public function store(CAppUI $AppUI) { $perms = $AppUI->acl(); $stored = false; $errorMsgArray = $this->check(); if (count($errorMsgArray) > 0) { return $errorMsgArray; } /* * TODO: I don't like the duplication on each of these two branches, but I * don't have a good idea on how to fix it at the moment... */ if ($this->field_id && canEdit('system')) { if ($msg = parent::store()) { return $msg; } $stored = true; } if (0 == $this->field_id && canEdit('system')) { if ($msg = parent::store()) { return $msg; } $stored = true; } return $stored; }
function listACLsByPath($pathname) { $me = $_SERVER["PHP_SELF"]; if (!canEdit($pathname)) { echo "Ihnen fehlt leider die Berechtigung, das Verzeichnis {$pathname} zu bearbeiten"; return false; } // Verzeichnisobjekt holen $path = new Path(); if (!$path->selectByName($pathname)) { fehlerausgabe("Das Verzeichnis {$pathname} konnte nicht aus der DB gewählt werden"); return false; } // ACLs fuer das Verzeichnis holen $acllist = new ACLList(); if (!$acllist->selectByPath($pathname)) { fehlerausgabe("Die zum Verzeichnis {$pathname} gehörigen ACLs konnten nicht aus der DB gewählt werden"); return false; } echo "ACLs für Pfad {$pathname}:"; echo <<<EOF <form name="acleditor" method="post" action="{$me}"> <select name="cmd"> <option value="edit">Eine ACL bearbeiten</option> <option value="del">Löschen</option> </select> <input type="hidden" name="pathname" value="{$pathname}" /> <input type="submit" value="Los" /> <br /> <table width="100%" border="0" cellspacing="0" cellpadding="0" style="table-layout:fixed"> <tr> <td>User</td> <td>Löschen</td> <td>Schreiben</td> <td>Lesen</td> <td>Umbenennen</td> </tr> EOF; $user = new User(); for ($i = 0; $i < count($acllist->list); $i++) { $acl = $acllist->list[$i]; $user->selectByID($acl->user_id); echo <<<EOF <tr> <td><input type="checkbox" name="aclid[]" value="{$acl->acl_id}" />{$user->loginname}</td> <td>{$acl->delete_path}</td> <td>{$acl->write_path}</td> <td>{$acl->read_path}</td> <td>{$acl->rename_path}</td> </tr> EOF; } echo <<<EOF </table> </form> EOF; return true; }
public function process(\w2p_Core_CAppUI $AppUI, array $myArray) { if (!canEdit('users')) { $this->resultPath = ACCESS_DENIED; return $AppUI; } $action = $this->delete ? 'deleted' : 'stored'; $this->success = $this->delete ? $this->object->del_acl((int) $myArray['permission_id']) : $this->object->addUserPermission(); if ($this->success) { $AppUI->setMsg($this->prefix . ' ' . $action, UI_MSG_OK, true); $this->resultPath = $this->successPath; $this->object->recalcPermissions(null, (int) $myArray['permission_user']); } else { $AppUI->setMsg($this->object->getError(), UI_MSG_ERROR); $this->resultPath = $this->errorPath; $AppUI->holdObject($this->object); } return $AppUI; }
// // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // if (!canEdit('System')) { $view = "error"; return; } $options = array("go" => $SLANG['DonateYes'], "hour" => $SLANG['DonateRemindHour'], "day" => $SLANG['DonateRemindDay'], "week" => $SLANG['DonateRemindWeek'], "month" => $SLANG['DonateRemindMonth'], "never" => $SLANG['DonateRemindNever'], "already" => $SLANG['DonateAlready']); $focusWindow = true; xhtmlHeaders(__FILE__, $SLANG['Donate']); ?> <body> <div id="page"> <div id="header"> <h2><?php echo $SLANG['Donate']; ?> </h2> <h1>ZoneMinder - <?php
public function canUserEditTimeInformation() { global $AppUI; $project = new CProject(); $project->load($this->task_project); // Code to see if the current user is // enabled to change time information related to task $can_edit_time_information = false; // Let's see if all users are able to edit task time information if (w2PgetConfig('restrict_task_time_editing') == true && $this->task_id > 0) { // Am I the task owner? if ($this->task_owner == $AppUI->user_id) { $can_edit_time_information = true; } // Am I the project owner? if ($project->project_owner == $AppUI->user_id) { $can_edit_time_information = true; } // Am I sys admin? if (canEdit('admin')) { $can_edit_time_information = true; } } else { if (w2PgetConfig('restrict_task_time_editing') == false || $this->task_id == 0) { // If all users are able, then don't check anything $can_edit_time_information = true; } } return $can_edit_time_information; }
