function login_as_button($uid, $upassword, $text = '', $attr = 'class="awesome small grey"') { if (user_has_permission('admin.accounts.can_login_as')) { $text = !$text ? lang('admin_login_as') : $text; return anchor(login_as_url($uid, $upassword), $text, $attr); } else { return ''; } }
function __construct() { parent::__construct(); $this->load->library('session'); $this->config->load('permissions', TRUE); $this->config->load('validations', TRUE); if (!$this->session->userdata('loggedin')) { redirect('sessions/login'); } if (!user_has_permission($this->session->userdata('loggedin_user'), $this->router->class, $this->router->method)) { redirect('/'); // show_error('Nu poti accesa pagina'); } $this->current_user = $this->session->userdata('loggedin_user'); }
protected function _groups_set_default() { if (!user_has_permission('admin.accounts.can_set_default_group')) { show_404(); } // -------------------------------------------------------------------------- if ($this->user_group_model->set_as_default($this->uri->segment(5))) { $this->session->set_flashdata('success', '<strong>Success!</strong> Group set as default successfully.'); } else { $this->session->set_flashdata('error', '<strong>Sorry,</strong> I could not set that group as the default user group. ' . $this->user_group_model->last_error()); } redirect('admin/accounts/groups'); }
?> </td> <td class="uses"><?php echo number_format($voucher->use_count); ?> </td> <td class="actions"> <?php $_buttons = array(); // -------------------------------------------------------------------------- if ($voucher->is_active) { if (user_has_permission('admin.shop.vouchers_deactivate')) { $_buttons[] = anchor('admin/shop/vouchers/deactivate/' . $voucher->id, 'Suspend', 'class="awesome small red confirm"'); } } else { if (user_has_permission('admin.shop.vouchers_activate')) { $_buttons[] = anchor('admin/shop/vouchers/activate/' . $voucher->id, 'Activate', 'class="awesome small green"'); } } // -------------------------------------------------------------------------- if ($_buttons) { foreach ($_buttons as $button) { echo $button; } } else { echo '<span class="blank">There are no actions you can do on this item.</span>'; } ?> </td> </tr> <?php
echo '</td>'; } else { echo '<td class="default error">'; echo '<span class="ion-close-circled"></span>'; echo '</td>'; } ?> <td class="actions"> <?php if (user_has_permission('admin.accounts.can_edit_group')) { echo anchor('admin/accounts/groups/edit/' . $group->id, lang('action_edit'), 'class="awesome small"'); } if (user_has_permission('admin.accounts.can_delete_group')) { echo anchor('admin/accounts/groups/delete/' . $group->id, lang('action_delete'), 'class="awesome small red confirm" data-body="This action is also not undoable." data-title="Confirm Delete"'); } if (user_has_permission('admin.accounts.can_set_default_group') && !$group->is_default) { echo anchor('admin/accounts/groups/set_default/' . $group->id, lang('accounts_groups_index_action_set_default'), 'class="awesome green small"'); } ?> </td> </tr> <?php } ?> </tbody> </table> </div>
if ($order->fulfilment_status == 'FULFILLED') { echo '<td class="fulfilment yes">' . lang('yes') . '</td>'; } else { echo '<td class="fulfilment no">' . lang('no') . '</td>'; } ?> <td class="actions"> <?php // Render buttons $_buttons = array(); // -------------------------------------------------------------------------- if (user_has_permission('admin.shop.orders_view')) { $_buttons[] = anchor('admin/shop/orders/view/' . $order->id, lang('action_view'), 'class="awesome small fancybox" data-fancybox-type="iframe"'); } // -------------------------------------------------------------------------- if (user_has_permission('admin.shop.orders_reprocess')) { $_buttons[] = anchor('admin/shop/orders/reprocess/' . $order->id, 'Process', 'class="awesome small confirm" data-title="Are you sure?" data-body="Processing the order again may result in multiple dispatch of items."'); } // -------------------------------------------------------------------------- if ($_buttons) { foreach ($_buttons as $button) { echo $button; } } else { echo '<span class="blank">There are no actions you can perform on this item.</span>'; } ?> </td> </tr> <?php }
