public function delAction($id = 0, $all = 0)
{
if (!auth::check($this->roleid, 'ip-del', 'admin')) {
$this->adminMsg(lang('a-com-0', array('1' => 'ip', '2' => 'del')));
}
$id = $id ? $id : $this->get('id');
$all = $all ? $all : $this->get('all');
$this->ip->delete('id=' . $id);
$all or $this->adminMsg($this->getCacheCode('ip') . lang('success'), url('admin/ip/index'), 3, 1, 1);
}
public function delAction($id = 0, $all = 0)
{
if (!auth::check($this->roleid, 'block-del', 'admin')) {
$this->adminMsg(lang('a-com-0', array('1' => 'block', '2' => 'del')));
}
$id = $id ? $id : (int) $this->get('id');
$all = $all ? $all : $this->get('all');
$this->block->delete('site=' . $this->siteid . ' AND id=' . $id);
$all or $this->adminMsg($this->getCacheCode('block') . lang('success'), url('admin/block/index'), 3, 1, 1);
}
public function __construct()
{
parent::__construct();
$this->user = $this->model('user');
$this->isAdminLogin();
if (!auth::check($this->roleid, $this->controller . '-' . $this->action, $this->namespace)) {
$this->adminMsg(lang('a-com-0', array('1' => $this->controller, '2' => $this->action)));
}
$sites = App::get_site();
$this->site_url = 'http://' . $sites[$this->siteid]['DOMAIN'];
$this->view->assign(array('userinfo' => $this->userinfo, 'site_url' => $this->site_url));
$this->adminLog();
}
public function downloadFile($id)
{
$entry = FileRecord::where('id', '=', $id)->firstOrFail();
$file = Storage::disk('local')->get($entry->owner_id . $entry->id . $entry->filename . "/" . $entry->public_version);
$sharing = (array) json_decode($entry->sharing);
$editor = (array) json_decode($entry->user_editor);
if (auth::check()) {
if ($entry->owner_id == Auth::user()->id or auth::User()->user_type_id == 1 or in_array(Auth::user()->username, $sharing['users']) or in_array(Auth::user()->username, $editor) or in_array(Auth::user()->user_dept->name, $sharing['departments']) or $sharing['mass'] == 1) {
return (new Response($file, 200))->header('Content-Type', $entry->mime);
} else {
return "You aren't allowed to access this file.";
}
} elseif ($sharing['mass'] == 2) {
return (new Response($file, 200))->header('Content-Type', $entry->mime);
} else {
return "You aren't allowed to access this file.";
}
}
public function indexAction()
{
if ($this->isPostForm()) {
if (!auth::check($this->roleid, 'linkage-del', 'admin')) {
$this->adminMsg(lang('a-com-0', array('1' => 'linkage', '2' => 'del')));
}
$ids = $this->post('ids');
if (empty($ids)) {
$this->adminMsg(lang('a-tag-0'));
}
foreach ($ids as $id) {
$id = intval($id);
$this->link->delete('keyid=' . $id);
$this->link->delete('id=' . $id);
}
$this->adminMsg($this->getCacheCode('linkage') . lang('success'), url('admin/linkage/'), 3, 1, 1);
}
$this->view->assign('data', $this->link->where('keyid=0')->select());
$this->view->display('admin/linkage');
}
public function __construct()
{
parent::__construct();
define('IS_FC_ADMIN', intval(SYS_MODE));
if (SYS_MODE == 1) {
// 中级
} elseif (SYS_MODE == 2) {
// 高级
} else {
// 初级
}
$this->user = $this->model('user');
$this->isAdminLogin();
if (!auth::check($this->roleid, $this->controller . '-' . $this->action, $this->namespace)) {
$this->adminMsg(lang('a-com-0', array('1' => $this->controller, '2' => $this->action)));
}
$sites = App::get_site();
$this->site_url = 'http://' . $sites[$this->siteid]['DOMAIN'];
