/** * After Save method * * @param boolean $created */ public function afterSave($created, $options = array()) { $this->updateUserRolesViewPrefix(); if (!empty($this->data['UserRole']['duplicate'])) { App::uses('Privilege', 'Privileges.Model'); $Privilege = new Privilege(); $Privilege->duplicatePermissions('UserRole', $this->data['UserRole']['duplicate'], $this->id); } return parent::afterSave($created); }
public function run() { preg_match("/(^.*?)\\?|(^.*)/", $_SERVER['REQUEST_URI'], $matchs); $currentRoute = empty($matchs[1]) ? $matchs[2] : $matchs[1]; //$closeUser = Yii::app()->params['close_user']; if ($this->allMenu) { $actions = Action::model()->getAllMenu(); } else { $actions = Privilege::getMenu($this->userid); } //var_dump($this->userid,$actions);exit; $first = $second = array(); foreach ($actions as $v) { if ($v['is_menu'] == 1) { $first[$v['aid']] = $v; } else { if ($v['is_menu'] == 2) { if (!isset($second[$v['first_menu']])) { $second[$v['first_menu']] = array(); } $second[$v['first_menu']][] = $v; } } } if (empty($this->horiz)) { $this->render('main.views.widget.left_menu_metro', array('first' => $first, 'second' => $second)); } else { $this->render('main.views.widget.horiz_menu_metro', array('first' => $first, 'second' => $second)); } }
protected function beforeAction($action) { header("Cache-Control: no-cache, must-revalidate"); date_default_timezone_set('PRC'); // 登陆 preg_match("/(^.*?)\\?|(^.*)/", $_SERVER['REQUEST_URI'], $matchs); $requestUrl = empty($matchs[1]) ? $matchs[2] : $matchs[1]; // 页面title $actionInfo = Action::model()->find("route=:route", array(':route' => $requestUrl)); if (!empty($actionInfo)) { $this->actionName = $actionInfo['aname']; } $closeUser = Yii::app()->params['close_user']; // 登陆限制 if ($closeUser || ($_SERVER['REQUEST_URI'] == '/main/user/logout' || preg_match('|^/main/user/login|', $_SERVER['REQUEST_URI']) || preg_match('|^/main/user/register|', $_SERVER['REQUEST_URI']) || $requestUrl == '/site/error')) { return true; } // get user info $userInfo = Login::getLoginInfo(); $url = urlencode($_SERVER['REQUEST_URI']); if (empty($userInfo)) { $this->redirect('/main/user/login?url=' . $url); } $this->userid = $userInfo['uid']; $this->userInfo = $userInfo; // 权限限制 if ($userInfo['uname'] == 'superman' && !Privilege::hasPrivilege($userInfo['uid'], $requestUrl) && $requestUrl != '/site/index' && $requestUrl != '/main/user/lock') { return false; } return true; }
public function logIn($user) { session_set_cookie_params(60 * 30, '../rezervime'); $userId = $user->getId(); $username = $user->getUsername(); $fullName = $user->getName() . " " . $user->getLastname(); $email = $user->getEmail(); $privilegeId = $user->getPrivilegeId(); $privilege = new Privilege(); $privilege->setId($privilegeId); $privilege->getPrivilegeById(); $privilegeName = $privilege->getPrivilege(); if (!isset($_SESSION[$this->session_id_to_destroy])) { $_SESSION['USID'] = $userId; $_SESSION[$this->session_id_to_destroy] = $this->session_id_to_destroy; $_SESSION['USNM'] = $username; $_SESSION['USFN'] = $fullName; $_SESSION['USE'] = $email; $_SESSION['USPRID'] = $privilegeId; $_SESSION['USPR'] = $privilegeName; $this->isLogin = true; } }
public static function login() { $connection = Flight::dbMain(); try { $session = json_decode(file_get_contents("php://input")); if ($session == null) { throw new Exception(json_get_error()); } $sql = "SELECT * FROM user WHERE user.user_name = :name and user.user_password = :password;"; $query = $connection->prepare($sql); $password = hash('sha256', $session->Password); $query->bindParam(':name', $session->Name, PDO::PARAM_STR); $query->bindParam(':password', $password, PDO::PARAM_STR); $query->execute(); $row = $query->fetch(PDO::FETCH_ASSOC); if ($query->rowCount() < 1) { throw new Exception("Username or Password is not exist"); } $user = new User(); $user->Id = (int) $row['id']; $user->Name = $row['user_name']; $user->DtCreated = $row['user_dt_created']; $user->DtExpired = $row['user_dt_expired']; // $user->Privilege = (int) $row['e_privilege_id']; // $user->Status = (int) $row['e_status_id']; // $user->Company = (int) $row['company_id']; // $user->Sim = $row['sim_id'] == null ? null : (int) $row['sim_id']; $user->Privilege = Privilege::select($row['e_privilege_id']); $user->Status = Status::select($row['e_status_id']); $user->Company = Company::select($row['company_id']); $user->Sim = Sim::select($row['sim_id']); Flight::ok($user); } catch (PDOException $pdoException) { Flight::error($pdoException); } catch (Exception $exception) { Flight::error($exception); } finally { $connection = null; } }
public function run() { preg_match("/(^.*?)\\?|(^.*)/", $_SERVER['REQUEST_URI'], $matchs); $currentRoute = empty($matchs[1]) ? $matchs[2] : $matchs[1]; $actions = Privilege::getMenu($this->userid); $content = " <ul class='left_nav_ul'> "; foreach ($actions as $k => $v) { if (preg_match("|^{$v['route']}|", $currentRoute)) { // 点击后 $logopath = $v['logo_click']; $class = "click"; } else { $logopath = $v['logo']; $class = ""; } if ($this->type == 'logo' && !empty($v['logo'])) { $content .= "\n <li class='{$class}'><a href='{$v['route']}'><img src='{$logopath}' /></a></li>\n "; } else { $content .= "\n <li class='{$class}'><a href='{$v['route']}'>{$v['aname']}</a></li>\n "; } } $content .= " </ul> "; $this->render('main.views.widget.left_menu', array('show' => $content)); }
<?php if (isset($_GET['loginID'])) { $loginID = $_GET['loginID']; } else { $loginID = ''; } $user = new User(new NamedArguments(array('primaryKey' => $loginID))); //get all roles for output in drop down $privilegeArray = array(); $privilegeObj = new Privilege(); $privilegeArray = $privilegeObj->allAsArray(); if ($user->accountTabIndicator == '1') { $accountTab = 'checked'; } else { $accountTab = ''; } ?> <div id='div_updateForm'> <input type='hidden' id='editLoginID' value='<?php echo $loginID; ?> '> <div class='formTitle' style='width:295px;'><span class='headerText' style='margin-left:7px;'><?php if ($loginID) { echo _("Edit User"); } else { echo _("Add New User"); }
<form name="form_query" method="post"> <tr> <td bgcolor="#EEEEEE" width="100%" valign="top" class="form_title" colspan="2"> Privilégios </td> </tr> <tr> <td bgcolor="#FFFFFF" width="30%" valign="center" align="right"> Id: </td> <td bgcolor="#FFFFFF" width="70%" valign="center" align="left"> <select name="p_priv_id"> <option value="">Selecione</option> <?php $privilege = new Privilege(); $privilege->SetDatabase($database); $result = $privilege->SelectCombo(); while ($data = $database->FetchArray($result)) { $priv_id = $data["priv_id"]; $profile = $data["prof_name"]; $module = $data["modu_name"]; echo "<option value=\"" . $priv_id . "\">" . $profile . " - " . $module . "</option>"; } ?> </select> </td> </tr> <tr> <td bgcolor="#FFFFFF" width="100%" valign="center" align="center" colspan="2">
<?php $user = new User(); $message = new Message(); $m1 = $message->getMessage(); $privilege = new Privilege(); $role = $privilege->judge($user); ?> <nav class="navbar navbar-default navbar-fixed-top"> <div class="container-fluid"> <div class="row"> <div class="col-md-10 col-md-offset-1"> <!-- Brand and toggle get grouped for better mobile display --> <div class="navbar-header"> <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="navbar-brand" href="index.php"><i class="fa fa-leaf icon-leaf green"></i></a> </div> <!-- Collect the nav links, forms, and other content for toggling --> <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1"> <ul class="nav navbar-nav"> <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">分布式课程<span class="caret"></span></a> <ul class="dropdown-menu"> <li><a href="course.php">课程首页</a></li> <li role="separator" class="divider"></li>