retVal += charset.charAt(Math.floor(Math.random() * n)); } return retVal; } </script> </head> <body> <div id="header"> <div class="title"><a href="<?php echo url('/'); ?> ">WebMUM - Web Mailserver User Manager</a></div> <div class="header-menu"> <?php if (user_has_permission("admin")) { ?> <div class="header-button"> <a href="<?php echo url('admin'); ?> ">[Admin Dashboard]</a> </div> <div class="header-button"> <a href="<?php echo url('private'); ?> ">[Personal Dashboard]</a> </div> <?php }
if ($member->id == active_user('id') || user_has_permission('admin.accounts.can_edit_others')) { $_buttons[] = anchor('admin/accounts/edit/' . $member->id . $_return, lang('action_edit'), 'data-fancybox-type="iframe" class="edit fancybox-max awesome small grey"'); } // -------------------------------------------------------------------------- // Suspend user if ($member->is_suspended) { if (user_has_permission('admin.accounts.unsuspend')) { $_buttons[] = anchor('admin/accounts/unsuspend/' . $member->id . $_return, lang('action_unsuspend'), 'class="awesome small green"'); } } else { if (user_has_permission('admin.accounts.suspend')) { $_buttons[] = anchor('admin/accounts/suspend/' . $member->id . $_return, lang('action_suspend'), 'class="awesome small red"'); } } // -------------------------------------------------------------------------- if (user_has_permission('admin.accounts.delete') && $member->id != active_user('id') && $member->group_id != 1) { $_buttons[] = anchor('admin/accounts/delete/' . $member->id . $_return, lang('action_delete'), 'class="confirm awesome small red" data-title="Delete user "' . $member->first_name . ' ' . $member->last_name . '"?" data-body="' . lang('admin_confirm_delete') . '"'); } // -------------------------------------------------------------------------- // These buttons are variable between views foreach ($actions as $button) { $_buttons[] = anchor($button['url'] . $_return, $button['label'], 'class="awesome small ' . $button['class'] . '"'); } // -------------------------------------------------------------------------- // Render all the buttons, if any if ($_buttons) { foreach ($_buttons as $button) { echo $button; } } else { echo '<span class="not-editable">' . lang('accounts_index_noactions') . '</span>';
if ($user_edit->id != active_user('id') && user_has_permission('admin.accounts.can_login_as')) { $_buttons[] = login_as_button($user_edit->id, $user_edit->password, lang('admin_login_as') . ' ' . $user_edit->first_name, 'class="awesome" target="_parent"'); } // -------------------------------------------------------------------------- // Edit if ($user_edit->id != active_user('id') && user_has_permission('admin.accounts.delete')) { $_buttons[] = anchor('admin/accounts/delete/' . $user_edit->id . '?return_to=' . urlencode('admin/accounts'), lang('action_delete'), 'class="awesome red confirm" data-title="' . lang('admin_confirm_delete_title') . '" data-body="' . lang('admin_confirm_delete_body') . '"'); } // -------------------------------------------------------------------------- // Suspend if ($user_edit->is_suspended) { if (active_user('id') != $user_edit->id && user_has_permission('admin.accounts.unsuspend')) { $_buttons[] = anchor('admin/accounts/unsuspend/' . $user_edit->id . $return_string, lang('action_unsuspend'), 'class="awesome"'); } } else { if (active_user('id') != $user_edit->id && user_has_permission('admin.accounts.suspend')) { $_buttons[] = anchor('admin/accounts/suspend/' . $user_edit->id . $return_string, lang('action_suspend'), 'class="awesome red"'); } } ?> <?php if ($_buttons) { ?> <fieldset id="edit-user-actions"> <legend><?php echo lang('accounts_edit_actions_legend'); ?> </legend> <p> <?php
