public function run(&$params) { //>>1.定义不需要登陆验证的地址 $noCheck = array('Login/index', 'Verify/index'); //>>2.获取用户正在访问的url地址 $requestURL = CONTROLLER_NAME . '/' . ACTION_NAME; if (in_array($requestURL, $noCheck)) { return; } header('Content-Type: text/html;charset=utf-8'); //>>1.判定用户是否登陆 if (!isLogin()) { $loginService = D('Login', 'Service'); if (!$loginService->autoLogin()) { //进行自动登录, 如果没有自动登录,就转向登录页面 redirect(U('Login/index'), 1, '请登陆!'); } } //>>3.如果是超级管理员不用在判定权限 if (isSuperUser()) { return; } //>>2.判定登陆用户访问的url是否在他的权限范围之内 $urls = savePermissionURL(); if (!in_array($requestURL, $urls)) { exit('权限不足!请求联系管理员!'); } }
public function run(&$params) { // //判断当前访问的url在不在这个数组中,如果在就直接访问 $accessarr = array('Login/login', 'Login/logout'); $requestURL = CONTROLLER_NAME . '/' . ACTION_NAME; if (in_array($requestURL, $accessarr)) { return; } //判断用户是否登录,如果未登录直接重定向到登录页面 if (!islogin()) { $loginService = D('Login', 'Service'); $loginService->autoLogin(); redirect(U('Login/login'), 1, '请登陆!'); exit; } //判断是否是超级管理员 if (isSuperUser()) { return; } //最后在判断是否有访问某个控制器里方法的权限; $arr = userUrl(); $arr = array_column($arr, 'url'); if (!in_array($requestURL, $arr)) { echo "没有该权限"; exit; } }
function addToolbar($item) { $canDo = JHotelReservationHelper::getActions(); JRequest::setVar('hidemainmenu', 1); if ($canDo->get('core.create') && ($item->hotel_state == 0 || isSuperUser(JFactory::getUser()->id))) { JToolBarHelper::apply('hotel.apply'); JToolBarHelper::save('hotel.save'); } JToolBarHelper::cancel('hotel.cancel'); }
protected function addToolbar() { $canDo = JHotelReservationHelper::getActions(); JRequest::setVar('hidemainmenu', 1); if ($this->item->state == 0 || isSuperUser(JFactory::getUser()->id)) { if ($canDo->get('core.create')) { JToolBarHelper::apply('offer.apply'); JToolBarHelper::save('offer.save'); JToolBarHelper::custom('offer.saveAsNew', 'save.png', 'save.png', 'Duplicate', false, false); } } JToolBarHelper::cancel('offer.cancel'); }
function accessLevel($page) { global $tables, $access_levels; if (!$GLOBALS["require_login"] || isSuperUser()) { return "all"; } if (!isset($_SESSION["adminloggedin"])) { return 0; } if (!is_array($_SESSION["logindetails"])) { return 0; } ## for non-supers we only allow owner views ## this is likely to need tweaking return 'owner'; }
function checkHotels($userId, $hotels) { if (isSuperUser($userId) || isManager($userId)) { return $hotels; } $db = JFactory::getDBO(); $query = "SELECT b.hotel_id\r\n\t\t\t\t FROM #__users a,\r\n\t\t\t\t\t\t#__hotelreservation_user_hotel_mapping b\r\n\t\t\t\t\tWHERE a.id=b.user_id\r\n\t\t\t\t\t\t and a.id=" . $userId; $db->setQuery($query); $userHotels = $db->loadColumn(); if (count($userHotels) == 0) { return null; } for ($i = 0, $a = count($hotels); $i < $a; $i++) { $hotel = $hotels[$i]; if (!in_array($hotel->hotel_id, $userHotels) > 0) { unset($hotels[$i]); } } return $hotels; }
public function menu() { //向首页添加菜单栏数据,先判断是不是超级管理员 if (isSuperUser()) { $menuModel = D('Menu'); $result = $menuModel->getList('id,url,name,parent_id,level'); } else { $permissionIds = savePermissionID(); // dump($permissionIds); if ($permissionIds) { $permissionIdsStr = implode($permissionIds, ','); $sql = "select distinct m.id,m.name,m.url,m.level,m.parent_id from menu as m join menu_permission as mp on m.id = mp.menu_id where mp.permission_id in ({$permissionIdsStr})"; // dump($sql); $result = M()->query($sql); // dump($result);exit; } } $this->assign('menus', $result); $this->display('menu'); }
function accessLevel($page) { global $tables, $access_levels; if (!$GLOBALS["require_login"] || isSuperUser()) { return "all"; } if (!isset($_SESSION["adminloggedin"])) { return 0; } if (!is_array($_SESSION["logindetails"])) { return 0; } # check whether it is a page to protect Sql_Query("select id from {$tables["task"]} where page = \"{$page}\""); if (!Sql_Affected_Rows()) { return "all"; } $req = Sql_Query(sprintf('select level from %s,%s where adminid = %d and page = "%s" and %s.taskid = %s.id', $tables["task"], $tables["admin_task"], $_SESSION["logindetails"]["id"], $page, $tables["admin_task"], $tables["task"])); $row = Sql_Fetch_Row($req); return $access_levels[$row[0]]; }