<?php if (!isset($_SESSION)) { session_start(); } require_once 'initClass.php'; require_once 'init.php'; if (isset($_SESSION['idJoueurCourant']) && $_SESSION['idJoueurCourant'] != '') { // Instance manager $IconePersonnageManager = new IconePersonnageManager($db); $JoueurManager = new JoueurManager($db); $Joueur = new Joueur($JoueurManager->get($_SESSION['idJoueurCourant'])); $FormulaireUniqueId = new FormulaireUniqueId(); $Privilege = new Privilege($JoueurManager->getPrivilege($Joueur->getId())); if ($Privilege->hasPermission('IconePersonnage')) { if ($FormulaireUniqueId->validate()) { // Vérification du fichier files if (isset($_FILES) && count($_FILES) > 0) { $dossier = dossierIconePersonnageAbsolue; $destination = $dossier . basename($_FILES['chemin']['name']); // Upload du fichier if (move_uploaded_file($_FILES['chemin']['tmp_name'], $destination)) { $_POST['chemin'] = dossierIconePersonnage . $_FILES['chemin']['name']; $iconePersonnage = new IconePersonnage($_POST); // Insertion de l'icone $IconePersonnageManager->insert($iconePersonnage); $_SESSION['insertIconePersonnage'] = true; } } } //Liste des icones personnages
<?php if (!isset($_SESSION)) { session_start(); } require_once 'initClass.php'; require_once 'init.php'; if (isset($_SESSION['idJoueurCourant']) && $_SESSION['idJoueurCourant'] != '') { // Instance manager $PersonnageTypeManager = new PersonnageTypeManager($db); $PersonnageManager = new PersonnageManager($db); $JoueurManager = new JoueurManager($db); $EvolutionManager = new EvolutionManager($db); $FormulaireUniqueId = new FormulaireUniqueId(); $Joueur = new Joueur($JoueurManager->get($_SESSION['idJoueurCourant'])); $Privilege = new Privilege($JoueurManager->getPrivilege($Joueur->getId())); if ($Privilege->hasPermission('personnageCreer')) { // Insertion du nouveau personnage. if (isset($_POST) && count($_POST) > 0) { if ($FormulaireUniqueId->validate()) { $insert = true; // Si un champ n'a pas été saisie par l'utisateur foreach ($_POST as $key => $value) { if ($value == '') { $insert = false; } } if ($insert) { // Personnagetype avec les données du POST $PersonnageType = new PersonnageType($PersonnageTypeManager->get($_POST['personnageTypeId'])); // Création du personnage avec les données POST
/** * Allows the user to delete an existing privilege. All the flippers related to * this privilege will be removed * * @access public * @return void */ public function deleteAction() { $this->title = 'Delete privilege'; $form = new DeleteForm(); $privilegeModel = new Privilege(); if ($this->getRequest()->isPost()) { if ($form->isValid($this->getRequest()->getPost())) { $privilegeModel->deleteById($form->getValue('id')); $this->_helper->FlashMessenger(array('msg-success' => 'The privilege was successfully deleted.')); //Regenerate Flag and Flippers App_FlagFlippers_Manager::save(); $this->_redirect('/privileges/'); } } else { $id = $this->_getParam('id'); $row = $privilegeModel->findById($id); if (empty($row)) { $this->_helper->FlashMessenger(array('msg-warning' => sprintf('We cannot find privilege with id %s', $id))); $this->_redirect('/privileges/'); } $form->populate($row->toArray()); $this->view->item = $row; } $this->view->form = $form; }
/** * Returns the data model based on the primary key given in the GET variable. * If the data model is not found, an HTTP exception will be raised. * @param integer $id the ID of the model to be loaded * @return Privilege the loaded model * @throws CHttpException */ public function loadModel($id) { $model = Privilege::model()->findByPk($id); if ($model === null) { throw new CHttpException(404, 'The requested page does not exist.'); } return $model; }
$menu = new Menu(); $menu->SetDatabase($database); $menu->Backup($handle1, $handle2); $module = new Module(); $module->SetDatabase($database); $module->Backup($handle1, $handle2); $new = new News(); $new->SetDatabase($database); $new->Backup($handle1, $handle2); $profile = new Profile(); $profile->SetDatabase($database); $profile->Backup($handle1, $handle2); $paragraph = new Paragraph(); $paragraph->SetDatabase($database); $paragraph->Backup($handle1, $handle2); $privilege = new Privilege(); $privilege->SetDatabase($database); $privilege->Backup($handle1, $handle2); $role = new Role(); $role->SetDatabase($database); $role->Backup($handle1, $handle2); $menu_item = new MenuItem(); $menu_item->SetDatabase($database); $menu_item->Backup($handle1, $handle2); $shout = new Shout(); $shout->SetDatabase($database); $shout->Backup($handle1, $handle2); $user_info = new UserInfo(); $user_info->SetDatabase($database); $user_info->Backup($handle1, $handle2); $topic = new Topic();
