コード例 #1
0
<?php

/**
 * @file views/pages/error.php
 * @author James Hogan (jh559)
 * @brief Simple view for displaying an error and back button.
 *
 * These are designed for when the user doesn't have permission to see some page.
 * It can provide an optional login button if the user is not already logged in.
 */
?>
<div class="BlueBox">
	<img align="left" src="<?php 
echo site_url('/images/prototype/homepage/error.png');
?>
" alt="error" width="30" height="30" />
	<?php 
echo @$_wikitext;
$CI =& get_instance();
if (isset($try_login['_text']) && !$CI->user_auth->isLoggedIn) {
    echo '<p>You are not currently logged in. ' . xml_escape($try_login['_text']) . '</p>';
    //echo('<p><a href="'.site_url('login/main'.$this->uri->uri_string()).'">Log in now</a></p>');
    echo HtmlButtonLink(site_url('login/main' . $this->uri->uri_string()), 'Log in');
}
if (isset($return['_text']) && isset($referer)) {
    echo HtmlButtonLink($referer, $return['_text']);
}
?>
</div>
コード例 #2
0
<?php

/**
 * @file views/general/return.php
 * @brief Simple view for displaying an error and back button.
 */
?>
<div class="BlueBox">
	<img align="left" src="/images/prototype/homepage/error.png" alt="error" width="30" height="30" />
	<h2><?php 
echo $Title;
?>
</h2>
	<?php 
echo $Description;
?>
	<?php 
echo HtmlButtonLink($Target, $Caption);
?>
</div>
コード例 #3
0
/**
 * @param $Permission string or array of the following levels (in the order that
 *	they are to be obtained:
 *	- 'public' - anyone
 *	- 'student' - must be logged on
 *	- 'vip' - must be logged on as a vip
 *	- 'vip+pr' - must be logged on as a vip or a pr rep
 *	- 'office' - must be in the office
 *	- 'pr' - must be in the office as a pr rep
 *	- 'editor' - must be in the office as an editor
 *	- 'admin' - must be in the office as an administrator
 * @param $LoadMainFrame bool Whether to load the mainframe if permision hasn't
 *	 yet been acquired (for the login screen).
 * @return bool Whether enough privilages.
 */
function CheckPermissions($Permission = 'public', $LoadMainFrame = TRUE, $NoPost = FALSE)
{
    // Start a session
    $CI =& get_instance();
    // Initialisation stuff
    $CI->load->library('messages');
    $CI->load->model('user_auth');
    $CI->load->model('pages_model');
    // Decide on output format
    if (isset($_POST['fb_sig'])) {
        /// @todo AUTHENTICATE FACEBOOK
        OutputMode('fbml');
        global $_SESSION;
        $_SESSION = array();
    } else {
        if (isset($_GET['opmode'])) {
            OutputMode($_GET['opmode']);
        } else {
            OutputMode(DefaultOutputMode());
        }
    }
    // If the output mode is not supported, show a 404
    if (!in_array(OutputMode(), OutputModes())) {
        show_404();
    }
    // Translate some auxilliary permissions
    $auxilliary_permissions = array('moderator' => 'editor');
    if (array_key_exists($Permission, $auxilliary_permissions)) {
        $Permission = $auxilliary_permissions[$Permission];
    }
    $user_level = GetUserLevel();
    // URL analysis regarding vip area
    $thru_viparea = $CI->uri->total_segments() >= 1 && $CI->uri->segment(1) === 'viparea';
    $thru_office_pr = $CI->uri->total_segments() >= 3 && $CI->uri->segment(1) === 'office' && $CI->uri->segment(2) === 'pr' && $CI->uri->segment(3) === 'org';
    $thru_office_manage = $CI->uri->total_segments() >= 2 && $CI->uri->segment(1) === 'office' && $CI->uri->segment(2) === 'manage';
    $company_short_name = $CI->config->Item('company_organisation_id');
    $organisation_specified = FALSE;
    if ($thru_viparea) {
        if ($CI->uri->total_segments() > 1) {
            $organisation_shortname = $CI->uri->segment(2);
            $organisation_specified = TRUE;
            VipSegments(2);
        } else {
            $organisation_shortname = $CI->user_auth->organisationShortName;
        }
        // don't allow access to vip area of the company, only through office/manage
        if ($organisation_shortname === $company_short_name) {
            $organisation_shortname = '';
            $CI->user_auth->logoutOrganisation();
            redirect('');
        }
        vip_url('viparea/' . $organisation_shortname . '/', TRUE);
    } elseif ($thru_office_pr) {
