Esempi in PHP per ConstructrBase::checkUserModulRights

Esempio n. 1

File: ConstructrContent.php Progetto: phaziz/ConstructrCMS-3

 public function content_reorder($APP)
 {
     $APP->set('MODUL_ID', 53);
     $USER_RIGHTS = parent::checkUserModulRights($APP->get('MODUL_ID'), $APP->get('LOGIN_USER_RIGHTS'));
     if ($USER_RIGHTS == false) {
         $APP->get('CONSTRUCTR_LOG')->write('User ' . $APP->get('SESSION.username') . ' missing USER-RIGHTS for modul ' . $APP->get('MODUL_ID'));
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/no-rights');
     }
     $PAGE_ID = filter_var($APP->get('PARAMS.page_id'), FILTER_SANITIZE_NUMBER_INT);
     $APP->set('PAGE_ID', $PAGE_ID);
     $CONTENT_ID = filter_var($APP->get('PARAMS.content_id'), FILTER_SANITIZE_NUMBER_INT);
     $APP->set('CONTENT_ID', $CONTENT_ID);
     $METHOD = filter_var($APP->get('PARAMS.method'), FILTER_SANITIZE_FULL_SPECIAL_CHARS);
     $APP->set('METHOD', $METHOD);
     $APP->set('SELECT_CONTENT', $APP->get('DBCON')->exec(['SELECT * FROM constructr_content WHERE constructr_content_page_id=:PAGE_ID AND constructr_content_id=:CONTENT_ID LIMIT 1;'], [[':PAGE_ID' => $PAGE_ID, ':CONTENT_ID' => $CONTENT_ID]]));
     $APP->set('CONTENT_COUNTR', 0);
     $APP->set('CONTENT_COUNTR', count($APP->get('SELECT_CONTENT')));
     if ($APP->get('CONTENT_COUNTR') == 1) {
         if ($METHOD == 'up') {
             $ACT_POSITION = $APP->get('SELECT_CONTENT.0.constructr_content_order');
             $NEW_POSITION = $APP->get('SELECT_CONTENT.0.constructr_content_order') - 1;
             $APP->set('UPDATE_OLD_CONTENT', $APP->get('DBCON')->exec(['UPDATE constructr_content SET constructr_content_order=:TMP_ORDER WHERE constructr_content_page_id=:PAGE_ID AND constructr_content_order=:NEW_POSITION LIMIT 1;'], [[':PAGE_ID' => $PAGE_ID, ':NEW_POSITION' => $NEW_POSITION, ':TMP_ORDER' => 9999]]));
             $APP->set('UPDATE_NEW_CONTENT', $APP->get('DBCON')->exec(['UPDATE constructr_content SET constructr_content_order=(constructr_content_order-1) WHERE constructr_content_page_id=:PAGE_ID AND constructr_content_id=:CONTENT_ID LIMIT 1;'], [[':PAGE_ID' => $PAGE_ID, ':CONTENT_ID' => $CONTENT_ID]]));
             $APP->set('UPDATE_OLD_CONTENT2', $APP->get('DBCON')->exec(['UPDATE constructr_content SET constructr_content_order=:ACT_POSITION WHERE constructr_content_page_id=:PAGE_ID AND constructr_content_order=:TMP_ORDER LIMIT 1;'], [[':ACT_POSITION' => $ACT_POSITION, ':PAGE_ID' => $PAGE_ID, ':TMP_ORDER' => 9999]]));
             $APP->set('MOVE', 'success');
             $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/content/' . $PAGE_ID . '/?move=success');
         } elseif ($METHOD == 'down') {
             $ACT_POSITION = $APP->get('SELECT_CONTENT.0.constructr_content_order');
             $NEW_POSITION = $APP->get('SELECT_CONTENT.0.constructr_content_order') + 1;
             $APP->set('UPDATE_OLD_CONTENT', $APP->get('DBCON')->exec(['UPDATE constructr_content SET constructr_content_order=:TMP_ORDER WHERE constructr_content_page_id=:PAGE_ID AND constructr_content_order=:NEW_POSITION LIMIT 1;'], [[':PAGE_ID' => $PAGE_ID, ':NEW_POSITION' => $NEW_POSITION, ':TMP_ORDER' => 9999]]));
             $APP->set('UPDATE_NEW_CONTENT', $APP->get('DBCON')->exec(['UPDATE constructr_content SET constructr_content_order=(constructr_content_order+1) WHERE constructr_content_page_id=:PAGE_ID AND constructr_content_id=:CONTENT_ID LIMIT 1;'], [[':PAGE_ID' => $PAGE_ID, ':CONTENT_ID' => $CONTENT_ID]]));
             $APP->set('UPDATE_OLD_CONTENT2', $APP->get('DBCON')->exec(['UPDATE constructr_content SET constructr_content_order=:ACT_POSITION WHERE constructr_content_page_id=:PAGE_ID AND constructr_content_order=:TMP_ORDER LIMIT 1;'], [[':ACT_POSITION' => $ACT_POSITION, ':PAGE_ID' => $PAGE_ID, ':TMP_ORDER' => 9999]]));
             parent::clean_up_cache($APP);
             $APP->set('MOVE', 'success');
             $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/content/' . $PAGE_ID . '/?move=success');
         } else {
             $APP->set('MOVE', 'no-success');
             $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/content/' . $PAGE_ID . '/?move=no-success');
         }
     } else {
         $APP->set('MOVE', 'no-success');
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/content/' . $PAGE_ID . '/?move=no-success');
     }
 }