echo arraySelect($projects, 'project_id', 'onchange="submitIt()" class="text" style="width:500px"', 0); ?> </strong> </font> </td> </tr> </form> </table> <?php } else { // check permissions for this record $canReadProject = $perms->checkModuleItem('projects', 'view', $project_id); $canEditProject = $perms->checkModuleItem('projects', 'edit', $project_id); $canViewTasks = canView('tasks'); $canAddTasks = canAdd('tasks'); $canEditTasks = canEdit('tasks'); $canDeleteTasks = canDelete('tasks'); if (!$canReadProject) { $AppUI->redirect('m=public&a=access_denied'); } // check if this record has dependencies to prevent deletion $msg = ''; $obj = new CProject(); // Now check if the project is editable/viewable. $denied = $obj->getDeniedRecords($AppUI->user_id); if (in_array($project_id, $denied)) { $AppUI->redirect('m=public&a=access_denied'); } $canDeleteProject = $obj->canDelete($msg, $project_id); // get critical tasks (criteria: task_end_date) $criticalTasks = $project_id > 0 ? $obj->getCriticalTasks($project_id) : null;
<?php /* $Id: billingcode.php 2016 2011-08-07 07:08:46Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/tags/version2.4/modules/system/billingcode.php $ */ if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } ## ## add or edit a user preferences ## $company_id = 0; $company_id = isset($_REQUEST['company_id']) ? w2PgetParam($_REQUEST, 'company_id', 0) : 0; // Check permissions $perms =& $AppUI->acl(); if (!canEdit('system')) { $AppUI->redirect('m=public&a=access_denied'); } $q = new w2p_Database_Query(); $q->addTable('billingcode', 'bc'); $q->addQuery('billingcode_id, billingcode_name, billingcode_value, billingcode_desc, billingcode_status'); $q->addOrder('billingcode_name ASC'); $q->addWhere('company_id = ' . (int) $company_id); $billingcodes = $q->loadList(); $q->clear(); $q = new w2p_Database_Query(); $q->addTable('companies', 'c'); $q->addQuery('company_id, company_name'); $q->addOrder('company_name ASC'); $company_list = $q->loadHashList(); $company_list[0] = $AppUI->_('Select Company'); $q->clear(); $company_name = $company_list[$company_id];
$dImagePath = sprintf("%s/%0" . ZM_EVENT_IMAGE_DIGITS . "d-diag-d.jpg", $eventPath, $frame['FrameId']); $rImagePath = sprintf("%s/%0" . ZM_EVENT_IMAGE_DIGITS . "d-diag-r.jpg", $eventPath, $frame['FrameId']); $focusWindow = true; xhtmlHeaders(__FILE__, translate('Frame') . " - " . $event['Id'] . " - " . $frame['FrameId']); ?> <body> <div id="page"> <div id="header"> <div id="headerButtons"> <?php if (ZM_RECORD_EVENT_STATS && $alarmFrame) { echo makePopupLink('?view=stats&eid=' . $event['Id'] . '&fid=' . $frame['FrameId'], 'zmStats', 'stats', translate('Stats')); } ?> <?php if (canEdit('Events')) { ?> <a href="?view=none&action=delete&markEid=<?php echo $event['Id']; ?> "><?php echo translate('Delete'); ?> </a><?php } ?> <a href="#" onclick="closeWindow(); return( false );"><?php echo translate('Close'); ?> </a> </div>
<?php /* $Id: chpwd.php 1971 2011-07-04 04:31:39Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/tags/version2.4/modules/public/chpwd.php $ */ if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } if (!($user_id = w2PgetParam($_REQUEST, 'user_id', 0))) { $user_id = $AppUI->user_id; } // check for a non-zero user id if ($user_id) { $old_pwd = db_escape(trim(w2PgetParam($_POST, 'old_pwd', null))); $new_pwd1 = db_escape(trim(w2PgetParam($_POST, 'new_pwd1', null))); $new_pwd2 = db_escape(trim(w2PgetParam($_POST, 'new_pwd2', null))); $perms =& $AppUI->acl(); $canAdminEdit = canEdit('admin'); // has the change form been posted if ($new_pwd1 && $new_pwd2 && $new_pwd1 == $new_pwd2) { $user = new CUser(); if ($canAdminEdit || $user->validatePassword($user_id, $old_pwd)) { $user->user_id = $user_id; $user->user_password = $new_pwd1; if ($msg = $user->store()) { $AppUI->setMsg($msg, UI_MSG_ERROR); ?> <script language="javascript" type="text/javascript"> window.onload = function() { window.close(); } </script> <?php