$this->view->assign(array('userinfo' => $this->userinfo, 'site_url' => $this->site_url));
//print_r($this->site_url);
//exit;
$this->adminLog();
}
public function backup()
{
if (!auth::check(self::AUTH_REALM)) {
$this->access_denied();
}
$dump = "";
$models = $this->getModels();
foreach ($this->getModels() as $model) {
$model_name = substr($model['info']['basename'], 0, strpos($model['info']['basename'], '.xml'));
$schema = ORM::getSchema($model_name);
// Drop the table
$dump .= "DROP TABLE IF EXISTS `{$schema->table}`;\n";
// Create the table
$create_sql = $schema->getCreateString();
$dump .= "{$create_sql}\n\n";
// Dump the table data
$model_instances = ORM::retrieveAll($model_name);
foreach ($model_instances as $instance) {
$insert_query = $instance->getSaveQuery(true);
$dump .= "{$insert_query}\n";
}
$dump .= "\n";
}
$this->template->content = new View('ksetup_backup');
$this->template->action = 'backup';
$this->template->dump = $dump;
$this->template->render();
}
/**
* 删除栏目
*/
public function delAction($catid = 0, $all = 0)
{
if (!auth::check($this->roleid, 'category-del', 'admin')) {
$this->adminMsg(lang('a-com-0', array('1' => 'category', '2' => 'del')));
}
$all = $all ? $all : $this->get('all');
$catid = $catid ? $catid : (int) $this->get('catid');
if (empty($catid)) {
$this->adminMsg(lang('a-cat-7'));
}
if (!isset($this->cats[$catid])) {
$this->adminMsg(lang('m-con-9', array('1' => $catid)));
}
$result = $this->category->del($catid);
if ($result) {
$all or $this->adminMsg($this->getCacheCode('category') . lang('success'), url('admin/category/index'), 3, 1, 1);
} else {
$all or $this->adminMsg(lang('a-cat-8'));
}
}
/**
* 后台权限验证
*/
function admin_auth($roleid, $action)
{
return auth::check($roleid, $action, 'admin');
}
$r = '';
$auth = new auth();
//~ Создаем новый объект класса
//~ Авторизация
if (isset($_POST['send'])) {
if (!$auth->authorization()) {
$error = $_SESSION['error'];
unset($_SESSION['error']);
}
}
//~ выход
if (isset($_GET['exit'])) {
$auth->exit_user();
}
//~ Проверка авторизации
if ($auth->check()) {
$r .= '
Добро пожаловать, ' . $_SESSION['login_user'] . '<br/>
<a href="?exit">Выйти</a>
<br />
<script type="text/javascript">
location="../private/accounts.php";
</script>
';
} else {
//~ если есть ошибки выводим и предлагаем восстановить пароль
if (isset($error)) {
$r .= $error;
}
$r .= '
<div class="auth">
<head>
<meta http-equiv="Content-Language" content="en" />
<meta name="GENERATOR" content="PHPEclipse 1.0" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>myauth test</title>
</head>
<body bgcolor="#FFFFFF" text="#000000" link="#FF9966" vlink="#FF9966" alink="#FFCC99">
<?php
loginFunction();
$pass = init("password", "p", FALSE);
$user = init("username", "p", FALSE);
$meth = init("method", "p", "simap");
if ($user && $pass) {
$a = new auth($meth, "mail.uni-rostock.de");
if ($a->tested) {
if ($a->check($user, $pass) == true) {
echo "ok.";
} else {
echo "nönö";
}
} else {
echo "Verbindungstest fehlgeschlagen";
}
}
?>
</body>
</html>
/**
* 增加/删除推荐位
*/
private function setPosition($insert_ids, $cid, $data, $position = null)
{
if (empty($cid)) {
return false;
}
$pos = $this->model('position_data');
$arrid = @explode(',', $insert_ids);
if ($data['url'] == '') {
$data['url'] = getUrl($data);
}
//增加推荐位