        $organisation_shortname = $CI->uri->segment(4);
        $organisation_specified = TRUE;
        VipSegments(4);
        vip_url('office/pr/org/' . $organisation_shortname . '/', TRUE);
    } elseif ($thru_office_manage) {
        $organisation_shortname = $company_short_name;
        $organisation_specified = TRUE;
        VipSegments(2);
        vip_url('office/manage/', TRUE);
    } else {
        $organisation_shortname = '';
    }
    VipOrganisation(FALSE, $organisation_shortname);
    VipOrganisation(TRUE, $CI->user_auth->organisationShortName);
    // Login actions for student/vip/office logins
    $student_login_action = array('redirect+url', 'login/main', 'post' => TRUE);
    if ($organisation_specified) {
        $vip_login_action = array('redirect+url', 'login/vipswitch/' . $organisation_shortname, 'post' => TRUE);
    } else {
        $vip_login_action = array('redirect+url', 'login/vip', 'post' => TRUE);
    }
    $office_login_action = array('redirect+url', 'login/office', 'post' => TRUE);
    // If vip+pr, use URI to decide which
    if ($Permission === 'vip+pr') {
        $Permission = $thru_viparea ? 'vip' : ($thru_office_pr ? 'pr' : ($thru_office_manage ? 'manage' : ''));
    } elseif ($Permission === 'vip') {
        $Permission = $thru_viparea ? 'vip' : ($thru_office_manage ? 'manage' : '');
    } elseif ($thru_office_pr && $Permission !== 'pr' || $thru_viparea && $Permission !== 'vip' || $thru_office_manage && $Permission !== 'manage') {
        $Permission = '';
    }
    // Matrix indexed by user level, then page level, of behaviour
    // Possible values:
    //	NULL/notset	http error 404
    //	TRUE		allowed
    //	array		specially handled
    //	otherwise	access denied
    if ($user_level === 'public') {
        $action_levels = array('public' => TRUE, 'student' => $student_login_action, 'vip' => $student_login_action, 'office' => $student_login_action, 'pr' => $student_login_action, 'editor' => $student_login_action, 'manage' => $student_login_action, 'admin' => $student_login_action);
    } elseif ($user_level === 'student') {
        $action_levels = array('public' => TRUE, 'student' => TRUE, 'vip' => $vip_login_action, 'office' => $office_login_action, 'pr' => $office_login_action, 'editor' => $office_login_action, 'manage' => $office_login_action, 'admin' => $office_login_action);
    } elseif ($user_level === 'organisation') {
        // Logged in from public as organisation
        $allow_vip = array_key_exists($organisation_shortname, $CI->user_auth->allTeams);
        $action_levels = array('public' => TRUE, 'student' => TRUE, 'vip' => $allow_vip, 'office' => FALSE, 'pr' => FALSE, 'editor' => FALSE, 'manage' => FALSE, 'admin' => FALSE);
        if ($allow_vip) {
            VipOrganisationId(FALSE, $CI->user_auth->allTeams[$organisation_shortname][0]);
            VipOrganisationName(FALSE, $CI->user_auth->allTeams[$organisation_shortname][1]);
            VipOrganisationId(TRUE, $CI->user_auth->organisationLogin);
            VipOrganisationName(TRUE, $CI->user_auth->organisationName);
            VipMode('viparea');
            VipLevel('write', TRUE);
        }
    } elseif ($user_level === 'vip') {
        // Logged in as student and in VIP area
        $vip_door_open_action = array('message', 'warning', HtmlButtonLink(site_url('logout/vip' . $CI->uri->uri_string()), 'Leave VIP Area') . $CI->pages_model->GetPropertyText('login:warn_open_vip', TRUE), TRUE);
        $allow_vip = array_key_exists($organisation_shortname, $CI->user_auth->allTeams);
        if ($allow_vip) {
            $vip_accessible = TRUE;
            VipOrganisationId(FALSE, $CI->user_auth->allTeams[$organisation_shortname][0]);
            VipOrganisationName(FALSE, $CI->user_auth->allTeams[$organisation_shortname][1]);
            VipOrganisationId(TRUE, $CI->user_auth->organisationLogin);
            VipOrganisationName(TRUE, $CI->user_auth->organisationName);
            VipMode('viparea');
            VipLevel('write', TRUE);
        } else {
            // check permissions to access this organisation
            $vip_organisations = $CI->user_auth->getOrganisationLogins();
            foreach ($vip_organisations as $organisation) {