Esempio n. 2

File: ConstructrCMS.php Progetto: phaziz/ConstructrCMS-3

 public function page_management_move_down($APP)
 {
     $APP->set('MODUL_ID', 34);
     $USER_RIGHTS = parent::checkUserModulRights($APP->get('MODUL_ID'), $APP->get('LOGIN_USER_RIGHTS'));
     if ($USER_RIGHTS == false) {
         $APP->get('CONSTRUCTR_LOG')->write('User ' . $APP->get('SESSION.username') . ' missing USER-RIGHTS for modul ' . $APP->get('MODUL_ID'));
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/no-rights');
     }
     $MOVE_PAGE_ID = filter_var($APP->get('PARAMS.page_id'), FILTER_SANITIZE_NUMBER_INT);
     $APP->set('MOVE_PAGE', $APP->get('DBCON')->exec(['SELECT * FROM constructr_pages WHERE constructr_pages_id=:DELETE_PAGE_ID LIMIT 1;'], [[':DELETE_PAGE_ID' => $MOVE_PAGE_ID]]));
     if (count($APP->get('MOVE_PAGE')) == 1) {
         $MOVE_PAGE_ORDER = $APP->get('MOVE_PAGE.0.constructr_pages_order');
         $MOVE_PAGE_LEVEL = $APP->get('MOVE_PAGE.0.constructr_pages_level');
         $MOVE_PAGE_MOTHER = $APP->get('MOVE_PAGE.0.constructr_pages_mother');
     } else {
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/pagemanagement?move=no-success');
     }
     if ($MOVE_PAGE_ORDER == 1) {
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/pagemanagement?move=no-success-homepage');
     }
     $TARGET_PAGE_ORDER = $MOVE_PAGE_ORDER + 1;
     $APP->set('TARGET_PAGE', $APP->get('DBCON')->exec(['SELECT * FROM constructr_pages WHERE constructr_pages_order=:TARGET_PAGE_ORDER LIMIT 1;'], [[':TARGET_PAGE_ORDER' => $TARGET_PAGE_ORDER]]));
     if (count($APP->get('TARGET_PAGE')) == 1) {
         $TARGET_PAGE_ID = $APP->get('TARGET_PAGE.0.constructr_pages_id');
         $TARGET_PAGE_LEVEL = $APP->get('TARGET_PAGE.0.constructr_pages_level');
         $TARGET_PAGE_MOTHER = $APP->get('TARGET_PAGE.0.constructr_pages_mother');
         $TARGET_PAGE_ORDER = $APP->get('TARGET_PAGE.0.constructr_pages_order');
     } else {
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/pagemanagement?move=no-success');
     }
     if ($TARGET_PAGE_ORDER == 1) {
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/pagemanagement?move=no-success-homepage');
     }
     $APP->set('UPDATR_TARGET_STEP_ONE', $APP->get('DBCON')->exec(['UPDATE constructr_pages SET constructr_pages_id=:TMP_PAGE_ID,constructr_pages_order=:TMP_PAGE_ORDER,constructr_pages_level=:TMP_PAGE_LEVEL,constructr_pages_mother=:TMP_PAGE_MOTHER,constructr_pages_temp_marker=:TMP_PAGE_MARKER WHERE constructr_pages_id=:TARGET_PAGE_ID LIMIT 1;'], [[':TMP_PAGE_ID' => 0, ':TMP_PAGE_ORDER' => 666, ':TMP_PAGE_LEVEL' => 666, ':TMP_PAGE_MOTHER' => 666, ':TMP_PAGE_MARKER' => 666, ':TARGET_PAGE_ID' => $TARGET_PAGE_ID]]));
     $APP->set('UPDATR_MOVE', $APP->get('DBCON')->exec(['UPDATE constructr_pages SET constructr_pages_id=:TARGET_PAGE_ID,constructr_pages_order=:TARGET_PAGE_ORDER,constructr_pages_level=:TARGET_PAGE_LEVEL,constructr_pages_mother=:TARGET_PAGE_MOTHER WHERE constructr_pages_id=:MOVE_PAGE_ID LIMIT 1;'], [[':MOVE_PAGE_ID' => $MOVE_PAGE_ID, ':TARGET_PAGE_ID' => $TARGET_PAGE_ID, ':TARGET_PAGE_ORDER' => $TARGET_PAGE_ORDER, ':TARGET_PAGE_LEVEL' => $TARGET_PAGE_LEVEL, ':TARGET_PAGE_MOTHER' => $TARGET_PAGE_MOTHER]]));
     $APP->set('UPDATR_TARGET', $APP->get('DBCON')->exec(['UPDATE constructr_pages SET constructr_pages_id=:MOVE_PAGE_ID,constructr_pages_order=:MOVE_PAGE_ORDER,constructr_pages_level=:MOVE_PAGE_LEVEL,constructr_pages_mother=:MOVE_PAGE_MOTHER,constructr_pages_temp_marker=:TMP_MARKER WHERE constructr_pages_id=:TARGET_PAGE_ID LIMIT 1;'], [[':TMP_MARKER' => 0, ':TARGET_PAGE_ID' => 0, ':MOVE_PAGE_ID' => $MOVE_PAGE_ID, ':MOVE_PAGE_ORDER' => $MOVE_PAGE_ORDER, ':MOVE_PAGE_LEVEL' => $MOVE_PAGE_LEVEL, ':MOVE_PAGE_MOTHER' => $MOVE_PAGE_MOTHER]]));
     $APP->set('CONTENT_UPDATR1', $APP->get('DBCON')->exec(['UPDATE constructr_content SET constructr_content_page_id=:TMP_MARKER WHERE constructr_content_page_id=:TARGET_PAGE_ID;'], [[':TMP_MARKER' => 9999, ':TARGET_PAGE_ID' => $TARGET_PAGE_ID]]));
     $APP->set('CONTENT_UPDATR2', $APP->get('DBCON')->exec(['UPDATE constructr_content SET constructr_content_page_id=:TARGET_PAGE_ID WHERE constructr_content_page_id=:MOVE_PAGE_ID;'], [[':TARGET_PAGE_ID' => $TARGET_PAGE_ID, ':MOVE_PAGE_ID' => $MOVE_PAGE_ID]]));
     $APP->set('CONTENT_UPDATR3', $APP->get('DBCON')->exec(['UPDATE constructr_content SET constructr_content_page_id=:MOVE_PAGE_ID WHERE constructr_content_page_id=:TMP_MARKER;'], [[':TMP_MARKER' => 9999, ':MOVE_PAGE_ID' => $MOVE_PAGE_ID]]));
     parent::clean_up_cache($APP);
     $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/pagemanagement?move=success');
 }