} if ($delete) { Sql_Query(sprintf('delete from %s where id = %d', $tables["subscribepage"], $delete)); Sql_Query(sprintf('delete from %s where id = %d', $tables["subscribepage_data"], $delete)); Info($GLOBALS['I18N']->get('Deleted') . " {$delete}"); } print formStart('name="pagelist" class="spageEdit" '); print '<input type="hidden" name="active[-1]" value="1" />'; ## to force the active array to exist $ls = new WebblerListing($GLOBALS['I18N']->get('subscribe pages')); $req = Sql_Query(sprintf('select * from %s %s order by title', $tables["subscribepage"], $subselect)); while ($p = Sql_Fetch_Array($req)) { $ls->addElement($p["id"]); $ls->setClass($p["id"], 'row1'); $ls->addColumn($p["id"], $GLOBALS['I18N']->get('title'), stripslashes($p["title"])); if ($require_login && isSuperUser() || !$require_login) { $ls->addColumn($p["id"], $GLOBALS['I18N']->get('owner'), adminName($p["owner"])); if ($p["id"] == $default) { $checked = 'checked="checked"'; } else { $checked = ""; } $ls->addColumn($p["id"], $GLOBALS['I18N']->get('default'), sprintf('<input type="radio" name="default" value="%d" %s onchange="document.pagelist.submit()" />', $p["id"], $checked)); } else { $adminname = ""; $isdefault = ""; } $ls->addColumn($p["id"], s('active'), sprintf('<input type="checkbox" name="active[%d]" value="1" %s onchange="document.pagelist.submit()" />', $p["id"], $p["active"] ? 'checked="checked"' : '')); $ls->addRow($p["id"], $p["active"] ? '<span class="yes" title="' . $GLOBALS['I18N']->get('active') . '"></span>' : '<span class="no" title="' . $GLOBALS['I18N']->get('not active') . '"></span>', sprintf('<span class="edit"><a class="button" href="%s&id=%d" title="' . $GLOBALS['I18N']->get('edit') . '">%s</a></span>', PageURL2("spageedit", ""), $p["id"], $GLOBALS['I18N']->get('edit')) . sprintf('<span class="delete"><a class="button" href="javascript:deleteRec(\'%s\');" title="' . $GLOBALS['I18N']->get('delete') . '">%s</a></span>', PageURL2("spage", "", "delete=" . $p["id"]), $GLOBALS['I18N']->get('del')) . sprintf('<span class="view"><a class="button" href="%s&id=%d" title="' . $GLOBALS['I18N']->get('view') . '">%s</a></span>', getConfig("subscribeurl"), $p["id"], $GLOBALS['I18N']->get('view'))); } print $ls->display();
?> ">Dashboard</a> <a href="contacts.php" class="menubuttons <?php if ($pagetitle == "Contact" || $pagetitle == "ContactDetails") { echo "menubuttonsactive"; } ?> ">Contacts</a> <a href="campaigns.php" class="menubuttons <?php if ($pagetitle == "Campaigns") { echo "menubuttonsactive"; } ?> ">Campaigns</a> <?php if (isSuperUser($row_userinfo)) { ?> <a href="users.php" class="menubuttons <?php if ($pagetitle == "Users") { echo "menubuttonsactive"; } ?> ">Users</a> <?php } ?> <span class="headerright">Logged in as <?php echo $row_userinfo['user_email']; ?> | <a href="logout.php">Log Out</a> | <a href="profile.php">Update Profile</a> </span><br clear="all" />
echo $room->offer_id . "|" . $room->room_id . "|" . $room->current; ?> ][price][<?php echo $dayString; ?> ]" id="room_price_<?php echo $room->id; ?> _<?php echo $dayString; ?> " onBlur="setCustomPrice()" value="<?php echo $price; ?> " <?php if (!isSuperUser(JFactory::getUser()->id)) { echo "disabled"; } ?> > ( <?php echo number_format($room->daily[$dayString]["price_final"], 2); ?> ) </li> <?php $d = strtotime(date('Y-m-d', $d) . ' + 1 day '); } ?> </ul> </div>
$toList = ''; } print '<div class="actions"> ' . PageLinkButton('send&new=1' . $toList, s('Send a campaign')) . PageLinkButton('importsimple', s('Import some more emails')) . '</div>'; } if (!empty($rejectReport['invalid'])) { $report .= "\n\n" . s('Rejected email addresses') . ":\n"; $report .= $rejectReport['invalid']; } sendMail(getConfig("admin_address"), s('phplist Import Results'), $report); foreach ($GLOBALS['plugins'] as $pluginname => $plugin) { $plugin->importReport($report); } return; } if ($GLOBALS["require_login"] && !isSuperUser()) { $access = accessLevel("import1"); switch ($access) { case "owner": $subselectimp = " where owner = " . $_SESSION["logindetails"]["id"]; break; case "all": $subselectimp = ""; break; case "none": default: $subselectimp = " where id = 0"; break; } } if (isset($_GET['list'])) {
if ($GLOBALS["require_login"] && !isSuperUser()) { $access = accessLevel("bounce"); switch ($access) { case "all": $subselect = ""; break; case "none": default: $subselect = " and " . $tables["list"] . ".id = 0"; break; } } if (isset($start)) { echo "<br />" . PageLink2("bounces", $GLOBALS['I18N']->get('BackToBList'), "start={$start}") . "\n"; } if (isset($_GET["doit"]) && ($GLOBALS["require_login"] && isSuperUser() || !$GLOBALS["require_login"])) { if ($useremail) { $req = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $tables["user"], $useremail)); $userid = $req[0]; if (!$userid) { print "{$useremail} => " . $GLOBALS['I18N']->get('NotFound') . "\n"; } } if (isset($userid) && $amount) { Sql_Query(sprintf('update %s set bouncecount = bouncecount + %d where id = %d', $tables["user"], $amount, $userid)); if (Sql_Affected_Rows()) { print sprintf($GLOBALS['I18N']->get('AddedToB'), $amount, $userid) . "\n"; } else { print sprintf($GLOBALS['I18N']->get('AddedToB'), $amount, $userid) . "\n"; } }