if ($attributes) { foreach ($attributes as $attribute) { echo '<tr>'; echo '<td class="label">'; echo $attribute->label; echo $attribute->description ? '<small>' . character_limiter(strip_tags($attribute->description), 225) . '</small>' : '<small>No Description</small>'; echo '</td>'; echo '<td class="count">'; echo !isset($attribute->product_count) ? 'Unknown' : $attribute->product_count; echo '</td>'; echo $this->load->view('_utilities/table-cell-datetime', array('datetime' => $attribute->modified), TRUE); echo '<td class="actions">'; if (user_has_permission('admin.shop.attribute_edit')) { echo anchor('admin/shop/manage/attribute/edit/' . $attribute->id . $is_fancybox, lang('action_edit'), 'class="awesome small"'); } if (user_has_permission('admin.shop.attribute_delete')) { echo anchor('admin/shop/manage/attribute/delete/' . $attribute->id . $is_fancybox, lang('action_delete'), 'class="awesome small red confirm" data-title="Are you sure?" data-body="This action cannot be undone."'); } echo '</td>'; echo '</tr>'; } } else { echo '<tr>'; echo '<td colspan="4" class="no-data">'; echo 'No Attributes, add one!'; echo '</td>'; echo '</tr>'; } ?> </tbody> </table>
<?php require_once 'lib/header.php'; require_once 'lib/lib_ne.php'; require_once 'lib/lib_users.php'; // TODO: permissions? check_logged(); $action = isset($_GET['act']) ? $_GET['act'] : ''; $tagset_id = get_current_tagset(); switch ($action) { case 'manual': $smarty->assign('content', get_wiki_page("nermanual/" . (int) $_GET['id'])); $smarty->display('static/doc/annotation.tpl'); break; default: $is_ner_mod = user_has_permission(PERM_NE_MODER); $smarty->assign('possible_guidelines', array(1 => "Default (2014)", 2 => "Dialogue Eval (2016)")); // TODO read from db $smarty->assign('is_ner_mod', $is_ner_mod); $smarty->assign('current_guideline', $tagset_id); $smarty->assign('page', get_books_with_NE($tagset_id, !$is_ner_mod)); $smarty->display($is_ner_mod ? 'ner/main-moderator.tpl' : 'ner/main.tpl'); } log_timing();
echo '</td>'; echo '<td class="max-po">'; echo $product_type->max_per_order ? $product_type->max_per_order : 'Unlimited'; echo '</td>'; echo '<td class="max-v">'; echo $product_type->max_variations ? $product_type->max_variations : 'Unlimited'; echo '</td>'; echo '<td class="count">'; echo !isset($product_type->product_count) ? 'Unknown' : $product_type->product_count; echo '</td>'; echo $this->load->view('_utilities/table-cell-datetime', array('datetime' => $product_type->modified), TRUE); echo '<td class="actions">'; if (user_has_permission('admin.shop.product_type_edit')) { echo anchor('admin/shop/manage/product_type/edit/' . $product_type->id . $is_fancybox, lang('action_edit'), 'class="awesome small"'); } if (user_has_permission('admin.shop.product_type_delete')) { echo anchor('admin/shop/manage/product_type/delete/' . $product_type->id . $is_fancybox, lang('action_delete'), 'class="awesome small red confirm" data-title="Are you sure?" data-body="This action cannot be undone."'); } echo '</td>'; echo '</tr>'; } } else { echo '<tr>'; echo '<td colspan="4" class="no-data">'; echo 'No Product_types, add one!'; echo '</td>'; echo '</tr>'; } ?> </tbody> </table>
function is_permitted($type='activity') { return user_has_permission($this->id, $type); }
foreach ($category->breadcrumbs as $bc) { $_breadcrumbs[] = $bc->label; } echo $_breadcrumbs ? '<small>' . implode(' › ', $_breadcrumbs) . '</small>' : '<small>Top Level Category</small>'; echo $category->description ? '<small>' . character_limiter(strip_tags($category->description), 225) . '</small>' : '<small>No Description</small>'; echo '</div>'; echo '</td>'; echo '<td class="count">'; echo !isset($category->product_count) ? 'Unknown' : $category->product_count; echo '</td>'; echo $this->load->view('_utilities/table-cell-datetime', array('datetime' => $category->modified), TRUE); echo '<td class="actions">'; if (user_has_permission('admin.shop.category_edit')) { echo anchor('admin/shop/manage/category/edit/' . $category->id . $is_fancybox, lang('action_edit'), 'class="awesome small"'); } if (user_has_permission('admin.shop.category_delete')) { echo anchor('admin/shop/manage/category/delete/' . $category->id . $is_fancybox, lang('action_delete'), 'class="awesome small red confirm" data-title="Are you sure?" data-body="This action cannot be undone."'); } echo '</td>'; echo '</tr>'; } } else { echo '<tr>'; echo '<td colspan="3" class="no-data">'; echo 'No Categories, add one!'; echo '</td>'; echo '</tr>'; } ?> </tbody> </table>
