function acl_check( $var_1 = null, $var_2 = null, $var_3 = null, $var_4 = null, $var_5 = null, $var_6 = null, $var_7 = null, $var_8 = null ) { if ( checkJversion() == 2 ) { $return = JFactory::getUser()->authorise( $var_2, $var_1 ); } else { $return = $this->_acl->acl_check( $var_1, $var_2, $var_3, $var_4, $var_5, $var_6, $var_7, $var_8 ); } return $return; }
/** * Wraps the actual acl_query() function. * * It is simply here to return TRUE/FALSE accordingly. * @param string The ACO section value * @param string The ACO value * @param string The ARO section value * @param string The ARO section * @param string The AXO section value (optional) * @param string The AXO section value (optional) * @param integer The group id of the ARO ??Mike?? (optional) * @param integer The group id of the AXO ??Mike?? (optional) * @return mixed Generally a zero (0) or (1) or the extended return value of the ACL */ function acl_check($aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value = NULL, $axo_value = NULL, $root_aro_group = NULL, $root_axo_group = NULL) { if ($this->_checkMode === 1) { return parent::acl_check($aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value, $axo_value, $root_aro_group, $root_axo_group); } $this->debug_text("\n<br /> ACO={$aco_section_value}:{$aco_value}, ARO={$aro_section_value}:{$aro_value}, AXO={$axo_section_value}|{$axo_value}"); $acl_result = 0; for ($i = 0; $i < $this->acl_count; $i++) { $acl =& $this->acl[$i]; if (strcasecmp($aco_section_value, $acl[0]) == 0) { if (strcasecmp($aco_value, $acl[1]) == 0) { if (strcasecmp($aro_section_value, $acl[2]) == 0) { if (strcasecmp($aro_value, $acl[3]) == 0) { if ($axo_section_value && $acl[4]) { if (strcasecmp($axo_section_value, $acl[4]) == 0) { if (strcasecmp($axo_value, $acl[5]) == 0) { $acl_result = @$acl[6] ? $acl[6] : 1; break; } } } else { $acl_result = @$acl[6] ? $acl[6] : 1; break; } } } } } } return $acl_result; }
if ($outputDebug == TRUE) { if ($result !== FALSE) { echo "Created our Jedi Cockpit Access ACL sucessfully!<br>\n"; } else { echo "Error creating ACL.<br>\n"; } } unset($result); if ($outputDebug == TRUE) { echo "<br>\n"; echo "=================================================================================================<br>\n"; echo "-- Lets test the Jedi ACL for Obi-wan! --<br>\n"; echo "=================================================================================================<br>\n"; } // Lets check if Obi-wan has access to the Lounge if ($gacl_api->acl_check('access', 'lounge', 'jedi', 'obi-wan')) { if ($outputDebug == TRUE) { echo "Obi-Wan still has access to the lounge!<br>\n"; } } else { if ($outputDebug == TRUE) { echo "Obi-Wan no longer has access to the lounge! (Not good!)<br>\n"; } } // Lets check if Obi-wan has access to the Cockpit if ($gacl_api->acl_check('access', 'cockpit', 'jedi', 'obi-wan')) { if ($outputDebug == TRUE) { echo "Obi-Wan has access to the Cockpit! (the Jedi ACL Worked!)<br>\n"; } } else { if ($outputDebug == TRUE) {
$note = "Denying Chewie access to the engines!"; //The NULL values are for the more advanced options such as groups, and AXOs. Refer to the manual for more info. $result = $gacl_api->add_acl($aco_array, $aro_array, NULL, NULL, NULL, $allow, $enabled, $return_value, $note); if ($outputDebug == TRUE) { if ($result !== FALSE) { echo "Chewie has been denied access to the Engines!<br>\n"; } else { echo "Error creating ACL.<br>\n"; } echo "<br>\n"; echo "=================================================================================================<br>\n"; echo "-- Lets test the new ACL for Chewie! --<br>\n"; echo "=================================================================================================<br>\n"; } // Lets check if Chewie has access to the engines if ($gacl_api->acl_check('access', 'engines', 'crew', 'chewie')) { if ($outputDebug == TRUE) { echo "Chewie still has access to the engines!<br>\n"; } } else { if ($outputDebug == TRUE) { echo "Chewie has been denied access to the engines! (Han saves the hyperdrive from further distress!)<br>\n"; } } // Lets check if Chewie still has access to the cockpit if ($gacl_api->acl_check('access', 'cockpit', 'crew', 'chewie')) { if ($outputDebug == TRUE) { echo "And Chewie still has access to the cockpit! (Hans plan worked!)<br>\n"; } } else { if ($outputDebug == TRUE) {
} $database->setQuery("SELECT COUNT(*)" . "\nFROM #__users" . "\nWHERE (usertype='administrator' OR usertype='superadministrator')"); $count = intval($database->loadResult()); if ($count < 1) { echo "<script>alert(\"" . _LOGIN_NOADMINS . "\"); window.history.go(-1); </script>\n"; exit; } $database->setQuery("SELECT * FROM #__users WHERE username='******' AND block='0'"); $my = null; $database->loadObject($my); /** find the user group (or groups in the future) */ $grp = $acl->getAroGroup($my->id); $my->gid = $grp->group_id; $my->usertype = $grp->name; if ($my->id) { if (strcmp($my->password, $pass) || !$acl->acl_check('administration', 'login', 'users', $my->usertype)) { echo "<script>alert('" . $adminLanguage->A_ALERT_INCORRECT . "'); document.location.href='index.php';</script>\n"; exit; } session_name('mosadmin'); session_start(); $logintime = time(); $session_id = md5("{$my->id}{$my->username}{$my->usertype}{$logintime}"); $database->setQuery("INSERT INTO #__session" . "\nSET time='{$logintime}', session_id='{$session_id}', " . "userid='{$my->id}', usertype='{$my->usertype}', username='******'"); if (!$database->query()) { echo $database->stderr(); } $_SESSION["session_id"] = $session_id; $_SESSION["session_user_id"] = $my->id; $_SESSION["session_username"] = $my->username; $_SESSION["session_usertype"] = $my->usertype;
// | Copyright (c) 2004-2005 Openology.org Team | // | | // | For the full copyright and license information, please view the COPYRIGHT | // | file that was distributed with this source code. If the COPYRIGHT file is | // | missing, please visit Openology homepage: http://www.openology.org/ | // +---------------------------------------------------------------------------+ // // $Id: include_once OOO_LIB . '/phpgacl/gacl.class.php'; include_once OOO_LIB . '/phpgacl/gacl_api.class.php'; if ($action->module != '') { if (!session_is_registered('session_User')) { $change_op = 'login'; } else { if ($action->module != 'login') { $gacl_api = new gacl_api($gacl_options); $ID = $_SESSION['session_User']; $result = $gacl_api->acl_check('system', $action->module, 'users', $ID); if (!$result) { $extra_html_head = '<script type="text/javascript">alert("You do not have the permission, please contact Administrator")</script>'; $change_op = 'default'; } } } if ($change_op != '') { $op = $change_op; $change_action = new Action($op); $model = $change_action->model; $view = $change_action->view; } }