if (is_array($arrid)) {
foreach ($arrid as $sid) {
if ($sid) {
$row = $pos->from(null, 'id')->where('posid=' . (int) $sid . ' and contentid=' . (int) $cid)->select(false);
if ($row) {
if (!auth::check($this->roleid, 'position-edit', 'admin')) {
$this->adminMsg(lang('a-com-0', array('1' => 'position', '2' => 'edit')));
}
$set = array('url' => $data['url'], 'catid' => (int) $data['catid'], 'title' => $data['title'], 'thumb' => $data['thumb'], 'description' => $data['description']);
$pos->update($set, 'id=' . $row['id']);
} else {
if (!auth::check($this->roleid, 'position-add', 'admin')) {
$this->adminMsg(lang('a-com-0', array('1' => 'position', '2' => 'add')));
}
$set = array('url' => $data['url'], 'catid' => (int) $data['catid'], 'title' => $data['title'], 'thumb' => $data['thumb'], 'posid' => (int) $sid, 'contentid' => $cid, 'description' => $data['description']);
$pos->insert($set);
}
}
}
}
//删除推荐位
$old_ids = @explode(',', $position);
if (is_array($old_ids)) {
foreach ($old_ids as $sid) {
if (!in_array($sid, $arrid) && $sid) {
if (!auth::check($this->roleid, 'position-del', 'admin')) {
$this->adminMsg(lang('a-com-0', array('1' => 'position', '2' => 'del')));
}
$pos->delete('posid=' . $sid . ' AND contentid=' . $cid);
}
}
}
//更新缓存
$data = array();
$pmodel = $this->model('position');
$position = $pmodel->where('site=' . $this->siteid)->select();
foreach ($position as $t) {
$posid = $t['posid'];
$data[$posid] = $pos->where('posid=' . $posid)->order('listorder ASC, id DESC')->select();
$data[$posid]['catid'] = $t['catid'];
$data[$posid]['maxnum'] = $t['maxnum'];
}
//写入缓存文件中
$this->cache->set('position_' . $this->siteid, $data);
}
/**
* 站点配置
*/
public function configAction()
{
//加载配置文件.
$siteid = $this->get('id') ? $this->get('id') : $this->siteid;
$config = self::load_config('site' . DIRECTORY_SEPARATOR . $siteid);
if ($this->post('submit')) {
$data = $this->post('data');
$body = "<?php" . PHP_EOL . "if (!defined('IN_FINECMS')) exit();" . PHP_EOL . PHP_EOL . "/**" . PHP_EOL . " * " . $data['SITE_NAME'] . "配置" . PHP_EOL . " */" . PHP_EOL . "return array(" . PHP_EOL . PHP_EOL;
foreach ($this->string as $var => $str) {
if ($var == 'SITE_LANGUAGE' && empty($data[$var])) {
$value = "'zh-cn'";
} elseif ($var == 'SITE_DOMAIN') {
$value = "'" . $config['SITE_DOMAIN'] . "'";
} elseif ($var == 'SITE_EXTEND_ID') {
$value = "'" . $config['SITE_EXTEND_ID'] . "'";
} else {
$value = $data[$var] == 'false' || $data[$var] == 'true' ? $data[$var] : "'" . $data[$var] . "'";
}
$body .= "\t'" . strtoupper($var) . "'" . $this->setspace($var) . " => " . $value . ", //" . $str . PHP_EOL;
}
$body .= PHP_EOL . ");";
file_put_contents(CONFIG_DIR . 'site' . DIRECTORY_SEPARATOR . $siteid . '.ini.php', $body);
$this->adminMsg(lang('success'), purl('site/config', array('id' => $siteid, 'typeid' => $this->post('typeid'))), 3, 1, 1);
}
//模板风格
$theme = '';
$file_list = file_list::get_file_list(VIEW_DIR);
foreach ($file_list as $t) {
if (is_dir(VIEW_DIR . $t) && strpos($t, 'mobile_') === false && !in_array($t, array('error', 'admin', 'index.html', 'install', 'mobile'))) {
$theme .= '<option value="' . $t . '" ' . ($config['SITE_THEME'] == $t ? 'selected' : '') . '>' . $t . '</option>';
}
}