Redirect('list&tab=' . $aListCategories[0]); } } print '<p class="total">' . $total . ' ' . $GLOBALS['I18N']->get('Lists') . '</p>'; $limit = ''; $query = ' select *' . ' from ' . $tables['list'] . $subselect . ' order by listorder ' . $limit; $result = Sql_query($query); $numlists = Sql_Affected_Rows($result); $ls = new WebblerListing(s('Lists')); /** Always Show a "list" of all subscribers * https://mantis.phplist.com/view.php?id=17433 * many users are confused when they have more subscribers than members of lists * this will avoid that confusion * we can only do this for superusers of course * */ if (SHOW_LIST_OFALL_SUBSCRIBERS && isSuperUser()) { $query = ' select count(u.id) as total,' . ' sum(u.confirmed) as confirmed, ' . ' sum(u.blacklisted) as blacklisted ' . ' from ' . $tables['user'] . ' u'; $req = Sql_Query($query); $membercount = Sql_Fetch_Assoc($req); $members = $membercount['confirmed']; $unconfirmedMembers = (int) ($membercount['total'] - $members); $desc = s('All subscribers'); if ($unconfirmedMembers > 0) { $membersDisplay = '<span class="memberCount" title="' . s('Confirmed members') . '">' . $members . '</span> <span class="unconfirmedCount" title="' . s('Unconfirmed members') . '">(' . $unconfirmedMembers . ')</span>'; } else { $membersDisplay = '<span class="memberCount">' . $members . '</span>'; } $element = '<!-- ' . $row['id'] . '-->' . s('All subscribers'); $ls->addElement($element); $ls->setClass($element, 'rows row1'); $ls->addColumn($element, $GLOBALS['I18N']->get('Members'), '<div style="display:inline-block;text-align:right;width:50%;float:left;">' . $membersDisplay . '</div><span class="view" style="text-align:left;display:inline-block;float:right;width:48%;"><a class="button " href="./?page=members&id=all" title="' . $GLOBALS['I18N']->get('View Members') . '">' . $GLOBALS['I18N']->get('View Members') . '</a></span>');
} ?> /><label for="active"><?php echo $GLOBALS['I18N']->get('Public list (listed on the frontend)'); ?> </label></div> <div class="label"><label for="listorder"><?php echo $GLOBALS['I18N']->get('Order for listing'); ?> </label></div> <div class="field"><input type="text" name="listorder" value="<?php echo $list["listorder"]; ?> " class="listorder" /></div> <?php if ($GLOBALS["require_login"] && (isSuperUser() || accessLevel("editlist") == "all")) { if (empty($list["owner"])) { $list["owner"] = $_SESSION["logindetails"]["id"]; } $admins = $GLOBALS["admin_auth"]->listAdmins(); if (sizeof($admins) > 1) { print '<div class="label"><label for="owner">' . $GLOBALS['I18N']->get('Owner') . '</label></div><div class="field"><select name="owner">'; foreach ($admins as $adminid => $adminname) { printf(' <option value="%d" %s>%s</option>', $adminid, $adminid == $list["owner"] ? 'selected="selected"' : '', $adminname); } print '</select></div>'; } else { print '<input type="hidden" name="owner" value="' . $_SESSION["logindetails"]["id"] . '" />'; } } else { print '<input type="hidden" name="owner" value="' . $_SESSION["logindetails"]["id"] . '" />';
function generate($title, $user, $object) { global $truncateText; $results = $object->GetList(array(array("onlineuser_onlineuserid", "=", $user->onlineuserId))); $alt = false; $rowclass = ""; if (count($results) > 0 || isSuperUser(false)) { $class = strtolower(get_class($object)); echo "<span class='adminrowheader'>{$title} Admin</span>"; if ($class != "platinum_membership" || isSuperUser(false)) { echo " - <a href='" . $class . "_form.php' class='newslarge'>create new</a>"; } echo "<div class=\"spacer\"></div>"; echo "<table class=\"table\">"; if (count($results) == 0) { if (isSuperUser(false)) { echo "<tr><td>"; echo "currently have no entries"; echo "</td></tr>"; } } else { $hasName = isset($results[0]->name); $hasHeading = isset($results[0]->heading); $hasDescription = isset($results[0]->description); $hasText = isset($results[0]->text); $hasLink = isset($results[0]->link); if ($class == "platinum_membership" || $class == "supplier" || $class == "gold_membership") { $hasStats = true; } else { $hasStats = false; } echo "<TR>"; if ($hasName) { echo "<TD>Name</td>"; } elseif ($hasHeading) { echo "<TD>Heading</td>"; } if ($hasDescription) { echo "<TD>Description</td>"; } elseif ($hasText) { echo "<TD>Text</td>"; } if ($hasLink) { echo "<TD>URL</td>"; } echo "<TD>Created</td>"; echo "<TD>Expires</td>"; echo "<td>Status</td>"; echo "<TD><!