<?php include "../include/config.php"; $post_get = new GetVarClass(); $email = $post_get->getemail("email"); if (!$email) { die("Редактирование заявки невозможно: введите корректный e-mail. "); } $editorid = loginbycookie(); if (!canEdit($editorid, $email)) { die("У вас недостаточно прав доступа, чтобы редактировать заявку {$email}. "); } $userid = emailToId($email); $name = $post_get->getvar("name"); $nick = $post_get->getvar("nick"); $city = $post_get->getvar("city"); $age = $post_get->getadate("age"); $contacts = $post_get->getvar("contacts"); $contraindication = $post_get->getvar("contraindication"); $chronicdesease = $post_get->getvar("chronicdesease"); $wishes = $post_get->getvar("wishes"); $publicity = $post_get->getenumkeys("publicity", $langPublicities); $character_name = $post_get->getvar("character_name"); $character_age = $post_get->getadate("character_age"); $country = $post_get->getenumkeys("country", $langCountries); $birth = $post_get->getenumkeys("birth", $langBirthes); $rank = $post_get->getenumkeys("rank", $langRanks); $quota = $post_get->getenumkeys("quota", $langQuotas); $quenta = $post_get->getvar("quenta"); $wishes2 = $post_get->getvar("wishes2"); $go_royal_wedding = $post_get->getvar("go_royal_wedding", "0|1", "0");
</option> <?php } } ?> </select> </td> </tr> </tbody> </table> <div id="contentButtons"> <input type="submit" value="<?php echo translate('Save'); ?> "<?php if (!canEdit('Groups')) { ?> disabled="disabled"<?php } ?> /> <input type="button" value="<?php echo translate('Cancel'); ?> " onclick="closeWindow()"/> </div> </form> </div> </div> </body> </html>
echo $AppUI->_($fieldNames[$index]); ?> <!-- </a>--> </th><?php } echo '<th></th>'; ?> </tr> <?php // Pull the task comments $task = new CTask(); //TODO: this method should be moved to CTaskLog $logs = $task->getTaskLogs($task_id, $problem); $s = ''; $hrs = 0; $canEdit = canEdit('task_log'); $htmlHelper = new w2p_Output_HTMLHelper($AppUI); $billingCategory = w2PgetSysVal('BudgetCategory'); $durnTypes = w2PgetSysVal('TaskDurationType'); $taskLogReference = w2PgetSysVal('TaskLogReference'); $status = w2PgetSysVal('TaskStatus'); $task_types = w2PgetSysVal('TaskType'); $customLookups = array('budget_category' => $billingCategory, 'task_duration_type' => $durnTypes, 'task_log_reference' => $taskLogReference, 'task_status' => $status, 'task_type' => $task_types); if (count($logs)) { foreach ($logs as $row) { $s .= '<tr bgcolor="white" valign="top"><td>'; if ($canEdit) { $s .= '<a href="?m=tasks&a=view&task_id=' . $task_id . '&tab='; $s .= $tab == -1 ? $AppUI->getState('TaskLogVwTab') : '1'; $s .= '&task_log_id=' . $row['task_log_id'] . '">' . w2PshowImage('icons/stock_edit-16.png', 16, 16, '') . '</a>'; }
echo translate('Submit'); ?> " onclick="submitToEvents( this );"/> <input type="button" name="executeButton" id="executeButton" value="<?php echo translate('Execute'); ?> " onclick="executeFilter( this );"/> <?php if (canEdit('Events')) { ?> <input type="button" value="<?php echo translate('Save'); ?> " onclick="saveFilter( this );"/><?php } if (canEdit('Events') && isset($dbFilter)) { ?> <input type="button" value="<?php echo translate('Delete'); ?> " onclick="deleteFilter( this, '<?php echo $dbFilter['Name']; ?> ' );"/><?php } ?> <input type="button" value="<?php echo translate('Reset'); ?> " onclick="submitToFilter( this, 1 );"/> </div>
$userid = $AppUI->user_id; $perms =& $AppUI->acl(); if ($action == 'add') { if (!canAdd('history')) { $AppUI->redirect('m=public&a=access_denied'); } $q->addTable('history'); $q->addInsert('history_table', "history"); $q->addInsert('history_action', "add"); $q->addInsert('history_date', "'" . $q->dbfnNowWithTZ() . "'"); $q->addInsert('history_description', $history_description); $q->addInsert('history_user', $userid); $q->addInsert('history_project', $history_project); $okMsg = 'History added'; } elseif ($action == 'update') { if (!canEdit('history')) { $AppUI->redirect('m=public&a=access_denied'); } $q->addTable('history'); $q->addUpdate('history_description', $history_description); $q->addUpdate('history_project', $history_project); $q->addWhere('history_id =' . $history_id); $okMsg = 'History updated'; } elseif ($action == 'del') { if (!canDelete('history')) { $AppUI->redirect('m=public&a=access_denied'); } $q->setDelete('history'); $q->addWhere('history_id =' . $history_id); $okMsg = 'History deleted'; }
