public static function check($action = '*', $subject = '*', $subject_id = 0)
{
if (!BACKEND_WITH_DATABASE) {
return true;
}
static $cache = array();
if (is_object($subject)) {
$subject = get_class($subject);
}
$key = serialize(array($action, $subject, $subject_id));
if (array_key_exists($key, $cache)) {
//return $cache[$key];
}
$roles = GateKeeper::permittedRoles($action, class_for_url($subject), $subject_id);
$user = BackendUser::check();
$user = !$user && !empty($_SESSION['BackendUser']) ? $_SESSION['BackendUser'] : $user;
if (!$user && !in_array('anonymous', $roles)) {
if (Controller::$debug) {
Backend::addNotice('Anonymous User');
}
$cache[$key] = true;
return true;
}
if ($subject != '*' && !Component::isActive(class_name($subject))) {
if (Controller::$debug) {
Backend::addNotice('Invalid Component: ' . class_name($subject));
}
$cache[$key] = false;
return false;
}
if (empty($user->roles)) {
if (Controller::$debug) {
Backend::addNotice('No User Roles');
}
$cache[$key] = false;
return false;
}
$intersect = is_array($roles) ? array_intersect($user->roles, $roles) : $user->roles;
if (Controller::$debug >= 2) {
Backend::addNotice('Valid roles found: ' . json_encode($intersect));
}
$result = count($intersect) ? true : false;
$cache[$key] = $result;
return $result;
}
public function html_display($result)
{
if (!$result instanceof DBObject) {
return parent::html_display($result);
}
Backend::add('Sub Title', $result->array['name']);
$foreign_template = 'tag.' . class_for_url($result->array['foreign_table']);
$foreign_template .= '.list.tpl.php';
if (!Render::checkTemplateFile($foreign_template)) {
$foreign_template = 'tag.display.list.tpl.php';
}
Backend::add('tag_list_template', $foreign_template);
return parent::html_display($result);
}
?>
"
title="<?php
echo $image['title'];
?>
" alt="<?php
echo $image['title'];
?>
" />
</a>
</td>
<?php
$count++;
}
?>
</tr>
</tbody>
</table>
{tpl:list_paging.tpl.php}
<form class="inline" id="form_list_delete" method="post" action="?q=<?php
echo class_for_url($db_object);
?>
/delete">
<input type="hidden" id="delete_id" name="delete_id" value="false" />
</form>
<?php
} else {
?>
No object
<?php
}
</div>
<hr>
<h3>Example</h3>
<p>
<?php
if (!empty($definition['example'])) {
?>
<?php
echo $definition['example'];
?>
<?php
} else {
?>
<code>
#SITE_LINK#?q=<?php
echo class_for_url($class) . '/' . $function;
if (!empty($definition['parameters'])) {
echo '/$' . implode('/$', array_keys($definition['parameters']));
}
?>
</code>(Generated)
<?php
}
?>
</p>
<hr>
<h3>Return</h3>
<p>
<span class="large">
<strong><?php
echo $definition['return']['type'];
public static function checkParameters($parameters)
{
$parameters = parent::checkParameters($parameters);
switch (Controller::$action) {
case 'login':
if (empty($parameters[0])) {
$parameters[0] = Controller::getVar('username');
}
if (empty($parameters[1])) {
$parameters[1] = Controller::getVar('password');
}
break;
case 'confirm':
if (empty($parameters[0])) {
$parameters[0] = Controller::getVar('salt');
}
case 'signup':
if (array_key_exists('user', $_SESSION) && $_SESSION['BackendUser']->id > 0) {
Controller::setAction('display');
}
break;
case 'update':
case 'display':
if (array_key_exists('BackendUser', $_SESSION) && $_SESSION['BackendUser']->id > 0) {
//If empty, set it to the current user
if (empty($parameters['0'])) {
$parameters[0] = $_SESSION['BackendUser']->id;
}
//If not set to current user, and user doesn't have permissions, set to current user
if ($parameters[0] != $_SESSION['BackendUser']->id && !Permission::check('manage', class_for_url(get_called_class())) && Permission::check(Controller::$action, class_for_url(get_called_class()))) {
$parameters[0] = $_SESSION['BackendUser']->id;
}
}
