public function create()
{
if (!isset($_POST['quantity']) || !isset($_POST['product_id']) || !isset($_POST['product_price'])) {
return call('pages', 'error');
}
if (isAdmin()) {
$_SESSION['alert'] = "Admin is not able to buy products";
return header("Location: index.php?controller=products&action=index");
}
if (!isset($_SESSION['id'])) {
$_SESSION['alert'] = "Please log in before shopping";
return header("Location: index.php?controller=products&action=index");
}
if (!Order::isValid($_SESSION['id'])) {
$_SESSION['alert'] = "Before you can buy products, you must provide necessary perfonal information";
return header("Location: index.php?controller=products&action=index");
}
if (!isset($_SESSION['orderID'])) {
$_SESSION['orderID'] = Order::create($_SESSION['id']);
}
require_once 'models/order_detail.php';
if (OrderDetail::check($_SESSION['orderID'], $_POST['product_id'])) {
OrderDetail::addQuantity($_SESSION['orderID'], $_POST['product_id'], $_POST['quantity']);
} else {
OrderDetail::create($_SESSION['orderID'], $_POST['product_id'], $_POST['product_price'], $_POST['quantity']);
}
$_SESSION['notice'] = "Added product to basket";
header("Location: index.php?controller=products&action=index");
}
public function find()
{
if (!$this->uri->segment(3)) {
show_404(current_url(), FALSE);
} else {
if ($this->data['Treasure'] = $this->treasure_model->get_by('md5', $this->uri->segment(3))) {
if (isFound($this->data['Treasure']->id, $this->session->userdata('id'))) {
$found = TRUE;
} else {
$found = FALSE;
if (isLoggedIn()) {
if (!isBanned($this->session->userdata('id'))) {
if (!isAdmin()) {
$this->mytreasure_model->insert(array('pirate' => $this->session->userdata('id'), 'treasure' => $this->data['Treasure']->id, 'time' => time()));
}
}
}
}
$this->data['found'] = $found;
$this->template->write_view('content', 'views/treasure/find', $this->data);
$this->template->render();
} else {
show_404(current_url(), FALSE);
}
}
}
/**
* Generate admin page;
*
* @return : (text) - html presentation data;
*/
function _actionAdministration($sOptionApiKey, $sLangSettingsTitle, $sLangInfoTitle = '', $sLangInfoText = '')
{
$GLOBALS['iAdminPage'] = 1;
if (!isAdmin()) {
$this->_redirect(BX_DOL_URL_ROOT);
}
// get sys_option's category id;
$iCatId = $this->_oDb->getSettingsCategoryId($sOptionApiKey);
if (!$iCatId) {
$sOptions = MsgBox(_t('_Empty'));
} else {
bx_import('BxDolAdminSettings');
$oSettings = new BxDolAdminSettings($iCatId);
$mixedResult = '';
if (isset($_POST['save']) && isset($_POST['cat'])) {
$mixedResult = $oSettings->saveChanges($_POST);
}
$sOptions = $oSettings->getForm();
if ($mixedResult !== true && !empty($mixedResult)) {
$sOptions = $mixedResult . $sOptions;
}
}
$sCssStyles = $this->_oTemplate->addCss('forms_adv.css', true);
$this->_oTemplate->pageCodeAdminStart();
if ($sLangInfoText) {
echo DesignBoxAdmin(_t($sLangInfoTitle), $GLOBALS['oSysTemplate']->parseHtmlByName('default_padding.html', array('content' => _t($sLangInfoText, BX_DOL_URL_ROOT))));
}
echo DesignBoxAdmin(_t('_Settings'), $GLOBALS['oSysTemplate']->parseHtmlByName('default_padding.html', array('content' => $sCssStyles . $sOptions)));
$this->_oTemplate->pageCodeAdmin(_t($sLangSettingsTitle));
}
/**
* Function will generate facebook's admin page;
*
* @return : (text) - html presentation data;
*/
function actionAdministration()
{
$GLOBALS['iAdminPage'] = 1;
if (!isAdmin()) {
header('location: ' . BX_DOL_URL_ROOT);
}
// get sys_option's category id;
$iCatId = $this->_oDb->getSettingsCategoryId('bx_facebook_connect_api_key');
if (!$iCatId) {
$sOptions = MsgBox(_t('_Empty'));
} else {
bx_import('BxDolAdminSettings');
$oSettings = new BxDolAdminSettings($iCatId);
$mixedResult = '';
if (isset($_POST['save']) && isset($_POST['cat'])) {