echo '<tr>'; echo '<td class="label">'; echo $tax_rate->label; echo '</td>'; echo '<td class="rate">'; echo $tax_rate->rate * 100 . '%'; echo '</td>'; echo '<td class="count">'; echo !isset($tax_rate->product_count) ? 'Unknown' : $tax_rate->product_count; echo '</td>'; echo $this->load->view('_utilities/table-cell-datetime', array('datetime' => $tax_rate->modified), TRUE); echo '<td class="actions">'; if (user_has_permission('admin.shop.tax_rate_edit')) { echo anchor('admin/shop/manage/tax_rate/edit/' . $tax_rate->id . $is_fancybox, lang('action_edit'), 'class="awesome small"'); } if (user_has_permission('admin.shop.tax_rate_delete')) { echo anchor('admin/shop/manage/tax_rate/delete/' . $tax_rate->id . $is_fancybox, lang('action_delete'), 'class="awesome small red confirm" data-title="Are you sure?" data-body="This action cannot be undone."'); } echo '</td>'; echo '</tr>'; } } else { echo '<tr>'; echo '<td colspan="4" class="no-data">'; echo 'No Tax_rates, add one!'; echo '</td>'; echo '</tr>'; } ?> </tbody> </table>
echo '</td>'; echo $this->load->view('_utilities/table-cell-datetime', array('datetime' => $collection->modified), TRUE); if ($collection->is_active) { echo '<td class="active success">'; echo '<span class="ion-checkmark-circled"></span>'; echo '</td>'; } else { echo '<td class="active error">'; echo '<span class="ion-close-circled"></span>'; echo '</td>'; } echo '<td class="actions">'; if (user_has_permission('admin.shop.collection_edit')) { echo anchor('admin/shop/manage/collection/edit/' . $collection->id . $is_fancybox, lang('action_edit'), 'class="awesome small"'); } if (user_has_permission('admin.shop.collection_delete')) { echo anchor('admin/shop/manage/collection/delete/' . $collection->id . $is_fancybox, lang('action_delete'), 'class="awesome small red confirm" data-title="Are you sure?" data-body="This action cannot be undone."'); } echo '</td>'; echo '</tr>'; } } else { echo '<tr>'; echo '<td colspan="4" class="no-data">'; echo 'No Collections, add one!'; echo '</td>'; echo '</tr>'; } ?> </tbody> </table>
<tbody> <?php if ($menus) { foreach ($menus as $menu) { echo '<tr class="menu" data-label="' . $menu->label . '">'; echo '<td class="label">'; echo $menu->label; echo $menu->description ? '<small>' . $menu->description . '</small>' : ''; echo '</td>'; $this->load->view('admin/_utilities/table-cell-user', $menu->modified_by); $this->load->view('admin/_utilities/table-cell-datetime', array('datetime' => $menu->modified)); echo '<td class="actions">'; if (user_has_permission('admin.cms.can_edit_menu')) { echo anchor('admin/cms/menus/edit/' . $menu->id, lang('action_edit'), 'class="awesome small"'); } if (user_has_permission('admin.cms.can_delete_menu')) { echo anchor('admin/cms/menus/delete/' . $menu->id, lang('action_delete'), 'data-title="Are you sure?" data-body="This will remove the menu from the site. This action cannot be undone." class="confirm awesome small red"'); } echo '</td>'; echo '</tr>'; } } else { echo '<tr>'; echo '<td colspan="4" class="no-data">'; echo 'No editable menus found'; echo '</td>'; echo '</tr>'; } ?> </tbody> </table>
function get_book_page($book_id, $full = false, $override_hidden = false) { if (!$override_hidden) { check_book_hidden($book_id); } $res = sql_pe("SELECT * FROM `books` WHERE `book_id`=? LIMIT 1", array($book_id)); if (!sizeof($res)) { throw new UnexpectedValueException(); } $out = array('id' => $book_id, 'title' => $res[0]['book_name'], 'select' => get_books_for_select(), 'is_wikinews' => $res[0]['parent_id'] == 56, 'is_chaskor_news' => $res[0]['parent_id'] == 226); get_book_tags($book_id, $out); //sub-books foreach (sql_pe("SELECT book_id, book_name FROM books WHERE parent_id=? ORDER BY book_name", array($book_id)) as $r) { $out['children'][] = array('id' => $r['book_id'], 'title' => $r['book_name']); } //parents $out['parents'] = array_reverse(get_book_parents($book_id)); //sentences if ($full) { $q = "SELECT p.`pos` ppos, par_id, s.sent_id, s.`pos` spos"; if (user_has_permission(PERM_ADDER)) { $q .= ", ss.status"; } $q .= "\nFROM paragraphs p\n LEFT JOIN sentences s\n USING (par_id)\n"; if (user_has_permission(PERM_ADDER)) { $q .= "LEFT JOIN sentence_check ss ON (s.sent_id = ss.sent_id AND ss.status=1 AND ss.user_id=" . $_SESSION['user_id'] . ")\n"; } $q .= "WHERE p.book_id = ?\n ORDER BY p.`pos`, s.