<?php /* $Id: view.php 1923 2011-05-10 06:02:37Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/tags/version2.4/modules/departments/view.php $ */ if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } global $department, $min_view; $dept_id = (int) w2PgetParam($_GET, 'dept_id', 0); $tab = $AppUI->processIntState('DeptVwTab', $_GET, 'tab', 0); // check permissions $canRead = canView($m, $dept_id); $canEdit = canEdit($m, $dept_id); if (!$canRead) { $AppUI->redirect('m=public&a=access_denied'); } $department = new CDepartment(); $department->loadFull($AppUI, $dept_id); if (!$department) { $AppUI->setMsg('Department'); $AppUI->setMsg('invalidID', UI_MSG_ERROR, true); $AppUI->redirect(); } else { $AppUI->savePlace(); } $countries = w2PgetSysVal('GlobalCountries'); $types = w2PgetSysVal('DepartmentType'); $titleBlock = new CTitleBlock('View Department', 'departments.png', $m, $m . '.' . $a); if ($canEdit) { $titleBlock->addCell(); $titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new department') . '">', '', '<form action="?m=departments&a=addedit&company_id=' . $department->dept_company . '&dept_parent=' . $dept_id . '" method="post" accept-charset="utf-8">', '</form>'); }
// // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // if (!canEdit('Monitors')) { $view = "error"; return; } $cameras = array(); $cameras[0] = translate('ChooseDetectedCamera'); if (ZM_HAS_V4L2) { // Probe Local Cameras // $command = getZmuCommand(" --query --device"); if (!empty($_REQUEST['device'])) { $command .= "=" . escapeshellarg($_REQUEST['device']); } $result = exec(escapeshellcmd($command), $output, $status); if ($status) { Fatal("Unable to probe local cameras, status is '{$status}'");
* run for example the file module/directory1/directory2/file.php * Also it won't be possible to run modules/module/abc.zyz.class.php for that dots are * not allowed in the request parameters. */ $u = $AppUI->checkFileName(w2PgetCleanParam($_GET, 'u', '')); // load module based locale settings @(include_once W2P_BASE_DIR . '/locales/' . $AppUI->user_locale . '/locales.php'); include_once W2P_BASE_DIR . '/locales/core.php'; setlocale(LC_TIME, $AppUI->user_lang); $m_config = w2PgetConfig($m); // TODO: canRead/Edit assignements should be moved into each file // check overall module permissions // these can be further modified by the included action files $canAccess = canAccess($m); $canRead = canView($m); $canEdit = canEdit($m); $canAuthor = canAdd($m); $canDelete = canDelete($m); if (!$suppressHeaders) { // output the character set header if (isset($locale_char_set)) { header('Content-type: text/html;charset=' . $locale_char_set); } } // include the module class file - we use file_exists instead of @ so // that any parse errors in the file are reported, rather than errors // further down the track. $modclass = $AppUI->getModuleClass($m); if (file_exists($modclass)) { include_once $modclass; }
/** * Method to test whether a history record can be deleted. Note that we check whether we have edit permissions * for the content item row. * * @param JTableContenthistory $record A JTable object. * * @return boolean True if allowed to delete the record. Defaults to the permission set in the component. * * @since 3.6 */ protected function canDelete($record) { return canEdit($record); }
<?php if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } // @todo remove database query global $AppUI, $role_id, $canEdit, $canDelete, $tab; // Get the permissions for this module $perms =& $AppUI->acl(); $canEdit = canEdit('roles'); if (!$canEdit) { $AppUI->redirect(ACCESS_DENIED); } $module_list = $perms->getModuleList(); $pgo_list = $AppUI->getPermissionableModuleList(); $count = 0; $offset = 0; $pgos = array(); $modules = array(); foreach ($module_list as $module) { $modules[$module['type'] . ',' . $module['id']] = $module['name']; if ($module['type'] = 'mod' && isset($pgo_list[$module['name']])) { $pgos[$offset] = $pgo_list[$module['name']]['permissions_item_table']; } $offset++; } //Pull User perms $role_acls = $perms->getRoleACLs($role_id); if (!is_array($role_acls)) { $role_acls = array(); // Stops foreach complaining.