$mixedResult = $oSettings->saveChanges($_POST);
}
// get option's form;
$sOptions = $oSettings->getForm();
if ($mixedResult !== true && !empty($mixedResult)) {
$sOptions = $mixedResult . $sOptions;
}
}
$sCssStyles = $this->_oTemplate->addCss('forms_adv.css', true);
$this->_oTemplate->pageCodeAdminStart();
echo DesignBoxAdmin(_t('_bx_facebook_information'), $GLOBALS['oSysTemplate']->parseHtmlByName('default_padding.html', array('content' => _t('_bx_facebook_information_block', BX_DOL_URL_ROOT))));
echo DesignBoxAdmin(_t('_Settings'), $GLOBALS['oSysTemplate']->parseHtmlByName('default_padding.html', array('content' => $sCssStyles . $sOptions)));
$this->_oTemplate->pageCodeAdmin(_t('_bx_facebook_settings'));
}
public function serviceGetBlockFormInvite()
{
$iProfileId = $this->getProfileId();
$iAccountId = $this->getAccountId($iProfileId);
$mixedAllowed = $this->isAllowedInvite($iProfileId);
if ($mixedAllowed !== true) {
return array('content' => MsgBox($mixedAllowed));
}
$mixedInvites = false;
if (!isAdmin($iAccountId)) {
$iInvited = (int) $this->_oDb->getInvites(array('type' => 'count_by_account', 'value' => $iAccountId));
$mixedInvites = $this->_oConfig->getCountPerUser() - $iInvited;
if ($mixedInvites <= 0) {
return array('content' => MsgBox(_t('_bx_invites_err_limit_reached')));
}
}
$oForm = $this->getFormObjectInvite();
$oForm->aInputs['text']['value'] = _t('_bx_invites_msg_invitation');
$sResult = '';
$oForm->initChecker();
if ($oForm->isSubmittedAndValid()) {
$sEmails = bx_process_input($oForm->getCleanValue('emails'));
$sText = bx_process_pass($oForm->getCleanValue('text'));
$mixedResult = $this->invite(BX_INV_TYPE_FROM_MEMBER, $sEmails, $sText, $mixedInvites, $oForm);
if ($mixedResult !== false) {
$sResult = _t('_bx_invites_msg_invitation_sent', (int) $mixedResult);
} else {
$sResult = _t('_bx_invites_err_not_available');
}
$sResult = MsgBox($sResult);
}
return array('content' => $sResult . $oForm->getCode());
}
function getNavItem($key, $label)
{
$query =& Dataface_Application::getInstance()->getQuery();
if (!isAdmin()) {
switch ($key) {
case 'help':
return array('href' => DATAFACE_SITE_HREF . '?-action=help', 'label' => $label, 'selected' => $query['-action'] == 'help');
// non-admin users can see these
throw new Exception("Use default rendering");
}
// Non-admin users can't see any other table.
return null;
} else {
//Admin users can see everything..
switch ($key) {
case 'help':
// reports is not a table so we need to return custom properties.
return array('href' => DATAFACE_SITE_HREF . '?-action=help', 'label' => $label, 'selected' => $query['-action'] == 'help');
}
// For other actions we need to make sure that they aren't selected
// if the current action is reports because we want the 'reports'
// tab to be selected only in that case.
return array('selected' => $query['-table'] == $key and $query['-action'] != 'help');
}
}
function requireAdmin() {
global $service, $session;
if (isAdmin()) return true;
if (empty($session['id']) || !isLoggedIn()) requireLogin();
func::printError(_t('이 페이지에 접근할 권한이 없습니다.'));
requireLogin();
}
public function isRemoveAllowed($aCmt, $isPerformAction = false)
{
if (isAdmin()) {
return true;
}
return false;
}
function exec($args, $stdin, &$stdout, &$stderr, &$system)
{
if (!isAdmin())
{
$stderr = ucf(i18n("not enough rights to set initial metadata"));
return true;
}
if (empty($args))
{
$stdout = "Usage: maddinit [class name] [metadata name] [value]\n";
$stdout .= "Example: maddinit file_folder view thumbnail";
}
else
{
list($class_name, $name, $value) = splitArgs($args);
$return = setInitialMetadata($class_name, $name, $value);
if ($return === true)
$stdout = "Updated metadata successfully";
else
$stderr = $return;
}
return true;
}
function checkAdmin()
{