`pos`"; $res = sql_pe($q, array($book_id)); $res1 = sql_prepare("SELECT tf_id, tf_text FROM tokens WHERE sent_id=? ORDER BY pos"); foreach ($res as $r) { sql_execute($res1, array($r['sent_id'])); $tokens = array(); while ($r1 = sql_fetch_array($res1)) { $tokens[] = array('text' => $r1['tf_text'], 'id' => $r1['tf_id']); } $new_a = array('id' => $r['sent_id'], 'pos' => $r['spos'], 'tokens' => $tokens); if (user_has_permission(PERM_ADDER)) { $new_a['checked'] = $r['status']; } $out['paragraphs'][$r['ppos']]['sentences'][] = $new_a; $out['paragraphs'][$r['ppos']]['id'] = $r['par_id']; } } else { $res = sql_pe("SELECT p.`pos` ppos, s.sent_id, s.`pos` spos FROM paragraphs p LEFT JOIN sentences s ON (p.par_id = s.par_id) WHERE p.book_id = ? ORDER BY p.`pos`, s.`pos`", array($book_id)); foreach ($res as $r) { $r1 = sql_fetch_array(sql_query("SELECT source, SUBSTRING_INDEX(source, ' ', 6) AS `cnt` FROM sentences WHERE sent_id=" . $r['sent_id'] . " LIMIT 1")); if ($r1['source'] === $r1['cnt']) { $out['paragraphs'][$r['ppos']]['sentences'][] = array('pos' => $r['spos'], 'id' => $r['sent_id'], 'snippet' => $r1['source']); continue; } $snippet = ''; $r1 = sql_fetch_array(sql_query("SELECT SUBSTRING_INDEX(source, ' ', 3) AS `start` FROM sentences WHERE sent_id=" . $r['sent_id'] . " LIMIT 1")); $snippet = $r1['start']; if ($snippet) { $snippet .= '... '; } $r1 = sql_fetch_array(sql_query("SELECT SUBSTRING_INDEX(source, ' ', -3) AS `end` FROM sentences WHERE sent_id=" . $r['sent_id'] . " LIMIT 1")); $snippet .= $r1['end']; $out['paragraphs'][$r['ppos']]['sentences'][] = array('pos' => $r['spos'], 'id' => $r['sent_id'], 'snippet' => $snippet); } } return $out; }
function check_moderator_right($user_id, $pool_id, $make_owner = false) { // the pool must have status=5 (under moderation) AND either: // - have no moderator // - or have this user as moderator // - or this user must be a supermoderator $res = sql_pe("SELECT `status`, moderator_id FROM morph_annot_pools WHERE pool_id = ? LIMIT 1", array($pool_id)); if ($res[0]['status'] != MA_POOLS_STATUS_MODERATION) { return false; } if ($res[0]['moderator_id'] == 0) { if ($make_owner) { sql_pe("UPDATE morph_annot_pools SET moderator_id=? WHERE pool_id=? LIMIT 1", array($user_id, $pool_id)); } } elseif ($res[0]['moderator_id'] != $user_id && !user_has_permission(PERM_MORPH_SUPERMODER)) { return false; } return true; }
case 'errata': $smarty->assign('errata', get_dict_errata(isset($_GET['all']), isset($_GET['rand']))); $smarty->display('dict/errata.tpl'); break; case 'pending': $skip = isset($_GET['skip']) ? $_GET['skip'] : 0; $smarty->assign('data', get_pending_updates($skip)); $smarty->display('dict/pending.tpl'); break; case 'reannot': update_pending_tokens($_POST['rev_id'], isset($_POST['smart_mode']) && $_POST['smart_mode'] == 'on'); header("Location:dict.php?act=pending"); break; case 'absent': $smarty->setCaching(Smarty::CACHING_LIFETIME_SAVED); $smarty->setCacheLifetime(3600); if (!is_cached('dict/absent.tpl')) { $smarty->assign('words', get_top_absent_words()); } $smarty->display('dict/absent.tpl'); break; default: $smarty->setCaching(Smarty::CACHING_LIFETIME_SAVED); $smarty->setCacheLifetime(600); if (!is_cached('dict/main.tpl', (int) user_has_permission(PERM_DICT))) { $smarty->assign('stats', get_dict_stats()); $smarty->assign('dl', get_downloads_info()); } $smarty->display('dict/main.tpl', (int) user_has_permission(PERM_DICT)); } log_timing();
<div class="<? if($page=='compose_email') echo "subMenuTabSelected"; else echo "subMenuTab"; ?>">Compose Email</div> </a></td> <td valign="top" class="subMenuTabWidth"><a href="<?php echo PAGE_COMMUNICATION; ?> ?section=lists" class="h1"> <div class="<? if($page=='lists') echo "subMenuTabSelected"; else echo "subMenuTab"; ?>">Manage Lists</div> </a></td> <td valign="top" class="subMenuTabWidth"><a href="<?php echo PAGE_COMMUNICATION; ?> ?section=subscribers" class="h1"> <div class="<? if($page=='subscribers') echo "subMenuTabSelected"; else echo "subMenuTab"; ?>">Contacts</div> </a></td> <!-- <? if(user_has_permission(18)) { ?> <td valign="top" class="subMenuTabWidth"><a href="<?php echo PAGE_COMMUNICATION; ?> ?section=compose_sms" class="h1"> <div class="<? if($page=='compose_sms') echo "subMenuTabSelected"; else echo "subMenuTab"; ?>"> Send SMS</div> </a></td> <? } ?> --> <td valign="top" class="subMenuTabWidth"><a href="<?php echo PAGE_COMMUNICATION; ?> ?section=import" class="h1"> <div class="<? if($page=='import') echo "subMenuTabSelected"; else echo "subMenuTab"; ?>">Import Subscribers</div> </a></td> <td valign="top" class="subMenuTabWidth"><a href="<?php