break;
}
return $parameters;
}
public function get_permissions($component = false)
{
$toret = new stdClass();
//Base Permissions
$parameters = array();
$query = new SelectQuery('Permission');
$query->distinct()->field(array('action', 'subject'))->filter('`active` = 1')->filter('`subject_id` = 0')->group('`subject`, `action` WITH ROLLUP');
if ($component) {
$query->filter('`subject` = :component');
$parameters[':component'] = class_for_url($component);
}
$toret->base_perms = $query->fetchAll($parameters);
//Roles
$query = new SelectQuery('Role');
$query->filter('`active` = 1');
$toret->roles = $query->fetchAll();
//Activated Permissions
$parameters = array();
$query = new SelectQuery('Permission', array('fields' => "CONCAT(`subject`, '::', `action`), GROUP_CONCAT(DISTINCT `role` ORDER BY `role`) AS `roles`"));
$query->filter('`active` = 1')->filter('`subject_id` = 0')->filter("`role` != 'nobody'")->group('`subject`, `action`');
if ($component) {
$query->filter('`subject` = :component');
$parameters[':component'] = class_for_url($component);
}
$permissions = $query->fetchAll($parameters, array('with_key' => 1));
$toret->permissions = array();
foreach ($permissions as $key => $value) {
$toret->permissions[$key] = explode(',', current($value));
}
return $toret;
}
function html_display($file)
{
Backend::add('TabLinks', $this->getTabLinks(Controller::$action));
Backend::add('Sub Title', $file->array['name']);
Backend::addContent('<a href="?q=' . class_for_url(get_class($this)) . '/read/' . $file->array['id'] . '" title="' . $file->array['name'] . '">' . $file->array['name'] . '</a>');
}
public function getArea()
{
return class_for_url(get_class($this));
}
public static function install(array $options = array())
{
if (!Backend::getDB('default')) {
return true;
}
$class = get_called_class();
if (!$class || !class_exists($class, true)) {
return false;
}
//Purge permissions first
$query = new DeleteQuery('Permission');
$query->filter('`subject` = :subject')->filter('`system` = 0');
$query->execute(array(':subject' => class_for_url($class)));
$methods = get_class_methods($class);
$methods = array_filter($methods, create_function('$var', '$temp = explode(\'_\', $var, 2); return count($temp) == 2 && in_array(strtolower($temp[0]), array(\'action\', \'get\', \'post\', \'put\', \'delete\'));'));
$methods = array_map(create_function('$var', 'return preg_replace(\'/^(action|get|post|put|delete)_/\', \'\', $var);'), $methods);
$result = true;
foreach ($methods as $action) {
$result = Permission::add('nobody', $action, class_for_url($class)) && $result;
}
return $result;
}
<tr class="<?php
echo $odd ? '' : 'even';
?>
">
<td><?php
echo $component['name'];
?>
</td>
<td>
<a id="component_<?php
echo $component['id'];
?>
" href="#" class="toggleActive">
<?php
echo $component['active'] ? 'Yes' : 'No';
?>
</a>
</td>
<td>
<a href="?q=gate_manager/permissions/<?php
echo class_for_url($component['name']);
?>
">Permissions</a>
</td>
</tr>
<?php
}
?>
</table>
<?php
}
public function html_create($result)
{
switch (true) {
case $result instanceof DBObject:
Controller::redirect('?q=' . class_for_url($result->array['foreign_table']) . '/' . $result->array['foreign_id']);
break;
}
//Controller::redirect('previous');
return parent::html_create($result);
}
$list_start = empty($list_start) ? Controller::$parameters[1] : $list_start;
$list_length = empty($list_length) ? Controller::$parameters[2] : $list_length;
$pages = ceil($list_count / $list_length);
$current_page = floor($list_start / $list_length) + 1;
//var_dump(count($list), $list_count, $area, $action, $list_start, $list_length, $pages, $current_page);
}
if (!empty($db_object->array['list']) && is_array($db_object->array['list'])) {