if (!isAdmin()) {
header('Location: login.php?msg=notAdmin');
exit;
}
}
function Profile()
{
parent::Controller();
$this->load->library('validation');
$this->load->library('session');
$this->load->model('user');
$this->auth->verificaLogin();
/*-------------validações------------*/
$rules['nome'] = "trim|required|xss_clean";
if (!isAdmin()) {
$rules['telefone'] = "trim|required|xss_clean";
}
$requerido = $this->pass_check($this->input->post('senha2'));
$rules['senha'] = "trim" . $requerido . "|callback_senha_check";
$requerido = $this->pass_check($this->input->post('senha'));
$rules['senha2'] = "trim|matches[senha3]" . $requerido;
$rules['senha3'] = "trim|" . $requerido;
$this->validation->set_rules($rules);
$fields['nome'] = 'Nome';
$fields['telefone'] = 'Telefone';
$fields['senha'] = 'Senha antiga';
$fields['senha2'] = 'Nova senha';
$fields['senha3'] = 'Confirmação da senha';
$this->validation->set_fields($fields);
$this->validation->set_message('required', 'O campo <i>%s</i> não pode ser vazio!');
$this->validation->set_message('senha_check', '%s não confere!');
$this->validation->set_message('valid_email', 'O campo <i>%s</i> não contém um email válido!');
$this->validation->set_message('matches', 'Senhas não conferem!');
$this->validation->set_error_delimiters('<small class="error">', '</small>');
}
function login()
{
$data = array('logged' => $this->auth->logged(), 'page_title' => 'Login', 'titulo' => 'Efetuar login');
if ($this->validation->run()) {
$dados = array('email' => $this->input->post('email'), 'senha' => md5($this->input->post('senha')));
$dados = $this->input->xss_clean($dados);
if ($this->user->loginUser($dados)) {
$user = $this->user->getUserDataByEmail($dados['email']);
$session_data = array('email' => $user['email'], 'logado' => true, 'nome' => $user['nome'], 'ativo' => $user['status']);
$this->session->set_userdata($session_data);
if (isAdmin()) {
if ($user['controle'] == 'first_login') {
$this->messages->add('Verificamos que esta é a primeira vez que está acessando o sistema, você precisa trocar a senha neste momento.', 'warning');
// Atualiza o controle de promeiro acesso
$dados = array('controle' => "");
$this->user->updateUser($dados);
redirect('profile');
die;
} else {
redirect('admin');
die;
}
} else {
redirect(getLastUri());
die;
}
}
$this->messages->add("Usuário ou senha inválida!");
}
$this->load->view('inicio', $data);
return false;
}
function getBlockCode_ActionList()
{
$sCode = null;
$sMainPrefix = $this->oConfig->getMainPrefix();
bx_import('BxDolSubscription');
$oSubscription = BxDolSubscription::getInstance();
$aButton = $oSubscription->getButton($this->iProfileId, $sMainPrefix, '', (int) $this->aFileInfo['medID']);
bx_import('BxDolAlbums');
$sProfileAlbumUri = BxDolAlbums::getAbumUri($this->oConfig->getGlParam('profile_album_name'), $this->iProfileId);
$aReplacement = array('favorited' => $this->aFileInfo['favorited'] == false ? '' : 'favorited', 'featured' => (int) $this->aFileInfo['Featured'], 'featuredCpt' => '', 'approvedCpt' => '', 'approvedAct' => '', 'moduleUrl' => BX_DOL_URL_ROOT . $this->oConfig->getBaseUri(), 'fileUri' => $this->aFileInfo['medUri'], 'fileKey' => $this->aFileInfo['Hash'], 'fileExt' => $this->aFileInfo['medExt'], 'iViewer' => $this->iProfileId, 'ID' => (int) $this->aFileInfo['medID'], 'Owner' => (int) $this->aFileInfo['medProfId'], 'OwnerName' => $this->aFileInfo['NickName'], 'AlbumUri' => $this->aFileInfo['albumUri'], 'Tags' => bx_php_string_apos($this->aFileInfo['medTags']), 'TitleAvatar' => $this->aFileInfo['medProfId'] == $this->iProfileId && 'sys_avatar' == getParam('sys_member_info_thumb') ? _t('_' . $sMainPrefix . '_set_as_avatar') : '', 'SetAvatarCpt' => $this->aFileInfo['medProfId'] == $this->iProfileId && $sProfileAlbumUri == $this->aFileInfo['albumUri'] && 'bx_photos_thumb' == getParam('sys_member_info_thumb') ? _t('_' . $sMainPrefix . '_set_as_avatar') : '', 'sbs_' . $sMainPrefix . '_title' => $aButton['title'], 'sbs_' . $sMainPrefix . '_script' => $aButton['script'], 'shareCpt' => $this->oModule->isAllowedShare($this->aFileInfo) ? _t('_Share') : '', 'cropCpt' => $this->oModule->isAllowedEdit($this->aFileInfo) && $this->aFileInfo['medProfId'] == $this->iProfileId ? _t('_bx_photos_crop_action') : '');
