private static function _checkPermission() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } }
public static function _checkLog() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->assignToLayout('sidebar', new View('translate/sidebar')); }
function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->setLayout('backend'); }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { echo 'Please Login'; header('location:index.php?job=login'); } }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('about/sidebar'), array('abouts' => Record::findAllFrom('About', '1=1 ORDER BY sequence'))); }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('../../plugins/frog_tags/views/sidebar')); }
function __construct() { if (defined('CMS_BACKEND')) { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } } }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('testimonial/sidebar')); }
/** * Sets up the LoginController. */ function __construct() { // Redirect to HTTPS for login purposes if requested if (defined('USE_HTTPS') && USE_HTTPS && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on")) { $url = "https://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; header("Location: {$url}"); exit; } AuthUser::load(); }
public function __construct() { // Check to make sure user is logged in. AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('../../plugins/tinymce/views/sidebar')); }
function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $_SESSION['assets_folder'] = isset($_SESSION['assets_folder']) ? $_SESSION['assets_folder'] : assets_default_folder(); $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('../../plugins/assets/views/sidebar')); }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { echo 'Please Login'; header('location:index.php?job=login'); } //首页最近文章 //$this->recent_post = Article::getPost(5, true); //侧栏分类 $this->categories = Category::findAll(); if (is_array($this->categories) && count($this->categories) > 0) { $temp = array(); foreach ($this->categories as $k => $v) { $temp[$v->id] = get_object_vars($v); } $this->cahce_categories = $temp; $temp = array(); } //Tags 后期改进为热词形式 $hot_tags = Tag::findAll(20); //mprint_r($hot_tags, '$hot_tags'); if (count($hot_tags) > 0) { $first = current($hot_tags); $last = end($hot_tags); foreach ($hot_tags as $k => $v) { $tags_list[$k]['word'] = $v->name; $tags_list[$k]['size'] = tagClouds($v->count, $first->count, $last->count); } } $this->tags_list = $tags_list; $tags = Tag::findAll(); //var_dump($tags); $content_tag = Record::findAllFrom('ContentTag'); //var_dump($content_tag); //关系表中存在的文章ID以及tag集合到一个数组中tag_cache 避免在遍历生成文章静态页时重复读取数据库 //遍历所有tag 组合出方便调用的形式 if (is_array($tags) && count($tags) > 0) { $temp_tags = array(); foreach ($tags as $k => $v) { $temp_tags[$v->id] = $v->name; } } //遍历关系表 if (is_array($content_tag) && count($content_tag) > 0) { $this->cahce_tags = array(); foreach ($content_tag as $k => $v) { if (isset($temp_tags[$v->tag_id])) { $this->cahce_tags[$v->content_id][] = $temp_tags[$v->tag_id]; } } } //清空临时数据 $tags = $content_tag = $temp_tags = array(); }
/** * Check if user is authorized * * @return boolean true is access granted, false if no access */ function auth() { // You can insert your own code over here to check if the user is authorized. // This calls credentials from Wolf CMS login AuthUser::load(); if (AuthUser::isLoggedIn()) { return true; } else { return false; } }
private static function _checkPermission() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } else { if (!AuthUser::hasPermission('administrator')) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url()); } } }
function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } if (!AuthUser::hasPermission('admin_view')) { redirect(URL_PUBLIC); } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('../../plugins/funky_cache/views/sidebar')); }
function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } else { if (!AuthUser::hasPermission('administrator')) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url()); } } $this->setLayout('backend'); }