                if ($organisation['organisation_directory_entry_name'] == $organisation_shortname) {
                    $vip_accessible = $vip_login_action;
                    break;
                }
            }
            if (!isset($vip_accessible)) {
                $vip_accessible = FALSE;
            }
        }
        $action_levels = array('public' => $vip_door_open_action, 'student' => $vip_door_open_action, 'vip' => $vip_accessible, 'office' => $office_login_action, 'pr' => $office_login_action, 'editor' => $office_login_action, 'manage' => $office_login_action, 'admin' => $office_login_action);
    } else {
        // Office
        // Door left open actions
        $office_door_open_action = array('message', 'warning', HtmlButtonLink(site_url('logout/office' . $CI->uri->uri_string()), 'Leave Office') . $CI->pages_model->GetPropertyText('login:warn_open_office', TRUE), TRUE);
        $admin_door_open_action = $office_door_open_action;
        // check permissions to access this organisation
        $manage_accessible = FALSE;
        $vip_organisations = $CI->user_auth->getOrganisationLogins();
        foreach ($vip_organisations as $organisation) {
            if ($organisation['organisation_directory_entry_name'] == $company_short_name) {
                $manage_accessible = TRUE;
                break;
            }
        }
        // Refine further
        if ($user_level === 'office') {
            $action_levels = array('public' => $office_door_open_action, 'student' => $office_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => 'pr', 'editor' => FALSE, 'manage' => FALSE, 'admin' => FALSE);
        } elseif ($user_level === 'editor') {
            $action_levels = array('public' => $office_door_open_action, 'student' => $office_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => TRUE, 'editor' => TRUE, 'manage' => $manage_accessible, 'admin' => FALSE);
        } elseif ($user_level === 'admin') {
            $action_levels = array('public' => $admin_door_open_action, 'student' => $admin_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => TRUE, 'editor' => TRUE, 'manage' => $manage_accessible, 'admin' => TRUE);
        }
        // Change an office user to pr if they rep for the organisation
        static $vipModes = array('pr' => 'office', 'manage' => 'manage');
        if (array_key_exists($Permission, $vipModes)) {
            // Get organisation information
            $CI->db->select('organisation_entity_id AS id,' . 'organisation_name AS name,' . 'organisation_pr_rep AS rep');
            $CI->db->join('entities', 'organisation_entity_id = entity_id', 'inner');
            $CI->db->where(array('organisation_directory_entry_name' => $organisation_shortname, 'entity_deleted = FALSE'));
            $matching_org = $CI->db->get('organisations')->result_array();
            if (empty($matching_org)) {
                $action_levels[$Permission] = FALSE;
            } else {
                $matching_org = $matching_org[0];
                if ($action_levels[$Permission] === 'pr') {
                    $action_levels[$Permission] = TRUE;
                    $rep = $matching_org['rep'] == $CI->user_auth->entityId;
                    if ($rep) {
                        VipLevel('rep', TRUE);
                    } else {
                        VipLevel('read', TRUE);
                    }
                } elseif ($action_levels[$Permission]) {
                    VipLevel('write', TRUE);
                }
                VipOrganisationId(FALSE, $matching_org['id']);
                VipOrganisationName(FALSE, $matching_org['name']);
                VipOrganisationId(TRUE, $matching_org['id']);
                VipOrganisationName(TRUE, $matching_org['name']);
                VipMode($vipModes[$Permission]);
            }
        }
    }
    $access_allowed = FALSE;
    // No permission set or NULL indicates page doesn't exist at this URI
    if (!array_key_exists($Permission, $action_levels) || NULL === $action_levels[$Permission]) {
        return show_404();
    } else {
        $action = $action_levels[$Permission];
        // True is allow
        if (TRUE === $action) {
            $access_allowed = TRUE;