if (isAdmin($this->iProfileId)) {
$sMsg = $aReplacement['featured'] > 0 ? 'un' : '';
$aReplacement['featuredCpt'] = _t('_' . $sMainPrefix . '_action_' . $sMsg . 'feature');
}
if ($this->oModule->isAllowedApprove($this->aFileInfo)) {
$sMsg = '';
$iAppr = 1;
if ($this->aFileInfo['Approved'] == 'approved') {
$sMsg = 'de';
$iAppr = 0;
}
$aReplacement['approvedCpt'] = _t('_' . $sMainPrefix . '_admin_' . $sMsg . 'activate');
$aReplacement['approvedAct'] = $iAppr;
}
$sActionsList = $GLOBALS['oFunctions']->genObjectsActions($aReplacement, $sMainPrefix);
if (!is_null($sActionsList)) {
$sCode = $oSubscription->getData() . $sActionsList;
}
return $sCode;
}
function popup()
{
$ou = $_GET["ou"];
$t = $_GET["t"];
$ldap = new clladp();
$tpl = new templates();
$page = CurrentPageName();
if (!is_numeric($t)) {
$t = time();
}
$EnCryptedFunction = $_GET["EnCryptedFunction"];
if (strlen($EnCryptedFunction) > 3) {
$EnCryptedFunction = base64_decode($EnCryptedFunction) . "\n";
} else {
$EnCryptedFunction = null;
}
if ($ou == null) {
if (isAdmin()) {
$OUS = $ldap->hash_get_ou(true);
$FieldOu = Field_array_Hash($OUS, "ou-{$t}", null, null, null, 0, "font-size:18px");
} else {
$FieldOu = Field_hidden("ou-{$t}", $_SESSION["ou"]) . "<span style='font-size:18px'>{$_SESSION["ou"]}</span>";
}
} else {
$FieldOu = Field_hidden("ou-{$t}", $ou) . "<span style='font-size:18px'>{$_SESSION["ou"]}</span>";
}
$html = "\n\t\t\t\n\t<div id='animate-{$t}'></div>\t\t\n\t<table style='width:98%' class=form>\n\t\t<tr>\n\t\t <td class=legend style='font-size:18px'>{domain}:</td>\n\t\t <td>" . Field_text("domain-{$t}", null, "font-size:18px;font-weigth:bold", null, null, null, false, "AddDomainCk{$t}(event)") . "</td>\n\t\t</tr>\n\t\t<td class=legend style='font-size:18px'>{organization}:</td> \t\t\n\t\t <td>{$FieldOu}</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td colspan=2 align='right'>" . button("{add}", "AddDomain{$t}()", "20px") . "</td>\n\t\t</tr>\n\t</table>\n\t\t\t\t\t\n<script>\nvar x_AddDomain{$t}=function(obj){\n\tdocument.getElementById('animate-{$t}').innerHTML='';\n\tvar text;\n\ttext=obj.responseText;\n\tif(text.length>3){alert(text);return;}\n\t\$('#flexRT{$t}').flexReload();\n\tYahooUserHide();\n\t{$EnCryptedFunction}\n\t\n\t\n}\n\nfunction AddDomainCk{$t}(e){\n\tif(checkEnter(e)){ AddDomain{$t}();}\n}\n\nfunction AddDomain{$t}(){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('perform','yes');\n\tvar ou=document.getElementById('ou-{$t}').value;\n\tif(ou.length<3){alert('Organization:`'+ou+'` not supported');return;}\n\tXHR.appendData('ou',document.getElementById('ou-{$t}').value);\n\tXHR.appendData('domain',document.getElementById('domain-{$t}').value);\n\tAnimateDiv('animate-{$t}');\n\tXHR.sendAndLoad('{$page}', 'POST',x_AddDomain{$t}); \n}\n</script>\t\t\t\t\t\n";
echo $tpl->_ENGINE_parse_body($html);
}
/**
* Constructor
*
* Loads language files and models needed for this controller
*/
function ProjectCases()
{
parent::Controller();
//Check For Admin Logged in
if (!isAdmin()) {
redirect_admin('login');
}
//Get Config Details From Db
$this->config->db_config_fetch();
//Debug Tool
//$this->output->enable_profiler=true;
// loading the lang files
$this->lang->load('admin/common', $this->config->item('language_code'));