-- Functions --></td>"; if ($hasStats && isSuperUser(false)) { echo "<TD>Impressions</TD>"; echo "<TD>Clicks</TD>"; } echo "</tr>"; foreach ($results as $obj) { if ($alt) { $rowclass = "row_even"; } else { $rowclass = "row_odd"; } $alt = !$alt; echo "<tr>"; if ($hasName) { echo "<td class=\"{$rowclass}\">" . $obj->name . "</td>"; } else { if ($hasHeading) { echo "<td class=\"{$rowclass}\">" . $obj->heading . "</td>"; } } if ($hasDescription) { echo "<td class=\"{$rowclass}\">" . strip_tags(substr($obj->description, 0, $truncateText)) . "...</td>"; } else { if ($hasText) { echo "<td class=\"{$rowclass}\">" . strip_tags(substr($obj->text, 0, $truncateText)) . "...</td>"; } } if ($hasLink) { echo "<td class=\"{$rowclass}\">" . $obj->link . "</td>"; } echo "<td class=\"{$rowclass}\">" . FormatDateTime($obj->dt_created, 7) . "</td>"; echo "<td class=\"{$rowclass}\">" . FormatDateTime($obj->dt_expire, 7) . "</td>"; $classId = $class . "Id"; $status = $class . "_status"; //echo "</td>"; if ($obj->{$status} != "temp" && $obj->dt_expire <= date("Y-m-d")) { echo "<td class=\"{$rowclass}\">Expired</td><td class=\"{$rowclass}\"><ul>"; echo "<li><a href=\"renew.php?type={$class}&id=" . $obj->{$classId} . "\">Renew</a></li>"; } else { switch ($obj->{$status}) { case "temp": echo "<td class=\"{$rowclass}\">Temporary</td><td class=\"{$rowclass}\"><ul>"; echo "<li><a href=\"activate.php?type={$class}&id=" . $obj->{$classId} . "\">Activate</a></li>"; break; case "active": echo "<td class=\"{$rowclass}\">Active</td><td class=\"{$rowclass}\"><ul>"; if (isSuperUser(false)) { echo "<li><a href=\"deactivate.php?type={$class}&id=" . $obj->{$classId} . "\">Pause</a></li>"; } break; case "disabled": echo "<td class=\"{$rowclass}\">Paused</td><td class=\"{$rowclass}\"><ul>"; if (isSuperUser(false)) { echo "<li><a href=\"activate.php?type={$class}&id=" . $obj->{$classId} . "\">Continue</a></li>"; } break; } } echo "<li><a href=\"" . $class . "_form.php?id=" . $obj->{$classId} . "\">Modify</a></li>"; if (($class == "gold_membership" || $class == "supplier") && isSuperUser(false)) { echo "<li><a href=\"spotlight_form.php?type={$class}&membershipid=" . $obj->{$classId} . "\">Spotlight</a></li>"; } if (isSuperUser(false)) { echo "<li><a href=\"#\" onClick=\"sure('{$class}','" . $obj->{$classId} . "')\">Delete</a></li>"; } echo "</ul>"; echo "</td>"; if ($hasStats && isSuperUser(false)) { $stats = new Stats(); $results = $stats->GetList(array(array("objectname", "=", $class), array("objectid", "=", $obj->{$classId}))); // we should only get one object back in the array $statObject = $results[0]; echo "<TD class=\"{$rowclass}\">" . $statObject->impressions . "</td>"; echo "<TD class=\"{$rowclass}\">" . $statObject->clicks . "</td>"; } echo "</tr>"; } } echo "</table>"; } echo "<br/>"; echo "<br/>"; }
if (TEST) { print Info($GLOBALS['I18N']->get('Running in testmode, no emails will be sent. Check your config file.')); } if (version_compare(PHP_VERSION, '5.1.2', '<') && WARN_ABOUT_PHP_SETTINGS) { Error($GLOBALS['I18N']->get('phpList requires PHP version 5.1.2 or higher')); } if (defined("ENABLE_RSS") && ENABLE_RSS && !function_exists("xml_parse") && WARN_ABOUT_PHP_SETTINGS) { Warn($GLOBALS['I18N']->get('You are trying to use RSS, but XML is not included in your PHP')); } if (ALLOW_ATTACHMENTS && WARN_ABOUT_PHP_SETTINGS && (!is_dir($GLOBALS["attachment_repository"]) || !is_writable($GLOBALS["attachment_repository"]))) { if (ini_get("open_basedir")) { Warn($GLOBALS['I18N']->get('open_basedir restrictions are in effect, which may be the cause of the next warning')); } Warn($GLOBALS['I18N']->get('The attachment repository does not exist or is not writable')); } if (MANUALLY_PROCESS_QUEUE && isSuperUser() && empty($_GET['pi']) && (!isset($_GET['page']) || $_GET['page'] != 'processqueue' && $_GET['page'] != 'messages' && $_GET['page'] != 'upgrade')) { ## avoid error on uninitialised DB if (Sql_Table_exists($tables['message'])) { $queued_count = Sql_Fetch_Row_Query(sprintf('select count(id) from %s where status in ("submitted","inprocess") and embargo < now()', $tables['message'])); if ($queued_count[0]) { $link = PageLinkButton('processqueue', s('Process the queue')); $link2 = PageLinkButton('messages&tab=active', s('View the queue')); if ($link || $link2) { print Info(sprintf(s('You have %s message(s) waiting to be sent'), $queued_count[0]) . '<br/>' . $link . ' ' . $link2); } } } } } # always allow access to the about page if (isset($_GET['page']) && $_GET['page'] == 'about') {