$this->view->assign(array('site' => auth::check($this->roleid, 'site-index', 'admin') ? 1 : 0, 'data' => $config, 'theme' => $theme, 'langs' => file_list::get_file_list(EXTENSION_DIR . 'language' . DIRECTORY_SEPARATOR), 'typeid' => $this->get('typeid') ? $this->get('typeid') : 1, 'string' => $this->string, 'images' => file_list::get_file_list(EXTENSION_DIR . 'watermark' . DIRECTORY_SEPARATOR)));
$this->view->display('admin/site_config');
}
/**
* 删除
*/
public function delAction($id = 0, $all = 0)
{
if (!auth::check($this->roleid, 'form-del', 'admin')) {
$this->adminMsg(lang('a-com-0', array('1' => 'form', '2' => 'del')));
}
$id = $id ? $id : (int) $this->get('id');
$all = $all ? $all : $this->get('all');
$this->delFile($id);
$this->form->delete('id=' . (int) $id);
$all or $this->adminMsg(lang('success'), url('admin/form/list', array('modelid' => $this->modelid, 'cid' => $this->cid)), 3, 1, 1);
}
/**
* Show user profile
*
* @param string $username user username (optional)
*/
public function showProfile($username = null)
{
// Incandescence the APIHelper
$api = new \App\Helpers\ApiHelper();
// Is this profile being called publicly or privately
$isAccessedPublicly = empty($username) ? false : true;
// Abort if we are public and there is no username or its empty
if ($isAccessedPublicly && empty($username)) {
// Show the not found page
abort(404);
}
// Initiate created events by user
$eventsCreatedByUser = [];
// Get user info
if ($isAccessedPublicly) {
$url = 'users?filter[and][][username]=' . $username . '&with[]=updates&with[]=ticketInventories&with[]=friends&with[]=friendRequests&with[]=stripeManagedAccounts';
if (\Auth::check()) {
$url .= '&auth_user_id=' . \Auth::user()->id;
}
// Query by username
$user = $api->index($url);
// Set user data
$user = isset($user['data']['users'][0]) ? $user['data']['users'][0] : [];
// If user exists
if (!empty($user)) {
$eventUrl = 'events?filter[and][][user_id]=' . $user['id'] . '&with[]=times&filter[and][][is_published]=1&filter[and][][is_banned]=0&with[]=TicketsInventory';
if (\Auth::check()) {
$eventUrl .= '&auth_user_id=' . \Auth::user()->id;
}
$eventsCreatedByUser = $api->index($eventUrl);
$attendingUrl = 'events/attending/' . $user['id'];
if (\Auth::check()) {
$attendingUrl .= '?auth_user_id=' . \Auth::user()->id;
}
// Get events that this user is attending
$userEventsTimesAttending = $api->index($attendingUrl);
// Set events that this user is attending
$userEventsTimesAttending = isset($userEventsTimesAttending['data']['times']) ? $userEventsTimesAttending['data']['times'] : [];
$myEventsformatted = [];
$isFriend = false;
$isRequested = false;
if (isset($user['friendRequests']) && \Auth::user()) {
// Indexes and iterates through friend requests
foreach ($user['friendRequests'] as $index => $checkRequested) {
// If friend request id and auth id match, will display proper message in view
if ($checkRequested['id'] === \Auth::user()->id) {
$isRequested = true;
// Once match is found, stops iteration
break;
}
}
}
if (isset($userEventsTimesAttending)) {
foreach ($userEventsTimesAttending as $time) {
$myEventsformatted[] = ['title' => isset($time['event']['title']) ? $time['event']['title'] : null, 'start' => isset($time['start']) ? $time['start'] : null, 'end' => isset($time['end']) ? $time['end'] : null, 'url' => route('events.show', ['slug' => isset($time['event']['slug']) ? $time['event']['slug'] : null])];
}
}