$this->lang->load('admin/dispute', $this->config->item('language_code'));
$this->lang->load('admin/validation', $this->config->item('language_code'));
//Load Models Common to all the functions in this controller
$this->load->model('common_model');
$this->load->model('admin_model');
$this->load->model('dispute_model');
$this->load->model('email_model');
$this->load->model('skills_model');
//Load helper files
$this->load->helper('form');
$this->load->helper('projectcases');
$this->load->helper('users');
}
function getMainMenu()
{
if (!isAdmin()) {
return '';
}
$sUri = $_SERVER['REQUEST_URI'];
$sPath = parse_url(BX_DOL_URL_ROOT, PHP_URL_PATH);
if ($sPath && $sPath != '/' && 0 == strncmp($sPath, $sUri, strlen($sPath))) {
$sUri = substr($sUri, strlen($sPath) - strlen($sUri));
}
$sUri = BX_DOL_URL_ROOT . $sUri;
$sFile = basename($_SERVER['PHP_SELF']);
$oPermalinks = new BxDolPermalinks();
$aMenu = $GLOBALS['MySQL']->getAll("SELECT `id`, `name`, `title`, `url`, `icon` FROM `sys_menu_admin` WHERE `parent_id`='0' ORDER BY `order`");
$aItems = array();
foreach ($aMenu as $aMenuItem) {
$aMenuItem['url'] = str_replace(array('{siteUrl}', '{siteAdminUrl}'), array(BX_DOL_URL_ROOT, BX_DOL_URL_ADMIN), $aMenuItem['url']);
$bActiveCateg = $sFile == 'index.php' && !empty($_GET['cat']) && $_GET['cat'] == $aMenuItem['name'];
$aSubmenu = $GLOBALS['MySQL']->getAll("SELECT * FROM `sys_menu_admin` WHERE `parent_id`='" . $aMenuItem['id'] . "' ORDER BY `order`");
$aSubitems = array();
foreach ($aSubmenu as $aSubmenuItem) {
$aSubmenuItem['url'] = $oPermalinks->permalink($aSubmenuItem['url']);
$aSubmenuItem['url'] = str_replace(array('{siteUrl}', '{siteAdminUrl}'), array(BX_DOL_URL_ROOT, BX_DOL_URL_ADMIN), $aSubmenuItem['url']);
if (!defined('BX_DOL_ADMIN_INDEX') && $aSubmenuItem['url'] != '' && (strpos($sUri, $aSubmenuItem['url']) !== false || strpos($aSubmenuItem['url'], $sUri) !== false)) {
$bActiveCateg = $bActiveItem = true;
} else {
$bActiveItem = false;
}
$aSubitems[] = BxDolAdminMenu::_getMainMenuSubitem($aSubmenuItem, $bActiveItem);
}
$aItems[] = BxDolAdminMenu::_getMainMenuItem($aMenuItem, $aSubitems, $bActiveCateg);
}
return $GLOBALS['oAdmTemplate']->parseHtmlByName('main_menu.html', array('bx_repeat:items' => $aItems));
}
function getRestriction()
{
$sWhereSQL = parent::getRestriction();
$oMain = $this->getAdsMain();
if (isset($this->aCurrent['third_restr']) && $this->aCurrent['third_restr'] != '') {
$sWhereSQL .= " AND {$this->aCurrent['third_restr']} ";
}
if (isset($this->aCurrent['custom_filter1']) && $this->aCurrent['custom_filter1'] != '') {
$sWhereSQL .= " AND {$this->aCurrent['custom_filter1']} ";
}
if (isset($this->aCurrent['custom_filter2']) && $this->aCurrent['custom_filter2'] != '') {
$sWhereSQL .= " AND {$this->aCurrent['custom_filter2']} ";
}
$bSpec = isAdmin();
$sSign = "<";
$sTimeCheck = " AND UNIX_TIMESTAMP() - `{$oMain->_oConfig->sSQLPostsTable}`.`LifeTime`*24*60*60 __sign__ `{$oMain->_oConfig->sSQLPostsTable}`.`DateTime`";
switch ($this->aCurrent['second_restr']) {
case 'expired':
$sSign = ">";
$bSpec = FALSE;
break;
case 'manage':
$sSign = "<";
$bSpec = FALSE;
break;
case 'outtime':
$sTimeCheck = "";
break;
}
if (!$bSpec) {
$sWhereSQL .= str_replace('__sign__', $sSign, $sTimeCheck);
}
return $sWhereSQL;
}
public function index()
{
if (isAdmin()) {
if (strtolower($_SERVER['REQUEST_METHOD']) == 'post') {
$todo_with_post = $this->input->post('todo');
if ($todo_with_post == 'udeast003') {
$this->Mdl_email_settings->setData('update', $this->input->post());
if ($this->Mdl_email_settings->update()) {
setInformUser('success', 'Email settings updated successfully.');
redirect('Email_settings', 'refresh');
} else {
setInformUser('error', 'Some error occured');
redirect('Email_settings', 'refresh');