function saveConfirmation($reservationDetails) { try { $reservaitonId = $reservationDetails->reservationData->userData->confirmation_id; if (count($reservationDetails->roomNotAvailable) > 0) { foreach ($reservationDetails->roomNotAvailable as $room) { $this->setError($room->room_name . " is not available between " . $reservationDetails->reservationData->userData->start_date . " and " . $reservationDetails->reservationData->userData->end_date); } return -1; } $startDate = $reservationDetails->reservationData->userData->start_date; $endDate = $reservationDetails->reservationData->userData->end_date; $reservaitonId = $this->storeConfirmation($reservationDetails); $this->deleteReservaitonRooms($reservaitonId); foreach ($reservationDetails->rooms as $room) { $confirmationRoomId = $this->storeConfirmationRooms($reservaitonId, $room); $this->storeConfirmationRoomPrices($confirmationRoomId, $room, $startDate, $endDate); } $this->deleteReservaitonExtraOptions($reservaitonId); if (isset($reservationDetails->reservationData->userData->extraOptionIds) && is_array($reservationDetails->reservationData->userData->extraOptionIds)) { //dmp($reservationDetails->extraOptions); foreach ($reservationDetails->reservationData->userData->extraOptionIds as $extraOptionId) { $extraOption = $this->getExtraOption($reservationDetails->extraOptions, $extraOptionId); $this->storeConfirmationExtraOptions($reservaitonId, $extraOption); } } if (isset($reservationDetails->reservationData->userData->guestDetails)) { $this->deleteGuestDetails($reservaitonId); $this->storeConfirmationGuestDetails($reservaitonId, $reservationDetails->reservationData->userData->guestDetails); } if (isset($reservationDetails->reservationData->userData->excursions)) { if (count($reservationDetails->excursions)) { foreach ($reservationDetails->excursions as $excursion) { $confirmationExcursionId = $this->storeConfirmationExcursions($reservaitonId, $excursion); $this->storeConfirmationExcursionPrices($confirmationExcursionId, $excursion, $startDate, $endDate); } } } if (!isSuperUser(JFactory::getUser()->id)) { $this->addUser($reservationDetails, $reservaitonId); } //exit; } catch (Exception $ex) { JError::raiseWarning(500, $ex->getMessage()); return false; } //exit; return $reservaitonId; }
function prepareVariablesBuckaroo() { //TODO - remove this - this is only to calculate exact amount $this->Reservation_Details_EMail = $this->getReservationDetails($this, false); $query = " \tSELECT *\r\n\t\tFROM #__hotelreservation_paymentprocessors\r\n\t\tWHERE is_available = 1 AND paymentprocessor_id = " . $this->payment_processor_sel_id . "\r\n\t\tORDER BY paymentprocessor_name\r\n\t\t"; $this->_db->setQuery($query); $configuration =& $this->_db->loadObject(); if ($configuration->paymentprocessor_type == PROCESSOR_BUCKAROO) { $buckaroo = new Buckaroo(); if ($configuration->paymentprocessor_mode == 'test') { $buckaroo->setPaymentServerUrl($configuration->paymentprocessor_address_devel); } else { $buckaroo->setPaymentServerUrl($configuration->paymentprocessor_address); } $buckaroo->setMerchantId($configuration->paymentprocessor_username); $buckaroo->setSecretKey($configuration->paymentprocessor_password); //$buckaroo->addPaymentMeanBrand("IDEAL,VISA,MASTERCARD"); $buckaroo->setCurrencyCode('EUR'); $buckaroo->setNormalReturnUrl(JURI::base() . "index.php/component/jhotelreservation/buckarooresponse"); $buckaroo->setAmount(my_round($this->total_cost > 0 ? $this->total_cost : $this->total - $this->total_payed, 2)); $isSuperUser = isSuperUser(JFactory::getUser()->id); //if(!$isSuperUser){ // $buckaroo->addRequestedService("iDEAL"); // $buckaroo->addRequestedService("transfer"); // $buckaroo->addRequestedService("Paypal"); // $buckaroo->addRequestedService("Mastercard"); // $buckaroo->addRequestedService("Visa"); // $buckaroo->addRequestedService("payperemail"); //} //$buckaroo->setAditionalService("creditmanagement"); $buckaroo->setInvoiceNumber($this->getStringIDConfirmation()); $buckaroo->setCulture('nl-NL'); ?> <form target='_self' name='form_<?php echo $configuration->paymentprocessor_type; ?> ' id= 'form_<?php echo $configuration->paymentprocessor_type; ?> ' method='post' action='<?php echo $buckaroo->getPaymentServerUrl(); ?> '> <div class='div_redirect_paysite'> <?php echo JText::_('LNG_WAIT_TO_REDIRECT_PAY_SITE', true); ?> </div> <?php echo $buckaroo->getHtmlFields(); ?> </form> <script> window.onload = function(){ //alert(document.forms['form_<?php echo $configuration->paymentprocessor_type; ?> ']); document.forms['form_<?php echo $configuration->paymentprocessor_type; ?> '].submit(); }; </script> <?php } }
