/** * Constructor * * @access public * @param none * @return void **/ public function index() { if (!$this->user_model->is_logged_in()) { unauthorised(); } $_token = $this->input->get('token'); $_token = $this->encrypt->decode($_token, APP_PRIVATE_KEY); if (!$_token) { show_404(); } $_token = explode('|', $_token); if (count($_token) != 3) { show_404(); } $_user = $this->user_model->get_by_email($_token[2]); if (!$_user || $_user->id != active_user('id ')) { show_404(); } $this->load->library('emailer'); $_email = $this->emailer->get_by_ref($_token[1]); if (!$_email) { show_404(); } // -------------------------------------------------------------------------- // All seems above board, action the request if ($this->input->get('undo')) { if ($this->emailer->user_has_unsubscribed(active_user('id'), $_token[0])) { $this->emailer->subscribe_user(active_user('id'), $_token[0]); } } else { if (!$this->emailer->user_has_unsubscribed(active_user('id'), $_token[0])) { $this->emailer->unsubscribe_user(active_user('id'), $_token[0]); } } // -------------------------------------------------------------------------- // Load views $this->load->view('email/utilities/unsubscribe', $this->data); }
/** * Delete a faq * @return void */ public function delete() { if (!userHasPermission('admin:faq:faq:delete')) { unauthorised(); } // -------------------------------------------------------------------------- $faq = $this->faq_model->get_by_id($this->uri->segment(5)); if (!$faq) { $this->session->set_flashdata('error', lang('faqs_common_bad_id')); redirect('admin/faq/faq/index'); } // -------------------------------------------------------------------------- if ($this->faq_model->delete($faq->id)) { $this->session->set_flashdata('success', lang('faqs_delete_ok')); } else { $this->session->set_flashdata('error', lang('faqs_delete_fail')); } // -------------------------------------------------------------------------- redirect('admin/faq/faq/index'); }
/** * Delete an order * @return void */ public function delete() { if (!userHasPermission('admin:order:order:delete')) { unauthorised(); } // -------------------------------------------------------------------------- $oOrder = $this->oOrderModel->get_by_id($this->uri->segment(5)); if (!$oOrder) { show_404(); } // -------------------------------------------------------------------------- if ($this->oOrderModel->delete($oOrder->id)) { $sStatus = 'success'; $sMessage = 'Order deleted successfully!'; } else { $sStatus = 'error'; $sMessage = 'Order failed to delete. ' . $this->oOrderModel->last_error(); } $this->session->set_flashdata($sStatus, $sMessage); redirect('admin/order/order/index'); }
/** * Common constructor for all admin pages * * @access public * @return void * **/ public function __construct() { parent::__construct(); // -------------------------------------------------------------------------- // IP whitelist? $_ip_whitelist = json_decode(APP_ADMIN_IP_WHITELIST); if ($_ip_whitelist) { if (!ip_in_range($this->input->ip_address(), $_ip_whitelist)) { show_404(); } } // -------------------------------------------------------------------------- // Admins only please if (!$this->user_model->is_admin()) { unauthorised(); } // -------------------------------------------------------------------------- // Load up the generic admin langfile $this->lang->load('admin_generic'); // -------------------------------------------------------------------------- // Check that admin is running on the SECURE_BASE_URL url if (APP_SSL_ROUTING) { $_host1 = $this->input->server('HTTP_HOST'); $_host2 = parse_url(SECURE_BASE_URL); if (!empty($_host2['host']) && $_host2['host'] != $_host1) { // Not on the secure URL, redirect with message $_redirect = $this->input->server('REQUEST_URI'); if ($_redirect) { $this->session->set_flashdata('message', lang('admin_not_secure')); redirect($_redirect); } } } // -------------------------------------------------------------------------- // Load admin helper and config $this->load->model('admin_model'); $this->config->load('admin'); if (file_exists(FCPATH . 'application/config/admin.php')) { $this->config->load('admin'); } // -------------------------------------------------------------------------- // Load up the modules which have been enabled for this installation and the // user has permission to see. $this->_loaded_modules = array(); $this->data['loaded_modules'] =& $this->_loaded_modules; $this->_load_active_modules(); // -------------------------------------------------------------------------- // Check the user has permission to view this module (skip the dashboard // we need to show them _something_) $_active_module = $this->uri->segment(2); $_active_method = $this->uri->segment(3, 'index'); $_acl = active_user('acl'); if (!