}
}
} else {
$data['active'] = 2;
$data['email_settings'] = $this->Mdl_email_settings->toArray();
$this->load->view('admin/header', $data);
$this->load->view('index', $data);
$this->load->view('admin/footer');
}
} else {
setInformUser('error', 'You don\'t have the permission [\'access email settings \'].');
redirect(base_url('users'));
}
}
/**
* Smarty function
* -------------------------------------------------------------
* Purpose: Output multilang string
* add [{ oxmultilang ident="..." }] where you want to display content
* -------------------------------------------------------------
*
* @param array $params params
* @param Smarty &$smarty clever simulation of a method
*
* @return string
*/
function smarty_function_oxmultilang($params, &$smarty)
{
startProfile("smarty_function_oxmultilang");
$sIdent = isset($params['ident']) ? $params['ident'] : 'IDENT MISSING';
$iLang = null;
$blAdmin = isAdmin();
$oLang = oxLang::getInstance();
if ($blAdmin) {
$iLang = $oLang->getTplLanguage();
if (!isset($iLang)) {
$iLang = 0;
}
}
try {
$sTranslation = $oLang->translateString($sIdent, $iLang, $blAdmin);
} catch (oxLanguageException $oEx) {
// is thrown in debug mode and has to be caught here, as smarty hangs otherwise!
}
if ($blAdmin && $sTranslation == $sIdent && (!isset($params['noerror']) || !$params['noerror'])) {
$sTranslation = '<b>ERROR : Translation for ' . $sIdent . ' not found!</b>';
}
if ($sTranslation == $sIdent && isset($params['alternative'])) {
$sTranslation = $params['alternative'];
}
stopProfile("smarty_function_oxmultilang");
return $sTranslation;
}
/**
* Check if menu items are visible with extended checking
* @param $a menu item array
* @return boolean
*/
protected function _isVisible($a)
{
if ($a['name'] == 'studio' && !isAdmin()) {
return false;
}
return parent::_isVisible($a);
}
/**
* Change password
*/
public function actionChangepassword()
{
if (isAdmin()) {
$this->layout = '//layouts/main';
}
$model = new UserChangePassword();
if (Yii::app()->user->id) {
// ajax validator
if (isset($_POST['ajax']) && $_POST['ajax'] === 'changepassword-form') {
echo UActiveForm::validate($model);
Yii::app()->end();
}
if (isset($_POST['UserChangePassword'])) {
$model->attributes = $_POST['UserChangePassword'];
if ($model->validate()) {
//$new_password = User::model()->notsafe()->findbyPk(Yii::app()->user->id);
$new_password = User::model()->findbyPk(Yii::app()->user->id);
$new_password->password = UserModule::encrypting($model->password);
$new_password->activkey = UserModule::encrypting(microtime() . $model->password);
if ($new_password->save()) {
Yii::app()->user->setFlash('success', UserModule::t("Thay đổi mật khẩu thành công"));
$this->redirect(array("profile"));
} else {
Yii::app()->user->setFlash('error', UserModule::t("Thay đổi mật khẩu không thành công"));
}
}
}
$this->render('changepassword', array('model' => $model));
}
}
public function __construct()
{
parent::__construct();
if (!isAdmin()) {
redirect('admin/login');
}
}
function service($aToken)
{
if (!isAdmin($aToken['user_id'])) {
$this->errorOutput(403, 'access_denied', 'Only admin can access service endpoint');
return false;
}
bx_login($aToken['user_id'], false, false);
$sUri = bx_get('uri');
$sMethod = bx_get('method');
if (!($aParams = bx_get('params'))) {
$aParams = array();
} elseif (is_string($aParams) && preg_match('/^a:[\\d+]:\\{/', $aParams)) {
$aParams = @unserialize($aParams);
}
if (!is_array($aParams)) {
$aParams = array($aParams);
}
if (!($sClass = bx_get('class'))) {
$sClass = 'Module';
}
if (!BxDolRequest::serviceExists($sUri, $sMethod, $sClass)) {
$this->errorOutput(404, 'not_found', 'Service was not found');
return false;
}
$mixedRet = BxDolService::call($sUri, $sMethod, $aParams, $sClass);