$errorText .= "<LI>Your fax number is {$result}"; } } if (($result = validate($password, "password", 45, 6)) !== true) { $errorText .= "<LI>Your password is {$result}"; } if ($_POST["readTerms"] != "on") { $errorText .= "<LI>Please read the terms and then tick the box to proceed"; } if ($errorText == "") { $query = $db->Query("SELECT * FROM onlineuser WHERE email='" . $db->Escape($email) . "' LIMIT 1"); if ($db->Rows() > 0) { $errorText .= "<LI>The email address you have entered is taken"; } else { $user = new OnlineUser($email, $first_name, $last_name, $password, $address1, $address2, $address3, $postcode, $telephone, $fax, '', 'temp'); if (isSuperUser(false) && $status != "") { $user->user_status = $status; } $userId = $user->Save(); $user = $user->Get($userId); $created = strtotime($user->dt_created); $mail = new Emailer(); $mail->setTo($email); $mail->setFrom($configuration["fromEmail"]); $mail->setSubject("Fastfoodjobsuk Registration"); $url = "http://www.fastfoodjobsuk.co.uk/register_activate.php?email={$email}&code={$created}"; $mail->bodyAdd("Dear {$first_name} {$last_name}"); $mail->bodyAdd(""); $mail->bodyAdd("Thank you for registering with Fast Food Jobs but as we take your privacy seriously, we just wanted to check you did register with our site."); $mail->bodyAdd("In order to gain access to all of the web site functionality please click on here: {$url}"); $mail->bodyAdd("");
} else { print '-> ' . $GLOBALS['I18N']->get('unable to find original email'); } } function moveUser($userid) { global $tables; $newlist = $_GET['list']; Sql_Query(sprintf('delete from %s where userid = %d', $tables['listuser'], $userid)); Sql_Query(sprintf('insert into %s (userid,listid,entered) values(%d,%d,now())', $tables['listuser'], $userid, $newlist)); } function addUniqID($userid) { Sql_query(sprintf('update %s set uniqid = "%s" where id = %d', $GLOBALS['tables']['user'], getUniqID(), $userid)); } if ($require_login && !isSuperUser() || !$require_login || isSuperUser()) { $action_result = ''; $access = accessLevel('reconcileusers'); switch ($access) { case 'all': if (isset($_GET['option']) && $_GET['option']) { set_time_limit(600); switch ($_GET['option']) { case 'markallconfirmed': $list = sprintf('%d', $_GET['list']); if ($list == 0) { $action_result .= $GLOBALS['I18N']->get('Marking all subscribers confirmed'); Sql_Query("update {$tables['user']} set confirmed = 1"); } else { $action_result .= sprintf($GLOBALS['I18N']->get('Marking all subscribers on list %s confirmed'), ListName($list)); Sql_Query(sprintf('UPDATE %s, %s SET confirmed =1 WHERE %s.id = %s.userid AND %s.listid= %d', $tables['user'], $tables['listuser'], $tables['user'], $tables['listuser'], $tables['listuser'], $list));
$listsHTML .= '<br/>' . s('If you choose one list only, a checkbox for this list will not be displayed and the subscriber will automatically be added to this list.'); # } else { # $listsHTML .= s('If you choose one list only, a checkbox for this list will be displayed'); } } $listsHTML .= '</p>'; while ($row = Sql_Fetch_Array($req)) { $listsHTML .= sprintf('<label><input type="checkbox" name="list[%d]" value="%d" %s /> %s</label><div>%s</div>', $row['id'], $row['id'], in_array($row['id'], $selected_lists) ? 'checked="checked"' : '', stripslashes($row['name']), htmlspecialchars(stripslashes($row['description']))); } $listsHTML .= '</div>'; print $listsHTML; print '</div>'; // accordion $ownerHTML = $singleOwner = ''; $adminCount = 0; if ($GLOBALS['require_login'] && (isSuperUser() || accessLevel('spageedit') == 'all')) { if (!isset($data['owner'])) { $data['owner'] = 0; } $ownerHTML .= '<br/>' . $GLOBALS['I18N']->get('Owner') . ': <select name="owner">'; $admins = $GLOBALS['admin_auth']->listAdmins(); $adminCount = count($admins); foreach ($admins as $adminid => $adminname) { $singleOwner = '<input type="hidden" name="owner" value="' . $adminid . '" />'; $ownerHTML .= sprintf('<option value="%d" %s>%s</option>', $adminid, $adminid == $data['owner'] ? 'selected="selected"' : '', $adminname); } $ownerHTML .= '</select>'; if ($adminCount > 1) { print $ownerHTML; } else { print $singleOwner;