if (isset($_GET['tabs'])) { $smarty->assign('pool', get_morph_samples_page($_GET['pool_id'], true, 100)); header("Content-type: application/csv; charset=utf-8"); header("Content-disposition: attachment; filename=pool_" . (int) $_GET['pool_id'] . ".tab"); $smarty->display('qa/pool_tabs.tpl'); } else { $filter = isset($_GET['filter']) ? $_GET['filter'] : false; $matches = NULL; if ($filter && !user_has_permission(PERM_MORPH_MODER) && preg_match('/^user:(\\d+)$/', $filter, $matches)) { if ($matches[1] != $_SESSION['user_id']) { show_error("Можно просматривать только свои ответы."); return; } } $smarty->assign('sortby', isset($_GET['sortby']) ? $_GET['sortby'] : ''); $smarty->assign('pool', get_morph_samples_page($_GET['pool_id'], isset($_GET['ext']), $config['misc']['morph_annot_moder_context_size'], isset($_GET['skip']) ? $_GET['skip'] : 0, $filter, !user_has_permission(PERM_MORPH_MODER) || OPTION(OPT_MODER_SPLIT) == 1 ? $config['misc']['morph_annot_moder_page_size'] : 0, isset($_GET['sortby']) ? $_GET['sortby'] : '')); $smarty->display('qa/pool.tpl'); } break; case 'promote': check_permission(PERM_MORPH_MODER); promote_samples((int) $_GET['pool_type'], $_POST['type'], (int) $_POST[$_POST['type'] . "_n"], (int) $_POST['pools_num'], $_SESSION['user_id']); header("Location:pools.php?type=2"); break; case 'publish': publish_pool($_GET['pool_id']); header("Location:pools.php?type=2"); break; case 'unpublish': unpublish_pool($_GET['pool_id']); header("Location:pools.php?act=samples&pool_id=" . $_GET['pool_id']);
function check_permission($group) { if (!user_has_permission($group)) { throw new PermissionError(); } }
redirect(PAGE_COMMUNICATION); } break; } } if(!$_GET['section']) { if(user_has_permission(18)){ $default = 'templates'; } if(user_has_permission(17)){ $default = 'compose_email'; } if(user_has_permission(16)){ $default = 'queue'; } $_GET['section'] = $default; } $page = $_GET['section']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title><?=COMPANY_NAME?> :: Powered by Intelligence Center</title>
echo '</td>'; echo $this->load->view('_utilities/table-cell-datetime', array('datetime' => $range->modified), TRUE); if ($range->is_active) { echo '<td class="active success">'; echo '<span class="ion-checkmark-circled"></span>'; echo '</td>'; } else { echo '<td class="active error">'; echo '<span class="ion-close-circled"></span>'; echo '</td>'; } echo '<td class="actions">'; if (user_has_permission('admin.shop.range_edit')) { echo anchor('admin/shop/manage/range/edit/' . $range->id . $is_fancybox, lang('action_edit'), 'class="awesome small"'); } if (user_has_permission('admin.shop.range_delete')) { echo anchor('admin/shop/manage/range/delete/' . $range->id . $is_fancybox, lang('action_delete'), 'class="awesome small red confirm" data-title="Are you sure?" data-body="This action cannot be undone."'); } echo '</td>'; echo '</tr>'; } } else { echo '<tr>'; echo '<td colspan="4" class="no-data">'; echo 'No Ranges, add one!'; echo '</td>'; echo '</tr>'; } ?> </tbody> </table>
<tbody> <?php if ($sliders) { foreach ($sliders as $slider) { echo '<tr class="slider" data-label="' . $slider->label . '">'; echo '<td class="label">'; echo $slider->label; echo $slider->description ? '<small>' . $slider->description . '</small>' : ''; echo '</td>'; $this->load->view('admin/_utilities/table-cell-user', $slider->modified_by); $this->load->view('admin/_utilities/table-cell-datetime', array('datetime' => $slider->modified)); echo '<td class="actions">'; if (user_has_permission('admin.cms.can_edit_slider')) { echo anchor('admin/cms/sliders/edit/' . $slider->id, lang('action_edit'), 'class="awesome small"'); } if (user_has_permission('admin.cms.can_delete_slider')) { echo anchor('admin/cms/sliders/delete/' . $slider->id, lang('action_delete'), 'data-title="Are you sure?" data-body="This will remove the slider from the site. This action can be undone." class="confirm awesome small red"'); } echo '</td>'; echo '</tr>'; } } else { echo '<tr>'; echo '<td colspan="4" class="no-data">'; echo 'No editable sliders found'; echo '</td>'; echo '</tr>'; } ?> </tbody> </table>