$isNewUser = !$user_id; $perms =& $AppUI->acl(); if ($del) { } elseif ($isNewUser) { if (!canAdd('admin')) { $AppUI->redirect('m=public&a=access_denied'); } if (!canAdd('users')) { $AppUI->redirect('m=public&a=access_denied'); } } else { if ($user_id != $AppUI->user_id) { if (!canEdit('admin')) { $AppUI->redirect('m=public&a=access_denied'); } if (!canEdit('users')) { $AppUI->redirect('m=public&a=access_denied'); } } } $obj->user_username = strtolower($obj->user_username); // !User's contact information not deleted - left for history. if ($del) { $result = $obj->delete($AppUI); $message = $result ? 'User deleted' : $obj->getError(); $path = $result ? 'm=admin' : 'm=public&a=access_denied'; $status = $result ? UI_MSG_ALERT : UI_MSG_ERROR; $AppUI->setMsg($message, $status); $AppUI->redirect($path); } $contact->contact_owner = $contact->contact_owner ? $contact->contact_owner : $AppUI->user_id;
xml_tag_val("GD", gdExists()); xml_tag_val("FVCODEC", ZM_EYEZM_FEED_VCODEC); xml_tag_val("FVTMT", ZM_EYEZM_H264_TIMEOUT); xml_tag_val("USER", $user['Username']); xml_tag_val("UID", $user['Id']); /* Permissions block */ xml_tag_sec("PERMS", 1); xml_tag_val("STREAM", $user['Stream']); xml_tag_val("EVENTS", $user['Events']); xml_tag_val("CONTROL", $user['Control']); xml_tag_val("MONITORS", $user['Monitors']); xml_tag_val("DEVICES", $user['Devices']); xml_tag_val("SYSTEM", $user['System']); xml_tag_sec("PERMS", 0); /* End permissions block */ if (canEdit('System')) { if ($running) { xml_tag_val("STATE", "stop"); xml_tag_val("STATE", "restart"); } else { xml_tag_val("STATE", "start"); } foreach ($states as $state) { xml_tag_val("STATE", $state['Name']); } } /* End general section */ xml_tag_sec("GENERAL", 0); /* Print out the monitors section */ xml_tag_sec("MONITOR_LIST", 1); foreach ($displayMonitors as $monitor) {
function controlPresets($monitor, $cmds) { global $SLANG; define("MAX_PRESETS", "12"); $sql = "select * from ControlPresets where MonitorId = '" . $monitor['Id'] . "'"; $labels = array(); foreach (dbFetchAll($sql) as $row) { $labels[$row['Preset']] = $row['Label']; } $presetBreak = (int) (($monitor['NumPresets'] + 1) / ((int) (($monitor['NumPresets'] - 1) / MAX_PRESETS) + 1)); ob_start(); ?> <div class="presetControls"> <!--<div><?php echo $SLANG['Presets']; ?> </div>--> <div> <?php for ($i = 1; $i <= $monitor['NumPresets']; $i++) { ?> <input type="button" class="ptzNumBtn" title="<?php echo isset($labels[$i]) ? $labels[$i] : ""; ?> " value="<?php echo $i; ?> " onclick="controlCmd('<?php echo $cmds['PresetGoto']; echo $i; ?> ');"/><?php if ($i && $i % $presetBreak == 0) { ?> <br/><?php } } ?> </div> <div> <?php if ($monitor['HasHomePreset']) { ?> <input type="button" class="ptzTextBtn" value="<?php echo $SLANG['Home']; ?> " onclick="controlCmd('<?php echo $cmds['PresetHome']; ?> ');"/> <?php } if (canEdit('Monitors') && $monitor['CanSetPresets']) { ?> <input type="button" class="ptzTextBtn" value="<?php echo $SLANG['Set']; ?> " onclick="createPopup( '?view=controlpreset&mid=<?php echo $monitor['Id']; ?> ', 'zmPreset', 'preset' );"/> <?php } ?> </div> </div> <?php return ob_get_clean(); }