jQuery("#offer-form :input").attr("disabled", true); jQuery("#offer-form :select").attr("disabled", true); jQuery("#offer-form :a").attr("href", "#"); } </script> <form action="index.php" method="post" name="adminForm" id="offer-form"> <?php $options = array('onActive' => 'function(title, description){ description.setStyle("display", "block"); title.addClass("open").removeClass("closed"); }', 'onBackground' => 'function(title, description){ description.setStyle("display", "none"); title.addClass("closed").removeClass("open"); }', 'startOffset' => 0, 'useCookie' => true); if ($this->item->state == 1 && !isSuperUser(JFactory::getUser()->id)) { echo "<div class='message'>" . JText::_("LNG_OFEFR_LIVE_MODE_MESSAGE") . "</div>"; } echo JHtml::_('tabs.start', 'tab_room_edit', $options); echo JHtml::_('tabs.panel', JText::_('LNG_OFFER_DETAILS', true), 'tab1'); include dirname(__FILE__) . DS . 'offerdetails.php'; echo JHtml::_('tabs.panel', JText::_('LNG_ROOMS', true), 'tab2'); include dirname(__FILE__) . DS . 'rooms.php'; echo JHtml::_('tabs.panel', JText::_('LNG_ROOM_DETAILS', true), 'tab3'); include dirname(__FILE__) . DS . 'roomdetails.php'; echo JHtml::_('tabs.panel', JText::_('LNG_EXTRA_OPTIONS', true), 'tab4'); include dirname(__FILE__) . DS . 'extraoptions.php'; //echo JHtml::_('tabs.panel', JText::_('LNG_EXCURSION',true), 'tab5'); //include(dirname(__FILE__).DS.'excursions.php'); echo JHtml::_('tabs.panel', JText::_('LNG_PICTURES'), 'tab6'); include dirname(__FILE__) . DS . 'pictures.php';
$ls->addColumn($element, " ", PageLinkClass('upgrade', $GLOBALS['I18N']->get('Upgrade'), '', 'hometext')); $ls->setClass($element, "upgrade"); } if (checkAccess("dbcheck")) { $some = 1; $element = $GLOBALS['I18N']->get('dbcheck'); $ls->addElement($element, PageURL2("dbcheck")); $ls->addColumn($element, " ", PageLinkClass('dbcheck', $GLOBALS['I18N']->get('Check Database structure'), '', 'hometext')); $ls->setClass($element, "dbcheck"); } if (checkAccess("eventlog")) { $some = 1; $element = $GLOBALS['I18N']->get('eventlog'); $ls->addElement($element, PageURL2("eventlog")); $ls->addColumn($element, " ", PageLinkClass('eventlog', $GLOBALS['I18N']->get('View the eventlog'), '', 'hometext')); $ls->setClass($element, "view-log"); } if (checkAccess("admin") && $GLOBALS["require_login"] && !isSuperUser()) { $some = 1; $element = $GLOBALS['I18N']->get('admin'); $ls->addElement($element, PageURL2("admin")); $ls->addColumn($element, " ", PageLinkClass('admin', $GLOBALS['I18N']->get('Change your details (e.g. password)'), '', 'hometext')); $ls->setClass($element, "change-pass"); } if ($some) { print '<h3><a name="system">' . $GLOBALS['I18N']->get('System Functions') . '</a></h3>'; $ls->noShader(); $ls->noHeader(); print '<div>' . $ls->display() . '</div>'; } print '</div>';
if (name.indexOf(element.name) >= 0) document.folderlist.elements[i].checked = isset; } } </script> <?php require_once dirname(__FILE__) . '/accesscheck.php'; if (!ALLOW_IMPORT) { print '<p class="information">' . $GLOBALS['I18N']->get('import is not available') . '</p>'; return; } ob_end_flush(); print '<p class="button">' . $GLOBALS['I18N']->get('Import emails from IMAP folders') . '</p>'; $email_header_fields = array("to", "from", "cc", "bcc", "reply_to", "sender", "return_path"); if ($require_login && !isSuperUser()) { $access = accessLevel("import3"); if ($access == "owner") { $subselect = " where owner = " . $_SESSION["logindetails"]["id"]; } elseif ($access == "all") { $subselect = ""; } elseif ($access == "none") { $subselect = " where id = 0"; } } $result = Sql_query("SELECT id,name FROM " . $tables["list"] . " {$subselect} ORDER BY listorder"); while ($row = Sql_fetch_array($result)) { $available_lists[$row["id"]] = $row["name"]; $some = 1; } if (!$some) {
function checkAccess($page) { global $tables; if (!$GLOBALS["require_login"] || isSuperUser()) { return 1; } # check whether it Is a page to protect Sql_Query("select id from {$tables["task"]} where page = \"{$page}\""); if (!Sql_Affected_Rows()) { return 1; } $req = Sql_Query(sprintf('select level from %s,%s where adminid = %d and page = "%s" and %s.taskid = %s.id', $tables["task"], $tables["admin_task"], $_SESSION["logindetails"]["id"], $page, $tables["admin_task"], $tables["task"])); $row = Sql_Fetch_Row($req); if (!$row[0]) { return 0; } return 1; }
## we make one column with the subscriber status being "on" or "off" ## two columns are too confusing and really unnecessary # ON = confirmed && !blacklisted # $ls->addColumn($user["email"], $GLOBALS['I18N']->get('confirmed'), $user["confirmed"] ? $GLOBALS["img_tick"] : $GLOBALS["img_cross"]); # if (in_array("blacklist", $columns)) { $onblacklist = isBlackListed($user['email']); # $ls->addColumn($user["email"], $GLOBALS['I18N']->get('bl l'), $onblacklist ? $GLOBALS["img_tick"] : $GLOBALS["img_cross"]); # } if ($user['confirmed'] && !$onblacklist) { $ls_confirmed = $GLOBALS['img_tick']; } else { $ls_confirmed = $GLOBALS['img_cross']; } $ls_del = ''; # $ls->addColumn($user["email"], $GLOBALS['I18N']->get('del'), sprintf('<a href="%s" onclick="return deleteRec(\'%s\');">del</a>',PageUrl2('users'.