        } elseif (is_array($action)) {
            // Array is special decider
            // Perform action
            switch ($action[0]) {
                case 'handle':
                    $access_allowed = $action[1]($action[2], $Permission);
                    if (array_key_exists(3, $action)) {
                        $CI->messages->AddMessage($action[3], $action[4], FALSE);
                    }
                    break;
                case 'redirect+url':
                    $action[1] .= $CI->uri->uri_string();
                case 'redirect':
                    if (array_key_exists(2, $action)) {
                        $CI->messages->AddMessage($action[2], $action[3]);
                    }
                    if (array_key_exists('post', $action) && $action['post']) {
                        // store post data
                        if (!empty($_POST)) {
                            SetRedirectData($action[1], serialize($_POST));
                        }
                    }
                    // Before redirecting, forward on the redirected post data
                    $post_data = GetRedirectData();
                    if (NULL !== $post_data) {
                        SetRedirectData($action[1], $post_data);
                    }
                    // Do the redirect
                    redirect($action[1]);
                    return FALSE;
                case 'message':
                    $CI->messages->AddMessage($action[1], $action[2], FALSE);
                    $access_allowed = $action[3];
                    break;
                default:
                    break;
            }
        } else {
            // Anything else is disallow
            $CI->messages->AddMessage('warning', 'You do not have the ' . $Permission . ' privilages required!');
            //redirect('');
        }
        // Restore post data
        if ((TRUE === $action || is_array($action)) && !$NoPost) {
            $post_data = GetRedirectData();
            if (NULL !== $post_data) {
                $post_data = @unserialize($post_data);
                if (is_array($post_data)) {
                    if (!isset($_POST)) {
                        global $_POST;
                        $_POST = array();
                    }
                    foreach ($post_data as $key => $value) {
                        $_POST[$key] = $value;
                    }
                }
            }
        }
    }
    if ('fbml' === OutputMode()) {
        $Permission = 'facebookapp';
    } elseif ('ajax' === OutputMode()) {
        $Permission = 'ajax';
    } elseif (FeedOutputMode()) {
        $Permission = 'feed';
    }
    SetupMainFrame($Permission, FALSE);
    if (!$access_allowed && $LoadMainFrame) {
        $CI->load->library('Custom_pages');
        $page = new CustomPageView('error:permissions');
        $CI->main_frame->SetContent($page);
        $CI->main_frame->Load();
    }
    return $access_allowed;
}
コード例 #4
0
 function HandleException($E)
 {
     $this->Disable();
     $CI =& get_instance();
     $CI->messages->AddMessage('information', 'You have logged out of facebook (reason: ' . xml_escape($E->getMessage()) . ')' . HtmlButtonLink(site_url('login/facebook' . $CI->uri->uri_string()), 'Log back in'));
 }
コード例 #5
0
 function password()
 {
     if (!CheckPermissions('vip+pr')) {
         return;
     }
     $this->pages_model->SetPageCode('viparea_settings_password');
     if ($this->user_auth->isUser) {
         $this->messages->AddMessage('error', 'Only accessible when logged in as ' . VipOrganisationName() . '.' . HtmlButtonLink(site_url('logout/main/login/main' . $this->uri->uri_string()), 'Relogin'));
     } else {
         $this->_SetupTabs('password');
         $data = array('main_text' => 'hello world! main text goes here. this will only be accessible when logged in as organisation as oposed to student/vip', 'change_password_target' => vip_url('account/password'));
         $this->load->helper('string');
         $this->main_frame->SetContentSimple('account/password_change', $data);
     }
     $this->main_frame->SetTitleParameters(array('organisation' => VipOrganisationName()));
     $this->main_frame->Load();
 }