public function __construct() { if (!isset($_SESSION['user'])) { return; } $user = $_SESSION['user']; $hasInfo = true; //ziska informacie z databazy $data = CDatabaza::getInstance(); $data->connect(); $rights = new UserRights($data); //ziska uzivatelske prava if (mysqli_num_rows($data->query("SELECT * FROM Uzivatel_info WHERE uzivatel_id={$user}")) == 0) { $hasInfo = false; } $data->close(); //prida polia hlavneho menu na zaklade uzivatelskych prav $this->addItem("Domov", ProgramManager::getId("Intro")); if ($hasInfo) { $this->addItem("Môj profil", ProgramManager::getId("User_info")); } if ($rights->approved('EDIT_USERS')) { $this->addItem("Užívatelia", ProgramManager::getId("Users")); } if ($rights->approved('EDIT_ENUMS')) { $this->addItem("Rubriky", ProgramManager::getId("Topics")); } $this->addItem("Články", ProgramManager::getId("Article_list")); //$this->addItem("Príspevky", 0); //$this->addItem("Nastavenia", 0); //$this->addItem("Odhlásiť","?id=".ProgramManager::getId("Login")."&func=logout",0); $this->displayed = true; }
public function __construct() { //zisti, ci uzivatel ma pravo menit dane udaje $rights = new UserRights(CDatabaza::getInstance()); if (!$rights->approved("EDIT_ENUMS")) { $this->disable(); return; } $this->enable(); //inicializuje premenne $this->initialize(); //nastavi spustitelne funkcie a prislusne formulare triedy $this->setFunction("add_topic", "add_topic"); $this->setForm("add_topic", "Pridaj rubriku", "add_topic", "add_topic_form"); $this->setFunction("edit_topic", "edit_topic"); $this->setForm("edit_topic", "Uprav rubriku", "edit_topic", "edit_topic_form"); $this->setFunction("remove_topic", "remove_topic"); $this->setForm("remove_topic", "Odstráň rubriku", "remove_topic", "remove_topic_form"); $this->setFunction("add_theme", "add_theme"); $this->setForm("add_theme", "Pridaj tému", "add_theme", "add_theme_form"); $this->setFunction("edit_theme", "edit_theme"); $this->setForm("edit_theme", "Uprav tému", "edit_theme", "edit_theme_form"); $this->setFunction("remove_theme", "remove_theme"); $this->setForm("remove_theme", "Odstráň tému", "remove_theme", "remove_theme_form"); }
public function __construct() { $rights = new UserRights(CDatabaza::getInstance()); if (!$rights->approved("EDIT_USERS")) { $this->disable(); return; } $this->enable(); $this->initialize(); $this->setFunction("add", "add_user"); $this->setForm("add", "Pridaj užívateľa", "add_user", "add_user_form"); $this->setFunction("edit", "edit_user"); $this->setForm("edit", "Uprav informácie o užívateľovi", "edit_user", "edit_user_form"); $this->setFunction("remove", "remove_user"); $this->setForm("remove", "Vymaž užívateľa", "remove_user", "remove_user_form"); $this->setFunction("set_rights", "set_user_rights"); $this->setForm("set_rights", "Nastav užívateľské práva", "set_rights", "set_user_rights_form"); $this->setFunction("reset", "reset_password"); $this->setForm("reset", "Resetuj heslo", "remove_user", "remove_user_form"); }
require dirname(__FILE__) . "/../../classes/utils/UserRights.php"; $data = CDatabaza::getInstance(); if (!$data) { exit("Nemozem sa pripojit na databazu"); } $data->connect(); $clanok = $data->escape_string($_GET['article_id']); $user = new UserRights($data, $_COOKIE['user']); $sql = "SELECT * FROM Clanok_uzivatel WHERE clanok_id={$clanok} AND uzivatel_id=" . $_COOKIE['user']; $query = $data->query($sql); if (!$query) { echo "Chyba v pripojení na databázu"; $data->close(); exit; } if (!$query->num_rows && !$user->approved('EDIT_ALL')) { echo "Nemáte oprávnenie na prezeranie obsahu. Prístup zamietnutý."; $data->close(); exit; } $data->close(); ?> <html> <head> <base href="../../../"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" type="text/css" href="redakcia/utilities/browser/styles/browser.css"> <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script> <script type="text/javascript" src="redakcia/utilities/browser/scripts/browser.js"></script> <script type="text/javascript" src="redakcia/utilities/browser/scripts/jquery.ajaxfileupload.js"></script>