/** * Used to check generic permissions for entire the controller. */ private static final function _checkPermission() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } else { if (!AuthUser::hasPermission('admin_edit')) { Flash::set('error', __('You do not have permission to access the requested page!')); if (Setting::get('default_tab') === 'setting') { redirect(get_url('page')); } else { redirect(get_url()); } } } }
function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } else { if (!AuthUser::hasPermission('layout_view')) { Flash::set('error', __('You do not have permission to access the requested page!')); if (Setting::get('default_tab') === 'layout') { redirect(get_url('page')); } else { redirect(get_url()); } } } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('layout/sidebar')); }
function CKEditorGetConfigs($key = null) { $tablename = TABLE_PREFIX . 'plugin_settings'; try { $PDO = new PDO(DB_DSN, DB_USER, DB_PASS); if ($PDO->getAttribute(PDO::ATTR_DRIVER_NAME) == 'mysql') { $PDO->setAttribute(PDO::MYSQL_ATTR_USE_BUFFERED_QUERY, true); } } catch (PDOException $error) { try { require_once substrtruncate($_SERVER['SCRIPT_FILENAME'], '/plugins') . '/libraries/DoLite.php'; $PDO = new DoLite(DB_DSN, DB_USER, DB_PASS); } catch (PDOException $error) { die('DB Connection failed: ' . $error->getMessage()); } } Record::connection($PDO); $PDO = Record::getConnection(); $PDO->exec("set names 'utf8'"); $sql = "SELECT name,value FROM {$tablename} WHERE plugin_id='ckeditor'"; $settings = array(); $stmt = $PDO->prepare($sql); $stmt->execute(); while ($obj = $stmt->fetchObject()) { $settings[$obj->name] = $obj->value; } // language setting /**/ AuthUser::load(); $settings['editorLanguage'] = AuthUser::getRecord()->language; /**/ if ($settings) { if ($key && in_array($key, $settings)) { return $settings[$key]; } else { // return all return $settings; } } return false; }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url("login")); die; } // GET SETTINGS $settings = array_merge(array("grid-size" => 3, "widget-position" => serialize(array("events" => array("part" => 1, "order" => 1), "rss_reader" => array("part" => 2, "order" => 1)))), Plugin::getAllSettings("dashboard")); // UNSERIALIZE SETTINGS foreach ($settings as $key => $value) { if (is_string($value)) { if (@unserialize($value) !== false) { $settings[$key] = unserialize($value); } } } $this->settings = $settings; // OBSERVER DashboardWidgets::init($settings["widget-position"]); Observer::observe("view_backend_layout_head", "DashboardController::loadFiles"); }
/** * Execute this function on page_not_found. * If the request is for an image file, * resize the image. */ function image_resize_try_resizing() { // Require that visitor be logged in and has // permission to create files if (!AuthUser::isLoggedIn()) { AuthUser::load(); } if (!AuthUser::hasPermission('administrator,developer,editor')) { return false; } // Check that gd library is available if (!ImageResize::gd_available()) { return false; } if (preg_match('#\\.(jpe?g|gif|png|wbmp)$#i', CURRENT_URI)) { // If requested file appears to be an accepted format, create the new image if (image_resize_scale(CURRENT_URI) && !DEBUG) { // If Frog isn't debugging, it writes to a file; redirect to it header('Location: ' . URL_PUBLIC . "/" . CURRENT_URI); // Exit here to prevent a page not found message exit; } } }
public function settings_save() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } else { if (!AuthUser::hasPermission('admin_edit')) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url()); } } if (!isset($_POST['settings'])) { Flash::set('error', 'File Manager - ' . __('form was not posted.')); redirect(get_url('plugin/file_manager/settings')); } else { $settings = $_POST['settings']; if ($settings['umask'] == 0) { $settings['umask'] = 0; } elseif (!preg_match('/^0?[0-7]{3}$/', $settings['umask'])) { $settings['umask'] = 0; } if (strlen($settings['umask']) === 3) { $settings['umask'] = '0' . $settings['umask']; } elseif (strlen($settings['umask']) !== 4 && $settings['umask'] != 0) { $settings['umask'] = 0; } if (!preg_match('/^0?[0-7]{3}$/', $settings['dirmode'])) { $settings['dirmode'] = '0755'; } if (strlen($settings['dirmode']) === 3) { $settings['dirmode'] = '0' . $settings['dirmode']; } if (!preg_match('/^0?[0-7]{3}$/', $settings['filemode'])) { $settings['filemode'] = '0755'; } if (strlen($settings['filemode']) === 3) { $settings['filemode'] = '0' . $settings['filemode']; } } if (Plugin::setAllSettings($settings, 'file_manager')) { Flash::setNow('success', 'File Manager - ' . __('plugin settings saved.')); } else { Flash::setNow('error', 'File Manager - ' . __('plugin settings not saved!')); } $this->display('file_manager/views/settings', array('settings' => $settings)); }