$find_url), PageURL2("users&start=$start&delete=" .$user["id"]))); if (isSuperUser()) { $ls_del = sprintf('<a href="javascript:deleteRec(\'%s\');" class="del">del</a>', PageURL2("users&start={$start}&find={$find}&findby={$findby}&delete=" . $user['id'])); } /* if (isset ($user['foreignkey'])) { $ls->addColumn($user["email"], $GLOBALS['I18N']->get('key'), $user["foreignkey"]); } if (isset ($user["display"])) { $ls->addColumn($user["email"], " ", $user["display"]); } */ if (in_array('lists', $columns)) { $lists = Sql_query('SELECT count(*) FROM ' . $tables['listuser'] . ',' . $tables['list'] . ' where userid = ' . $user['id'] . ' and ' . $tables['listuser'] . '.listid = ' . $tables['list'] . '.id'); $membership = Sql_fetch_row($lists); $ls->addColumn($user['email'], $GLOBALS['I18N']->get('lists'), $membership[0]); } if (in_array('messages', $columns)) {
printf(' <a href="%s">%s</a>', getConfig("preferencesurl") . '&uid=' . $user["uniqid"], $GLOBALS['I18N']->get('update page')); printf(' <a href="%s">%s</a>', getConfig("unsubscribeurl") . '&uid=' . $user["uniqid"], $GLOBALS['I18N']->get('unsubscribe page')); print ' ' . PageLink2("userhistory&id={$id}", $GLOBALS['I18N']->get('History')); } else { $user = array(); $id = 0; print '<h1>' . $GLOBALS['I18N']->get('Add a new User') . '</h1>'; } print "<p><h3>" . $GLOBALS['I18N']->get('User Details') . "</h3>" . formStart() . "<table border=1>"; print "<input type=hidden name=list value={$list}><input type=hidden name=id value={$id}>"; print "<input type=hidden name=returnpage value={$returnpage}><input type=hidden name=returnoption value={$returnoption}>"; reset($struct); while (list($key, $val) = each($struct)) { list($a, $b) = explode(":", $val[1]); if ($key == "confirmed") { if (!$require_login || $require_login && isSuperUser()) { printf('<tr><td>%s (1/0)</td><td><input type="text" name="%s" value="%s" size=5></td></tr>' . "\n", $GLOBALS['I18N']->get($b), $key, $user[$key]); } else { printf('<tr><td>%s</td><td>%s</td></tr>', $b, $user[$key]); } } elseif ($key == "password" && ENCRYPTPASSWORD) { printf('<tr><td>%s (%s)</td><td><input type="text" name="%s" value="%s" size=30></td></tr>' . "\n", $GLOBALS['I18N']->get('encrypted'), $val[1], $key, ""); } elseif ($key == "blacklisted") { printf('<tr><td>%s</td><td>%s</td></tr>', $GLOBALS['I18N']->get($b), isBlackListed($user['email'])); } else { if (!strpos($key, '_')) { if (ereg("sys", $a)) { printf('<tr><td>%s</td><td>%s</td></tr>', $GLOBALS['I18N']->get($b), $user[$key]); } elseif ($val[1]) { printf('<tr><td>%s</td><td><input type="text" name="%s" value="%s" size=30></td></tr>' . "\n", $GLOBALS['I18N']->get($val[1]), $key, $user[$key]); }
} ++$i; } // Do import } else { file_put_contents($newfile . '.data', serialize($_POST)); print '<h3>' . s('Importing %d subscribers to %d lists, please wait', count($email_list), count($import_lists)) . '</h3>'; print $GLOBALS['img_busy']; print '<div id="progresscount" style="width: 200; height: 50;">Progress</div>'; print '<br/> <iframe id="import1" src="./?page=pageaction&action=import1&ajaxed=true&file=' . urlencode(basename($newfile)) . addCsrfGetToken() . '" scrolling="no" height="50"></iframe>'; } // end else # print '<p class="button">'.PageLink2("import1",$GLOBALS['I18N']->get('Import some more emails')).'</p>'; } else { echo FormStart(' enctype="multipart/form-data" name="import"'); if ($GLOBALS['require_login'] && !isSuperUser()) { $access = accessLevel('import1'); switch ($access) { case 'owner': $subselect = ' where owner = ' . $_SESSION['logindetails']['id']; break; case 'all': $subselect = ''; break; case 'none': default: $subselect = ' where id = 0'; break; } } $result = Sql_query('SELECT id,name FROM ' . $tables['list'] . "{$subselect} ORDER BY listorder");
// no direct access /** * @copyright Copyright (C) 2008-2009 CMSJunkie. All rights reserved. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU General Public License for more details. * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ defined('_JEXEC') or die('Restricted access'); $isSuperUser = isSuperUser(JFactory::getUser()->id); $cssDisplay = $isSuperUser ? "block" : "none"; $need_all_fields = true; ?> <div id="hotel_reservation"> <?php // require_once JPATH_COMPONENT_SITE.DS.'include'.DS.'reservationinfo.php'; require_once JPATH_COMPONENT_SITE . DS . 'include' . DS . 'reservationsteps.php'; ?> <form action="<?php echo JRoute::_('index.php'); ?> " method="post" name="userForm" id="userForm"> <div class="hotel_reservation ">