Esempio n. 3

File: ConstructrUploads.php Progetto: phaziz/ConstructrCMS-3

 public function uploads_new_verify($APP)
 {
     $APP->set('MODUL_ID', 61);
     $USER_RIGHTS = parent::checkUserModulRights($APP->get('MODUL_ID'), $APP->get('LOGIN_USER_RIGHTS'));
     if ($USER_RIGHTS == false) {
         $APP->get('CONSTRUCTR_LOG')->write('User ' . $APP->get('SESSION.username') . ' missing USER-RIGHTS for modul ' . $APP->get('MODUL_ID'));
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/no-rights');
     }
     $POST_CSRF = $APP->get('POST.csrf');
     $POST_ADDITIVE = $APP->get('POST.csrf_additive');
     $POST_TRIPPLE_ADDITIVE = $APP->get('POST.csrf_tripple_additive');
     if ($POST_CSRF != '') {
         if ($POST_CSRF != $APP->get('SESSION.csrf')) {
             $APP->get('CONSTRUCTR_LOG')->write('FORM CSRF DON\'T MATCH: ' . $POST_USERNAME);
             $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/logout');
         }
     }
     if ($POST_ADDITIVE != '') {
         if ($POST_ADDITIVE != $APP->get('SESSION.additive')) {
             $APP->get('CONSTRUCTR_LOG')->write('FORM ADDITIVE DON\'T MATCH: ' . $POST_USERNAME);
             $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/logout');
         }
     }
     if ($POST_TRIPPLE_ADDITIVE != '') {
         if ($POST_TRIPPLE_ADDITIVE != $APP->get('SESSION.tripple_additive')) {
             $APP->get('CONSTRUCTR_LOG')->write('FORM TRIPPLE ADDITIVE DON\'T MATCH: ' . $POST_USERNAME);
             $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/logout');
         }
     }
     if ($POST_TRIPPLE_ADDITIVE != $POST_ADDITIVE . $POST_CSRF) {
         $APP->get('CONSTRUCTR_LOG')->write('FORM TRIPPLE ADDITIVE COMPARISON DON\'T MATCH: ' . $POST_USERNAME);
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/logout');
     }
     $COUNTR = count($_FILES['new_file']['name']);
     if ($COUNTR != 0) {
         for ($i = 0; $i < $COUNTR; $i++) {
             $NEW_UPLOAD = '';
             $NEW_UPLOAD = $APP->get('UPLOADS') . $_FILES['new_file']['name'][$i];
             if (copy($_FILES['new_file']['tmp_name'][$i], $NEW_UPLOAD)) {
                 @chmod($NEW_UPLOAD, 0777);
             } else {
                 $APP->set('NEW', 'no-success');
                 $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/uploads/?new=no-success');
             }
         }
     }
     $APP->set('NEW', 'success');
     $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/uploads/?new=success');
 }