echo $form->labelEx($model, 'NAMA'); ?> <?php echo $form->textField($model, 'NAMA', array('size' => 25, 'maxlength' => 25)); ?> <?php echo $form->error($model, 'NAMA'); ?> </div> <div class="row"> <?php echo $form->labelEx($model, 'Pilih Privilege'); ?> <?php $data = CHtml::listData(Privilege::model()->findAll(), 'ID_PRIVILEGE', 'NAMA_PRIVILEGE'); echo $form->dropDownList($model, 'ID_PRIVILEGE', $data); ?> <?php echo $form->error($model, 'ID_PRIVILEGE'); ?> </div> <div class="row"> <?php echo $form->labelEx($model, 'NO_HP'); ?> <?php echo $form->textField($model, 'NO_HP', array('size' => 15, 'maxlength' => 15)); ?> <?php
<?php if (!isset($_SESSION)) { session_start(); } require_once 'initClass.php'; require_once 'init.php'; if (isset($_SESSION['idJoueurCourant']) && $_SESSION['idJoueurCourant'] != '') { $PersonnageTypeManager = new PersonnageTypeManager($db); $EvolutionManager = new EvolutionManager($db); $IconePersonnageManager = new IconePersonnageManager($db); $JoueurManager = new JoueurManager($db); $Joueur = new Joueur($JoueurManager->get($_SESSION['idJoueurCourant'])); $Privilege = new Privilege($JoueurManager->getPrivilege($Joueur->getId())); $FormulaireUniqueId = new FormulaireUniqueId(); if ($Privilege->hasPermission('evolutionCreerModifier')) { // Si aucun evolution à modifier $evolutionSelected = ''; // Enregistrement de l'évolution if (isset($_POST) && count($_POST) > 0) { // Le traitement de l'insert et de l'update se fait via le même formulaire if ($_POST['action'] == "ajouter") { if ($FormulaireUniqueId->validate()) { $insert = true; // Si un champ n'a pas été saisie par l'utisateur foreach ($_POST as $key => $value) { if ($value == '') { $insert = false; } } // Si champs compelts, insertion en base de donnée
public static function selectByCompany($id) { $connection = Flight::dbMain(); try { $sql = "SELECT * FROM user WHERE company_id = :company;"; $query = $connection->prepare($sql); $query->bindParam(':company', $id, PDO::PARAM_INT); $query->execute(); $rows = $query->fetchAll(PDO::FETCH_ASSOC); $result = array(); foreach ($rows as $row) { $user = new User(); $user->Id = (int) $row['id']; $user->Name = $row['user_name']; $user->DtCreated = $row['user_dt_created']; $user->DtExpired = $row['user_dt_expired']; // $user->Privilege = (int) $row['e_privilege_id']; // $user->Status = (int) $row['e_status_id']; // $user->Company = (int) $row['company_id']; // $user->Sim = $row['sim_id'] == null ? null : (int) $row['sim_id']; $user->Privilege = Privilege::select($row['e_privilege_id']); $user->Status = Status::select($row['e_status_id']); $user->Company = Company::select($row['company_id']); $user->Sim = Sim::select($row['sim_id']); array_push($result, $user); } return $result; } catch (PDOException $pdoException) { throw $pdoException; } catch (Exception $exception) { throw $exception; } finally { $connection = null; } }
<?php require_once 'initClass.php'; require_once 'init.php'; if (!isset($_SESSION)) { session_start(); } if (isset($_SESSION['idJoueurCourant']) && $_SESSION['idJoueurCourant'] != '') { $JoueurManager = new JoueurManager($db); $Joueur = new Joueur($JoueurManager->get($_SESSION['idJoueurCourant'])); $PermissionManager = new PermissionManager($db); $RoleManager = new RoleManager($db); $Privilege = new Privilege($JoueurManager->getPrivilege($Joueur->getId())); if ($Privilege->hasPermission('rolePermission')) { if (isset($_POST) && count($_POST) > 0) { // Le traitement de l'insert if ($_POST['action'] == "ajouter") { // Test