public function action_index() { $id = application::get(['mvc', 'controller_id']); if ($id) { $result = url_tinyurl::get($id); if ($result['success']) { request::redirect($result['data']['url']); } } }
$error = ''; // submit function if (Request::post('rename')) { // check token if (Token::check(Request::post('token'))) { // if empty if (Request::post('rename_file_name') !== '') { $to = str_replace(File::name($filename) . '.' . File::ext($filename), '', $filename); // if exists if (!File::exists($to . Request::post('rename_file_name') . '.' . File::ext($filename))) { // rename file File::rename($filename, $to . '/' . $p->SeoLink(Request::post('rename_file_name')) . '.' . File::ext($filename)); // set notification $p->setMsg($p::$lang['Success_rename']); // redirect to edit index request::redirect($p->url() . '/backups'); } else { // if exists $error = '<span class="well red">' . Panel::$lang['File_Name_Exists'] . '</span>'; } } else { // if empty input value $error = '<span class="well red">' . Panel::$lang['File_Name_Required'] . '</span>'; } } else { die('crsf detect'); } } // template $p->view('actions', array('title' => Panel::$lang['Rename_File'], 'content' => $filename, 'html' => '<div class="info"> <form method="post">
/** * Validate if controller can be executed * * @param object $controller_object * @return boolean */ public static function can_be_executed(&$controller_object, $redirect = false) { $authorized = session::get(['numbers', 'authorized']); // authorized if ($authorized) { // see if controller is for authorized if (empty($controller_object->acl['authorized'])) { return false; } // permissions if (!empty($controller_object->acl['permission'])) { if (self::$permissions == null) { self::handle_permissions(); } // admin account can see everything if (self::$flag_admin) { // we need to put permission into controller $permission_list = []; foreach ($controller_object->actions['by_id'] as $k => $v) { $permission_list[$k] = true; } application::set(['controller', 'acl', 'permissions'], $permission_list); return true; } // see if we have this action code registered if (empty($controller_object->actions['by_code'][$controller_object->action['code']])) { return false; } // check if we have access to the controller if (empty($controller_object->controller_id) || empty(self::$permissions[$controller_object->controller_id])) { return false; } // if we have action $all_actions = []; foreach (self::$permissions[$controller_object->controller_id] as $k => $v) { if ($v == true) { $all_actions[] = $k; } } $merged = array_intersect($all_actions, $controller_object->actions['by_code'][$controller_object->action['code']]); if (empty($merged)) { return false; } // we need to put permission into controller application::set(['controller', 'acl', 'permissions'], self::$permissions[$controller_object->controller_id]); } } else { // we need to redirect to login controller if not authorized if ($redirect && !empty($controller_object->acl['authorized']) && empty($controller_object->acl['public']) && !application::get('flag.global.__skip_session')) { request::redirect(application::get('flag.global.authorization.login.controller')); } // public permission if (empty($controller_object->acl['public'])) { return false; } } return true; }