// Adding date_format function to SQLite 3 'mysql date_format function' if (!function_exists('mysql_date_format_function')) { function mysql_function_date_format($date, $format) { return strftime($format, strtotime($date)); } } $__CMS_CONN__->sqliteCreateFunction('date_format', 'mysql_function_date_format', 2); } // DEFINED ONLY FOR BACKWARDS SUPPORT - to be taken out before 0.9.0 $__FROG_CONN__ = $__CMS_CONN__; Record::connection($__CMS_CONN__); Record::getConnection()->exec("set names 'utf8'"); Setting::init(); use_helper('I18n'); AuthUser::load(); if (AuthUser::isLoggedIn()) { I18n::setLocale(AuthUser::getRecord()->language); } else { I18n::setLocale(Setting::get('language')); } // Only add the cron web bug when necessary if (defined('USE_POORMANSCRON') && USE_POORMANSCRON && defined('POORMANSCRON_INTERVAL')) { Observer::observe('page_before_execute_layout', 'run_cron'); function run_cron() { $cron = Cron::findByIdFrom('Cron', '1'); $now = time(); $last = $cron->getLastRunTime(); if ($now - $last > POORMANSCRON_INTERVAL) { echo $cron->generateWebBug();
function registered_users_page_found($page) { // If login is required for the page if ($page->getLoginNeeded() == Page::LOGIN_REQUIRED) { AuthUser::load(); // Not Logged In if (!AuthUser::isLoggedIn()) { global $__FROG_CONN__; // Get the current page id $requested_page_id = $page->id(); // Let's get the page that is set as the login page to prevent any loopbacks $getloginpage = 'SELECT * FROM ' . TABLE_PREFIX . "page WHERE behavior_id='login_page'"; $getloginpage = $__FROG_CONN__->prepare($getloginpage); $getloginpage->execute(); while ($loginpage = $getloginpage->fetchObject()) { $loginpage_id = $loginpage->id; } if ($requested_page_id != $loginpage_id) { header('Location: ' . URL_PUBLIC . 'login'); } } else { // We need to check if the user has permission to access the page global $__FROG_CONN__; // Get requested page id $requested_page_id = $page->id(); // Get permissions that are required for this page $permissions_check = "SELECT * FROM " . TABLE_PREFIX . "permission_page WHERE page_id='{$requested_page_id}'"; $permissions_check = $__FROG_CONN__->prepare($permissions_check); $permissions_check->execute(); $permission_array = array(); while ($permission = $permissions_check->fetchObject()) { $page_permission = $permission->permission_id; array_push($permission_array, $page_permission); } $permissions_count = count($permission_array); AuthUser::load(); $userid = AuthUser::getRecord()->id; // Get permissions that this user has $user_permissions_check = "SELECT * FROM " . TABLE_PREFIX . "user_permission WHERE user_id='{$userid}'"; $user_permissions_check = $__FROG_CONN__->prepare($user_permissions_check); $user_permissions_check->execute(); $user_permissions_array = array(); while ($user_permissions = $user_permissions_check->fetchObject()) { $user_permission = $user_permissions->permission_id; array_push($user_permissions_array, $user_permission); } $permission_result = array_intersect($permission_array, $user_permissions_array); $permission_result_count = count($permission_result); if ($permission_result_count >= 1) { // display page as normal } else { // Let's get the authorisation required page global $__FROG_CONN__; $registration_settings = "SELECT * FROM " . TABLE_PREFIX . "registered_users_settings WHERE id='1'"; foreach ($__FROG_CONN__->query($registration_settings) as $row) { $auth_required_page = $row['auth_required_page']; } header('Location: ' . URL_PUBLIC . '' . $auth_required_page . ''); } } } }
function __construct() { AuthUser::load(); }