$this->output(array('uri' => $sUri, 'method' => $sMethod, 'data' => $mixedRet));
}
function userNav()
{
global $_COOKIE;
$n['View realtime logs'] = "/";
$n['Settings'] = "/settings";
$n['Feedbacks'] = "/feedbacks";
if (isAdmin()) {
$n['Admin'] = "/admin";
}
$c = 1;
foreach ($n as $title => $link) {
if ($_SERVER['REQUEST_URI'] == $link || strpos($_SERVER['REQUEST_URI'], $link . "?") === 0) {
echo "<strong>" . htmlentities($title) . "</strong> ";
} else {
echo "<a href=\"{$link}\">" . htmlentities($title) . "</a> ";
}
if ($c++ != count($n)) {
echo " | ";
}
}
$allowed = getAllowed();
if (count($allowed)) {
$ru = isset($_COOKIE['requser']) ? $_COOKIE['requser'] : userName();
echo " | <select id=\"seluser\" onchange=\"switchUser()\">";
echo "<option value=\"\">" . utf8entities(userName()) . "</option>";
foreach ($allowed as $id) {
$name = getUsernameById($id);
$selected = $ru == $name ? "selected" : "";
echo "<option {$selected} value=\"" . urlencode($name) . "\">" . utf8entities($name) . "</option>";
}
echo "</select>";
}
}
public function POST($args)
{
if (!isAdmin()) {
return;
}
if (!isset($_POST['tournamentId'])) {
echo 'No tournament id given';
return;
}
if (!isset($_POST['teamAId'])) {
echo 'No team a id given';
return;
}
if (!isset($_POST['teamBId'])) {
echo 'No team b id given';
return;
}
if (!isset($_POST['date'])) {
echo 'No date given';
return;
}
if (!isset($_POST['finalType'])) {
echo 'No final type given';
return;
}
global $database;
try {
$id = $database->addMatch($_POST['teamAId'], $_POST['teamBId'], -1, -1, NULL, strtotime($_POST['date']), $_POST['tournamentId'], $_POST['finalType']);
header('Location: ' . SITE_URL . 'admin/match/' . $id . '/edit');
} catch (exception $e) {
$this->theme = 'error.php';
}
}
public function files()
{
if (!isAdmin()) {
exit(L('all.notlogin'));
}
$folders = F('folders');
$foldersoption = F('foldersoption');
$folderrow = $folders[I('get.folderid')];
import('ORG.Util.Page');
$attach = D('attachments');
$count = $attach->where($map)->count();
$Page = new \Org\Util\Page($count, 10);
$Page->rollPage = 5;
$show = $Page->show();
// 进行分页数据查询
$page = intval(I('get.page'));
$nowPage = isset($page) ? $page : 1;
$list = $attach->order('uploadtime DESC')->where('folderid=' . I('get.folderid'))->page($nowPage . ',' . $Page->listRows)->select();
$this->assign('list', $list);
// 赋值数据集
$this->assign('page', $show);
// 赋值分页输出
$this->assign('folderrow', $folderrow);
$this->assign('foldersoption', $foldersoption);
$this->display();
// 输出模板
}
function getBlockCode_ActionList()
{
$sCode = null;
$sMainPrefix = $this->oConfig->getMainPrefix();
bx_import('BxDolSubscription');
$oSubscription = BxDolSubscription::getInstance();
$aButton = $oSubscription->getButton($this->iProfileId, $sMainPrefix, '', (int) $this->aFileInfo['medID']);
$sCode .= $oSubscription->getData();
$aReplacement = array('favorited' => $this->aFileInfo['favorited'] == false ? '' : 'favorited', 'featured' => (int) $this->aFileInfo['Featured'], 'featuredCpt' => '', 'approvedCpt' => '', 'approvedAct' => '', 'moduleUrl' => BX_DOL_URL_ROOT . $this->oConfig->getBaseUri(), 'fileUri' => $this->aFileInfo['medUri'], 'iViewer' => $this->iProfileId, 'ID' => (int) $this->aFileInfo['medID'], 'Owner' => (int) $this->aFileInfo['medProfId'], 'OwnerName' => $this->aFileInfo['NickName'], 'AlbumUri' => $this->aFileInfo['albumUri'], 'sbs_' . $sMainPrefix . '_title' => $aButton['title'], 'sbs_' . $sMainPrefix . '_script' => $aButton['script'], 'shareCpt' => $this->oModule->isAllowedShare($this->aFileInfo) ? _t('_Share') : '', 'downloadCpt' => $this->oModule->isAllowedDownload($this->aFileInfo) ? _t('_Download') : '');
if (isAdmin($this->iProfileId)) {
$sMsg = $aReplacement['featured'] > 0 ? 'un' : '';
