コード例 #1
0
ファイル: Permissions.php プロジェクト: ngardner/BentoCMS
 function actionAllowed($controller, $action, $user_id = false)
 {
     $objPermissionModel = new PermissionsModel();
     if ($objPermissionModel->permissionExist($controller, $action)) {
         $allowed = $objPermissionModel->hasPermission($controller, $action, $user_id);
         if ($allowed) {
             return true;
         } else {
             return false;
         }
     } else {
         // if permission dosnt exist - its allowed by default!
         return true;
     }
 }
コード例 #2
0
ファイル: Administration.php プロジェクト: ngardner/BentoCMS
 function actionCreatePermissions($params = '')
 {
     $objPermissions = new PermissionsModel();
     if (!empty($params['dosubmit'])) {
         if (!empty($params['permission']) && is_array($params['permission'])) {
             foreach ($params['permission'] as $newPermission) {
                 if (!empty($newPermission['enable'])) {
                     if (!empty($newPermission['name']) && !empty($newPermission['description'])) {
                         unset($newPermission['enable']);
                         $objPermissions->createPermission($newPermission);
                     }
                 }
             }
         }
     }
     $possiblePermissions = $objPermissions->findNewPermissions();
     $this->view->assign('messages', $this->messages);
     $this->view->assign('possiblePermissions', $possiblePermissions);
     $this->view->assign('content', $this->view->fetch('tpl/administration/createpermissions.tpl'));
     $this->finish();
 }
コード例 #3
0
 public function get_view()
 {
     $uid = FannieAuth::getUID(FannieAuth::checkLogin());
     $dbc = CalendarPluginDB::get();
     $perm = new PermissionsModel($dbc);
     $perm->uid($uid);
     $calIDs = array();
     foreach ($perm->find() as $obj) {
         if ($obj->classID() > 1) {
             $calIDs[] = $obj->calendarID();
         }
     }
     $ret = '<form action="CalendarAttendedEventPage.php" method="post">';
     $ret .= '<div class"form-group">
         <label>Calendar</label>: 
         <select name="calendarID" class="form-control">';
     $cal = new CalendarsModel($dbc);
     foreach ($calIDs as $id) {
         $cal->calendarID($id);
         $cal->load();
         $ret .= sprintf('<option value="%d">%s</option>', $id, $cal->name());
     }
     $ret .= '</select></div>';
     $ret .= '<div class="form-group">
         <label>Date</label>: 
         <input type="text" class="form-control date-field" id="datestr" 
             required name="datestr" /></div>';
     $ret .= '<div class="form-group">
         <label>Max Attendees</label>: 
         <input type="number" class="form-control" required name="limit" />
         </div>';
     $ret .= '<div class="form-group">
             <label>Event Description</label>:
             <textarea name="text" class="form-control"></textarea>
             </div>';
     $ret .= '<p><button type="submit" class="btn btn-default">Create Event</button></p>';
     $ret .= '</form>';
     $ret .= '<p><a class="btn btn-default" href="CalendarMainPage.php">Home</a></p>';
     return $ret;
 }
コード例 #4
0
ファイル: CalendarAjax.php プロジェクト: phpsmith/IS4C
 public function run($args = array())
 {
     global $FANNIE_URL;
     $data = array();
     $action = FormLib::get_form_value('action');
     if ($action !== '') {
         $data[] = $action;
         switch ($action) {
             case 'save_or_add_event':
                 $calID = FormLib::get('id', 0);
                 $text = FormLib::get('text');
                 $text = str_replace('<br>', "\n", $text);
                 $text = htmlspecialchars($text);
                 $text = str_replace("\n", '<br>', $text);
                 $db = CalendarPluginDB::get();
                 $event = new MonthviewEventsModel($db);
                 $eventID = FormLib::get('eventID', false);
                 if ($eventID !== false) {
                     $event->eventID($eventID);
                     $event->eventText($text);
                     if (!empty($text)) {
                         $event->save();
                     } else {
                         $event->delete();
                     }
                 } else {
                     $date = FormLib::get('datestr');
                     $uid = FormLib::get('uid');
                     $event->eventDate($date);
                     $event->calendarID($calID);
                     $event->uid($uid);
                     $event->eventText($text);
                     if (!empty($text)) {
                         $eventID = $event->save();
                         $data = array();
                         echo $eventID;
                     }
                 }
                 $calendar = new CalendarsModel($db);
                 $calendar->calendarID($calID);
                 $calendar->modified(1);
                 $calendar->save();
                 break;
             case 'monthview_save':
                 $date = FormLib::get_form_value('date');
                 $id = FormLib::get_form_value('id', 0);
                 $text = FormLib::get_form_value('text');
                 $uid = FormLib::get_form_value('uid', 0);
                 $db = CalendarPluginDB::get();
                 $chkP = $db->prepare_statement("SELECT calendarID FROM monthview_events \n                        WHERE eventDate=? and uid=? and calendarID=?");
                 $rowCheck = $db->exec_statement($chkP, array($date, $uid, $id));
                 if ($db->num_rows($rowCheck) <= 0 && $text != "") {
                     $insP = $db->prepare_statement("INSERT INTO monthview_events \n                                                    (calendarID, eventDate, eventText, uid) VALUES (?,?,?,?)");
                     $db->exec_statement($insP, array($id, $date, $text, $uid));
                 } else {