$this->user_model->is_superuser() && !isset($this->_loaded_modules[$_active_module])) { // If this is the dashboard, we should see if the user has permission to // access any other modules before we 404 their ass. if ($_active_module == 'dashboard' || $_active_module == '') { // Look at the user's ACL if (isset($_acl['admin'])) { // If they have other modules defined, loop them until one is found // which appears in the loaded modules list. If this doesn't happen // then they'll fall back to the 'no loaded modules' page. foreach ($_acl['admin'] as $module => $methods) { if (isset($this->_loaded_modules[$module])) { redirect('admin/' . $module); break; } } } } else { // Oh well, it's not, 404 bitches! show_404(); } } elseif (!$this->user_model->is_superuser()) { // Module is OK, check to make sure they can access this method if (!isset($_acl['admin'][$_active_module][$_active_method])) { unauthorised(); } } // -------------------------------------------------------------------------- // Load libraries and helpers $this->load->library('cdn'); $this->load->helper('admin'); // -------------------------------------------------------------------------- // Add the current module to the $page variable (for convenience) $this->data['page'] = new stdClass(); if (isset($this->_loaded_modules[$this->uri->segment(2)])) { $this->data['page']->module = $this->_loaded_modules[$this->uri->segment(2)]; } else { $this->data['page']->moduled = FALSE; } // -------------------------------------------------------------------------- // Unload any previously loaded assets, admin handles it's own assets $this->asset->clear_all(); // CSS $this->asset->load('fancybox/source/jquery.fancybox.css', 'BOWER'); $this->asset->load('jquery-toggles/toggles.css', 'BOWER'); $this->asset->load('jquery-toggles/themes/toggles-modern.css', 'BOWER'); $this->asset->load('tipsy/src/stylesheets/tipsy.css', 'BOWER'); $this->asset->load('ionicons/css/ionicons.min.css', 'BOWER'); $this->asset->load('nails.admin.css', TRUE); // JS $this->asset->load('jquery/dist/jquery.min.js', 'BOWER'); $this->asset->load('fancybox/source/jquery.fancybox.pack.js', 'BOWER'); $this->asset->load('jquery-toggles/toggles.min.js', 'BOWER'); $this->asset->load('tipsy/src/javascripts/jquery.tipsy.js', 'BOWER'); $this->asset->load('jquery.scrollTo/jquery.scrollTo.min.js', 'BOWER'); $this->asset->load('jquery-cookie/jquery.cookie.js', 'BOWER'); $this->asset->load('nails.default.min.js', TRUE); $this->asset->load('nails.admin.min.js', TRUE); $this->asset->load('nails.forms.min.js', TRUE); $this->asset->load('nails.api.min.js', TRUE); // Libraries $this->asset->library('jqueryui'); $this->asset->library('select2'); $this->asset->library('ckeditor'); // Look for any Admin styles provided by the app if (file_exists(FCPATH . 'assets/css/admin.css')) { $this->asset->load('admin.css'); } // Inline assets $_js = 'var _nails,_nails_admin,_nails_forms;'; $_js .= '$(function(){'; $_js .= 'if ( typeof( NAILS_JS ) === \'function\' ){'; $_js .= '_nails = new NAILS_JS();'; $_js .= '_nails.init();'; $_js .= '}'; $_js .= 'if ( typeof( NAILS_Admin ) === \'function\' ){'; $_js .= '_nails_admin = new NAILS_Admin();'; $_js .= '_nails_admin.init();'; $_js .= '}'; $_js .= 'if ( typeof( NAILS_Forms ) === \'function\' ){'; $_js .= '_nails_forms = new NAILS_Forms();'; $_js .= '}'; $_js .= 'if ( typeof( NAILS_API ) === \'function\' ){'; $_js .= '_nails_api = new NAILS_API();'; $_js .= '}'; $_js .= '});'; $this->asset->inline('<script>' . $_js . '</script>'); // -------------------------------------------------------------------------- // Initialise the admin change log model $this->load->model('admin_changelog_model'); }
protected function _manage_product_type_delete() { if (!user_has_permission('admin.shop.product_type_delete')) { unauthorised(); } // -------------------------------------------------------------------------- $_id = $this->uri->segment(6); if ($this->shop_product_type_model->delete($_id)) { $this->session->set_flashdata('success', '<strong>Success!</strong> Product Type was deleted successfully.'); } else { $this->session->set_flashdata('error', '<strong>Sorry,</strong> there was a problem deleting the Product Type. ' . $this->shop_product_type_model->last_error()); } redirect('admin/shop/manage/product_type' . $this->data['is_fancybox']); }