Esempio n. 4

File: ConstructrUser.php Progetto: phaziz/ConstructrCMS-3

 public function user_management_edit_verify($APP)
 {
     $APP->set('MODUL_ID', 42);
     $USER_RIGHTS = parent::checkUserModulRights($APP->get('MODUL_ID'), $APP->get('LOGIN_USER_RIGHTS'));
     if ($USER_RIGHTS == false) {
         $APP->get('CONSTRUCTR_LOG')->write('User ' . $APP->get('SESSION.username') . ' missing USER-RIGHTS for modul ' . $APP->get('MODUL_ID'));
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/no-rights');
     }
     $POST_CSRF = $APP->get('POST.csrf');
     $POST_ADDITIVE = $APP->get('POST.csrf_additive');
     $POST_TRIPPLE_ADDITIVE = $APP->get('POST.csrf_tripple_additive');
     if ($POST_CSRF != '') {
         if ($POST_CSRF != $APP->get('SESSION.csrf')) {
             $APP->get('CONSTRUCTR_LOG')->write('LOGIN FORM CSRF DON\'T MATCH: ' . $POST_USERNAME);
             $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/logout');
         }
     }
     if ($POST_ADDITIVE != '') {
         if ($POST_ADDITIVE != $APP->get('SESSION.additive')) {
             $APP->get('CONSTRUCTR_LOG')->write('FORM ADDITIVE DON\'T MATCH: ' . $POST_USERNAME);
             $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/logout');
         }
     }
     if ($POST_TRIPPLE_ADDITIVE != '') {
         if ($POST_TRIPPLE_ADDITIVE != $APP->get('SESSION.tripple_additive')) {
             $APP->get('CONSTRUCTR_LOG')->write('FORM TRIPPLE ADDITIVE DON\'T MATCH: ' . $POST_USERNAME);
             $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/logout');
         }
     }
     if ($POST_TRIPPLE_ADDITIVE != $POST_ADDITIVE . $POST_CSRF) {
         $APP->get('CONSTRUCTR_LOG')->write('FORM TRIPPLE ADDITIVE COMPARISON DON\'T MATCH: ' . $POST_USERNAME);
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/logout');
     }
     $USER_ID = filter_var($APP->get('POST.user_id'), FILTER_SANITIZE_NUMBER_INT);
     $USER_NAME = filter_var($APP->get('POST.user_name'), FILTER_SANITIZE_FULL_SPECIAL_CHARS);
     $USER_EMAIL = filter_var($APP->get('POST.user_email'), FILTER_SANITIZE_FULL_SPECIAL_CHARS);
     $NEW_SALT = '$2a$10$' . strtr(base64_encode(mcrypt_create_iv(50, MCRYPT_DEV_URANDOM)), '+', '.') . '$';
     $USER_PASSWORD = crypt($APP->get('POST.user_password'), $NEW_SALT);
     $APP->set('USER_EXISTS', $APP->get('DBCON')->exec(['SELECT * FROM constructr_backenduser WHERE constructr_user_username=:USER_NAME LIMIT 1;'], [[':USER_NAME' => $USER_NAME]]));
     $USER_EXISTS_COUNTR = count($APP->get('USER_EXISTS'));
     if ($USER_EXISTS_COUNTR > 1) {
         $APP->set('NEW', 'no-success');
         $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/usermanagement?new=no-success');
     }
     $APP->set('UPDATE_USER', $APP->get('DBCON')->exec(['UPDATE constructr_backenduser SET constructr_user_username=:USER_NAME,constructr_user_email=:USER_EMAIL,constructr_user_password=:USER_PASSWORD,constructr_user_salt=:USER_SALT WHERE constructr_user_id=:USER_ID LIMIT 1;'], [[':USER_ID' => $USER_ID, ':USER_NAME' => $USER_NAME, ':USER_EMAIL' => $USER_EMAIL, ':USER_PASSWORD' => $USER_PASSWORD, ':USER_SALT' => $NEW_SALT]]));
     $APP->reroute($APP->get('CONSTRUCTR_BASE_URL') . '/constructr/usermanagement?new=success');
 }