si un roleid est sélectionné if ($_POST['roleId'] != '') { // Suppression des enregistrements de la table de jointure $RoleManager->delete_permission_role($_POST['roleId']); // Insertion + verification du post permission id if (isset($_POST['permissionId']) && count($_POST['permissionId']) > 0) { $permissionIdCheckbox = $_POST['permissionId']; // Parcours de toute les permissions sélectionnés foreach ($permissionIdCheckbox as $key => $permissionId) { $RoleManager->insert_permission_role($_POST['roleId'], $permissionId); } // Pour que les options soit décoché après avoir fait un insert $_SESSION['listePermissionSelected'] = ''; $_SESSION['roleIdSelected'] = '';
} } if ($action == 3) { $privilege = new Privilege(); $privilege->SetDatabase($database); $privilege->SetId($priv_id); $privilege->SetModule($priv_modu_id); $privilege->SetProfile($priv_prof_id); if ($privilege->Update()) { $message = $screen_module_name . " alterado com sucesso."; } else { $message = "Problemas na operação."; } } if ($action == 4) { $privilege = new Privilege(); $privilege->SetDatabase($database); $privilege->SetId($priv_id); if ($privilege->Delete()) { $message = $screen_module_name . " excluído com sucesso."; $priv_id = ""; $priv_modu_id = ""; $priv_prof_id = ""; } else { $message = "Problemas na operação."; } } } ?> <html>
</form> <br> <h2 id="by-calling">Privileges granted to callings</h2> <table class="privList"> <tr> <th>Calling</th> <th>Privilege</th> <th>Options</th> </tr> <?php $rm = DB::Run("SELECT CallingID, PrivilegeID FROM GrantedPrivileges INNER JOIN Callings ON Callings.ID = CallingID INNER JOIN Privileges ON Privileges.ID = GrantedPrivileges.PrivilegeID WHERE CallingID > 0 AND Callings.WardID={$MEMBER->WardID} ORDER BY Callings.Name ASC, Privileges.Privilege ASC"); while ($row = mysql_fetch_array($rm)) { $priv = Privilege::Load($row['PrivilegeID']); $call = Calling::Load($row['CallingID']); ?> <tr> <td> <b><?php echo $call->Name; ?> </b> </td> <td> <span title="<?php echo $priv->HelpText(); ?> "><?php echo $priv->Privilege();
public static function Create($name, $stakeID, $rawPwd) { if (!strlen(trim($name)) || !$stakeID || !strlen(trim($rawPwd))) { fail("Cannot create a ward without a name, stake ID, and password (and residences are strongly recommended, if possible)."); } if (!Stake::Load($stakeID)) { fail("Could not create ward because stake ID was found to be invalid."); } $ward = new Ward(); $ward->Name = strip_tags($name); $ward->StakeID = $stakeID; $ward->Salt = salt(); $ward->Password = hashPwd($rawPwd, $ward->Salt); $ward->Balance = 2.5; $ward->Deleted = false; if (!$ward->Save()) { return null; } // Set up pre-defined callings, privileges, permissions, and a sample survey question or two. $callings = array(); $callings[1] = new Calling("Bishop", $ward->ID, true); $callings[2] = new Calling("Bishopric 1st Counselor", $ward->ID, true); $callings[3] = new Calling("Bishopric 2nd Counselor", $ward->ID, true); $callings[4] = new Calling("Executive Secretary", $ward->ID, true); $callings[5] = new Calling("Elders Quorum President", $ward->ID, true); $callings[6] = new Calling("Elders Quorum 1st Counselor", $ward->ID, true); $callings[7] = new Calling("Elders Quorum 2nd Counselor", $ward->ID, true); $callings[8] = new Calling("Elders Quorum Secretary", $ward->ID, true); $callings[9] = new Calling("Relief Society President", $ward->ID, true); $callings[10] = new Calling("Relief Society 1st Counselor", $ward->ID, true); $callings[11] = new Calling("Relief Society 2nd Counselor", $ward->ID, true); $callings[12] = new Calling("Relief Society Secretary", $ward->ID, true); $callings[13] = new Calling("Ward Clerk", $ward->ID, true); $callings[14] = new Calling("Membership Clerk", $ward->ID, true); foreach ($callings as $c) { $c->Save(); } // Save each calling // Compile an array of each privilege in the database; currently, we have IDs 1 through 13 $privileges = array(); $priv_count = mysql_fetch_row(DB::Run("SELECT