/** * Validates whether a given secure token is still valid. * * The validateToken() method validates the token is valid by checking: * - that the token is not expired (through the time), * - the token is valid for this user, * - the token is valid for this url * * It does so by reconstructing the token. If at any time during the valid * period of the token, the username, user password or the url changed, the * token is considered invalid. * * The token is also considered invalid if more than SecureToken::EXPIRES seconds * have passed. * * @param string $token The token. * @param string $url The url for which the token was generated. * @return boolean True if the token is valid, otherwise false. */ public static final function validateToken($token, $url) { use_helper('Hash'); $hash = new Crypt_Hash('sha256'); AuthUser::load(); if (AuthUser::isLoggedIn()) { $user = AuthUser::getRecord(); $target_url = str_replace('&', '&', $url); $pwd = substr(bin2hex($hash->hash($user->password)), 5, 20); $time = SecureToken::getTokenTime($user->username, $target_url); if (microtime(true) - $time > self::EXPIRES) { return false; } return bin2hex($hash->hash($user->username . $time . $target_url . $pwd . $user->salt)) === $token; } return false; }
function main() { // get the uri string from the query $path = $_SERVER['QUERY_STRING']; // Make sure special characters are decoded (support non-western glyphs like japanese) $path = urldecode($path); // START processing $_GET variables // If we're NOT using mod_rewrite, we check for GET variables we need to integrate if (!USE_MOD_REWRITE && strpos($path, '?') !== false) { $_GET = array(); // empty $_GET array since we're going to rebuild it list($path, $get_var) = explode('?', $path); $exploded_get = explode('&', $get_var); if (count($exploded_get)) { foreach ($exploded_get as $get) { list($key, $value) = explode('=', $get); $_GET[$key] = $value; } } } else { if (!USE_MOD_REWRITE && (strpos($path, '&') !== false || strpos($path, '=') !== false)) { $path = '/'; } } // If we're using mod_rewrite, we should have a WOLFPAGE entry. if (USE_MOD_REWRITE && array_key_exists('WOLFPAGE', $_GET)) { $path = $_GET['WOLFPAGE']; unset($_GET['WOLFPAGE']); } else { if (USE_MOD_REWRITE) { // We're using mod_rewrite but don't have a WOLFPAGE entry, assume site root. $path = '/'; } } // Needed to allow for ajax calls to backend if (array_key_exists('WOLFAJAX', $_GET)) { $path = '/' . ADMIN_DIR . $_GET['WOLFAJAX']; unset($_GET['WOLFAJAX']); } // END processing $_GET variables // remove suffix page if founded if (URL_SUFFIX !== '' and URL_SUFFIX !== '/') { $path = preg_replace('#^(.*)(' . URL_SUFFIX . ')$#i', "\$1", $path); } define('CURRENT_PATH', trim($path, '/')); // Alias for backward compatibility, this constant should no longer be used. define('CURRENT_URI', CURRENT_PATH); if ($path != null && $path[0] != '/') { $path = '/' . $path; } // Check if there's a custom route defined for this URI, // otherwise continue and assume page was requested. if (Dispatcher::hasRoute($path)) { Observer::notify('dispatch_route_found', $path); Dispatcher::dispatch($path); exit; } foreach (Observer::getObserverList('page_requested') as $callback) { $path = call_user_func_array($callback, array(&$path)); } // this is where 80% of the things is done $page = Page::findByPath($path, true); // if we found it, display it! if (is_object($page)) { // If a page is in preview status, only display to logged in users if (Page::STATUS_PREVIEW == $page->status_id) { AuthUser::load(); if (!AuthUser::isLoggedIn() || !AuthUser::hasPermission('page_view')) { pageNotFound($path); } } // If page needs login, redirect to login if ($page->getLoginNeeded() == Page::LOGIN_REQUIRED) { AuthUser::load(); if (!AuthUser::isLoggedIn()) { Flash::set('redirect', $page->url()); redirect(URL_PUBLIC . (USE_MOD_REWRITE ? '' : '?/') . ADMIN_DIR . '/login'); } } Observer::notify('page_found', $page); $page->_executeLayout(); } else { pageNotFound($path); } }
private static function __checkPermission($permission='facts_view') { AuthUser::load(); if ( ! AuthUser::isLoggedIn()) { redirect(get_url('login')); } if ( ! AuthUser::hasPermission($permission) ) { Flash::set('error', __('You do not have permission to access the requested page!')); if (! AuthUser::hasPermission('facts_view') ) redirect(get_url()); else redirect(get_url('plugin/facts')); } }//*/