private function validateView() { if (!isset($_REQUEST['view'])) { $this->exitWithError('View not set'); } $className = $_REQUEST['view']; //check if request is for view folder if (strpos($className, 'View_') !== 0) { $this->exitWithError('View does not existe'); } if (!class_exists($className)) { $this->exitWithError('View does not exist'); } $user = new Core_Auth_User(); $acl = Application::getAcl(); $role = $user->getRole(); if ($role != 'admin' && $role != 'superadmin') { $acl->addCurrentAsset($_REQUEST['view']); $acl->validate(); } return $className; }
public function setUserId($id = null) { $user = new Core_Auth_User(); $role = $user->getRole(); if ($role == 'admin' || $role == 'superadmin') { if ($id !== null) { $this->userId = $id; } } else { $this->userId = $user->getUserId(); } return $this->userId; }
echo Application::getRouter()->getFullUrl(array('controller' => 'admin', 'action' => 'index')); ?> " class="<?php if (Application::getController() == 'admin') { echo 'active'; } ?> ">Admin</a></li> </ul> <img src="images/logo.gif" id="logo" /> </div> <!--navigation_cnr--> </div> <!--header_cnr--> <?php $user = new Core_Auth_User(); if ($user->getRole() == 'user') { ?> <div style="float:left;padding:10px" > <a href="javascript:void(0)" class="systemServiceLink" servicehtml="<?php echo Application::getRouter()->getFullUrl(array('controller' => 'servicehtml', 'action' => 'view', 'params' => 'view=View_Frontend_UserBets')); ?> " > My Bets </a> | <a href="javascript:void(0)" class="systemServiceLink" servicehtml="<?php echo Application::getRouter()->getFullUrl(array('controller' => 'servicehtml', 'action' => 'view', 'params' => 'view=View_Frontend_UserBank')); ?> "> My Bank</a> </div> <?php } ?> <div id="body_cnr">
} var winnings =0; if(isNaN(value)==false) { winnings = value*Y.one('#betOdds').getContent(); } Y.one('#betWinnings').setContent(winnings.toFixed(2)); } Y.one('#placeBet').on('click', function(e) { <?php $user = new Core_Auth_User(); $role = $user->getRole(); if ($role == 'guest') { ?> <?php } ?> var oddsValues = betSlipRecordSet.getValuesByKey('odd_value_id'); var oddsValuesString = ''; if(oddsValues.length==0) { alert('Bet splip empty') return; }
public function getAcl() { $acl = new Core_Acl_Controller(); $acl->addRole('guest'); $acl->addRoleAsset('guest', 'index_login'); $acl->addRoleAsset('guest', 'index_index'); $acl->addRoleAsset('guest', 'servicejson_login'); $acl->addRoleAsset('guest', 'servicejson_registration'); $acl->addRoleAsset('guest', 'admin_index'); $acl->addRoleAsset('guest', 'index_frontend'); $acl->addRoleAsset('guest', 'index_registration'); $acl->addRoleAsset('guest', 'servicehtml_view'); $acl->addRoleAsset('guest', 'View_Frontend_Offer'); $acl->addRoleAsset('guest', 'View_Frontend_WidgetsLoader'); $acl->addRoleAsset('guest', 'View_Frontend_Widgets_OfferTableEvents'); $acl->addRoleAsset('guest', 'View_Frontend_MenuContent'); $acl->addRoleAsset('guest', 'View_Frontend_Widgets_Ticket'); $acl->addRoleAsset('admin', 'modelgenerator_index'); $acl->addRole('user', 'guest'); $acl->addRoleAsset('user', 'index_logout'); $acl->addRoleAsset('guest', 'servicejson_logout'); $acl->addRoleAsset('user', 'Model_PlaceBetModel_insert'); $acl->addRoleAsset('user', 'View_Frontend_UserBets'); $acl->addRoleAsset('user', 'View_Frontend_UserBank'); $acl->addRoleAsset('user', 'View_Frontend_UserBetSlip'); $acl->addRoleAsset('user', 'servicejson_model'); $acl->addRoleAsset('user', 'servicejson_modelcollection'); $acl->addRoleAsset('user', 'Model_TransactionModel_getTransactionsByUser'); $acl->addRoleAsset('user', 'Model_BetSlipModel_getBetSlipsTransactionByUser'); $acl->addRole('admin', 'user'); $acl->addRole('superadmin', 'admin'); $user = new Core_Auth_User(); $role = $user->getRole(); $acl->addCurrentRole($role); if ($role == 'admin' || $role == 'superadmin') { //there is no restriction; } else { if ($role == 'guest' || $role == 'user') { $acl->addCurrentAsset($this->getRouter()->getController() . '_' . $this->getRouter()->getAction()); } } return $acl; }
private function validateModel() { if (!isset($_REQUEST['model'])) { $this->exitWithError('No model set'); } if (sizeof($_REQUEST['model']) > 1) { $this->exitWithError('Only one model allowed'); } $className = key($_REQUEST['model']); //check if request is for view folder if (strpos($className, 'Model_') !== 0) { $this->exitWithError('Model does not exist'); exit; } if (!class_exists($className)) { $this->exitWithError('Model does not exist'); } if (!isset($_REQUEST['method'])) { //request method does not exist default it to select if (!isset($_REQUEST['model'][$className]['method'])) { $method = null; } else { $method = $_REQUEST['model'][$className]['method']; } } else { $method = $_REQUEST['method']; } if ($method != null) { if (!method_exists($className, $method)) { echo $className . ' -- ' . $method; $this->exitWithError('Request method does not exist'); } } $user = new Core_Auth_User(); $acl = Application::getAcl(); $role = $user->getRole(); if ($role != 'admin' && $role != 'superadmin') { $acl->addCurrentAsset($className . '_' . $method); $acl->validate(); } return array('class' => $className, 'method' => $method); }