<?php /* $Id$ $URL$ */ if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } // check permissions $perms =& $AppUI->acl(); if (!canEdit('roles')) { $AppUI->redirect('m=public&a=access_denied'); } $del = (int) w2PgetParam($_POST, 'del', 0); $copy_role_id = w2PgetParam($_POST, 'copy_role_id', null); $role = new CRole(); if ($msg = $role->bind($_POST)) { $AppUI->setMsg($msg, UI_MSG_ERROR); $AppUI->redirect(); } if ($del) { if ($role->delete()) { $AppUI->setMsg('Role deleted', UI_MSG_ALERT); } else { $AppUI->setMsg('This Role could not be deleted', UI_MSG_ERROR); } } else { //Reformulated the store method to return the id of the role if sucessful, because the ids are managed by phpGALC //and therefore when we store the role, the role id is empty. So we need the id returned by phpGACL to be able to //copy permissions from other Roles. //If no valid id (by that I mean an integer value) is returned, then we trigger the Error Message $msg (not an integer). if (!(int) ($msg = $role_id = $role->store())) { $AppUI->setMsg($msg, UI_MSG_ERROR);
echo translate('New'); ?> " onclick="newGroup()"<?php echo canEdit('System') ? '' : ' disabled="disabled"'; ?> /> <input type="button" name="editBtn" value="<?php echo translate('Edit'); ?> " onclick="editGroup( this )"<?php echo $selected && canEdit('System') ? '' : ' disabled="disabled"'; ?> /> <input type="button" name="deleteBtn" value="<?php echo translate('Delete'); ?> " onclick="deleteGroup( this )"<?php echo $selected && canEdit('System') ? '' : ' disabled="disabled"'; ?> /> <input type="button" value="<?php echo translate('Cancel'); ?> " onclick="closeWindow();"/> </div> </form> </div> </div> </body> </html>
$bulk_task_allow_other_user_tasklogs = w2PgetParam($_POST, 'bulk_task_allow_other_user_tasklogs', ''); if ($bulk_task_start_date) { $start_date = new w2p_Utilities_Date($bulk_task_start_date); $bulk_start_date = $start_date->format(FMT_DATETIME_MYSQL); $bulk_start_date = $AppUI->convertToSystemTZ($bulk_start_date); } $bulk_task_end_date = w2PgetParam($_POST, 'add_task_bulk_end_date', ''); if ($bulk_task_end_date) { $end_date = new w2p_Utilities_Date($bulk_task_end_date); $bulk_end_date = $end_date->format(FMT_DATETIME_MYSQL); $bulk_end_date = $AppUI->convertToSystemTZ($bulk_end_date); } $bulk_move_date = (int) w2PgetParam($_POST, 'bulk_move_date', '0'); $bulk_task_percent_complete = w2PgetParam($_POST, 'bulk_task_percent_complete', ''); $perms =& $AppUI->acl(); if (!canEdit('tasks')) { $AppUI->redirect('m=public&a=access_denied'); } //Lets store the panels view options of the user: $pdo = new CProjectDesignerOptions(); $pdo->pd_option_user = $AppUI->user_id; $pdo->pd_option_view_project = w2PgetParam($_POST, 'opt_view_project', 0); $pdo->pd_option_view_gantt = w2PgetParam($_POST, 'opt_view_gantt', 0); $pdo->pd_option_view_tasks = w2PgetParam($_POST, 'opt_view_tasks', 0); $pdo->pd_option_view_actions = w2PgetParam($_POST, 'opt_view_actions', 0); $pdo->pd_option_view_addtasks = w2PgetParam($_POST, 'opt_view_addtsks', 0); $pdo->pd_option_view_files = w2PgetParam($_POST, 'opt_view_files', 0); $pdo->store(); if (is_array($selected) && count($selected)) { $upd_task = new CTask(); foreach ($selected as $key => $val) {
<div class="priority-card"> <div class="priority-name"><h4>Finance Committee Members Cannot Have A Budget.</h4></div> <hr class="not-mobile"> <div class="priority-name">Select an organization to begin budget management.</div> </div> </div> <?php } else { ?> <div class="event-area"> <div class="priority-card"> <i title="Highest Priority" class="material-icons priority-icon">arrow_upward</i> <div class="priority-name">Highest Priority</div> </div> <ul <?php if (canEdit()) { echo 'class="sortable-event list"'; } ?> > <?php require "sidebarQueries/sidebarQuery.php"; ?> </ul> <div class="priority-card"> <i title="Lowest Priority" class="material-icons priority-icon">arrow_downward</i> <div class="priority-name">Lowest Priority</div> </div> </div> <?php }