                     if ($text == "") {
                         $delP = $db->prepare_statement("DELETE FROM monthview_events WHERE\n                            calendarID=? AND eventDate=?\n                            AND uid=?");
                         $db->exec_statement($delP, array($id, $date, $uid));
                     } else {
                         $upP = $db->prepare_statement("UPDATE monthview_events SET\n                            eventText=?\n                            WHERE calendarID=? AND eventDate=?\n                            AND uid=?");
                         $db->exec_statement($upP, array($text, $id, $date, $uid));
                     }
                 }
                 $calendar = new CalendarsModel($db);
                 $calendar->calendarID($id);
                 $calendar->modified(1);
                 $calendar->save();
                 break;
             case 'createCalendar':
                 $name = FormLib::get_form_value('name');
                 $uid = FormLib::get_form_value('uid', 0);
                 $db = CalendarPluginDB::get();
                 $p = $db->prepare_statement("INSERT INTO calendars (name) VALUES (?)");
                 $db->exec_statement($p, array($name));
                 $id = $db->insert_id();
                 $p = $db->prepare_statement("INSERT INTO permissions (calendarID,uid,classID)\n                                VALUES (?,?,4)");
                 $db->exec_statement($p, array($id, $uid));
                 $data[] = "<p class=\"index\"><a href=\"?calID={$id}&view=month\">{$name}</a></p>";
                 break;
             case 'createSubscription':
                 $db = CalendarPluginDB::get();
                 $name = FormLib::get('name');
                 $url = FormLib::get('url');
                 $uid = FormLib::get_form_value('uid', 0);
                 $subscription = new CalendarSubscriptionsModel($db);
                 $subscription->url($url);
                 $subscriptionID = $subscription->save();
                 $calendar = new CalendarsModel($db);
                 $calendar->name($name);
                 $calendar->calendarSubscriptionID($subscriptionID);
                 $calendarID = $calendar->save();
                 $permissions = new PermissionsModel($db);
                 $permissions->calendarID($calendarID);
                 $permissions->uid($uid);
                 $permissions->classID(4);
                 $permissions->save();
                 $data[] = 'Subscribed';
                 break;
             case 'savePrefs':
                 $calID = FormLib::get_form_value('calID');
                 $name = str_replace("'", "''", $_GET['name']);
                 $name = FormLib::get_form_value('name');
                 $viewers = FormLib::get_form_value('viewers', array());
                 $writers = FormLib::get_form_value('writers', array());
                 $db = CalendarPluginDB::get();
                 $calendar = new CalendarsModel($db);
                 $calendar->calendarID($calID);
                 $calendar->load();
                 $calendar->name($name);
                 $calendar->save();
                 $p = $db->prepare_statement("DELETE FROM permissions WHERE calendarID=? and classID < 4");
                 $db->exec_statement($p, array($calID));
                 $insP = $db->prepare_statement("INSERT INTO permissions (calendarID,uid,classID) VALUES (?,?,?)");
                 if ($viewers != "") {
                     foreach (explode(",", $viewers) as $v) {
                         $db->exec_statement($insP, array($calID, $v, 1));
                     }
                 }
                 if ($writers != "") {
                     foreach (explode(",", $writers) as $w) {
                         $db->exec_statement($insP, array($calID, $w, 2));
                     }
                 }
                 if (FormLib::get('url')) {
                     $url = FormLib::get('url');
                     $sub = new CalendarSubscriptionsModel($db);
                     $sub->calendarSubscriptionID($calendar->calendarSubscriptionID());
                     $sub->url($url);
                     $sub->save();
                 }
                 break;
             case 'weekview_save':
                 $timestamp = FormLib::get_form_value('ts');
                 $date = date('Y-m-d H:i:00', $timestamp);
                 $calID = FormLib::get_form_value('id', 0);
                 $text = trim(FormLib::get_form_value('text'));
                 $eID = FormLib::get('eventID', false);
                 $uid = FannieAuth::getUID(FannieAuth::checkLogin());
                 $pat = '/#(\\d+)/';
                 $rep = '<a href="' . $FANNIE_URL . 'modules/plugins2.0/PIKiller/PIMemberPage.php?id=${1}" onclick="noBubble(event);">#${1}</a>';
                 $text = preg_replace($pat, $rep, $text);
                 $db = CalendarPluginDB::get();
                 $model = new MonthviewEventsModel($db);
                 if ($eID) {
                     $model->eventID($eID);
                 }
                 if (empty($text) && $eID) {
                     // delete empty event
                     // no eID implies event doesn't exist
                     // just opened/closed w/o content
                     $model->delete();
                 } else {
                     if (!empty($text)) {
                         $model->uid($uid);
                         $model->eventDate($date);
                         $model->eventText($text);
                         $model->calendarID($calID);
                         $newID = $model->save();
                         if (!$eID) {
                             $data[] = $newID;
                         }
                     }
                 }
                 break;
         }
     }
     return $data;
 }