COUNT(1) FROM Privileges"))[0]; for ($i = 1; $i <= $priv_count; $i++) { $privileges[$i] = Privilege::Load($i); } // Bishopric (excluding executive secretary) can mass email all ward members, // see everything in the export file, and manage privileges, and send texts for ($i = 1; $i <= 3; $i++) { $privileges[PRIV_EMAIL_ALL]->GrantToCalling($callings[$i]->ID()); $privileges[PRIV_EXPORT_EMAIL]->GrantToCalling($callings[$i]->ID()); $privileges[PRIV_EXPORT_PHONE]->GrantToCalling($callings[$i]->ID()); $privileges[PRIV_EXPORT_BDATE]->GrantToCalling($callings[$i]->ID()); $privileges[PRIV_MNG_SITE_PRIV]->GrantToCalling($callings[$i]->ID()); $privileges[PRIV_TEXT_ALL]->GrantToCalling($callings[$i]->ID()); } // Executive secretary gets all privileges (except redundant ones 2 and 3 - mass email brothers/sisters) for ($i = PRIV_EMAIL_ALL; $i <= PRIV_TEXT_ALL; $i++) { if ($i != PRIV_EMAIL_BRO && $i != PRIV_EMAIL_SIS) { $privileges[$i]->GrantToCalling($callings[4]->ID()); } } // EQ presidency gets to mass-email all brothers for ($i = 5; $i <= 8; $i++) { $privileges[PRIV_EMAIL_BRO]->GrantToCalling($callings[$i]->ID()); } // The EQ president needs to see more in the export file $privileges[PRIV_EXPORT_EMAIL]->GrantToCalling($callings[5]->ID()); $privileges[PRIV_EXPORT_PHONE]->GrantToCalling($callings[5]->ID()); $privileges[PRIV_EXPORT_BDATE]->GrantToCalling($callings[5]->ID()); // RS presidency gets to mass-email all sisters for ($i = 9; $i <= 12; $i++) { $privileges[PRIV_EMAIL_SIS]->GrantToCalling($callings[$i]->ID()); } // RS president can see more in the export file, too $privileges[PRIV_EXPORT_EMAIL]->GrantToCalling($callings[9]->ID()); $privileges[PRIV_EXPORT_PHONE]->GrantToCalling($callings[9]->ID()); $privileges[PRIV_EXPORT_BDATE]->GrantToCalling($callings[9]->ID()); // Ward clerks can see all info in export file and manage site privileges $privileges[PRIV_EXPORT_EMAIL]->GrantToCalling($callings[13]->ID()); $privileges[PRIV_EXPORT_PHONE]->GrantToCalling($callings[13]->ID()); $privileges[PRIV_EXPORT_BDATE]->GrantToCalling($callings[13]->ID()); $privileges[PRIV_MNG_SITE_PRIV]->GrantToCalling($callings[13]->ID()); // Membership clerks needs to see all info in export file, and can // manage callings, profile pictures, and delete accounts $privileges[PRIV_EXPORT_EMAIL]->GrantToCalling($callings[14]->ID()); $privileges[PRIV_EXPORT_PHONE]->GrantToCalling($callings[14]->ID()); $privileges[PRIV_EXPORT_BDATE]->GrantToCalling($callings[14]->ID()); $privileges[PRIV_MNG_CALLINGS]->GrantToCalling($callings[14]->ID()); $privileges[PRIV_MNG_PROFILE_PICS]->GrantToCalling($callings[14]->ID()); $privileges[PRIV_DELETE_ACCTS]->GrantToCalling($callings[14]->ID()); // --------------------------------------------------- // // Create a sample/starter question. $qu = new SurveyQuestion(); $qu->Question = "Welcome to the singles ward! Do you prefer blue, brown, or green eyes?"; $qu->QuestionType = QuestionType::MultipleChoice; $qu->Required = false; $qu->Visible = true; $qu->WardID = $ward->ID(); $qu->Save(); $qu->AddAnswerOption("Brown eyes"); $qu->AddAnswerOption("Blue eyes"); $qu->AddAnswerOption("Green eyes"); // Let a few people see it: Bishop, Exec. Sec, EQP, and RSP $p = new Permission(); $p->QuestionID($qu->ID()); $p->Allow($callings[1]->ID(), "Calling", true); $p->Allow($callings[4]->ID(), "Calling", true); $p->Allow($callings[5]->ID(), "Calling", true); $p->Allow($callings[9]->ID(), "Calling", true); // I think we're all done here! return $ward; }