echo translate('BackgroundFilter'); ?> </label><input type="checkbox" id="background" name="background" value="1"<?php if (!empty($filterData['Background'])) { ?> checked="checked"<?php } ?> /> </p> <div id="contentButtons"> <input type="submit" value="<?php echo translate('Save'); ?> "<?php if (!canEdit('Events')) { ?> disabled="disabled"<?php } ?> /><input type="button" value="<?php echo translate('Cancel'); ?> " onclick="closeWindow();"/> </div> </form> </div> </div> </body> </html>
<?php /* $Id: viewmods.php 1504 2010-12-01 07:07:21Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/trunk/modules/system/viewmods.php $ */ if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } // check permissions $perms =& $AppUI->acl(); $canEdit = canEdit('system'); $canRead = canView('system'); if (!$canRead) { $AppUI->redirect('m=public&a=access_denied'); } $AppUI->savePlace(); $hidden_modules = array('public', 'install'); $q = new w2p_Database_Query(); $q->addQuery('*'); $q->addTable('modules'); foreach ($hidden_modules as $no_show) { $q->addWhere('mod_directory <> \'' . $no_show . '\''); } $q->addOrder('mod_ui_order'); $modules = $q->loadList(); // get the modules actually installed on the file system $modFiles = $AppUI->readDirs('modules'); $titleBlock = new CTitleBlock('Modules', 'power-management.png', $m, "{$m}.{$a}"); $titleBlock->addCrumb('?m=system', 'System Admin'); $titleBlock->show(); ?> <table border="0" cellpadding="2" cellspacing="1" width="100%" class="tbl">
</tr> <?php } ?> </tbody> </table> <?php if ($pagination) { ?> <h3 class="pagination"><?php echo $pagination; ?> </h3> <?php } if (true || canEdit('Events')) { ?> <div id="contentButtons"> <input type="button" name="viewBtn" value="<?php echo translate('View'); ?> " onclick="viewEvents( this, 'markEids' );" disabled="disabled"/> <input type="button" name="archiveBtn" value="<?php echo translate('Archive'); ?> " onclick="archiveEvents( this, 'markEids' )" disabled="disabled"/> <input type="button" name="unarchiveBtn" value="<?php echo translate('Unarchive'); ?> " onclick="unarchiveEvents( this, 'markEids' );" disabled="disabled"/> <input type="button" name="editBtn" value="<?php
<?php /* $Id$ $URL$ */ if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } $AppUI->savePlace(); $obj = new CResource(); $perms =& $AppUI->acl(); $canEdit = canEdit('resources'); $titleBlock = new w2p_Theme_TitleBlock('Resources', 'resources.png', $m, $m . '.' . $a); if ($canEdit) { $titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new resource') . '">', '', '<form action="?m=resources&a=addedit" method="post" accept-charset="utf-8">', '</form>'); } $titleBlock->show(); if (isset($_GET['tab'])) { $AppUI->setState('ResourcesIdxTab', w2PgetParam($_GET, 'tab', null)); } $resourceTab = $AppUI->getState('ResourcesIdxTab', 0); $tabBox = new CTabBox('?m=resources', W2P_BASE_DIR . '/modules/resources/', $resourceTab); $tabbed = $tabBox->isTabbed(); foreach ($obj->loadTypes() as $type) { if ($type['resource_type_id'] == 0 && !$tabbed) { continue; } $tabBox->add('vw_resources', $type['resource_type_name']); } $tabBox->show();