} //some globals $smarty->assign('yandex_metrika_counter_id', $config['web']['yandex_metrika_counter_id']); $smarty->assign('is_admin', is_admin() ? 1 : 0); $smarty->assign('is_logged', is_logged() ? 1 : 0); if (is_logged()) { $smarty->assign('is_openid', is_user_openid($_SESSION['user_id']) ? 1 : 0); } $smarty->assign('user_permission_dict', user_has_permission(PERM_DICT) ? 1 : 0); $smarty->assign('user_permission_disamb', user_has_permission(PERM_DISAMB) ? 1 : 0); $smarty->assign('user_permission_adder', user_has_permission(PERM_ADDER) ? 1 : 0); $smarty->assign('user_permission_check_tokens', user_has_permission(PERM_CHECK_TOKENS) ? 1 : 0); $smarty->assign('user_permission_check_morph', user_has_permission(PERM_MORPH_MODER) ? 1 : 0); $smarty->assign('user_permission_merge', user_has_permission(PERM_MORPH_SUPERMODER) ? 1 : 0); $smarty->assign('user_permission_syntax', user_has_permission(PERM_SYNTAX) ? 1 : 0); $smarty->assign('user_permission_check_syntax', user_has_permission(PERM_SYNTAX_MODER) ? 1 : 0); $smarty->assign('readonly', file_exists($config['project']['readonly_flag']) ? 1 : 0); $smarty->assign('goals', $config['goals']); $smarty->assign('game_is_on', 0); //$smarty->configLoad(__DIR__.'/../templates/achievements/titles.conf', NULL); // smarty->configLoad is a piece of shit which can not handle multiple sections at once. // reverting to something much simplier. $titles = json_decode(file_get_contents(__DIR__ . '/../templates/achievements/titles.json'), TRUE); $smarty->assign('achievements_titles', $titles); if (is_logged()) { if (game_is_on()) { $smarty->assign('game_is_on', 1); $am = new AchievementsManager($_SESSION['user_id']); $smarty->assign('achievements', $a = $am->pull_all()); $smarty->assign('achievements_unseen', array_filter($a, function ($e) { return !$e->seen;
} echo '</small>'; echo '</div>'; echo '</td>'; $this->load->view('admin/_utilities/table-cell-user', $page->modified_by); $this->load->view('admin/_utilities/table-cell-datetime', array('datetime' => $page->modified)); echo '<td class="actions">'; echo anchor($page->published->url, lang('action_view'), 'class="awesome small" target="_blank"'); if (user_has_permission('admin.cms.can_edit_page')) { echo anchor('admin/cms/pages/edit/' . $page->id, lang('action_edit'), 'class="awesome small"'); if (!$page->is_published || $_published_hash !== $_draft_hash) { echo anchor('admin/cms/pages/publish/' . $page->id, lang('action_publish'), 'data-title="Are you sure?" data-body="Publish this page immediately?" class="confirm awesome green small"'); } } //echo anchor( $page->url . '?is_preview=1', lang( 'action_preview' ), 'target="_blank" class="fancybox awesome small green" data-fancybox-type="iframe" data-width="100%" data-height="100%"' ); if (user_has_permission('admin.cms.can_delete_page')) { echo anchor('admin/cms/pages/delete/' . $page->id, lang('action_delete'), 'data-title="Are you sure?" data-body="This will remove the page, and any of it\'s children, from the site." class="confirm awesome small red"'); } echo '</td>'; echo '</tr>'; } } else { echo '<tr>'; echo '<td colspan="4" class="no-data">'; echo 'No editable pages found'; echo '</td>'; echo '</tr>'; } ?> </tbody> </table>
function recurse_pages($id = 0, $level = 0) { $level++; $sql = "SELECT * FROM page_content WHERE parent = " . $id . " ORDER BY page_content_title ASC"; $pageResults = dbQuery($sql); $count = 0; while ($pInfo = dbFetchArray($pageResults)) { $padding = 18 * $level; if ($level != 1) { $style = "style=\"padding-left:" . ($padding + 18) . "px; background-repeat:no-repeat; background-position:" . $padding . "px 0px; background-image:url(images/directory_arrow.gif);\""; } else { $class = ""; } //SECURITY CHECK //ONLY SHOW PAGES THAT THE USER HAS ACCESS TOO $row = $count % 2; echo "<tr>\n"; echo "<td nowrap width=\"1\">\n"; if ($pInfo['page_content_member']) { echo "<a href=\"javascript:void(0);\" title=\"Membership Required\"><img src=\"images/icons/lock_16x16.gif\" border=\"0\"><a>"; } echo "</td>\n"; echo "<td nowrap width\"1\">" . date('m/d/Y', $pInfo['page_content_publish_date']) . "</td>\n"; echo "<td " . $style . "><a href=\"" . PAGE_MANAGE . "?action=edit§ion=webpage&id=" . $pInfo['page_content_id'] . "\">" . output($pInfo['page_content_title']) . "</a></td>\n"; echo "<td nowrap width\"1\">"; if ($pInfo['page_content_status'] == 'pending') { echo "<span class=\"textPending\">Pending</span>"; } else { if ($pInfo['page_content_status'] == 'published') { echo "<span class=\"textActive\">Published</span>"; } else { echo "<span class=\"textInactive\">Unpublished</span>"; } } echo "</td>\n"; echo "<td nowrap width\"1\">\n"; echo "<span class=\"smallText\"><abbr title=\"by " . getAuthor($pInfo['page_content_author']) . "\" style=\"margin:2px;\">Created: " . date('m/d/y g:i a', $pInfo['page_content_added']) . " </abbr></span>\n"; //check to see if this page has been edited //display $modifiedResults = dbQuery('SELECT * FROM page_content_log WHERE page_content_id = ' . $pInfo['page_content_id'] . ' LIMIT 1'); if (dbNumRows($modifiedResults)) { $m = dbFetchArray($modifiedResults); echo "<br>"; echo "<span class=\"smallText\" style=\"font-style:italic;\"><abbr style=\"margin:2px;\" title=\"by " . getAuthor($m['user_id']) . "\">Last Modified: " . date('m/d/y g:i a', $m['page_content_log_timestamp']) . "</abbr></span>"; } echo "</td>\n"; echo "<td align=\"right\" >"; if ($level == 1) { echo "<a class=\"table_addsubpage_link\" href=\"" . PAGE_PUBLISH . "?section=webpage&parent=" . $pInfo['page_content_id'] . "\" title=\"Add Sub Page\">Add Subpage</a>"; echo " "; } if (user_has_permission('banners')) { //echo "<a class=\"table_banner_link\" href=\"".PAGE_MANAGE."?action=banners§ion=webpage&id=".$pInfo['page_content_id']."\" title=\"Add Banner\">Advert</a>\n"; //echo " "; } if (user_has_permission('content') && user_has_page_permissions($pInfo['page_content_id'])) { echo "<a class=\"table_edit_link\" href=\"" . PAGE_MANAGE . "?action=edit§ion=webpage&id=" . $pInfo['page_content_id'] . "\" title=\"Edit " . output($pInfo['page_content_title']) . "\">Edit</a>\n"; echo " "; } if (user_has_permission('admin')) { echo "<a class=\"table_delete_link\" href=\"" . PAGE_MANAGE . "?action=delete§ion=webpage&id=" . $pInfo['page_content_id'] . "\" title=\"Delete " . output($pInfo['page_content_title']) . "\" onclick=\"return confirm('Are you sure you want to delete this page? THIS IS NOT UNDOABLE');\">Delete</a>\n"; } echo "</td>\n"; echo "</tr>\n"; recurse_pages($pInfo['page_content_id'], $level); $count++; } }
<tr> <td class="navCell"> </td> <td class="navCell"><a href="index.php"><div id="publish" class="<? if(this_php == 'index.php') echo "cpNavOn"; else echo "cpNavOff"; ?>">Dashboard</div></a></td> <? if(user_has_permission('content_publisher') ) { ?> <td class="navCell"><a href="publish.php"><div id="publish" class="<? if(this_php == 'publish.php') echo "cpNavOn"; else echo "cpNavOff"; ?>">Publish</div></a></td> <? } ?> <? if(user_has_permission('content') ) { ?> <td class="navCell"><a href="manage.php"><div id="publish" class="<? if(this_php == 'manage.php') echo "cpNavOn"; else echo "cpNavOff"; ?>">Manage</div></a></td> <? } ?> <? if(user_has_permission('content') ) { ?> <td class="navCell"><a href="store.php"><div id="store" class="<? if(this_php == 'store.php') echo "cpNavOn"; else echo "cpNavOff"; ?>">Store</div></a></td> <? } ?> <? if(user_has_permission('communication') ) { ?> <td class="navCell"><a href="communication.php"><div id="publish" class="<? if(this_php == 'communication.php') echo "cpNavOn"; else echo "cpNavOff"; ?>">Email Manager</div></a></td> <? } ?> <? if(user_has_permission('admin')) { ?> <td class="navCell"><a href="settings.php"><div id="publish" class="<? if(this_php == 'settings.php') echo "cpNavOn"; else echo "cpNavOff"; ?>">Settings</div></a></td> <? } ?> <? if(user_has_permission('admin')) { ?> <td class="navCell"><a href="users.php"><div id="publish" class="<? if(this_php == 'users.php') echo "cpNavOn"; else echo "cpNavOff"; ?>">Users</div></a></td> <? } ?> <? if(user_is_god()) { ?> <!-- <td class="navCell"><a href="admin.php"><div id="admin" class="<? if(this_php == 'admin.php') echo "cpNavOn"; else echo "cpNavOff"; ?>">Admin</div></a></td>--> <? } ?> <!--<td class="navCell"><a href="help.php"><div id="publish" class="<? if(this_php == 'help.php') echo "cpNavOn"; else echo "cpNavOff"; ?>">Help</div></a></td> --> <td class="navCell"> </td> </tr> </table> </div>