
             break;
         case 'customersChangeStatus':
             $this->customersChangeStatus();
             break;
         case 'mailtemplate_overview':
         case 'mailtemplate_edit':
             $_GET['tpl'] = 'mail';
         case 'settings':
             \Permission::checkAccess($this->adminAccessId, 'static');
             $this->settingsSubmenu();
             break;
         case 'managecontact':
             $this->_modifyContact();
             break;
         case 'deleteCurrency':
             $this->deleteCurrency();
             break;
         case 'editcurrency':
             $this->editCurrency();
             break;
         case 'noteschangestatus':
             $this->notesChangeStatus();
             break;
         case 'deleteCustomerTypes':
             $this->deleteCustomerTypes();
             break;
         case 'moveDocument':
             $this->moveDocumentToTarget();
             break;
         case 'getImportFilename':
             $this->getImportFilename();
             break;
         case 'export':
             $this->csvExport();
             break;
         case 'InsertCSV':
             $this->InsertCSV();
             break;
         case 'task':
             $this->showTasks();
             break;
         case 'checkAccountId':
             $this->checkAccountId();
             break;
         case 'customers':
         default:
             if (\Permission::checkAccess($this->customerAccessId, 'static', true)) {
                 $this->showCustomers();
             } else {
                 $this->checkCustomerIdentity();
                 \Permission::noAccess();
             }
             break;
     }
     $objTemplate->setVariable(array('CONTENT_TITLE' => isset($_SESSION['pageTitle']) ? $_SESSION['pageTitle'] : $this->_pageTitle, 'CONTENT_OK_MESSAGE' => isset($_SESSION['strOkMessage']) ? $_SESSION['strOkMessage'] : $this->_strOkMessage, 'CONTENT_STATUS_MESSAGE' => isset($_SESSION['strErrMessage']) ? $_SESSION['strErrMessage'] : $this->_strErrMessage, 'CONTENT_WARNING_MESSAGE' => isset($_SESSION['strWarMessage']) ? $_SESSION['strWarMessage'] : $this->_strWarMessage, 'ADMIN_CONTENT' => $this->_objTpl->get()));
     unset($_SESSION['pageTitle']);
     unset($_SESSION['strOkMessage']);
     unset($_SESSION['strErrMessage']);
     unset($_SESSION['strWarMessage']);
 }

PHP Permission::noAccess Exemples