<?php require_once 'models/Http.php'; require_once 'models/Privilege.php'; require_once 'models/User.php'; require_once 'views/Standard.php'; require_once 'views/Userpage.php'; $privileges = Privilege::getPrivileges(); $username = Http::get('name'); $logged_in_as = User::getCurrentLogin(); $viewerinfo = User::getUser($logged_in_as); $userinfo = User::getUser($username); if ($viewerinfo == false) { $error = Userpage::renderNoPrivilege($username); echo Standard::render('', $error); die; } if ($userinfo == false) { $error = Userpage::renderNotExist($username); echo Standard::render('', $error); die; } if ($username == $logged_in_as || $userinfo['privilege'] > $viewerinfo['privilege'] && $viewerinfo['privilege'] <= 4) { $privilege = Userpage::renderPrivileged($username, $userinfo['email'], $privileges, $userinfo['privilege'], $viewerinfo['privilege'], $viewerinfo['username']); $sidebar = Userpage::renderPrivilegedStatistics(); $sidebar .= Userpage::renderReason(Http::get('reason')); if (Http::get('reason') == 'success') { $sidebar .= Userpage::renderSuccessTime(Http::get('time')); } else { if (Http::get('reason') == 'nothing_changed') { $sidebar .= Userpage::renderNothingChanged();
?> " style='width:140px;' /></td></tr> <tr><td><label for='privilegeID'><b>Privilege</b></label</td> <td> <fieldset id="fieldsetPrivilege"> <a title = "Add/Edit users can add, edit, or remove licenses and associated fields<br /><br />Admin users have access to the Admin page and the SFX tab.<br /><br />Restricted users do not have the ability to view documents<br /><br />View only users can view all license information, including the license pdf" href=""><img src='images/help.gif'></a> </fieldset> <div id="footnote_priv" style='display:none;'>Add/Edit users can add, edit, or remove licenses and associated fields<br /><br />Admin users have access to the Admin page and the SFX tab.<br /><br />Restricted users do not have the ability to view documents<br /><br />View only users can view all license information, including the license pdf</div> </td> <td> <select name='privilegeID' id='privilegeID' style='width:145px'> <?php $display = array(); $privilege = new Privilege(); foreach ($privilege->allAsArray() as $display) { if ($updateUser->privilegeID == $display['privilegeID']) { echo "<option value='" . $display['privilegeID'] . "' selected>" . $display['shortName'] . "</option>"; } else { echo "<option value='" . $display['privilegeID'] . "'>" . $display['shortName'] . "</option>"; } } ?> </select> </td> </tr> <?php //if not configured to use SFX, hide the Terms Tool Report if ($util->useTermsTool()) {
$new = new News(); $new->SetDatabase($database); $new->Create(); break; case 11: $profile = new Profile(); $profile->SetDatabase($database); $profile->Create(); break; case 12: $paragraph = new Paragraph(); $paragraph->SetDatabase($database); $paragraph->Create(); break; case 13: $privilege = new Privilege(); $privilege->SetDatabase($database); $privilege->Create(); break; case 14: $role = new Role(); $role->SetDatabase($database); $role->Create(); break; case 15: $menu_item = new MenuItem(); $menu_item->SetDatabase($database); $menu_item->Create(); break; case 16: $shout = new Shout();
<?php session_start(); require_once "../config.php"; require_once "Privilege.php"; if ($_SESSION['online'] && Privilege::hasSuperAdmin($_SESSION['privileges'])) { $id = $_POST['id']; $stmt = $db->prepare("SELECT privileges FROM " . $prefix . "users WHERE id=?"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($priv); if ($stmt->num_rows > 0) { while ($stmt->fetch()) { if ($priv == "superadmin") { echo "You cannot delete the superadmin"; die; } } $stmt->close(); } $stmt = $db->prepare("DELETE FROM " . $prefix . "users WHERE id = ?"); $stmt->bind_param("i", $id); if ($stmt->execute()) { echo "User deleted successfully"; } else { echo "Could not delete user"; } $stmt->close(); }