$aReplacement['featuredCpt'] = _t('_' . $sMainPrefix . '_action_' . $sMsg . 'feature');
}
if ($this->oModule->isAllowedApprove($this->aFileInfo)) {
$sMsg = '';
$iAppr = 1;
if ($this->aFileInfo['Approved'] == 'approved') {
$sMsg = 'de';
$iAppr = 0;
}
$aReplacement['approvedCpt'] = _t('_' . $sMainPrefix . '_admin_' . $sMsg . 'activate');
$aReplacement['approvedAct'] = $iAppr;
}
$aReplacement['repostCpt'] = $aReplacement['repostScript'] = '';
if (BxDolRequest::serviceExists('wall', 'get_repost_js_click')) {
$sCode .= BxDolService::call('wall', 'get_repost_js_script');
$aReplacement['repostCpt'] = _t('_Repost');
$aReplacement['repostScript'] = BxDolService::call('wall', 'get_repost_js_click', array($this->iProfileId, $sMainPrefix, 'add', (int) $this->aFileInfo['medID']));
}
$sActionsList = $GLOBALS['oFunctions']->genObjectsActions($aReplacement, $sMainPrefix);
if (is_null($sActionsList)) {
return '';
}
return $sCode . $sActionsList;
}
function index($info = "")
{
$menuList[] = array('id' => 1, 'name' => $this->spTextPanel['Website Manager'], 'url_section' => 'websites');
if (isAdmin()) {
$menuList[] = array('id' => 2, 'name' => $this->spTextPanel['User Manager'], 'url_section' => 'users');
}
if (isLoggedIn()) {
$menuList[] = array('id' => 3, 'name' => $this->spTextPanel['Reports Manager'], 'url_section' => 'report-manager');
}
if (isAdmin()) {
$menuList[] = array('id' => 4, 'name' => $this->spTextPanel['Seo Tools Manager'], 'url_section' => 'seo-tools-manager');
$menuList[] = array('id' => 5, 'name' => $this->spTextPanel['Seo Plugins Manager'], 'url_section' => 'seo-plugin-manager');
$menuList[] = array('id' => 6, 'name' => $this->spTextPanel['Directory Manager'], 'url_section' => 'directory-manager');
$menuList[] = array('id' => 11, 'name' => $this->spTextPanel['Search Engine Manager'], 'url_section' => 'se-manager');
$menuList[] = array('id' => 9, 'name' => $this->spTextPanel['Proxy Manager'], 'url_section' => 'proxy-manager');
$menuList[] = array('id' => 7, 'name' => $this->spTextPanel['System Settings'], 'url_section' => 'settings');
}
$menuList[] = array('id' => 8, 'name' => $this->spTextPanel['My Profile'], 'url_section' => 'my-profile');
$menuList[] = array('id' => 10, 'name' => $this->spTextPanel['About Us'], 'url_section' => 'about-us');
$menuSelected = empty($info['menu_selected']) ? 'websites' : urldecode($info['menu_selected']);
$this->set('menuList', $menuList);
$this->set('menuSelected', $menuSelected);
$startScript = empty($info['start_script']) ? "websites.php" : urldecode($info['start_script']);
if (!stristr($startScript, '.php')) {
$startScript .= ".php";
}
$arguments = "";
foreach ($info as $key => $value) {
if (!in_array($key, array('menu_selected', 'start_script'))) {
$arguments .= "&{$key}=" . urldecode($value);
}
}
$this->set('startFunction', "scriptDoLoad('{$startScript}', 'content', '{$arguments}')");
$this->render('adminpanel/adminpanel');
}
/**
* Displays the login page
*/
public function actionLogin()
{
if (Yii::app()->user->isGuest) {
$model = new UserLogin();
// collect user input data
if (isset($_POST['UserLogin'])) {
$model->attributes = $_POST['UserLogin'];
// validate user input and redirect to previous page if valid
if ($model->validate()) {
$this->lastViset();
if (Yii::app()->user->returnUrl == '/index.php') {
$this->redirect(Yii::app()->controller->module->returnUrl);
} else {
if (isAdmin()) {
$this->redirect(PIUrl::createUrl('/admin'));
}
$this->redirect(Yii::app()->user->returnUrl);
}
}
}
// display the login form
$this->render('/user/login', array('model' => $model));
} else {
if (isAdmin()) {
$this->redirect(PIUrl::createUrl('/admin'));
}
$this->redirect(Yii::app()->controller->module->returnUrl);
}
}
function guestOnly()
{
global $config;
if (isAdmin()) {
redirect($config['url']);
}
}