// JSON encode
$myEventsformatted = addslashes(json_encode($myEventsformatted));
}
} else {
// Query by id of logged in user
$user = $api->index('users?filter[and][][id]=' . Auth::user()->id . '&with[]=updates&with[]=ticketInventories&with[]=stripeManagedAccounts&auth_user_id=' . \Auth::user()->id);
// Set user data
$user = isset($user['data']['users'][0]) ? $user['data']['users'][0] : [];
// If user exists
if (!empty($user)) {
$eventsCreatedByUser = $api->index('events?filter[and][][user_id]=' . \Auth::user()->id . '&with[]=times&filter[and][][is_published]=1&filter[and][][is_banned]=0&with[]=TicketsInventory&auth_user_id=' . \Auth::user()->id);
// Get events that this user is attending
$userEventsTimesAttending = $api->index('events/attending/' . \Auth::user()->id . '?auth_user_id=' . \Auth::user()->id);
// Set events that this user is attending
$userEventsTimesAttending = isset($userEventsTimesAttending['data']['times']) ? $userEventsTimesAttending['data']['times'] : [];
$myEventsformatted = [];
if (isset($userEventsTimesAttending)) {
foreach ($userEventsTimesAttending as $time) {
$myEventsformatted[] = ['title' => isset($time['event']['title']) ? $time['event']['title'] : null, 'start' => isset($time['start']) ? $time['start'] : null, 'end' => isset($time['end']) ? $time['end'] : null, 'url' => route('events.show', ['slug' => isset($time['event']['slug']) ? $time['event']['slug'] : null])];
}
}
// JSON encode
$myEventsformatted = addslashes(json_encode($myEventsformatted));
}
}
// Make sure we have data
if (empty($user)) {
// Show the not found page
abort(404);
}
$friendPost = [];
if (isset($user['friends']) && \Auth::user()) {
// Indexes and iterates through public user friends
foreach ($user['friends'] as $index => $checkFriend) {
// If auth user id and friend id matches, will display proper message in view
if ($checkFriend['id'] === \Auth::user()->id) {
$isFriend = true;
$friendPost = $checkFriend;
// Once match is found, stops iteration
break;
}
}
}
$eventsCreatedByUser = isset($eventsCreatedByUser['data']['events']) ? $eventsCreatedByUser['data']['events'] : [];
$url = 'events?filter[and][][isSponsored]=1&fields[]=id&fields[]=title' . '&fields[]=description&fields[]=slug&fields[]=isSponsored' . '&fields[]=featuredPhoto&limit=3&filter[and][][is_published]=1' . '&filter[and][][is_banned]=0';
if (auth::check()) {
$url .= '&auth_user_id=' . \Auth::user()->id;
}
// Get 3 sponsored events
$sponsoredEvents = $api->index($url);
// Give events a short variable to work with
$sponsoredEvents = isset($sponsoredEvents['data']['events']) ? $sponsoredEvents['data']['events'] : [];
// Get upload settings for evaporate.js
$uploadSettings = $api->index('settings/upload');
$uploadSettings = isset($uploadSettings['data']) ? $uploadSettings['data'] : [];
// Return view
return View::make('accounts.profile')->with(array('friendPost' => isset($friendPost) ? $friendPost : [], 'isFriend' => isset($isFriend) ? $isFriend : false, 'isRequested' => isset($isRequested) ? $isRequested : false, 'isAccessedPublicly' => $isAccessedPublicly, 'myEventsformatted' => $myEventsformatted, 'user' => $user, 'eventsCreatedByUser' => $eventsCreatedByUser, 'userEventsTimesAttending' => $userEventsTimesAttending, 'uploadSettings' => $uploadSettings, 'sponsoredEvents' => $sponsoredEvents));
}