function DropTables() { $moderator = new Moderator(); $moderator->SetDatabase($this); $moderator->Drop(); $message = new Message(); $message->SetDatabase($this); $message->Drop(); $topic = new Topic(); $topic->SetDatabase($this); $topic->Drop(); $user_info = new UserInfo(); $user_info->SetDatabase($this); $user_info->Drop(); $session = new Session(); $session->SetDatabase($this); $session->Drop(); $new = new News(); $new->SetDatabase($this); $new->Drop(); $shout = new Shout(); $shout->SetDatabase($this); $shout->Drop(); $paragraph = new Paragraph(); $paragraph->SetDatabase($this); $paragraph->Drop(); $privilege = new Privilege(); $privilege->SetDatabase($this); $privilege->Drop(); $role = new Role(); $role->SetDatabase($this); $role->Drop(); $menu_item = new MenuItem(); $menu_item->SetDatabase($this); $menu_item->Drop(); $module = new Module(); $module->SetDatabase($this); $module->Drop(); $page = new Page(); $page->SetDatabase($this); $page->Drop(); $article = new Article(); $article->SetDatabase($this); $article->Drop(); $subject = new Subject(); $subject->SetDatabase($this); $subject->Drop(); $menu = new Menu(); $menu->SetDatabase($this); $menu->Drop(); $profile = new Profile(); $profile->SetDatabase($this); $profile->Drop(); $user = new User(); $user->SetDatabase($this); $user->Drop(); }
if (Privilege::hasAdmin($_SESSION['privileges'])) { ?> <li><a>Config</a> <ul> <li><a href="groups.php">Groups</a></li> <li><a href="rules.php">Rules</a></li> <li><a href="lang.php">Lang</a></li> <li><a href="magic.php">Magic</a></li> </ul> </li> <?php } ?> <li><a href="account.php">Account</a> <?php if (Privilege::hasSuperAdmin($_SESSION['privileges'])) { ?> <li><a href="admin.php">Admin</a> <?php } ?> </ul> </nav> </div> <?php } ?> </div> <div class="grid-container"> <div class="grid-100"> <div class="well text-center">
Flight::ok($object); } catch (Exception $exception) { Flight::error($exception); } }); Flight::route('PUT /v1/main/privilege/@id', function ($id) { try { $object = Privilege::update($id); Flight::ok($object); } catch (Exception $exception) { Flight::error($exception); } }); Flight::route('DELETE /v1/main/privilege/@id', function ($id) { try { $object = Privilege::delete($id); Flight::ok($object); } catch (Exception $exception) { Flight::error($exception); } }); //============================================================================= //Route //============================================================================= Flight::route('GET /v1/main/route', function () { try { $array = Route::selectAll(); Flight::ok($array); } catch (Exception $exception) { Flight::error($exception); }
static function setAcl($blogid, $priv = null, $add = false) { if (!isset($_SESSION['acl'])) { $_SESSION['acl'] = array(); } if (!isset($_SESSION['acl']["blog.{$blogid}"])) { $_SESSION['acl']["blog.{$blogid}"] = array(); } if (is_null($priv)) { return; } if (!is_array($priv)) { $priv = array($priv); } if ($add) { $priv = array_merge($_SESSION['acl']["blog.{$blogid}"], $priv); } $_SESSION['acl']["blog.{$blogid}"] = Privilege::expand($priv); }
} } } elseif (sizeof($_GET) > 0) { @($action = $_GET['action']); @($privID = $_GET['id']); @($m = $_GET['m']); @($c = $_GET['c']); if ($action == "revoke") { // Revoke this privilege if (!$privID) { fail("Need a privilege ID to revoke; cannot revoke no privilege!"); } if ($m && $c || !$m && !$c) { fail("Please choose a member or a calling to revoke from."); } $priv = Privilege::Load($privID); if ($privID == 10) { // 10 is Manage Site Privileges; at least one member or calling from the ward should always have this. // This query gets a list of unique privileges. $epicQuery = "SELECT GrantedPrivileges.ID, Members.WardID FROM GrantedPrivileges\n\t\t\t\t\t\tINNER JOIN Members ON Members.ID = GrantedPrivileges.MemberID\n\t\t\t\t\t\tWHERE WardID = {$MEMBER->WardID} AND GrantedPrivileges.PrivilegeID = 10\n\t\t\t\t\t\tUNION\n\t\t\t\t\t\tSELECT GrantedPrivileges.ID, Callings.WardID FROM GrantedPrivileges\n\t\t\t\t\t\tINNER JOIN Callings ON Callings.ID = GrantedPrivileges.CallingID\n\t\t\t\t\t\tWHERE WardID = {$MEMBER->WardID} AND GrantedPrivileges.PrivilegeID = 10;"; if (mysql_num_rows(DB::Run($epicQuery)) == 1) { fail("At least one member or calling of your ward must be able to manage the site privileges. This was the last one; could not revoke."); } } if ($m) { $mem = Member::Load($m); if ($mem->WardID != $MEMBER->WardID) { fail("You can only revoke privileges from members of your ward."); } else { $priv->RevokeFromMember($m); }