foreach ($db_object->array['list'] as $item) {
?>
<div class="tag_item_preview">
<?php
if (array_key_exists('name', $item) && array_key_exists('title', $item)) {
?>
<h3>
<a href="?q=<?php
echo class_for_url($db_object->array['foreign_table']);
?>
/<?php
echo $item['name'];
?>
">
<?php
echo $item['title'];
?>
</a>
</h3>
<?php
} else {
?>
<?php
var_dump($item);
</div> <span><?php echo empty($db_object->array['active']) ? ' ' : plain($db_object->array['active']); ?> </span> </div> <div class=""> <div class="span-3" style="text-align: right;"> <label>Modified:</label> </div> <span><?php echo empty($db_object->array['modified']) ? ' ' : plain($db_object->array['modified']); ?> </span> </div> <div class=""> <div class="span-3" style="text-align: right;"> <label>Added:</label> </div> <span><?php echo empty($db_object->array['added']) ? ' ' : plain($db_object->array['added']); ?> </span> </div> <p> <a href="?q=gate_manager/permissions/<?php echo class_for_url($db_object->array['name']); ?> ">Check Permissions</a> </p>
private function generateSitemap($component)
{
if (!method_exists($component, 'getSitemap')) {
return false;
}
if (!Component::isActive($component)) {
Backend::addError('Could not generate sitemap: Component inactive. (' . $component . ')');
return false;
}
$controller = new $component();
$object = $component::retrieve();
if (!$controller instanceof TableCtl) {
Backend::addError('Could not generate sitemap: Invalid Area. (' . $component . ')');
return false;
}
$filename = WEB_FOLDER . '/sitemap_' . $component . '.xml';
if (file_exists($filename) && !is_writable($filename)) {
Backend::addError('Could not generate sitemap: Cannot open sitemap file. (' . $filename . ')');
return false;
}
$fp = fopen($filename, 'w');
if (!$fp) {
Backend::addError('Could not generate sitemap: Could not open sitemap file. (' . $component . ')');
return false;
}
$sitemap = $controller->getSitemap();
if (count($sitemap) == 2 && array_key_exists('list', $sitemap) && array_key_exists('options', $sitemap)) {
$list = $sitemap['list'];
$options = $sitemap['options'];
} else {
$list = $sitemap;
$options = array();
}
if (!$list) {
Backend::addError('Could not generate sitemap: Could not generate list. (' . $component . ')');
return false;
}
if (Controller::$debug) {
Backend::addNotice('Generating sitemap for ' . $component . ' at ' . WEB_FOLDER . '/sitemap_' . $component . '.xml found at ' . SITE_LINK . basename($filename));
}
$last_date = 0;
$links = array();
//Compile Links
foreach ($list as $row) {
$last_date = strtotime($row['modified']) > $last_date ? strtotime($row['modified']) : $last_date;
if (empty($options['id_field'])) {
$id = !empty($row['name']) ? $row['name'] : $row[$object->getMeta('id_field')];
} else {
$id = $row[$options['id_field']];
}
if (empty($id)) {
var_dump($id, $row, $object->getMeta('id_field'), $object->getMeta('id'));
die;
}
if (ConfigValue::get('CleanURLs', false)) {
$url = SITE_LINK . '/' . class_for_url($component) . '/' . $id;
} else {
$url = SITE_LINK . '/?q=' . class_for_url($component) . '/' . $id;
}
$row['url'] = $url;
$row = array_merge($row, $options);
$links[] = $row;
}
//Add link to area
//TODO Make this configurable
if (ConfigValue::get('CleanURLs', false)) {
$url = SITE_LINK . '/' . class_for_url($component);
} else {
$url = SITE_LINK . '/?q=' . class_for_url($component);
}
$link = array('url' => $url, 'modified' => date('Y-m-d H:i:s', $last_date));
$link['priority'] = array_key_exists('area_priority', $options) ? $options['area_priority'] : 0.8;
$link['frequency'] = array_key_exists('frequency', $options) ? $options['frequency'] : 'daily';
$links[] = $link;
fwrite($fp, Render::file('backend_sitemap/sitemap.tpl.php', array('links' => $links)));
return $filename;
}
