function acl_check( $var_1 = null, $var_2 = null, $var_3 = null, $var_4 = null, $var_5 = null, $var_6 = null, $var_7 = null, $var_8 = null ) {
if ( checkJversion() == 2 ) {
$return = JFactory::getUser()->authorise( $var_2, $var_1 );
} else {
$return = $this->_acl->acl_check( $var_1, $var_2, $var_3, $var_4, $var_5, $var_6, $var_7, $var_8 );
}
return $return;
}
/**
* Wraps the actual acl_query() function.
*
* It is simply here to return TRUE/FALSE accordingly.
* @param string The ACO section value
* @param string The ACO value
* @param string The ARO section value
* @param string The ARO section
* @param string The AXO section value (optional)
* @param string The AXO section value (optional)
* @param integer The group id of the ARO ??Mike?? (optional)
* @param integer The group id of the AXO ??Mike?? (optional)
* @return mixed Generally a zero (0) or (1) or the extended return value of the ACL
*/
function acl_check($aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value = NULL, $axo_value = NULL, $root_aro_group = NULL, $root_axo_group = NULL)
{
if ($this->_checkMode === 1) {
return parent::acl_check($aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value, $axo_value, $root_aro_group, $root_axo_group);
}
$this->debug_text("\n<br /> ACO={$aco_section_value}:{$aco_value}, ARO={$aro_section_value}:{$aro_value}, AXO={$axo_section_value}|{$axo_value}");
$acl_result = 0;
for ($i = 0; $i < $this->acl_count; $i++) {
$acl =& $this->acl[$i];
if (strcasecmp($aco_section_value, $acl[0]) == 0) {
if (strcasecmp($aco_value, $acl[1]) == 0) {
if (strcasecmp($aro_section_value, $acl[2]) == 0) {
if (strcasecmp($aro_value, $acl[3]) == 0) {
if ($axo_section_value && $acl[4]) {
if (strcasecmp($axo_section_value, $acl[4]) == 0) {
if (strcasecmp($axo_value, $acl[5]) == 0) {
$acl_result = @$acl[6] ? $acl[6] : 1;
break;
}
}
} else {
$acl_result = @$acl[6] ? $acl[6] : 1;
break;
}
}
}
}
}
}
return $acl_result;
}
if ($outputDebug == TRUE) {
if ($result !== FALSE) {
echo "Created our Jedi Cockpit Access ACL sucessfully!<br>\n";
} else {
echo "Error creating ACL.<br>\n";
}
}
unset($result);
if ($outputDebug == TRUE) {
echo "<br>\n";
echo "=================================================================================================<br>\n";
echo "-- Lets test the Jedi ACL for Obi-wan! --<br>\n";
echo "=================================================================================================<br>\n";
}
// Lets check if Obi-wan has access to the Lounge
if ($gacl_api->acl_check('access', 'lounge', 'jedi', 'obi-wan')) {
if ($outputDebug == TRUE) {
echo "Obi-Wan still has access to the lounge!<br>\n";
}
} else {
if ($outputDebug == TRUE) {
echo "Obi-Wan no longer has access to the lounge! (Not good!)<br>\n";
}
}
// Lets check if Obi-wan has access to the Cockpit
if ($gacl_api->acl_check('access', 'cockpit', 'jedi', 'obi-wan')) {
if ($outputDebug == TRUE) {
echo "Obi-Wan has access to the Cockpit! (the Jedi ACL Worked!)<br>\n";
}
} else {
if ($outputDebug == TRUE) {
$note = "Denying Chewie access to the engines!";
//The NULL values are for the more advanced options such as groups, and AXOs. Refer to the manual for more info.
$result = $gacl_api->add_acl($aco_array, $aro_array, NULL, NULL, NULL, $allow, $enabled, $return_value, $note);
if ($outputDebug == TRUE) {
if ($result !== FALSE) {
echo "Chewie has been denied access to the Engines!<br>\n";
} else {
echo "Error creating ACL.<br>\n";
}
echo "<br>\n";
echo "=================================================================================================<br>\n";
echo "-- Lets test the new ACL for Chewie! --<br>\n";
echo "=================================================================================================<br>\n";
}
// Lets check if Chewie has access to the engines
if ($gacl_api->acl_check('access', 'engines', 'crew', 'chewie')) {
if ($outputDebug == TRUE) {
echo "Chewie still has access to the engines!<br>\n";
}
} else {
if ($outputDebug == TRUE) {
echo "Chewie has been denied access to the engines! (Han saves the hyperdrive from further distress!)<br>\n";
}
}
// Lets check if Chewie still has access to the cockpit
if ($gacl_api->acl_check('access', 'cockpit', 'crew', 'chewie')) {
if ($outputDebug == TRUE) {
echo "And Chewie still has access to the cockpit! (Hans plan worked!)<br>\n";
}
} else {
if ($outputDebug == TRUE) {
}
$database->setQuery("SELECT COUNT(*)" . "\nFROM #__users" . "\nWHERE (usertype='administrator' OR usertype='superadministrator')");
$count = intval($database->loadResult());
if ($count < 1) {
echo "<script>alert(\"" . _LOGIN_NOADMINS . "\"); window.history.go(-1); </script>\n";
exit;
}
$database->setQuery("SELECT * FROM #__users WHERE username='******' AND block='0'");
$my = null;
$database->loadObject($my);
/** find the user group (or groups in the future) */
$grp = $acl->getAroGroup($my->id);
$my->gid = $grp->group_id;
$my->usertype = $grp->name;
if ($my->id) {
if (strcmp($my->password, $pass) || !$acl->acl_check('administration', 'login', 'users', $my->usertype)) {
echo "<script>alert('" . $adminLanguage->A_ALERT_INCORRECT . "'); document.location.href='index.php';</script>\n";
exit;
}
session_name('mosadmin');
session_start();
$logintime = time();
$session_id = md5("{$my->id}{$my->username}{$my->usertype}{$logintime}");
$database->setQuery("INSERT INTO #__session" . "\nSET time='{$logintime}', session_id='{$session_id}', " . "userid='{$my->id}', usertype='{$my->usertype}', username='******'");
if (!$database->query()) {
echo $database->stderr();
}
$_SESSION["session_id"] = $session_id;
$_SESSION["session_user_id"] = $my->id;
$_SESSION["session_username"] = $my->username;
$_SESSION["session_usertype"] = $my->usertype;
// | Copyright (c) 2004-2005 Openology.org Team |
// | |
// | For the full copyright and license information, please view the COPYRIGHT |
// | file that was distributed with this source code. If the COPYRIGHT file is |
// | missing, please visit Openology homepage: http://www.openology.org/ |
// +---------------------------------------------------------------------------+
//
// $Id:
include_once OOO_LIB . '/phpgacl/gacl.class.php';
include_once OOO_LIB . '/phpgacl/gacl_api.class.php';
if ($action->module != '') {
if (!session_is_registered('session_User')) {
$change_op = 'login';
} else {
if ($action->module != 'login') {
$gacl_api = new gacl_api($gacl_options);
$ID = $_SESSION['session_User'];
$result = $gacl_api->acl_check('system', $action->module, 'users', $ID);
if (!$result) {
$extra_html_head = '<script type="text/javascript">alert("You do not have the permission, please contact Administrator")</script>';
$change_op = 'default';
}
}
}
if ($change_op != '') {
$op = $change_op;
$change_action = new Action($op);
$model = $change_action->model;
$view = $change_action->view;
}
}
